From fa64de382f15979b40b18a3d2cc9359c412789b4 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 21 Apr 2020 14:56:58 +0200
Subject: [PATCH 001/237] Fixes an occasional bug

---
 karaf-assembly/build.gradle | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/karaf-assembly/build.gradle b/karaf-assembly/build.gradle
index c9b56c9cc..0db13cd78 100644
--- a/karaf-assembly/build.gradle
+++ b/karaf-assembly/build.gradle
@@ -43,6 +43,10 @@ parsePom.inputs.property('karafVersion', libraryVersions.karaf)
 task assembleKaraf(type: CrossPlatformExec) {
     commandLine "./mvnw", "--no-transfer-progress", "clean", "package"
 }
+// Sometimes required to fix an error caused by a non-existing folder (maybe caused by mvn clean)
+assembleKaraf.doLast {
+    mkdir("${project.buildDir}/classes/kotlin/test")
+}
 assembleKaraf.dependsOn(parsePom)
 jar.dependsOn(assembleKaraf)
 

From f43876ef204dcfcb5bed44fb894e3931b11ba344 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 21 Apr 2020 16:41:55 +0200
Subject: [PATCH 002/237] Added camel-jsonpath feature, features build.gradle
 cleanup

---
 karaf-features-ids/build.gradle | 26 +++++++-------------------
 1 file changed, 7 insertions(+), 19 deletions(-)

diff --git a/karaf-features-ids/build.gradle b/karaf-features-ids/build.gradle
index 31837db71..3231dbea3 100644
--- a/karaf-features-ids/build.gradle
+++ b/karaf-features-ids/build.gradle
@@ -38,7 +38,7 @@ dependencies {
 
 karaf {
     features {
-        xsdVersion  = '1.2.0'
+        xsdVersion  = '1.3.0'
         // it seems to be best practice to include the version in the feature repository as well
         name = "ids-${project.version}"
         version = project.version
@@ -54,15 +54,12 @@ karaf {
             description = 'IDS Feature'
 
             // only specifiy the dependencies that will be provided by bundles, the rest will be specified via features
-            //noinspection GroovyAssignabilityCheck
             configurations(*project.ext.bundleConfigurations)
 
             // standard feature, but we need to explicitly state it here so that it gets installed in our bare Karaf
-            //noinspection GroovyAssignabilityCheck
             feature 'jetty'
 
             // CXF for REST APIs
-            //noinspection GroovyAssignabilityCheck
             feature 'cxf-jaxrs'
             feature 'cxf-jackson'
 
@@ -71,30 +68,21 @@ karaf {
              Notice: This should actually be a conditional dependency, only if shell is available.
              however the karaf assemble plugin does not seem to resolve these conditions during packaging.
             */
-            //noinspection GroovyAssignabilityCheck
             feature 'cxf-commands'
 
 		    // For Web Application Bundles, such as our WebConsole
-            //noinspection GroovyAssignabilityCheck
             feature 'war'
 
-            // Camel for routing
-            //noinspection GroovyAssignabilityCheck
-		    feature 'camel-jackson'
-            //noinspection GroovyAssignabilityCheck
-		    feature 'camel-milo'
-            //noinspection GroovyAssignabilityCheck
-		    feature 'camel-cxf'
-            //noinspection GroovyAssignabilityCheck
-		    feature 'camel-ahc'
-            //noinspection GroovyAssignabilityCheck
+            // Features for Apache Camel routing
+            feature 'camel-jackson'
+            feature 'camel-milo'
+            feature 'camel-cxf'
+            feature 'camel-ahc'
             feature 'camel-http'
-            //noinspection GroovyAssignabilityCheck
             feature 'camel-jetty'
-            //noinspection GroovyAssignabilityCheck
             feature 'camel-paho'
-            //noinspection GroovyAssignabilityCheck
             //feature 'camel-mqtt'
+            feature 'camel-jsonpath'
 
             // start our bundles a lit bit later
             bundle ('de.fhg.aisec.ids') {

From d951f8347e642f571403c0ea63fa981cf86dd236 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 23 Apr 2020 17:37:08 +0200
Subject: [PATCH 003/237] Fix maven URLs

---
 .../src/main/resources/etc/org.ops4j.pax.url.mvn.cfg          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/karaf-assembly/src/main/resources/etc/org.ops4j.pax.url.mvn.cfg b/karaf-assembly/src/main/resources/etc/org.ops4j.pax.url.mvn.cfg
index 6ab1cc8ed..b675f9cb8 100644
--- a/karaf-assembly/src/main/resources/etc/org.ops4j.pax.url.mvn.cfg
+++ b/karaf-assembly/src/main/resources/etc/org.ops4j.pax.url.mvn.cfg
@@ -16,8 +16,8 @@ org.ops4j.pax.url.mvn.useFallbackRepositories=false
 
 # Remote repositories that are used when resolution of "org.ops4j.pax.url.mvn.defaultRepositories" fails
 org.ops4j.pax.url.mvn.repositories= \
-    http://repo1.maven.org/maven2@id=central, \
-    http://repository.apache.org/content/groups/snapshots-group@id=apache@snapshots@noreleases, \
+    https://repo1.maven.org/maven2@id=central, \
+    https://repository.apache.org/content/groups/snapshots-group@id=apache@snapshots@noreleases, \
     https://oss.sonatype.org/content/repositories/ops4j-snapshots@id=ops4j.sonatype.snapshots.deploy@snapshots@noreleases
 
 #

From 6058877687ebd2c8b2d7c285f7d9ce4a6379a5a8 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 23 Apr 2020 18:09:36 +0200
Subject: [PATCH 004/237] Fixed PaxExam integration testing

---
 karaf-assembly/build.gradle                   |  76 +++++++++----
 karaf-assembly/pom.template.xml               |   2 +-
 .../ids/webconsole/api/AssemblyTestIT.java    | 100 ++++++++----------
 libraryVersions.yaml                          |   8 +-
 4 files changed, 105 insertions(+), 81 deletions(-)

diff --git a/karaf-assembly/build.gradle b/karaf-assembly/build.gradle
index 0db13cd78..1a668482d 100644
--- a/karaf-assembly/build.gradle
+++ b/karaf-assembly/build.gradle
@@ -1,19 +1,17 @@
 dependencies {
-    testImplementation(project(':ids-api')) { transitive = false }
+    testImplementation(project(":ids-api")) { transitive = false }
 
-    osgiCore group: 'org.apache.felix', name: 'org.apache.felix.framework', version: libraryVersions.felixFramework
-    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-    testImplementation group: 'org.apache.karaf.features', name: 'org.apache.karaf.features.core', version: libraryVersions.karaf
-}
+    osgiCore group: "org.apache.felix", name: "org.apache.felix.framework", version: libraryVersions.felixFramework
+    osgiCore group: "org.osgi", name: "osgi.cmpn", version: libraryVersions.osgiCompendium
 
-/*
-Now this is tricky. We need to build a custom assembly of karaf with a few features:
-- included ids feature
-- deactivated all other repos, basically make it being 'offline'
-- add a bunch of configuration files in etc (although we need to re-verify, which of them are really necessary
+    testImplementation group: "org.apache.karaf.itests", name: "common", version: libraryVersions.karaf
 
-Since gradle still has no karaf-assembly plugin we need to do this using maven (meh!)
-*/
+    testImplementation group: "org.apache.karaf", name: "apache-karaf", version: libraryVersions.karaf, ext: "pom"
+    testImplementation group: "org.awaitility", name: "awaitility", version: libraryVersions.awaitility
+    testImplementation group: "org.apache.servicemix.bundles", name: "org.apache.servicemix.bundles.hamcrest",
+            version: libraryVersions.servicemixHamcrest
+    testImplementation group: "javax.annotation", name: "javax.annotation-api", version: libraryVersions.javaxAnnotation
+}
 
 static def getBrandingAligned(String branding, String space = "\\u0020") {
     int BRANDING_WIDTH = 84
@@ -28,18 +26,25 @@ static def getBrandingAligned(String branding, String space = "\\u0020") {
 
 task parsePom(type: Copy) {
     from (project.projectDir) {
-        include 'pom.template.xml'
+        include "pom.template.xml"
     }
-    expand('projectVersion': project.version, 'karafVersion': libraryVersions.karaf, 'paxVersion': libraryVersions.pax,
-        'brandingFirst': getBrandingAligned("Trusted Connector Console (${project.version}), " +
+    expand("projectVersion": project.version, "karafVersion": libraryVersions.karaf, "paxVersion": libraryVersions.pax,
+        "brandingFirst": getBrandingAligned("Trusted Connector Console (${project.version}), " +
                 "Apache Karaf (${libraryVersions.karaf})"),
-        'brandingSecond': getBrandingAligned("Fraunhofer AISEC ${new Date()[Calendar.YEAR].toString()}"))
-    rename 'pom.template.xml', 'pom.xml'
+        "brandingSecond": getBrandingAligned("Fraunhofer AISEC ${new Date()[Calendar.YEAR].toString()}"))
+    rename "pom.template.xml", "pom.xml"
     into project.projectDir
 }
-parsePom.inputs.property('projectVersion', project.version)
-parsePom.inputs.property('karafVersion', libraryVersions.karaf)
+parsePom.inputs.property("projectVersion", project.version)
+parsePom.inputs.property("karafVersion", libraryVersions.karaf)
+
+/*
+Now this is tricky. We need to build a custom distribution of karaf with a few features:
+- included ids feature
+- a bunch of configuration files in etc
 
+Since gradle still has no karaf-assembly plugin we need to do this using maven (meh!)
+*/
 task assembleKaraf(type: CrossPlatformExec) {
     commandLine "./mvnw", "--no-transfer-progress", "clean", "package"
 }
@@ -59,4 +64,35 @@ rootProject.subprojects.findAll() {
     }
 }
 
-integrationTest.dependsOn(jar)
\ No newline at end of file
+// The PaxExam config of KarafTestSupport requires the maven dependency meta information generated here
+task makeMavenDependencies {
+    File outputFileDir = project.file("build/classes/java/test/META-INF/maven/")
+    File outputFile = new File(outputFileDir, "dependencies.properties")
+    outputs.file(outputFile)
+
+    doFirst {
+        Properties properties = new Properties()
+
+        // information of the project itself
+        properties.setProperty("groupId", "${project.group}")
+        properties.setProperty("artifactId", project.name)
+        properties.setProperty("version", "${project.version}")
+        properties.setProperty("${project.group}/${project.name}/version", "${project.version}")
+
+        // information of all test runtime dependencies
+        project.configurations.testCompileClasspath.resolvedConfiguration.resolvedArtifacts.each {
+            final String keyBase = it.moduleVersion.id.group + "/" + it.moduleVersion.id.name
+            properties.setProperty("${keyBase}/scope", "compile")
+            properties.setProperty("${keyBase}/type", it.extension)
+            properties.setProperty("${keyBase}/version", it.moduleVersion.id.version)
+        }
+
+        outputFileDir.mkdirs()
+        new FileOutputStream(outputFile).withStream {
+            properties.store(it, "Generated from Gradle for PaxExam integration tests")
+        }
+    }
+}
+
+integrationTest.dependsOn(makeMavenDependencies)
+integrationTest.dependsOn(assembleKaraf)
\ No newline at end of file
diff --git a/karaf-assembly/pom.template.xml b/karaf-assembly/pom.template.xml
index cc6535102..26ec1526c 100644
--- a/karaf-assembly/pom.template.xml
+++ b/karaf-assembly/pom.template.xml
@@ -74,7 +74,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-resources-plugin</artifactId>
-                <version>2.6</version>
+                <version>3.1.0</version>
                 <executions>
                     <execution>
                         <id>process-resources</id>
diff --git a/karaf-assembly/src/test/java/de/fhg/aisec/ids/webconsole/api/AssemblyTestIT.java b/karaf-assembly/src/test/java/de/fhg/aisec/ids/webconsole/api/AssemblyTestIT.java
index 9be0e7d02..53df5e530 100644
--- a/karaf-assembly/src/test/java/de/fhg/aisec/ids/webconsole/api/AssemblyTestIT.java
+++ b/karaf-assembly/src/test/java/de/fhg/aisec/ids/webconsole/api/AssemblyTestIT.java
@@ -19,91 +19,75 @@
  */
 package de.fhg.aisec.ids.webconsole.api;
 
-import de.fhg.aisec.ids.api.acme.AcmeClient;
 import de.fhg.aisec.ids.api.conm.ConnectionManager;
 import de.fhg.aisec.ids.api.settings.ConnectorConfig;
 import de.fhg.aisec.ids.api.settings.Settings;
-import org.apache.karaf.features.BootFinished;
-import org.apache.karaf.features.FeaturesService;
-import org.junit.Ignore;
+import org.apache.karaf.itests.KarafTestSupport;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.ops4j.pax.exam.Configuration;
 import org.ops4j.pax.exam.Option;
-import org.ops4j.pax.exam.ProbeBuilder;
-import org.ops4j.pax.exam.TestProbeBuilder;
 import org.ops4j.pax.exam.junit.PaxExam;
-import org.ops4j.pax.exam.options.MavenUrlReference;
+import org.ops4j.pax.exam.karaf.options.KarafDistributionBaseConfigurationOption;
+import org.ops4j.pax.exam.karaf.options.KarafDistributionOption;
+import org.ops4j.pax.exam.karaf.options.LogLevelOption;
+import org.ops4j.pax.exam.options.MavenArtifactUrlReference;
 import org.ops4j.pax.exam.spi.reactors.ExamReactorStrategy;
-import org.ops4j.pax.exam.spi.reactors.PerSuite;
+import org.ops4j.pax.exam.spi.reactors.PerClass;
 import org.ops4j.pax.exam.util.Filter;
-import org.osgi.framework.BundleContext;
-import org.osgi.framework.Constants;
 
 import javax.inject.Inject;
 import java.io.File;
 import java.net.MalformedURLException;
+import java.util.Arrays;
+import java.util.LinkedList;
 
 import static org.junit.Assert.assertNotEquals;
 import static org.junit.Assert.assertNotNull;
-import static org.ops4j.pax.exam.CoreOptions.junitBundles;
-import static org.ops4j.pax.exam.CoreOptions.maven;
-import static org.ops4j.pax.exam.karaf.options.KarafDistributionOption.*;
 
-@Ignore("Broken with Java 11, Pax Exam complains that container doesn't come up although it has been tested OK.")
 @RunWith(PaxExam.class)
-@ExamReactorStrategy(PerSuite.class)
-public class AssemblyTestIT {
-
-  @Inject protected BundleContext bundleContext;
-  @Inject protected FeaturesService featuresService;
-  @Inject protected BootFinished bootFinished;
-
-  @Inject
-  @Filter(timeout = 30000)
-  private ConnectionManager conm;
+@ExamReactorStrategy(PerClass.class)
+public class AssemblyTestIT extends KarafTestSupport {
 
   @Inject
   @Filter(timeout = 30000)
-  private AcmeClient acme;
+  private ConnectionManager connectionManager;
 
   @Inject
   @Filter(timeout = 30000)
   private Settings settings;
 
-  @ProbeBuilder
-  public TestProbeBuilder probeConfiguration(TestProbeBuilder probe) {
-    probe.setHeader(
-        Constants.DYNAMICIMPORT_PACKAGE, "*,org.apache.felix.service.*;status=provisional");
-    return probe;
+  @Override
+  public MavenArtifactUrlReference getKarafDistribution() {
+    return new MavenArtifactUrlReference() {
+      @Override
+      public String getURL() {
+        try {
+          return new File("build/karaf-assembly-" + System.getProperty("project.version") + ".tar.gz")
+              .toURI().toURL().toString();
+        } catch (MalformedURLException e) {
+          throw new RuntimeException(e);
+        }
+      }
+    };
   }
 
   @Configuration
-  public Option[] config() throws MalformedURLException {
-    MavenUrlReference camelRepo =
-        maven()
-            .groupId("org.apache.camel.karaf")
-            .artifactId("apache-camel")
-            .classifier("features")
-            .type("xml")
-            .version("2.21.2");
-    MavenUrlReference idsRepo =
-        maven()
-            .groupId("de.fhg.aisec.ids")
-            .artifactId("karaf-features-ids")
-            .classifier("features")
-            .type("xml")
-            .version(System.getProperty("project.version"));
-    File f = new File("build/karaf-assembly-" + System.getProperty("project.version") + ".tar.gz");
-    return new Option[] {
-      karafDistributionConfiguration()
-          .frameworkUrl(f.toURI().toURL().toString())
-          .unpackDirectory(new File("build/exam"))
-          .useDeployFolder(false),
-      keepRuntimeFolder(),
-      features(idsRepo, "ids"),
-      junitBundles()
-    };
+  public Option[] config() {
+    final var options = new LinkedList<>(Arrays.asList(super.config()));
+    // Modify distribution config
+    ((KarafDistributionBaseConfigurationOption) options.get(0))
+        .unpackDirectory(new File("build/exam"))
+        .useDeployFolder(false);
+    // Fix log level
+    options.replaceAll(o -> {
+      if (o instanceof LogLevelOption) {
+        return KarafDistributionOption.logLevel(LogLevelOption.LogLevel.TRACE);
+      } else {
+        return o;
+      }
+    });
+    return options.toArray(new Option[0]);
   }
 
   @Test
@@ -121,8 +105,8 @@ public void testSettings() {
 
   @Test
   public void testConnectionManager() {
-    assertNotNull(conm.listAvailableEndpoints());
-    assertNotNull(conm.listIncomingConnections());
-    assertNotNull(conm.listOutgoingConnections());
+    assertNotNull(connectionManager.listAvailableEndpoints());
+    assertNotNull(connectionManager.listIncomingConnections());
+    assertNotNull(connectionManager.listOutgoingConnections());
   }
 }
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index c5773e8c6..d4a047f1c 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -85,5 +85,9 @@ wsRsApi: "2.1"
 auth0Jwt: "3.8.2"
 swagger: "1.5.18"
 
-# For OSGi integration tests
-paxExam: "4.13.1"
\ No newline at end of file
+# Required for PaxExam integration tests
+paxExam: "4.13.3"
+# 4.x versions of awaitility are not supported because of old ServiceMix Hamcrest version
+awaitility: "3.1.6"
+servicemixHamcrest: "1.3_1"
+javaxAnnotation: "1.3.2"

From fb49b90b80ca16c357d6fd6ffb7ca4e662749a89 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 23 Apr 2020 21:06:42 +0200
Subject: [PATCH 005/237] Some logging for camel-multipart-processor

---
 .../ids/camel/multipart/MultiPartStringParser.java   | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.java b/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.java
index 2c724725f..acf9c4845 100644
--- a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.java
+++ b/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.java
@@ -24,6 +24,8 @@
 import org.apache.commons.fileupload.FileUploadException;
 import org.apache.commons.fileupload.UploadContext;
 import org.apache.commons.fileupload.disk.DiskFileItemFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.io.BufferedReader;
 import java.io.IOException;
@@ -36,6 +38,7 @@
 
 public class MultiPartStringParser implements UploadContext {
 
+  private static final Logger LOG = LoggerFactory.getLogger(MultiPartStringParser.class);
   private final InputStream multipartInput;
   private final String boundary;
   private String header;
@@ -55,11 +58,20 @@ public class MultiPartStringParser implements UploadContext {
       this.multipartInput.reset();
       for (FileItem i : new FileUpload(new DiskFileItemFactory()).parseRequest(this)) {
         String fieldName = i.getFieldName();
+        if (LOG.isTraceEnabled()) {
+          LOG.trace("Found multipart field with name \"{}\"", fieldName);
+        }
         if (MULTIPART_HEADER.equals(fieldName)) {
           header = i.getString();
+          if (LOG.isDebugEnabled()) {
+            LOG.debug("Found header:\n{}", header);
+          }
         } else if (MULTIPART_PAYLOAD.equals(fieldName)) {
           payload = i.getInputStream();
           payloadContentType = i.getContentType();
+          if (LOG.isDebugEnabled()) {
+            LOG.debug("Found body with Content-Type \"{}\"", payloadContentType);
+          }
         } else {
           throw new IOException("Unknown multipart field name detected: " + fieldName);
         }

From bfa942bbaf61da4a1f1f6b980adec831b5e60843 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 23 Apr 2020 21:39:02 +0200
Subject: [PATCH 006/237] Gradle 6.3, dependency cleanup

---
 build.gradle                             | 10 +++-------
 camel-ids/build.gradle                   |  3 ---
 camel-multipart-processor/build.gradle   |  3 ---
 gradle/wrapper/gradle-wrapper.properties |  2 +-
 ids-acme/build.gradle.kts                |  3 ---
 ids-api/build.gradle                     |  7 ++++---
 ids-comm/build.gradle                    |  3 ---
 ids-container-manager/build.gradle       |  3 ---
 ids-dataflow-control/build.gradle        |  3 ---
 ids-dynamic-tls/build.gradle             |  3 ---
 ids-endpoint-config/build.gradle         |  3 ---
 ids-infomodel-manager/build.gradle.kts   |  3 ---
 ids-route-manager/build.gradle           |  3 ---
 ids-settings/build.gradle.kts            |  3 ---
 ids-token-manager/build.gradle           |  3 ---
 ids-webconsole/build.gradle              |  5 +----
 karaf-assembly/build.gradle              | 10 ++++++++--
 libraryVersions.yaml                     |  2 +-
 rat-repository/build.gradle              |  3 ---
 19 files changed, 18 insertions(+), 57 deletions(-)

diff --git a/build.gradle b/build.gradle
index 46d62a066..7f1892f71 100644
--- a/build.gradle
+++ b/build.gradle
@@ -107,6 +107,9 @@ subprojects {
         // BOM for pax, for jetty, etc.
         bom group: 'org.ops4j.pax', name: 'web', version: libraryVersions.pax
 
+        // Logging API
+        providedByBundle group: 'org.slf4j', name: 'slf4j-simple', version: libraryVersions.slf4j
+
         // Needed for kotlin modules, provided at runtime via kotlin-osgi-bundle in karaf-features-ids
         compileOnly group: 'org.jetbrains.kotlin', name: 'kotlin-stdlib-jdk8', version: libraryVersions.kotlin
 
@@ -116,13 +119,6 @@ subprojects {
         testImplementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
         testImplementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
         testImplementation group: 'com.sun.activation', name: 'javax.activation', version: libraryVersions.jaxActivation
-
-        testImplementation "org.ops4j.pax.exam:pax-exam-container-karaf:${libraryVersions.paxExam}"
-        testImplementation "org.ops4j.pax.exam:pax-exam-junit4:${libraryVersions.paxExam}"
-        testImplementation "org.ops4j.pax.exam:pax-exam:${libraryVersions.paxExam}"
-        testImplementation "org.ops4j.pax.url:pax-url-aether:2.4.3"
-        testImplementation "javax.inject:javax.inject:1"
-        testImplementation "org.slf4j:slf4j-simple:1.7.12"
     }
 
     tasks.withType(KotlinCompile) {
diff --git a/camel-ids/build.gradle b/camel-ids/build.gradle
index d6b8d30a9..50b935622 100644
--- a/camel-ids/build.gradle
+++ b/camel-ids/build.gradle
@@ -19,9 +19,6 @@ dependencies {
 
     compileOnly group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
 
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
-
     osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
     osgiCore group: 'org.osgi', name: 'org.osgi.core', version: libraryVersions.osgi
 
diff --git a/camel-multipart-processor/build.gradle b/camel-multipart-processor/build.gradle
index d43d342c7..02268a1db 100644
--- a/camel-multipart-processor/build.gradle
+++ b/camel-multipart-processor/build.gradle
@@ -14,9 +14,6 @@ dependencies {
     
     providedByBundle group: 'commons-fileupload', name: 'commons-fileupload', version: libraryVersions.commonsFileUpload
 
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
-
     osgiCore group: 'org.apache.felix', name: 'org.apache.felix.framework', version: libraryVersions.felixFramework
     osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
 
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index c1d54ccfd..94485e85b 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -3,5 +3,5 @@ distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.1.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.3-all.zip
 org.gradle.jvmargs=-Xmx4096m -XX:MaxPermSize=1024m
\ No newline at end of file
diff --git a/ids-acme/build.gradle.kts b/ids-acme/build.gradle.kts
index f562e2f74..98140f16b 100644
--- a/ids-acme/build.gradle.kts
+++ b/ids-acme/build.gradle.kts
@@ -6,9 +6,6 @@ dependencies {
 
     providedByBundle(project(":ids-api")) { isTransitive = false }
 
-    providedByBundle("org.apache.logging.log4j", "log4j-core", libraryVersions["log4j"])
-    providedByBundle("org.apache.logging.log4j", "log4j-slf4j-impl", libraryVersions["log4j"])
-
     providedByFeature("org.eclipse.jetty", "jetty-util", libraryVersions["jetty"])
     providedByFeature("org.apache.karaf.scheduler", "org.apache.karaf.scheduler.core", libraryVersions["karaf"])
 
diff --git a/ids-api/build.gradle b/ids-api/build.gradle
index 0130b565c..e532717a0 100644
--- a/ids-api/build.gradle
+++ b/ids-api/build.gradle
@@ -10,6 +10,10 @@ protobuf {
 clean {
     delete protobuf.generatedFilesBaseDir
 }
+// Sometimes required to fix an error caused by a non-existing folder
+clean.doLast {
+    mkdir("${project.buildDir}/classes/kotlin/main")
+}
 
 idea {
   module {
@@ -19,9 +23,6 @@ idea {
 }
 
 dependencies {
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
-
     providedByBundle group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
 
     providedByBundle group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version: libraryVersions.jackson
diff --git a/ids-comm/build.gradle b/ids-comm/build.gradle
index fc9afa8b9..20d3a4e61 100644
--- a/ids-comm/build.gradle
+++ b/ids-comm/build.gradle
@@ -8,9 +8,6 @@ dependencies {
         exclude group: 'net.java.dev.jna', module: 'jna'
     }
 
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
-
     providedByBundle group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
     
     publishCompile group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
diff --git a/ids-container-manager/build.gradle b/ids-container-manager/build.gradle
index 7b9c925d9..af8f3ca97 100644
--- a/ids-container-manager/build.gradle
+++ b/ids-container-manager/build.gradle
@@ -19,9 +19,6 @@ idea {
 dependencies {
     providedByBundle(project(':ids-api')) { transitive = false }
 
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
-
     // Provided dependency of docker-java-api
     providedByBundle group: 'org.glassfish', name: 'javax.json', version: libraryVersions.javaxJson
     // Required until our library PR has been accepted
diff --git a/ids-dataflow-control/build.gradle b/ids-dataflow-control/build.gradle
index e9dd0e39d..e8469a53c 100644
--- a/ids-dataflow-control/build.gradle
+++ b/ids-dataflow-control/build.gradle
@@ -4,9 +4,6 @@ dependencies {
     providedByBundle(group: 'com.google.guava', name: 'guava', version: libraryVersions.guava) {
         transitive = false  // Avoid pulling in of checker framework and other annotation stuff
     }
-  
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
 
     providedByBundle group: 'it.unibo.alice.tuprolog', name: 'tuprolog', version: libraryVersions.tuprolog
 
diff --git a/ids-dynamic-tls/build.gradle b/ids-dynamic-tls/build.gradle
index 6adc3de61..93e35455b 100644
--- a/ids-dynamic-tls/build.gradle
+++ b/ids-dynamic-tls/build.gradle
@@ -1,8 +1,5 @@
 dependencies {
     providedByBundle(project(':ids-api')) { transitive = false }
-  
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
 
     osgiCore group: 'org.osgi', name: 'org.osgi.core', version: libraryVersions.osgi
 
diff --git a/ids-endpoint-config/build.gradle b/ids-endpoint-config/build.gradle
index 71739fb9e..26347138e 100644
--- a/ids-endpoint-config/build.gradle
+++ b/ids-endpoint-config/build.gradle
@@ -1,9 +1,6 @@
 dependencies {
     providedByBundle(project(':ids-api')) { transitive = false }
 
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
-
     osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
 
     testImplementation group: 'junit', name: 'junit'
diff --git a/ids-infomodel-manager/build.gradle.kts b/ids-infomodel-manager/build.gradle.kts
index 95e0afde7..2bacaa8cb 100644
--- a/ids-infomodel-manager/build.gradle.kts
+++ b/ids-infomodel-manager/build.gradle.kts
@@ -18,7 +18,4 @@ dependencies {
     infomodelBundle("com.fasterxml.jackson.core", "jackson-databind", libraryVersions["jackson"])
 
     osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
-
-    compileOnly("org.apache.logging.log4j", "log4j-core", libraryVersions["log4j"])
-    compileOnly("org.apache.logging.log4j", "log4j-slf4j-impl", libraryVersions["log4j"])
 }
diff --git a/ids-route-manager/build.gradle b/ids-route-manager/build.gradle
index 5a7fbf5bf..a28cbb7b9 100644
--- a/ids-route-manager/build.gradle
+++ b/ids-route-manager/build.gradle
@@ -9,9 +9,6 @@ dependencies {
 
     compileOnly group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
 
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
-
     osgiCore group: 'org.apache.felix', name: 'org.apache.felix.framework', version: libraryVersions.felixFramework
     osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
 
diff --git a/ids-settings/build.gradle.kts b/ids-settings/build.gradle.kts
index 84df2acdf..1861aaf39 100644
--- a/ids-settings/build.gradle.kts
+++ b/ids-settings/build.gradle.kts
@@ -16,8 +16,5 @@ dependencies {
         exclude("org.jetbrains.kotlin", "*")
     }
 
-    providedByBundle("org.apache.logging.log4j", "log4j-core", libraryVersions["log4j"])
-    providedByBundle("org.apache.logging.log4j", "log4j-slf4j-impl", libraryVersions["log4j"])
-
     osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
 }
\ No newline at end of file
diff --git a/ids-token-manager/build.gradle b/ids-token-manager/build.gradle
index cf2834569..200d315b4 100755
--- a/ids-token-manager/build.gradle
+++ b/ids-token-manager/build.gradle
@@ -1,9 +1,6 @@
 dependencies {
     providedByBundle(project(':ids-api')) { transitive = false }
 
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
-
     osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
 
     providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-impl', version: libraryVersions.jsonwebtoken
diff --git a/ids-webconsole/build.gradle b/ids-webconsole/build.gradle
index 266e65e54..7176a0f7f 100644
--- a/ids-webconsole/build.gradle
+++ b/ids-webconsole/build.gradle
@@ -86,13 +86,10 @@ dependencies {
     implementation group: 'com.auth0', name: 'java-jwt', version: libraryVersions.auth0Jwt
     osgiCore group: 'org.apache.felix', name: 'org.apache.felix.framework', version: libraryVersions.felixFramework
     osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-    
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
 
     compileOnly group: 'io.swagger', name: 'swagger-jaxrs', version: libraryVersions.swagger
 
-    testImplementation group: 'junit', name: 'junit'
+    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
     testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
 
     testImplementation group: 'org.apache.cxf', name: 'cxf-rt-transports-local', version: libraryVersions.cxf
diff --git a/karaf-assembly/build.gradle b/karaf-assembly/build.gradle
index 1a668482d..32636fbd6 100644
--- a/karaf-assembly/build.gradle
+++ b/karaf-assembly/build.gradle
@@ -4,13 +4,18 @@ dependencies {
     osgiCore group: "org.apache.felix", name: "org.apache.felix.framework", version: libraryVersions.felixFramework
     osgiCore group: "org.osgi", name: "osgi.cmpn", version: libraryVersions.osgiCompendium
 
+    testImplementation group: "org.ops4j.pax.exam", name: "pax-exam", version: libraryVersions.paxExam
+    testImplementation group: "org.ops4j.pax.exam", name: "pax-exam-junit4", version: libraryVersions.paxExam
+    testImplementation group: "org.ops4j.pax.exam", name: "pax-exam-container-karaf",
+            version: libraryVersions.paxExam
     testImplementation group: "org.apache.karaf.itests", name: "common", version: libraryVersions.karaf
 
     testImplementation group: "org.apache.karaf", name: "apache-karaf", version: libraryVersions.karaf, ext: "pom"
     testImplementation group: "org.awaitility", name: "awaitility", version: libraryVersions.awaitility
     testImplementation group: "org.apache.servicemix.bundles", name: "org.apache.servicemix.bundles.hamcrest",
             version: libraryVersions.servicemixHamcrest
-    testImplementation group: "javax.annotation", name: "javax.annotation-api", version: libraryVersions.javaxAnnotation
+    testImplementation group: "javax.annotation", name: "javax.annotation-api",
+            version: libraryVersions.javaxAnnotation
 }
 
 static def getBrandingAligned(String branding, String space = "\\u0020") {
@@ -95,4 +100,5 @@ task makeMavenDependencies {
 }
 
 integrationTest.dependsOn(makeMavenDependencies)
-integrationTest.dependsOn(assembleKaraf)
\ No newline at end of file
+integrationTest.dependsOn(assembleKaraf)
+integrationTest.outputs.upToDateWhen { false }
\ No newline at end of file
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index d4a047f1c..dc30c6a3b 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -37,7 +37,7 @@ checkerQual: "2.5.2"
 guava: "27.0-jre"
 kotlin: "1.3.71"
 tuprolog: "3.3.0"
-log4j: "2.6.2"
+slf4j: "1.7.30"
 junit4: "4.12"
 mockito: "3.2.0"
 mapdb: "3.0.7"
diff --git a/rat-repository/build.gradle b/rat-repository/build.gradle
index 45ab1fdb3..57bdaabdd 100644
--- a/rat-repository/build.gradle
+++ b/rat-repository/build.gradle
@@ -8,9 +8,6 @@ dependencies {
     implementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
     implementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
     implementation group: 'com.sun.activation', name: 'javax.activation', version: libraryVersions.jaxActivation
-
-    implementation group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
-    implementation group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
     
     implementation group: 'org.xerial', name: 'sqlite-jdbc', version: libraryVersions.sqliteJdbc
     implementation group: 'org.eclipse.jetty', name: 'jetty-server', version: libraryVersions.jetty

From bc546a67ebda6940ac97b0ffd62597d25f7a134d Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 23 Apr 2020 21:49:19 +0200
Subject: [PATCH 007/237] Fixed karaf-assembly integration test package name

---
 .../api/AssemblyTestIT.java => assembly/AssemblyIT.java}      | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename karaf-assembly/src/test/java/de/fhg/aisec/ids/{webconsole/api/AssemblyTestIT.java => assembly/AssemblyIT.java} (97%)

diff --git a/karaf-assembly/src/test/java/de/fhg/aisec/ids/webconsole/api/AssemblyTestIT.java b/karaf-assembly/src/test/java/de/fhg/aisec/ids/assembly/AssemblyIT.java
similarity index 97%
rename from karaf-assembly/src/test/java/de/fhg/aisec/ids/webconsole/api/AssemblyTestIT.java
rename to karaf-assembly/src/test/java/de/fhg/aisec/ids/assembly/AssemblyIT.java
index 53df5e530..f4392f859 100644
--- a/karaf-assembly/src/test/java/de/fhg/aisec/ids/webconsole/api/AssemblyTestIT.java
+++ b/karaf-assembly/src/test/java/de/fhg/aisec/ids/assembly/AssemblyIT.java
@@ -17,7 +17,7 @@
  * limitations under the License.
  * =========================LICENSE_END==================================
  */
-package de.fhg.aisec.ids.webconsole.api;
+package de.fhg.aisec.ids.assembly;
 
 import de.fhg.aisec.ids.api.conm.ConnectionManager;
 import de.fhg.aisec.ids.api.settings.ConnectorConfig;
@@ -47,7 +47,7 @@
 
 @RunWith(PaxExam.class)
 @ExamReactorStrategy(PerClass.class)
-public class AssemblyTestIT extends KarafTestSupport {
+public class AssemblyIT extends KarafTestSupport {
 
   @Inject
   @Filter(timeout = 30000)

From fba4a1864633279c82c692cd16c01da000ce9700 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Mon, 27 Apr 2020 09:34:00 +0200
Subject: [PATCH 008/237] unprotect self-information endpoint

---
 .../main/java/de/fhg/aisec/ids/webconsole/api/SettingsApi.java   | 1 -
 1 file changed, 1 deletion(-)

diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/SettingsApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/SettingsApi.java
index 22fb1c3de..f8b63ed53 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/SettingsApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/SettingsApi.java
@@ -99,7 +99,6 @@ public ConnectorProfile getConnectorProfile() {
   @Path("/selfInformation")
   @Produces("application/ld+json")
   // TODO Document ApiOperation
-  @AuthorizationRequired
   public String getSelfInformation() {
     InfoModel im = WebConsoleComponent.getInfoModelManager();
     if (im == null) {

From b6128fc044b5c030fb6e12da1b15b413ba63ff9d Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 6 May 2020 11:49:13 +0200
Subject: [PATCH 009/237] Some cleanup and preparations for Gradle Kotlin DSL

---
 build.gradle                                  | 119 +++++++++---------
 camel-multipart-processor/.gitignore          |   5 -
 camel-multipart-processor/build.gradle        |  23 ----
 camel-multipart-processor/build.gradle.kts    |  31 +++++
 .../camel/multipart/MultiPartComponent.java   |   3 +-
 ids-infomodel-manager/build.gradle.kts        |   1 -
 6 files changed, 91 insertions(+), 91 deletions(-)
 delete mode 100644 camel-multipart-processor/.gitignore
 delete mode 100644 camel-multipart-processor/build.gradle
 create mode 100644 camel-multipart-processor/build.gradle.kts

diff --git a/build.gradle b/build.gradle
index 7f1892f71..315587330 100644
--- a/build.gradle
+++ b/build.gradle
@@ -11,25 +11,25 @@ buildscript {
 }
 
 plugins {
-    id 'java'
-    id 'com.google.protobuf' version '0.8.10'
-    id 'com.moowork.node' version '1.3.1'
-    id 'biz.aQute.bnd' version '4.2.0' apply false
-    id 'com.github.lburgazzoli.karaf' version '0.5.1'
-    id 'org.jetbrains.kotlin.jvm' version '1.3.71'
-    id 'com.github.jlouns.cpe' version '0.5.0'
-    id 'com.benjaminsproule.swagger' version '1.0.6'
-    id 'com.diffplug.gradle.spotless' version '3.13.0'
-    id 'com.github.jk1.dependency-license-report' version '1.2'
+    id "java"
+    id "com.google.protobuf" version "0.8.10"
+    id "com.moowork.node" version "1.3.1"
+    id "biz.aQute.bnd" version "4.2.0" apply false
+    id "com.github.lburgazzoli.karaf" version "0.5.1"
+    id "org.jetbrains.kotlin.jvm" version "1.3.71"
+    id "com.github.jlouns.cpe" version "0.5.0"
+    id "com.benjaminsproule.swagger" version "1.0.6"
+    id "com.diffplug.gradle.spotless" version "3.13.0"
+    id "com.github.jk1.dependency-license-report" version "1.2"
 }
 
 licenseReport {
-    configurations = ['compile', 'providedByFeature', 'providedByBundle']
+    configurations = ["compile", "providedByFeature", "providedByBundle"]
 }
 
 allprojects {
-    group = 'de.fhg.aisec.ids'
-    version = '3.0.2'
+    group = "de.fhg.aisec.ids"
+    version = "3.0.2"
 
     ext.libraryVersions = new Yaml().loadAs(new FileInputStream(file("${rootDir}/libraryVersions.yaml")), Map.class)
 
@@ -67,26 +67,26 @@ allprojects {
         jcenter()
         // References IAIS repository that contains the infomodel artifacts
         maven {
-            url 'https://maven.iais.fraunhofer.de/artifactory/eis-ids-public/'
+            url "https://maven.iais.fraunhofer.de/artifactory/eis-ids-public/"
         }
     }
 }
 
 subprojects {
-    apply plugin: 'biz.aQute.bnd.builder'
-    apply plugin: 'java'
-    apply plugin: 'maven'
-    apply plugin: 'kotlin'
+    apply plugin: "biz.aQute.bnd.builder"
+    apply plugin: "java"
+    apply plugin: "maven"
+    apply plugin: "kotlin"
 
     sourceCompatibility = JavaVersion.VERSION_11
     targetCompatibility = JavaVersion.VERSION_11
 
     test {
-        exclude '**/*IT.*'
+        exclude "**/*IT.*"
     }
 
     task integrationTest(type: Test) {
-        include '**/*IT.*'
+        include "**/*IT.*"
         systemProperty "project.version", "$project.version"
     }
 
@@ -102,23 +102,23 @@ subprojects {
     // define some Bill of Materials (BOM) for all subprojects
     dependencies {
         // BOM from Karaf, sets common version for OSGi libraries
-        bom group: 'org.apache.karaf', name: 'karaf', version: libraryVersions.karaf
+        bom group: "org.apache.karaf", name: "karaf", version: libraryVersions.karaf
 
         // BOM for pax, for jetty, etc.
-        bom group: 'org.ops4j.pax', name: 'web', version: libraryVersions.pax
+        bom group: "org.ops4j.pax", name: "web", version: libraryVersions.pax
 
         // Logging API
-        providedByBundle group: 'org.slf4j', name: 'slf4j-simple', version: libraryVersions.slf4j
+        providedByBundle group: "org.slf4j", name: "slf4j-simple", version: libraryVersions.slf4j
 
         // Needed for kotlin modules, provided at runtime via kotlin-osgi-bundle in karaf-features-ids
-        compileOnly group: 'org.jetbrains.kotlin', name: 'kotlin-stdlib-jdk8', version: libraryVersions.kotlin
+        compileOnly group: "org.jetbrains.kotlin", name: "kotlin-stdlib-jdk8", version: libraryVersions.kotlin
 
         // Required for successful build with JDK 11
         compileOnly group: "javax.xml.bind", name: "jaxb-api", version: libraryVersions.jaxb
         testImplementation group: "javax.xml.bind", name: "jaxb-api", version: libraryVersions.jaxb
         testImplementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
         testImplementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
-        testImplementation group: 'com.sun.activation', name: 'javax.activation', version: libraryVersions.jaxActivation
+        testImplementation group: "com.sun.activation", name: "javax.activation", version: libraryVersions.jaxActivation
     }
 
     tasks.withType(KotlinCompile) {
@@ -128,26 +128,23 @@ subprojects {
     }
 
     tasks.withType(JavaCompile) {
-        options.encoding = 'UTF-8'
-//        options.compilerArgs << '-Xlint:unchecked'
+        options.encoding = "UTF-8"
+//        options.compilerArgs << "-Xlint:unchecked"
 //        options.deprecation = true
     }
 
     tasks.withType(Jar) {
         jar {
             manifest {
-                // set the vendor
-                attributes 'Bundle-Vendor': 'Fraunhofer AISEC'
-
-                // TODO: this was set in most of the bnd files. do we really need this?
-                attributes '-noee': true
+                attributes "Bundle-Vendor": "Fraunhofer AISEC"
+                attributes "-noee": true
             }
         }
     }
 }
 
-configure(subprojects.findAll { it.name != 'examples' }) {
-    apply plugin: 'com.diffplug.gradle.spotless'
+configure(subprojects.findAll { it.name != "examples" }) {
+    apply plugin: "com.diffplug.gradle.spotless"
 
     spotless {
         java {
@@ -155,11 +152,11 @@ configure(subprojects.findAll { it.name != 'examples' }) {
 
             googleJavaFormat()
 
-            licenseHeader('''/*-
+            licenseHeader("""/*-
  * ========================LICENSE_START=================================
- * ''' + project.name + '''
- * %%
- * Copyright (C) $YEAR Fraunhofer AISEC
+ * """ + project.name + """
+" * %%
+ * Copyright (C) \$YEAR Fraunhofer AISEC
  * %%
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -173,26 +170,26 @@ configure(subprojects.findAll { it.name != 'examples' }) {
  * See the License for the specific language governing permissions and
  * limitations under the License.
  * =========================LICENSE_END==================================
- */''').yearSeparator(' - ')
+ */""").yearSeparator(" - ")
         }
     }
 }
 
-configure(subprojects.findAll { it.name == 'ids-api' || it.name == 'ids-comm' }) {
-    apply plugin: 'maven-publish'
-    apply plugin: 'signing'
+configure(subprojects.findAll { it.name == "ids-api" || it.name == "ids-comm" }) {
+    apply plugin: "maven-publish"
+    apply plugin: "signing"
 
     task sourcesJar(type: Jar) {
         from sourceSets.main.allSource
-        from ('src/main') {
-            include 'proto/**'
+        from ("src/main") {
+            include "proto/**"
         }
-        archiveClassifier = 'sources'
+        archiveClassifier = "sources"
     }
 
     task javadocJar(type: Jar) {
         from javadoc
-        archiveClassifier = 'javadoc'
+        archiveClassifier = "javadoc"
     }
 
     // Must disable gradle metadata because of infomodel SNAPSHOT dependencies
@@ -207,27 +204,27 @@ configure(subprojects.findAll { it.name == 'ids-api' || it.name == 'ids-comm' })
                 artifact sourcesJar
                 artifact javadocJar
                 pom {
-                    name = 'IDSCP Protocol Library'
-                    description = 'Contains the WebSocket-based Industrial Data Space Communication Protocol (IDSCP)'
-                    url = 'https://github.com/industrial-data-space/trusted-connector'
+                    name = "IDSCP Protocol Library"
+                    description = "Contains the WebSocket-based Industrial Data Space Communication Protocol (IDSCP)"
+                    url = "https://github.com/industrial-data-space/trusted-connector"
                     licenses {
                         license {
-                            name = 'The Apache License, Version 2.0'
-                            url = 'http://www.apache.org/licenses/LICENSE-2.0.txt'
+                            name = "The Apache License, Version 2.0"
+                            url = "http://www.apache.org/licenses/LICENSE-2.0.txt"
                         }
                     }
                     developers {
                         developer {
-                            name = 'Michael Lux'
-                            email = 'michael.lux@aisec.fraunhofer.de'
-                            organization = 'Fraunhofer AISEC'
-                            organizationUrl = 'aisec.fraunhofer.de'
+                            name = "Michael Lux"
+                            email = "michael.lux@aisec.fraunhofer.de"
+                            organization = "Fraunhofer AISEC"
+                            organizationUrl = "aisec.fraunhofer.de"
                         }
                     }
                     scm {
-                        connection = 'scm:git:git://github.com:industrial-data-space/trusted-connector.git'
-                        developerConnection = 'scm:git:ssh://github.com:industrial-data-space/trusted-connector.git'
-                        url = 'https://github.com/industrial-data-space/trusted-connector'
+                        connection = "scm:git:git://github.com:industrial-data-space/trusted-connector.git"
+                        developerConnection = "scm:git:ssh://github.com:industrial-data-space/trusted-connector.git"
+                        url = "https://github.com/industrial-data-space/trusted-connector"
                     }
                 }
             }
@@ -237,11 +234,11 @@ configure(subprojects.findAll { it.name == 'ids-api' || it.name == 'ids-comm' })
             maven {
                 def releasesRepoUrl = "https://oss.sonatype.org/service/local/staging/deploy/maven2"
                 def snapshotsRepoUrl = "https://oss.sonatype.org/content/repositories/snapshots"
-                url = version.endsWith('SNAPSHOT') ? snapshotsRepoUrl : releasesRepoUrl
+                url = version.endsWith("SNAPSHOT") ? snapshotsRepoUrl : releasesRepoUrl
 
                 credentials {
-                    username = project.findProperty('deployUsername')
-                    password = project.findProperty('deployPassword')
+                    username = project.findProperty("deployUsername")
+                    password = project.findProperty("deployPassword")
                 }
             }
         }
diff --git a/camel-multipart-processor/.gitignore b/camel-multipart-processor/.gitignore
deleted file mode 100644
index f6a4b7789..000000000
--- a/camel-multipart-processor/.gitignore
+++ /dev/null
@@ -1,5 +0,0 @@
-bin/
-/build/
-/generated/
-/generated-sources/
-/target/
diff --git a/camel-multipart-processor/build.gradle b/camel-multipart-processor/build.gradle
deleted file mode 100644
index 02268a1db..000000000
--- a/camel-multipart-processor/build.gradle
+++ /dev/null
@@ -1,23 +0,0 @@
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-
-    // Bill of Materials (BOM) for Camel
-    bom group: 'org.apache.camel', name: 'camel-parent', version: libraryVersions.camel
-
-    providedByFeature group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
-	providedByFeature group: 'org.apache.camel', name: 'camel-http4', version: libraryVersions.camelHttp4
-
-    compileOnly group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
-
-    providedByBundle group: 'org.apache.httpcomponents', name: 'httpcore-osgi', version: libraryVersions.httpcore
-	providedByBundle group: 'org.apache.httpcomponents', name: 'httpclient-osgi', version: libraryVersions.httpclient
-    
-    providedByBundle group: 'commons-fileupload', name: 'commons-fileupload', version: libraryVersions.commonsFileUpload
-
-    osgiCore group: 'org.apache.felix', name: 'org.apache.felix.framework', version: libraryVersions.felixFramework
-    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-
-    testImplementation group: 'junit', name: 'junit'
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-    testImplementation group: 'org.apache.camel', name: 'camel-test', version: libraryVersions.camel
-}
diff --git a/camel-multipart-processor/build.gradle.kts b/camel-multipart-processor/build.gradle.kts
new file mode 100644
index 000000000..490143d8f
--- /dev/null
+++ b/camel-multipart-processor/build.gradle.kts
@@ -0,0 +1,31 @@
+import org.yaml.snakeyaml.Yaml
+
+dependencies {
+    @Suppress("UNCHECKED_CAST") val libraryVersions =
+            Yaml().load(File("${rootDir}/libraryVersions.yaml").inputStream()) as Map<String, String>
+
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+
+    implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
+    implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodelSerializer"])
+    
+    // Bill of Materials (BOM) for Camel
+    bom("org.apache.camel", "camel-parent", libraryVersions["camel"])
+
+    providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
+	providedByFeature("org.apache.camel", "camel-http4", libraryVersions["camelHttp4"])
+
+    compileOnly("org.checkerframework", "checker-qual", libraryVersions["checkerQual"])
+
+    providedByBundle("org.apache.httpcomponents", "httpcore-osgi", libraryVersions["httpcore"])
+	providedByBundle("org.apache.httpcomponents", "httpclient-osgi", libraryVersions["httpclient"])
+    
+    providedByBundle("commons-fileupload", "commons-fileupload", libraryVersions["commonsFileUpload"])
+
+    osgiCore("org.apache.felix", "org.apache.felix.framework", libraryVersions["felixFramework"])
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+    testImplementation("org.apache.camel", "camel-test", libraryVersions["camel"])
+}
diff --git a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.java b/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.java
index 2b86fa67d..1f81af92d 100644
--- a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.java
+++ b/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.java
@@ -36,8 +36,9 @@
 @Component(name = "ids-multipart-component")
 public class MultiPartComponent {
 
+  @SuppressWarnings("unused")
   @Reference(cardinality = ReferenceCardinality.MANDATORY)
-  private InfoModel infoModel = null;
+  private InfoModel infoModel;
 
   private static MultiPartComponent instance;
 
diff --git a/ids-infomodel-manager/build.gradle.kts b/ids-infomodel-manager/build.gradle.kts
index 2bacaa8cb..4efb6216d 100644
--- a/ids-infomodel-manager/build.gradle.kts
+++ b/ids-infomodel-manager/build.gradle.kts
@@ -6,7 +6,6 @@ dependencies {
 
     infomodelBundle(project(":ids-api")) { isTransitive = false }
 
-    // MVN resolution problem workaround for infomodel until publicly released
     implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
     implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodelSerializer"])
 

From 5da4b718f9cdc7c307e3a51d62722bddfbe6d624 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 20 Apr 2020 14:46:56 +0200
Subject: [PATCH 010/237] Update latest examples ZIP

---
 .../trusted-connector-examples_latest.zip     | Bin 34535 -> 34287 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/examples/trusted-connector-examples_latest.zip b/examples/trusted-connector-examples_latest.zip
index e1d4b965691e05b2d68bf009a05ca6fd1a488d52..55b18a4353b6d41ec30f3fbad82e7cd7df0a2cb9 100644
GIT binary patch
delta 1717
zcma)*T}V@57{}kukDVO&wW)Jk(>cF3_hqD^E!K*WVrftWK?G(?1*gLe(FAvPbds1C
z^-xA1H<|Qxp?SP2=>w#T5FzLy3M_B*qN0eBpwynT8{f0o$unL!+xb1u|NlHY|J5=1
z*HO9dXhTx6nlKDQ2=U<Ax{R<9E(WV|$D>exnnl4xudhAi(g=y-k*Ffj$eMVoGAh)p
z&v=dv{<lU;;1;XrS96w`5(QH?UjFF=+Ifd3fzD;y#Zm<m4lE6{qF+Cr1R&u*metCU
zJwE>ChC)tASBeDdv^<fU70hh;!YGTZKd}K+G{dq%2i`~)f4?#+_-^mm{5^;zY3hU$
zaH5XGt!&3QA$bHchVr4gb`kwAIk=GpRLz$qY))XnW#Y%Yv%<V5^*`n(afX)E#5_OX
zx+l#0w65)Q53-pOEFmQjaTQLq?UiBoa}DEn*3iwMlpB{@51mmJf9=4W;OJ-3p4`W%
z@<&32ce(SDkX20XTwFnRUWy&6e88alZLA%g8X?`O<A2%K1^Z36Rr>E}eJV*}IZ9`h
zz|Lqr+&646A~7mo-RDb1)^O$dsl#YFEb-#-IrU0s4ZZ{B;OrL%HtrQX$mD9Wl|njc
zMntF!GiffRP&!~@^feq|%}NS|2&=(?C*USqB>KIO(<Bq}$^b6TR7MrhnW>;W5Yk_O
ztQI!PR4^4u5jA@j5t_X>#(+kP4l+40kP!psierE`lG{ot(!t0UDPFY^;_Gep2ReMV
z_Orp3fWz+V?1^6-osv9J{XRQ}$slriDJnQ^bU>%qYK`wiXTl=t)UXQ+3gG2XHoYr4
z5hWr%ze?bDhe82+U$eg>UWkr`SyXtY8uq(27$FTUL`Or+2Wyb8_-7J29|a<TX%}3m
zG-k#-g6Y`%z<MFWsf86TU9`2$*uxix@S(dYzLX9?mPkuqPe>@>54QUq-CbRwgC2WJ
gcPPFbP7e!z$=xP6Kde=!V3G(?;YWsdZ^Od3zb*|EB>(^b

delta 1945
zcmZ`(Yivtl7=GJsT~{KbyBt*=8`-Uw&1H<alr1X5YV3zZh*ZmD)oB|s5#8xU!iez2
z7W^U=iEB9hMdFr47Fp(xkVs7YAwm(C{b6{&UUtrRn!ZhY(mc=me9w8m@A<y=D?gl4
zwm8~Ud0GIC2A*9w<^U`u{lS`wU#H6#F#7{upUZDm0n3eE7{4CE)~NOlcU@a5m6^C}
z+Y(Mf!bj~57PAjle|oC{c&!ocmnaJL(muLuW_b?C7hZ3auiDl9?{^s6wZ#B6lu{=o
znxh&<X6xXKiv_6T%?GGU%8*UGP8cdLR5HAH^+<mo@;s=wFvYvd&k{@(A!UiwR<LL6
z=pMA@A@7VQ4N`<P3_zw==;rVB`U6?hYQL;Ad{+S6Rsqb#Hp(P#BGZJ2tv?lv=3Tul
z^bHxuk-Z|rG(~HP!T!A^*W%NV=sL8^)6?xTckT8&d$J6OgA<0EuW6Y58ncFukD$U#
z1?jYWVjy?hU~C+rutI29T&ZBN2ll<6590ia)WmJAB&(x^!s!J^lnkff%Iwki$Qe=#
z{Y_;m2K!a9r1TzQf7GPE$si0gK4*Kk8Ga63LENbp+}2mQ_T;8Hv?AA73eb6=$K&tv
zWX&U3<Bun-h#wLjwoj>Nj2X{8+P*;z5Yz~Z*1ObBg|b+cJ0z%qRRjqeeM%$aXk$CY
z$fOPd<<pAsrZcnVndEdaMsj*WOA^}3I(dVbEdYH=I<0@3T<WW+%JCB1B$d9zQzH#t
zmKpK<(BO#`=l{}%dZ{=YK#?2chpVVK#*v#MF+&dUTwaXlYLnnqehveU_EGSoiGpX#
z^DOeWruukFk|lkW3EK&CDrhCiNXq-jjR>cX^H0(wOrx$wVoILF^a{9HKk(Qj^J|J)
z*GW1kBV&XHGF5b@D;wnT%rdhx!sW&J?glc_JhxMhiU9>E%LwB$&YPCWl{;E(EgM@c
zp51a0vLj3fX<kkahfUJ$5_1etD^ZW}?q;&jT27N)-@D7xEmsu7&7O%EKW`N|-Bd@~
zBl*l$-bp&xyaqvz3^eMB<cj20h<fa3CC@?)LCI_<?_l&dgYme^E}wwKwf~@8n6_m0
zhTaOPDuM~yOYBeI5wfP)4)KxzD9tqCGtN)g$>XSg3!888-T;`+(2c#5i}<|Wz*?Kd
W=?gg8^6`=Z;PA5)O`Q+YfBykn0l_%{


From e568f3cb7f474e8939e5eb61302c4ebd22bd2e93 Mon Sep 17 00:00:00 2001
From: "Banse, Christian" <christian.banse@aisec.fraunhofer.de>
Date: Mon, 11 May 2020 20:51:56 +0200
Subject: [PATCH 011/237] Trying to use GitHub CI instead of Travis

---
 .github/workflows/build.yml | 10 ++++++++++
 .travis.yml                 | 22 ----------------------
 README.md                   |  2 +-
 build.sh                    |  0
 4 files changed, 11 insertions(+), 23 deletions(-)
 create mode 100644 .github/workflows/build.yml
 delete mode 100644 .travis.yml
 mode change 100644 => 100755 build.sh

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
new file mode 100644
index 000000000..5608dfe30
--- /dev/null
+++ b/.github/workflows/build.yml
@@ -0,0 +1,10 @@
+name: build
+on: [push]
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Build
+        run: |
+          ./build.sh
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 50f786039..000000000
--- a/.travis.yml
+++ /dev/null
@@ -1,22 +0,0 @@
-language: java
-jdk:
-  - oraclejdk11
-services:
-  - docker
-before_cache:
-  - rm -f  $HOME/.gradle/caches/modules-2/modules-2.lock
-  - rm -fr $HOME/.gradle/caches/*/plugin-resolution/
-cache:
-  directories:
-  - $HOME/.m2
-  - $HOME/.gradle/caches/
-  - $HOME/.gradle/wrapper/
-before_install:
-  - wget -O protoc.zip https://github.com/protocolbuffers/protobuf/releases/download/v3.11.4/protoc-3.11.4-linux-x86_64.zip
-  - mkdir $HOME/protoc && unzip -d $HOME/protoc protoc.zip
-  - export PATH=$HOME/protoc/bin:$PATH
-  - echo $PATH
-  - nvm install 12
-  - npm install -g yarn  
-install: true
-script: ./gradlew --parallel clean build
diff --git a/README.md b/README.md
index cb1e6d0bf..f0000ff66 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-[![Build Status](https://travis-ci.com/industrial-data-space/trusted-connector.svg?branch=develop)](https://travis-ci.org/industrial-data-space/trusted-connector)
+![build](https://github.com/industrial-data-space/trusted-connector/workflows/build/badge.svg)
 
 The _Trusted Connector_ is an Apache Karaf-based platform for the Industrial Internet of Things (IIoT). It supports Docker and trust|me as containerization environments and provides the following features:
 
diff --git a/build.sh b/build.sh
old mode 100644
new mode 100755

From d89009235391513baeec043eb4bf5b93df287047 Mon Sep 17 00:00:00 2001
From: oxisto <christian.banse@aisec.fraunhofer.de>
Date: Mon, 11 May 2020 20:57:36 +0200
Subject: [PATCH 012/237] Update build.yml

---
 .github/workflows/build.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 5608dfe30..222ac6b80 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -7,4 +7,7 @@ jobs:
       - uses: actions/checkout@master
       - name: Build
         run: |
+          mkdir -p /home/build/core-platform
+          mkdir -p /home/build/.gradle
+          mkdir -p /home/build/.m2
           ./build.sh

From b34a8aed1646d0d98baf0db1cf6b6ee26155b368 Mon Sep 17 00:00:00 2001
From: oxisto <christian.banse@aisec.fraunhofer.de>
Date: Mon, 11 May 2020 20:58:09 +0200
Subject: [PATCH 013/237] Update build.yml

---
 .github/workflows/build.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 222ac6b80..d150cc91d 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -7,7 +7,6 @@ jobs:
       - uses: actions/checkout@master
       - name: Build
         run: |
-          mkdir -p /home/build/core-platform
           mkdir -p /home/build/.gradle
           mkdir -p /home/build/.m2
           ./build.sh

From f8d8ac723b36d8ff11ddda0c5689c4fb65ca6045 Mon Sep 17 00:00:00 2001
From: oxisto <christian.banse@aisec.fraunhofer.de>
Date: Mon, 11 May 2020 20:59:45 +0200
Subject: [PATCH 014/237] Update build.yml

---
 .github/workflows/build.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index d150cc91d..96cb0080e 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -7,6 +7,6 @@ jobs:
       - uses: actions/checkout@master
       - name: Build
         run: |
-          mkdir -p /home/build/.gradle
-          mkdir -p /home/build/.m2
+          mkdir -p ~/.gradle
+          mkdir -p ~/.m2
           ./build.sh

From db67e2e8d50dfbef16e367c46d90d0083ef67a89 Mon Sep 17 00:00:00 2001
From: "Banse, Christian" <christian.banse@aisec.fraunhofer.de>
Date: Mon, 11 May 2020 21:38:08 +0200
Subject: [PATCH 015/237] Added caching

---
 .github/workflows/build.yml | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 96cb0080e..59bf776dd 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -5,8 +5,19 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@master
-      - name: Build
-        run: |
-          mkdir -p ~/.gradle
-          mkdir -p ~/.m2
-          ./build.sh
+      - name: Cache gradle modules
+        uses: actions/cache@v1
+        env:
+          cache-name: cache-gradle-modules
+        with:
+          path: ~/.gradle
+          key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/gradle.build') }}
+          restore-keys: |
+            ${{ runner.os }}-build-${{ env.cache-name }}-
+            ${{ runner.os }}-build-
+            ${{ runner.os }}-
+        - name: Build
+          run: |
+            mkdir -p ~/.gradle
+            mkdir -p ~/.m2
+            ./build.sh

From f7e01127370e8a3a5a92b6140874f67948a5928c Mon Sep 17 00:00:00 2001
From: "Banse, Christian" <christian.banse@aisec.fraunhofer.de>
Date: Mon, 11 May 2020 21:53:30 +0200
Subject: [PATCH 016/237] Fixed syntax

---
 .github/workflows/build.yml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 59bf776dd..4d942d5ff 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -16,8 +16,8 @@ jobs:
             ${{ runner.os }}-build-${{ env.cache-name }}-
             ${{ runner.os }}-build-
             ${{ runner.os }}-
-        - name: Build
-          run: |
-            mkdir -p ~/.gradle
-            mkdir -p ~/.m2
-            ./build.sh
+      - name: Build
+        run: |
+          mkdir -p ~/.gradle
+          mkdir -p ~/.m2
+          ./build.sh

From e7dd5cba9286cd98e47109b493ef2afd8f034379 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 19 May 2020 09:56:43 +0200
Subject: [PATCH 017/237] Updated jquery

---
 .../src/main/resources/www/package.json       |    2 +-
 .../src/main/resources/www/yarn.lock          | 1580 ++++++++---------
 2 files changed, 785 insertions(+), 797 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/package.json b/ids-webconsole/src/main/resources/www/package.json
index d7f6d7976..5199fcc6e 100644
--- a/ids-webconsole/src/main/resources/www/package.json
+++ b/ids-webconsole/src/main/resources/www/package.json
@@ -22,7 +22,7 @@
     "bootstrap": "^4.2.1",
     "core-js": "^3.6.4",
     "deep-equal": "^2.0.1",
-    "jquery": "^3.4.1",
+    "jquery": "^3.5.1",
     "material-design-lite": "^1.3.0",
     "ng2-ace-editor": "^0.3.9",
     "popper.js": "^1.16.1",
diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index 340829590..4df1f4087 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -2,29 +2,29 @@
 # yarn lockfile v1
 
 
-"@angular-devkit/architect@0.901.0":
-  version "0.901.0"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/architect/-/architect-0.901.0.tgz#c660cb76e3bd35fc294d8e8578782b83157924aa"
-  integrity sha512-SlqEBkPrT40zMCy5344AsUqC76pEPCaGPaAkCIvadaz2dC9vNMzQrvubCPJHViD/TumkSX1kYmLS3iYASVM9GQ==
+"@angular-devkit/architect@0.901.6":
+  version "0.901.6"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/architect/-/architect-0.901.6.tgz#5fb113850b025bdac894d1bb306b4d2ea51f8416"
+  integrity sha512-0pWzn10gCZxMCrS62NlD38qE2R7l5fPfBuNylntNqvzw9L7iS1ARgqMlAKn8KLaNG6FrXONmgUWHsV987ZICIw==
   dependencies:
-    "@angular-devkit/core" "9.1.0"
+    "@angular-devkit/core" "9.1.6"
     rxjs "6.5.4"
 
 "@angular-devkit/build-angular@~0.901.0":
-  version "0.901.0"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/build-angular/-/build-angular-0.901.0.tgz#f3b9459b8c28f2d6d4f3f26c45e45373cc86e5a7"
-  integrity sha512-ftJVNlKvIomqRfr5jFVraPqlLSUJu8YyVbFv/aCsvhNpuZGkYpTOMoJDwyywdslSTH608BIoU63IAnIz9PwUdw==
-  dependencies:
-    "@angular-devkit/architect" "0.901.0"
-    "@angular-devkit/build-optimizer" "0.901.0"
-    "@angular-devkit/build-webpack" "0.901.0"
-    "@angular-devkit/core" "9.1.0"
+  version "0.901.6"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/build-angular/-/build-angular-0.901.6.tgz#034f7ba5a5adda715fcbcc35f33ff8a7c62dd4a2"
+  integrity sha512-jgLFKRWSZIZZVb7fiGC0SHzBFYBkDOLTw/MRta8p81o8WzLe0uxGVP4RlIj6fZxv3Vvb1NZI4HHrgt/jASaj4A==
+  dependencies:
+    "@angular-devkit/architect" "0.901.6"
+    "@angular-devkit/build-optimizer" "0.901.6"
+    "@angular-devkit/build-webpack" "0.901.6"
+    "@angular-devkit/core" "9.1.6"
     "@babel/core" "7.9.0"
     "@babel/generator" "7.9.3"
     "@babel/preset-env" "7.9.0"
     "@babel/template" "7.8.6"
     "@jsdevtools/coverage-istanbul-loader" "3.0.3"
-    "@ngtools/webpack" "9.1.0"
+    "@ngtools/webpack" "9.1.6"
     ajv "6.12.0"
     autoprefixer "9.7.4"
     babel-loader "8.0.6"
@@ -34,6 +34,7 @@
     circular-dependency-plugin "5.2.0"
     copy-webpack-plugin "5.1.1"
     core-js "3.6.4"
+    css-loader "3.5.1"
     cssnano "4.1.10"
     file-loader "6.0.0"
     find-cache-dir "3.3.1"
@@ -61,12 +62,11 @@
     semver "7.1.3"
     source-map "0.7.3"
     source-map-loader "0.2.4"
-    source-map-support "0.5.16"
     speed-measure-webpack-plugin "1.3.1"
     style-loader "1.1.3"
     stylus "0.54.7"
     stylus-loader "3.0.2"
-    terser "4.6.7"
+    terser "4.6.10"
     terser-webpack-plugin "2.3.5"
     tree-kill "1.2.2"
     webpack "4.42.0"
@@ -75,32 +75,32 @@
     webpack-merge "4.2.2"
     webpack-sources "1.4.3"
     webpack-subresource-integrity "1.4.0"
-    worker-plugin "4.0.2"
+    worker-plugin "4.0.3"
 
-"@angular-devkit/build-optimizer@0.901.0":
-  version "0.901.0"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/build-optimizer/-/build-optimizer-0.901.0.tgz#6e6262294a74de9ab2e87fd05951dc080ec12f4a"
-  integrity sha512-Y9sz8uf2zjilhPUVYb0K9Mio6c1d5c+csuDc15CCKzELXJwyyDxilIFgn6Eu+edM0HNQGzbIwkjy4DkR9mtuTQ==
+"@angular-devkit/build-optimizer@0.901.6":
+  version "0.901.6"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/build-optimizer/-/build-optimizer-0.901.6.tgz#2dc85c5ae61113df16566949ae3833283864bb8b"
+  integrity sha512-M0H9SrOq4QOYqGCIguGQDWizf+XL7whJjBtYHxI7jEjtzar3zkTFgzZ/znv49R56Zch1niH0mBgtDxCFFWqarQ==
   dependencies:
     loader-utils "2.0.0"
     source-map "0.7.3"
     tslib "1.11.1"
-    typescript "3.8.3"
+    typescript "3.6.5"
     webpack-sources "1.4.3"
 
-"@angular-devkit/build-webpack@0.901.0":
-  version "0.901.0"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/build-webpack/-/build-webpack-0.901.0.tgz#884bf9343bf85af46de00db5b2a95a06a40d06fd"
-  integrity sha512-Oze0VzIvHnoW12C80fiNH4HBu/GWmhJPXdNA7nRkU/tBQlIKnfngf8rQ0QbgecN2qdEXQpZJsP/XclTi3zugsg==
+"@angular-devkit/build-webpack@0.901.6":
+  version "0.901.6"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/build-webpack/-/build-webpack-0.901.6.tgz#62a0d8cd94c8c61b734b0a6c149c922dd8908c42"
+  integrity sha512-jEk850AtIFK+xbXXiloVvueXTbJOL1mANR2UBrmWk7V4Bct+gHVerdXjn9vo1Tsd8BgemUYAcqvLldCx9MSDTg==
   dependencies:
-    "@angular-devkit/architect" "0.901.0"
-    "@angular-devkit/core" "9.1.0"
+    "@angular-devkit/architect" "0.901.6"
+    "@angular-devkit/core" "9.1.6"
     rxjs "6.5.4"
 
-"@angular-devkit/core@9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/core/-/core-9.1.0.tgz#5cc89bb5d44c6fd12a3527bae0253adb60d64b07"
-  integrity sha512-vHTsrB4JaVUQ95FRnKrgo79Y3F6FokImrZdrmwkQmwAThpjXeXmpUEKZS+ZSTFRgesjiIysVGOFijARP4BQ7Bg==
+"@angular-devkit/core@9.1.6":
+  version "9.1.6"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/core/-/core-9.1.6.tgz#d108430a48e58bf1efd1b87aa2edb64e3b9241d1"
+  integrity sha512-lYXoRtsMsfyIrNAa49Hcx79FPRW6ZrWjK2yJ3avON1Q3WEHYb/DIUP+ItyOQAkNUsCVMyK4wkddsu8PsqEW6tg==
   dependencies:
     ajv "6.12.0"
     fast-json-stable-stringify "2.1.0"
@@ -108,30 +108,30 @@
     rxjs "6.5.4"
     source-map "0.7.3"
 
-"@angular-devkit/schematics@9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/schematics/-/schematics-9.1.0.tgz#f453a9ff78c34a5468cc21830ac4a46089ee1a31"
-  integrity sha512-cb9PSvskMwWlL54fPfCcpJoyNDWAX6Wo7CzL5qpIB2cJCPLAuyfRUYYrkO77YUST+n2HvypHz0cZ5SNGMfaaBQ==
+"@angular-devkit/schematics@9.1.6":
+  version "9.1.6"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/schematics/-/schematics-9.1.6.tgz#759b01ef6815fd2d7366c3f1907d5878403a816e"
+  integrity sha512-twS8Sxc6NG4A0n7yITugP0snIMJ2Rm6aOGkckomWjZAP1fPo8pup8EFGc5wUBAtAOM3DJBphEnskpwEWCkBaLg==
   dependencies:
-    "@angular-devkit/core" "9.1.0"
+    "@angular-devkit/core" "9.1.6"
     ora "4.0.3"
     rxjs "6.5.4"
 
 "@angular/animations@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/animations/-/animations-9.1.0.tgz#3030e290683c0e2d63fa61060d36f659511d3b2c"
-  integrity sha512-o7X3HM+eocoryw3VrDUtG6Wci2KwtzyBFo3KBJXjQ16X6fwdkjTG+hLb7pp2CBFBEJW4tPYEy7cSBmEfMRTqag==
+  version "9.1.7"
+  resolved "https://registry.yarnpkg.com/@angular/animations/-/animations-9.1.7.tgz#09bf7c84c234d8b6ecaa101024a3b3e69ab198cd"
+  integrity sha512-1wW8ndGMLDuE2LpTN2RNRz1Dt7JgVBeVmOPMgzoA7g1uuvm+jESTrGG7W3BzLzG0BE2TeXt0fY90o4iU+S2Rmg==
 
 "@angular/cli@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/cli/-/cli-9.1.0.tgz#07ec165d507208bb8d8d8ab73c3e14102643edff"
-  integrity sha512-ofum4gPE/W3fKyzuJrpdHeOS0ZL8x0eYCgsrMyUoFodSpb5LWPqeW+56NgDTpIeny+Trx3pM9dr9QTUVTJ0vYg==
-  dependencies:
-    "@angular-devkit/architect" "0.901.0"
-    "@angular-devkit/core" "9.1.0"
-    "@angular-devkit/schematics" "9.1.0"
-    "@schematics/angular" "9.1.0"
-    "@schematics/update" "0.901.0"
+  version "9.1.6"
+  resolved "https://registry.yarnpkg.com/@angular/cli/-/cli-9.1.6.tgz#9622745d3fdf73b3045048e7df6c44f5aa8e97f5"
+  integrity sha512-hQnad0LQx0n+FiMRUV2RX9+L0dLsISu7uzimGLjgJVtW6Bc1cVnaTkKhOqHRQG2Q4Iv8adKWf5UL5tMZz/roDA==
+  dependencies:
+    "@angular-devkit/architect" "0.901.6"
+    "@angular-devkit/core" "9.1.6"
+    "@angular-devkit/schematics" "9.1.6"
+    "@schematics/angular" "9.1.6"
+    "@schematics/update" "0.901.6"
     "@yarnpkg/lockfile" "1.1.0"
     ansi-colors "4.1.1"
     debug "4.1.1"
@@ -140,7 +140,7 @@
     npm-package-arg "8.0.1"
     npm-pick-manifest "6.0.0"
     open "7.0.3"
-    pacote "11.1.4"
+    pacote "9.5.12"
     read-package-tree "5.3.1"
     rimraf "3.0.2"
     semver "7.1.3"
@@ -149,14 +149,14 @@
     uuid "7.0.2"
 
 "@angular/common@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/common/-/common-9.1.0.tgz#f9b5353a28f9da6c06266bc7244bbabf9e005176"
-  integrity sha512-6JPLNtMhI03bGTVQJeSwc+dTjV6DtP7M/BAyzIV0InZP1D6XsOh2QahLFIaaN2sSxYA2ClKuwfX1v+rx9AbXQA==
+  version "9.1.7"
+  resolved "https://registry.yarnpkg.com/@angular/common/-/common-9.1.7.tgz#79ebbe3c08ced0070314beb10bbccfb8927dfe62"
+  integrity sha512-04ef+J8bnOnjYbdRsm82IdIaaLFZ6QWh4SLtjnYhgCjEe4Stf59g+zRNPMauMFDQYDCp3foPo0djk1CPfEd8AQ==
 
 "@angular/compiler-cli@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/compiler-cli/-/compiler-cli-9.1.0.tgz#5887c278a2fe1f3165018b1cbceef71d9023b9ae"
-  integrity sha512-xZ8mVPmPporSTtvNA+cbFJQymLzuWfMX6HDDgztZ2eZ5WcQJYloRN4CcYMEzDhCxfV1Zw9Tfc2l14jZD8osi6g==
+  version "9.1.7"
+  resolved "https://registry.yarnpkg.com/@angular/compiler-cli/-/compiler-cli-9.1.7.tgz#ecd1d47b0368ed21dfcef980b3aaeb37085a3612"
+  integrity sha512-8HT8+UuSohrXlF90eewG2XuhtOEIfJ2UlijnSB10/+ZyroSdTKckoiFSps86nTd/EfrBblqNUMbwjOxIkzac3w==
   dependencies:
     canonical-path "1.0.0"
     chokidar "^3.0.0"
@@ -172,42 +172,42 @@
     yargs "15.3.0"
 
 "@angular/compiler@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/compiler/-/compiler-9.1.0.tgz#e55b4f2f24df75283002d5e8e85e1acfc46928f6"
-  integrity sha512-QHw/JSeTXHiJQ2Ih0EtU7FGsYcOr+0hwZhqwSW3EEn8TtUgA3DS5lXeiDV66f+3DdvNZFPmgiZIvun3ypxn1HA==
+  version "9.1.7"
+  resolved "https://registry.yarnpkg.com/@angular/compiler/-/compiler-9.1.7.tgz#e094f99f8742994761adeb1fd8090b21d2abff98"
+  integrity sha512-BiHJ3rAd00aJkur7ohnXjqBmz2QkSTAAFWLuBTYuHysxP4zJD54y4uUtsrCUReKL+8dkUv8AcfXBAkCBLvBUYg==
 
 "@angular/core@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/core/-/core-9.1.0.tgz#9dfc386bd1461e0fd4786031fd245da04371421c"
-  integrity sha512-RVlyegdIAij0P1wLY5ObIdsBAzvmHkHfElnmfiNKhaDftP6U/3zRtaKDu0bq0jvn1WCQ8zXxFQ8AWyKZwyFS+w==
+  version "9.1.7"
+  resolved "https://registry.yarnpkg.com/@angular/core/-/core-9.1.7.tgz#0465c26d9101389602e3ff9e502f83f3655e9fe1"
+  integrity sha512-uJSZ+rdGL47gc3A+Fal1XwJYB4WWpYJrNifvoQ2nOs+X5Qu+j0HN6GXPJb4kixoNzjYCGxmLoirdT3xhNZFcfQ==
 
 "@angular/forms@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/forms/-/forms-9.1.0.tgz#de14e34aa37bd41a28f93fee8666cd7f6393078c"
-  integrity sha512-5GC8HQlPChPV+168zLlm4yj4syA6N9ChSKV0tmzj1zIfMcub1UAOaB9IYaXRHQsjPFh9OuQXwmkzScyAfhEVjA==
+  version "9.1.7"
+  resolved "https://registry.yarnpkg.com/@angular/forms/-/forms-9.1.7.tgz#cdefbc7c7093fd37b417975f18b875a798cbd2d9"
+  integrity sha512-/bRs5hSFDUjOrq2vw11HoS25oEu7KYVxPbQiEjeBHJo82yDmSO+1cVukh6ulDi7iv1sJwSzikDtE9+xDx1ocfQ==
 
 "@angular/platform-browser-dynamic@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/platform-browser-dynamic/-/platform-browser-dynamic-9.1.0.tgz#830bd5038d1875736e87e68c3aef44f0f835e418"
-  integrity sha512-sMtz/poQ3TYaWZzWjrn9apKUZ/WKql2MYCWbpax7pql3GgC9OoTslc7ZEe7/d3ynfFE/CQqWBBOuWGD71Z0LMQ==
+  version "9.1.7"
+  resolved "https://registry.yarnpkg.com/@angular/platform-browser-dynamic/-/platform-browser-dynamic-9.1.7.tgz#cf20e8f9ba3512ca906d7f21cf0926f0222a95ad"
+  integrity sha512-DyUDGxp4kF4majcm9COVzu/9wzmgnfj+d6GUEjYkbqSH9QP05LonJ6wHMNxNMN6qMfawdCxDe0TnNDRPmHUj9w==
 
 "@angular/platform-browser@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/platform-browser/-/platform-browser-9.1.0.tgz#0bd40db37c9e314944c149de935b0f6cdd1f7350"
-  integrity sha512-OsS/blUjl8ranmDaRADjFAmvnlmwbT6WNU7dVov7FhV0rqesbwaOJ5bR0LSYHYpej7Jaa6oYk0v0XWkaH9LTFg==
+  version "9.1.7"
+  resolved "https://registry.yarnpkg.com/@angular/platform-browser/-/platform-browser-9.1.7.tgz#47e473660c772f80245bcf872aa7e3df9e875a70"
+  integrity sha512-zwNCnn4Ozax80YrkFcLoQ/7bVR7jPk7+QT++Nf9MmQwsaqa0Ve1IYa6Hg9Y1Kf4wquI9TdxMN17TPKmX8iNIaA==
 
 "@angular/platform-server@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/platform-server/-/platform-server-9.1.0.tgz#a4d5b20724acd54219603e32cee88b0b58ee6617"
-  integrity sha512-JboTIUBgf9yHRjF93q8NJQoeIp5Zp4kg8Nmw1QLWO6SV+OpiOpKSrlScMVncCh0KiU6SIOmiuHJwBhLm78fi+Q==
+  version "9.1.7"
+  resolved "https://registry.yarnpkg.com/@angular/platform-server/-/platform-server-9.1.7.tgz#b6648cfd2aeb922f1df9954483f7a1538fbf396b"
+  integrity sha512-EapDvdLuW0HAg17FOFpwPAPAPk6/qV14rJj1gylqXfjsVNmjwxJvEkwgzXGnV28w7kJzTfm5J+jBCw5MWe80tA==
   dependencies:
     domino "^2.1.2"
-    xhr2 "^0.1.4"
+    xhr2 "^0.2.0"
 
 "@angular/router@~9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@angular/router/-/router-9.1.0.tgz#df059c0f64fa41ada8f6b5ce741fe47d49f10194"
-  integrity sha512-cExO1nPnoPFiUJWZ28hTHozPLFoCmqr3xqcM57We0hhKE0esdrO+gRWKRH0EJERukLbU8coPKVhA8daGUpASiQ==
+  version "9.1.7"
+  resolved "https://registry.yarnpkg.com/@angular/router/-/router-9.1.7.tgz#ce9af75cec470f69122f2217bd5bdcfac7b74201"
+  integrity sha512-ycrkhkCbfOMCe9PngFjnyk8nH5jt0Kyb2NPtjmaGOtSCuZBZ0kOU0rQGmQnj3d2PiT0Yir59S8eEAf3Fh0iDuw==
 
 "@babel/code-frame@^7.0.0", "@babel/code-frame@^7.8.3":
   version "7.8.3"
@@ -216,16 +216,16 @@
   dependencies:
     "@babel/highlight" "^7.8.3"
 
-"@babel/compat-data@^7.8.6", "@babel/compat-data@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/compat-data/-/compat-data-7.9.0.tgz#04815556fc90b0c174abd2c0c1bb966faa036a6c"
-  integrity sha512-zeFQrr+284Ekvd9e7KAX954LkapWiOmQtsfHirhxqfdlX6MEC32iRE+pqUGlYIBchdevaCwvzxWGSy/YBNI85g==
+"@babel/compat-data@^7.9.0", "@babel/compat-data@^7.9.6":
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/compat-data/-/compat-data-7.9.6.tgz#3f604c40e420131affe6f2c8052e9a275ae2049b"
+  integrity sha512-5QPTrNen2bm7RBc7dsOmcA5hbrS4O2Vhmk5XOL4zWW/zD/hV0iinpefDlkm+tBBy8kDtFaaeEvmAqt+nURAV2g==
   dependencies:
-    browserslist "^4.9.1"
+    browserslist "^4.11.1"
     invariant "^2.2.4"
     semver "^5.5.0"
 
-"@babel/core@7.9.0", "@babel/core@^7.7.5":
+"@babel/core@7.9.0":
   version "7.9.0"
   resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.9.0.tgz#ac977b538b77e132ff706f3b8a4dbad09c03c56e"
   integrity sha512-kWc7L0fw1xwvI0zi8OKVBuxRVefwGOrKSQMvrQ3dW+bIIavBY3/NpXmpjMy7bQnLgwgzWQZ8TlM57YHpHNHz4w==
@@ -247,6 +247,28 @@
     semver "^5.4.1"
     source-map "^0.5.0"
 
+"@babel/core@^7.7.5":
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.9.6.tgz#d9aa1f580abf3b2286ef40b6904d390904c63376"
+  integrity sha512-nD3deLvbsApbHAHttzIssYqgb883yU/d9roe4RZymBCDaZryMJDbptVpEpeQuRh4BJ+SYI8le9YGxKvFEvl1Wg==
+  dependencies:
+    "@babel/code-frame" "^7.8.3"
+    "@babel/generator" "^7.9.6"
+    "@babel/helper-module-transforms" "^7.9.0"
+    "@babel/helpers" "^7.9.6"
+    "@babel/parser" "^7.9.6"
+    "@babel/template" "^7.8.6"
+    "@babel/traverse" "^7.9.6"
+    "@babel/types" "^7.9.6"
+    convert-source-map "^1.7.0"
+    debug "^4.1.0"
+    gensync "^1.0.0-beta.1"
+    json5 "^2.1.2"
+    lodash "^4.17.13"
+    resolve "^1.3.2"
+    semver "^5.4.1"
+    source-map "^0.5.0"
+
 "@babel/generator@7.9.3":
   version "7.9.3"
   resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.9.3.tgz#7c8b2956c6f68b3ab732bd16305916fbba521d94"
@@ -257,12 +279,12 @@
     lodash "^4.17.13"
     source-map "^0.5.0"
 
-"@babel/generator@^7.9.0":
-  version "7.9.4"
-  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.9.4.tgz#12441e90c3b3c4159cdecf312075bf1a8ce2dbce"
-  integrity sha512-rjP8ahaDy/ouhrvCoU1E5mqaitWrxwuNGU+dy1EpaoK48jZay4MdkskKGIMHLZNewg8sAsqpGSREJwP0zH3YQA==
+"@babel/generator@^7.9.0", "@babel/generator@^7.9.6":
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.9.6.tgz#5408c82ac5de98cda0d77d8124e99fa1f2170a43"
+  integrity sha512-+htwWKJbH2bL72HRluF8zumBxzuX0ZZUFl3JLNyoUjM/Ho8wnVpPXM6aUz8cfKDqQ/h7zHqKt4xzJteUosckqQ==
   dependencies:
-    "@babel/types" "^7.9.0"
+    "@babel/types" "^7.9.6"
     jsesc "^2.5.1"
     lodash "^4.17.13"
     source-map "^0.5.0"
@@ -283,12 +305,12 @@
     "@babel/types" "^7.8.3"
 
 "@babel/helper-compilation-targets@^7.8.7":
-  version "7.8.7"
-  resolved "https://registry.yarnpkg.com/@babel/helper-compilation-targets/-/helper-compilation-targets-7.8.7.tgz#dac1eea159c0e4bd46e309b5a1b04a66b53c1dde"
-  integrity sha512-4mWm8DCK2LugIS+p1yArqvG1Pf162upsIsjE7cNBjez+NjliQpVhj20obE520nao0o14DaTnFJv+Fw5a0JpoUw==
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/helper-compilation-targets/-/helper-compilation-targets-7.9.6.tgz#1e05b7ccc9d38d2f8b40b458b380a04dcfadd38a"
+  integrity sha512-x2Nvu0igO0ejXzx09B/1fGBxY9NXQlBW2kZsSxCJft+KHN8t9XWzIvFxtPHnBOAXpVsdxZKZFbRUC8TsNKajMw==
   dependencies:
-    "@babel/compat-data" "^7.8.6"
-    browserslist "^4.9.1"
+    "@babel/compat-data" "^7.9.6"
+    browserslist "^4.11.1"
     invariant "^2.2.4"
     levenary "^1.1.1"
     semver "^5.5.0"
@@ -319,14 +341,14 @@
     "@babel/traverse" "^7.8.3"
     "@babel/types" "^7.8.3"
 
-"@babel/helper-function-name@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-function-name/-/helper-function-name-7.8.3.tgz#eeeb665a01b1f11068e9fb86ad56a1cb1a824cca"
-  integrity sha512-BCxgX1BC2hD/oBlIFUgOCQDOPV8nSINxCwM3o93xP4P9Fq6aV5sgv2cOOITDMtCfQ+3PvHp3l689XZvAM9QyOA==
+"@babel/helper-function-name@^7.8.3", "@babel/helper-function-name@^7.9.5":
+  version "7.9.5"
+  resolved "https://registry.yarnpkg.com/@babel/helper-function-name/-/helper-function-name-7.9.5.tgz#2b53820d35275120e1874a82e5aabe1376920a5c"
+  integrity sha512-JVcQZeXM59Cd1qanDUxv9fgJpt3NeKUaqBqUEvfmQ+BCOKq2xUgaWZW2hr0dkbyJgezYuplEoh5knmrnS68efw==
   dependencies:
     "@babel/helper-get-function-arity" "^7.8.3"
     "@babel/template" "^7.8.3"
-    "@babel/types" "^7.8.3"
+    "@babel/types" "^7.9.5"
 
 "@babel/helper-get-function-arity@^7.8.3":
   version "7.8.3"
@@ -400,14 +422,14 @@
     "@babel/types" "^7.8.3"
 
 "@babel/helper-replace-supers@^7.8.3", "@babel/helper-replace-supers@^7.8.6":
-  version "7.8.6"
-  resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.8.6.tgz#5ada744fd5ad73203bf1d67459a27dcba67effc8"
-  integrity sha512-PeMArdA4Sv/Wf4zXwBKPqVj7n9UF/xg6slNRtZW84FM7JpE1CbG8B612FyM4cxrf4fMAMGO0kR7voy1ForHHFA==
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.9.6.tgz#03149d7e6a5586ab6764996cd31d6981a17e1444"
+  integrity sha512-qX+chbxkbArLyCImk3bWV+jB5gTNU/rsze+JlcF6Nf8tVTigPJSI1o1oBow/9Resa1yehUO9lIipsmu9oG4RzA==
   dependencies:
     "@babel/helper-member-expression-to-functions" "^7.8.3"
     "@babel/helper-optimise-call-expression" "^7.8.3"
-    "@babel/traverse" "^7.8.6"
-    "@babel/types" "^7.8.6"
+    "@babel/traverse" "^7.9.6"
+    "@babel/types" "^7.9.6"
 
 "@babel/helper-simple-access@^7.8.3":
   version "7.8.3"
@@ -424,10 +446,10 @@
   dependencies:
     "@babel/types" "^7.8.3"
 
-"@babel/helper-validator-identifier@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.9.0.tgz#ad53562a7fc29b3b9a91bbf7d10397fd146346ed"
-  integrity sha512-6G8bQKjOh+of4PV/ThDm/rRqlU7+IGoJuofpagU5GlEl29Vv0RGqqt86ZGRV8ZuSOY3o+8yXl5y782SMcG7SHw==
+"@babel/helper-validator-identifier@^7.9.0", "@babel/helper-validator-identifier@^7.9.5":
+  version "7.9.5"
+  resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.9.5.tgz#90977a8e6fbf6b431a7dc31752eee233bf052d80"
+  integrity sha512-/8arLKUFq882w4tWGj9JYzRpAlZgiWUJ+dtteNTDqrRBz9Iguck9Rn3ykuBDoUwh2TO4tSAJlrxDUOXWklJe4g==
 
 "@babel/helper-wrap-function@^7.8.3":
   version "7.8.3"
@@ -439,14 +461,14 @@
     "@babel/traverse" "^7.8.3"
     "@babel/types" "^7.8.3"
 
-"@babel/helpers@^7.9.0":
-  version "7.9.2"
-  resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.9.2.tgz#b42a81a811f1e7313b88cba8adc66b3d9ae6c09f"
-  integrity sha512-JwLvzlXVPjO8eU9c/wF9/zOIN7X6h8DYf7mG4CiFRZRvZNKEF5dQ3H3V+ASkHoIB3mWhatgl5ONhyqHRI6MppA==
+"@babel/helpers@^7.9.0", "@babel/helpers@^7.9.6":
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.9.6.tgz#092c774743471d0bb6c7de3ad465ab3d3486d580"
+  integrity sha512-tI4bUbldloLcHWoRUMAj4g1bF313M/o6fBKhIsb3QnGVPwRm9JsNf/gqMkQ7zjqReABiffPV6RWj7hEglID5Iw==
   dependencies:
     "@babel/template" "^7.8.3"
-    "@babel/traverse" "^7.9.0"
-    "@babel/types" "^7.9.0"
+    "@babel/traverse" "^7.9.6"
+    "@babel/types" "^7.9.6"
 
 "@babel/highlight@^7.8.3":
   version "7.9.0"
@@ -457,10 +479,10 @@
     chalk "^2.0.0"
     js-tokens "^4.0.0"
 
-"@babel/parser@^7.7.5", "@babel/parser@^7.8.6", "@babel/parser@^7.9.0":
-  version "7.9.4"
-  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.9.4.tgz#68a35e6b0319bbc014465be43828300113f2f2e8"
-  integrity sha512-bC49otXX6N0/VYhgOMh4gnP26E9xnDZK3TmbNpxYzzz9BQLBosQwfyOe9/cXUU3txYhTzLCbcqd5c8y/OmCjHA==
+"@babel/parser@^7.8.6", "@babel/parser@^7.9.0", "@babel/parser@^7.9.6":
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.9.6.tgz#3b1bbb30dabe600cd72db58720998376ff653bc7"
+  integrity sha512-AoeIEJn8vt+d/6+PXDRPaksYhnlbMIiejioBZvvMQsOjW/JYK6k/0dKnvvP3EhK5GfMBWDPtrxRtegWdAcdq9Q==
 
 "@babel/plugin-proposal-async-generator-functions@^7.8.3":
   version "7.8.3"
@@ -504,12 +526,13 @@
     "@babel/plugin-syntax-numeric-separator" "^7.8.3"
 
 "@babel/plugin-proposal-object-rest-spread@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.9.0.tgz#a28993699fc13df165995362693962ba6b061d6f"
-  integrity sha512-UgqBv6bjq4fDb8uku9f+wcm1J7YxJ5nT7WO/jBr0cl0PLKb7t1O6RNR1kZbjgx2LQtsDI9hwoQVmn0yhXeQyow==
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.9.6.tgz#7a093586fcb18b08266eb1a7177da671ac575b63"
+  integrity sha512-Ga6/fhGqA9Hj+y6whNpPv8psyaK5xzrQwSPsGPloVkvmH+PqW1ixdnfJ9uIO06OjQNYol3PMnfmJ8vfZtkzF+A==
   dependencies:
     "@babel/helper-plugin-utils" "^7.8.3"
     "@babel/plugin-syntax-object-rest-spread" "^7.8.0"
+    "@babel/plugin-transform-parameters" "^7.9.5"
 
 "@babel/plugin-proposal-optional-catch-binding@^7.8.3":
   version "7.8.3"
@@ -630,13 +653,13 @@
     lodash "^4.17.13"
 
 "@babel/plugin-transform-classes@^7.9.0":
-  version "7.9.2"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-classes/-/plugin-transform-classes-7.9.2.tgz#8603fc3cc449e31fdbdbc257f67717536a11af8d"
-  integrity sha512-TC2p3bPzsfvSsqBZo0kJnuelnoK9O3welkUpqSqBQuBF6R5MN2rysopri8kNvtlGIb2jmUO7i15IooAZJjZuMQ==
+  version "7.9.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-classes/-/plugin-transform-classes-7.9.5.tgz#800597ddb8aefc2c293ed27459c1fcc935a26c2c"
+  integrity sha512-x2kZoIuLC//O5iA7PEvecB105o7TLzZo8ofBVhP79N+DO3jaX+KYfww9TQcfBEZD0nikNyYcGB1IKtRq36rdmg==
   dependencies:
     "@babel/helper-annotate-as-pure" "^7.8.3"
     "@babel/helper-define-map" "^7.8.3"
-    "@babel/helper-function-name" "^7.8.3"
+    "@babel/helper-function-name" "^7.9.5"
     "@babel/helper-optimise-call-expression" "^7.8.3"
     "@babel/helper-plugin-utils" "^7.8.3"
     "@babel/helper-replace-supers" "^7.8.6"
@@ -651,9 +674,9 @@
     "@babel/helper-plugin-utils" "^7.8.3"
 
 "@babel/plugin-transform-destructuring@^7.8.3":
-  version "7.8.8"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.8.8.tgz#fadb2bc8e90ccaf5658de6f8d4d22ff6272a2f4b"
-  integrity sha512-eRJu4Vs2rmttFCdhPUM3bV0Yo/xPSdPw6ML9KHs/bjB4bLA5HXlbvYXPOD5yASodGod+krjYx21xm1QmL8dCJQ==
+  version "7.9.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.9.5.tgz#72c97cf5f38604aea3abf3b935b0e17b1db76a50"
+  integrity sha512-j3OEsGel8nHL/iusv/mRd5fYZ3DrOxWC82x0ogmdN/vHfAP4MYw+AFKYanzWlktNwikKvlzUV//afBW5FTp17Q==
   dependencies:
     "@babel/helper-plugin-utils" "^7.8.3"
 
@@ -710,33 +733,33 @@
     "@babel/helper-plugin-utils" "^7.8.3"
 
 "@babel/plugin-transform-modules-amd@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.9.0.tgz#19755ee721912cf5bb04c07d50280af3484efef4"
-  integrity sha512-vZgDDF003B14O8zJy0XXLnPH4sg+9X5hFBBGN1V+B2rgrB+J2xIypSN6Rk9imB2hSTHQi5OHLrFWsZab1GMk+Q==
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.9.6.tgz#8539ec42c153d12ea3836e0e3ac30d5aae7b258e"
+  integrity sha512-zoT0kgC3EixAyIAU+9vfaUVKTv9IxBDSabgHoUCBP6FqEJ+iNiN7ip7NBKcYqbfUDfuC2mFCbM7vbu4qJgOnDw==
   dependencies:
     "@babel/helper-module-transforms" "^7.9.0"
     "@babel/helper-plugin-utils" "^7.8.3"
-    babel-plugin-dynamic-import-node "^2.3.0"
+    babel-plugin-dynamic-import-node "^2.3.3"
 
 "@babel/plugin-transform-modules-commonjs@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.9.0.tgz#e3e72f4cbc9b4a260e30be0ea59bdf5a39748940"
-  integrity sha512-qzlCrLnKqio4SlgJ6FMMLBe4bySNis8DFn1VkGmOcxG9gqEyPIOzeQrA//u0HAKrWpJlpZbZMPB1n/OPa4+n8g==
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.9.6.tgz#64b7474a4279ee588cacd1906695ca721687c277"
+  integrity sha512-7H25fSlLcn+iYimmsNe3uK1at79IE6SKW9q0/QeEHTMC9MdOZ+4bA+T1VFB5fgOqBWoqlifXRzYD0JPdmIrgSQ==
   dependencies:
     "@babel/helper-module-transforms" "^7.9.0"
     "@babel/helper-plugin-utils" "^7.8.3"
     "@babel/helper-simple-access" "^7.8.3"
-    babel-plugin-dynamic-import-node "^2.3.0"
+    babel-plugin-dynamic-import-node "^2.3.3"
 
 "@babel/plugin-transform-modules-systemjs@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.9.0.tgz#e9fd46a296fc91e009b64e07ddaa86d6f0edeb90"
-  integrity sha512-FsiAv/nao/ud2ZWy4wFacoLOm5uxl0ExSQ7ErvP7jpoihLR6Cq90ilOFyX9UXct3rbtKsAiZ9kFt5XGfPe/5SQ==
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.9.6.tgz#207f1461c78a231d5337a92140e52422510d81a4"
+  integrity sha512-NW5XQuW3N2tTHim8e1b7qGy7s0kZ2OH3m5octc49K1SdAKGxYxeIx7hiIz05kS1R2R+hOWcsr1eYwcGhrdHsrg==
   dependencies:
     "@babel/helper-hoist-variables" "^7.8.3"
     "@babel/helper-module-transforms" "^7.9.0"
     "@babel/helper-plugin-utils" "^7.8.3"
-    babel-plugin-dynamic-import-node "^2.3.0"
+    babel-plugin-dynamic-import-node "^2.3.3"
 
 "@babel/plugin-transform-modules-umd@^7.9.0":
   version "7.9.0"
@@ -768,10 +791,10 @@
     "@babel/helper-plugin-utils" "^7.8.3"
     "@babel/helper-replace-supers" "^7.8.3"
 
-"@babel/plugin-transform-parameters@^7.8.7":
-  version "7.9.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.9.3.tgz#3028d0cc20ddc733166c6e9c8534559cee09f54a"
-  integrity sha512-fzrQFQhp7mIhOzmOtPiKffvCYQSK10NR8t6BBz2yPbeUHb9OLW8RZGtgDRBn8z2hGcwvKDL3vC7ojPTLNxmqEg==
+"@babel/plugin-transform-parameters@^7.8.7", "@babel/plugin-transform-parameters@^7.9.5":
+  version "7.9.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.9.5.tgz#173b265746f5e15b2afe527eeda65b73623a0795"
+  integrity sha512-0+1FhHnMfj6lIIhVvS4KGQJeuhe1GI//h5uptK4PvLt+BGBxsoUJbd3/IW002yk//6sZPlFgsG1hY6OHLcy6kA==
   dependencies:
     "@babel/helper-get-function-arity" "^7.8.3"
     "@babel/helper-plugin-utils" "^7.8.3"
@@ -920,13 +943,13 @@
     esutils "^2.0.2"
 
 "@babel/runtime@^7.8.4":
-  version "7.9.2"
-  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.9.2.tgz#d90df0583a3a252f09aaa619665367bae518db06"
-  integrity sha512-NE2DtOdufG7R5vnfQUTehdTfNycfUANEtCa9PssN9O/xmTzP4E08UI797ixaei6hBEVL9BI/PsdJS5x7mWoB9Q==
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.9.6.tgz#a9102eb5cadedf3f31d08a9ecf294af7827ea29f"
+  integrity sha512-64AF1xY3OAkFHqOb9s4jpgk1Mm5vDZ4L3acHvAml+53nO1XbXLuDodsVpO4OIUsmemlUHMxNdYMNJmsvOwLrvQ==
   dependencies:
     regenerator-runtime "^0.13.4"
 
-"@babel/template@7.8.6", "@babel/template@^7.7.4", "@babel/template@^7.8.3", "@babel/template@^7.8.6":
+"@babel/template@7.8.6", "@babel/template@^7.8.3", "@babel/template@^7.8.6":
   version "7.8.6"
   resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.8.6.tgz#86b22af15f828dfb086474f964dcc3e39c43ce2b"
   integrity sha512-zbMsPMy/v0PWFZEhQJ66bqjhH+z0JgMoBWuikXybgG3Gkd/3t5oQ1Rw2WQhnSrsOmsKXnZOx15tkC4qON/+JPg==
@@ -935,27 +958,27 @@
     "@babel/parser" "^7.8.6"
     "@babel/types" "^7.8.6"
 
-"@babel/traverse@^7.7.4", "@babel/traverse@^7.8.3", "@babel/traverse@^7.8.6", "@babel/traverse@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.9.0.tgz#d3882c2830e513f4fe4cec9fe76ea1cc78747892"
-  integrity sha512-jAZQj0+kn4WTHO5dUZkZKhbFrqZE7K5LAQ5JysMnmvGij+wOdr+8lWqPeW0BcF4wFwrEXXtdGO7wcV6YPJcf3w==
+"@babel/traverse@^7.8.3", "@babel/traverse@^7.9.0", "@babel/traverse@^7.9.6":
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.9.6.tgz#5540d7577697bf619cc57b92aa0f1c231a94f442"
+  integrity sha512-b3rAHSjbxy6VEAvlxM8OV/0X4XrG72zoxme6q1MOoe2vd0bEc+TwayhuC1+Dfgqh1QEG+pj7atQqvUprHIccsg==
   dependencies:
     "@babel/code-frame" "^7.8.3"
-    "@babel/generator" "^7.9.0"
-    "@babel/helper-function-name" "^7.8.3"
+    "@babel/generator" "^7.9.6"
+    "@babel/helper-function-name" "^7.9.5"
     "@babel/helper-split-export-declaration" "^7.8.3"
-    "@babel/parser" "^7.9.0"
-    "@babel/types" "^7.9.0"
+    "@babel/parser" "^7.9.6"
+    "@babel/types" "^7.9.6"
     debug "^4.1.0"
     globals "^11.1.0"
     lodash "^4.17.13"
 
-"@babel/types@^7.4.4", "@babel/types@^7.8.3", "@babel/types@^7.8.6", "@babel/types@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.9.0.tgz#00b064c3df83ad32b2dbf5ff07312b15c7f1efb5"
-  integrity sha512-BS9JKfXkzzJl8RluW4JGknzpiUV7ZrvTayM6yfqLTVBEnFtyowVIOu6rqxRd5cVO6yGoWf4T8u8dgK9oB+GCng==
+"@babel/types@^7.4.4", "@babel/types@^7.8.3", "@babel/types@^7.8.6", "@babel/types@^7.9.0", "@babel/types@^7.9.5", "@babel/types@^7.9.6":
+  version "7.9.6"
+  resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.9.6.tgz#2c5502b427251e9de1bd2dff95add646d95cc9f7"
+  integrity sha512-qxXzvBO//jO9ZnoasKF1uJzHd2+M6Q2ZPIVfnFps8JJvXy0ZBbwbNOmE6SGIY5XOY6d1Bo5lb9d9RJ8nv3WSeA==
   dependencies:
-    "@babel/helper-validator-identifier" "^7.9.0"
+    "@babel/helper-validator-identifier" "^7.9.5"
     lodash "^4.17.13"
     to-fast-properties "^2.0.0"
 
@@ -975,84 +998,44 @@
     merge-source-map "^1.1.0"
     schema-utils "^2.6.4"
 
-"@ngtools/webpack@9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@ngtools/webpack/-/webpack-9.1.0.tgz#c082d9e64e5900189e4612f657d68e5b81ae277c"
-  integrity sha512-kQ+1N/F+5tuUXiiaoqJwhcOIM0I93EEvF3xwpTLRm91wl2i8R1261LvsD/uQPrgLrZNGR6eFhFF1Izn2PnIjQA==
+"@ngtools/webpack@9.1.6":
+  version "9.1.6"
+  resolved "https://registry.yarnpkg.com/@ngtools/webpack/-/webpack-9.1.6.tgz#7fa8763d4e128a4e371bafa9328a64cf1de246dd"
+  integrity sha512-W/9kENoiYARDGXqXSmOekQddUlQUVxfYP7JgQwqdg7JYktIpThicbV/iLBChZwWnmn9mb7MDw1IPeUTkZzrO2Q==
   dependencies:
-    "@angular-devkit/core" "9.1.0"
+    "@angular-devkit/core" "9.1.6"
     enhanced-resolve "4.1.1"
     rxjs "6.5.4"
     webpack-sources "1.4.3"
 
-"@npmcli/ci-detect@^1.0.0":
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/@npmcli/ci-detect/-/ci-detect-1.2.0.tgz#0df142a1ac3bba6cbf2e9da1a6994cd898e32c95"
-  integrity sha512-JtktVH7ASBVIWsQTFlFpeOzhBJskvoBCTfeeRhhZy7ybATcUvwiwotZ8j5rkqUUyB69lIy/AvboiiiGBjYBKBA==
-
-"@npmcli/git@^2.0.1":
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/@npmcli/git/-/git-2.0.1.tgz#d7ecaa9c945de6bb1af5a7e6ea634771193c168b"
-  integrity sha512-hVatexiBtx71F01Ars38Hr5AFUGmJgHAfQtRlO5fJlnAawRGSXwEFgjB5i3XdUUmElZU/RXy7fefN02dZKxgPw==
-  dependencies:
-    "@npmcli/promise-spawn" "^1.1.0"
-    mkdirp "^1.0.3"
-    npm-pick-manifest "^6.0.0"
-    promise-inflight "^1.0.1"
-    promise-retry "^1.1.1"
-    unique-filename "^1.1.1"
-    which "^2.0.2"
-
-"@npmcli/installed-package-contents@^1.0.5":
-  version "1.0.5"
-  resolved "https://registry.yarnpkg.com/@npmcli/installed-package-contents/-/installed-package-contents-1.0.5.tgz#cc78565e55d9f14d46acf46a96f70934e516fa3d"
-  integrity sha512-aKIwguaaqb6ViwSOFytniGvLPb9SMCUm39TgM3SfUo7n0TxUMbwoXfpwyvQ4blm10lzbAwTsvjr7QZ85LvTi4A==
-  dependencies:
-    npm-bundled "^1.1.1"
-    npm-normalize-package-bin "^1.0.1"
-    read-package-json-fast "^1.1.1"
-    readdir-scoped-modules "^1.1.0"
-
-"@npmcli/promise-spawn@^1.1.0":
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/@npmcli/promise-spawn/-/promise-spawn-1.1.0.tgz#660009a5c54209142ec7c469c190d212834b6087"
-  integrity sha512-FwbuYN9KXBkloLeIR3xRgI8dyOdfK/KzaJlChszNuwmUXD1lHXfLlSeo4n4KrKt2udIK9K9/TzlnyCA3ubM2fA==
-  dependencies:
-    infer-owner "^1.0.4"
-
 "@saritasa/tslint-config-angular@^2.0.0":
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/@saritasa/tslint-config-angular/-/tslint-config-angular-2.0.0.tgz#9e76c98081b1bc54c260e1c27abd5cd4ef8d2525"
   integrity sha512-zs7nOOgxOA3WpNeRLS2Qcuu0BHU/GN/n9Kfbv//w0fzZinxeZKMaLOOnDcSlq4JGgOp6AbVJeCR8l50enwEasQ==
 
-"@schematics/angular@9.1.0":
-  version "9.1.0"
-  resolved "https://registry.yarnpkg.com/@schematics/angular/-/angular-9.1.0.tgz#fc0ad9099d3c3be3044d6b3f260cac6eb9f3e564"
-  integrity sha512-qkehaITQ1S1udfnnBY5CXGWnk1iVFI8cZayjLUlRfD5w+6v9if3VIuqPssX96MqvkbjyRu1N214+ieaawzLmuA==
+"@schematics/angular@9.1.6":
+  version "9.1.6"
+  resolved "https://registry.yarnpkg.com/@schematics/angular/-/angular-9.1.6.tgz#411b45174b3900dc79d061a86aec8539894dd06b"
+  integrity sha512-Q9lPTf1/pXBWuFOLzwtrU88Gwkfn9JLiSb45xSQZ771cCD68tZyL4V9fH+u7139y3H3ID2xebMs7WiddAERLyw==
   dependencies:
-    "@angular-devkit/core" "9.1.0"
-    "@angular-devkit/schematics" "9.1.0"
+    "@angular-devkit/core" "9.1.6"
+    "@angular-devkit/schematics" "9.1.6"
 
-"@schematics/update@0.901.0":
-  version "0.901.0"
-  resolved "https://registry.yarnpkg.com/@schematics/update/-/update-0.901.0.tgz#3e08231354f2c414c7d5b3bde1d9f7c08c664a74"
-  integrity sha512-u2VESL1dgOSGZK/wcWEz0WcCU/yv764zhzCQerCwUtbV1CISSSDZ6x+prVYDXOdxWBGtDos2MbCF3GEJJI1T+w==
+"@schematics/update@0.901.6":
+  version "0.901.6"
+  resolved "https://registry.yarnpkg.com/@schematics/update/-/update-0.901.6.tgz#a6bf0ec294983373ec8e9d675d50e8b44c6a7bc7"
+  integrity sha512-fKDjD/nGOsrPglOeMVNW+/wa8t73XBrsVneaLg3qmWp6c80JQAxwryE+3MTnBP7apZCLR2YZlKySbY54gLRs6w==
   dependencies:
-    "@angular-devkit/core" "9.1.0"
-    "@angular-devkit/schematics" "9.1.0"
+    "@angular-devkit/core" "9.1.6"
+    "@angular-devkit/schematics" "9.1.6"
     "@yarnpkg/lockfile" "1.1.0"
     ini "1.3.5"
     npm-package-arg "^8.0.0"
-    pacote "11.1.4"
+    pacote "9.5.12"
     rxjs "6.5.4"
     semver "7.1.3"
     semver-intersect "1.4.0"
 
-"@tootallnate/once@1":
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/@tootallnate/once/-/once-1.0.0.tgz#9c13c2574c92d4503b005feca8f2e16cc1611506"
-  integrity sha512-KYyTT/T6ALPkIRd2Ge080X/BsXvy9O0hcWTtMWkPvwAwF99+vn6Dv4GzrFT/Nn1LePr+FFDbRXXlqmsy9lw2zA==
-
 "@types/color-name@^1.1.1":
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/@types/color-name/-/color-name-1.1.1.tgz#1c1261bbeaa10a8055bbc5d8ab84b7b2afc846a0"
@@ -1078,19 +1061,19 @@
   integrity sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA==
 
 "@types/node@*":
-  version "13.9.8"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-13.9.8.tgz#09976420fc80a7a00bf40680c63815ed8c7616f4"
-  integrity sha512-1WgO8hsyHynlx7nhP1kr0OFzsgKz5XDQL+Lfc3b1Q3qIln/n8cKD4m09NJ0+P1Rq7Zgnc7N0+SsMnoD1rEb0kA==
+  version "14.0.1"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.0.1.tgz#5d93e0a099cd0acd5ef3d5bde3c086e1f49ff68c"
+  integrity sha512-FAYBGwC+W6F9+huFIDtn43cpy7+SzG+atzRiTfdp3inUKL2hXnd4rG8hylJLIh4+hqrQy1P17kvJByE/z825hA==
 
 "@types/node@^12.11.1":
-  version "12.12.34"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-12.12.34.tgz#0a5d6ae5d22612f0cf5f10320e1fc5d2a745dcb8"
-  integrity sha512-BneGN0J9ke24lBRn44hVHNeDlrXRYF+VRp0HbSUNnEZahXGAysHZIqnf/hER6aabdBgzM4YOV4jrR8gj4Zfi0g==
+  version "12.12.39"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-12.12.39.tgz#532d25c1e639d89dd6f3aa1d7b3962e3e7fa943d"
+  integrity sha512-pADGfwnDkr6zagDwEiCVE4yQrv7XDkoeVa4OfA9Ju/zRTk6YNDLGtQbkdL4/56mCQQCs4AhNrBIag6jrp7ZuOg==
 
 "@types/q@^1.5.1":
-  version "1.5.2"
-  resolved "https://registry.yarnpkg.com/@types/q/-/q-1.5.2.tgz#690a1475b84f2a884fd07cd797c00f5f31356ea8"
-  integrity sha512-ce5d3q03Ex0sy4R14722Rmt6MT07Ua+k4FwDfdcToYJcMKNtRVQvJ6JCAPdAmAnbRb6CsX6aYb9m96NGod9uTw==
+  version "1.5.4"
+  resolved "https://registry.yarnpkg.com/@types/q/-/q-1.5.4.tgz#15925414e0ad2cd765bfef58842f7e26a7accb24"
+  integrity sha512-1HcDas8SEj4z1Wc696tH56G8OlRaH/sqZOynNNB+HF0WOeXPaxTtbYzJY2oEfiUxjSKjhCKr+MvR7dCHcEelug==
 
 "@types/source-list-map@*":
   version "0.1.2"
@@ -1098,9 +1081,9 @@
   integrity sha512-K5K+yml8LTo9bWJI/rECfIPrGgxdpeNbj+d53lwN4QjW1MCwlkhUms+gtdzigTeUyBr09+u8BwOIY3MXvHdcsA==
 
 "@types/vis@^4.21.9":
-  version "4.21.19"
-  resolved "https://registry.yarnpkg.com/@types/vis/-/vis-4.21.19.tgz#e1ad964deed4d1a5499312410e2ce19693378a78"
-  integrity sha512-SzD6R7pg3TcpzIj+F++ez83WuWhOZ+D05LCbjCaVR41NbMpS6xAdc8lActRK3Cwd9cv5LmoCeN5SAsvXIeAseg==
+  version "4.21.20"
+  resolved "https://registry.yarnpkg.com/@types/vis/-/vis-4.21.20.tgz#b2153ac61dd7fda481857025ca1ef1556038ef11"
+  integrity sha512-3bejsXnnszmUq6bX55QkkoqkulWJcJ7Z/RgjsUFT1HsWIa1EGmsX/bl3DCyCXnKcxwciOjYvH4szY9KA1miNXw==
   dependencies:
     moment ">=2.13.0"
 
@@ -1274,10 +1257,13 @@
   resolved "https://registry.yarnpkg.com/@yarnpkg/lockfile/-/lockfile-1.1.0.tgz#e77a97fbd345b76d83245edcd17d393b1b41fb31"
   integrity sha512-GpSwvyXOcOOlV70vbnzjj4fW5xW/FdUF6nQEt1ENy7m4ZCczi1+/buVUPAqmGfqznsORNFzUMjctTIp8a9tuCQ==
 
-abbrev@1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/abbrev/-/abbrev-1.1.1.tgz#f8f2c887ad10bf67f634f005b6987fed3179aac8"
-  integrity sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q==
+JSONStream@^1.3.4:
+  version "1.3.5"
+  resolved "https://registry.yarnpkg.com/JSONStream/-/JSONStream-1.3.5.tgz#3208c1f08d3a4d99261ab64f92302bc15e111ca0"
+  integrity sha512-E+iruNOY8VV9s4JEbe1aNEm6MiszPRr/UfcHMz0TQh1BXSxHK+ASV1R6W4HpjBhSeS+54PIsAMCBmwD06LLsqQ==
+  dependencies:
+    jsonparse "^1.2.0"
+    through ">=2.2.7 <3"
 
 accepts@~1.3.4, accepts@~1.3.5, accepts@~1.3.7:
   version "1.3.7"
@@ -1288,29 +1274,34 @@ accepts@~1.3.4, accepts@~1.3.5, accepts@~1.3.7:
     negotiator "0.6.2"
 
 ace-builds@^1.4.2:
-  version "1.4.9"
-  resolved "https://registry.yarnpkg.com/ace-builds/-/ace-builds-1.4.9.tgz#2b9b020706871f30e97f5510af891149f144d3d8"
-  integrity sha512-6I+uUDsj9AKu45VgJvloplr2DtGXRxsXNfdV9TypDkDi9MBiIV+oRNFJAf0g1b42Er3fgaVzMbLBxCeJQYNtSA==
+  version "1.4.11"
+  resolved "https://registry.yarnpkg.com/ace-builds/-/ace-builds-1.4.11.tgz#b1f19a891afcef1d26522473082baf80067e855f"
+  integrity sha512-keACH1d7MvAh72fE/us36WQzOFQPJbHphNpj33pXwVZOM84pTWcdFzIAvngxOGIGLTm7gtUP2eJ4Ku6VaPo8bw==
 
 acorn@^6.2.1:
   version "6.4.1"
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-6.4.1.tgz#531e58ba3f51b9dacb9a6646ca4debf5b14ca474"
   integrity sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==
 
-agent-base@6:
-  version "6.0.0"
-  resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-6.0.0.tgz#5d0101f19bbfaed39980b22ae866de153b93f09a"
-  integrity sha512-j1Q7cSCqN+AwrmDd+pzgqc0/NpC655x2bUf5ZjRIO77DcNBFmh+OgRNzF6OKdCC9RSCb19fGd99+bhXFdkRNqw==
+agent-base@4, agent-base@^4.3.0:
+  version "4.3.0"
+  resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-4.3.0.tgz#8165f01c436009bccad0b1d122f05ed770efc6ee"
+  integrity sha512-salcGninV0nPrwpGNn4VTXBb1SOuXQBiqbrNXoeizJsHrsL6ERFM2Ne3JUSBWRE6aeNJI2ROP/WEEIDUiDe3cg==
   dependencies:
-    debug "4"
+    es6-promisify "^5.0.0"
 
-agentkeepalive@^4.1.0:
-  version "4.1.0"
-  resolved "https://registry.yarnpkg.com/agentkeepalive/-/agentkeepalive-4.1.0.tgz#a48e040ed16745dd29ce923675f60c9c90f39ee0"
-  integrity sha512-CW/n1wxF8RpEuuiq6Vbn9S8m0VSYDMnZESqaJ6F2cWN9fY8rei2qaxweIaRgq+ek8TqfoFIsUjaGNKGGEHElSg==
+agent-base@~4.2.1:
+  version "4.2.1"
+  resolved "https://registry.yarnpkg.com/agent-base/-/agent-base-4.2.1.tgz#d89e5999f797875674c07d87f260fc41e83e8ca9"
+  integrity sha512-JVwXMr9nHYTUXsBFKUqhJwvlcYU/blreOEUkhNR2eXZIvwd+c+o5V4MgDPKWnMS/56awN3TRzIP+KoPn+roQtg==
+  dependencies:
+    es6-promisify "^5.0.0"
+
+agentkeepalive@^3.4.1:
+  version "3.5.2"
+  resolved "https://registry.yarnpkg.com/agentkeepalive/-/agentkeepalive-3.5.2.tgz#a113924dd3fa24a0bc3b78108c450c2abee00f67"
+  integrity sha512-e0L/HNe6qkQ7H19kTlRRqUibEAwDK5AFk6y3PtMsuut2VAH6+Q4xZml1tNDJD7kSAyqmbG/K08K5WEJYtUrSlQ==
   dependencies:
-    debug "^4.1.0"
-    depd "^1.1.2"
     humanize-ms "^1.2.1"
 
 aggregate-error@^3.0.0:
@@ -1331,7 +1322,7 @@ ajv-keywords@^3.1.0, ajv-keywords@^3.4.1:
   resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.4.1.tgz#ef916e271c64ac12171fd8384eaae6b2345854da"
   integrity sha512-RO1ibKvd27e6FEShVFfPALuHI3WjSVNeK5FIsmme/LYRNxjKuNj+Dt7bucLa6NdSv3JcVTyMlm9kGR84z1XpaQ==
 
-ajv@6.12.0, ajv@^6.1.0, ajv@^6.10.2, ajv@^6.12.0, ajv@^6.5.5:
+ajv@6.12.0:
   version "6.12.0"
   resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.0.tgz#06d60b96d87b8454a5adaba86e7854da629db4b7"
   integrity sha512-D6gFiFA0RRLyUbvijN74DWAjXSFxWKaWP7mldxkVhyhAV3+SWA9HEJPHQ2c9soIeTFJqcSdFDGFgdqs1iUU2Hw==
@@ -1341,6 +1332,16 @@ ajv@6.12.0, ajv@^6.1.0, ajv@^6.10.2, ajv@^6.12.0, ajv@^6.5.5:
     json-schema-traverse "^0.4.1"
     uri-js "^4.2.2"
 
+ajv@^6.1.0, ajv@^6.10.2, ajv@^6.12.0, ajv@^6.5.5:
+  version "6.12.2"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.2.tgz#c629c5eced17baf314437918d2da88c99d5958cd"
+  integrity sha512-k+V+hzjm5q/Mr8ef/1Y9goCmlsK4I6Sm74teeyGvFk1XrOsbsKLjEdrvny42CZ+a8sXbk8KWpY/bDwS+FLL2UQ==
+  dependencies:
+    fast-deep-equal "^3.1.1"
+    fast-json-stable-stringify "^2.0.0"
+    json-schema-traverse "^0.4.1"
+    uri-js "^4.2.2"
+
 alphanum-sort@^1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/alphanum-sort/-/alphanum-sort-1.0.2.tgz#97a1119649b211ad33691d9f9f486a8ec9fbe0a3"
@@ -1419,19 +1420,11 @@ app-root-path@^2.2.1:
   resolved "https://registry.yarnpkg.com/app-root-path/-/app-root-path-2.2.1.tgz#d0df4a682ee408273583d43f6f79e9892624bc9a"
   integrity sha512-91IFKeKk7FjfmezPKkwtaRvSpnUc4gDwPAjA1YZ9Gn0q0PPeW+vbeUsZuyDwjI7+QTHhcLen2v25fi/AmhvbJA==
 
-aproba@^1.0.3, aproba@^1.1.1:
+aproba@^1.1.1:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/aproba/-/aproba-1.2.0.tgz#6802e6264efd18c790a1b0d517f0f2627bf2c94a"
   integrity sha512-Y9J6ZjXtoYh8RnXVCMOU/ttDmk1aBjunq9vO0ta5x85WDQiQfUF9sIPBITdbiiIVcBo03Hi3jMxigBtsddlXRw==
 
-are-we-there-yet@~1.1.2:
-  version "1.1.5"
-  resolved "https://registry.yarnpkg.com/are-we-there-yet/-/are-we-there-yet-1.1.5.tgz#4b35c2944f062a8bfcda66410760350fe9ddfc21"
-  integrity sha512-5hYdAkZlcG8tOLujVDTgCT+uPX0VnpAH28gWsLfzpXYm7wP6mp5Q/gYyR7YQ0cKVJcXJnl3j2kpBan13PtQf6w==
-  dependencies:
-    delegates "^1.0.0"
-    readable-stream "^2.0.6"
-
 argparse@^1.0.7:
   version "1.0.10"
   resolved "https://registry.yarnpkg.com/argparse/-/argparse-1.0.10.tgz#bcd6791ea5ae09725e17e5ad988134cd40b3d911"
@@ -1578,7 +1571,7 @@ autoprefixer@9.7.4:
     postcss "^7.0.26"
     postcss-value-parser "^4.0.2"
 
-available-typed-arrays@^1.0.0, available-typed-arrays@^1.0.1:
+available-typed-arrays@^1.0.0, available-typed-arrays@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.2.tgz#6b098ca9d8039079ee3f77f7b783c4480ba513f5"
   integrity sha512-XWX3OX8Onv97LMk/ftVyBibpGwY5a8SmuxZPzeOxqmuEqUCOM9ZE+uIaD1VNJ5QnvU2UQusvmKbuM1FR8QWGfQ==
@@ -1612,10 +1605,10 @@ babel-loader@8.0.6:
     mkdirp "^0.5.1"
     pify "^4.0.1"
 
-babel-plugin-dynamic-import-node@^2.3.0:
-  version "2.3.0"
-  resolved "https://registry.yarnpkg.com/babel-plugin-dynamic-import-node/-/babel-plugin-dynamic-import-node-2.3.0.tgz#f00f507bdaa3c3e3ff6e7e5e98d90a7acab96f7f"
-  integrity sha512-o6qFkpeQEBxcqt0XYlWzAVxNCSCZdUgcR8IRlhD/8DylxjjO4foPcvTW0GGKa/cVt3rvxZ7o5ippJ+/0nvLhlQ==
+babel-plugin-dynamic-import-node@^2.3.3:
+  version "2.3.3"
+  resolved "https://registry.yarnpkg.com/babel-plugin-dynamic-import-node/-/babel-plugin-dynamic-import-node-2.3.3.tgz#84fda19c976ec5c6defef57f9427b3def66e17a3"
+  integrity sha512-jZVI+s9Zg3IqA/kdi0i6UDCybUI3aSBLnglhYbSSjKlV7yF1F/5LWv8MakQmvYpnbJDS6fcBL2KzHSxNCMtWSQ==
   dependencies:
     object.assign "^4.1.0"
 
@@ -1676,16 +1669,21 @@ bindings@^1.5.0:
   dependencies:
     file-uri-to-path "1.0.0"
 
-bluebird@^3.5.5:
+bluebird@^3.5.1, bluebird@^3.5.3, bluebird@^3.5.5:
   version "3.7.2"
   resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f"
   integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==
 
-bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.1.1, bn.js@^4.4.0:
+bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.4.0:
   version "4.11.8"
   resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.8.tgz#2cde09eb5ee341f484746bb0309b3253b1b1442f"
   integrity sha512-ItfYfPLkWHUjckQCk8xC+LwxgK8NYcXywGigJgSwOP8Y2iyWT4f2vsZnoOXTTbo+o5yXmIUJ4gn5538SO5S3gA==
 
+bn.js@^5.1.1:
+  version "5.1.1"
+  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-5.1.1.tgz#48efc4031a9c4041b9c99c6941d903463ab62eb5"
+  integrity sha512-IUTD/REb78Z2eodka1QZyyEk66pciRcP6Sroka0aI3tG/iwIdYLrBD62RsubR7vqdt3WyX8p4jxeatzmRSphtA==
+
 body-parser@1.19.0:
   version "1.19.0"
   resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.19.0.tgz#96b2709e57c9c4e09a6fd66a8fd979844f69f08a"
@@ -1720,9 +1718,9 @@ boolbase@^1.0.0, boolbase@~1.0.0:
   integrity sha1-aN/1++YMUes3cl6p4+0xDcwed24=
 
 bootstrap@^4.2.1:
-  version "4.4.1"
-  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.4.1.tgz#8582960eea0c5cd2bede84d8b0baf3789c3e8b01"
-  integrity sha512-tbx5cHubwE6e2ZG7nqM3g/FZ5PQEDMWmMGNrCUBVRPHXTJaH7CBDdsLeu3eCh3B1tzAxTnAbtmrzvWEvT2NNEA==
+  version "4.5.0"
+  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.5.0.tgz#97d9dbcb5a8972f8722c9962483543b907d9b9ec"
+  integrity sha512-Z93QoXvodoVslA+PWNdk23Hze4RBYIkpb5h8I2HY2Tu2h7A0LpAgLcyrhrSUyo2/Oxm2l1fRZPs1e5hnxnliXA==
 
 brace-expansion@^1.1.7:
   version "1.1.11"
@@ -1796,7 +1794,7 @@ browserify-des@^1.0.0:
     inherits "^2.0.1"
     safe-buffer "^5.1.2"
 
-browserify-rsa@^4.0.0:
+browserify-rsa@^4.0.0, browserify-rsa@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/browserify-rsa/-/browserify-rsa-4.0.1.tgz#21e0abfaf6f2029cf2fafb133567a701d4135524"
   integrity sha1-IeCr+vbyApzy+vsTNWenAdQTVSQ=
@@ -1805,17 +1803,19 @@ browserify-rsa@^4.0.0:
     randombytes "^2.0.1"
 
 browserify-sign@^4.0.0:
-  version "4.0.4"
-  resolved "https://registry.yarnpkg.com/browserify-sign/-/browserify-sign-4.0.4.tgz#aa4eb68e5d7b658baa6bf6a57e630cbd7a93d298"
-  integrity sha1-qk62jl17ZYuqa/alfmMMvXqT0pg=
-  dependencies:
-    bn.js "^4.1.1"
-    browserify-rsa "^4.0.0"
-    create-hash "^1.1.0"
-    create-hmac "^1.1.2"
-    elliptic "^6.0.0"
-    inherits "^2.0.1"
-    parse-asn1 "^5.0.0"
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/browserify-sign/-/browserify-sign-4.2.0.tgz#545d0b1b07e6b2c99211082bf1b12cce7a0b0e11"
+  integrity sha512-hEZC1KEeYuoHRqhGhTy6gWrpJA3ZDjFWv0DE61643ZnOXAKJb3u7yWcrU0mMc9SwAqK1n7myPGndkp0dFG7NFA==
+  dependencies:
+    bn.js "^5.1.1"
+    browserify-rsa "^4.0.1"
+    create-hash "^1.2.0"
+    create-hmac "^1.1.7"
+    elliptic "^6.5.2"
+    inherits "^2.0.4"
+    parse-asn1 "^5.1.5"
+    readable-stream "^3.6.0"
+    safe-buffer "^5.2.0"
 
 browserify-zlib@^0.2.0:
   version "0.2.0"
@@ -1824,13 +1824,13 @@ browserify-zlib@^0.2.0:
   dependencies:
     pako "~1.0.5"
 
-browserslist@^4.0.0, browserslist@^4.8.3, browserslist@^4.9.1:
-  version "4.11.1"
-  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.11.1.tgz#92f855ee88d6e050e7e7311d987992014f1a1f1b"
-  integrity sha512-DCTr3kDrKEYNw6Jb9HFxVLQNaue8z+0ZfRBRjmCunKDEXEBajKDj2Y+Uelg+Pi29OnvaSGwjOsnRyNEkXzHg5g==
+browserslist@^4.0.0, browserslist@^4.11.1, browserslist@^4.8.3, browserslist@^4.8.5, browserslist@^4.9.1:
+  version "4.12.0"
+  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.12.0.tgz#06c6d5715a1ede6c51fc39ff67fd647f740b656d"
+  integrity sha512-UH2GkcEDSI0k/lRkuDSzFl9ZZ87skSy9w2XAn1MsZnL+4c4rqbBd3e82UWHbYDpztABrPBhZsTEeuxVfHppqDg==
   dependencies:
-    caniuse-lite "^1.0.30001038"
-    electron-to-chromium "^1.3.390"
+    caniuse-lite "^1.0.30001043"
+    electron-to-chromium "^1.3.413"
     node-releases "^1.1.53"
     pkg-up "^2.0.0"
 
@@ -1883,7 +1883,7 @@ bytes@3.1.0:
   resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.1.0.tgz#f6cf7933a360e0588fa9fde85651cdc7f805d1f6"
   integrity sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg==
 
-cacache@15.0.0, cacache@^15.0.0:
+cacache@15.0.0:
   version "15.0.0"
   resolved "https://registry.yarnpkg.com/cacache/-/cacache-15.0.0.tgz#133b59edbd2a37ea8ef2d54964c6f247e47e5059"
   integrity sha512-L0JpXHhplbJSiDGzyJJnJCTL7er7NzbBgxzVqLswEb4bO91Zbv17OUMuUeu/q0ZwKn3V+1HM4wb9tO4eVE/K8g==
@@ -1906,7 +1906,7 @@ cacache@15.0.0, cacache@^15.0.0:
     tar "^6.0.1"
     unique-filename "^1.1.1"
 
-cacache@^12.0.2, cacache@^12.0.3:
+cacache@^12.0.0, cacache@^12.0.2, cacache@^12.0.3:
   version "12.0.4"
   resolved "https://registry.yarnpkg.com/cacache/-/cacache-12.0.4.tgz#668bcbd105aeb5f1d92fe25570ec9525c8faa40c"
   integrity sha512-a0tMB40oefvuInr4Cwb3GerbL9xTj1D5yg0T5xrjGCGyfvbxseIXX7BAO/u/hIXdafzOI5JC3wDwHyf24buOAQ==
@@ -1985,7 +1985,7 @@ callsites@^2.0.0:
   resolved "https://registry.yarnpkg.com/callsites/-/callsites-2.0.0.tgz#06eb84f00eea413da86affefacbffb36093b3c50"
   integrity sha1-BuuE8A7qQT2oav/vrL/7Ngk7PFA=
 
-camelcase@^5.0.0:
+camelcase@^5.0.0, camelcase@^5.3.1:
   version "5.3.1"
   resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320"
   integrity sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==
@@ -2000,10 +2000,10 @@ caniuse-api@^3.0.0:
     lodash.memoize "^4.1.2"
     lodash.uniq "^4.5.0"
 
-caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001020, caniuse-lite@^1.0.30001032, caniuse-lite@^1.0.30001038:
-  version "1.0.30001038"
-  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001038.tgz#44da3cbca2ab6cb6aa83d1be5d324e17f141caff"
-  integrity sha512-zii9quPo96XfOiRD4TrfYGs+QsGZpb2cGiMAzPjtf/hpFgB6zCPZgJb7I1+EATeMw/o+lG8FyRAnI+CWStHcaQ==
+caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001020, caniuse-lite@^1.0.30001032, caniuse-lite@^1.0.30001043:
+  version "1.0.30001062"
+  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001062.tgz#d814b648338504b315222ace6f1a533d9a55e390"
+  integrity sha512-ei9ZqeOnN7edDrb24QfJ0OZicpEbsWxv7WusOiQGz/f2SfvBgHHbOEwBJ8HKGVSyx8Z6ndPjxzR6m0NQq+0bfw==
 
 canonical-path@1.0.0:
   version "1.0.0"
@@ -2037,10 +2037,10 @@ chardet@^0.7.0:
   resolved "https://registry.yarnpkg.com/chardet/-/chardet-0.7.0.tgz#90094849f0937f2eedc2425d0d28a9e5f0cbad9e"
   integrity sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==
 
-"chokidar@>=2.0.0 <4.0.0", chokidar@^3.0.0:
-  version "3.3.1"
-  resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.3.1.tgz#c84e5b3d18d9a4d77558fef466b1bf16bbeb3450"
-  integrity sha512-4QYCEWOcK3OJrxwvyyAOxFuhpvOVCYkr33LPfFNBjAD/w3sEzWsp2BUOkI4l9bHvWioAd0rc6NlHUOEaWkTeqg==
+"chokidar@>=2.0.0 <4.0.0", chokidar@^3.0.0, chokidar@^3.4.0:
+  version "3.4.0"
+  resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.4.0.tgz#b30611423ce376357c765b9b8f904b9fba3c0be8"
+  integrity sha512-aXAaho2VJtisB/1fg1+3nlLJqGOuewTzQpd/Tz0yTg2R0e4IGtshYvtjowyEumcBv2z+y4+kc75Mz7j5xJskcQ==
   dependencies:
     anymatch "~3.1.1"
     braces "~3.0.2"
@@ -2048,7 +2048,7 @@ chardet@^0.7.0:
     is-binary-path "~2.1.0"
     is-glob "~4.0.1"
     normalize-path "~3.0.0"
-    readdirp "~3.3.0"
+    readdirp "~3.4.0"
   optionalDependencies:
     fsevents "~2.1.2"
 
@@ -2071,11 +2071,16 @@ chokidar@^2.1.8:
   optionalDependencies:
     fsevents "^1.2.7"
 
-chownr@^1.1.1, chownr@^1.1.2, chownr@^1.1.3, chownr@^1.1.4:
+chownr@^1.1.1, chownr@^1.1.2:
   version "1.1.4"
   resolved "https://registry.yarnpkg.com/chownr/-/chownr-1.1.4.tgz#6fc9d7b42d32a583596337666e7d08084da2cc6b"
   integrity sha512-jJ0bqzaylmJtVnNgzTeSOs8DPavpbYgEr/b0YL8/2GO3xJEhInFmhKMUnEJQjZumK7KXGFhUy89PrsJWlakBVg==
 
+chownr@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/chownr/-/chownr-2.0.0.tgz#15bfbe53d2eab4cf70f18a8cd68ebe5b3cb1dece"
+  integrity sha512-bIomtDF5KGpdogkLd9VspvFzk9KfpyyGlS8YFVZl7TGPBHL5snIOnxeshwVgPteQ9b4Eydl+pVbIyE1DcvCWgQ==
+
 chrome-trace-event@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/chrome-trace-event/-/chrome-trace-event-1.0.2.tgz#234090ee97c7d4ad1a2c4beae27505deffc608a4"
@@ -2119,14 +2124,14 @@ cli-cursor@^3.1.0:
     restore-cursor "^3.1.0"
 
 cli-spinners@^2.2.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/cli-spinners/-/cli-spinners-2.2.0.tgz#e8b988d9206c692302d8ee834e7a85c0144d8f77"
-  integrity sha512-tgU3fKwzYjiLEQgPMD9Jt+JjHVL9kW93FiIMX/l7rivvOD4/LL0Mf7gda3+4U2KJBloybwgj5KEoQgGRioMiKQ==
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/cli-spinners/-/cli-spinners-2.3.0.tgz#0632239a4b5aa4c958610142c34bb7a651fc8df5"
+  integrity sha512-Xs2Hf2nzrvJMFKimOR7YR0QwZ8fc0u98kdtwN1eNAZzNQgH3vK2pXzff6GJtKh7S5hoJ87ECiAiZFS2fb5Ii2w==
 
 cli-width@^2.0.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.2.0.tgz#ff19ede8a9a5e579324147b0c11f0fbcbabed639"
-  integrity sha1-/xnt6Kml5XkyQUewwR8PvLq+1jk=
+  version "2.2.1"
+  resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.2.1.tgz#b0433d0b4e9c847ef18868a4ef16fd5fc8271c48"
+  integrity sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw==
 
 cliui@^4.0.0:
   version "4.1.0"
@@ -2309,11 +2314,6 @@ console-browserify@^1.1.0:
   resolved "https://registry.yarnpkg.com/console-browserify/-/console-browserify-1.2.0.tgz#67063cef57ceb6cf4993a2ab3a55840ae8c49336"
   integrity sha512-ZMkYO/LkF17QvCPqM0gxw8yUzigAOZOSWSHg91FH6orS7vcEj5dVZTidN2fQ14yBSdg97RqhSNwLUXInd52OTA==
 
-console-control-strings@^1.0.0, console-control-strings@~1.1.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/console-control-strings/-/console-control-strings-1.1.0.tgz#3d7cf4464db6446ea644bf4b39507f9851008e8e"
-  integrity sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4=
-
 constants-browserify@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/constants-browserify/-/constants-browserify-1.0.0.tgz#c20b96d8c617748aaf1c16021760cd27fcb8cb75"
@@ -2384,18 +2384,23 @@ copy-webpack-plugin@5.1.1:
     webpack-log "^2.0.0"
 
 core-js-compat@^3.6.2:
-  version "3.6.4"
-  resolved "https://registry.yarnpkg.com/core-js-compat/-/core-js-compat-3.6.4.tgz#938476569ebb6cda80d339bcf199fae4f16fff17"
-  integrity sha512-zAa3IZPvsJ0slViBQ2z+vgyyTuhd3MFn1rBQjZSKVEgB0UMYhUkCj9jJUVPgGTGqWvsBVmfnruXgTcNyTlEiSA==
+  version "3.6.5"
+  resolved "https://registry.yarnpkg.com/core-js-compat/-/core-js-compat-3.6.5.tgz#2a51d9a4e25dfd6e690251aa81f99e3c05481f1c"
+  integrity sha512-7ItTKOhOZbznhXAQ2g/slGg1PJV5zDO/WdkTwi7UEOJmkvsE32PWvx6mKtDjiMpjnR2CNf6BAD6sSxIlv7ptng==
   dependencies:
-    browserslist "^4.8.3"
+    browserslist "^4.8.5"
     semver "7.0.0"
 
-core-js@3.6.4, core-js@^3.6.4:
+core-js@3.6.4:
   version "3.6.4"
   resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.6.4.tgz#440a83536b458114b9cb2ac1580ba377dc470647"
   integrity sha512-4paDGScNgZP2IXXilaffL9X7968RuvwlkK3xWtZRVqgd8SYNiVKRJvkFd1aqqEuPfN7E68ZHEp9hDj6lHj4Hyw==
 
+core-js@^3.6.4:
+  version "3.6.5"
+  resolved "https://registry.yarnpkg.com/core-js/-/core-js-3.6.5.tgz#7395dc273af37fb2e50e9bd3d9fe841285231d1a"
+  integrity sha512-vZVEEwZoIsI+vPEuoF9Iqf5H7/M3eeQqWlQnYa8FSKKePuYTf5MWnxb5SDAzCa60b3JBRS5g9b+Dq7b1y/RCrA==
+
 core-util-is@1.0.2, core-util-is@~1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/core-util-is/-/core-util-is-1.0.2.tgz#b5fd54220aa2bc5ab57aab7140c940754503c1a7"
@@ -2419,7 +2424,7 @@ create-ecdh@^4.0.0:
     bn.js "^4.1.0"
     elliptic "^6.0.0"
 
-create-hash@^1.1.0, create-hash@^1.1.2:
+create-hash@^1.1.0, create-hash@^1.1.2, create-hash@^1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/create-hash/-/create-hash-1.2.0.tgz#889078af11a63756bcfb59bd221996be3a9ef196"
   integrity sha512-z00bCGNHDG8mHAkP7CtT1qVu+bFQUPjYq/4Iv3C3kWjTFV10zIjfSoeqXo9Asws8gwSHDGj/hl2u4OGIjapeCg==
@@ -2430,7 +2435,7 @@ create-hash@^1.1.0, create-hash@^1.1.2:
     ripemd160 "^2.0.1"
     sha.js "^2.4.0"
 
-create-hmac@^1.1.0, create-hmac@^1.1.2, create-hmac@^1.1.4:
+create-hmac@^1.1.0, create-hmac@^1.1.4, create-hmac@^1.1.7:
   version "1.1.7"
   resolved "https://registry.yarnpkg.com/create-hmac/-/create-hmac-1.1.7.tgz#69170c78b3ab957147b2b8b04572e47ead2243ff"
   integrity sha512-MJG9liiZ+ogc4TzUwuvbER1JRdgvUFSB5+VR/g5h82fGaIRWMWddtKBHi7/sVhfjQZ6SehlyhvQYrcYkaUIpLg==
@@ -2483,6 +2488,25 @@ css-declaration-sorter@^4.0.1:
     postcss "^7.0.1"
     timsort "^0.3.0"
 
+css-loader@3.5.1:
+  version "3.5.1"
+  resolved "https://registry.yarnpkg.com/css-loader/-/css-loader-3.5.1.tgz#db2b2336f4169edb68e6a829ad4fd36552647b77"
+  integrity sha512-0G4CbcZzQ9D1Q6ndOfjFuMDo8uLYMu5vc9Abs5ztyHcKvmil6GJrMiNjzzi3tQvUF+mVRuDg7bE6Oc0Prolgig==
+  dependencies:
+    camelcase "^5.3.1"
+    cssesc "^3.0.0"
+    icss-utils "^4.1.1"
+    loader-utils "^1.2.3"
+    normalize-path "^3.0.0"
+    postcss "^7.0.27"
+    postcss-modules-extract-imports "^2.0.0"
+    postcss-modules-local-by-default "^3.0.2"
+    postcss-modules-scope "^2.2.0"
+    postcss-modules-values "^3.0.0"
+    postcss-value-parser "^4.0.3"
+    schema-utils "^2.6.5"
+    semver "^6.3.0"
+
 css-parse@~2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/css-parse/-/css-parse-2.0.0.tgz#a468ee667c16d81ccf05c58c38d2a97c780dbfd4"
@@ -2656,27 +2680,27 @@ debug@2.6.9, debug@^2.2.0, debug@^2.3.3:
   dependencies:
     ms "2.0.0"
 
-debug@4, debug@4.1.1, debug@^4.1.0, debug@^4.1.1:
+debug@3.1.0, debug@~3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/debug/-/debug-3.1.0.tgz#5bb5a0672628b64149566ba16819e61518c67261"
+  integrity sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==
+  dependencies:
+    ms "2.0.0"
+
+debug@4.1.1, debug@^4.1.0, debug@^4.1.1:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/debug/-/debug-4.1.1.tgz#3b72260255109c6b589cee050f1d516139664791"
   integrity sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==
   dependencies:
     ms "^2.1.1"
 
-debug@^3.0.0, debug@^3.1.1, debug@^3.2.5, debug@^3.2.6:
+debug@^3.0.0, debug@^3.1.0, debug@^3.1.1, debug@^3.2.5:
   version "3.2.6"
   resolved "https://registry.yarnpkg.com/debug/-/debug-3.2.6.tgz#e83d17de16d8a7efb7717edbe5fb10135eee629b"
   integrity sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==
   dependencies:
     ms "^2.1.1"
 
-debug@~3.1.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/debug/-/debug-3.1.0.tgz#5bb5a0672628b64149566ba16819e61518c67261"
-  integrity sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==
-  dependencies:
-    ms "2.0.0"
-
 debuglog@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/debuglog/-/debuglog-1.0.1.tgz#aa24ffb9ac3df9a2351837cfb2d279360cd78492"
@@ -2705,9 +2729,9 @@ deep-equal@^1.0.1:
     regexp.prototype.flags "^1.2.0"
 
 deep-equal@^2.0.1:
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-2.0.2.tgz#e68291e245493ae908ca7190c1deea57a01ed82b"
-  integrity sha512-kX0bjV7tdMuhrhzKPEnVwqfQCuf+IEfN+4Xqv4eKd75xGRyn8yzdQ9ujPY6a221rgJKyQC4KBu1PibDTpa6m9w==
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-2.0.3.tgz#cad1c15277ad78a5c01c49c2dee0f54de8a6a7b0"
+  integrity sha512-Spqdl4H+ky45I9ByyJtXteOm9CaIrPmnIPmOhrkKGNYWeDgCvJ8jNYVCTjChxW4FqGuZnLHADc8EKRMX6+CgvA==
   dependencies:
     es-abstract "^1.17.5"
     es-get-iterator "^1.1.0"
@@ -2715,18 +2739,14 @@ deep-equal@^2.0.1:
     is-date-object "^1.0.2"
     is-regex "^1.0.5"
     isarray "^2.0.5"
-    object-is "^1.0.2"
+    object-is "^1.1.2"
     object-keys "^1.1.1"
+    object.assign "^4.1.0"
     regexp.prototype.flags "^1.3.0"
     side-channel "^1.0.2"
     which-boxed-primitive "^1.0.1"
     which-collection "^1.0.1"
-    which-typed-array "^1.1.1"
-
-deep-extend@^0.6.0:
-  version "0.6.0"
-  resolved "https://registry.yarnpkg.com/deep-extend/-/deep-extend-0.6.0.tgz#c4fa7c95404a17a9c3e8ca7e1537312b736330ac"
-  integrity sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA==
+    which-typed-array "^1.1.2"
 
 default-gateway@^4.2.0:
   version "4.2.0"
@@ -2790,12 +2810,7 @@ delayed-stream@~1.0.0:
   resolved "https://registry.yarnpkg.com/delayed-stream/-/delayed-stream-1.0.0.tgz#df3ae199acadfb7d440aaae0b29e2272b24ec619"
   integrity sha1-3zrhmayt+31ECqrgsp4icrJOxhk=
 
-delegates@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/delegates/-/delegates-1.0.0.tgz#84c6e159b81904fdca59a0ef44cd870d31250f9a"
-  integrity sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o=
-
-depd@^1.1.2, depd@~1.1.2:
+depd@~1.1.2:
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/depd/-/depd-1.1.2.tgz#9bcd52e14c097763e749b274c4346ed2e560b5a9"
   integrity sha1-m81S4UwJd2PnSbJ0xDRu0uVgtak=
@@ -2818,11 +2833,6 @@ destroy@~1.0.4:
   resolved "https://registry.yarnpkg.com/destroy/-/destroy-1.0.4.tgz#978857442c44749e4206613e37946205826abd80"
   integrity sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA=
 
-detect-libc@^1.0.2:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/detect-libc/-/detect-libc-1.0.3.tgz#fa137c4bd698edf55cd5cd02ac559f91a4c4ba9b"
-  integrity sha1-+hN8S9aY7fVc1c0CrFWfkaTEups=
-
 detect-node@^2.0.4:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/detect-node/-/detect-node-2.0.4.tgz#014ee8f8f669c5c58023da64b8179c083a28c46c"
@@ -2901,9 +2911,9 @@ domelementtype@^2.0.1:
   integrity sha512-5HOHUDsYZWV8FGWN0Njbr/Rn7f/eWSQi1v7+HsUVwXgn8nWWlL64zKDkS0n8ZmQ3mlWOMuXOnR+7Nx/5tMO5AQ==
 
 domino@^2.1.2:
-  version "2.1.4"
-  resolved "https://registry.yarnpkg.com/domino/-/domino-2.1.4.tgz#78922e7fab7c610f35792b6c745b7962d342e9c4"
-  integrity sha512-l70mlQ7IjPKC8kT7GljQXJZmt5OqFL+RE91ik5y5WWQtsd9wP8R7gpFnNu96fK5MqAAZRXfLLsnzKtkty5fWGQ==
+  version "2.1.5"
+  resolved "https://registry.yarnpkg.com/domino/-/domino-2.1.5.tgz#4aa08e395d496c463c3afee1cd0f7173f63eacb5"
+  integrity sha512-vMDo7f6ogUV9PkzmxXLiXzJkJZqU09Le4C40mj+HmAGS/2FPmdetoNOQZXpu2kekn0GJKvtwKMAVoruTj60Xww==
 
 domutils@^1.7.0:
   version "1.7.0"
@@ -2943,12 +2953,12 @@ ee-first@1.1.1:
   resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
   integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=
 
-electron-to-chromium@^1.3.390:
-  version "1.3.392"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.392.tgz#280ab4f7a3ae47419cfabb15dbfc1567be7f1111"
-  integrity sha512-/hsgeVdReDsyTBE0aU9FRdh1wnNPrX3xlz3t61F+CJPOT+Umfi9DXHsCX85TEgWZQqlow0Rw44/4/jbU2Sqgkg==
+electron-to-chromium@^1.3.413:
+  version "1.3.443"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.443.tgz#b01c8933e820a728afc5dde7dd535c53ff55ab11"
+  integrity sha512-ty0LEroTap/xfMy31oQ3XX+Q377QvWvJaha2cmuXcbmBiX2EIB5SNDQ0hp8lhvxj63WG0zOgm/4MQ/oUBdfQqg==
 
-elliptic@^6.0.0:
+elliptic@^6.0.0, elliptic@^6.5.2:
   version "6.5.2"
   resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.2.tgz#05c5678d7173c049d8ca433552224a495d0e3762"
   integrity sha512-f4x70okzZbIQl/NSRLkI/+tteV/9WqL98zx+SQ69KbXxmVrmjwsNUPn/gYJJ0sHvEak24cZgHIPegRePAtA/xw==
@@ -2981,7 +2991,7 @@ encodeurl@~1.0.2:
   resolved "https://registry.yarnpkg.com/encodeurl/-/encodeurl-1.0.2.tgz#ad3ff4c86ec2d029322f5a02c3a9a606c95b3f59"
   integrity sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=
 
-encoding@^0.1.12:
+encoding@^0.1.11:
   version "0.1.12"
   resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb"
   integrity sha1-U4tm8+5izRq1HsMjgp0flIDHS+s=
@@ -3005,9 +3015,9 @@ enhanced-resolve@4.1.1, enhanced-resolve@^4.1.0:
     tapable "^1.0.0"
 
 entities@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/entities/-/entities-2.0.0.tgz#68d6084cab1b079767540d80e56a39b423e4abf4"
-  integrity sha512-D9f7V0JSRwIxlRI2mjMqufDrRDnx8p+eEOz7aUM9SuvF8gsBzra0/6tbjl1m8eQHrZlYj6PxqE00hZ1SAIKPLw==
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/entities/-/entities-2.0.2.tgz#ac74db0bba8d33808bbf36809c3a5c3683531436"
+  integrity sha512-dmD3AvJQBUjKpcNkoqr+x+IF0SdRtPz9Vk0uTy4yWqga9ibB6s4v++QFWNohjiUGoMlF552ZvNyXDxz5iW0qmw==
 
 err-code@^1.0.0:
   version "1.1.2"
@@ -3067,6 +3077,18 @@ es-to-primitive@^1.2.1:
     is-date-object "^1.0.1"
     is-symbol "^1.0.2"
 
+es6-promise@^4.0.3:
+  version "4.2.8"
+  resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-4.2.8.tgz#4eb21594c972bc40553d276e510539143db53e0a"
+  integrity sha512-HJDGx5daxeIvxdBxvG2cb9g4tEvwIk3i8+nhX0yGrYmZUzbkdg8QbDevheDB8gd0//uPj4c1EQua8Q+MViT0/w==
+
+es6-promisify@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/es6-promisify/-/es6-promisify-5.0.0.tgz#5109d62f3e56ea967c4b63505aef08291c8a5203"
+  integrity sha1-UQnWLz5W6pZ8S2NQWu8IKRyKUgM=
+  dependencies:
+    es6-promise "^4.0.3"
+
 escape-html@~1.0.3:
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988"
@@ -3113,9 +3135,9 @@ etag@~1.8.1:
   integrity sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc=
 
 eventemitter3@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-4.0.0.tgz#d65176163887ee59f386d64c82610b696a4a74eb"
-  integrity sha512-qerSRB0p+UDEssxTtm6EDKcE7W4OaoisfIMl4CngyEhjpYglocpNg6UEqCvemdGhosAsg4sO2dXJOdyBifPGCg==
+  version "4.0.4"
+  resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-4.0.4.tgz#b5463ace635a083d018bdc7c917b4c5f10a85384"
+  integrity sha512-rlaVLnVxtxvoyLsQQFBx53YmXHDxRIzzTLbdfxqi4yocpSjAxXwkU0cScM5JgSKMqEhrZpnvQ2D9gjylR0AimQ==
 
 events@^3.0.0:
   version "3.1.0"
@@ -3281,7 +3303,7 @@ faye-websocket@~0.11.1:
   dependencies:
     websocket-driver ">=0.5.1"
 
-figgy-pudding@^3.5.1:
+figgy-pudding@^3.4.1, figgy-pudding@^3.5.1:
   version "3.5.2"
   resolved "https://registry.yarnpkg.com/figgy-pudding/-/figgy-pudding-3.5.2.tgz#b4eee8148abb01dcf1d1ac34367d59e12fa61d6e"
   integrity sha512-0btnI/H8f2pavGMN8w40mlSKOfTK2SVJmBfBeVIj3kNw0swwgzyRq0d5TJVOwodFmtvpPeWPN/MCcfuWF0Ezbw==
@@ -3456,7 +3478,7 @@ fs-minipass@^1.2.5:
   dependencies:
     minipass "^2.6.0"
 
-fs-minipass@^2.0.0, fs-minipass@^2.1.0:
+fs-minipass@^2.0.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/fs-minipass/-/fs-minipass-2.1.0.tgz#7f5036fdbf12c63c169190cbe4199c852271f9fb"
   integrity sha512-V/JgOLFCS+R6Vcq0slCuaeWEdNC3ouDlJMNIsacH2VtALiu9mV4LPrHc5cDl8k5aw6J8jwgWWpiTo5RYhmIzvg==
@@ -3479,36 +3501,27 @@ fs.realpath@^1.0.0:
   integrity sha1-FQStJSMVjKpA20onh8sBQRmU6k8=
 
 fsevents@^1.2.7:
-  version "1.2.12"
-  resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.2.12.tgz#db7e0d8ec3b0b45724fd4d83d43554a8f1f0de5c"
-  integrity sha512-Ggd/Ktt7E7I8pxZRbGIs7vwqAPscSESMrCSkx2FtWeqmheJgCo2R74fTsZFCifr0VTPwqRpPv17+6b8Zp7th0Q==
+  version "1.2.13"
+  resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-1.2.13.tgz#f325cb0455592428bcf11b383370ef70e3bfcc38"
+  integrity sha512-oWb1Z6mkHIskLzEJ/XWX0srkpkTQ7vaopMQkyaEIoq0fmtFVxOthb8cCxeT+p3ynTdkk/RZwbgG4brR5BeWECw==
   dependencies:
     bindings "^1.5.0"
     nan "^2.12.1"
 
 fsevents@~2.1.2:
-  version "2.1.2"
-  resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.1.2.tgz#4c0a1fb34bc68e543b4b82a9ec392bfbda840805"
-  integrity sha512-R4wDiBwZ0KzpgOWetKDug1FZcYhqYnUYKtfZYt4mD5SBz76q0KR4Q9o7GIPamsVPGmW3EYPPJ0dOOjvx32ldZA==
+  version "2.1.3"
+  resolved "https://registry.yarnpkg.com/fsevents/-/fsevents-2.1.3.tgz#fb738703ae8d2f9fe900c33836ddebee8b97f23e"
+  integrity sha512-Auw9a4AxqWpa9GUfj370BMPzzyncfBABW8Mab7BGWBYDj4Isgq+cDKtx0i6u9jcX9pQDnswsaaOTgTmA5pEjuQ==
 
 function-bind@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/function-bind/-/function-bind-1.1.1.tgz#a56899d3ea3c9bab874bb9773b7c5ede92f4895d"
   integrity sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==
 
-gauge@~2.7.3:
-  version "2.7.4"
-  resolved "https://registry.yarnpkg.com/gauge/-/gauge-2.7.4.tgz#2c03405c7538c39d7eb37b317022e325fb018bf7"
-  integrity sha1-LANAXHU4w51+s3sxcCLjJfsBi/c=
-  dependencies:
-    aproba "^1.0.3"
-    console-control-strings "^1.0.0"
-    has-unicode "^2.0.0"
-    object-assign "^4.1.0"
-    signal-exit "^3.0.0"
-    string-width "^1.0.1"
-    strip-ansi "^3.0.1"
-    wide-align "^1.1.0"
+genfun@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/genfun/-/genfun-5.0.0.tgz#9dd9710a06900a5c4a5bf57aca5da4e52fe76537"
+  integrity sha512-KGDOARWVga7+rnB3z9Sd2Letx515owfk0hSxHGuqjANb1M+x2bGZGqHLiozPsYMdM2OubeMni/Hpwmjq6qIUhA==
 
 gensync@^1.0.0-beta.1:
   version "1.0.0-beta.1"
@@ -3525,7 +3538,7 @@ get-caller-file@^2.0.1:
   resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e"
   integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==
 
-get-stream@^4.0.0:
+get-stream@^4.0.0, get-stream@^4.1.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/get-stream/-/get-stream-4.1.0.tgz#c1b255575f3dc21d59bfc79cd3d2b46b1c3a54b5"
   integrity sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==
@@ -3559,7 +3572,7 @@ glob-parent@~5.1.0:
   dependencies:
     is-glob "^4.0.1"
 
-glob@7.1.6, glob@^7.0.3, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6:
+glob@7.1.6, glob@^7.0.3, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4:
   version "7.1.6"
   resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.6.tgz#141f33b81a7c2492e125594307480c46679278a6"
   integrity sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==
@@ -3600,9 +3613,9 @@ globby@^7.1.1:
     slash "^1.0.0"
 
 graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.2.2:
-  version "4.2.3"
-  resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.3.tgz#4a12ff1b60376ef09862c2093edd908328be8423"
-  integrity sha512-a30VEBm4PEdx1dRB7MFK7BejejvCvBronbLjht+sHuGYj8PHs7M/5Z+rt5lw551vZ7yfTCj4Vuyy3mSJytDWRQ==
+  version "4.2.4"
+  resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.4.tgz#2256bde14d3632958c465ebc96dc467ca07a29fb"
+  integrity sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==
 
 hammerjs@^2.0.8:
   version "2.0.8"
@@ -3642,11 +3655,6 @@ has-symbols@^1.0.0, has-symbols@^1.0.1:
   resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.1.tgz#9f5214758a44196c406d9bd76cebf81ec2dd31e8"
   integrity sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg==
 
-has-unicode@^2.0.0:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/has-unicode/-/has-unicode-2.0.1.tgz#e0e6fe6a28cf51138855e086d1691e771de2a8b9"
-  integrity sha1-4Ob+aijPUROIVeCG0Wkedx3iqLk=
-
 has-value@^0.3.1:
   version "0.3.1"
   resolved "https://registry.yarnpkg.com/has-value/-/has-value-0.3.1.tgz#7b1f58bada62ca827ec0a2078025654845995e1f"
@@ -3686,12 +3694,13 @@ has@^1.0.0, has@^1.0.3:
     function-bind "^1.1.1"
 
 hash-base@^3.0.0:
-  version "3.0.4"
-  resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-3.0.4.tgz#5fc8686847ecd73499403319a6b0a3f3f6ae4918"
-  integrity sha1-X8hoaEfs1zSZQDMZprCj8/auSRg=
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/hash-base/-/hash-base-3.1.0.tgz#55c381d9e06e1d2997a883b4a3fddfe7f0d3af33"
+  integrity sha512-1nmYp/rhMDiE7AYkDw+lLwlAzz0AntGIe51F3RfFfEqyQ3feY2eI/NcwC6umIQVOASPMsWJLJScWKSSvzL9IVA==
   dependencies:
-    inherits "^2.0.1"
-    safe-buffer "^5.0.1"
+    inherits "^2.0.4"
+    readable-stream "^3.6.0"
+    safe-buffer "^5.2.0"
 
 hash.js@^1.0.0, hash.js@^1.0.3:
   version "1.1.7"
@@ -3715,7 +3724,7 @@ hmac-drbg@^1.0.0:
     minimalistic-assert "^1.0.0"
     minimalistic-crypto-utils "^1.0.1"
 
-hosted-git-info@^2.1.4:
+hosted-git-info@^2.1.4, hosted-git-info@^2.7.1:
   version "2.8.8"
   resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.8.tgz#7539bd4bc1e0e0a895815a2e0262420b12858488"
   integrity sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==
@@ -3753,14 +3762,14 @@ html-comment-regex@^1.1.0:
   integrity sha512-P+M65QY2JQ5Y0G9KKdlDpo0zK+/OHptU5AaBwUfAIDJZk1MYf32Frm84EcOytfJE0t5JvkAnKlmjsXDnWzCJmQ==
 
 html-entities@^1.2.1:
-  version "1.2.1"
-  resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-1.2.1.tgz#0df29351f0721163515dfb9e5543e5f6eed5162f"
-  integrity sha1-DfKTUfByEWNRXfueVUPl9u7VFi8=
+  version "1.3.1"
+  resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-1.3.1.tgz#fb9a1a4b5b14c5daba82d3e34c6ae4fe701a0e44"
+  integrity sha512-rhE/4Z3hIhzHAUKbW8jVcCyuT5oJCXXqhN/6mXXVCpzTmvJnoH2HL/bt3EZ6p55jbFJBeAe1ZNpL5BugLujxNA==
 
-http-cache-semantics@^4.0.4:
-  version "4.1.0"
-  resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-4.1.0.tgz#49e91c5cbf36c9b94bcfcd71c23d5249ec74e390"
-  integrity sha512-carPklcUh7ROWRK7Cv27RPtdhYhUsela/ue5/jKzjegVvXDqM2ILE9Q2BGn9JZJh1g87cp56su/FgQSzcWS8cQ==
+http-cache-semantics@^3.8.1:
+  version "3.8.1"
+  resolved "https://registry.yarnpkg.com/http-cache-semantics/-/http-cache-semantics-3.8.1.tgz#39b0e16add9b605bf0a9ef3d9daaf4843b4cacd2"
+  integrity sha512-5ai2iksyV8ZXmnZhHH4rWPoxxistEexSi5936zIQ1bnNTW5VnA85B6P/VpXiRM017IgRvb2kKo1a//y+0wSp3w==
 
 http-deceiver@^1.2.7:
   version "1.2.7"
@@ -3804,14 +3813,13 @@ http-errors@~1.7.2:
   resolved "https://registry.yarnpkg.com/http-parser-js/-/http-parser-js-0.4.10.tgz#92c9c1374c35085f75db359ec56cc257cbb93fa4"
   integrity sha1-ksnBN0w1CF912zWexWzCV8u5P6Q=
 
-http-proxy-agent@^4.0.1:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/http-proxy-agent/-/http-proxy-agent-4.0.1.tgz#8a8c8ef7f5932ccf953c296ca8291b95aa74aa3a"
-  integrity sha512-k0zdNgqWTGA6aeIRVpvfVob4fL52dTfaehylg0Y4UvSySvOq/Y+BOyPrgpUrA7HylqvU8vIZGsRuXmspskV0Tg==
+http-proxy-agent@^2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/http-proxy-agent/-/http-proxy-agent-2.1.0.tgz#e4821beef5b2142a2026bd73926fe537631c5405"
+  integrity sha512-qwHbBLV7WviBl0rQsOzH6o5lwyOIvwp/BdFnvVxXORldu5TmjFfjzBcWUWS5kWAZhmv+JtiDhSuQCp4sBfbIgg==
   dependencies:
-    "@tootallnate/once" "1"
-    agent-base "6"
-    debug "4"
+    agent-base "4"
+    debug "3.1.0"
 
 http-proxy-middleware@0.19.1:
   version "0.19.1"
@@ -3824,9 +3832,9 @@ http-proxy-middleware@0.19.1:
     micromatch "^3.1.10"
 
 http-proxy@^1.17.0:
-  version "1.18.0"
-  resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.18.0.tgz#dbe55f63e75a347db7f3d99974f2692a314a6a3a"
-  integrity sha512-84I2iJM/n1d4Hdgc6y2+qY5mDaz2PUVjlg9znE9byl+q0uC3DeByqBGReQu5tpLK0TAqTIXScRUV+dg7+bUPpQ==
+  version "1.18.1"
+  resolved "https://registry.yarnpkg.com/http-proxy/-/http-proxy-1.18.1.tgz#401541f0534884bbf95260334e72f88ee3976549"
+  integrity sha512-7mz/721AbnJwIVbnaSv1Cz3Am0ZLT/UBwkC92VlxhXv/k/BBQfM2fXElQNC27BVGr0uwUpplYPQM9LnaBMR5NQ==
   dependencies:
     eventemitter3 "^4.0.0"
     follow-redirects "^1.0.0"
@@ -3846,13 +3854,13 @@ https-browserify@^1.0.0:
   resolved "https://registry.yarnpkg.com/https-browserify/-/https-browserify-1.0.0.tgz#ec06c10e0a34c0f2faf199f7fd7fc78fffd03c73"
   integrity sha1-7AbBDgo0wPL68Zn3/X/Hj//QPHM=
 
-https-proxy-agent@^5.0.0:
-  version "5.0.0"
-  resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-5.0.0.tgz#e2a90542abb68a762e0a0850f6c9edadfd8506b2"
-  integrity sha512-EkYm5BcKUGiduxzSt3Eppko+PiNWNEpa4ySk9vTC6wDsQJW9rHSa+UhGNJoRYp7bz6Ht1eaRIa6QaJqO5rCFbA==
+https-proxy-agent@^2.2.3:
+  version "2.2.4"
+  resolved "https://registry.yarnpkg.com/https-proxy-agent/-/https-proxy-agent-2.2.4.tgz#4ee7a737abd92678a293d9b34a1af4d0d08c787b"
+  integrity sha512-OmvfoQ53WLjtA9HeYP9RNrWMJzzAz1JGaSFr1nijg0PVR1JaD/xbJq1mdEIIlxGpXp9eSe/O2LgU9DJmTPd0Eg==
   dependencies:
-    agent-base "6"
-    debug "4"
+    agent-base "^4.3.0"
+    debug "^3.1.0"
 
 humanize-ms@^1.2.1:
   version "1.2.1"
@@ -3861,13 +3869,20 @@ humanize-ms@^1.2.1:
   dependencies:
     ms "^2.0.0"
 
-iconv-lite@0.4.24, iconv-lite@^0.4.24, iconv-lite@^0.4.4, iconv-lite@~0.4.13:
+iconv-lite@0.4.24, iconv-lite@^0.4.24, iconv-lite@~0.4.13:
   version "0.4.24"
   resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"
   integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==
   dependencies:
     safer-buffer ">= 2.1.2 < 3"
 
+icss-utils@^4.0.0, icss-utils@^4.1.1:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/icss-utils/-/icss-utils-4.1.1.tgz#21170b53789ee27447c2f47dd683081403f9a467"
+  integrity sha512-4aFq7wvWyMHKgxsH8QQtGpvbASCf+eM3wPRLI6R+MgAnTCZ6STYsRvttLvRWK0Nfif5piF394St3HeJDaljGPA==
+  dependencies:
+    postcss "^7.0.14"
+
 ieee754@^1.1.4:
   version "1.1.13"
   resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.1.13.tgz#ec168558e95aa181fd87d37f55c32bbcb6708b84"
@@ -3878,7 +3893,7 @@ iferr@^0.1.5:
   resolved "https://registry.yarnpkg.com/iferr/-/iferr-0.1.5.tgz#c60eed69e6d8fdb6b3104a1fcbca1c192dc5b501"
   integrity sha1-xg7taebY/bazEEofy8ocGS3FtQE=
 
-ignore-walk@^3.0.1, ignore-walk@^3.0.3:
+ignore-walk@^3.0.1:
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/ignore-walk/-/ignore-walk-3.0.3.tgz#017e2447184bfeade7c238e4aefdd1e8f95b1e37"
   integrity sha512-m7o6xuOaT1aqheYHKf8W6J5pYH85ZI9w077erOzLje3JsB1gkafkAhHHY19dqjulgIZHFm32Cp5uNZgcQqdJKw==
@@ -3953,7 +3968,7 @@ inflight@^1.0.4:
     once "^1.3.0"
     wrappy "1"
 
-inherits@2, inherits@2.0.4, inherits@^2.0.1, inherits@^2.0.3, inherits@~2.0.1, inherits@~2.0.3:
+inherits@2, inherits@2.0.4, inherits@^2.0.1, inherits@^2.0.3, inherits@^2.0.4, inherits@~2.0.1, inherits@~2.0.3:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.4.tgz#0fa2c64f932917c3433a0ded55363aae37416b7c"
   integrity sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==
@@ -3968,7 +3983,7 @@ inherits@2.0.3:
   resolved "https://registry.yarnpkg.com/inherits/-/inherits-2.0.3.tgz#633c2c83e3da42a502f52466022480f4208261de"
   integrity sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=
 
-ini@1.3.5, ini@~1.3.0:
+ini@1.3.5:
   version "1.3.5"
   resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927"
   integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw==
@@ -4212,11 +4227,6 @@ is-interactive@^1.0.0:
   resolved "https://registry.yarnpkg.com/is-interactive/-/is-interactive-1.0.0.tgz#cea6e6ae5c870a7b0a0004070b7b587e0252912e"
   integrity sha512-2HvIEKRoqS62guEC+qBjpvRubdX910WCMuJTZ+I9yvqKU2/12eSL549HMwtabb4oupdj2sMP50k+XJfB/8JE6w==
 
-is-lambda@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/is-lambda/-/is-lambda-1.0.1.tgz#3d9877899e6a53efc0160504cde15f82e6f061d5"
-  integrity sha1-PZh3iZ5qU+/AFgUEzeFfgubwYdU=
-
 is-map@^2.0.1:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/is-map/-/is-map-2.0.1.tgz#520dafc4307bb8ebc33b813de5ce7c9400d644a1"
@@ -4275,11 +4285,6 @@ is-plain-object@^2.0.3, is-plain-object@^2.0.4:
   dependencies:
     isobject "^3.0.1"
 
-is-promise@^2.1.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/is-promise/-/is-promise-2.1.0.tgz#79a2a9ece7f096e80f36d2b2f3bc16c1ff4bf3fa"
-  integrity sha1-eaKp7OfwlugPNtKy87wWwf9L8/o=
-
 is-regex@^1.0.4, is-regex@^1.0.5:
   version "1.0.5"
   resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.0.5.tgz#39d589a358bf18967f726967120b8fc1aed74eae"
@@ -4357,9 +4362,11 @@ is-wsl@^1.1.0:
   integrity sha1-HxbkqiKwTRM2tmGIpmrzxgDDpm0=
 
 is-wsl@^2.1.1:
-  version "2.1.1"
-  resolved "https://registry.yarnpkg.com/is-wsl/-/is-wsl-2.1.1.tgz#4a1c152d429df3d441669498e2486d3596ebaf1d"
-  integrity sha512-umZHcSrwlDHo2TGMXv0DZ8dIUGunZ2Iv68YZnrmCiBPkZ4aaOhtv7pXJKeki9k3qJ3RJr0cDyitcl5wEH3AYog==
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/is-wsl/-/is-wsl-2.2.0.tgz#74a4c76e77ca9fd3f932f290c17ea326cd157271"
+  integrity sha512-fKzAra0rGJUUBwGBgNkHZuToZcn+TtXHpeCgmkMJMMYx1sQDYaCSyjJBSCa2nH1DGm7s3n1oBnohoVTBaN7Lww==
+  dependencies:
+    is-docker "^2.0.0"
 
 isarray@1.0.0, isarray@^1.0.0, isarray@~1.0.0:
   version "1.0.0"
@@ -4399,14 +4406,11 @@ istanbul-lib-coverage@^3.0.0:
   integrity sha512-UiUIqxMgRDET6eR+o5HbfRYP1l0hqkWOs7vNxC/mggutCMUIhWMm8gAHb8tHlyfD3/l6rlgNA5cKdDzEAf6hEg==
 
 istanbul-lib-instrument@^4.0.1:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.1.tgz#61f13ac2c96cfefb076fe7131156cc05907874e6"
-  integrity sha512-imIchxnodll7pvQBYOqUu88EufLCU56LMeFPZZM/fJZ1irYcYdqroaV+ACK1Ila8ls09iEYArp+nqyC6lW1Vfg==
+  version "4.0.3"
+  resolved "https://registry.yarnpkg.com/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz#873c6fff897450118222774696a3f28902d77c1d"
+  integrity sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==
   dependencies:
     "@babel/core" "^7.7.5"
-    "@babel/parser" "^7.7.5"
-    "@babel/template" "^7.7.4"
-    "@babel/traverse" "^7.7.4"
     "@istanbuljs/schema" "^0.1.2"
     istanbul-lib-coverage "^3.0.0"
     semver "^6.3.0"
@@ -4420,17 +4424,17 @@ jest-worker@25.1.0:
     supports-color "^7.0.0"
 
 jest-worker@^25.1.0:
-  version "25.2.1"
-  resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-25.2.1.tgz#209617015c768652646aa33a7828cc2ab472a18a"
-  integrity sha512-IHnpekk8H/hCUbBlfeaPZzU6v75bqwJp3n4dUrQuQOAgOneI4tx3jV2o8pvlXnDfcRsfkFIUD//HWXpCmR+evQ==
+  version "25.5.0"
+  resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-25.5.0.tgz#2611d071b79cea0f43ee57a3d118593ac1547db1"
+  integrity sha512-/dsSmUkIy5EBGfv/IjjqmFxrNAUpBERfGs1oHROyD7yxjG/w+t0GOJDX8O1k32ySmd7+a5IhnJU2qQFcJ4n1vw==
   dependencies:
     merge-stream "^2.0.0"
     supports-color "^7.0.0"
 
-jquery@^3.4.1:
-  version "3.4.1"
-  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.4.1.tgz#714f1f8d9dde4bdfa55764ba37ef214630d80ef2"
-  integrity sha512-36+AdBzCL+y6qjw5Tx7HgzeGCzC81MDDgaUP8ld2zhx58HdqXGoBd+tHdrBMiyjGQs0Hxs/MLZTu/eHNJJuWPw==
+jquery@^3.5.1:
+  version "3.5.1"
+  resolved "https://registry.yarnpkg.com/jquery/-/jquery-3.5.1.tgz#d7b4d08e1bfdb86ad2f1a3d039ea17304717abb5"
+  integrity sha512-XwIBPqcMn57FxfT+Go5pzySnm4KWkT1Tv7gjrpT1srtf8Weynl6R273VJ5GjkRb51IzMp5nbaPjJXMWeju2MKg==
 
 "js-tokens@^3.0.0 || ^4.0.0", js-tokens@^4.0.0:
   version "4.0.0"
@@ -4460,16 +4464,11 @@ jsesc@~0.5.0:
   resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-0.5.0.tgz#e7dee66e35d6fc16f710fe91d5cf69f70f08911d"
   integrity sha1-597mbjXW/Bb3EP6R1c9p9w8IkR0=
 
-json-parse-better-errors@^1.0.1, json-parse-better-errors@^1.0.2:
+json-parse-better-errors@^1.0.0, json-parse-better-errors@^1.0.1, json-parse-better-errors@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz#bb867cfb3450e69107c131d1c514bab3dc8bcaa9"
   integrity sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==
 
-json-parse-even-better-errors@^2.0.1:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-2.2.0.tgz#304d29aa54bb01156a1328c454034ff0ac8a7bf4"
-  integrity sha512-2tLgY7LRNZ9Hd6gmCuBG5/OjRHQpSgJQqJoYyLLOhUgn8LdOYrjaZLcxkWnDads+AD/haWWioPNziXQcgvQJ/g==
-
 json-schema-traverse@^0.4.1:
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660"
@@ -4498,9 +4497,9 @@ json5@^1.0.1:
     minimist "^1.2.0"
 
 json5@^2.1.2:
-  version "2.1.2"
-  resolved "https://registry.yarnpkg.com/json5/-/json5-2.1.2.tgz#43ef1f0af9835dd624751a6b7fa48874fb2d608e"
-  integrity sha512-MoUOQ4WdiN3yxhm7NEVJSJrieAo5hNSLQ5sj05OTRHPL9HOBy8u4Bu88jsC1jvqAdN+E1bJmsUcZH+1HQxliqQ==
+  version "2.1.3"
+  resolved "https://registry.yarnpkg.com/json5/-/json5-2.1.3.tgz#c9b0f7fa9233bfe5807fe66fcf3a5617ed597d43"
+  integrity sha512-KXPvOm8K9IJKFM0bmdn8QXh7udDh1g/giieX0NLCaMnb4hEiVFqnop2ImTXCc5e0/oHz3LTqmHGtExn5hfMkOA==
   dependencies:
     minimist "^1.2.5"
 
@@ -4511,7 +4510,7 @@ jsonfile@^4.0.0:
   optionalDependencies:
     graceful-fs "^4.1.6"
 
-jsonparse@^1.3.1:
+jsonparse@^1.2.0:
   version "1.3.1"
   resolved "https://registry.yarnpkg.com/jsonparse/-/jsonparse-1.3.1.tgz#3f4dae4a91fac315f71062f8521cc239f1366280"
   integrity sha1-P02uSpH6wxX3EGL4UhzCOfE2YoA=
@@ -4694,9 +4693,9 @@ log-symbols@^3.0.0:
     chalk "^2.4.2"
 
 loglevel@^1.6.6:
-  version "1.6.7"
-  resolved "https://registry.yarnpkg.com/loglevel/-/loglevel-1.6.7.tgz#b3e034233188c68b889f5b862415306f565e2c56"
-  integrity sha512-cY2eLFrQSAfVPhCgH1s7JI73tMbg9YC3v3+ZHVW67sBS7UxWzNEk/ZBbSfLykBWHp33dqqtOv82gjhKEi81T/A==
+  version "1.6.8"
+  resolved "https://registry.yarnpkg.com/loglevel/-/loglevel-1.6.8.tgz#8a25fb75d092230ecd4457270d80b54e28011171"
+  integrity sha512-bsU7+gc9AJ2SqpzxwU3+1fedl8zAntbtC5XYlt3s2j1hJcn2PsXSmgN8TaLG/J1/2mod4+cE/3vNL70/c1RNCA==
 
 loose-envify@^1.0.0:
   version "1.4.0"
@@ -4728,32 +4727,28 @@ make-dir@^2.0.0:
     semver "^5.6.0"
 
 make-dir@^3.0.2:
-  version "3.0.2"
-  resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-3.0.2.tgz#04a1acbf22221e1d6ef43559f43e05a90dbb4392"
-  integrity sha512-rYKABKutXa6vXTXhoV18cBE7PaewPXHe/Bdq4v+ZLMhxbWApkFFplT0LcbMW+6BbjnQXzZ/sAvSE/JdguApG5w==
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-3.1.0.tgz#415e967046b3a7f1d185277d84aa58203726a13f"
+  integrity sha512-g3FeP20LNwhALb/6Cz6Dd4F2ngze0jz7tbzrD2wAV+o9FeNHe4rL+yK2md0J/fiSf1sa1ADhXqi5+oVwOM/eGw==
   dependencies:
     semver "^6.0.0"
 
-make-fetch-happen@^8.0.2:
-  version "8.0.4"
-  resolved "https://registry.yarnpkg.com/make-fetch-happen/-/make-fetch-happen-8.0.4.tgz#d3451baf5b43d6230c4eea7009c5aa6b6bccf9d4"
-  integrity sha512-hIFoqGq1db0QMiy/Atr/pI1Rs4rDV+ZdGSey2SQyF3KK3u1z4aj9mS5UdNnZkdQpA+H3pGn0J3KlEwsi2x4EqA==
-  dependencies:
-    agentkeepalive "^4.1.0"
-    cacache "^15.0.0"
-    http-cache-semantics "^4.0.4"
-    http-proxy-agent "^4.0.1"
-    https-proxy-agent "^5.0.0"
-    is-lambda "^1.0.1"
+make-fetch-happen@^5.0.0:
+  version "5.0.2"
+  resolved "https://registry.yarnpkg.com/make-fetch-happen/-/make-fetch-happen-5.0.2.tgz#aa8387104f2687edca01c8687ee45013d02d19bd"
+  integrity sha512-07JHC0r1ykIoruKO8ifMXu+xEU8qOXDFETylktdug6vJDACnP+HKevOu3PXyNPzFyTSlz8vrBYlBO1JZRe8Cag==
+  dependencies:
+    agentkeepalive "^3.4.1"
+    cacache "^12.0.0"
+    http-cache-semantics "^3.8.1"
+    http-proxy-agent "^2.1.0"
+    https-proxy-agent "^2.2.3"
     lru-cache "^5.1.1"
-    minipass "^3.0.0"
-    minipass-collect "^1.0.2"
-    minipass-fetch "^1.1.2"
-    minipass-flush "^1.0.5"
-    minipass-pipeline "^1.2.2"
+    mississippi "^3.0.0"
+    node-fetch-npm "^2.0.2"
     promise-retry "^1.1.1"
-    socks-proxy-agent "^5.0.0"
-    ssri "^8.0.0"
+    socks-proxy-agent "^4.0.0"
+    ssri "^6.0.0"
 
 mamacro@^0.0.3:
   version "0.0.3"
@@ -4882,17 +4877,17 @@ miller-rabin@^4.0.0:
     bn.js "^4.0.0"
     brorand "^1.0.1"
 
-mime-db@1.43.0, "mime-db@>= 1.43.0 < 2":
-  version "1.43.0"
-  resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.43.0.tgz#0a12e0502650e473d735535050e7c8f4eb4fae58"
-  integrity sha512-+5dsGEEovYbT8UY9yD7eE4XTc4UwJ1jBYlgaQQF38ENsKR3wj/8q8RFZrF9WIZpB2V1ArTVFUva8sAul1NzRzQ==
+mime-db@1.44.0, "mime-db@>= 1.43.0 < 2":
+  version "1.44.0"
+  resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.44.0.tgz#fa11c5eb0aca1334b4233cb4d52f10c5a6272f92"
+  integrity sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==
 
 mime-types@^2.1.12, mime-types@~2.1.17, mime-types@~2.1.19, mime-types@~2.1.24:
-  version "2.1.26"
-  resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.26.tgz#9c921fc09b7e149a65dfdc0da4d20997200b0a06"
-  integrity sha512-01paPWYgLrkqAyrlDorC1uDwl2p3qZT7yl806vW7DvDoxwXi46jsjFbg+WdwotBIk6/MbEhO/dh5aZ5sNj/dWQ==
+  version "2.1.27"
+  resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.27.tgz#47949f98e279ea53119f5722e0f34e529bec009f"
+  integrity sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==
   dependencies:
-    mime-db "1.43.0"
+    mime-db "1.44.0"
 
 mime@1.6.0, mime@^1.4.1:
   version "1.6.0"
@@ -4900,9 +4895,9 @@ mime@1.6.0, mime@^1.4.1:
   integrity sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==
 
 mime@^2.4.4:
-  version "2.4.4"
-  resolved "https://registry.yarnpkg.com/mime/-/mime-2.4.4.tgz#bd7b91135fc6b01cde3e9bae33d659b63d8857e5"
-  integrity sha512-LRxmNwziLPT828z+4YkNzloCFC2YM4wrB99k+AV5ZbEyfGNWfG8SO1FUXLmLDBSo89NrJZ4DIWeLjy1CHGhMGA==
+  version "2.4.5"
+  resolved "https://registry.yarnpkg.com/mime/-/mime-2.4.5.tgz#d8de2ecb92982dedbb6541c9b6841d7f218ea009"
+  integrity sha512-3hQhEUF027BuxZjQA3s7rIv/7VCQPa27hN9u9g87sEkWaKwQPuXOkVKtOeiyUrnWqTDiOs8Ed2rwg733mB0R5w==
 
 mimic-fn@^2.0.0, mimic-fn@^2.1.0:
   version "2.1.0"
@@ -4948,18 +4943,6 @@ minipass-collect@^1.0.2:
   dependencies:
     minipass "^3.0.0"
 
-minipass-fetch@^1.1.2, minipass-fetch@^1.2.1:
-  version "1.2.1"
-  resolved "https://registry.yarnpkg.com/minipass-fetch/-/minipass-fetch-1.2.1.tgz#1b97ecb559be56b09812d45b2e9509f1f59ece2f"
-  integrity sha512-ssHt0dkljEDaKmTgQ04DQgx2ag6G2gMPxA5hpcsoeTbfDgRf2fC2gNSRc6kISjD7ckCpHwwQvXxuTBK8402fXg==
-  dependencies:
-    minipass "^3.1.0"
-    minipass-pipeline "^1.2.2"
-    minipass-sized "^1.0.3"
-    minizlib "^2.0.0"
-  optionalDependencies:
-    encoding "^0.1.12"
-
 minipass-flush@^1.0.5:
   version "1.0.5"
   resolved "https://registry.yarnpkg.com/minipass-flush/-/minipass-flush-1.0.5.tgz#82e7135d7e89a50ffe64610a787953c4c4cbb373"
@@ -4967,29 +4950,14 @@ minipass-flush@^1.0.5:
   dependencies:
     minipass "^3.0.0"
 
-minipass-json-stream@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/minipass-json-stream/-/minipass-json-stream-1.0.1.tgz#7edbb92588fbfc2ff1db2fc10397acb7b6b44aa7"
-  integrity sha512-ODqY18UZt/I8k+b7rl2AENgbWE8IDYam+undIJONvigAz8KR5GWblsFTEfQs0WODsjbSXWlm+JHEv8Gr6Tfdbg==
-  dependencies:
-    jsonparse "^1.3.1"
-    minipass "^3.0.0"
-
 minipass-pipeline@^1.2.2:
-  version "1.2.2"
-  resolved "https://registry.yarnpkg.com/minipass-pipeline/-/minipass-pipeline-1.2.2.tgz#3dcb6bb4a546e32969c7ad710f2c79a86abba93a"
-  integrity sha512-3JS5A2DKhD2g0Gg8x3yamO0pj7YeKGwVlDS90pF++kxptwx/F+B//roxf9SqYil5tQo65bijy+dAuAFZmYOouA==
-  dependencies:
-    minipass "^3.0.0"
-
-minipass-sized@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/minipass-sized/-/minipass-sized-1.0.3.tgz#70ee5a7c5052070afacfbc22977ea79def353b70"
-  integrity sha512-MbkQQ2CTiBMlA2Dm/5cY+9SWFEN8pzzOXi6rlM5Xxq0Yqbda5ZQy9sU75a673FE9ZK0Zsbr6Y5iP6u9nktfg2g==
+  version "1.2.3"
+  resolved "https://registry.yarnpkg.com/minipass-pipeline/-/minipass-pipeline-1.2.3.tgz#55f7839307d74859d6e8ada9c3ebe72cec216a34"
+  integrity sha512-cFOknTvng5vqnwOpDsZTWhNll6Jf8o2x+/diplafmxpuIymAjzoOolZG0VvQf3V2HgqzJNhnuKHYp2BqDgz8IQ==
   dependencies:
     minipass "^3.0.0"
 
-minipass@^2.6.0, minipass@^2.8.6, minipass@^2.9.0:
+minipass@^2.3.5, minipass@^2.6.0, minipass@^2.8.6, minipass@^2.9.0:
   version "2.9.0"
   resolved "https://registry.yarnpkg.com/minipass/-/minipass-2.9.0.tgz#e713762e7d3e32fed803115cf93e04bca9fcc9a6"
   integrity sha512-wxfUjg9WebH+CUDX/CdbRlh5SmfZiy/hpkxaRI16Y9W56Pa75sWgd/rvFilSgrauD9NyFymP/+JFV3KwzIsJeg==
@@ -4997,10 +4965,10 @@ minipass@^2.6.0, minipass@^2.8.6, minipass@^2.9.0:
     safe-buffer "^5.1.2"
     yallist "^3.0.0"
 
-minipass@^3.0.0, minipass@^3.0.1, minipass@^3.1.0, minipass@^3.1.1:
-  version "3.1.1"
-  resolved "https://registry.yarnpkg.com/minipass/-/minipass-3.1.1.tgz#7607ce778472a185ad6d89082aa2070f79cedcd5"
-  integrity sha512-UFqVihv6PQgwj8/yTGvl9kPz7xIAY+R5z6XYjRInD3Gk3qx6QGSD6zEcpeG4Dy/lQnv1J6zv8ejV90hyYIKf3w==
+minipass@^3.0.0, minipass@^3.1.1:
+  version "3.1.3"
+  resolved "https://registry.yarnpkg.com/minipass/-/minipass-3.1.3.tgz#7d42ff1f39635482e15f9cdb53184deebd5815fd"
+  integrity sha512-Mgd2GdMVzY+x3IJ+oHnVM+KG3lA5c8tnabyJKmHSaG2kAGpudxuOf8ToDkhumF7UzME7DecbQE9uOZhNm7PuJg==
   dependencies:
     yallist "^4.0.0"
 
@@ -5011,7 +4979,7 @@ minizlib@^1.2.1:
   dependencies:
     minipass "^2.9.0"
 
-minizlib@^2.0.0, minizlib@^2.1.0:
+minizlib@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/minizlib/-/minizlib-2.1.0.tgz#fd52c645301ef09a63a2c209697c294c6ce02cf3"
   integrity sha512-EzTZN/fjSvifSX0SlqUERCN39o6T40AMarPbv0MrarSFtIITCBh7bi+dU8nxGFHuqs9jdIAeoYoKuQAAASsPPA==
@@ -5044,21 +5012,21 @@ mixin-deep@^1.2.0:
     is-extendable "^1.0.1"
 
 mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@~0.5.1, mkdirp@~0.5.x:
-  version "0.5.4"
-  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.4.tgz#fd01504a6797ec5c9be81ff43d204961ed64a512"
-  integrity sha512-iG9AK/dJLtJ0XNgTuDbSyNS3zECqDlAhnQW4CsNxBG3LQJBbHmRX1egw39DmtOdCAqY+dKXV+sgPgilNWUKMVw==
+  version "0.5.5"
+  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.5.tgz#d91cefd62d1436ca0f41620e251288d420099def"
+  integrity sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==
   dependencies:
     minimist "^1.2.5"
 
 mkdirp@^1.0.3:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.3.tgz#4cf2e30ad45959dddea53ad97d518b6c8205e1ea"
-  integrity sha512-6uCP4Qc0sWsgMLy1EOqqS/3rjDHOEnsStVr/4vtAIK2Y5i2kA7lFFejYrpIyiN9w0pYf4ckeCYT9f1r1P9KX5g==
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.4.tgz#3eb5ed62622756d79a5f0e2a221dfebad75c2f7e"
+  integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==
 
 moment@>=2.13.0, moment@^2.18.1:
-  version "2.24.0"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.24.0.tgz#0d055d53f5052aa653c9f6eb68bb5d12bf5c2b5b"
-  integrity sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg==
+  version "2.25.3"
+  resolved "https://registry.yarnpkg.com/moment/-/moment-2.25.3.tgz#252ff41319cf41e47761a1a88cab30edfe9808c0"
+  integrity sha512-PuYv0PHxZvzc15Sp8ybUCoQ+xpyPWvjOuK72a5ovzp2LI32rJXOiIfyoFoYvG3s6EwwrdkMyWuRiEHSZRLJNdg==
 
 move-concurrently@^1.0.1:
   version "1.0.1"
@@ -5106,9 +5074,9 @@ mute-stream@0.0.8:
   integrity sha512-nnbWWOkoWyUsTjKrhgD0dcz22mdkSnpYqbEjIm2nhwhuxlSkpywJmBo8h0ZqJdkp73mb90SssHkN4rsRaBAfAA==
 
 nan@^2.12.1:
-  version "2.14.0"
-  resolved "https://registry.yarnpkg.com/nan/-/nan-2.14.0.tgz#7818f722027b2459a86f0295d434d1fc2336c52c"
-  integrity sha512-INOFj37C7k3AfaNTtX8RhsTw7qRy7eLET14cROi9+5HAVbbHuIWUHEauBv5qT4Av2tWasiTY1Jw6puUNqRJXQg==
+  version "2.14.1"
+  resolved "https://registry.yarnpkg.com/nan/-/nan-2.14.1.tgz#d7be34dfa3105b91494c3147089315eff8874b01"
+  integrity sha512-isWHgVjnFjh2x2yuJ/tj3JbwoHu3UC2dX5G/88Cm24yB6YopVgxvBObDY7n5xW6ExmFhJpSEQqFPvq9zaXc8Jw==
 
 nanomatch@^1.2.9:
   version "1.2.13"
@@ -5127,15 +5095,6 @@ nanomatch@^1.2.9:
     snapdragon "^0.8.1"
     to-regex "^3.0.1"
 
-needle@^2.2.1:
-  version "2.3.3"
-  resolved "https://registry.yarnpkg.com/needle/-/needle-2.3.3.tgz#a041ad1d04a871b0ebb666f40baaf1fb47867117"
-  integrity sha512-EkY0GeSq87rWp1hoq/sH/wnTWgFVhYlnIkbJ0YJFfRgEFlz2RraCjBpFQ+vrEgEdp0ThfyHADmkChEhcb7PKyw==
-  dependencies:
-    debug "^3.2.6"
-    iconv-lite "^0.4.4"
-    sax "^1.2.4"
-
 negotiator@0.6.2:
   version "0.6.2"
   resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.2.tgz#feacf7ccf525a77ae9634436a64883ffeca346fb"
@@ -5159,6 +5118,15 @@ nice-try@^1.0.4:
   resolved "https://registry.yarnpkg.com/nice-try/-/nice-try-1.0.5.tgz#a3378a7696ce7d223e88fc9b764bd7ef1089e366"
   integrity sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==
 
+node-fetch-npm@^2.0.2:
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/node-fetch-npm/-/node-fetch-npm-2.0.4.tgz#6507d0e17a9ec0be3bec516958a497cec54bf5a4"
+  integrity sha512-iOuIQDWDyjhv9qSDrj9aq/klt6F9z1p2otB3AV7v3zBDcL/x+OfGsvGQZZCcMZbUf4Ujw1xGNQkjvGnVT22cKg==
+  dependencies:
+    encoding "^0.1.11"
+    json-parse-better-errors "^1.0.0"
+    safe-buffer "^5.1.1"
+
 node-forge@0.9.0:
   version "0.9.0"
   resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.9.0.tgz#d624050edbb44874adca12bb9a52ec63cb782579"
@@ -5193,36 +5161,12 @@ node-libs-browser@^2.2.1:
     util "^0.11.0"
     vm-browserify "^1.0.1"
 
-node-pre-gyp@*:
-  version "0.14.0"
-  resolved "https://registry.yarnpkg.com/node-pre-gyp/-/node-pre-gyp-0.14.0.tgz#9a0596533b877289bcad4e143982ca3d904ddc83"
-  integrity sha512-+CvDC7ZttU/sSt9rFjix/P05iS43qHCOOGzcr3Ry99bXG7VX953+vFyEuph/tfqoYu8dttBkE86JSKBO2OzcxA==
-  dependencies:
-    detect-libc "^1.0.2"
-    mkdirp "^0.5.1"
-    needle "^2.2.1"
-    nopt "^4.0.1"
-    npm-packlist "^1.1.6"
-    npmlog "^4.0.2"
-    rc "^1.2.7"
-    rimraf "^2.6.1"
-    semver "^5.3.0"
-    tar "^4.4.2"
-
 node-releases@^1.1.53:
-  version "1.1.53"
-  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.53.tgz#2d821bfa499ed7c5dffc5e2f28c88e78a08ee3f4"
-  integrity sha512-wp8zyQVwef2hpZ/dJH7SfSrIPD6YoJz6BDQDpGEkcA0s3LpAQoxBIYmfIq6QAhC1DhwsyCgTaTTcONwX8qzCuQ==
+  version "1.1.55"
+  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.55.tgz#8af23b7c561d8e2e6e36a46637bab84633b07cee"
+  integrity sha512-H3R3YR/8TjT5WPin/wOoHOUPHgvj8leuU/Keta/rwelEQN9pA/S2Dx8/se4pZ2LBxSd0nAGzsNzhqwa77v7F1w==
 
-nopt@^4.0.1:
-  version "4.0.3"
-  resolved "https://registry.yarnpkg.com/nopt/-/nopt-4.0.3.tgz#a375cad9d02fd921278d954c2254d5aa57e15e48"
-  integrity sha512-CvaGwVMztSMJLOeXPrez7fyfObdZqNUK1cPAEzLHrTybIua9pMdmmPR5YwtfNftIOMv3DPUhFaxsZMNTQO20Kg==
-  dependencies:
-    abbrev "1"
-    osenv "^0.1.4"
-
-normalize-package-data@^2.0.0:
+normalize-package-data@^2.0.0, normalize-package-data@^2.4.0:
   version "2.5.0"
   resolved "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-2.5.0.tgz#e66db1838b200c1dfc233225d12cb36520e234a8"
   integrity sha512-/5CMN3T0R4XTj4DcGaexo+roZSdSFW/0AOOTROrjxzCG1wrWXEsGbRKevjlIL+ZDE4sZlJr5ED4YW0yqmkK+eA==
@@ -5264,7 +5208,7 @@ normalize-url@^3.0.0:
   resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-3.3.0.tgz#b2e1c4dc4f7c6d57743df733a4f5978d18650559"
   integrity sha512-U+JJi7duF1o+u2pynbp2zXDW2/PADgC30f0GsHZtRh+HOcXHnw137TrNlyxxRvWW5fjKd3bcLHPxofWuCjaeZg==
 
-npm-bundled@^1.0.1, npm-bundled@^1.1.1:
+npm-bundled@^1.0.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/npm-bundled/-/npm-bundled-1.1.1.tgz#1edd570865a94cdb1bc8220775e29466c9fb234b"
   integrity sha512-gqkfgGePhTpAEgUsGEgcq1rqPXA+tv/aVBlgEzfXwA1yiUJF7xtEt3CtVwOjNYQOVknDk0F20w58Fnm3EtG0fA==
@@ -5283,7 +5227,7 @@ npm-normalize-package-bin@^1.0.0, npm-normalize-package-bin@^1.0.1:
   resolved "https://registry.yarnpkg.com/npm-normalize-package-bin/-/npm-normalize-package-bin-1.0.1.tgz#6e79a41f23fd235c0623218228da7d9c23b8f6e2"
   integrity sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA==
 
-npm-package-arg@8.0.1, npm-package-arg@^8.0.0, npm-package-arg@^8.0.1:
+npm-package-arg@8.0.1, npm-package-arg@^8.0.0:
   version "8.0.1"
   resolved "https://registry.yarnpkg.com/npm-package-arg/-/npm-package-arg-8.0.1.tgz#9d76f8d7667b2373ffda60bb801a27ef71e3e270"
   integrity sha512-/h5Fm6a/exByzFSTm7jAyHbgOqErl9qSNJDQF32Si/ZzgwT2TERVxRxn3Jurw1wflgyVVAxnFR4fRHPM7y1ClQ==
@@ -5292,7 +5236,17 @@ npm-package-arg@8.0.1, npm-package-arg@^8.0.0, npm-package-arg@^8.0.1:
     semver "^7.0.0"
     validate-npm-package-name "^3.0.0"
 
-npm-packlist@^1.1.6:
+npm-package-arg@^6.0.0, npm-package-arg@^6.1.0:
+  version "6.1.1"
+  resolved "https://registry.yarnpkg.com/npm-package-arg/-/npm-package-arg-6.1.1.tgz#02168cb0a49a2b75bf988a28698de7b529df5cb7"
+  integrity sha512-qBpssaL3IOZWi5vEKUKW0cO7kzLeT+EQO9W8RsLOZf76KF9E/K9+wH0C7t06HXPpaH8WH5xF1MExLuCwbTqRUg==
+  dependencies:
+    hosted-git-info "^2.7.1"
+    osenv "^0.1.5"
+    semver "^5.6.0"
+    validate-npm-package-name "^3.0.0"
+
+npm-packlist@^1.1.12:
   version "1.4.8"
   resolved "https://registry.yarnpkg.com/npm-packlist/-/npm-packlist-1.4.8.tgz#56ee6cc135b9f98ad3d51c1c95da22bbb9b2ef3e"
   integrity sha512-5+AZgwru5IevF5ZdnFglB5wNlHG1AOOuw28WhUq8/8emhBmLv6jX5by4WJCh7lW0uSYZYS6DXqIsyZVIXRZU9A==
@@ -5301,17 +5255,7 @@ npm-packlist@^1.1.6:
     npm-bundled "^1.0.1"
     npm-normalize-package-bin "^1.0.1"
 
-npm-packlist@^2.1.0:
-  version "2.1.1"
-  resolved "https://registry.yarnpkg.com/npm-packlist/-/npm-packlist-2.1.1.tgz#08806a1df79acdc43d02d20c83a3d5472d96c90c"
-  integrity sha512-95TSDvGwujIhqfSpIiRRLodEF+y6mJMopuZdahoGzqtRDFZXGav46S0p6ngeWaiAkb5R72w6eVARhzej0HvZeQ==
-  dependencies:
-    glob "^7.1.6"
-    ignore-walk "^3.0.3"
-    npm-bundled "^1.1.1"
-    npm-normalize-package-bin "^1.0.1"
-
-npm-pick-manifest@6.0.0, npm-pick-manifest@^6.0.0:
+npm-pick-manifest@6.0.0:
   version "6.0.0"
   resolved "https://registry.yarnpkg.com/npm-pick-manifest/-/npm-pick-manifest-6.0.0.tgz#bfde7abe95f2670aed1629a3c18245ccb3cc2eb8"
   integrity sha512-PdJpXMvjqt4nftNEDpCgjBUF8yI3Q3MyuAmVB9nemnnCg32F4BPL/JFBfdj8DubgHCYUFQhtLWmBPvdsFtjWMg==
@@ -5320,19 +5264,27 @@ npm-pick-manifest@6.0.0, npm-pick-manifest@^6.0.0:
     npm-package-arg "^8.0.0"
     semver "^7.0.0"
 
-npm-registry-fetch@^8.0.0:
-  version "8.0.0"
-  resolved "https://registry.yarnpkg.com/npm-registry-fetch/-/npm-registry-fetch-8.0.0.tgz#65bb51dd2b9634b8363019aac9c76c003e5c5eaf"
-  integrity sha512-975WwLvZjX97y9UWWQ8nAyr7bw02s9xKPHqvEm5T900LQsB1HXb8Gb9ebYtCBLSX+K8gSOrO5KS/9yV/naLZmQ==
+npm-pick-manifest@^3.0.0:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/npm-pick-manifest/-/npm-pick-manifest-3.0.2.tgz#f4d9e5fd4be2153e5f4e5f9b7be8dc419a99abb7"
+  integrity sha512-wNprTNg+X5nf+tDi+hbjdHhM4bX+mKqv6XmPh7B5eG+QY9VARfQPfCEH013H5GqfNj6ee8Ij2fg8yk0mzps1Vw==
+  dependencies:
+    figgy-pudding "^3.5.1"
+    npm-package-arg "^6.0.0"
+    semver "^5.4.1"
+
+npm-registry-fetch@^4.0.0:
+  version "4.0.4"
+  resolved "https://registry.yarnpkg.com/npm-registry-fetch/-/npm-registry-fetch-4.0.4.tgz#2da1ecf3f43d419d96abf313664291a4623d3ea5"
+  integrity sha512-6jb34hX/iYNQebqWUHtU8YF6Cjb1H6ouTFPClYsyiW6lpFkljTpdeftm53rRojtja1rKAvKNIIiTS5Sjpw4wsA==
   dependencies:
-    "@npmcli/ci-detect" "^1.0.0"
+    JSONStream "^1.3.4"
+    bluebird "^3.5.1"
+    figgy-pudding "^3.4.1"
     lru-cache "^5.1.1"
-    make-fetch-happen "^8.0.2"
-    minipass "^3.0.0"
-    minipass-fetch "^1.1.2"
-    minipass-json-stream "^1.0.1"
-    minizlib "^2.0.0"
-    npm-package-arg "^8.0.0"
+    make-fetch-happen "^5.0.0"
+    npm-package-arg "^6.1.0"
+    safe-buffer "^5.2.0"
 
 npm-run-path@^2.0.0:
   version "2.0.2"
@@ -5341,16 +5293,6 @@ npm-run-path@^2.0.0:
   dependencies:
     path-key "^2.0.0"
 
-npmlog@^4.0.2:
-  version "4.1.2"
-  resolved "https://registry.yarnpkg.com/npmlog/-/npmlog-4.1.2.tgz#08a7f2a8bf734604779a9efa4ad5cc717abb954b"
-  integrity sha512-2uUqazuKlTaSI/dC8AzicUck7+IrEaOnN/e0jd3Xtt1KcGpwx30v50mL7oPyr/h9bL3E4aZccVwpwP+5W9Vjkg==
-  dependencies:
-    are-we-there-yet "~1.1.2"
-    console-control-strings "~1.1.0"
-    gauge "~2.7.3"
-    set-blocking "~2.0.0"
-
 nth-check@^1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/nth-check/-/nth-check-1.0.2.tgz#b2bd295c37e3dd58a3bf0700376663ba4d9cf05c"
@@ -5392,10 +5334,13 @@ object-inspect@^1.7.0:
   resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.7.0.tgz#f4f6bd181ad77f006b5ece60bd0b6f398ff74a67"
   integrity sha512-a7pEHdh1xKIAgTySUGgLMx/xwDZskN1Ud6egYYN3EdRW4ZMPNEDUTF+hwy2LUC+Bl+SyLXANnwz/jyh/qutKUw==
 
-object-is@^1.0.1, object-is@^1.0.2:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/object-is/-/object-is-1.0.2.tgz#6b80eb84fe451498f65007982f035a5b445edec4"
-  integrity sha512-Epah+btZd5wrrfjkJZq1AOB9O6OxUQto45hzFd7lXGrpHPGE0W1k+426yrZV+k6NJOzLNNW/nVsmZdIWsAqoOQ==
+object-is@^1.0.1, object-is@^1.1.2:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/object-is/-/object-is-1.1.2.tgz#c5d2e87ff9e119f78b7a088441519e2eec1573b6"
+  integrity sha512-5lHCz+0uufF6wZ7CRFWJN3hp8Jqblpgve06U5CMQ3f//6iDjPr2PEo9MWCjEssDsa+UZEL4PkFpr+BMop6aKzQ==
+  dependencies:
+    define-properties "^1.1.3"
+    es-abstract "^1.17.5"
 
 object-keys@^1.0.11, object-keys@^1.0.12, object-keys@^1.1.1:
   version "1.1.1"
@@ -5535,7 +5480,7 @@ os-tmpdir@^1.0.0, os-tmpdir@~1.0.2:
   resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274"
   integrity sha1-u+Z0BseaqFxc/sdm/lc0VV36EnQ=
 
-osenv@^0.1.4:
+osenv@^0.1.5:
   version "0.1.5"
   resolved "https://registry.yarnpkg.com/osenv/-/osenv-0.1.5.tgz#85cdfafaeb28e8677f416e287592b5f3f49ea410"
   integrity sha512-0CWcCECdMVc2Rw3U5w9ZjqX6ga6ubk1xDVKxtBQPK7wis/0F2r9T6k4ydGYhecl7YUBxBVxhL5oisPsNxAPe2g==
@@ -5566,9 +5511,9 @@ p-limit@^1.1.0:
     p-try "^1.0.0"
 
 p-limit@^2.0.0, p-limit@^2.2.0, p-limit@^2.2.1, p-limit@^2.2.2:
-  version "2.2.2"
-  resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-2.2.2.tgz#61279b67721f5287aa1c13a9a7fbbc48c9291b1e"
-  integrity sha512-WGR+xHecKTr7EbUEhyLSh5Dube9JtdiG78ufaeLxTgpudf/20KqyMioIUZJAezlTIi6evxuoUs9YXc11cU+yzQ==
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-2.3.0.tgz#3dd33c647a214fdfffd835933eb086da0dc21db1"
+  integrity sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==
   dependencies:
     p-try "^2.0.0"
 
@@ -5622,34 +5567,41 @@ p-try@^2.0.0:
   resolved "https://registry.yarnpkg.com/p-try/-/p-try-2.2.0.tgz#cb2868540e313d61de58fafbe35ce9004d5540e6"
   integrity sha512-R4nPAVTAU0B9D35/Gk3uJf/7XYbQcyohSKdvAxIRSNghFl4e71hVoGnBNQz9cWaXxO2I10KTC+3jMdvvoKw6dQ==
 
-pacote@11.1.4:
-  version "11.1.4"
-  resolved "https://registry.yarnpkg.com/pacote/-/pacote-11.1.4.tgz#5529a453c59881b7f059da8af6903b0f79c124b2"
-  integrity sha512-eUGJvSSpWFZKn3z8gig/HgnBmUl6gIWByIIaHzSyEr3tOWX0w8tFEADXtpu8HGv5E0ShCeTP6enRq8iHKCHSvw==
-  dependencies:
-    "@npmcli/git" "^2.0.1"
-    "@npmcli/installed-package-contents" "^1.0.5"
-    "@npmcli/promise-spawn" "^1.1.0"
-    cacache "^15.0.0"
-    chownr "^1.1.4"
-    fs-minipass "^2.1.0"
+pacote@9.5.12:
+  version "9.5.12"
+  resolved "https://registry.yarnpkg.com/pacote/-/pacote-9.5.12.tgz#1e11dd7a8d736bcc36b375a9804d41bb0377bf66"
+  integrity sha512-BUIj/4kKbwWg4RtnBncXPJd15piFSVNpTzY0rysSr3VnMowTYgkGKcaHrbReepAkjTr8lH2CVWRi58Spg2CicQ==
+  dependencies:
+    bluebird "^3.5.3"
+    cacache "^12.0.2"
+    chownr "^1.1.2"
+    figgy-pudding "^3.5.1"
+    get-stream "^4.1.0"
+    glob "^7.1.3"
     infer-owner "^1.0.4"
     lru-cache "^5.1.1"
-    minipass "^3.0.1"
-    minipass-fetch "^1.2.1"
-    mkdirp "^1.0.3"
-    npm-package-arg "^8.0.1"
-    npm-packlist "^2.1.0"
-    npm-pick-manifest "^6.0.0"
-    npm-registry-fetch "^8.0.0"
+    make-fetch-happen "^5.0.0"
+    minimatch "^3.0.4"
+    minipass "^2.3.5"
+    mississippi "^3.0.0"
+    mkdirp "^0.5.1"
+    normalize-package-data "^2.4.0"
+    npm-normalize-package-bin "^1.0.0"
+    npm-package-arg "^6.1.0"
+    npm-packlist "^1.1.12"
+    npm-pick-manifest "^3.0.0"
+    npm-registry-fetch "^4.0.0"
+    osenv "^0.1.5"
     promise-inflight "^1.0.1"
     promise-retry "^1.1.1"
-    read-package-json-fast "^1.1.3"
-    rimraf "^2.7.1"
-    semver "^7.1.3"
-    ssri "^8.0.0"
-    tar "^6.0.1"
-    which "^2.0.2"
+    protoduck "^5.0.1"
+    rimraf "^2.6.2"
+    safe-buffer "^5.1.2"
+    semver "^5.6.0"
+    ssri "^6.0.1"
+    tar "^4.4.10"
+    unique-filename "^1.1.1"
+    which "^1.3.1"
 
 pako@~1.0.5:
   version "1.0.11"
@@ -5665,7 +5617,7 @@ parallel-transform@^1.1.0:
     inherits "^2.0.3"
     readable-stream "^2.1.5"
 
-parse-asn1@^5.0.0:
+parse-asn1@^5.0.0, parse-asn1@^5.1.5:
   version "5.1.5"
   resolved "https://registry.yarnpkg.com/parse-asn1/-/parse-asn1-5.1.5.tgz#003271343da58dc94cace494faef3d2147ecea0e"
   integrity sha512-jkMYn1dcJqF6d5CpU689bq7w/b5ALS9ROVSpQDPrZsqqesUJii9qutvoT5ltGedNXMO2e16YUWIghG9KxaViTQ==
@@ -5768,7 +5720,7 @@ performance-now@^2.1.0:
   resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-2.1.0.tgz#6309f4e0e5fa913ec1c69307ae364b4b377c9e7b"
   integrity sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=
 
-picomatch@^2.0.4, picomatch@^2.0.7:
+picomatch@^2.0.4, picomatch@^2.2.1:
   version "2.2.2"
   resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.2.2.tgz#21f333e9b6b8eaff02468f5146ea406d345f4dad"
   integrity sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==
@@ -5827,9 +5779,9 @@ popper.js@^1.16.1:
   integrity sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==
 
 portfinder@^1.0.25:
-  version "1.0.25"
-  resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.25.tgz#254fd337ffba869f4b9d37edc298059cb4d35eca"
-  integrity sha512-6ElJnHBbxVA1XSLgBp7G1FiCkQdlqGzuF7DswL5tcea+E8UpuvPU7beVAjjRwCioTS9ZluNbu+ZyRvgTsmqEBg==
+  version "1.0.26"
+  resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.26.tgz#475658d56ca30bed72ac7f1378ed350bd1b64e70"
+  integrity sha512-Xi7mKxJHHMI3rIUrnm/jjUgwhbYMkp/XKEcZX3aG4BrumLpq3nmoQMX+ClYnDZnZ/New7IatC1no5RX0zo1vXQ==
   dependencies:
     async "^2.6.2"
     debug "^3.1.1"
@@ -5986,6 +5938,39 @@ postcss-minify-selectors@^4.0.2:
     postcss "^7.0.0"
     postcss-selector-parser "^3.0.0"
 
+postcss-modules-extract-imports@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/postcss-modules-extract-imports/-/postcss-modules-extract-imports-2.0.0.tgz#818719a1ae1da325f9832446b01136eeb493cd7e"
+  integrity sha512-LaYLDNS4SG8Q5WAWqIJgdHPJrDDr/Lv775rMBFUbgjTz6j34lUznACHcdRWroPvXANP2Vj7yNK57vp9eFqzLWQ==
+  dependencies:
+    postcss "^7.0.5"
+
+postcss-modules-local-by-default@^3.0.2:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/postcss-modules-local-by-default/-/postcss-modules-local-by-default-3.0.2.tgz#e8a6561be914aaf3c052876377524ca90dbb7915"
+  integrity sha512-jM/V8eqM4oJ/22j0gx4jrp63GSvDH6v86OqyTHHUvk4/k1vceipZsaymiZ5PvocqZOl5SFHiFJqjs3la0wnfIQ==
+  dependencies:
+    icss-utils "^4.1.1"
+    postcss "^7.0.16"
+    postcss-selector-parser "^6.0.2"
+    postcss-value-parser "^4.0.0"
+
+postcss-modules-scope@^2.2.0:
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/postcss-modules-scope/-/postcss-modules-scope-2.2.0.tgz#385cae013cc7743f5a7d7602d1073a89eaae62ee"
+  integrity sha512-YyEgsTMRpNd+HmyC7H/mh3y+MeFWevy7V1evVhJWewmMbjDHIbZbOXICC2y+m1xI1UVfIT1HMW/O04Hxyu9oXQ==
+  dependencies:
+    postcss "^7.0.6"
+    postcss-selector-parser "^6.0.0"
+
+postcss-modules-values@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/postcss-modules-values/-/postcss-modules-values-3.0.0.tgz#5b5000d6ebae29b4255301b4a3a54574423e7f10"
+  integrity sha512-1//E5jCBrZ9DmRX+zCtmQtRSV6PV42Ix7Bzj9GbwJceduuf7IqP8MgeTXuRDHOWj2m0VzZD5+roFWDuU8RQjcg==
+  dependencies:
+    icss-utils "^4.0.0"
+    postcss "^7.0.6"
+
 postcss-normalize-charset@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/postcss-normalize-charset/-/postcss-normalize-charset-4.0.1.tgz#8b35add3aee83a136b0471e0d59be58a50285dd4"
@@ -6105,7 +6090,7 @@ postcss-selector-parser@^3.0.0:
     indexes-of "^1.0.1"
     uniq "^1.0.1"
 
-postcss-selector-parser@^6.0.2:
+postcss-selector-parser@^6.0.0, postcss-selector-parser@^6.0.2:
   version "6.0.2"
   resolved "https://registry.yarnpkg.com/postcss-selector-parser/-/postcss-selector-parser-6.0.2.tgz#934cf799d016c83411859e09dcecade01286ec5c"
   integrity sha512-36P2QR59jDTOAiIkqEprfJDsoNrvwFei3eCqKd1Y0tUsBimsq39BLp7RD+JWny3WgB1zGhJX8XVePwm9k4wdBg==
@@ -6138,12 +6123,12 @@ postcss-value-parser@^3.0.0, postcss-value-parser@^3.2.3:
   resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz#9ff822547e2893213cf1c30efa51ac5fd1ba8281"
   integrity sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==
 
-postcss-value-parser@^4.0.2:
-  version "4.0.3"
-  resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.0.3.tgz#651ff4593aa9eda8d5d0d66593a2417aeaeb325d"
-  integrity sha512-N7h4pG+Nnu5BEIzyeaaIYWs0LI5XC40OrRh5L60z0QjFsqGWcHcbkBvpe1WYpcIS9yQ8sOi/vIPt1ejQCrMVrg==
+postcss-value-parser@^4.0.0, postcss-value-parser@^4.0.2, postcss-value-parser@^4.0.3:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.1.0.tgz#443f6a20ced6481a2bda4fa8532a6e55d789a2cb"
+  integrity sha512-97DXOFbQJhk71ne5/Mt6cOu6yxsSfM0QGQyl0L25Gca4yGWEGJaig7l7gbCX623VqTBNGLRLaVUCnNkcedlRSQ==
 
-postcss@7.0.27, postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.26, postcss@^7.0.27:
+postcss@7.0.27:
   version "7.0.27"
   resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.27.tgz#cc67cdc6b0daa375105b7c424a85567345fc54d9"
   integrity sha512-WuQETPMcW9Uf1/22HWUWP9lgsIC+KEHg2kozMflKjbeUtw9ujvFX6QmIfozaErDkmLWS9WEnEdEe6Uo9/BNTdQ==
@@ -6152,6 +6137,15 @@ postcss@7.0.27, postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.26, postcss@^7.0.27
     source-map "^0.6.1"
     supports-color "^6.1.0"
 
+postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.14, postcss@^7.0.16, postcss@^7.0.26, postcss@^7.0.27, postcss@^7.0.5, postcss@^7.0.6:
+  version "7.0.30"
+  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.30.tgz#cc9378beffe46a02cbc4506a0477d05fcea9a8e2"
+  integrity sha512-nu/0m+NtIzoubO+xdAlwZl/u5S5vi/y6BCsoL8D+8IxsD3XvBS8X4YEADNIVXKVuQvduiucnRv+vPIqj56EGMQ==
+  dependencies:
+    chalk "^2.4.2"
+    source-map "^0.6.1"
+    supports-color "^6.1.0"
+
 prepend-http@^1.0.0:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc"
@@ -6199,6 +6193,13 @@ propagating-hammerjs@^1.4.6:
   dependencies:
     hammerjs "^2.0.8"
 
+protoduck@^5.0.1:
+  version "5.0.1"
+  resolved "https://registry.yarnpkg.com/protoduck/-/protoduck-5.0.1.tgz#03c3659ca18007b69a50fd82a7ebcc516261151f"
+  integrity sha512-WxoCeDCoCBY55BMvj4cAEjdVUFGRWed9ZxPlqTKYyw1nDDTQ4pqmnIMAGfJlg7Dx35uB/M+PHJPTmGOvaCaPTg==
+  dependencies:
+    genfun "^5.0.0"
+
 proxy-addr@~2.0.5:
   version "2.0.6"
   resolved "https://registry.yarnpkg.com/proxy-addr/-/proxy-addr-2.0.6.tgz#fdc2336505447d3f2f2c638ed272caf614bbb2bf"
@@ -6345,16 +6346,6 @@ raw-loader@4.0.0:
     loader-utils "^1.2.3"
     schema-utils "^2.5.0"
 
-rc@^1.2.7:
-  version "1.2.8"
-  resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed"
-  integrity sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==
-  dependencies:
-    deep-extend "^0.6.0"
-    ini "~1.3.0"
-    minimist "^1.2.0"
-    strip-json-comments "~2.0.1"
-
 read-cache@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/read-cache/-/read-cache-1.0.0.tgz#e664ef31161166c9751cdbe8dbcf86b5fb58f774"
@@ -6362,14 +6353,6 @@ read-cache@^1.0.0:
   dependencies:
     pify "^2.3.0"
 
-read-package-json-fast@^1.1.1, read-package-json-fast@^1.1.3:
-  version "1.1.3"
-  resolved "https://registry.yarnpkg.com/read-package-json-fast/-/read-package-json-fast-1.1.3.tgz#3b78464ea8f3c4447f3358635390b6946dc0737e"
-  integrity sha512-MmFqiyfCXV2Dmm4jH24DEGhxdkUDFivJQj4oPZQPOKywxR7HWBE6WnMWDAapfFHi3wm1b+mhR+XHlUH0CL8axg==
-  dependencies:
-    json-parse-even-better-errors "^2.0.1"
-    npm-normalize-package-bin "^1.0.1"
-
 read-package-json@^2.0.0:
   version "2.1.1"
   resolved "https://registry.yarnpkg.com/read-package-json/-/read-package-json-2.1.1.tgz#16aa66c59e7d4dad6288f179dd9295fd59bb98f1"
@@ -6391,7 +6374,7 @@ read-package-tree@5.3.1:
     readdir-scoped-modules "^1.0.0"
     util-promisify "^2.1.0"
 
-"readable-stream@1 || 2", readable-stream@^2.0.0, readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.0.6, readable-stream@^2.1.5, readable-stream@^2.2.2, readable-stream@^2.3.3, readable-stream@^2.3.6, readable-stream@~2.3.6:
+"readable-stream@1 || 2", readable-stream@^2.0.0, readable-stream@^2.0.1, readable-stream@^2.0.2, readable-stream@^2.1.5, readable-stream@^2.2.2, readable-stream@^2.3.3, readable-stream@^2.3.6, readable-stream@~2.3.6:
   version "2.3.7"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-2.3.7.tgz#1eca1cf711aef814c04f62252a36a62f6cb23b57"
   integrity sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==
@@ -6404,7 +6387,7 @@ read-package-tree@5.3.1:
     string_decoder "~1.1.1"
     util-deprecate "~1.0.1"
 
-readable-stream@^3.0.6:
+readable-stream@^3.0.6, readable-stream@^3.6.0:
   version "3.6.0"
   resolved "https://registry.yarnpkg.com/readable-stream/-/readable-stream-3.6.0.tgz#337bbda3adc0706bd3e024426a286d4b4b2c9198"
   integrity sha512-BViHy7LKeTz4oNnkcLJ+lVSL6vpiFeX6/d3oSH8zCW7UxP2onchk+vTGB143xuFjHS3deTgkKoXXymXqymiIdA==
@@ -6413,7 +6396,7 @@ readable-stream@^3.0.6:
     string_decoder "^1.1.1"
     util-deprecate "^1.0.1"
 
-readdir-scoped-modules@^1.0.0, readdir-scoped-modules@^1.1.0:
+readdir-scoped-modules@^1.0.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/readdir-scoped-modules/-/readdir-scoped-modules-1.1.0.tgz#8d45407b4f870a0dcaebc0e28670d18e74514309"
   integrity sha512-asaikDeqAQg7JifRsZn1NJZXo9E+VwlyCfbkZhwyISinqk5zNS6266HS5kah6P0SaQKGF6SkNnZVHUzHFYxYDw==
@@ -6432,12 +6415,12 @@ readdirp@^2.2.1:
     micromatch "^3.1.10"
     readable-stream "^2.0.2"
 
-readdirp@~3.3.0:
-  version "3.3.0"
-  resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-3.3.0.tgz#984458d13a1e42e2e9f5841b129e162f369aff17"
-  integrity sha512-zz0pAkSPOXXm1viEwygWIPSPkcBYjW1xU5j/JBh5t9bGCJwa6f9+BJa6VaB2g+b55yVrmXzqkyLf4xaWYM0IkQ==
+readdirp@~3.4.0:
+  version "3.4.0"
+  resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-3.4.0.tgz#9fdccdf9e9155805449221ac645e8303ab5b9ada"
+  integrity sha512-0xe001vZBnJEK+uKcj8qOhyAKPzIT+gStxWr3LCB0DwcXR5NZJ3IaC+yGnHCYzB/S7ov3m3EEbZI2zeNvX+hGQ==
   dependencies:
-    picomatch "^2.0.7"
+    picomatch "^2.2.1"
 
 reflect-metadata@^0.1.2:
   version "0.1.13"
@@ -6588,9 +6571,9 @@ resolve-url@^0.2.1:
   integrity sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=
 
 resolve@^1.1.7, resolve@^1.10.0, resolve@^1.3.2:
-  version "1.15.1"
-  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.15.1.tgz#27bdcdeffeaf2d6244b95bb0f9f4b4653451f3e8"
-  integrity sha512-84oo6ZTtoTUpjgNEr5SJyzQhzL72gaRodsSfyxC/AXRvwu0Yse9H8eF9IpGo7b8YetZhlI6v7ZQ6bKBFV/6S7w==
+  version "1.17.0"
+  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.17.0.tgz#b25941b54968231cc2d1bb76a79cb7f2c0bf8444"
+  integrity sha512-ic+7JYiV8Vi2yzQGFWOkiZD5Z9z7O2Zhm9XMaTxdJExKasieFCr+yXZ/WmXsckHiKl12ar0y6XiXDx3m4RHn1w==
   dependencies:
     path-parse "^1.0.6"
 
@@ -6634,7 +6617,7 @@ rimraf@3.0.2:
   dependencies:
     glob "^7.1.3"
 
-rimraf@^2.5.4, rimraf@^2.6.1, rimraf@^2.6.3, rimraf@^2.7.1:
+rimraf@^2.5.4, rimraf@^2.6.2, rimraf@^2.6.3, rimraf@^2.7.1:
   version "2.7.1"
   resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.7.1.tgz#35797f13a7fdadc566142c29d4f07ccad483e3ec"
   integrity sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==
@@ -6657,11 +6640,9 @@ rollup@2.1.0:
     fsevents "~2.1.2"
 
 run-async@^2.4.0:
-  version "2.4.0"
-  resolved "https://registry.yarnpkg.com/run-async/-/run-async-2.4.0.tgz#e59054a5b86876cfae07f431d18cbaddc594f1e8"
-  integrity sha512-xJTbh/d7Lm7SBhc1tNvTpeCHaEzoyxPrqNlvSdMfBTYwaY++UJFyXUOxAtsRUXjlqOfj8luNaR9vjCh4KeV+pg==
-  dependencies:
-    is-promise "^2.1.0"
+  version "2.4.1"
+  resolved "https://registry.yarnpkg.com/run-async/-/run-async-2.4.1.tgz#8440eccf99ea3e70bd409d49aab88e10c189a455"
+  integrity sha512-tvVnVv01b8c1RrA6Ep7JkStj85Guv/YrMcwqYQnwjsAS2cTmmPGBBjAjpCW7RrSodNSoE2/qg9O4bceNvUuDgQ==
 
 run-queue@^1.0.0, run-queue@^1.0.3:
   version "1.0.3"
@@ -6670,22 +6651,29 @@ run-queue@^1.0.0, run-queue@^1.0.3:
   dependencies:
     aproba "^1.1.1"
 
-rxjs@6.5.4, rxjs@^6.5.2, rxjs@^6.5.3:
+rxjs@6.5.4:
   version "6.5.4"
   resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.5.4.tgz#e0777fe0d184cec7872df147f303572d414e211c"
   integrity sha512-naMQXcgEo3csAEGvw/NydRA0fuS2nDZJiw1YUWFKU7aPPAPGZEsD4Iimit96qwCieH6y614MCLYwdkrWx7z/7Q==
   dependencies:
     tslib "^1.9.0"
 
+rxjs@^6.5.2, rxjs@^6.5.3:
+  version "6.5.5"
+  resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.5.5.tgz#c5c884e3094c8cfee31bf27eb87e54ccfc87f9ec"
+  integrity sha512-WfQI+1gohdf0Dai/Bbmk5L5ItH5tYqm3ki2c5GdWhKjalzjg93N3avFjVStyZZz+A2Em+ZxKH5bNghw9UeylGQ==
+  dependencies:
+    tslib "^1.9.0"
+
 safe-buffer@5.1.2, safe-buffer@~5.1.0, safe-buffer@~5.1.1:
   version "5.1.2"
   resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
   integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==
 
-safe-buffer@>=5.1.0, safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.1, safe-buffer@^5.1.2, safe-buffer@~5.2.0:
-  version "5.2.0"
-  resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.0.tgz#b74daec49b1148f88c64b68d49b1e815c1f2f519"
-  integrity sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==
+safe-buffer@>=5.1.0, safe-buffer@^5.0.1, safe-buffer@^5.1.0, safe-buffer@^5.1.1, safe-buffer@^5.1.2, safe-buffer@^5.2.0, safe-buffer@~5.2.0:
+  version "5.2.1"
+  resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6"
+  integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==
 
 safe-regex@^1.1.0:
   version "1.1.0"
@@ -6717,7 +6705,7 @@ sass@1.26.3:
   dependencies:
     chokidar ">=2.0.0 <4.0.0"
 
-sax@^1.2.4, sax@~1.2.4:
+sax@~1.2.4:
   version "1.2.4"
   resolved "https://registry.yarnpkg.com/sax/-/sax-1.2.4.tgz#2816234e2378bddc4e5354fab5caa895df7100d9"
   integrity sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw==
@@ -6732,9 +6720,9 @@ schema-utils@^1.0.0:
     ajv-keywords "^3.1.0"
 
 schema-utils@^2.5.0, schema-utils@^2.6.1, schema-utils@^2.6.4, schema-utils@^2.6.5:
-  version "2.6.5"
-  resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-2.6.5.tgz#c758f0a7e624263073d396e29cd40aa101152d8a"
-  integrity sha512-5KXuwKziQrTVHh8j/Uxz+QUbxkaLW9X/86NBlx/gnKgtsZA2GIVMUn17qWhRFwF8jdYb3Dig5hRO/W5mZqy6SQ==
+  version "2.6.6"
+  resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-2.6.6.tgz#299fe6bd4a3365dc23d99fd446caff8f1d6c330c"
+  integrity sha512-wHutF/WPSbIi9x6ctjGGk2Hvl0VOz5l3EKEuKbjPlB30mKZUzb9A5k9yEXRX3pwyqVLPvpfZZEllaFq/M718hA==
   dependencies:
     ajv "^6.12.0"
     ajv-keywords "^3.4.1"
@@ -6775,7 +6763,7 @@ semver@7.0.0:
   resolved "https://registry.yarnpkg.com/semver/-/semver-7.0.0.tgz#5f3ca35761e47e05b206c6daff2cf814f0316b8e"
   integrity sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A==
 
-semver@7.1.3, semver@^7.0.0, semver@^7.1.1, semver@^7.1.3:
+semver@7.1.3:
   version "7.1.3"
   resolved "https://registry.yarnpkg.com/semver/-/semver-7.1.3.tgz#e4345ce73071c53f336445cfc19efb1c311df2a6"
   integrity sha512-ekM0zfiA9SCBlsKa2X1hxyxiI4L3B6EbVJkkdgQXnSEEaHlGdvyodMruTiulSRWMMB4NeIuYNMC9rTKTz97GxA==
@@ -6785,6 +6773,11 @@ semver@^6.0.0, semver@^6.3.0:
   resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d"
   integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==
 
+semver@^7.0.0, semver@^7.1.1:
+  version "7.3.2"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.2.tgz#604962b052b81ed0786aae84389ffba70ffd3938"
+  integrity sha512-OrOb32TeeambH6UrhtShmF7CRDqhL6/5XpPNp2DuRH6+9QLw/orhp72j87v8Qa1ScDkvrrBNpZcDejAirJmfXQ==
+
 send@0.17.1:
   version "0.17.1"
   resolved "https://registry.yarnpkg.com/send/-/send-0.17.1.tgz#c1d8b059f7900f7466dd4938bdc44e11ddb376c8"
@@ -6832,7 +6825,7 @@ serve-static@1.14.1:
     parseurl "~1.3.3"
     send "0.17.1"
 
-set-blocking@^2.0.0, set-blocking@~2.0.0:
+set-blocking@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/set-blocking/-/set-blocking-2.0.0.tgz#045f9782d011ae9a6803ddd382b24392b3d890f7"
   integrity sha1-BF+XgtARrppoA93TgrJDkrPYkPc=
@@ -6969,16 +6962,15 @@ sockjs@0.3.19:
     faye-websocket "^0.10.0"
     uuid "^3.0.1"
 
-socks-proxy-agent@^5.0.0:
-  version "5.0.0"
-  resolved "https://registry.yarnpkg.com/socks-proxy-agent/-/socks-proxy-agent-5.0.0.tgz#7c0f364e7b1cf4a7a437e71253bed72e9004be60"
-  integrity sha512-lEpa1zsWCChxiynk+lCycKuC502RxDWLKJZoIhnxrWNjLSDGYRFflHA1/228VkRcnv9TIb8w98derGbpKxJRgA==
+socks-proxy-agent@^4.0.0:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/socks-proxy-agent/-/socks-proxy-agent-4.0.2.tgz#3c8991f3145b2799e70e11bd5fbc8b1963116386"
+  integrity sha512-NT6syHhI9LmuEMSK6Kd2V7gNv5KFZoLE7V5udWmn0de+3Mkj3UMA/AJPLyeNUVmElCurSHtUdM3ETpR3z770Wg==
   dependencies:
-    agent-base "6"
-    debug "4"
-    socks "^2.3.3"
+    agent-base "~4.2.1"
+    socks "~2.3.2"
 
-socks@^2.3.3:
+socks@~2.3.2:
   version "2.3.3"
   resolved "https://registry.yarnpkg.com/socks/-/socks-2.3.3.tgz#01129f0a5d534d2b897712ed8aceab7ee65d78e3"
   integrity sha512-o5t52PCNtVdiOvzMry7wU4aOqYWL0PeCXRWBEiJow4/i/wr+wpsJQ9awEu1EonLIqsfGd5qSgDdxEOvCdmBEpA==
@@ -7017,10 +7009,10 @@ source-map-resolve@^0.5.0, source-map-resolve@^0.5.2:
     source-map-url "^0.4.0"
     urix "^0.1.0"
 
-source-map-support@0.5.16, source-map-support@^0.5.5, source-map-support@~0.5.12:
-  version "0.5.16"
-  resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.5.16.tgz#0ae069e7fe3ba7538c64c98515e35339eac5a042"
-  integrity sha512-efyLRJDr68D9hBBNIPWFjhpFzURh+KJykQwvMyW5UiZzYwoF6l4YMMDIJJEyFWxWCqfyxLzz6tSfUFR+kXXsVQ==
+source-map-support@^0.5.5, source-map-support@~0.5.12:
+  version "0.5.19"
+  resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.5.19.tgz#a98b62f86dcaf4f67399648c085291ab9e8fed61"
+  integrity sha512-Wonm7zOCIJzBGQdB+thsPar0kYuCIzYvxZwlBa87yi/Mdjv7Tip2cyVbLj5o0cFPN4EVkuTwb3GDDyUx2DGnGw==
   dependencies:
     buffer-from "^1.0.0"
     source-map "^0.6.0"
@@ -7059,14 +7051,14 @@ spdx-correct@^3.0.0:
     spdx-license-ids "^3.0.0"
 
 spdx-exceptions@^2.1.0:
-  version "2.2.0"
-  resolved "https://registry.yarnpkg.com/spdx-exceptions/-/spdx-exceptions-2.2.0.tgz#2ea450aee74f2a89bfb94519c07fcd6f41322977"
-  integrity sha512-2XQACfElKi9SlVb1CYadKDXvoajPgBVPn/gOQLrTvHdElaVhr7ZEbqJaRnJLVNeaI4cMEAgVCeBMKF6MWRDCRA==
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/spdx-exceptions/-/spdx-exceptions-2.3.0.tgz#3f28ce1a77a00372683eade4a433183527a2163d"
+  integrity sha512-/tTrYOC7PPI1nUAgx34hUpqXuyJG+DTHJTnIULG4rDygi4xu/tfgmq1e1cIRwRzwZgo4NLySi+ricLkZkw4i5A==
 
 spdx-expression-parse@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-3.0.0.tgz#99e119b7a5da00e05491c9fa338b7904823b41d0"
-  integrity sha512-Yg6D3XpRD4kkOmTpdgbUiEJFKghJH03fiC1OPll5h/0sO6neh2jqRDVHOQ4o/LMea0tgCkbMgea5ip/e+MkWyg==
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/spdx-expression-parse/-/spdx-expression-parse-3.0.1.tgz#cf70f50482eefdc98e3ce0a6833e4a53ceeba679"
+  integrity sha512-cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q==
   dependencies:
     spdx-exceptions "^2.1.0"
     spdx-license-ids "^3.0.0"
@@ -7089,9 +7081,9 @@ spdy-transport@^3.0.0:
     wbuf "^1.7.3"
 
 spdy@^4.0.1:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/spdy/-/spdy-4.0.1.tgz#6f12ed1c5db7ea4f24ebb8b89ba58c87c08257f2"
-  integrity sha512-HeZS3PBdMA+sZSu0qwpCxl3DeALD5ASx8pAX0jZdKXSpPWbQ6SYGnlg3BBmYLx5LtiZrmkAZfErCm2oECBcioA==
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/spdy/-/spdy-4.0.2.tgz#b74f466203a3eda452c02492b91fb9e84a27677b"
+  integrity sha512-r46gZQZQV+Kl9oItvl1JZZqJKGr+oEkB08A6BzkiR7593/7IbtuncXHd2YoYeTsG4157ZssMu9KYvUHLcjcDoA==
   dependencies:
     debug "^4.1.0"
     handle-thing "^2.0.0"
@@ -7138,7 +7130,7 @@ sshpk@^1.7.0:
     safer-buffer "^2.0.2"
     tweetnacl "~0.14.0"
 
-ssri@^6.0.1:
+ssri@^6.0.0, ssri@^6.0.1:
   version "6.0.1"
   resolved "https://registry.yarnpkg.com/ssri/-/ssri-6.0.1.tgz#2a3c41b28dd45b62b63676ecb74001265ae9edd8"
   integrity sha512-3Wge10hNcT1Kur4PDFwEieXSCMCJs/7WvSACcrMYrNp+b8kDL1/0wJch5Ni2WrtwEa2IO8OsVfeKIciKCDx/QA==
@@ -7224,7 +7216,7 @@ string-width@^1.0.1:
     is-fullwidth-code-point "^1.0.0"
     strip-ansi "^3.0.0"
 
-"string-width@^1.0.2 || 2", string-width@^2.0.0, string-width@^2.1.1:
+string-width@^2.0.0, string-width@^2.1.1:
   version "2.1.1"
   resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.1.1.tgz#ab93f27a8dc13d28cac815c462143a6d9012ae9e"
   integrity sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==
@@ -7242,9 +7234,9 @@ string-width@^4.1.0, string-width@^4.2.0:
     strip-ansi "^6.0.0"
 
 string.prototype.trimend@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/string.prototype.trimend/-/string.prototype.trimend-1.0.0.tgz#ee497fd29768646d84be2c9b819e292439614373"
-  integrity sha512-EEJnGqa/xNfIg05SxiPSqRS7S9qwDhYts1TSLR1BQfYUfPe1stofgGKvwERK9+9yf+PpfBMlpBaCHucXGPQfUA==
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/string.prototype.trimend/-/string.prototype.trimend-1.0.1.tgz#85812a6b847ac002270f5808146064c995fb6913"
+  integrity sha512-LRPxFUaTtpqYsTeNKaFOw3R4bxIzWOnbQ837QfBylo8jIxtcbK/A/sMV7Q+OAV/vWo+7s25pOE10KYSjaSO06g==
   dependencies:
     define-properties "^1.1.3"
     es-abstract "^1.17.5"
@@ -7268,9 +7260,9 @@ string.prototype.trimright@^2.1.1:
     string.prototype.trimend "^1.0.0"
 
 string.prototype.trimstart@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/string.prototype.trimstart/-/string.prototype.trimstart-1.0.0.tgz#afe596a7ce9de905496919406c9734845f01a2f2"
-  integrity sha512-iCP8g01NFYiiBOnwG1Xc3WZLyoo+RuBymwIlWncShXDDJYWN6DbnM3odslBJdgCdRlq94B5s63NWAZlcn2CS4w==
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/string.prototype.trimstart/-/string.prototype.trimstart-1.0.1.tgz#14af6d9f34b053f7cfc89b72f8f2ee14b9039a54"
+  integrity sha512-XxZn+QpvrBI1FOcg6dIpxUPgWCPuNXvMD72aaRaUQv1eD4e/Qy8i/hFTe0BUmD60p/QA6bh1avmuPTfNjqVWRw==
   dependencies:
     define-properties "^1.1.3"
     es-abstract "^1.17.5"
@@ -7315,11 +7307,6 @@ strip-eof@^1.0.0:
   resolved "https://registry.yarnpkg.com/strip-eof/-/strip-eof-1.0.0.tgz#bb43ff5598a6eb05d89b59fcd129c983313606bf"
   integrity sha1-u0P/VZim6wXYm1n80SnJgzE2Br8=
 
-strip-json-comments@~2.0.1:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a"
-  integrity sha1-PFMZQukIwml8DsNEhYwobHygpgo=
-
 style-loader@1.1.3:
   version "1.1.3"
   resolved "https://registry.yarnpkg.com/style-loader/-/style-loader-1.1.3.tgz#9e826e69c683c4d9bf9db924f85e9abb30d5e200"
@@ -7415,7 +7402,7 @@ tapable@^1.0.0, tapable@^1.1.3:
   resolved "https://registry.yarnpkg.com/tapable/-/tapable-1.1.3.tgz#a1fccc06b58db61fd7a45da2da44f5f3a3e67ba2"
   integrity sha512-4WK/bYZmj8xLr+HUCODHGF1ZFzsYffasLUgEiMBY4fgtltdO6B4WJtlSbPaDTLpYTcGVwM2qLnFTICEcNxs3kA==
 
-tar@^4.4.2:
+tar@^4.4.10:
   version "4.4.13"
   resolved "https://registry.yarnpkg.com/tar/-/tar-4.4.13.tgz#43b364bc52888d555298637b10d60790254ab525"
   integrity sha512-w2VwSrBoHa5BsSyH+KxEqeQBAllHhccyMFVHtGtdMpF4W7IRWfZjFiQceJPChOeTsSDVUpER2T8FA93pr0L+QA==
@@ -7429,11 +7416,11 @@ tar@^4.4.2:
     yallist "^3.0.3"
 
 tar@^6.0.1:
-  version "6.0.1"
-  resolved "https://registry.yarnpkg.com/tar/-/tar-6.0.1.tgz#7b3bd6c313cb6e0153770108f8d70ac298607efa"
-  integrity sha512-bKhKrrz2FJJj5s7wynxy/fyxpE0CmCjmOQ1KV4KkgXFWOgoIT/NbTMnB1n+LFNrNk0SSBVGGxcK5AGsyC+pW5Q==
+  version "6.0.2"
+  resolved "https://registry.yarnpkg.com/tar/-/tar-6.0.2.tgz#5df17813468a6264ff14f766886c622b84ae2f39"
+  integrity sha512-Glo3jkRtPcvpDlAs/0+hozav78yoXKFr+c4wgw62NNMO3oo4AaJdCo21Uu7lcwr55h39W2XD1LMERc64wtbItg==
   dependencies:
-    chownr "^1.1.3"
+    chownr "^2.0.0"
     fs-minipass "^2.0.0"
     minipass "^3.0.0"
     minizlib "^2.1.0"
@@ -7470,19 +7457,19 @@ terser-webpack-plugin@^1.4.3:
     webpack-sources "^1.4.0"
     worker-farm "^1.7.0"
 
-terser@4.6.7:
-  version "4.6.7"
-  resolved "https://registry.yarnpkg.com/terser/-/terser-4.6.7.tgz#478d7f9394ec1907f0e488c5f6a6a9a2bad55e72"
-  integrity sha512-fmr7M1f7DBly5cX2+rFDvmGBAaaZyPrHYK4mMdHEDAdNTqXSZgSOfqsfGq2HqPGT/1V0foZZuCZFx8CHKgAk3g==
+terser@4.6.10:
+  version "4.6.10"
+  resolved "https://registry.yarnpkg.com/terser/-/terser-4.6.10.tgz#90f5bd069ff456ddbc9503b18e52f9c493d3b7c2"
+  integrity sha512-qbF/3UOo11Hggsbsqm2hPa6+L4w7bkr+09FNseEe8xrcVD3APGLFqE+Oz1ZKAxjYnFsj80rLOfgAtJ0LNJjtTA==
   dependencies:
     commander "^2.20.0"
     source-map "~0.6.1"
     source-map-support "~0.5.12"
 
 terser@^4.1.2, terser@^4.4.3:
-  version "4.6.10"
-  resolved "https://registry.yarnpkg.com/terser/-/terser-4.6.10.tgz#90f5bd069ff456ddbc9503b18e52f9c493d3b7c2"
-  integrity sha512-qbF/3UOo11Hggsbsqm2hPa6+L4w7bkr+09FNseEe8xrcVD3APGLFqE+Oz1ZKAxjYnFsj80rLOfgAtJ0LNJjtTA==
+  version "4.7.0"
+  resolved "https://registry.yarnpkg.com/terser/-/terser-4.7.0.tgz#15852cf1a08e3256a80428e865a2fa893ffba006"
+  integrity sha512-Lfb0RiZcjRDXCC3OSHJpEkxJ9Qeqs6mp2v4jf2MHfy8vGERmVDuvjXdd/EnP5Deme5F2yBRBymKmKHCBg2echw==
   dependencies:
     commander "^2.20.0"
     source-map "~0.6.1"
@@ -7496,7 +7483,7 @@ through2@^2.0.0:
     readable-stream "~2.3.6"
     xtend "~4.0.1"
 
-through@X.X.X, through@^2.3.6:
+"through@>=2.2.7 <3", through@X.X.X, through@^2.3.6:
   version "2.3.8"
   resolved "https://registry.yarnpkg.com/through/-/through-2.3.8.tgz#0dd4c9ffaabc357960b1b724115d7e0e86a2e1f5"
   integrity sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU=
@@ -7623,11 +7610,16 @@ tree-kill@1.2.2:
   resolved "https://registry.yarnpkg.com/tree-kill/-/tree-kill-1.2.2.tgz#4ca09a9092c88b73a7cdc5e8a01b507b0790a0cc"
   integrity sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==
 
-tslib@1.11.1, tslib@^1.10.0, tslib@^1.8.0, tslib@^1.8.1, tslib@^1.9.0:
+tslib@1.11.1:
   version "1.11.1"
   resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.11.1.tgz#eb15d128827fbee2841549e171f45ed338ac7e35"
   integrity sha512-aZW88SY8kQbU7gpV19lN24LtXh/yD4ZZg6qieAJDDg+YBsJcSmLGK9QpnUjAKVG/xefmvJGd1WUmfpT/g6AJGA==
 
+tslib@^1.10.0, tslib@^1.8.0, tslib@^1.8.1, tslib@^1.9.0:
+  version "1.13.0"
+  resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.13.0.tgz#c881e13cc7015894ed914862d276436fa9a47043"
+  integrity sha512-i/6DQjL8Xf3be4K/E6Wgpekn5Qasl1usyw++dAA35Ue5orEn65VIxOA+YvNNl9HV3qv70T7CNwjODHZrLwvd1Q==
+
 tslint@^5.12.1:
   version "5.20.1"
   resolved "https://registry.yarnpkg.com/tslint/-/tslint-5.20.1.tgz#e401e8aeda0152bc44dd07e614034f3f80c67b7d"
@@ -7689,16 +7681,16 @@ typedarray@^0.0.6:
   resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
   integrity sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c=
 
+typescript@3.6.5:
+  version "3.6.5"
+  resolved "https://registry.yarnpkg.com/typescript/-/typescript-3.6.5.tgz#dae20114a7b4ff4bd642db9c8c699f2953e8bbdb"
+  integrity sha512-BEjlc0Z06ORZKbtcxGrIvvwYs5hAnuo6TKdNFL55frVDlB+na3z5bsLhFaIxmT+dPWgBIjMo6aNnTOgHHmHgiQ==
+
 typescript@3.7.5:
   version "3.7.5"
   resolved "https://registry.yarnpkg.com/typescript/-/typescript-3.7.5.tgz#0692e21f65fd4108b9330238aac11dd2e177a1ae"
   integrity sha512-/P5lkRXkWHNAbcJIiHPfRoKqyd7bsyCma1hZNUGfn20qm64T6ZBlrzprymeu918H+mB/0rIg2gGK/BXkhhYgBw==
 
-typescript@3.8.3:
-  version "3.8.3"
-  resolved "https://registry.yarnpkg.com/typescript/-/typescript-3.8.3.tgz#409eb8544ea0335711205869ec458ab109ee1061"
-  integrity sha512-MYlEfn5VrLNsgudQTVJeNaQFUAI7DkhnOjdpAp4T+ku1TfQClewlbSuTVHiA+8skNBgaf02TL/kLOvig4y3G8w==
-
 unicode-canonical-property-names-ecmascript@^1.0.4:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/unicode-canonical-property-names-ecmascript/-/unicode-canonical-property-names-ecmascript-1.0.4.tgz#2619800c4c825800efdd8343af7dd9933cbe2818"
@@ -7932,14 +7924,23 @@ vm-browserify@^1.0.1:
   resolved "https://registry.yarnpkg.com/vm-browserify/-/vm-browserify-1.1.2.tgz#78641c488b8e6ca91a75f511e7a3b32a86e5dda0"
   integrity sha512-2ham8XPWTONajOR0ohOKOHXkm3+gaBmGut3SRuu75xLd/RRaY6vqgh8NBYYk7+RW3u5AtzPQZG8F10LHkl0lAQ==
 
-watchpack@^1.6.0:
-  version "1.6.1"
-  resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-1.6.1.tgz#280da0a8718592174010c078c7585a74cd8cd0e2"
-  integrity sha512-+IF9hfUFOrYOOaKyfaI7h7dquUIOgyEMoQMLA7OP5FxegKA2+XdXThAZ9TU2kucfhDH7rfMHs1oPYziVGWRnZA==
+watchpack-chokidar2@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/watchpack-chokidar2/-/watchpack-chokidar2-2.0.0.tgz#9948a1866cbbd6cb824dea13a7ed691f6c8ddff0"
+  integrity sha512-9TyfOyN/zLUbA288wZ8IsMZ+6cbzvsNyEzSBp6e/zkifi6xxbl8SmQ/CxQq32k8NNqrdVEVUVSEf56L4rQ/ZxA==
   dependencies:
     chokidar "^2.1.8"
+
+watchpack@^1.6.0:
+  version "1.7.2"
+  resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-1.7.2.tgz#c02e4d4d49913c3e7e122c3325365af9d331e9aa"
+  integrity sha512-ymVbbQP40MFTp+cNMvpyBpBtygHnPzPkHqoIwRRj/0B8KhqQwV8LaKjtbaxF2lK4vl8zN9wCxS46IFCU5K4W0g==
+  dependencies:
     graceful-fs "^4.1.2"
     neo-async "^2.5.0"
+  optionalDependencies:
+    chokidar "^3.4.0"
+    watchpack-chokidar2 "^2.0.0"
 
 wbuf@^1.1.0, wbuf@^1.7.3:
   version "1.7.3"
@@ -8109,38 +8110,25 @@ which-module@^2.0.0:
   resolved "https://registry.yarnpkg.com/which-module/-/which-module-2.0.0.tgz#d9ef07dce77b9902b8a3a8fa4b31c3e3f7e6e87a"
   integrity sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho=
 
-which-typed-array@^1.1.1:
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/which-typed-array/-/which-typed-array-1.1.1.tgz#bff075fd975faedad9ed9355ee0d15452d068794"
-  integrity sha512-IWlkoJZ4Zdfi4YBn2wnYB8AVox+4A2+Kmr4kHFAraffHYrQZFiTOjgjk9et8e6RSPZOV1QjZOC51PVCK9SkR/A==
+which-typed-array@^1.1.2:
+  version "1.1.2"
+  resolved "https://registry.yarnpkg.com/which-typed-array/-/which-typed-array-1.1.2.tgz#e5f98e56bda93e3dac196b01d47c1156679c00b2"
+  integrity sha512-KT6okrd1tE6JdZAy3o2VhMoYPh3+J6EMZLyrxBQsZflI1QCZIxMrIYLkosd8Twf+YfknVIHmYQPgJt238p8dnQ==
   dependencies:
-    available-typed-arrays "^1.0.1"
-    es-abstract "^1.17.4"
+    available-typed-arrays "^1.0.2"
+    es-abstract "^1.17.5"
+    foreach "^2.0.5"
     function-bind "^1.1.1"
     has-symbols "^1.0.1"
     is-typed-array "^1.1.3"
 
-which@^1.2.9:
+which@^1.2.9, which@^1.3.1:
   version "1.3.1"
   resolved "https://registry.yarnpkg.com/which/-/which-1.3.1.tgz#a45043d54f5805316da8d62f9f50918d3da70b0a"
   integrity sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==
   dependencies:
     isexe "^2.0.0"
 
-which@^2.0.2:
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/which/-/which-2.0.2.tgz#7c6a8dd0a636a0327e10b59c9286eee93f3f51b1"
-  integrity sha512-BLI3Tl1TW3Pvl70l3yq3Y64i+awpwXqsGBYWkkqMtnbXgrMD+yj7rhW0kuEDxzJaYXGjEW5ogapKNMEKNMjibA==
-  dependencies:
-    isexe "^2.0.0"
-
-wide-align@^1.1.0:
-  version "1.1.3"
-  resolved "https://registry.yarnpkg.com/wide-align/-/wide-align-1.1.3.tgz#ae074e6bdc0c14a431e804e624549c633b000457"
-  integrity sha512-QGkOQc8XL6Bt5PwnsExKBPuMKBxnGxWWW3fU55Xt4feHozMUhdUMaBCk290qpm/wG5u/RSKzwdAC4i51YigihA==
-  dependencies:
-    string-width "^1.0.2 || 2"
-
 worker-farm@^1.7.0:
   version "1.7.0"
   resolved "https://registry.yarnpkg.com/worker-farm/-/worker-farm-1.7.0.tgz#26a94c5391bbca926152002f69b84a4bf772e5a8"
@@ -8148,10 +8136,10 @@ worker-farm@^1.7.0:
   dependencies:
     errno "~0.1.7"
 
-worker-plugin@4.0.2:
-  version "4.0.2"
-  resolved "https://registry.yarnpkg.com/worker-plugin/-/worker-plugin-4.0.2.tgz#0456dd7af1c0de64591326fd8a08c5d9f2b5b27a"
-  integrity sha512-V+1zSZMOOKk+uBzKyNIODLQLsx59zSIOaI75J1EMS0iR1qy+KQR3y/pQ3T0vIhvPfDFapGRMsoMvQNEL3okqSA==
+worker-plugin@4.0.3:
+  version "4.0.3"
+  resolved "https://registry.yarnpkg.com/worker-plugin/-/worker-plugin-4.0.3.tgz#7c42e600d5931ad154d3d5f187a32446df64db0f"
+  integrity sha512-7hFDYWiKcE3yHZvemsoM9lZis/PzurHAEX1ej8PLCu818Rt6QqUAiDdxHPCKZctzmhqzPpcFSgvMCiPbtooqAg==
   dependencies:
     loader-utils "^1.1.0"
 
@@ -8184,10 +8172,10 @@ ws@^6.2.1:
   dependencies:
     async-limiter "~1.0.0"
 
-xhr2@^0.1.4:
-  version "0.1.4"
-  resolved "https://registry.yarnpkg.com/xhr2/-/xhr2-0.1.4.tgz#7f87658847716db5026323812f818cadab387a5f"
-  integrity sha1-f4dliEdxbbUCYyOBL4GMras4el8=
+xhr2@^0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/xhr2/-/xhr2-0.2.0.tgz#eddeff782f3b7551061b8d75645085269396e521"
+  integrity sha512-BDtiD0i2iKPK/S8OAZfpk6tyzEDnKKSjxWHcMBVmh+LuqJ8A32qXTyOx+TVOg2dKvq6zGBq2sgKPkEeRs1qTRA==
 
 xtend@^4.0.0, xtend@~4.0.1:
   version "4.0.2"
@@ -8218,9 +8206,9 @@ yargs-parser@^11.1.1:
     decamelize "^1.2.0"
 
 yargs-parser@^18.1.0:
-  version "18.1.2"
-  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-18.1.2.tgz#2f482bea2136dbde0861683abea7756d30b504f1"
-  integrity sha512-hlIPNR3IzC1YuL1c2UwwDKpXlNFBqD1Fswwh1khz5+d8Cq/8yc/Mn0i+rQXduu8hcrFKvO7Eryk+09NecTQAAQ==
+  version "18.1.3"
+  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-18.1.3.tgz#be68c4975c6b2abf469236b0c870362fab09a7b0"
+  integrity sha512-o50j0JeToy/4K6OZcaQmW6lyXXKhq7csREXcDwk2omFPJEwUNOVtJKvmDr9EI1fAJZUyZcRF7kxGBWmRXudrCQ==
   dependencies:
     camelcase "^5.0.0"
     decamelize "^1.2.0"

From e23ec43043dd7dc300f4137f6f6a92f6b937b21a Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 20 May 2020 18:49:34 +0200
Subject: [PATCH 018/237] Dependency resolution improvements

---
 build.gradle                               | 5 +++--
 camel-multipart-processor/build.gradle.kts | 4 +---
 ids-acme/build.gradle.kts                  | 4 +---
 ids-endpoint-config/build.gradle           | 2 +-
 ids-infomodel-manager/build.gradle.kts     | 4 +---
 ids-settings/build.gradle.kts              | 4 +---
 ids-token-manager/build.gradle             | 2 +-
 7 files changed, 9 insertions(+), 16 deletions(-)

diff --git a/build.gradle b/build.gradle
index 315587330..9812a5ed5 100644
--- a/build.gradle
+++ b/build.gradle
@@ -23,6 +23,9 @@ plugins {
     id "com.github.jk1.dependency-license-report" version "1.2"
 }
 
+ext.set("libraryVersions",
+        new Yaml().loadAs(new FileInputStream(file("${rootDir}/libraryVersions.yaml")), Map.class))
+
 licenseReport {
     configurations = ["compile", "providedByFeature", "providedByBundle"]
 }
@@ -31,8 +34,6 @@ allprojects {
     group = "de.fhg.aisec.ids"
     version = "3.0.2"
 
-    ext.libraryVersions = new Yaml().loadAs(new FileInputStream(file("${rootDir}/libraryVersions.yaml")), Map.class)
-
     configurations {
         // just to make bills of materials (bom) easier to see in the dependency tree
         bom
diff --git a/camel-multipart-processor/build.gradle.kts b/camel-multipart-processor/build.gradle.kts
index 490143d8f..b8e816932 100644
--- a/camel-multipart-processor/build.gradle.kts
+++ b/camel-multipart-processor/build.gradle.kts
@@ -1,8 +1,6 @@
-import org.yaml.snakeyaml.Yaml
-
 dependencies {
     @Suppress("UNCHECKED_CAST") val libraryVersions =
-            Yaml().load(File("${rootDir}/libraryVersions.yaml").inputStream()) as Map<String, String>
+            rootProject.ext.get("libraryVersions") as Map<String, String>
 
     providedByBundle(project(":ids-api")) { isTransitive = false }
 
diff --git a/ids-acme/build.gradle.kts b/ids-acme/build.gradle.kts
index 98140f16b..f8ad8680f 100644
--- a/ids-acme/build.gradle.kts
+++ b/ids-acme/build.gradle.kts
@@ -1,8 +1,6 @@
-import org.yaml.snakeyaml.Yaml
-
 dependencies {
     @Suppress("UNCHECKED_CAST") val libraryVersions =
-            Yaml().load(File("${rootDir}/libraryVersions.yaml").inputStream()) as Map<String, String>
+            rootProject.ext.get("libraryVersions") as Map<String, String>
 
     providedByBundle(project(":ids-api")) { isTransitive = false }
 
diff --git a/ids-endpoint-config/build.gradle b/ids-endpoint-config/build.gradle
index 26347138e..fa2ef315e 100644
--- a/ids-endpoint-config/build.gradle
+++ b/ids-endpoint-config/build.gradle
@@ -3,7 +3,7 @@ dependencies {
 
     osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
 
-    testImplementation group: 'junit', name: 'junit'
+    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
     testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
 }
 
diff --git a/ids-infomodel-manager/build.gradle.kts b/ids-infomodel-manager/build.gradle.kts
index 4efb6216d..041690bba 100644
--- a/ids-infomodel-manager/build.gradle.kts
+++ b/ids-infomodel-manager/build.gradle.kts
@@ -1,8 +1,6 @@
-import org.yaml.snakeyaml.Yaml
-
 dependencies {
     @Suppress("UNCHECKED_CAST") val libraryVersions =
-            Yaml().load(File("${rootDir}/libraryVersions.yaml").inputStream()) as Map<String, String>
+            rootProject.ext.get("libraryVersions") as Map<String, String>
 
     infomodelBundle(project(":ids-api")) { isTransitive = false }
 
diff --git a/ids-settings/build.gradle.kts b/ids-settings/build.gradle.kts
index 1861aaf39..a07b0682c 100644
--- a/ids-settings/build.gradle.kts
+++ b/ids-settings/build.gradle.kts
@@ -1,8 +1,6 @@
-import org.yaml.snakeyaml.Yaml
-
 dependencies {
     @Suppress("UNCHECKED_CAST") val libraryVersions =
-            Yaml().load(File("${rootDir}/libraryVersions.yaml").inputStream()) as Map<String, String>
+            rootProject.ext.get("libraryVersions") as Map<String, String>
 
     infomodelBundle(project(":ids-api")) { isTransitive = false }
 
diff --git a/ids-token-manager/build.gradle b/ids-token-manager/build.gradle
index 200d315b4..297a6459f 100755
--- a/ids-token-manager/build.gradle
+++ b/ids-token-manager/build.gradle
@@ -11,7 +11,7 @@ dependencies {
     providedByBundle group: 'org.bitbucket.b_c', name: 'jose4j', version: libraryVersions.jose4j
     providedByBundle group: 'org.json', name: 'json', version: libraryVersions.orgJson
 
-    testImplementation group: 'junit', name: 'junit'
+    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
     testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
 }
 

From 395b2d7566cc3a1254886404f2969e3b3a80cd09 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 25 May 2020 19:21:56 +0200
Subject: [PATCH 019/237] Fixed DockerCmIT

---
 .../test/java/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ids-container-manager/src/test/java/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.java b/ids-container-manager/src/test/java/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.java
index b82112778..bfc81a289 100644
--- a/ids-container-manager/src/test/java/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.java
+++ b/ids-container-manager/src/test/java/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.java
@@ -90,9 +90,9 @@ public void testVersion() {
 
     DockerCM d = new DockerCM();
 
-    var version = d.getVersion();
+    final var version = d.getVersion();
     assertFalse(version.isEmpty());
-    var regex = ".* \\([0-9.]+(?:-.+)?\\)";
+    final var regex = ".* \\([0-9.]+(?:.+)?\\)";
     if (!version.matches(regex)) {
       throw new AssertionError(
           "Error: Docker version has to match regex '" + regex + "', found '" + version + "'");

From bbfa79f751aecaec326c285a209ef978c24b8075 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 27 May 2020 18:55:07 +0200
Subject: [PATCH 020/237] Reduced PDP log verbosity

---
 .../ids/dataflowcontrol/PolicyDecisionPoint.kt     | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt b/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
index c3b7a2d0d..91c56d119 100644
--- a/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
+++ b/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
@@ -216,21 +216,21 @@ class PolicyDecisionPoint : PDP, PAP {
 
     override fun requestDecision(req: DecisionRequest): PolicyDecision {
         val dec = PolicyDecision()
-
-        LOG.debug(
-                "Decision requested " + req.from.endpoint + " -> " + req.to.endpoint)
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Decision requested " + req.from.endpoint + " -> " + req.to.endpoint)
+        }
 
         try {
             // Query Prolog engine for a policy decision
             val startTime = System.nanoTime()
             val query = this.createDecisionQuery(req.to, req.properties)
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Decision query: {}", query)
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Decision query: {}", query)
             }
             val solveInfo = this.engine.query(query, true)
             val time = System.nanoTime() - startTime
-            if (LOG.isInfoEnabled) {
-                LOG.debug("Decision query took {} ms", time / 1e6f)
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Decision query took {} ms", time / 1e6f)
             }
 
             // If there is no matching rule, deny by default

From 4c8bf37d53e5e42ebf42cb33e8a4058326cfe9b9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 6 Jun 2020 13:48:57 +0000
Subject: [PATCH 021/237] Bump websocket-extensions in
 /ids-webconsole/src/main/resources/www

Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>
---
 ids-webconsole/src/main/resources/www/yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index 4df1f4087..a2e3ebddf 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -8075,9 +8075,9 @@ websocket-driver@>=0.5.1:
     websocket-extensions ">=0.1.1"
 
 websocket-extensions@>=0.1.1:
-  version "0.1.3"
-  resolved "https://registry.yarnpkg.com/websocket-extensions/-/websocket-extensions-0.1.3.tgz#5d2ff22977003ec687a4b87073dfbbac146ccf29"
-  integrity sha512-nqHUnMXmBzT0w570r2JpJxfiSD1IzoI+HGVdd3aZ0yNi3ngvQ4jv1dtHt5VGxfI2yj5yqImPhOK4vmIh2xMbGg==
+  version "0.1.4"
+  resolved "https://registry.yarnpkg.com/websocket-extensions/-/websocket-extensions-0.1.4.tgz#7f8473bc839dfd87608adb95d7eb075211578a42"
+  integrity sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==
 
 when@~3.6.x:
   version "3.6.4"

From ad66e4368b7098ad95b775661d7a0b69afa1d517 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 30 Oct 2019 12:48:37 +0100
Subject: [PATCH 022/237] Created module skeleton

---
 idscp2/.gitignore                             |   5 +
 idscp2/LICENSE.txt                            | 201 ++++++++++++++++++
 idscp2/README.md                              |   1 +
 idscp2/bnd.bnd                                |   7 +
 idscp2/build.gradle                           |  26 +++
 .../test/resources/jsse/client-keystore.jks   | Bin 0 -> 2495 bytes
 .../test/resources/jsse/client-truststore.jks | Bin 0 -> 1954 bytes
 .../test/resources/jsse/server-keystore.jks   | Bin 0 -> 4494 bytes
 .../test/resources/jsse/server-truststore.jks | Bin 0 -> 1954 bytes
 idscp2/src/test/resources/log4j2-test.xml     |  39 ++++
 settings.gradle                               |   1 +
 11 files changed, 280 insertions(+)
 create mode 100644 idscp2/.gitignore
 create mode 100644 idscp2/LICENSE.txt
 create mode 100644 idscp2/README.md
 create mode 100644 idscp2/bnd.bnd
 create mode 100644 idscp2/build.gradle
 create mode 100644 idscp2/src/test/resources/jsse/client-keystore.jks
 create mode 100644 idscp2/src/test/resources/jsse/client-truststore.jks
 create mode 100644 idscp2/src/test/resources/jsse/server-keystore.jks
 create mode 100644 idscp2/src/test/resources/jsse/server-truststore.jks
 create mode 100644 idscp2/src/test/resources/log4j2-test.xml

diff --git a/idscp2/.gitignore b/idscp2/.gitignore
new file mode 100644
index 000000000..74007849d
--- /dev/null
+++ b/idscp2/.gitignore
@@ -0,0 +1,5 @@
+/target/
+/bin/
+/generated/
+/.classpath
+/build.properties
diff --git a/idscp2/LICENSE.txt b/idscp2/LICENSE.txt
new file mode 100644
index 000000000..261eeb9e9
--- /dev/null
+++ b/idscp2/LICENSE.txt
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/idscp2/README.md b/idscp2/README.md
new file mode 100644
index 000000000..990171e66
--- /dev/null
+++ b/idscp2/README.md
@@ -0,0 +1 @@
+The _ids-comm_ module wraps the IDSCP, providing secure communication and remote attestation between Connector instances.
diff --git a/idscp2/bnd.bnd b/idscp2/bnd.bnd
new file mode 100644
index 000000000..379857898
--- /dev/null
+++ b/idscp2/bnd.bnd
@@ -0,0 +1,7 @@
+Bundle-Name: IDS :: IDS Communication Protocol
+Bundle-Description: IDS Communication Protocol
+Export-Package: \
+	de.fhg.aisec.ids.comm*
+Import-Package: \
+  !org.checkerframework.checker*,\
+	*
\ No newline at end of file
diff --git a/idscp2/build.gradle b/idscp2/build.gradle
new file mode 100644
index 000000000..a781231a9
--- /dev/null
+++ b/idscp2/build.gradle
@@ -0,0 +1,26 @@
+version = libraryVersions.idscp
+
+dependencies {
+    providedByBundle(project(':ids-api')) { transitive = false }
+
+    providedByBundle group: 'com.github.microsoft', name: 'TSS.Java', version: '0.3.0'
+
+    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
+    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
+
+    providedByBundle group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
+    
+    publishCompile group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
+
+    providedByBundle group: 'org.asynchttpclient', name: 'async-http-client', version: libraryVersions.ahc
+
+    providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-server', version: libraryVersions.jetty
+    providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-client', version: libraryVersions.jetty
+
+    testImplementation group: "javax.xml.bind", name: "jaxb-api", version: libraryVersions.jaxb
+    testImplementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
+    testImplementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
+
+    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
+    testImplementation group: 'org.mockito', name: 'mockito-all', version: libraryVersions.mockito
+}
diff --git a/idscp2/src/test/resources/jsse/client-keystore.jks b/idscp2/src/test/resources/jsse/client-keystore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..1a296db9f9a1a905aab56457e5faa5aa0c55b332
GIT binary patch
literal 2495
zcmZuydpMNo8=i0G8^<wB4kJ=SA>#ARgpqQ}tWi0Jgqn<DM3d2&aY!|qU4u=Eu&Q;K
zhH_R8VJl;&mBK2uP92sJ(m^_B5j)!7?zO+`+CSdwdhX|azx%nL_qxC5U7TK=Mj#MK
z`2xN!fGCdw=Uu3K5C}917Jy4IRzYQh0ssQ$NE`s55ugBkxsFG{-+JtqYWmQ0{<lBc
zsqC>N>YHI?iYR*_B@Mmx!`ttg+W9?Dlb=!Z8xLu^rKg5U1@|%TMeLRVnTb>%(XEHC
z+iHMbZR0$e%5pJFBkc3EFBJPYo*9^a9nAi)Qf9lwE^M&b=6vNlyp^ZlE)Bg6Nko4E
zU631*>?2Ll40u1>uUW;`YfXr{HGDc*GH@r?VyjPH)LS1rrTpeT7InC*<!Tud<cf1v
zq96NDNPKaOFzLNDt&yx!dn1d0iYJ7k8H|?cVM^9a7P!uu;O<=CWJ=4Q(Nca?MtZBO
zF!;H*HDV-5&;z2yEAD#*tG<IawVHE$gUnC*Z4jO3&<rzu>%v5mOozTJ3f|FS{%0sz
z--dKVd4Ew$l=LMe6y5()EClCwP#-e%ks@k`#&%nBa7|76WwW?*Jk!O^=g50%Zv^4B
z5AhEyK6My5IV(CW>lzJI3yUBThfTUqTc6bXUbZXf0dG%i?v`KYH*2ec+!I=s{a7Po
zvcl?+IK*vpjH_1h1YXBUdeFGc<dSYy;jzJul|pja(o=hlO{W{NW<)*J<VKMb|A(dr
z8EWF~CfWT?%8#}eLF=Kz7YU28ZtD)>gM0UOyLhZu0gXjz#EvfovTo}XtM0xaSrU$9
zV;QP!7;2~_z#40{aCeV)(n#QVk^<th?v+&WVk|Y}Y(lkH#dgxbs$clgzGp&aL&}4V
z7jfk$2v3@#y3ejUTU30ded1K8+qg?wwVT7OngkQZYG-uKRHc7(W(JAZEIki7XFHGP
zNZBs}FA=n(bJI#|(`);$k2YL3Uhpb2^i0O5{2rH0p0XA|w|V!Kl7y<6k07|Sf4krk
z=i|_=7Nu8XHG|ar(9b)HCT&DS&TL?I7DtWG$F{A4<I^3H+O6riKGEx^=adfiPx)W^
zVjOhPO!zJ`J+n}PTSFFIj8gR*_3*CrV(&ezyy2D7_dJ2YxxnE;$AC!8in?=4&+?r*
zR5RzoW5+YjW&84nPVKwc8@MZbrGwza28{qkuOrv57cz1%({~2Sw|2Ffd1|&le^XgV
z?#=k2XT<g)Z@?qcAV|1lqN$1VYnB;ir@F_7qZvIWKD#Pezf0XqDY;MYz_comh8XLv
zrkLbiKk8j%J-s-g(<Uva<e1+;CSd8#V%0f^!UN);j@!qMO{{<TQ%m)FCCF!I<Ip}M
z!^qHWmSrj<CX5r3m8s-e*V|e*Qmom(<X9nEZfDl9sw6^-XBz|WUH!Bd5*;sB|4FTS
zS6@p>dREQCYm_6s$nlA|(_{Y1u-}+dWAyY;KtJ^k(n+JA^zEVMw_`v1w3^Efs4=UU
z^$Q6D{4ow=^Q@Wg0B)bqFwXE*1EQhey8hTjN6C+$>eqILCuLVMV>bq2ltVsrC0FWH
zG2>?fjA>cVN0+QaT5Ood72DJHSg?1M7Ch>X)4b+%w>44rgM@#iR4@P3$M7I}P~@?h
zw#OH9v3zP*)h!zDy<N$v6MV6K1s-EF7d~1(lGo6#58=m0ULP9<#_nBkxoU6U@w|C{
zx4W5Wskz<QNa>!gx5EfZiUFl$?dVSvQ$4lsoCcFSXn9$PxjSB>E64P^RZ@2d?LL@g
zx6Le09${MEOqQ*sxw^hpp2)_PIKQ}Z`=xH0uz+f`y~8Nx*~w4d!8=G0PnT6XOZz$%
z(YqlVcoPBv9+pqUcvyg<m7tIS5(xmXnu4;q&|Uah4FFWp2zWD56;@V21%L{gNXj=v
zO&GTfR4^)T96B#%KbslBA>v`}<s=G&-A3^v`0>JAT?izYXbZ2#s}XI9FiBp^2DY&d
zmP5OLLHN-BldH>%%XySA3R~$(5u6wz4pv`IC}Na6c@Z&;{Sh($EdUE+md~kT&@S8j
zzHue4gz<j~()fxA%d%WqQ4uj*SO6IPyG8l@M+pFRggmc;6aWC?asBR1AN=NXHMb1a
z)(Y_h2M=cirC^%poAy$Q?l6PduZJ}+opQklsmj)peLdkDqOek@`A0)B<Ob@t>hbyF
z2ATUIkMEY6y*QFCW40jA;MVLK%TNN_t8_5h-%!1Ex(zySCS6@;>=2bun|w3rl^^r&
z@H$QQM0{e>q0Xt;myHg2`QbOM0`i|&h~KCjP12!iKiwI0Eb%i5+eiVNb~^Tyn~FvE
zY2Wh`=5z^t@drE~d@OOTf023jyX5erSAF&2zUd-C+gym{&*BR{(buWElPa1USCJ`U
z^puI+El}Frcx0W3EAj9D<QQ*~n0VlnxbWp4{Q76C%3@j9Q6vgL0Ac~)DZi0zuz~y<
z4X~gNsD(Y-nPYplpV=jF|FQ1c2)$+Za|FC*d3!CW3+tq4y-)3+6l+{+tIJ~f$0-uK
z=e^^Oe|3(5CWwR)u<G(zbr3`$(Iqf>8LR<e7=kTI%uCh_P4;uSvG!J03=RvTN5w@j
zAm%^*g2E%LqQc`K`5x@Apd^30(P%{g0Nr6XnDRG<kwUxwafGuIVpwdt{EPo$;;`9V
z2AvVX;VxSgS`Pkd(-_o&wf?3<A^(X0*kxHQ4z!2u1j;NngU;H|j^hfHi6k;4ZvY|+
z2y%H0c1%nJgUjapSJi)8PX1TPEe9a{wI%}usOfD*QnKb|PR7vd<VnjTcMH5*Y)fRN
zE_%LpwF&2dfmVYp?nYbpO}Qa^a(M1xX}{E}oq3T<ESvYGv9vlHi;rf@7ScWTzB<rq
zsPsPix5>?6ij50vnOnyHfG@LnZ8^?sS7c0uwuVHiJiSMA;7;)sO-O0(A89A!Yo544
zE_sl5FnwnxM-=d;ckc9sV>cg!S*YYN3NreM>JM*p?=@XjF)ZPS5R}JfPIvZp9&Wgy
zeZ;dwZ|7u{wny~ueM7-&7pm*7;atnTCh%W$#XHQ_qFz8X75h0jS;4`eO-r@!Ayw-m
vzBj!eU8}##_KO;_e`T)owl{P|`L_lqUG?i05<5)mu+0@`1t|N}%b|Y)9u*Bp

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/jsse/client-truststore.jks b/idscp2/src/test/resources/jsse/client-truststore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..eebd40f4c4da3ded8f6a3a60042f0812e1a3b4b1
GIT binary patch
literal 1954
zcmezO_TO6u1_mZLW=c+EU|<aY?WpyDfi*(U)WDK~fjQBji8<DwiOF>VGZP~d6DPw*
z#)ZZgw$)V{@Un4gwRyCC=VfGMWo0n1HRLwnWMd9xVH0L@aWxb+5Cn0!c(~k(5=-+k
z^3zg_3?&W3L4wRY0-i3x3PJh#B?``t3PuKoW(IQNyoP3m21Y<zO)O2!qr`cQL0khU
zmr~=K7?qG6%*e{X+{DPwV9><K#ni;e$Z+q=8s%Rn=ev9pjfhRjeDk4v>IbQ53xn&{
zeeaKbu+wmVuBJ0fL};VO;gva4Z@b++dT+b$;;*OX)!HjXDkL9CG?IDVRCS@>JAlD+
zQS1B*8l^wHH>KZpSRLCT%(83y;r`<OLdMIfCp%C2Kby1lV6@Vd9TUTBR!RT4>Xey1
zX-?8|%`1w__l344{FYAL%D(8+zth|+g7){`pFj7t*(BBGS0`Vqx<xYoJpYqbzk`|6
zVDU@Q$Q?T)l7xe_873wlnkpW~>J=a`|JCzdDJ5mXkD`xyeE7Hf4C}H7GT-kP?00S!
zUn_ZZe$Rz+^Rh>rZ}`QZ?%rveT5<MW)ieIwRT2*c7&1*nnV1<F7#AlP#2Lr}V@Q^d
zMT|wHdWP(#|BYL2-#8R6+tIaFDo8g$$3Pw=t;`}}Al86g0Y6BAFeBrC7FGjhAZ5S}
z65wZH0j3`}<TwB(8ekkSGQ{t?Kl8zYU+i1&2Kq-R*Qq<+o7r_=#Wl?QulV|;X_wdE
z+Ow81rCM2u!+wRb;q<L$s~>-Vc3@Svzn1d@mwsQVDx-U;=gzJO+&p)d{L&}ed8<o5
z1>U`Xv|J#?B;5Znv+J*;+hQk1?0mFAL*VBkhGn0oy6-JKaMx1zQjG6;y{mf5_U;oq
z=5xThx|sQrj_|6Pk9aRFozpT;dd|GS#?rYRr3)we=>9G}b5TZs??t0U<_qC&O_!~U
zGQQlsHBY5))7x$LFK@Z{fb*irqcd5KS-Oigk1de?SKU{eXzkPVXS#ULw+C%|H~h%?
zyypHt^*L(h7yH*`oQkgbvfbwmht@6W<9qtT&A|DOwYW41mi>$lBeLHMVD@_g%zkGe
z*^iMCIRv?Bk?o93fZ5I%mhG&G$kpNoqQEEy=4w7rt`06ug5_yKneJ6~!Vb}x`@eqN
zQCPSADgXLbaml@!`^sneB*$HN^6==AiD{RXP0df`5%u{K*ewvlx;MCTrEOz@gNwiD
z@1I{@IoA5{PVTyEQJ|=JqI+{#<Nx!o6c%p`?^E;4US;92FwZq3NTF)&o8#f;VegK%
ztXu4EwDC|zRL`7vi|QkDGBxLYFi4yA!aSpeseH0g%*G?Nwrvk$Zy)N`Pqg&-8eH9e
zNH=1tPPW~x9L@Zk2Ub^)X&5qBG5u8B?qt{66jAH>F(zj3fhglyE1tE#+^tn`Q8c@*
z>~(?bwvL<bH#2Wcdy?(#uCeu)McUCh{o9yky?H9$lIi~7+^u7>R~r--eo0>#U8oAl
zbd4Vj8s8#iyU(phUFHic-?zRmC#0C&@bqv0;zr7{U7LY9C=bfB7#Qdo=q%7$pwXt5
zQBqQ1rLUh{l%toJS)7`zmj*AU^-@yxGgFH7fN};QY#iEb!1A4)k&(s2z|Ft~#y4PU
zvw)hBl3$*elb;CGfz6~MU@4!Rn4DTv0xIYAKn%1r3@!!cuJ4(^`8iPfliCE?!s!nE
zG9S6pZ^Sh!d%j(@oM&Q5#<j_@8}#}^t)C>XFYD51=`u78&@%dR=X2lBHEjR%|Gxfq
zld(MM^Cp|32YnOo-8-zi=Z;LA*FuT!RzA)9k7if!PFvdZa>LW7C9kF&SjJTDRx`Kw
zNpFL<;!AFc$4_@Smj#L~+|;okV_k9cjra{8R<2ao)2g&_y-=oAo#OZUHvjx9J<}(o
z*nKLJxi*O}Zq>$kmbhR?g9$ltr;bl|-Ku4G>1SK|SG@!c=Q(i+MVGe9&Sh79EZwkm
z_PsrBqM|EXvr6uS@Y%gx!XY?sYiv*Z!4~nHT;H^*$E!}u96Zz4qxm$qaG`0!$_rC&
SIRsq4$r!~{@WDl3D?0!nu;#!3

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/jsse/server-keystore.jks b/idscp2/src/test/resources/jsse/server-keystore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..5e8f8003fce1cb4f166cd15a7a359cfbcbc20c16
GIT binary patch
literal 4494
zcmaJ^c|25Y|DMe<w#kyE?7N6FjGeL<CHt<ijwL%2MigU<kiw&c?6OCQEXmenmnFMV
zWEUaX->K(ap7;GczuzC{^SQ5c-}iOC_xF6y_qxu>`pG&71cLnY0)xnIVX#;n2n2S1
z?D=yS1R?_ic-S#OM@}V54u*j*K<L3>G7t<8Tej|g@!<ph>d%$&@9Di+iZOxG9G!BW
zQMqk)RKwU^o_f6&^(orgd{=IiFL6cpf>9%NBCgMPcRYZiov7LTz1C8W%F}VM=A1Mv
zE;y~p;q_v)`%|n$%eJ$v*@D8Y$&x*vn~jJY`@U|f%ZfLndPei9w`JHxhl28~On&t4
z58{7n!yZW(ouSg=nak#qU6)~4yZyDUbtvkJn!n5Lroc`PZ`Hv^)0^mUELE;@h!i0{
z$F{biv65eJR^I<*wt2|om95KfQ~O8IYu_y$=jreB5O0XeFvMvTn(prf+&A{E(q-U3
zKo5x=vGE*gsIxDHcAg#yxnxC^HqM9SgXS9Vf91No^@UgqoUvi&B%?nZQS2%D1H=0r
zox-g6<bD)^>mW2g!`#35t^^)?Ze+S@2Q@dR@S^KXGTk>TTbxP$-E~pb$|8#Fi4(t;
zq7iNC`--YsbjzZ(X3px6JCj^AW|6Y>Yi-L1$A`2oI_7FQ(OcZq%`zCZrTw=a?@zWM
z6lGC2_4GZ2S(3D$;x2J=uZGp0>sbtZFUjXf_APHpDn#iG8`WG<e1nuf=Zs=+E)VtP
zpE6Y8$u6l9&qk}0B}Ec74E1_St#clzSAkpO4?_1pY2Vyt!S*s1ZO3lUy?KwLj`Z+I
z&W*^~=hNXOyzw{58_ft~?em@ss%sMn(ApP4e7@+od!QJ|cfBwAiivC7XUf8NFS=;u
zyqAXahr4fwvUW%hk{Nz1BDxP{eo*<`ieA%sNaV0F)GOm;y3$(J*Gq4JkBeyIVftyu
zshdPG@$y7x-76)<qRjrubIp-XYZUj)?dwPn)g<9U)h`#B<A#3vD9XjI#7KH~WtR2p
z>lnIhSb}`0RAY_mtZszSk_Y)+O9)cZv-Ev!#6%xH(#ZO;s+8pkS7jh(IW145aZP?}
z3sz}RuvK@#-9TA7SJA(N%$L4HNAG%jx4!Q5v{>P@*>&5GSG3}18(*?l%axpNSoWKa
z4BJ=O-#jlleh~F&K0czIn*D65fjWz0kdK-?P;v2khF4lw^}+G*B<mM-w62of^7!2s
z@J)p{H(fV@8)9p%@#TFVG$httmf2ILE-lBzzE7|Zi1qv#ejKCRdoX#fk#Cf7VSAV&
zD2V=~QImc4(-Qd5Q6wlfhN6E(L<PwfSr^a1a{ayeI_#;SE3O6^c|rW$Y@TcN)YGX*
zt8fjQrlbH4F~+j)A)!Y0mriFb^IexI-c&8xc0`a}<_t4JC1f<YyYk$s^~xi(C-3`U
zx(67Qn&{O1A*s(ZP9aN^j5<<}g~aoxSw{LxduFv?k1fOWpGFYrE6ZI#($8uCVD!w8
zh0U?+p|9)8t9Wx2E!Hit4hR%#R&dDnej?ypVj`U%@rIU}lf7c7s|s^Ihn=H_8{HFN
z7?nL-OL@G+?6OJvilFdV+a-dZ+K`&Ar=1kr6pfnoLt#-kBzTlb^r50=tunnbs>ig$
z$57*fPG*fMdnczSYNiyKWT}7eTh&1EX~6W1b0A?o>{!WZ)%rI7KKRhf3440_7V^kV
zT?=%;ciG5s^<9;~^Yr^V9y*J>EJsD-`?P|~S$&<%p2C^c7JNfl!3M`Oo}U+Y`8GFW
zd-vq>!kO&ig*jRIuQ!i9Npf6>zeLp36?sB<{Ob9w!IpVA^^A!uf%}|3zkZ(tsW+1P
zqPe&<AW!O)F919w55R-tvY-$!1Ol_BSt0<m<nRkoSEKf5!C-1K5Ws|F0M3v@O<+(O
zxVx8wox6*d9~R(bp+(9eB>{OP0HCC0EJ;xQFYy1^g$MKgm7dgmp?EL?M2dh4f(L^^
zaZ+|$)klUm^eQYXO-?JP3WIlWqXaeGQB4Xq-Q+3vdCxAt`=a-15R?Vw-rhs%#8!R)
zmz=h|@gw(Ivy-Qi<bm^)>nhimj@M@93dMw|UWr3kGN1TCxJiP@S+=yx<H3S5KIXNy
z!@`TBUy;)96ddn%ay&{vHjm5~qGkpu$m<vjh>6C_l+R_qTn*PHucVcxUvPiZ$v&dz
z^YXkADgbJ78z=dNaG`v$G@X5~AeRv>-qs-7G2G)FFFeb9i(aKa&V#}uc}~gREIM`Z
zdR@uFbVz5s-z&j<TGZ}n!8SrEn@A`P(`3^WWzxp*W<p~Z;+A%~uEr=OU*u@chCsm}
z@Lw}TdI6*ifk9&A2TVFoY91z9febQMLu2@i5ie{z!jqPc-Dsg1#D$H|fV|gUL}z7e
zAQ#WPW-)677dD&EXg!dlWRPbdffn~<ZFS@ZZeyRwr3E{GU?w1Vpeq@6o;m!>%H0<b
z?4qY>wrPwaYcyR{QkY@QYiY$sqxPG~s(8+0HRT;E5&!Rt8G?hF!Pi260GGBB33(dt
zeoknfAKTOdD!aKxi+9>47J4ONDDUfpN%w&cgyl=F-4Fhb2+Ne&`3?W(12ucfxz(TW
zvTrqg>1Ac67GzEG)u26^#9~@<8#^iJ+>zc}>lTxfB*e?;iI_LeZj;wai_qTIB{w9P
zA+@$GnVi4N7K|hnui2q0w1y<*P?D6N{*9Eco>Pw!o9DBj$*%v@n|PUSCDn2s!5`Xs
z;zQ%vM}bz6<mcOz(IQjlFHkW85^nh{FrG`RJX*BP^br)u|FRTvb}BNsX_8oae_^{O
zp5yd*@<d%<+4{|dYo*_n)U>ndN^=6%yO1A?j|B3uuC|});#=@%ZlUeAW~#EkZ7rc&
zhj;o$;>j`X*yp_;m<s~CYPKkrUP#<bu}AVgtaqwlsAaZ);C+S9;aa+l24@nx>HtA-
z<umqmu<u7i$}!uH>ZaaY+V;<ewI+s_86$Ri)E~O44My89^UvdMu}sEFsVcXnJeXlH
zJYSaq!z3+R#&6`MJ{d%RO1wB9&|YLGGnQApFSg$-mL=0vV<%0g`da+K*l-rX^!BqJ
zh}WlutnnmDUn{%ZcPIVM1v^6ghTF5~JFmFzRPa_7x9Ol%c^FIzgc4V=0ntw1+@CFB
zUd)PaJcO7Uu(?_on{HCBy4Gi{4>%Mm7_xo~>i}n&+qNN|NS~@hvXlsP=ExuYW2y3C
ze%Ef%8x2*RX&*l>FbZyr^)t=M*%(Wt|7`O4xNjt`0oMXk(3=8{-8-B$4(X#-FMCB^
z0eUu~6GYRIvk}`q!;cRxcA3k`UXesg6isCgbwJ-gy98cNHE%QKI!m}0W%w>Jv&!Qe
z2T$;7{5|6BhCM0%{u)O7hFKw%S4x)7;hT^EvY)Xo0gltjDPoB3^|A145^bx0Ja1Ou
z!yRdzV_N$va|iy^i7n>RgbI6s^uz5lIM{Yh^RSq|VronVWv~a=BmGeSmCG){Qy{5w
z^kEXUYj@lv`7pWMZ2dfYr>|nc6~TVL2Q!c?-B3}#QL0CrI7)#}tpV%~M#m+__6Oaw
zz2kG*Te%X>i8d~B$z9?-<?(hq$M#W%3%m=vN@W>xktyqIyE|rsJMmq@#fncV>W=g_
zjf=}z#g*yX$g6CJ6?n$K_c;0_pqV~FQy-+`Xtdv2mMjUip?aRN7E&KXD1Iz{xR{)W
z3U<)=bc5$1CZ+R?ueYRlf(6)(z*qWi*v=-o!Bo9(-=>%Wr5)$RZZj|;Fj(T~H_tHH
z6A}bqFlp#A=MF~g`#y_}(SuwRFQwycSky!x0r1>|XK=;U&Z#47v(7SWi_xncj!fqM
z)D`$NR$TL@+a8vwg@O=pf?G7KuLt46aN{xC2sv+l7V~N4{!SY@v53qoP4MU?BcJ(l
zTB@zDQRf>jsRm}Tm9+7`-c1!8-+N)<?cSy){5;7)0)F$sSZV&8v7&0XesQdm+-9en
zk~D{g-`X&|xaDP1^Dw4y);h_+Z6n~I?xOWjHPsGfw3G~AMY(WaJEf6`g=bEZ49C)(
zjJxg;=rf{r+I{asD;&6+c9=20<voBBdeCG5cMJbQzFPi~IO6cC7$GrZ?3hk%oY8Zd
z_za=0zoViwrAP5DEZ5+uP4m{vU5z_#+1?gHD_1&1ubbj^-$AMb6Qf1oS&mNV^o2N;
z@6q*@y-#t@%x0IU(=^K&LY;c<5DD~_YL0SUO<Vh(DsraXK|&%K5jKWC@Wks0uN*JB
zaNlNcllmUd+i-<Xm7yCwx-TOXP4y*rT0+?(U3OM{juD*mp$d(<q?(sa{oT+v_qB<#
zhSSw=qH*ca{0MG+)vmz}bDz}DKL&{q$oeujs7y~qdNtO|+2nYlrdp*2`d?xW3nFzy
ze*h0f|0(9+{}mEI5lIcee<?XRBSb?J$q3N@0#r0qTE2F-Jzcz<Fuq6@;Ow7TPp7S6
z#BFrjUR{-25<trQ7JL~bAW1R~(txDgFTt1l3j}=rn;bz>F%mf?4Y`^f4&&>Iqz4ec
zZcxxr>fXk9I=Emw|2_aZfacdaY8o<CZ6i%}Bpbl;XFz9uWA5K!VSN2Dz9iT1|GSA6
z**fiSy6})1BcfG&<jw_I;p7L-6O`PID1-)J|1^v|Axzh#8LdTQe$Q-%v4N2I<7*SX
zO$t9h8lt6jrU_ako%RFGEXB)xH8QEz_&np+8)>k9yGR|)gE~K$+TMD!SOfFdF_U#C
z@)TWvekgb~+VVN~`Uh9pqx$#LiY&!~^l(i?)A}cO7laI!vN<iz-*wr#Xe(7YY~49a
z+k1l=e`PJj53;ld(~PtpP0(tNVW|x5@VZwWbl<(*9KEp;0~$IHE$`&8U@h@iVo+{c
zRdLVt82F<rqGL^g_+*(?B<s$di}}07V-)jWEd@fuq@{_7<c&-dgWAI3z%K#6-9#=P
ztV_z2Ho!qjBL^Lf8OB7AH;BPXpO#R_G2mK?<5+ly!cYL$uW3FQE5IDev>n-@@%&6-
zb47x?u^$Dp`%up>?04mGFv1`J2%!G876F4nA!J#A>@UCt0|0SAEbBs+aFn167VE7b
zA>rWbE^g=Qhj9>h`geVaJ7OeU9sR^fbAT~9CFwVujEn*dhFt};0F8fP01_qlPYy?~
z08e)>JJOE7WAgR#!aCSFV0^K^N>u#U;Ll?Uz?cE1f6+l9{~mz>)nC!l!xR8H{D0gm
z9*&fh6(=1)9Es;9h3DYq>4|Z`dinm{Q~%DM`3s;kUN?*q7Qs0wwmkLH<elH&@y>L*
zma5c6o-efVE~Yg&OiQrtu`UdGB-6QDe<;0@HqaD!;!0C2q|N-y<8Ey}N^3;^jhH3h
zF4}i*FR;gz@o_shl<to#uOC^p7E6fQ;(CGIyi%jaiV2k}R@2~caFgZ7O_^1iYvqe|
zRufigAFwEck`_t}8K591Wo`MMX6fU}2r(h6k}VW3uWM>+REXbn;Q4OXTn@dYs)U3#
z4jbXtYJ>!5ku8WFx9SKl>oQ6z-&L%{QZo;v$7v8?nKXv#E3X<=N10LP+32D|Ul~q3
xTi2Z}@4K}q8t80BrK0L4(d_Gz*0VRpzE<O_#slAL@11?y7CZln$S;{9@eeUh$Xoyb

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/jsse/server-truststore.jks b/idscp2/src/test/resources/jsse/server-truststore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..83991552129b62a062ead9631d1d6dcf07038ef5
GIT binary patch
literal 1954
zcmezO_TO6u1_mZLW=c+EU|<aY?eK(=fi*(U)WDK~fjQBji8<DwiOF>VGZP~d6DPw*
z#)ZZgw$)V{@Un4gwRyCC=VfGMWo0n1HRLwnWMd9xVH0L@aWxb+5Cn0!c(~k(5=-+k
z^3zg_3?&W3L4wRY0-i3x3PJh#B?``t3PuKoW(IQNyoP3m21Y<zO)O2!qr`cQL0khU
zmr~=K7?qG6%*e{X+{DPwV9><K#ni;e$Z+q=8s%Rn=ev9pjfhRjeDk4v>IbQ53xn&{
zeeaKbu+wmVuBJ0fL};VO;gva4Z@b++dT+b$;;*OX)!HjXDkL9CG?IDVRCS@>JAlD+
zQS1B*8l^wHH>KZpSRLCT%(83y;r`<OLdMIfCp%C2Kby1lV6@Vd9TUTBR!RT4>Xey1
zX-?8|%`1w__l344{FYAL%D(8+zth|+g7){`pFj7t*(BBGS0`Vqx<xYoJpYqbzk`|6
zVDU@Q$Q?T)l7xe_873wlnkpW~>J=a`|JCzdDJ5mXkD`xyeE7Hf4C}H7GT-kP?00S!
zUn_ZZe$Rz+^Rh>rZ}`QZ?%rveT5<MW)ieIwRT2*c7&1*nnV1<F7#AlP#2Lr}V@Q^d
zMT|wHdWP(#|BYL2-#8R6+tIaFDo8g$$3Pw=t;`}}Al86g0Y6BAFeBrC7FGjhAZ5S}
z65wZH0j3`}<TwB(8ekkSGQ{t?Kl8zYU+i1&2Kq-R*Qq<+o7r_=#Wl?QulV|;X_wdE
z+Ow81rCM2u!+wRb;q<L$s~>-Vc3@Svzn1d@mwsQVDx-U;=gzJO+&p)d{L&}ed8<o5
z1>U`Xv|J#?B;5Znv+J*;+hQk1?0mFAL*VBkhGn0oy6-JKaMx1zQjG6;y{mf5_U;oq
z=5xThx|sQrj_|6Pk9aRFozpT;dd|GS#?rYRr3)we=>9G}b5TZs??t0U<_qC&O_!~U
zGQQlsHBY5))7x$LFK@Z{fb*irqcd5KS-Oigk1de?SKU{eXzkPVXS#ULw+C%|H~h%?
zyypHt^*L(h7yH*`oQkgbvfbwmht@6W<9qtT&A|DOwYW41mi^vFA+p~KVD@_g%zkGe
z*^iMCIRv?Bk?o93fZ5I%mhG&G$kpNoqQEEy=4w7rt`06ug5_yKneJ6~!Vb}x`@eqN
zQCPSADgXLbaml@!`^sneB*$HN^6==AiD{RXP0df`5%u{K*ewvlx;MCTrEOz@gNwiD
z@1I{@IoA5{PVTyEQJ|=JqI+{#<Nx!o6c%p`?^E;4US;92FwZq3NTF)&o8#f;VegK%
ztXu4EwDC|zRL`7vi|QkDGBxLYFi4yA!aSpeseH0g%*G?Nwrvk$Zy)N`Pqg&-8eH9e
zNH=1tPPW~x9L@Zk2Ub^)X&5qBG5u8B?qt{66jAH>F(zj3fhglyE1tE#+^tn`Q8c@*
z>~(?bwvL<bH#2Wcdy?(#uCeu)McUCh{o9yky?H9$lIi~7+^u7>R~r--eo0>#U8oAl
zbd4Vj8s8#iyU(phUFHic-?zRmC#0C&@bqv0;zr7{U7LY9C=bfB7#Qdo=q%7$pwXt5
zQBqQ1rLUh{l%toJS)7`zmj*AU^-@yxGgFH7fN};QY#iEb!1A4)k&(s2z|Ft~#y4PU
zvw)hBl3$*elb;CGfz6~MU@4!Rn4DTv0xIYAKn%1r3@!!cuJ4(^`8iPfliCE?!s!nE
zG9S6pZ^Sh!d%j(@oM&Q5#<j_@8}#}^t)C>XFYD51=`u78&@%dR=X2lBHEjR%|Gxfq
zld(MM^Cp|32YnOo-8-zi=Z;LA*FuT!RzA)9k7if!PFvdZa>LW7C9kF&SjJTDRx`Kw
zNpFL<;!AFc$4_@Smj#L~+|;okV_k9cjra{8R<2ao)2g&_y-=oAo#OZUHvjx9J<}(o
z*nKLJxi*O}Zq>$kmbhR?g9$ltr;bl|-Ku4G>1SK|SG@!c=Q(i+MVGe9&Sh79EZwkm
z_PsrBqM|EXvr6uS@Y%gx!XY?sYiv*Z!4~nHT;H^*$E!}u96Zz4qxm$qFj`}+)3Qdx
Ss}t|%#;}DMPmB>*G!+0m<K|od

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/log4j2-test.xml b/idscp2/src/test/resources/log4j2-test.xml
new file mode 100644
index 000000000..c160b2637
--- /dev/null
+++ b/idscp2/src/test/resources/log4j2-test.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ========================LICENSE_START=================================
+  Camel IDS Component
+  %%
+  Copyright (C) 2017 Fraunhofer AISEC
+  %%
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+  
+       http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+  =========================LICENSE_END==================================
+  -->
+
+<Configuration package="log4j.test" status="WARN">
+<Appenders>
+    <Console name="Console" target="SYSTEM_OUT">
+        <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
+    </Console>
+</Appenders>
+<Loggers>
+    <Logger name="de.fhg" level="DEBUG" additivity="false">
+        <AppenderRef ref="Console" level="DEBUG" />
+    </Logger>
+    <Logger name="log4j.test.Log4jTest" level="INFO" additivity="false">
+        <AppenderRef ref="Console"/>
+    </Logger>
+    <Root level="INFO" additivity="false">
+        <AppenderRef ref="Console"/>
+    </Root>
+</Loggers>
+</Configuration>
diff --git a/settings.gradle b/settings.gradle
index 54d1250e8..322be4211 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -17,6 +17,7 @@ include ':ids-route-manager'
 include ':ids-settings'
 include ':ids-token-manager'
 include ':ids-webconsole'
+include ':idscp2'
 include ':javax-xml-bind-patch'
 include ':jnr-unixsocket-wrapper'
 include ':karaf-assembly'

From 5cc8ac9b6fff7c307454054c2d996fdf13ccf136 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Wed, 20 Nov 2019 17:38:17 +0100
Subject: [PATCH 023/237] WIP idscp2 TLS server and client

---
 .../aisec/ids/idscp2/AttestationConfig.java   |  15 ++
 .../idscp2/Client/ClientConfiguration.java    |  12 ++
 .../ids/idscp2/Client/IDSCPv2Client.java      |  47 +++++++
 .../aisec/ids/idscp2/Client/TLSClient.java    |  68 +++++++++
 .../de/fhg/aisec/ids/idscp2/Constants.java    |  23 ++++
 .../ids/idscp2/IDSCPv2Configuration.java      |  24 ++++
 .../aisec/ids/idscp2/IDSCPv2Exception.java    |  11 ++
 .../ids/idscp2/Server/IDSCPv2Server.java      |  59 ++++++++
 .../ids/idscp2/Server/SSLServerThread.java    |  31 +++++
 .../idscp2/Server/ServerConfiguration.java    |  13 ++
 .../aisec/ids/idscp2/Server/ServerThread.java |  12 ++
 .../aisec/ids/idscp2/Server/TLSServer.java    | 129 ++++++++++++++++++
 12 files changed, 444 insertions(+)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/AttestationConfig.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Exception.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/SSLServerThread.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerConfiguration.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/AttestationConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/AttestationConfig.java
new file mode 100644
index 000000000..bffae6d66
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/AttestationConfig.java
@@ -0,0 +1,15 @@
+package de.fhg.aisec.ids.idscp2;
+
+/**
+ * Attestation configuration class, containing attestation suite for supported / expected attestation types
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+
+public class AttestationConfig {
+
+    public AttestationConfig(){
+
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java
new file mode 100644
index 000000000..4ffd490dd
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java
@@ -0,0 +1,12 @@
+package de.fhg.aisec.ids.idscp2.Client;
+
+import de.fhg.aisec.ids.idscp2.IDSCPv2Configuration;
+
+/**
+ * IDSCPv2 Client Configuration.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class ClientConfiguration extends IDSCPv2Configuration {
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
new file mode 100644
index 000000000..eec54bb67
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
@@ -0,0 +1,47 @@
+package de.fhg.aisec.ids.idscp2.Client;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.net.Socket;
+
+/**
+ * An abstract client implementation for the IDSCPv2 protocol.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public abstract class IDSCPv2Client {
+    private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Client.class);
+
+    protected ClientConfiguration clientConfiguration = null;
+    protected Socket clientSocket = null;
+
+    protected boolean connect(){
+        if (clientSocket == null || clientSocket.isClosed()){
+            LOG.error("Client socket is not available");
+            return false;
+        }
+
+        try {
+            clientSocket.connect(null, clientConfiguration.getServerPort());
+        } catch (IOException e) {
+            LOG.error("Connecting client to server failed");
+            e.printStackTrace();
+            disconnect();
+            return false;
+        }
+        return true;
+    }
+
+    public void disconnect() {
+        if (clientSocket != null && !clientSocket.isClosed()){
+            try {
+                clientSocket.close();
+            } catch (IOException e) {
+                e.printStackTrace();
+            }
+        }
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
new file mode 100644
index 000000000..fb657ced1
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
@@ -0,0 +1,68 @@
+package de.fhg.aisec.ids.idscp2.Client;
+
+import de.fhg.aisec.ids.idscp2.Constants;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.*;
+import java.io.IOException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * A TLS client implementation for the IDSCPv2 protocol.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+
+public class TLSClient extends IDSCPv2Client {
+    private static final Logger LOG = LoggerFactory.getLogger(TLSClient.class);
+
+    public TLSClient(ClientConfiguration clientConfiguration){
+        this.clientConfiguration = clientConfiguration;
+
+        /* init TLS Client */
+        try {
+            //create and load KeyManager and TrustManager
+            TrustManager[] myTrustManager = null;
+            KeyManager[] myKeyManager = null;
+
+            SSLContext sslContext = SSLContext.getInstance(Constants.TLS_INSTANCE);
+            sslContext.init(myKeyManager, myTrustManager, null);
+
+            SSLSocketFactory socketFactory = sslContext.getSocketFactory();
+
+            //create server socket
+            clientSocket = socketFactory.createSocket();
+
+            //toDo set sslParameters
+            SSLParameters sslParameters = ((SSLSocket)clientSocket).getSSLParameters();
+
+
+        } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
+            LOG.error("Init TLS Client failed");
+            e.printStackTrace();
+        }
+    }
+
+    @Override
+    public boolean connect() {
+        SSLSocket sslSocket = (SSLSocket) clientSocket;
+        if (super.connect()){
+            try{
+                sslSocket.startHandshake();
+            } catch (IOException e){
+                LOG.error("Starting TLS handshake failed");
+                e.printStackTrace();
+                disconnect();
+                return false;
+            }
+            return true;
+        }
+        return false;
+    }
+
+    public SSLSession getSslSession() {
+        return ((SSLSocket)clientSocket).getSession();
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
new file mode 100644
index 000000000..53773f37d
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
@@ -0,0 +1,23 @@
+package de.fhg.aisec.ids.idscp2;
+
+/**
+ * Global IDSCPv2 protocol constants
+ *
+ * @author Leon Beckmann(leon.beckmann@aisec.fraunhofer.de)
+ */
+
+public final class Constants {
+
+    //IDSCPv2 message types
+    public static final int ATTESTATION_REQUEST_MSG = 0;
+    public static final int ATTESTATION_RESPONSE_MSG = 1;
+    public static final int METADATA_REQUEST_MSG = 2;
+    public static final int METADATA_RESPONSE_MSG = 3;
+    public static final int PAYLOAD_MSG = 4;
+
+    //socket instances
+    public static final String TLS_INSTANCE = "TLSv1.2";
+
+
+    private Constants(){};
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
new file mode 100644
index 000000000..5d16266ac
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
@@ -0,0 +1,24 @@
+package de.fhg.aisec.ids.idscp2;
+
+public abstract class IDSCPv2Configuration {
+    public static final int DEFAULT_SERVER_PORT = 8080;
+
+    private int serverPort = DEFAULT_SERVER_PORT;
+
+    private AttestationConfig supportedAttestation = null;
+    private AttestationConfig expectedAttestation = null;
+
+
+
+    public AttestationConfig getExpectedAttestation() {
+        return expectedAttestation;
+    }
+
+    public AttestationConfig getSupportedAttestation() {
+        return supportedAttestation;
+    }
+
+    public int getServerPort() {
+        return serverPort;
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Exception.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Exception.java
new file mode 100644
index 000000000..315182e33
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Exception.java
@@ -0,0 +1,11 @@
+package de.fhg.aisec.ids.idscp2;
+
+public class IDSCPv2Exception extends RuntimeException{
+    public IDSCPv2Exception(String message) {
+        super(message);
+    }
+
+    public IDSCPv2Exception(String message, Throwable cause) {
+        super(message, cause);
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
new file mode 100644
index 000000000..276f3514e
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
@@ -0,0 +1,59 @@
+package de.fhg.aisec.ids.idscp2.Server;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.IOException;
+import java.net.ServerSocket;
+import java.util.ArrayList;
+
+/**
+ * An abstract server implementation for the IDSCPv2 protocol.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public abstract class IDSCPv2Server {
+    private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Server.class);
+
+    protected ArrayList<ServerThread> servers = new ArrayList<>();
+
+    protected ServerConfiguration serverConfiguration = null;
+    protected volatile boolean isRunning = false;
+    protected ServerSocket serverSocket = null;
+
+    public IDSCPv2Server(){
+
+    }
+
+    protected boolean start(){
+        return (isRunning = true);
+    }
+
+    public void stop(){
+        isRunning = false;
+        terminateRunningThreads();
+    }
+
+    public void close(){
+        if (serverSocket != null && !serverSocket.isClosed()){
+            try {
+                serverSocket.close();
+            } catch (IOException e) {
+                LOG.error("Could not close server socket");
+                e.printStackTrace();
+            }
+        }
+        terminateRunningThreads();
+    }
+
+    private void terminateRunningThreads(){
+        for (ServerThread thread : servers){
+            thread.safeStop();
+        }
+        servers.clear();
+    }
+
+    public boolean isRunning(){
+        return isRunning;
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/SSLServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/SSLServerThread.java
new file mode 100644
index 000000000..e53b9e9ca
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/SSLServerThread.java
@@ -0,0 +1,31 @@
+package de.fhg.aisec.ids.idscp2.Server;
+
+import javax.net.ssl.SSLSocket;
+
+/**
+ * A TLS server thread implementation for the IDSCPv2 protocol.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+
+public class SSLServerThread extends Thread implements ServerThread{
+
+    private SSLSocket sslSocket = null;
+    private volatile boolean running = true;
+
+    SSLServerThread(SSLSocket sslSocket){
+        this.sslSocket = sslSocket;
+    }
+
+    @Override
+    public void run(){
+        while (running){
+            //do something
+
+        }
+    }
+
+    public void safeStop(){
+        running = false;
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerConfiguration.java
new file mode 100644
index 000000000..cacdab133
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerConfiguration.java
@@ -0,0 +1,13 @@
+package de.fhg.aisec.ids.idscp2.Server;
+
+import de.fhg.aisec.ids.idscp2.IDSCPv2Configuration;
+
+/**
+ * IDSCPv2 Server Configuration
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+
+public class ServerConfiguration extends IDSCPv2Configuration {
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
new file mode 100644
index 000000000..64fe4de77
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
@@ -0,0 +1,12 @@
+package de.fhg.aisec.ids.idscp2.Server;
+
+/**
+ * A server thread interface for the IDSCPv2 protocol.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+
+public interface ServerThread {
+
+    void safeStop();
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
new file mode 100644
index 000000000..cde0f5086
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
@@ -0,0 +1,129 @@
+package de.fhg.aisec.ids.idscp2.Server;
+
+import de.fhg.aisec.ids.idscp2.Constants;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.*;
+import java.io.IOException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * A TLS server implementation for the IDSCPv2 protocol.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+
+public class TLSServer extends IDSCPv2Server {
+    private static final Logger LOG = LoggerFactory.getLogger(TLSServer.class);
+
+    public TLSServer(ServerConfiguration serverConfiguration){
+        this.serverConfiguration = serverConfiguration;
+
+        /* init server for TCP/TLS communication */
+        try {
+            //toDo create and load KeyManager and TrustManager
+            TrustManager[] myTrustManager = null;
+            KeyManager[] myKeyManager = null;
+
+            SSLContext sslContext = SSLContext.getInstance(Constants.TLS_INSTANCE);
+            sslContext.init(myKeyManager, myTrustManager, null);
+
+            SSLServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
+
+            //create server socket
+            serverSocket =  socketFactory.createServerSocket(serverConfiguration.getServerPort());
+
+        } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
+            LOG.error("Init SSL server socket failed");
+            e.printStackTrace();
+        }
+    }
+
+    @Override
+    public boolean start() {
+        if (serverSocket == null || serverSocket.isClosed()){
+            LOG.error("SSL Server socket is not available");
+            return false;
+        }
+
+        //run server
+        super.start();
+
+        try {
+            while(isRunning){
+                SSLSocket sslSocket = (SSLSocket) serverSocket.accept();
+
+                //set SSL Parameters
+                SSLParameters sslParameters = sslSocket.getSSLParameters();
+                sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
+                sslParameters.setNeedClientAuth(true); //client must authenticate
+
+                //start handshake
+                sslSocket.startHandshake();
+
+                //start new thread
+                SSLServerThread server = new SSLServerThread(sslSocket);
+                //server.setName();
+                servers.add(server);
+                server.start();
+            }
+
+        } catch (IOException e) {
+            LOG.error("SSL Server failed");
+            e.printStackTrace();
+            return false;
+        }
+
+        return true;
+    }
+
+
+    /*InputStream jksKeyStoreInputStream =
+          Files.newInputStream(targetDirectory.resolve(keyStoreName));
+      InputStream jksTrustStoreInputStream =
+          Files.newInputStream(targetDirectory.resolve(trustStoreName));
+
+      KeyStore keystore = KeyStore.getInstance("JKS");
+      KeyStore trustManagerKeyStore = KeyStore.getInstance("JKS");
+
+      LOG.info("Loading key store: " + keyStoreName);
+      LOG.info("Loading trus store: " + trustStoreName);
+      keystore.load(jksKeyStoreInputStream, keyStorePassword.toCharArray());
+      trustManagerKeyStore.load(jksTrustStoreInputStream, keyStorePassword.toCharArray());
+      java.security.cert.Certificate[] certs = trustManagerKeyStore.getCertificateChain("ca");
+      LOG.info("Cert chain: " + Arrays.toString(certs));
+
+      LOG.info("LOADED CA CERT: " + trustManagerKeyStore.getCertificate("ca"));
+      jksKeyStoreInputStream.close();
+      jksTrustStoreInputStream.close();
+
+        * // get private key
+            Key privKey = (PrivateKey) keystore.getKey(keystoreAliasName, keyStorePassword.toCharArray());
+            // Get certificate of public key
+            X509Certificate cert = (X509Certificate) keystore.getCertificate(keystoreAliasName);
+
+            TrustManager[] trustManagers;
+            TrustManagerFactory trustManagerFactory =
+                    TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
+            trustManagerFactory.init(trustManagerKeyStore);
+            trustManagers = trustManagerFactory.getTrustManagers();
+            if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
+                throw new IllegalStateException(
+                        "Unexpected default trust managers:" + Arrays.toString(trustManagers));
+            }
+        */
+
+    /*
+    * @Override
+public void close() throws IOException {
+  try (
+    Socket       s = socket;
+    InputStream  i = in;
+    OutputStream o = out;
+  ) {
+    sendMessage(Message.CLIENT_CLOSE);
+  }
+}*/
+}

From 29bbb20697312af88fc89ffb34a4010176aab4d4 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 21 Nov 2019 17:24:16 +0100
Subject: [PATCH 024/237] WIP TLS Client and Server, add TrustManager and
 KeyManager

---
 .../ids/idscp2/Client/IDSCPv2Client.java      |   4 +
 .../aisec/ids/idscp2/Client/TLSClient.java    |  23 +++-
 .../ids/idscp2/IDSCPv2Configuration.java      |  21 ++++
 .../ids/idscp2/Server/IDSCPv2Server.java      |   4 +-
 .../aisec/ids/idscp2/Server/TLSServer.java    |  89 ++++----------
 .../aisec/ids/idscp2/TLSPreConfiguration.java | 114 ++++++++++++++++++
 6 files changed, 185 insertions(+), 70 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
index eec54bb67..ff2ef283d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
@@ -44,4 +44,8 @@ public void disconnect() {
         }
     }
 
+    public boolean isConnected(){
+        return clientSocket != null && clientSocket.isConnected();
+    }
+
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
index fb657ced1..0ff467817 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
@@ -1,6 +1,7 @@
 package de.fhg.aisec.ids.idscp2.Client;
 
 import de.fhg.aisec.ids.idscp2.Constants;
+import de.fhg.aisec.ids.idscp2.TLSPreConfiguration;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -23,9 +24,19 @@ public TLSClient(ClientConfiguration clientConfiguration){
 
         /* init TLS Client */
         try {
-            //create and load KeyManager and TrustManager
-            TrustManager[] myTrustManager = null;
-            KeyManager[] myKeyManager = null;
+            /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
+             * hostVerification and algorithm constraints */
+            TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
+                    clientConfiguration.getTrustStorePath(),
+                    clientConfiguration.getTrustStorePassword()
+            );
+
+            /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
+             * connection specific key selection via key alias*/
+            KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
+                    clientConfiguration.getKeyStorePath(),
+                    clientConfiguration.getKeyStorePassword()
+            );
 
             SSLContext sslContext = SSLContext.getInstance(Constants.TLS_INSTANCE);
             sslContext.init(myKeyManager, myTrustManager, null);
@@ -35,8 +46,12 @@ public TLSClient(ClientConfiguration clientConfiguration){
             //create server socket
             clientSocket = socketFactory.createSocket();
 
+            SSLSocket sslSocket = (SSLSocket) clientSocket;
+            SSLParameters sslParameters = sslSocket.getSSLParameters();
+            sslParameters.setUseCipherSuitesOrder(false); //use server priority order
+            sslParameters.setWantClientAuth(true);
             //toDo set sslParameters
-            SSLParameters sslParameters = ((SSLSocket)clientSocket).getSSLParameters();
+            sslSocket.setSSLParameters(sslParameters);
 
 
         } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
index 5d16266ac..d4780f2e2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
@@ -4,6 +4,11 @@ public abstract class IDSCPv2Configuration {
     public static final int DEFAULT_SERVER_PORT = 8080;
 
     private int serverPort = DEFAULT_SERVER_PORT;
+    private String trustStorePath = null;
+    private String trustStorePassword = "password";
+    private String keyStorePath = null;
+    private String keyStorePassword = "password";
+
 
     private AttestationConfig supportedAttestation = null;
     private AttestationConfig expectedAttestation = null;
@@ -21,4 +26,20 @@ public AttestationConfig getSupportedAttestation() {
     public int getServerPort() {
         return serverPort;
     }
+
+    public String getKeyStorePath() {
+        return keyStorePath;
+    }
+
+    public String getKeyStorePassword() {
+        return keyStorePassword;
+    }
+
+    public String getTrustStorePath() {
+        return trustStorePath;
+    }
+
+    public String getTrustStorePassword() {
+        return trustStorePassword;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
index 276f3514e..1fd437238 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
@@ -21,8 +21,8 @@ public abstract class IDSCPv2Server {
     protected volatile boolean isRunning = false;
     protected ServerSocket serverSocket = null;
 
-    public IDSCPv2Server(){
-
+    public IDSCPv2Server(ServerConfiguration serverConfiguration){
+        this.serverConfiguration = serverConfiguration;
     }
 
     protected boolean start(){
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
index cde0f5086..3fad1e4fb 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
@@ -1,13 +1,13 @@
 package de.fhg.aisec.ids.idscp2.Server;
 
 import de.fhg.aisec.ids.idscp2.Constants;
+import de.fhg.aisec.ids.idscp2.TLSPreConfiguration;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.net.ssl.*;
 import java.io.IOException;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
+import java.security.*;
 
 /**
  * A TLS server implementation for the IDSCPv2 protocol.
@@ -19,22 +19,39 @@ public class TLSServer extends IDSCPv2Server {
     private static final Logger LOG = LoggerFactory.getLogger(TLSServer.class);
 
     public TLSServer(ServerConfiguration serverConfiguration){
-        this.serverConfiguration = serverConfiguration;
+        super(serverConfiguration);
 
         /* init server for TCP/TLS communication */
         try {
-            //toDo create and load KeyManager and TrustManager
-            TrustManager[] myTrustManager = null;
-            KeyManager[] myKeyManager = null;
-
+            /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
+            * hostVerification and algorithm constraints */
+            TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
+                    serverConfiguration.getTrustStorePath(),
+                    serverConfiguration.getTrustStorePassword()
+            );
+
+            /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
+             * connection specific key selection via key alias*/
+            KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
+                    serverConfiguration.getKeyStorePath(),
+                    serverConfiguration.getKeyStorePassword()
+            );
+
+            // create tls context based on keyManager and trustManager
             SSLContext sslContext = SSLContext.getInstance(Constants.TLS_INSTANCE);
             sslContext.init(myKeyManager, myTrustManager, null);
-
             SSLServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
 
             //create server socket
             serverSocket =  socketFactory.createServerSocket(serverConfiguration.getServerPort());
 
+            SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
+            SSLParameters sslParameters = sslServerSocket.getSSLParameters();
+            sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
+            sslParameters.setNeedClientAuth(true); //client must authenticate
+            //toDo set further SSL Parameters e.g SNI Matchers, Cipher Suite, Protocols ...
+            sslServerSocket.setSSLParameters(sslParameters);
+
         } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
             LOG.error("Init SSL server socket failed");
             e.printStackTrace();
@@ -55,14 +72,6 @@ public boolean start() {
             while(isRunning){
                 SSLSocket sslSocket = (SSLSocket) serverSocket.accept();
 
-                //set SSL Parameters
-                SSLParameters sslParameters = sslSocket.getSSLParameters();
-                sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
-                sslParameters.setNeedClientAuth(true); //client must authenticate
-
-                //start handshake
-                sslSocket.startHandshake();
-
                 //start new thread
                 SSLServerThread server = new SSLServerThread(sslSocket);
                 //server.setName();
@@ -78,52 +87,4 @@ public boolean start() {
 
         return true;
     }
-
-
-    /*InputStream jksKeyStoreInputStream =
-          Files.newInputStream(targetDirectory.resolve(keyStoreName));
-      InputStream jksTrustStoreInputStream =
-          Files.newInputStream(targetDirectory.resolve(trustStoreName));
-
-      KeyStore keystore = KeyStore.getInstance("JKS");
-      KeyStore trustManagerKeyStore = KeyStore.getInstance("JKS");
-
-      LOG.info("Loading key store: " + keyStoreName);
-      LOG.info("Loading trus store: " + trustStoreName);
-      keystore.load(jksKeyStoreInputStream, keyStorePassword.toCharArray());
-      trustManagerKeyStore.load(jksTrustStoreInputStream, keyStorePassword.toCharArray());
-      java.security.cert.Certificate[] certs = trustManagerKeyStore.getCertificateChain("ca");
-      LOG.info("Cert chain: " + Arrays.toString(certs));
-
-      LOG.info("LOADED CA CERT: " + trustManagerKeyStore.getCertificate("ca"));
-      jksKeyStoreInputStream.close();
-      jksTrustStoreInputStream.close();
-
-        * // get private key
-            Key privKey = (PrivateKey) keystore.getKey(keystoreAliasName, keyStorePassword.toCharArray());
-            // Get certificate of public key
-            X509Certificate cert = (X509Certificate) keystore.getCertificate(keystoreAliasName);
-
-            TrustManager[] trustManagers;
-            TrustManagerFactory trustManagerFactory =
-                    TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-            trustManagerFactory.init(trustManagerKeyStore);
-            trustManagers = trustManagerFactory.getTrustManagers();
-            if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
-                throw new IllegalStateException(
-                        "Unexpected default trust managers:" + Arrays.toString(trustManagers));
-            }
-        */
-
-    /*
-    * @Override
-public void close() throws IOException {
-  try (
-    Socket       s = socket;
-    InputStream  i = in;
-    OutputStream o = out;
-  ) {
-    sendMessage(Message.CLIENT_CLOSE);
-  }
-}*/
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
new file mode 100644
index 000000000..b13397cb6
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
@@ -0,0 +1,114 @@
+package de.fhg.aisec.ids.idscp2;
+
+import javax.net.ssl.*;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.security.*;
+import java.security.cert.*;
+import java.util.Arrays;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+/**
+ * A class for creating pre-configured TrustManagers and KeyManagers for TLS Server and TLS Client
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class TLSPreConfiguration {
+
+    public static TrustManager[] getX509ExtTrustManager(
+            String trustStorePath,
+            String trustStorePassword
+    ) {
+        try (
+                InputStream jksTrustStoreIn = Files.newInputStream(Paths.get(trustStorePath))
+        ) {
+            /* create TrustManager */
+            TrustManager[] myTrustManager;
+            KeyStore trustStore = KeyStore.getInstance("JKS");
+            trustStore.load(jksTrustStoreIn, trustStorePassword.toCharArray());
+            TrustManagerFactory trustManagerFactory =
+                    TrustManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
+
+            /* filterTrustAnchors for validation
+            ManagerFactoryParameters trustParams =
+                    new CertPathTrustManagerParameters(filterTrustAnchors(trustStore));
+            trustManagerFactory.init(trustParams);*/
+
+            trustManagerFactory.init(trustStore);
+            myTrustManager = trustManagerFactory.getTrustManagers();
+
+
+            /* set up TrustManager config */
+            //allow only X509 Authentication
+            if (myTrustManager.length == 1 && myTrustManager[0] instanceof X509ExtendedTrustManager) {
+                //toDo hostname verification and algorithm constraints
+
+                return myTrustManager;
+            } else {
+                throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(myTrustManager));
+            }
+        } catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    public static KeyManager[] getX509ExtKeyManager(
+            String keyStorePath,
+            String keyStorePassword
+    ) {
+        try (
+                InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath));
+        ) {
+            /* create KeyManager for remote authentication */
+            KeyManager[] myKeyManager;
+            KeyStore keystore = KeyStore.getInstance("JKS");
+            keystore.load(jksKeyStoreIn, keyStorePassword.toCharArray());
+            KeyManagerFactory keyManagerFactory =
+                    KeyManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
+            keyManagerFactory.init(keystore, keyStorePassword.toCharArray());
+            myKeyManager = keyManagerFactory.getKeyManagers();
+
+            /* set up keyManager config */
+            //allow only X509 Authentication
+            if (myKeyManager.length == 1 && myKeyManager[0] instanceof X509ExtendedKeyManager) {
+                //toDo connection specific key selection via KeyAlias
+
+                return myKeyManager;
+            } else {
+                throw new IllegalStateException(
+                        "Unexpected default key managers:" + Arrays.toString(myKeyManager));
+            }
+
+        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException
+                | CertificateException e) {
+            e.printStackTrace();
+        }
+        return null; //some exception was raised
+    }
+
+    private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore)
+            throws KeyStoreException, InvalidAlgorithmParameterException {
+        PKIXParameters params = new PKIXParameters(keyStore);
+
+        // Obtain CA root certificates
+        Set<TrustAnchor> myTrustAnchors = params.getTrustAnchors();
+
+        // Create new set of CA certificates that are still valid for specified date
+        Set<TrustAnchor> validTrustAnchors =
+                myTrustAnchors.stream().filter(
+                        ta -> {
+                            try {
+                                ta.getTrustedCert().checkValidity(/* toDo expiration date*/);
+                            } catch (CertificateException e) {
+                                return false;
+                            }
+                            return true; }).collect(Collectors.toSet());
+
+        // Create PKIXBuilderParameters parameters
+        return new PKIXBuilderParameters(validTrustAnchors, new X509CertSelector());
+    }
+}
\ No newline at end of file

From 45a8c077b27e8de7f9828dea514863c6db5b4c6e Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Mon, 25 Nov 2019 18:19:18 +0100
Subject: [PATCH 025/237] WIP TLS Communication, input / output,
 handshakeCompletedListener

---
 .../idscp2/Client/ClientConfiguration.java    |   5 +
 .../ids/idscp2/Client/IDSCPv2Client.java      |  61 ++++++++-
 .../aisec/ids/idscp2/Client/TLSClient.java    |  49 +++++--
 .../de/fhg/aisec/ids/idscp2/Constants.java    |   5 +
 .../ids/idscp2/DataAvailableListener.java     |  13 ++
 .../fhg/aisec/ids/idscp2/InputListener.java   |  15 +++
 .../aisec/ids/idscp2/InputListenerThread.java |  60 +++++++++
 .../ids/idscp2/Server/SSLServerThread.java    |  31 -----
 .../aisec/ids/idscp2/Server/ServerThread.java |   3 +-
 .../aisec/ids/idscp2/Server/TLSServer.java    |  11 +-
 .../ids/idscp2/Server/TLSServerThread.java    | 122 ++++++++++++++++++
 .../aisec/ids/idscp2/TLSPreConfiguration.java |   1 +
 12 files changed, 323 insertions(+), 53 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListener.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/SSLServerThread.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java
index 4ffd490dd..264b2f2c2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java
@@ -9,4 +9,9 @@
  */
 public class ClientConfiguration extends IDSCPv2Configuration {
 
+    private String hostname = "localhost";
+
+    public String getHostname() {
+        return hostname;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
index ff2ef283d..3bbc3d08f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
@@ -1,30 +1,54 @@
 package de.fhg.aisec.ids.idscp2.Client;
 
+import de.fhg.aisec.ids.idscp2.Constants;
+import de.fhg.aisec.ids.idscp2.DataAvailableListener;
+import de.fhg.aisec.ids.idscp2.InputListener;
+import de.fhg.aisec.ids.idscp2.InputListenerThread;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.net.InetSocketAddress;
 import java.net.Socket;
+import java.util.Arrays;
 
 /**
  * An abstract client implementation for the IDSCPv2 protocol.
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public abstract class IDSCPv2Client {
+public abstract class IDSCPv2Client implements DataAvailableListener {
     private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Client.class);
 
     protected ClientConfiguration clientConfiguration = null;
     protected Socket clientSocket = null;
+    protected OutputStream out = null;
+    protected InputStream in = null;
+    protected InputListenerThread inputListenerThread = null;
 
-    protected boolean connect(){
+    public IDSCPv2Client(){
+
+    }
+
+    public boolean connect(){
         if (clientSocket == null || clientSocket.isClosed()){
             LOG.error("Client socket is not available");
             return false;
         }
 
         try {
-            clientSocket.connect(null, clientConfiguration.getServerPort());
+            clientSocket.connect(new InetSocketAddress(clientConfiguration.getHostname(),
+                    clientConfiguration.getServerPort()));
+            out = clientSocket.getOutputStream();
+            in = clientSocket.getInputStream();
+
+            //start receiving listener
+            inputListenerThread = new InputListenerThread(in);
+            inputListenerThread.register(this);
+            inputListenerThread.start();
+
         } catch (IOException e) {
             LOG.error("Connecting client to server failed");
             e.printStackTrace();
@@ -37,6 +61,10 @@ protected boolean connect(){
     public void disconnect() {
         if (clientSocket != null && !clientSocket.isClosed()){
             try {
+                send(Constants.CLIENT_GOODBYE);
+                inputListenerThread.safeStop();
+                in.close();
+                out.close();
                 clientSocket.close();
             } catch (IOException e) {
                 e.printStackTrace();
@@ -44,6 +72,33 @@ public void disconnect() {
         }
     }
 
+    public void send(byte[] data){
+        if (!isConnected()){
+            LOG.error("Client cannot send data because socket is not connected");
+        } else {
+            try {
+                out.write(data);
+                out.flush();
+            } catch (IOException e){
+                LOG.error("Client cannot send data");
+                e.printStackTrace();
+            }
+        }
+    }
+
+    public void send(String data){
+        send(data.getBytes());
+    }
+
+    /* this is called by a listener thread when data were received*/
+    public void onMessage(byte[] data){
+        if (Arrays.toString(data).equals(Constants.END_OF_STREAM)){
+            //End of stream, connection is not available anymore
+        }
+        //toDo do something with the received data
+        System.out.println("New data received: " + Arrays.toString(data));
+    }
+
     public boolean isConnected(){
         return clientSocket != null && clientSocket.isConnected();
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
index 0ff467817..d15f4f664 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
@@ -1,12 +1,14 @@
 package de.fhg.aisec.ids.idscp2.Client;
 
 import de.fhg.aisec.ids.idscp2.Constants;
+import de.fhg.aisec.ids.idscp2.InputListenerThread;
 import de.fhg.aisec.ids.idscp2.TLSPreConfiguration;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.net.ssl.*;
 import java.io.IOException;
+import java.net.InetSocketAddress;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
 
@@ -16,7 +18,7 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 
-public class TLSClient extends IDSCPv2Client {
+public class TLSClient extends IDSCPv2Client implements HandshakeCompletedListener{
     private static final Logger LOG = LoggerFactory.getLogger(TLSClient.class);
 
     public TLSClient(ClientConfiguration clientConfiguration){
@@ -50,10 +52,10 @@ public TLSClient(ClientConfiguration clientConfiguration){
             SSLParameters sslParameters = sslSocket.getSSLParameters();
             sslParameters.setUseCipherSuitesOrder(false); //use server priority order
             sslParameters.setWantClientAuth(true);
-            //toDo set sslParameters
+            sslParameters.setProtocols(new String[] {Constants.TLS_INSTANCE}); //only TLSv1.2
+            //toDo set further SSL Parameters e.g SNI Matchers, Cipher Suite, Protocols ... whatever
             sslSocket.setSSLParameters(sslParameters);
 
-
         } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
             LOG.error("Init TLS Client failed");
             e.printStackTrace();
@@ -63,21 +65,40 @@ public TLSClient(ClientConfiguration clientConfiguration){
     @Override
     public boolean connect() {
         SSLSocket sslSocket = (SSLSocket) clientSocket;
-        if (super.connect()){
-            try{
-                sslSocket.startHandshake();
-            } catch (IOException e){
-                LOG.error("Starting TLS handshake failed");
-                e.printStackTrace();
-                disconnect();
-                return false;
-            }
-            return true;
+        if (sslSocket == null || sslSocket.isClosed()){
+            System.out.println("Client socket is not available");
+            return false;
         }
-        return false;
+
+        try {
+            sslSocket.connect(new InetSocketAddress(clientConfiguration.getHostname(),
+                    clientConfiguration.getServerPort()));
+            out = clientSocket.getOutputStream();
+            in = clientSocket.getInputStream();
+
+            //start tls handshake
+            sslSocket.addHandshakeCompletedListener(this);
+            sslSocket.startHandshake();
+
+
+        } catch (IOException e) {
+            System.out.println("Connecting TLS client to server failed");
+            e.printStackTrace();
+            disconnect();
+            return false;
+        }
+        return true;
     }
 
     public SSLSession getSslSession() {
         return ((SSLSocket)clientSocket).getSession();
     }
+
+    @Override
+    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
+        //start receiving listener for IDSCPv2 communication
+        inputListenerThread = new InputListenerThread(in);
+        inputListenerThread.register(this);
+        inputListenerThread.start();
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
index 53773f37d..f8c33651a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
@@ -18,6 +18,11 @@ public final class Constants {
     //socket instances
     public static final String TLS_INSTANCE = "TLSv1.2";
 
+    //Standard Messages
+    public static final String CLIENT_GOODBYE = "Client is disconnecting";
+    public static final String SERVER_GOODBYE = "Server is disconnecting";
+    public static final String END_OF_STREAM = "End of stream";
+
 
     private Constants(){};
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java
new file mode 100644
index 000000000..61bc146ab
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java
@@ -0,0 +1,13 @@
+package de.fhg.aisec.ids.idscp2;
+
+/**
+ * A Interface for DataAvailableListeners
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+
+public interface DataAvailableListener {
+
+    void onMessage(byte[] bytes);
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListener.java
new file mode 100644
index 000000000..f4f8dc78f
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListener.java
@@ -0,0 +1,15 @@
+package de.fhg.aisec.ids.idscp2;
+
+/**
+ * A event source interface for DataAvailableListener pattern
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public interface InputListener {
+
+    void register(DataAvailableListener listener);
+
+    void unregister(DataAvailableListener listener);
+
+    void safeStop();
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
new file mode 100644
index 000000000..9d143f1f6
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
@@ -0,0 +1,60 @@
+package de.fhg.aisec.ids.idscp2;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+
+/**
+ * A simple Listener thread that listens to an input stream and notifies all listeners when data was received
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class InputListenerThread extends Thread implements InputListener{
+
+    private InputStream in;
+    private ArrayList<DataAvailableListener> listeners = new ArrayList<>();
+    private volatile boolean running = true;
+
+    public InputListenerThread(InputStream in){
+        this.in = in;
+    }
+
+    public void run(){
+        byte[] buf = new byte[2048];
+        while (running){
+            try {
+                //toDo interrupt read when running is set to false
+                if (0 > in.read(buf,0, buf.length -1)) {
+                    notifyListeners(Constants.END_OF_STREAM.getBytes());
+                    running = false; //terminate
+                } else {
+                    notifyListeners(buf);
+                }
+            } catch (IOException e) {
+                e.printStackTrace();
+            }
+        }
+        listeners.clear();
+    }
+
+    @Override
+    public void register(DataAvailableListener listener) {
+        listeners.add(listener);
+    }
+
+    @Override
+    public void unregister(DataAvailableListener listener) {
+        listeners.remove(listener);
+    }
+
+    private void notifyListeners(byte[] bytes) {
+        for (DataAvailableListener listener : listeners){
+            listener.onMessage(bytes);
+        }
+    }
+
+    @Override
+    public void safeStop() {
+        this.running = false;
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/SSLServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/SSLServerThread.java
deleted file mode 100644
index e53b9e9ca..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/SSLServerThread.java
+++ /dev/null
@@ -1,31 +0,0 @@
-package de.fhg.aisec.ids.idscp2.Server;
-
-import javax.net.ssl.SSLSocket;
-
-/**
- * A TLS server thread implementation for the IDSCPv2 protocol.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-
-public class SSLServerThread extends Thread implements ServerThread{
-
-    private SSLSocket sslSocket = null;
-    private volatile boolean running = true;
-
-    SSLServerThread(SSLSocket sslSocket){
-        this.sslSocket = sslSocket;
-    }
-
-    @Override
-    public void run(){
-        while (running){
-            //do something
-
-        }
-    }
-
-    public void safeStop(){
-        running = false;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
index 64fe4de77..342a60b13 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
@@ -7,6 +7,7 @@
  */
 
 public interface ServerThread {
-
+    void send(byte[] bytes);
     void safeStop();
+    boolean isConnected();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
index 3fad1e4fb..827b5925a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
@@ -49,9 +49,11 @@ public TLSServer(ServerConfiguration serverConfiguration){
             SSLParameters sslParameters = sslServerSocket.getSSLParameters();
             sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
             sslParameters.setNeedClientAuth(true); //client must authenticate
-            //toDo set further SSL Parameters e.g SNI Matchers, Cipher Suite, Protocols ...
+            sslParameters.setProtocols(new String[] {Constants.TLS_INSTANCE}); //only TLSv1.2
+            //toDo set further SSL Parameters e.g SNI Matchers, Cipher Suite, Protocols ... whatever
             sslServerSocket.setSSLParameters(sslParameters);
 
+
         } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
             LOG.error("Init SSL server socket failed");
             e.printStackTrace();
@@ -72,10 +74,11 @@ public boolean start() {
             while(isRunning){
                 SSLSocket sslSocket = (SSLSocket) serverSocket.accept();
 
-                //start new thread
-                SSLServerThread server = new SSLServerThread(sslSocket);
-                //server.setName();
+                //start new server thread
+                TLSServerThread server = new TLSServerThread(sslSocket);
+                //toDo server.setName(); hashmap
                 servers.add(server);
+                sslSocket.addHandshakeCompletedListener(server);
                 server.start();
             }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
new file mode 100644
index 000000000..172a1ca2d
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
@@ -0,0 +1,122 @@
+package de.fhg.aisec.ids.idscp2.Server;
+
+import de.fhg.aisec.ids.idscp2.Constants;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.HandshakeCompletedEvent;
+import javax.net.ssl.HandshakeCompletedListener;
+import javax.net.ssl.SSLSocket;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.util.Arrays;
+
+/**
+ * A TLS server thread implementation for the IDSCPv2 protocol.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+
+public class TLSServerThread extends Thread implements ServerThread, HandshakeCompletedListener {
+    private static final Logger LOG = LoggerFactory.getLogger(TLSServerThread.class);
+
+    private SSLSocket sslSocket;
+    private volatile boolean running = true;
+    private InputStream in;
+    private OutputStream out;
+    private boolean tlsHandshakeCompleted = false;
+
+    TLSServerThread(SSLSocket sslSocket){
+        this.sslSocket = sslSocket;
+        try {
+            in = sslSocket.getInputStream();
+            out = sslSocket.getOutputStream();
+        } catch (IOException e){
+            LOG.error(e.getMessage());
+            running = false;
+        }
+    }
+
+    @Override
+    public void run(){
+        //wait for new data while running
+        byte[] buf = new byte[2048];
+
+        //wait until tls handshake is completed
+        //toDo avoid busy waiting
+        while(!tlsHandshakeCompleted){
+            try {
+                sleep(500);
+            } catch (InterruptedException e) {
+                e.printStackTrace();
+            }
+        }
+
+        while (running){
+            try {
+                //toDo interrupt read when running is set to false
+                if (0 > in.read(buf, 0, buf.length - 1)) {
+                    onMessage(Constants.END_OF_STREAM.getBytes());
+                } else {
+                    onMessage(buf);
+                }
+            } catch (IOException e){
+                e.printStackTrace();
+            }
+        }
+        try {
+            send(Constants.SERVER_GOODBYE);
+            out.close();
+            in.close();
+            sslSocket.close();
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+    }
+
+    @Override
+    public void send(byte[] data) {
+        if (!isConnected()){
+            LOG.error("Server cannot send data because socket is not connected");
+        } else {
+            try {
+                out.write(data);
+                out.flush();
+            } catch (IOException e){
+                LOG.error("Server cannot send data");
+                e.printStackTrace();
+            }
+        }
+    }
+
+    public void send(String data){
+        send(data.getBytes());
+    }
+
+    public void onMessage(byte[] data) {
+        if (Arrays.toString(data).equals(Constants.END_OF_STREAM) ||
+                Arrays.toString(data).equals(Constants.CLIENT_GOODBYE)){
+            //End of stream or client goodbye, connection is no longer available
+            running = false; //terminate server
+        } else {
+            //toDo do something with the received data
+            System.out.println("New data received: " + Arrays.toString(data));
+        }
+    }
+
+    public void safeStop(){
+        running = false;
+    }
+
+    @Override
+    public boolean isConnected() {
+        return (sslSocket != null && sslSocket.isConnected());
+    }
+
+
+    @Override
+    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
+        tlsHandshakeCompleted = true;
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
index b13397cb6..258735608 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
@@ -77,6 +77,7 @@ public static KeyManager[] getX509ExtKeyManager(
             if (myKeyManager.length == 1 && myKeyManager[0] instanceof X509ExtendedKeyManager) {
                 //toDo connection specific key selection via KeyAlias
 
+
                 return myKeyManager;
             } else {
                 throw new IllegalStateException(

From 614821605acbeddb79586bf52eb709c71287c0ec Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 28 Nov 2019 18:12:23 +0100
Subject: [PATCH 026/237] WIP TLS Communication: add saveStop implementation
 for blocking server IO calls, secure cipher suite, catch SSL Handshake
 Exceptions

---
 .../ids/idscp2/Client/IDSCPv2Client.java      |  2 +
 .../aisec/ids/idscp2/Client/TLSClient.java    | 12 ++--
 .../de/fhg/aisec/ids/idscp2/Constants.java    | 55 ++++++++++++++++++-
 .../aisec/ids/idscp2/InputListenerThread.java |  8 ++-
 .../aisec/ids/idscp2/Server/TLSServer.java    | 39 ++++++++-----
 .../ids/idscp2/Server/TLSServerThread.java    |  9 ++-
 .../aisec/ids/idscp2/TLSPreConfiguration.java |  2 +-
 7 files changed, 100 insertions(+), 27 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
index 3bbc3d08f..6c5dc2cb2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
@@ -44,6 +44,8 @@ public boolean connect(){
             out = clientSocket.getOutputStream();
             in = clientSocket.getInputStream();
 
+            //set clientSocket timeout to allow safeStop()
+            clientSocket.setSoTimeout(5000);
             //start receiving listener
             inputListenerThread = new InputListenerThread(in);
             inputListenerThread.register(this);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
index d15f4f664..df89f8171 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
@@ -8,6 +8,7 @@
 
 import javax.net.ssl.*;
 import java.io.IOException;
+import java.net.ConnectException;
 import java.net.InetSocketAddress;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
@@ -51,8 +52,9 @@ public TLSClient(ClientConfiguration clientConfiguration){
             SSLSocket sslSocket = (SSLSocket) clientSocket;
             SSLParameters sslParameters = sslSocket.getSSLParameters();
             sslParameters.setUseCipherSuitesOrder(false); //use server priority order
-            sslParameters.setWantClientAuth(true);
-            sslParameters.setProtocols(new String[] {Constants.TLS_INSTANCE}); //only TLSv1.2
+            sslParameters.setNeedClientAuth(true);
+            sslParameters.setProtocols(Constants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
+            sslParameters.setCipherSuites(Constants.TLS_ENABLED_CIPHER); //only allow strong cipher
             //toDo set further SSL Parameters e.g SNI Matchers, Cipher Suite, Protocols ... whatever
             sslSocket.setSSLParameters(sslParameters);
 
@@ -79,11 +81,9 @@ public boolean connect() {
             //start tls handshake
             sslSocket.addHandshakeCompletedListener(this);
             sslSocket.startHandshake();
-
-
         } catch (IOException e) {
-            System.out.println("Connecting TLS client to server failed");
-            e.printStackTrace();
+            LOG.error("Connecting TLS client to server failed");
+            //e.printStackTrace();
             disconnect();
             return false;
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
index f8c33651a..207ffdc0c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
@@ -15,14 +15,65 @@ public final class Constants {
     public static final int METADATA_RESPONSE_MSG = 3;
     public static final int PAYLOAD_MSG = 4;
 
-    //socket instances
-    public static final String TLS_INSTANCE = "TLSv1.2";
 
     //Standard Messages
     public static final String CLIENT_GOODBYE = "Client is disconnecting";
     public static final String SERVER_GOODBYE = "Server is disconnecting";
     public static final String END_OF_STREAM = "End of stream";
 
+    /* TLS specific settings */
+
+    //socket instances
+    public static final String TLS_INSTANCE = "TLSv1.2";
+
+    //enabled protocols
+    public static final String[] TLS_ENABLED_PROTOCOLS = {TLS_INSTANCE};
+    public static final String[] TLS_ENABLED_CIPHER = {
+            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+            "TLS_RSA_WITH_AES_256_CBC_SHA256",
+            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
+            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
+            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+            /*"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
+            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
+            "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"*/
+    };
+
 
     private Constants(){};
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
index 9d143f1f6..e4bdfe6b6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
@@ -2,6 +2,7 @@
 
 import java.io.IOException;
 import java.io.InputStream;
+import java.net.SocketTimeoutException;
 import java.util.ArrayList;
 
 /**
@@ -23,13 +24,16 @@ public void run(){
         byte[] buf = new byte[2048];
         while (running){
             try {
-                //toDo interrupt read when running is set to false
-                if (0 > in.read(buf,0, buf.length -1)) {
+                if (0 > in.read(buf, 0, buf.length - 1)) {
                     notifyListeners(Constants.END_OF_STREAM.getBytes());
                     running = false; //terminate
                 } else {
                     notifyListeners(buf);
                 }
+            } catch (SocketTimeoutException e){
+                //timeout to catch safeStop() call, which allows save close and sending Client_Goodbye
+                //alternative: close socket / InputStream and catch exception
+                //continue;
             } catch (IOException e) {
                 e.printStackTrace();
             }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
index 827b5925a..3eb4c4d36 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
@@ -7,6 +7,7 @@
 
 import javax.net.ssl.*;
 import java.io.IOException;
+import java.net.SocketTimeoutException;
 import java.security.*;
 
 /**
@@ -44,12 +45,14 @@ public TLSServer(ServerConfiguration serverConfiguration){
 
             //create server socket
             serverSocket =  socketFactory.createServerSocket(serverConfiguration.getServerPort());
+            //set timeout for serverSocket.accept() to allow safeStop()
+            serverSocket.setSoTimeout(5000);
 
             SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
             SSLParameters sslParameters = sslServerSocket.getSSLParameters();
             sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
             sslParameters.setNeedClientAuth(true); //client must authenticate
-            sslParameters.setProtocols(new String[] {Constants.TLS_INSTANCE}); //only TLSv1.2
+            sslParameters.setProtocols(Constants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
             //toDo set further SSL Parameters e.g SNI Matchers, Cipher Suite, Protocols ... whatever
             sslServerSocket.setSSLParameters(sslParameters);
 
@@ -70,22 +73,28 @@ public boolean start() {
         //run server
         super.start();
 
-        try {
-            while(isRunning){
-                SSLSocket sslSocket = (SSLSocket) serverSocket.accept();
-
-                //start new server thread
-                TLSServerThread server = new TLSServerThread(sslSocket);
-                //toDo server.setName(); hashmap
-                servers.add(server);
-                sslSocket.addHandshakeCompletedListener(server);
-                server.start();
+        SSLSocket sslSocket;
+        while(isRunning){
+            try {
+                sslSocket = (SSLSocket) serverSocket.accept();
+            } catch (SocketTimeoutException e){
+                //timeout on serverSocket blocking functions was reached
+                //in this way we can catch safeStop() function, that makes isRunning false
+                //without closing the serverSocket, so we can stop and restart the server
+                //alternative: close serverSocket. But then we cannot reuse it
+                continue;
+            } catch (IOException e) {
+                System.out.println("SSL Server failed");
+                e.printStackTrace();
+                return false;
             }
 
-        } catch (IOException e) {
-            LOG.error("SSL Server failed");
-            e.printStackTrace();
-            return false;
+            //start new server thread
+            TLSServerThread server = new TLSServerThread(sslSocket);
+            //toDo server.setName() + hashmap
+            servers.add(server);
+            sslSocket.addHandshakeCompletedListener(server);
+            server.start();
         }
 
         return true;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
index 172a1ca2d..667a7e2c9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
@@ -10,6 +10,8 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
+import java.net.SocketException;
+import java.net.SocketTimeoutException;
 import java.util.Arrays;
 
 /**
@@ -30,6 +32,8 @@ public class TLSServerThread extends Thread implements ServerThread, HandshakeCo
     TLSServerThread(SSLSocket sslSocket){
         this.sslSocket = sslSocket;
         try {
+            //set timout for blocking read
+            sslSocket.setSoTimeout(5000);
             in = sslSocket.getInputStream();
             out = sslSocket.getOutputStream();
         } catch (IOException e){
@@ -55,12 +59,15 @@ public void run(){
 
         while (running){
             try {
-                //toDo interrupt read when running is set to false
                 if (0 > in.read(buf, 0, buf.length - 1)) {
                     onMessage(Constants.END_OF_STREAM.getBytes());
                 } else {
                     onMessage(buf);
                 }
+            } catch (SocketTimeoutException e){
+                //timeout catches safeStop() call and allows to send server_goodbye
+                //alternative: close sslSocket and catch SocketException
+                //continue
             } catch (IOException e){
                 e.printStackTrace();
             }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
index 258735608..dfc92f2b3 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
@@ -36,8 +36,8 @@ public static TrustManager[] getX509ExtTrustManager(
             ManagerFactoryParameters trustParams =
                     new CertPathTrustManagerParameters(filterTrustAnchors(trustStore));
             trustManagerFactory.init(trustParams);*/
-
             trustManagerFactory.init(trustStore);
+
             myTrustManager = trustManagerFactory.getTrustManagers();
 
 

From 287712328c049dcc80b19905cae5ca42d20af819 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Mon, 2 Dec 2019 18:23:57 +0100
Subject: [PATCH 027/237] WIP: TLS communication, working Keystores, fixing
 client and server shutdown, fixing message format

---
 .../ids/idscp2/Client/IDSCPv2Client.java      |  37 +++++++++-----
 .../aisec/ids/idscp2/Client/TLSClient.java    |  26 +++++++---
 .../ids/idscp2/DataAvailableListener.java     |   2 +-
 .../aisec/ids/idscp2/InputListenerThread.java |  14 +++---
 .../ids/idscp2/Server/IDSCPv2Server.java      |   3 ++
 .../aisec/ids/idscp2/Server/TLSServer.java    |   6 ++-
 .../ids/idscp2/Server/TLSServerThread.java    |  46 ++++++++++--------
 .../aisec/ids/idscp2/TLSPreConfiguration.java |   2 -
 .../jsse/aisecconnector1-keystore.jks         | Bin 0 -> 2527 bytes
 .../jsse/aisecconnector2-keystore.jks         | Bin 0 -> 2525 bytes
 .../test/resources/jsse/client-keystore.jks   | Bin 2495 -> 0 bytes
 .../test/resources/jsse/client-truststore.jks | Bin 1954 -> 0 bytes
 .../resources/jsse/client-truststore_new.jks  | Bin 0 -> 1974 bytes
 .../test/resources/jsse/server-keystore.jks   | Bin 4494 -> 0 bytes
 .../test/resources/jsse/server-truststore.jks | Bin 1954 -> 0 bytes
 15 files changed, 86 insertions(+), 50 deletions(-)
 create mode 100644 idscp2/src/test/resources/jsse/aisecconnector1-keystore.jks
 create mode 100644 idscp2/src/test/resources/jsse/aisecconnector2-keystore.jks
 delete mode 100644 idscp2/src/test/resources/jsse/client-keystore.jks
 delete mode 100644 idscp2/src/test/resources/jsse/client-truststore.jks
 create mode 100644 idscp2/src/test/resources/jsse/client-truststore_new.jks
 delete mode 100644 idscp2/src/test/resources/jsse/server-keystore.jks
 delete mode 100644 idscp2/src/test/resources/jsse/server-truststore.jks

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
index 6c5dc2cb2..4ee6b8d10 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
@@ -2,7 +2,6 @@
 
 import de.fhg.aisec.ids.idscp2.Constants;
 import de.fhg.aisec.ids.idscp2.DataAvailableListener;
-import de.fhg.aisec.ids.idscp2.InputListener;
 import de.fhg.aisec.ids.idscp2.InputListenerThread;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -12,7 +11,7 @@
 import java.io.OutputStream;
 import java.net.InetSocketAddress;
 import java.net.Socket;
-import java.util.Arrays;
+import java.nio.charset.StandardCharsets;
 
 /**
  * An abstract client implementation for the IDSCPv2 protocol.
@@ -41,35 +40,45 @@ public boolean connect(){
         try {
             clientSocket.connect(new InetSocketAddress(clientConfiguration.getHostname(),
                     clientConfiguration.getServerPort()));
+            LOG.info("Client is connected to server " + clientConfiguration.getHostname()
+                    + ":" + clientConfiguration.getServerPort());
             out = clientSocket.getOutputStream();
             in = clientSocket.getInputStream();
 
             //set clientSocket timeout to allow safeStop()
             clientSocket.setSoTimeout(5000);
+
             //start receiving listener
             inputListenerThread = new InputListenerThread(in);
             inputListenerThread.register(this);
             inputListenerThread.start();
+            LOG.info("Input listener thread was started");
 
         } catch (IOException e) {
             LOG.error("Connecting client to server failed");
             e.printStackTrace();
-            disconnect();
+            disconnect(false);
             return false;
         }
         return true;
     }
 
-    public void disconnect() {
+    public void disconnect(boolean initialized) {
+        LOG.info("Disconnecting from server");
+        //close listener
+        if (inputListenerThread != null && inputListenerThread.isAlive()) {
+            inputListenerThread.safeStop();
+        }
+
+        //send goodbye and close sockets
         if (clientSocket != null && !clientSocket.isClosed()){
-            try {
+            if (initialized && clientSocket.isConnected()){
                 send(Constants.CLIENT_GOODBYE);
-                inputListenerThread.safeStop();
-                in.close();
-                out.close();
+            }
+            try {
                 clientSocket.close();
             } catch (IOException e) {
-                e.printStackTrace();
+                //e.printStackTrace();
             }
         }
     }
@@ -81,6 +90,7 @@ public void send(byte[] data){
             try {
                 out.write(data);
                 out.flush();
+                LOG.info("Sent message: " + new String(data));
             } catch (IOException e){
                 LOG.error("Client cannot send data");
                 e.printStackTrace();
@@ -93,12 +103,15 @@ public void send(String data){
     }
 
     /* this is called by a listener thread when data were received*/
-    public void onMessage(byte[] data){
-        if (Arrays.toString(data).equals(Constants.END_OF_STREAM)){
+    public void onMessage(int len, byte[] rawData){
+        String data = new String(rawData, 0, len, StandardCharsets.UTF_8);
+        if (data.equals(Constants.END_OF_STREAM)){
             //End of stream, connection is not available anymore
+            LOG.info("Client is terminating after server disconnected");
+            disconnect(false);
         }
         //toDo do something with the received data
-        System.out.println("New data received: " + Arrays.toString(data));
+        System.out.println("New data received: " + data);
     }
 
     public boolean isConnected(){
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
index df89f8171..5ee625583 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
@@ -8,7 +8,6 @@
 
 import javax.net.ssl.*;
 import java.io.IOException;
-import java.net.ConnectException;
 import java.net.InetSocketAddress;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
@@ -55,8 +54,9 @@ public TLSClient(ClientConfiguration clientConfiguration){
             sslParameters.setNeedClientAuth(true);
             sslParameters.setProtocols(Constants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
             sslParameters.setCipherSuites(Constants.TLS_ENABLED_CIPHER); //only allow strong cipher
-            //toDo set further SSL Parameters e.g SNI Matchers, Cipher Suite, Protocols ... whatever
+            //toDo set further SSL Parameters
             sslSocket.setSSLParameters(sslParameters);
+            LOG.info("TLS Client was initialized successfully");
 
         } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
             LOG.error("Init TLS Client failed");
@@ -75,16 +75,31 @@ public boolean connect() {
         try {
             sslSocket.connect(new InetSocketAddress(clientConfiguration.getHostname(),
                     clientConfiguration.getServerPort()));
+            LOG.info("Client is connected to server " + clientConfiguration.getHostname()
+                    + ":" + clientConfiguration.getServerPort());
+
+            //set clientSocket timeout to allow safeStop()
+            clientSocket.setSoTimeout(5000);
+
             out = clientSocket.getOutputStream();
             in = clientSocket.getInputStream();
 
+            //add inputListener but start it not before handshake is complete
+            inputListenerThread = new InputListenerThread(in);
+            inputListenerThread.register(this);
+
             //start tls handshake
             sslSocket.addHandshakeCompletedListener(this);
+            LOG.info("Start TLS Handshake");
             sslSocket.startHandshake();
+        } catch (SSLHandshakeException e){
+            System.out.println("TLS Handshake failed" + e.getMessage());
+            disconnect(false);
+            return false;
         } catch (IOException e) {
             LOG.error("Connecting TLS client to server failed");
             //e.printStackTrace();
-            disconnect();
+            disconnect(false);
             return false;
         }
         return true;
@@ -96,9 +111,8 @@ public SSLSession getSslSession() {
 
     @Override
     public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
-        //start receiving listener for IDSCPv2 communication
-        inputListenerThread = new InputListenerThread(in);
-        inputListenerThread.register(this);
+        //start receiving listener for IDSCPv2 communication after TLS Handshake was successful
+        LOG.info("TLS Handshake was successful. Starting input listener thread");
         inputListenerThread.start();
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java
index 61bc146ab..7efa5e8b3 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java
@@ -8,6 +8,6 @@
 
 public interface DataAvailableListener {
 
-    void onMessage(byte[] bytes);
+    void onMessage(int len, byte[] bytes);
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
index e4bdfe6b6..4046d7e5c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
@@ -24,18 +24,20 @@ public void run(){
         byte[] buf = new byte[2048];
         while (running){
             try {
-                if (0 > in.read(buf, 0, buf.length - 1)) {
-                    notifyListeners(Constants.END_OF_STREAM.getBytes());
+                int len = in.read(buf, 0, buf.length - 1);
+                if (0 > len) {
+                    notifyListeners(Constants.END_OF_STREAM.length(), Constants.END_OF_STREAM.getBytes());
                     running = false; //terminate
                 } else {
-                    notifyListeners(buf);
+                    notifyListeners(len, buf);
                 }
             } catch (SocketTimeoutException e){
                 //timeout to catch safeStop() call, which allows save close and sending Client_Goodbye
                 //alternative: close socket / InputStream and catch exception
                 //continue;
             } catch (IOException e) {
-                e.printStackTrace();
+                //e.printStackTrace();
+                running = false;
             }
         }
         listeners.clear();
@@ -51,9 +53,9 @@ public void unregister(DataAvailableListener listener) {
         listeners.remove(listener);
     }
 
-    private void notifyListeners(byte[] bytes) {
+    private void notifyListeners(int len, byte[] bytes) {
         for (DataAvailableListener listener : listeners){
-            listener.onMessage(bytes);
+            listener.onMessage(len, bytes);
         }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
index 1fd437238..8c5d40fa3 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
@@ -26,15 +26,18 @@ public IDSCPv2Server(ServerConfiguration serverConfiguration){
     }
 
     protected boolean start(){
+        LOG.info("Starting server");
         return (isRunning = true);
     }
 
     public void stop(){
+        LOG.info("Stopping server");
         isRunning = false;
         terminateRunningThreads();
     }
 
     public void close(){
+        stop();
         if (serverSocket != null && !serverSocket.isClosed()){
             try {
                 serverSocket.close();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
index 3eb4c4d36..4e9458d92 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
@@ -53,9 +53,10 @@ public TLSServer(ServerConfiguration serverConfiguration){
             sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
             sslParameters.setNeedClientAuth(true); //client must authenticate
             sslParameters.setProtocols(Constants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
-            //toDo set further SSL Parameters e.g SNI Matchers, Cipher Suite, Protocols ... whatever
+            sslParameters.setCipherSuites(Constants.TLS_ENABLED_CIPHER); //only allow strong cipher suite
+            //toDo set further SSL Parameters
             sslServerSocket.setSSLParameters(sslParameters);
-
+            LOG.info("Server was initialized successfully");
 
         } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
             LOG.error("Init SSL server socket failed");
@@ -90,6 +91,7 @@ public boolean start() {
             }
 
             //start new server thread
+            LOG.info("New client has connected. Create new server session");
             TLSServerThread server = new TLSServerThread(sslSocket);
             //toDo server.setName() + hashmap
             servers.add(server);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
index 667a7e2c9..38fc8fc72 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
@@ -6,13 +6,13 @@
 
 import javax.net.ssl.HandshakeCompletedEvent;
 import javax.net.ssl.HandshakeCompletedListener;
+import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLSocket;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
-import java.net.SocketException;
 import java.net.SocketTimeoutException;
-import java.util.Arrays;
+import java.nio.charset.StandardCharsets;
 
 /**
  * A TLS server thread implementation for the IDSCPv2 protocol.
@@ -28,6 +28,7 @@ public class TLSServerThread extends Thread implements ServerThread, HandshakeCo
     private InputStream in;
     private OutputStream out;
     private boolean tlsHandshakeCompleted = false;
+    private boolean sendServerGoodbye = true;
 
     TLSServerThread(SSLSocket sslSocket){
         this.sslSocket = sslSocket;
@@ -47,33 +48,32 @@ public void run(){
         //wait for new data while running
         byte[] buf = new byte[2048];
 
-        //wait until tls handshake is completed
-        //toDo avoid busy waiting
-        while(!tlsHandshakeCompleted){
-            try {
-                sleep(500);
-            } catch (InterruptedException e) {
-                e.printStackTrace();
-            }
-        }
-
         while (running){
             try {
-                if (0 > in.read(buf, 0, buf.length - 1)) {
-                    onMessage(Constants.END_OF_STREAM.getBytes());
+                int len = in.read(buf, 0, buf.length - 1);
+                if (0 > len) {
+                    onMessage(Constants.END_OF_STREAM.length(), Constants.END_OF_STREAM.getBytes());
+                    running = false;
                 } else {
-                    onMessage(buf);
+                    onMessage(len, buf);
                 }
             } catch (SocketTimeoutException e){
                 //timeout catches safeStop() call and allows to send server_goodbye
                 //alternative: close sslSocket and catch SocketException
                 //continue
+            } catch (SSLException e){
+                LOG.error("SSL error");
+                e.printStackTrace();
+                running = false;
+                return;
             } catch (IOException e){
                 e.printStackTrace();
+                running = false;
             }
         }
         try {
-            send(Constants.SERVER_GOODBYE);
+            if (sendServerGoodbye)
+                send(Constants.SERVER_GOODBYE);
             out.close();
             in.close();
             sslSocket.close();
@@ -90,6 +90,7 @@ public void send(byte[] data) {
             try {
                 out.write(data);
                 out.flush();
+                LOG.info("Send message: " + new String(data));
             } catch (IOException e){
                 LOG.error("Server cannot send data");
                 e.printStackTrace();
@@ -101,14 +102,17 @@ public void send(String data){
         send(data.getBytes());
     }
 
-    public void onMessage(byte[] data) {
-        if (Arrays.toString(data).equals(Constants.END_OF_STREAM) ||
-                Arrays.toString(data).equals(Constants.CLIENT_GOODBYE)){
+    public void onMessage(int len, byte[] rawData) {
+        String data = new String(rawData, 0, len, StandardCharsets.UTF_8);
+        if (data.equals(Constants.END_OF_STREAM) ||
+                data.equals(Constants.CLIENT_GOODBYE)){
             //End of stream or client goodbye, connection is no longer available
             running = false; //terminate server
+            LOG.info("Server is terminating after client disconnect");
+            sendServerGoodbye = false;
         } else {
             //toDo do something with the received data
-            System.out.println("New data received: " + Arrays.toString(data));
+            System.out.println("New data received: " + data);
         }
     }
 
@@ -121,9 +125,9 @@ public boolean isConnected() {
         return (sslSocket != null && sslSocket.isConnected());
     }
 
-
     @Override
     public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
         tlsHandshakeCompleted = true;
+        LOG.info("TLS handshake was successful");
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
index dfc92f2b3..79f73fbbf 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
@@ -76,8 +76,6 @@ public static KeyManager[] getX509ExtKeyManager(
             //allow only X509 Authentication
             if (myKeyManager.length == 1 && myKeyManager[0] instanceof X509ExtendedKeyManager) {
                 //toDo connection specific key selection via KeyAlias
-
-
                 return myKeyManager;
             } else {
                 throw new IllegalStateException(
diff --git a/idscp2/src/test/resources/jsse/aisecconnector1-keystore.jks b/idscp2/src/test/resources/jsse/aisecconnector1-keystore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..8cac581c388491153679329a43ce082c6877ea64
GIT binary patch
literal 2527
zcma)7c{tSD8=vo(rOY5ROvSaAvW@Q;W9<$ajeQA~J+ojcjL@Yd3?sU>a4(}|m+jh;
zx}{vCv6gb_whA{(wh^w9<u}~rxqsY0e&>14=XpP8dEax+^LgL1F}pDffk2?b4s3UT
zAhcMvQr6872pkG>U>l$~LR13*zyNiqBmlr6Fb?cv-KJ@&kq+ja7sO?NWIV!)lDM=O
zThg^J9CI+W@tY}G<q{KI)7;Q$i~PZNDWy<Jtw_P$WbZi(S|Ip&#|gxTiQsI;oK|{D
zSwk&WB;)GJ5?xW+yJ`GwlVPkS*xh%uq~1d1w*sa@@h{z-G4a#QGw_qQD|t~Jk|lBR
zM%~{rBrqzG*LVC#^rJ5Odn^Vm%ZGX&+7)o1*%X;}AvyTj1G6{m2-e<DTGoTHU+ttK
zQ3GcEEj~sI_l8@KP)>MCmQHwP<jY0cd#v3v2;GBoIDFqa;D~svBVm1g)9{{aG`&i1
zO3q~e(ULUHvijF$Uca5pvcd;Ov<|;0DI{;EK2#H&w@1$PBoFQ%$h%S;{kYu5o78x=
zv#u(23b?$&_+|Dbq^PC-13q40v1f8cRI{)26gAe^jh80VNaa8JG${sI5`0$jQg3<^
z%~yGE9XFWkaX9)`@tLJt^J+<T4bP3s<WZRxu_G0LR0sNVcjF(%wrkDy9Cyg_^w-CR
zSzH79mv<R=xXlX9Zx?mLZ}K(Mes)l>uFO4O<l2xgeTk)gpze;JBmIzCNIbY<-a2`v
z5<ZY9YlC*XNDZujm*qxP&m0<ZUb>Md*!6A0xpjm7WT$Jq;=N;v<NFNUet=fVoK+?k
z1<$N>ugZ0+`MTS{zD>ob%e25AL~8DpY!z+nh%`@Isikt8I|+syQq@DJ$T5ru^A<5_
z<5GeLvAa6URbw>9DO*ReBEe0gbu34*Fjx9Uw1SWO@vo@`CEw+zD;5@4)kIvL7DWQs
z>wn}V55|=hni6%XxVPt3Q~Zu+g)Zh4m2{7jvk<(sXMOi0><QZZMHv*~^UzSc7E<11
z=3r|rp)0&D^|$c#dbz=NGFpJq5d?ciR@=V7VUXNT23tb>Vx?uFT}5N6V;Whdf?h-#
zF)%Ym?Y%C`pDCl%9kOP3iu>#0*-p=6vS#Wp2QWgGSEL>sbeek>pR_TDJ6rZ<RNX_+
zZ@RW-WQ&=P{PILrUrAOri<&$+lwz;H062Y@Wji_U^n)`@B8f^?{TbL#X;<p*Xs?B7
zkac9IA6QinB}z<B)davaf%<-%hQrF;xHu`V=~rDw>L@3fQ$52GK0S*iZc4I!AjxXz
z9ZS`(rv^gF&F^({3vtVYGQ?!#m2Zq_?N7?LzMDc;)-dT?x@B@Yr)RU*YcA$wtHB$`
zW4`l;35;H~pFH;%w`hJk+2gp`J%NJe(K2t#lbkujMcn*G%N~o#@qzdTR{5Eduuznu
zaa-d8WC4D<Z{Eo(Ew(;g<DuiTg=ETm3lAFEXrX32M@vRNDDBtyTIX7hVNO4Cr|O;7
z>tn1=yNl6zgWkmFOeN~-PGaEfmj-CB;R{==+(@PLO=IJoj`)NNHl!NP-IW2ci9o%D
z;`e$(i{u|?DCsBZCk^Gls^0;iKF3(BkAU<Y=ISW1<{EDiZ+U25<7x|1Tm9je(RmU^
zP+RS<PMVJp=MXy}gAa>ESWDk)I5A%zNk4G&@i1J<=|rDKxcg?8b`JJUvrh;A*42y_
zO`nO8bz*v?x6g?FN}i;P_0t5~q&&`JLhA3N`)l#H*NVPBJ~!w3B|f5^$JL=<r_W@(
zPF|%`Q<6;(mu%}j`2#Rqk#ZZvx;ZHB!|j|luho*vF<d+I(&r}@>eFQ~+eH!XiYI}F
z5D4s=upnlG9Fgb(5hwtK0=q#m#7^}D%Y+p%06@VZpeX?b?nH<jgCVd`^CJW-D7i&M
z(W2B4+PNSW+s`+I@C_)lH7J6{TA4d5y7-2MDLS8{Q_K`~K!O1%zgvu82oeaogsrCU
zzFSO(Af&{<C`kK1B8Y?Ntq3SI+|0`P2!)^pYWx{-pD&X^V(Qb0S~Q}eftId;AE-s6
z(?KnwK8Zjgf(%_hUna-_l>dD%Va*re01^=4xG0nZ0FdmnT&-%}gEpi@(v+f^roH&%
zUI#1VhTG`!^?Y?Cr8xb<_pMZPP8%yoY!3p%JMC#{FRPvEacVfR{WNO~F&m}UlocGF
zG7~O%=5Nh9KkU^74LLNkDF1W(wPNYpX2@GDvsZQcKk1ED&(>9VrY^HD+-P$9w!wkL
z!?w*{jc`Da0~us_>IB?WBV*&-Q;;-7*>Svea-JyX!WD=ZrRJ%lI#ON&#LD_uKf;42
z<Qa#nbMLP7t@taruUpob$Qxv<cJ{k^JG?>(yfd@8V|g;Y&2e6{tWPhE=HP0k`8k#*
ziWjRVvz04*>r`keuZ|GlQ+^(=dS9o_EiVq^xKI%Q0u*zA^THQ72g(VbR!$s-gGs&Z
zSx05Y69LI-udJ-ZhY?XH)~rE=t!Wk59uOBJ)sxI`;+`*8DeIB0+U=-4?o08S+?I<R
z76t_&AZlx^1Pmqug%^POTSNf{f_PA~K)v8#f+{O4EZ9g}n-LO#r=1G*W#Ik(5fz^4
zt9^<YiWkm-E{Gk%{~8WQ0szbsq=M#ua}b(f@RtuJJ3J_WO%v|;FHa$Cb{K=k@C^wQ
zN>UHMW&C-~{V*IT^|w0_=sy+!25y~J66OaoIXeT`3|at-9U8__5}t{{4hr&Rgt0>i
z{}t;pOqgMi%P>&@DzS~bwo!5$G24jUMyYL--bUQN<ta=%p*#V|&DVB570>n^FLWI{
zI(_X2>9eX`jj#DAwSwUTF9md(%G;w@lV2Zy^Sm+csb*owj;iw0Bj^`FxKTT?rF^)^
zlz&xAU<_9rs!uhGbzFO*`^zKKYIm$>pi9i7OSx+nKcS}y#7%VY;d*{_{}Zc^dQZoE
zWT}Kz61-k76P>5M-}b}uRIpwIW2PMWE-H$sj5G+AiE&fSef4pl+++mHKXHnOm9HOa
zm>s=oQy#+pRQ-f`FS5ayvR35W)^RHF0OHIpj_wHm3g0$3lLuzR+9kffzq;>tzK;(h
zr&(_oKJ`&#yUR$a4e7dDcq!SG$1tbpONmRd4^J$1DZPNN6y$1Pyv9;8RB%nIvx`Fs
KwRVuWxBmm2L>qhn

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/jsse/aisecconnector2-keystore.jks b/idscp2/src/test/resources/jsse/aisecconnector2-keystore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..2e9d53bd189ed9b992228bdbbbf3a850e3f0e0e9
GIT binary patch
literal 2525
zcma)7c|6ql8=vo(5#w$c$2OU1BqlSy!??04206w#6tlvZV~J)M(_s09Db!TfCPh|`
z<jO6Q<k;M_rF4>|GNCQGw$#cFd%X6K{p0t?=ly!#pW}I+&*%02JkOW6U*19>5U6wj
z8v`Iotx&3Z#svrj4gp25-$7+r#7<cN2H>G;004);M6l^m(cZ>g1dp{T&CH?AA9me*
zdXW4H;uc{xj^6g6Dg1-3Sz!@JaDG>9l;6rjxoODUczsmp)!WkzQ%RZ5WV66zm9Jat
z$i<EecFB5(Y`f+P_X&prT<iPtw9L!D>19xUK~dz>?M9QZIoqT8UgQ^bAwyK}b8K9%
zXG}769C7%)S?1`id5bvaL`(+ueLn#)hk1EG^(f@=y}Px0_%=U5H^+qZV8075>&Fu8
zs?&b#m^-m!sjmHZ_T6B^wpR18C1;{_mT0i1G*v8Y7}f#@JuU|24AwN8E*MhEQ$3F-
zT=?{@sm7Ux;+6BGvDYIi?qU5?G7s6H?s%zMI=5O5n7C)_#3iZCmMwG(gQJ2j`7?CW
ziF;B8p1Iar+x9D0IR$0m`c}Ovmke#vYX%_B;cR*dd~w;`IMOD(f5H#7#U6GmxBFB}
zds~28<gig#S@7+%y@LL4P~s?u@tIKvD;Gr7*fqn|-on(JitPE1k2keNye)lqXxpdP
z4@-$P=OtUJ(-uRQIV+kreSzHA(+UpP%C(m{4RKGB-KJtE>CsQmcBj6`%~LkORVazu
zxGNnpyfT{mXO=-sG&?gzr@DRmf~f}ZtU0+GnLcDN50gA-Z^Hxk`>L7Y#ii7?sK!9o
z9I-f0>FonnzKxMy6EY*@zWSwQRP6~MJ_O~izC>Gig52gTqNI&9SdxWooT|)9&~nQ`
zf0j?{9dCmcih0{<>l3i2(^@Xr?Pv5(t)xFDZjF0G3|aO-dvfAC<z46U$R}5OxQkc#
zcVh5UqPNo@McuceVy;Lik?(lITekcCeWJvx0q<13+b5Hpws+X=(7EkMUsmqgTB0%A
zo>$PJF&5Kh^`e%sc7nRFz01LOHXxC8|9JakGRH_fiFU88UKF3Q9@}&voK}1}UhB6y
z0FoPJHzNPg6n#+DB{nO8+w|;iN|>Ql39}kmgl>91aC)!dg!dzY<I#D}Z?Db{odcCB
z9B}b)y~p$2g$@xJ7hm3>>thVzA-x0ju21%J6|Hjhy$1#6*2#XmZ>Ac+d(Uw!8oj$>
zh1fTplUlmn<G+MG_h?_nnPcQ<Xg_{@)6!?Omfv`&Bwu?lJ3AO}oi@|b@$D_MBVQdp
zhlU34J2QSGrU$~JCs!(SaJ@T5qRh(dhY?8Mt_$x@XCLb_T^_z3n`Vvd;R)aP8P2Ae
zN+u+~TlKZy3_!nO)6p+oKU|DoI9#Fs{gVB?tFJ*XAp6{DeU17IiKLZ6?P~U8_kT)C
z>D9{N&lauRAxz<$L&|JV7S+70xi*mUYhjf>+u(l?KQ8n3l^(V1k6#uw7rtISi*)#v
z7Q7T-!C147=N$9z)E=7S<y2pSVGPgf%^(7lZ2PA>cJ9*bR#E#QJ<^YN97EczMLYg3
zK0dDgadbT{T>JXbhjr7cv8qdP)lPeRU|Ht}PQL%SXJy;L7wD5Mp_SD{JZE#>laVL}
z;fcG}^A@-qQjTtP(<@^0sOsTslRl!O7QQ3&tUft({xy|n*xo>Q-xy&W+@v|7Jgbg~
zq{dcOKJA}*^uyVU^1Fvkl|ZHIhMkOHr<cQWVKEnrjkm?S%Jady`iZX%8Z=&KIqq~E
z-1EwF{KDa$&P~fx--fMWz_l$UODW>>YKns;C!9i9q5IAI#Z?J_fm!BO7n81{X#7S=
zg!>WAKr09YmMblX7eJ9rVu1`4fI<NcP)SxEpX!wQK?wj9q}6gSNdc6XmGOniBBAyU
zBqXS|P7sO+M?T{SH<ZU=^GRDko%Kl>MWnMm4dcU(7GP*cLMXNv6Od#HZq-yGS%D-H
znM49jOvrRiB@>dAn*K#W#{UsP8B|=4pr8o1b*4E`NCa@_pAq#~WJ{J6o5>+CLs(V>
zvK5m|2w|~70?1*4(rGfw+{ywJ0o(q4FKNY>5dkXFRsbNNA^?DN<?tJm&y=}9Bh_q<
z<UiMD1RN-K)hJKjG-g?uIkdWU=k$*x@+LQ<Xe`Q>f*8_R(QZT@nlB3M3w_AFABOBq
z_x*CCC<F0XPk28v{I1~AE~f*9#_d*JJ~r+7dq=9e)|@q0;X$nnl&9s&y>kURnEKGQ
z{UUhwK8JbIWD@ro0af(CF4g=eWNGn3yqVjALnA#wcj{z|Kqt|W{TS_bj~1&ihHSw)
zqZoS1`*coO4X96@n9;7VzT!HZCmeRJ>=t`blP7T6mzy{@%reEEpM&O;$%_xB%YAHp
zbpuiN%!a6p0z7$UvdlH_a`Hm1-6yDeRgMrw+b?i|23bI500?kd1jI>S<OqnCJ}p`q
zhJvZzNuvh2(-IZ3kCxM$WGCy6_d^sx-SuT0ObbLMsSlp+ZAytN!<7tbT-Ee6mar)Y
zr#Iw+M#7*V1XNhxs{(_`K;Z?T#X8Z2fglkyD!>;Qr0RzX1d+RpjhXxiA|ouC%_MUE
z5fzceHV$J&6QygQkF1=uTf^a-008C$I)e6pa}b(p`IiqCFNPbzV@OZ@mnS}tCtxy|
zY`#D$Nps@5@#i(S!%(35-|l3f|5yNccs*M+7zbpD<Rf@YMnottS|Gwob7JziTsBj{
z<CFd?RvJwD!ysue1OQdpK-CRY+rZ5mh}=N+4b<2`)W78^{dQ7$0@5DqlgW1TFEo^a
z6M{&Am4yw)S~6;}xC)OTp+=PgcSp~Cp*!T8uU_R6Ji1_<73ybor1H{ttVh2bu&o+V
zwb*Rk@b>ukRTLX_cZrZ*^vcAk<NaBW)eictO8%aYxo>2fan10I#Ya`@S7wR+{JvZZ
zh&447^ZMsrOi#Q;n)oxx@@~=3)O~o&?o!-nWeXRvwS#$;=<<|x+u8fIV#h1^sNL>Y
z)mx^og@=9lVW=>lQgh@O|5uMgvo)nj%AHygdoQj}f<DJ5#kILsqRM<htJQ0uOYkjn
zi8hjoJrh^cK1IxpC6N6XKIXKPo|kvZzOR64RbhwDph6T`u0CpCt9WYXR7GR0ze=QK
L8oqB?Gl=~I&$keh

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/jsse/client-keystore.jks b/idscp2/src/test/resources/jsse/client-keystore.jks
deleted file mode 100644
index 1a296db9f9a1a905aab56457e5faa5aa0c55b332..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2495
zcmZuydpMNo8=i0G8^<wB4kJ=SA>#ARgpqQ}tWi0Jgqn<DM3d2&aY!|qU4u=Eu&Q;K
zhH_R8VJl;&mBK2uP92sJ(m^_B5j)!7?zO+`+CSdwdhX|azx%nL_qxC5U7TK=Mj#MK
z`2xN!fGCdw=Uu3K5C}917Jy4IRzYQh0ssQ$NE`s55ugBkxsFG{-+JtqYWmQ0{<lBc
zsqC>N>YHI?iYR*_B@Mmx!`ttg+W9?Dlb=!Z8xLu^rKg5U1@|%TMeLRVnTb>%(XEHC
z+iHMbZR0$e%5pJFBkc3EFBJPYo*9^a9nAi)Qf9lwE^M&b=6vNlyp^ZlE)Bg6Nko4E
zU631*>?2Ll40u1>uUW;`YfXr{HGDc*GH@r?VyjPH)LS1rrTpeT7InC*<!Tud<cf1v
zq96NDNPKaOFzLNDt&yx!dn1d0iYJ7k8H|?cVM^9a7P!uu;O<=CWJ=4Q(Nca?MtZBO
zF!;H*HDV-5&;z2yEAD#*tG<IawVHE$gUnC*Z4jO3&<rzu>%v5mOozTJ3f|FS{%0sz
z--dKVd4Ew$l=LMe6y5()EClCwP#-e%ks@k`#&%nBa7|76WwW?*Jk!O^=g50%Zv^4B
z5AhEyK6My5IV(CW>lzJI3yUBThfTUqTc6bXUbZXf0dG%i?v`KYH*2ec+!I=s{a7Po
zvcl?+IK*vpjH_1h1YXBUdeFGc<dSYy;jzJul|pja(o=hlO{W{NW<)*J<VKMb|A(dr
z8EWF~CfWT?%8#}eLF=Kz7YU28ZtD)>gM0UOyLhZu0gXjz#EvfovTo}XtM0xaSrU$9
zV;QP!7;2~_z#40{aCeV)(n#QVk^<th?v+&WVk|Y}Y(lkH#dgxbs$clgzGp&aL&}4V
z7jfk$2v3@#y3ejUTU30ded1K8+qg?wwVT7OngkQZYG-uKRHc7(W(JAZEIki7XFHGP
zNZBs}FA=n(bJI#|(`);$k2YL3Uhpb2^i0O5{2rH0p0XA|w|V!Kl7y<6k07|Sf4krk
z=i|_=7Nu8XHG|ar(9b)HCT&DS&TL?I7DtWG$F{A4<I^3H+O6riKGEx^=adfiPx)W^
zVjOhPO!zJ`J+n}PTSFFIj8gR*_3*CrV(&ezyy2D7_dJ2YxxnE;$AC!8in?=4&+?r*
zR5RzoW5+YjW&84nPVKwc8@MZbrGwza28{qkuOrv57cz1%({~2Sw|2Ffd1|&le^XgV
z?#=k2XT<g)Z@?qcAV|1lqN$1VYnB;ir@F_7qZvIWKD#Pezf0XqDY;MYz_comh8XLv
zrkLbiKk8j%J-s-g(<Uva<e1+;CSd8#V%0f^!UN);j@!qMO{{<TQ%m)FCCF!I<Ip}M
z!^qHWmSrj<CX5r3m8s-e*V|e*Qmom(<X9nEZfDl9sw6^-XBz|WUH!Bd5*;sB|4FTS
zS6@p>dREQCYm_6s$nlA|(_{Y1u-}+dWAyY;KtJ^k(n+JA^zEVMw_`v1w3^Efs4=UU
z^$Q6D{4ow=^Q@Wg0B)bqFwXE*1EQhey8hTjN6C+$>eqILCuLVMV>bq2ltVsrC0FWH
zG2>?fjA>cVN0+QaT5Ood72DJHSg?1M7Ch>X)4b+%w>44rgM@#iR4@P3$M7I}P~@?h
zw#OH9v3zP*)h!zDy<N$v6MV6K1s-EF7d~1(lGo6#58=m0ULP9<#_nBkxoU6U@w|C{
zx4W5Wskz<QNa>!gx5EfZiUFl$?dVSvQ$4lsoCcFSXn9$PxjSB>E64P^RZ@2d?LL@g
zx6Le09${MEOqQ*sxw^hpp2)_PIKQ}Z`=xH0uz+f`y~8Nx*~w4d!8=G0PnT6XOZz$%
z(YqlVcoPBv9+pqUcvyg<m7tIS5(xmXnu4;q&|Uah4FFWp2zWD56;@V21%L{gNXj=v
zO&GTfR4^)T96B#%KbslBA>v`}<s=G&-A3^v`0>JAT?izYXbZ2#s}XI9FiBp^2DY&d
zmP5OLLHN-BldH>%%XySA3R~$(5u6wz4pv`IC}Na6c@Z&;{Sh($EdUE+md~kT&@S8j
zzHue4gz<j~()fxA%d%WqQ4uj*SO6IPyG8l@M+pFRggmc;6aWC?asBR1AN=NXHMb1a
z)(Y_h2M=cirC^%poAy$Q?l6PduZJ}+opQklsmj)peLdkDqOek@`A0)B<Ob@t>hbyF
z2ATUIkMEY6y*QFCW40jA;MVLK%TNN_t8_5h-%!1Ex(zySCS6@;>=2bun|w3rl^^r&
z@H$QQM0{e>q0Xt;myHg2`QbOM0`i|&h~KCjP12!iKiwI0Eb%i5+eiVNb~^Tyn~FvE
zY2Wh`=5z^t@drE~d@OOTf023jyX5erSAF&2zUd-C+gym{&*BR{(buWElPa1USCJ`U
z^puI+El}Frcx0W3EAj9D<QQ*~n0VlnxbWp4{Q76C%3@j9Q6vgL0Ac~)DZi0zuz~y<
z4X~gNsD(Y-nPYplpV=jF|FQ1c2)$+Za|FC*d3!CW3+tq4y-)3+6l+{+tIJ~f$0-uK
z=e^^Oe|3(5CWwR)u<G(zbr3`$(Iqf>8LR<e7=kTI%uCh_P4;uSvG!J03=RvTN5w@j
zAm%^*g2E%LqQc`K`5x@Apd^30(P%{g0Nr6XnDRG<kwUxwafGuIVpwdt{EPo$;;`9V
z2AvVX;VxSgS`Pkd(-_o&wf?3<A^(X0*kxHQ4z!2u1j;NngU;H|j^hfHi6k;4ZvY|+
z2y%H0c1%nJgUjapSJi)8PX1TPEe9a{wI%}usOfD*QnKb|PR7vd<VnjTcMH5*Y)fRN
zE_%LpwF&2dfmVYp?nYbpO}Qa^a(M1xX}{E}oq3T<ESvYGv9vlHi;rf@7ScWTzB<rq
zsPsPix5>?6ij50vnOnyHfG@LnZ8^?sS7c0uwuVHiJiSMA;7;)sO-O0(A89A!Yo544
zE_sl5FnwnxM-=d;ckc9sV>cg!S*YYN3NreM>JM*p?=@XjF)ZPS5R}JfPIvZp9&Wgy
zeZ;dwZ|7u{wny~ueM7-&7pm*7;atnTCh%W$#XHQ_qFz8X75h0jS;4`eO-r@!Ayw-m
vzBj!eU8}##_KO;_e`T)owl{P|`L_lqUG?i05<5)mu+0@`1t|N}%b|Y)9u*Bp

diff --git a/idscp2/src/test/resources/jsse/client-truststore.jks b/idscp2/src/test/resources/jsse/client-truststore.jks
deleted file mode 100644
index eebd40f4c4da3ded8f6a3a60042f0812e1a3b4b1..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1954
zcmezO_TO6u1_mZLW=c+EU|<aY?WpyDfi*(U)WDK~fjQBji8<DwiOF>VGZP~d6DPw*
z#)ZZgw$)V{@Un4gwRyCC=VfGMWo0n1HRLwnWMd9xVH0L@aWxb+5Cn0!c(~k(5=-+k
z^3zg_3?&W3L4wRY0-i3x3PJh#B?``t3PuKoW(IQNyoP3m21Y<zO)O2!qr`cQL0khU
zmr~=K7?qG6%*e{X+{DPwV9><K#ni;e$Z+q=8s%Rn=ev9pjfhRjeDk4v>IbQ53xn&{
zeeaKbu+wmVuBJ0fL};VO;gva4Z@b++dT+b$;;*OX)!HjXDkL9CG?IDVRCS@>JAlD+
zQS1B*8l^wHH>KZpSRLCT%(83y;r`<OLdMIfCp%C2Kby1lV6@Vd9TUTBR!RT4>Xey1
zX-?8|%`1w__l344{FYAL%D(8+zth|+g7){`pFj7t*(BBGS0`Vqx<xYoJpYqbzk`|6
zVDU@Q$Q?T)l7xe_873wlnkpW~>J=a`|JCzdDJ5mXkD`xyeE7Hf4C}H7GT-kP?00S!
zUn_ZZe$Rz+^Rh>rZ}`QZ?%rveT5<MW)ieIwRT2*c7&1*nnV1<F7#AlP#2Lr}V@Q^d
zMT|wHdWP(#|BYL2-#8R6+tIaFDo8g$$3Pw=t;`}}Al86g0Y6BAFeBrC7FGjhAZ5S}
z65wZH0j3`}<TwB(8ekkSGQ{t?Kl8zYU+i1&2Kq-R*Qq<+o7r_=#Wl?QulV|;X_wdE
z+Ow81rCM2u!+wRb;q<L$s~>-Vc3@Svzn1d@mwsQVDx-U;=gzJO+&p)d{L&}ed8<o5
z1>U`Xv|J#?B;5Znv+J*;+hQk1?0mFAL*VBkhGn0oy6-JKaMx1zQjG6;y{mf5_U;oq
z=5xThx|sQrj_|6Pk9aRFozpT;dd|GS#?rYRr3)we=>9G}b5TZs??t0U<_qC&O_!~U
zGQQlsHBY5))7x$LFK@Z{fb*irqcd5KS-Oigk1de?SKU{eXzkPVXS#ULw+C%|H~h%?
zyypHt^*L(h7yH*`oQkgbvfbwmht@6W<9qtT&A|DOwYW41mi>$lBeLHMVD@_g%zkGe
z*^iMCIRv?Bk?o93fZ5I%mhG&G$kpNoqQEEy=4w7rt`06ug5_yKneJ6~!Vb}x`@eqN
zQCPSADgXLbaml@!`^sneB*$HN^6==AiD{RXP0df`5%u{K*ewvlx;MCTrEOz@gNwiD
z@1I{@IoA5{PVTyEQJ|=JqI+{#<Nx!o6c%p`?^E;4US;92FwZq3NTF)&o8#f;VegK%
ztXu4EwDC|zRL`7vi|QkDGBxLYFi4yA!aSpeseH0g%*G?Nwrvk$Zy)N`Pqg&-8eH9e
zNH=1tPPW~x9L@Zk2Ub^)X&5qBG5u8B?qt{66jAH>F(zj3fhglyE1tE#+^tn`Q8c@*
z>~(?bwvL<bH#2Wcdy?(#uCeu)McUCh{o9yky?H9$lIi~7+^u7>R~r--eo0>#U8oAl
zbd4Vj8s8#iyU(phUFHic-?zRmC#0C&@bqv0;zr7{U7LY9C=bfB7#Qdo=q%7$pwXt5
zQBqQ1rLUh{l%toJS)7`zmj*AU^-@yxGgFH7fN};QY#iEb!1A4)k&(s2z|Ft~#y4PU
zvw)hBl3$*elb;CGfz6~MU@4!Rn4DTv0xIYAKn%1r3@!!cuJ4(^`8iPfliCE?!s!nE
zG9S6pZ^Sh!d%j(@oM&Q5#<j_@8}#}^t)C>XFYD51=`u78&@%dR=X2lBHEjR%|Gxfq
zld(MM^Cp|32YnOo-8-zi=Z;LA*FuT!RzA)9k7if!PFvdZa>LW7C9kF&SjJTDRx`Kw
zNpFL<;!AFc$4_@Smj#L~+|;okV_k9cjra{8R<2ao)2g&_y-=oAo#OZUHvjx9J<}(o
z*nKLJxi*O}Zq>$kmbhR?g9$ltr;bl|-Ku4G>1SK|SG@!c=Q(i+MVGe9&Sh79EZwkm
z_PsrBqM|EXvr6uS@Y%gx!XY?sYiv*Z!4~nHT;H^*$E!}u96Zz4qxm$qaG`0!$_rC&
SIRsq4$r!~{@WDl3D?0!nu;#!3

diff --git a/idscp2/src/test/resources/jsse/client-truststore_new.jks b/idscp2/src/test/resources/jsse/client-truststore_new.jks
new file mode 100644
index 0000000000000000000000000000000000000000..998f04c7d601ba0540b4d4d15fe86bdcb7af0bbf
GIT binary patch
literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jf5m7g0V2#i-HLzr0V9qvZVoo<`V)9?W%*4pV#L2LU
z@x9*Bv>WXPylk9WZ60mkc^Mg5Ss4tR47m+B*_cCF*o2u}Tn&W{1VJ1w9xk_{#L~Qs
z{It{}LpcK(kRUUUsHaP?LQsBwi9$$fafyPnqk@rvp@o5*IIp3Fp@FfXp_!qPfl-t=
zuQ8BoWCrC@#f~OMC1j^FvNA9?G4eAQG%<29H8C<WY?5tN?)^5Q*D*0+%@qazhG|QD
zqy@Hr@PA{%c`KBAiqOI>vpkK@<?@GzH*|O}5KMY{Sina0&jg>{zD!3f<TUMmtq<~_
zT-+~h!uwaet9;I*o9Ds=1(zJ(rJwyH;Jv)wW1orZ+#a0O-27+71BUVgi(Z%S?Ob-r
zXKz8w?wMkhECNNVGjv3pWbRC!@Z?=&Wmvg^*NrtT{hKHEy|Yp_-|y37-EzrY$8|r`
zd>L8WmPNPq_~x&Fw@qo$5yw>f^<FE!$;&;sTP1t-^dg(dS-HPdKHL`;C_7QZ!}u<K
z)twKMN;h2$f3l``pO$gS<wmtWY36U2zLYH4XQ<-fVj{7le7V=eU9n8ej0}v66Aa=E
zWPx!d%f}+dA~OB?n{ZE-?w+*t$KgB6_{$c2NS<II50X}9kuVTzz^;HFq(GRF@jnZz
z0W**?;06isv#<bDk{fay0Fw_e4j36an3bnx9s70Sl1AY+_Vo3?s?FuTc4e_Bt#0E@
zsf)g?cGhuD@|-7(^`W;d_wQHtZIwE3PdWYnvu7L5e+=xjP+z=w_i^I{Ul-?p=9UiS
z9S=U2n>z%Zipp*lu$0)ca^by}UFXjJ-QyZ?{>+ZV)9WPPWv_2jS{fCjs&lH-W0AJn
z^d`@i3n>%5^?q;5x~aP$C}VQp@AKi}X;aJWgPVg@UHk&fq9!lNkFaBXHhY0NA8+i_
z0|h1%t(fN-%nR$yK6gH$%}Ddu&jpRiqF$e_G?cswTARIFYr)q`)f4V%ADcNjK_c{Q
z_q-7GTP|1ZCae^(R(4Tf{QLLpf@vwwp0dPEJAHcYPH;|SEiO$0XT+SFY+JMu8SxV^
zBfbM>#A}d@$jFEsg4{I8fF{5U2+Vv2MwZ|VXcA@MKtv{&F^~erGcc12gEBcde+QQ)
z!Lm4^?6+E_C(QqrT35-%gSVdjJEkXlX2wb9;|r=H&qqG5@jDQwm3?>1vkmJM4k%n(
zWv&{pG$U!(o-1X4P89uFp5kG)-PAZD(@k=FV1bFvhNg&8W6iMqlh41(Dg6<-eZFGO
zN~O6gqQ3`)HTed1&Qp6Y(r*y`BceUJ`C-GRNBlWeWeayq(t8#haQL8tV;V2-&qF^h
zo0Pr35$7su*`aXqw@F9hk+cPe1tJctZOfML_ddntp6}9fIC9deG*Ly7N>#??wqo-l
z84qW^R&lRtdE3}~<fpfHX*VZVh+ui+ZJ~Vud$Zf7{z}W=V(;q5y<UnxFkDLe{hl{5
z*A|(7oI3xMSFypix33}DuknLH<6EQ*c)I8Kw${oO%F9lRt`-l_f0pVT`+~9z*k)i3
z%8l|Y1_pWtIt#QGXtb$il#~=$>FXyK<>)157N;ibrNN7Cy_8h_%#>n1pqxPn8;3R<
zu*_#?WMuI$a5Hd$@eP>TETCqj<d^5=<R=1kU^A%*Sn?+)CZ`sa0E>MyJrDyeHG|6o
z!KqSj-)zyd{agKa!QYw;4yWw+wJm3*g11jl;{112E#n$j-WJx6t=(6%)q*aUGGw#;
zy5KBQD;fNflWV%jv40{$Cu%Mn59m$5oqTVV=eg`$_O5mFERRlnzrL02cVNM#Bj2{L
zt8KjXc+FOed5P!u`?=4S4b1Y%-??DNvK1R{JxO@1*&4G}H&rvC`l;9g`I=)%Z~u9)
zG}_O%emwg|cZGCR_eZxl%g_5C^<^ZTee+9vMniO0Y-gh0r`;LVbKcZFJ($0dnWyoe
zYrYYqA=e$%<_Ut+7Vmn}bu&WYORM6`YKBXK_xC*O*&X-8P$I!$Zrc3ySu?wxy5@h*
jKJsPXQbv^>U)0#*vbc9$N>rMBDW~+|HRjd{yhWM-qpIG&

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/jsse/server-keystore.jks b/idscp2/src/test/resources/jsse/server-keystore.jks
deleted file mode 100644
index 5e8f8003fce1cb4f166cd15a7a359cfbcbc20c16..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 4494
zcmaJ^c|25Y|DMe<w#kyE?7N6FjGeL<CHt<ijwL%2MigU<kiw&c?6OCQEXmenmnFMV
zWEUaX->K(ap7;GczuzC{^SQ5c-}iOC_xF6y_qxu>`pG&71cLnY0)xnIVX#;n2n2S1
z?D=yS1R?_ic-S#OM@}V54u*j*K<L3>G7t<8Tej|g@!<ph>d%$&@9Di+iZOxG9G!BW
zQMqk)RKwU^o_f6&^(orgd{=IiFL6cpf>9%NBCgMPcRYZiov7LTz1C8W%F}VM=A1Mv
zE;y~p;q_v)`%|n$%eJ$v*@D8Y$&x*vn~jJY`@U|f%ZfLndPei9w`JHxhl28~On&t4
z58{7n!yZW(ouSg=nak#qU6)~4yZyDUbtvkJn!n5Lroc`PZ`Hv^)0^mUELE;@h!i0{
z$F{biv65eJR^I<*wt2|om95KfQ~O8IYu_y$=jreB5O0XeFvMvTn(prf+&A{E(q-U3
zKo5x=vGE*gsIxDHcAg#yxnxC^HqM9SgXS9Vf91No^@UgqoUvi&B%?nZQS2%D1H=0r
zox-g6<bD)^>mW2g!`#35t^^)?Ze+S@2Q@dR@S^KXGTk>TTbxP$-E~pb$|8#Fi4(t;
zq7iNC`--YsbjzZ(X3px6JCj^AW|6Y>Yi-L1$A`2oI_7FQ(OcZq%`zCZrTw=a?@zWM
z6lGC2_4GZ2S(3D$;x2J=uZGp0>sbtZFUjXf_APHpDn#iG8`WG<e1nuf=Zs=+E)VtP
zpE6Y8$u6l9&qk}0B}Ec74E1_St#clzSAkpO4?_1pY2Vyt!S*s1ZO3lUy?KwLj`Z+I
z&W*^~=hNXOyzw{58_ft~?em@ss%sMn(ApP4e7@+od!QJ|cfBwAiivC7XUf8NFS=;u
zyqAXahr4fwvUW%hk{Nz1BDxP{eo*<`ieA%sNaV0F)GOm;y3$(J*Gq4JkBeyIVftyu
zshdPG@$y7x-76)<qRjrubIp-XYZUj)?dwPn)g<9U)h`#B<A#3vD9XjI#7KH~WtR2p
z>lnIhSb}`0RAY_mtZszSk_Y)+O9)cZv-Ev!#6%xH(#ZO;s+8pkS7jh(IW145aZP?}
z3sz}RuvK@#-9TA7SJA(N%$L4HNAG%jx4!Q5v{>P@*>&5GSG3}18(*?l%axpNSoWKa
z4BJ=O-#jlleh~F&K0czIn*D65fjWz0kdK-?P;v2khF4lw^}+G*B<mM-w62of^7!2s
z@J)p{H(fV@8)9p%@#TFVG$httmf2ILE-lBzzE7|Zi1qv#ejKCRdoX#fk#Cf7VSAV&
zD2V=~QImc4(-Qd5Q6wlfhN6E(L<PwfSr^a1a{ayeI_#;SE3O6^c|rW$Y@TcN)YGX*
zt8fjQrlbH4F~+j)A)!Y0mriFb^IexI-c&8xc0`a}<_t4JC1f<YyYk$s^~xi(C-3`U
zx(67Qn&{O1A*s(ZP9aN^j5<<}g~aoxSw{LxduFv?k1fOWpGFYrE6ZI#($8uCVD!w8
zh0U?+p|9)8t9Wx2E!Hit4hR%#R&dDnej?ypVj`U%@rIU}lf7c7s|s^Ihn=H_8{HFN
z7?nL-OL@G+?6OJvilFdV+a-dZ+K`&Ar=1kr6pfnoLt#-kBzTlb^r50=tunnbs>ig$
z$57*fPG*fMdnczSYNiyKWT}7eTh&1EX~6W1b0A?o>{!WZ)%rI7KKRhf3440_7V^kV
zT?=%;ciG5s^<9;~^Yr^V9y*J>EJsD-`?P|~S$&<%p2C^c7JNfl!3M`Oo}U+Y`8GFW
zd-vq>!kO&ig*jRIuQ!i9Npf6>zeLp36?sB<{Ob9w!IpVA^^A!uf%}|3zkZ(tsW+1P
zqPe&<AW!O)F919w55R-tvY-$!1Ol_BSt0<m<nRkoSEKf5!C-1K5Ws|F0M3v@O<+(O
zxVx8wox6*d9~R(bp+(9eB>{OP0HCC0EJ;xQFYy1^g$MKgm7dgmp?EL?M2dh4f(L^^
zaZ+|$)klUm^eQYXO-?JP3WIlWqXaeGQB4Xq-Q+3vdCxAt`=a-15R?Vw-rhs%#8!R)
zmz=h|@gw(Ivy-Qi<bm^)>nhimj@M@93dMw|UWr3kGN1TCxJiP@S+=yx<H3S5KIXNy
z!@`TBUy;)96ddn%ay&{vHjm5~qGkpu$m<vjh>6C_l+R_qTn*PHucVcxUvPiZ$v&dz
z^YXkADgbJ78z=dNaG`v$G@X5~AeRv>-qs-7G2G)FFFeb9i(aKa&V#}uc}~gREIM`Z
zdR@uFbVz5s-z&j<TGZ}n!8SrEn@A`P(`3^WWzxp*W<p~Z;+A%~uEr=OU*u@chCsm}
z@Lw}TdI6*ifk9&A2TVFoY91z9febQMLu2@i5ie{z!jqPc-Dsg1#D$H|fV|gUL}z7e
zAQ#WPW-)677dD&EXg!dlWRPbdffn~<ZFS@ZZeyRwr3E{GU?w1Vpeq@6o;m!>%H0<b
z?4qY>wrPwaYcyR{QkY@QYiY$sqxPG~s(8+0HRT;E5&!Rt8G?hF!Pi260GGBB33(dt
zeoknfAKTOdD!aKxi+9>47J4ONDDUfpN%w&cgyl=F-4Fhb2+Ne&`3?W(12ucfxz(TW
zvTrqg>1Ac67GzEG)u26^#9~@<8#^iJ+>zc}>lTxfB*e?;iI_LeZj;wai_qTIB{w9P
zA+@$GnVi4N7K|hnui2q0w1y<*P?D6N{*9Eco>Pw!o9DBj$*%v@n|PUSCDn2s!5`Xs
z;zQ%vM}bz6<mcOz(IQjlFHkW85^nh{FrG`RJX*BP^br)u|FRTvb}BNsX_8oae_^{O
zp5yd*@<d%<+4{|dYo*_n)U>ndN^=6%yO1A?j|B3uuC|});#=@%ZlUeAW~#EkZ7rc&
zhj;o$;>j`X*yp_;m<s~CYPKkrUP#<bu}AVgtaqwlsAaZ);C+S9;aa+l24@nx>HtA-
z<umqmu<u7i$}!uH>ZaaY+V;<ewI+s_86$Ri)E~O44My89^UvdMu}sEFsVcXnJeXlH
zJYSaq!z3+R#&6`MJ{d%RO1wB9&|YLGGnQApFSg$-mL=0vV<%0g`da+K*l-rX^!BqJ
zh}WlutnnmDUn{%ZcPIVM1v^6ghTF5~JFmFzRPa_7x9Ol%c^FIzgc4V=0ntw1+@CFB
zUd)PaJcO7Uu(?_on{HCBy4Gi{4>%Mm7_xo~>i}n&+qNN|NS~@hvXlsP=ExuYW2y3C
ze%Ef%8x2*RX&*l>FbZyr^)t=M*%(Wt|7`O4xNjt`0oMXk(3=8{-8-B$4(X#-FMCB^
z0eUu~6GYRIvk}`q!;cRxcA3k`UXesg6isCgbwJ-gy98cNHE%QKI!m}0W%w>Jv&!Qe
z2T$;7{5|6BhCM0%{u)O7hFKw%S4x)7;hT^EvY)Xo0gltjDPoB3^|A145^bx0Ja1Ou
z!yRdzV_N$va|iy^i7n>RgbI6s^uz5lIM{Yh^RSq|VronVWv~a=BmGeSmCG){Qy{5w
z^kEXUYj@lv`7pWMZ2dfYr>|nc6~TVL2Q!c?-B3}#QL0CrI7)#}tpV%~M#m+__6Oaw
zz2kG*Te%X>i8d~B$z9?-<?(hq$M#W%3%m=vN@W>xktyqIyE|rsJMmq@#fncV>W=g_
zjf=}z#g*yX$g6CJ6?n$K_c;0_pqV~FQy-+`Xtdv2mMjUip?aRN7E&KXD1Iz{xR{)W
z3U<)=bc5$1CZ+R?ueYRlf(6)(z*qWi*v=-o!Bo9(-=>%Wr5)$RZZj|;Fj(T~H_tHH
z6A}bqFlp#A=MF~g`#y_}(SuwRFQwycSky!x0r1>|XK=;U&Z#47v(7SWi_xncj!fqM
z)D`$NR$TL@+a8vwg@O=pf?G7KuLt46aN{xC2sv+l7V~N4{!SY@v53qoP4MU?BcJ(l
zTB@zDQRf>jsRm}Tm9+7`-c1!8-+N)<?cSy){5;7)0)F$sSZV&8v7&0XesQdm+-9en
zk~D{g-`X&|xaDP1^Dw4y);h_+Z6n~I?xOWjHPsGfw3G~AMY(WaJEf6`g=bEZ49C)(
zjJxg;=rf{r+I{asD;&6+c9=20<voBBdeCG5cMJbQzFPi~IO6cC7$GrZ?3hk%oY8Zd
z_za=0zoViwrAP5DEZ5+uP4m{vU5z_#+1?gHD_1&1ubbj^-$AMb6Qf1oS&mNV^o2N;
z@6q*@y-#t@%x0IU(=^K&LY;c<5DD~_YL0SUO<Vh(DsraXK|&%K5jKWC@Wks0uN*JB
zaNlNcllmUd+i-<Xm7yCwx-TOXP4y*rT0+?(U3OM{juD*mp$d(<q?(sa{oT+v_qB<#
zhSSw=qH*ca{0MG+)vmz}bDz}DKL&{q$oeujs7y~qdNtO|+2nYlrdp*2`d?xW3nFzy
ze*h0f|0(9+{}mEI5lIcee<?XRBSb?J$q3N@0#r0qTE2F-Jzcz<Fuq6@;Ow7TPp7S6
z#BFrjUR{-25<trQ7JL~bAW1R~(txDgFTt1l3j}=rn;bz>F%mf?4Y`^f4&&>Iqz4ec
zZcxxr>fXk9I=Emw|2_aZfacdaY8o<CZ6i%}Bpbl;XFz9uWA5K!VSN2Dz9iT1|GSA6
z**fiSy6})1BcfG&<jw_I;p7L-6O`PID1-)J|1^v|Axzh#8LdTQe$Q-%v4N2I<7*SX
zO$t9h8lt6jrU_ako%RFGEXB)xH8QEz_&np+8)>k9yGR|)gE~K$+TMD!SOfFdF_U#C
z@)TWvekgb~+VVN~`Uh9pqx$#LiY&!~^l(i?)A}cO7laI!vN<iz-*wr#Xe(7YY~49a
z+k1l=e`PJj53;ld(~PtpP0(tNVW|x5@VZwWbl<(*9KEp;0~$IHE$`&8U@h@iVo+{c
zRdLVt82F<rqGL^g_+*(?B<s$di}}07V-)jWEd@fuq@{_7<c&-dgWAI3z%K#6-9#=P
ztV_z2Ho!qjBL^Lf8OB7AH;BPXpO#R_G2mK?<5+ly!cYL$uW3FQE5IDev>n-@@%&6-
zb47x?u^$Dp`%up>?04mGFv1`J2%!G876F4nA!J#A>@UCt0|0SAEbBs+aFn167VE7b
zA>rWbE^g=Qhj9>h`geVaJ7OeU9sR^fbAT~9CFwVujEn*dhFt};0F8fP01_qlPYy?~
z08e)>JJOE7WAgR#!aCSFV0^K^N>u#U;Ll?Uz?cE1f6+l9{~mz>)nC!l!xR8H{D0gm
z9*&fh6(=1)9Es;9h3DYq>4|Z`dinm{Q~%DM`3s;kUN?*q7Qs0wwmkLH<elH&@y>L*
zma5c6o-efVE~Yg&OiQrtu`UdGB-6QDe<;0@HqaD!;!0C2q|N-y<8Ey}N^3;^jhH3h
zF4}i*FR;gz@o_shl<to#uOC^p7E6fQ;(CGIyi%jaiV2k}R@2~caFgZ7O_^1iYvqe|
zRufigAFwEck`_t}8K591Wo`MMX6fU}2r(h6k}VW3uWM>+REXbn;Q4OXTn@dYs)U3#
z4jbXtYJ>!5ku8WFx9SKl>oQ6z-&L%{QZo;v$7v8?nKXv#E3X<=N10LP+32D|Ul~q3
xTi2Z}@4K}q8t80BrK0L4(d_Gz*0VRpzE<O_#slAL@11?y7CZln$S;{9@eeUh$Xoyb

diff --git a/idscp2/src/test/resources/jsse/server-truststore.jks b/idscp2/src/test/resources/jsse/server-truststore.jks
deleted file mode 100644
index 83991552129b62a062ead9631d1d6dcf07038ef5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1954
zcmezO_TO6u1_mZLW=c+EU|<aY?eK(=fi*(U)WDK~fjQBji8<DwiOF>VGZP~d6DPw*
z#)ZZgw$)V{@Un4gwRyCC=VfGMWo0n1HRLwnWMd9xVH0L@aWxb+5Cn0!c(~k(5=-+k
z^3zg_3?&W3L4wRY0-i3x3PJh#B?``t3PuKoW(IQNyoP3m21Y<zO)O2!qr`cQL0khU
zmr~=K7?qG6%*e{X+{DPwV9><K#ni;e$Z+q=8s%Rn=ev9pjfhRjeDk4v>IbQ53xn&{
zeeaKbu+wmVuBJ0fL};VO;gva4Z@b++dT+b$;;*OX)!HjXDkL9CG?IDVRCS@>JAlD+
zQS1B*8l^wHH>KZpSRLCT%(83y;r`<OLdMIfCp%C2Kby1lV6@Vd9TUTBR!RT4>Xey1
zX-?8|%`1w__l344{FYAL%D(8+zth|+g7){`pFj7t*(BBGS0`Vqx<xYoJpYqbzk`|6
zVDU@Q$Q?T)l7xe_873wlnkpW~>J=a`|JCzdDJ5mXkD`xyeE7Hf4C}H7GT-kP?00S!
zUn_ZZe$Rz+^Rh>rZ}`QZ?%rveT5<MW)ieIwRT2*c7&1*nnV1<F7#AlP#2Lr}V@Q^d
zMT|wHdWP(#|BYL2-#8R6+tIaFDo8g$$3Pw=t;`}}Al86g0Y6BAFeBrC7FGjhAZ5S}
z65wZH0j3`}<TwB(8ekkSGQ{t?Kl8zYU+i1&2Kq-R*Qq<+o7r_=#Wl?QulV|;X_wdE
z+Ow81rCM2u!+wRb;q<L$s~>-Vc3@Svzn1d@mwsQVDx-U;=gzJO+&p)d{L&}ed8<o5
z1>U`Xv|J#?B;5Znv+J*;+hQk1?0mFAL*VBkhGn0oy6-JKaMx1zQjG6;y{mf5_U;oq
z=5xThx|sQrj_|6Pk9aRFozpT;dd|GS#?rYRr3)we=>9G}b5TZs??t0U<_qC&O_!~U
zGQQlsHBY5))7x$LFK@Z{fb*irqcd5KS-Oigk1de?SKU{eXzkPVXS#ULw+C%|H~h%?
zyypHt^*L(h7yH*`oQkgbvfbwmht@6W<9qtT&A|DOwYW41mi^vFA+p~KVD@_g%zkGe
z*^iMCIRv?Bk?o93fZ5I%mhG&G$kpNoqQEEy=4w7rt`06ug5_yKneJ6~!Vb}x`@eqN
zQCPSADgXLbaml@!`^sneB*$HN^6==AiD{RXP0df`5%u{K*ewvlx;MCTrEOz@gNwiD
z@1I{@IoA5{PVTyEQJ|=JqI+{#<Nx!o6c%p`?^E;4US;92FwZq3NTF)&o8#f;VegK%
ztXu4EwDC|zRL`7vi|QkDGBxLYFi4yA!aSpeseH0g%*G?Nwrvk$Zy)N`Pqg&-8eH9e
zNH=1tPPW~x9L@Zk2Ub^)X&5qBG5u8B?qt{66jAH>F(zj3fhglyE1tE#+^tn`Q8c@*
z>~(?bwvL<bH#2Wcdy?(#uCeu)McUCh{o9yky?H9$lIi~7+^u7>R~r--eo0>#U8oAl
zbd4Vj8s8#iyU(phUFHic-?zRmC#0C&@bqv0;zr7{U7LY9C=bfB7#Qdo=q%7$pwXt5
zQBqQ1rLUh{l%toJS)7`zmj*AU^-@yxGgFH7fN};QY#iEb!1A4)k&(s2z|Ft~#y4PU
zvw)hBl3$*elb;CGfz6~MU@4!Rn4DTv0xIYAKn%1r3@!!cuJ4(^`8iPfliCE?!s!nE
zG9S6pZ^Sh!d%j(@oM&Q5#<j_@8}#}^t)C>XFYD51=`u78&@%dR=X2lBHEjR%|Gxfq
zld(MM^Cp|32YnOo-8-zi=Z;LA*FuT!RzA)9k7if!PFvdZa>LW7C9kF&SjJTDRx`Kw
zNpFL<;!AFc$4_@Smj#L~+|;okV_k9cjra{8R<2ao)2g&_y-=oAo#OZUHvjx9J<}(o
z*nKLJxi*O}Zq>$kmbhR?g9$ltr;bl|-Ku4G>1SK|SG@!c=Q(i+MVGe9&Sh79EZwkm
z_PsrBqM|EXvr6uS@Y%gx!XY?sYiv*Z!4~nHT;H^*$E!}u96Zz4qxm$qFj`}+)3Qdx
Ss}t|%#;}DMPmB>*G!+0m<K|od


From 714faa67683ec54e6265b2658cc9636574232522 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Tue, 3 Dec 2019 17:06:56 +0100
Subject: [PATCH 028/237] Implement a custom X509KeyManager for enabling
 certificate selection via a certAlias

---
 .../aisec/ids/idscp2/Client/TLSClient.java    |   4 +-
 .../idscp2/CustomX509ExtendedKeyManager.java  | 121 ++++++++++++++++++
 .../ids/idscp2/IDSCPv2Configuration.java      |  10 ++
 .../aisec/ids/idscp2/Server/TLSServer.java    |   4 +-
 .../aisec/ids/idscp2/TLSPreConfiguration.java |  16 ++-
 5 files changed, 147 insertions(+), 8 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/CustomX509ExtendedKeyManager.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
index 5ee625583..bd12ee2a9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
@@ -37,7 +37,9 @@ public TLSClient(ClientConfiguration clientConfiguration){
              * connection specific key selection via key alias*/
             KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
                     clientConfiguration.getKeyStorePath(),
-                    clientConfiguration.getKeyStorePassword()
+                    clientConfiguration.getKeyStorePassword(),
+                    clientConfiguration.getCertAlias(),
+                    clientConfiguration.getKeyStoreKeyType()
             );
 
             SSLContext sslContext = SSLContext.getInstance(Constants.TLS_INSTANCE);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/CustomX509ExtendedKeyManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/CustomX509ExtendedKeyManager.java
new file mode 100644
index 000000000..86ea63919
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/CustomX509ExtendedKeyManager.java
@@ -0,0 +1,121 @@
+package de.fhg.aisec.ids.idscp2;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.X509ExtendedKeyManager;
+import java.lang.reflect.Array;
+import java.net.Socket;
+import java.security.Principal;
+import java.security.PrivateKey;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+
+/**
+ * A custom X590ExtendedKeyManager, that allows to choose a TrustStore entry by a given certificate alias and
+ * delegates all other function calls to given default X509ExtendedKeyManager
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class CustomX509ExtendedKeyManager extends X509ExtendedKeyManager{
+    private static final Logger LOG = LoggerFactory.getLogger(CustomX509ExtendedKeyManager.class);
+
+    private final String certAlias;
+    private final String keyType;
+    private final X509ExtendedKeyManager delegate;
+
+    public CustomX509ExtendedKeyManager(String alias, String keyType, final X509ExtendedKeyManager delegate){
+        super();
+        this.certAlias = alias;
+        this.keyType = keyType;
+        this.delegate = delegate;
+    }
+
+    @Override
+    public String[] getClientAliases(String s, Principal[] principals) {
+        return delegate.getClientAliases(s, principals);
+    }
+
+    @Override
+    /* returns an existing certAlias that matches one of the given KeyTypes, or null;
+       called only by client in TLS handshake */
+    public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket socket) {
+        if (Arrays.asList(keyTypes).contains(this.keyType)){
+            if (Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
+                LOG.info("CertificateAlias is {}", this.certAlias);
+                return this.certAlias;
+            } else {
+                LOG.warn("certAlias '{}' was not found in keystore", this.certAlias);
+                return null;
+            }
+        } else {
+            LOG.warn("Invalid keyType '{}' in chooseClientAlias() in class X509ExtendedKeyManager",
+                    Arrays.toString(keyTypes));
+            LOG.warn("Expected: '{}'", this.keyType);
+            return null;
+        }
+    }
+
+    @Override
+    public String[] getServerAliases(String s, Principal[] principals) {
+        return delegate.getServerAliases(s, principals);
+    }
+
+    @Override
+    /* returns an existing certAlias that matches the given KeyType, or null;
+       called only by server in TLS handshake*/
+    public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
+        if (keyType.equals(this.keyType)){
+            if (Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
+                LOG.info("CertificateAlias is {}", this.certAlias);
+                return this.certAlias;
+            } else {
+                LOG.warn("certAlias '{}' was not found in keystore", this.certAlias);
+                return null;
+            }
+        } else {
+            LOG.warn("Invalid keyType '{}' in chooseServerAlias() in class X509ExtendedKeyManager", keyType);
+            LOG.warn("Expected: '{}'", this.keyType);
+            return null;
+        }
+    }
+
+    @Override
+    /* returns the certificate chain of a given certificateAlias;
+       called by client and server in TLS Handshake after alias was chosen */
+    public X509Certificate[] getCertificateChain(String certAlias) {
+        if (certAlias.equals(this.certAlias)){
+            X509Certificate[] ret = delegate.getCertificateChain(certAlias);
+            LOG.info("Certificate Chain: {}", Arrays.toString(ret));
+            return ret;
+        } else {
+            LOG.warn("Invalid certAlias '{}' in getCertificateChain() in class X509ExtendedKeyManager", certAlias);
+            LOG.warn("Expected: '{}'", this.certAlias);
+            return null;
+        }
+    }
+
+    @Override
+    /* returns a privateKey of a given certificateAlias;
+    *  called by client and server in TLS Handshake after alias was chosen */
+    public PrivateKey getPrivateKey(String certAlias) {
+        if (certAlias.equals(this.certAlias)){
+            return delegate.getPrivateKey(certAlias);
+        } else {
+            LOG.warn("Invalid certAlias '{}' in getPrivateKey() in class X509ExtendedKeyManager", certAlias);
+            LOG.warn("Expected: '{}'", this.certAlias);
+            return null;
+        }
+    }
+
+    @Override
+    public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine sslEngine){
+        return delegate.chooseEngineClientAlias(keyType, issuers, sslEngine);
+    }
+
+    @Override
+    public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine sslEngine){
+        return delegate.chooseEngineServerAlias(keyType, issuers, sslEngine);
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
index d4780f2e2..c87254a6e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
@@ -8,6 +8,8 @@ public abstract class IDSCPv2Configuration {
     private String trustStorePassword = "password";
     private String keyStorePath = null;
     private String keyStorePassword = "password";
+    private String certAlias = "1.0.1";
+    private String keyStoreKeyType = "RSA";
 
 
     private AttestationConfig supportedAttestation = null;
@@ -42,4 +44,12 @@ public String getTrustStorePath() {
     public String getTrustStorePassword() {
         return trustStorePassword;
     }
+
+    public String getKeyStoreKeyType() {
+        return keyStoreKeyType;
+    }
+
+    public String getCertAlias() {
+        return certAlias;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
index 4e9458d92..2fcdc06df 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
@@ -35,7 +35,9 @@ public TLSServer(ServerConfiguration serverConfiguration){
              * connection specific key selection via key alias*/
             KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
                     serverConfiguration.getKeyStorePath(),
-                    serverConfiguration.getKeyStorePassword()
+                    serverConfiguration.getKeyStorePassword(),
+                    serverConfiguration.getCertAlias(),
+                    serverConfiguration.getKeyStoreKeyType()
             );
 
             // create tls context based on keyManager and trustManager
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
index 79f73fbbf..525bd2f90 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
@@ -26,10 +26,10 @@ public static TrustManager[] getX509ExtTrustManager(
                 InputStream jksTrustStoreIn = Files.newInputStream(Paths.get(trustStorePath))
         ) {
             /* create TrustManager */
-            TrustManager[] myTrustManager;
+            final TrustManager[] myTrustManager;
             KeyStore trustStore = KeyStore.getInstance("JKS");
             trustStore.load(jksTrustStoreIn, trustStorePassword.toCharArray());
-            TrustManagerFactory trustManagerFactory =
+            final TrustManagerFactory trustManagerFactory =
                     TrustManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
 
             /* filterTrustAnchors for validation
@@ -58,16 +58,18 @@ public static TrustManager[] getX509ExtTrustManager(
 
     public static KeyManager[] getX509ExtKeyManager(
             String keyStorePath,
-            String keyStorePassword
+            String keyStorePassword,
+            String certAlias,
+            String keyType
     ) {
         try (
                 InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath));
         ) {
             /* create KeyManager for remote authentication */
-            KeyManager[] myKeyManager;
+            final KeyManager[] myKeyManager;
             KeyStore keystore = KeyStore.getInstance("JKS");
             keystore.load(jksKeyStoreIn, keyStorePassword.toCharArray());
-            KeyManagerFactory keyManagerFactory =
+            final KeyManagerFactory keyManagerFactory =
                     KeyManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
             keyManagerFactory.init(keystore, keyStorePassword.toCharArray());
             myKeyManager = keyManagerFactory.getKeyManagers();
@@ -75,7 +77,9 @@ public static KeyManager[] getX509ExtKeyManager(
             /* set up keyManager config */
             //allow only X509 Authentication
             if (myKeyManager.length == 1 && myKeyManager[0] instanceof X509ExtendedKeyManager) {
-                //toDo connection specific key selection via KeyAlias
+                //select certificate alias
+                myKeyManager[0] =
+                        new CustomX509ExtendedKeyManager(certAlias, keyType, (X509ExtendedKeyManager) myKeyManager[0]);
                 return myKeyManager;
             } else {
                 throw new IllegalStateException(

From 4bf3b18cd892111afce18bbdd05094b4f17f4dd1 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 5 Dec 2019 15:57:56 +0100
Subject: [PATCH 029/237] Finished TLS communication, add
 ServerNodeSynchronizer

---
 .../aisec/ids/idscp2/Client/TLSClient.java    |  2 +-
 .../ids/idscp2/IDSCPv2Configuration.java      | 27 ++++++++++++++++---
 .../ids/idscp2/Server/IDSCPv2Server.java      | 19 +++++++------
 .../idscp2/Server/ServerNodeSynchronizer.java |  7 +++++
 .../aisec/ids/idscp2/Server/ServerThread.java |  1 +
 .../aisec/ids/idscp2/Server/TLSServer.java    | 11 +++++---
 .../ids/idscp2/Server/TLSServerThread.java    | 15 ++++++++++-
 idscp2/src/test/java/RunTLSClient.java        | 23 ++++++++++++++++
 idscp2/src/test/java/RunTLSServer.java        | 17 ++++++++++++
 9 files changed, 105 insertions(+), 17 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerNodeSynchronizer.java
 create mode 100644 idscp2/src/test/java/RunTLSClient.java
 create mode 100644 idscp2/src/test/java/RunTLSServer.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
index bd12ee2a9..081b1c09c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
@@ -56,7 +56,7 @@ public TLSClient(ClientConfiguration clientConfiguration){
             sslParameters.setNeedClientAuth(true);
             sslParameters.setProtocols(Constants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
             sslParameters.setCipherSuites(Constants.TLS_ENABLED_CIPHER); //only allow strong cipher
-            //toDo set further SSL Parameters
+            sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
             sslSocket.setSSLParameters(sslParameters);
             LOG.info("TLS Client was initialized successfully");
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
index c87254a6e..e4f9f7660 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
@@ -10,13 +10,10 @@ public abstract class IDSCPv2Configuration {
     private String keyStorePassword = "password";
     private String certAlias = "1.0.1";
     private String keyStoreKeyType = "RSA";
-
-
     private AttestationConfig supportedAttestation = null;
     private AttestationConfig expectedAttestation = null;
 
 
-
     public AttestationConfig getExpectedAttestation() {
         return expectedAttestation;
     }
@@ -52,4 +49,28 @@ public String getKeyStoreKeyType() {
     public String getCertAlias() {
         return certAlias;
     }
+
+    public void setKeyStorePath(String keyStorePath) {
+        this.keyStorePath = keyStorePath;
+    }
+
+    public void setTrustStorePath(String trustStorePath) {
+        this.trustStorePath = trustStorePath;
+    }
+
+    public void setCertAlias(String certAlias) {
+        this.certAlias = certAlias;
+    }
+
+    public void setKeyStoreKeyType(String keyStoreKeyType) {
+        this.keyStoreKeyType = keyStoreKeyType;
+    }
+
+    public void setTrustStorePassword(String trustStorePassword) {
+        this.trustStorePassword = trustStorePassword;
+    }
+
+    public void setKeyStorePassword(String keyStorePassword) {
+        this.keyStorePassword = keyStorePassword;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
index 8c5d40fa3..237711cee 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
@@ -5,19 +5,19 @@
 
 import java.io.IOException;
 import java.net.ServerSocket;
-import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.concurrent.ConcurrentHashMap;
 
 /**
  * An abstract server implementation for the IDSCPv2 protocol.
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public abstract class IDSCPv2Server {
+public abstract class IDSCPv2Server implements ServerNodeSynchronizer {
     private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Server.class);
 
-    protected ArrayList<ServerThread> servers = new ArrayList<>();
-
-    protected ServerConfiguration serverConfiguration = null;
+    protected ConcurrentHashMap<String,ServerThread> servers = new ConcurrentHashMap<>();
+    protected ServerConfiguration serverConfiguration;
     protected volatile boolean isRunning = false;
     protected ServerSocket serverSocket = null;
 
@@ -50,13 +50,16 @@ public void close(){
     }
 
     private void terminateRunningThreads(){
-        for (ServerThread thread : servers){
-            thread.safeStop();
-        }
+        servers.forEach((id, serverThread) -> serverThread.safeStop());
         servers.clear();
     }
 
     public boolean isRunning(){
         return isRunning;
     }
+
+    public void unregisterServerOnClose(String connectionId){
+        servers.remove(connectionId);
+    }
+
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerNodeSynchronizer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerNodeSynchronizer.java
new file mode 100644
index 000000000..8b5bc652f
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerNodeSynchronizer.java
@@ -0,0 +1,7 @@
+package de.fhg.aisec.ids.idscp2.Server;
+
+public interface ServerNodeSynchronizer {
+
+    void unregisterServerOnClose(String connectionId);
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
index 342a60b13..1a4d663bb 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
@@ -10,4 +10,5 @@ public interface ServerThread {
     void send(byte[] bytes);
     void safeStop();
     boolean isConnected();
+    void registerListener(ServerNodeSynchronizer serverNodeSynchronizer);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
index 2fcdc06df..ce5613615 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
@@ -9,6 +9,7 @@
 import java.io.IOException;
 import java.net.SocketTimeoutException;
 import java.security.*;
+import java.util.UUID;
 
 /**
  * A TLS server implementation for the IDSCPv2 protocol.
@@ -56,7 +57,8 @@ public TLSServer(ServerConfiguration serverConfiguration){
             sslParameters.setNeedClientAuth(true); //client must authenticate
             sslParameters.setProtocols(Constants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
             sslParameters.setCipherSuites(Constants.TLS_ENABLED_CIPHER); //only allow strong cipher suite
-            //toDo set further SSL Parameters
+            //toDo uncomment hostname identification, this is deactivated because the client uses a certificate of an other identity in the examples at the moment
+            //sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
             sslServerSocket.setSSLParameters(sslParameters);
             LOG.info("Server was initialized successfully");
 
@@ -94,9 +96,10 @@ public boolean start() {
 
             //start new server thread
             LOG.info("New client has connected. Create new server session");
-            TLSServerThread server = new TLSServerThread(sslSocket);
-            //toDo server.setName() + hashmap
-            servers.add(server);
+            String connectionId = UUID.randomUUID().toString();
+            TLSServerThread server = new TLSServerThread(sslSocket, connectionId);
+            server.registerListener(this);
+            servers.put(connectionId, server);
             sslSocket.addHandshakeCompletedListener(server);
             server.start();
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
index 38fc8fc72..5dac2ac76 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
@@ -29,9 +29,13 @@ public class TLSServerThread extends Thread implements ServerThread, HandshakeCo
     private OutputStream out;
     private boolean tlsHandshakeCompleted = false;
     private boolean sendServerGoodbye = true;
+    private ServerNodeSynchronizer serverNodeSynchronizer = null;
+    private String connectionId; //unique server - client connection id, that identifies this serverThread
 
-    TLSServerThread(SSLSocket sslSocket){
+    TLSServerThread(SSLSocket sslSocket, String connectionId){
         this.sslSocket = sslSocket;
+        this.connectionId = connectionId;
+
         try {
             //set timout for blocking read
             sslSocket.setSoTimeout(5000);
@@ -80,6 +84,10 @@ public void run(){
         } catch (IOException e) {
             e.printStackTrace();
         }
+
+        //unregister from main server
+        if (this.serverNodeSynchronizer != null)
+            this.serverNodeSynchronizer.unregisterServerOnClose(this.connectionId);
     }
 
     @Override
@@ -125,6 +133,11 @@ public boolean isConnected() {
         return (sslSocket != null && sslSocket.isConnected());
     }
 
+    @Override
+    public void registerListener(ServerNodeSynchronizer serverNodeSynchronizer) {
+        this.serverNodeSynchronizer = serverNodeSynchronizer;
+    }
+
     @Override
     public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
         tlsHandshakeCompleted = true;
diff --git a/idscp2/src/test/java/RunTLSClient.java b/idscp2/src/test/java/RunTLSClient.java
new file mode 100644
index 000000000..c2902a68d
--- /dev/null
+++ b/idscp2/src/test/java/RunTLSClient.java
@@ -0,0 +1,23 @@
+import de.fhg.aisec.ids.idscp2.Client.ClientConfiguration;
+import de.fhg.aisec.ids.idscp2.Client.TLSClient;
+
+public class RunTLSClient {
+
+    public static void main(String[] args){
+
+        //start client
+        ClientConfiguration clientConfiguration = new ClientConfiguration();
+        clientConfiguration.setKeyStorePath(RunTLSClient.class.getClassLoader().
+                getResource("jsse/aisecconnector2-keystore.jks").getPath());
+        clientConfiguration.setTrustStorePath(RunTLSClient.class.getClassLoader().
+                getResource("jsse/client-truststore_new.jks").getPath());
+        TLSClient tlsClient = new TLSClient(clientConfiguration);
+        if (!tlsClient.connect())
+            return;
+
+        tlsClient.send("hi, how are u");
+
+        tlsClient.disconnect(true);
+    }
+
+}
diff --git a/idscp2/src/test/java/RunTLSServer.java b/idscp2/src/test/java/RunTLSServer.java
new file mode 100644
index 000000000..1f2001b62
--- /dev/null
+++ b/idscp2/src/test/java/RunTLSServer.java
@@ -0,0 +1,17 @@
+import de.fhg.aisec.ids.idscp2.Server.ServerConfiguration;
+import de.fhg.aisec.ids.idscp2.Server.TLSServer;
+
+public class RunTLSServer {
+
+    public static void main(String[] argv){
+
+        ServerConfiguration serverConfiguration = new ServerConfiguration();
+        serverConfiguration.setKeyStorePath(RunTLSServer.class.getClassLoader().
+                getResource("jsse/aisecconnector2-keystore.jks").getPath());
+        serverConfiguration.setTrustStorePath(RunTLSServer.class.getClassLoader().
+                getResource("jsse/client-truststore_new.jks").getPath());
+        TLSServer tlsServer = new TLSServer(serverConfiguration);
+        tlsServer.start();
+        tlsServer.close();
+    }
+}

From 7858455cdae82560861ec69e7897fd2ca3ad179a Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 19 Dec 2019 16:13:48 +0100
Subject: [PATCH 030/237] IDSCPv2 new architecture design

---
 ids-api/src/main/proto/idscpv2.proto          |  73 ++++++
 idscp2/build.gradle                           |   2 +-
 .../idscp2/Client/ClientConfiguration.java    |  17 --
 .../ids/idscp2/Client/IDSCPv2Client.java      | 121 ----------
 .../aisec/ids/idscp2/Client/TLSClient.java    | 120 ----------
 .../de/fhg/aisec/ids/idscp2/Constants.java    |  79 -------
 .../ids/idscp2/DataAvailableListener.java     |  13 --
 .../aisec/ids/idscp2/IDSCPv2Initiator.java    |  20 ++
 .../fhg/aisec/ids/idscp2/InputListener.java   |  15 --
 .../ids/idscp2/Server/IDSCPv2Server.java      |  65 ------
 .../idscp2/Server/ServerConfiguration.java    |  13 --
 .../idscp2/Server/ServerNodeSynchronizer.java |   7 -
 .../aisec/ids/idscp2/Server/ServerThread.java |  14 --
 .../aisec/ids/idscp2/Server/TLSServer.java    | 109 ---------
 .../daps/DefaultDapsDriver.java               |  21 ++
 .../rat/TPM2ProverImpl.java                   |  11 +
 .../rat/TPM2VerifierImpl.java                 |  11 +
 .../secure_channel/NativeTLSDriver.java       |  25 ++
 .../secure_channel/TlsConstants.java          | 117 ++++++++++
 .../client/DataAvailableListener.java         |  10 +
 .../secure_channel/client/InputListener.java  |  12 +
 .../client}/InputListenerThread.java          |  22 +-
 .../secure_channel/client/TLSClient.java      | 216 ++++++++++++++++++
 .../CustomX509ExtendedKeyManager.java         |  44 +++-
 .../CustomX509ExtendedTrustManager.java       |  79 +++++++
 .../keystores}/TLSPreConfiguration.java       |   6 +-
 .../secure_channel/server/TLSServer.java      | 147 ++++++++++++
 .../server}/TLSServerThread.java              | 102 +++++----
 .../idscp2/drivers/interfaces/DapsDriver.java |  12 +
 .../drivers/interfaces/RatProverDriver.java   |  10 +
 .../drivers/interfaces/RatVerifierDriver.java |   9 +
 .../interfaces/SecureChannelDriver.java       |   9 +
 .../drivers/interfaces/SecureServer.java      |  15 ++
 .../idscp2/{ => error}/IDSCPv2Exception.java  |   7 +-
 .../idscp2/idscp_core/IDSCPv2Connection.java  |  60 +++++
 .../ids/idscp2/idscp_core/IdscpConstants.java |  10 +
 .../idscp2/idscp_core/IdscpMsgListener.java   |   7 +
 .../configuration}/AttestationConfig.java     |   3 +-
 .../configuration/IDSCPv2Callback.java        |   9 +
 .../configuration/IDSCPv2Configuration.java   |  85 +++++++
 .../configuration/IDSCPv2Settings.java}       |  21 +-
 .../secure_channel/SecureChannel.java         |  63 +++++
 .../secure_channel/SecureChannelEndpoint.java |  10 +
 .../secure_channel/SecureChannelListener.java |   5 +
 .../src/test/java/IDSCPv2ClientInitiator.java |  38 +++
 .../src/test/java/IDSCPv2ServerInitiator.java |  47 ++++
 idscp2/src/test/java/RunTLSClient.java        |  23 +-
 idscp2/src/test/java/RunTLSServer.java        |  21 +-
 .../aisecconnector1-keystore.jks              | Bin
 .../aisecconnector2-keystore.jks              | Bin
 .../{jsse => ssl}/client-truststore_new.jks   | Bin
 .../resources/ssl/consumer-core-keystore.jks  | Bin 0 -> 2441 bytes
 .../ssl/consumer-core-truststore.jks          | Bin 0 -> 1974 bytes
 .../src/test/resources/ssl/consumer-core.cert |  96 ++++++++
 .../src/test/resources/ssl/consumer-core.p12  | Bin 0 -> 2693 bytes
 .../resources/ssl/provider-core-keystore.jks  | Bin 0 -> 2443 bytes
 .../ssl/provider-core-truststore.jks          | Bin 0 -> 1974 bytes
 .../src/test/resources/ssl/provider-core.cert |  96 ++++++++
 .../src/test/resources/ssl/provider-core.p12  | Bin 0 -> 2693 bytes
 59 files changed, 1479 insertions(+), 668 deletions(-)
 create mode 100644 ids-api/src/main/proto/idscpv2.proto
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListener.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerConfiguration.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerNodeSynchronizer.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/{ => drivers/default_driver_impl/secure_channel/client}/InputListenerThread.java (72%)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/{ => drivers/default_driver_impl/secure_channel/keystores}/CustomX509ExtendedKeyManager.java (66%)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedTrustManager.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/{ => drivers/default_driver_impl/secure_channel/keystores}/TLSPreConfiguration.java (95%)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/{Server => drivers/default_driver_impl/secure_channel/server}/TLSServerThread.java (51%)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/{ => error}/IDSCPv2Exception.java (64%)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConstants.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/{ => idscp_core/configuration}/AttestationConfig.java (81%)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/{IDSCPv2Configuration.java => idscp_core/configuration/IDSCPv2Settings.java} (79%)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
 create mode 100644 idscp2/src/test/java/IDSCPv2ClientInitiator.java
 create mode 100644 idscp2/src/test/java/IDSCPv2ServerInitiator.java
 rename idscp2/src/test/resources/{jsse => ssl}/aisecconnector1-keystore.jks (100%)
 rename idscp2/src/test/resources/{jsse => ssl}/aisecconnector2-keystore.jks (100%)
 rename idscp2/src/test/resources/{jsse => ssl}/client-truststore_new.jks (100%)
 create mode 100644 idscp2/src/test/resources/ssl/consumer-core-keystore.jks
 create mode 100644 idscp2/src/test/resources/ssl/consumer-core-truststore.jks
 create mode 100644 idscp2/src/test/resources/ssl/consumer-core.cert
 create mode 100644 idscp2/src/test/resources/ssl/consumer-core.p12
 create mode 100644 idscp2/src/test/resources/ssl/provider-core-keystore.jks
 create mode 100644 idscp2/src/test/resources/ssl/provider-core-truststore.jks
 create mode 100644 idscp2/src/test/resources/ssl/provider-core.cert
 create mode 100644 idscp2/src/test/resources/ssl/provider-core.p12

diff --git a/ids-api/src/main/proto/idscpv2.proto b/ids-api/src/main/proto/idscpv2.proto
new file mode 100644
index 000000000..ecf82336d
--- /dev/null
+++ b/ids-api/src/main/proto/idscpv2.proto
@@ -0,0 +1,73 @@
+syntax = "proto3";
+option java_package = "de.fhg.aisec.ids.messages";
+option java_outer_classname = "IDSCPv2";
+
+//IDSCP message frame, contains a type identifier of the following message and the message
+message IdscpMessage {
+    enum Type {
+        IDSCP_HELLO = 0;            //open a connection by sending an IDSCP_HELLO
+        IDSCP_CLOSE = 1;            //send an IDSCP_CLOSE, that triggers connection close
+        IDSCP_ERROR = 2;            //send an error message
+        IDSCP_DAT_EXPIRED = 3;      //request a ne dynamicAttributeToken
+        IDSCP_DAT = 4;              //send dynamicAttributeToken
+        IDSCP_RE_RAT = 5;           //request a new remote Attestation
+        IDSCP_RAT_PROVER = 6;       //send
+        IDSCP_RAT_VERIFIER = 7;     //send
+        IDSCP_DATA = 8;             //send IDSCP Payload
+    }
+
+    // Identifies which field is filled in.
+    Type type = 1;
+
+    // One of the following will be filled in.
+    oneof message {
+        IdscpHello idscpHello = 2;
+        IdscpClose idscpClose = 3;
+        IdscpError idscpError = 4;
+        IdscpDatExpired idscpDatExpired = 5;
+        IdscpDat idscpDat = 6;
+        IdscpReRat idscpReRat = 7;
+        IdscpRatProver idscpRatProver = 8;
+        IdscpRatVerifier idscpRatVerifier = 9;
+        IdscpData idscpData = 10;
+    }
+}
+
+//IDSCP messages
+message IdscpHello {
+    int32 version = 1;                      //IDSCP protocol version
+    IdscpDat dynamicAttributeToken = 2;     //initial dynamicAttributeToken
+    repeated string supportedRatSuite = 3;  //RemoteAttestationCipher prover
+    repeated string expectedRatSuite = 4;   //RemoteAttestationCipher verifier
+}
+
+message IdscpClose {
+}
+
+message IdscpError {
+    string error_code = 1;
+    string error_msg = 2;
+}
+
+message IdscpDatExpired {           //request new dynamicAttributeToken
+}
+
+message IdscpDat {
+    bytes token = 1;
+}
+
+message IdscpReRat {                //request new remoteAttestation
+    string cause = 1;               //optional
+}
+
+message IdscpRatProver {
+    bytes data = 1;
+}
+
+message IdscpRatVerifier {
+    bytes data = 1;
+}
+
+message IdscpData {
+    bytes data = 1 ;
+}
diff --git a/idscp2/build.gradle b/idscp2/build.gradle
index a781231a9..4aee0a96c 100644
--- a/idscp2/build.gradle
+++ b/idscp2/build.gradle
@@ -22,5 +22,5 @@ dependencies {
     testImplementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
 
     testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
-    testImplementation group: 'org.mockito', name: 'mockito-all', version: libraryVersions.mockito
+    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java
deleted file mode 100644
index 264b2f2c2..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/ClientConfiguration.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package de.fhg.aisec.ids.idscp2.Client;
-
-import de.fhg.aisec.ids.idscp2.IDSCPv2Configuration;
-
-/**
- * IDSCPv2 Client Configuration.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class ClientConfiguration extends IDSCPv2Configuration {
-
-    private String hostname = "localhost";
-
-    public String getHostname() {
-        return hostname;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
deleted file mode 100644
index 4ee6b8d10..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/IDSCPv2Client.java
+++ /dev/null
@@ -1,121 +0,0 @@
-package de.fhg.aisec.ids.idscp2.Client;
-
-import de.fhg.aisec.ids.idscp2.Constants;
-import de.fhg.aisec.ids.idscp2.DataAvailableListener;
-import de.fhg.aisec.ids.idscp2.InputListenerThread;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.net.InetSocketAddress;
-import java.net.Socket;
-import java.nio.charset.StandardCharsets;
-
-/**
- * An abstract client implementation for the IDSCPv2 protocol.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public abstract class IDSCPv2Client implements DataAvailableListener {
-    private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Client.class);
-
-    protected ClientConfiguration clientConfiguration = null;
-    protected Socket clientSocket = null;
-    protected OutputStream out = null;
-    protected InputStream in = null;
-    protected InputListenerThread inputListenerThread = null;
-
-    public IDSCPv2Client(){
-
-    }
-
-    public boolean connect(){
-        if (clientSocket == null || clientSocket.isClosed()){
-            LOG.error("Client socket is not available");
-            return false;
-        }
-
-        try {
-            clientSocket.connect(new InetSocketAddress(clientConfiguration.getHostname(),
-                    clientConfiguration.getServerPort()));
-            LOG.info("Client is connected to server " + clientConfiguration.getHostname()
-                    + ":" + clientConfiguration.getServerPort());
-            out = clientSocket.getOutputStream();
-            in = clientSocket.getInputStream();
-
-            //set clientSocket timeout to allow safeStop()
-            clientSocket.setSoTimeout(5000);
-
-            //start receiving listener
-            inputListenerThread = new InputListenerThread(in);
-            inputListenerThread.register(this);
-            inputListenerThread.start();
-            LOG.info("Input listener thread was started");
-
-        } catch (IOException e) {
-            LOG.error("Connecting client to server failed");
-            e.printStackTrace();
-            disconnect(false);
-            return false;
-        }
-        return true;
-    }
-
-    public void disconnect(boolean initialized) {
-        LOG.info("Disconnecting from server");
-        //close listener
-        if (inputListenerThread != null && inputListenerThread.isAlive()) {
-            inputListenerThread.safeStop();
-        }
-
-        //send goodbye and close sockets
-        if (clientSocket != null && !clientSocket.isClosed()){
-            if (initialized && clientSocket.isConnected()){
-                send(Constants.CLIENT_GOODBYE);
-            }
-            try {
-                clientSocket.close();
-            } catch (IOException e) {
-                //e.printStackTrace();
-            }
-        }
-    }
-
-    public void send(byte[] data){
-        if (!isConnected()){
-            LOG.error("Client cannot send data because socket is not connected");
-        } else {
-            try {
-                out.write(data);
-                out.flush();
-                LOG.info("Sent message: " + new String(data));
-            } catch (IOException e){
-                LOG.error("Client cannot send data");
-                e.printStackTrace();
-            }
-        }
-    }
-
-    public void send(String data){
-        send(data.getBytes());
-    }
-
-    /* this is called by a listener thread when data were received*/
-    public void onMessage(int len, byte[] rawData){
-        String data = new String(rawData, 0, len, StandardCharsets.UTF_8);
-        if (data.equals(Constants.END_OF_STREAM)){
-            //End of stream, connection is not available anymore
-            LOG.info("Client is terminating after server disconnected");
-            disconnect(false);
-        }
-        //toDo do something with the received data
-        System.out.println("New data received: " + data);
-    }
-
-    public boolean isConnected(){
-        return clientSocket != null && clientSocket.isConnected();
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
deleted file mode 100644
index 081b1c09c..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Client/TLSClient.java
+++ /dev/null
@@ -1,120 +0,0 @@
-package de.fhg.aisec.ids.idscp2.Client;
-
-import de.fhg.aisec.ids.idscp2.Constants;
-import de.fhg.aisec.ids.idscp2.InputListenerThread;
-import de.fhg.aisec.ids.idscp2.TLSPreConfiguration;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.net.ssl.*;
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-
-/**
- * A TLS client implementation for the IDSCPv2 protocol.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-
-public class TLSClient extends IDSCPv2Client implements HandshakeCompletedListener{
-    private static final Logger LOG = LoggerFactory.getLogger(TLSClient.class);
-
-    public TLSClient(ClientConfiguration clientConfiguration){
-        this.clientConfiguration = clientConfiguration;
-
-        /* init TLS Client */
-        try {
-            /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
-             * hostVerification and algorithm constraints */
-            TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
-                    clientConfiguration.getTrustStorePath(),
-                    clientConfiguration.getTrustStorePassword()
-            );
-
-            /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
-             * connection specific key selection via key alias*/
-            KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
-                    clientConfiguration.getKeyStorePath(),
-                    clientConfiguration.getKeyStorePassword(),
-                    clientConfiguration.getCertAlias(),
-                    clientConfiguration.getKeyStoreKeyType()
-            );
-
-            SSLContext sslContext = SSLContext.getInstance(Constants.TLS_INSTANCE);
-            sslContext.init(myKeyManager, myTrustManager, null);
-
-            SSLSocketFactory socketFactory = sslContext.getSocketFactory();
-
-            //create server socket
-            clientSocket = socketFactory.createSocket();
-
-            SSLSocket sslSocket = (SSLSocket) clientSocket;
-            SSLParameters sslParameters = sslSocket.getSSLParameters();
-            sslParameters.setUseCipherSuitesOrder(false); //use server priority order
-            sslParameters.setNeedClientAuth(true);
-            sslParameters.setProtocols(Constants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
-            sslParameters.setCipherSuites(Constants.TLS_ENABLED_CIPHER); //only allow strong cipher
-            sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
-            sslSocket.setSSLParameters(sslParameters);
-            LOG.info("TLS Client was initialized successfully");
-
-        } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
-            LOG.error("Init TLS Client failed");
-            e.printStackTrace();
-        }
-    }
-
-    @Override
-    public boolean connect() {
-        SSLSocket sslSocket = (SSLSocket) clientSocket;
-        if (sslSocket == null || sslSocket.isClosed()){
-            System.out.println("Client socket is not available");
-            return false;
-        }
-
-        try {
-            sslSocket.connect(new InetSocketAddress(clientConfiguration.getHostname(),
-                    clientConfiguration.getServerPort()));
-            LOG.info("Client is connected to server " + clientConfiguration.getHostname()
-                    + ":" + clientConfiguration.getServerPort());
-
-            //set clientSocket timeout to allow safeStop()
-            clientSocket.setSoTimeout(5000);
-
-            out = clientSocket.getOutputStream();
-            in = clientSocket.getInputStream();
-
-            //add inputListener but start it not before handshake is complete
-            inputListenerThread = new InputListenerThread(in);
-            inputListenerThread.register(this);
-
-            //start tls handshake
-            sslSocket.addHandshakeCompletedListener(this);
-            LOG.info("Start TLS Handshake");
-            sslSocket.startHandshake();
-        } catch (SSLHandshakeException e){
-            System.out.println("TLS Handshake failed" + e.getMessage());
-            disconnect(false);
-            return false;
-        } catch (IOException e) {
-            LOG.error("Connecting TLS client to server failed");
-            //e.printStackTrace();
-            disconnect(false);
-            return false;
-        }
-        return true;
-    }
-
-    public SSLSession getSslSession() {
-        return ((SSLSocket)clientSocket).getSession();
-    }
-
-    @Override
-    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
-        //start receiving listener for IDSCPv2 communication after TLS Handshake was successful
-        LOG.info("TLS Handshake was successful. Starting input listener thread");
-        inputListenerThread.start();
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
deleted file mode 100644
index 207ffdc0c..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Constants.java
+++ /dev/null
@@ -1,79 +0,0 @@
-package de.fhg.aisec.ids.idscp2;
-
-/**
- * Global IDSCPv2 protocol constants
- *
- * @author Leon Beckmann(leon.beckmann@aisec.fraunhofer.de)
- */
-
-public final class Constants {
-
-    //IDSCPv2 message types
-    public static final int ATTESTATION_REQUEST_MSG = 0;
-    public static final int ATTESTATION_RESPONSE_MSG = 1;
-    public static final int METADATA_REQUEST_MSG = 2;
-    public static final int METADATA_RESPONSE_MSG = 3;
-    public static final int PAYLOAD_MSG = 4;
-
-
-    //Standard Messages
-    public static final String CLIENT_GOODBYE = "Client is disconnecting";
-    public static final String SERVER_GOODBYE = "Server is disconnecting";
-    public static final String END_OF_STREAM = "End of stream";
-
-    /* TLS specific settings */
-
-    //socket instances
-    public static final String TLS_INSTANCE = "TLSv1.2";
-
-    //enabled protocols
-    public static final String[] TLS_ENABLED_PROTOCOLS = {TLS_INSTANCE};
-    public static final String[] TLS_ENABLED_CIPHER = {
-            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-            "TLS_RSA_WITH_AES_256_CBC_SHA256",
-            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
-            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
-            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
-            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
-            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
-            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
-            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
-            /*"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
-            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
-            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
-            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-            "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
-            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
-            "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"*/
-    };
-
-
-    private Constants(){};
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java
deleted file mode 100644
index 7efa5e8b3..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/DataAvailableListener.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package de.fhg.aisec.ids.idscp2;
-
-/**
- * A Interface for DataAvailableListeners
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-
-public interface DataAvailableListener {
-
-    void onMessage(int len, byte[] bytes);
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
new file mode 100644
index 000000000..d0a7c5f96
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
@@ -0,0 +1,20 @@
+package de.fhg.aisec.ids.idscp2;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+
+/**
+ * An interface for the IDSCPv2Initiator class, that implements a callback function notify the user, a new connection
+ * was created
+ *
+ * Developer API
+ *
+ * Methods:
+ * void onConnect(IDSCPv2Connection)       to notify the user, a new connection was created
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public interface IDSCPv2Initiator {
+    void newConnectionHandler(IDSCPv2Connection connection);
+    void errorHandler(String error);
+    void connectionClosedHandler(String connectionId);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListener.java
deleted file mode 100644
index f4f8dc78f..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListener.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package de.fhg.aisec.ids.idscp2;
-
-/**
- * A event source interface for DataAvailableListener pattern
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public interface InputListener {
-
-    void register(DataAvailableListener listener);
-
-    void unregister(DataAvailableListener listener);
-
-    void safeStop();
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
deleted file mode 100644
index 237711cee..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/IDSCPv2Server.java
+++ /dev/null
@@ -1,65 +0,0 @@
-package de.fhg.aisec.ids.idscp2.Server;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.net.ServerSocket;
-import java.util.HashMap;
-import java.util.concurrent.ConcurrentHashMap;
-
-/**
- * An abstract server implementation for the IDSCPv2 protocol.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public abstract class IDSCPv2Server implements ServerNodeSynchronizer {
-    private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Server.class);
-
-    protected ConcurrentHashMap<String,ServerThread> servers = new ConcurrentHashMap<>();
-    protected ServerConfiguration serverConfiguration;
-    protected volatile boolean isRunning = false;
-    protected ServerSocket serverSocket = null;
-
-    public IDSCPv2Server(ServerConfiguration serverConfiguration){
-        this.serverConfiguration = serverConfiguration;
-    }
-
-    protected boolean start(){
-        LOG.info("Starting server");
-        return (isRunning = true);
-    }
-
-    public void stop(){
-        LOG.info("Stopping server");
-        isRunning = false;
-        terminateRunningThreads();
-    }
-
-    public void close(){
-        stop();
-        if (serverSocket != null && !serverSocket.isClosed()){
-            try {
-                serverSocket.close();
-            } catch (IOException e) {
-                LOG.error("Could not close server socket");
-                e.printStackTrace();
-            }
-        }
-        terminateRunningThreads();
-    }
-
-    private void terminateRunningThreads(){
-        servers.forEach((id, serverThread) -> serverThread.safeStop());
-        servers.clear();
-    }
-
-    public boolean isRunning(){
-        return isRunning;
-    }
-
-    public void unregisterServerOnClose(String connectionId){
-        servers.remove(connectionId);
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerConfiguration.java
deleted file mode 100644
index cacdab133..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerConfiguration.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package de.fhg.aisec.ids.idscp2.Server;
-
-import de.fhg.aisec.ids.idscp2.IDSCPv2Configuration;
-
-/**
- * IDSCPv2 Server Configuration
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-
-public class ServerConfiguration extends IDSCPv2Configuration {
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerNodeSynchronizer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerNodeSynchronizer.java
deleted file mode 100644
index 8b5bc652f..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerNodeSynchronizer.java
+++ /dev/null
@@ -1,7 +0,0 @@
-package de.fhg.aisec.ids.idscp2.Server;
-
-public interface ServerNodeSynchronizer {
-
-    void unregisterServerOnClose(String connectionId);
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
deleted file mode 100644
index 1a4d663bb..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/ServerThread.java
+++ /dev/null
@@ -1,14 +0,0 @@
-package de.fhg.aisec.ids.idscp2.Server;
-
-/**
- * A server thread interface for the IDSCPv2 protocol.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-
-public interface ServerThread {
-    void send(byte[] bytes);
-    void safeStop();
-    boolean isConnected();
-    void registerListener(ServerNodeSynchronizer serverNodeSynchronizer);
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
deleted file mode 100644
index ce5613615..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServer.java
+++ /dev/null
@@ -1,109 +0,0 @@
-package de.fhg.aisec.ids.idscp2.Server;
-
-import de.fhg.aisec.ids.idscp2.Constants;
-import de.fhg.aisec.ids.idscp2.TLSPreConfiguration;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.net.ssl.*;
-import java.io.IOException;
-import java.net.SocketTimeoutException;
-import java.security.*;
-import java.util.UUID;
-
-/**
- * A TLS server implementation for the IDSCPv2 protocol.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-
-public class TLSServer extends IDSCPv2Server {
-    private static final Logger LOG = LoggerFactory.getLogger(TLSServer.class);
-
-    public TLSServer(ServerConfiguration serverConfiguration){
-        super(serverConfiguration);
-
-        /* init server for TCP/TLS communication */
-        try {
-            /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
-            * hostVerification and algorithm constraints */
-            TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
-                    serverConfiguration.getTrustStorePath(),
-                    serverConfiguration.getTrustStorePassword()
-            );
-
-            /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
-             * connection specific key selection via key alias*/
-            KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
-                    serverConfiguration.getKeyStorePath(),
-                    serverConfiguration.getKeyStorePassword(),
-                    serverConfiguration.getCertAlias(),
-                    serverConfiguration.getKeyStoreKeyType()
-            );
-
-            // create tls context based on keyManager and trustManager
-            SSLContext sslContext = SSLContext.getInstance(Constants.TLS_INSTANCE);
-            sslContext.init(myKeyManager, myTrustManager, null);
-            SSLServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
-
-            //create server socket
-            serverSocket =  socketFactory.createServerSocket(serverConfiguration.getServerPort());
-            //set timeout for serverSocket.accept() to allow safeStop()
-            serverSocket.setSoTimeout(5000);
-
-            SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
-            SSLParameters sslParameters = sslServerSocket.getSSLParameters();
-            sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
-            sslParameters.setNeedClientAuth(true); //client must authenticate
-            sslParameters.setProtocols(Constants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
-            sslParameters.setCipherSuites(Constants.TLS_ENABLED_CIPHER); //only allow strong cipher suite
-            //toDo uncomment hostname identification, this is deactivated because the client uses a certificate of an other identity in the examples at the moment
-            //sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
-            sslServerSocket.setSSLParameters(sslParameters);
-            LOG.info("Server was initialized successfully");
-
-        } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
-            LOG.error("Init SSL server socket failed");
-            e.printStackTrace();
-        }
-    }
-
-    @Override
-    public boolean start() {
-        if (serverSocket == null || serverSocket.isClosed()){
-            LOG.error("SSL Server socket is not available");
-            return false;
-        }
-
-        //run server
-        super.start();
-
-        SSLSocket sslSocket;
-        while(isRunning){
-            try {
-                sslSocket = (SSLSocket) serverSocket.accept();
-            } catch (SocketTimeoutException e){
-                //timeout on serverSocket blocking functions was reached
-                //in this way we can catch safeStop() function, that makes isRunning false
-                //without closing the serverSocket, so we can stop and restart the server
-                //alternative: close serverSocket. But then we cannot reuse it
-                continue;
-            } catch (IOException e) {
-                System.out.println("SSL Server failed");
-                e.printStackTrace();
-                return false;
-            }
-
-            //start new server thread
-            LOG.info("New client has connected. Create new server session");
-            String connectionId = UUID.randomUUID().toString();
-            TLSServerThread server = new TLSServerThread(sslSocket, connectionId);
-            server.registerListener(this);
-            servers.put(connectionId, server);
-            sslSocket.addHandshakeCompletedListener(server);
-            server.start();
-        }
-
-        return true;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
new file mode 100644
index 000000000..e2e79bffe
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -0,0 +1,21 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+
+/**
+ * Default DAPS Driver for requesting valid dynamicAttributeToken and verifying DAT
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class DefaultDapsDriver implements DapsDriver {
+
+    @Override
+    public byte[] getToken() {
+        return new byte[0];
+    }
+
+    @Override
+    public boolean verifyToken(byte[] dat) {
+        return false;
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
new file mode 100644
index 000000000..63d8c51ba
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
@@ -0,0 +1,11 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
+
+/**
+ * Remote Attestation Prover Driver implementation class for TPM2.0
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class TPM2ProverImpl implements RatProverDriver {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
new file mode 100644
index 000000000..c67acb75d
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
@@ -0,0 +1,11 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
+
+/**
+ * Remote Attestation Verifier Driver implementation class for TPM2.0
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class TPM2VerifierImpl implements RatVerifierDriver {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
new file mode 100644
index 000000000..471d7672c
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
@@ -0,0 +1,25 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel;
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client.TLSClient;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server.TLSServer;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+
+
+public class NativeTLSDriver implements SecureChannelDriver {
+
+    @Override
+    public void connect(IDSCPv2Settings settings, IDSCPv2Callback callback) {
+        TLSClient tlsClient = new TLSClient(settings, callback);
+        tlsClient.connect(settings.getHost(), settings.getServerPort());
+    }
+
+    @Override
+    public SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback callback) {
+        TLSServer tlsServer = new TLSServer(settings, callback);
+        tlsServer.start();
+        return tlsServer;
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java
new file mode 100644
index 000000000..f9662adcf
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java
@@ -0,0 +1,117 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel;
+
+/**
+ * TLS Constants
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public final class TlsConstants {
+
+    public static final String END_OF_STREAM = "End of stream";
+
+    /* TLS specific settings */
+
+    //socket instances
+    public static final String TLS_INSTANCE = "TLSv1.3";
+
+    //enabled protocols
+    public static final String[] TLS_ENABLED_PROTOCOLS = {TLS_INSTANCE};
+
+    //enabled ciphers (only uncommented ciphers are activated)
+    public static final String[] TLS_ENABLED_CIPHER_TLS12 = {
+            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+            "TLS_RSA_WITH_AES_256_CBC_SHA256",
+            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
+            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
+            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+            /*"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
+            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
+            "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"*/
+    };
+
+    // not all of the enabled ciphers are supported by openssl yet
+    public static final String[] TLS_ENABLED_CIPHER_TLS13 = {
+            //"TLS_AES_128_GCM_SHA256",
+            "TLS_AES_256_GCM_SHA384",
+            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+            //"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
+            /*"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",*/
+            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+            "TLS_RSA_WITH_AES_256_CBC_SHA256",
+            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
+            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
+            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+            /*"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
+            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+            "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"*/
+    };
+
+    private TlsConstants() {};
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
new file mode 100644
index 000000000..1e8c035d6
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
@@ -0,0 +1,10 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
+
+/**
+ * An interface for DataAvailableListeners, who will be notified when new data were received
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public interface DataAvailableListener {
+    void onMessage(int len, byte[] rawData);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java
new file mode 100644
index 000000000..b3826bad2
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java
@@ -0,0 +1,12 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
+
+/**
+ * An interface for an InputListenerThread, that allows DataAvailableListener registration and safe stop
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public interface InputListener {
+
+    void register(DataAvailableListener listener);
+    void safeStop();
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
similarity index 72%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index 4046d7e5c..83a808c7d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -1,4 +1,6 @@
-package de.fhg.aisec.ids.idscp2;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -6,11 +8,16 @@
 import java.util.ArrayList;
 
 /**
- * A simple Listener thread that listens to an input stream and notifies all listeners when data was received
+ * A simple Listener thread that listens to an input stream and notifies all listeners when new data were received
+ *
+ * API:
+ * - run() to start the listener thread
+ * - register(DataAvailableListener) to register a new DataAvailableListener who will be notified when receiving data
+ * - safeStop() to stop the listener thread
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class InputListenerThread extends Thread implements InputListener{
+public class InputListenerThread extends Thread implements InputListener {
 
     private InputStream in;
     private ArrayList<DataAvailableListener> listeners = new ArrayList<>();
@@ -24,9 +31,9 @@ public void run(){
         byte[] buf = new byte[2048];
         while (running){
             try {
-                int len = in.read(buf, 0, buf.length - 1);
+                int len = in.read(buf, 0, buf.length);
                 if (0 > len) {
-                    notifyListeners(Constants.END_OF_STREAM.length(), Constants.END_OF_STREAM.getBytes());
+                    notifyListeners(TlsConstants.END_OF_STREAM.length(), TlsConstants.END_OF_STREAM.getBytes());
                     running = false; //terminate
                 } else {
                     notifyListeners(len, buf);
@@ -48,11 +55,6 @@ public void register(DataAvailableListener listener) {
         listeners.add(listener);
     }
 
-    @Override
-    public void unregister(DataAvailableListener listener) {
-        listeners.remove(listener);
-    }
-
     private void notifyListeners(int len, byte[] bytes) {
         for (DataAvailableListener listener : listeners){
             listener.onMessage(len, bytes);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
new file mode 100644
index 000000000..3bd6bd8a7
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -0,0 +1,216 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores.TLSPreConfiguration;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.*;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.nio.charset.StandardCharsets;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+
+ /**
+ * A TLS Client that notifies an IDSCPv2Configuration when a secure channel was created and the TLS handshake is done
+ * The client is notified from an InputListenerThread when new data are available and transfer them to the
+ * SecureChannelListener
+ *
+ * Developer API
+ *
+ * constructors:
+ * TLSClient(IDSCPv2Settings, IDSCPv2Callback) initializes the TLS Socket and all TLS Security configurations like
+ *                                              sslParameters (protocol, cipher, ..), trustStore, keyStore
+ *
+ * Methods:
+ * connect(String host, int port) connect the client asynchronous to the server and starts the TLS handshake
+ *
+ * close()  disconnects the client
+ *
+ * setConnectionId(ConnectionId) set the internal connectionId, which is used for notifying the IDSCPv2Configuration
+ *                                when the server quits the connection
+ *
+ * handshakeCompleted()         create a secureChannel, including this client; start inputListenerThread and transfer
+ *                              the secureChannel to the IDSCPv2Configuration
+ *
+ * send(byte[] data)            send data to the server
+ *
+ * onMessage(int len, byte[] rawData)   is a callback function for the InputListenerThread, that is called when new
+ *                                      data are available. Transfer them to the SecureChannelListener
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+
+public class TLSClient implements HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
+    private static final Logger LOG = LoggerFactory.getLogger(TLSClient.class);
+
+    private Socket clientSocket;
+    private OutputStream out;
+    private InputListenerThread inputListenerThread;
+    private SecureChannelListener listener;
+    private IDSCPv2Callback callback;
+    private String connectionId = null;
+
+    public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback){
+        this.callback = callback;
+        /* init TLS Client */
+        try {
+            /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
+             * hostVerification and algorithm constraints */
+            TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
+                    clientSettings.getTrustStorePath(),
+                    clientSettings.getTrustStorePassword()
+            );
+
+            /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
+             * connection specific key selection via key alias*/
+            KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
+                    clientSettings.getKeyStorePath(),
+                    clientSettings.getKeyStorePassword(),
+                    clientSettings.getCertAlias(),
+                    clientSettings.getKeyStoreKeyType()
+            );
+
+            SSLContext sslContext = SSLContext.getInstance(TlsConstants.TLS_INSTANCE);
+            sslContext.init(myKeyManager, myTrustManager, null);
+
+            SSLSocketFactory socketFactory = sslContext.getSocketFactory();
+
+            //create server socket
+            clientSocket = socketFactory.createSocket();
+
+            SSLSocket sslSocket = (SSLSocket) clientSocket;
+            SSLParameters sslParameters = sslSocket.getSSLParameters();
+            sslParameters.setUseCipherSuitesOrder(false); //use server priority order
+            sslParameters.setNeedClientAuth(true);
+            sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
+            sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher
+            sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
+            sslSocket.setSSLParameters(sslParameters);
+            LOG.info("TLS Client was initialized successfully");
+
+        } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
+            LOG.error("Init TLS Client failed");
+            e.printStackTrace();
+        }
+    }
+
+
+    public void connect(String hostname, int port){
+        SSLSocket sslSocket = (SSLSocket) clientSocket;
+        if (sslSocket == null || sslSocket.isClosed()){
+            System.out.println("Client socket is not available");
+            callback.secureChannelConnectHandler(null);
+            return;
+        }
+
+        try {
+            sslSocket.connect(new InetSocketAddress(hostname,
+                    port));
+            LOG.info("Client is connected to server {}:{}", hostname, port);
+
+            //set clientSocket timeout to allow safeStop()
+            clientSocket.setSoTimeout(5000);
+
+            out = clientSocket.getOutputStream();
+
+            //add inputListener but start it not before handshake is complete
+            inputListenerThread = new InputListenerThread(clientSocket.getInputStream());
+            inputListenerThread.register(this);
+
+            //start tls handshake
+            sslSocket.addHandshakeCompletedListener(this);
+            LOG.info("Start TLS Handshake");
+            sslSocket.startHandshake();
+        } catch (SSLHandshakeException | SSLProtocolException e){
+            LOG.error("TLS Handshake failed: {}", e.getMessage());
+            disconnect();
+            callback.secureChannelConnectHandler(null);
+        } catch (IOException e) {
+            LOG.error("Connecting TLS client to server failed " + e.getMessage());
+            disconnect();
+            callback.secureChannelConnectHandler(null);
+        }
+    }
+
+    private void disconnect(){
+        LOG.info("Disconnecting from server");
+        //close listener
+        if (inputListenerThread != null && inputListenerThread.isAlive()) {
+            inputListenerThread.safeStop();
+        }
+
+        if (clientSocket != null && !clientSocket.isClosed()){
+            try {
+                clientSocket.close();
+            } catch (IOException e) {
+                //e.printStackTrace();
+            }
+        }
+    }
+
+    @Override
+    public void setConnectionId(String connectionId){
+        this.connectionId = connectionId;
+    }
+
+    @Override
+    public void close() {
+        disconnect();
+    }
+
+    public void send(byte[] data){
+        if (!isConnected()){
+            LOG.error("Client cannot send data because socket is not connected");
+        } else {
+            try {
+                out.write(data);
+                out.flush();
+                LOG.info("Send message: {}", new String(data));
+            } catch (IOException e){
+                LOG.error("Client cannot send data");
+                e.printStackTrace();
+            }
+        }
+    }
+
+    public boolean isConnected(){
+        return clientSocket != null && clientSocket.isConnected();
+    }
+
+    public SSLSession getSslSession() {
+        return ((SSLSocket)clientSocket).getSession();
+    }
+
+    @Override
+    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
+        //start receiving listener after TLS Handshake was successful
+        LOG.info("TLS Handshake was successful. Starting input listener thread");
+        SecureChannel secureChannel = new SecureChannel(this);
+        this.listener = secureChannel;
+        inputListenerThread.start();
+        callback.secureChannelConnectHandler(secureChannel);
+    }
+
+    @Override
+    public void onMessage(int len, byte[] rawData) {
+        byte[] data = new byte[len];
+        System.arraycopy(rawData, 0, data, 0, len);
+        if ((new String(data, StandardCharsets.UTF_8)).equals(TlsConstants.END_OF_STREAM)){
+            //End of stream, connection is not available anymore
+            LOG.info("Client is terminating after server disconnected");
+            disconnect();
+            callback.connectionClosedHandler(this.connectionId);
+        } else {
+            listener.onMessage(data);
+        }
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/CustomX509ExtendedKeyManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedKeyManager.java
similarity index 66%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/CustomX509ExtendedKeyManager.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedKeyManager.java
index 86ea63919..f838cf09e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/CustomX509ExtendedKeyManager.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedKeyManager.java
@@ -1,16 +1,16 @@
-package de.fhg.aisec.ids.idscp2;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.X509ExtendedKeyManager;
-import java.lang.reflect.Array;
 import java.net.Socket;
 import java.security.Principal;
 import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
 import java.util.Arrays;
+import java.util.HashMap;
 
 /**
  * A custom X590ExtendedKeyManager, that allows to choose a TrustStore entry by a given certificate alias and
@@ -25,7 +25,14 @@ public class CustomX509ExtendedKeyManager extends X509ExtendedKeyManager{
     private final String keyType;
     private final X509ExtendedKeyManager delegate;
 
-    public CustomX509ExtendedKeyManager(String alias, String keyType, final X509ExtendedKeyManager delegate){
+    // server and client aliases are cached in a private context (in entryCacheMap) by the X509ExtendedKeyManager
+    // implementation. Therefore, getServerAliases() / getClientAliases() returns only uncached aliases since the
+    // update on java 11. As we have to check in chooseClientAliases() and chooseServerAlias() if the alias exists in
+    // the keystore and we cannot access the cached aliases without an overwritten X509KeyManagerImpl instance, we will
+    // also cache the aliases and its properties in the following HashMap.
+    private HashMap<String, CachedAliasValue> cachedAliases = new HashMap<>();
+
+    CustomX509ExtendedKeyManager(String alias, String keyType, final X509ExtendedKeyManager delegate){
         super();
         this.certAlias = alias;
         this.keyType = keyType;
@@ -34,7 +41,10 @@ public CustomX509ExtendedKeyManager(String alias, String keyType, final X509Exte
 
     @Override
     public String[] getClientAliases(String s, Principal[] principals) {
-        return delegate.getClientAliases(s, principals);
+        String[] clientAliases = delegate.getClientAliases(s, principals);
+        for (String alias : clientAliases)
+            cachedAliases.putIfAbsent(alias, new CachedAliasValue(s, principals));
+        return clientAliases;
     }
 
     @Override
@@ -42,7 +52,9 @@ public String[] getClientAliases(String s, Principal[] principals) {
        called only by client in TLS handshake */
     public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket socket) {
         if (Arrays.asList(keyTypes).contains(this.keyType)){
-            if (Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
+            if ((cachedAliases.containsKey(this.certAlias) &&
+                    cachedAliases.get(this.certAlias).match(keyType, issuers))
+                    || Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
                 LOG.info("CertificateAlias is {}", this.certAlias);
                 return this.certAlias;
             } else {
@@ -59,7 +71,10 @@ public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket s
 
     @Override
     public String[] getServerAliases(String s, Principal[] principals) {
-        return delegate.getServerAliases(s, principals);
+        String[] serverAliases = delegate.getServerAliases(s, principals);
+        for (String alias : serverAliases)
+            cachedAliases.putIfAbsent(alias, new CachedAliasValue(s, principals));
+        return serverAliases;
     }
 
     @Override
@@ -67,7 +82,8 @@ public String[] getServerAliases(String s, Principal[] principals) {
        called only by server in TLS handshake*/
     public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
         if (keyType.equals(this.keyType)){
-            if (Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
+            if ((cachedAliases.containsKey(certAlias) && cachedAliases.get(this.certAlias).match(keyType, issuers))
+                    || Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
                 LOG.info("CertificateAlias is {}", this.certAlias);
                 return this.certAlias;
             } else {
@@ -118,4 +134,18 @@ public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSL
     public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine sslEngine){
         return delegate.chooseEngineServerAlias(keyType, issuers, sslEngine);
     }
+
+    private class CachedAliasValue {
+        private String keyType;
+        private Principal[] issuers;
+
+        CachedAliasValue(String keyType, Principal[] issuers){
+            this.keyType = keyType;
+            this.issuers = issuers;
+        }
+
+        boolean match(String keyType, Principal[] principals){
+            return this.keyType.equals(keyType) && (principals == null /* || //FIXME check issuers */);
+        }
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedTrustManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedTrustManager.java
new file mode 100644
index 000000000..725ae2361
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedTrustManager.java
@@ -0,0 +1,79 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores;
+
+import javax.net.ssl.SSLEngine;
+import javax.net.ssl.X509ExtendedTrustManager;
+import java.net.Socket;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
+
+/**
+ * currently not in use, we will use the https hostname verification instead
+ *
+ * A custom X509ExtendedTrustManager for hostname verification and algorithm constraints,
+ * which is an application protocol task and avoids Man-In-The-Middle Attacks
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class CustomX509ExtendedTrustManager extends X509ExtendedTrustManager {
+    /*
+    * verifying that the certificate itself can be trusted (RFC 3280/5280) and verifying the identity in the certificate (RFC 6125, or RFC 2818 for HTTPS)
+    * https://tersesystems.com/blog/2014/03/23/fixing-hostname-verification/
+    * https://tools.ietf.org/html/rfc6125
+    * https://tools.ietf.org/search/rfc6125
+    *
+    *
+    * sslParams.setEndpointIdentificationAlgorithm("HTTPS"); //makes identity verification in the ssl context
+    *
+    *
+    * If the socket parameter is an instance of SSLSocket, and the endpoint identification algorithm of the
+    * SSLParameters is non-empty, to prevent man-in-the-middle attacks, the address that the socket connected to
+    * should be checked against the peer's identity presented in the end-entity X509 certificate, as specified in
+    * the endpoint identification algorithm.
+    *
+    *
+    * If the socket parameter is an instance of SSLSocket, and the algorithm constraints of the SSLParameters is
+    * non-null, for every certificate in the certification path, fields such as subject public key, the signature
+    * algorithm, key usage, extended key usage, etc. need to conform to the algorithm constraints in place on this
+    * socket.*/
+
+    private X509ExtendedTrustManager delegate;
+
+    public CustomX509ExtendedTrustManager(X509ExtendedTrustManager delegate){
+        this.delegate = delegate;
+    }
+
+    @Override
+    public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {
+        delegate.checkClientTrusted(x509Certificates, s, socket);
+    }
+
+    @Override
+    public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {
+        delegate.checkServerTrusted(x509Certificates, s, socket);
+    }
+
+    @Override
+    public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {
+        delegate.checkClientTrusted(x509Certificates, s, sslEngine);
+    }
+
+    @Override
+    public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {
+        delegate.checkServerTrusted(x509Certificates, s, sslEngine);
+    }
+
+    @Override
+    public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
+        delegate.checkClientTrusted(x509Certificates, s);
+    }
+
+    @Override
+    public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
+        delegate.checkServerTrusted(x509Certificates, s);
+    }
+
+    @Override
+    public X509Certificate[] getAcceptedIssuers() {
+        return delegate.getAcceptedIssuers();
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/TLSPreConfiguration.java
similarity index 95%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/TLSPreConfiguration.java
index 525bd2f90..3ce92fca5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/TLSPreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/TLSPreConfiguration.java
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores;
 
 import javax.net.ssl.*;
 import java.io.IOException;
@@ -44,8 +44,8 @@ public static TrustManager[] getX509ExtTrustManager(
             /* set up TrustManager config */
             //allow only X509 Authentication
             if (myTrustManager.length == 1 && myTrustManager[0] instanceof X509ExtendedTrustManager) {
-                //toDo hostname verification and algorithm constraints
-
+                //toDo algorithm constraints
+                //toDO hostname verification is currently done by using https identification protocol
                 return myTrustManager;
             } else {
                 throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(myTrustManager));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
new file mode 100644
index 000000000..9bf576e23
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -0,0 +1,147 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores.TLSPreConfiguration;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.*;
+import java.io.IOException;
+import java.net.ServerSocket;
+import java.net.SocketTimeoutException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * A TLS Server that listens on a given port from the IDSCPv2Settings and create new TLSServerThreads for incoming
+ * connections
+ *
+ * Developer API
+ *
+ * constructors:
+ * TLSServer(IDSCPv2Settings, IDSCPv2Callback) initializes the TLS Socket and all TLS Security configurations like
+ *                                              sslParameters (protocol, cipher, ..), trustStore, keyStore
+ *
+ * Methods:
+ * run()
+ * safeStop()
+ * isRunning()
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class TLSServer extends Thread implements SecureServer {
+    private static final Logger LOG = LoggerFactory.getLogger(TLSServer.class);
+
+    private volatile boolean isRunning = false;
+    private ServerSocket serverSocket = null;
+    private IDSCPv2Callback callback;
+
+    public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback callback){
+        this.callback = callback;
+
+        /* init server for TCP/TLS communication */
+        try {
+            /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
+             * hostVerification and algorithm constraints */
+            TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
+                    serverSettings.getTrustStorePath(),
+                    serverSettings.getTrustStorePassword()
+            );
+
+            /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
+             * connection specific key selection via key alias*/
+            KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
+                    serverSettings.getKeyStorePath(),
+                    serverSettings.getKeyStorePassword(),
+                    serverSettings.getCertAlias(),
+                    serverSettings.getKeyStoreKeyType()
+            );
+
+            // create tls context based on keyManager and trustManager
+            SSLContext sslContext = SSLContext.getInstance(TlsConstants.TLS_INSTANCE);
+            sslContext.init(myKeyManager, myTrustManager, null);
+            SSLServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
+
+            //create server socket
+            serverSocket =  socketFactory.createServerSocket(serverSettings.getServerPort());
+            //set timeout for serverSocket.accept() to allow safeStop()
+            serverSocket.setSoTimeout(5000);
+
+            SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
+            SSLParameters sslParameters = sslServerSocket.getSSLParameters();
+            sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
+            sslParameters.setNeedClientAuth(true); //client must authenticate
+            sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.3
+            sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher suite
+            //FIXME uncomment hostname identification, this is deactivated because the client uses a certificate of an other identity in the examples at the moment
+            //sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
+            sslServerSocket.setSSLParameters(sslParameters);
+            LOG.info("Server was initialized successfully");
+
+        } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
+            LOG.error("Init SSL server socket failed");
+            e.printStackTrace();
+        }
+
+    }
+
+    @Override
+    public void run(){
+        LOG.info("Starting server");
+
+        if (serverSocket == null || serverSocket.isClosed()){
+            LOG.error("TLS Server socket is not available");
+            return;
+        }
+
+        SSLSocket sslSocket;
+        isRunning = true;
+        LOG.info("Server is running");
+        while(isRunning){
+            try {
+                sslSocket = (SSLSocket) serverSocket.accept();
+            } catch (SocketTimeoutException e){
+                //timeout on serverSocket blocking functions was reached
+                //in this way we can catch safeStop() function, that makes isRunning false
+                //without closing the serverSocket, so we can stop and restart the server
+                //alternative: close serverSocket. But then we cannot reuse it
+                continue;
+            } catch (IOException e) {
+                System.out.println("TLS Server failed");
+                e.printStackTrace();
+                isRunning = false;
+                return;
+            }
+
+            //start new server thread
+            LOG.info("New TLS client has connected. Create new server session");
+            TLSServerThread server = new TLSServerThread(sslSocket, this.callback);
+            sslSocket.addHandshakeCompletedListener(server);
+            server.start();
+        }
+
+        if (serverSocket != null && !serverSocket.isClosed()){
+            try {
+                serverSocket.close();
+            } catch (IOException e) {
+                LOG.error("Could not close TLS server socket");
+                e.printStackTrace();
+            }
+        }
+    }
+
+    @Override
+    public void safeStop(){
+        LOG.info("Stopping server");
+        isRunning = false;
+    }
+
+    @Override
+    public boolean isRunning(){
+        return isRunning;
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
similarity index 51%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index 5dac2ac76..0399dceb4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -1,6 +1,9 @@
-package de.fhg.aisec.ids.idscp2.Server;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
 
-import de.fhg.aisec.ids.idscp2.Constants;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -12,29 +15,49 @@
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.net.SocketTimeoutException;
-import java.nio.charset.StandardCharsets;
+import java.util.concurrent.CountDownLatch;
 
 /**
- * A TLS server thread implementation for the IDSCPv2 protocol.
+ * A TLSServerThread that notifies an IDSCPv2Config when a secure channel was created and the TLS handshake is done
+ * When new data are available the serverThread transfers them to the SecureChannelListener
+ *
+ * Developer API
+ *
+ * constructors:
+ * TLSServerThread(IDSCPv2Settings, IDSCPv2Callback) initializes the TLS Socket
+ *
+ * Methods:
+ * run()    runs the serverThread and starts listening for new data
+ *
+ * close()  disconnects the serverThread
+ *
+ * setConnectionId(ConnectionId) set the internal connectionId, which is used for notifying the IDSCPv2Configuration
+ *                                when the client quits the connection
+ *
+ * handshakeCompleted()        create a secureChannel, including this serverThread and provides it to the IDSCPv2Config
+ *
+ * send(byte[] data)            send data to the client
+ *
+ * onMessage(int len, byte[] rawData) is called when new data are available. Transfer them to the SecureChannelListener
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-
-public class TLSServerThread extends Thread implements ServerThread, HandshakeCompletedListener {
+public class TLSServerThread extends Thread implements HandshakeCompletedListener, SecureChannelEndpoint {
     private static final Logger LOG = LoggerFactory.getLogger(TLSServerThread.class);
 
     private SSLSocket sslSocket;
     private volatile boolean running = true;
     private InputStream in;
     private OutputStream out;
-    private boolean tlsHandshakeCompleted = false;
-    private boolean sendServerGoodbye = true;
-    private ServerNodeSynchronizer serverNodeSynchronizer = null;
-    private String connectionId; //unique server - client connection id, that identifies this serverThread
+    private String connectionId;
+    private SecureChannelListener listener = null;
+    private IDSCPv2Callback callback;
+    private CountDownLatch listenerLatch = new CountDownLatch(1);
 
-    TLSServerThread(SSLSocket sslSocket, String connectionId){
+
+    TLSServerThread(SSLSocket sslSocket, IDSCPv2Callback callback){
         this.sslSocket = sslSocket;
-        this.connectionId = connectionId;
+        this.callback = callback;
 
         try {
             //set timout for blocking read
@@ -47,6 +70,11 @@ public class TLSServerThread extends Thread implements ServerThread, HandshakeCo
         }
     }
 
+    @Override
+    public void setConnectionId(String connectionId){
+        this.connectionId = connectionId;
+    }
+
     @Override
     public void run(){
         //wait for new data while running
@@ -54,9 +82,9 @@ public void run(){
 
         while (running){
             try {
-                int len = in.read(buf, 0, buf.length - 1);
+                int len = in.read(buf, 0, buf.length);
                 if (0 > len) {
-                    onMessage(Constants.END_OF_STREAM.length(), Constants.END_OF_STREAM.getBytes());
+                    //onMessage(TlsConstants.END_OF_STREAM.length(), TlsConstants.END_OF_STREAM.getBytes());
                     running = false;
                 } else {
                     onMessage(len, buf);
@@ -75,22 +103,17 @@ public void run(){
                 running = false;
             }
         }
+        callback.connectionClosedHandler(this.connectionId);
+        LOG.info("ServerThread is terminating");
         try {
-            if (sendServerGoodbye)
-                send(Constants.SERVER_GOODBYE);
             out.close();
             in.close();
             sslSocket.close();
         } catch (IOException e) {
             e.printStackTrace();
         }
-
-        //unregister from main server
-        if (this.serverNodeSynchronizer != null)
-            this.serverNodeSynchronizer.unregisterServerOnClose(this.connectionId);
     }
 
-    @Override
     public void send(byte[] data) {
         if (!isConnected()){
             LOG.error("Server cannot send data because socket is not connected");
@@ -106,41 +129,36 @@ public void send(byte[] data) {
         }
     }
 
-    public void send(String data){
-        send(data.getBytes());
+    @Override
+    public void close() {
+        safeStop();
     }
 
-    public void onMessage(int len, byte[] rawData) {
-        String data = new String(rawData, 0, len, StandardCharsets.UTF_8);
-        if (data.equals(Constants.END_OF_STREAM) ||
-                data.equals(Constants.CLIENT_GOODBYE)){
-            //End of stream or client goodbye, connection is no longer available
-            running = false; //terminate server
-            LOG.info("Server is terminating after client disconnect");
-            sendServerGoodbye = false;
-        } else {
-            //toDo do something with the received data
-            System.out.println("New data received: " + data);
+    public void onMessage(int len, byte[] rawData)  {
+        byte[] data = new byte[len];
+        System.arraycopy(rawData, 0, data, 0, len);
+        try{
+            listenerLatch.await();
+            this.listener.onMessage(data);
+        } catch (InterruptedException e){
+            e.printStackTrace();
         }
     }
 
-    public void safeStop(){
+    private void safeStop(){
         running = false;
     }
 
-    @Override
     public boolean isConnected() {
         return (sslSocket != null && sslSocket.isConnected());
     }
 
-    @Override
-    public void registerListener(ServerNodeSynchronizer serverNodeSynchronizer) {
-        this.serverNodeSynchronizer = serverNodeSynchronizer;
-    }
-
     @Override
     public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
-        tlsHandshakeCompleted = true;
         LOG.info("TLS handshake was successful");
+        SecureChannel secureChannel = new SecureChannel(this);
+        this.listener = secureChannel;
+        listenerLatch.countDown();
+        callback.secureChannelListenHandler(secureChannel);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
new file mode 100644
index 000000000..ebc2c2c47
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
@@ -0,0 +1,12 @@
+package de.fhg.aisec.ids.idscp2.drivers.interfaces;
+
+/**
+ * An interface for the DAPS driver, which is used to verify and request dynamicAttributeTokens
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public interface DapsDriver {
+
+    byte[] getToken();
+    boolean verifyToken(byte[] dat);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
new file mode 100644
index 000000000..eb410c0dc
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
@@ -0,0 +1,10 @@
+package de.fhg.aisec.ids.idscp2.drivers.interfaces;
+
+/**
+ * An interface for the remote attestation prover driver that is used for proving the current state by RAT mechanism
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public interface RatProverDriver {
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
new file mode 100644
index 000000000..aabc88d10
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
@@ -0,0 +1,9 @@
+package de.fhg.aisec.ids.idscp2.drivers.interfaces;
+
+/**
+ * An interface for the remote attestation verifier driver that is used for verifying provers system sate
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public interface RatVerifierDriver {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
new file mode 100644
index 000000000..1d4535d23
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
@@ -0,0 +1,9 @@
+package de.fhg.aisec.ids.idscp2.drivers.interfaces;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+
+public interface SecureChannelDriver {
+    void connect(IDSCPv2Settings settings, IDSCPv2Callback callback);
+    SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback callback);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
new file mode 100644
index 000000000..7e893a04a
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
@@ -0,0 +1,15 @@
+package de.fhg.aisec.ids.idscp2.drivers.interfaces;
+
+/**
+ *
+ *
+ * Developer API
+ *
+ * Methods:
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public interface SecureServer {
+    void safeStop();
+    boolean isRunning();
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Exception.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/IDSCPv2Exception.java
similarity index 64%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Exception.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/IDSCPv2Exception.java
index 315182e33..e16824f26 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Exception.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/IDSCPv2Exception.java
@@ -1,5 +1,10 @@
-package de.fhg.aisec.ids.idscp2;
+package de.fhg.aisec.ids.idscp2.error;
 
+/**
+ * IDSCPv2 Exception
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class IDSCPv2Exception extends RuntimeException{
     public IDSCPv2Exception(String message) {
         super(message);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
new file mode 100644
index 000000000..19cc9cad5
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
@@ -0,0 +1,60 @@
+package de.fhg.aisec.ids.idscp2.idscp_core;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
+import de.fhg.aisec.ids.messages.IDSCPv2.IdscpClose;
+import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
+
+/**
+ * The IDSCPv2 Connection class is the entry point for the IDSCPv2 protocol. It runs a peer (client or server) and
+ * establishes a secure state by building a secure transfer channel, verifies the dynamicAttributeToken and RAT
+ *
+ * Developer API:
+ *
+ * Constructors:
+ * IDSCPv2Connection(SecureChannel sc, String connectionID)
+ *
+ * Methods:
+ * void close()             to close an IDSCP connection
+ * void send(IdscpMessage)  to send an idscp message to the other idscp endpoint
+ * void onMessage()         to receive an asynchronous message from the other idscp endpoint
+ * boolean isConnected()    to check if the idscp connection is still open
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class IDSCPv2Connection implements IdscpMsgListener {
+
+    private SecureChannel secureChannel;
+    private String connectionId;
+
+    public IDSCPv2Connection(SecureChannel secureChannel, String connectionId){
+        this.secureChannel = secureChannel;
+        this.connectionId = connectionId;
+        secureChannel.setEndpointConnectionId(connectionId);
+    }
+
+    public void close() {
+        IdscpMessage msg = IdscpMessage.newBuilder()
+                .setType(IdscpMessage.Type.IDSCP_CLOSE)
+                .setIdscpClose(IdscpClose.newBuilder().build()
+                ).build();
+        send(msg);
+        secureChannel.close();
+    }
+
+    public void send(IdscpMessage msg) {
+        secureChannel.send(msg);
+    }
+
+    @Override
+    public void onMessage(IdscpMessage msg) {
+        System.out.println("Received new IDSCP Message: " + msg.toString());
+    }
+
+    public boolean isConnected() {
+        return secureChannel.isConnected();
+    }
+
+    public String getConnectionId() {
+        return connectionId;
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConstants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConstants.java
new file mode 100644
index 000000000..37a9c9502
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConstants.java
@@ -0,0 +1,10 @@
+package de.fhg.aisec.ids.idscp2.idscp_core;
+
+/**
+ * Global IDSCPv2 protocol constants
+ *
+ * @author Leon Beckmann(leon.beckmann@aisec.fraunhofer.de)
+ */
+public final class IdscpConstants {
+    private IdscpConstants(){};
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
new file mode 100644
index 000000000..a3a2a0b22
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
@@ -0,0 +1,7 @@
+package de.fhg.aisec.ids.idscp2.idscp_core;
+
+import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
+
+public interface IdscpMsgListener {
+    void onMessage(IdscpMessage message);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/AttestationConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
similarity index 81%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/AttestationConfig.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
index bffae6d66..5a05122da 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/AttestationConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
@@ -1,11 +1,10 @@
-package de.fhg.aisec.ids.idscp2;
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
 /**
  * Attestation configuration class, containing attestation suite for supported / expected attestation types
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-
 public class AttestationConfig {
 
     public AttestationConfig(){
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
new file mode 100644
index 000000000..8006525bb
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
@@ -0,0 +1,9 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
+
+public interface IDSCPv2Callback {
+    void secureChannelConnectHandler(SecureChannel secureChannel);
+    void secureChannelListenHandler(SecureChannel secureChannel);
+    void connectionClosedHandler(String connectionId);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
new file mode 100644
index 000000000..4ee926427
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -0,0 +1,85 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
+
+import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
+import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
+
+import java.util.UUID;
+
+/**
+ * IDSCPv2Configuration Class, provides IDSCPv2 API to the User (IDSCPv2Initiator)
+ *
+ * Developer API
+ *
+ * Methods:
+ * void onConnect(IDSCPv2Connection)       to notify the user, a new connection was created
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class IDSCPv2Configuration implements IDSCPv2Callback {
+
+    private IDSCPv2Initiator user;
+    private DapsDriver dapsDriver;
+    private RatProverDriver ratProverDriver;
+    private RatVerifierDriver ratVerifierDriver;
+    private SecureChannelDriver secureChannelDriver;
+
+
+    public IDSCPv2Configuration(IDSCPv2Initiator initiator,
+                                DapsDriver dapsDriver,
+                                RatVerifierDriver ratVerifierDriver,
+                                RatProverDriver ratProverDriver,
+                                SecureChannelDriver secureChannelDriver){
+        this.user = initiator;
+        this.dapsDriver = dapsDriver;
+        this.ratVerifierDriver = ratVerifierDriver;
+        this.ratProverDriver = ratProverDriver;
+        this.secureChannelDriver = secureChannelDriver;
+    }
+
+    public void connect(IDSCPv2Settings settings){
+        secureChannelDriver.connect(settings, this);
+    }
+
+    public SecureServer listen(IDSCPv2Settings settings){
+        return secureChannelDriver.listen(settings, this);
+    }
+
+    @Override
+    public void secureChannelConnectHandler(SecureChannel secureChannel) {
+        if (secureChannel == null){
+            user.errorHandler("Creating Secure channel failed. Cannot create secure Channel");
+        } else {
+
+            //toDo verify security properties
+            //toDo RAT
+
+            //create new IDSCPv2Connection
+            String connectionId = UUID.randomUUID().toString();
+            IDSCPv2Connection newConnection = new IDSCPv2Connection(secureChannel, connectionId);
+            secureChannel.registerMessageListener(newConnection);
+            user.newConnectionHandler(newConnection);
+        }
+    }
+
+    @Override
+    public void secureChannelListenHandler(SecureChannel secureChannel) {
+        if (secureChannel != null){
+
+            //toDo verify security properties
+            //toDo RAT
+
+            //create new IDSCPv2Connection
+            String connectionId = UUID.randomUUID().toString();
+            IDSCPv2Connection newConnection = new IDSCPv2Connection(secureChannel, connectionId);
+            secureChannel.registerMessageListener(newConnection);
+            user.newConnectionHandler(newConnection);
+        }
+    }
+
+    @Override
+    public void connectionClosedHandler(String connectionId) {
+        user.connectionClosedHandler(connectionId);
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
similarity index 79%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
index e4f9f7660..7de785e0d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
@@ -1,9 +1,15 @@
-package de.fhg.aisec.ids.idscp2;
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
-public abstract class IDSCPv2Configuration {
-    public static final int DEFAULT_SERVER_PORT = 8080;
+/**
+ * IDSCPv2 configuration class, containing information about keyStore and TrustStores, Attestation Types
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class IDSCPv2Settings {
+    public static final int DEFAULT_SERVER_PORT = 8081;
 
     private int serverPort = DEFAULT_SERVER_PORT;
+    private String host = "localhost";
     private String trustStorePath = null;
     private String trustStorePassword = "password";
     private String keyStorePath = null;
@@ -13,7 +19,6 @@ public abstract class IDSCPv2Configuration {
     private AttestationConfig supportedAttestation = null;
     private AttestationConfig expectedAttestation = null;
 
-
     public AttestationConfig getExpectedAttestation() {
         return expectedAttestation;
     }
@@ -73,4 +78,12 @@ public void setTrustStorePassword(String trustStorePassword) {
     public void setKeyStorePassword(String keyStorePassword) {
         this.keyStorePassword = keyStorePassword;
     }
+
+    public String getHost() {
+        return host;
+    }
+
+    public void setHost(String host) {
+        this.host = host;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
new file mode 100644
index 000000000..ba1387f29
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -0,0 +1,63 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
+
+import com.google.protobuf.InvalidProtocolBufferException;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
+import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
+
+import java.util.Arrays;
+
+/**
+ * An interface for the secureChannel (e.g. TLS), which is the secure underlying basis of the IDSCPv2 protocol
+ *
+ * Developer API
+ *
+ * Constructors depends on the implementation
+ *
+ * Methods:
+ * void close()                                 to close the secureChannel to the other secure endpoint
+ * void send(IDSCPv2Message)                    to send an IDSCPv2Message as bytes via the secure channel
+ * void onMessage(byte[] data)                  to receive new bytes via the secure channel
+ * boolean isConnected()                        to check if the secure channel is still open
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class SecureChannel implements SecureChannelListener {
+
+    private SecureChannelEndpoint endpoint;
+    private IdscpMsgListener listener = null;
+
+    public SecureChannel(SecureChannelEndpoint secureChannelEndpoint){
+        this.endpoint = secureChannelEndpoint;
+    }
+
+    public void close(){
+        endpoint.close();
+    }
+
+    public void send(IdscpMessage msg){
+        endpoint.send(msg.toByteArray());
+    }
+
+    @Override
+    public void onMessage(byte[] data){
+        System.out.println(Arrays.toString(data));
+        try {
+            IdscpMessage message = IdscpMessage.parseFrom(data);
+            listener.onMessage(message);
+        } catch (InvalidProtocolBufferException e) {
+            e.printStackTrace();
+        }
+    }
+
+    public boolean isConnected(){
+        return endpoint.isConnected();
+    }
+
+    public void registerMessageListener(IdscpMsgListener listener){
+        this.listener = listener;
+    }
+
+    public void setEndpointConnectionId(String id){
+        this.endpoint.setConnectionId(id);
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
new file mode 100644
index 000000000..83e08bcba
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
@@ -0,0 +1,10 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
+
+
+public interface SecureChannelEndpoint {
+    void close();
+    void onMessage(int len, byte[] bytes);
+    void send(byte[] bytes);
+    boolean isConnected();
+    void setConnectionId(String id);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
new file mode 100644
index 000000000..8ad5218ab
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
@@ -0,0 +1,5 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
+
+public interface SecureChannelListener {
+    void onMessage(byte[] data);
+}
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
new file mode 100644
index 000000000..d00d0d06a
--- /dev/null
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -0,0 +1,38 @@
+import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+
+import java.util.concurrent.ConcurrentHashMap;
+
+public class IDSCPv2ClientInitiator implements IDSCPv2Initiator {
+
+    private ConcurrentHashMap<String, IDSCPv2Connection> connections = new ConcurrentHashMap<>();
+
+    public void init(IDSCPv2Settings settings){
+        SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
+        IDSCPv2Configuration clientConfig = new IDSCPv2Configuration(this,
+                null, null, null, secureChannelDriver);
+        clientConfig.connect(settings);
+    }
+
+
+    @Override
+    public void newConnectionHandler(IDSCPv2Connection connection) {
+        this.connections.put(connection.getConnectionId(), connection);
+        connection.close();
+    }
+
+    @Override
+    public void errorHandler(String error) {
+        System.out.println(error);
+    }
+
+    @Override
+    public void connectionClosedHandler(String connectionId) {
+        System.out.println("Connection closed");
+        connections.remove(connectionId);
+    }
+}
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
new file mode 100644
index 000000000..eb76df665
--- /dev/null
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -0,0 +1,47 @@
+import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
+import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+
+import java.util.concurrent.ConcurrentHashMap;
+
+
+public class IDSCPv2ServerInitiator implements IDSCPv2Initiator {
+
+    private ConcurrentHashMap<String, IDSCPv2Connection> connections = new ConcurrentHashMap<>();
+    private SecureServer secureServer = null;
+
+
+    public void init(IDSCPv2Settings serverSettings)  {
+        SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
+        IDSCPv2Configuration idscpServerConfig = new IDSCPv2Configuration(this,
+                null,null,null,secureChannelDriver);
+        secureServer = idscpServerConfig.listen(serverSettings);
+        //secureServer.safeStop();
+        try {
+            Thread.sleep(300000); //run server for 5 minutes
+        } catch (Exception e){
+
+        }
+        secureServer.safeStop();
+    }
+
+    @Override
+    public void newConnectionHandler(IDSCPv2Connection connection) {
+        connections.put(connection.getConnectionId(), connection);
+    }
+
+    @Override
+    public void errorHandler(String error) {
+
+    }
+
+    @Override
+    public void connectionClosedHandler(String connectionId) {
+        System.out.println("Connection closed");
+        connections.remove(connectionId);
+    }
+}
diff --git a/idscp2/src/test/java/RunTLSClient.java b/idscp2/src/test/java/RunTLSClient.java
index c2902a68d..0be272085 100644
--- a/idscp2/src/test/java/RunTLSClient.java
+++ b/idscp2/src/test/java/RunTLSClient.java
@@ -1,23 +1,18 @@
-import de.fhg.aisec.ids.idscp2.Client.ClientConfiguration;
-import de.fhg.aisec.ids.idscp2.Client.TLSClient;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+
 
 public class RunTLSClient {
 
     public static void main(String[] args){
-
         //start client
-        ClientConfiguration clientConfiguration = new ClientConfiguration();
-        clientConfiguration.setKeyStorePath(RunTLSClient.class.getClassLoader().
-                getResource("jsse/aisecconnector2-keystore.jks").getPath());
-        clientConfiguration.setTrustStorePath(RunTLSClient.class.getClassLoader().
-                getResource("jsse/client-truststore_new.jks").getPath());
-        TLSClient tlsClient = new TLSClient(clientConfiguration);
-        if (!tlsClient.connect())
-            return;
+        IDSCPv2Settings settings = new IDSCPv2Settings();
+        settings.setKeyStorePath(RunTLSClient.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath());
+        settings.setTrustStorePath(RunTLSClient.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath());
 
-        tlsClient.send("hi, how are u");
+        IDSCPv2ClientInitiator initiator = new IDSCPv2ClientInitiator();
+        initiator.init(settings);
 
-        tlsClient.disconnect(true);
     }
-
 }
diff --git a/idscp2/src/test/java/RunTLSServer.java b/idscp2/src/test/java/RunTLSServer.java
index 1f2001b62..8265950ff 100644
--- a/idscp2/src/test/java/RunTLSServer.java
+++ b/idscp2/src/test/java/RunTLSServer.java
@@ -1,17 +1,16 @@
-import de.fhg.aisec.ids.idscp2.Server.ServerConfiguration;
-import de.fhg.aisec.ids.idscp2.Server.TLSServer;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
 
-public class RunTLSServer {
+public class RunTLSServer{
 
     public static void main(String[] argv){
 
-        ServerConfiguration serverConfiguration = new ServerConfiguration();
-        serverConfiguration.setKeyStorePath(RunTLSServer.class.getClassLoader().
-                getResource("jsse/aisecconnector2-keystore.jks").getPath());
-        serverConfiguration.setTrustStorePath(RunTLSServer.class.getClassLoader().
-                getResource("jsse/client-truststore_new.jks").getPath());
-        TLSServer tlsServer = new TLSServer(serverConfiguration);
-        tlsServer.start();
-        tlsServer.close();
+        IDSCPv2Settings settings = new IDSCPv2Settings();
+        settings.setKeyStorePath(RunTLSServer.class.getClassLoader().
+                getResource("ssl/aisecconnector2-keystore.jks").getPath());
+        settings.setTrustStorePath(RunTLSServer.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath());
+
+        IDSCPv2ServerInitiator initiator = new IDSCPv2ServerInitiator();
+        initiator.init(settings);
     }
 }
diff --git a/idscp2/src/test/resources/jsse/aisecconnector1-keystore.jks b/idscp2/src/test/resources/ssl/aisecconnector1-keystore.jks
similarity index 100%
rename from idscp2/src/test/resources/jsse/aisecconnector1-keystore.jks
rename to idscp2/src/test/resources/ssl/aisecconnector1-keystore.jks
diff --git a/idscp2/src/test/resources/jsse/aisecconnector2-keystore.jks b/idscp2/src/test/resources/ssl/aisecconnector2-keystore.jks
similarity index 100%
rename from idscp2/src/test/resources/jsse/aisecconnector2-keystore.jks
rename to idscp2/src/test/resources/ssl/aisecconnector2-keystore.jks
diff --git a/idscp2/src/test/resources/jsse/client-truststore_new.jks b/idscp2/src/test/resources/ssl/client-truststore_new.jks
similarity index 100%
rename from idscp2/src/test/resources/jsse/client-truststore_new.jks
rename to idscp2/src/test/resources/ssl/client-truststore_new.jks
diff --git a/idscp2/src/test/resources/ssl/consumer-core-keystore.jks b/idscp2/src/test/resources/ssl/consumer-core-keystore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..2954091c5335e34036ec818d63bf9cd08a9651ea
GIT binary patch
literal 2441
zcma)7c{r497oTSqWNf`7M#z?JnDIP}ZDzDslTvn5sKHF5n910RP!k$^%SRHT##Y0d
zq-04+yojQr=(UYD!dteA_(tz?y?=ave1DwlI=^%7`<(ln>vx~CGPN=VgTde;0e%Vq
zi8R(9uGIrD7zzNn$RD7Ln52OifCO;x^#Fi^A-TwpBk@C$CalK(=8^p5DG%fjO-uY_
zRG_kIIpJ~%=7%SmU!7!>a*_1PdP(K<t33zP$XWe&7v|p{qow(6p5XKBq`%y69U9N;
zS>ol?+;5h%gpYmTQ8~ub-xz`$%!~GI0X)XLT>zCXk)`NYBu=&Pb(HgXqODW4;;@M&
zo>h82RP&fHPU#lF>@#M&6wIhyiXm<!H17X;Cb$)^R8hSen5C^(J^E!#sUVe8AQ@Nf
z($yF3ou6=L@#G<4_7;kN+Kg~RwpKmZc(K;zcH+=`q>-}WcAEECWR{hRRk*mb8CFm!
zKjnTKL11`cn++dD6pkO*{rq_8lwx>H0SY%6v4Gq)scGB&{nm?-Z_+b&3C<<QP8^Eu
zVme#4JD9XuMTX#3tuA-WrYTLnskC(VsKj-r4d)Ytugns8$q6Bb={?uWGwd$8&0`-t
zlQK*Xh=9qr01>r5#5{japgh_K|4KQFO?o*J)0;F<n`1Qi?ES}mW_uE>?TAX#gUPG=
z4aBCQ+nyC3DDsA&Bc7_eY+OzAg!MIf-PUvPP+KL>=d*4D=55(l%UPe4>wb%AD7H@+
ze74*b7jd?ofLEOiYL=uoza4Q5S#C?x!R@_Agio2g==es})QOG0%_q6YdM1osEznmy
zkAVpaJB%b3LU`JhQ5Ji4HOcjH!S0LyDOP@2sGOL5;|&EAQZbWWH7UP{AO8Kdd~MF5
z-58Qz94ui>#bpY>W+cbT$#_qYSmWhh8}lebUZ1=cC6hX4E^m5PT6cNqZcO^d{aaaG
z)`Fv0A%S=x%PF>{*s=QXm3D+g%~K;H`MqD$_8F%_`HUerBc;K${esPRTM~}st@R0O
zil})^MN;LX8%`HjOsnedef#O)cSQ7;4=zo5a{Kw3wd9`N&L$cjXW+B@yEq<8c@%#7
z;#-X5WUxN5iLhAi5@M0Ft>b_PnMNKCYRq-vq$Jw;+QcZ*>&X4Bg{FHq#&w$wwPRCe
zvlDA!CS`;yT?#^9In&Q~C6b`Qw_i{d7kKr0lx}s;hDLib1W9eivtxlfe6fUE9}{7J
zEHfv=F5k){MEF(NK8|h5@{`s0r6HdCP(NGvLw7|daZ!SBBbkyzJ)WBeecczqT*at=
z#)Gkm&-W|!^7{3t2h}?b*-XP>KjDi!%v+r&vuaz)8b?~zTg!x%4mK4Bl$lT&e1*L<
zJs_xE%oqJOx|wz;g>kcvjlDfuslk7)ot!!xmDV%o@>L&=@tnA~`%3+IoIE;spLTCK
z#kNvF?3Ey#Q(Gd@j=cUY;UV-u^_c4q%DtLC*shGyZ~5RY4D+hqnC?XZ<zdM5<ngag
z4zP()MREbx=b<~c5Or?ehq#g{IS|_Ws@1MGH6~~LdU5W%_k%7@-Je2v!wt!Y!*)`)
zBIY_jhN?PJDz8;wO{yFpW)J&z=C<+bY=+7iv5=mJ-O(lJeAJ87H>uky(zlaNJ#xO#
zMM`^OX!1MDeSTFzS@CRz{@11Wnpnb?qdU4}YD)DY840f8A#s^42^~U<TMmhLb9p^u
z*9Bp!)ecp}Q}I;K>ReP&ZH2Cm@25+FJ@X}fmt-&c^lS3H6=O9uv_2p6J)8P_utPcD
zc_2Qo?CIFkLq%6U>kNjSOjs5y%taLhIjM2ztlUnHZOZE|mrAzJJND0+i1H?wf|f8C
z(q1$VtwAmVSBQWEa5!KJN{g+-CGALBlm-Aa3I=Y2(BL{Tga=X#1Glw<FyQ(%ASoqj
z&!I)Im}~}}1F3);*Ng}$jH9iax;s5AT-`0g-)6hIF$h_Jn-rxXOUM`kA)=`z1npCl
zHijT$(DE+`(*BPOGN9C22DB7vyQ7<(4TJ{`{>-=;vViDxq6rO82N|Y#A|3L_TM%gh
zcr!ZP-_p{A4q2EpKrW#9@47@IAHfA=VIsREoC^T3CdvslS*~YZRik;>tW9)NFeRWD
zZ5G?oq+8E>5`{>n)K^os=;v6MSj^u!YTI!WJvEgb?vMH*tNt0+ORqj>l8gT}Qx>6K
z?=n>rb)}$faGmXuvBTL_O<$H*v$}m6@drIe7Bf4gZY}`_vU^NlZvJrN)kI6QfHddt
zEF9wFc8qn8$9OZ{?yjg0ir?SjI;t>qPg?@17rISJzm;_@GD3b|>L&lR2h`b{)BQ)v
zF?Q=B-oyL&*s@C(m~r;`4<<tD$4?K$OVdUXnch228U)6j!WBNVdfXly<{#yz@j*$h
zb7nHQ)qOV$G?zK~dQaj2r+Whd7U@*{l#?yKiiRTq7;udXY!-Dy9aI&yR#gV6fRvYy
zzn)INjMip1l*}(TkVCe-EE0lhYi=zh7F0MX-<j5SC-HchR!QfE8;X04-qCG*Km4SN
zDh3G$VIX?#tSl0VfTIdQ^EIG`1VI95ScogsOVVM6haV*w83k~H3ACUvdH{j(52*-&
zbfciaFoMVjx{FDO)-?(x4gkm<pgm~&HwNKJ7JtPEWJj@r*)-9O{}qYDW`_sR0_dD@
z5hcwCYs#NxY9kdu`M<*<;Qwd<h+TW_dgOXgmMa~=W`#wB&^h=3Hi!OiCW(HCh)Dn}
z_Bu-2tM*5|J5OvQP7rC_#kz7qgQV{y4%e&kNYo6D>A!tpdr@WH*gYEK*8vxao#f##
z5ZB05Wu$e;1#($In=W+K%^7u0pLy3iQC)FW!a`8`h+iqJE3@7-(wDONgjS2=o870r
zXTC|&iPrM%L#p5(ExQsIG}56w1J+{E8^l({g<zEqnG?@6q|T*zO3o3QnP+ELzTL+(
zI*Mm~;63?bhF{V(a8M*y)*4#%CCLm7Z#9pe!8D2G=D6i3?NbrsUA4=IN}1L#TNyZg
zCR!@WuRX?EsWZc@ZKvm~-cHihr*+54d~%6^{AfDewq9cM!(4T`eYS(SM?Rn(DkGSg
VRC-r3Q9Eb+oT?yPx+^UZ{1?Je1;+pY

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/ssl/consumer-core-truststore.jks b/idscp2/src/test/resources/ssl/consumer-core-truststore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..f33b415c29bde31cc216fc32c44a9f91854b6d04
GIT binary patch
literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jq5H$S`18anysevT}19P@P6LY#j6O;b}W+p}^CQgP;
zjPLc1rrl^a;AP{~YV&CO&dbQi%F1BiWXNs6$;KSY!Y0h*;%X>tAPC}c@o>2nC6?x8
z<fo+;8Oj;RfCQO&L_J-C6@v2fOB6y<i%S%o9TkiW3@r@g#CZ)Z3=ND84b2RV42+`0
zd5wWwBQq$MDt0t6Dj_?ak(GhDiIJbdpox)-sfm%1VUujDa__eZy^e_qYpy8xH%wdN
zBQ3D~gZ~>7&Re0}Q-l_7ndNDGE|)(%yrIK;fnd_p!vZ#{e<t|s_GLO^A*X5gYkiRa
z<l=s56W+h#UFCBg-8>g2D7fVKF8%Bu0q^DY9{WsO=l0;N=H@>u9x#+2SoFGlZ|Aa0
zK6?vdcFz>6WDzJ@ouMP*By(r-geUJJE5phSyl$*%>EArL@12#h`F@`s>y}III<EVf
z=F7<1wk*1>$2WidyKPE~jyR^;ulHK<O<wN7-749urx)2w&dU9z^5MR)K-q~J9>#a^
ztL}W5RJ!S6_>(og`?QQpE;p+6Ni%=D^rd9UK0_4;7ZZsc<;%S$?uun%W@KPooL~@V
zAPbBuSw0pq7Ln=C--LUzboZpCKMvnn#$UGJL-GUzd62X+i-dt#19k=cAO*sVjQ?3!
z4VZzH0XIm1pM?dOlH8Ev0GND$alpvX!K^$j>)5Xomoy5uv8S*9Rc$W!wJVE7X>}WK
zN?r7AwX=?MlIJ{OtPj0yxqrX9Z>!XSd&=qmpFP`f{$pULh5F*fyN??u__{d%Gq-do
z?|AUJ+}t7PR8)4efThHil?(5+>^gV$?;h8H^JjJ>o?a*UE_;2O($c6HRh?6v9*eZq
zrZ;)ETu7Pdt@nFd)=k|7K^c?#exDB)Pn%k1AKV<Q>f#q*7BzWEeuN$Cv)K#G`FLZW
z9w;!GXvI9wU|v{n_PO&3ZAO~MelBQC7WMjcrJ>|i(Aw<XS_{5js-AF9``FCM2@;`a
zyXS?d-*UNPH({lSwX%x><KMq$7fefe_LL=V+Ue7CcY<>wYjJ53EF;d-L1e^Fz>N3~
zm=Ui*G9n`*atLzMBm<fNGaxYY85miDGoVS7fddhlT*g2O7|*~=E)2@#;QSq2ngq+@
zgtFgim7XyFTWVb;7Z2Wg_V1XU?3o!SosTc5iaa0ryvFZ9oL2VTEzdTrQ#hb-ZI!ud
zywZ%MU3;#S{W($eXL*W;*>+Roh)g%h?STa*HXE8EN{uzc@=rehDyQ^E<o5ZBIV+Xs
zu895~6xQS$*f~$_y-2@7^pA-4=;ntFn;!A!RFy5<F-h-PaKPb%3XW;Kygv{9xNK7P
z{zjausAY%3$=@a&iAT~F92ST;u(mB*zTf*4mwUcT%i+jLtI|XjMJiPpm)nZXi)1{U
z`C7%js^x8C?~$M0-lg4~Tp@zxjkksN1?<gkoBAs)e~Z1VANP7G{=jf4?e}}$#9Uis
z{&DL3Q(nae+upv0WWUA_290l#GT`Z+<J(#*S12z#ExKAfK>t~)bL<PsGGLp5IVd;E
zvltlY8R#s~TA<OUmQhktV5P60T$H1im|2{ftd|Bay7f|0^)pk7^?-5)A#5DlY``*~
zosp5n!@$kJ1;#gEYO{cvk&<7Ymy@3e)Pc>UB4Ej%oS2+iR01sa&GbMFwA2hP4+N)5
zy?wJq&-QQi-vxhbGB}*F<JY#Fl?vWIL5cI<Rke(3TzOkqKel#X%~lJ#T*{Em_UnSP
zNUdb>OHQuoBFFxT2%V_8a6F(l{dV%bRi5XvbJ@Gr&9gi@@%{Q%w%>sTmyUef!mhUQ
z*5fr>E#@Vj-|y!>TQ)GuCx7RH9m`g1xb-CAv1V(`THRF5gzBea3*>8#CB6OU!P00y
z-}>?F8{HMsQQaTi;w(S!f7F+eboR|J@fi)#U9p{sdY^V@RL^-+_w-=?MrNMIf3EpP
zjD}oyRGTLVPFuX|N!QH?g)gm&FRK|Y3EtoHtY>%J4?~Frhq-C<*JsV_cIuk{Is3?$
heM=ctc6?F$V7{_aql2ICs*3*lb6tsk|Bq?S0{}5o;p_ka

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/ssl/consumer-core.cert b/idscp2/src/test/resources/ssl/consumer-core.cert
new file mode 100644
index 000000000..894a5c1c0
--- /dev/null
+++ b/idscp2/src/test/resources/ssl/consumer-core.cert
@@ -0,0 +1,96 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 53 (0x35)
+    Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C=DE, O=Fraunhofer, CN=IDS Test SubCA 2018
+        Validity
+            Not Before: Dec 10 14:59:11 2019 GMT
+            Not After : Dec  9 14:59:11 2021 GMT
+        Subject: C=DE, O=Fraunhofer, OU=AISEC, CN=181ee43a-e0f5-4e1b-84ac-6eeb993e187f
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:bf:3c:7c:1f:0f:82:56:9c:b1:bd:37:73:f3:43:
+                    7a:bf:6c:3c:63:d2:0b:36:7d:c4:bf:27:bb:88:cc:
+                    77:03:89:3c:bb:b3:3c:3e:29:98:42:a6:38:f5:b6:
+                    70:44:ca:b0:0b:ed:ed:96:74:62:05:fd:0f:20:f1:
+                    2a:d2:65:b3:91:33:9a:2d:af:8f:0f:03:20:bb:51:
+                    ed:b5:77:9f:9e:c7:db:09:44:6b:e2:6a:96:b1:bf:
+                    f2:fc:ff:95:ce:5c:bd:2d:60:56:e0:f7:8f:cb:0c:
+                    b0:fb:01:5f:96:d1:35:d5:24:e8:ab:d8:ea:c4:7a:
+                    ac:3a:f4:62:4e:e3:de:a4:2a:48:e2:ce:e4:7b:58:
+                    68:53:b7:fe:20:db:07:be:3e:52:e1:16:de:b9:25:
+                    08:04:28:71:40:19:29:c6:6e:a3:76:75:14:5a:8b:
+                    1e:62:8c:c0:59:f3:b0:ee:d7:6b:a9:13:45:09:75:
+                    e7:02:d6:a4:18:a8:99:93:68:7e:46:9d:c0:ea:6d:
+                    bb:e4:83:da:7f:0d:61:e1:03:8f:58:48:80:2b:64:
+                    7e:81:2a:a0:d0:3d:c5:c9:6c:73:62:77:53:21:e8:
+                    19:10:cb:ef:eb:6c:c6:54:4d:6e:30:37:0e:80:d9:
+                    4f:85:da:72:ce:15:2e:00:76:4b:a5:cf:72:96:07:
+                    ff:0b
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                14:7F:AA:8D:65:9B:0B:25:6F:BC:A6:F5:FC:BC:3B:6D:3E:D5:A1:E3
+            X509v3 Authority Key Identifier: 
+                keyid:CB:8C:C7:B6:85:79:A8:23:A6:CB:15:AB:17:50:2F:E6:65:43:5D:E8
+
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            X509v3 Key Usage: 
+                Digital Signature, Key Encipherment
+            X509v3 CRL Distribution Points: 
+
+                Full Name:
+                  URI:http://crl.aisec.fraunhofer.de/ids.crl
+
+            Authority Information Access: 
+                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
+
+            X509v3 Extended Key Usage: 
+                TLS Web Client Authentication, TLS Web Server Authentication
+            X509v3 Subject Alternative Name: 
+                DNS:consumer-core
+    Signature Algorithm: sha256WithRSAEncryption
+         7d:aa:05:25:57:b8:fd:bb:54:88:06:1a:2a:ac:76:32:cd:6e:
+         9f:93:21:3a:29:4b:07:02:28:b5:55:85:22:6c:7b:d7:b4:93:
+         41:a1:ae:9c:e2:b9:61:66:af:da:51:08:4a:3b:df:73:30:2a:
+         bd:68:1d:66:8c:ca:10:64:82:6e:69:1e:93:cd:ba:f4:2f:cb:
+         ee:87:e6:d2:ea:b3:ad:a2:08:38:ac:a7:c3:a4:ae:e3:ba:a8:
+         42:1e:e0:d6:8a:24:7c:23:c4:49:dc:4d:81:fa:8f:dc:86:26:
+         7a:23:5d:d6:04:1c:2d:c3:fc:52:34:f6:21:8d:31:9c:2b:6e:
+         f7:a1:dc:03:3f:17:f6:6c:1c:ca:0e:7c:d0:21:0c:91:8c:56:
+         0a:f4:2e:c2:68:90:f3:fe:f9:be:13:bd:49:07:95:e8:88:cc:
+         f2:36:2d:fb:27:2b:47:17:3b:ae:b8:2c:3d:d6:86:0e:da:df:
+         3f:37:7a:ef:13:bf:06:9a:98:53:98:19:5a:1c:06:88:a2:45:
+         8e:77:8a:ee:29:a8:fe:da:83:87:7a:0c:77:5e:c9:7b:42:19:
+         cb:8e:36:c7:4a:56:f3:28:4a:3a:a2:cf:ba:79:3b:a4:3b:a6:
+         ac:3b:c3:ee:8d:44:bb:08:24:c1:9a:20:65:46:96:47:37:55:
+         9d:01:25:71
+-----BEGIN CERTIFICATE-----
+MIIEQjCCAyqgAwIBAgIBNTANBgkqhkiG9w0BAQsFADBAMQswCQYDVQQGEwJERTET
+MBEGA1UECgwKRnJhdW5ob2ZlcjEcMBoGA1UEAwwTSURTIFRlc3QgU3ViQ0EgMjAx
+ODAeFw0xOTEyMTAxNDU5MTFaFw0yMTEyMDkxNDU5MTFaMGExCzAJBgNVBAYTAkRF
+MRMwEQYDVQQKDApGcmF1bmhvZmVyMQ4wDAYDVQQLDAVBSVNFQzEtMCsGA1UEAwwk
+MTgxZWU0M2EtZTBmNS00ZTFiLTg0YWMtNmVlYjk5M2UxODdmMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzx8Hw+CVpyxvTdz80N6v2w8Y9ILNn3Evye7
+iMx3A4k8u7M8PimYQqY49bZwRMqwC+3tlnRiBf0PIPEq0mWzkTOaLa+PDwMgu1Ht
+tXefnsfbCURr4mqWsb/y/P+Vzly9LWBW4PePywyw+wFfltE11SToq9jqxHqsOvRi
+TuPepCpI4s7ke1hoU7f+INsHvj5S4RbeuSUIBChxQBkpxm6jdnUUWoseYozAWfOw
+7tdrqRNFCXXnAtakGKiZk2h+Rp3A6m275IPafw1h4QOPWEiAK2R+gSqg0D3FyWxz
+YndTIegZEMvv62zGVE1uMDcOgNlPhdpyzhUuAHZLpc9ylgf/CwIDAQABo4IBJDCC
+ASAwHQYDVR0OBBYEFBR/qo1lmwslb7ym9fy8O20+1aHjMB8GA1UdIwQYMBaAFMuM
+x7aFeagjpssVqxdQL+ZlQ13oMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMDcGA1Ud
+HwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuYWlzZWMuZnJhdW5ob2Zlci5kZS9pZHMu
+Y3JsMFQGCCsGAQUFBwEBBEgwRjBEBggrBgEFBQcwAoY4aHR0cDovL2Rvd25sb2Fk
+cy5haXNlYy5mcmF1bmhvZmVyLmRlL3Jvb3RjYWNlcnQyMDE2LmNlcnQwHQYDVR0l
+BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBgGA1UdEQQRMA+CDWNvbnN1bWVyLWNv
+cmUwDQYJKoZIhvcNAQELBQADggEBAH2qBSVXuP27VIgGGiqsdjLNbp+TITopSwcC
+KLVVhSJse9e0k0GhrpziuWFmr9pRCEo733MwKr1oHWaMyhBkgm5pHpPNuvQvy+6H
+5tLqs62iCDisp8OkruO6qEIe4NaKJHwjxEncTYH6j9yGJnojXdYEHC3D/FI09iGN
+MZwrbveh3AM/F/ZsHMoOfNAhDJGMVgr0LsJokPP++b4TvUkHleiIzPI2LfsnK0cX
+O664LD3Whg7a3z83eu8TvwaamFOYGVocBoiiRY53iu4pqP7ag4d6DHdeyXtCGcuO
+NsdKVvMoSjqiz7p5O6Q7pqw7w+6NRLsIJMGaIGVGlkc3VZ0BJXE=
+-----END CERTIFICATE-----
diff --git a/idscp2/src/test/resources/ssl/consumer-core.p12 b/idscp2/src/test/resources/ssl/consumer-core.p12
new file mode 100644
index 0000000000000000000000000000000000000000..6607767d644aea4ea7a11e98ac540c623b80283e
GIT binary patch
literal 2693
zcmY+^c{me}9|v%oZEjNTkejgC%rV#ZtNNm(CKKhpG734SAy+F$TXQXP--^vdu`x%k
zkXx=UBv;PlOvtbA^Zb6l@9+1==lML(`~5ucKVNVH_dOth9ZujjgK(+Fo{!z-18@NH
z3EU_Ufm`c$42Kgy3;$G*d;;j*?`Q-FVEg_0{%HVkNeK797kB{>I6sK9JVi88`A7=|
z1ah)P6F~VZywpW&3z4n6S^2p{Kk$V%E=f<@tZGQd-P=J8Hk|AIlG1>yU0>xCvxy@*
z72iX0<MIOefUNp&&$JM;961h+{cg|@_u!jcYnmQriu!MBv7?C;peo0T2%TybEVl_d
zEJ=tNTPbGq=}&eh?I591@6lwCN|7l-RHEglMCu{Dw4|yoVe6osk#U1_NT5wVlp_%<
zbLUafGQ)k@tA6F|uR#xIE`b(okJy1PxZ=sU7Hxd=G|UA*!IE_wIc@PeJ%7gg0O5I`
zo)v0;OZkM1Q4-jo%*85{*-+nSn6~+T`-8H(cf;k#?*2{oeW}g~Bj=_^D?bnM%as>B
z^iNOOYZnWAA17!za&dVjSl|0p{BTpRI7}087_@ATLFmf_szlX=%EBu2{)pmvw&aJx
zG6#b{-am5m!=QAl{S4&x>Mb)z5*-oub}-w+acmngdOgJ$qpu{_qK;afIiH=4fT0dv
zNAG?Q*OEFm!#bpEeQa>jv&y9hxDw;TSjy=FZ{}(a5pzSxiIT=yj%fvu#`m%BZ09m_
zABR8-G<rK_W(&wIPgdJ&N}a}|-3x=#b7>2y_w6^$79uhophGzE4&(>1$(|D;UF)i$
z{*NqRf9&PtUYvuAHQHGCyKM@yxV~SE){sbW40>n@)%*)61=3!ny(OLjxUa>2!IoK0
znXUnu=C1Qy;hskX3utTp)SU~Hrj+#54C_ddr(fD0x3AlknVEjGmqTmVekc@oLI`68
zK1+t0bc<oZirFdCVKOe%O5a=T;g1%tC?o&O$pq9opS62x=3q?fqt!7oFP^Okrvpb6
z&|cdiDn-q|4EXAr?~cb#Cj8>N@aEZyisINyA$LE`vT(z>Z0fq3?+E`@;tcaa@5Rr3
zDaeeIVB_@uC`Nkfa0*$0Zj<D|Vl-YGlK<;7N&#m?kIU6MCsczoIC^SQM--f&blng3
zj!$beE#qIW<yewVJSL_$O8J;9HPC;+nTu0<-ahZW*On)2qM+pHLl0m(N{Si4ZG0t%
z#x9D7eF_7+$tqHlkw`)9=QsTgCC~=OOd|`Id1sw;^sT^s*Td(Uqi2q^B=1$(T&l~e
zR3J%~zIc>5upWWjWzgmqC8h@gfy&tULFrOE9jMxCrxyD07OQ(2>W^QkYMmZrbM((0
zctCIT{255Lfk%t;1j+&v>#Kt{&uPcSpZCIJIVUufon9=&wyH~_R9W&N$kGg+z@{PL
zY(*<if?&i|T$kl|<V$}3-J_PYliF&HTTm-=yvYF`pfajpa)MX%Ozm<<a1)1aqTBs}
zdc-L^|2E#8Dq8PyfY{Hewvn&&^ky2JWl|-7V#3^gF4q0bYmbMteLk0rHm5&YhrRN0
zcUdrziI;5k`^h@R(I;6&MoI<LEv!!xqM|3AZ!a0C{L^Z_olk8@#O%6tYO%kYVOhf6
zJuFq0)`K@BUmgV*L7+oon4pX)d`}1Q+{?aryRHI3-N72&u*nK3Uys8ogvu}7V=mO<
z<ynS`?P06D&||)Q{XS8P72Yf60Z$5Dau8+GdafKNHfIW({g_+6s1b=UI01a-e?ZG8
zfHgq`Fzk1%`umh1JpbX18vy+6;M#8hm;O&Z_P^CD&4=j4Jk31yw|XD~s7p^Uqvrf)
z;_>5K;}aUBm)tJPzh0H|s}Dy~vKQ_UI>E+cr0q;n63IIU+Yk#YA`&h8BlimIKJQO*
z!>${8(V*eS_X{sYHoMBdpCcd3E=#aCNmC*5fQBOZ%(*3Xfll1AzPb<Z;{bhVOb52Q
zg?IeJ!A#y33tg5|zP2dE@^N<KU6xZ@uM&raJk=&H(}HK(-Z^ofiXk=1G4V`k)b#%M
ziS=`@k2AxG8lOxUm^WrOa6hdl0Z(-Dhd5;PHGX|jx8BE92*}IW!<bJgYDMlYf*2&G
zjJ#`L8)*G$T84dQR+Q-*TDJ1cH;}hHNXr;BFFW^QX(Q`8gmL(4mKdipM+-xpv@D2w
zuG`PE!Atpq(~t3OnKrd5RiB#wG`M$4il9SjaJl`qW+@F+F1FUpMLXk>R~TGUrc)nT
zGo*-VxZR358&I5M)MfLluG;rccK;s@j#tzcy*M-`Sa%a5lIh!Fs9wlw)bo<ZqBj}o
z__1|D3OOq-e$fH;08g$?+iLzW-z1Kmfhisj{?2imWs0I!tTC1XUs1KEic{>p)-<Ec
zuM6ySLuvTFn-vcrYE50o-UQy%KIa>bx++A>y3?OEjjAaxCa)^L!NG(rEE1#5k&`I5
z6jxwSFKq4RaIU#3b1T1)r~KLj=Wg7+<(_fk?xjKb9y*tnDN$rT0-YT{d+*5Pby|}J
zrD^GNQ<VU4lmWcenN!$&YSrx8i*eenJsLgCbO^|F?<Gg#<o3XmdWLFLz3@ewUEbxn
z!bTa(m4$}*nFSf%=3waJU)K^Q(5XS&nfMZ9ElTA&gle*E&N>bwHq_T$;Beg66qdG8
zO;2vL4nn~8uo;P`G2h1$nbFagdwVHS@XIKp8kbHi?kGryS*cQ0Ng6Y>;Lri{{K%n6
z!2k3N3*RC44)xH9!K&C-ZLMJM>Arm@q*@f9*Dt7R$B1gavI(*799D7w9`PA@B8)Q?
zWfkS~_9YLpKjw{9e`Rimmr#@zNP_Y!!}`4kvuGV+-lc$c^-qN4{i)d>Fg}m+LD<97
zg$ELBiTJa(Vp*$6OEGE)e69OoBHnUlbIgoYX)7dTv-Y-h?qule3m<bEnv(70HtU`_
z$w~?89YTAGWm~?vn~0~Ibk->J(NX}H>gXT?0gKHAc5m4GP9-ld#v3ha=8)GL&M@z(
ztjZ7TM${6Iw0NtV0S=eDj|RGCg`L>dgF~<4NvDjjK}SQv$kJ2h3Dyz*i9T!<E9I-z
zPuP(M3C&52vuC&blH0+@!d3<CC^ZOCkm^J>{lb-R!&|MzClh?;^W+@-tW{05F?w<5
z(z}Ip4kPmN2kYC|Z^v}BRDL0=UhcO^dNFA^chxakzg}Gh@wjfTfWL5H_6)4MskT6|
zLM`|XL*e`eByU^Vuv%KU{vz7{J;8S<ujOZMjf>p76@$k;+mo}~m6Um+61^<X7b?`N
zC9o0jjWtlJQ{<U_Wg{?tVT4Z65a<TFrQWI-#{NhT^6?dYsZ~XXkBX->@$*YdK72rK
z<3^vjq&E$`h^9B*&bu#RLLd2}EC>g~>`X%F+s?MRGpX;DG~T^dInUj$FsV07dbPG=
zCVK7(#`e^P#jKik9~GUCP=w3>S4S>kga}CJeMEJi#7poF&yM-m$u)bS(k-btI07yU
x=YoLM_}PIHU^bADxShH5uH&M#q<dn(n2|6+$>zmn5a<0*Q!>&8%Qya3@?X+^2G#%o

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/ssl/provider-core-keystore.jks b/idscp2/src/test/resources/ssl/provider-core-keystore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..21856439f263efd6f9e9499dd037f467166fe84b
GIT binary patch
literal 2443
zcma)7X*Anu7td;mt$FP<30k`({}8pb+FBAzOO2(LDv}6-3PBYus+L$v4=S}(sI8i6
z(U&PhEyFaOVAPaaDs2%pmg%C^nGWs5Y-c{aAKnl5ocp`?dG3AgJ-_GP&l{gNKp+rA
zEZ{!`Ob~0)Z`@gVAP^i1WWc@v@)8JR2`~(71VMtqa1bm5wkF6WIBM$rRNd1Ykzk5-
ziQb-#IsRnxpx~{+QuqatUGIQKO4*IO=>B!uR&<Mc-!+0!pc$I^`3d8=hDtbeb}39A
zzaYw6araZad5M2?@G)`~0X#d?*`eruN;pdzGr`PiHRKKko-G*C9eQ1Rr5~-WkCp$j
z-nGX_x1&uao8I32A>Em0kn+vFP6bl+=APaFO~|W#MNYw7MtEKZfxRckrNs4i=g3+l
znjfoiy33=byVU)WBI0PY_huUPH+?qJFL?WiciY>+4rRpFIcH|XB1$iVlPW8j9d#!1
zG_AYPId@Hx+u(Bl;cP)NarT_?w|Mg#Nf)**ZuufNk?q%)x_>-lj0Md^zWP;4U#)*K
z!B-TjIbwl4#NmDQ)NxK(r_@^GYt<RWxo^Gky<Re`4e7&`H>)Z#C)zI7@ud<g9@q8B
zcS=<@?DycAqWak6k-fc;T9iwk^1EXEjziN6Paow5X6`YqabsW9l~)=M`0AYL`p4Ik
z1+}14o4w`y^)w=<Q<$6+QB-h!N1~%NU{G&>9h*V1=hya`eJMs)KX8u}_P^Vi9smkA
zzB=00sVZ|MutL<XW%<%T%CpStN^)VP*|FlD%!Xml!w=AIBH`TT?C^$al!JW|?n_52
zy8*pwub+f(fOX9@I1>58{R~{`e)Vz}a=Xu7>d7%LPG9Y8Lrkgy$9gn*o^nvw+$`lU
zYL3awb2W+Gdbe8Ke<!Yj*VUp(UL=N=zp}{p0j88FU_I@dxj#QA`RYwfl>7Ru8*7cs
zo6ice&%>=+uOLeQv*X#*Hdz#QRgfj6Jn}ukEzky8y_b7z@_@88yTw%d;xWQzFjwe0
zl{GYKraN(cMNjT+^`YCV$L=QHe}m@8%=kRP)fW3@PzLEU!OLkD7&dAgv3)vj#zUhY
z?vitwJMraJrQJM4aOhzjelpBp=Ii{y>#4pXZ$Z^1*Bz2s1<CAJNeK-6>J&Bi&{vt?
z6=^G>4;BZjWj^N{!h|X{b_D$p>uE;F^f_*ez;Hq7NS5lIxu9R}4l(Y9zQbHI9}jGN
zV#z&q=Gx_*`a$Qhif6YXr_H(<lawN*0(3scxY{jizNpdXQ@7dSBbIx9ybU3~X{(~H
z4p~tL<9@0B?Zi7WJ6);H)d_{^+X?4Pqv=yOgeiL?w#He-7w&>4AB{=0n(VXDb}@%@
z`OZPj{8OV?oph5SXaQxdKO)inTJ91$TXYs(@F~pL>!YUdHs)3<hM0;?`C$kdqiBzI
ze(%UrJI@*;Z+F=)K2#lc2>ckz2ypf3H7G8;JlClR<C@Nwj+-b{&6}2$_xaMIwuOrx
zLxJtVxAwOrM0Tc?A%3~R)#T`0PonTao5#8J4o{n#E3@_<kXJ)><**9Ny#@Dj)5~=4
zw?%DUC5IByD_?|sqyM=O#TnvE{|b(?k;~THvth_I$o_Fa>kj8|oy4ilPo&9!TW6nv
z1w!o7K!0JQ;i?=s@Pf^WOCPQvbgW4dcN_b2Vy*bY%}J-)ZQ~a7UoN+Xc4WQiwmmrl
zDoG3Xua8`jESKIeb+had^skc-eUdI8hu)c0lWfyI_z8BN!-+pB6jr@N<j;%N2x+X5
zbd3OrRl%V$b>(IPtCe#wH3)8$^ayvMeZ0p}_IZiy6rRN6JSZHc4Q5JnV}7Q(Q2&^U
za9^A`U<Crf$l{4;2V_8vYM>A>1Og@kauU);*-qIX<-lMWI0!gOkO8D6px!VEMTi55
zpa>v$0YVl*W>FHN!<nIU7GW=-v1^3NDmpuOYI)J);<Y>zsP?v6rU1bbK&#3TtO%wA
zfIu`iHzoS3%9#=frhwI75TN`Y8RP-k-3&6aa9d|jl05+n82_1Zzh!6$#ga;-V@=Hg
z3YJJEnqesxL?SlCibAA?(CKD0-~f;T*7<i`;-L@C04spRb_65?3<kYv?io`m6KxmX
zPH2mE9=lhi{OSAG5l~^85p0>6ay;l#;(L%Q`wNh))I!BRnvd0BxLVy(t9QxKeb7~M
z**DDAS!<i4q@r5@ZIG@wa&lkodlw_dV~T-;x|=LdG8{8whg2qozK7;}H3AnqGCiKZ
z{?PFgvx*dX&UMj``pvrm>u33h=gZ+NsXQ}1k7e2PW~z`Jp#31l&4%{up1*n0#^|FO
z^3?G1eeH8pC;dkLf{vy1jYVL%JMpSYIltr@&%jUOPFSe494d{scCAY|JKeN?@~+Kj
zq<gZNoA1$&&w3S3_}h|kxUqrzc}E9pQnG^eFzrL$Kd^kgbV5}jP%sEwmjT`{?uZtE
z61Ns54^x3DwX$n2qJ9``Z(vg`^4+ZsWYql_0A|;{52gmFq$>#u9(HCW-Q3qGQ0A$+
z<Cp37r&s=<3rZ0N0YHGv?pXyG3<`nQ02aFd0|NjYU{YgLW00*E9v>fLjmOhiQ8)@C
zj!wgc{zEEU2p!J|iNlF~fR}`ncwxigl3*~*2_ORwe`5fWZTVM>5N2X@6q6#p@xLOm
zn9O(@g+^z^iz#^kx2ybFrY=kcQ2IL@6!MP-2Gn+6i-aKog$%hE7V|74gwDd!m@N9g
znI!%pVkUt>^>2G@dsx=IQg*@Hmg7xrJhjTEQk#^gfeTf~V!v~_dU^V6(?;x1sI~KP
zeU;cMo7q6y2nc?W=4ykCpE~y{GE8|wka($y<fNvab;E;Y?{5ex$$z<p8@MAQ@9tH0
z$uaohZF@VzW`Ay9YIo56_?#?tdqDqv=K>1|l5wANGzf^xys+QI?rhKqeQI<f@9+mE
z<SAM;>gze;iIX}!_r+Y10HXm*UUZsW7YXY=u(?wu>|1!lMUi<zP?ve2rgBgWqbD^N
zCVbue-~8-}B3TRC+KR(U$5QW7y}zXHj@4`R?M@r`X5aCf*-c(6og|x;7lt&h!I`bi
dZK!OFOq7?(Yr=x^_u2vHb<94dAt8RNzXRog0pI`t

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/ssl/provider-core-truststore.jks b/idscp2/src/test/resources/ssl/provider-core-truststore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..8ae89ded4a02c09e9dcd78c4c87ba75afb5d559f
GIT binary patch
literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jq5a8Fvz#5@vYGBF0z?^N+#GG!>#N@w#nTe5!iIZUy
z<9ofMX*b#pc-c6$+C196^D;8BvN9Mr8FCwNvN4CUun9A{xEcx@2!c3VJX~%?iKTfN
z`Dv*|hH?fnAVFpxQBRj(g`oWW5`~b|;t~aCM+GATLkj~rab80ULjz+&Lo-7o1EVN$
zUSlBF$PCJ*iXBaiO2|%UWMyD(V&rEqXkz4IYGPz$*d*Jk-1}`puVZ4unkx$a4bztR
zNDFNL;Qz*i^HwPL6rqJ%W_cQ)%jFLbZ|Lw|Aei*@uz-!~p9wy@eVL9}$Z6XBS|8*;
zxwv22g!iv_SNWVrH_wF$3NAUmOF#QZz<YVU$37F+xji_mx%tnE2Mpy07QHUt+qvwL
z&)$NV-8021Sp<q!XXuDH$=sPd;mNzm%CK?+uN!Mx`ZrJRduOF=zTc<Ey5*9)j_ZD=
z`7*M$EsJjJ@y%cVZky7gBaW%|>%CTdlb3sNw@UWv=|wh^vvPl_e7G+xP<En*hw)wf
zsyiPhm2SEi{$x$>J}u*t%Z+M%(#+p3eJNS8&rrp|#YAF9`Esv`yJDG`85tNCCm6&T
z$O7X^mXAe@MP&N(H{qTv-92gPkHdGC@s}<5kUYUa9we>IB4HrbfL#GUNP#dT<9`-b
z17;v)zzq`MXJG-RBsb(Z045(`956C;Fe^{XI`-?tC5^&u?CI-&Rh!Fw?aE?NTHVH*
zQWt$&?X2UR<T+0m>qBo_?%%KO+bVV7o^tyCXU{gA{}|Y5p}u(W?&HP@zAn!H%q<<t
zJ05&4H+Kj+6_wpAU@5U><-&U{yUv~cyT>)){Fxnzr`Jio%U<86v@|M4Rp(Tv$0BXD
z=}n$37g8pA>;2xAbyIgiP{!oG-{-@{)25c$2R8?+y7&c{MNM9kA7RJ(Z1w_kKHk`;
z2MSCkS~1Tvm>1TYeeQfhn~~<Rp9>n3MZG><X()LWv^IOU)`G8>swdpjJ~nf5f<)-q
z?s*~Vw_L8+O;{;nt?Z(}`1kMG1=CWVJ!OfTcKY<(o#33vT3nh0%ZL#Lh>Z9Nm=WIr
zGvYN!Mr33}4nc03WIz*O1_Wk410zdt1~iE>a3CU+%NR%j;~ALAg+ZAdoWFxhlVDk#
zQ1)A`(i7%?ORcNq;=x<b{vFekJu~B^^YH~$k>?|y*Z3WX)5^ZP<=KXH3I`Oftuj}Q
zSDKNuYtNOkKPQU*EKl(;+iq$ck?AJ6J+Q#UW<yg%sj+5Q{>kTG<&^%2+&*71XQk5I
z717^=!kT;oJLjpr7wI>M{t?k0-Tbg&(<A<zs<MSUCh0v34mf;J!7+`O_vfJ>mrcsv
z--vS+wd_zh`P-x;@krW&!vYZp*0yEK_j{k>a?f{ZIUG4@Rhp=xNTn*{a$B)^k&K5k
zU#qxRwY+WYJ@V7ryR@5=D@3ro@wU*ufW6smQ-7u9Z?Sjv<6bYt9~dsB{eI7zm}`s7
zKTe&0%B$F5+uPTW?AQ3gpz$qI20Yz!d|PYf3gu;|MOTXl=s!z!j(tH{25d7h2jxb2
z76Su41Dyq03pCo)GD=Dctn~Ghi*oc5GmBG`_0r%)w_ZxBer8Is9#GC8gpEU+4Or&0
zGcvMx7`Pd@!1xACZ5B{7Qu535a`F>_I<T2k1T6WJ6O&VmN`S?_nI4FNmYTukf#6iB
zw{N!S+5WBmyWnq428UC2{MweYQo-9NC~^L~s+Mt$D{l+y$JXwv*=j+TOBu4+eqC@D
zsg(?V$;mZc<k&wEp%XP1jtBIn-%h@_%JW=yE_>Iyd6q{fzF*(U_B*iP(vfdl*wr@P
zdc0<<#k|Dx`~BQ!%LZoo<nLUtW7&!gx1J<C)@+SgtDCBsQ2kVFfqc!eq__V(SQ_o;
zTR)zCqq{;ns{5l`oaN{JkNPr_&c692KBFPJE4DLH@6+y#>N#)fo*vBK$jsCD&o$qO
z(U9woYV!oaX^VF~>AD%A@TFDpWi`Vk!TWoj_3V!OVJMN{FgI=f`mCAVPF?dqXCL{p
hZz-e7jxTC#=eqI=O`fm2IPt*Zf?a*x#Zzxh1OSMh<4XVl

literal 0
HcmV?d00001

diff --git a/idscp2/src/test/resources/ssl/provider-core.cert b/idscp2/src/test/resources/ssl/provider-core.cert
new file mode 100644
index 000000000..8f4f2bd5b
--- /dev/null
+++ b/idscp2/src/test/resources/ssl/provider-core.cert
@@ -0,0 +1,96 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 52 (0x34)
+    Signature Algorithm: sha256WithRSAEncryption
+        Issuer: C=DE, O=Fraunhofer, CN=IDS Test SubCA 2018
+        Validity
+            Not Before: Dec 10 14:55:24 2019 GMT
+            Not After : Dec  9 14:55:24 2021 GMT
+        Subject: C=DE, O=Fraunhofer, OU=AISEC, CN=8fda8b4e-250a-4b43-a744-d9a4cdee3c06
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:f0:a9:bc:ce:14:96:e5:fc:8e:ac:75:b1:6e:49:
+                    ce:b3:9c:15:fa:ca:ef:6a:03:de:7f:2a:04:e6:6f:
+                    7b:4c:5f:83:77:f4:00:4d:88:ff:30:7a:14:ad:62:
+                    2d:c9:dd:71:1a:69:4d:39:aa:18:a4:4a:87:25:be:
+                    b9:93:8d:58:67:41:49:20:fc:97:14:16:25:8c:03:
+                    a5:09:9a:3f:56:23:a1:f4:4a:2a:69:d1:61:28:44:
+                    19:4e:0c:ab:07:68:1f:d9:42:11:15:45:66:f4:03:
+                    8b:54:a6:30:81:b5:84:52:df:ef:f5:b5:e9:6f:9c:
+                    45:6b:78:4d:e3:59:62:bb:f2:c1:3a:dc:8b:0a:df:
+                    e6:68:72:08:8a:33:26:52:e6:0c:80:a9:62:de:46:
+                    5c:21:be:7b:4e:3d:63:dc:b3:5a:35:79:ed:cd:c9:
+                    a0:46:d6:c5:e6:b8:21:78:62:48:27:a6:c8:e2:22:
+                    38:09:a2:e3:30:c5:ba:77:95:16:99:c8:93:98:ab:
+                    28:59:06:ae:67:66:09:0d:1d:7f:ab:eb:98:b9:de:
+                    da:d8:a7:ec:56:af:3d:cd:6b:50:7a:33:4e:58:40:
+                    f7:dc:bd:0f:4f:5a:41:46:2e:2e:ce:c1:b8:8a:40:
+                    c2:a0:7b:85:60:26:1f:b2:c4:55:cf:72:58:54:22:
+                    66:17
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                B0:88:A0:81:1D:CF:C2:B2:A5:88:62:37:8B:50:3A:28:0B:19:59:69
+            X509v3 Authority Key Identifier: 
+                keyid:CB:8C:C7:B6:85:79:A8:23:A6:CB:15:AB:17:50:2F:E6:65:43:5D:E8
+
+            X509v3 Basic Constraints: 
+                CA:FALSE
+            X509v3 Key Usage: 
+                Digital Signature, Key Encipherment
+            X509v3 CRL Distribution Points: 
+
+                Full Name:
+                  URI:http://crl.aisec.fraunhofer.de/ids.crl
+
+            Authority Information Access: 
+                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
+
+            X509v3 Extended Key Usage: 
+                TLS Web Client Authentication, TLS Web Server Authentication
+            X509v3 Subject Alternative Name: 
+                DNS:provider-core
+    Signature Algorithm: sha256WithRSAEncryption
+         a4:f1:bc:41:bc:72:3a:ab:94:88:8c:f1:ad:4c:a7:b1:ab:18:
+         9b:a7:94:3d:7b:d7:5e:e2:9c:4b:71:c6:4a:95:8d:d8:76:a7:
+         ed:71:e9:1d:eb:7c:73:bf:9b:2d:9c:3d:da:5e:41:6a:02:2f:
+         e3:63:4d:3d:11:74:d6:78:e7:6b:67:15:d2:cb:77:83:a7:45:
+         48:18:19:85:a2:52:72:43:5a:29:02:93:8b:e1:f6:2e:c1:ae:
+         0b:0e:50:54:96:83:47:60:c7:ac:43:42:29:a9:5a:9f:bf:7e:
+         ba:5f:b8:74:87:85:19:43:30:27:f4:b6:e2:72:30:5f:0b:50:
+         db:47:28:5c:73:84:7d:24:2c:42:76:5f:cc:65:d6:cd:d2:8a:
+         3e:f5:6f:02:d7:1e:17:6c:b7:db:34:4f:56:22:ab:50:e3:89:
+         e5:cb:1f:1a:04:7a:e3:48:da:ec:e5:de:a3:f5:88:9f:d6:93:
+         88:aa:2f:29:e3:e5:35:75:5f:b9:35:5e:1b:15:5f:70:69:bc:
+         7e:89:04:de:ef:a9:b4:8b:86:d2:8f:0c:37:63:eb:e8:44:e8:
+         b5:e4:bd:e4:a4:5a:07:25:fd:39:ef:19:fc:b6:3d:05:f3:bf:
+         4c:a8:86:a7:54:e8:b6:45:3d:e8:e0:29:63:9f:28:6d:f6:f3:
+         fc:03:0c:70
+-----BEGIN CERTIFICATE-----
+MIIEQjCCAyqgAwIBAgIBNDANBgkqhkiG9w0BAQsFADBAMQswCQYDVQQGEwJERTET
+MBEGA1UECgwKRnJhdW5ob2ZlcjEcMBoGA1UEAwwTSURTIFRlc3QgU3ViQ0EgMjAx
+ODAeFw0xOTEyMTAxNDU1MjRaFw0yMTEyMDkxNDU1MjRaMGExCzAJBgNVBAYTAkRF
+MRMwEQYDVQQKDApGcmF1bmhvZmVyMQ4wDAYDVQQLDAVBSVNFQzEtMCsGA1UEAwwk
+OGZkYThiNGUtMjUwYS00YjQzLWE3NDQtZDlhNGNkZWUzYzA2MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Km8zhSW5fyOrHWxbknOs5wV+srvagPefyoE
+5m97TF+Dd/QATYj/MHoUrWItyd1xGmlNOaoYpEqHJb65k41YZ0FJIPyXFBYljAOl
+CZo/ViOh9EoqadFhKEQZTgyrB2gf2UIRFUVm9AOLVKYwgbWEUt/v9bXpb5xFa3hN
+41liu/LBOtyLCt/maHIIijMmUuYMgKli3kZcIb57Tj1j3LNaNXntzcmgRtbF5rgh
+eGJIJ6bI4iI4CaLjMMW6d5UWmciTmKsoWQauZ2YJDR1/q+uYud7a2KfsVq89zWtQ
+ejNOWED33L0PT1pBRi4uzsG4ikDCoHuFYCYfssRVz3JYVCJmFwIDAQABo4IBJDCC
+ASAwHQYDVR0OBBYEFLCIoIEdz8KypYhiN4tQOigLGVlpMB8GA1UdIwQYMBaAFMuM
+x7aFeagjpssVqxdQL+ZlQ13oMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMDcGA1Ud
+HwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuYWlzZWMuZnJhdW5ob2Zlci5kZS9pZHMu
+Y3JsMFQGCCsGAQUFBwEBBEgwRjBEBggrBgEFBQcwAoY4aHR0cDovL2Rvd25sb2Fk
+cy5haXNlYy5mcmF1bmhvZmVyLmRlL3Jvb3RjYWNlcnQyMDE2LmNlcnQwHQYDVR0l
+BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBgGA1UdEQQRMA+CDXByb3ZpZGVyLWNv
+cmUwDQYJKoZIhvcNAQELBQADggEBAKTxvEG8cjqrlIiM8a1Mp7GrGJunlD17117i
+nEtxxkqVjdh2p+1x6R3rfHO/my2cPdpeQWoCL+NjTT0RdNZ452tnFdLLd4OnRUgY
+GYWiUnJDWikCk4vh9i7BrgsOUFSWg0dgx6xDQimpWp+/frpfuHSHhRlDMCf0tuJy
+MF8LUNtHKFxzhH0kLEJ2X8xl1s3Sij71bwLXHhdst9s0T1Yiq1DjieXLHxoEeuNI
+2uzl3qP1iJ/Wk4iqLynj5TV1X7k1XhsVX3BpvH6JBN7vqbSLhtKPDDdj6+hE6LXk
+veSkWgcl/TnvGfy2PQXzv0yohqdU6LZFPejgKWOfKG328/wDDHA=
+-----END CERTIFICATE-----
diff --git a/idscp2/src/test/resources/ssl/provider-core.p12 b/idscp2/src/test/resources/ssl/provider-core.p12
new file mode 100644
index 0000000000000000000000000000000000000000..830797f6993b334c9886c6aae7031b06a96bcb4d
GIT binary patch
literal 2693
zcmV;03VQW0f(n5G0Ru3C3P%PBDuzgg_YDCD0ic2kI0S+UG%$h+Fff7y=LQKXhDe6@
z4FLxRpn?S0FoFcs0s#Opf&|S52`Yw2hW8Bt2LUh~1_~;MNQU<f0So~KFb)I=Vvy#5
zT{2-d0s;sCfPw^|?tC<TC?UZ;9eDHOfZFxQ3Y%}jQ2TqNDPQHSB!;RPNAlP`<aX~1
zJcw@u5zD^m_8gqGq@OI@p>C=P4`0diku|3S-viqdC5RvVs(UOdNUl56m%D<=xme)b
z(Lj`prw;QCn^QG)H!EQa>LfG5&oVGnDs>tfBcWZd-R(=P+%N^V#o#daU^6#NN1ZHO
zd6fw@D&3T~1o5)A!QA0DcoJ^mPa>I11jI9?7#8xD0u?uotnIAw0y4xS?ZQdfu0+>&
z;V5@m@Rgv4GCaPVqDD)Uz;|k@{HEdy7b-Ij6IS#c5+#+3gxAB*#T7GE87ioc>Lqt)
zJoG-$y!;$|KQ)BNKz&XsI>$0XVMe0A26znjv@ym(9nbKeTnUS=283=deM)@-h`TO>
zsc(s?w8aXfjRaoOo{aY*Q&S+ZhK_QE)I&c@uHLTwiHmB=3So(?W|8)A#`l77{~Qjg
z`_Ta_lpnr}#0)dDN%Tr*WDb@c4#w!=12LJ906C|_nFyU|C1cDscx7ZI*uy)~qTtAF
zSGSN=Jlzv~qBQd|8qJPr+V17BLKCB7-<Ly10Ov1byDB}6GL2hKOsZ^iCW0AWp~`Nr
z6~ciL!K%aZcKsIH7D33E0dB(Mv?TH-p|eHZW>)HQJpN_NOQgAz*m;d(2fs_#rOaia
zS=GZKXH$Fs5YUi1tjIhJsv((G@qQRSNImd$K%&}BbiA3mY};mB?nJL8J`N5iq%1N9
zv)QPr8@UWg?^2#DE0^lB7te=4t%`s}a}z<59{um^f$gabq&O@GC1U03qP!Q;bh|$D
zydu^7oo>sL25~rGnWl=$)L(K2o>3B$)&}Mm%0@9$YIn7iZt_?MN2IFAB<T2^Ppi^Q
z?_#ZT`DKn6{`IOD9~yk)(tIRPCh`-x9@}|Uk=F=<2m?qifHKEo2ouKtA~L;%mMkY^
z6>&66jyZna_N`}IO0|j8=uIaGn)<Ouas{2#+JwC<2z@hsR^fDHUXF+ml$)rj8UC@6
zS<dFih=&aQjgOP(Esa&+!h{*YQ2x3a;1$pP$trc_$!GRRvQDll$o<|?+rYh^iFyNN
zuQhT#V>_Cr@UTJ5Tvs|X4NfH2=B+gxn^lavqNCSqvnynm4MoJS45G&@y!~wosRZ(L
z(-okxDS-KLrMabk)klbB98!w1Hwcj+YAhOOIWd{9F3UrD7=vR))WS@Q{gNin9<6E~
zY2uq(GWfY0_Zq<RyCVq=UTGsgx>y*{2c5L8*bGfk9S?+G76kK8LXoWC_O`d|fhmm9
z-i0MoDOJShVV(KE4Mf}cPFF9f4B;PCkLOPY6CsW&LrYYU#RUMZImHx}>&N+M;#}<%
zh#=Z3AA)4xP{hcoBk3M9aDF#`Iwt#rie-1JlCB|%$f5V-lNsw%+_pZ)Rz3e5X6uR3
zYR8YJs40ylQ<$28U3TJ3_e)bvXvF}urqm-!^@L1-uO|k)7LcmyDvdq(i6OkE?(e5G
z{A+njhF>&SMnJRC01AFo29F3z^lR0`cLgtZ0#X`C-E6JP?5sRF5RkG;%4Dyy?@pQf
zFoFd^1_>&LNQU<f0S5t~f(0@Jf(0%xf(0rtf(0f93o3?4hW8Bt3<?1Ppn?SMFoFc?
zFdPO7Duzgg_YDCI0Ru1&1PDnN3itLn_?Q9$2ml0v1jualuo5@V015%iOrUAAp9#S&
zT@GJOm771f%+z#i#->p$?v0_$$Vh(@(gh%^<r1^jHP3LJ!0jo{4gYpEW=z($c4Un$
znXs&lKLCMUM8ErrT;WzPn@mpMzJ@5re4VJm5`m^hq2!(=zyhuWEYbHDCF0iRMkVZs
zBrJZSNa@~sfFeO+piruaoDH(<!O^}8JBaR*q1f<S6X2}kA)qVkip$<OuOG52qa9Mk
zAjf88pEy7YYQuO`-O2m=NNG-Bc+5w~M#x1($4|1QKLYjB7$kaoN_A;oV7T_6z}+EC
zF7-P3D?WmZfc=f`TA{I%sNNr}KijoX<da-toW(r$n0<;ia=%d>dOXv5Exv4LOzZEQ
z$6nkDS$@L&5#ga-1@-n!IEgNgXi$MCq*T1FIR>+4UrE_iQ+vBTa|i`dh*UGUf}~b)
z+S$2a%k)07^pPXPghmATr+0d=4wFZU(@NfpL(tj53Ry7*^0xk2_bMyo^TuetHP)Li
z%o$a1ch@Rsv1|@de>@ZEyH*l-CBN)|n9OUFk*<Hs^^c1k1}IKeEI_O}l!6%-#$orP
zEJ&!l#uW)m+%O|dqPk3;QzAa~0%sAckHy@(Gpq-S_M`Vm{I>Qd%MLGQh3untshR5-
zG~Hfmr5t_L_?$_M^x`H$noAaze^A-Ivmz@%(X98RR50mbYrIW_rRA)J1Ad8F?g9=v
zsf)k3#@<zecpUZGmP3k~3}W@gL4ykFO<Qm>bytCBrDkI~pd&j|X*)yrXqeQ=`Aym1
z;)=pCX2b<Rxey1D<_JL??cSUGZL5Nv<A&mMz&{#o2J}K^(@4Yjf#2YvEx&z&>+?-@
ztZy|hKFyb1vrv$%FjPNAR$>It#DUEbQz0p!v<p0))Dpz#(%;-wV(nUG-ecX}hP`xf
zVXuC!gGqXsMPrU@_z;`acf&kya+mXz0^nU}>UB`=nh1p#oJ(O6+~Dy_UDL({job8=
zYbUQS$|ZU5kpU}NoBsd9q6ajj+>(Ib<&E-Xjc+xl=7ng@x?PPJY<^|<GwH>6V_%J?
zhJoyaO9FsPkzPK^KjJ`vGg=gs1w_N%qt^si`-pX5XtyvJWsanz%TfHOH)$nW(2{4h
zj{sJOISE!j8QiDembWVq4Y{<%g+(!e!DrCIE+AdU(H2uwTgv*zQ~aP2H_;}>h&d}_
ztRYHVLo?=g(Uxh46%4h%g0Tbs#Ac`vo*5VY$B;bMXYuS&9$boLcn+EUt#Xb&K*!ur
zRs&HrtJ20j5mXCv!eD(nIyLENrD1@|XF6jV9l&eCJV-j<z0vB{dBxx0GqAxbB8=30
zk;d1C<s{RijnsSYCxrmn6FF@2zX?pU@0N@b!BDQFKR&-BXarmyX&wReL5jK6=QRtG
zz4N`=xn)B5w;H%edj){p>VJkeKD-5)V{F{D@r=T!eZ*5`;G6J19mmKanB^r;Y=cVR
zFLH3isFZcvw3VhE(y?CE9-znszOAs5iq>U&VtA#XQD!rT01QUYfySIA?jmRM=_Bv`
z3O?zFPy#mXoJ?bXeCW%!1CW)Ip9o7(u;tvB7X_W%Ct-xR7m%d0x}BT<TvIXAG{2#H
zaOYyc!6yNDOvN!JFe3&DDuzgg_YDCF6)_eB6vbXL?22j=Lp9k6J?iOsIzzkldN46C
zAutIB1uG5%0vZJX1QbU}8;WOzT&}LIy(BW#<3QlwJ;($I-FzHzECO!O0s;sCi+B4r

literal 0
HcmV?d00001


From 0752bcf5366f55c3c588e4cbaed7ce7c3e4db6fd Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 9 Jan 2020 16:10:29 +0100
Subject: [PATCH 031/237] improve comments, Logging, error handling

---
 .../aisec/ids/idscp2/IDSCPv2Initiator.java    |   8 +-
 .../secure_channel/NativeTLSDriver.java       |  38 ++++++-
 .../client/InputListenerThread.java           |   3 +
 .../secure_channel/client/TLSClient.java      |  96 ++++++++---------
 .../CustomX509ExtendedKeyManager.java         |   6 +-
 .../keystores/TLSPreConfiguration.java        |   4 +
 .../secure_channel/server/TLSServer.java      | 100 +++++++++---------
 .../server/TLSServerThread.java               |   6 +-
 .../interfaces/SecureChannelDriver.java       |  15 +++
 .../drivers/interfaces/SecureServer.java      |   4 +-
 .../ids/idscp2/error/IDSCPv2Exception.java    |   2 +-
 .../idscp2/idscp_core/IDSCPv2Connection.java  |  17 +--
 .../configuration/IDSCPv2Callback.java        |  13 +++
 .../configuration/IDSCPv2Configuration.java   |  49 +++++++--
 .../configuration/IDSCPv2Settings.java        |   2 +-
 .../secure_channel/SecureChannel.java         |  19 ++--
 .../secure_channel/SecureChannelEndpoint.java |  15 ++-
 17 files changed, 255 insertions(+), 142 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
index d0a7c5f96..23994ca47 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
@@ -3,13 +3,15 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
 
 /**
- * An interface for the IDSCPv2Initiator class, that implements a callback function notify the user, a new connection
- * was created
+ * An interface for the IDSCPv2Initiator class, that implements callback functions that notifies the user about
+ * new connections, errors and closed connections
  *
  * Developer API
  *
  * Methods:
- * void onConnect(IDSCPv2Connection)       to notify the user, a new connection was created
+ * void onConnect(IDSCPv2Connection)                    to notify the user a new connection was created
+ * void errorHandler(String error)                      to notify the user about an error occurred
+ * void connectionClosedHandler(String connectionId)    to notify the user about connection was closed
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
index 471d7672c..9303d6cc0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
@@ -6,20 +6,48 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
+import java.io.IOException;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
 
+/**
+ * An implementation of SecureChannelDriver interface on TLSv1.3
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class NativeTLSDriver implements SecureChannelDriver {
+    private static final Logger LOG = LoggerFactory.getLogger(NativeTLSDriver.class);
 
     @Override
     public void connect(IDSCPv2Settings settings, IDSCPv2Callback callback) {
-        TLSClient tlsClient = new TLSClient(settings, callback);
-        tlsClient.connect(settings.getHost(), settings.getServerPort());
+        try {
+            TLSClient tlsClient = new TLSClient(settings, callback);
+            tlsClient.connect(settings.getHost(), settings.getServerPort());
+
+        } catch (IOException | NoSuchAlgorithmException | KeyManagementException e){
+
+            LOG.error("listen() failed. {}", e.getMessage());
+            LOG.debug(Arrays.toString(e.getStackTrace()));
+            callback.secureChannelConnectHandler(null);
+        }
     }
 
     @Override
     public SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback callback) {
-        TLSServer tlsServer = new TLSServer(settings, callback);
-        tlsServer.start();
-        return tlsServer;
+        try {
+            TLSServer tlsServer = new TLSServer(settings, callback);
+            tlsServer.start();
+            return tlsServer;
+
+        } catch (IOException | NoSuchAlgorithmException | KeyManagementException e){
+            LOG.error("listen() failed. {}", e.getMessage());
+            LOG.debug(Arrays.toString(e.getStackTrace()));
+        }
+
+        return null;
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index 83a808c7d..98b908932 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -1,6 +1,8 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
 import java.io.InputStream;
@@ -18,6 +20,7 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class InputListenerThread extends Thread implements InputListener {
+    private static final Logger LOG = LoggerFactory.getLogger(InputListenerThread.class);
 
     private InputStream in;
     private ArrayList<DataAvailableListener> listeners = new ArrayList<>();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 3bd6bd8a7..3d16fe160 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -59,55 +59,51 @@ public class TLSClient implements HandshakeCompletedListener, DataAvailableListe
     private IDSCPv2Callback callback;
     private String connectionId = null;
 
-    public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback){
+    public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback)
+            throws IOException, KeyManagementException, NoSuchAlgorithmException{
         this.callback = callback;
         /* init TLS Client */
-        try {
-            /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
-             * hostVerification and algorithm constraints */
-            TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
-                    clientSettings.getTrustStorePath(),
-                    clientSettings.getTrustStorePassword()
-            );
-
-            /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
-             * connection specific key selection via key alias*/
-            KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
-                    clientSettings.getKeyStorePath(),
-                    clientSettings.getKeyStorePassword(),
-                    clientSettings.getCertAlias(),
-                    clientSettings.getKeyStoreKeyType()
-            );
-
-            SSLContext sslContext = SSLContext.getInstance(TlsConstants.TLS_INSTANCE);
-            sslContext.init(myKeyManager, myTrustManager, null);
-
-            SSLSocketFactory socketFactory = sslContext.getSocketFactory();
-
-            //create server socket
-            clientSocket = socketFactory.createSocket();
-
-            SSLSocket sslSocket = (SSLSocket) clientSocket;
-            SSLParameters sslParameters = sslSocket.getSSLParameters();
-            sslParameters.setUseCipherSuitesOrder(false); //use server priority order
-            sslParameters.setNeedClientAuth(true);
-            sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
-            sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher
-            sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
-            sslSocket.setSSLParameters(sslParameters);
-            LOG.info("TLS Client was initialized successfully");
-
-        } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
-            LOG.error("Init TLS Client failed");
-            e.printStackTrace();
-        }
+
+        /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
+         * hostVerification and algorithm constraints */
+        TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
+                clientSettings.getTrustStorePath(),
+                clientSettings.getTrustStorePassword()
+        );
+
+        /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
+         * connection specific key selection via key alias*/
+        KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
+                clientSettings.getKeyStorePath(),
+                clientSettings.getKeyStorePassword(),
+                clientSettings.getCertAlias(),
+                clientSettings.getKeyStoreKeyType()
+        );
+
+        SSLContext sslContext = SSLContext.getInstance(TlsConstants.TLS_INSTANCE);
+        sslContext.init(myKeyManager, myTrustManager, null);
+
+        SSLSocketFactory socketFactory = sslContext.getSocketFactory();
+
+        //create server socket
+        clientSocket = socketFactory.createSocket();
+
+        SSLSocket sslSocket = (SSLSocket) clientSocket;
+        SSLParameters sslParameters = sslSocket.getSSLParameters();
+        sslParameters.setUseCipherSuitesOrder(false); //use server priority order
+        sslParameters.setNeedClientAuth(true);
+        sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
+        sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher
+        sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
+        sslSocket.setSSLParameters(sslParameters);
+        LOG.debug("TLS Client was initialized successfully");
     }
 
 
     public void connect(String hostname, int port){
         SSLSocket sslSocket = (SSLSocket) clientSocket;
         if (sslSocket == null || sslSocket.isClosed()){
-            System.out.println("Client socket is not available");
+            LOG.warn("Client socket is not available");
             callback.secureChannelConnectHandler(null);
             return;
         }
@@ -115,7 +111,7 @@ public void connect(String hostname, int port){
         try {
             sslSocket.connect(new InetSocketAddress(hostname,
                     port));
-            LOG.info("Client is connected to server {}:{}", hostname, port);
+            LOG.debug("Client is connected to server {}:{}", hostname, port);
 
             //set clientSocket timeout to allow safeStop()
             clientSocket.setSoTimeout(5000);
@@ -128,10 +124,10 @@ public void connect(String hostname, int port){
 
             //start tls handshake
             sslSocket.addHandshakeCompletedListener(this);
-            LOG.info("Start TLS Handshake");
+            LOG.debug("Start TLS Handshake");
             sslSocket.startHandshake();
         } catch (SSLHandshakeException | SSLProtocolException e){
-            LOG.error("TLS Handshake failed: {}", e.getMessage());
+            LOG.warn("TLS Handshake failed: {}", e.getMessage());
             disconnect();
             callback.secureChannelConnectHandler(null);
         } catch (IOException e) {
@@ -142,7 +138,7 @@ public void connect(String hostname, int port){
     }
 
     private void disconnect(){
-        LOG.info("Disconnecting from server");
+        LOG.debug("Disconnecting from tls server");
         //close listener
         if (inputListenerThread != null && inputListenerThread.isAlive()) {
             inputListenerThread.safeStop();
@@ -169,14 +165,14 @@ public void close() {
 
     public void send(byte[] data){
         if (!isConnected()){
-            LOG.error("Client cannot send data because socket is not connected");
+            LOG.warn("Client cannot send data because socket is not connected");
         } else {
             try {
                 out.write(data);
                 out.flush();
-                LOG.info("Send message: {}", new String(data));
+                LOG.debug("Send message: {}", new String(data));
             } catch (IOException e){
-                LOG.error("Client cannot send data");
+                LOG.warn("Client cannot send data");
                 e.printStackTrace();
             }
         }
@@ -193,7 +189,7 @@ public SSLSession getSslSession() {
     @Override
     public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
         //start receiving listener after TLS Handshake was successful
-        LOG.info("TLS Handshake was successful. Starting input listener thread");
+        LOG.debug("TLS Handshake was successful. Starting input listener thread");
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
         inputListenerThread.start();
@@ -206,7 +202,7 @@ public void onMessage(int len, byte[] rawData) {
         System.arraycopy(rawData, 0, data, 0, len);
         if ((new String(data, StandardCharsets.UTF_8)).equals(TlsConstants.END_OF_STREAM)){
             //End of stream, connection is not available anymore
-            LOG.info("Client is terminating after server disconnected");
+            LOG.debug("Client is terminating after server disconnected");
             disconnect();
             callback.connectionClosedHandler(this.connectionId);
         } else {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedKeyManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedKeyManager.java
index f838cf09e..c9c7e076b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedKeyManager.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedKeyManager.java
@@ -55,7 +55,7 @@ public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket s
             if ((cachedAliases.containsKey(this.certAlias) &&
                     cachedAliases.get(this.certAlias).match(keyType, issuers))
                     || Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
-                LOG.info("CertificateAlias is {}", this.certAlias);
+                LOG.debug("CertificateAlias is {}", this.certAlias);
                 return this.certAlias;
             } else {
                 LOG.warn("certAlias '{}' was not found in keystore", this.certAlias);
@@ -84,7 +84,7 @@ public String chooseServerAlias(String keyType, Principal[] issuers, Socket sock
         if (keyType.equals(this.keyType)){
             if ((cachedAliases.containsKey(certAlias) && cachedAliases.get(this.certAlias).match(keyType, issuers))
                     || Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
-                LOG.info("CertificateAlias is {}", this.certAlias);
+                LOG.debug("CertificateAlias is {}", this.certAlias);
                 return this.certAlias;
             } else {
                 LOG.warn("certAlias '{}' was not found in keystore", this.certAlias);
@@ -103,7 +103,7 @@ public String chooseServerAlias(String keyType, Principal[] issuers, Socket sock
     public X509Certificate[] getCertificateChain(String certAlias) {
         if (certAlias.equals(this.certAlias)){
             X509Certificate[] ret = delegate.getCertificateChain(certAlias);
-            LOG.info("Certificate Chain: {}", Arrays.toString(ret));
+            LOG.debug("Certificate Chain: {}", Arrays.toString(ret));
             return ret;
         } else {
             LOG.warn("Invalid certAlias '{}' in getCertificateChain() in class X509ExtendedKeyManager", certAlias);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/TLSPreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/TLSPreConfiguration.java
index 3ce92fca5..9fa814782 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/TLSPreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/TLSPreConfiguration.java
@@ -1,5 +1,8 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import javax.net.ssl.*;
 import java.io.IOException;
 import java.io.InputStream;
@@ -17,6 +20,7 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class TLSPreConfiguration {
+    //private static final Logger LOG = LoggerFactory.getLogger(TLSPreConfiguration.class);
 
     public static TrustManager[] getX509ExtTrustManager(
             String trustStorePath,
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index 9bf576e23..fb863aa0d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -11,6 +11,7 @@
 import javax.net.ssl.*;
 import java.io.IOException;
 import java.net.ServerSocket;
+import java.net.SocketException;
 import java.net.SocketTimeoutException;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
@@ -36,61 +37,60 @@ public class TLSServer extends Thread implements SecureServer {
     private static final Logger LOG = LoggerFactory.getLogger(TLSServer.class);
 
     private volatile boolean isRunning = false;
-    private ServerSocket serverSocket = null;
+    private ServerSocket serverSocket;
     private IDSCPv2Callback callback;
 
-    public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback callback){
+    public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback callback)
+            throws IOException, NoSuchAlgorithmException, KeyManagementException {
         this.callback = callback;
 
         /* init server for TCP/TLS communication */
-        try {
-            /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
-             * hostVerification and algorithm constraints */
-            TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
-                    serverSettings.getTrustStorePath(),
-                    serverSettings.getTrustStorePassword()
-            );
-
-            /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
-             * connection specific key selection via key alias*/
-            KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
-                    serverSettings.getKeyStorePath(),
-                    serverSettings.getKeyStorePassword(),
-                    serverSettings.getCertAlias(),
-                    serverSettings.getKeyStoreKeyType()
-            );
-
-            // create tls context based on keyManager and trustManager
-            SSLContext sslContext = SSLContext.getInstance(TlsConstants.TLS_INSTANCE);
-            sslContext.init(myKeyManager, myTrustManager, null);
-            SSLServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
-
-            //create server socket
-            serverSocket =  socketFactory.createServerSocket(serverSettings.getServerPort());
-            //set timeout for serverSocket.accept() to allow safeStop()
-            serverSocket.setSoTimeout(5000);
-
-            SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
-            SSLParameters sslParameters = sslServerSocket.getSSLParameters();
-            sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
-            sslParameters.setNeedClientAuth(true); //client must authenticate
-            sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.3
-            sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher suite
-            //FIXME uncomment hostname identification, this is deactivated because the client uses a certificate of an other identity in the examples at the moment
-            //sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
-            sslServerSocket.setSSLParameters(sslParameters);
-            LOG.info("Server was initialized successfully");
-
-        } catch (NoSuchAlgorithmException | KeyManagementException | IOException e){
-            LOG.error("Init SSL server socket failed");
-            e.printStackTrace();
-        }
 
+        /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
+         * hostVerification and algorithm constraints */
+        LOG.debug("Create trust manager for tls server");
+        TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
+                serverSettings.getTrustStorePath(),
+                serverSettings.getTrustStorePassword()
+        );
+
+        /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
+         * connection specific key selection via key alias*/
+        LOG.debug("Create key manager for tls server");
+        KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
+                serverSettings.getKeyStorePath(),
+                serverSettings.getKeyStorePassword(),
+                serverSettings.getCertAlias(),
+                serverSettings.getKeyStoreKeyType()
+        );
+
+        LOG.debug("Set tls security attributes and create tls server socket");
+
+        // create tls context based on keyManager and trustManager
+        SSLContext sslContext = SSLContext.getInstance(TlsConstants.TLS_INSTANCE);
+        sslContext.init(myKeyManager, myTrustManager, null);
+        SSLServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
+
+        //create server socket
+        serverSocket =  socketFactory.createServerSocket(serverSettings.getServerPort());
+        //set timeout for serverSocket.accept() to allow safeStop()
+        serverSocket.setSoTimeout(5000);
+
+        SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
+        SSLParameters sslParameters = sslServerSocket.getSSLParameters();
+        sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
+        sslParameters.setNeedClientAuth(true); //client must authenticate
+        sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.3
+        sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher suite
+        //FIXME uncomment hostname identification, this is deactivated because the client uses a certificate of an other identity in the examples at the moment
+        //sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
+        sslServerSocket.setSSLParameters(sslParameters);
+        LOG.debug("TLS server was initialized successfully");
     }
 
     @Override
     public void run(){
-        LOG.info("Starting server");
+        LOG.debug("Starting tls server");
 
         if (serverSocket == null || serverSocket.isClosed()){
             LOG.error("TLS Server socket is not available");
@@ -99,7 +99,7 @@ public void run(){
 
         SSLSocket sslSocket;
         isRunning = true;
-        LOG.info("Server is running");
+        LOG.debug("TLS server is running");
         while(isRunning){
             try {
                 sslSocket = (SSLSocket) serverSocket.accept();
@@ -110,14 +110,14 @@ public void run(){
                 //alternative: close serverSocket. But then we cannot reuse it
                 continue;
             } catch (IOException e) {
-                System.out.println("TLS Server failed");
+                LOG.error("TLS Server failed");
                 e.printStackTrace();
                 isRunning = false;
                 return;
             }
 
             //start new server thread
-            LOG.info("New TLS client has connected. Create new server session");
+            LOG.debug("New TLS client has connected. Create new server session");
             TLSServerThread server = new TLSServerThread(sslSocket, this.callback);
             sslSocket.addHandshakeCompletedListener(server);
             server.start();
@@ -127,7 +127,7 @@ public void run(){
             try {
                 serverSocket.close();
             } catch (IOException e) {
-                LOG.error("Could not close TLS server socket");
+                LOG.warn("Could not close TLS server socket");
                 e.printStackTrace();
             }
         }
@@ -135,7 +135,7 @@ public void run(){
 
     @Override
     public void safeStop(){
-        LOG.info("Stopping server");
+        LOG.debug("Stopping tls server");
         isRunning = false;
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index 0399dceb4..ffec566ae 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -104,7 +104,7 @@ public void run(){
             }
         }
         callback.connectionClosedHandler(this.connectionId);
-        LOG.info("ServerThread is terminating");
+        LOG.trace("ServerThread is terminating");
         try {
             out.close();
             in.close();
@@ -121,7 +121,7 @@ public void send(byte[] data) {
             try {
                 out.write(data);
                 out.flush();
-                LOG.info("Send message: " + new String(data));
+                LOG.trace("Send message: " + new String(data));
             } catch (IOException e){
                 LOG.error("Server cannot send data");
                 e.printStackTrace();
@@ -155,7 +155,7 @@ public boolean isConnected() {
 
     @Override
     public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
-        LOG.info("TLS handshake was successful");
+        LOG.debug("TLS handshake was successful");
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
         listenerLatch.countDown();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
index 1d4535d23..2a1e7ea83 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
@@ -3,6 +3,21 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
 
+/**
+ * An interface for the IDSCPv2 SecureChannelDriver class, that implements a connect() function for IDSCPv2 clients and
+ * a listen() function for IDSCPv2 servers
+ *
+ * Developer API
+ *
+ * Methods:
+ * void connect(IDSCPv2Settings, IDSCPv2Callback)         to create an IDSCPv2 connection to the host from the settings
+ *                                                        registers a callback for errors and return of a secure channel
+ *
+ * SecureServer listen(IDSCPv2Settings, IDSCPv2Callback)  to create an IDSCPv2 server configured by the IDSCPv2 settings
+ *                                                        registers a callback for errors and new incoming connections
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public interface SecureChannelDriver {
     void connect(IDSCPv2Settings settings, IDSCPv2Callback callback);
     SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback callback);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
index 7e893a04a..86ab13a90 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
@@ -1,11 +1,13 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
 /**
- *
+ * An interface for the IDSCPv2 Secure Server
  *
  * Developer API
  *
  * Methods:
+ * void safeStop()          to terminate the server
+ * boolean isRunning()      to check if the server is running
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/IDSCPv2Exception.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/IDSCPv2Exception.java
index e16824f26..ad16f97f3 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/IDSCPv2Exception.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/IDSCPv2Exception.java
@@ -5,7 +5,7 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class IDSCPv2Exception extends RuntimeException{
+public class IDSCPv2Exception extends Exception{
     public IDSCPv2Exception(String message) {
         super(message);
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
index 19cc9cad5..a1eb0f4cf 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
@@ -3,15 +3,13 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.messages.IDSCPv2.IdscpClose;
 import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
- * The IDSCPv2 Connection class is the entry point for the IDSCPv2 protocol. It runs a peer (client or server) and
- * establishes a secure state by building a secure transfer channel, verifies the dynamicAttributeToken and RAT
+ * The IDSCPv2 Connection class
  *
- * Developer API:
- *
- * Constructors:
- * IDSCPv2Connection(SecureChannel sc, String connectionID)
+ * User/Developer API:
  *
  * Methods:
  * void close()             to close an IDSCP connection
@@ -22,6 +20,7 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class IDSCPv2Connection implements IdscpMsgListener {
+    private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Connection.class);
 
     private SecureChannel secureChannel;
     private String connectionId;
@@ -33,21 +32,25 @@ public IDSCPv2Connection(SecureChannel secureChannel, String connectionId){
     }
 
     public void close() {
+        LOG.info("Close idscp connection");
+        LOG.debug("Send IDSCP_CLOSE");
         IdscpMessage msg = IdscpMessage.newBuilder()
                 .setType(IdscpMessage.Type.IDSCP_CLOSE)
                 .setIdscpClose(IdscpClose.newBuilder().build()
                 ).build();
         send(msg);
+        LOG.debug("Close secure channel");
         secureChannel.close();
     }
 
     public void send(IdscpMessage msg) {
+        LOG.debug("Send idscp message of type {}", msg.getType());
         secureChannel.send(msg);
     }
 
     @Override
     public void onMessage(IdscpMessage msg) {
-        System.out.println("Received new IDSCP Message: " + msg.toString());
+        LOG.info("Received new IDSCP Message: " + msg.toString());
     }
 
     public boolean isConnected() {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
index 8006525bb..af6921d6d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
@@ -2,6 +2,19 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 
+/**
+ * An callback interface, that implements callback functions that notifies about new secureChannels, errors and closed
+ * connections
+ *
+ * Developer API
+ *
+ * Methods:
+ * void secureChannelConnectHandler(SecureChannel)      to notify the client about a new secure channel
+ * void secureChannelListenHandler(SecureChannel)       to notify the server about a new secure channel
+ * void connectionClosedHandler(String connectionId)    to notify listener about connection was closed
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public interface IDSCPv2Callback {
     void secureChannelConnectHandler(SecureChannel secureChannel);
     void secureChannelListenHandler(SecureChannel secureChannel);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
index 4ee926427..77009d352 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -2,22 +2,30 @@
 
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
+import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
+import java.io.IOException;
 import java.util.UUID;
 
 /**
- * IDSCPv2Configuration Class, provides IDSCPv2 API to the User (IDSCPv2Initiator)
+ * IDSCPv2Configuration class, provides IDSCPv2 API to the User (IDSCPv2Initiator)
  *
- * Developer API
+ * User API
  *
  * Methods:
- * void onConnect(IDSCPv2Connection)       to notify the user, a new connection was created
+ * void connect(IDSCPv2Settings)                    initiate idscpv2 connect to host from settings
+ * SecureServer listen(IDSCPv2Settings)             initiate creation of a
+ * void secureChannelConnectHandler(SecureChannel)
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class IDSCPv2Configuration implements IDSCPv2Callback {
+    private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Configuration.class);
 
     private IDSCPv2Initiator user;
     private DapsDriver dapsDriver;
@@ -39,26 +47,40 @@ public IDSCPv2Configuration(IDSCPv2Initiator initiator,
     }
 
     public void connect(IDSCPv2Settings settings){
+        LOG.info("Connect to an idscpv2 server ({})", settings.getHost());
         secureChannelDriver.connect(settings, this);
     }
 
-    public SecureServer listen(IDSCPv2Settings settings){
-        return secureChannelDriver.listen(settings, this);
+    public SecureServer listen(IDSCPv2Settings settings) throws IDSCPv2Exception {
+        LOG.info("Starting new IDSCPv2 server at port {}", settings.getServerPort());
+
+        SecureServer secureServer;
+        if ((secureServer = secureChannelDriver.listen(settings, this)) == null){
+            throw new IDSCPv2Exception("Idscpv2 listen() failed. Cannot create SecureServer");
+        }
+
+        return secureServer;
     }
 
     @Override
     public void secureChannelConnectHandler(SecureChannel secureChannel) {
         if (secureChannel == null){
-            user.errorHandler("Creating Secure channel failed. Cannot create secure Channel");
+            LOG.warn("IDSCPv2 connect failed because no secure channel was established");
+            user.errorHandler("IDSCPv2 connect failed because no secure channel was established");
         } else {
-
+            LOG.debug("A new secure channel for an outgoing idscpv2 connection was established");
+            LOG.debug("Send Idscp hello");
+            secureChannel.send(IDSCPv2.IdscpMessage.newBuilder()
+                    .setType(IDSCPv2.IdscpMessage.Type.IDSCP_HELLO)
+                    .setIdscpHello(IDSCPv2.IdscpHello.newBuilder().build()).build());
             //toDo verify security properties
             //toDo RAT
 
-            //create new IDSCPv2Connection
+            LOG.debug("All IDSCPv2 requirements for new connection were fulfilled");
             String connectionId = UUID.randomUUID().toString();
             IDSCPv2Connection newConnection = new IDSCPv2Connection(secureChannel, connectionId);
             secureChannel.registerMessageListener(newConnection);
+            LOG.info("A new IDSCPv2 connection with id {} was created", connectionId);
             user.newConnectionHandler(newConnection);
         }
     }
@@ -66,20 +88,29 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
     @Override
     public void secureChannelListenHandler(SecureChannel secureChannel) {
         if (secureChannel != null){
-
+            LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
+            LOG.debug("Send Idscp hello");
+            secureChannel.send(IDSCPv2.IdscpMessage.newBuilder()
+                    .setType(IDSCPv2.IdscpMessage.Type.IDSCP_HELLO)
+                    .setIdscpHello(IDSCPv2.IdscpHello.newBuilder().build()).build());
             //toDo verify security properties
             //toDo RAT
 
+            LOG.debug("All IDSCPv2 requirements for a new incoming connection were fulfilled");
             //create new IDSCPv2Connection
             String connectionId = UUID.randomUUID().toString();
             IDSCPv2Connection newConnection = new IDSCPv2Connection(secureChannel, connectionId);
             secureChannel.registerMessageListener(newConnection);
+            LOG.info("A new idscpv2 connection with id {} was created", connectionId);
             user.newConnectionHandler(newConnection);
+        } else {
+            LOG.warn("An incoming idscpv2 client connection request failed because no secure channel was established");
         }
     }
 
     @Override
     public void connectionClosedHandler(String connectionId) {
+        LOG.info("IDSCPv2 connection with id {} has been closed", connectionId);
         user.connectionClosedHandler(connectionId);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
index 7de785e0d..8e943d931 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
 /**
- * IDSCPv2 configuration class, containing information about keyStore and TrustStores, Attestation Types
+ * IDSCPv2 configuration class, containing information about keyStore and TrustStores, Attestation Types, host, ...
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index ba1387f29..fa680dff5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -3,25 +3,26 @@
 import com.google.protobuf.InvalidProtocolBufferException;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
 import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
-
-import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
- * An interface for the secureChannel (e.g. TLS), which is the secure underlying basis of the IDSCPv2 protocol
+ * A secureChannel which is the secure underlying basis of the IDSCPv2 protocol, that implements a secureChannelListener
  *
  * Developer API
  *
- * Constructors depends on the implementation
- *
  * Methods:
- * void close()                                 to close the secureChannel to the other secure endpoint
+ * void close()                                 to close the secureChannel
  * void send(IDSCPv2Message)                    to send an IDSCPv2Message as bytes via the secure channel
  * void onMessage(byte[] data)                  to receive new bytes via the secure channel
  * boolean isConnected()                        to check if the secure channel is still open
+ * void registerMessageListener(IdscpMsgListener)   to register an idscpv2 message listener
+ * void setEndpointConnectionId(String id)          to set the connectionId
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class SecureChannel implements SecureChannelListener {
+    private static final Logger LOG = LoggerFactory.getLogger(SecureChannel.class);
 
     private SecureChannelEndpoint endpoint;
     private IdscpMsgListener listener = null;
@@ -31,21 +32,23 @@ public SecureChannel(SecureChannelEndpoint secureChannelEndpoint){
     }
 
     public void close(){
+        LOG.debug("Close secure channel");
         endpoint.close();
     }
 
     public void send(IdscpMessage msg){
+        LOG.debug("Send idscp message via secure channel");
         endpoint.send(msg.toByteArray());
     }
 
     @Override
     public void onMessage(byte[] data){
-        System.out.println(Arrays.toString(data));
+        LOG.debug("New raw data were received via the secure channel");
         try {
             IdscpMessage message = IdscpMessage.parseFrom(data);
             listener.onMessage(message);
         } catch (InvalidProtocolBufferException e) {
-            e.printStackTrace();
+            LOG.warn("Cannot parse raw data into IdscpMessage {}", data);
         }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
index 83e08bcba..1e9528283 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
@@ -1,6 +1,19 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
 
-
+/**
+ * An interface for a secureChannelEndpoint that implements functions to delegate idscp functions to the secure channel
+ *
+ * Developer API
+ *
+ * Methods:
+ * void close()                         disconnect
+ * void onMessage(int len, byte[])      receive new raw data from connected endpoint
+ * void send(byte[])                    send byte array to connected endpoint
+ * boolean isConnected()                check if endpoint is connected
+ * void setConnectionId(String id)
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public interface SecureChannelEndpoint {
     void close();
     void onMessage(int len, byte[] bytes);

From f168b0e726a509a64ed9d55b3a9a04b387ebd4ac Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 9 Jan 2020 17:02:28 +0100
Subject: [PATCH 032/237] Avoiding race conditions for unregistered listeners
 using CountDownLatch

---
 .../client/InputListenerThread.java           |  4 +--
 .../secure_channel/client/TLSClient.java      | 27 +++++++++++++++----
 .../secure_channel/server/TLSServer.java      |  2 +-
 .../server/TLSServerThread.java               | 19 +++++++++----
 .../secure_channel/SecureChannel.java         |  7 +++++
 5 files changed, 46 insertions(+), 13 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index 98b908932..857c5c586 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -20,10 +20,10 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class InputListenerThread extends Thread implements InputListener {
-    private static final Logger LOG = LoggerFactory.getLogger(InputListenerThread.class);
+    //private static final Logger LOG = LoggerFactory.getLogger(InputListenerThread.class);
 
     private InputStream in;
-    private ArrayList<DataAvailableListener> listeners = new ArrayList<>();
+    private ArrayList<DataAvailableListener> listeners = new ArrayList<>(); //no race conditions, could be empty list
     private volatile boolean running = true;
 
     public InputListenerThread(InputStream in){
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 3d16fe160..1563b88b9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -18,8 +18,9 @@
 import java.nio.charset.StandardCharsets;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
+import java.util.concurrent.CountDownLatch;
 
- /**
+/**
  * A TLS Client that notifies an IDSCPv2Configuration when a secure channel was created and the TLS handshake is done
  * The client is notified from an InputListenerThread when new data are available and transfer them to the
  * SecureChannelListener
@@ -55,8 +56,10 @@ public class TLSClient implements HandshakeCompletedListener, DataAvailableListe
     private Socket clientSocket;
     private OutputStream out;
     private InputListenerThread inputListenerThread;
-    private SecureChannelListener listener;
-    private IDSCPv2Callback callback;
+    private SecureChannelListener listener; //race conditions are avoided using CountDownLatch
+    private CountDownLatch listenerLatch = new CountDownLatch(1);
+    private IDSCPv2Callback callback; //race conditions are avoided because callback is initialized in constructor
+    private CountDownLatch connectionIdLatch = new CountDownLatch(1);
     private String connectionId = null;
 
     public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback)
@@ -156,6 +159,7 @@ private void disconnect(){
     @Override
     public void setConnectionId(String connectionId){
         this.connectionId = connectionId;
+        connectionIdLatch.countDown();
     }
 
     @Override
@@ -192,6 +196,7 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
         LOG.debug("TLS Handshake was successful. Starting input listener thread");
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
+        listenerLatch.countDown();
         inputListenerThread.start();
         callback.secureChannelConnectHandler(secureChannel);
     }
@@ -204,9 +209,21 @@ public void onMessage(int len, byte[] rawData) {
             //End of stream, connection is not available anymore
             LOG.debug("Client is terminating after server disconnected");
             disconnect();
-            callback.connectionClosedHandler(this.connectionId);
+
+            try {
+                connectionIdLatch.await();
+                callback.connectionClosedHandler(this.connectionId);
+            } catch (InterruptedException e){
+                Thread.currentThread().interrupt();
+            }
+
         } else {
-            listener.onMessage(data);
+            try{
+                listenerLatch.await();
+                listener.onMessage(data);
+            } catch (InterruptedException e){
+                Thread.currentThread().interrupt();
+            }
         }
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index fb863aa0d..e665b8f84 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -38,7 +38,7 @@ public class TLSServer extends Thread implements SecureServer {
 
     private volatile boolean isRunning = false;
     private ServerSocket serverSocket;
-    private IDSCPv2Callback callback;
+    private IDSCPv2Callback callback; //race conditions are avoided because callback is initialized in the constructor
 
     public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback callback)
             throws IOException, NoSuchAlgorithmException, KeyManagementException {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index ffec566ae..348dc6b0c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -49,9 +49,10 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
     private volatile boolean running = true;
     private InputStream in;
     private OutputStream out;
-    private String connectionId;
-    private SecureChannelListener listener = null;
-    private IDSCPv2Callback callback;
+    private String connectionId = null; //race condition avoided using CountDownLatch
+    private CountDownLatch connectionIdLatch = new CountDownLatch(1);
+    private SecureChannelListener listener = null;  // race conditions are avoided using CountDownLatch
+    private IDSCPv2Callback callback;  // race conditions are avoided because callback is initialized by constructor
     private CountDownLatch listenerLatch = new CountDownLatch(1);
 
 
@@ -73,6 +74,7 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
     @Override
     public void setConnectionId(String connectionId){
         this.connectionId = connectionId;
+        connectionIdLatch.countDown();
     }
 
     @Override
@@ -103,7 +105,14 @@ public void run(){
                 running = false;
             }
         }
-        callback.connectionClosedHandler(this.connectionId);
+
+        try {
+            connectionIdLatch.await();
+            callback.connectionClosedHandler(this.connectionId);
+        } catch (InterruptedException e){
+            Thread.currentThread().interrupt();
+        }
+
         LOG.trace("ServerThread is terminating");
         try {
             out.close();
@@ -141,7 +150,7 @@ public void onMessage(int len, byte[] rawData)  {
             listenerLatch.await();
             this.listener.onMessage(data);
         } catch (InterruptedException e){
-            e.printStackTrace();
+            Thread.currentThread().interrupt();
         }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index fa680dff5..823dddbc2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -6,6 +6,8 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.util.concurrent.CountDownLatch;
+
 /**
  * A secureChannel which is the secure underlying basis of the IDSCPv2 protocol, that implements a secureChannelListener
  *
@@ -26,6 +28,7 @@ public class SecureChannel implements SecureChannelListener {
 
     private SecureChannelEndpoint endpoint;
     private IdscpMsgListener listener = null;
+    private CountDownLatch listenerLatch = new CountDownLatch(1);
 
     public SecureChannel(SecureChannelEndpoint secureChannelEndpoint){
         this.endpoint = secureChannelEndpoint;
@@ -46,9 +49,12 @@ public void onMessage(byte[] data){
         LOG.debug("New raw data were received via the secure channel");
         try {
             IdscpMessage message = IdscpMessage.parseFrom(data);
+            listenerLatch.await();
             listener.onMessage(message);
         } catch (InvalidProtocolBufferException e) {
             LOG.warn("Cannot parse raw data into IdscpMessage {}", data);
+        } catch (InterruptedException e){
+            Thread.currentThread().interrupt();
         }
     }
 
@@ -58,6 +64,7 @@ public boolean isConnected(){
 
     public void registerMessageListener(IdscpMsgListener listener){
         this.listener = listener;
+        listenerLatch.countDown();
     }
 
     public void setEndpointConnectionId(String id){

From 76a636e155967903d44d5a7363fef26196954c61 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 9 Jan 2020 18:44:48 +0100
Subject: [PATCH 033/237] Add protobuf message length

---
 .../client/DataAvailableListener.java         |  2 +-
 .../client/InputListenerThread.java           | 31 ++++++++------
 .../secure_channel/client/TLSClient.java      | 10 ++---
 .../server/TLSServerThread.java               | 41 +++++++++----------
 .../secure_channel/SecureChannelEndpoint.java |  2 +-
 5 files changed, 44 insertions(+), 42 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
index 1e8c035d6..88fdd28bc 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
@@ -6,5 +6,5 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface DataAvailableListener {
-    void onMessage(int len, byte[] rawData);
+    void onMessage(byte[] data);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index 857c5c586..c0678e06f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -4,6 +4,8 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.io.DataInputStream;
+import java.io.EOFException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.SocketTimeoutException;
@@ -22,29 +24,32 @@
 public class InputListenerThread extends Thread implements InputListener {
     //private static final Logger LOG = LoggerFactory.getLogger(InputListenerThread.class);
 
-    private InputStream in;
+    private DataInputStream in;
     private ArrayList<DataAvailableListener> listeners = new ArrayList<>(); //no race conditions, could be empty list
     private volatile boolean running = true;
 
     public InputListenerThread(InputStream in){
-        this.in = in;
+        this.in = new DataInputStream(in);
     }
 
     public void run(){
-        byte[] buf = new byte[2048];
+        byte[] buf;
         while (running){
             try {
-                int len = in.read(buf, 0, buf.length);
-                if (0 > len) {
-                    notifyListeners(TlsConstants.END_OF_STREAM.length(), TlsConstants.END_OF_STREAM.getBytes());
-                    running = false; //terminate
-                } else {
-                    notifyListeners(len, buf);
-                }
-            } catch (SocketTimeoutException e){
+
+                int len = in.readInt();
+                buf = new byte[len];
+                in.readFully(buf, 0, len);
+                notifyListeners(buf);
+
+            } catch (SocketTimeoutException e) {
                 //timeout to catch safeStop() call, which allows save close and sending Client_Goodbye
                 //alternative: close socket / InputStream and catch exception
                 //continue;
+                //toDo offset when timeout while reading ???
+            } catch (EOFException e){
+                notifyListeners(TlsConstants.END_OF_STREAM.getBytes());
+                running = false; //terminate
             } catch (IOException e) {
                 //e.printStackTrace();
                 running = false;
@@ -58,9 +63,9 @@ public void register(DataAvailableListener listener) {
         listeners.add(listener);
     }
 
-    private void notifyListeners(int len, byte[] bytes) {
+    private void notifyListeners(byte[] bytes) {
         for (DataAvailableListener listener : listeners){
-            listener.onMessage(len, bytes);
+            listener.onMessage(bytes);
         }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 1563b88b9..2f7e8e9f1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -11,6 +11,7 @@
 import org.slf4j.LoggerFactory;
 
 import javax.net.ssl.*;
+import java.io.DataOutputStream;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.net.InetSocketAddress;
@@ -54,7 +55,7 @@ public class TLSClient implements HandshakeCompletedListener, DataAvailableListe
     private static final Logger LOG = LoggerFactory.getLogger(TLSClient.class);
 
     private Socket clientSocket;
-    private OutputStream out;
+    private DataOutputStream out;
     private InputListenerThread inputListenerThread;
     private SecureChannelListener listener; //race conditions are avoided using CountDownLatch
     private CountDownLatch listenerLatch = new CountDownLatch(1);
@@ -119,7 +120,7 @@ public void connect(String hostname, int port){
             //set clientSocket timeout to allow safeStop()
             clientSocket.setSoTimeout(5000);
 
-            out = clientSocket.getOutputStream();
+            out = new DataOutputStream(clientSocket.getOutputStream());
 
             //add inputListener but start it not before handshake is complete
             inputListenerThread = new InputListenerThread(clientSocket.getInputStream());
@@ -172,6 +173,7 @@ public void send(byte[] data){
             LOG.warn("Client cannot send data because socket is not connected");
         } else {
             try {
+                out.writeInt(data.length);
                 out.write(data);
                 out.flush();
                 LOG.debug("Send message: {}", new String(data));
@@ -202,9 +204,7 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
     }
 
     @Override
-    public void onMessage(int len, byte[] rawData) {
-        byte[] data = new byte[len];
-        System.arraycopy(rawData, 0, data, 0, len);
+    public void onMessage(byte[] data) {
         if ((new String(data, StandardCharsets.UTF_8)).equals(TlsConstants.END_OF_STREAM)){
             //End of stream, connection is not available anymore
             LOG.debug("Client is terminating after server disconnected");
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index 348dc6b0c..c77c9bc7b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -11,10 +11,9 @@
 import javax.net.ssl.HandshakeCompletedListener;
 import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLSocket;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
+import java.io.*;
 import java.net.SocketTimeoutException;
+import java.util.Arrays;
 import java.util.concurrent.CountDownLatch;
 
 /**
@@ -47,8 +46,8 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
 
     private SSLSocket sslSocket;
     private volatile boolean running = true;
-    private InputStream in;
-    private OutputStream out;
+    private DataInputStream in;
+    private DataOutputStream out;
     private String connectionId = null; //race condition avoided using CountDownLatch
     private CountDownLatch connectionIdLatch = new CountDownLatch(1);
     private SecureChannelListener listener = null;  // race conditions are avoided using CountDownLatch
@@ -63,8 +62,8 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
         try {
             //set timout for blocking read
             sslSocket.setSoTimeout(5000);
-            in = sslSocket.getInputStream();
-            out = sslSocket.getOutputStream();
+            in = new DataInputStream(sslSocket.getInputStream());
+            out = new DataOutputStream(sslSocket.getOutputStream());
         } catch (IOException e){
             LOG.error(e.getMessage());
             running = false;
@@ -80,26 +79,25 @@ public void setConnectionId(String connectionId){
     @Override
     public void run(){
         //wait for new data while running
-        byte[] buf = new byte[2048];
-
+        byte[] buf;
         while (running){
             try {
-                int len = in.read(buf, 0, buf.length);
-                if (0 > len) {
-                    //onMessage(TlsConstants.END_OF_STREAM.length(), TlsConstants.END_OF_STREAM.getBytes());
-                    running = false;
-                } else {
-                    onMessage(len, buf);
-                }
+                int len = in.readInt();
+                buf = new byte[len];
+                in.readFully(buf, 0, len);
+                onMessage(buf);
+
             } catch (SocketTimeoutException e){
                 //timeout catches safeStop() call and allows to send server_goodbye
                 //alternative: close sslSocket and catch SocketException
                 //continue
-            } catch (SSLException e){
+            } catch (SSLException e) {
                 LOG.error("SSL error");
                 e.printStackTrace();
                 running = false;
                 return;
+            } catch (EOFException e){
+                running = false;
             } catch (IOException e){
                 e.printStackTrace();
                 running = false;
@@ -128,12 +126,12 @@ public void send(byte[] data) {
             LOG.error("Server cannot send data because socket is not connected");
         } else {
             try {
+                out.writeInt(data.length);
                 out.write(data);
                 out.flush();
                 LOG.trace("Send message: " + new String(data));
             } catch (IOException e){
-                LOG.error("Server cannot send data");
-                e.printStackTrace();
+                LOG.error("Server cannot send data. {}",e.getMessage());
             }
         }
     }
@@ -143,9 +141,8 @@ public void close() {
         safeStop();
     }
 
-    public void onMessage(int len, byte[] rawData)  {
-        byte[] data = new byte[len];
-        System.arraycopy(rawData, 0, data, 0, len);
+    @Override
+    public void onMessage(byte[] data)  {
         try{
             listenerLatch.await();
             this.listener.onMessage(data);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
index 1e9528283..dd27ccf5e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
@@ -16,7 +16,7 @@
  */
 public interface SecureChannelEndpoint {
     void close();
-    void onMessage(int len, byte[] bytes);
+    void onMessage(byte[] bytes);
     void send(byte[] bytes);
     boolean isConnected();
     void setConnectionId(String id);

From 865dfbe8e9f28873720c6761da163a65195c58bd Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Fri, 10 Jan 2020 11:36:10 +0100
Subject: [PATCH 034/237] FIX build error, uncatched IDSCPv2Exception in Tests

---
 idscp2/src/test/java/IDSCPv2ServerInitiator.java | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index eb76df665..d1cf61db4 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -2,6 +2,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
+import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
@@ -19,7 +20,12 @@ public void init(IDSCPv2Settings serverSettings)  {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
         IDSCPv2Configuration idscpServerConfig = new IDSCPv2Configuration(this,
                 null,null,null,secureChannelDriver);
-        secureServer = idscpServerConfig.listen(serverSettings);
+        try {
+            secureServer = idscpServerConfig.listen(serverSettings);
+        } catch (IDSCPv2Exception e) {
+            //e.printStackTrace();
+            return;
+        }
         //secureServer.safeStop();
         try {
             Thread.sleep(300000); //run server for 5 minutes

From 5616e66b0e215a66cfd21432ca2f8808f55bfbc3 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Fri, 10 Jan 2020 13:51:56 +0100
Subject: [PATCH 035/237] Add Idscpv2Server, allow multiple idscp servers
 within one configuration, add idscpConnection management within the
 idscpServer

---
 .../secure_channel/NativeTLSDriver.java       |  6 +-
 .../secure_channel/server/TLSServer.java      | 15 ++--
 .../server/TLSServerThread.java               | 15 ++--
 .../interfaces/SecureChannelDriver.java       | 12 ++-
 .../configuration/IDSCPv2Callback.java        |  5 +-
 .../configuration/IDSCPv2Configuration.java   | 15 ++--
 .../idscp_server/IDSCPv2Server.java           | 84 +++++++++++++++++++
 .../idscp_server/IdscpConnectionListener.java |  8 ++
 .../src/test/java/IDSCPv2ClientInitiator.java |  4 +-
 .../src/test/java/IDSCPv2ServerInitiator.java | 21 +++--
 10 files changed, 148 insertions(+), 37 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
index 9303d6cc0..fa95f2418 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
@@ -6,6 +6,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -37,9 +38,10 @@ public void connect(IDSCPv2Settings settings, IDSCPv2Callback callback) {
     }
 
     @Override
-    public SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback callback) {
+    public SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback configCallback,
+                               IdscpConnectionListener idscpServerCallback) {
         try {
-            TLSServer tlsServer = new TLSServer(settings, callback);
+            TLSServer tlsServer = new TLSServer(settings, configCallback, idscpServerCallback);
             tlsServer.start();
             return tlsServer;
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index e665b8f84..bad618463 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -5,6 +5,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -38,11 +39,14 @@ public class TLSServer extends Thread implements SecureServer {
 
     private volatile boolean isRunning = false;
     private ServerSocket serverSocket;
-    private IDSCPv2Callback callback; //race conditions are avoided because callback is initialized in the constructor
+    private IDSCPv2Callback idscpConfigCallback; //no race conditions
+    private IdscpConnectionListener idscpServerCallback;
 
-    public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback callback)
+    public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback configCallback,
+                     IdscpConnectionListener idscpServerCallback)
             throws IOException, NoSuchAlgorithmException, KeyManagementException {
-        this.callback = callback;
+        this.idscpConfigCallback = configCallback;
+        this.idscpServerCallback = idscpServerCallback;
 
         /* init server for TCP/TLS communication */
 
@@ -82,7 +86,8 @@ public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback callback)
         sslParameters.setNeedClientAuth(true); //client must authenticate
         sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.3
         sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher suite
-        //FIXME uncomment hostname identification, this is deactivated because the client uses a certificate of an other identity in the examples at the moment
+        //FIXME uncomment hostname identification, this is deactivated because the client uses a certificate of an
+        // other identity in the examples at the moment
         //sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
         sslServerSocket.setSSLParameters(sslParameters);
         LOG.debug("TLS server was initialized successfully");
@@ -118,7 +123,7 @@ public void run(){
 
             //start new server thread
             LOG.debug("New TLS client has connected. Create new server session");
-            TLSServerThread server = new TLSServerThread(sslSocket, this.callback);
+            TLSServerThread server = new TLSServerThread(sslSocket, idscpConfigCallback, idscpServerCallback);
             sslSocket.addHandshakeCompletedListener(server);
             server.start();
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index c77c9bc7b..f54e93cf5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -1,6 +1,7 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
 
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
@@ -13,7 +14,6 @@
 import javax.net.ssl.SSLSocket;
 import java.io.*;
 import java.net.SocketTimeoutException;
-import java.util.Arrays;
 import java.util.concurrent.CountDownLatch;
 
 /**
@@ -51,13 +51,15 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
     private String connectionId = null; //race condition avoided using CountDownLatch
     private CountDownLatch connectionIdLatch = new CountDownLatch(1);
     private SecureChannelListener listener = null;  // race conditions are avoided using CountDownLatch
-    private IDSCPv2Callback callback;  // race conditions are avoided because callback is initialized by constructor
+    private IDSCPv2Callback configCallback;  //no race conditions
+    private IdscpConnectionListener idscpServerCallback; //no race conditions
     private CountDownLatch listenerLatch = new CountDownLatch(1);
 
 
-    TLSServerThread(SSLSocket sslSocket, IDSCPv2Callback callback){
+    TLSServerThread(SSLSocket sslSocket, IDSCPv2Callback configCallback, IdscpConnectionListener idscpServerCallback){
         this.sslSocket = sslSocket;
-        this.callback = callback;
+        this.configCallback = configCallback;
+        this.idscpServerCallback = idscpServerCallback;
 
         try {
             //set timout for blocking read
@@ -106,7 +108,8 @@ public void run(){
 
         try {
             connectionIdLatch.await();
-            callback.connectionClosedHandler(this.connectionId);
+            idscpServerCallback.connectionClosedHandler(this.connectionId);
+            configCallback.connectionClosedHandler(this.connectionId);
         } catch (InterruptedException e){
             Thread.currentThread().interrupt();
         }
@@ -165,6 +168,6 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
         listenerLatch.countDown();
-        callback.secureChannelListenHandler(secureChannel);
+        configCallback.secureChannelListenHandler(secureChannel, idscpServerCallback);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
index 2a1e7ea83..a480d075e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
@@ -2,6 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 
 /**
  * An interface for the IDSCPv2 SecureChannelDriver class, that implements a connect() function for IDSCPv2 clients and
@@ -13,12 +14,15 @@
  * void connect(IDSCPv2Settings, IDSCPv2Callback)         to create an IDSCPv2 connection to the host from the settings
  *                                                        registers a callback for errors and return of a secure channel
  *
- * SecureServer listen(IDSCPv2Settings, IDSCPv2Callback)  to create an IDSCPv2 server configured by the IDSCPv2 settings
- *                                                        registers a callback for errors and new incoming connections
+ * SecureServer listen(IDSCPv2Settings, IDSCPv2Callback, IdscpConnectionListener)
+ *
+ * to create an IDSCPv2 server configured by the IDSCPv2 settings registers callbacks
+ * for errors and new incoming connections
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface SecureChannelDriver {
-    void connect(IDSCPv2Settings settings, IDSCPv2Callback callback);
-    SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback callback);
+    void connect(IDSCPv2Settings settings, IDSCPv2Callback configCallback);
+    SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback configCallback,
+                        IdscpConnectionListener idscpServerCallback);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
index af6921d6d..230f571c0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
@@ -1,5 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 
 /**
@@ -10,13 +11,13 @@
  *
  * Methods:
  * void secureChannelConnectHandler(SecureChannel)      to notify the client about a new secure channel
- * void secureChannelListenHandler(SecureChannel)       to notify the server about a new secure channel
+ * void secureChannelListenHandler(SecureChannel, IdscpConnectionListener) to notify the server about new secureChannel
  * void connectionClosedHandler(String connectionId)    to notify listener about connection was closed
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface IDSCPv2Callback {
     void secureChannelConnectHandler(SecureChannel secureChannel);
-    void secureChannelListenHandler(SecureChannel secureChannel);
+    void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnectionListener idscpServer);
     void connectionClosedHandler(String connectionId);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
index 77009d352..de18f1e50 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -4,12 +4,13 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.io.IOException;
 import java.util.UUID;
 
 /**
@@ -51,15 +52,18 @@ public void connect(IDSCPv2Settings settings){
         secureChannelDriver.connect(settings, this);
     }
 
-    public SecureServer listen(IDSCPv2Settings settings) throws IDSCPv2Exception {
+    public IDSCPv2Server listen(IDSCPv2Settings settings) throws IDSCPv2Exception {
         LOG.info("Starting new IDSCPv2 server at port {}", settings.getServerPort());
 
         SecureServer secureServer;
-        if ((secureServer = secureChannelDriver.listen(settings, this)) == null){
+        IDSCPv2Server idscpServer = new IDSCPv2Server();
+
+        if ((secureServer = secureChannelDriver.listen(settings, this, idscpServer)) == null){
             throw new IDSCPv2Exception("Idscpv2 listen() failed. Cannot create SecureServer");
         }
 
-        return secureServer;
+        idscpServer.setSecureServer(secureServer);
+        return idscpServer;
     }
 
     @Override
@@ -86,7 +90,7 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
     }
 
     @Override
-    public void secureChannelListenHandler(SecureChannel secureChannel) {
+    public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnectionListener idscpServer) {
         if (secureChannel != null){
             LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
             LOG.debug("Send Idscp hello");
@@ -102,6 +106,7 @@ public void secureChannelListenHandler(SecureChannel secureChannel) {
             IDSCPv2Connection newConnection = new IDSCPv2Connection(secureChannel, connectionId);
             secureChannel.registerMessageListener(newConnection);
             LOG.info("A new idscpv2 connection with id {} was created", connectionId);
+            idscpServer.newConnectionHandler(newConnection); //bind connection to idscp server
             user.newConnectionHandler(newConnection);
         } else {
             LOG.warn("An incoming idscpv2 client connection request failed because no secure channel was established");
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
new file mode 100644
index 000000000..ac5aad82b
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
@@ -0,0 +1,84 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.idscp_server;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
+import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.CountDownLatch;
+
+public class IDSCPv2Server implements IdscpConnectionListener{
+    private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Server.class);
+
+    private SecureServer secureServer; //no race conditions using CountDownLatch
+    private CountDownLatch secureServerLatch = new CountDownLatch(1);
+    private ConcurrentHashMap<String, IDSCPv2Connection> connections = new ConcurrentHashMap<>();
+
+    public IDSCPv2Server(){
+
+    }
+
+    public IDSCPv2Server(SecureServer secureServer){
+        this.secureServer = secureServer;
+        secureServerLatch.countDown();
+    }
+
+    public void terminate(){
+        LOG.info("Terminating idscp server {}", this.toString());
+        try {
+            secureServerLatch.await();
+            secureServer.safeStop();
+            terminateAllSessions();
+        } catch (InterruptedException e){
+            Thread.currentThread().interrupt();
+        }
+    }
+
+    public void terminateAllSessions(){
+        for (IDSCPv2Connection c : connections.values()){
+            if (c.isConnected()){
+                c.close();
+                LOG.debug("Idscp connection with id {} has been closed", c.getConnectionId());
+            }
+            connections.remove(c.getConnectionId());
+        }
+    }
+
+    public boolean isRunning(){
+        try {
+            secureServerLatch.await();
+            return secureServer.isRunning();
+        } catch (InterruptedException e){
+            Thread.currentThread().interrupt();
+        }
+        return false;
+    }
+
+    public IDSCPv2Connection getConnectionById(String connectionId){
+        return connections.get(connectionId);
+    }
+
+    public List<IDSCPv2Connection> getAllConnections(){
+        return new ArrayList<>(connections.values());
+    }
+
+    @Override
+    public void newConnectionHandler(IDSCPv2Connection connection) {
+        LOG.debug("Binding new idscpv2 connection to server {}", this.toString());
+        connections.put(connection.getConnectionId(), connection);
+    }
+
+    @Override
+    public void connectionClosedHandler(String connectionId) {
+        LOG.debug("Removing connection with id {} from server storage", connectionId);
+        connections.remove(connectionId);
+    }
+
+    public void setSecureServer(SecureServer secureServer) {
+        this.secureServer = secureServer;
+        secureServerLatch.countDown();
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java
new file mode 100644
index 000000000..2857b7ebd
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java
@@ -0,0 +1,8 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.idscp_server;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+
+public interface IdscpConnectionListener {
+    void newConnectionHandler(IDSCPv2Connection connection);
+    void connectionClosedHandler(String connectionId);
+}
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index d00d0d06a..13694a6d0 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -22,12 +22,12 @@ public void init(IDSCPv2Settings settings){
     @Override
     public void newConnectionHandler(IDSCPv2Connection connection) {
         this.connections.put(connection.getConnectionId(), connection);
-        connection.close();
+        //connection.close();
     }
 
     @Override
     public void errorHandler(String error) {
-        System.out.println(error);
+        System.out.println("Error occurred: " + error);
     }
 
     @Override
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index d1cf61db4..2023d7cc8 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -1,9 +1,9 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
 
@@ -12,42 +12,41 @@
 
 public class IDSCPv2ServerInitiator implements IDSCPv2Initiator {
 
-    private ConcurrentHashMap<String, IDSCPv2Connection> connections = new ConcurrentHashMap<>();
-    private SecureServer secureServer = null;
-
+    //private ConcurrentHashMap<String, IDSCPv2Connection> connections = new ConcurrentHashMap<>();
 
     public void init(IDSCPv2Settings serverSettings)  {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
         IDSCPv2Configuration idscpServerConfig = new IDSCPv2Configuration(this,
                 null,null,null,secureChannelDriver);
+        IDSCPv2Server idscPv2Server;
         try {
-            secureServer = idscpServerConfig.listen(serverSettings);
+            idscPv2Server = idscpServerConfig.listen(serverSettings);
         } catch (IDSCPv2Exception e) {
             //e.printStackTrace();
             return;
         }
         //secureServer.safeStop();
         try {
-            Thread.sleep(300000); //run server for 5 minutes
+            Thread.sleep(40000); //run server for 5 minutes
         } catch (Exception e){
 
         }
-        secureServer.safeStop();
+        idscPv2Server.terminate();
     }
 
     @Override
     public void newConnectionHandler(IDSCPv2Connection connection) {
-        connections.put(connection.getConnectionId(), connection);
+        //connections.put(connection.getConnectionId(), connection);
     }
 
     @Override
     public void errorHandler(String error) {
-
+        System.out.println("Error occurred: " + error);
     }
 
     @Override
     public void connectionClosedHandler(String connectionId) {
-        System.out.println("Connection closed");
-        connections.remove(connectionId);
+        System.out.println("Connection with id " + connectionId + " has been closed");
+        //connections.remove(connectionId);
     }
 }

From 3d2d2ac732f6f1c3a6eb170c7890edafdf2fda47 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Fri, 10 Jan 2020 16:12:23 +0100
Subject: [PATCH 036/237] WIP: Add finite state machine

---
 .../configuration/IDSCPv2Configuration.java   | 23 ++++---
 .../finite_state_machine/Event.java           |  4 ++
 .../idscp_core/finite_state_machine/FSM.java  | 65 +++++++++++++++++++
 .../finite_state_machine/State.java           |  4 ++
 .../finite_state_machine/Transition.java      | 13 ++++
 .../secure_channel/SecureChannel.java         | 40 ++++++++++--
 6 files changed, 132 insertions(+), 17 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
index de18f1e50..ed60ce0d1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -73,12 +73,11 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
             user.errorHandler("IDSCPv2 connect failed because no secure channel was established");
         } else {
             LOG.debug("A new secure channel for an outgoing idscpv2 connection was established");
-            LOG.debug("Send Idscp hello");
-            secureChannel.send(IDSCPv2.IdscpMessage.newBuilder()
-                    .setType(IDSCPv2.IdscpMessage.Type.IDSCP_HELLO)
-                    .setIdscpHello(IDSCPv2.IdscpHello.newBuilder().build()).build());
-            //toDo verify security properties
-            //toDo RAT
+            try {
+                secureChannel.startIdscpHandshake();
+            } catch (IDSCPv2Exception e){
+                return;
+            }
 
             LOG.debug("All IDSCPv2 requirements for new connection were fulfilled");
             String connectionId = UUID.randomUUID().toString();
@@ -93,12 +92,12 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
     public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnectionListener idscpServer) {
         if (secureChannel != null){
             LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
-            LOG.debug("Send Idscp hello");
-            secureChannel.send(IDSCPv2.IdscpMessage.newBuilder()
-                    .setType(IDSCPv2.IdscpMessage.Type.IDSCP_HELLO)
-                    .setIdscpHello(IDSCPv2.IdscpHello.newBuilder().build()).build());
-            //toDo verify security properties
-            //toDo RAT
+
+            try {
+                secureChannel.startIdscpHandshake();
+            } catch (IDSCPv2Exception e){
+                return;
+            }
 
             LOG.debug("All IDSCPv2 requirements for a new incoming connection were fulfilled");
             //create new IDSCPv2Connection
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
new file mode 100644
index 000000000..e32d25009
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
@@ -0,0 +1,4 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+public class Event {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
new file mode 100644
index 000000000..26d075d24
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -0,0 +1,65 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCPv2.*;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.concurrent.CountDownLatch;
+
+public class FSM {
+    private static final Logger LOG = LoggerFactory.getLogger(FSM.class);
+
+    /*  -----------   IDSCPv2 Protocol States   ---------- */
+    private static final State STATE_CLOSED = new State();
+    private static final State STATE_WAIT_FOR_HELLO = new State();
+    private static final State STATE_LISTEN = new State();
+    private static final State STATE_WAIT_FOR_RAT = new State();
+    private static final State STATE_WAIT_FOR_RAT_CLIENT = new State();
+    private static final State STATE_WAIT_FOR_RAT_SERVER = new State();
+    private static final State STATE_WAIT_FOR_DAT_AND_RAT_CLIENT = new State();
+    private static final State STATE_WAIT_FOR_DAT_AND_RAT_SERVER = new State();
+    private static final State STATE_ESTABLISHED = new State();
+    /*  ----------------   end of states   --------------- */
+
+
+    /*  -----------   IDSCPv2 Protocol Transitions   ---------- */
+
+    /*  ----------------   end of transitions   --------------- */
+
+    private State currentState;
+    private SecureChannel secureChannel;
+    private CountDownLatch handshakeComplete = new CountDownLatch(1);
+
+    public FSM(SecureChannel secureChannel){
+        this.secureChannel = secureChannel;
+        currentState = STATE_ESTABLISHED;
+    }
+
+    public void start(){
+        LOG.debug("Send IDSCP_HELLO");
+        secureChannel.send(IDSCPv2.IdscpMessage.newBuilder()
+                .setType(IDSCPv2.IdscpMessage.Type.IDSCP_HELLO)
+                .setIdscpHello(IDSCPv2.IdscpHello.newBuilder().build()).build());
+        //toDo verify security properties
+        //toDo RAT
+        handshakeComplete.countDown();
+    }
+
+    public void delegate(IdscpMessage msg){
+
+    }
+
+    private void send(IdscpMessage msg){
+        secureChannel.send(msg);
+    }
+
+    public boolean isConnected(){
+        return currentState.equals(STATE_ESTABLISHED);
+    }
+
+    public CountDownLatch getHandshakeComplete() {
+        return handshakeComplete;
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
new file mode 100644
index 000000000..2c1385ae1
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
@@ -0,0 +1,4 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+public class State {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
new file mode 100644
index 000000000..94a53346a
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
@@ -0,0 +1,13 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+public class Transition {
+
+    private final State startState;
+    private final State endState;
+
+    public Transition(State startState, State endState){
+        this.startState = startState;
+        this.endState = endState;
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index 823dddbc2..de49659a1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -1,8 +1,10 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
 
 import com.google.protobuf.InvalidProtocolBufferException;
+import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
-import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
+import de.fhg.aisec.ids.messages.IDSCPv2.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -29,13 +31,14 @@ public class SecureChannel implements SecureChannelListener {
     private SecureChannelEndpoint endpoint;
     private IdscpMsgListener listener = null;
     private CountDownLatch listenerLatch = new CountDownLatch(1);
+    private FSM fsm;
 
     public SecureChannel(SecureChannelEndpoint secureChannelEndpoint){
         this.endpoint = secureChannelEndpoint;
+        this.fsm = new FSM(this);
     }
 
     public void close(){
-        LOG.debug("Close secure channel");
         endpoint.close();
     }
 
@@ -49,10 +52,20 @@ public void onMessage(byte[] data){
         LOG.debug("New raw data were received via the secure channel");
         try {
             IdscpMessage message = IdscpMessage.parseFrom(data);
-            listenerLatch.await();
-            listener.onMessage(message);
+            if (fsm.isConnected()){
+                listenerLatch.await();
+                listener.onMessage(message);
+            } else {
+                fsm.delegate(message);
+            }
         } catch (InvalidProtocolBufferException e) {
-            LOG.warn("Cannot parse raw data into IdscpMessage {}", data);
+            LOG.warn("Cannot parse raw data into IdscpMessage {}. Send error message", data);
+            send(
+                    IdscpMessage.newBuilder()
+                        .setType(IdscpMessage.Type.IDSCP_ERROR)
+                        .setIdscpError(IdscpError.newBuilder().setErrorMsg("Cannot parse raw data into IdscpMessage"))
+                        .build()
+            );
         } catch (InterruptedException e){
             Thread.currentThread().interrupt();
         }
@@ -70,4 +83,21 @@ public void registerMessageListener(IdscpMsgListener listener){
     public void setEndpointConnectionId(String id){
         this.endpoint.setConnectionId(id);
     }
+
+    public void startIdscpHandshake() throws IDSCPv2Exception {
+        fsm.start();
+        try {
+            fsm.getHandshakeComplete().await();
+        } catch (InterruptedException e) {
+            throw new IDSCPv2Exception("IDSCPv2 handshake failed");
+        }
+
+        if (!fsm.isConnected()){
+            throw new IDSCPv2Exception("IDSCPv2 handshake failed");
+        }
+
+        LOG.info("Idscpv2 handshake successful");
+    }
+
+
 }

From 8542d4337558021a4db0e094b4edbe7261e5dda9 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Mon, 13 Jan 2020 15:56:09 +0100
Subject: [PATCH 037/237] Add FSM as unique layer between IDSCPv2 and secure
 channel

---
 .../secure_channel/client/TLSClient.java      |  2 +-
 .../server/TLSServerThread.java               |  7 +-
 .../idscp2/idscp_core/IDSCPv2Connection.java  | 22 ++---
 .../configuration/IDSCPv2Configuration.java   | 26 +++---
 .../idscp_core/finite_state_machine/FSM.java  | 88 ++++++++++++++++---
 .../finite_state_machine/FsmListener.java     |  5 ++
 .../secure_channel/SecureChannel.java         | 59 +++----------
 .../src/test/java/IDSCPv2ServerInitiator.java |  2 +-
 8 files changed, 123 insertions(+), 88 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 2f7e8e9f1..13b99667b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -61,7 +61,7 @@ public class TLSClient implements HandshakeCompletedListener, DataAvailableListe
     private CountDownLatch listenerLatch = new CountDownLatch(1);
     private IDSCPv2Callback callback; //race conditions are avoided because callback is initialized in constructor
     private CountDownLatch connectionIdLatch = new CountDownLatch(1);
-    private String connectionId = null;
+    private String connectionId = "empty_connection_id";
 
     public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback)
             throws IOException, KeyManagementException, NoSuchAlgorithmException{
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index f54e93cf5..fad3f9190 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -48,7 +48,7 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
     private volatile boolean running = true;
     private DataInputStream in;
     private DataOutputStream out;
-    private String connectionId = null; //race condition avoided using CountDownLatch
+    private String connectionId = "empty_connection_id"; //race condition avoided using CountDownLatch
     private CountDownLatch connectionIdLatch = new CountDownLatch(1);
     private SecureChannelListener listener = null;  // race conditions are avoided using CountDownLatch
     private IDSCPv2Callback configCallback;  //no race conditions
@@ -97,12 +97,15 @@ public void run(){
                 LOG.error("SSL error");
                 e.printStackTrace();
                 running = false;
+                connectionIdLatch.countDown();
                 return;
             } catch (EOFException e){
                 running = false;
+                connectionIdLatch.countDown();
             } catch (IOException e){
                 e.printStackTrace();
                 running = false;
+                connectionIdLatch.countDown();
             }
         }
 
@@ -120,7 +123,7 @@ public void run(){
             in.close();
             sslSocket.close();
         } catch (IOException e) {
-            e.printStackTrace();
+            //e.printStackTrace();
         }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
index a1eb0f4cf..69761bd38 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
@@ -1,5 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core;
 
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.messages.IDSCPv2.IdscpClose;
 import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
@@ -22,30 +23,21 @@
 public class IDSCPv2Connection implements IdscpMsgListener {
     private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Connection.class);
 
-    private SecureChannel secureChannel;
+    private FSM fsm;
     private String connectionId;
 
-    public IDSCPv2Connection(SecureChannel secureChannel, String connectionId){
-        this.secureChannel = secureChannel;
+    public IDSCPv2Connection(FSM fsm, String connectionId){
+        this.fsm = fsm;
         this.connectionId = connectionId;
-        secureChannel.setEndpointConnectionId(connectionId);
     }
 
     public void close() {
-        LOG.info("Close idscp connection");
-        LOG.debug("Send IDSCP_CLOSE");
-        IdscpMessage msg = IdscpMessage.newBuilder()
-                .setType(IdscpMessage.Type.IDSCP_CLOSE)
-                .setIdscpClose(IdscpClose.newBuilder().build()
-                ).build();
-        send(msg);
-        LOG.debug("Close secure channel");
-        secureChannel.close();
+        fsm.terminate();
     }
 
     public void send(IdscpMessage msg) {
         LOG.debug("Send idscp message of type {}", msg.getType());
-        secureChannel.send(msg);
+        fsm.send(msg);
     }
 
     @Override
@@ -54,7 +46,7 @@ public void onMessage(IdscpMessage msg) {
     }
 
     public boolean isConnected() {
-        return secureChannel.isConnected();
+        return fsm.isConnected();
     }
 
     public String getConnectionId() {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
index ed60ce0d1..af08a409d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -4,6 +4,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
@@ -73,16 +74,19 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
             user.errorHandler("IDSCPv2 connect failed because no secure channel was established");
         } else {
             LOG.debug("A new secure channel for an outgoing idscpv2 connection was established");
+            FSM fsm = new FSM(secureChannel, ratProverDriver, ratVerifierDriver, dapsDriver);
+            String connectionId = UUID.randomUUID().toString();
+            //important so set endpoint connection id before fsm.startIdscpHandshake() to avoid deadlock
+            fsm.setEndpointConnectionId(connectionId);
+
             try {
-                secureChannel.startIdscpHandshake();
+                fsm.startIdscpHandshake(); //blocking until handshake is done
             } catch (IDSCPv2Exception e){
                 return;
             }
 
-            LOG.debug("All IDSCPv2 requirements for new connection were fulfilled");
-            String connectionId = UUID.randomUUID().toString();
-            IDSCPv2Connection newConnection = new IDSCPv2Connection(secureChannel, connectionId);
-            secureChannel.registerMessageListener(newConnection);
+            IDSCPv2Connection newConnection = new IDSCPv2Connection(fsm, connectionId);
+            fsm.registerMessageListener(newConnection);
             LOG.info("A new IDSCPv2 connection with id {} was created", connectionId);
             user.newConnectionHandler(newConnection);
         }
@@ -92,18 +96,20 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
     public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnectionListener idscpServer) {
         if (secureChannel != null){
             LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
+            FSM fsm = new FSM(secureChannel, ratProverDriver, ratVerifierDriver, dapsDriver);
+            String connectionId = UUID.randomUUID().toString();
+            //important so set endpoint connection id before fsm.startIdscpHandshake() to avoid deadlock
+            fsm.setEndpointConnectionId(connectionId);
 
             try {
-                secureChannel.startIdscpHandshake();
+                fsm.startIdscpHandshake(); //blocking until handshake is done
             } catch (IDSCPv2Exception e){
                 return;
             }
 
-            LOG.debug("All IDSCPv2 requirements for a new incoming connection were fulfilled");
             //create new IDSCPv2Connection
-            String connectionId = UUID.randomUUID().toString();
-            IDSCPv2Connection newConnection = new IDSCPv2Connection(secureChannel, connectionId);
-            secureChannel.registerMessageListener(newConnection);
+            IDSCPv2Connection newConnection = new IDSCPv2Connection(fsm, connectionId);
+            fsm.registerMessageListener(newConnection);
             LOG.info("A new idscpv2 connection with id {} was created", connectionId);
             idscpServer.newConnectionHandler(newConnection); //bind connection to idscp server
             user.newConnectionHandler(newConnection);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 26d075d24..ad8b5cfa5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -1,5 +1,12 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
+import com.google.protobuf.InvalidProtocolBufferException;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
+import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
+import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
@@ -8,7 +15,7 @@
 
 import java.util.concurrent.CountDownLatch;
 
-public class FSM {
+public class FSM implements FsmListener{
     private static final Logger LOG = LoggerFactory.getLogger(FSM.class);
 
     /*  -----------   IDSCPv2 Protocol States   ---------- */
@@ -30,36 +37,93 @@ public class FSM {
 
     private State currentState;
     private SecureChannel secureChannel;
-    private CountDownLatch handshakeComplete = new CountDownLatch(1);
+    private RatProverDriver ratProverDriver;
+    private RatVerifierDriver ratVerifierDriver;
+    private DapsDriver dapsDriver;
+    private IdscpMsgListener listener = null;
+    private CountDownLatch listenerLatch = new CountDownLatch(1);
+
+    public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDriver ratVerifier,
+               DapsDriver dapsDriver){
 
-    public FSM(SecureChannel secureChannel){
         this.secureChannel = secureChannel;
-        currentState = STATE_ESTABLISHED;
+        secureChannel.setFsm(this);
+
+        this.ratProverDriver = ratProver;
+        this.ratVerifierDriver = ratVerifier;
+        this.dapsDriver = dapsDriver;
+
+        currentState = STATE_CLOSED; //start state
     }
 
-    public void start(){
+    public void startIdscpHandshake() throws IDSCPv2Exception {
         LOG.debug("Send IDSCP_HELLO");
-        secureChannel.send(IDSCPv2.IdscpMessage.newBuilder()
+        send(IDSCPv2.IdscpMessage.newBuilder()
                 .setType(IDSCPv2.IdscpMessage.Type.IDSCP_HELLO)
                 .setIdscpHello(IDSCPv2.IdscpHello.newBuilder().build()).build());
         //toDo verify security properties
         //toDo RAT
-        handshakeComplete.countDown();
+        LOG.debug("All security requirements are fulfilled for new idscp connection");
+        currentState = STATE_ESTABLISHED;
     }
 
-    public void delegate(IdscpMessage msg){
+    public void send(IdscpMessage msg){
+        secureChannel.send(msg.toByteArray());
+    }
 
+    public void sendError(String msg, String code){
+        IdscpMessage idscpMessage = IdscpMessage.newBuilder()
+                .setType(IdscpMessage.Type.IDSCP_ERROR)
+                .setIdscpError(
+                        IdscpError.newBuilder()
+                                .setErrorMsg(msg)
+                                .setErrorCode(code)
+                ).build();
+        send(idscpMessage);
     }
 
-    private void send(IdscpMessage msg){
-        secureChannel.send(msg);
+    @Override
+    public void onMessage(byte[] data){
+        try {
+            IdscpMessage message = IdscpMessage.parseFrom(data);
+            //toDo trigger event
+            if (message.getType().equals(IdscpMessage.Type.IDSCP_DATA) && currentState.equals(STATE_ESTABLISHED)){
+                listenerLatch.await();
+                listener.onMessage(message);
+            } else {
+                //toDo fsm logic
+            }
+
+        } catch (InvalidProtocolBufferException e) {
+            LOG.warn("Cannot parse raw data into IdscpMessage {}. Send error message", data);
+            sendError("Cannot parse raw data into IdscpMessage", "");
+        } catch (InterruptedException e){
+            Thread.currentThread().interrupt();
+        }
+    }
+
+    public void terminate(){
+        LOG.info("Close idscp connection");
+        LOG.debug("Send IDSCP_CLOSE");
+        IdscpMessage msg = IdscpMessage.newBuilder()
+                .setType(IdscpMessage.Type.IDSCP_CLOSE)
+                .setIdscpClose(IdscpClose.newBuilder().build()
+                ).build();
+        send(msg);
+        LOG.debug("Close secure channel");
+        secureChannel.close();
     }
 
     public boolean isConnected(){
         return currentState.equals(STATE_ESTABLISHED);
     }
 
-    public CountDownLatch getHandshakeComplete() {
-        return handshakeComplete;
+    public void registerMessageListener(IdscpMsgListener listener){
+        this.listener = listener;
+        listenerLatch.countDown();
+    }
+
+    public void setEndpointConnectionId(String id){
+        this.secureChannel.setEndpointConnectionId(id);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
new file mode 100644
index 000000000..e797aa3cc
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
@@ -0,0 +1,5 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+public interface FsmListener {
+    void onMessage(byte[] data);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index de49659a1..917a37f95 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -1,10 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
 
-import com.google.protobuf.InvalidProtocolBufferException;
-import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
-import de.fhg.aisec.ids.messages.IDSCPv2.*;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -29,43 +25,28 @@ public class SecureChannel implements SecureChannelListener {
     private static final Logger LOG = LoggerFactory.getLogger(SecureChannel.class);
 
     private SecureChannelEndpoint endpoint;
-    private IdscpMsgListener listener = null;
-    private CountDownLatch listenerLatch = new CountDownLatch(1);
-    private FSM fsm;
+    private CountDownLatch fsmLatch = new CountDownLatch(1);
+    private FsmListener fsm = null;
 
     public SecureChannel(SecureChannelEndpoint secureChannelEndpoint){
         this.endpoint = secureChannelEndpoint;
-        this.fsm = new FSM(this);
     }
 
     public void close(){
         endpoint.close();
     }
 
-    public void send(IdscpMessage msg){
-        LOG.debug("Send idscp message via secure channel");
-        endpoint.send(msg.toByteArray());
+    public void send(byte[] msg){
+        LOG.debug("Send message via secure channel");
+        endpoint.send(msg);
     }
 
     @Override
     public void onMessage(byte[] data){
         LOG.debug("New raw data were received via the secure channel");
         try {
-            IdscpMessage message = IdscpMessage.parseFrom(data);
-            if (fsm.isConnected()){
-                listenerLatch.await();
-                listener.onMessage(message);
-            } else {
-                fsm.delegate(message);
-            }
-        } catch (InvalidProtocolBufferException e) {
-            LOG.warn("Cannot parse raw data into IdscpMessage {}. Send error message", data);
-            send(
-                    IdscpMessage.newBuilder()
-                        .setType(IdscpMessage.Type.IDSCP_ERROR)
-                        .setIdscpError(IdscpError.newBuilder().setErrorMsg("Cannot parse raw data into IdscpMessage"))
-                        .build()
-            );
+            fsmLatch.await();
+            fsm.onMessage(data);
         } catch (InterruptedException e){
             Thread.currentThread().interrupt();
         }
@@ -75,29 +56,13 @@ public boolean isConnected(){
         return endpoint.isConnected();
     }
 
-    public void registerMessageListener(IdscpMsgListener listener){
-        this.listener = listener;
-        listenerLatch.countDown();
-    }
-
     public void setEndpointConnectionId(String id){
         this.endpoint.setConnectionId(id);
+        //deadlock is resolved
     }
 
-    public void startIdscpHandshake() throws IDSCPv2Exception {
-        fsm.start();
-        try {
-            fsm.getHandshakeComplete().await();
-        } catch (InterruptedException e) {
-            throw new IDSCPv2Exception("IDSCPv2 handshake failed");
-        }
-
-        if (!fsm.isConnected()){
-            throw new IDSCPv2Exception("IDSCPv2 handshake failed");
-        }
-
-        LOG.info("Idscpv2 handshake successful");
+    public void setFsm(FsmListener fsm) {
+        this.fsm = fsm;
+        fsmLatch.countDown();
     }
-
-
 }
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index 2023d7cc8..94c726704 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -29,7 +29,7 @@ public void init(IDSCPv2Settings serverSettings)  {
         try {
             Thread.sleep(40000); //run server for 5 minutes
         } catch (Exception e){
-
+            return;
         }
         idscPv2Server.terminate();
     }

From 6ef9be0e4b8371bc3e14ae1d6c5f54413a5ccbf9 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Wed, 15 Jan 2020 18:28:07 +0100
Subject: [PATCH 038/237] add idscp message factory

---
 .../idscp_core/IdscpMessageFactory.java       | 87 +++++++++++++++++++
 .../InternalControlMessage.java               |  4 +
 .../finite_state_machine/Transition.java      | 13 ---
 3 files changed, 91 insertions(+), 13 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
new file mode 100644
index 000000000..d284cfd4f
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
@@ -0,0 +1,87 @@
+package de.fhg.aisec.ids.idscp2.idscp_core;
+
+import com.google.protobuf.ByteString;
+import de.fhg.aisec.ids.messages.IDSCPv2.*;
+
+import java.util.Arrays;
+
+public class IdscpMessageFactory {
+
+    public static IdscpMessage getIdscpHelloMessage(byte[] dat, String[] supportedRatSuite, String[] expectedRatSuite){
+        IdscpDat idscpDat = IdscpDat.newBuilder()
+                .setToken(ByteString.copyFrom(dat))
+                .build();
+
+        IdscpHello idscpHello = IdscpHello.newBuilder()
+                .setVersion(2)
+                .setDynamicAttributeToken(idscpDat)
+                .addAllExpectedRatSuite(Arrays.asList(expectedRatSuite))
+                .addAllSupportedRatSuite(Arrays.asList(supportedRatSuite))
+                .build();
+
+        return IdscpMessage.newBuilder()
+                .setType(IdscpMessage.Type.IDSCP_HELLO)
+                .setIdscpHello(idscpHello)
+                .build();
+    }
+
+    public static IdscpMessage getIdscpCloseMessage(){
+        return IdscpMessage.newBuilder()
+                . setType(IdscpMessage.Type.IDSCP_CLOSE)
+                .setIdscpClose(IdscpClose.newBuilder().build())
+                .build();
+    }
+
+    public static IdscpMessage getIdscpErrorMessage(String msg, String code){
+        IdscpError idscpError = IdscpError.newBuilder()
+                .setErrorMsg(msg)
+                .setErrorCode(code)
+                .build();
+
+        return IdscpMessage.newBuilder()
+                . setType(IdscpMessage.Type.IDSCP_ERROR)
+                .setIdscpError(idscpError)
+                .build();
+    }
+
+    public static IdscpMessage getIdscpDatExpiredMessage(){
+        return IdscpMessage.newBuilder()
+                . setType(IdscpMessage.Type.IDSCP_DAT_EXPIRED)
+                .setIdscpDatExpired(IdscpDatExpired.newBuilder().build())
+                .build();
+    }
+
+    public static IdscpMessage getIdscpDatMessage(byte[] dat){
+        IdscpDat idscpDat = IdscpDat.newBuilder()
+                .setToken(ByteString.copyFrom(dat))
+                .build();
+
+        return IdscpMessage.newBuilder()
+                . setType(IdscpMessage.Type.IDSCP_DAT)
+                .setIdscpDat(idscpDat)
+                .build();
+    }
+
+    public static IdscpMessage getIdscpReRatMessage(String cause){
+        IdscpReRat idscpReRat = IdscpReRat.newBuilder()
+                .setCause(cause)
+                .build();
+
+        return IdscpMessage.newBuilder()
+                . setType(IdscpMessage.Type.IDSCP_RE_RAT)
+                .setIdscpReRat(idscpReRat)
+                .build();
+    }
+
+    public static IdscpMessage getIdscpDataMessage(byte[] data){
+        IdscpData idscpData = IdscpData.newBuilder()
+                .setData(ByteString.copyFrom(data))
+                .build();
+
+        return IdscpMessage.newBuilder()
+                . setType(IdscpMessage.Type.IDSCP_DATA)
+                .setIdscpData(idscpData)
+                .build();
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
new file mode 100644
index 000000000..beaa0a33a
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
@@ -0,0 +1,4 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+public enum InternalControlMessage {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
deleted file mode 100644
index 94a53346a..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
+++ /dev/null
@@ -1,13 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-public class Transition {
-
-    private final State startState;
-    private final State endState;
-
-    public Transition(State startState, State endState){
-        this.startState = startState;
-        this.endState = endState;
-    }
-
-}

From 4682e1ef130ee1b86e01aababfb6acc93eae5778 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Wed, 15 Jan 2020 18:29:55 +0100
Subject: [PATCH 039/237] WIP: FSM, add states, implementation for 3 states

---
 .../finite_state_machine/Event.java           |  42 +++
 .../idscp_core/finite_state_machine/FSM.java  | 355 +++++++++++++++---
 .../finite_state_machine/FsmListener.java     |   1 +
 .../InternalControlMessage.java               |  11 +
 .../finite_state_machine/State.java           |  12 +
 5 files changed, 365 insertions(+), 56 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
index e32d25009..ce3e4a36d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
@@ -1,4 +1,46 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
+import de.fhg.aisec.ids.messages.IDSCPv2.*;
+
 public class Event {
+    public enum EventType {
+        IDSCP_MESSAGE,
+        INTERNAL_CONTROL_MESSAGE
+    }
+
+    private Object key;
+    private EventType type;
+    private IdscpMessage idscpMessage;
+    private InternalControlMessage controlMessage;
+
+    public Event(Object key, InternalControlMessage controlMessage){
+        this.key = key;
+        this.type = EventType.INTERNAL_CONTROL_MESSAGE;
+        this.controlMessage = controlMessage;
+        this.idscpMessage = null;
+    }
+
+    public Event (Object key, IdscpMessage idscpMessage){
+        this.key = key;
+        this.type = EventType.IDSCP_MESSAGE;
+        this.idscpMessage = idscpMessage;
+        this.controlMessage = null;
+    }
+
+
+    public Object getKey() {
+        return key;
+    }
+
+    public EventType getType() {
+        return type;
+    }
+
+    public IdscpMessage getIdscpMessage() {
+        return idscpMessage;
+    }
+
+    public InternalControlMessage getControlMessage() {
+        return controlMessage;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index ad8b5cfa5..83bd9f3a5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -5,11 +5,11 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import de.fhg.aisec.ids.messages.IDSCPv2;
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.Event.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -19,52 +19,316 @@ public class FSM implements FsmListener{
     private static final Logger LOG = LoggerFactory.getLogger(FSM.class);
 
     /*  -----------   IDSCPv2 Protocol States   ---------- */
-    private static final State STATE_CLOSED = new State();
-    private static final State STATE_WAIT_FOR_HELLO = new State();
-    private static final State STATE_LISTEN = new State();
-    private static final State STATE_WAIT_FOR_RAT = new State();
-    private static final State STATE_WAIT_FOR_RAT_CLIENT = new State();
-    private static final State STATE_WAIT_FOR_RAT_SERVER = new State();
-    private static final State STATE_WAIT_FOR_DAT_AND_RAT_CLIENT = new State();
-    private static final State STATE_WAIT_FOR_DAT_AND_RAT_SERVER = new State();
-    private static final State STATE_ESTABLISHED = new State();
+    private final State STATE_CLOSED = new State();
+    private final State STATE_WAIT_FOR_HELLO = new State();
+    private final State STATE_WAIT_FOR_RAT= new State();
+    private final State STATE_WAIT_FOR_RAT_CLIENT = new State();
+    private final State STATE_WAIT_FOR_RAT_SERVER = new State();
+    private final State STATE_WAIT_FOR_DAT_AND_RAT_CLIENT = new State();
+    private final State STATE_WAIT_FOR_DAT_AND_RAT_SERVER = new State();
+    private final State STATE_ESTABLISHED = new State();
     /*  ----------------   end of states   --------------- */
 
 
-    /*  -----------   IDSCPv2 Protocol Transitions   ---------- */
-
-    /*  ----------------   end of transitions   --------------- */
-
     private State currentState;
+    private final State initialState = STATE_CLOSED;
     private SecureChannel secureChannel;
     private RatProverDriver ratProverDriver;
     private RatVerifierDriver ratVerifierDriver;
     private DapsDriver dapsDriver;
     private IdscpMsgListener listener = null;
-    private CountDownLatch listenerLatch = new CountDownLatch(1);
+    private final CountDownLatch listenerLatch = new CountDownLatch(1);
+    private IdscpMessage cachedIdscpHello = null;
+    private final Object idscpHandshakeLock = new Object();
+    private final Object fsmIsBusy = new Object();
 
     public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDriver ratVerifier,
                DapsDriver dapsDriver){
 
         this.secureChannel = secureChannel;
-        secureChannel.setFsm(this);
-
         this.ratProverDriver = ratProver;
         this.ratVerifierDriver = ratVerifier;
         this.dapsDriver = dapsDriver;
+        secureChannel.setFsm(this);
+
+        /*  -----------   Protocol Transitions   ---------- */
+
+        STATE_CLOSED.setEventHandler(
+                /*--------------------------------
+                * Transition description
+                * --------------------------------
+                * INTERNAL_CONTROL_MESSAGE.START_IDSCP_HANDSHAKE ---> send IDSCP_HELLO ---> STATE_WAIT_FOR_HELLO
+                * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send IDSCP_CLOSE ---> STATE_CLOSED
+                * IDSCP_MESSAGE.IDSCP_HELLO ---> cache IDSCP_HELLO ---> STATE_CLOSED
+                * ALL_OTHER_MESSAGES ---> STATE_CLOSED
+                */
+                e -> {
+                    LOG.debug("STATE_CLOSED triggered");
+                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
+                        if (e.getControlMessage().equals(InternalControlMessage.START_IDSCP_HANDSHAKE)){
+                            LOG.debug("Get DAT Token vom DAT_DRIVER");
+                            //toDo this.dapsDriver.getToken();
+                            LOG.debug("Send idscp hello");
+                            IdscpMessage idscpHello = IdscpMessageFactory.
+                                    getIdscpHelloMessage(new byte[]{}, new String[] {"a", "b"}, new String[] {"a", "b"});
+                            this.send(idscpHello);
+                            //toDo set handshake timeout
+                            LOG.debug("Switch to state STATE_WAIT_FOR_HELLO");
+                            return STATE_WAIT_FOR_HELLO;
+                        }
+                    } else { /* IDSCP_MESSAGE */
+                        if (e.getIdscpMessage().hasIdscpHello()){
+                            LOG.debug("Cache idscp hello message");
+                            this.cachedIdscpHello = e.getIdscpMessage();
+                        }
+                    }
+
+                    LOG.debug("Stay in state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return this.STATE_CLOSED;
+                }
+        );
+
+        STATE_WAIT_FOR_HELLO.setEventHandler(
+                /*--------------------------------
+                 * Transition description
+                 * --------------------------------
+                 * INTERNAL_CONTROL_MESSAGE.ERROR ---> send IDSCP_CLOSE ---> STATE_CLOSED
+                 * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send idscp close ---> STATE_CLOSED
+                 * IDSCP_CLOSE ---> STATE_CLOSED
+                 * toDo IDSCP_HELLO ---> DAT Verification failed: send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
+                 * IDSCP_HELLO ---> verify DAT, set DAT Timeout, start RAT P&V ---> STATE_WAIT_FOR_RAT
+                 * ALL_OTHER_MESSAGES ---> STATE_WAIT_FOR_HELLO
+                 */
+                e -> {
+                    LOG.debug("STATE_WAIT_FOR_HELLO triggered");
+                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
+                        if (e.getControlMessage().equals(InternalControlMessage.ERROR)){
+                            LOG.debug("An internal control error occurred, send IDSC_CLOSE");
+                            send(IdscpMessageFactory.getIdscpCloseMessage());
+                            notifyHandshakeCompleteLock();
+                            return STATE_CLOSED;
+                        }
+
+                        if (e.getControlMessage().equals(InternalControlMessage.IDSCP_STOP)){
+                            LOG.debug("Send IDSC_CLOSE");
+                            send(IdscpMessageFactory.getIdscpCloseMessage());
+                            notifyHandshakeCompleteLock();
+                            return STATE_CLOSED;
+                        }
+                    } else { //IDSCP_MESSAGE
+                        if (e.getIdscpMessage().hasIdscpClose()){
+                            LOG.debug("");
+                        } else if (e.getIdscpMessage().hasIdscpHello()) {
+                            LOG.debug("Verify received DAT");
+                            //toDo Dat verification
+                            //toDo set DAT timeout
+                            //toDo start RAT_PROVER
+                            //toDo start RAT_VERIFIER
+                            LOG.debug("Switch to state STATE_ESTABLISHED");
+                            notifyHandshakeCompleteLock();
+                            return STATE_ESTABLISHED;
+                        }
+                    }
+                    LOG.debug("Stay in state STATE_WAIT_FOR_HELLO");
+                    return this.STATE_WAIT_FOR_HELLO;
+                }
+        );
+
+        STATE_WAIT_FOR_RAT.setEventHandler(
+                /*--------------------------------
+                 * Transition description
+                 * --------------------------------
+                 */
+                e -> {
+                    LOG.debug("STATE_WAIT_FOR_RAT triggered");
+                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
+
+                    } else { //IDSCP_MESSAGE
+
+                    }
+                    return this.STATE_WAIT_FOR_RAT;
+                }
+        );
+
+        STATE_WAIT_FOR_RAT_CLIENT.setEventHandler(
+                /*--------------------------------
+                 * Transition description
+                 * --------------------------------
+                 */
+                e -> {
+                    LOG.debug("STATE_WAIT_FOR_RAT_CLIENT triggered");
+                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
+
+                    } else { //IDSCP_MESSAGE
+
+                    }
+                    return this.STATE_WAIT_FOR_RAT_CLIENT;
+                }
+        );
+
+        STATE_WAIT_FOR_RAT_SERVER.setEventHandler(
+                /*--------------------------------
+                 * Transition description
+                 * --------------------------------
+                 */
+                e -> {
+                    LOG.debug("STATE_WAIT_FOR_RAT_SERVER triggered");
+                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
+
+                    } else { //IDSCP_MESSAGE
+
+                    }
+                    return this.STATE_WAIT_FOR_RAT_SERVER;
+                }
+        );
+
+        STATE_WAIT_FOR_DAT_AND_RAT_CLIENT.setEventHandler(
+                /*--------------------------------
+                 * Transition description
+                 * --------------------------------
+                 */
+                e -> {
+                    LOG.debug("STATE_WAIT_FOR_DAT_AND_RAT_CLIENT triggered");
+                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
+
+                    } else { //IDSCP_MESSAGE
+
+                    }
+                    return STATE_WAIT_FOR_DAT_AND_RAT_CLIENT;
+                }
+        );
+
+        STATE_WAIT_FOR_DAT_AND_RAT_SERVER.setEventHandler(
+                /*--------------------------------
+                 * Transition description
+                 * --------------------------------
+                 */
+                e -> {
+                    LOG.debug("STATE_WAIT_FOR_DAT_AND_RAT_SERVER triggered");
+                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
+
+                    } else { //IDSCP_MESSAGE
+
+                    }
+                    return STATE_WAIT_FOR_DAT_AND_RAT_SERVER;
+                }
+        );
+
+        STATE_ESTABLISHED.setEventHandler(
+                /*--------------------------------
+                 * Transition description
+                 * --------------------------------
+                 * INTERNAL_CONTROL_MESSAGE.ERROR ---> send idscp error, send idscp close ---> STATE_CLOSED
+                 * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send idscp close ---> STATE_CLOSED
+                 * toDo INTERNAL_CONTROL_MESSAGE.DAT_EXPIRED ---> send DAT_EXPIRED, set timeout ---> STATE_WAIT_FOR_DAT_AND_RAT_CLIENT
+                 * IDSCP_MESSAGE.DATA ---> listener.onMessage() ---> STATE_ESTABLISHED
+                 * IDSCP_MESSAGE.CLOSE ---> STATE_CLOSED
+                 */
+                e -> {
+                    LOG.debug("STATE_ESTABLISHED triggered");
+                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
+                        if (e.getControlMessage().equals(InternalControlMessage.ERROR)){
+                            LOG.debug("Error occurred, send IDSCP_ERROR and IDSCP_CLOSE and close idscp connection");
+                            send(IdscpMessageFactory.getIdscpErrorMessage("Error occurred", ""));
+                            send(IdscpMessageFactory.getIdscpCloseMessage());
+                            return STATE_CLOSED;
+                        } else if (e.getControlMessage().equals(InternalControlMessage.IDSCP_STOP)){
+                            send(IdscpMessageFactory.getIdscpCloseMessage());
+                            LOG.debug("Close idscp connection and send IDSCP_CLOSE");
+                            return STATE_CLOSED;
+                        }
+                    } else { //IDSCP_MESSAGE
+                        IdscpMessage message = e.getIdscpMessage();
+                        if (message.hasIdscpData()){
+                            try {
+                                this.listenerLatch.await();
+                                this.listener.onMessage(message);
+                            } catch (InterruptedException ex) {
+                                Thread.currentThread().interrupt();
+                            }
+                        } else if (message.hasIdscpClose()){
+                            LOG.debug("Receive IDSCP_CLOSED");
+                            try {
+                                this.listenerLatch.await();
+                                this.listener.onMessage(message);
+                            } catch (InterruptedException ex) {
+                                Thread.currentThread().interrupt();
+                            }
+                            LOG.debug("Switch to STATE_CLOSED");
+                            return STATE_CLOSED;
+                        }
+                    }
+                    LOG.debug("Stay in STATE_ESTABLISHED");
+                    return STATE_ESTABLISHED;
+                }
+        );
+
+        /*  ----------------   end of transitions   --------------- */
+
+        //set initial state
+        currentState = initialState;
+    }
+
+    @Override
+    public void onMessage(byte[] data){
+        //parse message and create new IDSCP Message Event, then pass it to current state and update new state
+        try {
+            IdscpMessage message = IdscpMessage.parseFrom(data);
+            Event e = new Event(null, message);
+            synchronized (fsmIsBusy){
+                currentState = currentState.feedEvent(e);
+            }
+        } catch (InvalidProtocolBufferException e) {
+            LOG.warn("Cannot parse raw data into IdscpMessage {}. Send error message", data);
+            sendError("Cannot parse raw data into IdscpMessage", "");
+        }
+    }
 
-        currentState = STATE_CLOSED; //start state
+    @Override
+    public void onControlMessage(InternalControlMessage controlMessage) {
+        //create Internal Control Message Event and pass it to current state and update new state
+        Event e = new Event(null, controlMessage);
+        synchronized (fsmIsBusy){
+            currentState = currentState.feedEvent(e);
+        }
+    }
+
+    public void terminate(){
+        LOG.info("Close idscp connection");
+        onControlMessage(InternalControlMessage.IDSCP_STOP);
+        LOG.debug("Close secure channel");
+        secureChannel.close();
     }
 
     public void startIdscpHandshake() throws IDSCPv2Exception {
-        LOG.debug("Send IDSCP_HELLO");
-        send(IDSCPv2.IdscpMessage.newBuilder()
-                .setType(IDSCPv2.IdscpMessage.Type.IDSCP_HELLO)
-                .setIdscpHello(IDSCPv2.IdscpHello.newBuilder().build()).build());
-        //toDo verify security properties
-        //toDo RAT
-        LOG.debug("All security requirements are fulfilled for new idscp connection");
-        currentState = STATE_ESTABLISHED;
+        if (currentState.equals(STATE_CLOSED)){
+            //trigger handshake init
+            onControlMessage(InternalControlMessage.START_IDSCP_HANDSHAKE);
+
+            //check if a idscpHello was already received and trigger next transition
+            if (cachedIdscpHello != null){
+                Event e = new Event(null, cachedIdscpHello);
+                synchronized (fsmIsBusy){
+                    currentState = currentState.feedEvent(e);
+                }
+            }
+
+            try {
+                //wait until handshake was successful or failed
+                synchronized (idscpHandshakeLock) {
+                    idscpHandshakeLock.wait();
+                }
+
+                if (!isConnected()){
+                    //handshake failed, throw exception
+                    throw new IDSCPv2Exception("Handshake failed");
+                }
+
+            } catch (InterruptedException e) {
+                throw new IDSCPv2Exception("Handshake failed because thread was interrupted");
+            }
+        }
     }
 
     public void send(IdscpMessage msg){
@@ -82,37 +346,10 @@ public void sendError(String msg, String code){
         send(idscpMessage);
     }
 
-    @Override
-    public void onMessage(byte[] data){
-        try {
-            IdscpMessage message = IdscpMessage.parseFrom(data);
-            //toDo trigger event
-            if (message.getType().equals(IdscpMessage.Type.IDSCP_DATA) && currentState.equals(STATE_ESTABLISHED)){
-                listenerLatch.await();
-                listener.onMessage(message);
-            } else {
-                //toDo fsm logic
-            }
-
-        } catch (InvalidProtocolBufferException e) {
-            LOG.warn("Cannot parse raw data into IdscpMessage {}. Send error message", data);
-            sendError("Cannot parse raw data into IdscpMessage", "");
-        } catch (InterruptedException e){
-            Thread.currentThread().interrupt();
-        }
+    private void reset(){
+        this.currentState = initialState;
     }
 
-    public void terminate(){
-        LOG.info("Close idscp connection");
-        LOG.debug("Send IDSCP_CLOSE");
-        IdscpMessage msg = IdscpMessage.newBuilder()
-                .setType(IdscpMessage.Type.IDSCP_CLOSE)
-                .setIdscpClose(IdscpClose.newBuilder().build()
-                ).build();
-        send(msg);
-        LOG.debug("Close secure channel");
-        secureChannel.close();
-    }
 
     public boolean isConnected(){
         return currentState.equals(STATE_ESTABLISHED);
@@ -126,4 +363,10 @@ public void registerMessageListener(IdscpMsgListener listener){
     public void setEndpointConnectionId(String id){
         this.secureChannel.setEndpointConnectionId(id);
     }
+
+    private void notifyHandshakeCompleteLock(){
+        synchronized (idscpHandshakeLock){
+            idscpHandshakeLock.notify();
+        }
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
index e797aa3cc..ccc0f88aa 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
@@ -2,4 +2,5 @@
 
 public interface FsmListener {
     void onMessage(byte[] data);
+    void onControlMessage(InternalControlMessage controlMessage);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
index beaa0a33a..946dd2bc5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
@@ -1,4 +1,15 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 public enum InternalControlMessage {
+    START_IDSCP_HANDSHAKE,
+    DAT_TIMER_EXPIRED,
+    RAT_VERIFIER_SUCCESSFUL,
+    RAT_VERIFIER_FAILED,
+    RAT_PROVER_SUCCESSFUL,
+    RAT_PROVER_FAILED,
+    DAT_VERIFICATION_SUCCESSFUL,
+    DAT_VERIFICATION_FAILED,
+    ERROR,
+    IDSCP_STOP,
+    SEND_IDSCP_MESSAGE
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
index 2c1385ae1..1d769f1fc 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
@@ -1,4 +1,16 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
+import java.util.function.Function;
+
 public class State {
+
+    private Function<Event, State> eventHandler;
+
+    public State feedEvent(Event e){
+        return eventHandler.apply(e);
+    }
+
+    public void setEventHandler(Function<Event, State> eventHandler) {
+        this.eventHandler = eventHandler;
+    }
 }

From 3aa4edb3cd38e98440276eae6d2d85185db4b188 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 16 Jan 2020 16:29:39 +0100
Subject: [PATCH 040/237] WIP: FSM add transitions, add Rat dummy

---
 .../daps/DefaultDapsDriver.java               |   2 +-
 .../default_driver_impl/rat/TPM2Prover.java   |  50 ++
 .../rat/TPM2ProverImpl.java                   |   9 +
 .../default_driver_impl/rat/TPM2Verifier.java |  50 ++
 .../rat/TPM2VerifierImpl.java                 |   9 +
 .../idscp2/drivers/interfaces/DapsDriver.java |   1 -
 .../drivers/interfaces/RatProverDriver.java   |   4 +-
 .../drivers/interfaces/RatProverInstance.java |   8 +
 .../drivers/interfaces/RatVerifierDriver.java |   3 +
 .../interfaces/RatVerifierInstance.java       |   8 +
 .../configuration/IDSCPv2Settings.java        |   2 +-
 .../finite_state_machine/Event.java           |  14 +-
 .../idscp_core/finite_state_machine/FSM.java  | 471 ++++++++++--------
 .../InternalControlMessage.java               |  29 +-
 .../finite_state_machine/State.java           |  27 +-
 .../finite_state_machine/Transition.java      |  20 +
 .../src/test/java/IDSCPv2ClientInitiator.java |  12 +-
 .../src/test/java/IDSCPv2ServerInitiator.java |  14 +-
 18 files changed, 495 insertions(+), 238 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index e2e79bffe..dc0564a26 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -16,6 +16,6 @@ public byte[] getToken() {
 
     @Override
     public boolean verifyToken(byte[] dat) {
-        return false;
+        return true;
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
new file mode 100644
index 000000000..7a9a0f896
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
@@ -0,0 +1,50 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverInstance;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
+import de.fhg.aisec.ids.messages.IDSCPv2.*;
+
+public class TPM2Prover extends Thread implements RatProverInstance{
+
+    private boolean running = true;
+    private FsmListener fsmListener;
+    private boolean successful = false;
+    private final Object resultAvailableLock = new Object();
+
+
+    TPM2Prover(FsmListener fsmListener){
+        this.fsmListener = fsmListener;
+    }
+
+    @Override
+    public void delegate(IdscpMessage message) {
+        successful = true;
+        synchronized (resultAvailableLock) {
+            resultAvailableLock.notify();
+        }
+    }
+
+    public void terminate(){
+        running = false;
+    }
+
+    @Override
+    public void run() {
+        while (running){
+            synchronized (resultAvailableLock) {
+                try {
+                    resultAvailableLock.wait();
+                    if (successful){
+                        fsmListener.onControlMessage(InternalControlMessage.RAT_PROVER_SUCCESSFUL);
+                    } else {
+                        fsmListener.onControlMessage(InternalControlMessage.RAT_PROVER_FAILED);
+                    }
+                    running = false;
+                } catch (InterruptedException e) {
+                    e.printStackTrace();
+                }
+            }
+        }
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
index 63d8c51ba..4086b374a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
@@ -1,6 +1,8 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverInstance;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
 
 /**
  * Remote Attestation Prover Driver implementation class for TPM2.0
@@ -8,4 +10,11 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class TPM2ProverImpl implements RatProverDriver {
+
+    @Override
+    public RatProverInstance start(FsmListener fsmListener) {
+        TPM2Prover newProver = new TPM2Prover(fsmListener);
+        newProver.start();
+        return newProver;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
new file mode 100644
index 000000000..46ff23105
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
@@ -0,0 +1,50 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierInstance;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+
+public class TPM2Verifier extends Thread implements RatVerifierInstance {
+
+    private FsmListener fsmListener;
+    private boolean successful = false;
+    private boolean running = true;
+    private final Object resultAvailableLock = new Object();
+
+    TPM2Verifier(FsmListener fsmListener){
+        this.fsmListener = fsmListener;
+    }
+
+    @Override
+    public void delegate(IDSCPv2.IdscpMessage message) {
+        successful = true;
+        synchronized (resultAvailableLock) {
+            resultAvailableLock.notify();
+        }
+    }
+
+    @Override
+    public void terminate() {
+        running = false;
+    }
+
+    @Override
+    public void run(){
+        while (running){
+            synchronized (resultAvailableLock) {
+                try {
+                    resultAvailableLock.wait();
+                    if (successful){
+                        fsmListener.onControlMessage(InternalControlMessage.RAT_VERIFIER_SUCCESSFUL);
+                    } else {
+                        fsmListener.onControlMessage(InternalControlMessage.RAT_VERIFIER_FAILED);
+                    }
+                    running = false;
+                } catch (InterruptedException e) {
+                    e.printStackTrace();
+                }
+            }
+        }
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
index c67acb75d..d92ca8f67 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
@@ -1,6 +1,8 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierInstance;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
 
 /**
  * Remote Attestation Verifier Driver implementation class for TPM2.0
@@ -8,4 +10,11 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class TPM2VerifierImpl implements RatVerifierDriver {
+
+    @Override
+    public RatVerifierInstance start(FsmListener fsmListener) {
+        TPM2Verifier newVerifier = new TPM2Verifier(fsmListener);
+        newVerifier.start();
+        return newVerifier;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
index ebc2c2c47..164fa485a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
@@ -6,7 +6,6 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface DapsDriver {
-
     byte[] getToken();
     boolean verifyToken(byte[] dat);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
index eb410c0dc..0f4765b50 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
@@ -1,10 +1,12 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
+
 /**
  * An interface for the remote attestation prover driver that is used for proving the current state by RAT mechanism
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface RatProverDriver {
-
+    RatProverInstance start(FsmListener fsmListener);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java
new file mode 100644
index 000000000..32a8401bd
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java
@@ -0,0 +1,8 @@
+package de.fhg.aisec.ids.idscp2.drivers.interfaces;
+
+import de.fhg.aisec.ids.messages.IDSCPv2;
+
+public interface RatProverInstance {
+    void delegate(IDSCPv2.IdscpMessage message);
+    void terminate();
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
index aabc88d10..a2a265b9b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
@@ -1,9 +1,12 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
+
 /**
  * An interface for the remote attestation verifier driver that is used for verifying provers system sate
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface RatVerifierDriver {
+    RatVerifierInstance start(FsmListener fsmListener);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java
new file mode 100644
index 000000000..494631bff
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java
@@ -0,0 +1,8 @@
+package de.fhg.aisec.ids.idscp2.drivers.interfaces;
+
+import de.fhg.aisec.ids.messages.IDSCPv2;
+
+public interface RatVerifierInstance {
+    void delegate(IDSCPv2.IdscpMessage message);
+    void terminate();
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
index 8e943d931..749281acf 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
@@ -6,7 +6,7 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class IDSCPv2Settings {
-    public static final int DEFAULT_SERVER_PORT = 8081;
+    public static final int DEFAULT_SERVER_PORT = 8080;
 
     private int serverPort = DEFAULT_SERVER_PORT;
     private String host = "localhost";
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
index ce3e4a36d..62d99ff5a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
@@ -2,6 +2,12 @@
 
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
 
+/**
+ * An Event class for the Finite State Machine. Triggers a transition and holds either an idscpMessage or an
+ * InternalControlMessage.
+ *
+ * @author Leon Beckmann leon.beckmann@aisec.fraunhofer.de
+ */
 public class Event {
     public enum EventType {
         IDSCP_MESSAGE,
@@ -13,15 +19,15 @@ public enum EventType {
     private IdscpMessage idscpMessage;
     private InternalControlMessage controlMessage;
 
-    public Event(Object key, InternalControlMessage controlMessage){
-        this.key = key;
+    public Event(InternalControlMessage controlMessage){
+        this.key = controlMessage.getValue();
         this.type = EventType.INTERNAL_CONTROL_MESSAGE;
         this.controlMessage = controlMessage;
         this.idscpMessage = null;
     }
 
-    public Event (Object key, IdscpMessage idscpMessage){
-        this.key = key;
+    public Event (IdscpMessage idscpMessage){
+        this.key = idscpMessage.getMessageCase().getNumber();
         this.type = EventType.IDSCP_MESSAGE;
         this.idscpMessage = idscpMessage;
         this.controlMessage = null;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 83bd9f3a5..beb427fcb 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -1,15 +1,12 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 import com.google.protobuf.InvalidProtocolBufferException;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.Event.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -29,6 +26,7 @@ public class FSM implements FsmListener{
     private final State STATE_ESTABLISHED = new State();
     /*  ----------------   end of states   --------------- */
 
+    //toDo error codes
 
     private State currentState;
     private final State initialState = STATE_CLOSED;
@@ -41,6 +39,12 @@ public class FSM implements FsmListener{
     private IdscpMessage cachedIdscpHello = null;
     private final Object idscpHandshakeLock = new Object();
     private final Object fsmIsBusy = new Object();
+    //toDo cipher suites
+    private String[] ratSupportedSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
+    private String[] ratExpectedSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
+    private byte[] remoteDat = null;
+    private RatProverInstance ratProver = null;
+    private RatVerifierInstance ratVerifier = null;
 
     public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDriver ratVerifier,
                DapsDriver dapsDriver){
@@ -53,217 +57,273 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
 
         /*  -----------   Protocol Transitions   ---------- */
 
-        STATE_CLOSED.setEventHandler(
-                /*--------------------------------
-                * Transition description
-                * --------------------------------
-                * INTERNAL_CONTROL_MESSAGE.START_IDSCP_HANDSHAKE ---> send IDSCP_HELLO ---> STATE_WAIT_FOR_HELLO
-                * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send IDSCP_CLOSE ---> STATE_CLOSED
-                * IDSCP_MESSAGE.IDSCP_HELLO ---> cache IDSCP_HELLO ---> STATE_CLOSED
-                * ALL_OTHER_MESSAGES ---> STATE_CLOSED
-                */
-                e -> {
-                    LOG.debug("STATE_CLOSED triggered");
-                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
-                        if (e.getControlMessage().equals(InternalControlMessage.START_IDSCP_HANDSHAKE)){
-                            LOG.debug("Get DAT Token vom DAT_DRIVER");
-                            //toDo this.dapsDriver.getToken();
-                            LOG.debug("Send idscp hello");
-                            IdscpMessage idscpHello = IdscpMessageFactory.
-                                    getIdscpHelloMessage(new byte[]{}, new String[] {"a", "b"}, new String[] {"a", "b"});
-                            this.send(idscpHello);
-                            //toDo set handshake timeout
-                            LOG.debug("Switch to state STATE_WAIT_FOR_HELLO");
-                            return STATE_WAIT_FOR_HELLO;
-                        }
-                    } else { /* IDSCP_MESSAGE */
-                        if (e.getIdscpMessage().hasIdscpHello()){
-                            LOG.debug("Cache idscp hello message");
-                            this.cachedIdscpHello = e.getIdscpMessage();
-                        }
-                    }
+        /*---------------------------------------------------
+        * STATE_CLOSED - Transition Description
+        * ---------------------------------------------------
+        * INTERNAL_CONTROL_MESSAGE.START_IDSCP_HANDSHAKE ---> send IDSCP_HELLO ---> STATE_WAIT_FOR_HELLO
+        * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send IDSCP_CLOSE ---> STATE_CLOSED
+        * IDSCP_MESSAGE.IDSCP_HELLO ---> cache IDSCP_HELLO ---> STATE_CLOSED
+        * ALL_OTHER_MESSAGES ---> STATE_CLOSED
+        * --------------------------------------------------- */
+        STATE_CLOSED.addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Get DAT Token vom DAT_DRIVER");
+                    byte[] dat = this.dapsDriver.getToken();
+                    LOG.debug("Send IDSCP_HELLO");
+                    IdscpMessage idscpHello = IdscpMessageFactory.
+                            getIdscpHelloMessage(dat, this.ratSupportedSuite, this.ratExpectedSuite);
+                    this.send(idscpHello);
+                    //toDo set handshake timeout
+                    LOG.debug("Switch to state STATE_WAIT_FOR_HELLO");
+                    return STATE_WAIT_FOR_HELLO;
+                }
+        ));
 
+        STATE_CLOSED.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_CLOSE");
+                    IdscpMessage idscpClose = IdscpMessageFactory.getIdscpCloseMessage();
+                    send(idscpClose);
                     LOG.debug("Stay in state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
-                    return this.STATE_CLOSED;
+                    return STATE_CLOSED;
                 }
-        );
+        ));
 
-        STATE_WAIT_FOR_HELLO.setEventHandler(
-                /*--------------------------------
-                 * Transition description
-                 * --------------------------------
-                 * INTERNAL_CONTROL_MESSAGE.ERROR ---> send IDSCP_CLOSE ---> STATE_CLOSED
-                 * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send idscp close ---> STATE_CLOSED
-                 * IDSCP_CLOSE ---> STATE_CLOSED
-                 * toDo IDSCP_HELLO ---> DAT Verification failed: send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
-                 * IDSCP_HELLO ---> verify DAT, set DAT Timeout, start RAT P&V ---> STATE_WAIT_FOR_RAT
-                 * ALL_OTHER_MESSAGES ---> STATE_WAIT_FOR_HELLO
-                 */
-                e -> {
-                    LOG.debug("STATE_WAIT_FOR_HELLO triggered");
-                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
-                        if (e.getControlMessage().equals(InternalControlMessage.ERROR)){
-                            LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                            send(IdscpMessageFactory.getIdscpCloseMessage());
-                            notifyHandshakeCompleteLock();
-                            return STATE_CLOSED;
-                        }
-
-                        if (e.getControlMessage().equals(InternalControlMessage.IDSCP_STOP)){
-                            LOG.debug("Send IDSC_CLOSE");
-                            send(IdscpMessageFactory.getIdscpCloseMessage());
-                            notifyHandshakeCompleteLock();
-                            return STATE_CLOSED;
-                        }
-                    } else { //IDSCP_MESSAGE
-                        if (e.getIdscpMessage().hasIdscpClose()){
-                            LOG.debug("");
-                        } else if (e.getIdscpMessage().hasIdscpHello()) {
-                            LOG.debug("Verify received DAT");
-                            //toDo Dat verification
-                            //toDo set DAT timeout
-                            //toDo start RAT_PROVER
-                            //toDo start RAT_VERIFIER
-                            LOG.debug("Switch to state STATE_ESTABLISHED");
-                            notifyHandshakeCompleteLock();
-                            return STATE_ESTABLISHED;
-                        }
-                    }
-                    LOG.debug("Stay in state STATE_WAIT_FOR_HELLO");
-                    return this.STATE_WAIT_FOR_HELLO;
+        STATE_CLOSED.addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Cache IDSCP_HELLO");
+                    this.cachedIdscpHello = event.getIdscpMessage();
+                    LOG.debug("Stay in state STATE_CLOSED");
+                    return STATE_CLOSED;
                 }
-        );
+        ));
 
-        STATE_WAIT_FOR_RAT.setEventHandler(
-                /*--------------------------------
-                 * Transition description
-                 * --------------------------------
-                 */
-                e -> {
-                    LOG.debug("STATE_WAIT_FOR_RAT triggered");
-                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
-
-                    } else { //IDSCP_MESSAGE
-
-                    }
-                    return this.STATE_WAIT_FOR_RAT;
+        STATE_CLOSED.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
                 }
-        );
-
-        STATE_WAIT_FOR_RAT_CLIENT.setEventHandler(
-                /*--------------------------------
-                 * Transition description
-                 * --------------------------------
-                 */
-                e -> {
-                    LOG.debug("STATE_WAIT_FOR_RAT_CLIENT triggered");
-                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
+            );
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_HELLO - Transition Description
+         * ---------------------------------------------------
+         * INTERNAL_CONTROL_MESSAGE.ERROR ---> send IDSCP_CLOSE ---> STATE_CLOSED
+         * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send IDSCP_CLOSE ---> STATE_CLOSED
+         * IDSCP_CLOSE ---> STATE_CLOSED
+         * INTERNAL_CONTROL_MESSAGE.TIMEOUT ---> send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
+         * IDSCP_HELLO ---> RAT no match: send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
+         * IDSCP_HELLO ---> DAT Verification failed: send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
+         * IDSCP_HELLO ---> verify DAT, verifyRatCipher, set DAT Timeout, start RAT P&V ---> STATE_WAIT_FOR_RAT
+         * ALL_OTHER_MESSAGES ---> STATE_WAIT_FOR_HELLO
+         * --------------------------------------------------- */
+        STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage());
+                    notifyHandshakeCompleteLock();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    return STATE_CLOSED;
+                }
+        ));
 
-                    } else { //IDSCP_MESSAGE
+        STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage());
+                    notifyHandshakeCompleteLock();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_HELLO.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                   LOG.debug("Received IDSCP_CLOSE");
+                   notifyHandshakeCompleteLock();
+                   LOG.debug("Switch to state STATE_CLOSED");
+                   return STATE_CLOSED;
+                }
+        ));
 
+        STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_ERROR and IDSCP_CLOSE");
+                    send(IdscpMessageFactory.getIdscpErrorMessage("Timeout", ""));
+                    send(IdscpMessageFactory.getIdscpCloseMessage());
+                    notifyHandshakeCompleteLock();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_HELLO.addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_HELLO");
+                    IdscpHello idscpHello = event.getIdscpMessage().getIdscpHello();
+                    LOG.debug("Calculate Rat mechanisms");
+                    if (!calculateRatMechanisms(null, null) //toDo rat ciphers
+                    ){
+                        LOG.debug("Cannot find a match for RAT cipher. Send IDSCP_ERROR and IDSCP_CLOSE");
+                        send(IdscpMessageFactory.getIdscpErrorMessage("No match for RAT mechanism", ""));
+                        send(IdscpMessageFactory.getIdscpCloseMessage());
+                        notifyHandshakeCompleteLock();
+                        LOG.debug("Switch to state STATE_CLOSED");
+                        return STATE_CLOSED;
                     }
-                    return this.STATE_WAIT_FOR_RAT_CLIENT;
+                    LOG.debug("Verify received DAT");
+                    //check if Dat is available and verify dat
+                    if (!idscpHello.hasDynamicAttributeToken() || !this.dapsDriver
+                            .verifyToken(idscpHello.getDynamicAttributeToken().getToken().toByteArray())){
+                        LOG.debug("No valid remote DAT is available. Send IDSCP_ERROR and IDSCP_CLOSE");
+                        send(IdscpMessageFactory.getIdscpErrorMessage("No valid DAT", ""));
+                        send(IdscpMessageFactory.getIdscpCloseMessage());
+                        notifyHandshakeCompleteLock();
+                        LOG.debug("Switch to state STATE_CLOSED");
+                        return STATE_CLOSED;
+                    }
+                    LOG.debug("Remote DAT is valid");
+                    //toDo set DAT timeout
+                    LOG.debug("Start RAT Prover and Verifier");
+                    //toDo which RAT mechanism is chosen
+                    this.ratVerifier = ratVerifierDriver.start(this);
+                    this.ratProver = ratProverDriver.start(this);
+                    LOG.debug("Switch to state STATE_ESTABLISHED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_ESTABLISHED;
                 }
-        );
-
-        STATE_WAIT_FOR_RAT_SERVER.setEventHandler(
-                /*--------------------------------
-                 * Transition description
-                 * --------------------------------
-                 */
-                e -> {
-                    LOG.debug("STATE_WAIT_FOR_RAT_SERVER triggered");
-                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
-
-                    } else { //IDSCP_MESSAGE
+        ));
 
-                    }
-                    return this.STATE_WAIT_FOR_RAT_SERVER;
+        STATE_WAIT_FOR_HELLO.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_HELLO");
+                    return STATE_WAIT_FOR_HELLO;
                 }
         );
 
-        STATE_WAIT_FOR_DAT_AND_RAT_CLIENT.setEventHandler(
-                /*--------------------------------
-                 * Transition description
-                 * --------------------------------
-                 */
-                e -> {
-                    LOG.debug("STATE_WAIT_FOR_DAT_AND_RAT_CLIENT triggered");
-                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
-
-                    } else { //IDSCP_MESSAGE
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_RAT - Transition Description
+         * ---------------------------------------------------
+         * INTERNAL_CONTROL_MESSAGE.ERROR ---> send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
+         * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send IDSCP_CLOSE ---> STATE_CLOSED
+         * INTERNAL_CONTROL_MESSAGE.DAT_TIMER_EXPIRED ---> send DAT_EXPIRED, set timeout ---> STATE_WAIT_FOR_DAT_AND_RAT_CLIENT
+         * //toDo INTERNAL_CONTROL_MESSAGE.SEND_IDSCP_MESSAGE ---> send IDSCP_DATA ---> STATE_ESTABLISHED
+         * INTERNAL_CONTROL_MESSAGE.REPEAT_RAT ---> send IDSCP_RE_RAT ---> WAIT_FOR_RAT_CLIENT
+         * IDSCP_MESSAGE.RE_RAT ---> start RAT_Prover ---> STATE_WAIT_FOR_RAT_SERVER
+         * IDSCP_MESSAGE.DATA ---> listener.onMessage() ---> STATE_ESTABLISHED
+         * IDSCP_MESSAGE.CLOSE ---> STATE_CLOSED
+         * IDSCP_MESSAGE.DAT_EXPIRED ---> send DAT, start RAT_PROVER ---> STATE_WAIT_FOR_RAT_SERVER
+         * --------------------------------------------------- */
+
+        /*---------------------------------------------------
+         * STATE_ESTABLISHED - Transition Description
+         * ---------------------------------------------------
+         * INTERNAL_CONTROL_MESSAGE.ERROR ---> send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
+         * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send IDSCP_CLOSE ---> STATE_CLOSED
+         * INTERNAL_CONTROL_MESSAGE.DAT_TIMER_EXPIRED ---> send DAT_EXPIRED, set timeout ---> STATE_WAIT_FOR_DAT_AND_RAT_CLIENT
+         * //toDo INTERNAL_CONTROL_MESSAGE.SEND_IDSCP_MESSAGE ---> send IDSCP_DATA ---> STATE_ESTABLISHED
+         * INTERNAL_CONTROL_MESSAGE.REPEAT_RAT ---> send IDSCP_RE_RAT ---> WAIT_FOR_RAT_CLIENT
+         * IDSCP_MESSAGE.RE_RAT ---> start RAT_Prover ---> STATE_WAIT_FOR_RAT_SERVER
+         * IDSCP_MESSAGE.DATA ---> listener.onMessage() ---> STATE_ESTABLISHED
+         * IDSCP_MESSAGE.CLOSE ---> STATE_CLOSED
+         * IDSCP_MESSAGE.DAT_EXPIRED ---> send DAT, start RAT_PROVER ---> STATE_WAIT_FOR_RAT_SERVER
+         * --------------------------------------------------- */
+        STATE_ESTABLISHED.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Error occurred, send IDSCP_ERROR and IDSCP_CLOSE and close idscp connection");
+                    send(IdscpMessageFactory.getIdscpErrorMessage("Error occurred", ""));
+                    send(IdscpMessageFactory.getIdscpCloseMessage());
+                    return STATE_CLOSED;
+                }
+        ));
 
-                    }
+        STATE_ESTABLISHED.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    send(IdscpMessageFactory.getIdscpCloseMessage());
+                    LOG.debug("Close idscp connection and send IDSCP_CLOSE");
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_ESTABLISHED.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
+                    send(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    //toDo set dat timeout
+                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_CLIENT");
                     return STATE_WAIT_FOR_DAT_AND_RAT_CLIENT;
                 }
-        );
-
-        STATE_WAIT_FOR_DAT_AND_RAT_SERVER.setEventHandler(
-                /*--------------------------------
-                 * Transition description
-                 * --------------------------------
-                 */
-                e -> {
-                    LOG.debug("STATE_WAIT_FOR_DAT_AND_RAT_SERVER triggered");
-                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
-
-                    } else { //IDSCP_MESSAGE
+        ));
+
+        STATE_ESTABLISHED.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("RAT timer expired. Send IDSCP_RE_RAT");
+                    send(IdscpMessageFactory.getIdscpReRatMessage("RAT expired"));
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_CLIENT");
+                    return STATE_WAIT_FOR_RAT_CLIENT;
+                }
+        ));
+
+        STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_RERAT with cause {}", event.getIdscpMessage().getIdscpReRat().getCause());
+                    LOG.debug("Start RAT_PROVER");
+                    //toDo trigger RAT_PROVER
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_SERVER");
+                    return STATE_WAIT_FOR_RAT_SERVER;
+                }
+        ));
+
+        STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("DAT expired. Send new DAT and repeat RAT");
+                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    //toDo trigger RAT Prover
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_SERVER");
+                    return STATE_WAIT_FOR_RAT_SERVER;
+                }
+        ));
+
+        STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, new Transition(
+                event -> {
+                    try {
+                        this.listenerLatch.await();
+                        this.listener.onMessage(event.getIdscpMessage());
+                        LOG.debug("Idscp data was passed to connection listener");
+                    } catch (InterruptedException ex) {
+                        Thread.currentThread().interrupt();
+                    }
 
+                    LOG.debug("Stay in state STATE_ESTABLISHED");
+                    return STATE_ESTABLISHED;
+                }
+        ));
+
+        STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Receive IDSCP_CLOSED");
+                    try {
+                        this.listenerLatch.await();
+                        this.listener.onMessage(event.getIdscpMessage());
+                    } catch (InterruptedException ex) {
+                        Thread.currentThread().interrupt();
                     }
-                    return STATE_WAIT_FOR_DAT_AND_RAT_SERVER;
+                    LOG.debug("Switch to STATE_CLOSED");
+                    return STATE_CLOSED;
                 }
-        );
+        ));
 
-        STATE_ESTABLISHED.setEventHandler(
-                /*--------------------------------
-                 * Transition description
-                 * --------------------------------
-                 * INTERNAL_CONTROL_MESSAGE.ERROR ---> send idscp error, send idscp close ---> STATE_CLOSED
-                 * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send idscp close ---> STATE_CLOSED
-                 * toDo INTERNAL_CONTROL_MESSAGE.DAT_EXPIRED ---> send DAT_EXPIRED, set timeout ---> STATE_WAIT_FOR_DAT_AND_RAT_CLIENT
-                 * IDSCP_MESSAGE.DATA ---> listener.onMessage() ---> STATE_ESTABLISHED
-                 * IDSCP_MESSAGE.CLOSE ---> STATE_CLOSED
-                 */
-                e -> {
-                    LOG.debug("STATE_ESTABLISHED triggered");
-                    if (e.getType().equals(EventType.INTERNAL_CONTROL_MESSAGE)){
-                        if (e.getControlMessage().equals(InternalControlMessage.ERROR)){
-                            LOG.debug("Error occurred, send IDSCP_ERROR and IDSCP_CLOSE and close idscp connection");
-                            send(IdscpMessageFactory.getIdscpErrorMessage("Error occurred", ""));
-                            send(IdscpMessageFactory.getIdscpCloseMessage());
-                            return STATE_CLOSED;
-                        } else if (e.getControlMessage().equals(InternalControlMessage.IDSCP_STOP)){
-                            send(IdscpMessageFactory.getIdscpCloseMessage());
-                            LOG.debug("Close idscp connection and send IDSCP_CLOSE");
-                            return STATE_CLOSED;
-                        }
-                    } else { //IDSCP_MESSAGE
-                        IdscpMessage message = e.getIdscpMessage();
-                        if (message.hasIdscpData()){
-                            try {
-                                this.listenerLatch.await();
-                                this.listener.onMessage(message);
-                            } catch (InterruptedException ex) {
-                                Thread.currentThread().interrupt();
-                            }
-                        } else if (message.hasIdscpClose()){
-                            LOG.debug("Receive IDSCP_CLOSED");
-                            try {
-                                this.listenerLatch.await();
-                                this.listener.onMessage(message);
-                            } catch (InterruptedException ex) {
-                                Thread.currentThread().interrupt();
-                            }
-                            LOG.debug("Switch to STATE_CLOSED");
-                            return STATE_CLOSED;
-                        }
-                    }
-                    LOG.debug("Stay in STATE_ESTABLISHED");
+        STATE_ESTABLISHED.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_ESTABLISHED");
                     return STATE_ESTABLISHED;
                 }
         );
-
         /*  ----------------   end of transitions   --------------- */
 
         //set initial state
@@ -275,20 +335,20 @@ public void onMessage(byte[] data){
         //parse message and create new IDSCP Message Event, then pass it to current state and update new state
         try {
             IdscpMessage message = IdscpMessage.parseFrom(data);
-            Event e = new Event(null, message);
+            Event e = new Event(message);
             synchronized (fsmIsBusy){
                 currentState = currentState.feedEvent(e);
             }
         } catch (InvalidProtocolBufferException e) {
             LOG.warn("Cannot parse raw data into IdscpMessage {}. Send error message", data);
-            sendError("Cannot parse raw data into IdscpMessage", "");
+            //toDo sendError("Cannot parse raw data into IdscpMessage", "");
         }
     }
 
     @Override
     public void onControlMessage(InternalControlMessage controlMessage) {
         //create Internal Control Message Event and pass it to current state and update new state
-        Event e = new Event(null, controlMessage);
+        Event e = new Event(controlMessage);
         synchronized (fsmIsBusy){
             currentState = currentState.feedEvent(e);
         }
@@ -307,9 +367,9 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
             onControlMessage(InternalControlMessage.START_IDSCP_HANDSHAKE);
 
             //check if a idscpHello was already received and trigger next transition
-            if (cachedIdscpHello != null){
-                Event e = new Event(null, cachedIdscpHello);
-                synchronized (fsmIsBusy){
+            synchronized (fsmIsBusy){
+                if (cachedIdscpHello != null){
+                    Event e = new Event(cachedIdscpHello);
                     currentState = currentState.feedEvent(e);
                 }
             }
@@ -335,22 +395,6 @@ public void send(IdscpMessage msg){
         secureChannel.send(msg.toByteArray());
     }
 
-    public void sendError(String msg, String code){
-        IdscpMessage idscpMessage = IdscpMessage.newBuilder()
-                .setType(IdscpMessage.Type.IDSCP_ERROR)
-                .setIdscpError(
-                        IdscpError.newBuilder()
-                                .setErrorMsg(msg)
-                                .setErrorCode(code)
-                ).build();
-        send(idscpMessage);
-    }
-
-    private void reset(){
-        this.currentState = initialState;
-    }
-
-
     public boolean isConnected(){
         return currentState.equals(STATE_ESTABLISHED);
     }
@@ -369,4 +413,9 @@ private void notifyHandshakeCompleteLock(){
             idscpHandshakeLock.notify();
         }
     }
+
+    private boolean calculateRatMechanisms(String[] remoteExpectedSuite, String[] remoteSupportedSuite){
+        return true;
+        //toDo implement logic
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
index 946dd2bc5..7b2075f71 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
@@ -1,15 +1,22 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 public enum InternalControlMessage {
-    START_IDSCP_HANDSHAKE,
-    DAT_TIMER_EXPIRED,
-    RAT_VERIFIER_SUCCESSFUL,
-    RAT_VERIFIER_FAILED,
-    RAT_PROVER_SUCCESSFUL,
-    RAT_PROVER_FAILED,
-    DAT_VERIFICATION_SUCCESSFUL,
-    DAT_VERIFICATION_FAILED,
-    ERROR,
-    IDSCP_STOP,
-    SEND_IDSCP_MESSAGE
+    START_IDSCP_HANDSHAKE("ICM_START"),
+    IDSCP_STOP("ICM_STOP"),
+    DAT_TIMER_EXPIRED("ICM_DAT_TIMER_EXPIRED"),
+    REPEAT_RAT("ICM_REPEAT_RAT"),
+    RAT_VERIFIER_SUCCESSFUL("ICM_RAT_V_SUC"),
+    RAT_VERIFIER_FAILED("ICM_RAT_V_FAILED"),
+    RAT_PROVER_SUCCESSFUL("ICM_RAT_P_SUC"),
+    RAT_PROVER_FAILED("ICM_RAT_P_FAILED"),
+    DAT_VERIFICATION_SUCCESSFUL("IFM_DAT_SUC"),
+    DAT_VERIFICATION_FAILED("ICM_DAT_FAILED"),
+    ERROR("ICM_ERROR"),
+    TIMEOUT("ICM_TIMEOUT"),
+    SEND_IDSCP_MESSAGE("ICM_SEND");
+
+    //set unique values that are different from IdscpMessage.MessageCase ot identify event.key
+    private final String id;
+    InternalControlMessage(String id) {this.id = id;}
+    public String getValue() {return id;}
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
index 1d769f1fc..75f540537 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
@@ -1,16 +1,33 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
+import java.util.concurrent.ConcurrentHashMap;
 import java.util.function.Function;
 
+/**
+ * A State class for the Finite State Machine. A state holds all outgoing transitions and a noTransitionHandler for
+ * events, that do not trigger any outgoing available transition. Transitions are mapped with the event key
+ *
+ * @author Leon Beckmann leon.beckmann@aisec.fraunhofer.de
+ */
 public class State {
 
-    private Function<Event, State> eventHandler;
+    private ConcurrentHashMap<Object,Transition> transitions = new ConcurrentHashMap<>();
+    private Function<Event,State> noTransitionHandler = null;
 
-    public State feedEvent(Event e){
-        return eventHandler.apply(e);
+    State feedEvent(Event e){
+        Transition t = transitions.get(e.getKey());
+        if (t != null){
+            return t.doTransition(e);
+        } else {
+            return noTransitionHandler.apply(e);
+        }
     }
 
-    public void setEventHandler(Function<Event, State> eventHandler) {
-        this.eventHandler = eventHandler;
+    void addTransition(Object k, Transition t){
+        transitions.put(k,t);
+    }
+
+    void setNoTransitionHandler(Function<Event, State> noTransitionHandler) {
+        this.noTransitionHandler = noTransitionHandler;
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
new file mode 100644
index 000000000..76ec12731
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
@@ -0,0 +1,20 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+import java.util.function.Function;
+
+/**
+ * Transition class for State machine, provides a doTransition method, that returns the next state for a given event
+ *
+ * @author Leon Beckmann leon.beckmann@aisec.fraunhofer.de
+ */
+class Transition {
+    private Function<Event,State> eventHandler;
+
+    Transition(Function<Event,State> eventHandler){
+        this.eventHandler = eventHandler;
+    }
+
+    State doTransition(Event e){
+        return eventHandler.apply(e);
+    }
+}
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index 13694a6d0..ec8787bcf 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -1,5 +1,11 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2ProverImpl;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2VerifierImpl;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
@@ -13,8 +19,12 @@ public class IDSCPv2ClientInitiator implements IDSCPv2Initiator {
 
     public void init(IDSCPv2Settings settings){
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
+        DapsDriver dapsDriver = new DefaultDapsDriver();
+        RatVerifierDriver ratVerifier = new TPM2VerifierImpl();
+        RatProverDriver ratProver = new TPM2ProverImpl();
+
         IDSCPv2Configuration clientConfig = new IDSCPv2Configuration(this,
-                null, null, null, secureChannelDriver);
+                dapsDriver, ratVerifier, ratProver, secureChannelDriver);
         clientConfig.connect(settings);
     }
 
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index 94c726704..cfc6b2d64 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -1,5 +1,11 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2ProverImpl;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2VerifierImpl;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
@@ -16,8 +22,12 @@ public class IDSCPv2ServerInitiator implements IDSCPv2Initiator {
 
     public void init(IDSCPv2Settings serverSettings)  {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
+        DapsDriver dapsDriver = new DefaultDapsDriver();
+        RatVerifierDriver ratVerifier = new TPM2VerifierImpl();
+        RatProverDriver ratProver = new TPM2ProverImpl();
+
         IDSCPv2Configuration idscpServerConfig = new IDSCPv2Configuration(this,
-                null,null,null,secureChannelDriver);
+                dapsDriver, ratVerifier, ratProver, secureChannelDriver);
         IDSCPv2Server idscPv2Server;
         try {
             idscPv2Server = idscpServerConfig.listen(serverSettings);
@@ -27,7 +37,7 @@ public void init(IDSCPv2Settings serverSettings)  {
         }
         //secureServer.safeStop();
         try {
-            Thread.sleep(40000); //run server for 5 minutes
+            Thread.sleep(120000); //run server for 2 minutes
         } catch (Exception e){
             return;
         }

From 435505ef6c770c2cfc519933e2c65aaadd3c985a Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Mon, 20 Jan 2020 15:05:22 +0100
Subject: [PATCH 041/237] Change protobuf structure, add Timer for idscp
 timeouts

---
 ids-api/src/main/proto/idscpv2.proto          |  44 ++---
 .../idscp2/idscp_core/IDSCPv2Connection.java  |   2 +-
 .../idscp_core/IdscpMessageFactory.java       |  23 +--
 .../idscp_core/finite_state_machine/FSM.java  | 158 ++++++++++--------
 .../InternalControlMessage.java               |   4 +-
 .../finite_state_machine/Timer.java           |  45 +++++
 6 files changed, 160 insertions(+), 116 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java

diff --git a/ids-api/src/main/proto/idscpv2.proto b/ids-api/src/main/proto/idscpv2.proto
index ecf82336d..c118c773b 100644
--- a/ids-api/src/main/proto/idscpv2.proto
+++ b/ids-api/src/main/proto/idscpv2.proto
@@ -2,34 +2,18 @@ syntax = "proto3";
 option java_package = "de.fhg.aisec.ids.messages";
 option java_outer_classname = "IDSCPv2";
 
-//IDSCP message frame, contains a type identifier of the following message and the message
+//IDSCP message frame
 message IdscpMessage {
-    enum Type {
-        IDSCP_HELLO = 0;            //open a connection by sending an IDSCP_HELLO
-        IDSCP_CLOSE = 1;            //send an IDSCP_CLOSE, that triggers connection close
-        IDSCP_ERROR = 2;            //send an error message
-        IDSCP_DAT_EXPIRED = 3;      //request a ne dynamicAttributeToken
-        IDSCP_DAT = 4;              //send dynamicAttributeToken
-        IDSCP_RE_RAT = 5;           //request a new remote Attestation
-        IDSCP_RAT_PROVER = 6;       //send
-        IDSCP_RAT_VERIFIER = 7;     //send
-        IDSCP_DATA = 8;             //send IDSCP Payload
-    }
-
-    // Identifies which field is filled in.
-    Type type = 1;
-
     // One of the following will be filled in.
     oneof message {
-        IdscpHello idscpHello = 2;
-        IdscpClose idscpClose = 3;
-        IdscpError idscpError = 4;
-        IdscpDatExpired idscpDatExpired = 5;
-        IdscpDat idscpDat = 6;
-        IdscpReRat idscpReRat = 7;
-        IdscpRatProver idscpRatProver = 8;
-        IdscpRatVerifier idscpRatVerifier = 9;
-        IdscpData idscpData = 10;
+        IdscpHello idscpHello = 1;
+        IdscpClose idscpClose = 2;
+        IdscpDatExpired idscpDatExpired = 3;
+        IdscpDat idscpDat = 4;
+        IdscpReRat idscpReRat = 5;
+        IdscpRatProver idscpRatProver = 6;
+        IdscpRatVerifier idscpRatVerifier = 7;
+        IdscpData idscpData = 8;
     }
 }
 
@@ -42,12 +26,14 @@ message IdscpHello {
 }
 
 message IdscpClose {
+    string cause_msg = 1;
+    string cause_code = 2;
 }
 
-message IdscpError {
-    string error_code = 1;
-    string error_msg = 2;
-}
+//message IdscpError {
+//    string error_code = 1;
+//    string error_msg = 2;
+//
 
 message IdscpDatExpired {           //request new dynamicAttributeToken
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
index 69761bd38..d747deb80 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
@@ -36,7 +36,7 @@ public void close() {
     }
 
     public void send(IdscpMessage msg) {
-        LOG.debug("Send idscp message of type {}", msg.getType());
+        LOG.debug("Send idscp message");
         fsm.send(msg);
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
index d284cfd4f..4f740bc70 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
@@ -20,33 +20,23 @@ public static IdscpMessage getIdscpHelloMessage(byte[] dat, String[] supportedRa
                 .build();
 
         return IdscpMessage.newBuilder()
-                .setType(IdscpMessage.Type.IDSCP_HELLO)
                 .setIdscpHello(idscpHello)
                 .build();
     }
 
-    public static IdscpMessage getIdscpCloseMessage(){
-        return IdscpMessage.newBuilder()
-                . setType(IdscpMessage.Type.IDSCP_CLOSE)
-                .setIdscpClose(IdscpClose.newBuilder().build())
-                .build();
-    }
-
-    public static IdscpMessage getIdscpErrorMessage(String msg, String code){
-        IdscpError idscpError = IdscpError.newBuilder()
-                .setErrorMsg(msg)
-                .setErrorCode(code)
+    public static IdscpMessage getIdscpCloseMessage(String closeMsg, String closeCode){
+        IdscpClose idscpClose = IdscpClose.newBuilder()
+                .setCauseMsg(closeMsg)
+                .setCauseCode(closeCode)
                 .build();
 
         return IdscpMessage.newBuilder()
-                . setType(IdscpMessage.Type.IDSCP_ERROR)
-                .setIdscpError(idscpError)
+                .setIdscpClose(idscpClose)
                 .build();
     }
 
     public static IdscpMessage getIdscpDatExpiredMessage(){
         return IdscpMessage.newBuilder()
-                . setType(IdscpMessage.Type.IDSCP_DAT_EXPIRED)
                 .setIdscpDatExpired(IdscpDatExpired.newBuilder().build())
                 .build();
     }
@@ -57,7 +47,6 @@ public static IdscpMessage getIdscpDatMessage(byte[] dat){
                 .build();
 
         return IdscpMessage.newBuilder()
-                . setType(IdscpMessage.Type.IDSCP_DAT)
                 .setIdscpDat(idscpDat)
                 .build();
     }
@@ -68,7 +57,6 @@ public static IdscpMessage getIdscpReRatMessage(String cause){
                 .build();
 
         return IdscpMessage.newBuilder()
-                . setType(IdscpMessage.Type.IDSCP_RE_RAT)
                 .setIdscpReRat(idscpReRat)
                 .build();
     }
@@ -79,7 +67,6 @@ public static IdscpMessage getIdscpDataMessage(byte[] data){
                 .build();
 
         return IdscpMessage.newBuilder()
-                . setType(IdscpMessage.Type.IDSCP_DATA)
                 .setIdscpData(idscpData)
                 .build();
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index beb427fcb..b5d185ffd 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -9,7 +9,6 @@
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-
 import java.util.concurrent.CountDownLatch;
 
 public class FSM implements FsmListener{
@@ -19,15 +18,14 @@ public class FSM implements FsmListener{
     private final State STATE_CLOSED = new State();
     private final State STATE_WAIT_FOR_HELLO = new State();
     private final State STATE_WAIT_FOR_RAT= new State();
-    private final State STATE_WAIT_FOR_RAT_CLIENT = new State();
-    private final State STATE_WAIT_FOR_RAT_SERVER = new State();
-    private final State STATE_WAIT_FOR_DAT_AND_RAT_CLIENT = new State();
-    private final State STATE_WAIT_FOR_DAT_AND_RAT_SERVER = new State();
+    private final State STATE_WAIT_FOR_RAT_VERIFIER = new State();
+    private final State STATE_WAIT_FOR_RAT_PROVER = new State();
+    private final State STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER = new State();
+    private final State STATE_WAIT_FOR_DAT_AND_RAT = new State();
     private final State STATE_ESTABLISHED = new State();
     /*  ----------------   end of states   --------------- */
 
-    //toDo error codes
-
+    //toDo error codes in protobuf
     private State currentState;
     private final State initialState = STATE_CLOSED;
     private SecureChannel secureChannel;
@@ -36,7 +34,6 @@ public class FSM implements FsmListener{
     private DapsDriver dapsDriver;
     private IdscpMsgListener listener = null;
     private final CountDownLatch listenerLatch = new CountDownLatch(1);
-    private IdscpMessage cachedIdscpHello = null;
     private final Object idscpHandshakeLock = new Object();
     private final Object fsmIsBusy = new Object();
     //toDo cipher suites
@@ -45,6 +42,9 @@ public class FSM implements FsmListener{
     private byte[] remoteDat = null;
     private RatProverInstance ratProver = null;
     private RatVerifierInstance ratVerifier = null;
+    private Timer datTimer;
+    private Timer ratTimer;
+    private Timer handshakeTimer;
 
     public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDriver ratVerifier,
                DapsDriver dapsDriver){
@@ -55,14 +55,40 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
         this.dapsDriver = dapsDriver;
         secureChannel.setFsm(this);
 
+        /* ------------- Timeout Handler Routines ------------*/
+        Runnable handshakeTimeoutHandler = new Runnable() {
+            @Override
+            public void run() {
+                onControlMessage(InternalControlMessage.TIMEOUT);
+            }
+        };
+
+        Runnable datTimeoutHandler = new Runnable() {
+            @Override
+            public void run() {
+                onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED);
+            }
+        };
+
+        Runnable ratTimeoutHandler = new Runnable() {
+            @Override
+            public void run() {
+                onControlMessage(InternalControlMessage.RAT_TIMER_EXPIRED);
+            }
+        };
+        //toDo set correct delays
+        this.handshakeTimer = new Timer(handshakeTimeoutHandler);
+        this.datTimer = new Timer(datTimeoutHandler);
+        this.ratTimer = new Timer(ratTimeoutHandler);
+        /* ------------- end timeout routines ------------- */
+
+
         /*  -----------   Protocol Transitions   ---------- */
 
         /*---------------------------------------------------
         * STATE_CLOSED - Transition Description
         * ---------------------------------------------------
         * INTERNAL_CONTROL_MESSAGE.START_IDSCP_HANDSHAKE ---> send IDSCP_HELLO ---> STATE_WAIT_FOR_HELLO
-        * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send IDSCP_CLOSE ---> STATE_CLOSED
-        * IDSCP_MESSAGE.IDSCP_HELLO ---> cache IDSCP_HELLO ---> STATE_CLOSED
         * ALL_OTHER_MESSAGES ---> STATE_CLOSED
         * --------------------------------------------------- */
         STATE_CLOSED.addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.getValue(), new Transition(
@@ -73,32 +99,14 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
                     IdscpMessage idscpHello = IdscpMessageFactory.
                             getIdscpHelloMessage(dat, this.ratSupportedSuite, this.ratExpectedSuite);
                     this.send(idscpHello);
-                    //toDo set handshake timeout
+                    fsmIsBusy.notify(); //enables fsm.onMessage()
+                    LOG.debug("Set handshake timeout to 3 seconds");
+                    handshakeTimer.resetTimeout(3);
                     LOG.debug("Switch to state STATE_WAIT_FOR_HELLO");
                     return STATE_WAIT_FOR_HELLO;
                 }
         ));
 
-        STATE_CLOSED.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_CLOSE");
-                    IdscpMessage idscpClose = IdscpMessageFactory.getIdscpCloseMessage();
-                    send(idscpClose);
-                    LOG.debug("Stay in state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_CLOSED.addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Cache IDSCP_HELLO");
-                    this.cachedIdscpHello = event.getIdscpMessage();
-                    LOG.debug("Stay in state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
         STATE_CLOSED.setNoTransitionHandler(
                 event -> {
                     LOG.debug("No transition available for given event " + event.toString());
@@ -123,7 +131,7 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
                     LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage());
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", ""));
                     notifyHandshakeCompleteLock();
                     LOG.debug("Switch to state STATE_CLOSED");
                     return STATE_CLOSED;
@@ -133,7 +141,7 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage());
+                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", ""));
                     notifyHandshakeCompleteLock();
                     LOG.debug("Switch to state STATE_CLOSED");
                     return STATE_CLOSED;
@@ -151,9 +159,8 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
 
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
-                    LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_ERROR and IDSCP_CLOSE");
-                    send(IdscpMessageFactory.getIdscpErrorMessage("Timeout", ""));
-                    send(IdscpMessageFactory.getIdscpCloseMessage());
+                    LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout", ""));
                     notifyHandshakeCompleteLock();
                     LOG.debug("Switch to state STATE_CLOSED");
                     return STATE_CLOSED;
@@ -167,9 +174,8 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
                     LOG.debug("Calculate Rat mechanisms");
                     if (!calculateRatMechanisms(null, null) //toDo rat ciphers
                     ){
-                        LOG.debug("Cannot find a match for RAT cipher. Send IDSCP_ERROR and IDSCP_CLOSE");
-                        send(IdscpMessageFactory.getIdscpErrorMessage("No match for RAT mechanism", ""));
-                        send(IdscpMessageFactory.getIdscpCloseMessage());
+                        LOG.debug("Cannot find a match for RAT cipher. Send IDSCP_CLOSE");
+                        send(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT mechanism", ""));
                         notifyHandshakeCompleteLock();
                         LOG.debug("Switch to state STATE_CLOSED");
                         return STATE_CLOSED;
@@ -178,9 +184,8 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
                     //check if Dat is available and verify dat
                     if (!idscpHello.hasDynamicAttributeToken() || !this.dapsDriver
                             .verifyToken(idscpHello.getDynamicAttributeToken().getToken().toByteArray())){
-                        LOG.debug("No valid remote DAT is available. Send IDSCP_ERROR and IDSCP_CLOSE");
-                        send(IdscpMessageFactory.getIdscpErrorMessage("No valid DAT", ""));
-                        send(IdscpMessageFactory.getIdscpCloseMessage());
+                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
+                        send(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", ""));
                         notifyHandshakeCompleteLock();
                         LOG.debug("Switch to state STATE_CLOSED");
                         return STATE_CLOSED;
@@ -218,6 +223,19 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
          * IDSCP_MESSAGE.CLOSE ---> STATE_CLOSED
          * IDSCP_MESSAGE.DAT_EXPIRED ---> send DAT, start RAT_PROVER ---> STATE_WAIT_FOR_RAT_SERVER
          * --------------------------------------------------- */
+        /*STATE_WAIT_FOR_RAT.addTransition(, new Transition(
+                event ->  {
+
+                }
+        ));*/
+
+        STATE_WAIT_FOR_RAT.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
+                    return STATE_WAIT_FOR_RAT;
+                }
+        );
 
         /*---------------------------------------------------
          * STATE_ESTABLISHED - Transition Description
@@ -234,16 +252,15 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
          * --------------------------------------------------- */
         STATE_ESTABLISHED.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
-                    LOG.debug("Error occurred, send IDSCP_ERROR and IDSCP_CLOSE and close idscp connection");
-                    send(IdscpMessageFactory.getIdscpErrorMessage("Error occurred", ""));
-                    send(IdscpMessageFactory.getIdscpCloseMessage());
+                    LOG.debug("Error occurred, send IDSCP_CLOSE and close idscp connection");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", ""));
                     return STATE_CLOSED;
                 }
         ));
 
         STATE_ESTABLISHED.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    send(IdscpMessageFactory.getIdscpCloseMessage());
+                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", ""));
                     LOG.debug("Close idscp connection and send IDSCP_CLOSE");
                     return STATE_CLOSED;
                 }
@@ -255,7 +272,7 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
                     send(IdscpMessageFactory.getIdscpDatExpiredMessage());
                     //toDo set dat timeout
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_CLIENT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT_CLIENT;
+                    return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
                 }
         ));
 
@@ -264,7 +281,7 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
                     LOG.debug("RAT timer expired. Send IDSCP_RE_RAT");
                     send(IdscpMessageFactory.getIdscpReRatMessage("RAT expired"));
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_CLIENT");
-                    return STATE_WAIT_FOR_RAT_CLIENT;
+                    return STATE_WAIT_FOR_RAT_VERIFIER;
                 }
         ));
 
@@ -274,7 +291,7 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
                     LOG.debug("Start RAT_PROVER");
                     //toDo trigger RAT_PROVER
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_SERVER");
-                    return STATE_WAIT_FOR_RAT_SERVER;
+                    return STATE_WAIT_FOR_RAT_PROVER;
                 }
         ));
 
@@ -284,7 +301,7 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
                     send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
                     //toDo trigger RAT Prover
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_SERVER");
-                    return STATE_WAIT_FOR_RAT_SERVER;
+                    return STATE_WAIT_FOR_RAT_PROVER;
                 }
         ));
 
@@ -333,15 +350,25 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
     @Override
     public void onMessage(byte[] data){
         //parse message and create new IDSCP Message Event, then pass it to current state and update new state
+        IdscpMessage message;
         try {
-            IdscpMessage message = IdscpMessage.parseFrom(data);
-            Event e = new Event(message);
-            synchronized (fsmIsBusy){
-                currentState = currentState.feedEvent(e);
-            }
+            message = IdscpMessage.parseFrom(data);
         } catch (InvalidProtocolBufferException e) {
-            LOG.warn("Cannot parse raw data into IdscpMessage {}. Send error message", data);
-            //toDo sendError("Cannot parse raw data into IdscpMessage", "");
+            LOG.warn("Cannot parse raw data into IdscpMessage {}", data);
+            return;
+        }
+
+        Event event = new Event(message);
+        //must wait when fsm is in state STATE_CLOSED --> wait() will be notified when fsm is leaving STATE_CLOSED
+        synchronized (fsmIsBusy){
+            while (currentState == STATE_CLOSED){
+                try {
+                    fsmIsBusy.wait();
+                } catch (InterruptedException e) {
+                    Thread.currentThread().interrupt();
+                }
+            }
+            currentState = currentState.feedEvent(event);
         }
     }
 
@@ -366,14 +393,6 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
             //trigger handshake init
             onControlMessage(InternalControlMessage.START_IDSCP_HANDSHAKE);
 
-            //check if a idscpHello was already received and trigger next transition
-            synchronized (fsmIsBusy){
-                if (cachedIdscpHello != null){
-                    Event e = new Event(cachedIdscpHello);
-                    currentState = currentState.feedEvent(e);
-                }
-            }
-
             try {
                 //wait until handshake was successful or failed
                 synchronized (idscpHandshakeLock) {
@@ -392,7 +411,14 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
     }
 
     public void send(IdscpMessage msg){
-        secureChannel.send(msg.toByteArray());
+        //send messages from user only when idscp connection is established
+        synchronized(fsmIsBusy){
+            if(isConnected()){
+                secureChannel.send(msg.toByteArray());
+            } else {
+                LOG.error("Cannot send IDSCP_DATA because protocol is not established");
+            }
+        }
     }
 
     public boolean isConnected(){
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
index 7b2075f71..4287f8bac 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
@@ -4,6 +4,7 @@ public enum InternalControlMessage {
     START_IDSCP_HANDSHAKE("ICM_START"),
     IDSCP_STOP("ICM_STOP"),
     DAT_TIMER_EXPIRED("ICM_DAT_TIMER_EXPIRED"),
+    RAT_TIMER_EXPIRED("ICM_RAT_TIMER_EXPIRED"),
     REPEAT_RAT("ICM_REPEAT_RAT"),
     RAT_VERIFIER_SUCCESSFUL("ICM_RAT_V_SUC"),
     RAT_VERIFIER_FAILED("ICM_RAT_V_FAILED"),
@@ -12,8 +13,7 @@ public enum InternalControlMessage {
     DAT_VERIFICATION_SUCCESSFUL("IFM_DAT_SUC"),
     DAT_VERIFICATION_FAILED("ICM_DAT_FAILED"),
     ERROR("ICM_ERROR"),
-    TIMEOUT("ICM_TIMEOUT"),
-    SEND_IDSCP_MESSAGE("ICM_SEND");
+    TIMEOUT("ICM_TIMEOUT");
 
     //set unique values that are different from IdscpMessage.MessageCase ot identify event.key
     private final String id;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
new file mode 100644
index 000000000..cf420dd7a
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
@@ -0,0 +1,45 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+import java.util.concurrent.ScheduledFuture;
+import java.util.concurrent.ScheduledThreadPoolExecutor;
+import static java.util.concurrent.TimeUnit.*;
+
+public class Timer {
+
+    private ScheduledThreadPoolExecutor executor = new ScheduledThreadPoolExecutor(1);
+    private ScheduledFuture<?> timer;
+    private boolean isLocked = false;
+    private boolean isExecuting = false;
+    private Runnable timeoutHandler;
+
+    public Timer(Runnable timeoutHandler){
+        this.timeoutHandler = timeoutHandler;
+    }
+
+    public void cancelTimeout() {
+        if (!isLocked) {
+            if (isExecuting) {
+                timer.cancel(true);
+            }
+        }
+    }
+
+    public boolean resetTimeout(int delay){
+        if (!isLocked){
+            if (isExecuting){
+                timer.cancel(true);
+            }
+            timer = executor.schedule(timeoutHandler, delay, SECONDS);
+            return true;
+        }
+        return false;
+    }
+
+    public void stop(){
+        if (!isLocked){
+            executor.shutdownNow();
+            isLocked = true;
+        }
+    }
+
+}

From 438a3bad8661974ce625b920f3142f1412554601 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Mon, 20 Jan 2020 17:58:18 +0100
Subject: [PATCH 042/237] WIP: Implementation of FSM, update ICMs

---
 .../default_driver_impl/rat/TPM2Prover.java   |   7 +-
 .../default_driver_impl/rat/TPM2Verifier.java |   7 +-
 .../drivers/interfaces/RatProverInstance.java |   1 +
 .../interfaces/RatVerifierInstance.java       |   1 +
 .../finite_state_machine/Event.java           |  17 ++
 .../idscp_core/finite_state_machine/FSM.java  | 276 +++++++++++++-----
 .../InternalControlMessage.java               |   8 +-
 7 files changed, 244 insertions(+), 73 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
index 7a9a0f896..b05fa8778 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
@@ -29,6 +29,11 @@ public void terminate(){
         running = false;
     }
 
+    @Override
+    public void restart() {
+
+    }
+
     @Override
     public void run() {
         while (running){
@@ -36,7 +41,7 @@ public void run() {
                 try {
                     resultAvailableLock.wait();
                     if (successful){
-                        fsmListener.onControlMessage(InternalControlMessage.RAT_PROVER_SUCCESSFUL);
+                        fsmListener.onControlMessage(InternalControlMessage.RAT_PROVER_OK);
                     } else {
                         fsmListener.onControlMessage(InternalControlMessage.RAT_PROVER_FAILED);
                     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
index 46ff23105..45df0e390 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
@@ -29,6 +29,11 @@ public void terminate() {
         running = false;
     }
 
+    @Override
+    public void restart() {
+
+    }
+
     @Override
     public void run(){
         while (running){
@@ -36,7 +41,7 @@ public void run(){
                 try {
                     resultAvailableLock.wait();
                     if (successful){
-                        fsmListener.onControlMessage(InternalControlMessage.RAT_VERIFIER_SUCCESSFUL);
+                        fsmListener.onControlMessage(InternalControlMessage.RAT_VERIFIER_OK);
                     } else {
                         fsmListener.onControlMessage(InternalControlMessage.RAT_VERIFIER_FAILED);
                     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java
index 32a8401bd..29620b2df 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java
@@ -5,4 +5,5 @@
 public interface RatProverInstance {
     void delegate(IDSCPv2.IdscpMessage message);
     void terminate();
+    void restart();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java
index 494631bff..ddaff93ec 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java
@@ -5,4 +5,5 @@
 public interface RatVerifierInstance {
     void delegate(IDSCPv2.IdscpMessage message);
     void terminate();
+    void restart();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
index 62d99ff5a..f4c42d814 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
@@ -2,6 +2,8 @@
 
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
 
+import javax.swing.*;
+
 /**
  * An Event class for the Finite State Machine. Triggers a transition and holds either an idscpMessage or an
  * InternalControlMessage.
@@ -33,6 +35,21 @@ public Event (IdscpMessage idscpMessage){
         this.controlMessage = null;
     }
 
+    //for outgoing ratProver and ratVerifier messages
+    public Event (InternalControlMessage controlMessage, IdscpMessage idscpMessage){
+        if (controlMessage.equals(InternalControlMessage.RAT_PROVER_MSG) ||
+                controlMessage.equals(InternalControlMessage.RAT_VERIFIER_MSG))
+        {
+            this.key = controlMessage.getValue();
+            this.type = EventType.INTERNAL_CONTROL_MESSAGE;
+            this.idscpMessage = idscpMessage;
+            this.controlMessage = controlMessage;
+        } else {
+            throw new IllegalStateException("This constructor must only be by RAT_PROVER and " +
+                    "RAT_VERIFIER for message passing");
+        }
+    }
+
 
     public Object getKey() {
         return key;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index b5d185ffd..765b81b93 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -88,7 +88,7 @@ public void run() {
         /*---------------------------------------------------
         * STATE_CLOSED - Transition Description
         * ---------------------------------------------------
-        * INTERNAL_CONTROL_MESSAGE.START_IDSCP_HANDSHAKE ---> send IDSCP_HELLO ---> STATE_WAIT_FOR_HELLO
+        * onICM: start_handshake --> {send IDSCP_HELLO, set handshake_timeout} --> STATE_WAIT_FOR_HELLO
         * ALL_OTHER_MESSAGES ---> STATE_CLOSED
         * --------------------------------------------------- */
         STATE_CLOSED.addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.getValue(), new Transition(
@@ -119,21 +119,22 @@ public void run() {
         /*---------------------------------------------------
          * STATE_WAIT_FOR_HELLO - Transition Description
          * ---------------------------------------------------
-         * INTERNAL_CONTROL_MESSAGE.ERROR ---> send IDSCP_CLOSE ---> STATE_CLOSED
-         * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send IDSCP_CLOSE ---> STATE_CLOSED
-         * IDSCP_CLOSE ---> STATE_CLOSED
-         * INTERNAL_CONTROL_MESSAGE.TIMEOUT ---> send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
-         * IDSCP_HELLO ---> RAT no match: send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
-         * IDSCP_HELLO ---> DAT Verification failed: send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
-         * IDSCP_HELLO ---> verify DAT, verifyRatCipher, set DAT Timeout, start RAT P&V ---> STATE_WAIT_FOR_RAT
-         * ALL_OTHER_MESSAGES ---> STATE_WAIT_FOR_HELLO
+         * onICM: error --> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: stop --> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: handshake_timeout --> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_CLOSE---> {} ---> STATE_CLOSED
+         * onMessage: IDSCP_HELLO (no rat match) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_HELLO (invalid DAT) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_HELLO (SUCCESS) ---> {verify DAT, match RAT, set DAT Timeout, start RAT P&V,
+         *                                        set handshake_timeout} ---> STATE_WAIT_FOR_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_HELLO
          * --------------------------------------------------- */
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
                     LOG.debug("An internal control error occurred, send IDSC_CLOSE");
                     send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", ""));
-                    notifyHandshakeCompleteLock();
                     LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
                 }
         ));
@@ -142,33 +143,34 @@ public void run() {
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
                     send(IdscpMessageFactory.getIdscpCloseMessage("User close", ""));
-                    notifyHandshakeCompleteLock();
                     LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
                 }
         ));
 
-        STATE_WAIT_FOR_HELLO.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                   LOG.debug("Received IDSCP_CLOSE");
-                   notifyHandshakeCompleteLock();
-                   LOG.debug("Switch to state STATE_CLOSED");
-                   return STATE_CLOSED;
-                }
-        ));
-
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
                     send(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout", ""));
+                    LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_HELLO.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
                     LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
                 }
         ));
 
         STATE_WAIT_FOR_HELLO.addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, new Transition(
                 event -> {
+                    handshakeTimer.cancelTimeout();
                     LOG.debug("Received IDSCP_HELLO");
                     IdscpHello idscpHello = event.getIdscpMessage().getIdscpHello();
                     LOG.debug("Calculate Rat mechanisms");
@@ -176,8 +178,8 @@ public void run() {
                     ){
                         LOG.debug("Cannot find a match for RAT cipher. Send IDSCP_CLOSE");
                         send(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT mechanism", ""));
-                        notifyHandshakeCompleteLock();
                         LOG.debug("Switch to state STATE_CLOSED");
+                        notifyHandshakeCompleteLock();
                         return STATE_CLOSED;
                     }
                     LOG.debug("Verify received DAT");
@@ -186,11 +188,11 @@ public void run() {
                             .verifyToken(idscpHello.getDynamicAttributeToken().getToken().toByteArray())){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         send(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", ""));
-                        notifyHandshakeCompleteLock();
                         LOG.debug("Switch to state STATE_CLOSED");
+                        notifyHandshakeCompleteLock();
                         return STATE_CLOSED;
                     }
-                    LOG.debug("Remote DAT is valid");
+                    LOG.debug("Remote DAT is valid. Set dat timeout");
                     //toDo set DAT timeout
                     LOG.debug("Start RAT Prover and Verifier");
                     //toDo which RAT mechanism is chosen
@@ -198,7 +200,7 @@ public void run() {
                     this.ratProver = ratProverDriver.start(this);
                     LOG.debug("Switch to state STATE_ESTABLISHED");
                     notifyHandshakeCompleteLock();
-                    return STATE_ESTABLISHED;
+                    return STATE_WAIT_FOR_RAT;
                 }
         ));
 
@@ -213,21 +215,164 @@ public void run() {
         /*---------------------------------------------------
          * STATE_WAIT_FOR_RAT - Transition Description
          * ---------------------------------------------------
-         * INTERNAL_CONTROL_MESSAGE.ERROR ---> send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
-         * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send IDSCP_CLOSE ---> STATE_CLOSED
-         * INTERNAL_CONTROL_MESSAGE.DAT_TIMER_EXPIRED ---> send DAT_EXPIRED, set timeout ---> STATE_WAIT_FOR_DAT_AND_RAT_CLIENT
-         * //toDo INTERNAL_CONTROL_MESSAGE.SEND_IDSCP_MESSAGE ---> send IDSCP_DATA ---> STATE_ESTABLISHED
-         * INTERNAL_CONTROL_MESSAGE.REPEAT_RAT ---> send IDSCP_RE_RAT ---> WAIT_FOR_RAT_CLIENT
-         * IDSCP_MESSAGE.RE_RAT ---> start RAT_Prover ---> STATE_WAIT_FOR_RAT_SERVER
-         * IDSCP_MESSAGE.DATA ---> listener.onMessage() ---> STATE_ESTABLISHED
-         * IDSCP_MESSAGE.CLOSE ---> STATE_CLOSED
-         * IDSCP_MESSAGE.DAT_EXPIRED ---> send DAT, start RAT_PROVER ---> STATE_WAIT_FOR_RAT_SERVER
+         * onICM: error ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: stop ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_verifier_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onICM: dat_timeout ---> {send DAT_EXPIRED, ratV.cancel()} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onICM: handshake_timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_RAT_PROVER ---> {delegate to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send DAT, ratP.restart()} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> STATE_CLOSED
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
          * --------------------------------------------------- */
-        /*STATE_WAIT_FOR_RAT.addTransition(, new Transition(
+        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event ->  {
+                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", ""));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
 
+        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", ""));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
                 }
-        ));*/
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received RAT_PROVER OK");
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_VERIFIER");
+                    return STATE_WAIT_FOR_RAT_VERIFIER;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received RAT_VERIFIER OK");
+                    ratTimer.resetTimeout(3600);
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
+                    return STATE_WAIT_FOR_RAT_PROVER;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
+                event -> {
+                    LOG.error("RAT_PROVER failed");
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", ""));
+                    this.ratProver.terminate();
+                    this.ratVerifier.terminate();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
+                event -> {
+                    LOG.error("RAT_VERIFIER failed");
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", ""));
+                    this.ratProver.terminate();
+                    this.ratVerifier.terminate();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_RAT_PROVER");
+                    send(event.getIdscpMessage());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
+                    return STATE_WAIT_FOR_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_RAT_VERIFIER");
+                    send(event.getIdscpMessage());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
+                    return STATE_WAIT_FOR_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
+                event -> {
+                    LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER");
+                    this.ratVerifier.terminate();
+                    send(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
+                    return STATE_WAIT_FOR_DAT_AND_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", ""));
+                    this.ratProver.terminate();
+                    this.ratVerifier.terminate();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_VERIFIER");
+                    this.ratVerifier.delegate(event.getIdscpMessage());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
+                    return STATE_WAIT_FOR_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_PROVER");
+                    this.ratProver.delegate(event.getIdscpMessage());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
+                    return STATE_WAIT_FOR_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
+                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    this.ratProver.restart();
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
+                    return STATE_WAIT_FOR_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    this.ratVerifier.terminate();
+                    this.ratProver.terminate();
+                    handshakeTimer.cancelTimeout();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
 
         STATE_WAIT_FOR_RAT.setNoTransitionHandler(
                 event -> {
@@ -240,57 +385,60 @@ public void run() {
         /*---------------------------------------------------
          * STATE_ESTABLISHED - Transition Description
          * ---------------------------------------------------
-         * INTERNAL_CONTROL_MESSAGE.ERROR ---> send IDSCP_ERROR, send IDSCP_CLOSE ---> STATE_CLOSED
-         * INTERNAL_CONTROL_MESSAGE.IDSCP_STOP ---> send IDSCP_CLOSE ---> STATE_CLOSED
-         * INTERNAL_CONTROL_MESSAGE.DAT_TIMER_EXPIRED ---> send DAT_EXPIRED, set timeout ---> STATE_WAIT_FOR_DAT_AND_RAT_CLIENT
-         * //toDo INTERNAL_CONTROL_MESSAGE.SEND_IDSCP_MESSAGE ---> send IDSCP_DATA ---> STATE_ESTABLISHED
-         * INTERNAL_CONTROL_MESSAGE.REPEAT_RAT ---> send IDSCP_RE_RAT ---> WAIT_FOR_RAT_CLIENT
-         * IDSCP_MESSAGE.RE_RAT ---> start RAT_Prover ---> STATE_WAIT_FOR_RAT_SERVER
-         * IDSCP_MESSAGE.DATA ---> listener.onMessage() ---> STATE_ESTABLISHED
-         * IDSCP_MESSAGE.CLOSE ---> STATE_CLOSED
-         * IDSCP_MESSAGE.DAT_EXPIRED ---> send DAT, start RAT_PROVER ---> STATE_WAIT_FOR_RAT_SERVER
+         * onICM: error ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: stop ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * //FIXME onICM: send_data ---> {send IDS_DATA} ---> STATE_ESTABLISHED
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED, set timeout} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_ESTABLISHED
+         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
         STATE_ESTABLISHED.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
                     LOG.debug("Error occurred, send IDSCP_CLOSE and close idscp connection");
                     send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", ""));
+                    LOG.debug("Switch to state STATE_CLOSED");
                     return STATE_CLOSED;
                 }
         ));
 
         STATE_ESTABLISHED.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
+                    LOG.debug("Send IDSCP_CLOSE");
                     send(IdscpMessageFactory.getIdscpCloseMessage("User close", ""));
-                    LOG.debug("Close idscp connection and send IDSCP_CLOSE");
+                    LOG.debug("Switch to state STATE_CLOSED");
                     return STATE_CLOSED;
                 }
         ));
 
+        STATE_ESTABLISHED.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER");
+                    send(IdscpMessageFactory.getIdscpReRatMessage(""));
+                    this.ratVerifier = this.ratVerifierDriver.start(this);
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_VERIFIER");
+                    return STATE_WAIT_FOR_RAT_VERIFIER;
+                }
+        ));
+
         STATE_ESTABLISHED.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
                 event -> {
                     LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
                     send(IdscpMessageFactory.getIdscpDatExpiredMessage());
-                    //toDo set dat timeout
+                    handshakeTimer.resetTimeout(10);
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_CLIENT");
                     return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
                 }
         ));
 
-        STATE_ESTABLISHED.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("RAT timer expired. Send IDSCP_RE_RAT");
-                    send(IdscpMessageFactory.getIdscpReRatMessage("RAT expired"));
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_CLIENT");
-                    return STATE_WAIT_FOR_RAT_VERIFIER;
-                }
-        ));
-
         STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
-                    LOG.debug("Received IDSCP_RERAT with cause {}", event.getIdscpMessage().getIdscpReRat().getCause());
-                    LOG.debug("Start RAT_PROVER");
-                    //toDo trigger RAT_PROVER
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_SERVER");
+                    LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER");
+                    this.ratProver = this.ratProverDriver.start(this);
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
         ));
@@ -299,8 +447,8 @@ public void run() {
                 event -> {
                     LOG.debug("DAT expired. Send new DAT and repeat RAT");
                     send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    //toDo trigger RAT Prover
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_SERVER");
+                    this.ratProver = this.ratProverDriver.start(this);
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
         ));
@@ -323,12 +471,6 @@ public void run() {
         STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Receive IDSCP_CLOSED");
-                    try {
-                        this.listenerLatch.await();
-                        this.listener.onMessage(event.getIdscpMessage());
-                    } catch (InterruptedException ex) {
-                        Thread.currentThread().interrupt();
-                    }
                     LOG.debug("Switch to STATE_CLOSED");
                     return STATE_CLOSED;
                 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
index 4287f8bac..bf6ce52ae 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
@@ -6,12 +6,12 @@ public enum InternalControlMessage {
     DAT_TIMER_EXPIRED("ICM_DAT_TIMER_EXPIRED"),
     RAT_TIMER_EXPIRED("ICM_RAT_TIMER_EXPIRED"),
     REPEAT_RAT("ICM_REPEAT_RAT"),
-    RAT_VERIFIER_SUCCESSFUL("ICM_RAT_V_SUC"),
+    RAT_VERIFIER_OK("ICM_RAT_V_OK"),
     RAT_VERIFIER_FAILED("ICM_RAT_V_FAILED"),
-    RAT_PROVER_SUCCESSFUL("ICM_RAT_P_SUC"),
+    RAT_PROVER_OK("ICM_RAT_P_OK"),
     RAT_PROVER_FAILED("ICM_RAT_P_FAILED"),
-    DAT_VERIFICATION_SUCCESSFUL("IFM_DAT_SUC"),
-    DAT_VERIFICATION_FAILED("ICM_DAT_FAILED"),
+    RAT_PROVER_MSG("ICM_RAT_PROVER_MSG"),
+    RAT_VERIFIER_MSG("ICM_RAT_VERIFIER_MSG"),
     ERROR("ICM_ERROR"),
     TIMEOUT("ICM_TIMEOUT");
 

From a579af9f9177f992a15cd8f7b42529844fe9e60d Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Wed, 22 Jan 2020 18:00:35 +0100
Subject: [PATCH 043/237] WIP: FSM, Add error codes to IDSCP_CLOSE in protobuf

---
 ids-api/src/main/proto/idscpv2.proto          |  22 +-
 .../rat/TPM2ProverImpl.java                   |   2 +-
 .../rat/TPM2VerifierImpl.java                 |   2 +-
 .../drivers/interfaces/RatProverDriver.java   |   2 +-
 .../drivers/interfaces/RatVerifierDriver.java |   2 +-
 .../idscp_core/IdscpMessageFactory.java       |   4 +-
 .../idscp_core/finite_state_machine/FSM.java  | 706 ++++++++++++++++--
 7 files changed, 680 insertions(+), 60 deletions(-)

diff --git a/ids-api/src/main/proto/idscpv2.proto b/ids-api/src/main/proto/idscpv2.proto
index c118c773b..88fab12cf 100644
--- a/ids-api/src/main/proto/idscpv2.proto
+++ b/ids-api/src/main/proto/idscpv2.proto
@@ -17,6 +17,7 @@ message IdscpMessage {
     }
 }
 
+
 //IDSCP messages
 message IdscpHello {
     int32 version = 1;                      //IDSCP protocol version
@@ -26,14 +27,21 @@ message IdscpHello {
 }
 
 message IdscpClose {
-    string cause_msg = 1;
-    string cause_code = 2;
-}
 
-//message IdscpError {
-//    string error_code = 1;
-//    string error_msg = 2;
-//
+    enum CloseCause {
+        USER_SHUTDOWN = 0;
+        TIMEOUT = 1;
+        ERROR = 2;
+        NO_VALID_DAT = 3;
+        NO_RAT_MECHANISM_MATCH_PROVER = 4;
+        NO_RAT_MECHANISM_MATCH_VERIFIER = 5;
+        RAT_PROVER_FAILED = 6;
+        RAT_VERIFIER_FAILED = 7;
+    }
+
+    CloseCause cause_code = 1;
+    string cause_msg = 2;
+}
 
 message IdscpDatExpired {           //request new dynamicAttributeToken
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
index 4086b374a..0a43fbd63 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
@@ -12,7 +12,7 @@
 public class TPM2ProverImpl implements RatProverDriver {
 
     @Override
-    public RatProverInstance start(FsmListener fsmListener) {
+    public RatProverInstance start(String instance, FsmListener fsmListener) {
         TPM2Prover newProver = new TPM2Prover(fsmListener);
         newProver.start();
         return newProver;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
index d92ca8f67..24ad65818 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
@@ -12,7 +12,7 @@
 public class TPM2VerifierImpl implements RatVerifierDriver {
 
     @Override
-    public RatVerifierInstance start(FsmListener fsmListener) {
+    public RatVerifierInstance start(String instance, FsmListener fsmListener) {
         TPM2Verifier newVerifier = new TPM2Verifier(fsmListener);
         newVerifier.start();
         return newVerifier;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
index 0f4765b50..97cb5da6f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
@@ -8,5 +8,5 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface RatProverDriver {
-    RatProverInstance start(FsmListener fsmListener);
+    RatProverInstance start(String instance, FsmListener fsmListener);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
index a2a265b9b..55730afc9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
@@ -8,5 +8,5 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface RatVerifierDriver {
-    RatVerifierInstance start(FsmListener fsmListener);
+    RatVerifierInstance start(String instance, FsmListener fsmListener);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
index 4f740bc70..04982458f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
@@ -24,10 +24,10 @@ public static IdscpMessage getIdscpHelloMessage(byte[] dat, String[] supportedRa
                 .build();
     }
 
-    public static IdscpMessage getIdscpCloseMessage(String closeMsg, String closeCode){
+    public static IdscpMessage getIdscpCloseMessage(String closeMsg, IdscpClose.CloseCause causeCode){
         IdscpClose idscpClose = IdscpClose.newBuilder()
+                .setCauseCode(causeCode)
                 .setCauseMsg(closeMsg)
-                .setCauseCode(closeCode)
                 .build();
 
         return IdscpMessage.newBuilder()
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 765b81b93..b3228fd23 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -37,14 +37,16 @@ public class FSM implements FsmListener{
     private final Object idscpHandshakeLock = new Object();
     private final Object fsmIsBusy = new Object();
     //toDo cipher suites
-    private String[] ratSupportedSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
-    private String[] ratExpectedSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
+    private String[] localSupportedRatSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
+    private String[] localExpectedRatSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
     private byte[] remoteDat = null;
     private RatProverInstance ratProver = null;
     private RatVerifierInstance ratVerifier = null;
     private Timer datTimer;
     private Timer ratTimer;
     private Timer handshakeTimer;
+    private String proverMechanism = null;
+    private String verifierMechanism = null;
 
     public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDriver ratVerifier,
                DapsDriver dapsDriver){
@@ -97,7 +99,7 @@ public void run() {
                     byte[] dat = this.dapsDriver.getToken();
                     LOG.debug("Send IDSCP_HELLO");
                     IdscpMessage idscpHello = IdscpMessageFactory.
-                            getIdscpHelloMessage(dat, this.ratSupportedSuite, this.ratExpectedSuite);
+                            getIdscpHelloMessage(dat, this.localSupportedRatSuite, this.localExpectedRatSuite);
                     this.send(idscpHello);
                     fsmIsBusy.notify(); //enables fsm.onMessage()
                     LOG.debug("Set handshake timeout to 3 seconds");
@@ -121,7 +123,7 @@ public void run() {
          * ---------------------------------------------------
          * onICM: error --> {send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: stop --> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: handshake_timeout --> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: timeout --> {send IDSCP_CLOSE} ---> STATE_CLOSED
          * onMessage: IDSCP_CLOSE---> {} ---> STATE_CLOSED
          * onMessage: IDSCP_HELLO (no rat match) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
          * onMessage: IDSCP_HELLO (invalid DAT) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
@@ -132,7 +134,7 @@ public void run() {
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
                     LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", ""));
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -142,7 +144,7 @@ public void run() {
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", ""));
+                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -152,7 +154,7 @@ public void run() {
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout", ""));
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -173,31 +175,50 @@ public void run() {
                     handshakeTimer.cancelTimeout();
                     LOG.debug("Received IDSCP_HELLO");
                     IdscpHello idscpHello = event.getIdscpMessage().getIdscpHello();
+
                     LOG.debug("Calculate Rat mechanisms");
-                    if (!calculateRatMechanisms(null, null) //toDo rat ciphers
-                    ){
-                        LOG.debug("Cannot find a match for RAT cipher. Send IDSCP_CLOSE");
-                        send(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT mechanism", ""));
+                    this.proverMechanism = getRatProverMechanism(this.localSupportedRatSuite,
+                            (String [])idscpHello.getExpectedRatSuiteList().toArray());
+                    if (proverMechanism == null){
+                        LOG.debug("Cannot find a match for RAT proverr. Send IDSCP_CLOSE");
+                        send(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Prover mechanism",
+                                IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
                         LOG.debug("Switch to state STATE_CLOSED");
                         notifyHandshakeCompleteLock();
                         return STATE_CLOSED;
                     }
+
+                    this.verifierMechanism = getRatVerifierMechanism(localExpectedRatSuite,
+                            (String [])idscpHello.getSupportedRatSuiteList().toArray());
+                    if (verifierMechanism == null){
+                        LOG.debug("Cannot find a match for RAT verifier. Send IDSCP_CLOSE");
+                        send(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Verifier mechanism",
+                                IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
+                        LOG.debug("Switch to state STATE_CLOSED");
+                        notifyHandshakeCompleteLock();
+                        return STATE_CLOSED;
+                    }
+
                     LOG.debug("Verify received DAT");
                     //check if Dat is available and verify dat
+                    byte[] dat;
                     if (!idscpHello.hasDynamicAttributeToken() || !this.dapsDriver
-                            .verifyToken(idscpHello.getDynamicAttributeToken().getToken().toByteArray())){
+                            .verifyToken(dat = idscpHello.getDynamicAttributeToken().getToken().toByteArray())){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        send(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", ""));
+                        send(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
                         LOG.debug("Switch to state STATE_CLOSED");
                         notifyHandshakeCompleteLock();
                         return STATE_CLOSED;
                     }
+                    this.remoteDat = dat;
                     LOG.debug("Remote DAT is valid. Set dat timeout");
                     //toDo set DAT timeout
+                    datTimer.resetTimeout(3600);
+
                     LOG.debug("Start RAT Prover and Verifier");
-                    //toDo which RAT mechanism is chosen
-                    this.ratVerifier = ratVerifierDriver.start(this);
-                    this.ratProver = ratProverDriver.start(this);
+                    this.ratVerifier = ratVerifierDriver.start(verifierMechanism, this);
+                    this.ratProver = ratProverDriver.start(proverMechanism, this);
+
                     LOG.debug("Switch to state STATE_ESTABLISHED");
                     notifyHandshakeCompleteLock();
                     return STATE_WAIT_FOR_RAT;
@@ -215,12 +236,12 @@ public void run() {
         /*---------------------------------------------------
          * STATE_WAIT_FOR_RAT - Transition Description
          * ---------------------------------------------------
-         * onICM: error ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: stop ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: error ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> IDSCP_CLOSED
+         * onICM: stop ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> IDSCP_CLOSED
          * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
          * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_verifier_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_prover_failed ---> {ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_verifier_failed ---> {ratP.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT
          * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
          * onICM: dat_timeout ---> {send DAT_EXPIRED, ratV.cancel()} ---> STATE_WAIT_FOR_DAT_AND_RAT
@@ -228,13 +249,17 @@ public void run() {
          * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_RAT_PROVER ---> {delegate to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_DAT_EXPIRED ---> {send DAT, ratP.restart()} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> STATE_CLOSED
+         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
          * --------------------------------------------------- */
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event ->  {
                     LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", ""));
+                    this.ratProver.terminate();
+                    this.ratVerifier.terminate();
+                    this.handshakeTimer.cancelTimeout();
+                    this.datTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -243,8 +268,12 @@ public void run() {
 
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
+                    this.ratProver.terminate();
+                    this.ratVerifier.terminate();
+                    this.handshakeTimer.cancelTimeout();
+                    this.datTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", ""));
+                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -272,9 +301,10 @@ public void run() {
                 event -> {
                     LOG.error("RAT_PROVER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", ""));
-                    this.ratProver.terminate();
                     this.ratVerifier.terminate();
+                    this.datTimer.cancelTimeout();
+                    this.handshakeTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -284,10 +314,11 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
                 event -> {
                     LOG.error("RAT_VERIFIER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", ""));
                     this.ratProver.terminate();
-                    this.ratVerifier.terminate();
+                    this.datTimer.cancelTimeout();
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -325,9 +356,10 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", ""));
                     this.ratProver.terminate();
                     this.ratVerifier.terminate();
+                    this.datTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -336,8 +368,8 @@ public void run() {
 
         STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
                 event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_VERIFIER");
-                    this.ratVerifier.delegate(event.getIdscpMessage());
+                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
+                    this.ratProver.delegate(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -345,8 +377,8 @@ public void run() {
 
         STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
                 event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_PROVER");
-                    this.ratProver.delegate(event.getIdscpMessage());
+                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
+                    this.ratVerifier.delegate(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -367,7 +399,8 @@ public void run() {
                     LOG.debug("Received IDSCP_CLOSE");
                     this.ratVerifier.terminate();
                     this.ratProver.terminate();
-                    handshakeTimer.cancelTimeout();
+                    this.handshakeTimer.cancelTimeout();
+                    this.datTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -383,23 +416,592 @@ public void run() {
         );
 
         /*---------------------------------------------------
-         * STATE_ESTABLISHED - Transition Description
+         * STATE_WAIT_FOR_RAT_VERIFIER - Transition Description
+         * ---------------------------------------------------
+         * onICM: error ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onICM: close ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED, cancel ratV} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_ESTABLISHED
+         * onICM: rat_verifier_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_CLOSE ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onMessage: IDSCP_RAT_PROVER ---> {delegat to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onMessage: IDSCP_RE_RAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * --------------------------------------------------- */
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    this.ratVerifier.terminate();
+                    this.datTimer.cancelTimeout();
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
+                    this.datTimer.cancelTimeout();
+                    this.ratVerifier.terminate();
+                    this.handshakeTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
+                    this.ratVerifier.terminate();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
+                event -> {
+                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER");
+                    this.ratVerifier.terminate();
+                    send(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
+                    notifyHandshakeCompleteLock();
+                    return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received RAT_VERIFIER OK");
+                    //toDo set rat timeout
+                    this.ratTimer.resetTimeout(3600);
+                    LOG.debug("Switch to state STATE_ESTABLISHED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_ESTABLISHED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
+                event -> {
+                    LOG.error("RAT_VERIFIER failed");
+                    this.handshakeTimer.cancelTimeout();
+                    this.datTimer.cancelTimeout();
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_RAT_VERIFIER");
+                    send(event.getIdscpMessage());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
+                    return STATE_WAIT_FOR_RAT_VERIFIER;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    this.ratVerifier.terminate();
+                    this.datTimer.stop();
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
+                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
+                    return STATE_WAIT_FOR_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
+                    this.ratVerifier.delegate(event.getIdscpMessage());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
+                    return STATE_WAIT_FOR_RAT_VERIFIER;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
+                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
+                    return STATE_WAIT_FOR_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_VERIFIER.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
+                    return STATE_WAIT_FOR_RAT_VERIFIER;
+                }
+        );
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_RAT_PROVER - Transition Description
+         * ---------------------------------------------------
+         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER, timeouts.terminate()} ---> STATE_CLOSED
+         * onICM: error ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onICM: rat_prover_ok ---> {} ---> STATE_ESTABLISHED
+         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE, terminate ratP, cancel timeouts} ---> STATE_CLOSED
+         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onICM: repeat_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_PROVER
+         * --------------------------------------------------- */
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    this.ratProver.terminate();
+                    this.ratTimer.cancelTimeout();
+                    this.datTimer.cancelTimeout();
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
+                    this.ratProver.terminate();
+                    this.ratTimer.cancelTimeout();
+                    this.datTimer.cancelTimeout();
+                    this.handshakeTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
+                    this.ratProver.terminate();
+                    this.datTimer.cancelTimeout();
+                    this.ratTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
+                event -> {
+                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED");
+                    this.datTimer.cancelTimeout();
+                    this.ratTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
+                    notifyHandshakeCompleteLock();
+                    return STATE_WAIT_FOR_DAT_AND_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received RAT_PROVER OK");
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Switch to state STATE_ESTABLISHED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_ESTABLISHED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
+                event -> {
+                    LOG.error("RAT_PROVER failed");
+                    this.ratProver.terminate();
+                    this.handshakeTimer.cancelTimeout();
+                    this.datTimer.cancelTimeout();
+                    this.ratTimer.cancelTimeout();
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_RAT_PROVER");
+                    send(event.getIdscpMessage());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
+                    return STATE_WAIT_FOR_RAT_PROVER;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER");
+                    send(IdscpMessageFactory.getIdscpReRatMessage(""));
+                    this.ratVerifier = this.ratVerifierDriver.start(verifierMechanism, this);
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
+                    return STATE_WAIT_FOR_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    this.ratProver.terminate();
+                    this.handshakeTimer.cancelTimeout();
+                    this.datTimer.cancelTimeout();
+                    this.ratTimer.cancelTimeout();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
+                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    this.ratProver.restart();
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
+                    return STATE_WAIT_FOR_RAT_PROVER;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
+                    this.ratProver.delegate(event.getIdscpMessage());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
+                    return STATE_WAIT_FOR_RAT_PROVER;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
+                    this.ratProver.restart();
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
+                    return STATE_WAIT_FOR_RAT_PROVER;
+                }
+        ));
+
+        STATE_WAIT_FOR_RAT_PROVER.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
+                    return STATE_WAIT_FOR_RAT_PROVER;
+                }
+        );
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER - Transition Description
          * ---------------------------------------------------
-         * onICM: error ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: stop ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: error ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT(success) --> {verify DAT, set det_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFEIER
+         * onMessage: IDSCP_DAT(failed) --> {verify DAT, send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_RE_RAT ---> {start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * --------------------------------------------------- */
+        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
+                    this.handshakeTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Verify received DAT");
+                    //check if Dat is available and verify dat
+                    byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
+                    if (!this.dapsDriver.verifyToken(dat)){
+                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
+                        send(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
+                        LOG.debug("Switch to state STATE_CLOSED");
+                        notifyHandshakeCompleteLock();
+                        return STATE_CLOSED;
+                    }
+                    this.remoteDat = dat;
+                    LOG.debug("Remote DAT is valid. Set dat timeout");
+                    //toDo set DAT timeout
+                    datTimer.resetTimeout(3600);
+                    //start RAT Verifier
+                    this.ratVerifier = this.ratVerifierDriver.start(verifierMechanism, this);
+
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_VERIFIER");
+                    return STATE_WAIT_FOR_RAT_VERIFIER;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
+                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
+                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
+                    return STATE_WAIT_FOR_DAT_AND_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
+                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
+                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
+                    return STATE_WAIT_FOR_DAT_AND_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
+                    return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
+                }
+        );
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_DAT_AND_RAT - Transition Description
+         * ---------------------------------------------------
+         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: error ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), timeouts.stop()} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT(success) ---> {verify dat, start dat_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_DAT(failed) ---> {verify dat, send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
+         * --------------------------------------------------- */
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    this.ratProver.terminate();
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
+                    this.ratProver.terminate();
+                    this.handshakeTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
+                    this.ratProver.terminate();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received RAT_PROVER OK");
+                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
+                    return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
+                event -> {
+                    LOG.error("RAT_PROVER failed");
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Send IDSC_CLOSE");
+                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_RAT_PROVER");
+                    send(event.getIdscpMessage());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
+                    return STATE_WAIT_FOR_DAT_AND_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    this.ratProver.terminate();
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Switch to state STATE_CLOSED");
+                    notifyHandshakeCompleteLock();
+                    return STATE_CLOSED;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Verify received DAT");
+                    //check if Dat is available and verify dat
+                    byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
+                    if (!this.dapsDriver.verifyToken(dat)){
+                        this.ratProver.terminate();
+                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
+                        send(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
+                        LOG.debug("Switch to state STATE_CLOSED");
+                        notifyHandshakeCompleteLock();
+                        return STATE_CLOSED;
+                    }
+                    this.remoteDat = dat;
+                    LOG.debug("Remote DAT is valid. Set dat timeout");
+                    //toDo set DAT timeout
+                    datTimer.resetTimeout(3600);
+                    //start RAT Verifier
+                    this.ratVerifier = this.ratVerifierDriver.start(verifierMechanism, this);
+
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
+                    return STATE_WAIT_FOR_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
+                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    this.ratProver.restart();
+                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
+                    return STATE_WAIT_FOR_DAT_AND_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
+                    this.ratProver.delegate(event.getIdscpMessage());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
+                    return STATE_WAIT_FOR_DAT_AND_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
+                    this.ratProver.restart();
+                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
+                    return STATE_WAIT_FOR_DAT_AND_RAT;
+                }
+        ));
+
+        STATE_WAIT_FOR_DAT_AND_RAT.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
+                    return STATE_WAIT_FOR_DAT_AND_RAT;
+                }
+        );
+
+        /*---------------------------------------------------
+         * STATE_ESTABLISHED - Transition Description
+         * ---------------------------------------------------
+         * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: stop ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
          * //FIXME onICM: send_data ---> {send IDS_DATA} ---> STATE_ESTABLISHED
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED, set timeout} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_ESTABLISHED
          * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
          * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_ESTABLISHED
-         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
+         * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
         STATE_ESTABLISHED.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
                     LOG.debug("Error occurred, send IDSCP_CLOSE and close idscp connection");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", ""));
+                    this.datTimer.cancelTimeout();
+                    this.ratTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     return STATE_CLOSED;
                 }
@@ -408,7 +1010,9 @@ public void run() {
         STATE_ESTABLISHED.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", ""));
+                    this.datTimer.cancelTimeout();
+                    this.ratTimer.cancelTimeout();
+                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
                     return STATE_CLOSED;
                 }
@@ -418,7 +1022,7 @@ public void run() {
                 event -> {
                     LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER");
                     send(IdscpMessageFactory.getIdscpReRatMessage(""));
-                    this.ratVerifier = this.ratVerifierDriver.start(this);
+                    this.ratVerifier = this.ratVerifierDriver.start(verifierMechanism, this);
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_VERIFIER");
                     return STATE_WAIT_FOR_RAT_VERIFIER;
                 }
@@ -428,7 +1032,6 @@ public void run() {
                 event -> {
                     LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
                     send(IdscpMessageFactory.getIdscpDatExpiredMessage());
-                    handshakeTimer.resetTimeout(10);
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_CLIENT");
                     return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
                 }
@@ -437,7 +1040,7 @@ public void run() {
         STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER");
-                    this.ratProver = this.ratProverDriver.start(this);
+                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
@@ -447,7 +1050,7 @@ public void run() {
                 event -> {
                     LOG.debug("DAT expired. Send new DAT and repeat RAT");
                     send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    this.ratProver = this.ratProverDriver.start(this);
+                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
@@ -471,6 +1074,8 @@ public void run() {
         STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Receive IDSCP_CLOSED");
+                    datTimer.cancelTimeout();
+                    ratTimer.cancelTimeout();
                     LOG.debug("Switch to STATE_CLOSED");
                     return STATE_CLOSED;
                 }
@@ -582,8 +1187,15 @@ private void notifyHandshakeCompleteLock(){
         }
     }
 
-    private boolean calculateRatMechanisms(String[] remoteExpectedSuite, String[] remoteSupportedSuite){
-        return true;
+    //calculate Prover mechanism (strongest remote expected), returns null if no match was found
+    private String getRatProverMechanism(String[] localSupportedProver, String[] remoteExpectedVerifier){
+        //toDo implement logic
+        return "";
+    }
+
+    //calculate Verifier mechanism (strongest local expected), returns null if no match was found
+    private String getRatVerifierMechanism(String[] localExpectedVerifier, String[] remoteSupportedProver){
         //toDo implement logic
+        return "";
     }
 }

From c82ee29bf9b8b39e1143d9e7b12f0100020e7723 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 23 Jan 2020 18:04:11 +0100
Subject: [PATCH 044/237] WIP: FSM, new RAT Structure, timers, threads safe rat

---
 .../daps/DefaultDapsDriver.java               |   6 +-
 .../default_driver_impl/rat/TPM2Prover.java   |  37 +-
 .../rat/TPM2ProverImpl.java                   |  20 -
 .../default_driver_impl/rat/TPM2Verifier.java |  36 +-
 .../rat/TPM2VerifierImpl.java                 |  20 -
 .../idscp2/drivers/interfaces/DapsDriver.java |   2 +-
 .../drivers/interfaces/RatProverDriver.java   |  24 +-
 .../drivers/interfaces/RatProverInstance.java |   9 -
 .../drivers/interfaces/RatVerifierDriver.java |  24 +-
 .../interfaces/RatVerifierInstance.java       |   9 -
 .../idscp2/idscp_core/IDSCPv2Connection.java  |   2 -
 .../idscp_core/IdscpMessageFactory.java       |  16 +
 .../configuration/IDSCPv2Configuration.java   |  11 +-
 .../idscp_core/finite_state_machine/FSM.java  | 407 ++++++++++++------
 .../finite_state_machine/FsmListener.java     |   4 +
 .../rat_registry/RatProverDriverRegistry.java |  46 ++
 .../RatVerifierDriverRegistry.java            |  46 ++
 .../src/test/java/IDSCPv2ClientInitiator.java |  15 +-
 .../src/test/java/IDSCPv2ServerInitiator.java |  16 +-
 19 files changed, 467 insertions(+), 283 deletions(-)
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index dc0564a26..35c229631 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -15,7 +15,7 @@ public byte[] getToken() {
     }
 
     @Override
-    public boolean verifyToken(byte[] dat) {
-        return true;
-    }
+    public int verifyToken(byte[] dat) {
+        return 3600;
+    } //returns number of seconds until dat is valid
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
index b05fa8778..706fd91fd 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
@@ -1,54 +1,43 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverInstance;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
 
-public class TPM2Prover extends Thread implements RatProverInstance{
+public class TPM2Prover extends RatProverDriver {
 
-    private boolean running = true;
-    private FsmListener fsmListener;
-    private boolean successful = false;
-    private final Object resultAvailableLock = new Object();
-
-
-    TPM2Prover(FsmListener fsmListener){
-        this.fsmListener = fsmListener;
+    public TPM2Prover(){
+        super();
     }
 
     @Override
     public void delegate(IdscpMessage message) {
+        //toDo blocking
         successful = true;
         synchronized (resultAvailableLock) {
             resultAvailableLock.notify();
         }
     }
 
-    public void terminate(){
-        running = false;
-    }
-
-    @Override
-    public void restart() {
-
-    }
-
     @Override
     public void run() {
+        /*fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
+                IdscpMessageFactory.getIdscpRatProverMessage());*/
         while (running){
             synchronized (resultAvailableLock) {
-                try {
+                /*try {
                     resultAvailableLock.wait();
                     if (successful){
-                        fsmListener.onControlMessage(InternalControlMessage.RAT_PROVER_OK);
+                        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
                     } else {
-                        fsmListener.onControlMessage(InternalControlMessage.RAT_PROVER_FAILED);
+                        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
                     }
                     running = false;
                 } catch (InterruptedException e) {
                     e.printStackTrace();
-                }
+                }*/
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
             }
         }
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
deleted file mode 100644
index 0a43fbd63..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2ProverImpl.java
+++ /dev/null
@@ -1,20 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverInstance;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-
-/**
- * Remote Attestation Prover Driver implementation class for TPM2.0
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class TPM2ProverImpl implements RatProverDriver {
-
-    @Override
-    public RatProverInstance start(String instance, FsmListener fsmListener) {
-        TPM2Prover newProver = new TPM2Prover(fsmListener);
-        newProver.start();
-        return newProver;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
index 45df0e390..d6a326846 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
@@ -1,54 +1,44 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierInstance;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 
-public class TPM2Verifier extends Thread implements RatVerifierInstance {
+public class TPM2Verifier extends RatVerifierDriver {
 
-    private FsmListener fsmListener;
-    private boolean successful = false;
-    private boolean running = true;
-    private final Object resultAvailableLock = new Object();
-
-    TPM2Verifier(FsmListener fsmListener){
-        this.fsmListener = fsmListener;
+    public TPM2Verifier(){
+        super();
     }
 
     @Override
     public void delegate(IDSCPv2.IdscpMessage message) {
+        //toDo blocking
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG,
+                IdscpMessageFactory.getIdscpRatVerifierMessage());
         successful = true;
         synchronized (resultAvailableLock) {
             resultAvailableLock.notify();
         }
     }
 
-    @Override
-    public void terminate() {
-        running = false;
-    }
-
-    @Override
-    public void restart() {
-
-    }
-
     @Override
     public void run(){
         while (running){
             synchronized (resultAvailableLock) {
-                try {
+                /*try {
                     resultAvailableLock.wait();
                     if (successful){
-                        fsmListener.onControlMessage(InternalControlMessage.RAT_VERIFIER_OK);
+                        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
                     } else {
-                        fsmListener.onControlMessage(InternalControlMessage.RAT_VERIFIER_FAILED);
+                        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
                     }
                     running = false;
                 } catch (InterruptedException e) {
                     e.printStackTrace();
-                }
+                }*/
+                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
             }
         }
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
deleted file mode 100644
index 24ad65818..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2VerifierImpl.java
+++ /dev/null
@@ -1,20 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierInstance;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-
-/**
- * Remote Attestation Verifier Driver implementation class for TPM2.0
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class TPM2VerifierImpl implements RatVerifierDriver {
-
-    @Override
-    public RatVerifierInstance start(String instance, FsmListener fsmListener) {
-        TPM2Verifier newVerifier = new TPM2Verifier(fsmListener);
-        newVerifier.start();
-        return newVerifier;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
index 164fa485a..5314c1a35 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
@@ -7,5 +7,5 @@
  */
 public interface DapsDriver {
     byte[] getToken();
-    boolean verifyToken(byte[] dat);
+    int verifyToken(byte[] dat);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
index 97cb5da6f..7a2cefbae 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
@@ -1,12 +1,22 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
+import de.fhg.aisec.ids.messages.IDSCPv2;
 
-/**
- * An interface for the remote attestation prover driver that is used for proving the current state by RAT mechanism
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public interface RatProverDriver {
-    RatProverInstance start(String instance, FsmListener fsmListener);
+public abstract class RatProverDriver extends Thread{
+
+    protected boolean running = true;
+    protected FsmListener fsmListener;
+    protected boolean successful = false;
+    protected final Object resultAvailableLock = new Object();
+
+    public void delegate(IDSCPv2.IdscpMessage message){}
+
+    public void terminate() {
+        running = false;
+    }
+
+    public void setListener(FsmListener listener){
+        fsmListener = listener;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java
deleted file mode 100644
index 29620b2df..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverInstance.java
+++ /dev/null
@@ -1,9 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces;
-
-import de.fhg.aisec.ids.messages.IDSCPv2;
-
-public interface RatProverInstance {
-    void delegate(IDSCPv2.IdscpMessage message);
-    void terminate();
-    void restart();
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
index 55730afc9..73112e1b2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
@@ -1,12 +1,22 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
+import de.fhg.aisec.ids.messages.IDSCPv2;
 
-/**
- * An interface for the remote attestation verifier driver that is used for verifying provers system sate
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public interface RatVerifierDriver {
-    RatVerifierInstance start(String instance, FsmListener fsmListener);
+public abstract class RatVerifierDriver extends Thread{
+
+    protected boolean running = true;
+    protected FsmListener fsmListener;
+    protected boolean successful = false;
+    protected final Object resultAvailableLock = new Object();
+
+    public void delegate(IDSCPv2.IdscpMessage message){}
+
+    public void terminate() {
+        running = false;
+    }
+
+    public void setListener(FsmListener listener){
+        fsmListener = listener;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java
deleted file mode 100644
index ddaff93ec..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierInstance.java
+++ /dev/null
@@ -1,9 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces;
-
-import de.fhg.aisec.ids.messages.IDSCPv2;
-
-public interface RatVerifierInstance {
-    void delegate(IDSCPv2.IdscpMessage message);
-    void terminate();
-    void restart();
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
index d747deb80..f67eed373 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
@@ -1,8 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core;
 
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import de.fhg.aisec.ids.messages.IDSCPv2.IdscpClose;
 import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
index 04982458f..3b917571a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
@@ -71,4 +71,20 @@ public static IdscpMessage getIdscpDataMessage(byte[] data){
                 .build();
     }
 
+    public static IdscpMessage getIdscpRatProverMessage(){
+        IdscpRatProver idscpRatProver = IdscpRatProver.newBuilder().build();
+
+        return IdscpMessage.newBuilder()
+                .setIdscpRatProver(idscpRatProver)
+                .build();
+    }
+
+    public static IdscpMessage getIdscpRatVerifierMessage(){
+        IdscpRatVerifier idscpRatVerifier = IdscpRatVerifier.newBuilder().build();
+
+        return IdscpMessage.newBuilder()
+                .setIdscpRatVerifier(idscpRatVerifier)
+                .build();
+    }
+
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
index af08a409d..26d17fd45 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -8,7 +8,6 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -31,20 +30,14 @@ public class IDSCPv2Configuration implements IDSCPv2Callback {
 
     private IDSCPv2Initiator user;
     private DapsDriver dapsDriver;
-    private RatProverDriver ratProverDriver;
-    private RatVerifierDriver ratVerifierDriver;
     private SecureChannelDriver secureChannelDriver;
 
 
     public IDSCPv2Configuration(IDSCPv2Initiator initiator,
                                 DapsDriver dapsDriver,
-                                RatVerifierDriver ratVerifierDriver,
-                                RatProverDriver ratProverDriver,
                                 SecureChannelDriver secureChannelDriver){
         this.user = initiator;
         this.dapsDriver = dapsDriver;
-        this.ratVerifierDriver = ratVerifierDriver;
-        this.ratProverDriver = ratProverDriver;
         this.secureChannelDriver = secureChannelDriver;
     }
 
@@ -74,7 +67,7 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
             user.errorHandler("IDSCPv2 connect failed because no secure channel was established");
         } else {
             LOG.debug("A new secure channel for an outgoing idscpv2 connection was established");
-            FSM fsm = new FSM(secureChannel, ratProverDriver, ratVerifierDriver, dapsDriver);
+            FSM fsm = new FSM(secureChannel, dapsDriver);
             String connectionId = UUID.randomUUID().toString();
             //important so set endpoint connection id before fsm.startIdscpHandshake() to avoid deadlock
             fsm.setEndpointConnectionId(connectionId);
@@ -96,7 +89,7 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
     public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnectionListener idscpServer) {
         if (secureChannel != null){
             LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
-            FSM fsm = new FSM(secureChannel, ratProverDriver, ratVerifierDriver, dapsDriver);
+            FSM fsm = new FSM(secureChannel, dapsDriver);
             String connectionId = UUID.randomUUID().toString();
             //important so set endpoint connection id before fsm.startIdscpHandshake() to avoid deadlock
             fsm.setEndpointConnectionId(connectionId);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index b3228fd23..fb516c219 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -5,10 +5,13 @@
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+
 import java.util.concurrent.CountDownLatch;
 
 public class FSM implements FsmListener{
@@ -23,37 +26,39 @@ public class FSM implements FsmListener{
     private final State STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER = new State();
     private final State STATE_WAIT_FOR_DAT_AND_RAT = new State();
     private final State STATE_ESTABLISHED = new State();
-    /*  ----------------   end of states   --------------- */
 
-    //toDo error codes in protobuf
     private State currentState;
     private final State initialState = STATE_CLOSED;
+    /*  ----------------   end of states   --------------- */
+
     private SecureChannel secureChannel;
+    private DapsDriver dapsDriver;
+
     private RatProverDriver ratProverDriver;
     private RatVerifierDriver ratVerifierDriver;
-    private DapsDriver dapsDriver;
+    private String currentRatProverId; //avoid messages from old provers
+    private String currentRatVerifierId; //avoid messages from old verifiers
+    private String proverMechanism = null;
+    private String verifierMechanism = null;
+
     private IdscpMsgListener listener = null;
     private final CountDownLatch listenerLatch = new CountDownLatch(1);
     private final Object idscpHandshakeLock = new Object();
     private final Object fsmIsBusy = new Object();
+
     //toDo cipher suites
     private String[] localSupportedRatSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
     private String[] localExpectedRatSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
     private byte[] remoteDat = null;
-    private RatProverInstance ratProver = null;
-    private RatVerifierInstance ratVerifier = null;
+
     private Timer datTimer;
     private Timer ratTimer;
     private Timer handshakeTimer;
-    private String proverMechanism = null;
-    private String verifierMechanism = null;
+    private int ratTimeoutDelay = 3600;
 
-    public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDriver ratVerifier,
-               DapsDriver dapsDriver){
+    public FSM(SecureChannel secureChannel, DapsDriver dapsDriver){
 
         this.secureChannel = secureChannel;
-        this.ratProverDriver = ratProver;
-        this.ratVerifierDriver = ratVerifier;
         this.dapsDriver = dapsDriver;
         secureChannel.setFsm(this);
 
@@ -61,21 +66,24 @@ public FSM(SecureChannel secureChannel, RatProverDriver ratProver, RatVerifierDr
         Runnable handshakeTimeoutHandler = new Runnable() {
             @Override
             public void run() {
-                onControlMessage(InternalControlMessage.TIMEOUT);
+                //onControlMessage(InternalControlMessage.TIMEOUT);
+                System.out.println("Handshake timeout");
             }
         };
 
         Runnable datTimeoutHandler = new Runnable() {
             @Override
             public void run() {
-                onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED);
+                //onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED);
+                System.out.println("DAT_TIMER_EXPIRED");
             }
         };
 
         Runnable ratTimeoutHandler = new Runnable() {
             @Override
             public void run() {
-                onControlMessage(InternalControlMessage.RAT_TIMER_EXPIRED);
+                //onControlMessage(InternalControlMessage.RAT_TIMER_EXPIRED);
+                System.out.println("RAT_TIMER_EXPIRED");
             }
         };
         //toDo set correct delays
@@ -100,10 +108,10 @@ public void run() {
                     LOG.debug("Send IDSCP_HELLO");
                     IdscpMessage idscpHello = IdscpMessageFactory.
                             getIdscpHelloMessage(dat, this.localSupportedRatSuite, this.localExpectedRatSuite);
-                    this.send(idscpHello);
+                    sendFromFSM(idscpHello);
                     fsmIsBusy.notify(); //enables fsm.onMessage()
-                    LOG.debug("Set handshake timeout to 3 seconds");
-                    handshakeTimer.resetTimeout(3);
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_HELLO");
                     return STATE_WAIT_FOR_HELLO;
                 }
@@ -133,8 +141,9 @@ public void run() {
          * --------------------------------------------------- */
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
+                    handshakeTimer.cancelTimeout();
                     LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -143,8 +152,9 @@ public void run() {
 
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
+                    handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -154,7 +164,7 @@ public void run() {
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout", IdscpClose.CloseCause.TIMEOUT));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -163,6 +173,7 @@ public void run() {
 
         STATE_WAIT_FOR_HELLO.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
+                    handshakeTimer.cancelTimeout();
                     LOG.debug("Received IDSCP_CLOSE");
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
@@ -178,10 +189,10 @@ public void run() {
 
                     LOG.debug("Calculate Rat mechanisms");
                     this.proverMechanism = getRatProverMechanism(this.localSupportedRatSuite,
-                            (String [])idscpHello.getExpectedRatSuiteList().toArray());
+                            idscpHello.getExpectedRatSuiteList().toArray());
                     if (proverMechanism == null){
                         LOG.debug("Cannot find a match for RAT proverr. Send IDSCP_CLOSE");
-                        send(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Prover mechanism",
+                        sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Prover mechanism",
                                 IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
                         LOG.debug("Switch to state STATE_CLOSED");
                         notifyHandshakeCompleteLock();
@@ -189,10 +200,10 @@ public void run() {
                     }
 
                     this.verifierMechanism = getRatVerifierMechanism(localExpectedRatSuite,
-                            (String [])idscpHello.getSupportedRatSuiteList().toArray());
+                            idscpHello.getSupportedRatSuiteList().toArray());
                     if (verifierMechanism == null){
                         LOG.debug("Cannot find a match for RAT verifier. Send IDSCP_CLOSE");
-                        send(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Verifier mechanism",
+                        sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Verifier mechanism",
                                 IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
                         LOG.debug("Switch to state STATE_CLOSED");
                         notifyHandshakeCompleteLock();
@@ -202,24 +213,27 @@ public void run() {
                     LOG.debug("Verify received DAT");
                     //check if Dat is available and verify dat
                     byte[] dat;
-                    if (!idscpHello.hasDynamicAttributeToken() || !this.dapsDriver
-                            .verifyToken(dat = idscpHello.getDynamicAttributeToken().getToken().toByteArray())){
+                    int datValidityPeriod;
+                    if (!idscpHello.hasDynamicAttributeToken() || 0 > (datValidityPeriod= this.dapsDriver
+                            .verifyToken(dat = idscpHello.getDynamicAttributeToken().getToken().toByteArray()))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        send(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
+                        sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
                         LOG.debug("Switch to state STATE_CLOSED");
                         notifyHandshakeCompleteLock();
                         return STATE_CLOSED;
                     }
                     this.remoteDat = dat;
-                    LOG.debug("Remote DAT is valid. Set dat timeout");
-                    //toDo set DAT timeout
-                    datTimer.resetTimeout(3600);
+                    LOG.debug("Remote DAT is valid. Set dat timeout to its validity period");
+                    datTimer.resetTimeout(datValidityPeriod);
 
                     LOG.debug("Start RAT Prover and Verifier");
-                    this.ratVerifier = ratVerifierDriver.start(verifierMechanism, this);
-                    this.ratProver = ratProverDriver.start(proverMechanism, this);
+                    restartRatVerifierDriver();
+                    restartRatProverDriver();
 
-                    LOG.debug("Switch to state STATE_ESTABLISHED");
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
+
+                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
                     notifyHandshakeCompleteLock();
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -255,11 +269,11 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event ->  {
                     LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    this.ratProver.terminate();
-                    this.ratVerifier.terminate();
+                    stopRatProverDriver();
+                    stopRatVerifierDriver();
                     this.handshakeTimer.cancelTimeout();
                     this.datTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -268,12 +282,12 @@ public void run() {
 
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    this.ratProver.terminate();
-                    this.ratVerifier.terminate();
+                    stopRatProverDriver();
+                    stopRatVerifierDriver();
                     this.handshakeTimer.cancelTimeout();
                     this.datTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -291,7 +305,7 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
                 event -> {
                     LOG.debug("Received RAT_VERIFIER OK");
-                    ratTimer.resetTimeout(3600);
+                    ratTimer.resetTimeout(this.ratTimeoutDelay);
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
@@ -301,10 +315,10 @@ public void run() {
                 event -> {
                     LOG.error("RAT_PROVER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    this.ratVerifier.terminate();
+                    stopRatVerifierDriver();
                     this.datTimer.cancelTimeout();
                     this.handshakeTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -314,11 +328,11 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
                 event -> {
                     LOG.error("RAT_VERIFIER failed");
-                    this.ratProver.terminate();
+                    stopRatProverDriver();
                     this.datTimer.cancelTimeout();
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -328,7 +342,7 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_RAT_PROVER");
-                    send(event.getIdscpMessage());
+                    sendFromFSM(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -337,7 +351,7 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_RAT_VERIFIER");
-                    send(event.getIdscpMessage());
+                    sendFromFSM(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -346,8 +360,10 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
                 event -> {
                     LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER");
-                    this.ratVerifier.terminate();
-                    send(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    stopRatVerifierDriver();
+                    sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
                     return STATE_WAIT_FOR_DAT_AND_RAT;
                 }
@@ -356,10 +372,10 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    this.ratProver.terminate();
-                    this.ratVerifier.terminate();
+                    stopRatProverDriver();
+                    stopRatVerifierDriver();
                     this.datTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -369,7 +385,7 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    this.ratProver.delegate(event.getIdscpMessage());
+                    ratProverDriver.delegate(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -378,7 +394,7 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
-                    this.ratVerifier.delegate(event.getIdscpMessage());
+                    ratVerifierDriver.delegate(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -387,8 +403,10 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    this.ratProver.restart();
+                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    restartRatProverDriver();
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -397,8 +415,8 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
-                    this.ratVerifier.terminate();
-                    this.ratProver.terminate();
+                    stopRatVerifierDriver();
+                    stopRatProverDriver();
                     this.handshakeTimer.cancelTimeout();
                     this.datTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_CLOSED");
@@ -433,11 +451,11 @@ public void run() {
          * --------------------------------------------------- */
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    this.ratVerifier.terminate();
+                    stopRatVerifierDriver();
                     this.datTimer.cancelTimeout();
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -448,9 +466,9 @@ public void run() {
                 event -> {
                     LOG.debug("An internal control error occurred, send IDSC_CLOSE");
                     this.datTimer.cancelTimeout();
-                    this.ratVerifier.terminate();
+                    stopRatVerifierDriver();
                     this.handshakeTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -460,8 +478,9 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    this.ratVerifier.terminate();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
+                    stopRatVerifierDriver();
+                    datTimer.cancelTimeout();
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -471,8 +490,10 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
                 event -> {
                     LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER");
-                    this.ratVerifier.terminate();
-                    send(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    stopRatVerifierDriver();
+                    sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
                     notifyHandshakeCompleteLock();
                     return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
@@ -482,8 +503,9 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
                 event -> {
                     LOG.debug("Received RAT_VERIFIER OK");
-                    //toDo set rat timeout
-                    this.ratTimer.resetTimeout(3600);
+                    this.handshakeTimer.cancelTimeout();
+                    LOG.debug("Start RAT Timer");
+                    this.ratTimer.resetTimeout(ratTimeoutDelay);
                     LOG.debug("Switch to state STATE_ESTABLISHED");
                     notifyHandshakeCompleteLock();
                     return STATE_ESTABLISHED;
@@ -496,7 +518,7 @@ public void run() {
                     this.handshakeTimer.cancelTimeout();
                     this.datTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -506,7 +528,7 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_RAT_VERIFIER");
-                    send(event.getIdscpMessage());
+                    sendFromFSM(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
                     return STATE_WAIT_FOR_RAT_VERIFIER;
                 }
@@ -515,7 +537,7 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
-                    this.ratVerifier.terminate();
+                    stopRatVerifierDriver();
                     this.datTimer.stop();
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_CLOSED");
@@ -527,8 +549,10 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
-                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
+                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    restartRatProverDriver();
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -537,7 +561,7 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
-                    this.ratVerifier.delegate(event.getIdscpMessage());
+                    ratVerifierDriver.delegate(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
                     return STATE_WAIT_FOR_RAT_VERIFIER;
                 }
@@ -546,7 +570,9 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
-                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
+                    restartRatProverDriver();
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -579,12 +605,12 @@ public void run() {
          * --------------------------------------------------- */
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    this.ratProver.terminate();
+                    stopRatProverDriver();
                     this.ratTimer.cancelTimeout();
                     this.datTimer.cancelTimeout();
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -594,11 +620,11 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
                     LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    this.ratProver.terminate();
+                    stopRatProverDriver();
                     this.ratTimer.cancelTimeout();
                     this.datTimer.cancelTimeout();
                     this.handshakeTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -608,10 +634,10 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    this.ratProver.terminate();
+                    stopRatProverDriver();
                     this.datTimer.cancelTimeout();
                     this.ratTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -621,9 +647,10 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
                 event -> {
                     LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED");
-                    this.datTimer.cancelTimeout();
                     this.ratTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
                     notifyHandshakeCompleteLock();
                     return STATE_WAIT_FOR_DAT_AND_RAT;
@@ -643,12 +670,12 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
                 event -> {
                     LOG.error("RAT_PROVER failed");
-                    this.ratProver.terminate();
+                    stopRatProverDriver();
                     this.handshakeTimer.cancelTimeout();
                     this.datTimer.cancelTimeout();
                     this.ratTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -658,7 +685,7 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_RAT_PROVER");
-                    send(event.getIdscpMessage());
+                    sendFromFSM(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
@@ -667,8 +694,11 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER");
-                    send(IdscpMessageFactory.getIdscpReRatMessage(""));
-                    this.ratVerifier = this.ratVerifierDriver.start(verifierMechanism, this);
+                    sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""));
+                    this.ratTimer.cancelTimeout();
+                    restartRatVerifierDriver();
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
                 }
@@ -677,7 +707,7 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
-                    this.ratProver.terminate();
+                    stopRatProverDriver();
                     this.handshakeTimer.cancelTimeout();
                     this.datTimer.cancelTimeout();
                     this.ratTimer.cancelTimeout();
@@ -690,8 +720,10 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    this.ratProver.restart();
+                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    restartRatProverDriver();
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
@@ -700,7 +732,7 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    this.ratProver.delegate(event.getIdscpMessage());
+                    ratProverDriver.delegate(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
@@ -709,7 +741,7 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
-                    this.ratProver.restart();
+                    restartRatProverDriver();
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
@@ -740,7 +772,7 @@ public void run() {
                 event -> {
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -751,7 +783,7 @@ public void run() {
                 event -> {
                     LOG.debug("An internal control error occurred, send IDSC_CLOSE");
                     this.handshakeTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -761,7 +793,7 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -780,22 +812,26 @@ public void run() {
 
         STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
                 event -> {
+                    this.handshakeTimer.cancelTimeout();
                     LOG.debug("Verify received DAT");
                     //check if Dat is available and verify dat
                     byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
-                    if (!this.dapsDriver.verifyToken(dat)){
+                    int datValidityPeriod;
+                    if (0 > (datValidityPeriod = this.dapsDriver.verifyToken(dat))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        send(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
+                        sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
                         LOG.debug("Switch to state STATE_CLOSED");
                         notifyHandshakeCompleteLock();
                         return STATE_CLOSED;
                     }
                     this.remoteDat = dat;
                     LOG.debug("Remote DAT is valid. Set dat timeout");
-                    //toDo set DAT timeout
-                    datTimer.resetTimeout(3600);
+                    datTimer.resetTimeout(datValidityPeriod);
                     //start RAT Verifier
-                    this.ratVerifier = this.ratVerifierDriver.start(verifierMechanism, this);
+                    restartRatVerifierDriver();
+
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
 
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_VERIFIER");
                     return STATE_WAIT_FOR_RAT_VERIFIER;
@@ -805,8 +841,10 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
-                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
+                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    restartRatProverDriver();
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
                     return STATE_WAIT_FOR_DAT_AND_RAT;
                 }
@@ -815,7 +853,9 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
-                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
+                    restartRatProverDriver();
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
                     return STATE_WAIT_FOR_DAT_AND_RAT;
                 }
@@ -848,10 +888,10 @@ public void run() {
          * --------------------------------------------------- */
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    this.ratProver.terminate();
+                    stopRatProverDriver();
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -861,9 +901,9 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
                     LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    this.ratProver.terminate();
+                    stopRatProverDriver();
                     this.handshakeTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -873,8 +913,8 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    this.ratProver.terminate();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
+                    stopRatProverDriver();
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -885,6 +925,7 @@ public void run() {
                 event -> {
                     LOG.debug("Received RAT_PROVER OK");
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
+                    //toDo restart handshake timeout ????
                     return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
                 }
         ));
@@ -894,7 +935,7 @@ public void run() {
                     LOG.error("RAT_PROVER failed");
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
-                    send(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
@@ -904,7 +945,7 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_RAT_PROVER");
-                    send(event.getIdscpMessage());
+                    sendFromFSM(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
                     return STATE_WAIT_FOR_DAT_AND_RAT;
                 }
@@ -913,7 +954,7 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
-                    this.ratProver.terminate();
+                    stopRatProverDriver();
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
@@ -923,23 +964,27 @@ public void run() {
 
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
                 event -> {
+                    handshakeTimer.cancelTimeout();
                     LOG.debug("Verify received DAT");
                     //check if Dat is available and verify dat
                     byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
-                    if (!this.dapsDriver.verifyToken(dat)){
-                        this.ratProver.terminate();
+                    int datValidityPeriod;
+                    if (0 > (datValidityPeriod = this.dapsDriver.verifyToken(dat))){
+                        stopRatProverDriver();
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        send(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
+                        sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
                         LOG.debug("Switch to state STATE_CLOSED");
                         notifyHandshakeCompleteLock();
                         return STATE_CLOSED;
                     }
                     this.remoteDat = dat;
                     LOG.debug("Remote DAT is valid. Set dat timeout");
-                    //toDo set DAT timeout
-                    datTimer.resetTimeout(3600);
+                    datTimer.resetTimeout(datValidityPeriod);
                     //start RAT Verifier
-                    this.ratVerifier = this.ratVerifierDriver.start(verifierMechanism, this);
+                    restartRatVerifierDriver();
+
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
 
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
                     return STATE_WAIT_FOR_RAT;
@@ -949,8 +994,8 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    this.ratProver.restart();
+                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    restartRatProverDriver();
                     LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
                     return STATE_WAIT_FOR_DAT_AND_RAT;
                 }
@@ -959,7 +1004,7 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    this.ratProver.delegate(event.getIdscpMessage());
+                    ratProverDriver.delegate(event.getIdscpMessage());
                     LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
                     return STATE_WAIT_FOR_DAT_AND_RAT;
                 }
@@ -968,7 +1013,7 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
-                    this.ratProver.restart();
+                    restartRatProverDriver();
                     LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
                     return STATE_WAIT_FOR_DAT_AND_RAT;
                 }
@@ -1001,7 +1046,7 @@ public void run() {
                     LOG.debug("Error occurred, send IDSCP_CLOSE and close idscp connection");
                     this.datTimer.cancelTimeout();
                     this.ratTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     return STATE_CLOSED;
                 }
@@ -1012,7 +1057,7 @@ public void run() {
                     LOG.debug("Send IDSCP_CLOSE");
                     this.datTimer.cancelTimeout();
                     this.ratTimer.cancelTimeout();
-                    send(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
                     return STATE_CLOSED;
                 }
@@ -1021,8 +1066,13 @@ public void run() {
         STATE_ESTABLISHED.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER");
-                    send(IdscpMessageFactory.getIdscpReRatMessage(""));
-                    this.ratVerifier = this.ratVerifierDriver.start(verifierMechanism, this);
+                    this.ratTimer.cancelTimeout();
+                    sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""));
+                    restartRatVerifierDriver();
+
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
+
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_VERIFIER");
                     return STATE_WAIT_FOR_RAT_VERIFIER;
                 }
@@ -1030,8 +1080,13 @@ public void run() {
 
         STATE_ESTABLISHED.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
                 event -> {
+                    this.ratTimer.cancelTimeout();
                     LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
-                    send(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
+
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_CLIENT");
                     return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
                 }
@@ -1040,7 +1095,7 @@ public void run() {
         STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER");
-                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
+                    restartRatProverDriver();
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
@@ -1049,8 +1104,12 @@ public void run() {
         STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("DAT expired. Send new DAT and repeat RAT");
-                    send(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    this.ratProver = this.ratProverDriver.start(proverMechanism, this);
+                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
+                    restartRatProverDriver();
+
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
+
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
@@ -1128,6 +1187,40 @@ public void onControlMessage(InternalControlMessage controlMessage) {
         }
     }
 
+    @Override
+    public void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage) {
+        //only allow rat prover messages from current thread
+        Event e;
+        if (idscpMessage == null){
+            e = new Event(controlMessage);
+        } else {
+            e = new Event(controlMessage, idscpMessage);
+        }
+
+        synchronized (fsmIsBusy) {
+            if (Long.toString(Thread.currentThread().getId()).equals(currentRatProverId)) {
+                currentState = currentState.feedEvent(e);
+            }
+        }
+    }
+
+    @Override
+    public void onRatVerifierMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage) {
+        //only allow rat verifier messages from current thread
+        Event e;
+        if (idscpMessage == null){
+            e = new Event(controlMessage);
+        } else {
+            e = new Event(controlMessage, idscpMessage);
+        }
+
+        synchronized (fsmIsBusy) {
+            if (Long.toString(Thread.currentThread().getId()).equals(currentRatVerifierId)) {
+                currentState = currentState.feedEvent(e);
+            }
+        }
+    }
+
     public void terminate(){
         LOG.info("Close idscp connection");
         onControlMessage(InternalControlMessage.IDSCP_STOP);
@@ -1157,6 +1250,11 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
         }
     }
 
+    private void sendFromFSM(IdscpMessage msg){
+        //send messages from fsm
+        secureChannel.send(msg.toByteArray());
+    }
+
     public void send(IdscpMessage msg){
         //send messages from user only when idscp connection is established
         synchronized(fsmIsBusy){
@@ -1188,14 +1286,55 @@ private void notifyHandshakeCompleteLock(){
     }
 
     //calculate Prover mechanism (strongest remote expected), returns null if no match was found
-    private String getRatProverMechanism(String[] localSupportedProver, String[] remoteExpectedVerifier){
+    private String getRatProverMechanism(String[] localSupportedProver, Object[] remoteExpectedVerifier){
         //toDo implement logic
-        return "";
+        return "TPM_2";
     }
 
     //calculate Verifier mechanism (strongest local expected), returns null if no match was found
-    private String getRatVerifierMechanism(String[] localExpectedVerifier, String[] remoteSupportedProver){
+    private String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSupportedProver){
         //toDo implement logic
-        return "";
+        return "TPM_2";
+    }
+
+    private void restartRatVerifierDriver(){
+        //assume verifier mechanism is set
+        stopRatVerifierDriver();
+        ratVerifierDriver = RatVerifierDriverRegistry.startRatVerifierDriver(verifierMechanism, this);
+        if (ratVerifierDriver == null){
+            LOG.error("Cannot create instance of RAT_VERIFIER_DRIVER");
+            currentRatVerifierId = "";
+            onControlMessage(InternalControlMessage.ERROR); //toDo geht das?
+        } else {
+            currentRatVerifierId = Long.toString(ratVerifierDriver.getId());
+        }
+    }
+
+    private void stopRatVerifierDriver(){
+        if (ratVerifierDriver != null && ratVerifierDriver.isAlive()){
+            ratVerifierDriver.interrupt();
+            ratVerifierDriver.terminate();
+        }
+    }
+
+    private void restartRatProverDriver(){
+        //assume prover mechanism is set
+        stopRatVerifierDriver();
+        ratProverDriver = RatProverDriverRegistry.startRatProverDriver(proverMechanism, this);
+        if (ratProverDriver == null){
+            LOG.error("Cannot create instance of RAT_PROVER_DRIVER");
+            currentRatProverId = "";
+            onControlMessage(InternalControlMessage.ERROR); //toDo geht das?
+        } else {
+            currentRatProverId = Long.toString(ratProverDriver.getId());
+        }
     }
+
+    private void stopRatProverDriver(){
+        if (ratProverDriver != null && ratProverDriver.isAlive()){
+            ratProverDriver.interrupt();
+            ratProverDriver.terminate();
+        }
+    }
+
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
index ccc0f88aa..6cfd1827f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
@@ -1,6 +1,10 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
+import de.fhg.aisec.ids.messages.IDSCPv2;
+
 public interface FsmListener {
     void onMessage(byte[] data);
     void onControlMessage(InternalControlMessage controlMessage);
+    void onRatProverMessage(InternalControlMessage controlMessage, IDSCPv2.IdscpMessage idscpMessage);
+    void onRatVerifierMessage(InternalControlMessage controlMessage, IDSCPv2.IdscpMessage idscpMessage);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
new file mode 100644
index 000000000..708c2f6f1
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
@@ -0,0 +1,46 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
+
+import java.util.concurrent.ConcurrentHashMap;
+
+public class RatProverDriverRegistry {
+    //toDO  Reflections library
+    private static RatProverDriverRegistry instance;
+    private static ConcurrentHashMap<String, Class<? extends RatProverDriver>> drivers = new ConcurrentHashMap<>();
+
+    private RatProverDriverRegistry(){}
+
+    public static RatProverDriverRegistry getInstance(){
+        if (instance == null){
+           instance = new RatProverDriverRegistry();
+        }
+
+        return instance;
+    }
+
+    public static RatProverDriver startRatProverDriver(String instance, FsmListener listener){
+        Class<? extends RatProverDriver> driverClass = drivers.get(instance);
+
+        try {
+            RatProverDriver driver = driverClass.getDeclaredConstructor().newInstance();
+            driver.setListener(listener);
+            driver.start();
+            return driver;
+
+        } catch (Exception e) {
+            return null;
+        }
+    }
+
+
+    public void registerDriver(String instance, Class<? extends RatProverDriver> driverClass){
+        drivers.put(instance, driverClass);
+    }
+
+    public void unregisterDriver(String instance){
+        drivers.remove(instance);
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
new file mode 100644
index 000000000..cb1536292
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
@@ -0,0 +1,46 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry;
+
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
+
+import java.util.concurrent.ConcurrentHashMap;
+
+public class RatVerifierDriverRegistry {
+    private static RatVerifierDriverRegistry instance;
+    private static ConcurrentHashMap<String, Class<? extends RatVerifierDriver>> drivers = new ConcurrentHashMap<>();
+
+    private RatVerifierDriverRegistry(){}
+
+    public static RatVerifierDriverRegistry getInstance(){
+        if (instance == null){
+            instance = new RatVerifierDriverRegistry();
+        }
+
+        return instance;
+    }
+
+    public static RatVerifierDriver startRatVerifierDriver(String mechanism, FsmListener listener){
+        Class<? extends RatVerifierDriver> driverClass = drivers.get(mechanism);
+
+        try {
+            RatVerifierDriver driver = driverClass.getDeclaredConstructor().newInstance();
+            driver.setListener(listener);
+            driver.start();
+            return driver;
+
+        } catch (Exception e) {
+            return null;
+        }
+    }
+
+
+    public void registerDriver(String mechanism, Class<? extends RatVerifierDriver> driverClass){
+        drivers.put(mechanism, driverClass);
+    }
+
+    public void unregisterDriver(String instance){
+        drivers.remove(instance);
+    }
+
+}
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index ec8787bcf..05e1489db 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -1,15 +1,15 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2ProverImpl;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2VerifierImpl;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Prover;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Verifier;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 
 import java.util.concurrent.ConcurrentHashMap;
 
@@ -20,11 +20,12 @@ public class IDSCPv2ClientInitiator implements IDSCPv2Initiator {
     public void init(IDSCPv2Settings settings){
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
         DapsDriver dapsDriver = new DefaultDapsDriver();
-        RatVerifierDriver ratVerifier = new TPM2VerifierImpl();
-        RatProverDriver ratProver = new TPM2ProverImpl();
+
+        RatProverDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Prover.class);
+        RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Verifier.class);
 
         IDSCPv2Configuration clientConfig = new IDSCPv2Configuration(this,
-                dapsDriver, ratVerifier, ratProver, secureChannelDriver);
+                dapsDriver, secureChannelDriver);
         clientConfig.connect(settings);
     }
 
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index cfc6b2d64..1245dfd61 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -1,19 +1,18 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2ProverImpl;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2VerifierImpl;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Prover;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Verifier;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
-
-import java.util.concurrent.ConcurrentHashMap;
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 
 
 public class IDSCPv2ServerInitiator implements IDSCPv2Initiator {
@@ -23,11 +22,12 @@ public class IDSCPv2ServerInitiator implements IDSCPv2Initiator {
     public void init(IDSCPv2Settings serverSettings)  {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
         DapsDriver dapsDriver = new DefaultDapsDriver();
-        RatVerifierDriver ratVerifier = new TPM2VerifierImpl();
-        RatProverDriver ratProver = new TPM2ProverImpl();
+
+        RatProverDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Prover.class);
+        RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Verifier.class);
 
         IDSCPv2Configuration idscpServerConfig = new IDSCPv2Configuration(this,
-                dapsDriver, ratVerifier, ratProver, secureChannelDriver);
+                dapsDriver, secureChannelDriver);
         IDSCPv2Server idscPv2Server;
         try {
             idscPv2Server = idscpServerConfig.listen(serverSettings);

From 8bbc081861cd786aa84d8177c7032ecbecd3e30f Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Mon, 27 Jan 2020 18:03:54 +0100
Subject: [PATCH 045/237] WIP: FSM add new timer to avoid race conditions, RAT
 bug fixed

---
 .../default_driver_impl/rat/TPM2Prover.java   | 31 +++--------
 .../default_driver_impl/rat/TPM2Verifier.java | 29 +++-------
 .../idscp_core/finite_state_machine/FSM.java  | 31 ++++++++---
 .../finite_state_machine/Timer.java           | 53 +++++++++----------
 .../finite_state_machine/TimerThread.java     | 36 +++++++++++++
 5 files changed, 99 insertions(+), 81 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
index 706fd91fd..d42fbd406 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
@@ -1,7 +1,6 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
 
@@ -13,32 +12,18 @@ public TPM2Prover(){
 
     @Override
     public void delegate(IdscpMessage message) {
-        //toDo blocking
-        successful = true;
-        synchronized (resultAvailableLock) {
-            resultAvailableLock.notify();
-        }
+        //todo blocking
     }
 
     @Override
     public void run() {
-        /*fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
-                IdscpMessageFactory.getIdscpRatProverMessage());*/
-        while (running){
-            synchronized (resultAvailableLock) {
-                /*try {
-                    resultAvailableLock.wait();
-                    if (successful){
-                        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
-                    } else {
-                        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-                    }
-                    running = false;
-                } catch (InterruptedException e) {
-                    e.printStackTrace();
-                }*/
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
-            }
+        try {
+            Thread.sleep(5000);
+        } catch (InterruptedException e) {
+            e.printStackTrace();
         }
+        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
+
     }
+
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
index d6a326846..283152a71 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
@@ -1,8 +1,6 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 
@@ -15,31 +13,16 @@ public TPM2Verifier(){
     @Override
     public void delegate(IDSCPv2.IdscpMessage message) {
         //toDo blocking
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG,
-                IdscpMessageFactory.getIdscpRatVerifierMessage());
-        successful = true;
-        synchronized (resultAvailableLock) {
-            resultAvailableLock.notify();
-        }
+
     }
 
     @Override
     public void run(){
-        while (running){
-            synchronized (resultAvailableLock) {
-                /*try {
-                    resultAvailableLock.wait();
-                    if (successful){
-                        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
-                    } else {
-                        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-                    }
-                    running = false;
-                } catch (InterruptedException e) {
-                    e.printStackTrace();
-                }*/
-                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
-            }
+        try {
+            Thread.sleep(8000);
+        } catch (InterruptedException e) {
+            e.printStackTrace();
         }
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index fb516c219..2e3826bc0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -67,7 +67,7 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver){
             @Override
             public void run() {
                 //onControlMessage(InternalControlMessage.TIMEOUT);
-                System.out.println("Handshake timeout");
+                System.out.println("HANDSHAKE_TIMER_EXPIRED");
             }
         };
 
@@ -87,9 +87,9 @@ public void run() {
             }
         };
         //toDo set correct delays
-        this.handshakeTimer = new Timer(handshakeTimeoutHandler);
-        this.datTimer = new Timer(datTimeoutHandler);
-        this.ratTimer = new Timer(ratTimeoutHandler);
+        this.handshakeTimer = new Timer(fsmIsBusy, handshakeTimeoutHandler);
+        this.datTimer = new Timer(fsmIsBusy, datTimeoutHandler);
+        this.ratTimer = new Timer(fsmIsBusy, ratTimeoutHandler);
         /* ------------- end timeout routines ------------- */
 
 
@@ -429,6 +429,11 @@ public void run() {
                 event -> {
                     LOG.debug("No transition available for given event " + event.toString());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
+                    try {
+                        Thread.sleep(60000);
+                    } catch (InterruptedException e) {
+                        e.printStackTrace();
+                    }
                     return STATE_WAIT_FOR_RAT;
                 }
         );
@@ -538,7 +543,7 @@ public void run() {
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     stopRatVerifierDriver();
-                    this.datTimer.stop();
+                    this.datTimer.cancelTimeout();
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_CLOSED");
                     notifyHandshakeCompleteLock();
@@ -582,6 +587,11 @@ public void run() {
                 event -> {
                     LOG.debug("No transition available for given event " + event.toString());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
+                    try {
+                        Thread.sleep(60000);
+                    } catch (InterruptedException e) {
+                        e.printStackTrace();
+                    }
                     return STATE_WAIT_FOR_RAT_VERIFIER;
                 }
         );
@@ -751,6 +761,11 @@ public void run() {
                 event -> {
                     LOG.debug("No transition available for given event " + event.toString());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
+                    try {
+                        Thread.sleep(60000);
+                    } catch (InterruptedException e) {
+                        e.printStackTrace();
+                    }
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
         );
@@ -1144,6 +1159,11 @@ public void run() {
                 event -> {
                     LOG.debug("No transition available for given event " + event.toString());
                     LOG.debug("Stay in state STATE_ESTABLISHED");
+                    try {
+                        Thread.sleep(60000);
+                    } catch (InterruptedException e) {
+                        e.printStackTrace();
+                    }
                     return STATE_ESTABLISHED;
                 }
         );
@@ -1336,5 +1356,4 @@ private void stopRatProverDriver(){
             ratProverDriver.terminate();
         }
     }
-
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
index cf420dd7a..df556a5a4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
@@ -1,45 +1,40 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
-import java.util.concurrent.ScheduledFuture;
-import java.util.concurrent.ScheduledThreadPoolExecutor;
-import static java.util.concurrent.TimeUnit.*;
+import java.util.concurrent.locks.ReentrantLock;
 
 public class Timer {
 
-    private ScheduledThreadPoolExecutor executor = new ScheduledThreadPoolExecutor(1);
-    private ScheduledFuture<?> timer;
-    private boolean isLocked = false;
-    private boolean isExecuting = false;
-    private Runnable timeoutHandler;
+    //toDo real time FIFO synchronization for whole state machine
 
-    public Timer(Runnable timeoutHandler){
+    private TimerThread thread = null;
+    private final Object lock;
+    private final ReentrantLock mutex = new ReentrantLock();
+    private final Runnable timeoutHandler;
+
+    Timer(Object lock, Runnable timeoutHandler){
+        this.lock = lock;
         this.timeoutHandler = timeoutHandler;
     }
 
-    public void cancelTimeout() {
-        if (!isLocked) {
-            if (isExecuting) {
-                timer.cancel(true);
-            }
-        }
+    void resetTimeout(int delay){
+        cancelTimeout();
+        start(delay);
     }
 
-    public boolean resetTimeout(int delay){
-        if (!isLocked){
-            if (isExecuting){
-                timer.cancel(true);
-            }
-            timer = executor.schedule(timeoutHandler, delay, SECONDS);
-            return true;
-        }
-        return false;
+    public void start(int delay){
+        mutex.lock();
+        thread = new TimerThread(delay, timeoutHandler, lock);
+        thread.start();
+        mutex.unlock();
     }
 
-    public void stop(){
-        if (!isLocked){
-            executor.shutdownNow();
-            isLocked = true;
+    void cancelTimeout(){
+        mutex.lock();
+        if (thread != null){
+            thread.safeStop();
+            thread = null;
         }
+        mutex.unlock();
     }
-
 }
+
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
new file mode 100644
index 000000000..4901f4656
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
@@ -0,0 +1,36 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+public class TimerThread extends Thread{
+
+    private volatile boolean canceled = false;
+    private int delay;
+    private final Runnable timeoutHandler;
+    private final Object lock;
+
+    TimerThread(int delay, Runnable timeoutHandler, Object lock){
+        this.delay = delay;
+        this.timeoutHandler = timeoutHandler;
+        this.lock = lock;
+    }
+
+    public void run(){
+        try {
+            Thread.sleep(delay * 1000);
+        } catch (InterruptedException e) {
+            Thread.currentThread().interrupt();
+            return;
+        }
+        if (canceled)
+            return;
+
+        synchronized (lock){
+            if (!canceled){
+                timeoutHandler.run();
+            }
+        }
+    }
+
+    public void safeStop(){
+        canceled = true;
+    }
+}

From 73aa3547f460dcfccd4cf13e0247999533166d5f Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 30 Jan 2020 16:56:35 +0100
Subject: [PATCH 046/237] Fix bug in Rat Verifier

---
 .../default_driver_impl/rat/TPM2Prover.java   | 43 ++++++++++++++++---
 .../default_driver_impl/rat/TPM2Verifier.java | 32 +++++++++++---
 .../idscp_core/finite_state_machine/FSM.java  |  3 +-
 3 files changed, 64 insertions(+), 14 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
index d42fbd406..9537550d5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
@@ -1,10 +1,29 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
+import de.fhg.aisec.ids.messages.IDSCPv2;
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
+import java.util.LinkedList;
+import java.util.Queue;
+import java.util.concurrent.BlockingQueue;
+import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.LinkedBlockingQueue;
+import java.util.concurrent.locks.ReadWriteLock;
+import java.util.concurrent.locks.ReentrantLock;
+import java.util.concurrent.locks.ReentrantReadWriteLock;
+
+/**
+ * A RatProver dummy, that sends two incoming messages from the remote rat verifier and also sends two messages
+ */
 public class TPM2Prover extends RatProverDriver {
+    private static final Logger LOG = LoggerFactory.getLogger(TPM2Prover.class);
+
+    private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
 
     public TPM2Prover(){
         super();
@@ -12,18 +31,28 @@ public TPM2Prover(){
 
     @Override
     public void delegate(IdscpMessage message) {
-        //todo blocking
+        queue.add(message);
+        LOG.debug("Delegated to prover");
     }
 
     @Override
     public void run() {
-        try {
-            Thread.sleep(5000);
-        } catch (InterruptedException e) {
-            e.printStackTrace();
+        int countDown = 2;
+        while (true){
+            try {
+                sleep(2000);
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
+                        IdscpMessageFactory.getIdscpRatProverMessage());
+                System.out.println("Prover waits");
+                IDSCPv2.IdscpMessage m = queue.take();
+                System.out.println("Prover receives, send something");
+                if (--countDown == 0)
+                    break;
+            } catch (InterruptedException e) {
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+                return;
+            }
         }
         fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
-
     }
-
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
index 283152a71..d5a5eabe1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
@@ -1,10 +1,19 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
 import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.concurrent.BlockingQueue;
+import java.util.concurrent.LinkedBlockingQueue;
 
 public class TPM2Verifier extends RatVerifierDriver {
+    private static final Logger LOG = LoggerFactory.getLogger(TPM2Verifier.class);
+
+    private BlockingQueue<IDSCPv2.IdscpMessage> queue = new LinkedBlockingQueue<>();
 
     public TPM2Verifier(){
         super();
@@ -12,16 +21,27 @@ public TPM2Verifier(){
 
     @Override
     public void delegate(IDSCPv2.IdscpMessage message) {
-        //toDo blocking
-
+        queue.add(message);
+        LOG.debug("Delegated to Verifier");
     }
 
     @Override
     public void run(){
-        try {
-            Thread.sleep(8000);
-        } catch (InterruptedException e) {
-            e.printStackTrace();
+        int countDown = 2;
+        while (true){
+            try {
+                sleep(2000);
+                LOG.debug("Verifier waits");
+                IDSCPv2.IdscpMessage m = queue.take();
+                LOG.debug("Verifier receives, send something");
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
+                        IdscpMessageFactory.getIdscpRatProverMessage());
+                if (--countDown == 0)
+                    break;
+            } catch (InterruptedException e) {
+                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+                return;
+            }
         }
         fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 2e3826bc0..b1f544b0a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -68,6 +68,7 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver){
             public void run() {
                 //onControlMessage(InternalControlMessage.TIMEOUT);
                 System.out.println("HANDSHAKE_TIMER_EXPIRED");
+
             }
         };
 
@@ -1339,7 +1340,7 @@ private void stopRatVerifierDriver(){
 
     private void restartRatProverDriver(){
         //assume prover mechanism is set
-        stopRatVerifierDriver();
+        stopRatProverDriver();
         ratProverDriver = RatProverDriverRegistry.startRatProverDriver(proverMechanism, this);
         if (ratProverDriver == null){
             LOG.error("Cannot create instance of RAT_PROVER_DRIVER");

From f100cd802825b00dbfd779a49f53710577aefd82 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 30 Jan 2020 18:33:38 +0100
Subject: [PATCH 047/237] Fix bugs in RAT Prover + Verifier

---
 .../default_driver_impl/rat/TPM2Prover.java      |  6 +++---
 .../default_driver_impl/rat/TPM2Verifier.java    |  6 +++---
 .../idscp_core/finite_state_machine/FSM.java     | 16 +++++++++++-----
 3 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
index 9537550d5..55bbf061b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
@@ -40,12 +40,12 @@ public void run() {
         int countDown = 2;
         while (true){
             try {
-                sleep(2000);
+                sleep(1000);
                 fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
                         IdscpMessageFactory.getIdscpRatProverMessage());
-                System.out.println("Prover waits");
+                LOG.debug("Prover waits");
                 IDSCPv2.IdscpMessage m = queue.take();
-                System.out.println("Prover receives, send something");
+                LOG.debug("Prover receives, send something");
                 if (--countDown == 0)
                     break;
             } catch (InterruptedException e) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
index d5a5eabe1..c7d302715 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
@@ -30,12 +30,12 @@ public void run(){
         int countDown = 2;
         while (true){
             try {
-                sleep(2000);
+                sleep(1000);
                 LOG.debug("Verifier waits");
                 IDSCPv2.IdscpMessage m = queue.take();
                 LOG.debug("Verifier receives, send something");
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
-                        IdscpMessageFactory.getIdscpRatProverMessage());
+                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG,
+                        IdscpMessageFactory.getIdscpRatVerifierMessage());
                 if (--countDown == 0)
                     break;
             } catch (InterruptedException e) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index b1f544b0a..581fdccec 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -54,7 +54,7 @@ public class FSM implements FsmListener{
     private Timer datTimer;
     private Timer ratTimer;
     private Timer handshakeTimer;
-    private int ratTimeoutDelay = 3600;
+    private int ratTimeoutDelay = 10;
 
     public FSM(SecureChannel secureChannel, DapsDriver dapsDriver){
 
@@ -66,25 +66,24 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver){
         Runnable handshakeTimeoutHandler = new Runnable() {
             @Override
             public void run() {
-                //onControlMessage(InternalControlMessage.TIMEOUT);
                 System.out.println("HANDSHAKE_TIMER_EXPIRED");
-
+                onControlMessage(InternalControlMessage.TIMEOUT);
             }
         };
 
         Runnable datTimeoutHandler = new Runnable() {
             @Override
             public void run() {
-                //onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED);
                 System.out.println("DAT_TIMER_EXPIRED");
+                onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED);
             }
         };
 
         Runnable ratTimeoutHandler = new Runnable() {
             @Override
             public void run() {
-                //onControlMessage(InternalControlMessage.RAT_TIMER_EXPIRED);
                 System.out.println("RAT_TIMER_EXPIRED");
+                onControlMessage(InternalControlMessage.REPEAT_RAT);
             }
         };
         //toDo set correct delays
@@ -1196,6 +1195,9 @@ public void onMessage(byte[] data){
                 }
             }
             currentState = currentState.feedEvent(event);
+            /*if (LOG.isDebugEnabled()) {
+                LOG.debug("Switched to state {}", currentState);
+            }*/
         }
     }
 
@@ -1221,6 +1223,8 @@ public void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessa
         synchronized (fsmIsBusy) {
             if (Long.toString(Thread.currentThread().getId()).equals(currentRatProverId)) {
                 currentState = currentState.feedEvent(e);
+            } else {
+                LOG.warn("An old or unknown identity calls onRatProverMessage()");
             }
         }
     }
@@ -1238,6 +1242,8 @@ public void onRatVerifierMessage(InternalControlMessage controlMessage, IdscpMes
         synchronized (fsmIsBusy) {
             if (Long.toString(Thread.currentThread().getId()).equals(currentRatVerifierId)) {
                 currentState = currentState.feedEvent(e);
+            } else {
+                LOG.warn("An old or unknown identity calls onRatVerifierMessage()");
             }
         }
     }

From 9e706067e9a3fa34c448495430b533dda8ea9585 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Mon, 3 Feb 2020 18:47:20 +0100
Subject: [PATCH 048/237] WIP: FSM Close and error handling

---
 .../client/DataAvailableListener.java         |   2 +
 .../client/InputListenerThread.java           |  16 +-
 .../secure_channel/client/TLSClient.java      |  51 +++--
 .../server/TLSServerThread.java               |  55 +++---
 .../idscp2/idscp_core/IDSCPv2Connection.java  |  31 ++-
 .../idscp2/idscp_core/IdscpMsgListener.java   |   3 +-
 .../configuration/IDSCPv2Configuration.java   |  12 +-
 .../idscp_core/finite_state_machine/FSM.java  | 179 ++++++++++++------
 .../finite_state_machine/FsmListener.java     |   2 +
 .../finite_state_machine/State.java           |  10 +
 .../States/StateClosed.java                   |  15 ++
 .../States/StateEstablished.java              |   6 +
 .../States/StateWaitForDatAndRat.java         |   6 +
 .../States/StateWaitForDatAndRatVerifier.java |   6 +
 .../States/StateWaitForHello.java             |   6 +
 .../States/StateWaitForRat.java               |   6 +
 .../States/StateWaitForRatProver.java         |   6 +
 .../States/StateWaitForRatVerifier.java       |   6 +
 .../finite_state_machine/Timer.java           |  10 +-
 .../finite_state_machine/TimerThread.java     |  13 +-
 .../secure_channel/SecureChannel.java         |  27 ++-
 .../secure_channel/SecureChannelEndpoint.java |   2 -
 .../secure_channel/SecureChannelListener.java |   2 +
 .../src/test/java/IDSCPv2ClientInitiator.java |   2 +-
 .../src/test/java/IDSCPv2ServerInitiator.java |   3 +-
 25 files changed, 314 insertions(+), 163 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateClosed.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateEstablished.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRat.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRatVerifier.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForHello.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRat.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatProver.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatVerifier.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
index 88fdd28bc..062bbd1ea 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
@@ -7,4 +7,6 @@
  */
 public interface DataAvailableListener {
     void onMessage(byte[] data);
+    void onError();
+    void onClose();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index c0678e06f..15c605e8b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -25,7 +25,7 @@ public class InputListenerThread extends Thread implements InputListener {
     //private static final Logger LOG = LoggerFactory.getLogger(InputListenerThread.class);
 
     private DataInputStream in;
-    private ArrayList<DataAvailableListener> listeners = new ArrayList<>(); //no race conditions, could be empty list
+    private DataAvailableListener listener = null; //no race conditions, could be empty list
     private volatile boolean running = true;
 
     public InputListenerThread(InputStream in){
@@ -40,7 +40,7 @@ public void run(){
                 int len = in.readInt();
                 buf = new byte[len];
                 in.readFully(buf, 0, len);
-                notifyListeners(buf);
+                this.listener.onMessage(buf);
 
             } catch (SocketTimeoutException e) {
                 //timeout to catch safeStop() call, which allows save close and sending Client_Goodbye
@@ -48,26 +48,20 @@ public void run(){
                 //continue;
                 //toDo offset when timeout while reading ???
             } catch (EOFException e){
-                notifyListeners(TlsConstants.END_OF_STREAM.getBytes());
+                listener.onClose();
                 running = false; //terminate
             } catch (IOException e) {
-                //e.printStackTrace();
+                listener.onError();
                 running = false;
             }
         }
-        listeners.clear();
     }
 
     @Override
     public void register(DataAvailableListener listener) {
-        listeners.add(listener);
+        this.listener = listener;
     }
 
-    private void notifyListeners(byte[] bytes) {
-        for (DataAvailableListener listener : listeners){
-            listener.onMessage(bytes);
-        }
-    }
 
     @Override
     public void safeStop() {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 13b99667b..7dc721bdf 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -37,8 +37,6 @@
  *
  * close()  disconnects the client
  *
- * setConnectionId(ConnectionId) set the internal connectionId, which is used for notifying the IDSCPv2Configuration
- *                                when the server quits the connection
  *
  * handshakeCompleted()         create a secureChannel, including this client; start inputListenerThread and transfer
  *                              the secureChannel to the IDSCPv2Configuration
@@ -60,8 +58,7 @@ public class TLSClient implements HandshakeCompletedListener, DataAvailableListe
     private SecureChannelListener listener; //race conditions are avoided using CountDownLatch
     private CountDownLatch listenerLatch = new CountDownLatch(1);
     private IDSCPv2Callback callback; //race conditions are avoided because callback is initialized in constructor
-    private CountDownLatch connectionIdLatch = new CountDownLatch(1);
-    private String connectionId = "empty_connection_id";
+
 
     public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback)
             throws IOException, KeyManagementException, NoSuchAlgorithmException{
@@ -158,9 +155,23 @@ private void disconnect(){
     }
 
     @Override
-    public void setConnectionId(String connectionId){
-        this.connectionId = connectionId;
-        connectionIdLatch.countDown();
+    public void onClose(){
+        try {
+            listenerLatch.await();
+            listener.onClose();
+        } catch (InterruptedException e) {
+            Thread.currentThread().interrupt();
+        }
+    }
+
+    @Override
+    public void onError(){
+        try {
+            listenerLatch.await();
+            listener.onError();
+        } catch (InterruptedException e) {
+            Thread.currentThread().interrupt();
+        }
     }
 
     @Override
@@ -179,7 +190,7 @@ public void send(byte[] data){
                 LOG.debug("Send message: {}", new String(data));
             } catch (IOException e){
                 LOG.warn("Client cannot send data");
-                e.printStackTrace();
+                //e.printStackTrace();
             }
         }
     }
@@ -205,25 +216,11 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
 
     @Override
     public void onMessage(byte[] data) {
-        if ((new String(data, StandardCharsets.UTF_8)).equals(TlsConstants.END_OF_STREAM)){
-            //End of stream, connection is not available anymore
-            LOG.debug("Client is terminating after server disconnected");
-            disconnect();
-
-            try {
-                connectionIdLatch.await();
-                callback.connectionClosedHandler(this.connectionId);
-            } catch (InterruptedException e){
-                Thread.currentThread().interrupt();
-            }
-
-        } else {
-            try{
-                listenerLatch.await();
-                listener.onMessage(data);
-            } catch (InterruptedException e){
-                Thread.currentThread().interrupt();
-            }
+        try{
+            listenerLatch.await();
+            listener.onMessage(data);
+        } catch (InterruptedException e){
+            Thread.currentThread().interrupt();
         }
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index fad3f9190..853b25a08 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -30,8 +30,6 @@
  *
  * close()  disconnects the serverThread
  *
- * setConnectionId(ConnectionId) set the internal connectionId, which is used for notifying the IDSCPv2Configuration
- *                                when the client quits the connection
  *
  * handshakeCompleted()        create a secureChannel, including this serverThread and provides it to the IDSCPv2Config
  *
@@ -48,8 +46,6 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
     private volatile boolean running = true;
     private DataInputStream in;
     private DataOutputStream out;
-    private String connectionId = "empty_connection_id"; //race condition avoided using CountDownLatch
-    private CountDownLatch connectionIdLatch = new CountDownLatch(1);
     private SecureChannelListener listener = null;  // race conditions are avoided using CountDownLatch
     private IDSCPv2Callback configCallback;  //no race conditions
     private IdscpConnectionListener idscpServerCallback; //no race conditions
@@ -72,12 +68,6 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
         }
     }
 
-    @Override
-    public void setConnectionId(String connectionId){
-        this.connectionId = connectionId;
-        connectionIdLatch.countDown();
-    }
-
     @Override
     public void run(){
         //wait for new data while running
@@ -93,31 +83,18 @@ public void run(){
                 //timeout catches safeStop() call and allows to send server_goodbye
                 //alternative: close sslSocket and catch SocketException
                 //continue
-            } catch (SSLException e) {
-                LOG.error("SSL error");
-                e.printStackTrace();
-                running = false;
-                connectionIdLatch.countDown();
-                return;
             } catch (EOFException e){
+                onClose();
                 running = false;
-                connectionIdLatch.countDown();
             } catch (IOException e){
-                e.printStackTrace();
+                onError();
                 running = false;
-                connectionIdLatch.countDown();
             }
         }
+        closeSockets();
+    }
 
-        try {
-            connectionIdLatch.await();
-            idscpServerCallback.connectionClosedHandler(this.connectionId);
-            configCallback.connectionClosedHandler(this.connectionId);
-        } catch (InterruptedException e){
-            Thread.currentThread().interrupt();
-        }
-
-        LOG.trace("ServerThread is terminating");
+    private void closeSockets(){
         try {
             out.close();
             in.close();
@@ -130,6 +107,7 @@ public void run(){
     public void send(byte[] data) {
         if (!isConnected()){
             LOG.error("Server cannot send data because socket is not connected");
+            closeSockets();
         } else {
             try {
                 out.writeInt(data.length);
@@ -137,11 +115,30 @@ public void send(byte[] data) {
                 out.flush();
                 LOG.trace("Send message: " + new String(data));
             } catch (IOException e){
-                LOG.error("Server cannot send data. {}",e.getMessage());
+                LOG.error("ServerThread cannot send data.");
+                closeSockets();
             }
         }
     }
 
+    private void onClose(){
+        try {
+            listenerLatch.await();
+            listener.onClose();
+        } catch (InterruptedException e) {
+            Thread.currentThread().interrupt();
+        }
+    }
+
+    private void onError(){
+        try {
+            listenerLatch.await();
+            listener.onError();
+        } catch (InterruptedException e) {
+            Thread.currentThread().interrupt();
+        }
+    }
+
     @Override
     public void close() {
         safeStop();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
index f67eed373..09e419e6e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
@@ -1,10 +1,15 @@
 package de.fhg.aisec.ids.idscp2.idscp_core;
 
+import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.util.Arrays;
+
 /**
  * The IDSCPv2 Connection class
  *
@@ -23,24 +28,40 @@ public class IDSCPv2Connection implements IdscpMsgListener {
 
     private FSM fsm;
     private String connectionId;
+    private IDSCPv2Initiator user;
+    private IdscpConnectionListener server;
 
-    public IDSCPv2Connection(FSM fsm, String connectionId){
+    public IDSCPv2Connection(FSM fsm, String connectionId, IDSCPv2Initiator user, IdscpConnectionListener server){
         this.fsm = fsm;
         this.connectionId = connectionId;
+        this.user = user;
+        this.server = server;
     }
 
     public void close() {
+        if (server != null) {
+            server.connectionClosedHandler(connectionId);
+        }
         fsm.terminate();
     }
 
-    public void send(IdscpMessage msg) {
+    public void send(byte[] msg) {
         LOG.debug("Send idscp message");
-        fsm.send(msg);
+        fsm.send(IdscpMessageFactory.getIdscpDataMessage(msg));
+    }
+
+    @Override
+    public void onMessage(byte[] msg) {
+        LOG.info("Received new IDSCP Message: " + Arrays.toString(msg));
     }
 
     @Override
-    public void onMessage(IdscpMessage msg) {
-        LOG.info("Received new IDSCP Message: " + msg.toString());
+    public void onClose() {
+        LOG.debug("Connection with id {} has been closed, notify user", connectionId);
+        user.connectionClosedHandler(connectionId);
+        if (server != null) {
+            server.connectionClosedHandler(connectionId);
+        }
     }
 
     public boolean isConnected() {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
index a3a2a0b22..1171fdec1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
@@ -3,5 +3,6 @@
 import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 
 public interface IdscpMsgListener {
-    void onMessage(IdscpMessage message);
+    void onMessage(byte[] data);
+    void onClose();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
index 26d17fd45..d6c284c6f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -68,9 +68,6 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
         } else {
             LOG.debug("A new secure channel for an outgoing idscpv2 connection was established");
             FSM fsm = new FSM(secureChannel, dapsDriver);
-            String connectionId = UUID.randomUUID().toString();
-            //important so set endpoint connection id before fsm.startIdscpHandshake() to avoid deadlock
-            fsm.setEndpointConnectionId(connectionId);
 
             try {
                 fsm.startIdscpHandshake(); //blocking until handshake is done
@@ -78,7 +75,8 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
                 return;
             }
 
-            IDSCPv2Connection newConnection = new IDSCPv2Connection(fsm, connectionId);
+            String connectionId = UUID.randomUUID().toString();
+            IDSCPv2Connection newConnection = new IDSCPv2Connection(fsm, connectionId, user, null);
             fsm.registerMessageListener(newConnection);
             LOG.info("A new IDSCPv2 connection with id {} was created", connectionId);
             user.newConnectionHandler(newConnection);
@@ -90,9 +88,6 @@ public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnect
         if (secureChannel != null){
             LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
             FSM fsm = new FSM(secureChannel, dapsDriver);
-            String connectionId = UUID.randomUUID().toString();
-            //important so set endpoint connection id before fsm.startIdscpHandshake() to avoid deadlock
-            fsm.setEndpointConnectionId(connectionId);
 
             try {
                 fsm.startIdscpHandshake(); //blocking until handshake is done
@@ -101,7 +96,8 @@ public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnect
             }
 
             //create new IDSCPv2Connection
-            IDSCPv2Connection newConnection = new IDSCPv2Connection(fsm, connectionId);
+            String connectionId = UUID.randomUUID().toString();
+            IDSCPv2Connection newConnection = new IDSCPv2Connection(fsm, connectionId, user, idscpServer);
             fsm.registerMessageListener(newConnection);
             LOG.info("A new idscpv2 connection with id {} was created", connectionId);
             idscpServer.newConnectionHandler(newConnection); //bind connection to idscp server
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 581fdccec..ce71a31c1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -8,11 +8,14 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
+import de.fhg.aisec.ids.messages.IDSCPv2;
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.locks.Condition;
+import java.util.concurrent.locks.ReentrantLock;
 
 public class FSM implements FsmListener{
     private static final Logger LOG = LoggerFactory.getLogger(FSM.class);
@@ -43,8 +46,11 @@ public class FSM implements FsmListener{
 
     private IdscpMsgListener listener = null;
     private final CountDownLatch listenerLatch = new CountDownLatch(1);
-    private final Object idscpHandshakeLock = new Object();
-    private final Object fsmIsBusy = new Object();
+    private final ReentrantLock fsmIsBusy = new ReentrantLock(true); //use a fair synchronization lock (FIFO)
+    private final Condition onMessageBlock = fsmIsBusy.newCondition();
+    private final Condition idscpHandshakeLock = fsmIsBusy.newCondition();
+    private boolean handshakeResultAvailable = false;
+    private boolean fsmIsClosed = false;
 
     //toDo cipher suites
     private String[] localSupportedRatSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
@@ -62,6 +68,7 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver){
         this.dapsDriver = dapsDriver;
         secureChannel.setFsm(this);
 
+
         /* ------------- Timeout Handler Routines ------------*/
         Runnable handshakeTimeoutHandler = new Runnable() {
             @Override
@@ -92,24 +99,23 @@ public void run() {
         this.ratTimer = new Timer(fsmIsBusy, ratTimeoutHandler);
         /* ------------- end timeout routines ------------- */
 
-
         /*  -----------   Protocol Transitions   ---------- */
 
         /*---------------------------------------------------
-        * STATE_CLOSED - Transition Description
-        * ---------------------------------------------------
-        * onICM: start_handshake --> {send IDSCP_HELLO, set handshake_timeout} --> STATE_WAIT_FOR_HELLO
-        * ALL_OTHER_MESSAGES ---> STATE_CLOSED
-        * --------------------------------------------------- */
+         * STATE_CLOSED - Transition Description
+         * ---------------------------------------------------
+         * onICM: start_handshake --> {send IDSCP_HELLO, set handshake_timeout} --> STATE_WAIT_FOR_HELLO
+         * ALL_OTHER_MESSAGES ---> STATE_CLOSED
+         * --------------------------------------------------- */
         STATE_CLOSED.addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.getValue(), new Transition(
                 event -> {
                     LOG.debug("Get DAT Token vom DAT_DRIVER");
                     byte[] dat = this.dapsDriver.getToken();
                     LOG.debug("Send IDSCP_HELLO");
-                    IdscpMessage idscpHello = IdscpMessageFactory.
+                    IDSCPv2.IdscpMessage idscpHello = IdscpMessageFactory.
                             getIdscpHelloMessage(dat, this.localSupportedRatSuite, this.localExpectedRatSuite);
                     sendFromFSM(idscpHello);
-                    fsmIsBusy.notify(); //enables fsm.onMessage()
+                    onMessageBlock.signalAll(); //enables fsm.onMessage()
                     LOG.debug("Set handshake timeout");
                     handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_HELLO");
@@ -124,7 +130,7 @@ public void run() {
                     notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
                 }
-            );
+        );
 
         /*---------------------------------------------------
          * STATE_WAIT_FOR_HELLO - Transition Description
@@ -234,7 +240,6 @@ public void run() {
                     handshakeTimer.resetTimeout(5);
 
                     LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
-                    notifyHandshakeCompleteLock();
                     return STATE_WAIT_FOR_RAT;
                 }
         ));
@@ -429,11 +434,6 @@ public void run() {
                 event -> {
                     LOG.debug("No transition available for given event " + event.toString());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
-                    try {
-                        Thread.sleep(60000);
-                    } catch (InterruptedException e) {
-                        e.printStackTrace();
-                    }
                     return STATE_WAIT_FOR_RAT;
                 }
         );
@@ -500,7 +500,6 @@ public void run() {
                     LOG.debug("Set handshake timeout");
                     handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
-                    notifyHandshakeCompleteLock();
                     return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
                 }
         ));
@@ -587,11 +586,6 @@ public void run() {
                 event -> {
                     LOG.debug("No transition available for given event " + event.toString());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
-                    try {
-                        Thread.sleep(60000);
-                    } catch (InterruptedException e) {
-                        e.printStackTrace();
-                    }
                     return STATE_WAIT_FOR_RAT_VERIFIER;
                 }
         );
@@ -662,7 +656,6 @@ public void run() {
                     LOG.debug("Set handshake timeout");
                     handshakeTimer.resetTimeout(5);
                     LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
-                    notifyHandshakeCompleteLock();
                     return STATE_WAIT_FOR_DAT_AND_RAT;
                 }
         ));
@@ -761,11 +754,6 @@ public void run() {
                 event -> {
                     LOG.debug("No transition available for given event " + event.toString());
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
-                    try {
-                        Thread.sleep(60000);
-                    } catch (InterruptedException e) {
-                        e.printStackTrace();
-                    }
                     return STATE_WAIT_FOR_RAT_PROVER;
                 }
         );
@@ -1061,7 +1049,8 @@ public void run() {
                     LOG.debug("Error occurred, send IDSCP_CLOSE and close idscp connection");
                     this.datTimer.cancelTimeout();
                     this.ratTimer.cancelTimeout();
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred",
+                            IdscpClose.CloseCause.ERROR));
                     LOG.debug("Switch to state STATE_CLOSED");
                     return STATE_CLOSED;
                 }
@@ -1134,7 +1123,7 @@ public void run() {
                 event -> {
                     try {
                         this.listenerLatch.await();
-                        this.listener.onMessage(event.getIdscpMessage());
+                        this.listener.onMessage(event.getIdscpMessage().getIdscpData().toByteArray());
                         LOG.debug("Idscp data was passed to connection listener");
                     } catch (InterruptedException ex) {
                         Thread.currentThread().interrupt();
@@ -1159,11 +1148,6 @@ public void run() {
                 event -> {
                     LOG.debug("No transition available for given event " + event.toString());
                     LOG.debug("Stay in state STATE_ESTABLISHED");
-                    try {
-                        Thread.sleep(60000);
-                    } catch (InterruptedException e) {
-                        e.printStackTrace();
-                    }
                     return STATE_ESTABLISHED;
                 }
         );
@@ -1186,27 +1170,32 @@ public void onMessage(byte[] data){
 
         Event event = new Event(message);
         //must wait when fsm is in state STATE_CLOSED --> wait() will be notified when fsm is leaving STATE_CLOSED
-        synchronized (fsmIsBusy){
+        fsmIsBusy.lock();
+        try {
             while (currentState == STATE_CLOSED){
                 try {
-                    fsmIsBusy.wait();
+                    onMessageBlock.await();
                 } catch (InterruptedException e) {
                     Thread.currentThread().interrupt();
                 }
             }
-            currentState = currentState.feedEvent(event);
-            /*if (LOG.isDebugEnabled()) {
-                LOG.debug("Switched to state {}", currentState);
-            }*/
+            feedEvent(event);
+        } finally {
+            fsmIsBusy.unlock();
         }
+
     }
 
     @Override
     public void onControlMessage(InternalControlMessage controlMessage) {
         //create Internal Control Message Event and pass it to current state and update new state
         Event e = new Event(controlMessage);
-        synchronized (fsmIsBusy){
-            currentState = currentState.feedEvent(e);
+
+        fsmIsBusy.lock();
+        try {
+            feedEvent(e);
+        } finally {
+            fsmIsBusy.unlock();
         }
     }
 
@@ -1220,12 +1209,15 @@ public void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessa
             e = new Event(controlMessage, idscpMessage);
         }
 
-        synchronized (fsmIsBusy) {
+        fsmIsBusy.lock();
+        try {
             if (Long.toString(Thread.currentThread().getId()).equals(currentRatProverId)) {
-                currentState = currentState.feedEvent(e);
+                feedEvent(e);
             } else {
                 LOG.warn("An old or unknown identity calls onRatProverMessage()");
             }
+        } finally {
+            fsmIsBusy.unlock();
         }
     }
 
@@ -1239,12 +1231,37 @@ public void onRatVerifierMessage(InternalControlMessage controlMessage, IdscpMes
             e = new Event(controlMessage, idscpMessage);
         }
 
-        synchronized (fsmIsBusy) {
+        fsmIsBusy.lock();
+        try{
             if (Long.toString(Thread.currentThread().getId()).equals(currentRatVerifierId)) {
-                currentState = currentState.feedEvent(e);
+                feedEvent(e);
             } else {
                 LOG.warn("An old or unknown identity calls onRatVerifierMessage()");
             }
+        } finally {
+            fsmIsBusy.unlock();
+        }
+    }
+
+    private void feedEvent(Event e){
+        State prevState = currentState;
+        currentState = currentState.feedEvent(e);
+        if (!prevState.equals(STATE_CLOSED) && currentState.equals(STATE_CLOSED)){
+            //fsm is closed, stop and free all resources, drivers and lock fsm forever
+            secureChannel.close();
+            dapsDriver = null;
+
+            this.datTimer.cancelTimeout();
+            this.datTimer = null;
+            this.ratTimer.cancelTimeout();
+            this.ratTimer = null;
+            this.handshakeTimer.cancelTimeout();
+            this.handshakeTimer = null;
+
+            this.stopRatProverDriver();
+            this.stopRatVerifierDriver();
+
+            fsmIsClosed = true;
         }
     }
 
@@ -1256,14 +1273,20 @@ public void terminate(){
     }
 
     public void startIdscpHandshake() throws IDSCPv2Exception {
-        if (currentState.equals(STATE_CLOSED)){
-            //trigger handshake init
-            onControlMessage(InternalControlMessage.START_IDSCP_HANDSHAKE);
+        fsmIsBusy.lock();
+        try {
+            if (currentState.equals(STATE_CLOSED)) {
+                if (fsmIsClosed) {
+                    throw new IDSCPv2Exception("FSM is in a final closed state forever");
+                }
+
+                //trigger handshake init
+                onControlMessage(InternalControlMessage.START_IDSCP_HANDSHAKE);
 
-            try {
                 //wait until handshake was successful or failed
-                synchronized (idscpHandshakeLock) {
-                    idscpHandshakeLock.wait();
+                if (!handshakeResultAvailable) {
+                    System.out.println("lock handshake");
+                    idscpHandshakeLock.await();
                 }
 
                 if (!isConnected()){
@@ -1271,9 +1294,14 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
                     throw new IDSCPv2Exception("Handshake failed");
                 }
 
-            } catch (InterruptedException e) {
-                throw new IDSCPv2Exception("Handshake failed because thread was interrupted");
+
+            } else {
+                throw new IDSCPv2Exception("Handshake has already been started");
             }
+        } catch (InterruptedException e) {
+            throw new IDSCPv2Exception("Handshake failed because thread was interrupted");
+        } finally {
+            fsmIsBusy.unlock();
         }
     }
 
@@ -1282,14 +1310,39 @@ private void sendFromFSM(IdscpMessage msg){
         secureChannel.send(msg.toByteArray());
     }
 
+    @Override
+    public void onError(){
+        onControlMessage(InternalControlMessage.ERROR);
+        try {
+            listenerLatch.await();
+            listener.onClose();
+        } catch (InterruptedException e) {
+            e.printStackTrace();
+        }
+    }
+
+    @Override
+    public void onClose(){
+        onControlMessage(InternalControlMessage.ERROR); //toDo
+        try {
+            listenerLatch.await();
+            listener.onClose();
+        } catch (InterruptedException e) {
+            e.printStackTrace();
+        }
+    }
+
     public void send(IdscpMessage msg){
         //send messages from user only when idscp connection is established
-        synchronized(fsmIsBusy){
+        fsmIsBusy.lock();
+        try{
             if(isConnected()){
                 secureChannel.send(msg.toByteArray());
             } else {
                 LOG.error("Cannot send IDSCP_DATA because protocol is not established");
             }
+        } finally {
+            fsmIsBusy.unlock();
         }
     }
 
@@ -1302,13 +1355,13 @@ public void registerMessageListener(IdscpMsgListener listener){
         listenerLatch.countDown();
     }
 
-    public void setEndpointConnectionId(String id){
-        this.secureChannel.setEndpointConnectionId(id);
-    }
-
     private void notifyHandshakeCompleteLock(){
-        synchronized (idscpHandshakeLock){
-            idscpHandshakeLock.notify();
+        fsmIsBusy.lock();
+        try {
+            handshakeResultAvailable = true;
+            idscpHandshakeLock.signal();
+        } finally {
+            fsmIsBusy.unlock();
         }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
index 6cfd1827f..0a2dc0659 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
@@ -7,4 +7,6 @@ public interface FsmListener {
     void onControlMessage(InternalControlMessage controlMessage);
     void onRatProverMessage(InternalControlMessage controlMessage, IDSCPv2.IdscpMessage idscpMessage);
     void onRatVerifierMessage(InternalControlMessage controlMessage, IDSCPv2.IdscpMessage idscpMessage);
+    void onError();
+    void onClose();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
index 75f540537..92ea6cce6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
@@ -30,4 +30,14 @@ void addTransition(Object k, Transition t){
     void setNoTransitionHandler(Function<Event, State> noTransitionHandler) {
         this.noTransitionHandler = noTransitionHandler;
     }
+/*
+    protected void runEntryCode(){
+
+    }
+
+    protected void runExitCode(){
+
+    }
+
+ */
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateClosed.java
new file mode 100644
index 000000000..02f973e16
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateClosed.java
@@ -0,0 +1,15 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
+
+
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
+
+
+
+public class StateClosed extends State {
+
+    public StateClosed(FSM fsm){
+
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateEstablished.java
new file mode 100644
index 000000000..7180c462f
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateEstablished.java
@@ -0,0 +1,6 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
+
+public class StateEstablished extends State {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRat.java
new file mode 100644
index 000000000..f90e5b829
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRat.java
@@ -0,0 +1,6 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
+
+public class StateWaitForDatAndRat extends State {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRatVerifier.java
new file mode 100644
index 000000000..9dd6a0c95
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRatVerifier.java
@@ -0,0 +1,6 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
+
+public class StateWaitForDatAndRatVerifier extends State {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForHello.java
new file mode 100644
index 000000000..dec7a21bf
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForHello.java
@@ -0,0 +1,6 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
+
+public class StateWaitForHello extends State {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRat.java
new file mode 100644
index 000000000..790c69e77
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRat.java
@@ -0,0 +1,6 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
+
+public class StateWaitForRat extends State {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatProver.java
new file mode 100644
index 000000000..0c0f11ef2
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatProver.java
@@ -0,0 +1,6 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
+
+public class StateWaitForRatProver extends State {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatVerifier.java
new file mode 100644
index 000000000..842e056b5
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatVerifier.java
@@ -0,0 +1,6 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
+
+public class StateWaitForRatVerifier extends State {
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
index df556a5a4..9eb2e25b5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
@@ -7,12 +7,12 @@ public class Timer {
     //toDo real time FIFO synchronization for whole state machine
 
     private TimerThread thread = null;
-    private final Object lock;
-    private final ReentrantLock mutex = new ReentrantLock();
+    private final ReentrantLock fsmIsBusy;
+    private final ReentrantLock mutex = new ReentrantLock(true);
     private final Runnable timeoutHandler;
 
-    Timer(Object lock, Runnable timeoutHandler){
-        this.lock = lock;
+    Timer(ReentrantLock fsmIsBusy, Runnable timeoutHandler){
+        this.fsmIsBusy = fsmIsBusy;
         this.timeoutHandler = timeoutHandler;
     }
 
@@ -23,7 +23,7 @@ void resetTimeout(int delay){
 
     public void start(int delay){
         mutex.lock();
-        thread = new TimerThread(delay, timeoutHandler, lock);
+        thread = new TimerThread(delay, timeoutHandler, fsmIsBusy);
         thread.start();
         mutex.unlock();
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
index 4901f4656..bfdd5ac74 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
@@ -1,16 +1,18 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
+import java.util.concurrent.locks.ReentrantLock;
+
 public class TimerThread extends Thread{
 
     private volatile boolean canceled = false;
     private int delay;
     private final Runnable timeoutHandler;
-    private final Object lock;
+    private final ReentrantLock fsmIsBusy;
 
-    TimerThread(int delay, Runnable timeoutHandler, Object lock){
+    TimerThread(int delay, Runnable timeoutHandler, ReentrantLock fsmIsBusy){
         this.delay = delay;
         this.timeoutHandler = timeoutHandler;
-        this.lock = lock;
+        this.fsmIsBusy = fsmIsBusy;
     }
 
     public void run(){
@@ -23,10 +25,13 @@ public void run(){
         if (canceled)
             return;
 
-        synchronized (lock){
+        fsmIsBusy.lock();
+        try {
             if (!canceled){
                 timeoutHandler.run();
             }
+        } finally {
+            fsmIsBusy.unlock();
         }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index 917a37f95..73e90f072 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -52,13 +52,30 @@ public void onMessage(byte[] data){
         }
     }
 
-    public boolean isConnected(){
-        return endpoint.isConnected();
+    @Override
+    public void onError() {
+        //tell fsm an error occurred in secure channel
+        try {
+            fsmLatch.await();
+            fsm.onError();
+        } catch (InterruptedException e) {
+            Thread.currentThread().interrupt();
+        }
+    }
+
+    @Override
+    public void onClose() {
+        //tell fsm secure channel received EOF
+        try {
+            fsmLatch.await();
+            fsm.onClose();
+        } catch (InterruptedException e) {
+            Thread.currentThread().interrupt();
+        }
     }
 
-    public void setEndpointConnectionId(String id){
-        this.endpoint.setConnectionId(id);
-        //deadlock is resolved
+    public boolean isConnected(){
+        return endpoint.isConnected();
     }
 
     public void setFsm(FsmListener fsm) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
index dd27ccf5e..f3134434c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
@@ -10,7 +10,6 @@
  * void onMessage(int len, byte[])      receive new raw data from connected endpoint
  * void send(byte[])                    send byte array to connected endpoint
  * boolean isConnected()                check if endpoint is connected
- * void setConnectionId(String id)
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -19,5 +18,4 @@ public interface SecureChannelEndpoint {
     void onMessage(byte[] bytes);
     void send(byte[] bytes);
     boolean isConnected();
-    void setConnectionId(String id);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
index 8ad5218ab..e4a7b85fc 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
@@ -2,4 +2,6 @@
 
 public interface SecureChannelListener {
     void onMessage(byte[] data);
+    void onError();
+    void onClose();
 }
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index 05e1489db..f3ca7312d 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -33,7 +33,7 @@ public void init(IDSCPv2Settings settings){
     @Override
     public void newConnectionHandler(IDSCPv2Connection connection) {
         this.connections.put(connection.getConnectionId(), connection);
-        //connection.close();
+        System.out.println("New connection with id " + connection.getConnectionId());
     }
 
     @Override
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index 1245dfd61..f326530b3 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -46,7 +46,7 @@ public void init(IDSCPv2Settings serverSettings)  {
 
     @Override
     public void newConnectionHandler(IDSCPv2Connection connection) {
-        //connections.put(connection.getConnectionId(), connection);
+        System.out.println("New connection with id " + connection.getConnectionId());
     }
 
     @Override
@@ -57,6 +57,5 @@ public void errorHandler(String error) {
     @Override
     public void connectionClosedHandler(String connectionId) {
         System.out.println("Connection with id " + connectionId + " has been closed");
-        //connections.remove(connectionId);
     }
 }

From 25fe28cca8144b6e196a2a69a128e0410639de37 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 6 Feb 2020 13:52:33 +0100
Subject: [PATCH 049/237] FIX Timer Thread lifetime bug, Simplify closing

---
 .../secure_channel/client/TLSClient.java      |   9 +-
 .../server/TLSServerThread.java               |   2 +
 .../idscp_core/finite_state_machine/FSM.java  | 228 +++++++-----------
 .../finite_state_machine/TimerThread.java     |  10 +-
 .../idscp_server/IDSCPv2Server.java           |   6 +-
 .../src/test/java/IDSCPv2ClientInitiator.java |   6 +-
 .../src/test/java/IDSCPv2ServerInitiator.java |   8 +-
 idscp2/src/test/java/RunTLSClient.java        |   1 -
 8 files changed, 108 insertions(+), 162 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 7dc721bdf..3e957daec 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -149,7 +149,7 @@ private void disconnect(){
             try {
                 clientSocket.close();
             } catch (IOException e) {
-                //e.printStackTrace();
+                //nothing to do
             }
         }
     }
@@ -181,7 +181,8 @@ public void close() {
 
     public void send(byte[] data){
         if (!isConnected()){
-            LOG.warn("Client cannot send data because socket is not connected");
+            LOG.error("Client cannot send data because socket is not connected");
+            onError();
         } else {
             try {
                 out.writeInt(data.length);
@@ -189,8 +190,8 @@ public void send(byte[] data){
                 out.flush();
                 LOG.debug("Send message: {}", new String(data));
             } catch (IOException e){
-                LOG.warn("Client cannot send data");
-                //e.printStackTrace();
+                LOG.error("Client cannot send data");
+                onError();
             }
         }
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index 853b25a08..bd1bad248 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -108,6 +108,7 @@ public void send(byte[] data) {
         if (!isConnected()){
             LOG.error("Server cannot send data because socket is not connected");
             closeSockets();
+            onError();
         } else {
             try {
                 out.writeInt(data.length);
@@ -117,6 +118,7 @@ public void send(byte[] data) {
             } catch (IOException e){
                 LOG.error("ServerThread cannot send data.");
                 closeSockets();
+                onError();
             }
         }
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index ce71a31c1..03e8e5404 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -127,7 +127,6 @@ public void run() {
                 event -> {
                     LOG.debug("No transition available for given event " + event.toString());
                     LOG.debug("Stay in state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
                     return STATE_CLOSED;
                 }
         );
@@ -135,7 +134,7 @@ public void run() {
         /*---------------------------------------------------
          * STATE_WAIT_FOR_HELLO - Transition Description
          * ---------------------------------------------------
-         * onICM: error --> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: error --> {} ---> STATE_CLOSED
          * onICM: stop --> {send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: timeout --> {send IDSCP_CLOSE} ---> STATE_CLOSED
          * onMessage: IDSCP_CLOSE---> {} ---> STATE_CLOSED
@@ -148,10 +147,9 @@ public void run() {
         STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
                     handshakeTimer.cancelTimeout();
-                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -162,7 +160,7 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -172,7 +170,7 @@ public void run() {
                     LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -182,7 +180,7 @@ public void run() {
                     handshakeTimer.cancelTimeout();
                     LOG.debug("Received IDSCP_CLOSE");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -201,7 +199,7 @@ public void run() {
                         sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Prover mechanism",
                                 IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
                         LOG.debug("Switch to state STATE_CLOSED");
-                        notifyHandshakeCompleteLock();
+                        connectionClosed();
                         return STATE_CLOSED;
                     }
 
@@ -212,7 +210,7 @@ public void run() {
                         sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Verifier mechanism",
                                 IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
                         LOG.debug("Switch to state STATE_CLOSED");
-                        notifyHandshakeCompleteLock();
+                        connectionClosed();
                         return STATE_CLOSED;
                     }
 
@@ -225,7 +223,7 @@ public void run() {
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
                         LOG.debug("Switch to state STATE_CLOSED");
-                        notifyHandshakeCompleteLock();
+                        connectionClosed();
                         return STATE_CLOSED;
                     }
                     this.remoteDat = dat;
@@ -255,7 +253,7 @@ public void run() {
         /*---------------------------------------------------
          * STATE_WAIT_FOR_RAT - Transition Description
          * ---------------------------------------------------
-         * onICM: error ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> IDSCP_CLOSED
+         * onICM: error ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
          * onICM: stop ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> IDSCP_CLOSED
          * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
          * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_WAIT_FOR_RAT_PROVER
@@ -273,28 +271,19 @@ public void run() {
          * --------------------------------------------------- */
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event ->  {
-                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    stopRatProverDriver();
-                    stopRatVerifierDriver();
-                    this.handshakeTimer.cancelTimeout();
-                    this.datTimer.cancelTimeout();
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
 
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    stopRatProverDriver();
-                    stopRatVerifierDriver();
-                    this.handshakeTimer.cancelTimeout();
-                    this.datTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -320,12 +309,9 @@ public void run() {
                 event -> {
                     LOG.error("RAT_PROVER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    stopRatVerifierDriver();
-                    this.datTimer.cancelTimeout();
-                    this.handshakeTimer.cancelTimeout();
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -333,13 +319,10 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
                 event -> {
                     LOG.error("RAT_VERIFIER failed");
-                    stopRatProverDriver();
-                    this.datTimer.cancelTimeout();
-                    this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -377,12 +360,9 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    stopRatProverDriver();
-                    stopRatVerifierDriver();
-                    this.datTimer.cancelTimeout();
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -420,12 +400,8 @@ public void run() {
         STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
-                    stopRatVerifierDriver();
-                    stopRatProverDriver();
-                    this.handshakeTimer.cancelTimeout();
-                    this.datTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -441,7 +417,7 @@ public void run() {
         /*---------------------------------------------------
          * STATE_WAIT_FOR_RAT_VERIFIER - Transition Description
          * ---------------------------------------------------
-         * onICM: error ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onICM: error ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
          * onICM: close ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
          * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED, cancel ratV} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
          * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
@@ -456,26 +432,19 @@ public void run() {
          * --------------------------------------------------- */
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    stopRatVerifierDriver();
-                    this.datTimer.cancelTimeout();
-                    this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
 
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
-                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    this.datTimer.cancelTimeout();
-                    stopRatVerifierDriver();
-                    this.handshakeTimer.cancelTimeout();
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -483,11 +452,9 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    stopRatVerifierDriver();
-                    datTimer.cancelTimeout();
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -511,7 +478,7 @@ public void run() {
                     LOG.debug("Start RAT Timer");
                     this.ratTimer.resetTimeout(ratTimeoutDelay);
                     LOG.debug("Switch to state STATE_ESTABLISHED");
-                    notifyHandshakeCompleteLock();
+                    connectionEstablished();
                     return STATE_ESTABLISHED;
                 }
         ));
@@ -519,12 +486,10 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
                 event -> {
                     LOG.error("RAT_VERIFIER failed");
-                    this.handshakeTimer.cancelTimeout();
-                    this.datTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -541,11 +506,8 @@ public void run() {
         STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
-                    stopRatVerifierDriver();
-                    this.datTimer.cancelTimeout();
-                    this.handshakeTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -594,7 +556,7 @@ public void run() {
          * STATE_WAIT_FOR_RAT_PROVER - Transition Description
          * ---------------------------------------------------
          * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER, timeouts.terminate()} ---> STATE_CLOSED
-         * onICM: error ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
          * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
          * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT
          * onICM: rat_prover_ok ---> {} ---> STATE_ESTABLISHED
@@ -609,28 +571,19 @@ public void run() {
          * --------------------------------------------------- */
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    stopRatProverDriver();
-                    this.ratTimer.cancelTimeout();
-                    this.datTimer.cancelTimeout();
-                    this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
 
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
-                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    stopRatProverDriver();
-                    this.ratTimer.cancelTimeout();
-                    this.datTimer.cancelTimeout();
-                    this.handshakeTimer.cancelTimeout();
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -638,12 +591,9 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    stopRatProverDriver();
-                    this.datTimer.cancelTimeout();
-                    this.ratTimer.cancelTimeout();
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -665,7 +615,7 @@ public void run() {
                     LOG.debug("Received RAT_PROVER OK");
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_ESTABLISHED");
-                    notifyHandshakeCompleteLock();
+                    connectionEstablished();
                     return STATE_ESTABLISHED;
                 }
         ));
@@ -673,14 +623,10 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
                 event -> {
                     LOG.error("RAT_PROVER failed");
-                    stopRatProverDriver();
-                    this.handshakeTimer.cancelTimeout();
-                    this.datTimer.cancelTimeout();
-                    this.ratTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -710,12 +656,8 @@ public void run() {
         STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
-                    stopRatProverDriver();
-                    this.handshakeTimer.cancelTimeout();
-                    this.datTimer.cancelTimeout();
-                    this.ratTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -762,7 +704,7 @@ public void run() {
          * STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER - Transition Description
          * ---------------------------------------------------
          * onICM: stop ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: error ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: error ---> {} ---> STATE_CLOSED
          * onICM: timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
          * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
          * onMessage: IDSCP_DAT(success) --> {verify DAT, set det_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFEIER
@@ -773,22 +715,19 @@ public void run() {
          * --------------------------------------------------- */
         STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
 
         STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
-                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    this.handshakeTimer.cancelTimeout();
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -798,7 +737,7 @@ public void run() {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -806,9 +745,8 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
-                    this.handshakeTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -824,7 +762,7 @@ public void run() {
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
                         LOG.debug("Switch to state STATE_CLOSED");
-                        notifyHandshakeCompleteLock();
+                        connectionClosed();
                         return STATE_CLOSED;
                     }
                     this.remoteDat = dat;
@@ -876,7 +814,7 @@ public void run() {
          * STATE_WAIT_FOR_DAT_AND_RAT - Transition Description
          * ---------------------------------------------------
          * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: error ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
          * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
          * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
          * onICM: rat_prover_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
@@ -891,24 +829,19 @@ public void run() {
          * --------------------------------------------------- */
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    stopRatProverDriver();
-                    this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
 
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
-                    LOG.debug("An internal control error occurred, send IDSC_CLOSE");
-                    stopRatProverDriver();
-                    this.handshakeTimer.cancelTimeout();
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred", IdscpClose.CloseCause.ERROR));
+                    LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -916,10 +849,9 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    stopRatProverDriver();
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -936,11 +868,10 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
                 event -> {
                     LOG.error("RAT_PROVER failed");
-                    this.handshakeTimer.cancelTimeout();
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -957,10 +888,8 @@ public void run() {
         STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
-                    stopRatProverDriver();
-                    this.handshakeTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_CLOSED");
-                    notifyHandshakeCompleteLock();
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -973,11 +902,10 @@ public void run() {
                     byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
                     int datValidityPeriod;
                     if (0 > (datValidityPeriod = this.dapsDriver.verifyToken(dat))){
-                        stopRatProverDriver();
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
                         LOG.debug("Switch to state STATE_CLOSED");
-                        notifyHandshakeCompleteLock();
+                        connectionClosed();
                         return STATE_CLOSED;
                     }
                     this.remoteDat = dat;
@@ -1034,7 +962,7 @@ public void run() {
          * STATE_ESTABLISHED - Transition Description
          * ---------------------------------------------------
          * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: stop ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
          * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
          * //FIXME onICM: send_data ---> {send IDS_DATA} ---> STATE_ESTABLISHED
          * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
@@ -1046,12 +974,9 @@ public void run() {
          * --------------------------------------------------- */
         STATE_ESTABLISHED.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
                 event -> {
-                    LOG.debug("Error occurred, send IDSCP_CLOSE and close idscp connection");
-                    this.datTimer.cancelTimeout();
-                    this.ratTimer.cancelTimeout();
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Error occurred",
-                            IdscpClose.CloseCause.ERROR));
+                    LOG.debug("Error occurred, close idscp connection");
                     LOG.debug("Switch to state STATE_CLOSED");
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -1059,10 +984,9 @@ public void run() {
         STATE_ESTABLISHED.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_CLOSE");
-                    this.datTimer.cancelTimeout();
-                    this.ratTimer.cancelTimeout();
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -1137,9 +1061,8 @@ public void run() {
         STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Receive IDSCP_CLOSED");
-                    datTimer.cancelTimeout();
-                    ratTimer.cancelTimeout();
                     LOG.debug("Switch to STATE_CLOSED");
+                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -1284,8 +1207,7 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
                 onControlMessage(InternalControlMessage.START_IDSCP_HANDSHAKE);
 
                 //wait until handshake was successful or failed
-                if (!handshakeResultAvailable) {
-                    System.out.println("lock handshake");
+                while (!handshakeResultAvailable) {
                     idscpHandshakeLock.await();
                 }
 
@@ -1294,7 +1216,6 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
                     throw new IDSCPv2Exception("Handshake failed");
                 }
 
-
             } else {
                 throw new IDSCPv2Exception("Handshake has already been started");
             }
@@ -1313,22 +1234,43 @@ private void sendFromFSM(IdscpMessage msg){
     @Override
     public void onError(){
         onControlMessage(InternalControlMessage.ERROR);
-        try {
-            listenerLatch.await();
-            listener.onClose();
-        } catch (InterruptedException e) {
-            e.printStackTrace();
-        }
     }
 
     @Override
     public void onClose(){
-        onControlMessage(InternalControlMessage.ERROR); //toDo
+        onControlMessage(InternalControlMessage.ERROR);
+    }
+
+    private void connectionEstablished(){
+        fsmIsBusy.lock();
         try {
-            listenerLatch.await();
-            listener.onClose();
+            if (!handshakeResultAvailable) {
+                notifyHandshakeCompleteLock();
+            }
+        } finally {
+            fsmIsBusy.unlock();
+        }
+    }
+
+    private void connectionClosed(){
+        fsmIsBusy.lock();
+        try {
+            if (handshakeResultAvailable){
+                listenerLatch.await();
+                listener.onClose();
+            } else {
+                notifyHandshakeCompleteLock();
+            }
+            //terminate timeouts, rat drivers
+            this.handshakeTimer.cancelTimeout();
+            this.datTimer.cancelTimeout();
+            this.ratTimer.cancelTimeout();
+            stopRatVerifierDriver();
+            stopRatProverDriver();
         } catch (InterruptedException e) {
-            e.printStackTrace();
+            Thread.currentThread().interrupt();
+        } finally {
+            fsmIsBusy.unlock();
         }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
index bfdd5ac74..2efc7109c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
@@ -19,11 +19,14 @@ public void run(){
         try {
             Thread.sleep(delay * 1000);
         } catch (InterruptedException e) {
-            Thread.currentThread().interrupt();
-            return;
+            if (!canceled) {
+                Thread.currentThread().interrupt();
+            }
         }
-        if (canceled)
+
+        if (canceled) {
             return;
+        }
 
         fsmIsBusy.lock();
         try {
@@ -37,5 +40,6 @@ public void run(){
 
     public void safeStop(){
         canceled = true;
+        this.interrupt();
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
index ac5aad82b..600998a95 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
@@ -39,10 +39,8 @@ public void terminate(){
 
     public void terminateAllSessions(){
         for (IDSCPv2Connection c : connections.values()){
-            if (c.isConnected()){
-                c.close();
-                LOG.debug("Idscp connection with id {} has been closed", c.getConnectionId());
-            }
+            c.close();
+            LOG.debug("Idscp connection with id {} has been closed", c.getConnectionId());
             connections.remove(c.getConnectionId());
         }
     }
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index f3ca7312d..ea21da39d 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -33,17 +33,17 @@ public void init(IDSCPv2Settings settings){
     @Override
     public void newConnectionHandler(IDSCPv2Connection connection) {
         this.connections.put(connection.getConnectionId(), connection);
-        System.out.println("New connection with id " + connection.getConnectionId());
+        System.out.println("User: New connection with id " + connection.getConnectionId());
     }
 
     @Override
     public void errorHandler(String error) {
-        System.out.println("Error occurred: " + error);
+        System.out.println("User: Error occurred: " + error);
     }
 
     @Override
     public void connectionClosedHandler(String connectionId) {
-        System.out.println("Connection closed");
+        System.out.println("User: Connection closed");
         connections.remove(connectionId);
     }
 }
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index f326530b3..51aeee7c3 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -37,7 +37,7 @@ public void init(IDSCPv2Settings serverSettings)  {
         }
         //secureServer.safeStop();
         try {
-            Thread.sleep(120000); //run server for 2 minutes
+            Thread.sleep(20000); //run server for 2 minutes
         } catch (Exception e){
             return;
         }
@@ -46,16 +46,16 @@ public void init(IDSCPv2Settings serverSettings)  {
 
     @Override
     public void newConnectionHandler(IDSCPv2Connection connection) {
-        System.out.println("New connection with id " + connection.getConnectionId());
+        System.out.println("User: New connection with id " + connection.getConnectionId());
     }
 
     @Override
     public void errorHandler(String error) {
-        System.out.println("Error occurred: " + error);
+        System.out.println("User: Error occurred: " + error);
     }
 
     @Override
     public void connectionClosedHandler(String connectionId) {
-        System.out.println("Connection with id " + connectionId + " has been closed");
+        System.out.println("User: Connection with id " + connectionId + " has been closed");
     }
 }
diff --git a/idscp2/src/test/java/RunTLSClient.java b/idscp2/src/test/java/RunTLSClient.java
index 0be272085..2381d1071 100644
--- a/idscp2/src/test/java/RunTLSClient.java
+++ b/idscp2/src/test/java/RunTLSClient.java
@@ -13,6 +13,5 @@ public static void main(String[] args){
 
         IDSCPv2ClientInitiator initiator = new IDSCPv2ClientInitiator();
         initiator.init(settings);
-
     }
 }

From aa1c17594d92c83886dedc412af90053ec83e819 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Thu, 6 Feb 2020 15:47:10 +0100
Subject: [PATCH 050/237] FSM simplify handshakeComplete

---
 .../daps/DefaultDapsDriver.java               |   2 +-
 .../idscp_core/finite_state_machine/FSM.java  | 129 +++++-------------
 .../finite_state_machine/State.java           |  10 +-
 .../src/test/java/IDSCPv2ServerInitiator.java |   2 +-
 4 files changed, 35 insertions(+), 108 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 35c229631..9d388668d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -16,6 +16,6 @@ public byte[] getToken() {
 
     @Override
     public int verifyToken(byte[] dat) {
-        return 3600;
+        return 20;
     } //returns number of seconds until dat is valid
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 03e8e5404..de8a855b5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -60,7 +60,7 @@ public class FSM implements FsmListener{
     private Timer datTimer;
     private Timer ratTimer;
     private Timer handshakeTimer;
-    private int ratTimeoutDelay = 10;
+    private int ratTimeoutDelay = 120;
 
     public FSM(SecureChannel secureChannel, DapsDriver dapsDriver){
 
@@ -70,28 +70,19 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver){
 
 
         /* ------------- Timeout Handler Routines ------------*/
-        Runnable handshakeTimeoutHandler = new Runnable() {
-            @Override
-            public void run() {
-                System.out.println("HANDSHAKE_TIMER_EXPIRED");
-                onControlMessage(InternalControlMessage.TIMEOUT);
-            }
+        Runnable handshakeTimeoutHandler = () -> {
+            System.out.println("HANDSHAKE_TIMER_EXPIRED");
+            onControlMessage(InternalControlMessage.TIMEOUT);
         };
 
-        Runnable datTimeoutHandler = new Runnable() {
-            @Override
-            public void run() {
-                System.out.println("DAT_TIMER_EXPIRED");
-                onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED);
-            }
+        Runnable datTimeoutHandler = () -> {
+            System.out.println("DAT_TIMER_EXPIRED");
+            onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED);
         };
 
-        Runnable ratTimeoutHandler = new Runnable() {
-            @Override
-            public void run() {
-                System.out.println("RAT_TIMER_EXPIRED");
-                onControlMessage(InternalControlMessage.REPEAT_RAT);
-            }
+        Runnable ratTimeoutHandler = () -> {
+            System.out.println("RAT_TIMER_EXPIRED");
+            onControlMessage(InternalControlMessage.REPEAT_RAT);
         };
         //toDo set correct delays
         this.handshakeTimer = new Timer(fsmIsBusy, handshakeTimeoutHandler);
@@ -149,7 +140,6 @@ public void run() {
                     handshakeTimer.cancelTimeout();
                     LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -160,7 +150,6 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -170,7 +159,6 @@ public void run() {
                     LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -180,7 +168,6 @@ public void run() {
                     handshakeTimer.cancelTimeout();
                     LOG.debug("Received IDSCP_CLOSE");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -199,7 +186,6 @@ public void run() {
                         sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Prover mechanism",
                                 IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
                         LOG.debug("Switch to state STATE_CLOSED");
-                        connectionClosed();
                         return STATE_CLOSED;
                     }
 
@@ -210,7 +196,6 @@ public void run() {
                         sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Verifier mechanism",
                                 IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
                         LOG.debug("Switch to state STATE_CLOSED");
-                        connectionClosed();
                         return STATE_CLOSED;
                     }
 
@@ -223,7 +208,6 @@ public void run() {
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
                         LOG.debug("Switch to state STATE_CLOSED");
-                        connectionClosed();
                         return STATE_CLOSED;
                     }
                     this.remoteDat = dat;
@@ -273,7 +257,6 @@ public void run() {
                 event ->  {
                     LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -283,7 +266,6 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -311,7 +293,6 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -322,7 +303,6 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -362,7 +342,6 @@ public void run() {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -401,7 +380,6 @@ public void run() {
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -435,7 +413,6 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -444,7 +421,6 @@ public void run() {
                 event -> {
                     LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -454,7 +430,6 @@ public void run() {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -478,7 +453,6 @@ public void run() {
                     LOG.debug("Start RAT Timer");
                     this.ratTimer.resetTimeout(ratTimeoutDelay);
                     LOG.debug("Switch to state STATE_ESTABLISHED");
-                    connectionEstablished();
                     return STATE_ESTABLISHED;
                 }
         ));
@@ -489,7 +463,6 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -507,7 +480,6 @@ public void run() {
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -573,8 +545,6 @@ public void run() {
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -583,7 +553,6 @@ public void run() {
                 event -> {
                     LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -593,7 +562,6 @@ public void run() {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -615,7 +583,6 @@ public void run() {
                     LOG.debug("Received RAT_PROVER OK");
                     this.handshakeTimer.cancelTimeout();
                     LOG.debug("Switch to state STATE_ESTABLISHED");
-                    connectionEstablished();
                     return STATE_ESTABLISHED;
                 }
         ));
@@ -626,7 +593,6 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -657,7 +623,6 @@ public void run() {
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -718,7 +683,6 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -727,7 +691,6 @@ public void run() {
                 event -> {
                     LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -737,7 +700,6 @@ public void run() {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -746,7 +708,6 @@ public void run() {
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -762,7 +723,6 @@ public void run() {
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
                         LOG.debug("Switch to state STATE_CLOSED");
-                        connectionClosed();
                         return STATE_CLOSED;
                     }
                     this.remoteDat = dat;
@@ -832,7 +792,6 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -841,7 +800,6 @@ public void run() {
                 event -> {
                     LOG.debug("An internal control error occurred");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -851,7 +809,6 @@ public void run() {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -871,7 +828,6 @@ public void run() {
                     LOG.debug("Send IDSC_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -889,7 +845,6 @@ public void run() {
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -905,7 +860,6 @@ public void run() {
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
                         LOG.debug("Switch to state STATE_CLOSED");
-                        connectionClosed();
                         return STATE_CLOSED;
                     }
                     this.remoteDat = dat;
@@ -976,7 +930,6 @@ public void run() {
                 event -> {
                     LOG.debug("Error occurred, close idscp connection");
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -986,7 +939,6 @@ public void run() {
                     LOG.debug("Send IDSCP_CLOSE");
                     sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
                     LOG.debug("Switch to state STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -1062,7 +1014,6 @@ public void run() {
                 event -> {
                     LOG.debug("Receive IDSCP_CLOSED");
                     LOG.debug("Switch to STATE_CLOSED");
-                    connectionClosed();
                     return STATE_CLOSED;
                 }
         ));
@@ -1166,25 +1117,40 @@ public void onRatVerifierMessage(InternalControlMessage controlMessage, IdscpMes
         }
     }
 
-    private void feedEvent(Event e){
+    private void feedEvent(Event event){
         State prevState = currentState;
-        currentState = currentState.feedEvent(e);
-        if (!prevState.equals(STATE_CLOSED) && currentState.equals(STATE_CLOSED)){
+        currentState = currentState.feedEvent(event);
+
+        //check if fsm switched to STATE_CLOSED
+        if (!prevState.equals(STATE_CLOSED) && currentState.equals(STATE_CLOSED)) {
             //fsm is closed, stop and free all resources, drivers and lock fsm forever
             secureChannel.close();
             dapsDriver = null;
-
             this.datTimer.cancelTimeout();
             this.datTimer = null;
             this.ratTimer.cancelTimeout();
             this.ratTimer = null;
             this.handshakeTimer.cancelTimeout();
             this.handshakeTimer = null;
-
             this.stopRatProverDriver();
             this.stopRatVerifierDriver();
-
             fsmIsClosed = true;
+
+            //inform upper layer via handshake or closeListener
+            try {
+                if (handshakeResultAvailable){
+                    listenerLatch.await();
+                    listener.onClose();
+                } else {
+                    notifyHandshakeCompleteLock();
+                }
+            } catch (InterruptedException e) {
+                Thread.currentThread().interrupt();
+            }
+
+        } else if (!prevState.equals(STATE_ESTABLISHED) && currentState.equals(STATE_ESTABLISHED)
+                && !handshakeResultAvailable) {
+            notifyHandshakeCompleteLock();
         }
     }
 
@@ -1241,39 +1207,6 @@ public void onClose(){
         onControlMessage(InternalControlMessage.ERROR);
     }
 
-    private void connectionEstablished(){
-        fsmIsBusy.lock();
-        try {
-            if (!handshakeResultAvailable) {
-                notifyHandshakeCompleteLock();
-            }
-        } finally {
-            fsmIsBusy.unlock();
-        }
-    }
-
-    private void connectionClosed(){
-        fsmIsBusy.lock();
-        try {
-            if (handshakeResultAvailable){
-                listenerLatch.await();
-                listener.onClose();
-            } else {
-                notifyHandshakeCompleteLock();
-            }
-            //terminate timeouts, rat drivers
-            this.handshakeTimer.cancelTimeout();
-            this.datTimer.cancelTimeout();
-            this.ratTimer.cancelTimeout();
-            stopRatVerifierDriver();
-            stopRatProverDriver();
-        } catch (InterruptedException e) {
-            Thread.currentThread().interrupt();
-        } finally {
-            fsmIsBusy.unlock();
-        }
-    }
-
     public void send(IdscpMessage msg){
         //send messages from user only when idscp connection is established
         fsmIsBusy.lock();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
index 92ea6cce6..551079fed 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
@@ -30,14 +30,8 @@ void addTransition(Object k, Transition t){
     void setNoTransitionHandler(Function<Event, State> noTransitionHandler) {
         this.noTransitionHandler = noTransitionHandler;
     }
-/*
-    protected void runEntryCode(){
 
-    }
-
-    protected void runExitCode(){
+    public void runEntryCode() {}
 
-    }
-
- */
+    public void runExitCode() {}
 }
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index 51aeee7c3..cedc582af 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -37,7 +37,7 @@ public void init(IDSCPv2Settings serverSettings)  {
         }
         //secureServer.safeStop();
         try {
-            Thread.sleep(20000); //run server for 2 minutes
+            Thread.sleep(120000); //run server for 2 minutes
         } catch (Exception e){
             return;
         }

From b00021bbc02cb26c1c383cb144b2d063b3355cc4 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Mon, 24 Feb 2020 16:54:06 +0100
Subject: [PATCH 051/237] FSM create classes for different states

---
 .../configuration/AttestationConfig.java      |    4 +
 .../configuration/IDSCPv2Configuration.java   |   12 +-
 .../configuration/IDSCPv2Settings.java        |    6 +-
 .../idscp_core/finite_state_machine/FSM.java  | 1101 ++---------------
 .../finite_state_machine/State.java           |    3 +-
 .../finite_state_machine/StateClosed.java     |   68 +
 .../StateEstablished.java                     |  120 ++
 .../StateWaitForDatAndRat.java                |  156 +++
 .../StateWaitForDatAndRatVerifier.java        |  120 ++
 .../StateWaitForHello.java                    |  138 +++
 .../finite_state_machine/StateWaitForRat.java |  176 +++
 .../StateWaitForRatProver.java                |  151 +++
 .../StateWaitForRatVerifier.java              |  140 +++
 .../States/StateClosed.java                   |   15 -
 .../States/StateEstablished.java              |    6 -
 .../States/StateWaitForDatAndRat.java         |    6 -
 .../States/StateWaitForDatAndRatVerifier.java |    6 -
 .../States/StateWaitForHello.java             |    6 -
 .../States/StateWaitForRat.java               |    6 -
 .../States/StateWaitForRatProver.java         |    6 -
 .../States/StateWaitForRatVerifier.java       |    6 -
 .../src/test/java/IDSCPv2ClientInitiator.java |    2 +-
 .../src/test/java/IDSCPv2ServerInitiator.java |    3 +-
 23 files changed, 1193 insertions(+), 1064 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateClosed.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateEstablished.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRat.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRatVerifier.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForHello.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRat.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatProver.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatVerifier.java

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
index 5a05122da..42beafbbe 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
@@ -11,4 +11,8 @@ public AttestationConfig(){
 
     }
 
+    public String[] getRatMechanisms(){
+        return new String[] {"TPM_2", "INTEL_SGX", "ARM_TRUST_ZONE"};
+    }
+
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
index d6c284c6f..a93cbed43 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -31,14 +31,20 @@ public class IDSCPv2Configuration implements IDSCPv2Callback {
     private IDSCPv2Initiator user;
     private DapsDriver dapsDriver;
     private SecureChannelDriver secureChannelDriver;
+    private final String[] localExpectedRatCipher;
+    private final String[] localSupportedRatCipher;
 
 
     public IDSCPv2Configuration(IDSCPv2Initiator initiator,
                                 DapsDriver dapsDriver,
-                                SecureChannelDriver secureChannelDriver){
+                                SecureChannelDriver secureChannelDriver,
+                                AttestationConfig expectedAttestation,
+                                AttestationConfig supportedAttestation){
         this.user = initiator;
         this.dapsDriver = dapsDriver;
         this.secureChannelDriver = secureChannelDriver;
+        this.localExpectedRatCipher = expectedAttestation.getRatMechanisms();
+        this.localSupportedRatCipher = supportedAttestation.getRatMechanisms();
     }
 
     public void connect(IDSCPv2Settings settings){
@@ -67,7 +73,7 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
             user.errorHandler("IDSCPv2 connect failed because no secure channel was established");
         } else {
             LOG.debug("A new secure channel for an outgoing idscpv2 connection was established");
-            FSM fsm = new FSM(secureChannel, dapsDriver);
+            FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher, localExpectedRatCipher);
 
             try {
                 fsm.startIdscpHandshake(); //blocking until handshake is done
@@ -87,7 +93,7 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
     public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnectionListener idscpServer) {
         if (secureChannel != null){
             LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
-            FSM fsm = new FSM(secureChannel, dapsDriver);
+            FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher, localExpectedRatCipher);
 
             try {
                 fsm.startIdscpHandshake(); //blocking until handshake is done
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
index 749281acf..c77d56a9b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
@@ -1,5 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
+import org.checkerframework.checker.units.qual.A;
+
 /**
  * IDSCPv2 configuration class, containing information about keyStore and TrustStores, Attestation Types, host, ...
  *
@@ -16,8 +18,8 @@ public class IDSCPv2Settings {
     private String keyStorePassword = "password";
     private String certAlias = "1.0.1";
     private String keyStoreKeyType = "RSA";
-    private AttestationConfig supportedAttestation = null;
-    private AttestationConfig expectedAttestation = null;
+    private AttestationConfig supportedAttestation = new AttestationConfig();
+    private AttestationConfig expectedAttestation = new AttestationConfig();
 
     public AttestationConfig getExpectedAttestation() {
         return expectedAttestation;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index de8a855b5..f0f988e60 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -13,6 +13,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.util.HashMap;
 import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.locks.Condition;
 import java.util.concurrent.locks.ReentrantLock;
@@ -21,21 +22,23 @@ public class FSM implements FsmListener{
     private static final Logger LOG = LoggerFactory.getLogger(FSM.class);
 
     /*  -----------   IDSCPv2 Protocol States   ---------- */
-    private final State STATE_CLOSED = new State();
-    private final State STATE_WAIT_FOR_HELLO = new State();
-    private final State STATE_WAIT_FOR_RAT= new State();
-    private final State STATE_WAIT_FOR_RAT_VERIFIER = new State();
-    private final State STATE_WAIT_FOR_RAT_PROVER = new State();
-    private final State STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER = new State();
-    private final State STATE_WAIT_FOR_DAT_AND_RAT = new State();
-    private final State STATE_ESTABLISHED = new State();
+    private HashMap<FSM_STATE, State> states = new HashMap<>();
+
+    enum FSM_STATE {
+        STATE_CLOSED,
+        STATE_WAIT_FOR_HELLO,
+        STATE_WAIT_FOR_RAT,
+        STATE_WAIT_FOR_RAT_VERIFIER,
+        STATE_WAIT_FOR_RAT_PROVER,
+        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER,
+        STATE_WAIT_FOR_DAT_AND_RAT,
+        STATE_ESTABLISHED
+    }
 
     private State currentState;
-    private final State initialState = STATE_CLOSED;
     /*  ----------------   end of states   --------------- */
 
     private SecureChannel secureChannel;
-    private DapsDriver dapsDriver;
 
     private RatProverDriver ratProverDriver;
     private RatVerifierDriver ratVerifierDriver;
@@ -52,983 +55,59 @@ public class FSM implements FsmListener{
     private boolean handshakeResultAvailable = false;
     private boolean fsmIsClosed = false;
 
-    //toDo cipher suites
-    private String[] localSupportedRatSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
-    private String[] localExpectedRatSuite = new String[] {"TPM_2, TRUST_ZONE, SGX"};
-    private byte[] remoteDat = null;
-
     private Timer datTimer;
     private Timer ratTimer;
     private Timer handshakeTimer;
-    private int ratTimeoutDelay = 120;
+    private final int ratTimeoutDelay = 120;
 
-    public FSM(SecureChannel secureChannel, DapsDriver dapsDriver){
+    public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
+               String[] localSupportedRatSuite, String[] localExpectedRatSuite){
 
         this.secureChannel = secureChannel;
-        this.dapsDriver = dapsDriver;
         secureChannel.setFsm(this);
 
 
         /* ------------- Timeout Handler Routines ------------*/
         Runnable handshakeTimeoutHandler = () -> {
-            System.out.println("HANDSHAKE_TIMER_EXPIRED");
+            LOG.debug("HANDSHAKE_TIMER_EXPIRED");
             onControlMessage(InternalControlMessage.TIMEOUT);
         };
 
         Runnable datTimeoutHandler = () -> {
-            System.out.println("DAT_TIMER_EXPIRED");
+            LOG.debug("DAT_TIMER_EXPIRED");
             onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED);
         };
 
         Runnable ratTimeoutHandler = () -> {
-            System.out.println("RAT_TIMER_EXPIRED");
+            LOG.debug("RAT_TIMER_EXPIRED");
             onControlMessage(InternalControlMessage.REPEAT_RAT);
         };
+
         //toDo set correct delays
         this.handshakeTimer = new Timer(fsmIsBusy, handshakeTimeoutHandler);
         this.datTimer = new Timer(fsmIsBusy, datTimeoutHandler);
         this.ratTimer = new Timer(fsmIsBusy, ratTimeoutHandler);
         /* ------------- end timeout routines ------------- */
 
-        /*  -----------   Protocol Transitions   ---------- */
-
-        /*---------------------------------------------------
-         * STATE_CLOSED - Transition Description
-         * ---------------------------------------------------
-         * onICM: start_handshake --> {send IDSCP_HELLO, set handshake_timeout} --> STATE_WAIT_FOR_HELLO
-         * ALL_OTHER_MESSAGES ---> STATE_CLOSED
-         * --------------------------------------------------- */
-        STATE_CLOSED.addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Get DAT Token vom DAT_DRIVER");
-                    byte[] dat = this.dapsDriver.getToken();
-                    LOG.debug("Send IDSCP_HELLO");
-                    IDSCPv2.IdscpMessage idscpHello = IdscpMessageFactory.
-                            getIdscpHelloMessage(dat, this.localSupportedRatSuite, this.localExpectedRatSuite);
-                    sendFromFSM(idscpHello);
-                    onMessageBlock.signalAll(); //enables fsm.onMessage()
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Switch to state STATE_WAIT_FOR_HELLO");
-                    return STATE_WAIT_FOR_HELLO;
-                }
-        ));
-
-        STATE_CLOSED.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        );
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_HELLO - Transition Description
-         * ---------------------------------------------------
-         * onICM: error --> {} ---> STATE_CLOSED
-         * onICM: stop --> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: timeout --> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_CLOSE---> {} ---> STATE_CLOSED
-         * onMessage: IDSCP_HELLO (no rat match) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_HELLO (invalid DAT) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_HELLO (SUCCESS) ---> {verify DAT, match RAT, set DAT Timeout, start RAT P&V,
-         *                                        set handshake_timeout} ---> STATE_WAIT_FOR_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_HELLO
-         * --------------------------------------------------- */
-        STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    handshakeTimer.cancelTimeout();
-                    LOG.debug("An internal control error occurred");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    handshakeTimer.cancelTimeout();
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_HELLO.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout", IdscpClose.CloseCause.TIMEOUT));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_HELLO.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    handshakeTimer.cancelTimeout();
-                    LOG.debug("Received IDSCP_CLOSE");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_HELLO.addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, new Transition(
-                event -> {
-                    handshakeTimer.cancelTimeout();
-                    LOG.debug("Received IDSCP_HELLO");
-                    IdscpHello idscpHello = event.getIdscpMessage().getIdscpHello();
-
-                    LOG.debug("Calculate Rat mechanisms");
-                    this.proverMechanism = getRatProverMechanism(this.localSupportedRatSuite,
-                            idscpHello.getExpectedRatSuiteList().toArray());
-                    if (proverMechanism == null){
-                        LOG.debug("Cannot find a match for RAT proverr. Send IDSCP_CLOSE");
-                        sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Prover mechanism",
-                                IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
-                        LOG.debug("Switch to state STATE_CLOSED");
-                        return STATE_CLOSED;
-                    }
-
-                    this.verifierMechanism = getRatVerifierMechanism(localExpectedRatSuite,
-                            idscpHello.getSupportedRatSuiteList().toArray());
-                    if (verifierMechanism == null){
-                        LOG.debug("Cannot find a match for RAT verifier. Send IDSCP_CLOSE");
-                        sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Verifier mechanism",
-                                IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
-                        LOG.debug("Switch to state STATE_CLOSED");
-                        return STATE_CLOSED;
-                    }
-
-                    LOG.debug("Verify received DAT");
-                    //check if Dat is available and verify dat
-                    byte[] dat;
-                    int datValidityPeriod;
-                    if (!idscpHello.hasDynamicAttributeToken() || 0 > (datValidityPeriod= this.dapsDriver
-                            .verifyToken(dat = idscpHello.getDynamicAttributeToken().getToken().toByteArray()))){
-                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
-                        LOG.debug("Switch to state STATE_CLOSED");
-                        return STATE_CLOSED;
-                    }
-                    this.remoteDat = dat;
-                    LOG.debug("Remote DAT is valid. Set dat timeout to its validity period");
-                    datTimer.resetTimeout(datValidityPeriod);
-
-                    LOG.debug("Start RAT Prover and Verifier");
-                    restartRatVerifierDriver();
-                    restartRatProverDriver();
-
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_HELLO.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_HELLO");
-                    return STATE_WAIT_FOR_HELLO;
-                }
-        );
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_RAT - Transition Description
-         * ---------------------------------------------------
-         * onICM: error ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
-         * onICM: stop ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> IDSCP_CLOSED
-         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onICM: rat_prover_failed ---> {ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_verifier_failed ---> {ratP.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onICM: dat_timeout ---> {send DAT_EXPIRED, ratV.cancel()} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onICM: handshake_timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_RAT_PROVER ---> {delegate to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send DAT, ratP.restart()} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
-         * --------------------------------------------------- */
-        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event ->  {
-                    LOG.debug("An internal control error occurred");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received RAT_PROVER OK");
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_VERIFIER");
-                    return STATE_WAIT_FOR_RAT_VERIFIER;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received RAT_VERIFIER OK");
-                    ratTimer.resetTimeout(this.ratTimeoutDelay);
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
-                    return STATE_WAIT_FOR_RAT_PROVER;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
-                event -> {
-                    LOG.error("RAT_PROVER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
-                event -> {
-                    LOG.error("RAT_VERIFIER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_RAT_PROVER");
-                    sendFromFSM(event.getIdscpMessage());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_RAT_VERIFIER");
-                    sendFromFSM(event.getIdscpMessage());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
-                event -> {
-                    LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER");
-                    stopRatVerifierDriver();
-                    sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    ratProverDriver.delegate(event.getIdscpMessage());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
-                    ratVerifierDriver.delegate(event.getIdscpMessage());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    restartRatProverDriver();
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        );
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_RAT_VERIFIER - Transition Description
-         * ---------------------------------------------------
-         * onICM: error ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onICM: close ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED, cancel ratV} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_ESTABLISHED
-         * onICM: rat_verifier_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onMessage: IDSCP_RAT_PROVER ---> {delegat to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onMessage: IDSCP_RE_RAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * --------------------------------------------------- */
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("An internal control error occurred");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
-                event -> {
-                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER");
-                    stopRatVerifierDriver();
-                    sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
-                    return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received RAT_VERIFIER OK");
-                    this.handshakeTimer.cancelTimeout();
-                    LOG.debug("Start RAT Timer");
-                    this.ratTimer.resetTimeout(ratTimeoutDelay);
-                    LOG.debug("Switch to state STATE_ESTABLISHED");
-                    return STATE_ESTABLISHED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
-                event -> {
-                    LOG.error("RAT_VERIFIER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed", IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_RAT_VERIFIER");
-                    sendFromFSM(event.getIdscpMessage());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
-                    return STATE_WAIT_FOR_RAT_VERIFIER;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
-                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    restartRatProverDriver();
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
-                    ratVerifierDriver.delegate(event.getIdscpMessage());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
-                    return STATE_WAIT_FOR_RAT_VERIFIER;
-                }
-        ));
+        states.put(FSM_STATE.STATE_CLOSED, new StateClosed(this, dapsDriver, onMessageBlock,
+                localSupportedRatSuite, localExpectedRatSuite));
+        states.put(FSM_STATE.STATE_WAIT_FOR_HELLO, new StateWaitForHello(this,
+                handshakeTimer, datTimer, dapsDriver, localSupportedRatSuite, localExpectedRatSuite));
+        states.put(FSM_STATE.STATE_WAIT_FOR_RAT, new StateWaitForRat(this, handshakeTimer, ratTimer,
+                ratTimeoutDelay, dapsDriver));
+        states.put(FSM_STATE.STATE_WAIT_FOR_RAT_PROVER, new StateWaitForRatProver(this, ratTimer, handshakeTimer,
+                dapsDriver));
+        states.put(FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER, new StateWaitForRatVerifier(this, dapsDriver, ratTimer,
+                handshakeTimer, ratTimeoutDelay));
+        states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT, new StateWaitForDatAndRat(this, handshakeTimer,
+                datTimer, dapsDriver));
+        states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER, new StateWaitForDatAndRatVerifier(this,
+                handshakeTimer, datTimer, dapsDriver));
+        states.put(FSM_STATE.STATE_ESTABLISHED, new StateEstablished(this, dapsDriver, ratTimer, handshakeTimer));
 
-        STATE_WAIT_FOR_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
-                    restartRatProverDriver();
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_VERIFIER.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
-                    return STATE_WAIT_FOR_RAT_VERIFIER;
-                }
-        );
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_RAT_PROVER - Transition Description
-         * ---------------------------------------------------
-         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER, timeouts.terminate()} ---> STATE_CLOSED
-         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onICM: rat_prover_ok ---> {} ---> STATE_ESTABLISHED
-         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE, terminate ratP, cancel timeouts} ---> STATE_CLOSED
-         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onICM: repeat_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_PROVER
-         * --------------------------------------------------- */
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("An internal control error occurred");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
-                event -> {
-                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED");
-                    this.ratTimer.cancelTimeout();
-                    sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received RAT_PROVER OK");
-                    this.handshakeTimer.cancelTimeout();
-                    LOG.debug("Switch to state STATE_ESTABLISHED");
-                    return STATE_ESTABLISHED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
-                event -> {
-                    LOG.error("RAT_PROVER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_RAT_PROVER");
-                    sendFromFSM(event.getIdscpMessage());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
-                    return STATE_WAIT_FOR_RAT_PROVER;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER");
-                    sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""));
-                    this.ratTimer.cancelTimeout();
-                    restartRatVerifierDriver();
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    restartRatProverDriver();
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
-                    return STATE_WAIT_FOR_RAT_PROVER;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    ratProverDriver.delegate(event.getIdscpMessage());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
-                    return STATE_WAIT_FOR_RAT_PROVER;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
-                    restartRatProverDriver();
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
-                    return STATE_WAIT_FOR_RAT_PROVER;
-                }
-        ));
-
-        STATE_WAIT_FOR_RAT_PROVER.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
-                    return STATE_WAIT_FOR_RAT_PROVER;
-                }
-        );
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER - Transition Description
-         * ---------------------------------------------------
-         * onICM: stop ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: error ---> {} ---> STATE_CLOSED
-         * onICM: timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT(success) --> {verify DAT, set det_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFEIER
-         * onMessage: IDSCP_DAT(failed) --> {verify DAT, send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_RE_RAT ---> {start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * --------------------------------------------------- */
-        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("An internal control error occurred");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    this.handshakeTimer.cancelTimeout();
-                    LOG.debug("Verify received DAT");
-                    //check if Dat is available and verify dat
-                    byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
-                    int datValidityPeriod;
-                    if (0 > (datValidityPeriod = this.dapsDriver.verifyToken(dat))){
-                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
-                        LOG.debug("Switch to state STATE_CLOSED");
-                        return STATE_CLOSED;
-                    }
-                    this.remoteDat = dat;
-                    LOG.debug("Remote DAT is valid. Set dat timeout");
-                    datTimer.resetTimeout(datValidityPeriod);
-                    //start RAT Verifier
-                    restartRatVerifierDriver();
-
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_VERIFIER");
-                    return STATE_WAIT_FOR_RAT_VERIFIER;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
-                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    restartRatProverDriver();
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
-                    restartRatProverDriver();
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
-                    return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
-                }
-        );
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_DAT_AND_RAT - Transition Description
-         * ---------------------------------------------------
-         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), timeouts.stop()} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT(success) ---> {verify dat, start dat_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_DAT(failed) ---> {verify dat, send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
-         * --------------------------------------------------- */
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("An internal control error occurred");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IdscpClose.CloseCause.TIMEOUT));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received RAT_PROVER OK");
-                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
-                    //toDo restart handshake timeout ????
-                    return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
-                event -> {
-                    LOG.error("RAT_PROVER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed", IdscpClose.CloseCause.RAT_PROVER_FAILED));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_RAT_PROVER");
-                    sendFromFSM(event.getIdscpMessage());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    handshakeTimer.cancelTimeout();
-                    LOG.debug("Verify received DAT");
-                    //check if Dat is available and verify dat
-                    byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
-                    int datValidityPeriod;
-                    if (0 > (datValidityPeriod = this.dapsDriver.verifyToken(dat))){
-                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IdscpClose.CloseCause.NO_VALID_DAT));
-                        LOG.debug("Switch to state STATE_CLOSED");
-                        return STATE_CLOSED;
-                    }
-                    this.remoteDat = dat;
-                    LOG.debug("Remote DAT is valid. Set dat timeout");
-                    datTimer.resetTimeout(datValidityPeriod);
-                    //start RAT Verifier
-                    restartRatVerifierDriver();
-
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
-                    return STATE_WAIT_FOR_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    restartRatProverDriver();
-                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    ratProverDriver.delegate(event.getIdscpMessage());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
-                    restartRatProverDriver();
-                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT;
-                }
-        ));
-
-        STATE_WAIT_FOR_DAT_AND_RAT.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_DAT_AND_RAT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT;
-                }
-        );
-
-        /*---------------------------------------------------
-         * STATE_ESTABLISHED - Transition Description
-         * ---------------------------------------------------
-         * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
-         * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * //FIXME onICM: send_data ---> {send IDS_DATA} ---> STATE_ESTABLISHED
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_ESTABLISHED
-         * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
-         * --------------------------------------------------- */
-        STATE_ESTABLISHED.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Error occurred, close idscp connection");
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_ESTABLISHED.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_CLOSE");
-                    sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IdscpClose.CloseCause.USER_SHUTDOWN));
-                    LOG.debug("Switch to state STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_ESTABLISHED.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER");
-                    this.ratTimer.cancelTimeout();
-                    sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""));
-                    restartRatVerifierDriver();
-
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_VERIFIER");
-                    return STATE_WAIT_FOR_RAT_VERIFIER;
-                }
-        ));
-
-        STATE_ESTABLISHED.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
-                event -> {
-                    this.ratTimer.cancelTimeout();
-                    LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
-                    sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
-
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
-                    LOG.debug("Switch to state STATE_WAIT_FOR_DAT_AND_RAT_CLIENT");
-                    return STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER;
-                }
-        ));
-
-        STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER");
-                    restartRatProverDriver();
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
-                    return STATE_WAIT_FOR_RAT_PROVER;
-                }
-        ));
-
-        STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("DAT expired. Send new DAT and repeat RAT");
-                    sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(this.dapsDriver.getToken()));
-                    restartRatProverDriver();
-
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
-                    LOG.debug("Switch to state STATE_WAIT_FOR_RAT_PROVER");
-                    return STATE_WAIT_FOR_RAT_PROVER;
-                }
-        ));
-
-        STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, new Transition(
-                event -> {
-                    try {
-                        this.listenerLatch.await();
-                        this.listener.onMessage(event.getIdscpMessage().getIdscpData().toByteArray());
-                        LOG.debug("Idscp data was passed to connection listener");
-                    } catch (InterruptedException ex) {
-                        Thread.currentThread().interrupt();
-                    }
-
-                    LOG.debug("Stay in state STATE_ESTABLISHED");
-                    return STATE_ESTABLISHED;
-                }
-        ));
-
-        STATE_ESTABLISHED.addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Receive IDSCP_CLOSED");
-                    LOG.debug("Switch to STATE_CLOSED");
-                    return STATE_CLOSED;
-                }
-        ));
-
-        STATE_ESTABLISHED.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_ESTABLISHED");
-                    return STATE_ESTABLISHED;
-                }
-        );
-        /*  ----------------   end of transitions   --------------- */
 
         //set initial state
-        currentState = initialState;
+        currentState = states.get(FSM_STATE.STATE_CLOSED);
     }
 
     @Override
@@ -1046,7 +125,7 @@ public void onMessage(byte[] data){
         //must wait when fsm is in state STATE_CLOSED --> wait() will be notified when fsm is leaving STATE_CLOSED
         fsmIsBusy.lock();
         try {
-            while (currentState == STATE_CLOSED){
+            while (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))){
                 try {
                     onMessageBlock.await();
                 } catch (InterruptedException e) {
@@ -1121,36 +200,8 @@ private void feedEvent(Event event){
         State prevState = currentState;
         currentState = currentState.feedEvent(event);
 
-        //check if fsm switched to STATE_CLOSED
-        if (!prevState.equals(STATE_CLOSED) && currentState.equals(STATE_CLOSED)) {
-            //fsm is closed, stop and free all resources, drivers and lock fsm forever
-            secureChannel.close();
-            dapsDriver = null;
-            this.datTimer.cancelTimeout();
-            this.datTimer = null;
-            this.ratTimer.cancelTimeout();
-            this.ratTimer = null;
-            this.handshakeTimer.cancelTimeout();
-            this.handshakeTimer = null;
-            this.stopRatProverDriver();
-            this.stopRatVerifierDriver();
-            fsmIsClosed = true;
-
-            //inform upper layer via handshake or closeListener
-            try {
-                if (handshakeResultAvailable){
-                    listenerLatch.await();
-                    listener.onClose();
-                } else {
-                    notifyHandshakeCompleteLock();
-                }
-            } catch (InterruptedException e) {
-                Thread.currentThread().interrupt();
-            }
-
-        } else if (!prevState.equals(STATE_ESTABLISHED) && currentState.equals(STATE_ESTABLISHED)
-                && !handshakeResultAvailable) {
-            notifyHandshakeCompleteLock();
+        if (!prevState.equals(currentState)) {
+            currentState.runEntryCode(this);
         }
     }
 
@@ -1164,7 +215,7 @@ public void terminate(){
     public void startIdscpHandshake() throws IDSCPv2Exception {
         fsmIsBusy.lock();
         try {
-            if (currentState.equals(STATE_CLOSED)) {
+            if (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))) {
                 if (fsmIsClosed) {
                     throw new IDSCPv2Exception("FSM is in a final closed state forever");
                 }
@@ -1192,7 +243,7 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
         }
     }
 
-    private void sendFromFSM(IdscpMessage msg){
+    void sendFromFSM(IdscpMessage msg){
         //send messages from fsm
         secureChannel.send(msg.toByteArray());
     }
@@ -1222,7 +273,7 @@ public void send(IdscpMessage msg){
     }
 
     public boolean isConnected(){
-        return currentState.equals(STATE_ESTABLISHED);
+        return currentState.equals(states.get(FSM_STATE.STATE_ESTABLISHED));
     }
 
     public void registerMessageListener(IdscpMsgListener listener){
@@ -1230,7 +281,7 @@ public void registerMessageListener(IdscpMsgListener listener){
         listenerLatch.countDown();
     }
 
-    private void notifyHandshakeCompleteLock(){
+    void notifyHandshakeCompleteLock(){
         fsmIsBusy.lock();
         try {
             handshakeResultAvailable = true;
@@ -1241,18 +292,18 @@ private void notifyHandshakeCompleteLock(){
     }
 
     //calculate Prover mechanism (strongest remote expected), returns null if no match was found
-    private String getRatProverMechanism(String[] localSupportedProver, Object[] remoteExpectedVerifier){
+    String getRatProverMechanism(String[] localSupportedProver, Object[] remoteExpectedVerifier){
         //toDo implement logic
         return "TPM_2";
     }
 
     //calculate Verifier mechanism (strongest local expected), returns null if no match was found
-    private String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSupportedProver){
+    String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSupportedProver){
         //toDo implement logic
         return "TPM_2";
     }
 
-    private void restartRatVerifierDriver(){
+    void restartRatVerifierDriver(){
         //assume verifier mechanism is set
         stopRatVerifierDriver();
         ratVerifierDriver = RatVerifierDriverRegistry.startRatVerifierDriver(verifierMechanism, this);
@@ -1265,14 +316,14 @@ private void restartRatVerifierDriver(){
         }
     }
 
-    private void stopRatVerifierDriver(){
+    void stopRatVerifierDriver(){
         if (ratVerifierDriver != null && ratVerifierDriver.isAlive()){
             ratVerifierDriver.interrupt();
             ratVerifierDriver.terminate();
         }
     }
 
-    private void restartRatProverDriver(){
+    void restartRatProverDriver(){
         //assume prover mechanism is set
         stopRatProverDriver();
         ratProverDriver = RatProverDriverRegistry.startRatProverDriver(proverMechanism, this);
@@ -1285,10 +336,64 @@ private void restartRatProverDriver(){
         }
     }
 
-    private void stopRatProverDriver(){
+    void stopRatProverDriver(){
         if (ratProverDriver != null && ratProverDriver.isAlive()){
             ratProverDriver.interrupt();
             ratProverDriver.terminate();
         }
     }
+
+    void setRatMechanisms(String proverMechanism, String verifierMechanism) {
+        this.proverMechanism = proverMechanism;
+        this.verifierMechanism = verifierMechanism;
+    }
+
+
+
+    State getState(FSM_STATE state){
+        return states.get(state);
+    }
+
+    void lockFsm(){
+        secureChannel.close();
+        this.datTimer.cancelTimeout();
+        this.datTimer = null;
+        this.ratTimer.cancelTimeout();
+        this.ratTimer = null;
+        this.handshakeTimer.cancelTimeout();
+        this.handshakeTimer = null;
+        this.stopRatProverDriver();
+        this.stopRatVerifierDriver();
+        fsmIsClosed = true;
+
+        //inform upper layer via handshake or closeListener
+        try {
+            if (handshakeResultAvailable){
+                listenerLatch.await();
+                listener.onClose();
+            } else {
+                notifyHandshakeCompleteLock();
+            }
+        } catch (InterruptedException e) {
+            Thread.currentThread().interrupt();
+        }
+    }
+
+    RatVerifierDriver getRatVerifierDriver() {
+        return ratVerifierDriver;
+    }
+
+    RatProverDriver getRatProverDriver() {
+        return ratProverDriver;
+    }
+
+    void notifyIdscpMsgListener(byte[] data) {
+        try {
+            this.listenerLatch.await();
+            this.listener.onMessage(data);
+            LOG.debug("Idscp data were passed to connection listener");
+        } catch (InterruptedException ex) {
+            Thread.currentThread().interrupt();
+        }
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
index 551079fed..f3e534315 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
@@ -31,7 +31,6 @@ void setNoTransitionHandler(Function<Event, State> noTransitionHandler) {
         this.noTransitionHandler = noTransitionHandler;
     }
 
-    public void runEntryCode() {}
+    void runEntryCode(FSM fsm) {}
 
-    public void runExitCode() {}
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
new file mode 100644
index 000000000..2d553b8e0
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
@@ -0,0 +1,68 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.concurrent.locks.Condition;
+
+
+class StateClosed extends State {
+    private static final Logger LOG = LoggerFactory.getLogger(StateClosed.class);
+
+    public StateClosed(FSM fsm,
+                       DapsDriver dapsDriver,
+                       Condition onMessageLock,
+                       String[] localSupportedRatSuite,
+                       String[] localExpectedRatSuite){
+
+
+        /*---------------------------------------------------
+         * STATE_CLOSED - Transition Description
+         * ---------------------------------------------------
+         * onICM: start_handshake --> {send IDSCP_HELLO, set handshake_timeout} --> STATE_WAIT_FOR_HELLO
+         * ALL_OTHER_MESSAGES ---> STATE_CLOSED
+         * --------------------------------------------------- */
+        this.addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.getValue(), new Transition(
+                event -> {
+
+                    LOG.debug("Get DAT Token vom DAT_DRIVER");
+                    byte[] dat = dapsDriver.getToken();
+
+                    LOG.debug("Send IDSCP_HELLO");
+                    IDSCPv2.IdscpMessage idscpHello = IdscpMessageFactory.
+                            getIdscpHelloMessage(dat, localSupportedRatSuite, localExpectedRatSuite);
+                    fsm.sendFromFSM(idscpHello);
+
+                    runExitCode(onMessageLock);
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_HELLO);
+                }
+        ));
+
+        this.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_CLOSED");
+                    return this;
+                }
+        );
+
+    }
+
+    private void runExitCode(Condition onMessageLock){
+        //State Closed exit code
+        onMessageLock.signalAll(); //enables fsm.onMessage()
+    }
+
+    @Override
+    void runEntryCode(FSM fsm){
+        //State Closed entry code
+        LOG.debug("Switched to state STATE_CLOSED");
+        LOG.debug("Terminate and free all resources and lock fsm forever");
+        fsm.lockFsm();
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
new file mode 100644
index 000000000..bec092246
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
@@ -0,0 +1,120 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class StateEstablished extends State {
+    private static final Logger LOG = LoggerFactory.getLogger(StateEstablished.class);
+
+    public StateEstablished(FSM fsm,
+                            DapsDriver dapsDriver,
+                            Timer ratTimer,
+                            Timer handshakeTimer) {
+
+
+        /*---------------------------------------------------
+         * STATE_ESTABLISHED - Transition Description
+         * ---------------------------------------------------
+         * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
+         * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * //FIXME onICM: send_data ---> {send IDS_DATA} ---> STATE_ESTABLISHED
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_ESTABLISHED
+         * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
+         * --------------------------------------------------- */
+        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Error occurred, close idscp connection");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER");
+                    ratTimer.cancelTimeout();
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""));
+                    fsm.restartRatVerifierDriver();
+
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
+
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
+                event -> {
+                    ratTimer.cancelTimeout();
+                    LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER");
+                    fsm.restartRatProverDriver();
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("DAT expired. Send new DAT and repeat RAT");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
+                    fsm.restartRatProverDriver();
+
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
+
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATA_FIELD_NUMBER, new Transition(
+                event -> {
+                    fsm.notifyIdscpMsgListener(event.getIdscpMessage().getIdscpData().toByteArray());
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Receive IDSCP_CLOSED");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_ESTABLISHED");
+                    return this;
+                }
+        );
+    }
+
+    @Override
+    void runEntryCode(FSM fsm){
+        LOG.debug("Switched to state STATE_ESTABLISHED");
+        fsm.notifyHandshakeCompleteLock();
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
new file mode 100644
index 000000000..a01e931b9
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
@@ -0,0 +1,156 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class StateWaitForDatAndRat extends State {
+    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForDatAndRat.class);
+
+    private final Timer handshakeTimer;
+
+    public StateWaitForDatAndRat(FSM fsm,
+                                 Timer handshakeTimer,
+                                 Timer datTimer,
+                                 DapsDriver dapsDriver
+                                 ){
+        this.handshakeTimer = handshakeTimer;
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_DAT_AND_RAT - Transition Description
+         * ---------------------------------------------------
+         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), timeouts.stop()} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT(success) ---> {verify dat, start dat_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_DAT(failed) ---> {verify dat, send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
+         * --------------------------------------------------- */
+        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("An internal control error occurred");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout",
+                            IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received RAT_PROVER OK");
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
+                event -> {
+                    LOG.error("RAT_PROVER failed");
+                    LOG.debug("Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed",
+                            IDSCPv2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_RAT_PROVER");
+                    fsm.sendFromFSM(event.getIdscpMessage());
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    handshakeTimer.cancelTimeout();
+                    LOG.debug("Verify received DAT");
+                    //check if Dat is available and verify dat
+                    byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
+                    int datValidityPeriod;
+                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat))){
+                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
+                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
+                        return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                    }
+
+                    LOG.debug("Remote DAT is valid. Set dat timeout");
+                    datTimer.resetTimeout(datValidityPeriod);
+                    //start RAT Verifier
+                    fsm.restartRatVerifierDriver();
+
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
+                    fsm.restartRatProverDriver();
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
+                    fsm.getRatProverDriver().delegate(event.getIdscpMessage());
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
+                    fsm.restartRatProverDriver();
+                    return this;
+                }
+        ));
+
+        this.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    return this;
+                }
+        );
+    }
+
+    @Override
+    void runEntryCode(FSM fsm){
+        LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT");
+        LOG.debug("Set handshake timeout");
+        handshakeTimer.resetTimeout(5);
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
new file mode 100644
index 000000000..035987fc2
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
@@ -0,0 +1,120 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class StateWaitForDatAndRatVerifier extends State {
+    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForDatAndRatVerifier.class);
+
+    private final Timer handshakeTimer;
+
+    public StateWaitForDatAndRatVerifier(FSM fsm,
+                                         Timer handshakeTimer,
+                                         Timer datTimer,
+                                         DapsDriver dapsDriver){
+
+        this.handshakeTimer = handshakeTimer;
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER - Transition Description
+         * ---------------------------------------------------
+         * onICM: stop ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: error ---> {} ---> STATE_CLOSED
+         * onICM: timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT(success) --> {verify DAT, set det_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFEIER
+         * onMessage: IDSCP_DAT(failed) --> {verify DAT, send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_RE_RAT ---> {start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * --------------------------------------------------- */
+        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("An internal control error occurred");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout",
+                            IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    handshakeTimer.cancelTimeout();
+                    LOG.debug("Verify received DAT");
+                    //check if Dat is available and verify dat
+                    byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
+                    int datValidityPeriod;
+                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat))){
+                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
+                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
+                        return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                    }
+                    LOG.debug("Remote DAT is valid. Set dat timeout");
+                    datTimer.resetTimeout(datValidityPeriod);
+                    //start RAT Verifier
+                    fsm.restartRatVerifierDriver();
+
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
+
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
+                    fsm.restartRatProverDriver();
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
+                    fsm.restartRatProverDriver();
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
+                }
+        ));
+
+        this.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    return this;
+                }
+        );
+    }
+
+    @Override
+    void runEntryCode(FSM fsm){
+        LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
+        LOG.debug("Set handshake timeout");
+        handshakeTimer.resetTimeout(5);
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
new file mode 100644
index 000000000..ddb7ea88c
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
@@ -0,0 +1,138 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class StateWaitForHello extends State {
+    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForHello.class);
+
+    private final Timer handshakeTimer;
+
+    public StateWaitForHello(FSM fsm,
+                             Timer handshakeTimer,
+                             Timer datTimer,
+                             DapsDriver dapsDriver,
+                             String[] localSupportedRatSuite,
+                             String[] localExpectedRatSuite) {
+
+        this.handshakeTimer = handshakeTimer;
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_HELLO - Transition Description
+         * ---------------------------------------------------
+         * onICM: error --> {} ---> STATE_CLOSED
+         * onICM: stop --> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: timeout --> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_CLOSE---> {} ---> STATE_CLOSED
+         * onMessage: IDSCP_HELLO (no rat match) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_HELLO (invalid DAT) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_HELLO (SUCCESS) ---> {verify DAT, match RAT, set DAT Timeout, start RAT P&V,
+         *                                        set handshake_timeout} ---> STATE_WAIT_FOR_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_HELLO
+         * --------------------------------------------------- */
+        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("An internal control error occurred");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received stop signal from user. Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout",
+                            IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPHELLO_FIELD_NUMBER, new Transition(
+                event -> {
+                    handshakeTimer.cancelTimeout();
+
+                    LOG.debug("Received IDSCP_HELLO");
+                    IDSCPv2.IdscpHello idscpHello = event.getIdscpMessage().getIdscpHello();
+
+                    LOG.debug("Calculate Rat mechanisms");
+                    String proverMechanism = fsm.getRatProverMechanism(localSupportedRatSuite,
+                            idscpHello.getExpectedRatSuiteList().toArray());
+                    if (proverMechanism == null){
+                        LOG.debug("Cannot find a match for RAT proverr. Send IDSCP_CLOSE");
+                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Prover mechanism",
+                                IDSCPv2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
+                        return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                    }
+
+                    String verifierMechanism = fsm.getRatVerifierMechanism(localExpectedRatSuite,
+                            idscpHello.getSupportedRatSuiteList().toArray());
+                    if (verifierMechanism == null){
+                        LOG.debug("Cannot find a match for RAT verifier. Send IDSCP_CLOSE");
+                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Verifier mechanism",
+                                IDSCPv2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
+                        return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                    }
+
+                    LOG.debug("Verify received DAT");
+                    //check if Dat is available and verify dat
+                    byte[] dat;
+                    int datValidityPeriod;
+                    if (!idscpHello.hasDynamicAttributeToken() || 0 > (datValidityPeriod = dapsDriver
+                            .verifyToken(dat = idscpHello.getDynamicAttributeToken().getToken().toByteArray()))){
+                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
+                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT",
+                                IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
+                        return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                    }
+
+                    LOG.debug("Remote DAT is valid. Set dat timeout to its validity period");
+                    datTimer.resetTimeout(datValidityPeriod);
+
+                    fsm.setRatMechanisms(proverMechanism, verifierMechanism);
+
+                    LOG.debug("Start RAT Prover and Verifier");
+                    fsm.restartRatVerifierDriver();
+                    fsm.restartRatProverDriver();
+
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
+                }
+        ));
+
+        this.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_HELLO");
+                    return this;
+                }
+        );
+    }
+
+
+    @Override
+    void runEntryCode(FSM fsm) {
+        LOG.debug("Switched to state STATE_WAIT_FOR_HELLO");
+        LOG.debug("Set handshake timeout to 5 seconds");
+        handshakeTimer.resetTimeout(5);
+    }
+
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
new file mode 100644
index 000000000..7cb3bb4e1
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
@@ -0,0 +1,176 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class StateWaitForRat extends State {
+    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForRat.class);
+
+    private final Timer handshakeTimer;
+
+    public StateWaitForRat(FSM fsm,
+                           Timer handshakeTimer,
+                           Timer ratTimer,
+                           int ratTimerDelay,
+                           DapsDriver dapsDriver){
+
+        this.handshakeTimer = handshakeTimer;
+
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_RAT - Transition Description
+         * ---------------------------------------------------
+         * onICM: error ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
+         * onICM: stop ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> IDSCP_CLOSED
+         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onICM: rat_prover_failed ---> {ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_verifier_failed ---> {ratP.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onICM: dat_timeout ---> {send DAT_EXPIRED, ratV.cancel()} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onICM: handshake_timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_RAT_PROVER ---> {delegate to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send DAT, ratP.restart()} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
+         * --------------------------------------------------- */
+        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event ->  {
+                    LOG.debug("An internal control error occurred");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received RAT_PROVER OK");
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received RAT_VERIFIER OK");
+                    ratTimer.resetTimeout(ratTimerDelay);
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
+                event -> {
+                    LOG.error("RAT_PROVER failed");
+                    LOG.debug("Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed",
+                            IDSCPv2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
+                event -> {
+                    LOG.error("RAT_VERIFIER failed");
+                    LOG.debug("Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed",
+                            IDSCPv2.IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_RAT_PROVER");
+                    fsm.sendFromFSM(event.getIdscpMessage());
+                    return this;
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_RAT_VERIFIER");
+                    fsm.sendFromFSM(event.getIdscpMessage());
+                    return this;
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
+                event -> {
+                    LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER");
+                    fsm.stopRatVerifierDriver();
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout",
+                            IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
+                    fsm.getRatProverDriver().delegate(event.getIdscpMessage());
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
+                    fsm.getRatVerifierDriver().delegate(event.getIdscpMessage());
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
+                    fsm.restartRatProverDriver();
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
+                    return this;
+                }
+        );
+    }
+
+    @Override
+    void runEntryCode(FSM fsm){
+        LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
+        LOG.debug("Set handshake timeout");
+        handshakeTimer.resetTimeout(5);
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
new file mode 100644
index 000000000..bad5b19a7
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
@@ -0,0 +1,151 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class StateWaitForRatProver extends State {
+    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForRatProver.class);
+
+    public StateWaitForRatProver(FSM fsm,
+                                 Timer ratTimer,
+                                 Timer handshakeTimer,
+                                 DapsDriver dapsDriver){
+
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_RAT_PROVER - Transition Description
+         * ---------------------------------------------------
+         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER, timeouts.terminate()} ---> STATE_CLOSED
+         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onICM: rat_prover_ok ---> {} ---> STATE_ESTABLISHED
+         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE, terminate ratP, cancel timeouts} ---> STATE_CLOSED
+         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onICM: repeat_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_PROVER
+         * --------------------------------------------------- */
+        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("An internal control error occurred");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout",
+                            IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
+                event -> {
+                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED");
+                    ratTimer.cancelTimeout();
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received RAT_PROVER OK");
+                    handshakeTimer.cancelTimeout();
+                    return fsm.getState(FSM.FSM_STATE.STATE_ESTABLISHED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
+                event -> {
+                    LOG.error("RAT_PROVER failed");
+                    LOG.debug("Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed",
+                            IDSCPv2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_RAT_PROVER");
+                    fsm.sendFromFSM(event.getIdscpMessage());
+                    return this;
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""));
+                    ratTimer.cancelTimeout();
+                    fsm.restartRatVerifierDriver();
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
+                    fsm.restartRatProverDriver();
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
+                    fsm.getRatProverDriver().delegate(event.getIdscpMessage());
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
+                    fsm.restartRatProverDriver();
+                    return this;
+                }
+        ));
+
+        this.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
+                    return this;
+                }
+        );
+    }
+
+    @Override
+    void runEntryCode(FSM fsm){
+        LOG.debug("Switched to state STATE_WAIT_FOR_RAT_PROVER");
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
new file mode 100644
index 000000000..59c1ee108
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
@@ -0,0 +1,140 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class StateWaitForRatVerifier extends State {
+    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForRatVerifier.class);
+
+    public StateWaitForRatVerifier(FSM fsm,
+                                   DapsDriver dapsDriver,
+                                   Timer ratTimer,
+                                   Timer handshakeTimer,
+                                   int ratTimeoutDelay) {
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_RAT_VERIFIER - Transition Description
+         * ---------------------------------------------------
+         * onICM: error ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onICM: close ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED, cancel ratV} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_ESTABLISHED
+         * onICM: rat_verifier_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_CLOSE ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onMessage: IDSCP_RAT_PROVER ---> {delegat to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onMessage: IDSCP_RE_RAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * --------------------------------------------------- */
+        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
+                event -> {
+                    LOG.debug("An internal control error occurred");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
+                event -> {
+                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER");
+                    fsm.stopRatVerifierDriver();
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Received RAT_VERIFIER OK");
+                    handshakeTimer.cancelTimeout();
+                    LOG.debug("Start RAT Timer");
+                    ratTimer.resetTimeout(ratTimeoutDelay);
+                    return fsm.getState(FSM.FSM_STATE.STATE_ESTABLISHED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
+                event -> {
+                    LOG.error("RAT_VERIFIER failed");
+                    LOG.debug("Send IDSC_CLOSE");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed",
+                            IDSCPv2.IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
+                event -> {
+                    LOG.debug("Send IDSCP_RAT_VERIFIER");
+                    fsm.sendFromFSM(event.getIdscpMessage());
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_CLOSE");
+                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
+                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
+                    fsm.restartRatProverDriver();
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
+                    fsm.getRatVerifierDriver().delegate(event.getIdscpMessage());
+                    return this;
+                }
+        ));
+
+        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+                event -> {
+                    LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
+                    fsm.restartRatProverDriver();
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
+                }
+        ));
+
+        this.setNoTransitionHandler(
+                event -> {
+                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
+                    return this;
+                }
+        );
+    }
+
+    @Override
+    void runEntryCode(FSM fsm){
+        LOG.debug("Switched to state STATE_WAIT_FOR_RAT_VERIFIER");
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateClosed.java
deleted file mode 100644
index 02f973e16..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateClosed.java
+++ /dev/null
@@ -1,15 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
-
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
-
-
-
-public class StateClosed extends State {
-
-    public StateClosed(FSM fsm){
-
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateEstablished.java
deleted file mode 100644
index 7180c462f..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateEstablished.java
+++ /dev/null
@@ -1,6 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
-
-public class StateEstablished extends State {
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRat.java
deleted file mode 100644
index f90e5b829..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRat.java
+++ /dev/null
@@ -1,6 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
-
-public class StateWaitForDatAndRat extends State {
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRatVerifier.java
deleted file mode 100644
index 9dd6a0c95..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForDatAndRatVerifier.java
+++ /dev/null
@@ -1,6 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
-
-public class StateWaitForDatAndRatVerifier extends State {
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForHello.java
deleted file mode 100644
index dec7a21bf..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForHello.java
+++ /dev/null
@@ -1,6 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
-
-public class StateWaitForHello extends State {
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRat.java
deleted file mode 100644
index 790c69e77..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRat.java
+++ /dev/null
@@ -1,6 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
-
-public class StateWaitForRat extends State {
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatProver.java
deleted file mode 100644
index 0c0f11ef2..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatProver.java
+++ /dev/null
@@ -1,6 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
-
-public class StateWaitForRatProver extends State {
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatVerifier.java
deleted file mode 100644
index 842e056b5..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/States/StateWaitForRatVerifier.java
+++ /dev/null
@@ -1,6 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.States;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.State;
-
-public class StateWaitForRatVerifier extends State {
-}
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index ea21da39d..cda0fa9e5 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -25,7 +25,7 @@ public void init(IDSCPv2Settings settings){
         RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Verifier.class);
 
         IDSCPv2Configuration clientConfig = new IDSCPv2Configuration(this,
-                dapsDriver, secureChannelDriver);
+                dapsDriver, secureChannelDriver, settings.getExpectedAttestation(), settings.getSupportedAttestation());
         clientConfig.connect(settings);
     }
 
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index cedc582af..e81a21e1e 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -27,7 +27,8 @@ public void init(IDSCPv2Settings serverSettings)  {
         RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Verifier.class);
 
         IDSCPv2Configuration idscpServerConfig = new IDSCPv2Configuration(this,
-                dapsDriver, secureChannelDriver);
+                dapsDriver, secureChannelDriver, serverSettings.getExpectedAttestation(),
+                serverSettings.getSupportedAttestation());
         IDSCPv2Server idscPv2Server;
         try {
             idscPv2Server = idscpServerConfig.listen(serverSettings);

From e3283e29734861d7dc1259eba00a5f9da76f79c8 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Sat, 21 Mar 2020 21:12:10 +0100
Subject: [PATCH 052/237] WIP: Implement DefaultDapsDriver

---
 idscp2/build.gradle                           |   8 +
 .../daps/DefaultDapsDriver.java               | 258 +++++++++++++++++-
 .../daps/DefaultDapsDriverConfig.java         | 100 +++++++
 .../daps/SecurityRequirements.java            |  28 ++
 .../CustomX509ExtendedKeyManager.java         |   2 +-
 .../CustomX509ExtendedTrustManager.java       |   2 +-
 .../PreConfiguration.java}                    |  42 ++-
 .../secure_channel/client/TLSClient.java      |   8 +-
 .../secure_channel/server/TLSServer.java      |   7 +-
 .../idscp2/drivers/interfaces/DapsDriver.java |   2 +-
 .../StateWaitForDatAndRat.java                |   2 +-
 .../StateWaitForDatAndRatVerifier.java        |   2 +-
 .../StateWaitForHello.java                    |   2 +-
 idscp2/src/test/java/DapsDriverTest.java      |   7 +
 .../src/test/java/IDSCPv2ClientInitiator.java |  14 +-
 .../src/test/java/IDSCPv2ServerInitiator.java |  14 +-
 16 files changed, 465 insertions(+), 33 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/{secure_channel => }/keystores/CustomX509ExtendedKeyManager.java (98%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/{secure_channel => }/keystores/CustomX509ExtendedTrustManager.java (97%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/{secure_channel/keystores/TLSPreConfiguration.java => keystores/PreConfiguration.java} (81%)
 create mode 100644 idscp2/src/test/java/DapsDriverTest.java

diff --git a/idscp2/build.gradle b/idscp2/build.gradle
index 4aee0a96c..e48f54184 100644
--- a/idscp2/build.gradle
+++ b/idscp2/build.gradle
@@ -21,6 +21,14 @@ dependencies {
     testImplementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
     testImplementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
 
+    providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-impl', version: libraryVersions.jsonwebtoken
+    providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: libraryVersions.jsonwebtoken
+    providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-api', version: libraryVersions.jsonwebtoken
+    providedByBundle group: 'org.json', name: 'json', version: '20180813'
+    providedByBundle group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.6.5'
+
+    providedByBundle group: 'com.squareup.okhttp3', name: 'okhttp', version: libraryVersions.okhttp
+
     testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
     testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 9d388668d..c41ef33e7 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -1,6 +1,40 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps;
 
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+import java.io.IOException;
+import java.security.Key;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.time.Instant;
+import java.util.Date;
+import java.util.concurrent.TimeUnit;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509ExtendedTrustManager;
+import okhttp3.FormBody;
+import okhttp3.OkHttpClient;
+import okhttp3.Request;
+import okhttp3.RequestBody;
+import okhttp3.Response;
+import org.jose4j.http.Get;
+import org.jose4j.jwa.AlgorithmConstraints;
+import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
+import org.jose4j.jwk.HttpsJwks;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.jose4j.jwt.JwtClaims;
+import org.jose4j.jwt.consumer.InvalidJwtException;
+import org.jose4j.jwt.consumer.JwtConsumer;
+import org.jose4j.jwt.consumer.JwtConsumerBuilder;
+import org.jose4j.keys.resolvers.HttpsJwksVerificationKeyResolver;
+import org.json.JSONObject;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
 
 /**
  * Default DAPS Driver for requesting valid dynamicAttributeToken and verifying DAT
@@ -8,14 +42,230 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class DefaultDapsDriver implements DapsDriver {
+    private static final  Logger LOG = LoggerFactory.getLogger(DefaultDapsDriver.class);
+
+    private SSLSocketFactory sslSocketFactory;
+    private X509ExtendedTrustManager trustManager;
+    private Key privateKey;
+    private String connectorUUID;
+    private String dapsUrl;
+    private String targetAudience = "IDS_Connector";
+
+    public DefaultDapsDriver(DefaultDapsDriverConfig config) {
+
+        this.connectorUUID = config.getConnectorUUID();
+        this.dapsUrl = config.getDapsUrl();
+
+        //create ssl context
+        privateKey = PreConfiguration.getKey(
+            config.getKeyStorePath(),
+            config.getKeyStorePassword(),
+            config.getKeyAlias()
+        );
+
+        TrustManager[] trustManagers = PreConfiguration.getX509ExtTrustManager(
+            config.getTrustStorePath(),
+            config.getTrustStorePassword()
+        );
+
+        this.trustManager = (X509ExtendedTrustManager) trustManagers[0];
+
+        try {
+            SSLContext sslContext = SSLContext.getInstance("TLS");
+            sslContext.init(null, trustManagers, null);
+            sslSocketFactory = sslContext.getSocketFactory();
+        } catch (NoSuchAlgorithmException | KeyManagementException e) {
+            LOG.error("Cannot init DefaultDapsDriver: {}", e.toString());
+            throw new RuntimeException(e);
+        }
+    }
 
     @Override
     public byte[] getToken() {
-        return new byte[0];
+        String invalidToken = "INVALID_TOKEN";
+        String token;
+
+        LOG.info("Retrieving Dynamic Attribute Token...");
+
+        //create signed JWT
+        String jwt =
+            Jwts.builder()
+            .setIssuer(connectorUUID)
+            .setSubject(connectorUUID)
+            .setExpiration(Date.from(Instant.now().plusSeconds(86400)))
+            .setIssuedAt(Date.from(Instant.now()))
+            .setNotBefore(Date.from(Instant.now()))
+            .setAudience(targetAudience)
+            .signWith(privateKey, SignatureAlgorithm.RS256).compact();
+
+        //build http client and request for DAPS
+        RequestBody formBody =
+            new FormBody.Builder()
+                .add("grant_type", "client_credentials")
+                .add(
+                    "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
+                .add("client_assertion", jwt)
+                .add("scope", "ids_connector")
+                .build();
+
+        OkHttpClient client =
+            new OkHttpClient.Builder()
+                .sslSocketFactory(sslSocketFactory, trustManager)
+                .connectTimeout(15, TimeUnit.SECONDS)
+                .writeTimeout(15, TimeUnit.SECONDS)
+                .readTimeout(15, TimeUnit.SECONDS)
+                .build();
+
+        Request request =
+            new Request.Builder()
+            .url(dapsUrl.concat("/token"))
+            .post(formBody)
+            .build();
+
+        try {
+            //get http response from DAPS
+            LOG.debug("Acquire DAT from {}", dapsUrl);
+            Response response = client.newCall(request).execute();
+
+            //check for valid response
+            if (!response.isSuccessful()) {
+                LOG.error("Get unsuccessful http response: {}", response.toString());
+                return invalidToken.getBytes();
+            }
+
+            if (response.body() == null) {
+                LOG.error("Get empty DAPS response");
+                return invalidToken.getBytes();
+            }
+
+            JSONObject json = new JSONObject(response.body().string());
+            if (json.has("access_token")) {
+                token = json.getString("access_token");
+                LOG.info("Get access_token from DAPS: {}", token);
+            } else if (json.has("error")) {
+                LOG.error("Get DAPS error response: {}", json.getString("error"));
+                return invalidToken.getBytes();
+            } else {
+                LOG.error("Get unknown DAPS response format: {}", json.toString());
+                return invalidToken.getBytes();
+            }
+
+            //verify token once without security attr validation before providing it
+            if (verifyToken(token.getBytes(), null) > 0) {
+                LOG.info("DAT is valid");
+                return token.getBytes();
+            } else {
+                LOG.error("DAT validation failed");
+                return invalidToken.getBytes();
+            }
+        } catch (IOException e) {
+            LOG.error("Cannot acquire DAT from DAPS: ", e);
+            return invalidToken.getBytes();
+        }
     }
 
     @Override
-    public int verifyToken(byte[] dat) {
-        return 20;
-    } //returns number of seconds until dat is valid
+    public int verifyToken(byte[] dat, Object securityRequirements) {
+
+        LOG.info("Verify dynamic attribute token ...");
+
+        // Get JsonWebKey JWK from JsonWebKeyStore JWKS using DAPS JWKS endpoint
+        HttpsJwks httpsJwks = new HttpsJwks(dapsUrl.concat("/.well-known/jwks.json"));
+        Get getInstance = new Get();
+        getInstance.setSslSocketFactory(sslSocketFactory);
+        httpsJwks.setSimpleHttpGet(getInstance);
+
+        // create new jwks key resolver, selects jwk based on key ID in jwt header
+        HttpsJwksVerificationKeyResolver jwksKeyResolver
+            = new HttpsJwksVerificationKeyResolver(httpsJwks);
+
+        //create validation requirements
+        JwtConsumer jwtConsumer =
+            new JwtConsumerBuilder()
+                .setRequireExpirationTime()         // has expiration time
+                .setAllowedClockSkewInSeconds(30)   // leeway in validation time
+                .setRequireSubject()                // has subject
+                .setExpectedAudience(targetAudience)
+                .setExpectedIssuer(dapsUrl)         // e.g. https://daps.aisec.fraunhofer.de
+                .setVerificationKeyResolver(jwksKeyResolver) //get decryption key from jwks
+                .setJweAlgorithmConstraints(
+                    new AlgorithmConstraints(
+                        ConstraintType.WHITELIST,
+                        AlgorithmIdentifiers.RSA_USING_SHA256
+                    )
+                )
+                .build();
+
+        //verify dat
+        JwtClaims claims;
+
+        LOG.debug("Request JWKS from DAPS for validating DAT");
+
+        try {
+            claims = jwtConsumer.processToClaims(new String(dat));
+        } catch (InvalidJwtException e) {
+            LOG.error("DAPS response is not a valid DAT format", e);
+            return -1;
+        }
+
+        //check security requirements
+        if (securityRequirements != null) {
+            LOG.debug("Validate security attributes");
+
+            if (securityRequirements instanceof SecurityRequirements) {
+                SecurityRequirements secRequirements = (SecurityRequirements) securityRequirements;
+                SecurityRequirements providedSecurityProfile =
+                    parseSecurityRequirements(claims.toJson());
+
+                if (providedSecurityProfile == null) {
+                    return -1;
+                }
+
+                //toDo add further security attribute validation
+                if (secRequirements.getAuditLogging() <= providedSecurityProfile.getAuditLogging())
+                {
+                    LOG.info("DAT is valid and secure");
+                    return 20;
+                } else {
+                    LOG.warn("DAT does not fulfill the security requirements");
+                    return -1;
+                }
+            } else {
+                //invalid security requirements format
+                LOG.error("Invalid security requirements format. Expected SecurityRequirements.class");
+                return -1;
+            }
+        } else {
+            LOG.info("DAT is valid");
+            return 20;
+        }
+    } //returns number of seconds dat is valid
+
+    private SecurityRequirements parseSecurityRequirements(String dynamicAttrToken) {
+        JSONObject asJson = new JSONObject(dynamicAttrToken);
+
+        if (!asJson.has("ids_attributes")) {
+            LOG.error("DAT does not contain ids_attributes");
+            return null;
+        }
+        JSONObject idsAttributes = asJson.getJSONObject("ids_attributes");
+
+        if (!idsAttributes.has("security_profile")) {
+            LOG.error("DAT does not contain security_profile");
+            return null;
+        }
+        JSONObject securityProfile = idsAttributes.getJSONObject("security_profile");
+
+        //check if all security requirements are available
+        if (!securityProfile.has("audit_logging")) {
+            LOG.error("DAT does not contain audit_logging");
+            return null;
+        }
+
+        //toDo parse further security attributes
+
+        return new SecurityRequirements.Builder()
+            .setAuditLogging(securityProfile.getInt("audit_logging"))
+            .build();
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
new file mode 100644
index 000000000..2979228a2
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
@@ -0,0 +1,100 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps;
+
+import org.checkerframework.checker.nullness.qual.NonNull;
+
+public class DefaultDapsDriverConfig {
+
+  @NonNull private String dapsUrl = "https://daps.aisec.fraunhofer.de";
+  @NonNull private String keyStorePath = "";
+  @NonNull private String keyStorePassword = "password";
+  @NonNull private String keyAlias = "1";
+  @NonNull private String trustStorePath = "";
+  @NonNull private String trustStorePassword = "password";
+  @NonNull private String connectorUUID = "";
+
+  public static class Builder {
+    @NonNull private DefaultDapsDriverConfig config = new DefaultDapsDriverConfig();
+
+    @NonNull
+    public Builder setDapsUrl(String dapsUrl) {
+      this.config.dapsUrl = dapsUrl;
+      return this;
+    }
+
+    @NonNull
+    public Builder setKeyStorePath(String path) {
+      this.config.keyStorePath = path;
+      return this;
+    }
+
+    @NonNull
+    public Builder setKeyStorePassword(String password) {
+      this.config.keyStorePassword = password;
+      return this;
+    }
+
+    @NonNull
+    public Builder setKeyAlias(String alias) {
+      this.config.keyAlias = alias;
+      return this;
+    }
+
+    @NonNull
+    public Builder setTrustStorePath(String path) {
+      this.config.trustStorePath = path;
+      return this;
+    }
+
+    @NonNull
+    public Builder setTrustStorePassword(String password) {
+      this.config.trustStorePassword = password;
+      return this;
+    }
+
+    @NonNull
+    public Builder setConnectorUUID(String uuid) {
+      this.config.connectorUUID = uuid;
+      return this;
+    }
+
+    @NonNull
+    public DefaultDapsDriverConfig build() {
+      return config;
+    }
+  }
+
+  @NonNull
+  public String getDapsUrl() {
+    return dapsUrl;
+  }
+
+  @NonNull
+  public String getKeyStorePath() {
+    return keyStorePath;
+  }
+
+  @NonNull
+  public String getKeyStorePassword() {
+    return keyStorePassword;
+  }
+
+  @NonNull
+  public String getKeyAlias() {
+    return keyAlias;
+  }
+
+  @NonNull
+  public String getTrustStorePath() {
+    return trustStorePath;
+  }
+
+  @NonNull
+  public String getTrustStorePassword() {
+    return trustStorePassword;
+  }
+
+  @NonNull
+  public String getConnectorUUID() {
+    return connectorUUID;
+  }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
new file mode 100644
index 000000000..097bc2cb7
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
@@ -0,0 +1,28 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps;
+
+
+import org.checkerframework.checker.nullness.qual.NonNull;
+
+public class SecurityRequirements {
+
+  private int auditLogging;
+
+  public static class Builder {
+   @NonNull private SecurityRequirements requirements = new SecurityRequirements();
+
+   @NonNull
+   public Builder setAuditLogging(int auditLogging) {
+     this.requirements.auditLogging = auditLogging;
+     return this;
+   }
+
+   @NonNull
+   public SecurityRequirements build() {
+     return requirements;
+   }
+  }
+
+  public int getAuditLogging() {
+    return auditLogging;
+  }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedKeyManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
similarity index 98%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedKeyManager.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
index c9c7e076b..56f3591a7 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedKeyManager.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedTrustManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedTrustManager.java
similarity index 97%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedTrustManager.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedTrustManager.java
index 725ae2361..b3d06200e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/CustomX509ExtendedTrustManager.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedTrustManager.java
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores;
 
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.X509ExtendedTrustManager;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/TLSPreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
similarity index 81%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/TLSPreConfiguration.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index 9fa814782..4d56b3cd7 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/keystores/TLSPreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -1,7 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores;
 
 import javax.net.ssl.*;
 import java.io.IOException;
@@ -19,7 +16,7 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class TLSPreConfiguration {
+public class PreConfiguration {
     //private static final Logger LOG = LoggerFactory.getLogger(TLSPreConfiguration.class);
 
     public static TrustManager[] getX509ExtTrustManager(
@@ -41,23 +38,20 @@ public static TrustManager[] getX509ExtTrustManager(
                     new CertPathTrustManagerParameters(filterTrustAnchors(trustStore));
             trustManagerFactory.init(trustParams);*/
             trustManagerFactory.init(trustStore);
-
             myTrustManager = trustManagerFactory.getTrustManagers();
 
-
             /* set up TrustManager config */
             //allow only X509 Authentication
             if (myTrustManager.length == 1 && myTrustManager[0] instanceof X509ExtendedTrustManager) {
                 //toDo algorithm constraints
-                //toDO hostname verification is currently done by using https identification protocol
+                //toDo hostname verification is currently done by using https identification protocol
                 return myTrustManager;
             } else {
                 throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(myTrustManager));
             }
         } catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException e) {
-            e.printStackTrace();
+            throw new RuntimeException(e);
         }
-        return null;
     }
 
     public static KeyManager[] getX509ExtKeyManager(
@@ -92,9 +86,33 @@ public static KeyManager[] getX509ExtKeyManager(
 
         } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException
                 | CertificateException e) {
-            e.printStackTrace();
+            throw new RuntimeException(e);
+        }
+    }
+
+    public static Key getKey(
+        String keyStorePath,
+        String keyStorePassword,
+        String keyAlias
+    ) {
+        try (
+            InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath));
+        ) {
+            /* create KeyManager for remote authentication */
+            KeyStore keystore = KeyStore.getInstance("JKS");
+
+            //load keystore
+            keystore.load(jksKeyStoreIn, keyStorePassword.toCharArray());
+
+            // get private key
+            return keystore.getKey(keyAlias,
+                keyStorePassword.toCharArray()
+            );
+
+        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException
+            | UnrecoverableKeyException e) {
+            throw new RuntimeException(e);
         }
-        return null; //some exception was raised
     }
 
     private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore)
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 3e957daec..1daed0d9f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores.TLSPreConfiguration;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
@@ -13,10 +13,8 @@
 import javax.net.ssl.*;
 import java.io.DataOutputStream;
 import java.io.IOException;
-import java.io.OutputStream;
 import java.net.InetSocketAddress;
 import java.net.Socket;
-import java.nio.charset.StandardCharsets;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
 import java.util.concurrent.CountDownLatch;
@@ -67,14 +65,14 @@ public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback)
 
         /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
          * hostVerification and algorithm constraints */
-        TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
+        TrustManager[] myTrustManager = PreConfiguration.getX509ExtTrustManager(
                 clientSettings.getTrustStorePath(),
                 clientSettings.getTrustStorePassword()
         );
 
         /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
          * connection specific key selection via key alias*/
-        KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
+        KeyManager[] myKeyManager = PreConfiguration.getX509ExtKeyManager(
                 clientSettings.getKeyStorePath(),
                 clientSettings.getKeyStorePassword(),
                 clientSettings.getCertAlias(),
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index bad618463..5b0cebd24 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.keystores.TLSPreConfiguration;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
@@ -12,7 +12,6 @@
 import javax.net.ssl.*;
 import java.io.IOException;
 import java.net.ServerSocket;
-import java.net.SocketException;
 import java.net.SocketTimeoutException;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
@@ -53,7 +52,7 @@ public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback configCallback,
         /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
          * hostVerification and algorithm constraints */
         LOG.debug("Create trust manager for tls server");
-        TrustManager[] myTrustManager = TLSPreConfiguration.getX509ExtTrustManager(
+        TrustManager[] myTrustManager = PreConfiguration.getX509ExtTrustManager(
                 serverSettings.getTrustStorePath(),
                 serverSettings.getTrustStorePassword()
         );
@@ -61,7 +60,7 @@ public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback configCallback,
         /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
          * connection specific key selection via key alias*/
         LOG.debug("Create key manager for tls server");
-        KeyManager[] myKeyManager = TLSPreConfiguration.getX509ExtKeyManager(
+        KeyManager[] myKeyManager = PreConfiguration.getX509ExtKeyManager(
                 serverSettings.getKeyStorePath(),
                 serverSettings.getKeyStorePassword(),
                 serverSettings.getCertAlias(),
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
index 5314c1a35..e6188f504 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
@@ -7,5 +7,5 @@
  */
 public interface DapsDriver {
     byte[] getToken();
-    int verifyToken(byte[] dat);
+    int verifyToken(byte[] dat, Object securityRequirements);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
index a01e931b9..f81f1f70b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
@@ -99,7 +99,7 @@ public StateWaitForDatAndRat(FSM fsm,
                     //check if Dat is available and verify dat
                     byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
                     int datValidityPeriod;
-                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat))){
+                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
index 035987fc2..0ceb07a01 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
@@ -69,7 +69,7 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                     //check if Dat is available and verify dat
                     byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
                     int datValidityPeriod;
-                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat))){
+                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
index ddb7ea88c..52b2ebbb8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
@@ -97,7 +97,7 @@ public StateWaitForHello(FSM fsm,
                     byte[] dat;
                     int datValidityPeriod;
                     if (!idscpHello.hasDynamicAttributeToken() || 0 > (datValidityPeriod = dapsDriver
-                            .verifyToken(dat = idscpHello.getDynamicAttributeToken().getToken().toByteArray()))){
+                            .verifyToken(dat = idscpHello.getDynamicAttributeToken().getToken().toByteArray(), null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT",
                                 IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
new file mode 100644
index 000000000..3360e7bd3
--- /dev/null
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -0,0 +1,7 @@
+public class DapsDriverTest {
+
+  public static void main(String[] args) {
+    System.out.println("test");
+  }
+
+}
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index cda0fa9e5..1b8b0e466 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -1,5 +1,6 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Prover;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Verifier;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
@@ -19,7 +20,18 @@ public class IDSCPv2ClientInitiator implements IDSCPv2Initiator {
 
     public void init(IDSCPv2Settings settings){
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
-        DapsDriver dapsDriver = new DefaultDapsDriver();
+        DefaultDapsDriverConfig config =
+            new DefaultDapsDriverConfig.Builder()
+                .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+                .setKeyStorePath(settings.getKeyStorePath())
+                .setTrustStorePath(settings.getTrustStorePath())
+                .setKeyStorePassword(settings.getKeyStorePassword())
+                .setTrustStorePassword(settings.getTrustStorePassword())
+                .setKeyAlias(settings.getCertAlias())
+                .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                .build();
+
+        DapsDriver dapsDriver = new DefaultDapsDriver(config);
 
         RatProverDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Prover.class);
         RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Verifier.class);
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index e81a21e1e..ce4295f2c 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -1,5 +1,6 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Prover;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Verifier;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
@@ -21,7 +22,18 @@ public class IDSCPv2ServerInitiator implements IDSCPv2Initiator {
 
     public void init(IDSCPv2Settings serverSettings)  {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
-        DapsDriver dapsDriver = new DefaultDapsDriver();
+
+        DefaultDapsDriverConfig config =
+            new DefaultDapsDriverConfig.Builder()
+                .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+                .setKeyStorePath(serverSettings.getKeyStorePath())
+                .setTrustStorePath(serverSettings.getTrustStorePath())
+                .setKeyStorePassword(serverSettings.getKeyStorePassword())
+                .setTrustStorePassword(serverSettings.getTrustStorePassword())
+                .setKeyAlias(serverSettings.getCertAlias())
+                .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                .build();
+        DapsDriver dapsDriver = new DefaultDapsDriver(config);
 
         RatProverDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Prover.class);
         RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Verifier.class);

From b5f21b00d65d05c94233e1e8133482cc3eaf73fc Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Wed, 25 Mar 2020 11:18:28 +0100
Subject: [PATCH 053/237] DapsDriver: Update return value to long, return
 validity time, add some junit tests, add Builder Pattern to settings

---
 .../daps/DefaultDapsDriver.java               |  14 +-
 .../keystores/PreConfiguration.java           |   9 +-
 .../client/InputListenerThread.java           |   3 +-
 .../idscp2/drivers/interfaces/DapsDriver.java |   2 +-
 .../configuration/IDSCPv2Settings.java        |  94 +++++---
 .../StateWaitForDatAndRat.java                |   2 +-
 .../StateWaitForDatAndRatVerifier.java        |   2 +-
 .../StateWaitForHello.java                    |   2 +-
 .../finite_state_machine/Timer.java           |   4 +-
 .../finite_state_machine/TimerThread.java     |   4 +-
 idscp2/src/test/java/DapsDriverTest.java      | 213 +++++++++++++++++-
 idscp2/src/test/java/RunTLSClient.java        |  11 +-
 idscp2/src/test/java/RunTLSServer.java        |  11 +-
 13 files changed, 315 insertions(+), 56 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index c41ef33e7..d708ffc6f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -26,6 +26,8 @@
 import org.jose4j.jwk.HttpsJwks;
 import org.jose4j.jws.AlgorithmIdentifiers;
 import org.jose4j.jwt.JwtClaims;
+import org.jose4j.jwt.MalformedClaimException;
+import org.jose4j.jwt.NumericDate;
 import org.jose4j.jwt.consumer.InvalidJwtException;
 import org.jose4j.jwt.consumer.JwtConsumer;
 import org.jose4j.jwt.consumer.JwtConsumerBuilder;
@@ -165,7 +167,7 @@ public byte[] getToken() {
     }
 
     @Override
-    public int verifyToken(byte[] dat, Object securityRequirements) {
+    public long verifyToken(byte[] dat, Object securityRequirements) {
 
         LOG.info("Verify dynamic attribute token ...");
 
@@ -198,15 +200,21 @@ public int verifyToken(byte[] dat, Object securityRequirements) {
 
         //verify dat
         JwtClaims claims;
+        NumericDate expTime;
 
         LOG.debug("Request JWKS from DAPS for validating DAT");
 
         try {
             claims = jwtConsumer.processToClaims(new String(dat));
+            expTime = claims.getExpirationTime();
         } catch (InvalidJwtException e) {
             LOG.error("DAPS response is not a valid DAT format", e);
             return -1;
+        } catch (MalformedClaimException e) {
+            LOG.error("DAT does not contain expiration time", e);
+            return -1;
         }
+        long validityTime = expTime.getValue() - NumericDate.now().getValue();
 
         //check security requirements
         if (securityRequirements != null) {
@@ -225,7 +233,7 @@ public int verifyToken(byte[] dat, Object securityRequirements) {
                 if (secRequirements.getAuditLogging() <= providedSecurityProfile.getAuditLogging())
                 {
                     LOG.info("DAT is valid and secure");
-                    return 20;
+                    return validityTime;
                 } else {
                     LOG.warn("DAT does not fulfill the security requirements");
                     return -1;
@@ -237,7 +245,7 @@ public int verifyToken(byte[] dat, Object securityRequirements) {
             }
         } else {
             LOG.info("DAT is valid");
-            return 20;
+            return validityTime;
         }
     } //returns number of seconds dat is valid
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index 4d56b3cd7..cc8b465a1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -105,9 +105,12 @@ public static Key getKey(
             keystore.load(jksKeyStoreIn, keyStorePassword.toCharArray());
 
             // get private key
-            return keystore.getKey(keyAlias,
-                keyStorePassword.toCharArray()
-            );
+            Key key = keystore.getKey(keyAlias, keyStorePassword.toCharArray());
+            if (key == null) {
+                throw new RuntimeException("No key was found in keystore for given alias");
+            } else {
+                return key;
+            }
 
         } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException
             | UnrecoverableKeyException e) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index 15c605e8b..8d49dc954 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -36,17 +36,16 @@ public void run(){
         byte[] buf;
         while (running){
             try {
-
                 int len = in.readInt();
                 buf = new byte[len];
                 in.readFully(buf, 0, len);
                 this.listener.onMessage(buf);
-
             } catch (SocketTimeoutException e) {
                 //timeout to catch safeStop() call, which allows save close and sending Client_Goodbye
                 //alternative: close socket / InputStream and catch exception
                 //continue;
                 //toDo offset when timeout while reading ???
+
             } catch (EOFException e){
                 listener.onClose();
                 running = false; //terminate
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
index e6188f504..4ae55525d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
@@ -7,5 +7,5 @@
  */
 public interface DapsDriver {
     byte[] getToken();
-    int verifyToken(byte[] dat, Object securityRequirements);
+    long verifyToken(byte[] dat, Object securityRequirements);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
index c77d56a9b..467b97fe9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
@@ -1,5 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
+import org.checkerframework.checker.nullness.qual.NonNull;
 import org.checkerframework.checker.units.qual.A;
 
 /**
@@ -21,6 +22,71 @@ public class IDSCPv2Settings {
     private AttestationConfig supportedAttestation = new AttestationConfig();
     private AttestationConfig expectedAttestation = new AttestationConfig();
 
+    public static class Builder {
+        @NonNull
+        private IDSCPv2Settings settings = new IDSCPv2Settings();
+
+        @NonNull
+        public Builder setHost(String host) {
+            this.settings.host = host;
+            return this;
+        }
+
+        @NonNull
+        public Builder setTrustStore(String path) {
+            this.settings.trustStorePath = path;
+            return this;
+        }
+
+        @NonNull
+        public Builder setKeyStore(String path) {
+            this.settings.keyStorePath = path;
+            return this;
+        }
+
+        @NonNull
+        public Builder setTrustStorePwd(String pwd) {
+            this.settings.trustStorePassword = pwd;
+            return this;
+        }
+
+        @NonNull
+        public Builder setKeyStorePwd(String pwd) {
+            this.settings.keyStorePassword = pwd;
+            return this;
+        }
+
+        @NonNull
+        public Builder setCertificateAlias(String alias) {
+            this.settings.certAlias = alias;
+            return this;
+        }
+
+        @NonNull
+        public Builder setKeyStoreKeyType(String keyType) {
+            this.settings.keyStoreKeyType = keyType;
+            return this;
+        }
+
+        @NonNull
+        public Builder setSupportedAttestationSuite(AttestationConfig suite) {
+            this.settings.supportedAttestation = suite;
+            return this;
+        }
+
+        @NonNull
+        public Builder setExpectedAttestationSuite(AttestationConfig suite) {
+            this.settings.expectedAttestation = suite;
+            return this;
+        }
+
+        @NonNull
+        public IDSCPv2Settings build() {
+            return this.settings;
+        }
+
+    }
+
     public AttestationConfig getExpectedAttestation() {
         return expectedAttestation;
     }
@@ -57,35 +123,7 @@ public String getCertAlias() {
         return certAlias;
     }
 
-    public void setKeyStorePath(String keyStorePath) {
-        this.keyStorePath = keyStorePath;
-    }
-
-    public void setTrustStorePath(String trustStorePath) {
-        this.trustStorePath = trustStorePath;
-    }
-
-    public void setCertAlias(String certAlias) {
-        this.certAlias = certAlias;
-    }
-
-    public void setKeyStoreKeyType(String keyStoreKeyType) {
-        this.keyStoreKeyType = keyStoreKeyType;
-    }
-
-    public void setTrustStorePassword(String trustStorePassword) {
-        this.trustStorePassword = trustStorePassword;
-    }
-
-    public void setKeyStorePassword(String keyStorePassword) {
-        this.keyStorePassword = keyStorePassword;
-    }
-
     public String getHost() {
         return host;
     }
-
-    public void setHost(String host) {
-        this.host = host;
-    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
index f81f1f70b..e0336ed01 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
@@ -98,7 +98,7 @@ public StateWaitForDatAndRat(FSM fsm,
                     LOG.debug("Verify received DAT");
                     //check if Dat is available and verify dat
                     byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
-                    int datValidityPeriod;
+                    long datValidityPeriod;
                     if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
index 0ceb07a01..1118112c8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
@@ -68,7 +68,7 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                     LOG.debug("Verify received DAT");
                     //check if Dat is available and verify dat
                     byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
-                    int datValidityPeriod;
+                    long datValidityPeriod;
                     if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
index 52b2ebbb8..323155f3e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
@@ -95,7 +95,7 @@ public StateWaitForHello(FSM fsm,
                     LOG.debug("Verify received DAT");
                     //check if Dat is available and verify dat
                     byte[] dat;
-                    int datValidityPeriod;
+                    long datValidityPeriod;
                     if (!idscpHello.hasDynamicAttributeToken() || 0 > (datValidityPeriod = dapsDriver
                             .verifyToken(dat = idscpHello.getDynamicAttributeToken().getToken().toByteArray(), null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
index 9eb2e25b5..0496fa7a1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
@@ -16,12 +16,12 @@ public class Timer {
         this.timeoutHandler = timeoutHandler;
     }
 
-    void resetTimeout(int delay){
+    void resetTimeout(long delay){
         cancelTimeout();
         start(delay);
     }
 
-    public void start(int delay){
+    public void start(long delay){
         mutex.lock();
         thread = new TimerThread(delay, timeoutHandler, fsmIsBusy);
         thread.start();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
index 2efc7109c..1f6041336 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
@@ -5,11 +5,11 @@
 public class TimerThread extends Thread{
 
     private volatile boolean canceled = false;
-    private int delay;
+    private long delay;
     private final Runnable timeoutHandler;
     private final ReentrantLock fsmIsBusy;
 
-    TimerThread(int delay, Runnable timeoutHandler, ReentrantLock fsmIsBusy){
+    TimerThread(long delay, Runnable timeoutHandler, ReentrantLock fsmIsBusy){
         this.delay = delay;
         this.timeoutHandler = timeoutHandler;
         this.fsmIsBusy = fsmIsBusy;
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 3360e7bd3..1e8d17762 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -1,7 +1,216 @@
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.SecurityRequirements;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import org.junit.Test;
+import static org.junit.Assert.*;
+
 public class DapsDriverTest {
+  //toDo add further junit tests
 
-  public static void main(String[] args) {
-    System.out.println("test");
+  private String getExpiredToken() {
+    return "";
+  }
+
+  @Test
+  public void testValidToken() {
+    DefaultDapsDriverConfig config =
+        new DefaultDapsDriverConfig.Builder()
+            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setKeyStorePassword("password")
+            .setTrustStorePassword("password")
+            .setKeyAlias("1")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
+            .build();
+
+    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+    String token = new String(dapsDriver.getToken());
+    assertNotEquals(token, "INVALID_TOKEN");
+
+    SecurityRequirements requirements = new SecurityRequirements.Builder()
+        .setAuditLogging(2)
+        .build();
+
+    SecurityRequirements requirements2 = new SecurityRequirements.Builder()
+        .setAuditLogging(1)
+        .build();
+
+    assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) >= 0);
+    assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements2) >= 0);
+  }
+
+  @Test
+  public void testInvalidClient() {
+    DefaultDapsDriverConfig config =
+        new DefaultDapsDriverConfig.Builder()
+            .setConnectorUUID("INVALID_CLIENT")
+            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setKeyStorePassword("password")
+            .setTrustStorePassword("password")
+            .setKeyAlias("1")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
+            .build();
+
+    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+    String token = new String(dapsDriver.getToken());
+    assertEquals(token, "INVALID_TOKEN");
+  }
+
+  @Test
+  public void testInvalidUrlNonSecure() {
+    DefaultDapsDriverConfig config =
+        new DefaultDapsDriverConfig.Builder()
+            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setKeyStorePassword("password")
+            .setTrustStorePassword("password")
+            .setKeyAlias("1")
+            .setDapsUrl("http://daps.aisec.fraunhofer.de")
+            .build();
+
+    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+    String token = new String(dapsDriver.getToken());
+    assertEquals(token, "INVALID_TOKEN");
+  }
+
+  @Test
+  public void testInvalidUrl404() {
+    DefaultDapsDriverConfig config =
+        new DefaultDapsDriverConfig.Builder()
+            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setKeyStorePassword("password")
+            .setTrustStorePassword("password")
+            .setKeyAlias("1")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de/token")
+            .build();
+
+    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+    String token = new String(dapsDriver.getToken());
+    assertEquals(token, "INVALID_TOKEN");
+  }
+
+  @Test (expected = RuntimeException.class)
+  public void testInvalidPassword1() {
+    DefaultDapsDriverConfig config =
+        new DefaultDapsDriverConfig.Builder()
+            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setKeyStorePassword("INVALID_PASSWORD")
+            .setTrustStorePassword("password")
+            .setKeyAlias("1")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
+            .build();
+
+    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+  }
+
+  @Test (expected = RuntimeException.class)
+  public void testInvalidPassword2() {
+    DefaultDapsDriverConfig config =
+        new DefaultDapsDriverConfig.Builder()
+            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setKeyStorePassword("password")
+            .setTrustStorePassword("INVALID_PASSWORD")
+            .setKeyAlias("1")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
+            .build();
+
+    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+  }
+
+  @Test (expected = RuntimeException.class)
+  public void testInvalidKeyAlias() {
+    DefaultDapsDriverConfig config =
+        new DefaultDapsDriverConfig.Builder()
+            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setKeyStorePassword("password")
+            .setTrustStorePassword("password")
+            .setKeyAlias("INVALID_ALIAS")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
+            .build();
+
+    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+  }
+
+  @Test
+  public void testInvalidAuditLogging() {
+    DefaultDapsDriverConfig config =
+        new DefaultDapsDriverConfig.Builder()
+            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setKeyStorePassword("password")
+            .setTrustStorePassword("password")
+            .setKeyAlias("1")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
+            .build();
+
+    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+    String token = new String(dapsDriver.getToken());
+    assertNotEquals(token, "INVALID_TOKEN");
+
+    SecurityRequirements requirements = new SecurityRequirements.Builder()
+        .setAuditLogging(3) //token has supports only audit_logging 2
+        .build();
+
+    assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) < 0);
   }
 
+  public static void main(String[] args) {
+    //get token
+    DefaultDapsDriverConfig config =
+        new DefaultDapsDriverConfig.Builder()
+            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setKeyStorePassword("password")
+            .setTrustStorePassword("password")
+            .setKeyAlias("1")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
+            .build();
+
+    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+    String token = new String(dapsDriver.getToken());
+    System.out.println(token);
+
+    SecurityRequirements requirements = new SecurityRequirements.Builder()
+        .setAuditLogging(2)
+        .build();
+
+    long ret;
+    if (0 > (ret = dapsDriver.verifyToken(token.getBytes(), requirements))) {
+      System.out.println("failed");
+    } else {
+      System.out.println("success: " + ret);
+    }
+  }
 }
diff --git a/idscp2/src/test/java/RunTLSClient.java b/idscp2/src/test/java/RunTLSClient.java
index 2381d1071..5ae1fc94d 100644
--- a/idscp2/src/test/java/RunTLSClient.java
+++ b/idscp2/src/test/java/RunTLSClient.java
@@ -5,11 +5,12 @@ public class RunTLSClient {
 
     public static void main(String[] args){
         //start client
-        IDSCPv2Settings settings = new IDSCPv2Settings();
-        settings.setKeyStorePath(RunTLSClient.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath());
-        settings.setTrustStorePath(RunTLSClient.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath());
+        IDSCPv2Settings settings = new IDSCPv2Settings.Builder()
+            .setKeyStore(RunTLSClient.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStore(RunTLSClient.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .build();
 
         IDSCPv2ClientInitiator initiator = new IDSCPv2ClientInitiator();
         initiator.init(settings);
diff --git a/idscp2/src/test/java/RunTLSServer.java b/idscp2/src/test/java/RunTLSServer.java
index 8265950ff..f227998f2 100644
--- a/idscp2/src/test/java/RunTLSServer.java
+++ b/idscp2/src/test/java/RunTLSServer.java
@@ -4,11 +4,12 @@ public class RunTLSServer{
 
     public static void main(String[] argv){
 
-        IDSCPv2Settings settings = new IDSCPv2Settings();
-        settings.setKeyStorePath(RunTLSServer.class.getClassLoader().
-                getResource("ssl/aisecconnector2-keystore.jks").getPath());
-        settings.setTrustStorePath(RunTLSServer.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath());
+        IDSCPv2Settings settings = new IDSCPv2Settings.Builder()
+            .setKeyStore(RunTLSClient.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setTrustStore(RunTLSServer.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .build();
 
         IDSCPv2ServerInitiator initiator = new IDSCPv2ServerInitiator();
         initiator.init(settings);

From 513e314f45efb727a42fb1882d5dd7fe65de6964 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Wed, 25 Mar 2020 13:42:01 +0100
Subject: [PATCH 054/237] FIX problems: add special daps key alias in settings,
 catch SSLHandshakeException in TLSServerThread

---
 .../secure_channel/server/TLSServerThread.java        |  6 +++++-
 .../idscp_core/configuration/IDSCPv2Settings.java     | 11 +++++++++++
 .../idscp2/idscp_core/finite_state_machine/FSM.java   |  2 +-
 idscp2/src/test/java/IDSCPv2ClientInitiator.java      |  2 +-
 idscp2/src/test/java/IDSCPv2ServerInitiator.java      |  2 +-
 idscp2/src/test/java/RunTLSClient.java                |  2 ++
 idscp2/src/test/java/RunTLSServer.java                |  4 +++-
 7 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index bd1bad248..0aa00b7f8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -5,6 +5,7 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
+import javax.net.ssl.SSLHandshakeException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -86,8 +87,11 @@ public void run(){
             } catch (EOFException e){
                 onClose();
                 running = false;
+            } catch (SSLHandshakeException e) {
+                LOG.warn("SSLHandshakeException occurred. Quit server session");
+                running = false;
             } catch (IOException e){
-                onError();
+                onError(); //FIXME ??? is there any other exception that could occur before fsm was created ??, if so -> Thread will run forever
                 running = false;
             }
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
index 467b97fe9..d427fc296 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
@@ -18,6 +18,7 @@ public class IDSCPv2Settings {
     private String keyStorePath = null;
     private String keyStorePassword = "password";
     private String certAlias = "1.0.1";
+    private String dapsKeyAlias = "1";
     private String keyStoreKeyType = "RSA";
     private AttestationConfig supportedAttestation = new AttestationConfig();
     private AttestationConfig expectedAttestation = new AttestationConfig();
@@ -62,6 +63,12 @@ public Builder setCertificateAlias(String alias) {
             return this;
         }
 
+        @NonNull
+        public Builder setDapsKeyAlias(String alias) {
+            this.settings.dapsKeyAlias = alias;
+            return this;
+        }
+
         @NonNull
         public Builder setKeyStoreKeyType(String keyType) {
             this.settings.keyStoreKeyType = keyType;
@@ -123,6 +130,10 @@ public String getCertAlias() {
         return certAlias;
     }
 
+    public String getDapsKeyAlias() {
+        return dapsKeyAlias;
+    }
+
     public String getHost() {
         return host;
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index f0f988e60..daa915228 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -58,7 +58,7 @@ enum FSM_STATE {
     private Timer datTimer;
     private Timer ratTimer;
     private Timer handshakeTimer;
-    private final int ratTimeoutDelay = 120;
+    private final int ratTimeoutDelay = 20;
 
     public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
                String[] localSupportedRatSuite, String[] localExpectedRatSuite){
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index 1b8b0e466..62f96526d 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -27,7 +27,7 @@ public void init(IDSCPv2Settings settings){
                 .setTrustStorePath(settings.getTrustStorePath())
                 .setKeyStorePassword(settings.getKeyStorePassword())
                 .setTrustStorePassword(settings.getTrustStorePassword())
-                .setKeyAlias(settings.getCertAlias())
+                .setKeyAlias(settings.getDapsKeyAlias())
                 .setDapsUrl("https://daps.aisec.fraunhofer.de")
                 .build();
 
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index ce4295f2c..03fc7f1b6 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -30,7 +30,7 @@ public void init(IDSCPv2Settings serverSettings)  {
                 .setTrustStorePath(serverSettings.getTrustStorePath())
                 .setKeyStorePassword(serverSettings.getKeyStorePassword())
                 .setTrustStorePassword(serverSettings.getTrustStorePassword())
-                .setKeyAlias(serverSettings.getCertAlias())
+                .setKeyAlias(serverSettings.getDapsKeyAlias())
                 .setDapsUrl("https://daps.aisec.fraunhofer.de")
                 .build();
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
diff --git a/idscp2/src/test/java/RunTLSClient.java b/idscp2/src/test/java/RunTLSClient.java
index 5ae1fc94d..87500b62c 100644
--- a/idscp2/src/test/java/RunTLSClient.java
+++ b/idscp2/src/test/java/RunTLSClient.java
@@ -10,6 +10,8 @@ public static void main(String[] args){
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStore(RunTLSClient.class.getClassLoader().
                 getResource("ssl/client-truststore_new.jks").getPath())
+            .setCertificateAlias("1.0.1")
+            .setDapsKeyAlias("1")
             .build();
 
         IDSCPv2ClientInitiator initiator = new IDSCPv2ClientInitiator();
diff --git a/idscp2/src/test/java/RunTLSServer.java b/idscp2/src/test/java/RunTLSServer.java
index f227998f2..e2f9e4f91 100644
--- a/idscp2/src/test/java/RunTLSServer.java
+++ b/idscp2/src/test/java/RunTLSServer.java
@@ -6,9 +6,11 @@ public static void main(String[] argv){
 
         IDSCPv2Settings settings = new IDSCPv2Settings.Builder()
             .setKeyStore(RunTLSClient.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStore(RunTLSServer.class.getClassLoader().
                 getResource("ssl/client-truststore_new.jks").getPath())
+            .setCertificateAlias("1.0.1")
+            .setDapsKeyAlias("1")
             .build();
 
         IDSCPv2ServerInitiator initiator = new IDSCPv2ServerInitiator();

From bdcfee6c64e5122cc03f78da147eb11ae9b5fd18 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Thu, 26 Mar 2020 23:51:53 +0100
Subject: [PATCH 055/237] WIP Implement TPM2d RAT Drivers, move idscpv2 +
 tpm2dattestation protobufs into idscpv2 protocol

---
 ids-api/src/main/proto/idscpv2.proto          |  67 ----
 idscp2/build.gradle                           |  22 ++
 .../rat/TPM2d/TPM2dHelper.java                |  80 +++++
 .../rat/TPM2d/TPM2dProver.java                | 157 ++++++++++
 .../rat/TPM2d/TPM2dSocket.java                |  31 ++
 .../rat/TPM2d/TPM2dVerifier.java              | 285 ++++++++++++++++++
 .../rat/TPM2d/Tpm2dConfig.java                |  51 ++++
 .../rat/TPM2d/TpmMessageFactory.java          | 104 +++++++
 .../RatProverDummy.java}                      |  16 +-
 .../RatVerifierDummy.java}                    |  10 +-
 .../idscp_core/IdscpMessageFactory.java       |  12 +-
 .../idscp_core/finite_state_machine/FSM.java  |   4 +-
 .../finite_state_machine/Timer.java           |   2 -
 idscp2/src/main/proto/idscpv2.proto           |  66 ++++
 idscp2/src/main/proto/tpm2dAttestation.proto  | 147 +++++++++
 .../src/test/java/IDSCPv2ClientInitiator.java |   8 +-
 .../src/test/java/IDSCPv2ServerInitiator.java |   9 +-
 idscp2/src/test/java/RatDriverTest.java       |  11 +
 18 files changed, 982 insertions(+), 100 deletions(-)
 delete mode 100644 ids-api/src/main/proto/idscpv2.proto
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dConfig.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/{TPM2Prover.java => dummy/RatProverDummy.java} (76%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/{TPM2Verifier.java => dummy/RatVerifierDummy.java} (84%)
 create mode 100644 idscp2/src/main/proto/idscpv2.proto
 create mode 100644 idscp2/src/main/proto/tpm2dAttestation.proto
 create mode 100644 idscp2/src/test/java/RatDriverTest.java

diff --git a/ids-api/src/main/proto/idscpv2.proto b/ids-api/src/main/proto/idscpv2.proto
deleted file mode 100644
index 88fab12cf..000000000
--- a/ids-api/src/main/proto/idscpv2.proto
+++ /dev/null
@@ -1,67 +0,0 @@
-syntax = "proto3";
-option java_package = "de.fhg.aisec.ids.messages";
-option java_outer_classname = "IDSCPv2";
-
-//IDSCP message frame
-message IdscpMessage {
-    // One of the following will be filled in.
-    oneof message {
-        IdscpHello idscpHello = 1;
-        IdscpClose idscpClose = 2;
-        IdscpDatExpired idscpDatExpired = 3;
-        IdscpDat idscpDat = 4;
-        IdscpReRat idscpReRat = 5;
-        IdscpRatProver idscpRatProver = 6;
-        IdscpRatVerifier idscpRatVerifier = 7;
-        IdscpData idscpData = 8;
-    }
-}
-
-
-//IDSCP messages
-message IdscpHello {
-    int32 version = 1;                      //IDSCP protocol version
-    IdscpDat dynamicAttributeToken = 2;     //initial dynamicAttributeToken
-    repeated string supportedRatSuite = 3;  //RemoteAttestationCipher prover
-    repeated string expectedRatSuite = 4;   //RemoteAttestationCipher verifier
-}
-
-message IdscpClose {
-
-    enum CloseCause {
-        USER_SHUTDOWN = 0;
-        TIMEOUT = 1;
-        ERROR = 2;
-        NO_VALID_DAT = 3;
-        NO_RAT_MECHANISM_MATCH_PROVER = 4;
-        NO_RAT_MECHANISM_MATCH_VERIFIER = 5;
-        RAT_PROVER_FAILED = 6;
-        RAT_VERIFIER_FAILED = 7;
-    }
-
-    CloseCause cause_code = 1;
-    string cause_msg = 2;
-}
-
-message IdscpDatExpired {           //request new dynamicAttributeToken
-}
-
-message IdscpDat {
-    bytes token = 1;
-}
-
-message IdscpReRat {                //request new remoteAttestation
-    string cause = 1;               //optional
-}
-
-message IdscpRatProver {
-    bytes data = 1;
-}
-
-message IdscpRatVerifier {
-    bytes data = 1;
-}
-
-message IdscpData {
-    bytes data = 1 ;
-}
diff --git a/idscp2/build.gradle b/idscp2/build.gradle
index e48f54184..ae7629c0f 100644
--- a/idscp2/build.gradle
+++ b/idscp2/build.gradle
@@ -1,5 +1,27 @@
 version = libraryVersions.idscp
 
+apply plugin: 'com.google.protobuf'
+apply plugin: 'idea'
+
+protobuf {
+    generatedFilesBaseDir = "$projectDir/generated"
+
+    protoc {
+        artifact = "com.google.protobuf:protoc:${libraryVersions.protobuf}"
+    }
+}
+
+clean {
+    delete protobuf.generatedFilesBaseDir
+}
+
+idea {
+    module {
+        // mark as generated sources for IDEA
+        generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")
+    }
+}
+
 dependencies {
     providedByBundle(project(':ids-api')) { transitive = false }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java
new file mode 100644
index 000000000..7c10ad4d9
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java
@@ -0,0 +1,80 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+
+import java.security.MessageDigest;
+import java.security.SecureRandom;
+import java.security.cert.Certificate;
+import org.checkerframework.checker.nullness.qual.Nullable;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TPM2dHelper {
+  private static final Logger LOG = LoggerFactory.getLogger(TPM2dHelper.class);
+  private static final SecureRandom sr = new SecureRandom();
+
+  private TPM2dHelper() {}
+
+  /**
+   * Generate a crypto-secure random hex String of length numChars
+   *
+   * @param numBytes Desired String length
+   * @return The generated crypto-secure random hex String
+   */
+  static byte[] generateNonce(int numBytes) {
+    byte[] randBytes = new byte[numBytes];
+    sr.nextBytes(randBytes);
+    return randBytes;
+  }
+
+  /**
+   * Calculate SHA-1 hash of (nonce|certificate).
+   *
+   * @param nonce The plain, initial nonce
+   * @param certificate The certificate to hash-combine with the nonce
+   * @return The new nonce, updated with the given certificate using SHA-1
+   */
+  static byte[] calculateHash(byte[] nonce, @Nullable Certificate certificate) {
+    try {
+      MessageDigest digest = MessageDigest.getInstance("SHA-1");
+      digest.update(nonce);
+      if (certificate != null) {
+        digest.update(certificate.getEncoded());
+      } else {
+        LOG.warn(
+            "No client certificate available. Cannot bind nonce to public key to prevent masquerading attack. TLS misconfiguration!");
+      }
+      return digest.digest();
+    } catch (Exception e1) {
+      LOG.error("Could not create hash of own nonce and local certificate", e1);
+      return nonce;
+    }
+  }
+
+  static class ByteArrayUtil {
+
+    private static final String[] lookup = new String[256];
+
+    static {
+      for (int i = 0; i < lookup.length; ++i) {
+        if (i < 16) {
+          lookup[i] = "0" + Integer.toHexString(i);
+        } else {
+          lookup[i] = Integer.toHexString(i);
+        }
+      }
+    }
+
+    static String toPrintableHexString(byte[] bytes) {
+      StringBuilder s = new StringBuilder();
+      for (int i = 0; i < bytes.length; ++i) {
+        if (i > 0 && i % 16 == 0) {
+          s.append('\n');
+        } else {
+          s.append(' ');
+        }
+        s.append(lookup[bytes[i] & 0xff]);
+      }
+      return s.toString();
+    }
+  }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
new file mode 100644
index 000000000..4be3d812b
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
@@ -0,0 +1,157 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+
+import com.google.protobuf.InvalidProtocolBufferException;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
+import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
+
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.RemoteToTpm2d;
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dMessageWrapper;
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dRatChallenge;
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dRatResult;
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dToRemote;
+import java.io.IOException;
+import java.util.concurrent.BlockingQueue;
+import java.util.concurrent.LinkedBlockingQueue;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+public class TPM2dProver extends RatProverDriver {
+  private static final Logger LOG = LoggerFactory.getLogger(TPM2dProver.class);
+
+  private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
+
+  public TPM2dProver(){
+    super();
+  }
+
+  @Override
+  public void delegate(IdscpMessage message) {
+    queue.add(message);
+    LOG.debug("Delegated to prover");
+  }
+
+  @Override
+  public void run() {
+    //TPM2d Challenge-Response Protocol
+
+    // wait for RatChallenge from Verifier
+    IdscpMessage msg;
+    try {
+      msg = queue.take();
+      LOG.debug("Prover receives new message");
+    } catch (InterruptedException e) {
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+      return;
+    }
+
+    // check if message is from rat verifier
+    if (!msg.hasIdscpRatVerifier()) {
+      //unexpected message
+      LOG.warn("Unexpected message from FSM: Expected IdscpRatProver");
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+      return;
+    }
+
+    // parse body to expected tpm2d message wrapper
+    Tpm2dMessageWrapper tpm2dMessageWrapper;
+    try {
+      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg.getIdscpRatVerifier().getData());
+    } catch (InvalidProtocolBufferException e) {
+      LOG.error("Cannot parse IdscpRatVerifier body", e);
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+      return;
+    }
+
+    // check if wrapper contains expected rat challenge
+    if (!tpm2dMessageWrapper.hasRatChallenge()) {
+      //unexpected message
+      LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatChallenge");
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+      return;
+    }
+
+    LOG.debug("Get rat challenge from rat verifier");
+    Tpm2dRatChallenge challenge = tpm2dMessageWrapper.getRatChallenge();
+
+    LOG.debug("Requesting attestation from TPM ...");
+    // hash //toDo add remote certificate
+    byte[] hash = TPM2dHelper.calculateHash(challenge.getNonce().toByteArray(), null);
+
+    // generate RemoteToTPM2dRequest
+    RemoteToTpm2d tpmRequest = TpmMessageFactory.getRemoteToTPM2dMessage(
+        challenge.getAtype(),
+        hash,
+        challenge.hasPcrIndices() ? challenge.getPcrIndices() : 0 //toDo 0 okay?
+    );
+
+    // get TPM response
+    Tpm2dToRemote tpmResponse;
+    try {
+      TPM2dSocket tpmSocket = new TPM2dSocket(""); //toDo add host
+      tpmResponse = tpmSocket.requestAttestation(tpmRequest);
+    } catch (IOException e) {
+      LOG.error("Cannot access TPM", e);
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+      return;
+    }
+
+    // create Tpm2dResponse
+    byte[] response = TpmMessageFactory.getAttestationResponseMessage(tpmResponse)
+        .toByteArray();
+
+    LOG.debug("Send rat response to verifier");
+    fsmListener.onRatProverMessage(
+        InternalControlMessage.RAT_PROVER_MSG,
+        IdscpMessageFactory.getIdscpRatProverMessage(response)
+    );
+
+    // wait for result
+    try {
+      msg = queue.take();
+      LOG.debug("Prover receives new message");
+    } catch (InterruptedException e) {
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+      return;
+    }
+
+    // check if message is from rat verifier
+    if (!msg.hasIdscpRatVerifier()) {
+      //unexpected message
+      LOG.warn("Unexpected message from FSM: Expected IdscpRatProver");
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+      return;
+    }
+
+    // parse body to expected tpm2d message wrapper
+    try {
+      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg.getIdscpRatVerifier().getData());
+    } catch (InvalidProtocolBufferException e) {
+      LOG.error("Cannot parse IdscpRatVerifier body", e);
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+      return;
+    }
+
+    // check if wrapper contains expected rat result
+    if (!tpm2dMessageWrapper.hasRatResult()) {
+      //unexpected message
+      LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResult");
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+      return;
+    }
+
+    LOG.debug("Get rat challenge from rat verifier");
+    Tpm2dRatResult result = tpm2dMessageWrapper.getRatResult();
+
+    // notify fsm
+    if (result.getResult()) {
+      LOG.debug("Attestation succeed");
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
+    } else {
+      LOG.warn("Attestation failed");
+      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+    }
+  }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java
new file mode 100644
index 000000000..6f3bd3ce9
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java
@@ -0,0 +1,31 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.RemoteToTpm2d;
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dToRemote;
+import java.io.DataInputStream;
+import java.io.DataOutputStream;
+import java.io.IOException;
+import java.net.Socket;
+
+public class TPM2dSocket extends Socket {
+
+  private final DataInputStream is;
+  private final DataOutputStream os;
+
+  public TPM2dSocket(String host) throws IOException {
+    super(host, 9505);
+    is = new DataInputStream(this.getInputStream());
+    os = new DataOutputStream(this.getOutputStream());
+  }
+
+  public Tpm2dToRemote requestAttestation(RemoteToTpm2d request) throws IOException {
+    // Write attestation request message
+    byte[] requestBytes = request.toByteArray();
+    os.writeInt(requestBytes.length);
+    os.write(requestBytes);
+    // Read attestation result message
+    byte[] resultBytes = new byte[is.readInt()];
+    is.readFully(resultBytes);
+    return Tpm2dToRemote.parseFrom(resultBytes);
+  }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
new file mode 100644
index 000000000..e10fcf5b6
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
@@ -0,0 +1,285 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+
+import com.google.protobuf.InvalidProtocolBufferException;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
+import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dMessageWrapper;
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dRatResponse;
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.FileSystems;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.security.Signature;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Base64;
+import java.util.concurrent.BlockingQueue;
+import java.util.concurrent.LinkedBlockingQueue;
+import org.checkerframework.checker.nullness.qual.NonNull;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import tss.tpm.TPMS_ATTEST;
+import tss.tpm.TPMS_SIGNATURE_RSAPSS;
+import tss.tpm.TPMS_SIGNATURE_RSASSA;
+import tss.tpm.TPMT_SIGNATURE;
+import tss.tpm.TPM_ALG_ID;
+
+public class TPM2dVerifier extends RatVerifierDriver {
+  private static final Logger LOG = LoggerFactory.getLogger(TPM2dVerifier.class);
+
+  private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
+  private Tpm2dConfig config = new Tpm2dConfig.Builder().build();
+
+  public TPM2dVerifier(){
+    super();
+  }
+
+  @Override
+  public void delegate(IDSCPv2.IdscpMessage message) {
+    queue.add(message);
+    LOG.debug("Delegated to Verifier");
+  }
+
+  @Override
+  public void run(){
+    //TPM2d Challenge-Response Protocol
+
+    // create rat challenge with fresh nonce
+    LOG.debug("Generate and send rat challenge for rat prover");
+    byte[] nonce = TPM2dHelper.generateNonce(20);
+
+    // send challenge as RAT Verifier Message
+    byte[] ratChallenge = TpmMessageFactory.getAttestationChallengeMessage(
+        nonce, config.getExpectedAType(), config.getAttestationMask()).toByteArray();
+
+    fsmListener.onRatVerifierMessage(
+        InternalControlMessage.RAT_VERIFIER_MSG,
+        IdscpMessageFactory.getIdscpRatVerifierMessage(ratChallenge)
+    );
+
+    // wait for attestation response
+    IdscpMessage msg;
+    try {
+      msg = queue.take();
+      LOG.debug("Verifier receives new message");
+    } catch (InterruptedException e) {
+      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+      return;
+    }
+
+    // check if response is from rat prover
+    if (!msg.hasIdscpRatProver()) {
+      //unexpected message
+      LOG.warn("Unexpected message from FSM: Expected IdscpRatVerifier");
+      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+      return;
+    }
+
+    // parse body to expected tpm2d message wrapper
+    Tpm2dMessageWrapper tpm2dMessageWrapper;
+    try {
+      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg.getIdscpRatProver().getData());
+    } catch (InvalidProtocolBufferException e) {
+      LOG.error("Cannot parse IdscpRatProver body", e);
+      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+      return;
+    }
+
+    // check if wrapper contains expected rat response
+    if (!tpm2dMessageWrapper.hasRatResponse()) {
+      //unexpected message
+      LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResponse");
+      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+      return;
+    }
+
+    LOG.debug("Get rat response from remote prover");
+    //validate rat response
+    Tpm2dRatResponse resp = tpm2dMessageWrapper.getRatResponse();
+
+    LOG.debug("Validate rat response: signature and rat repository checks");
+    // validate signature //toDo add local certificate
+    boolean result = true;
+    byte[] hash = TPM2dHelper.calculateHash(nonce, null);
+
+    if (!checkSignature(resp, hash)) {
+      result = false;
+      LOG.warn("Invalid rat signature");
+    }
+
+    // toDo check rat repo!!!!!!!!! --> Problems with current Rat Repo Protobuf format
+
+    // create and send rat result
+    LOG.debug("Send rat result to remote prover");
+    byte[] ratResult = TpmMessageFactory.getAttestationResultMessage(result).toByteArray();
+    fsmListener.onRatVerifierMessage(
+        InternalControlMessage.RAT_VERIFIER_MSG,
+        IdscpMessageFactory.getIdscpRatVerifierMessage(ratResult)
+    );
+
+    // notify fsm about result
+    if (result) {
+      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
+    } else {
+      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+    }
+  }
+
+  private boolean checkSignature(@NonNull Tpm2dRatResponse response, byte[] hash) {
+    byte[] byteSignature = response.getSignature().toByteArray();
+    byte[] byteCert = response.getCertificate().toByteArray();
+    byte[] byteQuoted = response.getQuoted().toByteArray();
+
+    if (LOG.isDebugEnabled()) {
+      LOG.debug("signature: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature));
+      LOG.debug("cert: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteCert));
+      LOG.debug("quoted: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted));
+    }
+
+    if (byteSignature.length == 0 || byteCert.length == 0 || byteQuoted.length == 0) {
+      LOG.warn("Some required part (signature, cert or quoted) is empty!");
+      return false;
+    }
+
+    try {
+      CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
+
+      // Load trust anchor certificate
+      final X509Certificate rootCertificate;
+      Path rootCertPath = FileSystems.getDefault().getPath("etc", "rootca-cert.pem");
+      try (BufferedReader reader =
+          Files.newBufferedReader(rootCertPath, StandardCharsets.US_ASCII)) {
+        StringBuilder builder = new StringBuilder();
+        for (String line = reader.readLine(); line != null; line = reader.readLine()) {
+          if (!line.startsWith("-")) {
+            builder.append(line.trim());
+          }
+        }
+        byte[] rootCertBytes = Base64.getDecoder().decode(builder.toString());
+        rootCertificate =
+            (X509Certificate)
+                certFactory.generateCertificate(new ByteArrayInputStream(rootCertBytes));
+      } catch (Exception e) {
+        LOG.error("Error parsing root certificate", e);
+        return false;
+      }
+
+      // Create X509Certificate instance from certBytes
+      final X509Certificate certificate =
+          (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(byteCert));
+      // Verify the TPM certificate
+      try {
+        certificate.verify(rootCertificate.getPublicKey());
+      } catch (Exception e) {
+        LOG.error("TPM certificate is invalid", e);
+        return false;
+      }
+
+      // Construct a new TPMT_SIGNATURE instance from byteSignature bytes
+      final TPMT_SIGNATURE tpmtSignature;
+      try {
+        tpmtSignature = TPMT_SIGNATURE.fromTpm(byteSignature);
+      } catch (Exception ex) {
+        LOG.warn(
+            "Could not create a TPMT_SIGNATURE from bytes:\n"
+                + TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature),
+            ex);
+        return false;
+      }
+
+      // Construct a new TPMS_ATTEST instance from byteQuoted bytes
+      final TPMS_ATTEST tpmsAttest;
+      try {
+        tpmsAttest = TPMS_ATTEST.fromTpm(byteQuoted);
+      } catch (Exception ex) {
+        LOG.warn(
+            "Could not create a TPMS_ATTEST from bytes:\n"
+                + TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted),
+            ex);
+        return false;
+      }
+
+      // check hash value (extra data) against expected hash
+      byte[] extraBytes = tpmsAttest.extraData;
+      if (!Arrays.equals(extraBytes, hash)) {
+        if (LOG.isWarnEnabled()) {
+          LOG.warn(
+              "The hash (extra data) in TPMS_ATTEST structure is invalid!"
+                  + "\nextra data: {}\nhash: {}",
+              TPM2dHelper.ByteArrayUtil.toPrintableHexString(extraBytes),
+              TPM2dHelper.ByteArrayUtil.toPrintableHexString(hash));
+        }
+        return false;
+      }
+
+      // Check signature of attestation
+      final int tpmSigAlg = tpmtSignature.GetUnionSelector_signature();
+      final int tpmSigHashAlg;
+      final byte[] tpmSig;
+      if (tpmSigAlg == TPM_ALG_ID.RSAPSS.toInt()) {
+        tpmSigHashAlg = ((TPMS_SIGNATURE_RSAPSS) tpmtSignature.signature).hash.toInt();
+        tpmSig = ((TPMS_SIGNATURE_RSAPSS) tpmtSignature.signature).sig;
+      } else if (tpmSigAlg == TPM_ALG_ID.RSASSA.toInt()) {
+        tpmSigHashAlg = ((TPMS_SIGNATURE_RSASSA) tpmtSignature.signature).hash.toInt();
+        tpmSig = ((TPMS_SIGNATURE_RSASSA) tpmtSignature.signature).sig;
+      } else {
+        throw new Exception(
+            "Unknown or unimplemented signature scheme: " + tpmtSignature.signature.getClass());
+      }
+      if (tpmSigHashAlg != TPM_ALG_ID.SHA256.toInt()) {
+        throw new Exception("Only SHA256withRSA TPM signature hash algorithm is allowed!");
+      }
+      Signature sig = Signature.getInstance("SHA256withRSA");
+      sig.initVerify(certificate.getPublicKey());
+      sig.update(byteQuoted);
+      boolean result = sig.verify(tpmSig);
+      if (!result && LOG.isWarnEnabled()) {
+        LOG.warn("Attestation signature invalid!");
+      }
+      return result;
+    } catch (Exception ex) {
+      LOG.warn("Error during attestation validation", ex);
+      return false;
+    }
+  }
+
+  /*
+   * ******************* New Protocol *******************
+   *
+   * Verifier: (Challenger)
+   * -------------------------
+   * Generate NonceV
+   * create RatChallenge (NonceV, aType, pcr_mask)
+   * -------------------------
+   *
+   * Prover: (Responder)
+   * -------------------------
+   * get RatChallenge (NonceV, aType, pcr_mask)
+   * hash = calculateHash(nonceV, certV)
+   * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
+   * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
+   * create AttestationResponse from tpm response
+   * -------------------------
+   *
+   * Verifier: (Responder)
+   * -------------------------
+   * get AttestationResponse
+   * hash = calculateHash(nonceV, certV)
+   * check signature(response, hash)
+   * check repo(aType, response, ttpUri)
+   * create RatResult
+   * -------------------------
+   *
+   * Prover: (Requester)
+   * -------------------------
+   * get AttestationResult
+   * -------------------------
+   *
+   */
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dConfig.java
new file mode 100644
index 000000000..84a950314
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dConfig.java
@@ -0,0 +1,51 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.IdsAttestationType;
+import java.net.URI;
+import org.checkerframework.checker.nullness.qual.NonNull;
+
+public class Tpm2dConfig {
+
+  private int attestationMask = 0;
+  @NonNull private IdsAttestationType expectedAType = IdsAttestationType.BASIC;
+  @NonNull private URI ttpUri = URI.create("");
+
+  public static class Builder {
+    @NonNull private Tpm2dConfig config = new Tpm2dConfig();
+
+    @NonNull
+    public Builder setAttestationMask(int attestationMask) {
+      config.attestationMask = attestationMask;
+      return this;
+    }
+
+    @NonNull
+    public Builder setIdsAttestationType(IdsAttestationType aType) {
+      config.expectedAType = aType;
+      return this;
+    }
+
+    @NonNull
+    public Builder setTtpUri(URI ttp) {
+      config.ttpUri = ttp;
+      return this;
+    }
+
+    @NonNull
+    public Tpm2dConfig build() {
+      return config;
+    }
+  }
+
+  public IdsAttestationType getExpectedAType() {
+    return expectedAType;
+  }
+
+  public int getAttestationMask() {
+    return attestationMask;
+  }
+
+  public URI getTtpUri() {
+    return ttpUri;
+  }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
new file mode 100644
index 000000000..1379fdbec
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
@@ -0,0 +1,104 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+
+
+import com.google.protobuf.ByteString;
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.*;
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.RemoteToTpm2d.Code;
+import java.util.List;
+
+public class TpmMessageFactory {
+
+  static Tpm2dMessageWrapper getAttestationChallengeMessage(
+      byte[] nonce,
+      IdsAttestationType aType,
+      int pcrIndices
+  ) {
+    return Tpm2dMessageWrapper.newBuilder().setRatChallenge(
+        Tpm2dRatChallenge.newBuilder()
+            .setAtype(aType)
+            .setNonce(ByteString.copyFrom(nonce))
+            .setPcrIndices(pcrIndices)
+            .build()
+    ).build();
+  }
+
+  static Tpm2dMessageWrapper getAttestationResponseMessage(
+      IdsAttestationType aType,
+      String hash_alg,
+      ByteString quoted,
+      ByteString signature,
+      List<Pcr> pcrValues,
+      ByteString certificate
+  ) {
+    return Tpm2dMessageWrapper.newBuilder().setRatResponse(
+        Tpm2dRatResponse.newBuilder()
+            .setAtype(aType)
+            .setHashAlg(hash_alg)
+            .setQuoted(quoted)
+            .setSignature(signature)
+            .addAllPcrValues(pcrValues)
+            .setCertificate(certificate)
+            .build()
+    ).build();
+  }
+
+  static Tpm2dMessageWrapper getAttestationResponseMessage(
+      Tpm2dToRemote response
+  ) {
+    return Tpm2dMessageWrapper.newBuilder().setRatResponse(
+        Tpm2dRatResponse.newBuilder()
+            .setAtype(response.getAtype())
+            .setHashAlg(response.getHalg().name())
+            .setQuoted(response.getQuoted())
+            .setSignature(response.getSignature())
+            .addAllPcrValues(response.getPcrValuesList())
+            .setCertificate(response.getCertificate())
+            .build()
+    ).build();
+  }
+
+  static Tpm2dMessageWrapper getAttestationResultMessage(
+      //IdsAttestationType aType,
+      boolean result
+  ) {
+    return Tpm2dMessageWrapper.newBuilder().setRatResult(
+        Tpm2dRatResult.newBuilder()
+            //.setAtype(aType)
+            .setResult(result)
+            .build()
+    ).build();
+  }
+
+  static Tpm2dMessageWrapper getAttestationRepositoryRequestMessage(
+      IdsAttestationType aType,
+      List<Pcr> pcrValues
+  ) {
+    return Tpm2dMessageWrapper.newBuilder().setRepositoryRequest(
+        Tpm2dRepositoryRequest.newBuilder()
+            .setAtype(aType)
+            .addAllPcrValues(pcrValues)
+            .build()
+    ).build();
+  }
+
+  static Tpm2dMessageWrapper getAttestationRepositoryResponseMessage() {
+    return Tpm2dMessageWrapper.newBuilder().setRepositoryResponse(
+        Tpm2dRepositoryResponse.newBuilder()
+            //toDo add values
+            .build()
+    ).build();
+  }
+
+  static RemoteToTpm2d getRemoteToTPM2dMessage(
+      IdsAttestationType aType,
+      byte[] hash,
+      int pcrIndices
+  ) {
+    return RemoteToTpm2d.newBuilder()
+        .setAtype(aType)
+        .setQualifyingData(ByteString.copyFrom(hash))
+        .setCode(Code.ATTESTATION_REQ)
+        .setPcrs(pcrIndices)
+        .build();
+  }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
similarity index 76%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
index 55bbf061b..90a8786a3 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Prover.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
@@ -8,24 +8,18 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.LinkedList;
-import java.util.Queue;
 import java.util.concurrent.BlockingQueue;
-import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.LinkedBlockingQueue;
-import java.util.concurrent.locks.ReadWriteLock;
-import java.util.concurrent.locks.ReentrantLock;
-import java.util.concurrent.locks.ReentrantReadWriteLock;
 
 /**
  * A RatProver dummy, that sends two incoming messages from the remote rat verifier and also sends two messages
  */
-public class TPM2Prover extends RatProverDriver {
-    private static final Logger LOG = LoggerFactory.getLogger(TPM2Prover.class);
+public class RatProverDummy extends RatProverDriver {
+    private static final Logger LOG = LoggerFactory.getLogger(RatProverDummy.class);
 
     private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
 
-    public TPM2Prover(){
+    public RatProverDummy(){
         super();
     }
 
@@ -42,7 +36,7 @@ public void run() {
             try {
                 sleep(1000);
                 fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
-                        IdscpMessageFactory.getIdscpRatProverMessage());
+                        IdscpMessageFactory.getIdscpRatProverMessage("test".getBytes()));
                 LOG.debug("Prover waits");
                 IDSCPv2.IdscpMessage m = queue.take();
                 LOG.debug("Prover receives, send something");
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
similarity index 84%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
index c7d302715..dacda0537 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2Verifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
@@ -10,12 +10,12 @@
 import java.util.concurrent.BlockingQueue;
 import java.util.concurrent.LinkedBlockingQueue;
 
-public class TPM2Verifier extends RatVerifierDriver {
-    private static final Logger LOG = LoggerFactory.getLogger(TPM2Verifier.class);
+public class RatVerifierDummy extends RatVerifierDriver {
+    private static final Logger LOG = LoggerFactory.getLogger(RatVerifierDummy.class);
 
     private BlockingQueue<IDSCPv2.IdscpMessage> queue = new LinkedBlockingQueue<>();
 
-    public TPM2Verifier(){
+    public RatVerifierDummy(){
         super();
     }
 
@@ -35,7 +35,7 @@ public void run(){
                 IDSCPv2.IdscpMessage m = queue.take();
                 LOG.debug("Verifier receives, send something");
                 fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG,
-                        IdscpMessageFactory.getIdscpRatVerifierMessage());
+                        IdscpMessageFactory.getIdscpRatVerifierMessage("test".getBytes()));
                 if (--countDown == 0)
                     break;
             } catch (InterruptedException e) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
index 3b917571a..f565a3f7f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
@@ -71,16 +71,20 @@ public static IdscpMessage getIdscpDataMessage(byte[] data){
                 .build();
     }
 
-    public static IdscpMessage getIdscpRatProverMessage(){
-        IdscpRatProver idscpRatProver = IdscpRatProver.newBuilder().build();
+    public static IdscpMessage getIdscpRatProverMessage(byte[] body){
+        IdscpRatProver idscpRatProver = IdscpRatProver.newBuilder()
+            .setData(ByteString.copyFrom(body))
+            .build();
 
         return IdscpMessage.newBuilder()
                 .setIdscpRatProver(idscpRatProver)
                 .build();
     }
 
-    public static IdscpMessage getIdscpRatVerifierMessage(){
-        IdscpRatVerifier idscpRatVerifier = IdscpRatVerifier.newBuilder().build();
+    public static IdscpMessage getIdscpRatVerifierMessage(byte[] body){
+        IdscpRatVerifier idscpRatVerifier = IdscpRatVerifier.newBuilder()
+            .setData(ByteString.copyFrom(body))
+            .build();
 
         return IdscpMessage.newBuilder()
                 .setIdscpRatVerifier(idscpRatVerifier)
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index daa915228..e510564fa 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -310,7 +310,7 @@ void restartRatVerifierDriver(){
         if (ratVerifierDriver == null){
             LOG.error("Cannot create instance of RAT_VERIFIER_DRIVER");
             currentRatVerifierId = "";
-            onControlMessage(InternalControlMessage.ERROR); //toDo geht das?
+            onControlMessage(InternalControlMessage.ERROR); //toDo geht das? nein
         } else {
             currentRatVerifierId = Long.toString(ratVerifierDriver.getId());
         }
@@ -330,7 +330,7 @@ void restartRatProverDriver(){
         if (ratProverDriver == null){
             LOG.error("Cannot create instance of RAT_PROVER_DRIVER");
             currentRatProverId = "";
-            onControlMessage(InternalControlMessage.ERROR); //toDo geht das?
+            onControlMessage(InternalControlMessage.ERROR); //toDo geht das? nein
         } else {
             currentRatProverId = Long.toString(ratProverDriver.getId());
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
index 0496fa7a1..7ddfd07c0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
@@ -4,8 +4,6 @@
 
 public class Timer {
 
-    //toDo real time FIFO synchronization for whole state machine
-
     private TimerThread thread = null;
     private final ReentrantLock fsmIsBusy;
     private final ReentrantLock mutex = new ReentrantLock(true);
diff --git a/idscp2/src/main/proto/idscpv2.proto b/idscp2/src/main/proto/idscpv2.proto
new file mode 100644
index 000000000..658d2e6c8
--- /dev/null
+++ b/idscp2/src/main/proto/idscpv2.proto
@@ -0,0 +1,66 @@
+syntax = "proto3";
+option java_package = "de.fhg.aisec.ids.messages";
+option java_outer_classname = "IDSCPv2";
+
+//IDSCP message frame
+message IdscpMessage {
+  // One of the following will be filled in.
+  oneof message {
+    IdscpHello idscpHello = 1;
+    IdscpClose idscpClose = 2;
+    IdscpDatExpired idscpDatExpired = 3;
+    IdscpDat idscpDat = 4;
+    IdscpReRat idscpReRat = 5;
+    IdscpRatProver idscpRatProver = 6;
+    IdscpRatVerifier idscpRatVerifier = 7;
+    IdscpData idscpData = 8;
+  }
+}
+
+//IDSCP messages
+message IdscpHello {
+  int32 version = 1;                      //IDSCP protocol version
+  IdscpDat dynamicAttributeToken = 2;     //initial dynamicAttributeToken
+  repeated string supportedRatSuite = 3;  //RemoteAttestationCipher prover
+  repeated string expectedRatSuite = 4;   //RemoteAttestationCipher verifier
+}
+
+message IdscpClose {
+
+  enum CloseCause {
+    USER_SHUTDOWN = 0;
+    TIMEOUT = 1;
+    ERROR = 2;
+    NO_VALID_DAT = 3;
+    NO_RAT_MECHANISM_MATCH_PROVER = 4;
+    NO_RAT_MECHANISM_MATCH_VERIFIER = 5;
+    RAT_PROVER_FAILED = 6;
+    RAT_VERIFIER_FAILED = 7;
+  }
+
+  CloseCause cause_code = 1;
+  string cause_msg = 2;
+}
+
+message IdscpDatExpired {           //request new dynamicAttributeToken
+}
+
+message IdscpDat {
+  bytes token = 1;
+}
+
+message IdscpReRat {                //request new remoteAttestatio
+  string cause = 1;               //optional
+}
+
+message IdscpRatProver {
+  bytes data = 1;
+}
+
+message IdscpRatVerifier {
+  bytes data = 1;
+}
+
+message IdscpData {
+  bytes data = 1 ;
+}
\ No newline at end of file
diff --git a/idscp2/src/main/proto/tpm2dAttestation.proto b/idscp2/src/main/proto/tpm2dAttestation.proto
new file mode 100644
index 000000000..74b9c3a69
--- /dev/null
+++ b/idscp2/src/main/proto/tpm2dAttestation.proto
@@ -0,0 +1,147 @@
+syntax = "proto2";
+option java_package = "de.fhg.aisec.ids.messages";
+option java_outer_classname = "Tpm2dAttestation";
+
+// protobuf messages for communicating with TPM
+
+// type of attestation in the IDS context
+enum IdsAttestationType {
+  // kernel + core container (PCR 0 to 11)
+  BASIC = 0;
+
+  // everything (PCRs 0 to 23)
+  ALL = 1;
+
+  // PCRs must be specified manually
+  ADVANCED = 2;
+}
+
+enum HashAlgLen {
+  SHA1   = 20;
+  SHA256 = 32;
+  SHA384 = 48;
+}
+
+message Pcr {
+  // the PCR number (usually between 0 and 23)
+  optional int32 number = 1;
+
+  // the value of PCR<number>
+  optional bytes value = 2;
+}
+
+message RemoteToTpm2d {
+  enum Code {
+    ATTESTATION_REQ = 1;
+  }
+
+  required Code code = 1;
+
+  // type of attestation in the IDS context
+  optional IdsAttestationType atype = 2 [default = BASIC];
+
+  // qualifingData (i.e. external data provided by the caller, such as a nonce)
+  optional bytes qualifyingData = 3;
+
+  // pcr bitmask for AttestationType ADVANCED only
+  //  - for BASIC, the default PCRs are PCRs 0 to 11
+  //  - for ALL  , the default PCRs are PCRs 0 to 23
+  optional int32 pcrs = 4;
+}
+
+message Tpm2dToRemote {
+  enum Code {
+    ATTESTATION_RES = 1;
+  }
+
+  required Code code = 1;
+
+  // type of attestation in the IDS context
+  optional IdsAttestationType atype = 2 [default = BASIC];
+
+  // the hash algorith used to sign the quoted information
+  optional HashAlgLen halg = 3;
+
+  // the quoted information (a TPM2B_ATTEST data structure)
+  optional bytes quoted = 4;
+
+  // the signature over 'quoted' (a TPMT_SIGNATURE data structure)
+  optional bytes signature = 5;
+
+  // the explicit PCR values
+  repeated Pcr pcr_values = 6;
+
+  // an _optional_ certificate that includes the public key
+  optional bytes certificate = 7;
+
+  // the measurement list in ima style hex strings
+  repeated string ml_entry = 11;
+}
+
+
+// ******* Message Wrapper ********
+message Tpm2dMessageWrapper {
+  oneof body {
+    // RAT Repository
+    Tpm2dRepositoryRequest repositoryRequest = 1;
+    Tpm2dRepositoryResponse repositoryResponse = 2;
+
+    // RAT Exchange
+    Tpm2dRatChallenge ratChallenge = 3;
+    Tpm2dRatResponse ratResponse = 4;
+    Tpm2dRatResult ratResult = 5;
+  }
+}
+
+// ******** Rat Repository *********
+message Tpm2dRepositoryRequest {
+  required IdsAttestationType atype = 1;
+  // the explicit PCR values
+  repeated Pcr pcr_values = 2;
+}
+
+message Tpm2dRepositoryResponse {
+  required IdsAttestationType atype = 1;
+  //boolean for result
+  required bool result = 2;
+}
+
+// ******** RAT Exchange *********
+//Attestation Request, sent to other connector (from Verifier to Prover)
+message Tpm2dRatChallenge {
+  required IdsAttestationType atype = 1;
+  // nonce for attestation request
+  required bytes nonce = 2;
+  // optional PCR indices for aType = ADVANCED
+  optional fixed32 pcr_indices = 3;
+}
+
+//Attestation Response, coming from other connector (from Prover to Verifier)
+message Tpm2dRatResponse {
+  // type of attestation in the IDS context
+  required IdsAttestationType atype = 1;
+
+  // the hash algorithm used to sign the quoted information
+  optional string hash_alg = 2;
+
+  // the quoted information (a TPM2B_ATTEST data structure)
+  required bytes quoted = 3;
+
+  // the signature over 'quoted' (a TPMT_SIGNATURE data structure)
+  required bytes signature = 4;
+
+  // the explicit PCR values
+  repeated Pcr pcr_values = 5;
+
+  // AIK certificate that includes the public key
+  required bytes certificate = 6;
+
+  // Measurement list
+  optional bytes measurement_list = 7;
+}
+
+//Attestation Request, sent to other connector (Verifier to Prover)
+message Tpm2dRatResult {
+  //required IdsAttestationType atype = 1;
+  required bool result = 1;
+}
\ No newline at end of file
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index 62f96526d..7f9e49baa 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -1,8 +1,8 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Prover;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Verifier;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
@@ -33,8 +33,8 @@ public void init(IDSCPv2Settings settings){
 
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
 
-        RatProverDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Prover.class);
-        RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Verifier.class);
+        RatProverDriverRegistry.getInstance().registerDriver("TPM_2", RatProverDummy.class);
+        RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", RatVerifierDummy.class);
 
         IDSCPv2Configuration clientConfig = new IDSCPv2Configuration(this,
                 dapsDriver, secureChannelDriver, settings.getExpectedAttestation(), settings.getSupportedAttestation());
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index 03fc7f1b6..6557e64be 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -1,11 +1,10 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Prover;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2Verifier;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
@@ -35,8 +34,8 @@ public void init(IDSCPv2Settings serverSettings)  {
                 .build();
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
 
-        RatProverDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Prover.class);
-        RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", TPM2Verifier.class);
+        RatProverDriverRegistry.getInstance().registerDriver("TPM_2", RatProverDummy.class);
+        RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", RatVerifierDummy.class);
 
         IDSCPv2Configuration idscpServerConfig = new IDSCPv2Configuration(this,
                 dapsDriver, secureChannelDriver, serverSettings.getExpectedAttestation(),
diff --git a/idscp2/src/test/java/RatDriverTest.java b/idscp2/src/test/java/RatDriverTest.java
new file mode 100644
index 000000000..4fb42c854
--- /dev/null
+++ b/idscp2/src/test/java/RatDriverTest.java
@@ -0,0 +1,11 @@
+import org.junit.Test;
+import static org.junit.Assert.*;
+
+public class RatDriverTest {
+
+  @Test
+  public void basisTest() {
+    System.out.println("Basis Test");
+    assertTrue(true);
+  }
+}

From 64517bcfa555777d10745a2ce9843fb7c91ecc91 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Fri, 27 Mar 2020 15:14:30 +0100
Subject: [PATCH 056/237] WIP Implementation of TPM2d Drivers: Add configs

---
 idscp2/build.gradle                           | 15 ++--
 .../rat/TPM2d/TPM2dProver.java                | 21 ++++--
 .../rat/TPM2d/TPM2dVerifier.java              | 19 +++--
 .../rat/TPM2d/Tpm2dConfig.java                | 51 -------------
 .../rat/TPM2d/Tpm2dProverConfig.java          | 44 ++++++++++++
 .../rat/TPM2d/Tpm2dVerifierConfig.java        | 72 +++++++++++++++++++
 .../secure_channel/client/TLSClient.java      |  2 +-
 .../drivers/interfaces/RatProverDriver.java   |  7 ++
 .../drivers/interfaces/RatVerifierDriver.java |  7 ++
 .../configuration/AttestationConfig.java      |  2 +-
 .../configuration/IDSCPv2Configuration.java   | 12 +++-
 .../idscp_core/finite_state_machine/FSM.java  | 34 ++++-----
 .../rat_registry/RatProverDriverRegistry.java | 32 +++++++--
 .../RatVerifierDriverRegistry.java            | 32 +++++++--
 .../src/test/java/IDSCPv2ClientInitiator.java | 30 ++++++--
 .../src/test/java/IDSCPv2ServerInitiator.java | 29 ++++++--
 16 files changed, 297 insertions(+), 112 deletions(-)
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dConfig.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java

diff --git a/idscp2/build.gradle b/idscp2/build.gradle
index ae7629c0f..9f543eb97 100644
--- a/idscp2/build.gradle
+++ b/idscp2/build.gradle
@@ -23,7 +23,7 @@ idea {
 }
 
 dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
+    //providedByBundle(project(':ids-api')) { transitive = false }
 
     providedByBundle group: 'com.github.microsoft', name: 'TSS.Java', version: '0.3.0'
 
@@ -34,21 +34,20 @@ dependencies {
     
     publishCompile group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
 
-    providedByBundle group: 'org.asynchttpclient', name: 'async-http-client', version: libraryVersions.ahc
+    //providedByBundle group: 'org.asynchttpclient', name: 'async-http-client', version: libraryVersions.ahc
 
-    providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-server', version: libraryVersions.jetty
-    providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-client', version: libraryVersions.jetty
+    //providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-server', version: libraryVersions.jetty
+    //providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-client', version: libraryVersions.jetty
 
-    testImplementation group: "javax.xml.bind", name: "jaxb-api", version: libraryVersions.jaxb
-    testImplementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
-    testImplementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
+    //testImplementation group: "javax.xml.bind", name: "jaxb-api", version: libraryVersions.jaxb
+    //testImplementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
+    //testImplementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
 
     providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-impl', version: libraryVersions.jsonwebtoken
     providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: libraryVersions.jsonwebtoken
     providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-api', version: libraryVersions.jsonwebtoken
     providedByBundle group: 'org.json', name: 'json', version: '20180813'
     providedByBundle group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.6.5'
-
     providedByBundle group: 'com.squareup.okhttp3', name: 'okhttp', version: libraryVersions.okhttp
 
     testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
index 4be3d812b..22890dcb2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
@@ -22,11 +22,22 @@ public class TPM2dProver extends RatProverDriver {
   private static final Logger LOG = LoggerFactory.getLogger(TPM2dProver.class);
 
   private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
+  private Tpm2dProverConfig config = new Tpm2dProverConfig.Builder().build();
 
   public TPM2dProver(){
     super();
   }
 
+  @Override
+  public void setConfig(Object config) {
+    if (config instanceof Tpm2dProverConfig) {
+      LOG.debug("Set rat prover config");
+      this.config = (Tpm2dProverConfig) config;
+    } else {
+      LOG.warn("Invalid prover config");
+    }
+  }
+
   @Override
   public void delegate(IdscpMessage message) {
     queue.add(message);
@@ -77,20 +88,22 @@ public void run() {
     Tpm2dRatChallenge challenge = tpm2dMessageWrapper.getRatChallenge();
 
     LOG.debug("Requesting attestation from TPM ...");
-    // hash //toDo add remote certificate
-    byte[] hash = TPM2dHelper.calculateHash(challenge.getNonce().toByteArray(), null);
+
+    // hash
+    byte[] hash = TPM2dHelper.calculateHash(challenge.getNonce().toByteArray(),
+        config.getRemoteCertificate());
 
     // generate RemoteToTPM2dRequest
     RemoteToTpm2d tpmRequest = TpmMessageFactory.getRemoteToTPM2dMessage(
         challenge.getAtype(),
         hash,
-        challenge.hasPcrIndices() ? challenge.getPcrIndices() : 0 //toDo 0 okay?
+        challenge.hasPcrIndices() ? challenge.getPcrIndices() : 0
     );
 
     // get TPM response
     Tpm2dToRemote tpmResponse;
     try {
-      TPM2dSocket tpmSocket = new TPM2dSocket(""); //toDo add host
+      TPM2dSocket tpmSocket = new TPM2dSocket(config.getTpm2dHost());
       tpmResponse = tpmSocket.requestAttestation(tpmRequest);
     } catch (IOException e) {
       LOG.error("Cannot access TPM", e);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
index e10fcf5b6..ce6ec98fd 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
@@ -34,12 +34,22 @@ public class TPM2dVerifier extends RatVerifierDriver {
   private static final Logger LOG = LoggerFactory.getLogger(TPM2dVerifier.class);
 
   private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
-  private Tpm2dConfig config = new Tpm2dConfig.Builder().build();
+  private Tpm2dVerifierConfig config = new Tpm2dVerifierConfig.Builder().build();
 
   public TPM2dVerifier(){
     super();
   }
 
+  @Override
+  public void setConfig(Object config) {
+    if (config instanceof Tpm2dVerifierConfig) {
+      LOG.debug("Set rat verifier config");
+      this.config = (Tpm2dVerifierConfig) config;
+    } else {
+      LOG.warn("Invalid config");
+    }
+  }
+
   @Override
   public void delegate(IDSCPv2.IdscpMessage message) {
     queue.add(message);
@@ -56,7 +66,7 @@ public void run(){
 
     // send challenge as RAT Verifier Message
     byte[] ratChallenge = TpmMessageFactory.getAttestationChallengeMessage(
-        nonce, config.getExpectedAType(), config.getAttestationMask()).toByteArray();
+        nonce, config.getExpectedAType(), config.getExpectedAttestationMask()).toByteArray();
 
     fsmListener.onRatVerifierMessage(
         InternalControlMessage.RAT_VERIFIER_MSG,
@@ -104,9 +114,10 @@ public void run(){
     Tpm2dRatResponse resp = tpm2dMessageWrapper.getRatResponse();
 
     LOG.debug("Validate rat response: signature and rat repository checks");
-    // validate signature //toDo add local certificate
+
+    // validate signature
     boolean result = true;
-    byte[] hash = TPM2dHelper.calculateHash(nonce, null);
+    byte[] hash = TPM2dHelper.calculateHash(nonce, config.getLocalCertificate());
 
     if (!checkSignature(resp, hash)) {
       result = false;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dConfig.java
deleted file mode 100644
index 84a950314..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dConfig.java
+++ /dev/null
@@ -1,51 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
-
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.IdsAttestationType;
-import java.net.URI;
-import org.checkerframework.checker.nullness.qual.NonNull;
-
-public class Tpm2dConfig {
-
-  private int attestationMask = 0;
-  @NonNull private IdsAttestationType expectedAType = IdsAttestationType.BASIC;
-  @NonNull private URI ttpUri = URI.create("");
-
-  public static class Builder {
-    @NonNull private Tpm2dConfig config = new Tpm2dConfig();
-
-    @NonNull
-    public Builder setAttestationMask(int attestationMask) {
-      config.attestationMask = attestationMask;
-      return this;
-    }
-
-    @NonNull
-    public Builder setIdsAttestationType(IdsAttestationType aType) {
-      config.expectedAType = aType;
-      return this;
-    }
-
-    @NonNull
-    public Builder setTtpUri(URI ttp) {
-      config.ttpUri = ttp;
-      return this;
-    }
-
-    @NonNull
-    public Tpm2dConfig build() {
-      return config;
-    }
-  }
-
-  public IdsAttestationType getExpectedAType() {
-    return expectedAType;
-  }
-
-  public int getAttestationMask() {
-    return attestationMask;
-  }
-
-  public URI getTtpUri() {
-    return ttpUri;
-  }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java
new file mode 100644
index 000000000..2a6e10c99
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java
@@ -0,0 +1,44 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+
+import java.security.cert.Certificate;
+import org.checkerframework.checker.nullness.qual.NonNull;
+
+public class Tpm2dProverConfig {
+
+  private Certificate remoteCertificate;
+  @NonNull private String tpm2dHost;
+
+  private Tpm2dProverConfig() {
+    tpm2dHost = System.getenv("TPM_HOST") != null ?
+        System.getenv("TPM_HOST") : "localhost";
+  }
+
+  public static class Builder {
+    private static Tpm2dProverConfig config = new Tpm2dProverConfig();
+
+    @NonNull
+    public Builder setRemoteCertificate(Certificate remoteCert) {
+      config.remoteCertificate = remoteCert;
+      return this;
+    }
+
+    @NonNull
+    public Builder setTpmHost(String host) {
+      config.tpm2dHost = host;
+      return this;
+    }
+
+    public Tpm2dProverConfig build() {
+      return config;
+    }
+  }
+
+  public Certificate getRemoteCertificate() {
+    return remoteCertificate;
+  }
+
+  @NonNull
+  public String getTpm2dHost() {
+    return tpm2dHost;
+  }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java
new file mode 100644
index 000000000..07e8ded2e
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java
@@ -0,0 +1,72 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.IdsAttestationType;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.security.cert.Certificate;
+import org.checkerframework.checker.nullness.qual.NonNull;
+
+public class Tpm2dVerifierConfig {
+
+  private Certificate localCertificate;
+  @NonNull private URI ttpUri;
+  @NonNull private IdsAttestationType expectedAType = IdsAttestationType.BASIC;
+  private int expectedAttestationMask = 0;
+
+  private Tpm2dVerifierConfig() {
+    try {
+      ttpUri = new URI("https://invalid-ttp-uri/rat-verify");
+    } catch (URISyntaxException e) {
+      throw new RuntimeException(e);
+    }
+  }
+
+  public static class Builder {
+    private static Tpm2dVerifierConfig config = new Tpm2dVerifierConfig();
+
+    @NonNull
+    public Builder setTtpUri(URI ttpUri) {
+      config.ttpUri = ttpUri;
+      return this;
+    }
+
+    @NonNull
+    public Builder setLocalCertificate(Certificate localCert) {
+      config.localCertificate = localCert;
+      return this;
+    }
+
+    @NonNull
+    public Builder setExpectedAttestationType(IdsAttestationType aType) {
+      config.expectedAType = aType;
+      return this;
+    }
+
+    public Builder setExpectedAttestationMask(int mask) {
+      config.expectedAttestationMask = mask;
+      return this;
+    }
+
+    public Tpm2dVerifierConfig build() {
+      return config;
+    }
+  }
+
+  @NonNull
+  public URI getTtpUri() {
+    return ttpUri;
+  }
+
+  @NonNull
+  public IdsAttestationType getExpectedAType() {
+    return expectedAType;
+  }
+
+  public Certificate getLocalCertificate() {
+    return localCertificate;
+  }
+
+  public int getExpectedAttestationMask() {
+    return expectedAttestationMask;
+  }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 1daed0d9f..e052ed7f5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -186,7 +186,7 @@ public void send(byte[] data){
                 out.writeInt(data.length);
                 out.write(data);
                 out.flush();
-                LOG.debug("Send message: {}", new String(data));
+                LOG.debug("Send message");
             } catch (IOException e){
                 LOG.error("Client cannot send data");
                 onError();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
index 7a2cefbae..fdcdc2d84 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
@@ -2,8 +2,11 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
 import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 public abstract class RatProverDriver extends Thread{
+    private static final Logger LOG = LoggerFactory.getLogger(RatProverDriver.class);
 
     protected boolean running = true;
     protected FsmListener fsmListener;
@@ -19,4 +22,8 @@ public void terminate() {
     public void setListener(FsmListener listener){
         fsmListener = listener;
     }
+
+    public void setConfig(Object config){
+        LOG.warn("Method 'setConfig' for RatProverDriver is not implemented");
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
index 73112e1b2..406748aa8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
@@ -2,8 +2,11 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
 import de.fhg.aisec.ids.messages.IDSCPv2;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 public abstract class RatVerifierDriver extends Thread{
+    private static final Logger LOG = LoggerFactory.getLogger(RatVerifierDriver.class);
 
     protected boolean running = true;
     protected FsmListener fsmListener;
@@ -19,4 +22,8 @@ public void terminate() {
     public void setListener(FsmListener listener){
         fsmListener = listener;
     }
+
+    public void setConfig(Object config) {
+        LOG.warn("Method 'setConfig' for RatVerifierDriver is not implemented");
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
index 42beafbbe..9c7a30457 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
@@ -12,7 +12,7 @@ public AttestationConfig(){
     }
 
     public String[] getRatMechanisms(){
-        return new String[] {"TPM_2", "INTEL_SGX", "ARM_TRUST_ZONE"};
+        return new String[] {"Dummy", "TPM2d"};
     }
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
index a93cbed43..8b04db0df 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -33,18 +33,22 @@ public class IDSCPv2Configuration implements IDSCPv2Callback {
     private SecureChannelDriver secureChannelDriver;
     private final String[] localExpectedRatCipher;
     private final String[] localSupportedRatCipher;
+    private int ratTimeout;
 
 
     public IDSCPv2Configuration(IDSCPv2Initiator initiator,
                                 DapsDriver dapsDriver,
                                 SecureChannelDriver secureChannelDriver,
                                 AttestationConfig expectedAttestation,
-                                AttestationConfig supportedAttestation){
+                                AttestationConfig supportedAttestation,
+                                int ratTimeout
+    ){
         this.user = initiator;
         this.dapsDriver = dapsDriver;
         this.secureChannelDriver = secureChannelDriver;
         this.localExpectedRatCipher = expectedAttestation.getRatMechanisms();
         this.localSupportedRatCipher = supportedAttestation.getRatMechanisms();
+        this.ratTimeout = ratTimeout;
     }
 
     public void connect(IDSCPv2Settings settings){
@@ -73,7 +77,8 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
             user.errorHandler("IDSCPv2 connect failed because no secure channel was established");
         } else {
             LOG.debug("A new secure channel for an outgoing idscpv2 connection was established");
-            FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher, localExpectedRatCipher);
+            FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher,
+                localExpectedRatCipher, ratTimeout);
 
             try {
                 fsm.startIdscpHandshake(); //blocking until handshake is done
@@ -93,7 +98,8 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
     public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnectionListener idscpServer) {
         if (secureChannel != null){
             LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
-            FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher, localExpectedRatCipher);
+            FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher,
+                localExpectedRatCipher, ratTimeout);
 
             try {
                 fsm.startIdscpHandshake(); //blocking until handshake is done
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index e510564fa..10869cc85 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -58,10 +58,9 @@ enum FSM_STATE {
     private Timer datTimer;
     private Timer ratTimer;
     private Timer handshakeTimer;
-    private final int ratTimeoutDelay = 20;
 
     public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
-               String[] localSupportedRatSuite, String[] localExpectedRatSuite){
+               String[] localSupportedRatSuite, String[] localExpectedRatSuite, int ratTimeout){
 
         this.secureChannel = secureChannel;
         secureChannel.setFsm(this);
@@ -83,7 +82,6 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
             onControlMessage(InternalControlMessage.REPEAT_RAT);
         };
 
-        //toDo set correct delays
         this.handshakeTimer = new Timer(fsmIsBusy, handshakeTimeoutHandler);
         this.datTimer = new Timer(fsmIsBusy, datTimeoutHandler);
         this.ratTimer = new Timer(fsmIsBusy, ratTimeoutHandler);
@@ -94,11 +92,11 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
         states.put(FSM_STATE.STATE_WAIT_FOR_HELLO, new StateWaitForHello(this,
                 handshakeTimer, datTimer, dapsDriver, localSupportedRatSuite, localExpectedRatSuite));
         states.put(FSM_STATE.STATE_WAIT_FOR_RAT, new StateWaitForRat(this, handshakeTimer, ratTimer,
-                ratTimeoutDelay, dapsDriver));
+                ratTimeout, dapsDriver));
         states.put(FSM_STATE.STATE_WAIT_FOR_RAT_PROVER, new StateWaitForRatProver(this, ratTimer, handshakeTimer,
                 dapsDriver));
         states.put(FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER, new StateWaitForRatVerifier(this, dapsDriver, ratTimer,
-                handshakeTimer, ratTimeoutDelay));
+                handshakeTimer, ratTimeout));
         states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT, new StateWaitForDatAndRat(this, handshakeTimer,
                 datTimer, dapsDriver));
         states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER, new StateWaitForDatAndRatVerifier(this,
@@ -294,13 +292,13 @@ void notifyHandshakeCompleteLock(){
     //calculate Prover mechanism (strongest remote expected), returns null if no match was found
     String getRatProverMechanism(String[] localSupportedProver, Object[] remoteExpectedVerifier){
         //toDo implement logic
-        return "TPM_2";
+        return localSupportedProver[0];
     }
 
     //calculate Verifier mechanism (strongest local expected), returns null if no match was found
     String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSupportedProver){
         //toDo implement logic
-        return "TPM_2";
+        return localExpectedVerifier[0];
     }
 
     void restartRatVerifierDriver(){
@@ -355,16 +353,18 @@ State getState(FSM_STATE state){
     }
 
     void lockFsm(){
-        secureChannel.close();
-        this.datTimer.cancelTimeout();
-        this.datTimer = null;
-        this.ratTimer.cancelTimeout();
-        this.ratTimer = null;
-        this.handshakeTimer.cancelTimeout();
-        this.handshakeTimer = null;
-        this.stopRatProverDriver();
-        this.stopRatVerifierDriver();
-        fsmIsClosed = true;
+        try {
+            secureChannel.close();
+            this.datTimer.cancelTimeout();
+            this.datTimer = null;
+            this.ratTimer.cancelTimeout();
+            this.ratTimer = null;
+            this.handshakeTimer.cancelTimeout();
+            this.handshakeTimer = null;
+            this.stopRatProverDriver();
+            this.stopRatVerifierDriver();
+            fsmIsClosed = true;
+        } catch (NullPointerException ignored){}
 
         //inform upper layer via handshake or closeListener
         try {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
index 708c2f6f1..d18a74807 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
@@ -6,9 +6,9 @@
 import java.util.concurrent.ConcurrentHashMap;
 
 public class RatProverDriverRegistry {
-    //toDO  Reflections library
+    //toDo  Reflections library
     private static RatProverDriverRegistry instance;
-    private static ConcurrentHashMap<String, Class<? extends RatProverDriver>> drivers = new ConcurrentHashMap<>();
+    private static ConcurrentHashMap<String, DriverWrapper> drivers = new ConcurrentHashMap<>();
 
     private RatProverDriverRegistry(){}
 
@@ -21,11 +21,14 @@ public static RatProverDriverRegistry getInstance(){
     }
 
     public static RatProverDriver startRatProverDriver(String instance, FsmListener listener){
-        Class<? extends RatProverDriver> driverClass = drivers.get(instance);
+        DriverWrapper driverWrapper = drivers.get(instance);
 
         try {
-            RatProverDriver driver = driverClass.getDeclaredConstructor().newInstance();
+            RatProverDriver driver = driverWrapper.driverClass.getDeclaredConstructor().newInstance();
             driver.setListener(listener);
+            if (driverWrapper.driverConfig != null) {
+                driver.setConfig(driverWrapper.driverConfig);
+            }
             driver.start();
             return driver;
 
@@ -35,12 +38,29 @@ public static RatProverDriver startRatProverDriver(String instance, FsmListener
     }
 
 
-    public void registerDriver(String instance, Class<? extends RatProverDriver> driverClass){
-        drivers.put(instance, driverClass);
+    public void registerDriver(
+        String instance,
+        Class<? extends RatProverDriver> driverClass,
+        Object driverConfig
+    ){
+        drivers.put(instance, new DriverWrapper(driverClass, driverConfig));
     }
 
     public void unregisterDriver(String instance){
         drivers.remove(instance);
     }
 
+    private static class DriverWrapper {
+        private Class<? extends RatProverDriver> driverClass;
+        private Object driverConfig;
+
+        private DriverWrapper(
+            Class<? extends RatProverDriver> driverClass,
+            Object driverConfig
+        ) {
+            this.driverClass = driverClass;
+            this.driverConfig = driverConfig;
+        }
+    }
+
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
index cb1536292..4b32fc5f6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
@@ -8,7 +8,8 @@
 
 public class RatVerifierDriverRegistry {
     private static RatVerifierDriverRegistry instance;
-    private static ConcurrentHashMap<String, Class<? extends RatVerifierDriver>> drivers = new ConcurrentHashMap<>();
+    private static ConcurrentHashMap<String, DriverWrapper> drivers
+        = new ConcurrentHashMap<>();
 
     private RatVerifierDriverRegistry(){}
 
@@ -16,16 +17,18 @@ public static RatVerifierDriverRegistry getInstance(){
         if (instance == null){
             instance = new RatVerifierDriverRegistry();
         }
-
         return instance;
     }
 
     public static RatVerifierDriver startRatVerifierDriver(String mechanism, FsmListener listener){
-        Class<? extends RatVerifierDriver> driverClass = drivers.get(mechanism);
+        DriverWrapper driverWrapper = drivers.get(mechanism);
 
         try {
-            RatVerifierDriver driver = driverClass.getDeclaredConstructor().newInstance();
+            RatVerifierDriver driver = driverWrapper.driverClass.getDeclaredConstructor().newInstance();
             driver.setListener(listener);
+            if (driverWrapper.driverConfig != null) {
+                driver.setConfig(driverWrapper.driverConfig);
+            }
             driver.start();
             return driver;
 
@@ -34,13 +37,28 @@ public static RatVerifierDriver startRatVerifierDriver(String mechanism, FsmList
         }
     }
 
-
-    public void registerDriver(String mechanism, Class<? extends RatVerifierDriver> driverClass){
-        drivers.put(mechanism, driverClass);
+    public void registerDriver(
+        String mechanism,
+        Class<? extends RatVerifierDriver> driverClass,
+        Object driverConfig
+    ){
+        drivers.put(mechanism, new DriverWrapper(driverClass, driverConfig));
     }
 
     public void unregisterDriver(String instance){
         drivers.remove(instance);
     }
 
+    private static class DriverWrapper {
+        private Class<? extends RatVerifierDriver> driverClass;
+        private Object driverConfig;
+
+        private DriverWrapper(
+            Class<? extends RatVerifierDriver> driver,
+            Object driverConfig
+        ) {
+            this.driverClass = driver;
+            this.driverConfig = driverConfig;
+        }
+    }
 }
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index 7f9e49baa..924f646c2 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -1,6 +1,10 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.TPM2dProver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.TPM2dVerifier;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.Tpm2dProverConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.Tpm2dVerifierConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
@@ -33,15 +37,31 @@ public void init(IDSCPv2Settings settings){
 
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
 
-        RatProverDriverRegistry.getInstance().registerDriver("TPM_2", RatProverDummy.class);
-        RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", RatVerifierDummy.class);
+        RatProverDriverRegistry.getInstance().registerDriver(
+            "Dummy", RatProverDummy.class, null);
+        RatVerifierDriverRegistry.getInstance().registerDriver(
+            "Dummy", RatVerifierDummy.class, null);
 
-        IDSCPv2Configuration clientConfig = new IDSCPv2Configuration(this,
-                dapsDriver, secureChannelDriver, settings.getExpectedAttestation(), settings.getSupportedAttestation());
+        RatProverDriverRegistry.getInstance().registerDriver(
+            "TPM2d", TPM2dProver.class,
+            new Tpm2dProverConfig.Builder().build()
+        );
+        RatVerifierDriverRegistry.getInstance().registerDriver(
+            "TPM2d", TPM2dVerifier.class,
+            new Tpm2dVerifierConfig.Builder().build()
+        );
+
+        IDSCPv2Configuration clientConfig = new IDSCPv2Configuration(
+            this,
+            dapsDriver,
+            secureChannelDriver,
+            settings.getExpectedAttestation(),
+            settings.getSupportedAttestation(),
+            20
+        );
         clientConfig.connect(settings);
     }
 
-
     @Override
     public void newConnectionHandler(IDSCPv2Connection connection) {
         this.connections.put(connection.getConnectionId(), connection);
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index 6557e64be..eeefaa987 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -1,6 +1,10 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.TPM2dProver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.TPM2dVerifier;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.Tpm2dProverConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.Tpm2dVerifierConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
@@ -34,12 +38,27 @@ public void init(IDSCPv2Settings serverSettings)  {
                 .build();
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
 
-        RatProverDriverRegistry.getInstance().registerDriver("TPM_2", RatProverDummy.class);
-        RatVerifierDriverRegistry.getInstance().registerDriver("TPM_2", RatVerifierDummy.class);
+        RatProverDriverRegistry.getInstance().registerDriver(
+            "Dummy", RatProverDummy.class, null);
+        RatVerifierDriverRegistry.getInstance().registerDriver(
+            "Dummy", RatVerifierDummy.class, null);
+        RatProverDriverRegistry.getInstance().registerDriver(
+            "TPM2d", TPM2dProver.class,
+            new Tpm2dProverConfig.Builder().build()
+        );
+        RatVerifierDriverRegistry.getInstance().registerDriver(
+            "TPM2d", TPM2dVerifier.class,
+            new Tpm2dVerifierConfig.Builder().build()
+        );
+
+        IDSCPv2Configuration idscpServerConfig = new IDSCPv2Configuration(
+            this,
+            dapsDriver,
+            secureChannelDriver,
+            serverSettings.getExpectedAttestation(),
+            serverSettings.getSupportedAttestation(),
+            20);
 
-        IDSCPv2Configuration idscpServerConfig = new IDSCPv2Configuration(this,
-                dapsDriver, secureChannelDriver, serverSettings.getExpectedAttestation(),
-                serverSettings.getSupportedAttestation());
         IDSCPv2Server idscPv2Server;
         try {
             idscPv2Server = idscpServerConfig.listen(serverSettings);

From 3c1a383a69a49d2caa45827077fbd1b45b684cdc Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Fri, 27 Mar 2020 21:30:35 +0100
Subject: [PATCH 057/237] Fix bugs in FSM: Avoid thread circles, that could
 produce undefined behaviour

---
 idscp2/README.md                              |  2 +-
 .../rat/dummy/RatProverDummy.java             |  2 +-
 .../rat/dummy/RatVerifierDummy.java           |  2 +-
 .../secure_channel/client/TLSClient.java      |  8 +-
 .../server/TLSServerThread.java               | 11 ++-
 .../configuration/IDSCPv2Settings.java        | 10 +++
 .../idscp_core/finite_state_machine/FSM.java  | 84 ++++++++++++++++---
 .../finite_state_machine/FsmListener.java     |  1 -
 .../finite_state_machine/StateClosed.java     |  9 +-
 .../StateEstablished.java                     | 37 ++++++--
 .../StateWaitForDatAndRat.java                | 34 ++++++--
 .../StateWaitForDatAndRatVerifier.java        | 23 ++++-
 .../StateWaitForHello.java                    | 13 ++-
 .../finite_state_machine/StateWaitForRat.java | 36 ++++++--
 .../StateWaitForRatProver.java                | 46 ++++++++--
 .../StateWaitForRatVerifier.java              | 33 ++++++--
 .../rat_registry/RatProverDriverRegistry.java |  1 -
 .../secure_channel/SecureChannel.java         |  4 +-
 .../secure_channel/SecureChannelEndpoint.java |  2 +-
 .../src/test/java/IDSCPv2ClientInitiator.java |  2 +-
 .../src/test/java/IDSCPv2ServerInitiator.java |  3 +-
 idscp2/src/test/java/RunTLSClient.java        |  1 +
 idscp2/src/test/java/RunTLSServer.java        |  1 +
 23 files changed, 301 insertions(+), 64 deletions(-)

diff --git a/idscp2/README.md b/idscp2/README.md
index 990171e66..9874e883f 100644
--- a/idscp2/README.md
+++ b/idscp2/README.md
@@ -1 +1 @@
-The _ids-comm_ module wraps the IDSCP, providing secure communication and remote attestation between Connector instances.
+The _idscp2_ implements the second version of the IDS Communication Protocol
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
index 90a8786a3..276f75804 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
@@ -32,7 +32,7 @@ public void delegate(IdscpMessage message) {
     @Override
     public void run() {
         int countDown = 2;
-        while (true){
+        while (running){
             try {
                 sleep(1000);
                 fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
index dacda0537..879223b3c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
@@ -28,7 +28,7 @@ public void delegate(IDSCPv2.IdscpMessage message) {
     @Override
     public void run(){
         int countDown = 2;
-        while (true){
+        while (running){
             try {
                 sleep(1000);
                 LOG.debug("Verifier waits");
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index e052ed7f5..93c85f7a0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -177,19 +177,21 @@ public void close() {
         disconnect();
     }
 
-    public void send(byte[] data){
+    @Override
+    public boolean send(byte[] data){
         if (!isConnected()){
             LOG.error("Client cannot send data because socket is not connected");
-            onError();
+            return false;
         } else {
             try {
                 out.writeInt(data.length);
                 out.write(data);
                 out.flush();
                 LOG.debug("Send message");
+                return true;
             } catch (IOException e){
                 LOG.error("Client cannot send data");
-                onError();
+                return false;
             }
         }
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index 0aa00b7f8..e70f124d3 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -84,6 +84,7 @@ public void run(){
                 //timeout catches safeStop() call and allows to send server_goodbye
                 //alternative: close sslSocket and catch SocketException
                 //continue
+
             } catch (EOFException e){
                 onClose();
                 running = false;
@@ -108,21 +109,23 @@ private void closeSockets(){
         }
     }
 
-    public void send(byte[] data) {
+    @Override
+    public boolean send(byte[] data) {
         if (!isConnected()){
             LOG.error("Server cannot send data because socket is not connected");
             closeSockets();
-            onError();
+            return false;
         } else {
             try {
                 out.writeInt(data.length);
                 out.write(data);
                 out.flush();
-                LOG.trace("Send message: " + new String(data));
+                LOG.debug("Send message: " + new String(data));
+                return true;
             } catch (IOException e){
                 LOG.error("ServerThread cannot send data.");
                 closeSockets();
-                onError();
+                return false;
             }
         }
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
index d427fc296..554764686 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
@@ -22,6 +22,7 @@ public class IDSCPv2Settings {
     private String keyStoreKeyType = "RSA";
     private AttestationConfig supportedAttestation = new AttestationConfig();
     private AttestationConfig expectedAttestation = new AttestationConfig();
+    private int ratTimeoutDelay = 20;
 
     public static class Builder {
         @NonNull
@@ -87,6 +88,11 @@ public Builder setExpectedAttestationSuite(AttestationConfig suite) {
             return this;
         }
 
+        public Builder setRatTimeoutDelay(int delay) {
+            this.settings.ratTimeoutDelay = delay;
+            return this;
+        }
+
         @NonNull
         public IDSCPv2Settings build() {
             return this.settings;
@@ -137,4 +143,8 @@ public String getDapsKeyAlias() {
     public String getHost() {
         return host;
     }
+
+    public int getRatTimeoutDelay() {
+        return ratTimeoutDelay;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 10869cc85..e076095cc 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -108,8 +108,38 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
         currentState = states.get(FSM_STATE.STATE_CLOSED);
     }
 
+    private void checkForFsmCircles() {
+
+        // check if current thread holds already the fsm lock, then we have a circle
+        // this runs into an issue: onControlMessage must be called only from other threads!
+        // if the current thread currently stuck within a fsm transition it will trigger another
+        // transition on the old state and undefined behaviour occurred
+        //
+        // The idscpv2 core and default driver will not run into this issue. It's a protection for
+        // avoiding incorrect usage of the idscpv2 library from further driver implementations
+        //
+        // Example:
+        // Thread A stuck within a transition t1 that calls a function that calls
+        // onControlMessage(InternalError). Then the error is handled in the current state
+        // state and the fsm will switch into state STATE_CLOSED and close all resources.
+        //
+        // Afterwards, the thread will continue the old transition t1 that might use some of the
+        // closed resources and switch in a non-closed STATE, e.g. STATE_ESTABLISHED.
+        // So our fsm would be broken and the behaviour is undefined and could leak security
+        // vulnerabilities
+        //
+        if (fsmIsBusy.isHeldByCurrentThread()) {
+            throw new RuntimeException("The current thread holds the fsm lock already. "
+                + "A circle might occur that could lead to undefined behaviour within the fsm");
+        }
+    }
+
     @Override
     public void onMessage(byte[] data){
+
+        //check for incorrect usage
+        checkForFsmCircles();
+
         //parse message and create new IDSCP Message Event, then pass it to current state and update new state
         IdscpMessage message;
         try {
@@ -124,6 +154,11 @@ public void onMessage(byte[] data){
         fsmIsBusy.lock();
         try {
             while (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))){
+
+                if (fsmIsClosed) {
+                    return;
+                }
+
                 try {
                     onMessageBlock.await();
                 } catch (InterruptedException e) {
@@ -137,8 +172,7 @@ public void onMessage(byte[] data){
 
     }
 
-    @Override
-    public void onControlMessage(InternalControlMessage controlMessage) {
+    private void onControlMessage(InternalControlMessage controlMessage) {
         //create Internal Control Message Event and pass it to current state and update new state
         Event e = new Event(controlMessage);
 
@@ -152,6 +186,10 @@ public void onControlMessage(InternalControlMessage controlMessage) {
 
     @Override
     public void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage) {
+
+        //check for incorrect usage
+        checkForFsmCircles();
+
         //only allow rat prover messages from current thread
         Event e;
         if (idscpMessage == null){
@@ -174,6 +212,10 @@ public void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessa
 
     @Override
     public void onRatVerifierMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage) {
+
+        //check for incorrect usage
+        checkForFsmCircles();
+
         //only allow rat verifier messages from current thread
         Event e;
         if (idscpMessage == null){
@@ -204,6 +246,10 @@ private void feedEvent(Event event){
     }
 
     public void terminate(){
+
+        //check for incorrect usage
+        checkForFsmCircles();
+
         LOG.info("Close idscp connection");
         onControlMessage(InternalControlMessage.IDSCP_STOP);
         LOG.debug("Close secure channel");
@@ -211,6 +257,10 @@ public void terminate(){
     }
 
     public void startIdscpHandshake() throws IDSCPv2Exception {
+
+        //check for incorrect usage
+        checkForFsmCircles();
+
         fsmIsBusy.lock();
         try {
             if (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))) {
@@ -241,18 +291,26 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
         }
     }
 
-    void sendFromFSM(IdscpMessage msg){
+    boolean sendFromFSM(IdscpMessage msg){
         //send messages from fsm
-        secureChannel.send(msg.toByteArray());
+        return secureChannel.send(msg.toByteArray());
     }
 
     @Override
     public void onError(){
+
+        //check for incorrect usage
+        checkForFsmCircles();
+
         onControlMessage(InternalControlMessage.ERROR);
     }
 
     @Override
     public void onClose(){
+
+        //check for incorrect usage
+        checkForFsmCircles();
+
         onControlMessage(InternalControlMessage.ERROR);
     }
 
@@ -261,7 +319,10 @@ public void send(IdscpMessage msg){
         fsmIsBusy.lock();
         try{
             if(isConnected()){
-                secureChannel.send(msg.toByteArray());
+                if (!secureChannel.send(msg.toByteArray())) {
+                    LOG.error("Cannot send IDSCP_DATA via secure channel");
+                    onControlMessage(InternalControlMessage.ERROR);
+                }
             } else {
                 LOG.error("Cannot send IDSCP_DATA because protocol is not established");
             }
@@ -301,16 +362,17 @@ String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSu
         return localExpectedVerifier[0];
     }
 
-    void restartRatVerifierDriver(){
+    boolean restartRatVerifierDriver(){
         //assume verifier mechanism is set
         stopRatVerifierDriver();
         ratVerifierDriver = RatVerifierDriverRegistry.startRatVerifierDriver(verifierMechanism, this);
         if (ratVerifierDriver == null){
             LOG.error("Cannot create instance of RAT_VERIFIER_DRIVER");
             currentRatVerifierId = "";
-            onControlMessage(InternalControlMessage.ERROR); //toDo geht das? nein
+            return false;
         } else {
             currentRatVerifierId = Long.toString(ratVerifierDriver.getId());
+            return true;
         }
     }
 
@@ -321,16 +383,18 @@ void stopRatVerifierDriver(){
         }
     }
 
-    void restartRatProverDriver(){
+
+    boolean restartRatProverDriver(){
         //assume prover mechanism is set
         stopRatProverDriver();
         ratProverDriver = RatProverDriverRegistry.startRatProverDriver(proverMechanism, this);
         if (ratProverDriver == null){
             LOG.error("Cannot create instance of RAT_PROVER_DRIVER");
             currentRatProverId = "";
-            onControlMessage(InternalControlMessage.ERROR); //toDo geht das? nein
+            return false;
         } else {
             currentRatProverId = Long.toString(ratProverDriver.getId());
+            return true;
         }
     }
 
@@ -366,7 +430,7 @@ void lockFsm(){
             fsmIsClosed = true;
         } catch (NullPointerException ignored){}
 
-        //inform upper layer via handshake or closeListener
+        //notify upper layer via handshake or closeListener
         try {
             if (handshakeResultAvailable){
                 listenerLatch.await();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
index 0a2dc0659..dc651ed0a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
@@ -4,7 +4,6 @@
 
 public interface FsmListener {
     void onMessage(byte[] data);
-    void onControlMessage(InternalControlMessage controlMessage);
     void onRatProverMessage(InternalControlMessage controlMessage, IDSCPv2.IdscpMessage idscpMessage);
     void onRatVerifierMessage(InternalControlMessage controlMessage, IDSCPv2.IdscpMessage idscpMessage);
     void onError();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
index 2d553b8e0..5b10bbd33 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
@@ -3,6 +3,7 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -35,7 +36,13 @@ public StateClosed(FSM fsm,
                     LOG.debug("Send IDSCP_HELLO");
                     IDSCPv2.IdscpMessage idscpHello = IdscpMessageFactory.
                             getIdscpHelloMessage(dat, localSupportedRatSuite, localExpectedRatSuite);
-                    fsm.sendFromFSM(idscpHello);
+
+                    if (!fsm.sendFromFSM(idscpHello)) {
+                      LOG.error("Cannot send IdscpHello. Close connection");
+                      runEntryCode(fsm);
+                      onMessageLock.notifyAll();
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
 
                     runExitCode(onMessageLock);
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_HELLO);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
index bec092246..eb21ca622 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
@@ -2,6 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -49,8 +50,16 @@ public StateEstablished(FSM fsm,
                 event -> {
                     LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER");
                     ratTimer.cancelTimeout();
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""));
-                    fsm.restartRatVerifierDriver();
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""))) {
+                      LOG.error("Cannot send ReRat message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
+                    if (!fsm.restartRatVerifierDriver()) {
+                      LOG.error("Cannot run Rat verifier, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
 
                     LOG.debug("Set handshake timeout");
                     handshakeTimer.resetTimeout(5);
@@ -63,7 +72,10 @@ public StateEstablished(FSM fsm,
                 event -> {
                     ratTimer.cancelTimeout();
                     LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage())) {
+                      LOG.error("Cannot send DatExpired message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
                 }
         ));
@@ -71,7 +83,12 @@ public StateEstablished(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER");
-                    fsm.restartRatProverDriver();
+
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
                 }
         ));
@@ -79,8 +96,16 @@ public StateEstablished(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("DAT expired. Send new DAT and repeat RAT");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
-                    fsm.restartRatProverDriver();
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                      LOG.error("Cannot send Dat message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
 
                     LOG.debug("Set handshake timeout");
                     handshakeTimer.resetTimeout(5);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
index e0336ed01..139342778 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
@@ -2,6 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -38,7 +39,7 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                   fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
                             IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -80,7 +81,10 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_RAT_PROVER");
-                    fsm.sendFromFSM(event.getIdscpMessage());
+                    if (!fsm.sendFromFSM(event.getIdscpMessage())) {
+                      LOG.error("Cannot send rat prover message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
                     return this;
                 }
         ));
@@ -101,14 +105,18 @@ public StateWaitForDatAndRat(FSM fsm,
                     long datValidityPeriod;
                     if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
+                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage(
+                            "No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
 
                     LOG.debug("Remote DAT is valid. Set dat timeout");
                     datTimer.resetTimeout(datValidityPeriod);
                     //start RAT Verifier
-                    fsm.restartRatVerifierDriver();
+                    if (!fsm.restartRatVerifierDriver()) {
+                      LOG.error("Cannot run Rat verifier, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
 
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
                 }
@@ -117,8 +125,17 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
-                    fsm.restartRatProverDriver();
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                      LOG.error("Cannot send Dat message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return this;
                 }
         ));
@@ -134,7 +151,10 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
-                    fsm.restartRatProverDriver();
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
                     return this;
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
index 1118112c8..fae2289f9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
@@ -2,6 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -77,7 +78,10 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                     LOG.debug("Remote DAT is valid. Set dat timeout");
                     datTimer.resetTimeout(datValidityPeriod);
                     //start RAT Verifier
-                    fsm.restartRatVerifierDriver();
+                    if (!fsm.restartRatVerifierDriver()) {
+                      LOG.error("Cannot run Rat verifier, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
 
                     LOG.debug("Set handshake timeout");
                     handshakeTimer.resetTimeout(5);
@@ -89,8 +93,16 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
-                    fsm.restartRatProverDriver();
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                      LOG.error("Cannot send DAT message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
                 }
         ));
@@ -98,7 +110,10 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
-                    fsm.restartRatProverDriver();
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
index 323155f3e..7f583002b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
@@ -3,6 +3,7 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -110,8 +111,16 @@ public StateWaitForHello(FSM fsm,
                     fsm.setRatMechanisms(proverMechanism, verifierMechanism);
 
                     LOG.debug("Start RAT Prover and Verifier");
-                    fsm.restartRatVerifierDriver();
-                    fsm.restartRatProverDriver();
+
+                    if (!fsm.restartRatVerifierDriver()) {
+                      LOG.error("Cannot run Rat verifier, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
 
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
                 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
index 7cb3bb4e1..82a599fe2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
@@ -2,6 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -93,7 +94,12 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_RAT_PROVER");
-                    fsm.sendFromFSM(event.getIdscpMessage());
+
+                    if (!fsm.sendFromFSM(event.getIdscpMessage())) {
+                      LOG.error("Cannot send rat prover message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return this;
                 }
         ));
@@ -101,7 +107,12 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_RAT_VERIFIER");
-                    fsm.sendFromFSM(event.getIdscpMessage());
+
+                    if (!fsm.sendFromFSM(event.getIdscpMessage())) {
+                      LOG.error("Cannot send rat verifier message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return this;
                 }
         ));
@@ -110,7 +121,12 @@ public StateWaitForRat(FSM fsm,
                 event -> {
                     LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER");
                     fsm.stopRatVerifierDriver();
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage())) {
+                      LOG.error("Cannot send DatExpired message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
                 }
         ));
@@ -143,10 +159,20 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
-                    fsm.restartRatProverDriver();
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                      LOG.error("Cannot send DAT message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     LOG.debug("Set handshake timeout");
                     handshakeTimer.resetTimeout(5);
+
                     return this;
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
index bad5b19a7..0b7470f2c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
@@ -2,6 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -60,7 +61,12 @@ public StateWaitForRatProver(FSM fsm,
                 event -> {
                     LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED");
                     ratTimer.cancelTimeout();
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage())) {
+                      LOG.error("Cannot send DatExpired message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
                 }
         ));
@@ -86,7 +92,12 @@ public StateWaitForRatProver(FSM fsm,
         this.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_RAT_PROVER");
-                    fsm.sendFromFSM(event.getIdscpMessage());
+
+                    if (!fsm.sendFromFSM(event.getIdscpMessage())) {
+                      LOG.error("Cannot send rat prover message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return this;
                 }
         ));
@@ -94,9 +105,19 @@ public StateWaitForRatProver(FSM fsm,
         this.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""));
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""))) {
+                      LOG.error("Cannot send ReRat message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     ratTimer.cancelTimeout();
-                    fsm.restartRatVerifierDriver();
+
+                    if (!fsm.restartRatVerifierDriver()) {
+                      LOG.error("Cannot run Rat verifier, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
                 }
         ));
@@ -111,8 +132,16 @@ public StateWaitForRatProver(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
-                    fsm.restartRatProverDriver();
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                      LOG.error("Cannot send DAT message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
                     LOG.debug("Set handshake timeout");
                     handshakeTimer.resetTimeout(5);
                     return this;
@@ -130,7 +159,10 @@ public StateWaitForRatProver(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
-                    fsm.restartRatProverDriver();
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
                     return this;
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
index 59c1ee108..e021d67e4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
@@ -2,6 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
 import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -59,7 +60,12 @@ public StateWaitForRatVerifier(FSM fsm,
                 event -> {
                     LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER");
                     fsm.stopRatVerifierDriver();
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage());
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage())) {
+                      LOG.error("Cannot send DatExpired message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
                 }
         ));
@@ -87,7 +93,12 @@ public StateWaitForRatVerifier(FSM fsm,
         this.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_RAT_VERIFIER");
-                    fsm.sendFromFSM(event.getIdscpMessage());
+
+                    if (!fsm.sendFromFSM(event.getIdscpMessage())) {
+                      LOG.error("Cannot send rat verifier message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return this;
                 }
         ));
@@ -102,8 +113,17 @@ public StateWaitForRatVerifier(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()));
-                    fsm.restartRatProverDriver();
+
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                      LOG.error("Cannot send DAT message");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
+
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
                 }
         ));
@@ -119,7 +139,10 @@ public StateWaitForRatVerifier(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
-                    fsm.restartRatProverDriver();
+                    if (!fsm.restartRatProverDriver()) {
+                      LOG.error("Cannot run Rat prover, close idscp connection");
+                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                    }
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
index d18a74807..703300b06 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
@@ -6,7 +6,6 @@
 import java.util.concurrent.ConcurrentHashMap;
 
 public class RatProverDriverRegistry {
-    //toDo  Reflections library
     private static RatProverDriverRegistry instance;
     private static ConcurrentHashMap<String, DriverWrapper> drivers = new ConcurrentHashMap<>();
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index 73e90f072..e105a5cdf 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -36,9 +36,9 @@ public void close(){
         endpoint.close();
     }
 
-    public void send(byte[] msg){
+    public boolean send(byte[] msg){
         LOG.debug("Send message via secure channel");
-        endpoint.send(msg);
+        return endpoint.send(msg);
     }
 
     @Override
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
index f3134434c..a4a2390ab 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
@@ -16,6 +16,6 @@
 public interface SecureChannelEndpoint {
     void close();
     void onMessage(byte[] bytes);
-    void send(byte[] bytes);
+    boolean send(byte[] bytes);
     boolean isConnected();
 }
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index 924f646c2..8e49a7a44 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -57,7 +57,7 @@ public void init(IDSCPv2Settings settings){
             secureChannelDriver,
             settings.getExpectedAttestation(),
             settings.getSupportedAttestation(),
-            20
+            settings.getRatTimeoutDelay()
         );
         clientConfig.connect(settings);
     }
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index eeefaa987..9c1a9802b 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -57,7 +57,8 @@ public void init(IDSCPv2Settings serverSettings)  {
             secureChannelDriver,
             serverSettings.getExpectedAttestation(),
             serverSettings.getSupportedAttestation(),
-            20);
+            serverSettings.getRatTimeoutDelay()
+        );
 
         IDSCPv2Server idscPv2Server;
         try {
diff --git a/idscp2/src/test/java/RunTLSClient.java b/idscp2/src/test/java/RunTLSClient.java
index 87500b62c..1e0983803 100644
--- a/idscp2/src/test/java/RunTLSClient.java
+++ b/idscp2/src/test/java/RunTLSClient.java
@@ -12,6 +12,7 @@ public static void main(String[] args){
                 getResource("ssl/client-truststore_new.jks").getPath())
             .setCertificateAlias("1.0.1")
             .setDapsKeyAlias("1")
+            .setRatTimeoutDelay(10)
             .build();
 
         IDSCPv2ClientInitiator initiator = new IDSCPv2ClientInitiator();
diff --git a/idscp2/src/test/java/RunTLSServer.java b/idscp2/src/test/java/RunTLSServer.java
index e2f9e4f91..1635158b8 100644
--- a/idscp2/src/test/java/RunTLSServer.java
+++ b/idscp2/src/test/java/RunTLSServer.java
@@ -11,6 +11,7 @@ public static void main(String[] argv){
                 getResource("ssl/client-truststore_new.jks").getPath())
             .setCertificateAlias("1.0.1")
             .setDapsKeyAlias("1")
+            .setRatTimeoutDelay(14)
             .build();
 
         IDSCPv2ServerInitiator initiator = new IDSCPv2ServerInitiator();

From 48cedda143e887c026b84be7e70f097be41a70d5 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Sat, 28 Mar 2020 07:55:56 +0100
Subject: [PATCH 058/237] Fix potential issue with uncatched expections during
 tls handshake on tlsServerThread

---
 .../keystores/PreConfiguration.java           |  2 +-
 .../rat/TPM2d/TpmMessageFactory.java          |  5 ++---
 .../client/InputListenerThread.java           | 10 ++++-----
 .../server/TLSServerThread.java               | 21 ++++++++++++-------
 .../StateEstablished.java                     |  2 +-
 5 files changed, 21 insertions(+), 19 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index cc8b465a1..d218c6e56 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -44,7 +44,7 @@ public static TrustManager[] getX509ExtTrustManager(
             //allow only X509 Authentication
             if (myTrustManager.length == 1 && myTrustManager[0] instanceof X509ExtendedTrustManager) {
                 //toDo algorithm constraints
-                //toDo hostname verification is currently done by using https identification protocol
+                //hostname verification is currently done by using https identification protocol
                 return myTrustManager;
             } else {
                 throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(myTrustManager));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
index 1379fdbec..6c7818e58 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
@@ -69,7 +69,7 @@ static Tpm2dMessageWrapper getAttestationResultMessage(
     ).build();
   }
 
-  static Tpm2dMessageWrapper getAttestationRepositoryRequestMessage(
+  /*static Tpm2dMessageWrapper getAttestationRepositoryRequestMessage(
       IdsAttestationType aType,
       List<Pcr> pcrValues
   ) {
@@ -84,10 +84,9 @@ static Tpm2dMessageWrapper getAttestationRepositoryRequestMessage(
   static Tpm2dMessageWrapper getAttestationRepositoryResponseMessage() {
     return Tpm2dMessageWrapper.newBuilder().setRepositoryResponse(
         Tpm2dRepositoryResponse.newBuilder()
-            //toDo add values
             .build()
     ).build();
-  }
+  }*/
 
   static RemoteToTpm2d getRemoteToTPM2dMessage(
       IdsAttestationType aType,
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index 8d49dc954..1c9f7400c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -40,11 +40,9 @@ public void run(){
                 buf = new byte[len];
                 in.readFully(buf, 0, len);
                 this.listener.onMessage(buf);
-            } catch (SocketTimeoutException e) {
-                //timeout to catch safeStop() call, which allows save close and sending Client_Goodbye
-                //alternative: close socket / InputStream and catch exception
-                //continue;
-                //toDo offset when timeout while reading ???
+            } catch (SocketTimeoutException ignore) {
+                //timeout to catch safeStop() call
+                //alternative: close socket / InputStream and catch exception SocketException
 
             } catch (EOFException e){
                 listener.onClose();
@@ -61,7 +59,7 @@ public void register(DataAvailableListener listener) {
         this.listener = listener;
     }
 
-
+    
     @Override
     public void safeStop() {
         this.running = false;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index e70f124d3..2aaecad0d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -71,6 +71,16 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
 
     @Override
     public void run(){
+        // first run the tls handshake to enforce catching every error occurred during the handshake
+        // before reading from buffer. Else if there exists any non-catched exception during handshake
+        // the thread would wait forever in onError() until handshakeCompleteListener is called
+        try {
+            sslSocket.startHandshake();
+        } catch (IOException e) {
+            LOG.warn("SSLHandshakeException occurred. Quit server session");
+            running = false;
+        }
+
         //wait for new data while running
         byte[] buf;
         while (running){
@@ -80,7 +90,7 @@ public void run(){
                 in.readFully(buf, 0, len);
                 onMessage(buf);
 
-            } catch (SocketTimeoutException e){
+            } catch (SocketTimeoutException e) {
                 //timeout catches safeStop() call and allows to send server_goodbye
                 //alternative: close sslSocket and catch SocketException
                 //continue
@@ -88,11 +98,8 @@ public void run(){
             } catch (EOFException e){
                 onClose();
                 running = false;
-            } catch (SSLHandshakeException e) {
-                LOG.warn("SSLHandshakeException occurred. Quit server session");
-                running = false;
             } catch (IOException e){
-                onError(); //FIXME ??? is there any other exception that could occur before fsm was created ??, if so -> Thread will run forever
+                onError();
                 running = false;
             }
         }
@@ -104,9 +111,7 @@ private void closeSockets(){
             out.close();
             in.close();
             sslSocket.close();
-        } catch (IOException e) {
-            //e.printStackTrace();
-        }
+        } catch (IOException ignore) {}
     }
 
     @Override
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
index eb21ca622..4db494542 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
@@ -22,7 +22,7 @@ public StateEstablished(FSM fsm,
          * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
          * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * //FIXME onICM: send_data ---> {send IDS_DATA} ---> STATE_ESTABLISHED
+         * //onICM: send_data ---> {send IDS_DATA} ---> STATE_ESTABLISHED
          * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
          * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_ESTABLISHED
          * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER

From 692fdef7eb83378d98bec9b5dfa33f8e3de8cbc4 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Sat, 28 Mar 2020 21:40:53 +0100
Subject: [PATCH 059/237] Upgrade TLS security: add hostname verification and
 certificate validation

---
 idscp2/build.gradle                           |  11 --
 .../CustomX509ExtendedKeyManager.java         |  41 ++++---
 .../CustomX509ExtendedTrustManager.java       |  79 -------------
 .../keystores/PreConfiguration.java           |  23 +++-
 .../TlsSessionVerificationHelper.java         | 110 ++++++++++++++++++
 .../client/InputListenerThread.java           |   9 +-
 .../secure_channel/client/TLSClient.java      |  23 ++--
 .../secure_channel/server/TLSServer.java      |   3 -
 .../server/TLSServerThread.java               |  39 +++++--
 .../idscp_core/finite_state_machine/FSM.java  |   6 +-
 .../finite_state_machine/StateClosed.java     |   2 +-
 11 files changed, 207 insertions(+), 139 deletions(-)
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedTrustManager.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java

diff --git a/idscp2/build.gradle b/idscp2/build.gradle
index 9f543eb97..81df80963 100644
--- a/idscp2/build.gradle
+++ b/idscp2/build.gradle
@@ -23,8 +23,6 @@ idea {
 }
 
 dependencies {
-    //providedByBundle(project(':ids-api')) { transitive = false }
-
     providedByBundle group: 'com.github.microsoft', name: 'TSS.Java', version: '0.3.0'
 
     providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
@@ -34,15 +32,6 @@ dependencies {
     
     publishCompile group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
 
-    //providedByBundle group: 'org.asynchttpclient', name: 'async-http-client', version: libraryVersions.ahc
-
-    //providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-server', version: libraryVersions.jetty
-    //providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-client', version: libraryVersions.jetty
-
-    //testImplementation group: "javax.xml.bind", name: "jaxb-api", version: libraryVersions.jaxb
-    //testImplementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
-    //testImplementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
-
     providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-impl', version: libraryVersions.jsonwebtoken
     providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: libraryVersions.jsonwebtoken
     providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-api', version: libraryVersions.jsonwebtoken
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
index 56f3591a7..0719a7783 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
@@ -40,10 +40,10 @@ public class CustomX509ExtendedKeyManager extends X509ExtendedKeyManager{
     }
 
     @Override
-    public String[] getClientAliases(String s, Principal[] principals) {
-        String[] clientAliases = delegate.getClientAliases(s, principals);
+    public String[] getClientAliases(String keyType, Principal[] issuers) {
+        String[] clientAliases = delegate.getClientAliases(keyType, issuers);
         for (String alias : clientAliases)
-            cachedAliases.putIfAbsent(alias, new CachedAliasValue(s, principals));
+            cachedAliases.putIfAbsent(alias, new CachedAliasValue(keyType, null)); //toDo get issuer
         return clientAliases;
     }
 
@@ -54,7 +54,7 @@ public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket s
         if (Arrays.asList(keyTypes).contains(this.keyType)){
             if ((cachedAliases.containsKey(this.certAlias) &&
                     cachedAliases.get(this.certAlias).match(keyType, issuers))
-                    || Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
+                    || Arrays.asList(getClientAliases(keyType, issuers)).contains(this.certAlias)) {
                 LOG.debug("CertificateAlias is {}", this.certAlias);
                 return this.certAlias;
             } else {
@@ -70,10 +70,10 @@ public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket s
     }
 
     @Override
-    public String[] getServerAliases(String s, Principal[] principals) {
-        String[] serverAliases = delegate.getServerAliases(s, principals);
+    public String[] getServerAliases(String keyType, Principal[] issuers) {
+        String[] serverAliases = delegate.getServerAliases(keyType, issuers);
         for (String alias : serverAliases)
-            cachedAliases.putIfAbsent(alias, new CachedAliasValue(s, principals));
+            cachedAliases.putIfAbsent(alias, new CachedAliasValue(keyType, null)); //toDo get issuer
         return serverAliases;
     }
 
@@ -135,17 +135,30 @@ public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEn
         return delegate.chooseEngineServerAlias(keyType, issuers, sslEngine);
     }
 
-    private class CachedAliasValue {
-        private String keyType;
-        private Principal[] issuers;
 
-        CachedAliasValue(String keyType, Principal[] issuers){
+    private static class CachedAliasValue {
+        private String keyType; //key algorithm type name
+        private Principal issuer; //certificate issuer
+
+        CachedAliasValue(String keyType, Principal issuer){
             this.keyType = keyType;
-            this.issuers = issuers;
+            this.issuer = issuer;
         }
 
-        boolean match(String keyType, Principal[] principals){
-            return this.keyType.equals(keyType) && (principals == null /* || //FIXME check issuers */);
+        /*
+         * This method is called for a given certificate alias and checks if the corresponding
+         * cached alias entry (contains keytype for certAlias and issuer of thee certificate)
+         * matches the requested conditions in thee TLS handshake.
+         *
+         * It must enforce checking if the certAlias belongs to a valid key algorithm type name,
+         * e.g. 'RSA' or 'EC' and it must check if the certificate issuer is one of the accepted
+         * issuer from the given principals list.
+         *
+         * returns true, if the keyAlias fulfills the requirements
+         */
+        boolean match(String keyType, Principal[] issuers){
+            return this.keyType.equals(keyType) && (issuers == null
+                || Arrays.asList(issuers).contains(issuer));
         }
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedTrustManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedTrustManager.java
deleted file mode 100644
index b3d06200e..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedTrustManager.java
+++ /dev/null
@@ -1,79 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores;
-
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.X509ExtendedTrustManager;
-import java.net.Socket;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-
-/**
- * currently not in use, we will use the https hostname verification instead
- *
- * A custom X509ExtendedTrustManager for hostname verification and algorithm constraints,
- * which is an application protocol task and avoids Man-In-The-Middle Attacks
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class CustomX509ExtendedTrustManager extends X509ExtendedTrustManager {
-    /*
-    * verifying that the certificate itself can be trusted (RFC 3280/5280) and verifying the identity in the certificate (RFC 6125, or RFC 2818 for HTTPS)
-    * https://tersesystems.com/blog/2014/03/23/fixing-hostname-verification/
-    * https://tools.ietf.org/html/rfc6125
-    * https://tools.ietf.org/search/rfc6125
-    *
-    *
-    * sslParams.setEndpointIdentificationAlgorithm("HTTPS"); //makes identity verification in the ssl context
-    *
-    *
-    * If the socket parameter is an instance of SSLSocket, and the endpoint identification algorithm of the
-    * SSLParameters is non-empty, to prevent man-in-the-middle attacks, the address that the socket connected to
-    * should be checked against the peer's identity presented in the end-entity X509 certificate, as specified in
-    * the endpoint identification algorithm.
-    *
-    *
-    * If the socket parameter is an instance of SSLSocket, and the algorithm constraints of the SSLParameters is
-    * non-null, for every certificate in the certification path, fields such as subject public key, the signature
-    * algorithm, key usage, extended key usage, etc. need to conform to the algorithm constraints in place on this
-    * socket.*/
-
-    private X509ExtendedTrustManager delegate;
-
-    public CustomX509ExtendedTrustManager(X509ExtendedTrustManager delegate){
-        this.delegate = delegate;
-    }
-
-    @Override
-    public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {
-        delegate.checkClientTrusted(x509Certificates, s, socket);
-    }
-
-    @Override
-    public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) throws CertificateException {
-        delegate.checkServerTrusted(x509Certificates, s, socket);
-    }
-
-    @Override
-    public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {
-        delegate.checkClientTrusted(x509Certificates, s, sslEngine);
-    }
-
-    @Override
-    public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) throws CertificateException {
-        delegate.checkServerTrusted(x509Certificates, s, sslEngine);
-    }
-
-    @Override
-    public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
-        delegate.checkClientTrusted(x509Certificates, s);
-    }
-
-    @Override
-    public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException {
-        delegate.checkServerTrusted(x509Certificates, s);
-    }
-
-    @Override
-    public X509Certificate[] getAcceptedIssuers() {
-        return delegate.getAcceptedIssuers();
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index d218c6e56..9863ba390 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -1,5 +1,6 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores;
 
+import java.util.Date;
 import javax.net.ssl.*;
 import java.io.IOException;
 import java.io.InputStream;
@@ -33,10 +34,23 @@ public static TrustManager[] getX509ExtTrustManager(
             final TrustManagerFactory trustManagerFactory =
                     TrustManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
 
-            /* filterTrustAnchors for validation
+            /*
+             *  The following code will filter the certificates from the trustStore by the
+             *  revocation date. Only certificates that consist validity of at least one remaining
+             *  day will be accepted
+             *
+             * //toDo not working yet because root certificates do not have CRL and OSCP links for
+             *    revocation checks..
+             *
+            // filterTrustAnchors for validation, at least one day valid
+            Date validityDate = new Date();
+            validityDate.setTime(validityDate.getTime() + 86400000);
+
+            PKIXBuilderParameters pkixParamBuilder = filterTrustAnchors(trustStore, validityDate);
             ManagerFactoryParameters trustParams =
-                    new CertPathTrustManagerParameters(filterTrustAnchors(trustStore));
+                    new CertPathTrustManagerParameters(pkixParamBuilder);
             trustManagerFactory.init(trustParams);*/
+
             trustManagerFactory.init(trustStore);
             myTrustManager = trustManagerFactory.getTrustManagers();
 
@@ -44,7 +58,6 @@ public static TrustManager[] getX509ExtTrustManager(
             //allow only X509 Authentication
             if (myTrustManager.length == 1 && myTrustManager[0] instanceof X509ExtendedTrustManager) {
                 //toDo algorithm constraints
-                //hostname verification is currently done by using https identification protocol
                 return myTrustManager;
             } else {
                 throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(myTrustManager));
@@ -118,7 +131,7 @@ public static Key getKey(
         }
     }
 
-    private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore)
+    private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore, Date validityUntilDate)
             throws KeyStoreException, InvalidAlgorithmParameterException {
         PKIXParameters params = new PKIXParameters(keyStore);
 
@@ -130,7 +143,7 @@ private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore)
                 myTrustAnchors.stream().filter(
                         ta -> {
                             try {
-                                ta.getTrustedCert().checkValidity(/* toDo expiration date*/);
+                                ta.getTrustedCert().checkValidity(validityUntilDate);
                             } catch (CertificateException e) {
                                 return false;
                             }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java
new file mode 100644
index 000000000..e36fc2d10
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java
@@ -0,0 +1,110 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel;
+
+import java.security.cert.Certificate;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Date;
+import java.util.List;
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.SSLSession;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * A class for verifying an established TLS Session on application layer
+ *
+ * @author Leon Beckmann (leon.beckmannn@aisec.fraunhofer.de)
+ */
+public class TlsSessionVerificationHelper {
+  private static final Logger LOG = LoggerFactory.getLogger(TlsSessionVerificationHelper.class);
+
+  /*
+   * Returns true if the ssl session is valid and the remote host can be trusted
+   *
+   * Due to the fact, that hostname verification is not specified in the secure socket layer,
+   * we have to check if the connected hostname matches to the subject of the peer certificate to
+   * avoid Man-In-The-Middle Attacks.
+   *
+   * Further we check the peer certificate validity to avoid the case that some of the certificates
+   * in our local trust_store are not valid anymore and allow a peer connector to connect with an
+   * expired certificate
+   */
+  public static boolean verifyTlsSession(SSLSession sslSession) {
+
+    LOG.debug("Connected to {}:{}", sslSession.getPeerHost(), sslSession.getPeerPort());
+    try {
+      Certificate[] certificates = sslSession.getPeerCertificates();
+
+      if (certificates.length != 1) {
+        LOG.warn("Unexpected number of certificates");
+        return false;
+      }
+      X509Certificate peerCert = (X509Certificate) certificates[0];
+
+      //check hostname verification
+      Collection<List<?>> sans = peerCert.getSubjectAlternativeNames();
+      if (sans == null) {
+        LOG.warn("No Subject alternative names for hostname verification provided");
+        return false;
+      }
+
+      ArrayList<String> hostNames = new ArrayList<>();
+
+      for (List<?> subjectAltName : sans) {
+        if (subjectAltName.size() != 2) {
+          continue;
+        }
+        Object value = subjectAltName.get(1);
+        switch ((Integer)subjectAltName.get(0)) {
+          case 2: //DNS_NAME
+          case 7: //IP_ADDRESS
+            if (value instanceof String) {
+              hostNames.add((String)value);
+            } else if (value instanceof byte[]) {
+              hostNames.add(new String((byte[]) value));
+            }
+            break;
+          case 0: //OTHER_NAME - Not Supported
+          case 1: //RFC_822_Name - Not Supported
+          case 3: //X400_ADDRESS - Not Supported
+          case 4: //DIRECTORY_NAME - Not Supported
+          case 5: //EDI_PARTY_NAME - Not supported
+          case 6: //URI - Not Supported
+          case 8: //REGISTERED_ID - Not Supported
+          default: //unspecified General Name - should never happen
+            break;
+        }
+      }
+
+      //toDo localhost is matched manually to 127.0.0.1 for testing.. a matching file ip <-> dns
+      // would be nicer in the future
+      if (hostNames.contains("localhost")) {
+        hostNames.add("127.0.0.1");
+      }
+
+      if (!hostNames.contains(sslSession.getPeerHost())) {
+        LOG.warn("Hostname verification failed. Peer certificate does not belong to peer host");
+        return false;
+      }
+
+      //check certificate validity for now and at least one day
+      Date oneDay = new Date();
+      oneDay.setTime(oneDay.getTime() + 86400000);
+
+      peerCert.checkValidity();
+      peerCert.checkValidity(oneDay);
+
+    } catch (SSLPeerUnverifiedException | CertificateParsingException |
+        CertificateNotYetValidException | CertificateExpiredException e) {
+      LOG.warn("TLS Session Verification failed", e);
+      return false;
+    }
+
+    return true;
+  }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index 1c9f7400c..4a40f885f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -1,15 +1,10 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
 import java.io.DataInputStream;
 import java.io.EOFException;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.SocketTimeoutException;
-import java.util.ArrayList;
 
 /**
  * A simple Listener thread that listens to an input stream and notifies all listeners when new data were received
@@ -42,8 +37,6 @@ public void run(){
                 this.listener.onMessage(buf);
             } catch (SocketTimeoutException ignore) {
                 //timeout to catch safeStop() call
-                //alternative: close socket / InputStream and catch exception SocketException
-
             } catch (EOFException e){
                 listener.onClose();
                 running = false; //terminate
@@ -59,7 +52,7 @@ public void register(DataAvailableListener listener) {
         this.listener = listener;
     }
 
-    
+
     @Override
     public void safeStop() {
         this.running = false;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 93c85f7a0..eef139675 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -2,6 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsSessionVerificationHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
@@ -91,9 +92,9 @@ public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback)
         SSLParameters sslParameters = sslSocket.getSSLParameters();
         sslParameters.setUseCipherSuitesOrder(false); //use server priority order
         sslParameters.setNeedClientAuth(true);
-        sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.2
+        sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.3
         sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher
-        sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
+        //sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); is done in application layer
         sslSocket.setSSLParameters(sslParameters);
         LOG.debug("TLS Client was initialized successfully");
     }
@@ -200,14 +201,22 @@ public boolean isConnected(){
         return clientSocket != null && clientSocket.isConnected();
     }
 
-    public SSLSession getSslSession() {
-        return ((SSLSocket)clientSocket).getSession();
-    }
-
     @Override
     public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
         //start receiving listener after TLS Handshake was successful
-        LOG.debug("TLS Handshake was successful. Starting input listener thread");
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("TLS Handshake was successful");
+        }
+
+        // verify tls session on application layer: hostname verification, certificate validity
+        if (!TlsSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession())) {
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("TLS session is not valid. Close TLS connection");
+            }
+            disconnect();
+            callback.secureChannelConnectHandler(null);
+            return;
+        }
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
         listenerLatch.countDown();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index 5b0cebd24..10a07ba8c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -85,9 +85,6 @@ public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback configCallback,
         sslParameters.setNeedClientAuth(true); //client must authenticate
         sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.3
         sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher suite
-        //FIXME uncomment hostname identification, this is deactivated because the client uses a certificate of an
-        // other identity in the examples at the moment
-        //sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); //use https for hostname verification
         sslServerSocket.setSSLParameters(sslParameters);
         LOG.debug("TLS server was initialized successfully");
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index 2aaecad0d..768a0281f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -1,17 +1,16 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
 
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsSessionVerificationHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
-import javax.net.ssl.SSLHandshakeException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.net.ssl.HandshakeCompletedEvent;
 import javax.net.ssl.HandshakeCompletedListener;
-import javax.net.ssl.SSLException;
 import javax.net.ssl.SSLSocket;
 import java.io.*;
 import java.net.SocketTimeoutException;
@@ -51,6 +50,7 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
     private IDSCPv2Callback configCallback;  //no race conditions
     private IdscpConnectionListener idscpServerCallback; //no race conditions
     private CountDownLatch listenerLatch = new CountDownLatch(1);
+    private CountDownLatch tlsVerificationLatch = new CountDownLatch(1);
 
 
     TLSServerThread(SSLSocket sslSocket, IDSCPv2Callback configCallback, IdscpConnectionListener idscpServerCallback){
@@ -76,8 +76,17 @@ public void run(){
         // the thread would wait forever in onError() until handshakeCompleteListener is called
         try {
             sslSocket.startHandshake();
+            //wait for tls session verification
+            while (true) {
+                try {
+                    tlsVerificationLatch.await();
+                    break;
+                } catch (InterruptedException e) {
+                    Thread.currentThread().interrupt();
+                }
+            }
         } catch (IOException e) {
-            LOG.warn("SSLHandshakeException occurred. Quit server session");
+            LOG.warn("SSLHandshakeException occurred. Quit server session", e);
             running = false;
         }
 
@@ -90,11 +99,8 @@ public void run(){
                 in.readFully(buf, 0, len);
                 onMessage(buf);
 
-            } catch (SocketTimeoutException e) {
+            } catch (SocketTimeoutException ignore) {
                 //timeout catches safeStop() call and allows to send server_goodbye
-                //alternative: close sslSocket and catch SocketException
-                //continue
-
             } catch (EOFException e){
                 onClose();
                 running = false;
@@ -178,7 +184,24 @@ public boolean isConnected() {
 
     @Override
     public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
-        LOG.debug("TLS handshake was successful");
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("TLS Handshake was successful");
+        }
+
+        // verify tls session on application layer: hostname verification, certificate validity
+        if (!TlsSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession())) {
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("TLS session is not valid. Close TLS connection");
+            }
+            running = false; //set running false before tlsVerificationLatch is decremented
+            tlsVerificationLatch.countDown();
+            return;
+        } else {
+            LOG.debug("TLS session is valid");
+            tlsVerificationLatch.countDown();
+        }
+
+
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
         listenerLatch.countDown();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index e076095cc..aa6dc128f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -62,9 +62,6 @@ enum FSM_STATE {
     public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
                String[] localSupportedRatSuite, String[] localExpectedRatSuite, int ratTimeout){
 
-        this.secureChannel = secureChannel;
-        secureChannel.setFsm(this);
-
 
         /* ------------- Timeout Handler Routines ------------*/
         Runnable handshakeTimeoutHandler = () -> {
@@ -106,6 +103,9 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
 
         //set initial state
         currentState = states.get(FSM_STATE.STATE_CLOSED);
+
+        this.secureChannel = secureChannel;
+        secureChannel.setFsm(this);
     }
 
     private void checkForFsmCircles() {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
index 5b10bbd33..077ecfaac 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
@@ -40,7 +40,7 @@ public StateClosed(FSM fsm,
                     if (!fsm.sendFromFSM(idscpHello)) {
                       LOG.error("Cannot send IdscpHello. Close connection");
                       runEntryCode(fsm);
-                      onMessageLock.notifyAll();
+                      onMessageLock.signalAll();
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 

From 835abb94395fcc00df076e357a7cdeea86a57334 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Sun, 29 Mar 2020 14:22:32 +0200
Subject: [PATCH 060/237] Add full comments to IDSCP Core and Driver Interfaces

---
 .../aisec/ids/idscp2/IDSCPv2Initiator.java    |  23 +-
 .../idscp2/drivers/interfaces/DapsDriver.java |   8 +
 .../drivers/interfaces/RatProverDriver.java   |  18 +-
 .../drivers/interfaces/RatVerifierDriver.java |  18 +-
 .../interfaces/SecureChannelDriver.java       |  23 +-
 .../drivers/interfaces/SecureServer.java      |  14 +-
 .../idscp2/idscp_core/IDSCPv2Connection.java  |  22 +-
 .../idscp_core/IdscpMessageFactory.java       |   6 +-
 .../idscp2/idscp_core/IdscpMsgListener.java   |  13 +-
 .../configuration/AttestationConfig.java      |   3 +-
 .../configuration/IDSCPv2Callback.java        |  28 ++-
 .../configuration/IDSCPv2Configuration.java   |  41 ++--
 .../configuration/IDSCPv2Settings.java        |   3 +-
 .../finite_state_machine/Event.java           |  23 +-
 .../idscp_core/finite_state_machine/FSM.java  | 228 +++++++++++++++---
 .../finite_state_machine/FsmListener.java     |  33 ++-
 .../InternalControlMessage.java               |   6 +
 .../finite_state_machine/State.java           |  21 +-
 .../finite_state_machine/StateClosed.java     |  12 +-
 .../StateEstablished.java                     |   6 +
 .../StateWaitForDatAndRat.java                |   7 +
 .../StateWaitForDatAndRatVerifier.java        |   8 +
 .../StateWaitForHello.java                    |  10 +-
 .../finite_state_machine/StateWaitForRat.java |   7 +
 .../StateWaitForRatProver.java                |   6 +
 .../StateWaitForRatVerifier.java              |   6 +
 .../finite_state_machine/Timer.java           |  12 +
 .../finite_state_machine/TimerThread.java     |  25 +-
 .../finite_state_machine/Transition.java      |   5 +-
 .../idscp_server/IDSCPv2Server.java           |  30 ++-
 .../idscp_server/IdscpConnectionListener.java |  12 +
 .../rat_registry/RatProverDriverRegistry.java |  34 ++-
 .../RatVerifierDriverRegistry.java            |  28 +++
 .../secure_channel/SecureChannel.java         |  25 +-
 .../secure_channel/SecureChannelEndpoint.java |  29 ++-
 .../secure_channel/SecureChannelListener.java |  15 ++
 36 files changed, 654 insertions(+), 154 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
index 23994ca47..7ff21c26d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
@@ -3,20 +3,25 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
 
 /**
- * An interface for the IDSCPv2Initiator class, that implements callback functions that notifies the user about
- * new connections, errors and closed connections
- *
- * Developer API
- *
- * Methods:
- * void onConnect(IDSCPv2Connection)                    to notify the user a new connection was created
- * void errorHandler(String error)                      to notify the user about an error occurred
- * void connectionClosedHandler(String connectionId)    to notify the user about connection was closed
+ * An interface for the IDSCPv2Initiator class, that implements callback functions that notifies
+ * the user about new connections, errors and closed connections
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface IDSCPv2Initiator {
+
+    /*
+     * Called when a new connection is established
+     */
     void newConnectionHandler(IDSCPv2Connection connection);
+
+    /*
+     * Called when an error occurred in the underlying IDSCPv2 protocol
+     */
     void errorHandler(String error);
+
+    /*
+     * Called when a connection with the given connectionID was closed
+     */
     void connectionClosedHandler(String connectionId);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
index 4ae55525d..2fa4351ce 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
@@ -6,6 +6,14 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface DapsDriver {
+
+    /*
+     * Receive a token from the DapsDriver
+     */
     byte[] getToken();
+
+    /*
+     * Verify a Daps token
+     */
     long verifyToken(byte[] dat, Object securityRequirements);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
index fdcdc2d84..581d81d65 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
@@ -1,20 +1,30 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+/**
+ * An abstract RatProverDriver class that creates a rat prover driver thread and proves itself to
+ * the peer connector using remote attestation
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public abstract class RatProverDriver extends Thread{
     private static final Logger LOG = LoggerFactory.getLogger(RatProverDriver.class);
 
     protected boolean running = true;
     protected FsmListener fsmListener;
-    protected boolean successful = false;
-    protected final Object resultAvailableLock = new Object();
 
-    public void delegate(IDSCPv2.IdscpMessage message){}
+    /*
+     * Delegate an IDSCPv2 message to the RatProver driver
+     */
+    public void delegate(IdscpMessage message){}
 
+    /*
+     * Terminate and cancel the RatProver driver
+     */
     public void terminate() {
         running = false;
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
index 406748aa8..254a97642 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
@@ -1,20 +1,30 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+/**
+ * An abstract RatVerifierDriver class that creates a rat verifier driver thread and verifier the
+ * peer connector using remote attestation
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public abstract class RatVerifierDriver extends Thread{
     private static final Logger LOG = LoggerFactory.getLogger(RatVerifierDriver.class);
 
     protected boolean running = true;
     protected FsmListener fsmListener;
-    protected boolean successful = false;
-    protected final Object resultAvailableLock = new Object();
 
-    public void delegate(IDSCPv2.IdscpMessage message){}
+    /*
+     * Delegate the IDSCPv2 message to the RatVerifier driver
+     */
+    public void delegate(IdscpMessage message){}
 
+    /*
+     * Terminate and cancel the RatVerifier driver
+     */
     public void terminate() {
         running = false;
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
index a480d075e..2ea75dcd4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
@@ -5,24 +5,21 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
 
 /**
- * An interface for the IDSCPv2 SecureChannelDriver class, that implements a connect() function for IDSCPv2 clients and
- * a listen() function for IDSCPv2 servers
- *
- * Developer API
- *
- * Methods:
- * void connect(IDSCPv2Settings, IDSCPv2Callback)         to create an IDSCPv2 connection to the host from the settings
- *                                                        registers a callback for errors and return of a secure channel
- *
- * SecureServer listen(IDSCPv2Settings, IDSCPv2Callback, IdscpConnectionListener)
- *
- * to create an IDSCPv2 server configured by the IDSCPv2 settings registers callbacks
- * for errors and new incoming connections
+ * An interface for the IDSCPv2 SecureChannelDriver class, that implements a connect() function
+ * for IDSCPv2 clients and a listen() function for IDSCPv2 servers to connect the underlying layer
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface SecureChannelDriver {
+
+    /*
+     * Asynchronous method to create a secure connection to a secure server
+     */
     void connect(IDSCPv2Settings settings, IDSCPv2Callback configCallback);
+
+    /*
+     * Starting a secure server
+     */
     SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback configCallback,
                         IdscpConnectionListener idscpServerCallback);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
index 86ab13a90..260439be5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
@@ -3,15 +3,17 @@
 /**
  * An interface for the IDSCPv2 Secure Server
  *
- * Developer API
- *
- * Methods:
- * void safeStop()          to terminate the server
- * boolean isRunning()      to check if the server is running
- *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface SecureServer {
+
+    /*
+     * Terminate the secure server
+     */
     void safeStop();
+
+    /*
+     * Check if the secure server is running
+     */
     boolean isRunning();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
index 09e419e6e..ad26a3428 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
@@ -2,24 +2,14 @@
 
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
-import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.util.Arrays;
 
 /**
- * The IDSCPv2 Connection class
- *
- * User/Developer API:
- *
- * Methods:
- * void close()             to close an IDSCP connection
- * void send(IdscpMessage)  to send an idscp message to the other idscp endpoint
- * void onMessage()         to receive an asynchronous message from the other idscp endpoint
- * boolean isConnected()    to check if the idscp connection is still open
+ * The IDSCPv2 Connection class holds connections between connectors
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -38,13 +28,20 @@ public IDSCPv2Connection(FSM fsm, String connectionId, IDSCPv2Initiator user, Id
         this.server = server;
     }
 
+    /*
+     * Close the idscp connection
+     */
     public void close() {
+        // unregister connection from the idscp server
         if (server != null) {
             server.connectionClosedHandler(connectionId);
         }
         fsm.terminate();
     }
 
+    /*
+     * Send data to the peer idscp connector
+     */
     public void send(byte[] msg) {
         LOG.debug("Send idscp message");
         fsm.send(IdscpMessageFactory.getIdscpDataMessage(msg));
@@ -64,6 +61,9 @@ public void onClose() {
         }
     }
 
+    /*
+     * Check if the idscp connection is currently established
+     */
     public boolean isConnected() {
         return fsm.isConnected();
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
index f565a3f7f..ae951d00e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
@@ -2,9 +2,13 @@
 
 import com.google.protobuf.ByteString;
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
-
 import java.util.Arrays;
 
+/**
+ * A factory for creating IDSCPv2 messages
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class IdscpMessageFactory {
 
     public static IdscpMessage getIdscpHelloMessage(byte[] dat, String[] supportedRatSuite, String[] expectedRatSuite){
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
index 1171fdec1..37ed40008 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
@@ -1,8 +1,17 @@
 package de.fhg.aisec.ids.idscp2.idscp_core;
 
-import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
-
+/**
+ * An interface for an IDSCP message listener
+ */
 public interface IdscpMsgListener {
+
+    /*
+     * notify the listener about new data via idscp
+     */
     void onMessage(byte[] data);
+
+    /*
+     * notify the listener that the idscp connection was closed
+     */
     void onClose();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
index 9c7a30457..fbb1214c8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
@@ -1,7 +1,8 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
 /**
- * Attestation configuration class, containing attestation suite for supported / expected attestation types
+ * Attestation configuration class, containing attestation suite for supported / expected
+ * attestation types
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
index 230f571c0..91bc2923b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
@@ -4,20 +4,24 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 
 /**
- * An callback interface, that implements callback functions that notifies about new secureChannels, errors and closed
- * connections
- *
- * Developer API
- *
- * Methods:
- * void secureChannelConnectHandler(SecureChannel)      to notify the client about a new secure channel
- * void secureChannelListenHandler(SecureChannel, IdscpConnectionListener) to notify the server about new secureChannel
- * void connectionClosedHandler(String connectionId)    to notify listener about connection was closed
+ * An callback interface that implements callback functions that notifies about new
+ * secureChannels
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface IDSCPv2Callback {
+
+    /*
+     * Notify the client about a new secure channel
+     */
     void secureChannelConnectHandler(SecureChannel secureChannel);
-    void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnectionListener idscpServer);
-    void connectionClosedHandler(String connectionId);
-}
+
+    /*
+     * Notify the server about new secureChannel
+     */
+    void secureChannelListenHandler(
+        SecureChannel secureChannel,
+        IdscpConnectionListener idscpServer
+    );
+
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
index 8b04db0df..d9b06300f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -10,19 +10,11 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-
 import java.util.UUID;
 
 /**
  * IDSCPv2Configuration class, provides IDSCPv2 API to the User (IDSCPv2Initiator)
  *
- * User API
- *
- * Methods:
- * void connect(IDSCPv2Settings)                    initiate idscpv2 connect to host from settings
- * SecureServer listen(IDSCPv2Settings)             initiate creation of a
- * void secureChannelConnectHandler(SecureChannel)
- *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class IDSCPv2Configuration implements IDSCPv2Callback {
@@ -51,11 +43,18 @@ public IDSCPv2Configuration(IDSCPv2Initiator initiator,
         this.ratTimeout = ratTimeout;
     }
 
+    /*
+     * User API to create a IDSCPv2 connection as a client
+     */
     public void connect(IDSCPv2Settings settings){
         LOG.info("Connect to an idscpv2 server ({})", settings.getHost());
         secureChannelDriver.connect(settings, this);
     }
 
+    /*
+     * User API to create a new IDSCPv2 Server that starts a Secure Server that listens to new
+     * secure channels
+     */
     public IDSCPv2Server listen(IDSCPv2Settings settings) throws IDSCPv2Exception {
         LOG.info("Starting new IDSCPv2 server at port {}", settings.getServerPort());
 
@@ -70,6 +69,16 @@ public IDSCPv2Server listen(IDSCPv2Settings settings) throws IDSCPv2Exception {
         return idscpServer;
     }
 
+    /*
+     * A callback implementation to receive a new established secure channel from an Secure client
+     *
+     * If the secure channel is null, no secure channel was established and an error is provided
+     * to the user
+     *
+     * If the secure channel was established, a new FSM is created for this connection and the
+     * IDSCPv2 handshake is started. After a successful handshake, a new IDSCPv2Connection is
+     * created and provided to the user
+     */
     @Override
     public void secureChannelConnectHandler(SecureChannel secureChannel) {
         if (secureChannel == null){
@@ -94,6 +103,16 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
         }
     }
 
+    /*
+     * A callback implementation to receive a new established secure channel from an Secure server
+     *
+     * If the secure channel is null, no secure channel was established and the result will be
+     * ignored
+     *
+     * If the secure channel was established, a new FSM is created for this connection and the
+     * IDSCPv2 handshake is started. After a successful handshake, a new IDSCPv2Connection is
+     * created and provided to the user and the IDSCPv2 server
+     */
     @Override
     public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnectionListener idscpServer) {
         if (secureChannel != null){
@@ -118,10 +137,4 @@ public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnect
             LOG.warn("An incoming idscpv2 client connection request failed because no secure channel was established");
         }
     }
-
-    @Override
-    public void connectionClosedHandler(String connectionId) {
-        LOG.info("IDSCPv2 connection with id {} has been closed", connectionId);
-        user.connectionClosedHandler(connectionId);
-    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
index 554764686..963d19251 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
@@ -4,7 +4,8 @@
 import org.checkerframework.checker.units.qual.A;
 
 /**
- * IDSCPv2 configuration class, containing information about keyStore and TrustStores, Attestation Types, host, ...
+ * IDSCPv2 configuration class, contains information about keyStore and TrustStores,
+ * Attestation Types, host, DAPS, ...
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
index f4c42d814..e8a2559e6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
@@ -5,10 +5,10 @@
 import javax.swing.*;
 
 /**
- * An Event class for the Finite State Machine. Triggers a transition and holds either an idscpMessage or an
- * InternalControlMessage.
+ * An Event class for the Finite State Machine. Triggers a transition and holds
+ * either an IdscpMessage or an InternalControlMessage, or both in special cases.
  *
- * @author Leon Beckmann leon.beckmann@aisec.fraunhofer.de
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class Event {
     public enum EventType {
@@ -21,6 +21,9 @@ public enum EventType {
     private IdscpMessage idscpMessage;
     private InternalControlMessage controlMessage;
 
+    /*
+     * Create an Event with an Internal Control Message
+     */
     public Event(InternalControlMessage controlMessage){
         this.key = controlMessage.getValue();
         this.type = EventType.INTERNAL_CONTROL_MESSAGE;
@@ -28,6 +31,9 @@ public Event(InternalControlMessage controlMessage){
         this.idscpMessage = null;
     }
 
+    /*
+     * Create an Event with an Idscpv2 Message
+     */
     public Event (IdscpMessage idscpMessage){
         this.key = idscpMessage.getMessageCase().getNumber();
         this.type = EventType.IDSCP_MESSAGE;
@@ -35,7 +41,11 @@ public Event (IdscpMessage idscpMessage){
         this.controlMessage = null;
     }
 
-    //for outgoing ratProver and ratVerifier messages
+    /*
+     * Create a event for outgoing RatProver and RatVerifier messages
+     *
+     * throws an IllegalStateException if this event is requested for other purposes
+     */
     public Event (InternalControlMessage controlMessage, IdscpMessage idscpMessage){
         if (controlMessage.equals(InternalControlMessage.RAT_PROVER_MSG) ||
                 controlMessage.equals(InternalControlMessage.RAT_VERIFIER_MSG))
@@ -45,11 +55,14 @@ public Event (InternalControlMessage controlMessage, IdscpMessage idscpMessage){
             this.idscpMessage = idscpMessage;
             this.controlMessage = controlMessage;
         } else {
-            throw new IllegalStateException("This constructor must only be by RAT_PROVER and " +
+            throw new IllegalStateException("This constructor must only be used by RAT_PROVER and " +
                     "RAT_VERIFIER for message passing");
         }
     }
 
+    //
+    // Getter methods
+    //
 
     public Object getKey() {
         return key;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index aa6dc128f..9ce383215 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -3,12 +3,10 @@
 import com.google.protobuf.InvalidProtocolBufferException;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import de.fhg.aisec.ids.messages.IDSCPv2;
 import de.fhg.aisec.ids.messages.IDSCPv2.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -18,6 +16,16 @@
 import java.util.concurrent.locks.Condition;
 import java.util.concurrent.locks.ReentrantLock;
 
+/**
+ * The finite state machine FSM of the IDSCPv2 protocol
+ *
+ * Manages IDSCPv2 Handshake, Re-Attestation, DAT-ReRequest and DAT-Re-Validation. Delivers
+ * Internal Control Messages and Idscpv2Messages to the target receivers,
+ * creates and manages the states and its transitions and implements security restriction to protect
+ * the protocol against misuse and faulty, insecure or evil driver implementations.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class FSM implements FsmListener{
     private static final Logger LOG = LoggerFactory.getLogger(FSM.class);
 
@@ -38,26 +46,62 @@ enum FSM_STATE {
     private State currentState;
     /*  ----------------   end of states   --------------- */
 
-    private SecureChannel secureChannel;
+    private SecureChannel secureChannel; //secure underlying channel
 
     private RatProverDriver ratProverDriver;
     private RatVerifierDriver ratVerifierDriver;
-    private String currentRatProverId; //avoid messages from old provers
-    private String currentRatVerifierId; //avoid messages from old verifiers
-    private String proverMechanism = null;
-    private String verifierMechanism = null;
 
+    /*
+     * RAT Driver Thread ID to identify the driver threads and check if messages are provided by
+     * the current active driver or by any old driver, whose lifetime is already over
+     *
+     * Only one driver can be valid at a time
+     */
+    private String currentRatProverId; //avoid messages from old prover drivers
+    private String currentRatVerifierId; //avoid messages from old verifier drivers
+
+    /*
+     * RAT Mechanisms, calculated during handshake in WAIT_FOR_HELLO_STATE
+     */
+    private String proverMechanism = null; //RAT prover mechanism
+    private String verifierMechanism = null; //RAT Verifier mechanism
+
+    /*
+     * The idscp message listener, that should receive the IDSCPv2 messages from the fsm
+     * And a listener latch to ensure that the listener is available and the message does not get
+     * lost
+     */
     private IdscpMsgListener listener = null;
     private final CountDownLatch listenerLatch = new CountDownLatch(1);
-    private final ReentrantLock fsmIsBusy = new ReentrantLock(true); //use a fair synchronization lock (FIFO)
+
+    /*
+     * A FIFO-fair synchronization lock for the finite state machine
+     */
+    private final ReentrantLock fsmIsBusy = new ReentrantLock(true);
+
+    /*
+     * A condition to ensure no idscp messages can be provided by the secure channel to the fsm
+     * before the handshake was started
+     */
     private final Condition onMessageBlock = fsmIsBusy.newCondition();
+
+    /*
+     * A condition for the dscpv2 handshake to wait until the handshake was successful and the
+     * connection is established or the handshake failed and the fsm is locked forever
+     */
     private final Condition idscpHandshakeLock = fsmIsBusy.newCondition();
     private boolean handshakeResultAvailable = false;
+
+    /*
+     * Check if FSM is closed forever
+     */
     private boolean fsmIsClosed = false;
 
+    /* ---------------------- Timer ---------------------- */
     private Timer datTimer;
     private Timer ratTimer;
     private Timer handshakeTimer;
+    /*  ----------------   end of Timer   --------------- */
 
     public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
                String[] localSupportedRatSuite, String[] localExpectedRatSuite, int ratTimeout){
@@ -84,6 +128,7 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
         this.ratTimer = new Timer(fsmIsBusy, ratTimeoutHandler);
         /* ------------- end timeout routines ------------- */
 
+        /* ------------- FSM STATE Initialization -------------*/
         states.put(FSM_STATE.STATE_CLOSED, new StateClosed(this, dapsDriver, onMessageBlock,
                 localSupportedRatSuite, localExpectedRatSuite));
         states.put(FSM_STATE.STATE_WAIT_FOR_HELLO, new StateWaitForHello(this,
@@ -104,6 +149,7 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
         //set initial state
         currentState = states.get(FSM_STATE.STATE_CLOSED);
 
+        //register fsm to the secure channel for bi-directional communication between fsm and sc
         this.secureChannel = secureChannel;
         secureChannel.setFsm(this);
     }
@@ -120,7 +166,7 @@ private void checkForFsmCircles() {
         //
         // Example:
         // Thread A stuck within a transition t1 that calls a function that calls
-        // onControlMessage(InternalError). Then the error is handled in the current state
+        // onControlMessage(InternalError). Then the error is handled in the current
         // state and the fsm will switch into state STATE_CLOSED and close all resources.
         //
         // Afterwards, the thread will continue the old transition t1 that might use some of the
@@ -134,13 +180,20 @@ private void checkForFsmCircles() {
         }
     }
 
+    /*
+     * Get a new IDSCPv2 Message from the secure channel and provide it as an event to the fsm
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     */
     @Override
     public void onMessage(byte[] data){
 
         //check for incorrect usage
         checkForFsmCircles();
 
-        //parse message and create new IDSCP Message Event, then pass it to current state and update new state
+        //parse message and create new IDSCP Message event, then pass it to current state and
+        // update new state
         IdscpMessage message;
         try {
             message = IdscpMessage.parseFrom(data);
@@ -150,7 +203,8 @@ public void onMessage(byte[] data){
         }
 
         Event event = new Event(message);
-        //must wait when fsm is in state STATE_CLOSED --> wait() will be notified when fsm is leaving STATE_CLOSED
+        //must wait when fsm is in state STATE_CLOSED --> wait() will be notified when fsm is
+        // leaving STATE_CLOSED
         fsmIsBusy.lock();
         try {
             while (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))){
@@ -169,9 +223,11 @@ public void onMessage(byte[] data){
         } finally {
             fsmIsBusy.unlock();
         }
-
     }
 
+    /*
+     * An internal control message (ICM) occurred, provide it to the fsm as an event
+     */
     private void onControlMessage(InternalControlMessage controlMessage) {
         //create Internal Control Message Event and pass it to current state and update new state
         Event e = new Event(controlMessage);
@@ -184,6 +240,17 @@ private void onControlMessage(InternalControlMessage controlMessage) {
         }
     }
 
+    /*
+     * API for RatProver to provide Prover Messages to the fsm
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     *
+     * Afterwards the event for the fsm is created and the fsm lock is requested
+     *
+     * When the RatProverThread does not match the active prover tread id, the event will be
+     * ignored, else the event is provided to the fsm
+     */
     @Override
     public void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage) {
 
@@ -210,6 +277,17 @@ public void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessa
         }
     }
 
+    /*
+     * API for RatVerifier to provide Verifier Messages to the fsm
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     *
+     * Afterwards the event for the fsm is created and the fsm lock is requested
+     *
+     * When the RatVerifierDriver does not match the active verifier tread id, the event will be
+     * ignored, else the event is provided to the fsm
+     */
     @Override
     public void onRatVerifierMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage) {
 
@@ -236,6 +314,9 @@ public void onRatVerifierMessage(InternalControlMessage controlMessage, IdscpMes
         }
     }
 
+    /*
+     * Feed the event to the current state and execute the runEntry method if the state has changed
+     */
     private void feedEvent(Event event){
         State prevState = currentState;
         currentState = currentState.feedEvent(event);
@@ -245,6 +326,12 @@ private void feedEvent(Event event){
         }
     }
 
+    /*
+     * API to terminate the idscp connection by the user
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     */
     public void terminate(){
 
         //check for incorrect usage
@@ -256,6 +343,12 @@ public void terminate(){
         secureChannel.close();
     }
 
+    /*
+     * API for the user to start the IDSCPv2 handshake
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     */
     public void startIdscpHandshake() throws IDSCPv2Exception {
 
         //check for incorrect usage
@@ -291,11 +384,20 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
         }
     }
 
+    /*
+     * Send idscp data from the fsm via the secure channel to the peer
+     */
     boolean sendFromFSM(IdscpMessage msg){
         //send messages from fsm
         return secureChannel.send(msg.toByteArray());
     }
 
+    /*
+     * Provide an Internal Control Message to the FSM
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     */
     @Override
     public void onError(){
 
@@ -305,6 +407,12 @@ public void onError(){
         onControlMessage(InternalControlMessage.ERROR);
     }
 
+    /*
+     * Provide an Internal Control Message to the FSM, caused by a secure channel closure
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     */
     @Override
     public void onClose(){
 
@@ -314,6 +422,9 @@ public void onClose(){
         onControlMessage(InternalControlMessage.ERROR);
     }
 
+    /*
+     * Send idscp message from the User via the secure channel
+     */
     public void send(IdscpMessage msg){
         //send messages from user only when idscp connection is established
         fsmIsBusy.lock();
@@ -331,15 +442,24 @@ public void send(IdscpMessage msg){
         }
     }
 
+    /*
+     * Check if FSM is in STATE ESTABLISHED
+     */
     public boolean isConnected(){
         return currentState.equals(states.get(FSM_STATE.STATE_ESTABLISHED));
     }
 
+    /*
+     * Register an IDSCPv2 message listener
+     */
     public void registerMessageListener(IdscpMsgListener listener){
         this.listener = listener;
         listenerLatch.countDown();
     }
 
+    /*
+     * Notify handshake lock about result
+     */
     void notifyHandshakeCompleteLock(){
         fsmIsBusy.lock();
         try {
@@ -350,18 +470,32 @@ void notifyHandshakeCompleteLock(){
         }
     }
 
-    //calculate Prover mechanism (strongest remote expected), returns null if no match was found
+    /*
+     * Calculate the RatProver mechanism
+     *
+     * Return the String of the cipher or null if no match was found
+     */
     String getRatProverMechanism(String[] localSupportedProver, Object[] remoteExpectedVerifier){
         //toDo implement logic
         return localSupportedProver[0];
     }
 
-    //calculate Verifier mechanism (strongest local expected), returns null if no match was found
+    /*
+     * Calculate the RatVerifier mechanism
+     *
+     * Return the String of the cipher or null if no match was found
+     */
     String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSupportedProver){
         //toDo implement logic
         return localExpectedVerifier[0];
     }
 
+    /*
+     * Stop current RatVerifier if active and start the RatVerifier from the
+     * RatVerifierDriver Registry that matches the verifier mechanism
+     *
+     * return false if no match was found
+     */
     boolean restartRatVerifierDriver(){
         //assume verifier mechanism is set
         stopRatVerifierDriver();
@@ -371,11 +505,15 @@ boolean restartRatVerifierDriver(){
             currentRatVerifierId = "";
             return false;
         } else {
+            //safe the thread ID
             currentRatVerifierId = Long.toString(ratVerifierDriver.getId());
             return true;
         }
     }
 
+    /*
+     * Terminate the RatVerifierDriver
+     */
     void stopRatVerifierDriver(){
         if (ratVerifierDriver != null && ratVerifierDriver.isAlive()){
             ratVerifierDriver.interrupt();
@@ -383,7 +521,12 @@ void stopRatVerifierDriver(){
         }
     }
 
-
+    /*
+     * Stop current RatProver if active and start the RatProver from the
+     * RatProverDriver Registry that matches the prover mechanism
+     *
+     * return false if no match was found
+     */
     boolean restartRatProverDriver(){
         //assume prover mechanism is set
         stopRatProverDriver();
@@ -393,11 +536,15 @@ boolean restartRatProverDriver(){
             currentRatProverId = "";
             return false;
         } else {
+            //safe the thread ID
             currentRatProverId = Long.toString(ratProverDriver.getId());
             return true;
         }
     }
 
+    /*
+     * Terminate the RatProverDriver
+     */
     void stopRatProverDriver(){
         if (ratProverDriver != null && ratProverDriver.isAlive()){
             ratProverDriver.interrupt();
@@ -405,17 +552,10 @@ void stopRatProverDriver(){
         }
     }
 
-    void setRatMechanisms(String proverMechanism, String verifierMechanism) {
-        this.proverMechanism = proverMechanism;
-        this.verifierMechanism = verifierMechanism;
-    }
-
-
-
-    State getState(FSM_STATE state){
-        return states.get(state);
-    }
-
+    /*
+     * Lock the fsm forever, terminate the timers and drivers, close the secure channel
+     * and notify User or handshake lock about closure
+     */
     void lockFsm(){
         try {
             secureChannel.close();
@@ -443,14 +583,9 @@ void lockFsm(){
         }
     }
 
-    RatVerifierDriver getRatVerifierDriver() {
-        return ratVerifierDriver;
-    }
-
-    RatProverDriver getRatProverDriver() {
-        return ratProverDriver;
-    }
-
+    /*
+     * Provide IDSCPv2 message to the message listener
+     */
     void notifyIdscpMsgListener(byte[] data) {
         try {
             this.listenerLatch.await();
@@ -460,4 +595,29 @@ void notifyIdscpMsgListener(byte[] data) {
             Thread.currentThread().interrupt();
         }
     }
+
+    //
+    // Getter
+    //
+
+    RatVerifierDriver getRatVerifierDriver() {
+        return ratVerifierDriver;
+    }
+
+    RatProverDriver getRatProverDriver() {
+        return ratProverDriver;
+    }
+
+    State getState(FSM_STATE state){
+        return states.get(state);
+    }
+
+    //
+    // Setter
+    //
+
+    void setRatMechanisms(String proverMechanism, String verifierMechanism) {
+        this.proverMechanism = proverMechanism;
+        this.verifierMechanism = verifierMechanism;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
index dc651ed0a..a72c40f5d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
@@ -1,11 +1,38 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCPv2.*;
 
+/**
+ * An FSM Listener Interface implemented by the FSM to restrict FSM API to the drivers and the
+ * secure channel class of the IDSCPv2
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public interface FsmListener {
+
+    /*
+     * A method for providing IDSCPv2 data from the secure channel to the FSM
+     */
     void onMessage(byte[] data);
-    void onRatProverMessage(InternalControlMessage controlMessage, IDSCPv2.IdscpMessage idscpMessage);
-    void onRatVerifierMessage(InternalControlMessage controlMessage, IDSCPv2.IdscpMessage idscpMessage);
+
+    /*
+     * A method for providing RatProver messages from the RatProverDriver implementation to the FSM
+     */
+    void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage);
+
+    /*
+     * A method for providing RatVerifier messages from the RatVerifierDriver implementation to the
+     * FSM
+     */
+    void onRatVerifierMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage);
+
+    /*
+     * A method for providing internal errors to the fsm
+     */
     void onError();
+
+    /*
+     * A method for notifying the fsm about closure of the secure channel
+     */
     void onClose();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
index bf6ce52ae..fc62ecdf2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
@@ -1,5 +1,11 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
+/**
+ * An enum that wraps the internal control messages of the IDSCPv2 protocol to trigger transitions
+ * by non-idscpv2-message-events
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public enum InternalControlMessage {
     START_IDSCP_HANDSHAKE("ICM_START"),
     IDSCP_STOP("ICM_STOP"),
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
index f3e534315..79f5b1e26 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
@@ -4,8 +4,9 @@
 import java.util.function.Function;
 
 /**
- * A State class for the Finite State Machine. A state holds all outgoing transitions and a noTransitionHandler for
- * events, that do not trigger any outgoing available transition. Transitions are mapped with the event key
+ * A State class for the Finite State Machine.
+ * A state holds all outgoing transitions and a noTransitionHandler for events, that do not trigger
+ * any outgoing available transition. Transitions are mapped with the event key.
  *
  * @author Leon Beckmann leon.beckmann@aisec.fraunhofer.de
  */
@@ -14,6 +15,13 @@ public class State {
     private ConcurrentHashMap<Object,Transition> transitions = new ConcurrentHashMap<>();
     private Function<Event,State> noTransitionHandler = null;
 
+    /*
+     * A method for triggering aa transition of the current state by a given event
+     *
+     * If no transition exists for the given event, the noTransitionHandler is triggered
+     *
+     * Returns the target state of the triggered transition (new current state of the fsm)
+     */
     State feedEvent(Event e){
         Transition t = transitions.get(e.getKey());
         if (t != null){
@@ -23,14 +31,23 @@ State feedEvent(Event e){
         }
     }
 
+    /*
+     * Add ann outgoing transition to the state
+     */
     void addTransition(Object k, Transition t){
         transitions.put(k,t);
     }
 
+    /*
+     * Set the 'no transition available for this event' handler
+     */
     void setNoTransitionHandler(Function<Event, State> noTransitionHandler) {
         this.noTransitionHandler = noTransitionHandler;
     }
 
+    /*
+     * run a sequence of code when the state is entered
+     */
     void runEntryCode(FSM fsm) {}
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
index 077ecfaac..5c305c9e6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
@@ -10,7 +10,17 @@
 
 import java.util.concurrent.locks.Condition;
 
-
+/**
+ * The Closed State of the FSM of the IDSCPv2 protocol.
+ * The FSM is in the Closed state either before any transition was triggered (in this case, the
+ * Closed State is the FSM Start state) or after the connection was closed (in this case, the
+ * Closed State is the FSM final state without any outgoing transitions)
+ *
+ * When the FSM go from any State into the Closed State again, the FSM is locked forever and all
+ * involved actors like RatDrivers and Timers will be terminated
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 class StateClosed extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateClosed.class);
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
index 4db494542..004bf3d8a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
@@ -7,6 +7,12 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+/**
+ * The Established State of the FSM of the IDSCPv2 protocol.
+ * Allows message exchange over the IDSCPv2 protocol between two connectors
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class StateEstablished extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateEstablished.class);
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
index 139342778..59835fde9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
@@ -7,6 +7,13 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+/**
+ * The Wait_For_Dat_And_Rat State of the FSM of the IDSCPv2 protocol.
+ * Waits for a new valid dynamic attribute token from the peer as well as for the RatProver and
+ * RatVerifier to decide whether the connection will be established or not
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class StateWaitForDatAndRat extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateWaitForDatAndRat.class);
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
index fae2289f9..f54e3d128 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
@@ -7,6 +7,14 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+/**
+ * The Wait_For_Dat_And_Rat_Verifier State of the FSM of the IDSCPv2 protocol.
+ * Wait for a new dynamic attribute token from the peer, since the old one is not valid anymore
+ * and waits for the RatVerifier after successful verification of the Dat to decide if the idscpv2
+ * connection will be established
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class StateWaitForDatAndRatVerifier extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateWaitForDatAndRatVerifier.class);
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
index 7f583002b..7f9915325 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
@@ -1,6 +1,5 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
-
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
@@ -8,6 +7,15 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+/**
+ * The Wait_For_Hello State of the FSM of the IDSCPv2 protocol.
+ * Waits for the Idscpv2 Hellp Message that contains the protocol version, the supported and
+ * expected remote attestation cipher suites and the dynamic attribute token (DAT) of the peer.
+ *
+ * Goes into the WAIT_FOR_RAT State when valid Rat mechanisms were found and the DAT is valid
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class StateWaitForHello extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateWaitForHello.class);
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
index 82a599fe2..8f82ca7d3 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
@@ -7,6 +7,13 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+/**
+ * The Wait_For_Rat State of the FSM of the IDSCPv2 protocol.
+ * Waits for the RatProver and RatVerifier Result to decide whether the connection will be
+ * established
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class StateWaitForRat extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateWaitForRat.class);
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
index 0b7470f2c..6bb5b2a68 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
@@ -7,6 +7,12 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+/**
+ * The Wait_For_Rat_Prover State of the FSM of the IDSCPv2 protocol.
+ * Waits only for the RatProver Result to decide whether the connection will be established
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class StateWaitForRatProver extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateWaitForRatProver.class);
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
index e021d67e4..9a36e65ae 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
@@ -7,6 +7,12 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+/**
+ * The Wait_For_Rat_Verifier State of the FSM of the IDSCPv2 protocol.
+ * Waits only for the RatVerifier Result to decide whether the connection will be established
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class StateWaitForRatVerifier extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateWaitForRatVerifier.class);
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
index 7ddfd07c0..b2b2643ab 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
@@ -2,6 +2,12 @@
 
 import java.util.concurrent.locks.ReentrantLock;
 
+/**
+ * A Timer class that provides an API to the FSN to start and cancel timeout threads
+ * The timer ensures that no canceled timer is able to trigger a timeout transitions
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class Timer {
 
     private TimerThread thread = null;
@@ -19,6 +25,9 @@ void resetTimeout(long delay){
         start(delay);
     }
 
+    /*
+     * Start a timer thread that triggers the timeout handler routine after a given timout delay
+     */
     public void start(long delay){
         mutex.lock();
         thread = new TimerThread(delay, timeoutHandler, fsmIsBusy);
@@ -26,6 +35,9 @@ public void start(long delay){
         mutex.unlock();
     }
 
+    /*
+     * Cancel the current timer thread
+     */
     void cancelTimeout(){
         mutex.lock();
         if (thread != null){
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
index 1f6041336..253f75cf5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
@@ -2,12 +2,19 @@
 
 import java.util.concurrent.locks.ReentrantLock;
 
+/**
+ * A Timer Thread that triggers timeouts in the fsm
+ * The thread will only trigger the fsm if it has the fsm lock and the timeout
+ * was not canceled before
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class TimerThread extends Thread{
 
     private volatile boolean canceled = false;
-    private long delay;
-    private final Runnable timeoutHandler;
-    private final ReentrantLock fsmIsBusy;
+    private long delay; //timeout delay in seconds
+    private final Runnable timeoutHandler; //timeout handler routine
+    private final ReentrantLock fsmIsBusy; //lock for the fsm
 
     TimerThread(long delay, Runnable timeoutHandler, ReentrantLock fsmIsBusy){
         this.delay = delay;
@@ -15,6 +22,15 @@ public class TimerThread extends Thread{
         this.fsmIsBusy = fsmIsBusy;
     }
 
+    /*
+     * Run the timer thread that sleeps the number of timeout delay in ms
+     * if the timeout was not canceled during the sleep, the thread will request
+     * the fsm lock and will then check once again, if the timeout was canceled
+     * by another transition during this process to avoid triggering timeout
+     * transitions for canceled timers.
+     * If the timout was not canceled so far, the timer thread calls a timeout handler
+     * routine, that triggers the timeout transition in the fsm
+     */
     public void run(){
         try {
             Thread.sleep(delay * 1000);
@@ -38,6 +54,9 @@ public void run(){
         }
     }
 
+    /*
+     * A method to stop the execution of the timer thread and cancel the timeout
+     */
     public void safeStop(){
         canceled = true;
         this.interrupt();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
index 76ec12731..3a38ed6d2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
@@ -3,9 +3,10 @@
 import java.util.function.Function;
 
 /**
- * Transition class for State machine, provides a doTransition method, that returns the next state for a given event
+ * Transition class for State machine, provides a doTransition method
+ * that returns the next state for a given event
  *
- * @author Leon Beckmann leon.beckmann@aisec.fraunhofer.de
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class Transition {
     private Function<Event,State> eventHandler;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
index 600998a95..d807b90b6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
@@ -10,6 +10,12 @@
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.CountDownLatch;
 
+/**
+ * An IDSCPv2 Server that has the control about the underlying secure server and caches all active
+ * connections that belong to the secure server
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class IDSCPv2Server implements IdscpConnectionListener{
     private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Server.class);
 
@@ -17,15 +23,16 @@ public class IDSCPv2Server implements IdscpConnectionListener{
     private CountDownLatch secureServerLatch = new CountDownLatch(1);
     private ConcurrentHashMap<String, IDSCPv2Connection> connections = new ConcurrentHashMap<>();
 
-    public IDSCPv2Server(){
-
-    }
+    public IDSCPv2Server(){}
 
     public IDSCPv2Server(SecureServer secureServer){
         this.secureServer = secureServer;
         secureServerLatch.countDown();
     }
 
+    /*
+     * Terminate the IDSCPv2 server, the secure server and close all connections
+     */
     public void terminate(){
         LOG.info("Terminating idscp server {}", this.toString());
         try {
@@ -37,6 +44,9 @@ public void terminate(){
         }
     }
 
+    /*
+     * Close all open IDSCPv2 connections of this server
+     */
     public void terminateAllSessions(){
         for (IDSCPv2Connection c : connections.values()){
             c.close();
@@ -45,6 +55,9 @@ public void terminateAllSessions(){
         }
     }
 
+    /*
+     * Check if the server is running
+     */
     public boolean isRunning(){
         try {
             secureServerLatch.await();
@@ -55,10 +68,18 @@ public boolean isRunning(){
         return false;
     }
 
+    /*
+     * Get a IDSCPv2Connection from the server cache by the connectionID
+     *
+     * return null if no connection was found with this ID
+     */
     public IDSCPv2Connection getConnectionById(String connectionId){
         return connections.get(connectionId);
     }
 
+    /*
+     * return a list of all open IDSCPv2 connections of this server
+     */
     public List<IDSCPv2Connection> getAllConnections(){
         return new ArrayList<>(connections.values());
     }
@@ -75,6 +96,9 @@ public void connectionClosedHandler(String connectionId) {
         connections.remove(connectionId);
     }
 
+    /*
+     * Set the corresponding secure server
+     */
     public void setSecureServer(SecureServer secureServer) {
         this.secureServer = secureServer;
         secureServerLatch.countDown();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java
index 2857b7ebd..13911c906 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java
@@ -2,7 +2,19 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
 
+/**
+ * An IDSCP Connection Listener interface that is implemented by the IDSCPv2 Server to notify the
+ * server about lifetimes of IDSCP connections. The server caches all active connections.
+ */
 public interface IdscpConnectionListener {
+
+    /*
+     * Notify the server that a new connection was established
+     */
     void newConnectionHandler(IDSCPv2Connection connection);
+
+    /*
+     * Notify the server that connection has been closed
+     */
     void connectionClosedHandler(String connectionId);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
index 703300b06..071d344b2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
@@ -3,8 +3,18 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
 
+import java.lang.reflect.InvocationTargetException;
 import java.util.concurrent.ConcurrentHashMap;
 
+/**
+ * A Rat Prover Driver Registry
+ * The User can register Driver implementation instances and its configurations to the registry
+ *
+ * The Idscpv2 protocol will select during the idscp handshake a Rat Prover mechanism and will
+ * check for this RatProver in this registry
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class RatProverDriverRegistry {
     private static RatProverDriverRegistry instance;
     private static ConcurrentHashMap<String, DriverWrapper> drivers = new ConcurrentHashMap<>();
@@ -19,8 +29,20 @@ public static RatProverDriverRegistry getInstance(){
         return instance;
     }
 
+    /*
+     * To start a Rat Prover from the finite state machine
+     *
+     * First we check if the registry contains the RatProver instance, then we create a new
+     * RatProverDriver from the driver wrapper that holds the corresponding RatProverDriver class.
+     *
+     * The finite state machine is registered as the communication partner for the RatProver.
+     * The RatProver will be initialized with a configuration, if present. Then it is started.
+     */
     public static RatProverDriver startRatProverDriver(String instance, FsmListener listener){
         DriverWrapper driverWrapper = drivers.get(instance);
+        if (driverWrapper == null) {
+            return null;
+        }
 
         try {
             RatProverDriver driver = driverWrapper.driverClass.getDeclaredConstructor().newInstance();
@@ -31,12 +53,16 @@ public static RatProverDriver startRatProverDriver(String instance, FsmListener
             driver.start();
             return driver;
 
-        } catch (Exception e) {
+        } catch (NoSuchMethodException | InstantiationException | IllegalAccessException |
+            InvocationTargetException e) {
             return null;
         }
     }
 
 
+    /*
+     * Register Rat Prover driver and an optional configuration in the registry
+     */
     public void registerDriver(
         String instance,
         Class<? extends RatProverDriver> driverClass,
@@ -45,10 +71,16 @@ public void registerDriver(
         drivers.put(instance, new DriverWrapper(driverClass, driverConfig));
     }
 
+    /*
+     * Unregister the driver from the registry
+     */
     public void unregisterDriver(String instance){
         drivers.remove(instance);
     }
 
+    /*
+     * An inner static wrapper class, that wraps driver config and driver class
+     */
     private static class DriverWrapper {
         private Class<? extends RatProverDriver> driverClass;
         private Object driverConfig;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
index 4b32fc5f6..accdb9ca9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
@@ -6,6 +6,15 @@
 
 import java.util.concurrent.ConcurrentHashMap;
 
+/**
+ * A Rat Verifier Driver Registry
+ * The User can register Driver implementation instances and its configurations to the registry
+ *
+ * The Idscpv2 protocol will select during the idscp handshake a Rat Verifier mechanism and will
+ * check for this RatVerifier in this registry
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class RatVerifierDriverRegistry {
     private static RatVerifierDriverRegistry instance;
     private static ConcurrentHashMap<String, DriverWrapper> drivers
@@ -20,6 +29,16 @@ public static RatVerifierDriverRegistry getInstance(){
         return instance;
     }
 
+    /*
+     * To start a Rat Verifier from the finite state machine
+     *
+     * First we check if the registry contains the RatVerifier instance, then we create a new
+     * RatVerifierDriver from the driver wrapper that holds the corresponding
+     * RatVerifierDriver class.
+     *
+     * The finite state machine is registered as the communication partner for the RatVerifier.
+     * The RatVerifier will be initialized with a configuration, if present. Then it is started.
+     */
     public static RatVerifierDriver startRatVerifierDriver(String mechanism, FsmListener listener){
         DriverWrapper driverWrapper = drivers.get(mechanism);
 
@@ -37,6 +56,9 @@ public static RatVerifierDriver startRatVerifierDriver(String mechanism, FsmList
         }
     }
 
+    /*
+     * Register Rat Verifier driver and an optional configuration in the registry
+     */
     public void registerDriver(
         String mechanism,
         Class<? extends RatVerifierDriver> driverClass,
@@ -45,10 +67,16 @@ public void registerDriver(
         drivers.put(mechanism, new DriverWrapper(driverClass, driverConfig));
     }
 
+    /*
+     * Unregister the driver from the registry
+     */
     public void unregisterDriver(String instance){
         drivers.remove(instance);
     }
 
+    /*
+     * An inner static wrapper class, that wraps driver config and driver class
+     */
     private static class DriverWrapper {
         private Class<? extends RatVerifierDriver> driverClass;
         private Object driverConfig;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index e105a5cdf..4649d7fdb 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -3,21 +3,11 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-
 import java.util.concurrent.CountDownLatch;
 
 /**
- * A secureChannel which is the secure underlying basis of the IDSCPv2 protocol, that implements a secureChannelListener
- *
- * Developer API
- *
- * Methods:
- * void close()                                 to close the secureChannel
- * void send(IDSCPv2Message)                    to send an IDSCPv2Message as bytes via the secure channel
- * void onMessage(byte[] data)                  to receive new bytes via the secure channel
- * boolean isConnected()                        to check if the secure channel is still open
- * void registerMessageListener(IdscpMsgListener)   to register an idscpv2 message listener
- * void setEndpointConnectionId(String id)          to set the connectionId
+ * A secureChannel which is the secure underlying basis of the IDSCPv2 protocol,
+ * that implements a secureChannelListener
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -32,10 +22,18 @@ public SecureChannel(SecureChannelEndpoint secureChannelEndpoint){
         this.endpoint = secureChannelEndpoint;
     }
 
+    /*
+     * close the secure channel forever
+     */
     public void close(){
         endpoint.close();
     }
 
+    /*
+     * Send data via the secure channel endpoint to the peer connector
+     *
+     * return true if the data were sent successfully, else false
+     */
     public boolean send(byte[] msg){
         LOG.debug("Send message via secure channel");
         return endpoint.send(msg);
@@ -78,6 +76,9 @@ public boolean isConnected(){
         return endpoint.isConnected();
     }
 
+    /*
+     * set the corresponding finite state machine
+     */
     public void setFsm(FsmListener fsm) {
         this.fsm = fsm;
         fsmLatch.countDown();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
index a4a2390ab..77afc5e8a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
@@ -1,21 +1,32 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
 
 /**
- * An interface for a secureChannelEndpoint that implements functions to delegate idscp functions to the secure channel
- *
- * Developer API
- *
- * Methods:
- * void close()                         disconnect
- * void onMessage(int len, byte[])      receive new raw data from connected endpoint
- * void send(byte[])                    send byte array to connected endpoint
- * boolean isConnected()                check if endpoint is connected
+ * An interface for a secureChannelEndpoint e.g. TLS Client and TLS Server Thread
+ * Used to delegate functions and messages between secure channel and its endpoints
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface SecureChannelEndpoint {
+
+    /*
+     * API to close the secure channel endpoint
+     */
     void close();
+
+    /*
+     * API to delegate messages from an input listener to the secure channel endpoint
+     */
     void onMessage(byte[] bytes);
+
+    /*
+     * Send data from the secure channel endpoint to the peer connector
+     *
+     * return true when data was sent, else false
+     */
     boolean send(byte[] bytes);
+
+    /*
+     * check if the endpoint is connected
+     */
     boolean isConnected();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
index e4a7b85fc..024f397e2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
@@ -1,7 +1,22 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
 
+/**
+ * An interface for a secure channel listener, implemented by the secure channel
+ */
 public interface SecureChannelListener {
+
+    /*
+     * Delegate data from secure channel endpoint to the secure channel
+     */
     void onMessage(byte[] data);
+
+    /*
+     * Delegate an error from an secure channel endpoint to the secure channel
+     */
     void onError();
+
+    /*
+     * Notify secure channel that secure channel endpoint has been closed
+     */
     void onClose();
 }

From b6e14e1d4486a95f022400f5aebef9fbd77190cc Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Sun, 29 Mar 2020 22:08:11 +0200
Subject: [PATCH 061/237] Update hostname verification: add wildcards, add more
 comments

---
 .../TlsSessionVerificationHelper.java         | 143 +++++++++++++++---
 .../client/DataAvailableListener.java         |  15 +-
 .../secure_channel/client/InputListener.java  |  10 +-
 .../client/InputListenerThread.java           |  14 +-
 .../secure_channel/client/TLSClient.java      |   8 +-
 .../server/TLSServerThread.java               |  13 +-
 6 files changed, 164 insertions(+), 39 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java
index e36fc2d10..c99bbbc8b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java
@@ -9,6 +9,8 @@
 import java.util.Collection;
 import java.util.Date;
 import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSession;
 import org.slf4j.Logger;
@@ -16,43 +18,58 @@
 
 /**
  * A class for verifying an established TLS Session on application layer
+ * (application level security)
  *
  * @author Leon Beckmann (leon.beckmannn@aisec.fraunhofer.de)
  */
 public class TlsSessionVerificationHelper {
   private static final Logger LOG = LoggerFactory.getLogger(TlsSessionVerificationHelper.class);
 
+  private static final String ipv4Pattern =
+      "(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])";
+  private static final String ipv6Pattern = "([0-9a-f]{1,4}:){7}([0-9a-f]){1,4}";
+
   /*
-   * Returns true if the ssl session is valid and the remote host can be trusted
+   * Checks if the ssl session is valid and the remote host can be trusted
    *
    * Due to the fact, that hostname verification is not specified in the secure socket layer,
    * we have to check if the connected hostname matches to the subject of the peer certificate to
-   * avoid Man-In-The-Middle Attacks.
+   * avoid Man-In-The-Middle Attacks. This is required for every raw tls!
    *
    * Further we check the peer certificate validity to avoid the case that some of the certificates
    * in our local trust_store are not valid anymore and allow a peer connector to connect with an
    * expired certificate
+   *
+   * Throws SSlPeerUnverifiedException if peer certificate is not secure for this peer
    */
-  public static boolean verifyTlsSession(SSLSession sslSession) {
+  public static void verifyTlsSession(SSLSession sslSession) throws SSLPeerUnverifiedException{
+
+    String host = sslSession.getPeerHost();
 
-    LOG.debug("Connected to {}:{}", sslSession.getPeerHost(), sslSession.getPeerPort());
+    LOG.debug("Connected to {}:{}", host, sslSession.getPeerPort());
     try {
-      Certificate[] certificates = sslSession.getPeerCertificates();
 
+      //get certificate
+      Certificate[] certificates = sslSession.getPeerCertificates();
       if (certificates.length != 1) {
-        LOG.warn("Unexpected number of certificates");
-        return false;
+        throw new SSLPeerUnverifiedException("Unexpected number of certificates");
       }
       X509Certificate peerCert = (X509Certificate) certificates[0];
 
-      //check hostname verification
+      /*
+       * According to RFC6125, hostname verification should be done against the certificate's
+       * subject alternative name's (SANs) dNSName field or the SANs IPAddress. In some legacy
+       * implementations, the check is done against the certificate's commonName, but this is
+       * deprecated for quite a while and is therefore not supported anymore in te IDSCPv2 protocol.
+       */
       Collection<List<?>> sans = peerCert.getSubjectAlternativeNames();
       if (sans == null) {
-        LOG.warn("No Subject alternative names for hostname verification provided");
-        return false;
+        throw new SSLPeerUnverifiedException("No Subject alternative names for hostname "
+            + "verification provided");
       }
 
-      ArrayList<String> hostNames = new ArrayList<>();
+      ArrayList<String> acceptedDnsNames = new ArrayList<>();
+      ArrayList<String> acceptedIpAddresses = new ArrayList<>();
 
       for (List<?> subjectAltName : sans) {
         if (subjectAltName.size() != 2) {
@@ -61,11 +78,17 @@ public static boolean verifyTlsSession(SSLSession sslSession) {
         Object value = subjectAltName.get(1);
         switch ((Integer)subjectAltName.get(0)) {
           case 2: //DNS_NAME
+            if (value instanceof String) {
+              acceptedDnsNames.add((String)value);
+            } else if (value instanceof byte[]) {
+              acceptedDnsNames.add(new String((byte[]) value));
+            }
+            break;
           case 7: //IP_ADDRESS
             if (value instanceof String) {
-              hostNames.add((String)value);
+              acceptedIpAddresses.add((String)value);
             } else if (value instanceof byte[]) {
-              hostNames.add(new String((byte[]) value));
+              acceptedIpAddresses.add(new String((byte[]) value));
             }
             break;
           case 0: //OTHER_NAME - Not Supported
@@ -82,15 +105,37 @@ public static boolean verifyTlsSession(SSLSession sslSession) {
 
       //toDo localhost is matched manually to 127.0.0.1 for testing.. a matching file ip <-> dns
       // would be nicer in the future
-      if (hostNames.contains("localhost")) {
-        hostNames.add("127.0.0.1");
+      // automatic dns resolving via DNS service is not ann option since we cannot trust the DNS
+      if (acceptedDnsNames.contains("localhost")) {
+        acceptedIpAddresses.add("127.0.0.1");
       }
 
-      if (!hostNames.contains(sslSession.getPeerHost())) {
-        LOG.warn("Hostname verification failed. Peer certificate does not belong to peer host");
-        return false;
+
+      if (isIpAddress(host)) {
+        //check ip addresses RFC 2818 (Section 3.1)
+        if (!acceptedIpAddresses.contains(host)) {
+          throw new SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
+              + "not belong to peer host");
+        }
+      } else {
+        //check hostname
+        String[] hostLabels = host.split("\\.");
+        boolean found = false;
+
+        for (String entry : acceptedDnsNames) {
+          if (checkHostname(entry.split("\\.", -1), hostLabels)) {
+            found = true;
+            break;
+          }
+        }
+
+        if (!found) {
+          throw new SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
+              + "not belong to peer host");
+        }
       }
 
+
       //check certificate validity for now and at least one day
       Date oneDay = new Date();
       oneDay.setTime(oneDay.getTime() + 86400000);
@@ -98,13 +143,65 @@ public static boolean verifyTlsSession(SSLSession sslSession) {
       peerCert.checkValidity();
       peerCert.checkValidity(oneDay);
 
-    } catch (SSLPeerUnverifiedException | CertificateParsingException |
-        CertificateNotYetValidException | CertificateExpiredException e) {
-      LOG.warn("TLS Session Verification failed", e);
-      return false;
+    } catch (CertificateParsingException | CertificateNotYetValidException |
+        CertificateExpiredException e) {
+      throw new SSLPeerUnverifiedException("TLS Session Verification failed "+ e);
+    }
+  }
+
+
+  /*
+   * check if host is an IP Address
+   */
+  private static boolean isIpAddress(String host){
+
+    Matcher ip4 = Pattern.compile(ipv4Pattern, Pattern.CASE_INSENSITIVE).matcher(host);
+    if (ip4.matches()) {
+      return true;
+    }
+
+    Matcher ip6 = Pattern.compile(ipv6Pattern, Pattern.CASE_INSENSITIVE).matcher(host);
+    return ip6.matches();
+  }
+
+  /*
+   * match dNS Name
+   */
+  private static boolean checkHostname(String[] dnsNameLabels, String[] hostNameLabels) {
+
+    /*
+     * support wildcard matching of DNS names as described in RFC6125 Section 6.4.3
+     *
+     * Rules:
+     * 1. The client SHOULD NOT attempt to match a presented identifier in which the wildcard
+     * character comprises a label other than the left-most label
+     * (e.g., do not match bar.*.example.net).
+     *
+     * 2. If the wildcard character is the only character of the left-most label in the
+     * presented identifier, the client SHOULD NOT compare against anything but the left-most
+     * label of the reference identifier (e.g., *.example.com would match foo.example.com but
+     * not bar.foo.example.com or example.com).
+     *
+     * 3. The client MAY match a presented identifier in which the wildcard character is not the
+     * only character of the label (e.g., baz*.example.net and *baz.example.net and
+     * b*z.example.net would be taken to match baz1.example.net and foobaz.example.net and
+     * buzz.example.net, respectively).  However, the client SHOULD NOT attempt to match a
+     * presented identifier where the wildcard character is embedded within an A-label or
+     * U-label of an internationalized domain name.
+     */
+    if (dnsNameLabels.length == hostNameLabels.length) { //include rule 2
+      //all labels without the first one must match completely (rule 1)
+      for (int i = 1; i < dnsNameLabels.length; i++) {
+        if (!dnsNameLabels[i].equals(hostNameLabels[i])) {
+          return false;
+        }
+      }
+
+      //first label could include wildcard character '*' (rule 1+3)
+      return hostNameLabels[0].matches(dnsNameLabels[0].replace("*", ".*"));
     }
 
-    return true;
+    return false;
   }
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
index 062bbd1ea..6249c795e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
@@ -1,12 +1,25 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
 
 /**
- * An interface for DataAvailableListeners, who will be notified when new data were received
+ * An interface for DataAvailableListeners, that will be notified when new data were received
+ * at the sslSocket
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface DataAvailableListener {
+
+    /*
+     * Provide incoming data to listener
+     */
     void onMessage(byte[] data);
+
+    /*
+     * Notify listener that an error has occurred
+     */
     void onError();
+
+    /*
+     * Notify listener that the socket has been closed
+     */
     void onClose();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java
index b3826bad2..09c1338e9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java
@@ -1,12 +1,20 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
 
 /**
- * An interface for an InputListenerThread, that allows DataAvailableListener registration and safe stop
+ * An interface for an InputListenerThread, that allows DataAvailableListener registration and
+ * safe stop
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface InputListener {
 
+    /*
+     * Register a listener for providing data to
+     */
     void register(DataAvailableListener listener);
+
+    /*
+     * Terminate InputListener
+     */
     void safeStop();
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index 4a40f885f..d4cc82b43 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -7,12 +7,8 @@
 import java.net.SocketTimeoutException;
 
 /**
- * A simple Listener thread that listens to an input stream and notifies all listeners when new data were received
- *
- * API:
- * - run() to start the listener thread
- * - register(DataAvailableListener) to register a new DataAvailableListener who will be notified when receiving data
- * - safeStop() to stop the listener thread
+ * A simple Listener thread that listens to an input stream and notifies a listeners
+ * when new data were received
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -27,13 +23,19 @@ public InputListenerThread(InputStream in){
         this.in = new DataInputStream(in);
     }
 
+    /*
+     * Run the input listener thread that reads from wire and provides data to upper layer
+     */
     public void run(){
         byte[] buf;
         while (running){
             try {
+                //first read the length
                 int len = in.readInt();
                 buf = new byte[len];
+                //then read the data
                 in.readFully(buf, 0, len);
+                //provide to listener
                 this.listener.onMessage(buf);
             } catch (SocketTimeoutException ignore) {
                 //timeout to catch safeStop() call
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index eef139675..b1fd57995 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -209,14 +209,18 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
         }
 
         // verify tls session on application layer: hostname verification, certificate validity
-        if (!TlsSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession())) {
+        try {
+            TlsSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
+            LOG.debug("TLS session is valid");
+        } catch (SSLPeerUnverifiedException e) {
             if (LOG.isWarnEnabled()) {
-                LOG.warn("TLS session is not valid. Close TLS connection");
+                LOG.warn("TLS session is not valid. Close TLS connection", e);
             }
             disconnect();
             callback.secureChannelConnectHandler(null);
             return;
         }
+
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
         listenerLatch.countDown();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index 768a0281f..f7ddeadef 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -6,6 +6,7 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
+import javax.net.ssl.SSLPeerUnverifiedException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -189,19 +190,19 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
         }
 
         // verify tls session on application layer: hostname verification, certificate validity
-        if (!TlsSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession())) {
+        try {
+            TlsSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
+            LOG.debug("TLS session is valid");
+            tlsVerificationLatch.countDown();
+        } catch (SSLPeerUnverifiedException e) {
             if (LOG.isWarnEnabled()) {
-                LOG.warn("TLS session is not valid. Close TLS connection");
+                LOG.warn("TLS session is not valid. Close TLS connection", e);
             }
             running = false; //set running false before tlsVerificationLatch is decremented
             tlsVerificationLatch.countDown();
             return;
-        } else {
-            LOG.debug("TLS session is valid");
-            tlsVerificationLatch.countDown();
         }
 
-
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
         listenerLatch.countDown();

From 96293ea66beab451ab8a6839c4352a2d759c7d49 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Mon, 30 Mar 2020 13:26:37 +0200
Subject: [PATCH 062/237] Add comments for TLS

---
 .../daps/DefaultDapsDriver.java               |  88 +++++++++++----
 .../daps/DefaultDapsDriverConfig.java         |   5 +
 .../daps/SecurityRequirements.java            |   6 ++
 .../keystores/PreConfiguration.java           |  39 +++----
 .../rat/TPM2d/TPM2dHelper.java                |   6 +-
 .../rat/TPM2d/TPM2dProver.java                | 100 +++++++++++++++---
 .../rat/TPM2d/TPM2dSocket.java                |   3 +
 .../rat/TPM2d/TPM2dVerifier.java              |  71 +++++++------
 .../rat/TPM2d/Tpm2dProverConfig.java          |   5 +
 .../rat/TPM2d/Tpm2dVerifierConfig.java        |   5 +
 .../rat/TPM2d/TpmMessageFactory.java          |   5 +
 .../rat/dummy/RatProverDummy.java             |  16 ++-
 .../rat/dummy/RatVerifierDummy.java           |  17 ++-
 .../secure_channel/NativeTLSDriver.java       |   8 ++
 .../TlsSessionVerificationHelper.java         |   7 +-
 .../client/InputListenerThread.java           |   1 -
 .../secure_channel/client/TLSClient.java      |  34 ++----
 .../secure_channel/server/TLSServer.java      |  17 +--
 .../server/TLSServerThread.java               |  22 +---
 .../idscp2/drivers/interfaces/DapsDriver.java |   4 +
 20 files changed, 301 insertions(+), 158 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index d708ffc6f..62ca603af 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -36,19 +36,17 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-
-
 /**
- * Default DAPS Driver for requesting valid dynamicAttributeToken and verifying DAT
+ * Default DAPS Driver Implementation for requesting valid dynamicAttributeToken and verifying DAT
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class DefaultDapsDriver implements DapsDriver {
     private static final  Logger LOG = LoggerFactory.getLogger(DefaultDapsDriver.class);
 
-    private SSLSocketFactory sslSocketFactory;
-    private X509ExtendedTrustManager trustManager;
-    private Key privateKey;
+    private SSLSocketFactory sslSocketFactory; //ssl socket factory can be reused
+    private X509ExtendedTrustManager trustManager; //trust manager can be reused
+    private Key privateKey; //private key can be reused
     private String connectorUUID;
     private String dapsUrl;
     private String targetAudience = "IDS_Connector";
@@ -58,7 +56,7 @@ public DefaultDapsDriver(DefaultDapsDriverConfig config) {
         this.connectorUUID = config.getConnectorUUID();
         this.dapsUrl = config.getDapsUrl();
 
-        //create ssl context
+        //create ssl socket factory for secure
         privateKey = PreConfiguration.getKey(
             config.getKeyStorePath(),
             config.getKeyStorePassword(),
@@ -82,12 +80,17 @@ public DefaultDapsDriver(DefaultDapsDriverConfig config) {
         }
     }
 
+    /*
+     * Receive the signed and valid dynamic attribute token from the DAPS
+     *
+     * return "INVALID_TOKEN" on failure
+     */
     @Override
     public byte[] getToken() {
         String invalidToken = "INVALID_TOKEN";
         String token;
 
-        LOG.info("Retrieving Dynamic Attribute Token...");
+        LOG.info("Retrieving Dynamic Attribute Token from Daps ...");
 
         //create signed JWT
         String jwt =
@@ -126,17 +129,23 @@ public byte[] getToken() {
 
         try {
             //get http response from DAPS
-            LOG.debug("Acquire DAT from {}", dapsUrl);
+            if (LOG.isDebugEnabled()) {
+                LOG.debug("Acquire DAT from {}", dapsUrl);
+            }
             Response response = client.newCall(request).execute();
 
             //check for valid response
             if (!response.isSuccessful()) {
-                LOG.error("Get unsuccessful http response: {}", response.toString());
+                if (LOG.isWarnEnabled()) {
+                    LOG.warn("Get unsuccessful http response: {}", response.toString());
+                }
                 return invalidToken.getBytes();
             }
 
             if (response.body() == null) {
-                LOG.error("Get empty DAPS response");
+                if (LOG.isWarnEnabled()) {
+                    LOG.warn("Get empty DAPS response");
+                }
                 return invalidToken.getBytes();
             }
 
@@ -145,10 +154,14 @@ public byte[] getToken() {
                 token = json.getString("access_token");
                 LOG.info("Get access_token from DAPS: {}", token);
             } else if (json.has("error")) {
-                LOG.error("Get DAPS error response: {}", json.getString("error"));
+                if (LOG.isWarnEnabled()) {
+                    LOG.warn("Get DAPS error response: {}", json.getString("error"));
+                }
                 return invalidToken.getBytes();
             } else {
-                LOG.error("Get unknown DAPS response format: {}", json.toString());
+                if (LOG.isWarnEnabled()) {
+                    LOG.warn("Get unknown DAPS response format: {}", json.toString());
+                }
                 return invalidToken.getBytes();
             }
 
@@ -157,7 +170,9 @@ public byte[] getToken() {
                 LOG.info("DAT is valid");
                 return token.getBytes();
             } else {
-                LOG.error("DAT validation failed");
+                if (LOG.isWarnEnabled()) {
+                    LOG.warn("DAT validation failed");
+                }
                 return invalidToken.getBytes();
             }
         } catch (IOException e) {
@@ -166,6 +181,15 @@ public byte[] getToken() {
         }
     }
 
+    /*
+     * Verify a given dynamic attribute token
+     *
+     * If the security requirements is not null and an instance of the SecurityRequirements class
+     * the method will also check the provided security attributes of the connector that belongs
+     * to the provided DAT
+     *
+     * Return the number of seconds, des DAT is valid, or -1 if validation failed
+     */
     @Override
     public long verifyToken(byte[] dat, Object securityRequirements) {
 
@@ -202,23 +226,31 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
         JwtClaims claims;
         NumericDate expTime;
 
-        LOG.debug("Request JWKS from DAPS for validating DAT");
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Request JWKS from DAPS for validating DAT");
+        }
 
         try {
             claims = jwtConsumer.processToClaims(new String(dat));
             expTime = claims.getExpirationTime();
         } catch (InvalidJwtException e) {
-            LOG.error("DAPS response is not a valid DAT format", e);
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("DAPS response is not a valid DAT format", e);
+            }
             return -1;
         } catch (MalformedClaimException e) {
-            LOG.error("DAT does not contain expiration time", e);
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("DAT does not contain expiration time", e);
+            }
             return -1;
         }
         long validityTime = expTime.getValue() - NumericDate.now().getValue();
 
         //check security requirements
         if (securityRequirements != null) {
-            LOG.debug("Validate security attributes");
+            if (LOG.isDebugEnabled()) {
+                LOG.debug("Validate security attributes");
+            }
 
             if (securityRequirements instanceof SecurityRequirements) {
                 SecurityRequirements secRequirements = (SecurityRequirements) securityRequirements;
@@ -235,12 +267,16 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                     LOG.info("DAT is valid and secure");
                     return validityTime;
                 } else {
-                    LOG.warn("DAT does not fulfill the security requirements");
+                    if (LOG.isWarnEnabled()) {
+                        LOG.warn("DAT does not fulfill the security requirements");
+                    }
                     return -1;
                 }
             } else {
                 //invalid security requirements format
-                LOG.error("Invalid security requirements format. Expected SecurityRequirements.class");
+                if (LOG.isWarnEnabled()) {
+                    LOG.warn("Invalid security requirements format. Expected SecurityRequirements.class");
+                }
                 return -1;
             }
         } else {
@@ -253,20 +289,26 @@ private SecurityRequirements parseSecurityRequirements(String dynamicAttrToken)
         JSONObject asJson = new JSONObject(dynamicAttrToken);
 
         if (!asJson.has("ids_attributes")) {
-            LOG.error("DAT does not contain ids_attributes");
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("DAT does not contain ids_attributes");
+            }
             return null;
         }
         JSONObject idsAttributes = asJson.getJSONObject("ids_attributes");
 
         if (!idsAttributes.has("security_profile")) {
-            LOG.error("DAT does not contain security_profile");
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("DAT does not contain security_profile");
+            }
             return null;
         }
         JSONObject securityProfile = idsAttributes.getJSONObject("security_profile");
 
         //check if all security requirements are available
         if (!securityProfile.has("audit_logging")) {
-            LOG.error("DAT does not contain audit_logging");
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("DAT does not contain audit_logging");
+            }
             return null;
         }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
index 2979228a2..63e28c2b5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
@@ -2,6 +2,11 @@
 
 import org.checkerframework.checker.nullness.qual.NonNull;
 
+/**
+ * A Configuration class for the DefaultDapsDriver
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class DefaultDapsDriverConfig {
 
   @NonNull private String dapsUrl = "https://daps.aisec.fraunhofer.de";
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
index 097bc2cb7..5d62a7b2f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
@@ -3,6 +3,12 @@
 
 import org.checkerframework.checker.nullness.qual.NonNull;
 
+/**
+ * A Security-Requirements class using Builder pattern to store the connectors expected
+ * security attributes e.g. Audit Logging
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class SecurityRequirements {
 
   private int auditLogging;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index 9863ba390..e02a0745a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -18,8 +18,13 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class PreConfiguration {
-    //private static final Logger LOG = LoggerFactory.getLogger(TLSPreConfiguration.class);
 
+    /*
+     * Get a secure X509ExtendedTrustManager for the SslContext
+     *
+     * throws IllegalStateException if number of available X509TrustManager is not one
+     * throws RuntimeException of creating TrustManager fails
+     */
     public static TrustManager[] getX509ExtTrustManager(
             String trustStorePath,
             String trustStorePassword
@@ -34,23 +39,6 @@ public static TrustManager[] getX509ExtTrustManager(
             final TrustManagerFactory trustManagerFactory =
                     TrustManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
 
-            /*
-             *  The following code will filter the certificates from the trustStore by the
-             *  revocation date. Only certificates that consist validity of at least one remaining
-             *  day will be accepted
-             *
-             * //toDo not working yet because root certificates do not have CRL and OSCP links for
-             *    revocation checks..
-             *
-            // filterTrustAnchors for validation, at least one day valid
-            Date validityDate = new Date();
-            validityDate.setTime(validityDate.getTime() + 86400000);
-
-            PKIXBuilderParameters pkixParamBuilder = filterTrustAnchors(trustStore, validityDate);
-            ManagerFactoryParameters trustParams =
-                    new CertPathTrustManagerParameters(pkixParamBuilder);
-            trustManagerFactory.init(trustParams);*/
-
             trustManagerFactory.init(trustStore);
             myTrustManager = trustManagerFactory.getTrustManagers();
 
@@ -67,6 +55,12 @@ public static TrustManager[] getX509ExtTrustManager(
         }
     }
 
+    /*
+     * Get a secure X509ExtendedKeyManager for the SslContext
+     *
+     * throws IllegalStateException if number of available X509KeyManager is not one
+     * throws RuntimeException of creating KeyManager fails
+     */
     public static KeyManager[] getX509ExtKeyManager(
             String keyStorePath,
             String keyStorePassword,
@@ -103,6 +97,11 @@ public static KeyManager[] getX509ExtKeyManager(
         }
     }
 
+    /*
+     * Get a private key from a JKS Keystore
+     *
+     * throws RuntimeException if key is not available or key access was not permitted
+     */
     public static Key getKey(
         String keyStorePath,
         String keyStorePassword,
@@ -131,6 +130,10 @@ public static Key getKey(
         }
     }
 
+    /*
+     * This method can be used for filtering certificates in the trust store
+     * to avoid expired certificates
+     */
     private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore, Date validityUntilDate)
             throws KeyStoreException, InvalidAlgorithmParameterException {
         PKIXParameters params = new PKIXParameters(keyStore);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java
index 7c10ad4d9..b589ec768 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java
@@ -39,8 +39,10 @@ static byte[] calculateHash(byte[] nonce, @Nullable Certificate certificate) {
       if (certificate != null) {
         digest.update(certificate.getEncoded());
       } else {
-        LOG.warn(
-            "No client certificate available. Cannot bind nonce to public key to prevent masquerading attack. TLS misconfiguration!");
+        if (LOG.isWarnEnabled()) {
+          LOG.warn(
+              "No client certificate available. Cannot bind nonce to public key to prevent masquerading attack. TLS misconfiguration!");
+        }
       }
       return digest.digest();
     } catch (Exception e1) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
index 22890dcb2..333eff4f7 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
@@ -17,10 +17,48 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-
+/**
+ * A TPM2d RatProver Driver implementation that proves its identity to a remote peer using TPM2d
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class TPM2dProver extends RatProverDriver {
   private static final Logger LOG = LoggerFactory.getLogger(TPM2dProver.class);
 
+  /*
+   * ******************* Protocol *******************
+   *
+   * Verifier: (Challenger)
+   * -------------------------
+   * Generate NonceV
+   * create RatChallenge (NonceV, aType, pcr_mask)
+   * -------------------------
+   *
+   * Prover: (Responder)
+   * -------------------------
+   * get RatChallenge (NonceV, aType, pcr_mask)
+   * hash = calculateHash(nonceV, certV)
+   * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
+   * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
+   * create AttestationResponse from tpm response
+   * -------------------------
+   *
+   * Verifier: (Responder)
+   * -------------------------
+   * get AttestationResponse
+   * hash = calculateHash(nonceV, certV)
+   * check signature(response, hash)
+   * check repo(aType, response, ttpUri)
+   * create RatResult
+   * -------------------------
+   *
+   * Prover: (Requester)
+   * -------------------------
+   * get AttestationResult
+   * -------------------------
+   *
+   */
+
   private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
   private Tpm2dProverConfig config = new Tpm2dProverConfig.Builder().build();
 
@@ -31,17 +69,23 @@ public TPM2dProver(){
   @Override
   public void setConfig(Object config) {
     if (config instanceof Tpm2dProverConfig) {
-      LOG.debug("Set rat prover config");
+      if (LOG.isDebugEnabled()) {
+        LOG.debug("Set rat prover config");
+      }
       this.config = (Tpm2dProverConfig) config;
     } else {
-      LOG.warn("Invalid prover config");
+      if (LOG.isWarnEnabled()) {
+        LOG.warn("Invalid prover config");
+      }
     }
   }
 
   @Override
   public void delegate(IdscpMessage message) {
     queue.add(message);
-    LOG.debug("Delegated to prover");
+    if (LOG.isDebugEnabled()) {
+      LOG.debug("Delegated to prover");
+    }
   }
 
   @Override
@@ -52,7 +96,9 @@ public void run() {
     IdscpMessage msg;
     try {
       msg = queue.take();
-      LOG.debug("Prover receives new message");
+      if (LOG.isDebugEnabled()) {
+        LOG.debug("Prover receives new message");
+      }
     } catch (InterruptedException e) {
       fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
       return;
@@ -61,7 +107,9 @@ public void run() {
     // check if message is from rat verifier
     if (!msg.hasIdscpRatVerifier()) {
       //unexpected message
-      LOG.warn("Unexpected message from FSM: Expected IdscpRatProver");
+      if (LOG.isWarnEnabled()) {
+        LOG.warn("Unexpected message from FSM: Expected IdscpRatProver");
+      }
       fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
       return;
     }
@@ -79,15 +127,21 @@ public void run() {
     // check if wrapper contains expected rat challenge
     if (!tpm2dMessageWrapper.hasRatChallenge()) {
       //unexpected message
-      LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatChallenge");
+      if (LOG.isWarnEnabled()) {
+        LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatChallenge");
+      }
       fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
       return;
     }
 
-    LOG.debug("Get rat challenge from rat verifier");
+    if (LOG.isDebugEnabled()) {
+      LOG.debug("Get rat challenge from rat verifier");
+    }
     Tpm2dRatChallenge challenge = tpm2dMessageWrapper.getRatChallenge();
 
-    LOG.debug("Requesting attestation from TPM ...");
+    if (LOG.isDebugEnabled()) {
+      LOG.debug("Requesting attestation from TPM ...");
+    }
 
     // hash
     byte[] hash = TPM2dHelper.calculateHash(challenge.getNonce().toByteArray(),
@@ -115,7 +169,9 @@ public void run() {
     byte[] response = TpmMessageFactory.getAttestationResponseMessage(tpmResponse)
         .toByteArray();
 
-    LOG.debug("Send rat response to verifier");
+    if (LOG.isDebugEnabled()) {
+      LOG.debug("Send rat response to verifier");
+    }
     fsmListener.onRatProverMessage(
         InternalControlMessage.RAT_PROVER_MSG,
         IdscpMessageFactory.getIdscpRatProverMessage(response)
@@ -124,7 +180,9 @@ public void run() {
     // wait for result
     try {
       msg = queue.take();
-      LOG.debug("Prover receives new message");
+      if (LOG.isDebugEnabled()) {
+        LOG.debug("Prover receives new message");
+      }
     } catch (InterruptedException e) {
       fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
       return;
@@ -133,7 +191,9 @@ public void run() {
     // check if message is from rat verifier
     if (!msg.hasIdscpRatVerifier()) {
       //unexpected message
-      LOG.warn("Unexpected message from FSM: Expected IdscpRatProver");
+      if (LOG.isWarnEnabled()) {
+        LOG.warn("Unexpected message from FSM: Expected IdscpRatProver");
+      }
       fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
       return;
     }
@@ -150,20 +210,28 @@ public void run() {
     // check if wrapper contains expected rat result
     if (!tpm2dMessageWrapper.hasRatResult()) {
       //unexpected message
-      LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResult");
+      if (LOG.isWarnEnabled()) {
+        LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResult");
+      }
       fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
       return;
     }
 
-    LOG.debug("Get rat challenge from rat verifier");
+    if (LOG.isDebugEnabled()) {
+      LOG.debug("Get rat challenge from rat verifier");
+    }
     Tpm2dRatResult result = tpm2dMessageWrapper.getRatResult();
 
     // notify fsm
     if (result.getResult()) {
-      LOG.debug("Attestation succeed");
+      if (LOG.isDebugEnabled()) {
+        LOG.debug("Attestation succeed");
+      }
       fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
     } else {
-      LOG.warn("Attestation failed");
+      if (LOG.isWarnEnabled()) {
+        LOG.warn("Attestation failed");
+      }
       fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
     }
   }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java
index 6f3bd3ce9..68d868816 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java
@@ -7,6 +7,9 @@
 import java.io.IOException;
 import java.net.Socket;
 
+/**
+ * A TPM2d Socket for communication with the Trusted Platform Module
+ */
 public class TPM2dSocket extends Socket {
 
   private final DataInputStream is;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
index ce6ec98fd..3ecb83a2e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
@@ -30,9 +30,46 @@
 import tss.tpm.TPMT_SIGNATURE;
 import tss.tpm.TPM_ALG_ID;
 
+/**
+ * A TPM2d RatVerifier driver that verifies the remote peer's identity using TPM2d
+ */
 public class TPM2dVerifier extends RatVerifierDriver {
   private static final Logger LOG = LoggerFactory.getLogger(TPM2dVerifier.class);
 
+  /*
+   * ******************* Protocol *******************
+   *
+   * Verifier: (Challenger)
+   * -------------------------
+   * Generate NonceV
+   * create RatChallenge (NonceV, aType, pcr_mask)
+   * -------------------------
+   *
+   * Prover: (Responder)
+   * -------------------------
+   * get RatChallenge (NonceV, aType, pcr_mask)
+   * hash = calculateHash(nonceV, certV)
+   * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
+   * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
+   * create AttestationResponse from tpm response
+   * -------------------------
+   *
+   * Verifier: (Responder)
+   * -------------------------
+   * get AttestationResponse
+   * hash = calculateHash(nonceV, certV)
+   * check signature(response, hash)
+   * check repo(aType, response, ttpUri)
+   * create RatResult
+   * -------------------------
+   *
+   * Prover: (Requester)
+   * -------------------------
+   * get AttestationResult
+   * -------------------------
+   *
+   */
+
   private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
   private Tpm2dVerifierConfig config = new Tpm2dVerifierConfig.Builder().build();
 
@@ -259,38 +296,4 @@ private boolean checkSignature(@NonNull Tpm2dRatResponse response, byte[] hash)
       return false;
     }
   }
-
-  /*
-   * ******************* New Protocol *******************
-   *
-   * Verifier: (Challenger)
-   * -------------------------
-   * Generate NonceV
-   * create RatChallenge (NonceV, aType, pcr_mask)
-   * -------------------------
-   *
-   * Prover: (Responder)
-   * -------------------------
-   * get RatChallenge (NonceV, aType, pcr_mask)
-   * hash = calculateHash(nonceV, certV)
-   * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
-   * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
-   * create AttestationResponse from tpm response
-   * -------------------------
-   *
-   * Verifier: (Responder)
-   * -------------------------
-   * get AttestationResponse
-   * hash = calculateHash(nonceV, certV)
-   * check signature(response, hash)
-   * check repo(aType, response, ttpUri)
-   * create RatResult
-   * -------------------------
-   *
-   * Prover: (Requester)
-   * -------------------------
-   * get AttestationResult
-   * -------------------------
-   *
-   */
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java
index 2a6e10c99..dd904d1f4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java
@@ -3,6 +3,11 @@
 import java.security.cert.Certificate;
 import org.checkerframework.checker.nullness.qual.NonNull;
 
+/**
+ * A configuration class for TPM2d RatPriver driver
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class Tpm2dProverConfig {
 
   private Certificate remoteCertificate;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java
index 07e8ded2e..9c5060b24 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java
@@ -6,6 +6,11 @@
 import java.security.cert.Certificate;
 import org.checkerframework.checker.nullness.qual.NonNull;
 
+/**
+ * A configuration class for TPM2d RatVerifier Driver
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class Tpm2dVerifierConfig {
 
   private Certificate localCertificate;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
index 6c7818e58..a59a83ccd 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
@@ -6,6 +6,11 @@
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.RemoteToTpm2d.Code;
 import java.util.List;
 
+/**
+ * A message factory for creating TPM2d RAT messages
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class TpmMessageFactory {
 
   static Tpm2dMessageWrapper getAttestationChallengeMessage(
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
index 276f75804..382c6e8ad 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
@@ -12,7 +12,9 @@
 import java.util.concurrent.LinkedBlockingQueue;
 
 /**
- * A RatProver dummy, that sends two incoming messages from the remote rat verifier and also sends two messages
+ * A RatProver dummy that exchanges rat messages with a remote RatVerifier
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class RatProverDummy extends RatProverDriver {
     private static final Logger LOG = LoggerFactory.getLogger(RatProverDummy.class);
@@ -26,7 +28,9 @@ public RatProverDummy(){
     @Override
     public void delegate(IdscpMessage message) {
         queue.add(message);
-        LOG.debug("Delegated to prover");
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Delegated to prover");
+        }
     }
 
     @Override
@@ -37,9 +41,13 @@ public void run() {
                 sleep(1000);
                 fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
                         IdscpMessageFactory.getIdscpRatProverMessage("test".getBytes()));
-                LOG.debug("Prover waits");
+                if (LOG.isDebugEnabled()) {
+                    LOG.debug("Prover waits");
+                }
                 IDSCPv2.IdscpMessage m = queue.take();
-                LOG.debug("Prover receives, send something");
+                if (LOG.isDebugEnabled()) {
+                    LOG.debug("Prover receives, send something");
+                }
                 if (--countDown == 0)
                     break;
             } catch (InterruptedException e) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
index 879223b3c..c1293130a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
@@ -10,6 +10,11 @@
 import java.util.concurrent.BlockingQueue;
 import java.util.concurrent.LinkedBlockingQueue;
 
+/**
+ * A RatVerifier dummy that exchanges messages with a remote RatProver dummy
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
 public class RatVerifierDummy extends RatVerifierDriver {
     private static final Logger LOG = LoggerFactory.getLogger(RatVerifierDummy.class);
 
@@ -22,7 +27,9 @@ public RatVerifierDummy(){
     @Override
     public void delegate(IDSCPv2.IdscpMessage message) {
         queue.add(message);
-        LOG.debug("Delegated to Verifier");
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Delegated to Verifier");
+        }
     }
 
     @Override
@@ -31,9 +38,13 @@ public void run(){
         while (running){
             try {
                 sleep(1000);
-                LOG.debug("Verifier waits");
+                if (LOG.isDebugEnabled()) {
+                    LOG.debug("Verifier waits");
+                }
                 IDSCPv2.IdscpMessage m = queue.take();
-                LOG.debug("Verifier receives, send something");
+                if (LOG.isDebugEnabled()) {
+                    LOG.debug("Verifier receives, send something");
+                }
                 fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG,
                         IdscpMessageFactory.getIdscpRatVerifierMessage("test".getBytes()));
                 if (--countDown == 0)
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
index fa95f2418..f36547a3d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
@@ -23,6 +23,9 @@
 public class NativeTLSDriver implements SecureChannelDriver {
     private static final Logger LOG = LoggerFactory.getLogger(NativeTLSDriver.class);
 
+    /*
+     * Asynchronous client connect to a TLS server
+     */
     @Override
     public void connect(IDSCPv2Settings settings, IDSCPv2Callback callback) {
         try {
@@ -37,6 +40,11 @@ public void connect(IDSCPv2Settings settings, IDSCPv2Callback callback) {
         }
     }
 
+    /*
+     * Starting TLS Server
+     *
+     * return null on failure
+     */
     @Override
     public SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback configCallback,
                                IdscpConnectionListener idscpServerCallback) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java
index c99bbbc8b..6127dcd7a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java
@@ -103,15 +103,16 @@ public static void verifyTlsSession(SSLSession sslSession) throws SSLPeerUnverif
         }
       }
 
-      //toDo localhost is matched manually to 127.0.0.1 for testing.. a matching file ip <-> dns
-      // would be nicer in the future
-      // automatic dns resolving via DNS service is not ann option since we cannot trust the DNS
+      //toDo localhost is matched manually to 127.0.0.1 for testing..
+      // automatic dns resolving via DNS service is not an option since we cannot trust the DNS
       if (acceptedDnsNames.contains("localhost")) {
         acceptedIpAddresses.add("127.0.0.1");
       }
 
 
       if (isIpAddress(host)) {
+        //FIXME The server should provide a possibility to validate clients dnsNames against SANs in
+        // Client certificate to avoid MITMs. This is an open issue
         //check ip addresses RFC 2818 (Section 3.1)
         if (!acceptedIpAddresses.contains(host)) {
           throw new SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index d4cc82b43..b3a0ba1ec 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -13,7 +13,6 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class InputListenerThread extends Thread implements InputListener {
-    //private static final Logger LOG = LoggerFactory.getLogger(InputListenerThread.class);
 
     private DataInputStream in;
     private DataAvailableListener listener = null; //no race conditions, could be empty list
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index b1fd57995..d65d73453 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -21,29 +21,9 @@
 import java.util.concurrent.CountDownLatch;
 
 /**
- * A TLS Client that notifies an IDSCPv2Configuration when a secure channel was created and the TLS handshake is done
- * The client is notified from an InputListenerThread when new data are available and transfer them to the
- * SecureChannelListener
- *
- * Developer API
- *
- * constructors:
- * TLSClient(IDSCPv2Settings, IDSCPv2Callback) initializes the TLS Socket and all TLS Security configurations like
- *                                              sslParameters (protocol, cipher, ..), trustStore, keyStore
- *
- * Methods:
- * connect(String host, int port) connect the client asynchronous to the server and starts the TLS handshake
- *
- * close()  disconnects the client
- *
- *
- * handshakeCompleted()         create a secureChannel, including this client; start inputListenerThread and transfer
- *                              the secureChannel to the IDSCPv2Configuration
- *
- * send(byte[] data)            send data to the server
- *
- * onMessage(int len, byte[] rawData)   is a callback function for the InputListenerThread, that is called when new
- *                                      data are available. Transfer them to the SecureChannelListener
+ * A TLS Client that notifies an IDSCPv2Configuration when a secure channel was created and the
+ * TLS handshake is done. The client is notified from an InputListenerThread when new data are
+ * available and transfer it to the SecureChannelListener
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -89,6 +69,8 @@ public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback)
         clientSocket = socketFactory.createSocket();
 
         SSLSocket sslSocket = (SSLSocket) clientSocket;
+
+        //set TLS constraints
         SSLParameters sslParameters = sslSocket.getSSLParameters();
         sslParameters.setUseCipherSuitesOrder(false); //use server priority order
         sslParameters.setNeedClientAuth(true);
@@ -100,6 +82,9 @@ public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback)
     }
 
 
+    /*
+     * Connect to TLS server and start TLS Handshake
+     */
     public void connect(String hostname, int port){
         SSLSocket sslSocket = (SSLSocket) clientSocket;
         if (sslSocket == null || sslSocket.isClosed()){
@@ -221,6 +206,9 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
             return;
         }
 
+        //Create secure channel, register secure channel as message listener and provide it to
+        // IDSCPv2 Configuration.
+        //Start Input Listener
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
         listenerLatch.countDown();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index 10a07ba8c..e1171a82f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -17,19 +17,8 @@
 import java.security.NoSuchAlgorithmException;
 
 /**
- * A TLS Server that listens on a given port from the IDSCPv2Settings and create new TLSServerThreads for incoming
- * connections
- *
- * Developer API
- *
- * constructors:
- * TLSServer(IDSCPv2Settings, IDSCPv2Callback) initializes the TLS Socket and all TLS Security configurations like
- *                                              sslParameters (protocol, cipher, ..), trustStore, keyStore
- *
- * Methods:
- * run()
- * safeStop()
- * isRunning()
+ * A TLS Server that listens on a given port from the IDSCPv2Settings and create new
+ * TLSServerThreads for incoming connections
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -80,6 +69,8 @@ public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback configCallback,
         serverSocket.setSoTimeout(5000);
 
         SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
+
+        //set tls constraints
         SSLParameters sslParameters = sslServerSocket.getSSLParameters();
         sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
         sslParameters.setNeedClientAuth(true); //client must authenticate
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index f7ddeadef..c2c3ddf9e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -18,25 +18,10 @@
 import java.util.concurrent.CountDownLatch;
 
 /**
- * A TLSServerThread that notifies an IDSCPv2Config when a secure channel was created and the TLS handshake is done
- * When new data are available the serverThread transfers them to the SecureChannelListener
+ * A TLSServerThread that notifies an IDSCPv2Config when a secure channel was created and the
+ * TLS handshake is done
  *
- * Developer API
- *
- * constructors:
- * TLSServerThread(IDSCPv2Settings, IDSCPv2Callback) initializes the TLS Socket
- *
- * Methods:
- * run()    runs the serverThread and starts listening for new data
- *
- * close()  disconnects the serverThread
- *
- *
- * handshakeCompleted()        create a secureChannel, including this serverThread and provides it to the IDSCPv2Config
- *
- * send(byte[] data)            send data to the client
- *
- * onMessage(int len, byte[] rawData) is called when new data are available. Transfer them to the SecureChannelListener
+ * When new data are available the serverThread transfers it to the SecureChannelListener
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -203,6 +188,7 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
             return;
         }
 
+        //provide secure channel to IDSCPv2 Config and register secure channel as listener
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
         listenerLatch.countDown();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
index 2fa4351ce..7a4d2ecee 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
@@ -14,6 +14,10 @@ public interface DapsDriver {
 
     /*
      * Verify a Daps token
+     *
+     * An optional security requirements object can be provided to validate the DAT body
+     *
+     * Return the number of seconds, the DAT is valid
      */
     long verifyToken(byte[] dat, Object securityRequirements);
 }

From f549bbed89590f3086140120002874e0b743adf9 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 8 Apr 2020 21:26:32 +0200
Subject: [PATCH 063/237] Code cleanup of camel-ids

---
 .../WsConstants.java => IdscpConstants.java}  |  11 +-
 ...Constants.java => WebSocketConstants.java} |   9 +-
 .../ids/camel/ids/client/WsComponent.java     |  16 +-
 .../ids/camel/ids/client/WsEndpoint.java      |  33 ++-
 .../ids/camel/ids/client/WsProducer.java      |   2 +-
 .../ConnectionManagerService.java             |  14 +-
 .../ids/camel/ids/server/ConnectorRef.java    |  71 -----
 .../server/DefaultNodeSynchronization.java    |   4 +-
 ...tory.java => DefaultWebSocketFactory.java} |  13 +-
 .../camel/ids/server/DefaultWebsocket.java    |  14 +-
 ...etStore.java => MemoryWebSocketStore.java} |   4 +-
 ...Component.java => WebSocketComponent.java} | 264 ++++--------------
 ...et.java => WebSocketComponentServlet.java} |  29 +-
 ...etConsumer.java => WebSocketConsumer.java} |  15 +-
 ...etEndpoint.java => WebSocketEndpoint.java} |  54 ++--
 .../camel/ids/server/WebSocketFactory.java    |   2 +-
 ...etProducer.java => WebSocketProducer.java} |  28 +-
 ...er.java => WebSocketProducerConsumer.java} |   4 +-
 ...ebsocketStore.java => WebSocketStore.java} |   5 +-
 .../ids/server/WebsocketSendException.java    |   1 +
 .../org/apache/camel/component/idsserver      |   2 +-
 21 files changed, 176 insertions(+), 419 deletions(-)
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/{client/WsConstants.java => IdscpConstants.java} (73%)
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/{server/WebsocketConstants.java => WebSocketConstants.java} (81%)
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/ConnectorRef.java
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/{DefaultWebsocketFactory.java => DefaultWebSocketFactory.java} (88%)
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/{MemoryWebsocketStore.java => MemoryWebSocketStore.java} (94%)
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/{WebsocketComponent.java => WebSocketComponent.java} (69%)
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/{WebsocketComponentServlet.java => WebSocketComponentServlet.java} (72%)
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/{WebsocketConsumer.java => WebSocketConsumer.java} (85%)
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/{WebsocketEndpoint.java => WebSocketEndpoint.java} (86%)
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/{WebsocketProducer.java => WebSocketProducer.java} (77%)
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/{WebsocketProducerConsumer.java => WebSocketProducerConsumer.java} (91%)
 rename camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/{WebsocketStore.java => WebSocketStore.java} (95%)

diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsConstants.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/IdscpConstants.java
similarity index 73%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsConstants.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/IdscpConstants.java
index 4d174c618..bc53fda9a 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsConstants.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/IdscpConstants.java
@@ -17,17 +17,12 @@
  * limitations under the License.
  * =========================LICENSE_END==================================
  */
-package de.fhg.aisec.ids.camel.ids.client;
+package de.fhg.aisec.ids.camel.ids;
 
 /** */
-public final class WsConstants {
-
-  public static final String CONTENT_TYPE_JAVA_SERIALIZED_OBJECT =
-      "application/x-java-serialized-object";
-  public static final String CONTENT_TYPE_WWW_FORM_URLENCODED = "application/x-www-form-urlencoded";
-
+public final class IdscpConstants {
   public static final String WS_PROTOCOL = "idsclientplain";
   public static final String WSS_PROTOCOL = "idsclient";
 
-  private WsConstants() {}
+  private IdscpConstants() {}
 }
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketConstants.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/WebSocketConstants.java
similarity index 81%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketConstants.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/WebSocketConstants.java
index 6c1b28f8d..7fc982549 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketConstants.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/WebSocketConstants.java
@@ -17,18 +17,17 @@
  * limitations under the License.
  * =========================LICENSE_END==================================
  */
-package de.fhg.aisec.ids.camel.ids.server;
+package de.fhg.aisec.ids.camel.ids;
 
-public final class WebsocketConstants {
+public final class WebSocketConstants {
 
-  public static final int DEFAULT_PORT = 9292;
+  public static final String DEFAULT_PORT = "9292";
   public static final String DEFAULT_HOST = "0.0.0.0";
 
   public static final String CONNECTION_KEY = "websocket.connectionKey";
-  public static final String SEND_TO_ALL = "websocket.sendToAll";
 
   public static final String WS_PROTOCOL = "ws";
   public static final String WSS_PROTOCOL = "wss";
 
-  private WebsocketConstants() {}
+  private WebSocketConstants() {}
 }
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsComponent.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsComponent.java
index af1d6cf66..f23d9ebf5 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsComponent.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsComponent.java
@@ -19,21 +19,21 @@
  */
 package de.fhg.aisec.ids.camel.ids.client;
 
-import static de.fhg.aisec.ids.camel.ids.server.WebsocketConstants.WSS_PROTOCOL;
-import static de.fhg.aisec.ids.camel.ids.server.WebsocketConstants.WS_PROTOCOL;
-
-import java.net.URI;
+import de.fhg.aisec.ids.camel.ids.IdscpConstants;
+import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
 import org.apache.camel.component.ahc.AhcComponent;
 import org.apache.camel.component.ahc.AhcEndpoint;
 
+import java.net.URI;
+
 public class WsComponent extends AhcComponent {
 
   @Override
   protected String createAddressUri(String uri, String remaining) {
-    if (uri.startsWith("idsclientplain:")) {
-      return uri.replaceFirst("idsclientplain", WS_PROTOCOL);
-    } else if (uri.startsWith("idsclient:")) {
-      return uri.replaceFirst("idsclient", WSS_PROTOCOL);
+    if (uri.startsWith(IdscpConstants.WSS_PROTOCOL + ":")) {
+      uri = uri.replaceFirst(IdscpConstants.WSS_PROTOCOL, WebSocketConstants.WSS_PROTOCOL);
+    } else if (uri.startsWith(IdscpConstants.WS_PROTOCOL + ":")) {
+      uri = uri.replaceFirst(IdscpConstants.WS_PROTOCOL, WebSocketConstants.WS_PROTOCOL);
     }
     // Should not happen
     return uri;
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsEndpoint.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsEndpoint.java
index bb5c168dc..5f71f1519 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsEndpoint.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsEndpoint.java
@@ -23,8 +23,9 @@
 import de.fhg.aisec.ids.api.infomodel.InfoModel;
 import de.fhg.aisec.ids.api.settings.Settings;
 import de.fhg.aisec.ids.camel.ids.CamelComponent;
+import de.fhg.aisec.ids.camel.ids.IdscpConstants;
 import de.fhg.aisec.ids.camel.ids.ProxyX509TrustManager;
-import de.fhg.aisec.ids.camel.ids.server.WebsocketConstants;
+import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
 import de.fhg.aisec.ids.comm.CertificatePair;
 import de.fhg.aisec.ids.comm.client.ClientConfiguration;
 import de.fhg.aisec.ids.comm.client.IdspClientSocket;
@@ -66,18 +67,17 @@
   extendsScheme = "ahc,ahc",
   title = "IDS Protocol",
   syntax = "idsclient:httpUri",
-  consumerClass = WsConsumer.class,
   label = "websocket"
 )
 public class WsEndpoint extends AhcEndpoint {
   private static final Logger LOG = LoggerFactory.getLogger(WsEndpoint.class);
 
-  private static List<IDSCPOutgoingConnection> outgoingConnections = new ArrayList<>();
+  private static final List<IDSCPOutgoingConnection> outgoingConnections = new ArrayList<>();
 
   private final Set<WsConsumer> consumers = new HashSet<>();
   private final WsListener listener = new WsListener(consumers, this);
   private WebSocket websocket;
-  private CertificatePair certificatePair = new CertificatePair();
+  private final CertificatePair certificatePair = new CertificatePair();
 
   @UriParam(label = "producer")
   private boolean useStreaming;
@@ -144,6 +144,7 @@ WebSocket getWebSocket() {
     return websocket;
   }
 
+  @SuppressWarnings("unused")
   void setWebSocket(WebSocket websocket) {
     this.websocket = websocket;
   }
@@ -153,6 +154,7 @@ public boolean isUseStreaming() {
   }
 
   /** To enable streaming to send data as multiple text fragments. */
+  @SuppressWarnings("unused")
   public void setUseStreaming(boolean useStreaming) {
     this.useStreaming = useStreaming;
   }
@@ -161,6 +163,7 @@ public boolean isSendMessageOnError() {
     return sendMessageOnError;
   }
 
+  @SuppressWarnings("unused")
   public void setAttestation(int type) {
     this.attestation = type;
   }
@@ -169,6 +172,7 @@ public int getAttestation() {
     return attestation;
   }
 
+  @SuppressWarnings("unused")
   public void setAttestationMask(int type) {
     this.attestationMask = type;
   }
@@ -178,6 +182,7 @@ public int getAttestationMask() {
   }
 
   /** Whether to send an message if the web-socket listener received an error. */
+  @SuppressWarnings("unused")
   public void setSendMessageOnError(boolean sendMessageOnError) {
     this.sendMessageOnError = sendMessageOnError;
   }
@@ -192,10 +197,10 @@ protected AsyncHttpClient createClient(AsyncHttpClientConfig config) {
 
   public void connect() {
     String uri = getHttpUri().toASCIIString();
-    if (uri.startsWith("idsclient:")) {
-      uri = uri.replaceFirst("idsclient", WebsocketConstants.WSS_PROTOCOL);
-    } else if (uri.startsWith("idsclientplain:")) {
-      uri = uri.replaceFirst("idsclientplain", WebsocketConstants.WS_PROTOCOL);
+    if (uri.startsWith(IdscpConstants.WSS_PROTOCOL + ":")) {
+      uri = uri.replaceFirst(IdscpConstants.WSS_PROTOCOL, WebSocketConstants.WSS_PROTOCOL);
+    } else if (uri.startsWith(IdscpConstants.WS_PROTOCOL + ":")) {
+      uri = uri.replaceFirst(IdscpConstants.WS_PROTOCOL, WebSocketConstants.WS_PROTOCOL);
     }
 
     LOG.debug("Connecting to {}", uri);
@@ -205,6 +210,12 @@ public void connect() {
     LOG.debug("remote-attestation mode: {}", this.getAttestation());
     LOG.debug("remote-attestation mask: {}", this.getAttestationMask());
 
+    IdsAttestationType attestationType = IdsAttestationType.forNumber(this.getAttestation());
+    if (attestationType == null) {
+      throw new RuntimeException("Error: " + this.getAttestation()
+              + " does not seem to be a valid attestation type, aborting");
+    }
+
     // Execute IDS protocol immediately after connect
     Settings settings = CamelComponent.getSettings();
     URI ttpUri = null;
@@ -220,10 +231,14 @@ public void connect() {
     } catch (URISyntaxException e) {
       LOG.error("incorrect TTP URI syntax", e);
     }
+    if (ttpUri == null) {
+      throw new RuntimeException("Error: ttpUri required, aborting!");
+    }
+
     InfoModel infoModelManager = CamelComponent.getInfoModelManager();
     ClientConfiguration.Builder clientConfigBuilder =
         new ClientConfiguration.Builder()
-            .attestationType(IdsAttestationType.forNumber(this.getAttestation()))
+            .attestationType(attestationType)
             .attestationMask(this.getAttestationMask())
             .certificatePair(certificatePair)
             .ttpUrl(ttpUri);
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
index 0301aec74..6843941ce 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
@@ -31,7 +31,7 @@
 public class WsProducer extends DefaultProducer {
   private static final int DEFAULT_STREAM_BUFFER_SIZE = 127;
 
-  private int streamBufferSize = DEFAULT_STREAM_BUFFER_SIZE;
+  private final int streamBufferSize = DEFAULT_STREAM_BUFFER_SIZE;
 
   public WsProducer(WsEndpoint endpoint) {
     super(endpoint);
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/connectionmanagement/ConnectionManagerService.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/connectionmanagement/ConnectionManagerService.java
index 78d7a4ae2..fd9f51727 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/connectionmanagement/ConnectionManagerService.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/connectionmanagement/ConnectionManagerService.java
@@ -23,14 +23,14 @@
 import de.fhg.aisec.ids.api.conm.IDSCPIncomingConnection;
 import de.fhg.aisec.ids.api.conm.IDSCPOutgoingConnection;
 import de.fhg.aisec.ids.api.conm.IDSCPServerEndpoint;
-import de.fhg.aisec.ids.api.settings.Settings;
 import de.fhg.aisec.ids.camel.ids.client.WsEndpoint;
-import de.fhg.aisec.ids.camel.ids.server.WebsocketComponent;
-import de.fhg.aisec.ids.camel.ids.server.WebsocketComponentServlet;
+import de.fhg.aisec.ids.camel.ids.server.WebSocketComponent;
+import de.fhg.aisec.ids.camel.ids.server.WebSocketComponentServlet;
+import org.osgi.service.component.annotations.Component;
+
 import java.util.List;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
-import org.osgi.service.component.annotations.*;
 
 /**
  * Main entry point of the Connection Management Layer.
@@ -45,7 +45,7 @@ public class ConnectionManagerService implements ConnectionManager {
 
   @Override
   public List<IDSCPServerEndpoint> listAvailableEndpoints() {
-    return WebsocketComponent.getConnectors()
+    return WebSocketComponent.getConnectors()
         .entrySet()
         .stream()
         .map(
@@ -62,12 +62,12 @@ public List<IDSCPServerEndpoint> listAvailableEndpoints() {
 
   @Override
   public List<IDSCPIncomingConnection> listIncomingConnections() {
-    return WebsocketComponent.getConnectors()
+    return WebSocketComponent.getConnectors()
         .values()
         .stream()
         .flatMap(
             connectorRef -> {
-              WebsocketComponentServlet servlet = connectorRef.getServlet();
+              WebSocketComponentServlet servlet = connectorRef.getServlet();
               // Servlet only present if an incoming connection exists. If null, do not collect
               // consumer information.
               if (servlet != null) {
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/ConnectorRef.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/ConnectorRef.java
deleted file mode 100644
index f2b2318fd..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/ConnectorRef.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.ServerConnector;
-
-public class ConnectorRef {
-  Server server;
-  ServerConnector connector;
-  WebsocketComponentServlet servlet;
-  MemoryWebsocketStore memoryStore;
-  int refCount;
-
-  ConnectorRef(
-      Server server,
-      ServerConnector connector,
-      WebsocketComponentServlet servlet,
-      MemoryWebsocketStore memoryStore) {
-    this.server = server;
-    this.connector = connector;
-    this.servlet = servlet;
-    this.memoryStore = memoryStore;
-    increment();
-  }
-
-  public int increment() {
-    return ++refCount;
-  }
-
-  public int decrement() {
-    return --refCount;
-  }
-
-  public int getRefCount() {
-    return refCount;
-  }
-
-  public Server getServer() {
-    return this.server;
-  }
-
-  public ServerConnector getConnector() {
-    return this.connector;
-  }
-
-  public WebsocketComponentServlet getServlet() {
-    return this.servlet;
-  }
-
-  public MemoryWebsocketStore getMemoryStore() {
-    return this.memoryStore;
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultNodeSynchronization.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultNodeSynchronization.java
index 78a120ba8..61b5cae9d 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultNodeSynchronization.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultNodeSynchronization.java
@@ -21,9 +21,9 @@
 
 public class DefaultNodeSynchronization implements NodeSynchronization {
 
-  private final WebsocketStore memoryStore;
+  private final WebSocketStore memoryStore;
 
-  public DefaultNodeSynchronization(WebsocketStore memoryStore) {
+  public DefaultNodeSynchronization(WebSocketStore memoryStore) {
     this.memoryStore = memoryStore;
   }
 
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocketFactory.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebSocketFactory.java
similarity index 88%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocketFactory.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebSocketFactory.java
index 9390dc193..af5a0d45e 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocketFactory.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebSocketFactory.java
@@ -20,18 +20,19 @@
 package de.fhg.aisec.ids.camel.ids.server;
 
 import de.fhg.aisec.ids.comm.CertificatePair;
-import java.security.cert.X509Certificate;
 import org.eclipse.jetty.websocket.servlet.ServletUpgradeRequest;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-/** Default websocket factory. Used when no custom websocket is needed. */
-public class DefaultWebsocketFactory implements WebSocketFactory {
-  private static final Logger LOG = LoggerFactory.getLogger(DefaultWebsocketFactory.class);
+import java.security.cert.X509Certificate;
+
+/** Default WebSocket factory. Used when no custom WebSocket is needed. */
+public class DefaultWebSocketFactory implements WebSocketFactory {
+  private static final Logger LOG = LoggerFactory.getLogger(DefaultWebSocketFactory.class);
 
   private final CertificatePair certificatePair;
 
-  public DefaultWebsocketFactory(CertificatePair certificatePair) {
+  public DefaultWebSocketFactory(CertificatePair certificatePair) {
     this.certificatePair = certificatePair;
   }
 
@@ -41,7 +42,7 @@ public DefaultWebsocket newInstance(
       String protocol,
       String pathSpec,
       NodeSynchronization sync,
-      WebsocketConsumer consumer) {
+      WebSocketConsumer consumer) {
     // Create final, complete pair from the local (server) certificate ...
     CertificatePair finalPair = new CertificatePair(certificatePair);
     // ... plus the remote (client) certificate from the request
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
index d55f1e50f..5e9691df0 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
@@ -26,9 +26,9 @@
 import de.fhg.aisec.ids.api.infomodel.InfoModel;
 import de.fhg.aisec.ids.api.settings.ConnectionSettings;
 import de.fhg.aisec.ids.api.settings.Settings;
+import de.fhg.aisec.ids.api.tokenm.DatException;
 import de.fhg.aisec.ids.api.tokenm.TokenManager;
 import de.fhg.aisec.ids.camel.ids.CamelComponent;
-import de.fhg.aisec.ids.api.tokenm.DatException;
 import de.fhg.aisec.ids.comm.CertificatePair;
 import de.fhg.aisec.ids.comm.server.ServerConfiguration;
 import de.fhg.aisec.ids.comm.ws.protocol.ProtocolState;
@@ -54,19 +54,18 @@
 public class DefaultWebsocket implements EndpointConfigListener {
     private static final Logger LOG = LoggerFactory.getLogger(DefaultWebsocket.class);
 
-    private final WebsocketConsumer consumer;
+    private final WebSocketConsumer consumer;
     private final NodeSynchronization sync;
     private Session session;
     private String connectionKey;
     private final String pathSpec;
     private FSM idsFsm;
-    private CertificatePair certificatePair;
-    private boolean isTokenValidated = false;
+    private final CertificatePair certificatePair;
 
     public DefaultWebsocket(
             NodeSynchronization sync,
             String pathSpec,
-            WebsocketConsumer consumer,
+            WebSocketConsumer consumer,
             CertificatePair certificatePair) {
         this.sync = sync;
         this.consumer = consumer;
@@ -281,11 +280,6 @@ public String getRemoteHostname() {
     // Observer update function, that is called by the subject when endpoint settings have changed
     @Override
     public void updateTokenValidation() {
-        if (!isTokenValidated) {
-            // Not relevant because initial validation was not successful yet
-            return;
-        }
-
         if (LOG.isInfoEnabled()) {
             LOG.info("Endpoint config for endpoint {}:{} has changed. Verify DynamicAttributeToken again",
                     consumer.getEndpoint().getHost(), consumer.getEndpoint().getPort());
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/MemoryWebsocketStore.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/MemoryWebSocketStore.java
similarity index 94%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/MemoryWebsocketStore.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/MemoryWebSocketStore.java
index e4e4b9a36..8ef11e26d 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/MemoryWebsocketStore.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/MemoryWebSocketStore.java
@@ -22,8 +22,8 @@
 import java.util.Collection;
 import java.util.concurrent.ConcurrentHashMap;
 
-public class MemoryWebsocketStore extends ConcurrentHashMap<String, DefaultWebsocket>
-    implements WebsocketStore {
+public class MemoryWebSocketStore extends ConcurrentHashMap<String, DefaultWebsocket>
+    implements WebSocketStore {
 
   private static final long serialVersionUID = -2826843758230613922L;
 
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketComponent.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponent.java
similarity index 69%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketComponent.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponent.java
index 59e451d88..b436918ad 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketComponent.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponent.java
@@ -20,6 +20,7 @@
 package de.fhg.aisec.ids.camel.ids.server;
 
 import de.fhg.aisec.ids.camel.ids.ProxyX509TrustManager;
+import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
 import de.fhg.aisec.ids.comm.CertificatePair;
 import org.apache.camel.Endpoint;
 import org.apache.camel.RuntimeCamelException;
@@ -27,17 +28,18 @@
 import org.apache.camel.spi.Metadata;
 import org.apache.camel.support.DefaultComponent;
 import org.apache.camel.support.jsse.SSLContextParameters;
-import org.eclipse.jetty.server.*;
+import org.eclipse.jetty.server.Connector;
+import org.eclipse.jetty.server.Handler;
+import org.eclipse.jetty.server.Server;
+import org.eclipse.jetty.server.ServerConnector;
 import org.eclipse.jetty.server.handler.ContextHandlerCollection;
 import org.eclipse.jetty.server.handler.HandlerCollection;
 import org.eclipse.jetty.server.handler.HandlerWrapper;
 import org.eclipse.jetty.server.session.SessionHandler;
-import org.eclipse.jetty.servlet.DefaultServlet;
 import org.eclipse.jetty.servlet.FilterHolder;
 import org.eclipse.jetty.servlet.ServletContextHandler;
 import org.eclipse.jetty.servlet.ServletHolder;
 import org.eclipse.jetty.servlets.CrossOriginFilter;
-import org.eclipse.jetty.util.resource.Resource;
 import org.eclipse.jetty.util.ssl.SslContextFactory;
 import org.eclipse.jetty.util.thread.QueuedThreadPool;
 import org.eclipse.jetty.util.thread.ThreadPool;
@@ -53,8 +55,8 @@
 import java.util.Map;
 import java.util.concurrent.atomic.AtomicInteger;
 
-public class WebsocketComponent extends DefaultComponent implements SSLContextParametersAware {
-  protected static final Logger LOG = LoggerFactory.getLogger(WebsocketComponent.class);
+public class WebSocketComponent extends DefaultComponent implements SSLContextParametersAware {
+  protected static final Logger LOG = LoggerFactory.getLogger(WebSocketComponent.class);
   protected static final Map<String, ConnectorRef> CONNECTORS = new HashMap<>();
 
   protected Map<String, WebSocketFactory> socketFactories;
@@ -69,8 +71,8 @@ public class WebsocketComponent extends DefaultComponent implements SSLContextPa
   @Metadata(label = "advanced")
   protected ThreadPool threadPool;
 
-  @Metadata(defaultValue = "9292")
-  protected Integer port = 9292;
+  @Metadata(defaultValue = WebSocketConstants.DEFAULT_PORT)
+  protected Integer port = Integer.parseInt(WebSocketConstants.DEFAULT_PORT);
 
   @Metadata(label = "advanced")
   protected Integer minThreads;
@@ -78,47 +80,35 @@ public class WebsocketComponent extends DefaultComponent implements SSLContextPa
   @Metadata(label = "advanced")
   protected Integer maxThreads;
 
-  @Metadata(defaultValue = "0.0.0.0")
-  protected String host = "0.0.0.0";
-
-  @Metadata(label = "consumer")
-  protected String staticResources;
-
-  @Metadata(label = "security", secret = true)
-  protected String sslKeyPassword;
-
-  @Metadata(label = "security", secret = true)
-  protected String sslPassword;
-
-  @Metadata(label = "security", secret = true)
-  protected String sslKeystore;
+  @Metadata(defaultValue = WebSocketConstants.DEFAULT_HOST)
+  protected String host = WebSocketConstants.DEFAULT_HOST;
 
   /**
-   * Map for storing servlets. {@link WebsocketComponentServlet} is identified by pathSpec {@link
+   * Map for storing servlets. {@link WebSocketComponentServlet} is identified by pathSpec {@link
    * String}.
    */
-  private Map<String, WebsocketComponentServlet> servlets = new HashMap<>();
+  private final Map<String, WebSocketComponentServlet> servlets = new HashMap<>();
 
-  public class ConnectorRef {
+  public static class ConnectorRef {
     Server server;
     ServerConnector connector;
-    WebsocketComponentServlet servlet;
-    MemoryWebsocketStore memoryStore;
+    WebSocketComponentServlet servlet;
+    MemoryWebSocketStore memoryStore;
     AtomicInteger refCount = new AtomicInteger(1);
 
     ConnectorRef(
         Server server,
         ServerConnector connector,
-        WebsocketComponentServlet servlet,
-        MemoryWebsocketStore memoryStore) {
+        WebSocketComponentServlet servlet,
+        MemoryWebSocketStore memoryStore) {
       this.server = server;
       this.connector = connector;
       this.servlet = servlet;
       this.memoryStore = memoryStore;
     }
 
-    public int increment() {
-      return refCount.incrementAndGet();
+    public void increment() {
+      refCount.incrementAndGet();
     }
 
     public int decrement() {
@@ -129,11 +119,11 @@ public int getRefCount() {
       return refCount.get();
     }
 
-    public MemoryWebsocketStore getMemoryStore() {
+    public MemoryWebSocketStore getMemoryStore() {
       return memoryStore;
     }
 
-    public WebsocketComponentServlet getServlet() {
+    public WebSocketComponentServlet getServlet() {
       return servlet;
     }
 
@@ -142,15 +132,15 @@ public ServerConnector getConnector() {
     }
   }
 
-  public WebsocketComponent() {
+  public WebSocketComponent() {
     this.setUseGlobalSslContextParameters(true);
     // this will automatically set up the ids handler factory
     this.setSocketFactories(new HashMap<>());
   }
 
   /** Connects the URL specified on the endpoint to the specified processor. */
-  public void connect(WebsocketProducerConsumer prodcon) throws Exception {
-    WebsocketEndpoint endpoint = prodcon.getEndpoint();
+  public void connect(WebSocketProducerConsumer prodcon) throws Exception {
+    WebSocketEndpoint endpoint = prodcon.getEndpoint();
 
     String connectorKey = getConnectorKey(endpoint);
 
@@ -187,7 +177,7 @@ public void connect(WebsocketProducerConsumer prodcon) throws Exception {
         // Apply CORS (http://www.w3.org/TR/cors/)
         applyCrossOriginFiltering(endpoint, context);
 
-        MemoryWebsocketStore memoryStore = new MemoryWebsocketStore();
+        MemoryWebSocketStore memoryStore = new MemoryWebSocketStore();
 
         // Don't provide a Servlet object as Producer/Consumer will create them later on
         connectorRef = new ConnectorRef(server, connector, null, memoryStore);
@@ -201,7 +191,6 @@ public void connect(WebsocketProducerConsumer prodcon) throws Exception {
         connectorRef.server.start();
 
         CONNECTORS.put(connectorKey, connectorRef);
-
       } else {
         connectorRef.increment();
       }
@@ -212,26 +201,24 @@ public void connect(WebsocketProducerConsumer prodcon) throws Exception {
       }
 
       NodeSynchronization sync = new DefaultNodeSynchronization(connectorRef.memoryStore);
-      WebsocketComponentServlet servlet = addServlet(sync, prodcon, endpoint.getResourceUri());
-      if (prodcon instanceof WebsocketConsumer) {
-        WebsocketConsumer consumer = (WebsocketConsumer) prodcon;
+      WebSocketComponentServlet servlet = addServlet(sync, prodcon, endpoint.getResourceUri());
+      if (prodcon instanceof WebSocketConsumer) {
+        WebSocketConsumer consumer = (WebSocketConsumer) prodcon;
         if (servlet.getConsumer() == null) {
           servlet.setConsumer(consumer);
         }
-        // register the consumer here
-        servlet.connect(consumer);
       }
-      if (prodcon instanceof WebsocketProducer) {
-        WebsocketProducer producer = (WebsocketProducer) prodcon;
+      if (prodcon instanceof WebSocketProducer) {
+        WebSocketProducer producer = (WebSocketProducer) prodcon;
         producer.setStore(connectorRef.memoryStore);
       }
     }
   }
 
   /** Disconnects the URL specified on the endpoint from the specified processor. */
-  public void disconnect(WebsocketProducerConsumer prodcon) throws Exception {
+  public void disconnect(WebSocketProducerConsumer prodcon) throws Exception {
     // If the connector is not needed anymore then stop it
-    WebsocketEndpoint endpoint = prodcon.getEndpoint();
+    WebSocketEndpoint endpoint = prodcon.getEndpoint();
     String connectorKey = getConnectorKey(endpoint);
 
     synchronized (CONNECTORS) {
@@ -254,11 +241,8 @@ public void disconnect(WebsocketProducerConsumer prodcon) throws Exception {
           // Camel controls the lifecycle of these entities so remove the
           // registered MBeans when Camel is done with the managed objects.
         }
-        if (prodcon instanceof WebsocketConsumer) {
-          connectorRef.servlet.disconnect((WebsocketConsumer) prodcon);
-        }
-        if (prodcon instanceof WebsocketProducer) {
-          ((WebsocketProducer) prodcon).setStore(null);
+        if (prodcon instanceof WebSocketProducer) {
+          ((WebSocketProducer) prodcon).setStore(null);
         }
       }
     }
@@ -274,7 +258,7 @@ protected Endpoint createEndpoint(String uri, String remaining, Map<String, Obje
     int port = extractPortNumber(remaining);
     String host = extractHostName(remaining);
 
-    WebsocketEndpoint endpoint = new WebsocketEndpoint(this, uri, remaining, parameters);
+    WebSocketEndpoint endpoint = new WebSocketEndpoint(this, uri, remaining);
 
     // prefer to use endpoint configured over component configured
     if (sslContextParameters == null) {
@@ -294,7 +278,7 @@ protected Endpoint createEndpoint(String uri, String remaining, Map<String, Obje
   }
 
   protected void setWebSocketComponentServletInitialParameter(
-      ServletContextHandler context, WebsocketEndpoint endpoint) {
+      ServletContextHandler context, WebSocketEndpoint endpoint) {
     if (endpoint.getBufferSize() != null) {
       context.setInitParameter("bufferSize", endpoint.getBufferSize().toString());
     }
@@ -357,61 +341,16 @@ protected Server createServer() {
     return server;
   }
 
-  protected Server createStaticResourcesServer(
-      Server server, ServletContextHandler context, String home) throws Exception {
-
-    context.setContextPath("/");
-
-    SessionHandler sh = new SessionHandler();
-    context.setSessionHandler(sh);
-
-    if (home != null) {
-      String[] resources = home.split(":");
-      if (LOG.isDebugEnabled()) {
-        LOG.debug(">>> Protocol found: {}, and resource: {}", resources[0], resources[1]);
-      }
-
-      if (resources[0].equals("classpath")) {
-        context.setBaseResource(
-            new JettyClassPathResource(getCamelContext().getClassResolver(), resources[1]));
-      } else if (resources[0].equals("file")) {
-        context.setBaseResource(Resource.newResource(resources[1]));
-      }
-      DefaultServlet defaultServlet = new DefaultServlet();
-      ServletHolder holder = new ServletHolder(defaultServlet);
-
-      // avoid file locking on windows
-      // http://stackoverflow.com/questions/184312/how-to-make-jetty-dynamically-load-static-pages
-      holder.setInitParameter("useFileMappedBuffer", "false");
-      context.addServlet(holder, "/");
-    }
-
-    server.setHandler(context);
-
-    return server;
-  }
-
-  protected Server createStaticResourcesServer(
-      ServletContextHandler context, String host, int port, String home) throws Exception {
-    Server server = new Server();
-    HttpConfiguration httpConfig = new HttpConfiguration();
-    ServerConnector connector = new ServerConnector(server, new HttpConnectionFactory(httpConfig));
-    connector.setHost(host);
-    connector.setPort(port);
-    server.addConnector(connector);
-    return createStaticResourcesServer(server, context, home);
-  }
-
-  protected WebsocketComponentServlet addServlet(
-      NodeSynchronization sync, WebsocketProducerConsumer prodcon, String resourceUri)
+  protected WebSocketComponentServlet addServlet(
+          NodeSynchronization sync, WebSocketProducerConsumer prodcon, String resourceUri)
       throws Exception {
 
     // Get Connector from one of the Jetty Instances to add WebSocket Servlet
-    WebsocketEndpoint endpoint = prodcon.getEndpoint();
+    WebSocketEndpoint endpoint = prodcon.getEndpoint();
     String key = getConnectorKey(endpoint);
     ConnectorRef connectorRef = getConnectors().get(key);
 
-    WebsocketComponentServlet servlet;
+    WebSocketComponentServlet servlet;
 
     if (connectorRef != null) {
       String pathSpec = createPathSpec(resourceUri);
@@ -433,13 +372,13 @@ protected WebsocketComponentServlet addServlet(
     }
   }
 
-  protected WebsocketComponentServlet createServlet(
+  protected WebSocketComponentServlet createServlet(
       NodeSynchronization sync,
       String pathSpec,
-      Map<String, WebsocketComponentServlet> servlets,
+      Map<String, WebSocketComponentServlet> servlets,
       ServletContextHandler handler) {
-    WebsocketComponentServlet servlet =
-        new WebsocketComponentServlet(sync, pathSpec, getSocketFactories());
+    WebSocketComponentServlet servlet =
+        new WebSocketComponentServlet(sync, pathSpec, getSocketFactories());
     servlets.put(pathSpec, servlet);
     ServletHolder servletHolder = new ServletHolder(servlet);
     servletHolder.getInitParameters().putAll(handler.getInitParams());
@@ -498,7 +437,7 @@ private ServerConnector getSocketConnector(
       try {
         ProxyX509TrustManager.bindCertificatePair(sslContextParameters, true, certificatePair);
       } catch (GeneralSecurityException | IOException e) {
-        LOG.error("Failed to patch TrustManager for WebsocketComponent", e);
+        LOG.error("Failed to patch TrustManager for WebSocketComponent", e);
       }
       SslContextFactory sslContextFactory = new SslContextFactory.Server();
       sslContextFactory.setSslContext(sslContextParameters.createSSLContext(getCamelContext()));
@@ -538,12 +477,12 @@ private String extractHostName(String remaining) {
     }
   }
 
-  private static String getConnectorKey(WebsocketEndpoint endpoint) {
+  private static String getConnectorKey(WebSocketEndpoint endpoint) {
     return endpoint.getProtocol() + ":" + endpoint.getHost() + ":" + endpoint.getPort();
   }
 
   private void applyCrossOriginFiltering(
-      WebsocketEndpoint endpoint, ServletContextHandler context) {
+          WebSocketEndpoint endpoint, ServletContextHandler context) {
     if (endpoint.isCrossOriginFilterOn()) {
       FilterHolder filterHolder = new FilterHolder();
       CrossOriginFilter filter = new CrossOriginFilter();
@@ -554,119 +493,14 @@ private void applyCrossOriginFiltering(
     }
   }
 
-  // Properties
-  // -------------------------------------------------------------------------
-
-  public String getStaticResources() {
-    return staticResources;
-  }
-
-  /**
-   * Set a resource path for static resources (such as .html files etc).
-   *
-   * <p>The resources can be loaded from classpath, if you prefix with <tt>classpath:</tt>,
-   * otherwise the resources is loaded from file system or from JAR files.
-   *
-   * <p>For example to load from root classpath use <tt>classpath:.</tt>, or
-   * <tt>classpath:WEB-INF/static</tt>
-   *
-   * <p>If not configured (eg <tt>null</tt>) then no static resource is in use.
-   */
-  public void setStaticResources(String staticResources) {
-    this.staticResources = staticResources;
-  }
-
-  public String getHost() {
-    return host;
-  }
-
-  /** The hostname. The default value is <tt>0.0.0.0</tt> */
-  public void setHost(String host) {
-    this.host = host;
-  }
-
-  public Integer getPort() {
-    return port;
-  }
-
-  /** The port number. The default value is <tt>9292</tt> */
-  public void setPort(Integer port) {
-    this.port = port;
-  }
-
-  public String getSslKeyPassword() {
-    return sslKeyPassword;
-  }
-
-  public String getSslPassword() {
-    return sslPassword;
-  }
-
-  public String getSslKeystore() {
-    return sslKeystore;
-  }
-
-  /** The password for the keystore when using SSL. */
-  public void setSslKeyPassword(String sslKeyPassword) {
-    this.sslKeyPassword = sslKeyPassword;
-  }
-
-  /** The password when using SSL. */
-  public void setSslPassword(String sslPassword) {
-    this.sslPassword = sslPassword;
-  }
-
-  /** The path to the keystore. */
-  public void setSslKeystore(String sslKeystore) {
-    this.sslKeystore = sslKeystore;
-  }
-
-  public Integer getMinThreads() {
-    return minThreads;
-  }
-
-  /**
-   * To set a value for minimum number of threads in server thread pool. MaxThreads/minThreads or
-   * threadPool fields are required due to switch to Jetty9. The default values for minThreads is 1.
-   */
-  public void setMinThreads(Integer minThreads) {
-    this.minThreads = minThreads;
-  }
-
-  public Integer getMaxThreads() {
-    return maxThreads;
-  }
-
-  /**
-   * To set a value for maximum number of threads in server thread pool. MaxThreads/minThreads or
-   * threadPool fields are required due to switch to Jetty9. The default values for maxThreads is 1
-   * + 2 * noCores.
-   */
-  public void setMaxThreads(Integer maxThreads) {
-    this.maxThreads = maxThreads;
-  }
-
   public ThreadPool getThreadPool() {
     return threadPool;
   }
 
-  /**
-   * To use a custom thread pool for the server. MaxThreads/minThreads or threadPool fields are
-   * required due to switch to Jetty9.
-   */
-  public void setThreadPool(ThreadPool threadPool) {
-    this.threadPool = threadPool;
-  }
-
   public SSLContextParameters getSslContextParameters() {
     return sslContextParameters;
   }
 
-  /** To configure security using SSLContextParameters */
-  public void setSslContextParameters(SSLContextParameters sslContextParameters) {
-    this.sslContextParameters = sslContextParameters;
-  }
-
   @Override
   public boolean isUseGlobalSslContextParameters() {
     return this.useGlobalSslContextParameters;
@@ -692,7 +526,7 @@ public void setSocketFactories(Map<String, WebSocketFactory> socketFactories) {
     this.socketFactories = socketFactories;
 
     if (!this.socketFactories.containsKey("ids")) {
-      this.socketFactories.put("ids", new DefaultWebsocketFactory(certificatePair));
+      this.socketFactories.put("ids", new DefaultWebSocketFactory(certificatePair));
     }
   }
 
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketComponentServlet.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java
similarity index 72%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketComponentServlet.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java
index 9b1486d34..35e4fe787 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketComponentServlet.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java
@@ -19,51 +19,38 @@
  */
 package de.fhg.aisec.ids.camel.ids.server;
 
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
-import java.util.concurrent.ConcurrentMap;
 import org.eclipse.jetty.websocket.servlet.WebSocketServlet;
 import org.eclipse.jetty.websocket.servlet.WebSocketServletFactory;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-public class WebsocketComponentServlet extends WebSocketServlet {
+import java.util.Map;
+
+public class WebSocketComponentServlet extends WebSocketServlet {
   private static final long serialVersionUID = 1L;
-  private static final Logger LOG = LoggerFactory.getLogger(WebsocketComponentServlet.class);
+  private static final Logger LOG = LoggerFactory.getLogger(WebSocketComponentServlet.class);
 
   private final NodeSynchronization sync;
   private final Map<String, WebSocketFactory> socketFactories;
   private final String pathSpec;
 
-  private WebsocketConsumer consumer;
-  private static final ConcurrentMap<String, WebsocketConsumer> consumers =
-      new ConcurrentHashMap<>();
+  private WebSocketConsumer consumer;
 
-  public WebsocketComponentServlet(
+  public WebSocketComponentServlet(
       NodeSynchronization sync, String pathSpec, Map<String, WebSocketFactory> socketFactories) {
     this.sync = sync;
     this.socketFactories = socketFactories;
     this.pathSpec = pathSpec;
   }
 
-  public WebsocketConsumer getConsumer() {
+  public WebSocketConsumer getConsumer() {
     return consumer;
   }
 
-  public void setConsumer(WebsocketConsumer consumer) {
+  public void setConsumer(WebSocketConsumer consumer) {
     this.consumer = consumer;
   }
 
-  public void connect(WebsocketConsumer consumer) {
-    LOG.debug("Connecting consumer: {}", consumer);
-    consumers.put(consumer.getPath(), consumer);
-  }
-
-  public void disconnect(WebsocketConsumer consumer) {
-    LOG.debug("Disconnecting consumer: {}", consumer);
-    consumers.remove(consumer.getPath());
-  }
-
   @Override
   public void configure(WebSocketServletFactory factory) {
     factory.setCreator(
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketConsumer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketConsumer.java
similarity index 85%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketConsumer.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketConsumer.java
index 89d62610e..b6368d743 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketConsumer.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketConsumer.java
@@ -19,15 +19,16 @@
  */
 package de.fhg.aisec.ids.camel.ids.server;
 
+import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
 import org.apache.camel.Exchange;
 import org.apache.camel.Processor;
 import org.apache.camel.support.DefaultConsumer;
 
-public class WebsocketConsumer extends DefaultConsumer implements WebsocketProducerConsumer {
+public class WebSocketConsumer extends DefaultConsumer implements WebSocketProducerConsumer {
 
-  private final WebsocketEndpoint endpoint;
+  private final WebSocketEndpoint endpoint;
 
-  public WebsocketConsumer(WebsocketEndpoint endpoint, Processor processor) {
+  public WebSocketConsumer(WebSocketEndpoint endpoint, Processor processor) {
     super(endpoint, processor);
     this.endpoint = endpoint;
   }
@@ -44,14 +45,10 @@ public void doStop() throws Exception {
     super.doStop();
   }
 
-  public WebsocketEndpoint getEndpoint() {
+  public WebSocketEndpoint getEndpoint() {
     return endpoint;
   }
 
-  public String getPath() {
-    return endpoint.getPath();
-  }
-
   public int getAttestationType() {
     return endpoint.getAttestation();
   }
@@ -69,7 +66,7 @@ public void sendMessage(final String connectionKey, final Object message) {
     final Exchange exchange = getEndpoint().createExchange();
 
     // set header and body
-    exchange.getIn().setHeader(WebsocketConstants.CONNECTION_KEY, connectionKey);
+    exchange.getIn().setHeader(WebSocketConstants.CONNECTION_KEY, connectionKey);
     exchange.getIn().setBody(message);
 
     // send exchange using the async routing engine
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketEndpoint.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketEndpoint.java
similarity index 86%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketEndpoint.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketEndpoint.java
index ac46d7b3f..ff6f360d2 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketEndpoint.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketEndpoint.java
@@ -19,6 +19,7 @@
  */
 package de.fhg.aisec.ids.camel.ids.server;
 
+import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
 import org.apache.camel.Consumer;
 import org.apache.camel.Processor;
 import org.apache.camel.Producer;
@@ -34,7 +35,6 @@
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.List;
-import java.util.Map;
 
 /**
  * The websocket component provides websocket endpoints for communicating with clients using
@@ -46,19 +46,18 @@
   scheme = "idsserver",
   title = "IDS Server Socket",
   syntax = "idsserver:host:port/resourceUri",
-  consumerClass = WebsocketConsumer.class,
   label = "idsserver"
 )
-public class WebsocketEndpoint extends DefaultEndpoint {
+public class WebSocketEndpoint extends DefaultEndpoint {
 
-  private WebsocketComponent component;
-  private URI uri;
+  private final WebSocketComponent component;
+  private final URI uri;
   private List<Handler> handlers;
 
-  @UriPath(defaultValue = "0.0.0.0")
+  @UriPath(defaultValue = WebSocketConstants.DEFAULT_HOST)
   private String host;
 
-  @UriPath(defaultValue = "9292")
+  @UriPath(defaultValue = WebSocketConstants.DEFAULT_PORT)
   private Integer port;
 
   @UriPath
@@ -117,11 +116,10 @@ public class WebsocketEndpoint extends DefaultEndpoint {
   )
   private Integer attestationMask = 0;
 
-  public WebsocketEndpoint(
-      WebsocketComponent component,
-      String uri,
-      String resourceUri,
-      Map<String, Object> parameters) {
+  public WebSocketEndpoint(
+          WebSocketComponent component,
+          String uri,
+          String resourceUri) {
     super(uri, component);
     this.resourceUri = resourceUri;
     this.component = component;
@@ -133,37 +131,37 @@ public WebsocketEndpoint(
   }
 
   @Override
-  public WebsocketComponent getComponent() {
+  public WebSocketComponent getComponent() {
     ObjectHelper.notNull(component, "component");
-    return (WebsocketComponent) super.getComponent();
+    return (WebSocketComponent) super.getComponent();
   }
 
   @Override
   public Consumer createConsumer(Processor processor) throws Exception {
     ObjectHelper.notNull(component, "component");
-    WebsocketConsumer consumer = new WebsocketConsumer(this, processor);
+    WebSocketConsumer consumer = new WebSocketConsumer(this, processor);
     configureConsumer(consumer);
     return consumer;
   }
 
   @Override
   public Producer createProducer() {
-    return new WebsocketProducer(this);
+    return new WebSocketProducer(this);
   }
 
-  public void connect(WebsocketConsumer consumer) throws Exception {
+  public void connect(WebSocketConsumer consumer) throws Exception {
     component.connect(consumer);
   }
 
-  public void disconnect(WebsocketConsumer consumer) throws Exception {
+  public void disconnect(WebSocketConsumer consumer) throws Exception {
     component.disconnect(consumer);
   }
 
-  public void connect(WebsocketProducer producer) throws Exception {
+  public void connect(WebSocketProducer producer) throws Exception {
     component.connect(producer);
   }
 
-  public void disconnect(WebsocketProducer producer) throws Exception {
+  public void disconnect(WebSocketProducer producer) throws Exception {
     component.disconnect(producer);
   }
 
@@ -172,6 +170,7 @@ public boolean isSingleton() {
     return true;
   }
 
+  @SuppressWarnings("unused")
   public URI getUri() {
     return uri;
   }
@@ -208,6 +207,7 @@ public Integer getSendTimeout() {
    * Timeout in millis when sending to a websocket channel. The default timeout is 30000 (30
    * seconds).
    */
+  @SuppressWarnings("unused")
   public void setSendTimeout(Integer sendTimeout) {
     this.sendTimeout = sendTimeout;
   }
@@ -216,11 +216,13 @@ public String getProtocol() {
     return uri.getScheme();
   }
 
+  @SuppressWarnings("unused")
   public String getPath() {
     return uri.getPath();
   }
 
   /** Whether to enable session support which enables HttpSession for each http request. */
+  @SuppressWarnings("unused")
   public void setSessionSupport(boolean support) {
     sessionSupport = support;
   }
@@ -237,6 +239,7 @@ public int getAttestation() {
     return attestation;
   }
 
+  @SuppressWarnings("unused")
   public void setAttestation(int i) {
     attestation = i;
   }
@@ -245,6 +248,7 @@ public int getAttestationMask() {
     return attestationMask;
   }
 
+  @SuppressWarnings("unused")
   public void setAttestationMask(int i) {
     attestationMask = i;
   }
@@ -253,6 +257,7 @@ public void setAttestationMask(int i) {
    * Set the buffer size of the websocketServlet, which is also the max frame byte size (default
    * 8192)
    */
+  @SuppressWarnings("unused")
   public void setBufferSize(Integer bufferSize) {
     this.bufferSize = bufferSize;
   }
@@ -265,6 +270,7 @@ public Integer getMaxIdleTime() {
    * Set the time in ms that the websocket created by the websocketServlet may be idle before
    * closing. (default is 300000)
    */
+  @SuppressWarnings("unused")
   public void setMaxIdleTime(Integer maxIdleTime) {
     this.maxIdleTime = maxIdleTime;
   }
@@ -277,6 +283,7 @@ public Integer getMaxTextMessageSize() {
    * Can be used to set the size in characters that the websocket created by the websocketServlet
    * may be accept before closing.
    */
+  @SuppressWarnings("unused")
   public void setMaxTextMessageSize(Integer maxTextMessageSize) {
     this.maxTextMessageSize = maxTextMessageSize;
   }
@@ -289,6 +296,7 @@ public Integer getMaxBinaryMessageSize() {
    * Can be used to set the size in bytes that the websocket created by the websocketServlet may be
    * accept before closing. (Default is -1 - or unlimited)
    */
+  @SuppressWarnings("unused")
   public void setMaxBinaryMessageSize(Integer maxBinaryMessageSize) {
     this.maxBinaryMessageSize = maxBinaryMessageSize;
   }
@@ -301,6 +309,7 @@ public Integer getMinVersion() {
    * Can be used to set the minimum protocol version accepted for the websocketServlet. (Default 13
    * - the RFC6455 version)
    */
+  @SuppressWarnings("unused")
   public void setMinVersion(Integer minVersion) {
     this.minVersion = minVersion;
   }
@@ -309,6 +318,7 @@ public List<Handler> getHandlers() {
     return handlers;
   }
 
+  @SuppressWarnings("unused")
   public void setHandlers(List<Handler> handlers) {
     this.handlers = handlers;
   }
@@ -327,6 +337,7 @@ public String getAllowedOrigins() {
   }
 
   /** The CORS allowed origins. Use * to allow all. */
+  @SuppressWarnings("unused")
   public void setAllowedOrigins(String allowedOrigins) {
     this.allowedOrigins = allowedOrigins;
   }
@@ -336,6 +347,7 @@ public boolean isCrossOriginFilterOn() {
   }
 
   /** Whether to enable CORS */
+  @SuppressWarnings("unused")
   public void setCrossOriginFilterOn(boolean crossOriginFilterOn) {
     this.crossOriginFilterOn = crossOriginFilterOn;
   }
@@ -345,6 +357,7 @@ public String getFilterPath() {
   }
 
   /** Context path for filtering CORS */
+  @SuppressWarnings("unused")
   public void setFilterPath(String filterPath) {
     this.filterPath = filterPath;
   }
@@ -354,6 +367,7 @@ public String getResourceUri() {
   }
 
   /** Name of the websocket channel to use */
+  @SuppressWarnings("unused")
   public void setResourceUri(String resourceUri) {
     this.resourceUri = resourceUri;
   }
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketFactory.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketFactory.java
index 7436e82d4..ea80ce03b 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketFactory.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketFactory.java
@@ -29,5 +29,5 @@ DefaultWebsocket newInstance(
       String protocol,
       String pathSpec,
       NodeSynchronization sync,
-      WebsocketConsumer consumer);
+      WebSocketConsumer consumer);
 }
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketProducer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducer.java
similarity index 77%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketProducer.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducer.java
index 29aa0cb26..a9dbf77f3 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketProducer.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducer.java
@@ -19,21 +19,21 @@
  */
 package de.fhg.aisec.ids.camel.ids.server;
 
+import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
 import org.apache.camel.Exchange;
 import org.apache.camel.Message;
 import org.apache.camel.support.DefaultProducer;
-import org.asynchttpclient.netty.handler.StreamedResponsePublisher;
 
 import java.nio.ByteBuffer;
 import java.util.concurrent.Future;
 import java.util.concurrent.TimeUnit;
 
-public class WebsocketProducer extends DefaultProducer implements WebsocketProducerConsumer {
+public class WebSocketProducer extends DefaultProducer implements WebSocketProducerConsumer {
 
-  private WebsocketStore store;
-  private final WebsocketEndpoint endpoint;
+  private WebSocketStore store;
+  private final WebSocketEndpoint endpoint;
 
-  public WebsocketProducer(WebsocketEndpoint endpoint) {
+  public WebSocketProducer(WebSocketEndpoint endpoint) {
     super(endpoint);
     this.endpoint = endpoint;
   }
@@ -47,16 +47,15 @@ public void process(Exchange exchange) throws Exception {
     }
 
     // look for connection key and get Websocket
-    String connectionKey = in.getHeader(WebsocketConstants.CONNECTION_KEY, String.class);
+    String connectionKey = in.getHeader(WebSocketConstants.CONNECTION_KEY, String.class);
     if (connectionKey != null) {
       String pathSpec = "";
       if (endpoint.getResourceUri() != null) {
-        pathSpec = WebsocketComponent.createPathSpec(endpoint.getResourceUri());
+        pathSpec = WebSocketComponent.createPathSpec(endpoint.getResourceUri());
       }
       DefaultWebsocket websocket = store.get(connectionKey + pathSpec);
       log.debug("Sending to connection key {} -> {}", connectionKey, message);
       Future<Void> future = sendMessage(websocket, message);
-      StreamedResponsePublisher sp;
       if (future != null) {
         int timeout = endpoint.getSendTimeout();
         future.get(timeout, TimeUnit.MILLISECONDS);
@@ -71,7 +70,7 @@ public void process(Exchange exchange) throws Exception {
     }
   }
 
-  public WebsocketEndpoint getEndpoint() {
+  public WebSocketEndpoint getEndpoint() {
     return endpoint;
   }
 
@@ -103,17 +102,8 @@ Future<Void> sendMessage(DefaultWebsocket websocket, Object message) {
   }
 
   // Store is set/unset upon connect/disconnect of the producer
-  public void setStore(WebsocketStore store) {
+  public void setStore(WebSocketStore store) {
     this.store = store;
   }
 
-  /** Called when a sleep is interrupted; allows derived classes to handle this case differently */
-  protected void handleSleepInterruptedException(InterruptedException e, Exchange exchange)
-      throws InterruptedException {
-    if (log.isDebugEnabled()) {
-      log.debug("Sleep interrupted, are we stopping? {}", isStopping() || isStopped());
-    }
-    Thread.currentThread().interrupt();
-    throw e;
-  }
 }
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketProducerConsumer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducerConsumer.java
similarity index 91%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketProducerConsumer.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducerConsumer.java
index 3ab783c63..15aa58445 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketProducerConsumer.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducerConsumer.java
@@ -19,8 +19,8 @@
  */
 package de.fhg.aisec.ids.camel.ids.server;
 
-public interface WebsocketProducerConsumer {
+public interface WebSocketProducerConsumer {
 
   /** Gets the endpoint */
-  WebsocketEndpoint getEndpoint();
+  WebSocketEndpoint getEndpoint();
 }
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketStore.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketStore.java
similarity index 95%
rename from camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketStore.java
rename to camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketStore.java
index cfabafb28..db0024d71 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketStore.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketStore.java
@@ -19,10 +19,11 @@
  */
 package de.fhg.aisec.ids.camel.ids.server;
 
-import java.util.Collection;
 import org.apache.camel.Service;
 
-public interface WebsocketStore extends Service {
+import java.util.Collection;
+
+public interface WebSocketStore extends Service {
 
   void add(DefaultWebsocket ws);
 
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketSendException.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketSendException.java
index 30755018e..8bab92f66 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketSendException.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketSendException.java
@@ -31,6 +31,7 @@ public WebsocketSendException(String message, Exchange exchange) {
     super(message, exchange);
   }
 
+  @SuppressWarnings("unused")
   public WebsocketSendException(String message, Exchange exchange, Throwable cause) {
     super(message, exchange, cause);
   }
diff --git a/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsserver b/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsserver
index cb4c1b9f3..695ae6f68 100644
--- a/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsserver
+++ b/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsserver
@@ -14,4 +14,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-class=de.fhg.aisec.ids.camel.ids.server.WebsocketComponent
+class=de.fhg.aisec.ids.camel.ids.server.WebSocketComponent

From f2a96e293af694c860cc81ac7a6bfed2b6985030 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 9 Apr 2020 21:11:46 +0200
Subject: [PATCH 064/237] Gradle Kotlin DSL script for idscp2

---
 idscp2/build.gradle     | 44 -----------------------------------
 idscp2/build.gradle.kts | 51 +++++++++++++++++++++++++++++++++++++++++
 libraryVersions.yaml    |  1 +
 3 files changed, 52 insertions(+), 44 deletions(-)
 delete mode 100644 idscp2/build.gradle
 create mode 100644 idscp2/build.gradle.kts

diff --git a/idscp2/build.gradle b/idscp2/build.gradle
deleted file mode 100644
index 81df80963..000000000
--- a/idscp2/build.gradle
+++ /dev/null
@@ -1,44 +0,0 @@
-version = libraryVersions.idscp
-
-apply plugin: 'com.google.protobuf'
-apply plugin: 'idea'
-
-protobuf {
-    generatedFilesBaseDir = "$projectDir/generated"
-
-    protoc {
-        artifact = "com.google.protobuf:protoc:${libraryVersions.protobuf}"
-    }
-}
-
-clean {
-    delete protobuf.generatedFilesBaseDir
-}
-
-idea {
-    module {
-        // mark as generated sources for IDEA
-        generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")
-    }
-}
-
-dependencies {
-    providedByBundle group: 'com.github.microsoft', name: 'TSS.Java', version: '0.3.0'
-
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-core', version: libraryVersions.log4j
-    providedByBundle group: 'org.apache.logging.log4j', name: 'log4j-slf4j-impl', version: libraryVersions.log4j
-
-    providedByBundle group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
-    
-    publishCompile group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
-
-    providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-impl', version: libraryVersions.jsonwebtoken
-    providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: libraryVersions.jsonwebtoken
-    providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-api', version: libraryVersions.jsonwebtoken
-    providedByBundle group: 'org.json', name: 'json', version: '20180813'
-    providedByBundle group: 'org.bitbucket.b_c', name: 'jose4j', version: '0.6.5'
-    providedByBundle group: 'com.squareup.okhttp3', name: 'okhttp', version: libraryVersions.okhttp
-
-    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-}
diff --git a/idscp2/build.gradle.kts b/idscp2/build.gradle.kts
new file mode 100644
index 000000000..f2b4ba5af
--- /dev/null
+++ b/idscp2/build.gradle.kts
@@ -0,0 +1,51 @@
+import com.google.protobuf.gradle.protobuf
+import org.gradle.plugins.ide.idea.model.IdeaModel
+import org.yaml.snakeyaml.Yaml
+
+@Suppress("UNCHECKED_CAST") val libraryVersions =
+        Yaml().load(File("${rootDir}/libraryVersions.yaml").inputStream()) as Map<String, String>
+
+version = libraryVersions["idscp2"] ?: error("IDSCP2 version not specified")
+
+apply(plugin = "com.google.protobuf")
+apply(plugin = "idea")
+
+val generatedProtoBaseDir = "${projectDir}/generated"
+
+protobuf {
+    generatedFilesBaseDir = generatedProtoBaseDir
+}
+
+tasks.named("clean") {
+    doLast {
+        delete(generatedProtoBaseDir)
+    }
+}
+
+configure<IdeaModel> {
+    module {
+        // mark as generated sources for IDEA
+        generatedSourceDirs.add(File("${generatedProtoBaseDir}/main/java"))
+    }
+}
+
+dependencies {
+    providedByBundle("com.github.microsoft", "TSS.Java", "0.3.0")
+
+    providedByBundle("org.apache.logging.log4j", "log4j-core", libraryVersions["log4j"])
+    providedByBundle("org.apache.logging.log4j", "log4j-slf4j-impl", libraryVersions["log4j"])
+
+    providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
+    
+    publishCompile("org.checkerframework", "checker-qual", libraryVersions["checkerQual"])
+
+    providedByBundle("io.jsonwebtoken", "jjwt-impl", libraryVersions["jsonwebtoken"])
+    providedByBundle("io.jsonwebtoken", "jjwt-jackson", libraryVersions["jsonwebtoken"])
+    providedByBundle("io.jsonwebtoken", "jjwt-api", libraryVersions["jsonwebtoken"])
+    providedByBundle("org.json", "json", "20180813")
+    providedByBundle("org.bitbucket.b_c", "jose4j", "0.6.5")
+    providedByBundle("com.squareup.okhttp3", "okhttp", libraryVersions["okhttp"])
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+}
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index dc30c6a3b..b3887ada6 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -1,6 +1,7 @@
 # Versions for modules that will be released as libraries
 api: "2.1.0"
 idscp: "1.1.0"
+idscp2: "1.0.0"
 
 # basically, the first requirement, all other libraries depend on this version
 karaf: "4.2.8"

From d33855b8a2177afd959375344f0b57020262c608 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 14 Apr 2020 12:21:00 +0200
Subject: [PATCH 065/237] Get all idscp2 dependency versions from YML file

---
 idscp2/build.gradle.kts | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/idscp2/build.gradle.kts b/idscp2/build.gradle.kts
index f2b4ba5af..3a0ffbedf 100644
--- a/idscp2/build.gradle.kts
+++ b/idscp2/build.gradle.kts
@@ -30,7 +30,7 @@ configure<IdeaModel> {
 }
 
 dependencies {
-    providedByBundle("com.github.microsoft", "TSS.Java", "0.3.0")
+    providedByBundle("com.github.microsoft", "TSS.Java", libraryVersions["tssJava"])
 
     providedByBundle("org.apache.logging.log4j", "log4j-core", libraryVersions["log4j"])
     providedByBundle("org.apache.logging.log4j", "log4j-slf4j-impl", libraryVersions["log4j"])
@@ -42,8 +42,8 @@ dependencies {
     providedByBundle("io.jsonwebtoken", "jjwt-impl", libraryVersions["jsonwebtoken"])
     providedByBundle("io.jsonwebtoken", "jjwt-jackson", libraryVersions["jsonwebtoken"])
     providedByBundle("io.jsonwebtoken", "jjwt-api", libraryVersions["jsonwebtoken"])
-    providedByBundle("org.json", "json", "20180813")
-    providedByBundle("org.bitbucket.b_c", "jose4j", "0.6.5")
+    providedByBundle("org.json", "json", libraryVersions["orgJson"])
+    providedByBundle("org.bitbucket.b_c", "jose4j", libraryVersions["jose4j"])
     providedByBundle("com.squareup.okhttp3", "okhttp", libraryVersions["okhttp"])
 
     testImplementation("junit", "junit", libraryVersions["junit4"])

From dc5660b2f0901460585313d66809c6bd694231ca Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 15 Apr 2020 14:28:45 +0200
Subject: [PATCH 066/237] Fixed has..() methods not generated by protoc

---
 .../rat/TPM2d/TPM2dProver.java                  | 16 ++++++----------
 .../rat/TPM2d/TPM2dVerifier.java                | 17 +++++++----------
 2 files changed, 13 insertions(+), 20 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
index 333eff4f7..0b29f46bc 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
@@ -5,17 +5,13 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
 import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
+import de.fhg.aisec.ids.messages.Tpm2dAttestation.*;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.RemoteToTpm2d;
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dMessageWrapper;
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dRatChallenge;
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dRatResult;
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dToRemote;
 import java.io.IOException;
 import java.util.concurrent.BlockingQueue;
 import java.util.concurrent.LinkedBlockingQueue;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 /**
  * A TPM2d RatProver Driver implementation that proves its identity to a remote peer using TPM2d
@@ -59,7 +55,7 @@ public class TPM2dProver extends RatProverDriver {
    *
    */
 
-  private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
+  private final BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
   private Tpm2dProverConfig config = new Tpm2dProverConfig.Builder().build();
 
   public TPM2dProver(){
@@ -105,7 +101,7 @@ public void run() {
     }
 
     // check if message is from rat verifier
-    if (!msg.hasIdscpRatVerifier()) {
+    if (!msg.getMessageCase().equals(IdscpMessage.MessageCase.IDSCPRATVERIFIER)) {
       //unexpected message
       if (LOG.isWarnEnabled()) {
         LOG.warn("Unexpected message from FSM: Expected IdscpRatProver");
@@ -189,7 +185,7 @@ public void run() {
     }
 
     // check if message is from rat verifier
-    if (!msg.hasIdscpRatVerifier()) {
+    if (!msg.getMessageCase().equals(IdscpMessage.MessageCase.IDSCPRATVERIFIER)) {
       //unexpected message
       if (LOG.isWarnEnabled()) {
         LOG.warn("Unexpected message from FSM: Expected IdscpRatProver");
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
index 3ecb83a2e..ddd55441d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
@@ -8,6 +8,11 @@
 import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dMessageWrapper;
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dRatResponse;
+import org.checkerframework.checker.nullness.qual.NonNull;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import tss.tpm.*;
+
 import java.io.BufferedReader;
 import java.io.ByteArrayInputStream;
 import java.nio.charset.StandardCharsets;
@@ -21,14 +26,6 @@
 import java.util.Base64;
 import java.util.concurrent.BlockingQueue;
 import java.util.concurrent.LinkedBlockingQueue;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import tss.tpm.TPMS_ATTEST;
-import tss.tpm.TPMS_SIGNATURE_RSAPSS;
-import tss.tpm.TPMS_SIGNATURE_RSASSA;
-import tss.tpm.TPMT_SIGNATURE;
-import tss.tpm.TPM_ALG_ID;
 
 /**
  * A TPM2d RatVerifier driver that verifies the remote peer's identity using TPM2d
@@ -70,7 +67,7 @@ public class TPM2dVerifier extends RatVerifierDriver {
    *
    */
 
-  private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
+  private final BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
   private Tpm2dVerifierConfig config = new Tpm2dVerifierConfig.Builder().build();
 
   public TPM2dVerifier(){
@@ -121,7 +118,7 @@ public void run(){
     }
 
     // check if response is from rat prover
-    if (!msg.hasIdscpRatProver()) {
+    if (!msg.getMessageCase().equals(IdscpMessage.MessageCase.IDSCPRATPROVER)) {
       //unexpected message
       LOG.warn("Unexpected message from FSM: Expected IdscpRatVerifier");
       fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);

From b68b180136461a9e215a3b24e26250dcd28393a9 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 6 May 2020 11:47:33 +0200
Subject: [PATCH 067/237] Gradle build file fixes

---
 idscp2/build.gradle.kts     | 3 ---
 karaf-assembly/build.gradle | 2 +-
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/idscp2/build.gradle.kts b/idscp2/build.gradle.kts
index 3a0ffbedf..249056733 100644
--- a/idscp2/build.gradle.kts
+++ b/idscp2/build.gradle.kts
@@ -32,9 +32,6 @@ configure<IdeaModel> {
 dependencies {
     providedByBundle("com.github.microsoft", "TSS.Java", libraryVersions["tssJava"])
 
-    providedByBundle("org.apache.logging.log4j", "log4j-core", libraryVersions["log4j"])
-    providedByBundle("org.apache.logging.log4j", "log4j-slf4j-impl", libraryVersions["log4j"])
-
     providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
     
     publishCompile("org.checkerframework", "checker-qual", libraryVersions["checkerQual"])
diff --git a/karaf-assembly/build.gradle b/karaf-assembly/build.gradle
index 32636fbd6..367ce7969 100644
--- a/karaf-assembly/build.gradle
+++ b/karaf-assembly/build.gradle
@@ -62,7 +62,7 @@ jar.dependsOn(assembleKaraf)
 
 // Wait for all relevant sub projects before executing assembly process
 rootProject.subprojects.findAll() {
-    if (it.name.startsWith("ids-") || it.name.startsWith("camel-")
+    if (it.name.startsWith("ids") || it.name.startsWith("camel-")
             || it.name.endsWith("-patch") || it.name.endsWith("-wrapper")
             || it.name == "karaf-features-ids") {
         assembleKaraf.dependsOn(it.tasks.install)

From 83240857c40659383656c0dcc05b64ffc1709990 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Fri, 15 May 2020 10:20:34 +0200
Subject: [PATCH 068/237] Add unique handshake timers for rat prover and rat
 verifier

---
 .../idscp_core/finite_state_machine/FSM.java  | 57 +++++++++++++++----
 .../finite_state_machine/StateClosed.java     |  1 +
 .../StateEstablished.java                     | 12 ++--
 .../StateWaitForDatAndRat.java                |  7 +--
 .../StateWaitForDatAndRatVerifier.java        |  7 ---
 .../finite_state_machine/StateWaitForRat.java | 18 +++---
 .../StateWaitForRatProver.java                |  9 ++-
 .../StateWaitForRatVerifier.java              |  6 +-
 idscp2/src/test/java/DapsDriverTest.java      |  9 +++
 9 files changed, 81 insertions(+), 45 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 9ce383215..fe87b2e77 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -101,6 +101,8 @@ enum FSM_STATE {
     private Timer datTimer;
     private Timer ratTimer;
     private Timer handshakeTimer;
+    private Timer proverHandshakeTimer;
+    private Timer verifierHandshakeTimer;
     /*  ----------------   end of Timer   --------------- */
 
     public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
@@ -123,27 +125,48 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
             onControlMessage(InternalControlMessage.REPEAT_RAT);
         };
 
+        Runnable proverTimeoutHandler = () -> {
+            LOG.debug("RAT_PROVER_HANDSHAKE_TIMER_EXPIRED");
+            onControlMessage(InternalControlMessage.REPEAT_RAT);
+        };
+
+        Runnable verifierTimeoutHandler = () -> {
+            LOG.debug("RAT_VERIFIER_HANDSHAKE_TIMER_EXPIRED");
+            onControlMessage(InternalControlMessage.REPEAT_RAT);
+        };
+
         this.handshakeTimer = new Timer(fsmIsBusy, handshakeTimeoutHandler);
         this.datTimer = new Timer(fsmIsBusy, datTimeoutHandler);
         this.ratTimer = new Timer(fsmIsBusy, ratTimeoutHandler);
+        this.proverHandshakeTimer = new Timer(fsmIsBusy, proverTimeoutHandler);
+        this.verifierHandshakeTimer = new Timer(fsmIsBusy, verifierTimeoutHandler);
         /* ------------- end timeout routines ------------- */
 
         /* ------------- FSM STATE Initialization -------------*/
         states.put(FSM_STATE.STATE_CLOSED, new StateClosed(this, dapsDriver, onMessageBlock,
                 localSupportedRatSuite, localExpectedRatSuite));
+
         states.put(FSM_STATE.STATE_WAIT_FOR_HELLO, new StateWaitForHello(this,
-                handshakeTimer, datTimer, dapsDriver, localSupportedRatSuite, localExpectedRatSuite));
-        states.put(FSM_STATE.STATE_WAIT_FOR_RAT, new StateWaitForRat(this, handshakeTimer, ratTimer,
-                ratTimeout, dapsDriver));
-        states.put(FSM_STATE.STATE_WAIT_FOR_RAT_PROVER, new StateWaitForRatProver(this, ratTimer, handshakeTimer,
-                dapsDriver));
-        states.put(FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER, new StateWaitForRatVerifier(this, dapsDriver, ratTimer,
-                handshakeTimer, ratTimeout));
-        states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT, new StateWaitForDatAndRat(this, handshakeTimer,
-                datTimer, dapsDriver));
-        states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER, new StateWaitForDatAndRatVerifier(this,
-                handshakeTimer, datTimer, dapsDriver));
-        states.put(FSM_STATE.STATE_ESTABLISHED, new StateEstablished(this, dapsDriver, ratTimer, handshakeTimer));
+                handshakeTimer, datTimer, dapsDriver, localSupportedRatSuite, localExpectedRatSuite
+        ));
+
+        states.put(FSM_STATE.STATE_WAIT_FOR_RAT, new StateWaitForRat(this, handshakeTimer,
+            verifierHandshakeTimer, proverHandshakeTimer, ratTimer, ratTimeout, dapsDriver));
+
+        states.put(FSM_STATE.STATE_WAIT_FOR_RAT_PROVER, new StateWaitForRatProver(this,
+            ratTimer, handshakeTimer, proverHandshakeTimer, dapsDriver));
+
+        states.put(FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER, new StateWaitForRatVerifier(this,
+            dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, ratTimeout));
+
+        states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT, new StateWaitForDatAndRat(this,
+            handshakeTimer, proverHandshakeTimer, datTimer, dapsDriver));
+
+        states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER,
+            new StateWaitForDatAndRatVerifier(this, handshakeTimer, datTimer, dapsDriver));
+
+        states.put(FSM_STATE.STATE_ESTABLISHED, new StateEstablished(this, dapsDriver,
+            ratTimer, handshakeTimer));
 
 
         //set initial state
@@ -507,6 +530,8 @@ boolean restartRatVerifierDriver(){
         } else {
             //safe the thread ID
             currentRatVerifierId = Long.toString(ratVerifierDriver.getId());
+            LOG.debug("Start verifier_handshake timeout");
+            this.verifierHandshakeTimer.resetTimeout(5);
             return true;
         }
     }
@@ -515,6 +540,7 @@ boolean restartRatVerifierDriver(){
      * Terminate the RatVerifierDriver
      */
     void stopRatVerifierDriver(){
+        this.verifierHandshakeTimer.cancelTimeout();
         if (ratVerifierDriver != null && ratVerifierDriver.isAlive()){
             ratVerifierDriver.interrupt();
             ratVerifierDriver.terminate();
@@ -538,6 +564,8 @@ boolean restartRatProverDriver(){
         } else {
             //safe the thread ID
             currentRatProverId = Long.toString(ratProverDriver.getId());
+            LOG.debug("Start prover_handshake timeout");
+            this.proverHandshakeTimer.resetTimeout(5);
             return true;
         }
     }
@@ -546,6 +574,7 @@ boolean restartRatProverDriver(){
      * Terminate the RatProverDriver
      */
     void stopRatProverDriver(){
+        this.proverHandshakeTimer.cancelTimeout();
         if (ratProverDriver != null && ratProverDriver.isAlive()){
             ratProverDriver.interrupt();
             ratProverDriver.terminate();
@@ -565,6 +594,10 @@ void lockFsm(){
             this.ratTimer = null;
             this.handshakeTimer.cancelTimeout();
             this.handshakeTimer = null;
+            this.proverHandshakeTimer.cancelTimeout();
+            this.proverHandshakeTimer = null;
+            this.verifierHandshakeTimer.cancelTimeout();
+            this.verifierHandshakeTimer = null;
             this.stopRatProverDriver();
             this.stopRatVerifierDriver();
             fsmIsClosed = true;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
index 5c305c9e6..465054bcb 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
@@ -55,6 +55,7 @@ public StateClosed(FSM fsm,
                     }
 
                     runExitCode(onMessageLock);
+
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_HELLO);
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
index 004bf3d8a..a0fef5f34 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
@@ -67,9 +67,6 @@ public StateEstablished(FSM fsm,
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
                 }
         ));
@@ -82,7 +79,11 @@ public StateEstablished(FSM fsm,
                       LOG.error("Cannot send DatExpired message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
+
+                  LOG.debug("Set handshake timeout");
+                  handshakeTimer.resetTimeout(5);
+
+                  return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
                 }
         ));
 
@@ -113,9 +114,6 @@ public StateEstablished(FSM fsm,
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
index 59835fde9..1e93f6e61 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
@@ -17,14 +17,12 @@
 public class StateWaitForDatAndRat extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateWaitForDatAndRat.class);
 
-    private final Timer handshakeTimer;
-
     public StateWaitForDatAndRat(FSM fsm,
                                  Timer handshakeTimer,
+                                 Timer proverHandshakeTimer,
                                  Timer datTimer,
                                  DapsDriver dapsDriver
                                  ){
-        this.handshakeTimer = handshakeTimer;
 
         /*---------------------------------------------------
          * STATE_WAIT_FOR_DAT_AND_RAT - Transition Description
@@ -71,6 +69,7 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
                 event -> {
                     LOG.debug("Received RAT_PROVER OK");
+                    proverHandshakeTimer.cancelTimeout();
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
                 }
         ));
@@ -177,7 +176,5 @@ public StateWaitForDatAndRat(FSM fsm,
     @Override
     void runEntryCode(FSM fsm){
         LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT");
-        LOG.debug("Set handshake timeout");
-        handshakeTimer.resetTimeout(5);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
index f54e3d128..17ea8b530 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
@@ -18,14 +18,11 @@
 public class StateWaitForDatAndRatVerifier extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateWaitForDatAndRatVerifier.class);
 
-    private final Timer handshakeTimer;
-
     public StateWaitForDatAndRatVerifier(FSM fsm,
                                          Timer handshakeTimer,
                                          Timer datTimer,
                                          DapsDriver dapsDriver){
 
-        this.handshakeTimer = handshakeTimer;
         /*---------------------------------------------------
          * STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER - Transition Description
          * ---------------------------------------------------
@@ -91,9 +88,6 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
                 }
         ));
@@ -138,6 +132,5 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
     void runEntryCode(FSM fsm){
         LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
         LOG.debug("Set handshake timeout");
-        handshakeTimer.resetTimeout(5);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
index 8f82ca7d3..fe89b9302 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
@@ -17,16 +17,14 @@
 public class StateWaitForRat extends State {
     private static final Logger LOG = LoggerFactory.getLogger(StateWaitForRat.class);
 
-    private final Timer handshakeTimer;
-
     public StateWaitForRat(FSM fsm,
                            Timer handshakeTimer,
+                           Timer verifierHandshakeTimer,
+                           Timer proverHandshakeTimer,
                            Timer ratTimer,
                            int ratTimerDelay,
                            DapsDriver dapsDriver){
 
-        this.handshakeTimer = handshakeTimer;
-
 
         /*---------------------------------------------------
          * STATE_WAIT_FOR_RAT - Transition Description
@@ -66,6 +64,7 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
                 event -> {
                     LOG.debug("Received RAT_PROVER OK");
+                    proverHandshakeTimer.cancelTimeout();
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
                 }
         ));
@@ -73,6 +72,7 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
                 event -> {
                     LOG.debug("Received RAT_VERIFIER OK");
+                    verifierHandshakeTimer.cancelTimeout();
                     ratTimer.resetTimeout(ratTimerDelay);
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
                 }
@@ -134,6 +134,9 @@ public StateWaitForRat(FSM fsm,
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
+                    LOG.debug("Start Handshake Timer");
+                    handshakeTimer.resetTimeout(5);
+
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
                 }
         ));
@@ -177,9 +180,6 @@ public StateWaitForRat(FSM fsm,
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
                     return this;
                 }
         ));
@@ -200,10 +200,8 @@ public StateWaitForRat(FSM fsm,
         );
     }
 
-    @Override
+  @Override
     void runEntryCode(FSM fsm){
         LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
-        LOG.debug("Set handshake timeout");
-        handshakeTimer.resetTimeout(5);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
index 6bb5b2a68..b1ec77967 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
@@ -19,6 +19,7 @@ public class StateWaitForRatProver extends State {
     public StateWaitForRatProver(FSM fsm,
                                  Timer ratTimer,
                                  Timer handshakeTimer,
+                                 Timer proverHandshakeTimer,
                                  DapsDriver dapsDriver){
 
 
@@ -73,6 +74,9 @@ public StateWaitForRatProver(FSM fsm,
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
+                    LOG.debug("Start Handshake Timer");
+                    handshakeTimer.resetTimeout(5);
+
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
                 }
         ));
@@ -80,7 +84,7 @@ public StateWaitForRatProver(FSM fsm,
         this.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
                 event -> {
                     LOG.debug("Received RAT_PROVER OK");
-                    handshakeTimer.cancelTimeout();
+                    proverHandshakeTimer.cancelTimeout();
                     return fsm.getState(FSM.FSM_STATE.STATE_ESTABLISHED);
                 }
         ));
@@ -148,8 +152,7 @@ public StateWaitForRatProver(FSM fsm,
                       LOG.error("Cannot run Rat prover, close idscp connection");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
+
                     return this;
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
index 9a36e65ae..823b86899 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
@@ -20,6 +20,7 @@ public StateWaitForRatVerifier(FSM fsm,
                                    DapsDriver dapsDriver,
                                    Timer ratTimer,
                                    Timer handshakeTimer,
+                                   Timer verifierHandshakeTimer,
                                    int ratTimeoutDelay) {
 
         /*---------------------------------------------------
@@ -72,6 +73,9 @@ public StateWaitForRatVerifier(FSM fsm,
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
+                    LOG.debug("Start Handshake Timer");
+                    handshakeTimer.resetTimeout(5);
+
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
                 }
         ));
@@ -79,7 +83,7 @@ public StateWaitForRatVerifier(FSM fsm,
         this.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
                 event -> {
                     LOG.debug("Received RAT_VERIFIER OK");
-                    handshakeTimer.cancelTimeout();
+                    verifierHandshakeTimer.cancelTimeout();
                     LOG.debug("Start RAT Timer");
                     ratTimer.resetTimeout(ratTimeoutDelay);
                     return fsm.getState(FSM.FSM_STATE.STATE_ESTABLISHED);
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 1e8d17762..e601c6a2a 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -2,6 +2,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.SecurityRequirements;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import org.junit.Ignore;
 import org.junit.Test;
 import static org.junit.Assert.*;
 
@@ -13,6 +14,7 @@ private String getExpiredToken() {
   }
 
   @Test
+  @Ignore
   public void testValidToken() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -44,6 +46,7 @@ public void testValidToken() {
   }
 
   @Test
+  @Ignore
   public void testInvalidClient() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -64,6 +67,7 @@ public void testInvalidClient() {
   }
 
   @Test
+  @Ignore
   public void testInvalidUrlNonSecure() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -84,6 +88,7 @@ public void testInvalidUrlNonSecure() {
   }
 
   @Test
+  @Ignore
   public void testInvalidUrl404() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -104,6 +109,7 @@ public void testInvalidUrl404() {
   }
 
   @Test (expected = RuntimeException.class)
+  @Ignore
   public void testInvalidPassword1() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -122,6 +128,7 @@ public void testInvalidPassword1() {
   }
 
   @Test (expected = RuntimeException.class)
+  @Ignore
   public void testInvalidPassword2() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -140,6 +147,7 @@ public void testInvalidPassword2() {
   }
 
   @Test (expected = RuntimeException.class)
+  @Ignore
   public void testInvalidKeyAlias() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -158,6 +166,7 @@ public void testInvalidKeyAlias() {
   }
 
   @Test
+  @Ignore
   public void testInvalidAuditLogging() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()

From b42afc44a687dbcc8d13f65f92f8b8441bf08066 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Fri, 15 May 2020 11:25:03 +0200
Subject: [PATCH 069/237] Cleanup FSM, RatDriver, User API, IdscpMessage
 dependencies

---
 .../rat/TPM2d/TPM2dProver.java                | 41 +++++--------------
 .../rat/TPM2d/TPM2dVerifier.java              | 33 ++++-----------
 .../rat/dummy/RatProverDummy.java             | 15 ++++---
 .../rat/dummy/RatVerifierDummy.java           | 14 +++----
 .../drivers/interfaces/RatProverDriver.java   |  4 +-
 .../drivers/interfaces/RatVerifierDriver.java |  4 +-
 .../idscp2/idscp_core/IDSCPv2Connection.java  |  4 +-
 .../idscp_core/finite_state_machine/FSM.java  | 16 +++++---
 .../finite_state_machine/FsmListener.java     |  4 +-
 .../StateWaitForDatAndRat.java                |  4 +-
 .../finite_state_machine/StateWaitForRat.java | 10 ++++-
 .../StateWaitForRatProver.java                |  5 ++-
 .../StateWaitForRatVerifier.java              |  4 +-
 13 files changed, 69 insertions(+), 89 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
index 0b29f46bc..33a1aea39 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
@@ -2,9 +2,7 @@
 
 import com.google.protobuf.InvalidProtocolBufferException;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
-import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -55,7 +53,7 @@ public class TPM2dProver extends RatProverDriver {
    *
    */
 
-  private final BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
+  private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
   private Tpm2dProverConfig config = new Tpm2dProverConfig.Builder().build();
 
   public TPM2dProver(){
@@ -77,7 +75,7 @@ public void setConfig(Object config) {
   }
 
   @Override
-  public void delegate(IdscpMessage message) {
+  public void delegate(byte[] message) {
     queue.add(message);
     if (LOG.isDebugEnabled()) {
       LOG.debug("Delegated to prover");
@@ -89,31 +87,23 @@ public void run() {
     //TPM2d Challenge-Response Protocol
 
     // wait for RatChallenge from Verifier
-    IdscpMessage msg;
+    byte[] msg;
     try {
       msg = queue.take();
       if (LOG.isDebugEnabled()) {
         LOG.debug("Prover receives new message");
       }
     } catch (InterruptedException e) {
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-      return;
-    }
-
-    // check if message is from rat verifier
-    if (!msg.getMessageCase().equals(IdscpMessage.MessageCase.IDSCPRATVERIFIER)) {
-      //unexpected message
-      if (LOG.isWarnEnabled()) {
-        LOG.warn("Unexpected message from FSM: Expected IdscpRatProver");
+      if (this.running){
+        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
       }
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
       return;
     }
 
     // parse body to expected tpm2d message wrapper
     Tpm2dMessageWrapper tpm2dMessageWrapper;
     try {
-      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg.getIdscpRatVerifier().getData());
+      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
     } catch (InvalidProtocolBufferException e) {
       LOG.error("Cannot parse IdscpRatVerifier body", e);
       fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
@@ -168,10 +158,7 @@ public void run() {
     if (LOG.isDebugEnabled()) {
       LOG.debug("Send rat response to verifier");
     }
-    fsmListener.onRatProverMessage(
-        InternalControlMessage.RAT_PROVER_MSG,
-        IdscpMessageFactory.getIdscpRatProverMessage(response)
-    );
+    fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG, response);
 
     // wait for result
     try {
@@ -180,23 +167,15 @@ public void run() {
         LOG.debug("Prover receives new message");
       }
     } catch (InterruptedException e) {
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-      return;
-    }
-
-    // check if message is from rat verifier
-    if (!msg.getMessageCase().equals(IdscpMessage.MessageCase.IDSCPRATVERIFIER)) {
-      //unexpected message
-      if (LOG.isWarnEnabled()) {
-        LOG.warn("Unexpected message from FSM: Expected IdscpRatProver");
+      if (this.running) {
+        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
       }
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
       return;
     }
 
     // parse body to expected tpm2d message wrapper
     try {
-      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg.getIdscpRatVerifier().getData());
+      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
     } catch (InvalidProtocolBufferException e) {
       LOG.error("Cannot parse IdscpRatVerifier body", e);
       fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
index ddd55441d..b6f0951dc 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
@@ -2,10 +2,7 @@
 
 import com.google.protobuf.InvalidProtocolBufferException;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
-import de.fhg.aisec.ids.messages.IDSCPv2;
-import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dMessageWrapper;
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dRatResponse;
 import org.checkerframework.checker.nullness.qual.NonNull;
@@ -67,7 +64,7 @@ public class TPM2dVerifier extends RatVerifierDriver {
    *
    */
 
-  private final BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
+  private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
   private Tpm2dVerifierConfig config = new Tpm2dVerifierConfig.Builder().build();
 
   public TPM2dVerifier(){
@@ -85,7 +82,7 @@ public void setConfig(Object config) {
   }
 
   @Override
-  public void delegate(IDSCPv2.IdscpMessage message) {
+  public void delegate(byte[] message) {
     queue.add(message);
     LOG.debug("Delegated to Verifier");
   }
@@ -102,33 +99,24 @@ public void run(){
     byte[] ratChallenge = TpmMessageFactory.getAttestationChallengeMessage(
         nonce, config.getExpectedAType(), config.getExpectedAttestationMask()).toByteArray();
 
-    fsmListener.onRatVerifierMessage(
-        InternalControlMessage.RAT_VERIFIER_MSG,
-        IdscpMessageFactory.getIdscpRatVerifierMessage(ratChallenge)
-    );
+    fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratChallenge);
 
     // wait for attestation response
-    IdscpMessage msg;
+    byte[] msg;
     try {
       msg = queue.take();
       LOG.debug("Verifier receives new message");
     } catch (InterruptedException e) {
-      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-      return;
-    }
-
-    // check if response is from rat prover
-    if (!msg.getMessageCase().equals(IdscpMessage.MessageCase.IDSCPRATPROVER)) {
-      //unexpected message
-      LOG.warn("Unexpected message from FSM: Expected IdscpRatVerifier");
-      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+      if (this.running) {
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+      }
       return;
     }
 
     // parse body to expected tpm2d message wrapper
     Tpm2dMessageWrapper tpm2dMessageWrapper;
     try {
-      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg.getIdscpRatProver().getData());
+      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
     } catch (InvalidProtocolBufferException e) {
       LOG.error("Cannot parse IdscpRatProver body", e);
       fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
@@ -163,10 +151,7 @@ public void run(){
     // create and send rat result
     LOG.debug("Send rat result to remote prover");
     byte[] ratResult = TpmMessageFactory.getAttestationResultMessage(result).toByteArray();
-    fsmListener.onRatVerifierMessage(
-        InternalControlMessage.RAT_VERIFIER_MSG,
-        IdscpMessageFactory.getIdscpRatVerifierMessage(ratResult)
-    );
+    fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratResult);
 
     // notify fsm about result
     if (result) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
index 382c6e8ad..51a270b2e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
@@ -1,10 +1,7 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
-import de.fhg.aisec.ids.messages.IDSCPv2;
-import de.fhg.aisec.ids.messages.IDSCPv2.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -19,14 +16,14 @@
 public class RatProverDummy extends RatProverDriver {
     private static final Logger LOG = LoggerFactory.getLogger(RatProverDummy.class);
 
-    private BlockingQueue<IdscpMessage> queue = new LinkedBlockingQueue<>();
+    private BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
 
     public RatProverDummy(){
         super();
     }
 
     @Override
-    public void delegate(IdscpMessage message) {
+    public void delegate(byte[] message) {
         queue.add(message);
         if (LOG.isDebugEnabled()) {
             LOG.debug("Delegated to prover");
@@ -40,18 +37,20 @@ public void run() {
             try {
                 sleep(1000);
                 fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
-                        IdscpMessageFactory.getIdscpRatProverMessage("test".getBytes()));
+                    "test".getBytes());
                 if (LOG.isDebugEnabled()) {
                     LOG.debug("Prover waits");
                 }
-                IDSCPv2.IdscpMessage m = queue.take();
+                byte[] m = queue.take();
                 if (LOG.isDebugEnabled()) {
                     LOG.debug("Prover receives, send something");
                 }
                 if (--countDown == 0)
                     break;
             } catch (InterruptedException e) {
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+                if (this.running) {
+                    fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+                }
                 return;
             }
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
index c1293130a..6a9a927f2 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
@@ -1,9 +1,7 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
-import de.fhg.aisec.ids.messages.IDSCPv2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -18,14 +16,14 @@
 public class RatVerifierDummy extends RatVerifierDriver {
     private static final Logger LOG = LoggerFactory.getLogger(RatVerifierDummy.class);
 
-    private BlockingQueue<IDSCPv2.IdscpMessage> queue = new LinkedBlockingQueue<>();
+    private BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
 
     public RatVerifierDummy(){
         super();
     }
 
     @Override
-    public void delegate(IDSCPv2.IdscpMessage message) {
+    public void delegate(byte[] message) {
         queue.add(message);
         if (LOG.isDebugEnabled()) {
             LOG.debug("Delegated to Verifier");
@@ -41,16 +39,18 @@ public void run(){
                 if (LOG.isDebugEnabled()) {
                     LOG.debug("Verifier waits");
                 }
-                IDSCPv2.IdscpMessage m = queue.take();
+                byte[] m = queue.take();
                 if (LOG.isDebugEnabled()) {
                     LOG.debug("Verifier receives, send something");
                 }
                 fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG,
-                        IdscpMessageFactory.getIdscpRatVerifierMessage("test".getBytes()));
+                        "test".getBytes());
                 if (--countDown == 0)
                     break;
             } catch (InterruptedException e) {
-                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+                if (this.running) {
+                    fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+                }
                 return;
             }
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
index 581d81d65..08e3a707d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
@@ -1,7 +1,6 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -20,13 +19,14 @@ public abstract class RatProverDriver extends Thread{
     /*
      * Delegate an IDSCPv2 message to the RatProver driver
      */
-    public void delegate(IdscpMessage message){}
+    public void delegate(byte[] message){}
 
     /*
      * Terminate and cancel the RatProver driver
      */
     public void terminate() {
         running = false;
+        this.interrupt();
     }
 
     public void setListener(FsmListener listener){
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
index 254a97642..362169234 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
@@ -1,7 +1,6 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-import de.fhg.aisec.ids.messages.IDSCPv2.IdscpMessage;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -20,13 +19,14 @@ public abstract class RatVerifierDriver extends Thread{
     /*
      * Delegate the IDSCPv2 message to the RatVerifier driver
      */
-    public void delegate(IdscpMessage message){}
+    public void delegate(byte[] message){}
 
     /*
      * Terminate and cancel the RatVerifier driver
      */
     public void terminate() {
         running = false;
+        this.interrupt();
     }
 
     public void setListener(FsmListener listener){
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
index ad26a3428..50de6e190 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
@@ -43,8 +43,8 @@ public void close() {
      * Send data to the peer idscp connector
      */
     public void send(byte[] msg) {
-        LOG.debug("Send idscp message");
-        fsm.send(IdscpMessageFactory.getIdscpDataMessage(msg));
+        LOG.debug("Send data ");
+        fsm.send(msg);
     }
 
     @Override
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index fe87b2e77..ce81be297 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -3,6 +3,7 @@
 import com.google.protobuf.InvalidProtocolBufferException;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
@@ -275,16 +276,17 @@ private void onControlMessage(InternalControlMessage controlMessage) {
      * ignored, else the event is provided to the fsm
      */
     @Override
-    public void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage) {
+    public void onRatProverMessage(InternalControlMessage controlMessage, byte[] ratMessage) {
 
         //check for incorrect usage
         checkForFsmCircles();
 
         //only allow rat prover messages from current thread
         Event e;
-        if (idscpMessage == null){
+        if (ratMessage == null){
             e = new Event(controlMessage);
         } else {
+            IdscpMessage idscpMessage = IdscpMessageFactory.getIdscpRatProverMessage(ratMessage);
             e = new Event(controlMessage, idscpMessage);
         }
 
@@ -312,16 +314,17 @@ public void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessa
      * ignored, else the event is provided to the fsm
      */
     @Override
-    public void onRatVerifierMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage) {
+    public void onRatVerifierMessage(InternalControlMessage controlMessage, byte[] ratMessage) {
 
         //check for incorrect usage
         checkForFsmCircles();
 
         //only allow rat verifier messages from current thread
         Event e;
-        if (idscpMessage == null){
+        if (ratMessage == null){
             e = new Event(controlMessage);
         } else {
+            IdscpMessage idscpMessage = IdscpMessageFactory.getIdscpRatVerifierMessage(ratMessage);
             e = new Event(controlMessage, idscpMessage);
         }
 
@@ -448,12 +451,13 @@ public void onClose(){
     /*
      * Send idscp message from the User via the secure channel
      */
-    public void send(IdscpMessage msg){
+    public void send(byte[] msg){
         //send messages from user only when idscp connection is established
         fsmIsBusy.lock();
         try{
             if(isConnected()){
-                if (!secureChannel.send(msg.toByteArray())) {
+                IdscpMessage idscpMessage = IdscpMessageFactory.getIdscpDataMessage(msg);
+                if (!secureChannel.send(idscpMessage.toByteArray())) {
                     LOG.error("Cannot send IDSCP_DATA via secure channel");
                     onControlMessage(InternalControlMessage.ERROR);
                 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
index a72c40f5d..19639b14e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
@@ -18,13 +18,13 @@ public interface FsmListener {
     /*
      * A method for providing RatProver messages from the RatProverDriver implementation to the FSM
      */
-    void onRatProverMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage);
+    void onRatProverMessage(InternalControlMessage controlMessage, byte[] ratMessage);
 
     /*
      * A method for providing RatVerifier messages from the RatVerifierDriver implementation to the
      * FSM
      */
-    void onRatVerifierMessage(InternalControlMessage controlMessage, IdscpMessage idscpMessage);
+    void onRatVerifierMessage(InternalControlMessage controlMessage, byte[] ratMessage);
 
     /*
      * A method for providing internal errors to the fsm
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
index 1e93f6e61..98b1df0c0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
@@ -149,7 +149,9 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    fsm.getRatProverDriver().delegate(event.getIdscpMessage());
+                    assert event.getIdscpMessage().hasIdscpRatVerifier();
+                    fsm.getRatProverDriver().delegate(event.getIdscpMessage().getIdscpRatVerifier()
+                        .getData().toByteArray());
                     return this;
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
index fe89b9302..60a87143c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
@@ -153,7 +153,10 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    fsm.getRatProverDriver().delegate(event.getIdscpMessage());
+                    assert event.getIdscpMessage().hasIdscpRatVerifier();
+                    fsm.getRatProverDriver().delegate(event.getIdscpMessage().getIdscpRatVerifier()
+                        .getData().toByteArray());
+
                     return this;
                 }
         ));
@@ -161,7 +164,10 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
-                    fsm.getRatVerifierDriver().delegate(event.getIdscpMessage());
+                    assert event.getIdscpMessage().hasIdscpRatProver();
+                    fsm.getRatVerifierDriver().delegate(event.getIdscpMessage().getIdscpRatProver()
+                        .getData().toByteArray());
+
                     return this;
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
index b1ec77967..7f9ca5d09 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
@@ -160,7 +160,10 @@ public StateWaitForRatProver(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    fsm.getRatProverDriver().delegate(event.getIdscpMessage());
+                    assert event.getIdscpMessage().hasIdscpRatVerifier();
+                    fsm.getRatProverDriver().delegate(event.getIdscpMessage().getIdscpRatVerifier()
+                        .getData().toByteArray());
+
                     return this;
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
index 823b86899..1d11278d7 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
@@ -141,7 +141,9 @@ public StateWaitForRatVerifier(FSM fsm,
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
-                    fsm.getRatVerifierDriver().delegate(event.getIdscpMessage());
+                    assert event.getIdscpMessage().hasIdscpRatProver();
+                    fsm.getRatVerifierDriver().delegate(event.getIdscpMessage().getIdscpRatProver()
+                        .getData().toByteArray());
                     return this;
                 }
         ));

From 4569147820429fecfe96df2501c0ed8e0ae8df32 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Fri, 15 May 2020 11:29:21 +0200
Subject: [PATCH 070/237] Rename IdscpMessageFactory methods

---
 .../idscp2/idscp_core/IdscpMessageFactory.java   | 16 ++++++++--------
 .../idscp_core/finite_state_machine/FSM.java     |  6 +++---
 .../finite_state_machine/StateClosed.java        |  2 +-
 .../finite_state_machine/StateEstablished.java   |  8 ++++----
 .../StateWaitForDatAndRat.java                   | 10 +++++-----
 .../StateWaitForDatAndRatVerifier.java           |  8 ++++----
 .../finite_state_machine/StateWaitForHello.java  | 10 +++++-----
 .../finite_state_machine/StateWaitForRat.java    | 12 ++++++------
 .../StateWaitForRatProver.java                   | 12 ++++++------
 .../StateWaitForRatVerifier.java                 | 10 +++++-----
 10 files changed, 47 insertions(+), 47 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
index ae951d00e..c8af71f1b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
@@ -11,7 +11,7 @@
  */
 public class IdscpMessageFactory {
 
-    public static IdscpMessage getIdscpHelloMessage(byte[] dat, String[] supportedRatSuite, String[] expectedRatSuite){
+    public static IdscpMessage createIdscpHelloMessage(byte[] dat, String[] supportedRatSuite, String[] expectedRatSuite){
         IdscpDat idscpDat = IdscpDat.newBuilder()
                 .setToken(ByteString.copyFrom(dat))
                 .build();
@@ -28,7 +28,7 @@ public static IdscpMessage getIdscpHelloMessage(byte[] dat, String[] supportedRa
                 .build();
     }
 
-    public static IdscpMessage getIdscpCloseMessage(String closeMsg, IdscpClose.CloseCause causeCode){
+    public static IdscpMessage createIdscpCloseMessage(String closeMsg, IdscpClose.CloseCause causeCode){
         IdscpClose idscpClose = IdscpClose.newBuilder()
                 .setCauseCode(causeCode)
                 .setCauseMsg(closeMsg)
@@ -39,13 +39,13 @@ public static IdscpMessage getIdscpCloseMessage(String closeMsg, IdscpClose.Clos
                 .build();
     }
 
-    public static IdscpMessage getIdscpDatExpiredMessage(){
+    public static IdscpMessage createIdscpDatExpiredMessage(){
         return IdscpMessage.newBuilder()
                 .setIdscpDatExpired(IdscpDatExpired.newBuilder().build())
                 .build();
     }
 
-    public static IdscpMessage getIdscpDatMessage(byte[] dat){
+    public static IdscpMessage createIdscpDatMessage(byte[] dat){
         IdscpDat idscpDat = IdscpDat.newBuilder()
                 .setToken(ByteString.copyFrom(dat))
                 .build();
@@ -55,7 +55,7 @@ public static IdscpMessage getIdscpDatMessage(byte[] dat){
                 .build();
     }
 
-    public static IdscpMessage getIdscpReRatMessage(String cause){
+    public static IdscpMessage createIdscpReRatMessage(String cause){
         IdscpReRat idscpReRat = IdscpReRat.newBuilder()
                 .setCause(cause)
                 .build();
@@ -65,7 +65,7 @@ public static IdscpMessage getIdscpReRatMessage(String cause){
                 .build();
     }
 
-    public static IdscpMessage getIdscpDataMessage(byte[] data){
+    public static IdscpMessage createIdscpDataMessage(byte[] data){
         IdscpData idscpData = IdscpData.newBuilder()
                 .setData(ByteString.copyFrom(data))
                 .build();
@@ -75,7 +75,7 @@ public static IdscpMessage getIdscpDataMessage(byte[] data){
                 .build();
     }
 
-    public static IdscpMessage getIdscpRatProverMessage(byte[] body){
+    public static IdscpMessage createIdscpRatProverMessage(byte[] body){
         IdscpRatProver idscpRatProver = IdscpRatProver.newBuilder()
             .setData(ByteString.copyFrom(body))
             .build();
@@ -85,7 +85,7 @@ public static IdscpMessage getIdscpRatProverMessage(byte[] body){
                 .build();
     }
 
-    public static IdscpMessage getIdscpRatVerifierMessage(byte[] body){
+    public static IdscpMessage createIdscpRatVerifierMessage(byte[] body){
         IdscpRatVerifier idscpRatVerifier = IdscpRatVerifier.newBuilder()
             .setData(ByteString.copyFrom(body))
             .build();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index ce81be297..f59131ab4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -286,7 +286,7 @@ public void onRatProverMessage(InternalControlMessage controlMessage, byte[] rat
         if (ratMessage == null){
             e = new Event(controlMessage);
         } else {
-            IdscpMessage idscpMessage = IdscpMessageFactory.getIdscpRatProverMessage(ratMessage);
+            IdscpMessage idscpMessage = IdscpMessageFactory.createIdscpRatProverMessage(ratMessage);
             e = new Event(controlMessage, idscpMessage);
         }
 
@@ -324,7 +324,7 @@ public void onRatVerifierMessage(InternalControlMessage controlMessage, byte[] r
         if (ratMessage == null){
             e = new Event(controlMessage);
         } else {
-            IdscpMessage idscpMessage = IdscpMessageFactory.getIdscpRatVerifierMessage(ratMessage);
+            IdscpMessage idscpMessage = IdscpMessageFactory.createIdscpRatVerifierMessage(ratMessage);
             e = new Event(controlMessage, idscpMessage);
         }
 
@@ -456,7 +456,7 @@ public void send(byte[] msg){
         fsmIsBusy.lock();
         try{
             if(isConnected()){
-                IdscpMessage idscpMessage = IdscpMessageFactory.getIdscpDataMessage(msg);
+                IdscpMessage idscpMessage = IdscpMessageFactory.createIdscpDataMessage(msg);
                 if (!secureChannel.send(idscpMessage.toByteArray())) {
                     LOG.error("Cannot send IDSCP_DATA via secure channel");
                     onControlMessage(InternalControlMessage.ERROR);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
index 465054bcb..36a2ce507 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
@@ -45,7 +45,7 @@ public StateClosed(FSM fsm,
 
                     LOG.debug("Send IDSCP_HELLO");
                     IDSCPv2.IdscpMessage idscpHello = IdscpMessageFactory.
-                            getIdscpHelloMessage(dat, localSupportedRatSuite, localExpectedRatSuite);
+                        createIdscpHelloMessage(dat, localSupportedRatSuite, localExpectedRatSuite);
 
                     if (!fsm.sendFromFSM(idscpHello)) {
                       LOG.error("Cannot send IdscpHello. Close connection");
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
index a0fef5f34..e08732944 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
@@ -46,7 +46,7 @@ public StateEstablished(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
                             IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -57,7 +57,7 @@ public StateEstablished(FSM fsm,
                     LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER");
                     ratTimer.cancelTimeout();
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""))) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpReRatMessage(""))) {
                       LOG.error("Cannot send ReRat message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -75,7 +75,7 @@ public StateEstablished(FSM fsm,
                 event -> {
                     ratTimer.cancelTimeout();
                     LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage())) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatExpiredMessage())) {
                       LOG.error("Cannot send DatExpired message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -104,7 +104,7 @@ public StateEstablished(FSM fsm,
                 event -> {
                     LOG.debug("DAT expired. Send new DAT and repeat RAT");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send Dat message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
index 98b1df0c0..029bce545 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
@@ -44,7 +44,7 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                   fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                   fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
                             IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -60,7 +60,7 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake timeout",
                             IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -78,7 +78,7 @@ public StateWaitForDatAndRat(FSM fsm,
                 event -> {
                     LOG.error("RAT_PROVER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("RAT_PROVER failed",
                             IDSCPv2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -111,7 +111,7 @@ public StateWaitForDatAndRat(FSM fsm,
                     long datValidityPeriod;
                     if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage(
+                        fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage(
                             "No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
@@ -132,7 +132,7 @@ public StateWaitForDatAndRat(FSM fsm,
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send Dat message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
index 17ea8b530..26aa49d24 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
@@ -39,7 +39,7 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
                             IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -55,7 +55,7 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake timeout",
                             IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -77,7 +77,7 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                     long datValidityPeriod;
                     if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
+                        fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
                     LOG.debug("Remote DAT is valid. Set dat timeout");
@@ -96,7 +96,7 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send DAT message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
index 7f9915325..9ef0669b0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
@@ -53,7 +53,7 @@ public StateWaitForHello(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Received stop signal from user. Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
                             IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -62,7 +62,7 @@ public StateWaitForHello(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake Timeout",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake Timeout",
                             IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -87,7 +87,7 @@ public StateWaitForHello(FSM fsm,
                             idscpHello.getExpectedRatSuiteList().toArray());
                     if (proverMechanism == null){
                         LOG.debug("Cannot find a match for RAT proverr. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Prover mechanism",
+                        fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("No match for RAT Prover mechanism",
                                 IDSCPv2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
@@ -96,7 +96,7 @@ public StateWaitForHello(FSM fsm,
                             idscpHello.getSupportedRatSuiteList().toArray());
                     if (verifierMechanism == null){
                         LOG.debug("Cannot find a match for RAT verifier. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No match for RAT Verifier mechanism",
+                        fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("No match for RAT Verifier mechanism",
                                 IDSCPv2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
@@ -108,7 +108,7 @@ public StateWaitForHello(FSM fsm,
                     if (!idscpHello.hasDynamicAttributeToken() || 0 > (datValidityPeriod = dapsDriver
                             .verifyToken(dat = idscpHello.getDynamicAttributeToken().getToken().toByteArray(), null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("No valid DAT",
+                        fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("No valid DAT",
                                 IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
index 60a87143c..a8d4be723 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
@@ -55,7 +55,7 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
                             IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -82,7 +82,7 @@ public StateWaitForRat(FSM fsm,
                 event -> {
                     LOG.error("RAT_PROVER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("RAT_PROVER failed",
                             IDSCPv2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -92,7 +92,7 @@ public StateWaitForRat(FSM fsm,
                 event -> {
                     LOG.error("RAT_VERIFIER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("RAT_VERIFIER failed",
                             IDSCPv2.IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -129,7 +129,7 @@ public StateWaitForRat(FSM fsm,
                     LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER");
                     fsm.stopRatVerifierDriver();
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage())) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatExpiredMessage())) {
                       LOG.error("Cannot send DatExpired message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -144,7 +144,7 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake timeout",
                             IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -176,7 +176,7 @@ public StateWaitForRat(FSM fsm,
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send DAT message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
index 7f9ca5d09..4ca9a9443 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
@@ -43,7 +43,7 @@ public StateWaitForRatProver(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close", IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close", IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -58,7 +58,7 @@ public StateWaitForRatProver(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake timeout",
                             IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -69,7 +69,7 @@ public StateWaitForRatProver(FSM fsm,
                     LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED");
                     ratTimer.cancelTimeout();
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage())) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatExpiredMessage())) {
                       LOG.error("Cannot send DatExpired message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -93,7 +93,7 @@ public StateWaitForRatProver(FSM fsm,
                 event -> {
                     LOG.error("RAT_PROVER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_PROVER failed",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("RAT_PROVER failed",
                             IDSCPv2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -116,7 +116,7 @@ public StateWaitForRatProver(FSM fsm,
                 event -> {
                     LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpReRatMessage(""))) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpReRatMessage(""))) {
                       LOG.error("Cannot send ReRat message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -143,7 +143,7 @@ public StateWaitForRatProver(FSM fsm,
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send DAT message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
index 1d11278d7..0210b1c7d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
@@ -42,7 +42,7 @@ public StateWaitForRatVerifier(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("User close",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
                             IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -58,7 +58,7 @@ public StateWaitForRatVerifier(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("Handshake timeout", IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake timeout", IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -68,7 +68,7 @@ public StateWaitForRatVerifier(FSM fsm,
                     LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER");
                     fsm.stopRatVerifierDriver();
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatExpiredMessage())) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatExpiredMessage())) {
                       LOG.error("Cannot send DatExpired message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -94,7 +94,7 @@ public StateWaitForRatVerifier(FSM fsm,
                 event -> {
                     LOG.error("RAT_VERIFIER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.getIdscpCloseMessage("RAT_VERIFIER failed",
+                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("RAT_VERIFIER failed",
                             IDSCPv2.IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -124,7 +124,7 @@ public StateWaitForRatVerifier(FSM fsm,
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.getIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send DAT message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }

From c9b6690c8bffc9393fee2fe0a70b3f0df52a4c38 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Sun, 17 May 2020 12:36:23 +0200
Subject: [PATCH 071/237] Introduced message types and new handler
 interfaces/classes

---
 .../aisec/ids/idscp2/IDSCPv2Initiator.java    |   9 +-
 .../secure_channel/NativeTLSDriver.java       |   7 +-
 .../secure_channel/server/TLSServer.java      |  12 +-
 .../server/TLSServerThread.java               |   6 +-
 .../interfaces/SecureChannelDriver.java       |   4 +-
 .../idscp2/idscp_core/IDSCPv2Connection.java  |  74 ----------
 .../idscp2/idscp_core/Idscp2Connection.java   | 134 ++++++++++++++++++
 .../idscp_core/IdscpConnectionListener.java   |  12 ++
 .../idscp_core/IdscpMessageFactory.java       |  21 ++-
 .../idscp_core/IdscpMessageListener.java      |  12 ++
 .../idscp2/idscp_core/IdscpMsgListener.java   |  17 ---
 .../configuration/IDSCPv2Callback.java        |   4 +-
 .../configuration/IDSCPv2Configuration.java   |  36 ++---
 .../idscp_core/finite_state_machine/FSM.java  |  77 +++++-----
 .../finite_state_machine/StateClosed.java     |   2 +-
 .../StateEstablished.java                     |   3 +-
 .../idscp_server/IDSCPv2Server.java           |  31 ++--
 ...Listener.java => IdscpServerListener.java} |   8 +-
 idscp2/src/main/proto/idscpv2.proto           |  34 +++--
 .../src/test/java/IDSCPv2ClientInitiator.java |  38 +++--
 .../src/test/java/IDSCPv2ServerInitiator.java |  36 +++--
 21 files changed, 342 insertions(+), 235 deletions(-)
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConnectionListener.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageListener.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/{IdscpConnectionListener.java => IdscpServerListener.java} (65%)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
index 7ff21c26d..076d58289 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
@@ -1,6 +1,6 @@
 package de.fhg.aisec.ids.idscp2;
 
-import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 
 /**
  * An interface for the IDSCPv2Initiator class, that implements callback functions that notifies
@@ -13,15 +13,10 @@ public interface IDSCPv2Initiator {
     /*
      * Called when a new connection is established
      */
-    void newConnectionHandler(IDSCPv2Connection connection);
+    void newConnectionHandler(Idscp2Connection connection);
 
     /*
      * Called when an error occurred in the underlying IDSCPv2 protocol
      */
     void errorHandler(String error);
-
-    /*
-     * Called when a connection with the given connectionID was closed
-     */
-    void connectionClosedHandler(String connectionId);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
index f36547a3d..8368c96d9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
@@ -6,7 +6,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -47,15 +47,14 @@ public void connect(IDSCPv2Settings settings, IDSCPv2Callback callback) {
      */
     @Override
     public SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback configCallback,
-                               IdscpConnectionListener idscpServerCallback) {
+                               IdscpServerListener idscpServerCallback) {
         try {
             TLSServer tlsServer = new TLSServer(settings, configCallback, idscpServerCallback);
             tlsServer.start();
             return tlsServer;
 
         } catch (IOException | NoSuchAlgorithmException | KeyManagementException e){
-            LOG.error("listen() failed. {}", e.getMessage());
-            LOG.debug(Arrays.toString(e.getStackTrace()));
+            LOG.error("listen() failed.", e);
         }
 
         return null;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index e1171a82f..63f5ecdd9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -5,7 +5,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -26,12 +26,12 @@ public class TLSServer extends Thread implements SecureServer {
     private static final Logger LOG = LoggerFactory.getLogger(TLSServer.class);
 
     private volatile boolean isRunning = false;
-    private ServerSocket serverSocket;
-    private IDSCPv2Callback idscpConfigCallback; //no race conditions
-    private IdscpConnectionListener idscpServerCallback;
+    private final ServerSocket serverSocket;
+    private final IDSCPv2Callback idscpConfigCallback; //no race conditions
+    private final IdscpServerListener idscpServerCallback;
 
     public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback configCallback,
-                     IdscpConnectionListener idscpServerCallback)
+                     IdscpServerListener idscpServerCallback)
             throws IOException, NoSuchAlgorithmException, KeyManagementException {
         this.idscpConfigCallback = configCallback;
         this.idscpServerCallback = idscpServerCallback;
@@ -115,7 +115,7 @@ public void run(){
             server.start();
         }
 
-        if (serverSocket != null && !serverSocket.isClosed()){
+        if (!serverSocket.isClosed()){
             try {
                 serverSocket.close();
             } catch (IOException e) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index c2c3ddf9e..3ed6c0ff5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -2,7 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsSessionVerificationHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
@@ -34,12 +34,12 @@ public class TLSServerThread extends Thread implements HandshakeCompletedListene
     private DataOutputStream out;
     private SecureChannelListener listener = null;  // race conditions are avoided using CountDownLatch
     private IDSCPv2Callback configCallback;  //no race conditions
-    private IdscpConnectionListener idscpServerCallback; //no race conditions
+    private IdscpServerListener idscpServerCallback; //no race conditions
     private CountDownLatch listenerLatch = new CountDownLatch(1);
     private CountDownLatch tlsVerificationLatch = new CountDownLatch(1);
 
 
-    TLSServerThread(SSLSocket sslSocket, IDSCPv2Callback configCallback, IdscpConnectionListener idscpServerCallback){
+    TLSServerThread(SSLSocket sslSocket, IDSCPv2Callback configCallback, IdscpServerListener idscpServerCallback){
         this.sslSocket = sslSocket;
         this.configCallback = configCallback;
         this.idscpServerCallback = idscpServerCallback;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
index 2ea75dcd4..3adab7967 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
@@ -2,7 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
 
 /**
  * An interface for the IDSCPv2 SecureChannelDriver class, that implements a connect() function
@@ -21,5 +21,5 @@ public interface SecureChannelDriver {
      * Starting a secure server
      */
     SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback configCallback,
-                        IdscpConnectionListener idscpServerCallback);
+                        IdscpServerListener idscpServerCallback);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
deleted file mode 100644
index 50de6e190..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IDSCPv2Connection.java
+++ /dev/null
@@ -1,74 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core;
-
-import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.Arrays;
-
-/**
- * The IDSCPv2 Connection class holds connections between connectors
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class IDSCPv2Connection implements IdscpMsgListener {
-    private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Connection.class);
-
-    private FSM fsm;
-    private String connectionId;
-    private IDSCPv2Initiator user;
-    private IdscpConnectionListener server;
-
-    public IDSCPv2Connection(FSM fsm, String connectionId, IDSCPv2Initiator user, IdscpConnectionListener server){
-        this.fsm = fsm;
-        this.connectionId = connectionId;
-        this.user = user;
-        this.server = server;
-    }
-
-    /*
-     * Close the idscp connection
-     */
-    public void close() {
-        // unregister connection from the idscp server
-        if (server != null) {
-            server.connectionClosedHandler(connectionId);
-        }
-        fsm.terminate();
-    }
-
-    /*
-     * Send data to the peer idscp connector
-     */
-    public void send(byte[] msg) {
-        LOG.debug("Send data ");
-        fsm.send(msg);
-    }
-
-    @Override
-    public void onMessage(byte[] msg) {
-        LOG.info("Received new IDSCP Message: " + Arrays.toString(msg));
-    }
-
-    @Override
-    public void onClose() {
-        LOG.debug("Connection with id {} has been closed, notify user", connectionId);
-        user.connectionClosedHandler(connectionId);
-        if (server != null) {
-            server.connectionClosedHandler(connectionId);
-        }
-    }
-
-    /*
-     * Check if the idscp connection is currently established
-     */
-    public boolean isConnected() {
-        return fsm.isConnected();
-    }
-
-    public String getConnectionId() {
-        return connectionId;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
new file mode 100644
index 000000000..0419168b1
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
@@ -0,0 +1,134 @@
+package de.fhg.aisec.ids.idscp2.idscp_core;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
+import org.jetbrains.annotations.Nullable;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.*;
+
+/**
+ * The IDSCPv2 Connection class holds connections between connectors
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
+ */
+public class Idscp2Connection {
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2Connection.class);
+
+    private final FSM fsm;
+    private final String connectionId;
+    private final Set<IdscpConnectionListener> connectionListeners = new HashSet<>();
+    private final Set<IdscpMessageListener> genericMessageListeners = new HashSet<>();
+    private final Map<String, Set<IdscpMessageListener>> messageListeners = new HashMap<>();
+
+    public Idscp2Connection(FSM fsm, String connectionId) {
+        this.fsm = fsm;
+        this.connectionId = connectionId;
+    }
+
+    /*
+     * Close the idscp connection
+     */
+    public void close() {
+        // unregister connection from the idscp server
+        synchronized (connectionListeners) {
+            connectionListeners.forEach(l -> l.onClose(connectionId));
+        }
+        fsm.terminate();
+    }
+
+    /*
+     * Send data to the peer idscp connector
+     */
+    public void send(String type, byte[] msg) {
+        LOG.debug("Send data of type \"" + type + "\" ");
+        fsm.send(type, msg);
+    }
+
+    public void onMessage(String type, byte[] msg) {
+        LOG.debug("Received new IDSCP Message: " + Arrays.toString(msg));
+        synchronized (genericMessageListeners) {
+            genericMessageListeners.forEach(l -> l.onMessage(type, msg));
+        }
+        Set<IdscpMessageListener> listeners = messageListeners.get(type);
+        if (listeners != null) {
+            //noinspection SynchronizationOnLocalVariableOrMethodParameter
+            synchronized (listeners) {
+                listeners.forEach(l -> l.onMessage(type, msg));
+            }
+        }
+    }
+
+    public void onClose() {
+        LOG.debug("Connection with id {} has been closed, notify user", connectionId);
+        synchronized (connectionListeners) {
+            connectionListeners.forEach(l -> l.onClose(connectionId));
+        }
+    }
+
+    /*
+     * Check if the idscp connection is currently established
+     */
+    public boolean isConnected() {
+        return fsm.isConnected();
+    }
+
+    public String getConnectionId() {
+        return connectionId;
+    }
+
+    public void addConnectionListener(IdscpConnectionListener listener) {
+        synchronized (connectionListeners) {
+            connectionListeners.add(listener);
+        }
+    }
+
+    public boolean removeConnectionListener(IdscpConnectionListener listener) {
+        synchronized (connectionListeners) {
+            return connectionListeners.remove(listener);
+        }
+    }
+
+    public void addGenericMessageListener(IdscpMessageListener listener) {
+        synchronized (genericMessageListeners) {
+            genericMessageListeners.add(listener);
+        }
+    }
+
+    public boolean removeGenericMessageListener(IdscpMessageListener listener) {
+        synchronized (genericMessageListeners) {
+            return genericMessageListeners.remove(listener);
+        }
+    }
+
+    public void addMessageListener(@Nullable String type, IdscpMessageListener listener) {
+        synchronized (messageListeners) {
+            Set<IdscpMessageListener> messageTypeListeners
+                = messageListeners.computeIfAbsent(type, k -> new HashSet<>());
+            //noinspection SynchronizationOnLocalVariableOrMethodParameter
+            synchronized (messageTypeListeners) {
+                messageTypeListeners.add(listener);
+            }
+            messageListeners.put(type, messageTypeListeners);
+        }
+    }
+
+    public boolean removeMessageListener(@Nullable String type, IdscpMessageListener listener) {
+        synchronized (messageListeners) {
+            Set<IdscpMessageListener> messageTypeListeners = messageListeners.get(type);
+            if (messageTypeListeners == null) {
+                return false;
+            }
+            final boolean ret;
+            //noinspection SynchronizationOnLocalVariableOrMethodParameter
+            synchronized (messageTypeListeners) {
+                ret = messageTypeListeners.remove(listener);
+            }
+            if (messageTypeListeners.isEmpty()) {
+                messageListeners.remove(type);
+            }
+            return ret;
+        }
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConnectionListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConnectionListener.java
new file mode 100644
index 000000000..bd5d4b6f0
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConnectionListener.java
@@ -0,0 +1,12 @@
+package de.fhg.aisec.ids.idscp2.idscp_core;
+
+/**
+ * An IDSCP Connection Listener interface that is implemented by the IDSCPv2 Server to notify the
+ * server about lifetimes of IDSCP connections. The server caches all active connections.
+ */
+public interface IdscpConnectionListener {
+
+    void onError(String error);
+
+    void onClose(String connectionId);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
index c8af71f1b..262040c66 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
@@ -65,16 +65,29 @@ public static IdscpMessage createIdscpReRatMessage(String cause){
                 .build();
     }
 
-    public static IdscpMessage createIdscpDataMessage(byte[] data){
-        IdscpData idscpData = IdscpData.newBuilder()
-                .setData(ByteString.copyFrom(data))
-                .build();
+    public static IdscpMessage createIdscpDataMessage(String type, Integer typeTag, byte[] data) {
+        IdscpData.Builder idscpData = IdscpData.newBuilder()
+                .setData(ByteString.copyFrom(data));
+        if (type != null) {
+            idscpData.setType(type);
+        }
+        if (typeTag != null) {
+            idscpData.setTypeTag(typeTag);
+        }
 
         return IdscpMessage.newBuilder()
                 .setIdscpData(idscpData)
                 .build();
     }
 
+    public static IdscpMessage createIdscpDataMessage(int shortType, byte[] data) {
+        return createIdscpDataMessage(null, shortType, data);
+    }
+
+    public static IdscpMessage createIdscpDataMessage(String type, byte[] data) {
+        return createIdscpDataMessage(type, null, data);
+    }
+
     public static IdscpMessage createIdscpRatProverMessage(byte[] body){
         IdscpRatProver idscpRatProver = IdscpRatProver.newBuilder()
             .setData(ByteString.copyFrom(body))
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageListener.java
new file mode 100644
index 000000000..5c3d3d39d
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageListener.java
@@ -0,0 +1,12 @@
+package de.fhg.aisec.ids.idscp2.idscp_core;
+
+/**
+ * An interface for an IDSCP message listener
+ */
+public interface IdscpMessageListener {
+
+    /*
+     * notify the listener about new data
+     */
+    void onMessage(String type, byte[] data);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
deleted file mode 100644
index 37ed40008..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMsgListener.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core;
-
-/**
- * An interface for an IDSCP message listener
- */
-public interface IdscpMsgListener {
-
-    /*
-     * notify the listener about new data via idscp
-     */
-    void onMessage(byte[] data);
-
-    /*
-     * notify the listener that the idscp connection was closed
-     */
-    void onClose();
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
index 91bc2923b..9c1fd0ba5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
@@ -1,6 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 
 /**
@@ -21,7 +21,7 @@ public interface IDSCPv2Callback {
      */
     void secureChannelListenHandler(
         SecureChannel secureChannel,
-        IdscpConnectionListener idscpServer
+        IdscpServerListener idscpServer
     );
 
 }
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
index d9b06300f..0c4754fe9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
@@ -3,10 +3,10 @@
 import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpConnectionListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -20,12 +20,12 @@
 public class IDSCPv2Configuration implements IDSCPv2Callback {
     private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Configuration.class);
 
-    private IDSCPv2Initiator user;
-    private DapsDriver dapsDriver;
-    private SecureChannelDriver secureChannelDriver;
+    private final IDSCPv2Initiator user;
+    private final DapsDriver dapsDriver;
+    private final SecureChannelDriver secureChannelDriver;
     private final String[] localExpectedRatCipher;
     private final String[] localSupportedRatCipher;
-    private int ratTimeout;
+    private final int ratTimeout;
 
 
     public IDSCPv2Configuration(IDSCPv2Initiator initiator,
@@ -58,8 +58,8 @@ public void connect(IDSCPv2Settings settings){
     public IDSCPv2Server listen(IDSCPv2Settings settings) throws IDSCPv2Exception {
         LOG.info("Starting new IDSCPv2 server at port {}", settings.getServerPort());
 
-        SecureServer secureServer;
-        IDSCPv2Server idscpServer = new IDSCPv2Server();
+        final SecureServer secureServer;
+        final IDSCPv2Server idscpServer = new IDSCPv2Server();
 
         if ((secureServer = secureChannelDriver.listen(settings, this, idscpServer)) == null){
             throw new IDSCPv2Exception("Idscpv2 listen() failed. Cannot create SecureServer");
@@ -76,7 +76,7 @@ public IDSCPv2Server listen(IDSCPv2Settings settings) throws IDSCPv2Exception {
      * to the user
      *
      * If the secure channel was established, a new FSM is created for this connection and the
-     * IDSCPv2 handshake is started. After a successful handshake, a new IDSCPv2Connection is
+     * IDSCPv2 handshake is started. After a successful handshake, a new Idscp2Connection is
      * created and provided to the user
      */
     @Override
@@ -96,8 +96,8 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
             }
 
             String connectionId = UUID.randomUUID().toString();
-            IDSCPv2Connection newConnection = new IDSCPv2Connection(fsm, connectionId, user, null);
-            fsm.registerMessageListener(newConnection);
+            Idscp2Connection newConnection = new Idscp2Connection(fsm, connectionId);
+            fsm.registerConnection(newConnection);
             LOG.info("A new IDSCPv2 connection with id {} was created", connectionId);
             user.newConnectionHandler(newConnection);
         }
@@ -110,11 +110,11 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
      * ignored
      *
      * If the secure channel was established, a new FSM is created for this connection and the
-     * IDSCPv2 handshake is started. After a successful handshake, a new IDSCPv2Connection is
+     * IDSCPv2 handshake is started. After a successful handshake, a new Idscp2Connection is
      * created and provided to the user and the IDSCPv2 server
      */
     @Override
-    public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnectionListener idscpServer) {
+    public void secureChannelListenHandler(SecureChannel secureChannel, IdscpServerListener idscpServer) {
         if (secureChannel != null){
             LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
             FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher,
@@ -126,15 +126,15 @@ public void secureChannelListenHandler(SecureChannel secureChannel, IdscpConnect
                 return;
             }
 
-            //create new IDSCPv2Connection
+            //create new Idscp2Connection
             String connectionId = UUID.randomUUID().toString();
-            IDSCPv2Connection newConnection = new IDSCPv2Connection(fsm, connectionId, user, idscpServer);
-            fsm.registerMessageListener(newConnection);
+            Idscp2Connection newConnection = new Idscp2Connection(fsm, connectionId);
+            fsm.registerConnection(newConnection);
             LOG.info("A new idscpv2 connection with id {} was created", connectionId);
-            idscpServer.newConnectionHandler(newConnection); //bind connection to idscp server
+            idscpServer.onConnect(newConnection); //bind connection to idscp server
             user.newConnectionHandler(newConnection);
         } else {
-            LOG.warn("An incoming idscpv2 client connection request failed because no secure channel was established");
+            LOG.warn("An incoming idscpv2 client connection request failed because the secure channel is null.");
         }
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index f59131ab4..72c9abb3b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -3,8 +3,8 @@
 import com.google.protobuf.InvalidProtocolBufferException;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMsgListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
@@ -31,7 +31,7 @@ public class FSM implements FsmListener{
     private static final Logger LOG = LoggerFactory.getLogger(FSM.class);
 
     /*  -----------   IDSCPv2 Protocol States   ---------- */
-    private HashMap<FSM_STATE, State> states = new HashMap<>();
+    private final HashMap<FSM_STATE, State> states = new HashMap<>();
 
     enum FSM_STATE {
         STATE_CLOSED,
@@ -47,7 +47,7 @@ enum FSM_STATE {
     private State currentState;
     /*  ----------------   end of states   --------------- */
 
-    private SecureChannel secureChannel; //secure underlying channel
+    private final SecureChannel secureChannel; //secure underlying channel
 
     private RatProverDriver ratProverDriver;
     private RatVerifierDriver ratVerifierDriver;
@@ -72,8 +72,8 @@ enum FSM_STATE {
      * And a listener latch to ensure that the listener is available and the message does not get
      * lost
      */
-    private IdscpMsgListener listener = null;
-    private final CountDownLatch listenerLatch = new CountDownLatch(1);
+    private Idscp2Connection connection;
+    private final CountDownLatch connectionLatch = new CountDownLatch(1);
 
     /*
      * A FIFO-fair synchronization lock for the finite state machine
@@ -99,11 +99,11 @@ enum FSM_STATE {
     private boolean fsmIsClosed = false;
 
     /* ---------------------- Timer ---------------------- */
-    private Timer datTimer;
-    private Timer ratTimer;
-    private Timer handshakeTimer;
-    private Timer proverHandshakeTimer;
-    private Timer verifierHandshakeTimer;
+    private final Timer datTimer;
+    private final Timer ratTimer;
+    private final Timer handshakeTimer;
+    private final Timer proverHandshakeTimer;
+    private final Timer verifierHandshakeTimer;
     /*  ----------------   end of Timer   --------------- */
 
     public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
@@ -451,18 +451,18 @@ public void onClose(){
     /*
      * Send idscp message from the User via the secure channel
      */
-    public void send(byte[] msg){
+    public void send(String type, byte[] msg){
         //send messages from user only when idscp connection is established
         fsmIsBusy.lock();
         try{
             if(isConnected()){
-                IdscpMessage idscpMessage = IdscpMessageFactory.createIdscpDataMessage(msg);
+                IdscpMessage idscpMessage = IdscpMessageFactory.createIdscpDataMessage(type, msg);
                 if (!secureChannel.send(idscpMessage.toByteArray())) {
                     LOG.error("Cannot send IDSCP_DATA via secure channel");
                     onControlMessage(InternalControlMessage.ERROR);
                 }
             } else {
-                LOG.error("Cannot send IDSCP_DATA because protocol is not established");
+                LOG.error("Cannot send IDSCP_DATA because connection is not established");
             }
         } finally {
             fsmIsBusy.unlock();
@@ -479,9 +479,9 @@ public boolean isConnected(){
     /*
      * Register an IDSCPv2 message listener
      */
-    public void registerMessageListener(IdscpMsgListener listener){
-        this.listener = listener;
-        listenerLatch.countDown();
+    public void registerConnection(Idscp2Connection connection){
+        this.connection = connection;
+        connectionLatch.countDown();
     }
 
     /*
@@ -543,8 +543,8 @@ boolean restartRatVerifierDriver(){
     /*
      * Terminate the RatVerifierDriver
      */
-    void stopRatVerifierDriver(){
-        this.verifierHandshakeTimer.cancelTimeout();
+    void stopRatVerifierDriver() {
+        verifierHandshakeTimer.cancelTimeout();
         if (ratVerifierDriver != null && ratVerifierDriver.isAlive()){
             ratVerifierDriver.interrupt();
             ratVerifierDriver.terminate();
@@ -578,7 +578,7 @@ boolean restartRatProverDriver(){
      * Terminate the RatProverDriver
      */
     void stopRatProverDriver(){
-        this.proverHandshakeTimer.cancelTimeout();
+        proverHandshakeTimer.cancelTimeout();
         if (ratProverDriver != null && ratProverDriver.isAlive()){
             ratProverDriver.interrupt();
             ratProverDriver.terminate();
@@ -589,29 +589,22 @@ void stopRatProverDriver(){
      * Lock the fsm forever, terminate the timers and drivers, close the secure channel
      * and notify User or handshake lock about closure
      */
-    void lockFsm(){
-        try {
-            secureChannel.close();
-            this.datTimer.cancelTimeout();
-            this.datTimer = null;
-            this.ratTimer.cancelTimeout();
-            this.ratTimer = null;
-            this.handshakeTimer.cancelTimeout();
-            this.handshakeTimer = null;
-            this.proverHandshakeTimer.cancelTimeout();
-            this.proverHandshakeTimer = null;
-            this.verifierHandshakeTimer.cancelTimeout();
-            this.verifierHandshakeTimer = null;
-            this.stopRatProverDriver();
-            this.stopRatVerifierDriver();
-            fsmIsClosed = true;
-        } catch (NullPointerException ignored){}
+    void shutdownFsm() {
+        secureChannel.close();
+        datTimer.cancelTimeout();
+        ratTimer.cancelTimeout();
+        handshakeTimer.cancelTimeout();
+        // Cancels proverHandshakeTimer
+        this.stopRatProverDriver();
+        // Cancels verifierHandshakeTimer
+        this.stopRatVerifierDriver();
+        fsmIsClosed = true;
 
         //notify upper layer via handshake or closeListener
         try {
-            if (handshakeResultAvailable){
-                listenerLatch.await();
-                listener.onClose();
+            if (handshakeResultAvailable) {
+                connectionLatch.await();
+                connection.onClose();
             } else {
                 notifyHandshakeCompleteLock();
             }
@@ -623,10 +616,10 @@ void lockFsm(){
     /*
      * Provide IDSCPv2 message to the message listener
      */
-    void notifyIdscpMsgListener(byte[] data) {
+    void notifyIdscpMsgListener(String type, byte[] data) {
         try {
-            this.listenerLatch.await();
-            this.listener.onMessage(data);
+            this.connectionLatch.await();
+            this.connection.onMessage(type, data);
             LOG.debug("Idscp data were passed to connection listener");
         } catch (InterruptedException ex) {
             Thread.currentThread().interrupt();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
index 36a2ce507..919ca4aaa 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
@@ -80,7 +80,7 @@ void runEntryCode(FSM fsm){
         //State Closed entry code
         LOG.debug("Switched to state STATE_CLOSED");
         LOG.debug("Terminate and free all resources and lock fsm forever");
-        fsm.lockFsm();
+        fsm.shutdownFsm();
     }
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
index e08732944..055e9cd09 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
@@ -120,7 +120,8 @@ public StateEstablished(FSM fsm,
 
         this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATA_FIELD_NUMBER, new Transition(
                 event -> {
-                    fsm.notifyIdscpMsgListener(event.getIdscpMessage().getIdscpData().toByteArray());
+                    IDSCPv2.IdscpData data = event.getIdscpMessage().getIdscpData();
+                    fsm.notifyIdscpMsgListener(data.getType(), data.getData().toByteArray());
                     return this;
                 }
         ));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
index d807b90b6..049df87ab 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
@@ -1,11 +1,13 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.idscp_server;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
-import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
 import java.util.List;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.CountDownLatch;
@@ -16,19 +18,14 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class IDSCPv2Server implements IdscpConnectionListener{
+public class IDSCPv2Server implements IdscpServerListener {
     private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Server.class);
 
     private SecureServer secureServer; //no race conditions using CountDownLatch
-    private CountDownLatch secureServerLatch = new CountDownLatch(1);
-    private ConcurrentHashMap<String, IDSCPv2Connection> connections = new ConcurrentHashMap<>();
+    private final CountDownLatch secureServerLatch = new CountDownLatch(1);
+    private final ConcurrentHashMap<String, Idscp2Connection> connections = new ConcurrentHashMap<>();
 
-    public IDSCPv2Server(){}
-
-    public IDSCPv2Server(SecureServer secureServer){
-        this.secureServer = secureServer;
-        secureServerLatch.countDown();
-    }
+    public IDSCPv2Server() {}
 
     /*
      * Terminate the IDSCPv2 server, the secure server and close all connections
@@ -48,7 +45,7 @@ public void terminate(){
      * Close all open IDSCPv2 connections of this server
      */
     public void terminateAllSessions(){
-        for (IDSCPv2Connection c : connections.values()){
+        for (Idscp2Connection c : connections.values()){
             c.close();
             LOG.debug("Idscp connection with id {} has been closed", c.getConnectionId());
             connections.remove(c.getConnectionId());
@@ -69,29 +66,29 @@ public boolean isRunning(){
     }
 
     /*
-     * Get a IDSCPv2Connection from the server cache by the connectionID
+     * Get a Idscp2Connection from the server cache by the connectionID
      *
      * return null if no connection was found with this ID
      */
-    public IDSCPv2Connection getConnectionById(String connectionId){
+    public Idscp2Connection getConnectionById(String connectionId){
         return connections.get(connectionId);
     }
 
     /*
      * return a list of all open IDSCPv2 connections of this server
      */
-    public List<IDSCPv2Connection> getAllConnections(){
-        return new ArrayList<>(connections.values());
+    public Collection<Idscp2Connection> getAllConnections(){
+        return Collections.unmodifiableCollection(connections.values());
     }
 
     @Override
-    public void newConnectionHandler(IDSCPv2Connection connection) {
+    public void onConnect(Idscp2Connection connection) {
         LOG.debug("Binding new idscpv2 connection to server {}", this.toString());
         connections.put(connection.getConnectionId(), connection);
     }
 
     @Override
-    public void connectionClosedHandler(String connectionId) {
+    public void onClose(String connectionId) {
         LOG.debug("Removing connection with id {} from server storage", connectionId);
         connections.remove(connectionId);
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpServerListener.java
similarity index 65%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpServerListener.java
index 13911c906..d0600a977 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpConnectionListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpServerListener.java
@@ -1,20 +1,20 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.idscp_server;
 
-import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 
 /**
  * An IDSCP Connection Listener interface that is implemented by the IDSCPv2 Server to notify the
  * server about lifetimes of IDSCP connections. The server caches all active connections.
  */
-public interface IdscpConnectionListener {
+public interface IdscpServerListener {
 
     /*
      * Notify the server that a new connection was established
      */
-    void newConnectionHandler(IDSCPv2Connection connection);
+    void onConnect(Idscp2Connection connection);
 
     /*
      * Notify the server that connection has been closed
      */
-    void connectionClosedHandler(String connectionId);
+    void onClose(String connectionId);
 }
diff --git a/idscp2/src/main/proto/idscpv2.proto b/idscp2/src/main/proto/idscpv2.proto
index 658d2e6c8..0ca28a5c7 100644
--- a/idscp2/src/main/proto/idscpv2.proto
+++ b/idscp2/src/main/proto/idscpv2.proto
@@ -17,12 +17,21 @@ message IdscpMessage {
   }
 }
 
-//IDSCP messages
+// IDSCP messages
+
 message IdscpHello {
-  int32 version = 1;                      //IDSCP protocol version
-  IdscpDat dynamicAttributeToken = 2;     //initial dynamicAttributeToken
-  repeated string supportedRatSuite = 3;  //RemoteAttestationCipher prover
-  repeated string expectedRatSuite = 4;   //RemoteAttestationCipher verifier
+  // IDSCP protocol version
+  int32 version = 1;
+  // Initial dynamic attribute token (DAT)
+  IdscpDat dynamicAttributeToken = 2;
+  // Set of supported remote attestation (RAT) methods (prover role)
+  repeated string supportedRatSuite = 3;
+  // Set of accepted RAT methods (verifier role)
+  repeated string expectedRatSuite = 4;
+  // Maximum number of supported message type cache entries
+  int32 maxCacheEntries = 5;
+  // Maximum supported total length of type cache entries in UTF-8
+  int32 maxTotalCacheSize = 6;
 }
 
 message IdscpClose {
@@ -42,15 +51,17 @@ message IdscpClose {
   string cause_msg = 2;
 }
 
-message IdscpDatExpired {           //request new dynamicAttributeToken
+// For requesting new DAT
+message IdscpDatExpired {
 }
 
 message IdscpDat {
   bytes token = 1;
 }
 
-message IdscpReRat {                //request new remoteAttestatio
-  string cause = 1;               //optional
+// For requesting new RAT
+message IdscpReRat {
+  string cause = 1;
 }
 
 message IdscpRatProver {
@@ -62,5 +73,10 @@ message IdscpRatVerifier {
 }
 
 message IdscpData {
-  bytes data = 1 ;
+  // Payload
+  bytes data = 1;
+  // Message type (e.g. MIME type) as string
+  string type = 2;
+  // Integer for cached types or type caching
+  int32 typeTag = 3;
 }
\ No newline at end of file
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
index 8e49a7a44..06ab74b40 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ClientInitiator.java
@@ -10,18 +10,17 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 
-import java.util.concurrent.ConcurrentHashMap;
+import java.nio.charset.StandardCharsets;
 
 public class IDSCPv2ClientInitiator implements IDSCPv2Initiator {
 
-    private ConcurrentHashMap<String, IDSCPv2Connection> connections = new ConcurrentHashMap<>();
-
     public void init(IDSCPv2Settings settings){
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
         DefaultDapsDriverConfig config =
@@ -63,19 +62,30 @@ public void init(IDSCPv2Settings settings){
     }
 
     @Override
-    public void newConnectionHandler(IDSCPv2Connection connection) {
-        this.connections.put(connection.getConnectionId(), connection);
-        System.out.println("User: New connection with id " + connection.getConnectionId());
-    }
+    public void newConnectionHandler(Idscp2Connection connection) {
+        System.out.println("Client: New connection with id " + connection.getConnectionId());
+        connection.addConnectionListener(new IdscpConnectionListener() {
+            @Override
+            public void onError(String error) {
+                System.out.println("Client error occurred: " + error);
+            }
 
-    @Override
-    public void errorHandler(String error) {
-        System.out.println("User: Error occurred: " + error);
+            @Override
+            public void onClose(String connectionId) {
+                System.out.println("Client: Connection with id " + connectionId + " has been closed");
+            }
+        });
+        connection.addGenericMessageListener(((type, data) -> System.out.println(
+            "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
+        // Register listener for server reply
+        connection.addMessageListener("pong", (type, data) ->
+            System.out.println("Received pong message: " + new String(data, StandardCharsets.UTF_8)));
+        System.out.println("Sending PING...");
+        connection.send("ping", "PING".getBytes(StandardCharsets.UTF_8));
     }
 
     @Override
-    public void connectionClosedHandler(String connectionId) {
-        System.out.println("User: Connection closed");
-        connections.remove(connectionId);
+    public void errorHandler(String error) {
+        System.out.println("Client error occurred: " + error);
     }
 }
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
index 9c1a9802b..3b62e7961 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/test/java/IDSCPv2ServerInitiator.java
@@ -11,17 +11,20 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.IDSCPv2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.IdscpConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 
+import java.nio.charset.StandardCharsets;
+
 
 public class IDSCPv2ServerInitiator implements IDSCPv2Initiator {
 
-    //private ConcurrentHashMap<String, IDSCPv2Connection> connections = new ConcurrentHashMap<>();
+    //private ConcurrentHashMap<String, Idscp2Connection> connections = new ConcurrentHashMap<>();
 
     public void init(IDSCPv2Settings serverSettings)  {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
@@ -77,17 +80,30 @@ public void init(IDSCPv2Settings serverSettings)  {
     }
 
     @Override
-    public void newConnectionHandler(IDSCPv2Connection connection) {
-        System.out.println("User: New connection with id " + connection.getConnectionId());
-    }
+    public void newConnectionHandler(Idscp2Connection connection) {
+        System.out.println("Server: New connection with id " + connection.getConnectionId());
+        connection.addConnectionListener(new IdscpConnectionListener() {
+            @Override
+            public void onError(String error) {
+                System.out.println("Server error occurred: " + error);
+            }
 
-    @Override
-    public void errorHandler(String error) {
-        System.out.println("User: Error occurred: " + error);
+            @Override
+            public void onClose(String connectionId) {
+                System.out.println("Server: Connection with id " + connectionId + " has been closed");
+            }
+        });
+        connection.addGenericMessageListener(((type, data) -> System.out.println(
+            "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
+        connection.addMessageListener("ping", ((type, data) -> {
+            System.out.println("Received ping message:\n" + new String(data, StandardCharsets.UTF_8));
+            System.out.println("Sending PONG...");
+            connection.send("pong", "PONG".getBytes(StandardCharsets.UTF_8));
+        }));
     }
 
     @Override
-    public void connectionClosedHandler(String connectionId) {
-        System.out.println("User: Connection with id " + connectionId + " has been closed");
+    public void errorHandler(String error) {
+        System.out.println("Server error occurred: " + error);
     }
 }

From 49ad37230a764bccf7b5e6fc091be828d3429586 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 18 May 2020 21:56:27 +0200
Subject: [PATCH 072/237] Naming and code cleanups

---
 idscp2/bnd.bnd                                |   4 +-
 ...iator.java => Idscp2EndpointListener.java} |  10 +-
 .../daps/DefaultDapsDriver.java               |  41 ++++---
 .../daps/DefaultDapsDriverConfig.java         |   2 +-
 .../daps/SecurityRequirements.java            |   2 +-
 .../CustomX509ExtendedKeyManager.java         |   6 +-
 .../keystores/PreConfiguration.java           |   6 +-
 .../rat/dummy/RatProverDummy.java             |   2 +-
 .../rat/dummy/RatVerifierDummy.java           |   2 +-
 .../rat/{TPM2d => tpm2d}/TPM2dHelper.java     |   9 +-
 .../TPM2dMessageFactory.java}                 |   5 +-
 .../rat/{TPM2d => tpm2d}/TPM2dProver.java     |  12 +-
 .../TPM2dProverConfig.java}                   |  13 ++-
 .../rat/{TPM2d => tpm2d}/TPM2dSocket.java     |   3 +-
 .../rat/{TPM2d => tpm2d}/TPM2dVerifier.java   |  12 +-
 .../TPM2dVerifierConfig.java}                 |  13 ++-
 .../secure_channel/NativeTLSDriver.java       |  15 +--
 ...java => TLSSessionVerificationHelper.java} |  21 ++--
 .../secure_channel/TlsConstants.java          |   2 +-
 .../client/InputListenerThread.java           |   2 +-
 .../secure_channel/client/TLSClient.java      |  22 ++--
 .../secure_channel/server/TLSServer.java      |  23 ++--
 .../server/TLSServerThread.java               |  37 ++++---
 .../drivers/interfaces/RatProverDriver.java   |   2 +-
 .../drivers/interfaces/RatVerifierDriver.java |   2 +-
 .../interfaces/SecureChannelDriver.java       |  18 +--
 .../drivers/interfaces/SecureServer.java      |   2 +-
 ...Pv2Exception.java => Idscp2Exception.java} |   8 +-
 .../example/Idscp2ClientInitiator.java}       |  38 ++++---
 .../example/Idscp2ServerInitiator.java}       |  52 ++++-----
 .../ids/idscp2/example}/RunTLSClient.java     |   8 +-
 .../ids/idscp2/example}/RunTLSServer.java     |  10 +-
 .../idscp2/idscp_core/Idscp2Connection.java   |  26 ++---
 ...ner.java => Idscp2ConnectionListener.java} |   4 +-
 ...eFactory.java => Idscp2MessageHelper.java} |   7 +-
 ...stener.java => Idscp2MessageListener.java} |   2 +-
 .../ids/idscp2/idscp_core/IdscpConstants.java |  10 --
 ...SCPv2Callback.java => Idscp2Callback.java} |  12 +-
 ...guration.java => Idscp2Configuration.java} |  79 +++++++-------
 ...SCPv2Settings.java => Idscp2Settings.java} |  16 ++-
 .../finite_state_machine/Event.java           |  12 +-
 .../idscp_core/finite_state_machine/FSM.java  |  44 ++++----
 .../finite_state_machine/FsmListener.java     |   6 +-
 .../InternalControlMessage.java               |   2 +-
 .../finite_state_machine/State.java           |   2 +-
 .../finite_state_machine/StateClosed.java     |   8 +-
 .../StateEstablished.java                     |  28 ++---
 .../StateWaitForDatAndRat.java                |  34 +++---
 .../StateWaitForDatAndRatVerifier.java        |  26 ++---
 .../StateWaitForHello.java                    |  35 +++---
 .../finite_state_machine/StateWaitForRat.java |  34 +++---
 .../StateWaitForRatProver.java                |  30 ++---
 .../StateWaitForRatVerifier.java              |  28 ++---
 .../finite_state_machine/TimerThread.java     |   2 +-
 .../finite_state_machine/Transition.java      |   2 +-
 .../idscp_server/IDSCPv2Server.java           | 103 ------------------
 .../idscp_core/idscp_server/Idscp2Server.java |  73 +++++++++++++
 .../idscp_server/IdscpServerListener.java     |  20 ----
 .../rat_registry/RatProverDriverRegistry.java |   6 +-
 .../RatVerifierDriverRegistry.java            |   6 +-
 .../secure_channel/SecureChannel.java         |   7 +-
 idscp2/src/main/proto/idscpv2.proto           |   2 +-
 62 files changed, 519 insertions(+), 551 deletions(-)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/{IDSCPv2Initiator.java => Idscp2EndpointListener.java} (51%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/{TPM2d => tpm2d}/TPM2dHelper.java (99%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/{TPM2d/TpmMessageFactory.java => tpm2d/TPM2dMessageFactory.java} (98%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/{TPM2d => tpm2d}/TPM2dProver.java (95%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/{TPM2d/Tpm2dProverConfig.java => tpm2d/TPM2dProverConfig.java} (83%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/{TPM2d => tpm2d}/TPM2dSocket.java (99%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/{TPM2d => tpm2d}/TPM2dVerifier.java (96%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/{TPM2d/Tpm2dVerifierConfig.java => tpm2d/TPM2dVerifierConfig.java} (89%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/{TlsSessionVerificationHelper.java => TLSSessionVerificationHelper.java} (95%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/{IDSCPv2Exception.java => Idscp2Exception.java} (50%)
 rename idscp2/src/{test/java/IDSCPv2ClientInitiator.java => main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java} (71%)
 rename idscp2/src/{test/java/IDSCPv2ServerInitiator.java => main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java} (67%)
 rename idscp2/src/{test/java => main/java/de/fhg/aisec/ids/idscp2/example}/RunTLSClient.java (68%)
 rename idscp2/src/{test/java => main/java/de/fhg/aisec/ids/idscp2/example}/RunTLSServer.java (64%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/{IdscpConnectionListener.java => Idscp2ConnectionListener.java} (78%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/{IdscpMessageFactory.java => Idscp2MessageHelper.java} (96%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/{IdscpMessageListener.java => Idscp2MessageListener.java} (83%)
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConstants.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/{IDSCPv2Callback.java => Idscp2Callback.java} (69%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/{IDSCPv2Configuration.java => Idscp2Configuration.java} (57%)
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/{IDSCPv2Settings.java => Idscp2Settings.java} (89%)
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpServerListener.java

diff --git a/idscp2/bnd.bnd b/idscp2/bnd.bnd
index 379857898..cf8d3ba32 100644
--- a/idscp2/bnd.bnd
+++ b/idscp2/bnd.bnd
@@ -1,7 +1,7 @@
 Bundle-Name: IDS :: IDS Communication Protocol
 Bundle-Description: IDS Communication Protocol
 Export-Package: \
-	de.fhg.aisec.ids.comm*
+  de.fhg.aisec.ids.idscp2*
 Import-Package: \
   !org.checkerframework.checker*,\
-	*
\ No newline at end of file
+  *
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java
similarity index 51%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java
index 076d58289..dda504f89 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/IDSCPv2Initiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java
@@ -3,20 +3,20 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 
 /**
- * An interface for the IDSCPv2Initiator class, that implements callback functions that notifies
+ * An interface for the Idscp2EndpointListener class, that implements callback functions that notifies
  * the user about new connections, errors and closed connections
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public interface IDSCPv2Initiator {
+public interface Idscp2EndpointListener {
 
     /*
      * Called when a new connection is established
      */
-    void newConnectionHandler(Idscp2Connection connection);
+    void onConnection(Idscp2Connection connection);
 
     /*
-     * Called when an error occurred in the underlying IDSCPv2 protocol
+     * Called when an error occurred in the underlying IDSCP2 protocol
      */
-    void errorHandler(String error);
+    void onError(String error);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 62ca603af..3c6279d70 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -4,22 +4,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
-import java.io.IOException;
-import java.security.Key;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.time.Instant;
-import java.util.Date;
-import java.util.concurrent.TimeUnit;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLSocketFactory;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509ExtendedTrustManager;
-import okhttp3.FormBody;
-import okhttp3.OkHttpClient;
-import okhttp3.Request;
-import okhttp3.RequestBody;
-import okhttp3.Response;
+import okhttp3.*;
 import org.jose4j.http.Get;
 import org.jose4j.jwa.AlgorithmConstraints;
 import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
@@ -36,6 +21,18 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSocketFactory;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509ExtendedTrustManager;
+import java.io.IOException;
+import java.security.Key;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.time.Instant;
+import java.util.Date;
+import java.util.concurrent.TimeUnit;
+
 /**
  * Default DAPS Driver Implementation for requesting valid dynamicAttributeToken and verifying DAT
  *
@@ -44,12 +41,12 @@
 public class DefaultDapsDriver implements DapsDriver {
     private static final  Logger LOG = LoggerFactory.getLogger(DefaultDapsDriver.class);
 
-    private SSLSocketFactory sslSocketFactory; //ssl socket factory can be reused
-    private X509ExtendedTrustManager trustManager; //trust manager can be reused
-    private Key privateKey; //private key can be reused
-    private String connectorUUID;
-    private String dapsUrl;
-    private String targetAudience = "IDS_Connector";
+    private final SSLSocketFactory sslSocketFactory; //ssl socket factory can be reused
+    private final X509ExtendedTrustManager trustManager; //trust manager can be reused
+    private final Key privateKey; //private key can be reused
+    private final String connectorUUID;
+    private final String dapsUrl;
+    private final String targetAudience = "IDS_Connector";
 
     public DefaultDapsDriver(DefaultDapsDriverConfig config) {
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
index 63e28c2b5..9164d72ad 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
@@ -18,7 +18,7 @@ public class DefaultDapsDriverConfig {
   @NonNull private String connectorUUID = "";
 
   public static class Builder {
-    @NonNull private DefaultDapsDriverConfig config = new DefaultDapsDriverConfig();
+    @NonNull private final DefaultDapsDriverConfig config = new DefaultDapsDriverConfig();
 
     @NonNull
     public Builder setDapsUrl(String dapsUrl) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
index 5d62a7b2f..275f82c19 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
@@ -14,7 +14,7 @@ public class SecurityRequirements {
   private int auditLogging;
 
   public static class Builder {
-   @NonNull private SecurityRequirements requirements = new SecurityRequirements();
+   @NonNull private final SecurityRequirements requirements = new SecurityRequirements();
 
    @NonNull
    public Builder setAuditLogging(int auditLogging) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
index 0719a7783..67ac13189 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
@@ -30,7 +30,7 @@ public class CustomX509ExtendedKeyManager extends X509ExtendedKeyManager{
     // update on java 11. As we have to check in chooseClientAliases() and chooseServerAlias() if the alias exists in
     // the keystore and we cannot access the cached aliases without an overwritten X509KeyManagerImpl instance, we will
     // also cache the aliases and its properties in the following HashMap.
-    private HashMap<String, CachedAliasValue> cachedAliases = new HashMap<>();
+    private final HashMap<String, CachedAliasValue> cachedAliases = new HashMap<>();
 
     CustomX509ExtendedKeyManager(String alias, String keyType, final X509ExtendedKeyManager delegate){
         super();
@@ -137,8 +137,8 @@ public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEn
 
 
     private static class CachedAliasValue {
-        private String keyType; //key algorithm type name
-        private Principal issuer; //certificate issuer
+        private final String keyType; //key algorithm type name
+        private final Principal issuer; //certificate issuer
 
         CachedAliasValue(String keyType, Principal issuer){
             this.keyType = keyType;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index e02a0745a..93550c54b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -1,6 +1,5 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores;
 
-import java.util.Date;
 import javax.net.ssl.*;
 import java.io.IOException;
 import java.io.InputStream;
@@ -9,6 +8,7 @@
 import java.security.*;
 import java.security.cert.*;
 import java.util.Arrays;
+import java.util.Date;
 import java.util.Set;
 import java.util.stream.Collectors;
 
@@ -68,7 +68,7 @@ public static KeyManager[] getX509ExtKeyManager(
             String keyType
     ) {
         try (
-                InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath));
+                InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath))
         ) {
             /* create KeyManager for remote authentication */
             final KeyManager[] myKeyManager;
@@ -108,7 +108,7 @@ public static Key getKey(
         String keyAlias
     ) {
         try (
-            InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath));
+            InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath))
         ) {
             /* create KeyManager for remote authentication */
             KeyStore keystore = KeyStore.getInstance("JKS");
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
index 51a270b2e..87fbc1ca6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
@@ -16,7 +16,7 @@
 public class RatProverDummy extends RatProverDriver {
     private static final Logger LOG = LoggerFactory.getLogger(RatProverDummy.class);
 
-    private BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
+    private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
 
     public RatProverDummy(){
         super();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
index 6a9a927f2..9127ddfae 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
@@ -16,7 +16,7 @@
 public class RatVerifierDummy extends RatVerifierDriver {
     private static final Logger LOG = LoggerFactory.getLogger(RatVerifierDummy.class);
 
-    private BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
+    private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
 
     public RatVerifierDummy(){
         super();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java
similarity index 99%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java
index b589ec768..0639288dc 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dHelper.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java
@@ -1,12 +1,13 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
 
-import java.security.MessageDigest;
-import java.security.SecureRandom;
-import java.security.cert.Certificate;
 import org.checkerframework.checker.nullness.qual.Nullable;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.security.MessageDigest;
+import java.security.SecureRandom;
+import java.security.cert.Certificate;
+
 public class TPM2dHelper {
   private static final Logger LOG = LoggerFactory.getLogger(TPM2dHelper.class);
   private static final SecureRandom sr = new SecureRandom();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java
similarity index 98%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java
index a59a83ccd..effae50fe 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TpmMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java
@@ -1,9 +1,10 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
 
 
 import com.google.protobuf.ByteString;
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.*;
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.RemoteToTpm2d.Code;
+
 import java.util.List;
 
 /**
@@ -11,7 +12,7 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class TpmMessageFactory {
+public class TPM2dMessageFactory {
 
   static Tpm2dMessageWrapper getAttestationChallengeMessage(
       byte[] nonce,
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java
similarity index 95%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java
index 33a1aea39..b2ff18fb0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
 
 import com.google.protobuf.InvalidProtocolBufferException;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
@@ -54,7 +54,7 @@ public class TPM2dProver extends RatProverDriver {
    */
 
   private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
-  private Tpm2dProverConfig config = new Tpm2dProverConfig.Builder().build();
+  private TPM2dProverConfig config = new TPM2dProverConfig.Builder().build();
 
   public TPM2dProver(){
     super();
@@ -62,11 +62,11 @@ public TPM2dProver(){
 
   @Override
   public void setConfig(Object config) {
-    if (config instanceof Tpm2dProverConfig) {
+    if (config instanceof TPM2dProverConfig) {
       if (LOG.isDebugEnabled()) {
         LOG.debug("Set rat prover config");
       }
-      this.config = (Tpm2dProverConfig) config;
+      this.config = (TPM2dProverConfig) config;
     } else {
       if (LOG.isWarnEnabled()) {
         LOG.warn("Invalid prover config");
@@ -134,7 +134,7 @@ public void run() {
         config.getRemoteCertificate());
 
     // generate RemoteToTPM2dRequest
-    RemoteToTpm2d tpmRequest = TpmMessageFactory.getRemoteToTPM2dMessage(
+    RemoteToTpm2d tpmRequest = TPM2dMessageFactory.getRemoteToTPM2dMessage(
         challenge.getAtype(),
         hash,
         challenge.hasPcrIndices() ? challenge.getPcrIndices() : 0
@@ -152,7 +152,7 @@ public void run() {
     }
 
     // create Tpm2dResponse
-    byte[] response = TpmMessageFactory.getAttestationResponseMessage(tpmResponse)
+    byte[] response = TPM2dMessageFactory.getAttestationResponseMessage(tpmResponse)
         .toByteArray();
 
     if (LOG.isDebugEnabled()) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java
similarity index 83%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java
index dd904d1f4..b9a64a8c8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dProverConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java
@@ -1,25 +1,26 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
 
-import java.security.cert.Certificate;
 import org.checkerframework.checker.nullness.qual.NonNull;
 
+import java.security.cert.Certificate;
+
 /**
  * A configuration class for TPM2d RatPriver driver
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class Tpm2dProverConfig {
+public class TPM2dProverConfig {
 
   private Certificate remoteCertificate;
   @NonNull private String tpm2dHost;
 
-  private Tpm2dProverConfig() {
+  private TPM2dProverConfig() {
     tpm2dHost = System.getenv("TPM_HOST") != null ?
         System.getenv("TPM_HOST") : "localhost";
   }
 
   public static class Builder {
-    private static Tpm2dProverConfig config = new Tpm2dProverConfig();
+    private static final TPM2dProverConfig config = new TPM2dProverConfig();
 
     @NonNull
     public Builder setRemoteCertificate(Certificate remoteCert) {
@@ -33,7 +34,7 @@ public Builder setTpmHost(String host) {
       return this;
     }
 
-    public Tpm2dProverConfig build() {
+    public TPM2dProverConfig build() {
       return config;
     }
   }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java
similarity index 99%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java
index 68d868816..943de0690 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dSocket.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java
@@ -1,7 +1,8 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
 
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.RemoteToTpm2d;
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dToRemote;
+
 import java.io.DataInputStream;
 import java.io.DataOutputStream;
 import java.io.IOException;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java
similarity index 96%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java
index b6f0951dc..3b65cc1a8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/TPM2dVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
 
 import com.google.protobuf.InvalidProtocolBufferException;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
@@ -65,7 +65,7 @@ public class TPM2dVerifier extends RatVerifierDriver {
    */
 
   private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
-  private Tpm2dVerifierConfig config = new Tpm2dVerifierConfig.Builder().build();
+  private TPM2dVerifierConfig config = new TPM2dVerifierConfig.Builder().build();
 
   public TPM2dVerifier(){
     super();
@@ -73,9 +73,9 @@ public TPM2dVerifier(){
 
   @Override
   public void setConfig(Object config) {
-    if (config instanceof Tpm2dVerifierConfig) {
+    if (config instanceof TPM2dVerifierConfig) {
       LOG.debug("Set rat verifier config");
-      this.config = (Tpm2dVerifierConfig) config;
+      this.config = (TPM2dVerifierConfig) config;
     } else {
       LOG.warn("Invalid config");
     }
@@ -96,7 +96,7 @@ public void run(){
     byte[] nonce = TPM2dHelper.generateNonce(20);
 
     // send challenge as RAT Verifier Message
-    byte[] ratChallenge = TpmMessageFactory.getAttestationChallengeMessage(
+    byte[] ratChallenge = TPM2dMessageFactory.getAttestationChallengeMessage(
         nonce, config.getExpectedAType(), config.getExpectedAttestationMask()).toByteArray();
 
     fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratChallenge);
@@ -150,7 +150,7 @@ public void run(){
 
     // create and send rat result
     LOG.debug("Send rat result to remote prover");
-    byte[] ratResult = TpmMessageFactory.getAttestationResultMessage(result).toByteArray();
+    byte[] ratResult = TPM2dMessageFactory.getAttestationResultMessage(result).toByteArray();
     fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratResult);
 
     // notify fsm about result
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java
similarity index 89%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java
index 9c5060b24..3dee225a5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/TPM2d/Tpm2dVerifierConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java
@@ -1,24 +1,25 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
 
 import de.fhg.aisec.ids.messages.Tpm2dAttestation.IdsAttestationType;
+import org.checkerframework.checker.nullness.qual.NonNull;
+
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.security.cert.Certificate;
-import org.checkerframework.checker.nullness.qual.NonNull;
 
 /**
  * A configuration class for TPM2d RatVerifier Driver
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class Tpm2dVerifierConfig {
+public class TPM2dVerifierConfig {
 
   private Certificate localCertificate;
   @NonNull private URI ttpUri;
   @NonNull private IdsAttestationType expectedAType = IdsAttestationType.BASIC;
   private int expectedAttestationMask = 0;
 
-  private Tpm2dVerifierConfig() {
+  private TPM2dVerifierConfig() {
     try {
       ttpUri = new URI("https://invalid-ttp-uri/rat-verify");
     } catch (URISyntaxException e) {
@@ -27,7 +28,7 @@ private Tpm2dVerifierConfig() {
   }
 
   public static class Builder {
-    private static Tpm2dVerifierConfig config = new Tpm2dVerifierConfig();
+    private static final TPM2dVerifierConfig config = new TPM2dVerifierConfig();
 
     @NonNull
     public Builder setTtpUri(URI ttpUri) {
@@ -52,7 +53,7 @@ public Builder setExpectedAttestationMask(int mask) {
       return this;
     }
 
-    public Tpm2dVerifierConfig build() {
+    public TPM2dVerifierConfig build() {
       return config;
     }
   }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
index 8368c96d9..47190ab5c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
@@ -4,9 +4,9 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server.TLSServer;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -14,6 +14,7 @@
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * An implementation of SecureChannelDriver interface on TLSv1.3
@@ -27,7 +28,7 @@ public class NativeTLSDriver implements SecureChannelDriver {
      * Asynchronous client connect to a TLS server
      */
     @Override
-    public void connect(IDSCPv2Settings settings, IDSCPv2Callback callback) {
+    public void connect(Idscp2Settings settings, Idscp2Callback callback) {
         try {
             TLSClient tlsClient = new TLSClient(settings, callback);
             tlsClient.connect(settings.getHost(), settings.getServerPort());
@@ -46,10 +47,10 @@ public void connect(IDSCPv2Settings settings, IDSCPv2Callback callback) {
      * return null on failure
      */
     @Override
-    public SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback configCallback,
-                               IdscpServerListener idscpServerCallback) {
+    public SecureServer listen(Idscp2Settings settings, Idscp2Callback configCallback,
+                               CompletableFuture<Idscp2Connection> connectionPromise) {
         try {
-            TLSServer tlsServer = new TLSServer(settings, configCallback, idscpServerCallback);
+            TLSServer tlsServer = new TLSServer(settings, configCallback, connectionPromise);
             tlsServer.start();
             return tlsServer;
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java
similarity index 95%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java
index 6127dcd7a..9a3952894 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsSessionVerificationHelper.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java
@@ -1,20 +1,17 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel;
 
-import java.security.cert.Certificate;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateNotYetValidException;
-import java.security.cert.CertificateParsingException;
-import java.security.cert.X509Certificate;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.SSLPeerUnverifiedException;
+import javax.net.ssl.SSLSession;
+import java.security.cert.*;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Date;
 import java.util.List;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
-import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLSession;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 /**
  * A class for verifying an established TLS Session on application layer
@@ -22,8 +19,8 @@
  *
  * @author Leon Beckmann (leon.beckmannn@aisec.fraunhofer.de)
  */
-public class TlsSessionVerificationHelper {
-  private static final Logger LOG = LoggerFactory.getLogger(TlsSessionVerificationHelper.class);
+public class TLSSessionVerificationHelper {
+  private static final Logger LOG = LoggerFactory.getLogger(TLSSessionVerificationHelper.class);
 
   private static final String ipv4Pattern =
       "(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])";
@@ -60,7 +57,7 @@ public static void verifyTlsSession(SSLSession sslSession) throws SSLPeerUnverif
        * According to RFC6125, hostname verification should be done against the certificate's
        * subject alternative name's (SANs) dNSName field or the SANs IPAddress. In some legacy
        * implementations, the check is done against the certificate's commonName, but this is
-       * deprecated for quite a while and is therefore not supported anymore in te IDSCPv2 protocol.
+       * deprecated for quite a while and is therefore not supported anymore in te IDSCP2 protocol.
        */
       Collection<List<?>> sans = peerCert.getSubjectAlternativeNames();
       if (sans == null) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java
index f9662adcf..bbbec4b60 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java
@@ -113,5 +113,5 @@ public final class TlsConstants {
             "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"*/
     };
 
-    private TlsConstants() {};
+    private TlsConstants() {}
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index b3a0ba1ec..e3f60a084 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -14,7 +14,7 @@
  */
 public class InputListenerThread extends Thread implements InputListener {
 
-    private DataInputStream in;
+    private final DataInputStream in;
     private DataAvailableListener listener = null; //no race conditions, could be empty list
     private volatile boolean running = true;
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index d65d73453..b3c16f91e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -1,10 +1,10 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsSessionVerificationHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
@@ -21,7 +21,7 @@
 import java.util.concurrent.CountDownLatch;
 
 /**
- * A TLS Client that notifies an IDSCPv2Configuration when a secure channel was created and the
+ * A TLS Client that notifies an Idscp2Configuration when a secure channel was created and the
  * TLS handshake is done. The client is notified from an InputListenerThread when new data are
  * available and transfer it to the SecureChannelListener
  *
@@ -31,15 +31,15 @@
 public class TLSClient implements HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
     private static final Logger LOG = LoggerFactory.getLogger(TLSClient.class);
 
-    private Socket clientSocket;
+    private final Socket clientSocket;
     private DataOutputStream out;
     private InputListenerThread inputListenerThread;
     private SecureChannelListener listener; //race conditions are avoided using CountDownLatch
-    private CountDownLatch listenerLatch = new CountDownLatch(1);
-    private IDSCPv2Callback callback; //race conditions are avoided because callback is initialized in constructor
+    private final CountDownLatch listenerLatch = new CountDownLatch(1);
+    private final Idscp2Callback callback;
 
 
-    public TLSClient(IDSCPv2Settings clientSettings, IDSCPv2Callback callback)
+    public TLSClient(Idscp2Settings clientSettings, Idscp2Callback callback)
             throws IOException, KeyManagementException, NoSuchAlgorithmException{
         this.callback = callback;
         /* init TLS Client */
@@ -195,7 +195,7 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
 
         // verify tls session on application layer: hostname verification, certificate validity
         try {
-            TlsSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
+            TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
             LOG.debug("TLS session is valid");
         } catch (SSLPeerUnverifiedException e) {
             if (LOG.isWarnEnabled()) {
@@ -207,7 +207,7 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
         }
 
         //Create secure channel, register secure channel as message listener and provide it to
-        // IDSCPv2 Configuration.
+        // IDSCP2 Configuration.
         //Start Input Listener
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index 63f5ecdd9..17bba4e93 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -1,11 +1,11 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -15,9 +15,10 @@
 import java.net.SocketTimeoutException;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
+import java.util.concurrent.CompletableFuture;
 
 /**
- * A TLS Server that listens on a given port from the IDSCPv2Settings and create new
+ * A TLS Server that listens on a given port from the Idscp2Settings and create new
  * TLSServerThreads for incoming connections
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
@@ -27,14 +28,14 @@ public class TLSServer extends Thread implements SecureServer {
 
     private volatile boolean isRunning = false;
     private final ServerSocket serverSocket;
-    private final IDSCPv2Callback idscpConfigCallback; //no race conditions
-    private final IdscpServerListener idscpServerCallback;
+    private final Idscp2Callback idscpConfigCallback; //no race conditions
+    private final CompletableFuture<Idscp2Connection> connectionPromise;
 
-    public TLSServer(IDSCPv2Settings serverSettings, IDSCPv2Callback configCallback,
-                     IdscpServerListener idscpServerCallback)
+    public TLSServer(Idscp2Settings serverSettings, Idscp2Callback configCallback,
+                     CompletableFuture<Idscp2Connection> connectionPromise)
             throws IOException, NoSuchAlgorithmException, KeyManagementException {
         this.idscpConfigCallback = configCallback;
-        this.idscpServerCallback = idscpServerCallback;
+        this.connectionPromise = connectionPromise;
 
         /* init server for TCP/TLS communication */
 
@@ -110,7 +111,7 @@ public void run(){
 
             //start new server thread
             LOG.debug("New TLS client has connected. Create new server session");
-            TLSServerThread server = new TLSServerThread(sslSocket, idscpConfigCallback, idscpServerCallback);
+            TLSServerThread server = new TLSServerThread(sslSocket, idscpConfigCallback, connectionPromise);
             sslSocket.addHandshakeCompletedListener(server);
             server.start();
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index 3ed6c0ff5..e82c35c33 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -1,24 +1,28 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsSessionVerificationHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
-import javax.net.ssl.SSLPeerUnverifiedException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.net.ssl.HandshakeCompletedEvent;
 import javax.net.ssl.HandshakeCompletedListener;
+import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSocket;
-import java.io.*;
+import java.io.DataInputStream;
+import java.io.DataOutputStream;
+import java.io.EOFException;
+import java.io.IOException;
 import java.net.SocketTimeoutException;
+import java.util.concurrent.CompletableFuture;
 import java.util.concurrent.CountDownLatch;
 
 /**
- * A TLSServerThread that notifies an IDSCPv2Config when a secure channel was created and the
+ * A TLSServerThread that notifies an IDSCP2Config when a secure channel was created and the
  * TLS handshake is done
  *
  * When new data are available the serverThread transfers it to the SecureChannelListener
@@ -28,21 +32,22 @@
 public class TLSServerThread extends Thread implements HandshakeCompletedListener, SecureChannelEndpoint {
     private static final Logger LOG = LoggerFactory.getLogger(TLSServerThread.class);
 
-    private SSLSocket sslSocket;
+    private final SSLSocket sslSocket;
     private volatile boolean running = true;
     private DataInputStream in;
     private DataOutputStream out;
     private SecureChannelListener listener = null;  // race conditions are avoided using CountDownLatch
-    private IDSCPv2Callback configCallback;  //no race conditions
-    private IdscpServerListener idscpServerCallback; //no race conditions
-    private CountDownLatch listenerLatch = new CountDownLatch(1);
-    private CountDownLatch tlsVerificationLatch = new CountDownLatch(1);
+    private final Idscp2Callback configCallback;
+    private final CompletableFuture<Idscp2Connection> connectionPromise;
+    private final CountDownLatch listenerLatch = new CountDownLatch(1);
+    private final CountDownLatch tlsVerificationLatch = new CountDownLatch(1);
 
 
-    TLSServerThread(SSLSocket sslSocket, IDSCPv2Callback configCallback, IdscpServerListener idscpServerCallback){
+    TLSServerThread(SSLSocket sslSocket, Idscp2Callback configCallback,
+                    CompletableFuture<Idscp2Connection> connectionPromise){
         this.sslSocket = sslSocket;
         this.configCallback = configCallback;
-        this.idscpServerCallback = idscpServerCallback;
+        this.connectionPromise = connectionPromise;
 
         try {
             //set timout for blocking read
@@ -176,7 +181,7 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
 
         // verify tls session on application layer: hostname verification, certificate validity
         try {
-            TlsSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
+            TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
             LOG.debug("TLS session is valid");
             tlsVerificationLatch.countDown();
         } catch (SSLPeerUnverifiedException e) {
@@ -188,10 +193,10 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
             return;
         }
 
-        //provide secure channel to IDSCPv2 Config and register secure channel as listener
+        //provide secure channel to IDSCP2 Config and register secure channel as listener
         SecureChannel secureChannel = new SecureChannel(this);
         this.listener = secureChannel;
         listenerLatch.countDown();
-        configCallback.secureChannelListenHandler(secureChannel, idscpServerCallback);
+        configCallback.secureChannelListenHandler(secureChannel, connectionPromise);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
index 08e3a707d..e26bc966a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
@@ -17,7 +17,7 @@ public abstract class RatProverDriver extends Thread{
     protected FsmListener fsmListener;
 
     /*
-     * Delegate an IDSCPv2 message to the RatProver driver
+     * Delegate an IDSCP2 message to the RatProver driver
      */
     public void delegate(byte[] message){}
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
index 362169234..79686cda7 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
@@ -17,7 +17,7 @@ public abstract class RatVerifierDriver extends Thread{
     protected FsmListener fsmListener;
 
     /*
-     * Delegate the IDSCPv2 message to the RatVerifier driver
+     * Delegate the IDSCP2 message to the RatVerifier driver
      */
     public void delegate(byte[] message){}
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
index 3adab7967..02a3f0d0d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
@@ -1,12 +1,14 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Callback;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
+
+import java.util.concurrent.CompletableFuture;
 
 /**
- * An interface for the IDSCPv2 SecureChannelDriver class, that implements a connect() function
- * for IDSCPv2 clients and a listen() function for IDSCPv2 servers to connect the underlying layer
+ * An interface for the IDSCP2 SecureChannelDriver class, that implements a connect() function
+ * for IDSCP2 clients and a listen() function for IDSCP2 servers to connect the underlying layer
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -15,11 +17,11 @@ public interface SecureChannelDriver {
     /*
      * Asynchronous method to create a secure connection to a secure server
      */
-    void connect(IDSCPv2Settings settings, IDSCPv2Callback configCallback);
+    void connect(Idscp2Settings settings, Idscp2Callback configCallback);
 
     /*
      * Starting a secure server
      */
-    SecureServer listen(IDSCPv2Settings settings, IDSCPv2Callback configCallback,
-                        IdscpServerListener idscpServerCallback);
+    SecureServer listen(Idscp2Settings settings, Idscp2Callback configCallback,
+                        CompletableFuture<Idscp2Connection> connectionPromise);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
index 260439be5..af0f3913d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
 /**
- * An interface for the IDSCPv2 Secure Server
+ * An interface for the IDSCP2 Secure Server
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/IDSCPv2Exception.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java
similarity index 50%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/IDSCPv2Exception.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java
index ad16f97f3..9c19390ea 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/IDSCPv2Exception.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java
@@ -1,16 +1,16 @@
 package de.fhg.aisec.ids.idscp2.error;
 
 /**
- * IDSCPv2 Exception
+ * IDSCP2 Exception
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class IDSCPv2Exception extends Exception{
-    public IDSCPv2Exception(String message) {
+public class Idscp2Exception extends Exception{
+    public Idscp2Exception(String message) {
         super(message);
     }
 
-    public IDSCPv2Exception(String message, Throwable cause) {
+    public Idscp2Exception(String message, Throwable cause) {
         super(message, cause);
     }
 }
diff --git a/idscp2/src/test/java/IDSCPv2ClientInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
similarity index 71%
rename from idscp2/src/test/java/IDSCPv2ClientInitiator.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
index 06ab74b40..b3a0d4f6f 100644
--- a/idscp2/src/test/java/IDSCPv2ClientInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
@@ -1,27 +1,29 @@
-import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
+package de.fhg.aisec.ids.idscp2.example;
+
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.TPM2dProver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.TPM2dVerifier;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.Tpm2dProverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.Tpm2dVerifierConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpConnectionListener;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 
 import java.nio.charset.StandardCharsets;
 
-public class IDSCPv2ClientInitiator implements IDSCPv2Initiator {
+public class Idscp2ClientInitiator implements Idscp2EndpointListener {
 
-    public void init(IDSCPv2Settings settings){
+    public void init(Idscp2Settings settings){
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
         DefaultDapsDriverConfig config =
             new DefaultDapsDriverConfig.Builder()
@@ -43,14 +45,14 @@ public void init(IDSCPv2Settings settings){
 
         RatProverDriverRegistry.getInstance().registerDriver(
             "TPM2d", TPM2dProver.class,
-            new Tpm2dProverConfig.Builder().build()
+            new TPM2dProverConfig.Builder().build()
         );
         RatVerifierDriverRegistry.getInstance().registerDriver(
             "TPM2d", TPM2dVerifier.class,
-            new Tpm2dVerifierConfig.Builder().build()
+            new TPM2dVerifierConfig.Builder().build()
         );
 
-        IDSCPv2Configuration clientConfig = new IDSCPv2Configuration(
+        Idscp2Configuration clientConfig = new Idscp2Configuration(
             this,
             dapsDriver,
             secureChannelDriver,
@@ -62,12 +64,12 @@ public void init(IDSCPv2Settings settings){
     }
 
     @Override
-    public void newConnectionHandler(Idscp2Connection connection) {
+    public void onConnection(Idscp2Connection connection) {
         System.out.println("Client: New connection with id " + connection.getConnectionId());
-        connection.addConnectionListener(new IdscpConnectionListener() {
+        connection.addConnectionListener(new Idscp2ConnectionListener() {
             @Override
             public void onError(String error) {
-                System.out.println("Client error occurred: " + error);
+                System.out.println("Client connection error occurred: " + error);
             }
 
             @Override
@@ -85,7 +87,7 @@ public void onClose(String connectionId) {
     }
 
     @Override
-    public void errorHandler(String error) {
-        System.out.println("Client error occurred: " + error);
+    public void onError(String error) {
+        System.out.println("Client endpoint error occurred: " + error);
     }
 }
diff --git a/idscp2/src/test/java/IDSCPv2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
similarity index 67%
rename from idscp2/src/test/java/IDSCPv2ServerInitiator.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
index 3b62e7961..ff89f928f 100644
--- a/idscp2/src/test/java/IDSCPv2ServerInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
@@ -1,32 +1,32 @@
-import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
+package de.fhg.aisec.ids.idscp2.example;
+
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.TPM2dProver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.TPM2dVerifier;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.Tpm2dProverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.TPM2d.Tpm2dVerifierConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpConnectionListener;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Configuration;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 
 import java.nio.charset.StandardCharsets;
 
 
-public class IDSCPv2ServerInitiator implements IDSCPv2Initiator {
-
-    //private ConcurrentHashMap<String, Idscp2Connection> connections = new ConcurrentHashMap<>();
+public class Idscp2ServerInitiator implements Idscp2EndpointListener {
 
-    public void init(IDSCPv2Settings serverSettings)  {
+    public void init(Idscp2Settings serverSettings)  {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
 
         DefaultDapsDriverConfig config =
@@ -47,14 +47,14 @@ public void init(IDSCPv2Settings serverSettings)  {
             "Dummy", RatVerifierDummy.class, null);
         RatProverDriverRegistry.getInstance().registerDriver(
             "TPM2d", TPM2dProver.class,
-            new Tpm2dProverConfig.Builder().build()
+            new TPM2dProverConfig.Builder().build()
         );
         RatVerifierDriverRegistry.getInstance().registerDriver(
             "TPM2d", TPM2dVerifier.class,
-            new Tpm2dVerifierConfig.Builder().build()
+            new TPM2dVerifierConfig.Builder().build()
         );
 
-        IDSCPv2Configuration idscpServerConfig = new IDSCPv2Configuration(
+        Idscp2Configuration idscpServerConfig = new Idscp2Configuration(
             this,
             dapsDriver,
             secureChannelDriver,
@@ -63,10 +63,10 @@ public void init(IDSCPv2Settings serverSettings)  {
             serverSettings.getRatTimeoutDelay()
         );
 
-        IDSCPv2Server idscPv2Server;
+        Idscp2Server idscp2Server;
         try {
-            idscPv2Server = idscpServerConfig.listen(serverSettings);
-        } catch (IDSCPv2Exception e) {
+            idscp2Server = idscpServerConfig.listen(serverSettings);
+        } catch (Idscp2Exception e) {
             //e.printStackTrace();
             return;
         }
@@ -76,16 +76,16 @@ public void init(IDSCPv2Settings serverSettings)  {
         } catch (Exception e){
             return;
         }
-        idscPv2Server.terminate();
+        idscp2Server.terminate();
     }
 
     @Override
-    public void newConnectionHandler(Idscp2Connection connection) {
+    public void onConnection(Idscp2Connection connection) {
         System.out.println("Server: New connection with id " + connection.getConnectionId());
-        connection.addConnectionListener(new IdscpConnectionListener() {
+        connection.addConnectionListener(new Idscp2ConnectionListener() {
             @Override
             public void onError(String error) {
-                System.out.println("Server error occurred: " + error);
+                System.out.println("Server connection error occurred: " + error);
             }
 
             @Override
@@ -103,7 +103,7 @@ public void onClose(String connectionId) {
     }
 
     @Override
-    public void errorHandler(String error) {
-        System.out.println("Server error occurred: " + error);
+    public void onError(String error) {
+        System.out.println("Server endpoint error occurred: " + error);
     }
 }
diff --git a/idscp2/src/test/java/RunTLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
similarity index 68%
rename from idscp2/src/test/java/RunTLSClient.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
index 1e0983803..c97741f93 100644
--- a/idscp2/src/test/java/RunTLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
@@ -1,11 +1,13 @@
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+package de.fhg.aisec.ids.idscp2.example;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 
 
 public class RunTLSClient {
 
     public static void main(String[] args){
         //start client
-        IDSCPv2Settings settings = new IDSCPv2Settings.Builder()
+        Idscp2Settings settings = new Idscp2Settings.Builder()
             .setKeyStore(RunTLSClient.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStore(RunTLSClient.class.getClassLoader().
@@ -15,7 +17,7 @@ public static void main(String[] args){
             .setRatTimeoutDelay(10)
             .build();
 
-        IDSCPv2ClientInitiator initiator = new IDSCPv2ClientInitiator();
+        Idscp2ClientInitiator initiator = new Idscp2ClientInitiator();
         initiator.init(settings);
     }
 }
diff --git a/idscp2/src/test/java/RunTLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
similarity index 64%
rename from idscp2/src/test/java/RunTLSServer.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
index 1635158b8..2816fb636 100644
--- a/idscp2/src/test/java/RunTLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
@@ -1,10 +1,12 @@
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.IDSCPv2Settings;
+package de.fhg.aisec.ids.idscp2.example;
 
-public class RunTLSServer{
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
+
+public class RunTLSServer {
 
     public static void main(String[] argv){
 
-        IDSCPv2Settings settings = new IDSCPv2Settings.Builder()
+        Idscp2Settings settings = new Idscp2Settings.Builder()
             .setKeyStore(RunTLSClient.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStore(RunTLSServer.class.getClassLoader().
@@ -14,7 +16,7 @@ public static void main(String[] argv){
             .setRatTimeoutDelay(14)
             .build();
 
-        IDSCPv2ServerInitiator initiator = new IDSCPv2ServerInitiator();
+        Idscp2ServerInitiator initiator = new Idscp2ServerInitiator();
         initiator.init(settings);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
index 0419168b1..e5e7cea90 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
@@ -8,7 +8,7 @@
 import java.util.*;
 
 /**
- * The IDSCPv2 Connection class holds connections between connectors
+ * The IDSCP2 Connection class holds connections between connectors
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
@@ -18,9 +18,9 @@ public class Idscp2Connection {
 
     private final FSM fsm;
     private final String connectionId;
-    private final Set<IdscpConnectionListener> connectionListeners = new HashSet<>();
-    private final Set<IdscpMessageListener> genericMessageListeners = new HashSet<>();
-    private final Map<String, Set<IdscpMessageListener>> messageListeners = new HashMap<>();
+    private final Set<Idscp2ConnectionListener> connectionListeners = new HashSet<>();
+    private final Set<Idscp2MessageListener> genericMessageListeners = new HashSet<>();
+    private final Map<String, Set<Idscp2MessageListener>> messageListeners = new HashMap<>();
 
     public Idscp2Connection(FSM fsm, String connectionId) {
         this.fsm = fsm;
@@ -51,7 +51,7 @@ public void onMessage(String type, byte[] msg) {
         synchronized (genericMessageListeners) {
             genericMessageListeners.forEach(l -> l.onMessage(type, msg));
         }
-        Set<IdscpMessageListener> listeners = messageListeners.get(type);
+        Set<Idscp2MessageListener> listeners = messageListeners.get(type);
         if (listeners != null) {
             //noinspection SynchronizationOnLocalVariableOrMethodParameter
             synchronized (listeners) {
@@ -78,33 +78,33 @@ public String getConnectionId() {
         return connectionId;
     }
 
-    public void addConnectionListener(IdscpConnectionListener listener) {
+    public void addConnectionListener(Idscp2ConnectionListener listener) {
         synchronized (connectionListeners) {
             connectionListeners.add(listener);
         }
     }
 
-    public boolean removeConnectionListener(IdscpConnectionListener listener) {
+    public boolean removeConnectionListener(Idscp2ConnectionListener listener) {
         synchronized (connectionListeners) {
             return connectionListeners.remove(listener);
         }
     }
 
-    public void addGenericMessageListener(IdscpMessageListener listener) {
+    public void addGenericMessageListener(Idscp2MessageListener listener) {
         synchronized (genericMessageListeners) {
             genericMessageListeners.add(listener);
         }
     }
 
-    public boolean removeGenericMessageListener(IdscpMessageListener listener) {
+    public boolean removeGenericMessageListener(Idscp2MessageListener listener) {
         synchronized (genericMessageListeners) {
             return genericMessageListeners.remove(listener);
         }
     }
 
-    public void addMessageListener(@Nullable String type, IdscpMessageListener listener) {
+    public void addMessageListener(@Nullable String type, Idscp2MessageListener listener) {
         synchronized (messageListeners) {
-            Set<IdscpMessageListener> messageTypeListeners
+            Set<Idscp2MessageListener> messageTypeListeners
                 = messageListeners.computeIfAbsent(type, k -> new HashSet<>());
             //noinspection SynchronizationOnLocalVariableOrMethodParameter
             synchronized (messageTypeListeners) {
@@ -114,9 +114,9 @@ public void addMessageListener(@Nullable String type, IdscpMessageListener liste
         }
     }
 
-    public boolean removeMessageListener(@Nullable String type, IdscpMessageListener listener) {
+    public boolean removeMessageListener(@Nullable String type, Idscp2MessageListener listener) {
         synchronized (messageListeners) {
-            Set<IdscpMessageListener> messageTypeListeners = messageListeners.get(type);
+            Set<Idscp2MessageListener> messageTypeListeners = messageListeners.get(type);
             if (messageTypeListeners == null) {
                 return false;
             }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConnectionListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
similarity index 78%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConnectionListener.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
index bd5d4b6f0..0441615d8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConnectionListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
@@ -1,10 +1,10 @@
 package de.fhg.aisec.ids.idscp2.idscp_core;
 
 /**
- * An IDSCP Connection Listener interface that is implemented by the IDSCPv2 Server to notify the
+ * An IDSCP Connection Listener interface that is implemented by the IDSCP2 Server to notify the
  * server about lifetimes of IDSCP connections. The server caches all active connections.
  */
-public interface IdscpConnectionListener {
+public interface Idscp2ConnectionListener {
 
     void onError(String error);
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java
similarity index 96%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java
index 262040c66..1c038d099 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java
@@ -1,15 +1,16 @@
 package de.fhg.aisec.ids.idscp2.idscp_core;
 
 import com.google.protobuf.ByteString;
-import de.fhg.aisec.ids.messages.IDSCPv2.*;
+import de.fhg.aisec.ids.messages.IDSCP2.*;
+
 import java.util.Arrays;
 
 /**
- * A factory for creating IDSCPv2 messages
+ * A factory for creating IDSCP2 messages
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class IdscpMessageFactory {
+public class Idscp2MessageHelper {
 
     public static IdscpMessage createIdscpHelloMessage(byte[] dat, String[] supportedRatSuite, String[] expectedRatSuite){
         IdscpDat idscpDat = IdscpDat.newBuilder()
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java
similarity index 83%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageListener.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java
index 5c3d3d39d..5576deac1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpMessageListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java
@@ -3,7 +3,7 @@
 /**
  * An interface for an IDSCP message listener
  */
-public interface IdscpMessageListener {
+public interface Idscp2MessageListener {
 
     /*
      * notify the listener about new data
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConstants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConstants.java
deleted file mode 100644
index 37a9c9502..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/IdscpConstants.java
+++ /dev/null
@@ -1,10 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core;
-
-/**
- * Global IDSCPv2 protocol constants
- *
- * @author Leon Beckmann(leon.beckmann@aisec.fraunhofer.de)
- */
-public final class IdscpConstants {
-    private IdscpConstants(){};
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Callback.java
similarity index 69%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Callback.java
index 9c1fd0ba5..9b7c4e948 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Callback.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Callback.java
@@ -1,15 +1,17 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 
+import java.util.concurrent.CompletableFuture;
+
 /**
- * An callback interface that implements callback functions that notifies about new
- * secureChannels
+ * An callback interface that implements callback functions that notify about new
+ * SecureChannels
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public interface IDSCPv2Callback {
+public interface Idscp2Callback {
 
     /*
      * Notify the client about a new secure channel
@@ -21,7 +23,7 @@ public interface IDSCPv2Callback {
      */
     void secureChannelListenHandler(
         SecureChannel secureChannel,
-        IdscpServerListener idscpServer
+        CompletableFuture<Idscp2Connection> connectionPromise
     );
 
 }
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
similarity index 57%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
index 0c4754fe9..3ca887848 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
@@ -1,26 +1,29 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
-import de.fhg.aisec.ids.idscp2.IDSCPv2Initiator;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
-import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IDSCPv2Server;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.IdscpServerListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+
 import java.util.UUID;
+import java.util.concurrent.CompletableFuture;
 
 /**
- * IDSCPv2Configuration class, provides IDSCPv2 API to the User (IDSCPv2Initiator)
+ * Idscp2Configuration class, provides IDSCP2 API to the User (Idscp2EndpointListener)
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class IDSCPv2Configuration implements IDSCPv2Callback {
-    private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Configuration.class);
+public class Idscp2Configuration implements Idscp2Callback {
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2Configuration.class);
 
-    private final IDSCPv2Initiator user;
+    private final Idscp2EndpointListener user;
     private final DapsDriver dapsDriver;
     private final SecureChannelDriver secureChannelDriver;
     private final String[] localExpectedRatCipher;
@@ -28,12 +31,12 @@ public class IDSCPv2Configuration implements IDSCPv2Callback {
     private final int ratTimeout;
 
 
-    public IDSCPv2Configuration(IDSCPv2Initiator initiator,
-                                DapsDriver dapsDriver,
-                                SecureChannelDriver secureChannelDriver,
-                                AttestationConfig expectedAttestation,
-                                AttestationConfig supportedAttestation,
-                                int ratTimeout
+    public Idscp2Configuration(Idscp2EndpointListener initiator,
+                               DapsDriver dapsDriver,
+                               SecureChannelDriver secureChannelDriver,
+                               AttestationConfig expectedAttestation,
+                               AttestationConfig supportedAttestation,
+                               int ratTimeout
     ){
         this.user = initiator;
         this.dapsDriver = dapsDriver;
@@ -44,29 +47,29 @@ public IDSCPv2Configuration(IDSCPv2Initiator initiator,
     }
 
     /*
-     * User API to create a IDSCPv2 connection as a client
+     * User API to create a IDSCP2 connection as a client
      */
-    public void connect(IDSCPv2Settings settings){
+    public void connect(Idscp2Settings settings){
         LOG.info("Connect to an idscpv2 server ({})", settings.getHost());
         secureChannelDriver.connect(settings, this);
     }
 
     /*
-     * User API to create a new IDSCPv2 Server that starts a Secure Server that listens to new
+     * User API to create a new IDSCP2 Server that starts a Secure Server that listens to new
      * secure channels
      */
-    public IDSCPv2Server listen(IDSCPv2Settings settings) throws IDSCPv2Exception {
-        LOG.info("Starting new IDSCPv2 server at port {}", settings.getServerPort());
+    public Idscp2Server listen(Idscp2Settings settings) throws Idscp2Exception {
+        LOG.info("Starting new IDSCP2 server at port {}", settings.getServerPort());
 
+        // requires Promise<Idscp2Connection>
+        final var connectionPromise = new CompletableFuture<Idscp2Connection>();
         final SecureServer secureServer;
-        final IDSCPv2Server idscpServer = new IDSCPv2Server();
 
-        if ((secureServer = secureChannelDriver.listen(settings, this, idscpServer)) == null){
-            throw new IDSCPv2Exception("Idscpv2 listen() failed. Cannot create SecureServer");
+        if ((secureServer = secureChannelDriver.listen(settings, this, connectionPromise)) == null) {
+            throw new Idscp2Exception("Idscpv2 listen() failed. Cannot create SecureServer");
         }
 
-        idscpServer.setSecureServer(secureServer);
-        return idscpServer;
+        return new Idscp2Server(secureServer, connectionPromise);
     }
 
     /*
@@ -76,14 +79,14 @@ public IDSCPv2Server listen(IDSCPv2Settings settings) throws IDSCPv2Exception {
      * to the user
      *
      * If the secure channel was established, a new FSM is created for this connection and the
-     * IDSCPv2 handshake is started. After a successful handshake, a new Idscp2Connection is
+     * IDSCP2 handshake is started. After a successful handshake, a new Idscp2Connection is
      * created and provided to the user
      */
     @Override
     public void secureChannelConnectHandler(SecureChannel secureChannel) {
         if (secureChannel == null){
-            LOG.warn("IDSCPv2 connect failed because no secure channel was established");
-            user.errorHandler("IDSCPv2 connect failed because no secure channel was established");
+            LOG.warn("IDSCP2 connect failed because no secure channel was established");
+            user.onError("IDSCP2 connect failed because no secure channel was established");
         } else {
             LOG.debug("A new secure channel for an outgoing idscpv2 connection was established");
             FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher,
@@ -91,15 +94,15 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
 
             try {
                 fsm.startIdscpHandshake(); //blocking until handshake is done
-            } catch (IDSCPv2Exception e){
+            } catch (Idscp2Exception e){
                 return;
             }
 
             String connectionId = UUID.randomUUID().toString();
             Idscp2Connection newConnection = new Idscp2Connection(fsm, connectionId);
             fsm.registerConnection(newConnection);
-            LOG.info("A new IDSCPv2 connection with id {} was created", connectionId);
-            user.newConnectionHandler(newConnection);
+            LOG.info("A new IDSCP2 connection with id {} was created", connectionId);
+            user.onConnection(newConnection);
         }
     }
 
@@ -110,11 +113,12 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
      * ignored
      *
      * If the secure channel was established, a new FSM is created for this connection and the
-     * IDSCPv2 handshake is started. After a successful handshake, a new Idscp2Connection is
-     * created and provided to the user and the IDSCPv2 server
+     * IDSCP2 handshake is started. After a successful handshake, a new Idscp2Connection is
+     * created and provided to the user and the IDSCP2 server
      */
     @Override
-    public void secureChannelListenHandler(SecureChannel secureChannel, IdscpServerListener idscpServer) {
+    public void secureChannelListenHandler(SecureChannel secureChannel,
+                                           CompletableFuture<Idscp2Connection> connectionPromise) {
         if (secureChannel != null){
             LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
             FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher,
@@ -122,7 +126,7 @@ public void secureChannelListenHandler(SecureChannel secureChannel, IdscpServerL
 
             try {
                 fsm.startIdscpHandshake(); //blocking until handshake is done
-            } catch (IDSCPv2Exception e){
+            } catch (Idscp2Exception e){
                 return;
             }
 
@@ -131,8 +135,9 @@ public void secureChannelListenHandler(SecureChannel secureChannel, IdscpServerL
             Idscp2Connection newConnection = new Idscp2Connection(fsm, connectionId);
             fsm.registerConnection(newConnection);
             LOG.info("A new idscpv2 connection with id {} was created", connectionId);
-            idscpServer.onConnect(newConnection); //bind connection to idscp server
-            user.newConnectionHandler(newConnection);
+            // Complete the connection promise for the IDSCP server
+            connectionPromise.complete(newConnection);
+            user.onConnection(newConnection);
         } else {
             LOG.warn("An incoming idscpv2 client connection request failed because the secure channel is null.");
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
similarity index 89%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
index 963d19251..fc4021914 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/IDSCPv2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
@@ -1,15 +1,14 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
 import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.units.qual.A;
 
 /**
- * IDSCPv2 configuration class, contains information about keyStore and TrustStores,
+ * IDSCP2 configuration class, contains information about keyStore and TrustStores,
  * Attestation Types, host, DAPS, ...
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class IDSCPv2Settings {
+public class Idscp2Settings {
     public static final int DEFAULT_SERVER_PORT = 8080;
 
     private int serverPort = DEFAULT_SERVER_PORT;
@@ -25,9 +24,10 @@ public class IDSCPv2Settings {
     private AttestationConfig expectedAttestation = new AttestationConfig();
     private int ratTimeoutDelay = 20;
 
+    @SuppressWarnings("unused")
     public static class Builder {
         @NonNull
-        private IDSCPv2Settings settings = new IDSCPv2Settings();
+        private final Idscp2Settings settings = new Idscp2Settings();
 
         @NonNull
         public Builder setHost(String host) {
@@ -35,6 +35,12 @@ public Builder setHost(String host) {
             return this;
         }
 
+        @NonNull
+        public Builder setServerPort(int serverPort) {
+            this.settings.serverPort = serverPort;
+            return this;
+        }
+
         @NonNull
         public Builder setTrustStore(String path) {
             this.settings.trustStorePath = path;
@@ -95,7 +101,7 @@ public Builder setRatTimeoutDelay(int delay) {
         }
 
         @NonNull
-        public IDSCPv2Settings build() {
+        public Idscp2Settings build() {
             return this.settings;
         }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
index e8a2559e6..8f1b1a60f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
@@ -1,8 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
-import de.fhg.aisec.ids.messages.IDSCPv2.*;
-
-import javax.swing.*;
+import de.fhg.aisec.ids.messages.IDSCP2.IdscpMessage;
 
 /**
  * An Event class for the Finite State Machine. Triggers a transition and holds
@@ -16,10 +14,10 @@ public enum EventType {
         INTERNAL_CONTROL_MESSAGE
     }
 
-    private Object key;
-    private EventType type;
-    private IdscpMessage idscpMessage;
-    private InternalControlMessage controlMessage;
+    private final Object key;
+    private final EventType type;
+    private final IdscpMessage idscpMessage;
+    private final InternalControlMessage controlMessage;
 
     /*
      * Create an Event with an Internal Control Message
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 72c9abb3b..2960d7e9a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -1,14 +1,16 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 import com.google.protobuf.InvalidProtocolBufferException;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.*;
-import de.fhg.aisec.ids.idscp2.error.IDSCPv2Exception;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import de.fhg.aisec.ids.messages.IDSCPv2.*;
+import de.fhg.aisec.ids.messages.IDSCP2.IdscpMessage;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -18,9 +20,9 @@
 import java.util.concurrent.locks.ReentrantLock;
 
 /**
- * The finite state machine FSM of the IDSCPv2 protocol
+ * The finite state machine FSM of the IDSCP2 protocol
  *
- * Manages IDSCPv2 Handshake, Re-Attestation, DAT-ReRequest and DAT-Re-Validation. Delivers
+ * Manages IDSCP2 Handshake, Re-Attestation, DAT-ReRequest and DAT-Re-Validation. Delivers
  * Internal Control Messages and Idscpv2Messages to the target receivers,
  * creates and manages the states and its transitions and implements security restriction to protect
  * the protocol against misuse and faulty, insecure or evil driver implementations.
@@ -30,7 +32,7 @@
 public class FSM implements FsmListener{
     private static final Logger LOG = LoggerFactory.getLogger(FSM.class);
 
-    /*  -----------   IDSCPv2 Protocol States   ---------- */
+    /*  -----------   IDSCP2 Protocol States   ---------- */
     private final HashMap<FSM_STATE, State> states = new HashMap<>();
 
     enum FSM_STATE {
@@ -68,7 +70,7 @@ enum FSM_STATE {
     private String verifierMechanism = null; //RAT Verifier mechanism
 
     /*
-     * The idscp message listener, that should receive the IDSCPv2 messages from the fsm
+     * The idscp message listener, that should receive the IDSCP2 messages from the fsm
      * And a listener latch to ensure that the listener is available and the message does not get
      * lost
      */
@@ -205,7 +207,7 @@ private void checkForFsmCircles() {
     }
 
     /*
-     * Get a new IDSCPv2 Message from the secure channel and provide it as an event to the fsm
+     * Get a new IDSCP2 Message from the secure channel and provide it as an event to the fsm
      *
      * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
      * driver implementations
@@ -286,7 +288,7 @@ public void onRatProverMessage(InternalControlMessage controlMessage, byte[] rat
         if (ratMessage == null){
             e = new Event(controlMessage);
         } else {
-            IdscpMessage idscpMessage = IdscpMessageFactory.createIdscpRatProverMessage(ratMessage);
+            IdscpMessage idscpMessage = Idscp2MessageHelper.createIdscpRatProverMessage(ratMessage);
             e = new Event(controlMessage, idscpMessage);
         }
 
@@ -324,7 +326,7 @@ public void onRatVerifierMessage(InternalControlMessage controlMessage, byte[] r
         if (ratMessage == null){
             e = new Event(controlMessage);
         } else {
-            IdscpMessage idscpMessage = IdscpMessageFactory.createIdscpRatVerifierMessage(ratMessage);
+            IdscpMessage idscpMessage = Idscp2MessageHelper.createIdscpRatVerifierMessage(ratMessage);
             e = new Event(controlMessage, idscpMessage);
         }
 
@@ -370,12 +372,12 @@ public void terminate(){
     }
 
     /*
-     * API for the user to start the IDSCPv2 handshake
+     * API for the user to start the IDSCP2 handshake
      *
      * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
      * driver implementations
      */
-    public void startIdscpHandshake() throws IDSCPv2Exception {
+    public void startIdscpHandshake() throws Idscp2Exception {
 
         //check for incorrect usage
         checkForFsmCircles();
@@ -384,7 +386,7 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
         try {
             if (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))) {
                 if (fsmIsClosed) {
-                    throw new IDSCPv2Exception("FSM is in a final closed state forever");
+                    throw new Idscp2Exception("FSM is in a final closed state forever");
                 }
 
                 //trigger handshake init
@@ -397,14 +399,14 @@ public void startIdscpHandshake() throws IDSCPv2Exception {
 
                 if (!isConnected()){
                     //handshake failed, throw exception
-                    throw new IDSCPv2Exception("Handshake failed");
+                    throw new Idscp2Exception("Handshake failed");
                 }
 
             } else {
-                throw new IDSCPv2Exception("Handshake has already been started");
+                throw new Idscp2Exception("Handshake has already been started");
             }
         } catch (InterruptedException e) {
-            throw new IDSCPv2Exception("Handshake failed because thread was interrupted");
+            throw new Idscp2Exception("Handshake failed because thread was interrupted");
         } finally {
             fsmIsBusy.unlock();
         }
@@ -456,7 +458,7 @@ public void send(String type, byte[] msg){
         fsmIsBusy.lock();
         try{
             if(isConnected()){
-                IdscpMessage idscpMessage = IdscpMessageFactory.createIdscpDataMessage(type, msg);
+                IdscpMessage idscpMessage = Idscp2MessageHelper.createIdscpDataMessage(type, msg);
                 if (!secureChannel.send(idscpMessage.toByteArray())) {
                     LOG.error("Cannot send IDSCP_DATA via secure channel");
                     onControlMessage(InternalControlMessage.ERROR);
@@ -477,7 +479,7 @@ public boolean isConnected(){
     }
 
     /*
-     * Register an IDSCPv2 message listener
+     * Register an IDSCP2 message listener
      */
     public void registerConnection(Idscp2Connection connection){
         this.connection = connection;
@@ -523,6 +525,7 @@ String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSu
      *
      * return false if no match was found
      */
+    @SuppressWarnings("BooleanMethodIsAlwaysInverted")
     boolean restartRatVerifierDriver(){
         //assume verifier mechanism is set
         stopRatVerifierDriver();
@@ -557,6 +560,7 @@ void stopRatVerifierDriver() {
      *
      * return false if no match was found
      */
+    @SuppressWarnings("BooleanMethodIsAlwaysInverted")
     boolean restartRatProverDriver(){
         //assume prover mechanism is set
         stopRatProverDriver();
@@ -614,7 +618,7 @@ void shutdownFsm() {
     }
 
     /*
-     * Provide IDSCPv2 message to the message listener
+     * Provide IDSCP2 message to the message listener
      */
     void notifyIdscpMsgListener(String type, byte[] data) {
         try {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
index 19639b14e..3b2b322c8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
@@ -1,17 +1,15 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
-import de.fhg.aisec.ids.messages.IDSCPv2.*;
-
 /**
  * An FSM Listener Interface implemented by the FSM to restrict FSM API to the drivers and the
- * secure channel class of the IDSCPv2
+ * secure channel class of the IDSCP2
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public interface FsmListener {
 
     /*
-     * A method for providing IDSCPv2 data from the secure channel to the FSM
+     * A method for providing IDSCP2 data from the secure channel to the FSM
      */
     void onMessage(byte[] data);
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
index fc62ecdf2..d569e8ba9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 /**
- * An enum that wraps the internal control messages of the IDSCPv2 protocol to trigger transitions
+ * An enum that wraps the internal control messages of the IDSCP2 protocol to trigger transitions
  * by non-idscpv2-message-events
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
index 79f5b1e26..412b84c59 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
@@ -12,7 +12,7 @@
  */
 public class State {
 
-    private ConcurrentHashMap<Object,Transition> transitions = new ConcurrentHashMap<>();
+    private final ConcurrentHashMap<Object,Transition> transitions = new ConcurrentHashMap<>();
     private Function<Event,State> noTransitionHandler = null;
 
     /*
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
index 919ca4aaa..8b5c0f5fb 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
@@ -2,16 +2,16 @@
 
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.util.concurrent.locks.Condition;
 
 /**
- * The Closed State of the FSM of the IDSCPv2 protocol.
+ * The Closed State of the FSM of the IDSCP2 protocol.
  * The FSM is in the Closed state either before any transition was triggered (in this case, the
  * Closed State is the FSM Start state) or after the connection was closed (in this case, the
  * Closed State is the FSM final state without any outgoing transitions)
@@ -44,7 +44,7 @@ public StateClosed(FSM fsm,
                     byte[] dat = dapsDriver.getToken();
 
                     LOG.debug("Send IDSCP_HELLO");
-                    IDSCPv2.IdscpMessage idscpHello = IdscpMessageFactory.
+                    IDSCP2.IdscpMessage idscpHello = Idscp2MessageHelper.
                         createIdscpHelloMessage(dat, localSupportedRatSuite, localExpectedRatSuite);
 
                     if (!fsm.sendFromFSM(idscpHello)) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
index 055e9cd09..4e9a865bc 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
@@ -1,15 +1,15 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
- * The Established State of the FSM of the IDSCPv2 protocol.
- * Allows message exchange over the IDSCPv2 protocol between two connectors
+ * The Established State of the FSM of the IDSCP2 protocol.
+ * Allows message exchange over the IDSCP2 protocol between two connectors
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -46,8 +46,8 @@ public StateEstablished(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
-                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -57,7 +57,7 @@ public StateEstablished(FSM fsm,
                     LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER");
                     ratTimer.cancelTimeout();
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpReRatMessage(""))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
                       LOG.error("Cannot send ReRat message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -75,7 +75,7 @@ public StateEstablished(FSM fsm,
                 event -> {
                     ratTimer.cancelTimeout();
                     LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatExpiredMessage())) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                       LOG.error("Cannot send DatExpired message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -87,7 +87,7 @@ public StateEstablished(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER");
 
@@ -100,11 +100,11 @@ public StateEstablished(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("DAT expired. Send new DAT and repeat RAT");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send Dat message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -118,15 +118,15 @@ public StateEstablished(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATA_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATA_FIELD_NUMBER, new Transition(
                 event -> {
-                    IDSCPv2.IdscpData data = event.getIdscpMessage().getIdscpData();
+                    IDSCP2.IdscpData data = event.getIdscpMessage().getIdscpData();
                     fsm.notifyIdscpMsgListener(data.getType(), data.getData().toByteArray());
                     return this;
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Receive IDSCP_CLOSED");
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
index 029bce545..8d4b688c4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
@@ -1,14 +1,14 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
- * The Wait_For_Dat_And_Rat State of the FSM of the IDSCPv2 protocol.
+ * The Wait_For_Dat_And_Rat State of the FSM of the IDSCP2 protocol.
  * Waits for a new valid dynamic attribute token from the peer as well as for the RatProver and
  * RatVerifier to decide whether the connection will be established or not
  *
@@ -44,8 +44,8 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                   fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
-                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                   fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -60,8 +60,8 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake timeout",
-                            IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                            IDSCP2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -78,8 +78,8 @@ public StateWaitForDatAndRat(FSM fsm,
                 event -> {
                     LOG.error("RAT_PROVER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("RAT_PROVER failed",
-                            IDSCPv2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
+                            IDSCP2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -95,14 +95,14 @@ public StateWaitForDatAndRat(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
                 event -> {
                     handshakeTimer.cancelTimeout();
                     LOG.debug("Verify received DAT");
@@ -111,8 +111,8 @@ public StateWaitForDatAndRat(FSM fsm,
                     long datValidityPeriod;
                     if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage(
-                            "No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
+                            "No valid DAT", IDSCP2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
 
@@ -128,11 +128,11 @@ public StateWaitForDatAndRat(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send Dat message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -146,7 +146,7 @@ public StateWaitForDatAndRat(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
                     assert event.getIdscpMessage().hasIdscpRatVerifier();
@@ -156,7 +156,7 @@ public StateWaitForDatAndRat(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
                     if (!fsm.restartRatProverDriver()) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
index 26aa49d24..80ae6af9a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
@@ -1,14 +1,14 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
- * The Wait_For_Dat_And_Rat_Verifier State of the FSM of the IDSCPv2 protocol.
+ * The Wait_For_Dat_And_Rat_Verifier State of the FSM of the IDSCP2 protocol.
  * Wait for a new dynamic attribute token from the peer, since the old one is not valid anymore
  * and waits for the RatVerifier after successful verification of the Dat to decide if the idscpv2
  * connection will be established
@@ -39,8 +39,8 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
-                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -55,20 +55,20 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake timeout",
-                            IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                            IDSCP2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
                 event -> {
                     handshakeTimer.cancelTimeout();
                     LOG.debug("Verify received DAT");
@@ -77,7 +77,7 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                     long datValidityPeriod;
                     if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("No valid DAT", IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT", IDSCP2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
                     LOG.debug("Remote DAT is valid. Set dat timeout");
@@ -92,11 +92,11 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send DAT message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -109,7 +109,7 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
                     if (!fsm.restartRatProverDriver()) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
index 9ef0669b0..cbfec036e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
@@ -1,14 +1,14 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
- * The Wait_For_Hello State of the FSM of the IDSCPv2 protocol.
+ * The Wait_For_Hello State of the FSM of the IDSCP2 protocol.
  * Waits for the Idscpv2 Hellp Message that contains the protocol version, the supported and
  * expected remote attestation cipher suites and the dynamic attribute token (DAT) of the peer.
  *
@@ -53,8 +53,8 @@ public StateWaitForHello(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Received stop signal from user. Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
-                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -62,33 +62,33 @@ public StateWaitForHello(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake Timeout",
-                            IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake Timeout",
+                            IDSCP2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPHELLO_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPHELLO_FIELD_NUMBER, new Transition(
                 event -> {
                     handshakeTimer.cancelTimeout();
 
                     LOG.debug("Received IDSCP_HELLO");
-                    IDSCPv2.IdscpHello idscpHello = event.getIdscpMessage().getIdscpHello();
+                    IDSCP2.IdscpHello idscpHello = event.getIdscpMessage().getIdscpHello();
 
                     LOG.debug("Calculate Rat mechanisms");
                     String proverMechanism = fsm.getRatProverMechanism(localSupportedRatSuite,
                             idscpHello.getExpectedRatSuiteList().toArray());
                     if (proverMechanism == null){
                         LOG.debug("Cannot find a match for RAT proverr. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("No match for RAT Prover mechanism",
-                                IDSCPv2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No match for RAT Prover mechanism",
+                                IDSCP2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
 
@@ -96,20 +96,19 @@ public StateWaitForHello(FSM fsm,
                             idscpHello.getSupportedRatSuiteList().toArray());
                     if (verifierMechanism == null){
                         LOG.debug("Cannot find a match for RAT verifier. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("No match for RAT Verifier mechanism",
-                                IDSCPv2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No match for RAT Verifier mechanism",
+                                IDSCP2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
 
                     LOG.debug("Verify received DAT");
                     //check if Dat is available and verify dat
-                    byte[] dat;
                     long datValidityPeriod;
                     if (!idscpHello.hasDynamicAttributeToken() || 0 > (datValidityPeriod = dapsDriver
-                            .verifyToken(dat = idscpHello.getDynamicAttributeToken().getToken().toByteArray(), null))){
+                            .verifyToken(idscpHello.getDynamicAttributeToken().getToken().toByteArray(), null))){
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("No valid DAT",
-                                IDSCPv2.IdscpClose.CloseCause.NO_VALID_DAT));
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT",
+                                IDSCP2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
index a8d4be723..ff05c3c1d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
@@ -1,14 +1,14 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
- * The Wait_For_Rat State of the FSM of the IDSCPv2 protocol.
+ * The Wait_For_Rat State of the FSM of the IDSCP2 protocol.
  * Waits for the RatProver and RatVerifier Result to decide whether the connection will be
  * established
  *
@@ -55,8 +55,8 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
-                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -82,8 +82,8 @@ public StateWaitForRat(FSM fsm,
                 event -> {
                     LOG.error("RAT_PROVER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("RAT_PROVER failed",
-                            IDSCPv2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
+                            IDSCP2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -92,8 +92,8 @@ public StateWaitForRat(FSM fsm,
                 event -> {
                     LOG.error("RAT_VERIFIER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("RAT_VERIFIER failed",
-                            IDSCPv2.IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
+                            IDSCP2.IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -129,7 +129,7 @@ public StateWaitForRat(FSM fsm,
                     LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER");
                     fsm.stopRatVerifierDriver();
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatExpiredMessage())) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                       LOG.error("Cannot send DatExpired message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -144,13 +144,13 @@ public StateWaitForRat(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake timeout",
-                            IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                            IDSCP2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
                     assert event.getIdscpMessage().hasIdscpRatVerifier();
@@ -161,7 +161,7 @@ public StateWaitForRat(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
                     assert event.getIdscpMessage().hasIdscpRatProver();
@@ -172,11 +172,11 @@ public StateWaitForRat(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send DAT message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -190,7 +190,7 @@ public StateWaitForRat(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
index 4ca9a9443..9978c65ee 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
@@ -1,14 +1,14 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
- * The Wait_For_Rat_Prover State of the FSM of the IDSCPv2 protocol.
+ * The Wait_For_Rat_Prover State of the FSM of the IDSCP2 protocol.
  * Waits only for the RatProver Result to decide whether the connection will be established
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
@@ -43,7 +43,7 @@ public StateWaitForRatProver(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close", IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -58,8 +58,8 @@ public StateWaitForRatProver(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake timeout",
-                            IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                            IDSCP2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -69,7 +69,7 @@ public StateWaitForRatProver(FSM fsm,
                     LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED");
                     ratTimer.cancelTimeout();
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatExpiredMessage())) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                       LOG.error("Cannot send DatExpired message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -93,8 +93,8 @@ public StateWaitForRatProver(FSM fsm,
                 event -> {
                     LOG.error("RAT_PROVER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("RAT_PROVER failed",
-                            IDSCPv2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
+                            IDSCP2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -116,7 +116,7 @@ public StateWaitForRatProver(FSM fsm,
                 event -> {
                     LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpReRatMessage(""))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
                       LOG.error("Cannot send ReRat message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -132,18 +132,18 @@ public StateWaitForRatProver(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send DAT message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -157,7 +157,7 @@ public StateWaitForRatProver(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
                     assert event.getIdscpMessage().hasIdscpRatVerifier();
@@ -168,7 +168,7 @@ public StateWaitForRatProver(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
                     if (!fsm.restartRatProverDriver()) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
index 0210b1c7d..77b74f9ea 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
@@ -1,14 +1,14 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.IdscpMessageFactory;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCPv2;
+import de.fhg.aisec.ids.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
- * The Wait_For_Rat_Verifier State of the FSM of the IDSCPv2 protocol.
+ * The Wait_For_Rat_Verifier State of the FSM of the IDSCP2 protocol.
  * Waits only for the RatVerifier Result to decide whether the connection will be established
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
@@ -42,8 +42,8 @@ public StateWaitForRatVerifier(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("User close",
-                            IDSCPv2.IdscpClose.CloseCause.USER_SHUTDOWN));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -58,7 +58,7 @@ public StateWaitForRatVerifier(FSM fsm,
         this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
                 event -> {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("Handshake timeout", IDSCPv2.IdscpClose.CloseCause.TIMEOUT));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", IDSCP2.IdscpClose.CloseCause.TIMEOUT));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -68,7 +68,7 @@ public StateWaitForRatVerifier(FSM fsm,
                     LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER");
                     fsm.stopRatVerifierDriver();
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatExpiredMessage())) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                       LOG.error("Cannot send DatExpired message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -94,8 +94,8 @@ public StateWaitForRatVerifier(FSM fsm,
                 event -> {
                     LOG.error("RAT_VERIFIER failed");
                     LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(IdscpMessageFactory.createIdscpCloseMessage("RAT_VERIFIER failed",
-                            IDSCPv2.IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
+                            IDSCP2.IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
@@ -113,18 +113,18 @@ public StateWaitForRatVerifier(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_CLOSE");
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
 
-                    if (!fsm.sendFromFSM(IdscpMessageFactory.createIdscpDatMessage(dapsDriver.getToken()))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
                       LOG.error("Cannot send DAT message");
                       return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
@@ -138,7 +138,7 @@ public StateWaitForRatVerifier(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
                     assert event.getIdscpMessage().hasIdscpRatProver();
@@ -148,7 +148,7 @@ public StateWaitForRatVerifier(FSM fsm,
                 }
         ));
 
-        this.addTransition(IDSCPv2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
+        this.addTransition(IDSCP2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
                     if (!fsm.restartRatProverDriver()) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
index 253f75cf5..dd01ca635 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
@@ -12,7 +12,7 @@
 public class TimerThread extends Thread{
 
     private volatile boolean canceled = false;
-    private long delay; //timeout delay in seconds
+    private final long delay; //timeout delay in seconds
     private final Runnable timeoutHandler; //timeout handler routine
     private final ReentrantLock fsmIsBusy; //lock for the fsm
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
index 3a38ed6d2..3ab864f57 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
@@ -9,7 +9,7 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class Transition {
-    private Function<Event,State> eventHandler;
+    private final Function<Event,State> eventHandler;
 
     Transition(Function<Event,State> eventHandler){
         this.eventHandler = eventHandler;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
deleted file mode 100644
index 049df87ab..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IDSCPv2Server.java
+++ /dev/null
@@ -1,103 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.idscp_server;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.List;
-import java.util.concurrent.ConcurrentHashMap;
-import java.util.concurrent.CountDownLatch;
-
-/**
- * An IDSCPv2 Server that has the control about the underlying secure server and caches all active
- * connections that belong to the secure server
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class IDSCPv2Server implements IdscpServerListener {
-    private static final Logger LOG = LoggerFactory.getLogger(IDSCPv2Server.class);
-
-    private SecureServer secureServer; //no race conditions using CountDownLatch
-    private final CountDownLatch secureServerLatch = new CountDownLatch(1);
-    private final ConcurrentHashMap<String, Idscp2Connection> connections = new ConcurrentHashMap<>();
-
-    public IDSCPv2Server() {}
-
-    /*
-     * Terminate the IDSCPv2 server, the secure server and close all connections
-     */
-    public void terminate(){
-        LOG.info("Terminating idscp server {}", this.toString());
-        try {
-            secureServerLatch.await();
-            secureServer.safeStop();
-            terminateAllSessions();
-        } catch (InterruptedException e){
-            Thread.currentThread().interrupt();
-        }
-    }
-
-    /*
-     * Close all open IDSCPv2 connections of this server
-     */
-    public void terminateAllSessions(){
-        for (Idscp2Connection c : connections.values()){
-            c.close();
-            LOG.debug("Idscp connection with id {} has been closed", c.getConnectionId());
-            connections.remove(c.getConnectionId());
-        }
-    }
-
-    /*
-     * Check if the server is running
-     */
-    public boolean isRunning(){
-        try {
-            secureServerLatch.await();
-            return secureServer.isRunning();
-        } catch (InterruptedException e){
-            Thread.currentThread().interrupt();
-        }
-        return false;
-    }
-
-    /*
-     * Get a Idscp2Connection from the server cache by the connectionID
-     *
-     * return null if no connection was found with this ID
-     */
-    public Idscp2Connection getConnectionById(String connectionId){
-        return connections.get(connectionId);
-    }
-
-    /*
-     * return a list of all open IDSCPv2 connections of this server
-     */
-    public Collection<Idscp2Connection> getAllConnections(){
-        return Collections.unmodifiableCollection(connections.values());
-    }
-
-    @Override
-    public void onConnect(Idscp2Connection connection) {
-        LOG.debug("Binding new idscpv2 connection to server {}", this.toString());
-        connections.put(connection.getConnectionId(), connection);
-    }
-
-    @Override
-    public void onClose(String connectionId) {
-        LOG.debug("Removing connection with id {} from server storage", connectionId);
-        connections.remove(connectionId);
-    }
-
-    /*
-     * Set the corresponding secure server
-     */
-    public void setSecureServer(SecureServer secureServer) {
-        this.secureServer = secureServer;
-        secureServerLatch.countDown();
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java
new file mode 100644
index 000000000..80bc672ac
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java
@@ -0,0 +1,73 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.idscp_server;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.ConcurrentHashMap;
+
+/**
+ * An IDSCP2 Server that has the control about the underlying secure server and caches all active
+ * connections that belong to the secure server
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class Idscp2Server {
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2Server.class);
+
+    private final SecureServer secureServer;
+    private final ConcurrentHashMap<String, Idscp2Connection> connections = new ConcurrentHashMap<>();
+
+    public Idscp2Server(SecureServer secureServer, CompletableFuture<Idscp2Connection> connectionPromise) {
+        this.secureServer = secureServer;
+        connectionPromise.thenAccept(connection -> connections.put(connection.getConnectionId(), connection));
+    }
+
+    /*
+     * Terminate the IDSCP2 server, the secure server and close all connections
+     */
+    public void terminate(){
+        LOG.info("Terminating idscp server {}", this.toString());
+        secureServer.safeStop();
+        terminateAllSessions();
+    }
+
+    /*
+     * Close all open IDSCP2 connections of this server
+     */
+    public void terminateAllSessions(){
+        for (Idscp2Connection c : connections.values()){
+            c.close();
+            LOG.debug("Idscp connection with id {} has been closed", c.getConnectionId());
+            connections.remove(c.getConnectionId());
+        }
+    }
+
+    /*
+     * Check if the server is running
+     */
+    public boolean isRunning(){
+        return secureServer.isRunning();
+    }
+
+    /*
+     * Get a Idscp2Connection from the server cache by the connectionID
+     *
+     * return null if no connection was found with this ID
+     */
+    public Idscp2Connection getConnectionById(String connectionId){
+        return connections.get(connectionId);
+    }
+
+    /*
+     * return a list of all open IDSCP2 connections of this server
+     */
+    public Collection<Idscp2Connection> getAllConnections(){
+        return Collections.unmodifiableCollection(connections.values());
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpServerListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpServerListener.java
deleted file mode 100644
index d0600a977..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/IdscpServerListener.java
+++ /dev/null
@@ -1,20 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.idscp_server;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-
-/**
- * An IDSCP Connection Listener interface that is implemented by the IDSCPv2 Server to notify the
- * server about lifetimes of IDSCP connections. The server caches all active connections.
- */
-public interface IdscpServerListener {
-
-    /*
-     * Notify the server that a new connection was established
-     */
-    void onConnect(Idscp2Connection connection);
-
-    /*
-     * Notify the server that connection has been closed
-     */
-    void onClose(String connectionId);
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
index 071d344b2..552307aca 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
@@ -17,7 +17,7 @@
  */
 public class RatProverDriverRegistry {
     private static RatProverDriverRegistry instance;
-    private static ConcurrentHashMap<String, DriverWrapper> drivers = new ConcurrentHashMap<>();
+    private static final ConcurrentHashMap<String, DriverWrapper> drivers = new ConcurrentHashMap<>();
 
     private RatProverDriverRegistry(){}
 
@@ -82,8 +82,8 @@ public void unregisterDriver(String instance){
      * An inner static wrapper class, that wraps driver config and driver class
      */
     private static class DriverWrapper {
-        private Class<? extends RatProverDriver> driverClass;
-        private Object driverConfig;
+        private final Class<? extends RatProverDriver> driverClass;
+        private final Object driverConfig;
 
         private DriverWrapper(
             Class<? extends RatProverDriver> driverClass,
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
index accdb9ca9..9d4cbbb82 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
@@ -17,7 +17,7 @@
  */
 public class RatVerifierDriverRegistry {
     private static RatVerifierDriverRegistry instance;
-    private static ConcurrentHashMap<String, DriverWrapper> drivers
+    private static final ConcurrentHashMap<String, DriverWrapper> drivers
         = new ConcurrentHashMap<>();
 
     private RatVerifierDriverRegistry(){}
@@ -78,8 +78,8 @@ public void unregisterDriver(String instance){
      * An inner static wrapper class, that wraps driver config and driver class
      */
     private static class DriverWrapper {
-        private Class<? extends RatVerifierDriver> driverClass;
-        private Object driverConfig;
+        private final Class<? extends RatVerifierDriver> driverClass;
+        private final Object driverConfig;
 
         private DriverWrapper(
             Class<? extends RatVerifierDriver> driver,
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index 4649d7fdb..ff409ea7f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -3,10 +3,11 @@
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+
 import java.util.concurrent.CountDownLatch;
 
 /**
- * A secureChannel which is the secure underlying basis of the IDSCPv2 protocol,
+ * A secureChannel which is the secure underlying basis of the IDSCP2 protocol,
  * that implements a secureChannelListener
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
@@ -14,8 +15,8 @@
 public class SecureChannel implements SecureChannelListener {
     private static final Logger LOG = LoggerFactory.getLogger(SecureChannel.class);
 
-    private SecureChannelEndpoint endpoint;
-    private CountDownLatch fsmLatch = new CountDownLatch(1);
+    private final SecureChannelEndpoint endpoint;
+    private final CountDownLatch fsmLatch = new CountDownLatch(1);
     private FsmListener fsm = null;
 
     public SecureChannel(SecureChannelEndpoint secureChannelEndpoint){
diff --git a/idscp2/src/main/proto/idscpv2.proto b/idscp2/src/main/proto/idscpv2.proto
index 0ca28a5c7..196503c04 100644
--- a/idscp2/src/main/proto/idscpv2.proto
+++ b/idscp2/src/main/proto/idscpv2.proto
@@ -1,6 +1,6 @@
 syntax = "proto3";
 option java_package = "de.fhg.aisec.ids.messages";
-option java_outer_classname = "IDSCPv2";
+option java_outer_classname = "IDSCP2";
 
 //IDSCP message frame
 message IdscpMessage {

From 24ff3672a3ed92af6a8da4dd5208296de95f8a8b Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 20 May 2020 18:33:40 +0200
Subject: [PATCH 073/237] Added focal version of protobuf-compiler to build
 container

---
 docker-build/Dockerfile | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/docker-build/Dockerfile b/docker-build/Dockerfile
index 549fbb8ca..fcac1a70d 100644
--- a/docker-build/Dockerfile
+++ b/docker-build/Dockerfile
@@ -10,9 +10,13 @@ RUN wget -O - https://deb.nodesource.com/setup_12.x | bash - && apt-get install
 # Install yarn
 RUN wget -O - https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
     && echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list \
-    && apt-get update && apt-get install yarn
-# Install protobuf compiler (protoc)
-RUN apt-get update -qq && apt-get install -qq protobuf-compiler
+    && apt-get update -qq && apt-get -qq install yarn
+# Install newer protobuf compiler from focal (3.0.x doesn't generate required has...() methods)
+# This is an ugly hack, but maintains compatiblity to non-x86 platforms
+RUN sed -e 's/bionic/focal/' /etc/apt/sources.list > /etc/apt/sources.list.d/focal.list \
+    && apt-get update -qq && apt-get install -qq protobuf-compiler \
+    # Perform cleanup
+    && rm /etc/apt/sources.list.d/focal.list && apt-get clean && rm -r /var/lib/apt/lists/*
 
 COPY run.sh .
 RUN chmod +x run.sh

From c1d1844c87b8a49dd2fad3632e8042254a6abae0 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 20 May 2020 19:16:48 +0200
Subject: [PATCH 074/237] Minimal supplement of Idscp2MessageListener

---
 .../fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java | 4 ++--
 .../fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java | 6 +++---
 .../fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java   | 4 ++--
 .../aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java  | 2 +-
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
index b3a0d4f6f..ecf410568 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
@@ -77,10 +77,10 @@ public void onClose(String connectionId) {
                 System.out.println("Client: Connection with id " + connectionId + " has been closed");
             }
         });
-        connection.addGenericMessageListener(((type, data) -> System.out.println(
+        connection.addGenericMessageListener(((c, type, data) -> System.out.println(
             "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
         // Register listener for server reply
-        connection.addMessageListener("pong", (type, data) ->
+        connection.addMessageListener("pong", (c, type, data) ->
             System.out.println("Received pong message: " + new String(data, StandardCharsets.UTF_8)));
         System.out.println("Sending PING...");
         connection.send("ping", "PING".getBytes(StandardCharsets.UTF_8));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
index ff89f928f..a5d79ce94 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
@@ -93,12 +93,12 @@ public void onClose(String connectionId) {
                 System.out.println("Server: Connection with id " + connectionId + " has been closed");
             }
         });
-        connection.addGenericMessageListener(((type, data) -> System.out.println(
+        connection.addGenericMessageListener(((c, type, data) -> System.out.println(
             "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
-        connection.addMessageListener("ping", ((type, data) -> {
+        connection.addMessageListener("ping", ((c, type, data) -> {
             System.out.println("Received ping message:\n" + new String(data, StandardCharsets.UTF_8));
             System.out.println("Sending PONG...");
-            connection.send("pong", "PONG".getBytes(StandardCharsets.UTF_8));
+            c.send("pong", "PONG".getBytes(StandardCharsets.UTF_8));
         }));
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
index e5e7cea90..0546b40c6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
@@ -49,13 +49,13 @@ public void send(String type, byte[] msg) {
     public void onMessage(String type, byte[] msg) {
         LOG.debug("Received new IDSCP Message: " + Arrays.toString(msg));
         synchronized (genericMessageListeners) {
-            genericMessageListeners.forEach(l -> l.onMessage(type, msg));
+            genericMessageListeners.forEach(l -> l.onMessage(this, type, msg));
         }
         Set<Idscp2MessageListener> listeners = messageListeners.get(type);
         if (listeners != null) {
             //noinspection SynchronizationOnLocalVariableOrMethodParameter
             synchronized (listeners) {
-                listeners.forEach(l -> l.onMessage(type, msg));
+                listeners.forEach(l -> l.onMessage(this, type, msg));
             }
         }
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java
index 5576deac1..45853f638 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java
@@ -8,5 +8,5 @@ public interface Idscp2MessageListener {
     /*
      * notify the listener about new data
      */
-    void onMessage(String type, byte[] data);
+    void onMessage(Idscp2Connection connection, String type, byte[] data);
 }

From cdc376f9d63edc05133443aa29c3320f2a52d617 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 20 May 2020 23:56:30 +0200
Subject: [PATCH 075/237] Initial server implementation (WIP)

---
 camel-idscp2/LICENSE.txt                      | 201 ++++++++++++++++++
 camel-idscp2/README.md                        |   1 +
 camel-idscp2/bnd.bnd                          |  11 +
 camel-idscp2/build.gradle                     |  22 ++
 .../ids/camel/idscp2/Idscp2OsgiComponent.java | 123 +++++++++++
 .../idscp2/server/Idscp2ServerComponent.java  |  57 +++++
 .../idscp2/server/Idscp2ServerConsumer.java   |  71 +++++++
 .../idscp2/server/Idscp2ServerEndpoint.java   | 174 +++++++++++++++
 .../idscp2/server/Idscp2ServerProducer.java   |  42 ++++
 .../org/apache/camel/component/idscp2client   |  17 ++
 .../org/apache/camel/component/idscp2server   |  17 ++
 11 files changed, 736 insertions(+)
 create mode 100644 camel-idscp2/LICENSE.txt
 create mode 100644 camel-idscp2/README.md
 create mode 100644 camel-idscp2/bnd.bnd
 create mode 100644 camel-idscp2/build.gradle
 create mode 100644 camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.java
 create mode 100644 camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
 create mode 100644 camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.java
 create mode 100644 camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java
 create mode 100644 camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.java
 create mode 100644 camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
 create mode 100644 camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server

diff --git a/camel-idscp2/LICENSE.txt b/camel-idscp2/LICENSE.txt
new file mode 100644
index 000000000..261eeb9e9
--- /dev/null
+++ b/camel-idscp2/LICENSE.txt
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/camel-idscp2/README.md b/camel-idscp2/README.md
new file mode 100644
index 000000000..2c92b5fc9
--- /dev/null
+++ b/camel-idscp2/README.md
@@ -0,0 +1 @@
+The _camel-idscp2_ module adds IDSCP2 support to the integrated Camel deployment. It creates a Camel Component to make IDSCP2 available for building Camel routes. IDSCP2 itself is contained in module _idscp2_.
diff --git a/camel-idscp2/bnd.bnd b/camel-idscp2/bnd.bnd
new file mode 100644
index 000000000..5ea70404e
--- /dev/null
+++ b/camel-idscp2/bnd.bnd
@@ -0,0 +1,11 @@
+Bundle-Name: IDS :: Camel IDSCP Support
+Bundle-Description: Camel IDS protocol support
+Export-Package: de.fhg.camel.ids.server,\
+	de.fhg.camel.ids.connectionmanagement,\
+	de.fhg.camel.ids.client
+Import-Package: \
+	!org.checkerframework.checker.*,\
+	*
+DynamicImport-Package: \
+	org.asynchttpclient.netty.*,\
+	com.typesafe.netty.*
diff --git a/camel-idscp2/build.gradle b/camel-idscp2/build.gradle
new file mode 100644
index 000000000..ad2d9c165
--- /dev/null
+++ b/camel-idscp2/build.gradle
@@ -0,0 +1,22 @@
+description = 'Camel IDS Component'
+
+dependencies {
+    providedByBundle(project(':ids-api')) { transitive = false }
+    providedByBundle(project(':idscp2')) { transitive = false }
+
+    // Bill of Materials (BOM) for Camel
+    bom group: 'org.apache.camel', name: 'camel-parent', version: libraryVersions.camel
+
+    providedByFeature group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
+
+    compileOnly group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
+
+    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
+    osgiCore group: 'org.osgi', name: 'org.osgi.core', version: libraryVersions.osgi
+
+    providedByFeature group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
+
+    testImplementation group: 'junit', name: 'junit'
+    testImplementation group: 'org.apache.camel', name: 'camel-test', version: libraryVersions.camel
+    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
+}
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.java
new file mode 100644
index 000000000..b6f204bcc
--- /dev/null
+++ b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.java
@@ -0,0 +1,123 @@
+/*-
+ * ========================LICENSE_START=================================
+ * camel-ids
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.camel.idscp2;
+
+import de.fhg.aisec.ids.api.endpointconfig.EndpointConfigManager;
+import de.fhg.aisec.ids.api.infomodel.InfoModel;
+import de.fhg.aisec.ids.api.settings.Settings;
+import de.fhg.aisec.ids.api.tokenm.TokenManager;
+import org.checkerframework.checker.nullness.qual.Nullable;
+import org.osgi.service.component.annotations.*;
+
+@Component
+public class Idscp2OsgiComponent {
+
+  @Reference(cardinality = ReferenceCardinality.MANDATORY)
+  private Settings settings = null;
+
+  @Reference(cardinality = ReferenceCardinality.MANDATORY)
+  private InfoModel infoModelManager = null;
+
+  @Reference(cardinality = ReferenceCardinality.OPTIONAL)
+  private TokenManager tokenManager = null;
+
+  @Reference(cardinality = ReferenceCardinality.OPTIONAL)
+  private EndpointConfigManager endpointConfigManager = null;
+
+  private static Idscp2OsgiComponent instance;
+
+  @Activate
+  @SuppressWarnings("squid:S2696")
+  protected void activate() {
+    instance = this;
+  }
+
+  @Deactivate
+  @SuppressWarnings("squid:S2696")
+  protected void deactivate() {
+    instance = null;
+  }
+
+  @Nullable
+  public static Settings getSettings() {
+    Idscp2OsgiComponent in = instance;
+    if (in != null) {
+      return in.settings;
+    }
+    return null;
+  }
+
+  /**
+   * Is actually NonNull due to ReferenceCardinality.MANDATORY,
+   * but instance might be null for Unit Tests
+   * @return Info-Model-Manager instance
+   */
+  @Nullable
+  public static InfoModel getInfoModelManager() {
+    Idscp2OsgiComponent in = instance;
+    if (in != null) {
+      return in.infoModelManager;
+    }
+    return null;
+  }
+
+  /**
+   * Is actually NonNull due to ReferenceCardinality.MANDATORY,
+   * but instance might be null for Unit Tests
+   * @return Token-Manager instance
+   */
+  @Nullable
+  public static TokenManager getTokenManager() {
+    Idscp2OsgiComponent in = instance;
+    if (in != null) {
+      return in.tokenManager;
+    }
+    return null;
+  }
+
+  @Nullable
+  public static EndpointConfigManager getEndpointConfigManager() {
+    Idscp2OsgiComponent in = instance;
+    if (in != null) {
+      return in.endpointConfigManager;
+    }
+    return null;
+  }
+
+  public void setSettings(Settings settings) {
+    this.settings = settings;
+  }
+
+  public void setInfoModelManager(InfoModel infoModelManager) {
+    this.infoModelManager = infoModelManager;
+  }
+
+  public void setTokenManager(TokenManager tokenManager) {
+    this.tokenManager = tokenManager;
+  }
+
+  public void setEndpointConfigManager(EndpointConfigManager endpointConfigManager) {
+    this.endpointConfigManager = endpointConfigManager;
+  }
+
+  public static void setInstance(Idscp2OsgiComponent instance) {
+    Idscp2OsgiComponent.instance = instance;
+  }
+}
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
new file mode 100644
index 000000000..7d88f53ad
--- /dev/null
+++ b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
@@ -0,0 +1,57 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.server;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
+import org.apache.camel.Endpoint;
+import org.apache.camel.spi.annotations.Component;
+import org.apache.camel.support.DefaultComponent;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.Map;
+import java.util.concurrent.ConcurrentHashMap;
+
+@Component("idscp2server")
+public class Idscp2ServerComponent extends DefaultComponent {
+    static final int DEFAULT_PORT = 29292;
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerComponent.class);
+
+    final Map<Integer, Idscp2Server> servers = new ConcurrentHashMap<>();
+
+    public Idscp2ServerComponent() {
+    }
+
+    @Override
+    protected Endpoint createEndpoint(String uri, String remaining, Map<String, Object> parameters) throws Exception {
+        Endpoint endpoint = new Idscp2ServerEndpoint(uri, remaining, this);
+        setProperties(endpoint, parameters);
+        return endpoint;
+    }
+
+    public synchronized void addServer(int port, Idscp2Server server) {
+        servers.put(port, server);
+    }
+
+    @Override
+    protected synchronized void doStop() throws Exception {
+        for (Idscp2Server s : servers.values()) {
+            s.terminate();
+        }
+        super.doStop();
+    }
+}
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.java
new file mode 100644
index 000000000..ce5706cf2
--- /dev/null
+++ b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.java
@@ -0,0 +1,71 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.server;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener;
+import org.apache.camel.Message;
+import org.apache.camel.Processor;
+import org.apache.camel.support.DefaultConsumer;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * The IDSCP2 server consumer.
+ */
+public class Idscp2ServerConsumer extends DefaultConsumer implements Idscp2MessageListener {
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerConsumer.class);
+    private final Idscp2ServerEndpoint endpoint;
+
+    public Idscp2ServerConsumer(final Idscp2ServerEndpoint endpoint, final Processor processor) {
+        super(endpoint, processor);
+        this.endpoint = endpoint;
+    }
+
+    @Override
+    protected void doStart() throws Exception {
+        super.doStart();
+        endpoint.addConsumer(this);
+    }
+
+    @Override
+    protected void doStop() throws Exception {
+        endpoint.removeConsumer(this);
+        super.doStop();
+    }
+
+    @Override
+    public void onMessage(Idscp2Connection connection, String type, byte[] data) {
+        final var exchange = endpoint.createExchange();
+        try {
+            this.createUoW(exchange);
+            // Set relevant information
+            exchange.getIn().setHeader("idscp2.type", type);
+            exchange.getIn().setBody(data, byte[].class);
+            // Do processing
+            getProcessor().process(exchange);
+            // Handle response
+            Message response = exchange.getMessage();
+            String responseType = response.getHeader("idscp2.type", String.class);
+            connection.send(responseType, response.getBody(byte[].class));
+        } catch (Exception e) {
+            LOG.error("Error in Idscp2ServerConsumer.onMessage()", e);
+        } finally {
+            this.doneUoW(exchange);
+        }
+    }
+}
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java
new file mode 100644
index 000000000..b82150b7f
--- /dev/null
+++ b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java
@@ -0,0 +1,174 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.server;
+
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
+import de.fhg.aisec.ids.idscp2.example.RunTLSClient;
+import de.fhg.aisec.ids.idscp2.example.RunTLSServer;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
+import org.apache.camel.Consumer;
+import org.apache.camel.Processor;
+import org.apache.camel.Producer;
+import org.apache.camel.spi.UriEndpoint;
+import org.apache.camel.support.DefaultEndpoint;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.HashSet;
+import java.util.Set;
+import java.util.regex.Pattern;
+
+@UriEndpoint(
+    scheme = "idscp2server",
+    title = "IDSCP2 Server Socket",
+    syntax = "idscp2server://host:port",
+    label = "ids"
+)
+public class Idscp2ServerEndpoint extends DefaultEndpoint implements Idscp2EndpointListener {
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerEndpoint.class);
+    private static final Pattern URI_REGEX = Pattern.compile("(.*?):(\\d+)$");
+
+    private final Idscp2Configuration serverConfiguration;
+    private final Idscp2Settings serverSettings;
+    private Idscp2Server server;
+    private final Set<Idscp2ServerConsumer> consumers = new HashSet<>();
+
+    public Idscp2ServerEndpoint(String uri, String remaining, Idscp2ServerComponent component) {
+        super(uri, component);
+        final var uriMatcher = URI_REGEX.matcher(remaining);
+        if (!uriMatcher.matches()) {
+            throw new IllegalArgumentException(remaining + " is not a valid URI.");
+        }
+        final var matchResult = uriMatcher.toMatchResult();
+        final var host = matchResult.group(1);
+        final var port = Integer.parseInt(matchResult.group(2));
+
+        SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
+
+        serverSettings = new Idscp2Settings.Builder()
+            .setHost(host)
+            .setServerPort(port)
+            .setKeyStore(RunTLSClient.class.getClassLoader().
+                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+            .setTrustStore(RunTLSServer.class.getClassLoader().
+                getResource("ssl/client-truststore_new.jks").getPath())
+            .setCertificateAlias("1.0.1")
+            .setDapsKeyAlias("1")
+            .setRatTimeoutDelay(14)
+            .build();
+
+        DefaultDapsDriverConfig config =
+            new DefaultDapsDriverConfig.Builder()
+                .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+                .setKeyStorePath(serverSettings.getKeyStorePath())
+                .setTrustStorePath(serverSettings.getTrustStorePath())
+                .setKeyStorePassword(serverSettings.getKeyStorePassword())
+                .setTrustStorePassword(serverSettings.getTrustStorePassword())
+                .setKeyAlias(serverSettings.getDapsKeyAlias())
+                .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                .build();
+        DapsDriver dapsDriver = new DefaultDapsDriver(config);
+
+        RatProverDriverRegistry.getInstance().registerDriver(
+            "Dummy", RatProverDummy.class, null);
+        RatVerifierDriverRegistry.getInstance().registerDriver(
+            "Dummy", RatVerifierDummy.class, null);
+        RatProverDriverRegistry.getInstance().registerDriver(
+            "TPM2d", TPM2dProver.class,
+            new TPM2dProverConfig.Builder().build()
+        );
+        RatVerifierDriverRegistry.getInstance().registerDriver(
+            "TPM2d", TPM2dVerifier.class,
+            new TPM2dVerifierConfig.Builder().build()
+        );
+
+        serverConfiguration = new Idscp2Configuration(
+            this,
+            dapsDriver,
+            secureChannelDriver,
+            serverSettings.getExpectedAttestation(),
+            serverSettings.getSupportedAttestation(),
+            serverSettings.getRatTimeoutDelay()
+        );
+    }
+
+    public synchronized void addConsumer(Idscp2ServerConsumer consumer) {
+        this.consumers.add(consumer);
+        this.server.getAllConnections().forEach(c -> c.addGenericMessageListener(consumer));
+    }
+
+    public synchronized void removeConsumer(Idscp2ServerConsumer consumer) {
+        this.consumers.remove(consumer);
+        this.server.getAllConnections().forEach(c -> c.removeGenericMessageListener(consumer));
+    }
+
+    public synchronized void sendMessage(String type, byte[] body) {
+        this.server.getAllConnections().forEach(connection -> connection.send(type, body));
+    }
+
+    @Override
+    public synchronized Producer createProducer() {
+        return new Idscp2ServerProducer(this);
+    }
+
+    @Override
+    public synchronized Consumer createConsumer(Processor processor) {
+        return new Idscp2ServerConsumer(this, processor);
+    }
+
+    @Override
+    public synchronized void onConnection(Idscp2Connection connection) {
+        LOG.debug("New IDSCP2 connection on " + getEndpointUri() + ", register consumer listeners");
+        this.consumers.forEach(connection::addGenericMessageListener);
+    }
+
+    @Override
+    public void onError(String error) {
+        LOG.error("Error in IDSCP2 server endpoint " + getEndpointUri() + ":\n" + error);
+    }
+
+    @Override
+    public synchronized void doStart() throws Idscp2Exception {
+        LOG.debug("Starting IDSCP2 server endpoint " + getEndpointUri());
+        this.server = serverConfiguration.listen(serverSettings);
+        ((Idscp2ServerComponent) this.getComponent()).addServer(this.serverSettings.getServerPort(), this.server);
+    }
+
+    @Override
+    public synchronized void doStop() {
+        LOG.debug("Stopping IDSCP2 server endpoint " + getEndpointUri());
+        this.server.terminate();
+    }
+
+}
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.java
new file mode 100644
index 000000000..579279079
--- /dev/null
+++ b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.java
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.server;
+
+import org.apache.camel.Exchange;
+import org.apache.camel.Message;
+import org.apache.camel.support.DefaultProducer;
+
+/**
+ * The IDSCP2 server producer.
+ * Sends each message to all clients connected to this server endpoint.
+ */
+public class Idscp2ServerProducer extends DefaultProducer {
+    private final Idscp2ServerEndpoint endpoint;
+
+    public Idscp2ServerProducer(Idscp2ServerEndpoint endpoint) {
+        super(endpoint);
+        this.endpoint = endpoint;
+    }
+
+    @Override
+    public void process(Exchange exchange) {
+        Message message = exchange.getIn();
+        String type = message.getHeader("idscp.type", String.class);
+        byte[] body = message.getBody(byte[].class);
+        endpoint.sendMessage(type, body);
+    }
+}
diff --git a/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client b/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
new file mode 100644
index 000000000..57aaa95c7
--- /dev/null
+++ b/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
@@ -0,0 +1,17 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+class=de.fhg.aisec.ids.camel.idscp2.client.WsComponent
diff --git a/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server b/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server
new file mode 100644
index 000000000..95abf4615
--- /dev/null
+++ b/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server
@@ -0,0 +1,17 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+class=de.fhg.aisec.ids.camel.idscp2.server.Idscp2ServerComponent

From cab29be33cb4b6a23ef0c0d78aa603352d7781d3 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 21 May 2020 17:11:09 +0200
Subject: [PATCH 076/237] Small cleanups

---
 .../camel/idscp2/server/Idscp2ServerComponent.java   |  5 -----
 .../configuration/Idscp2Configuration.java           | 12 ++++++------
 settings.gradle                                      |  1 +
 3 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
index 7d88f53ad..5a7375185 100644
--- a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
+++ b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
@@ -20,17 +20,12 @@
 import org.apache.camel.Endpoint;
 import org.apache.camel.spi.annotations.Component;
 import org.apache.camel.support.DefaultComponent;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
 
 @Component("idscp2server")
 public class Idscp2ServerComponent extends DefaultComponent {
-    static final int DEFAULT_PORT = 29292;
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerComponent.class);
-
     final Map<Integer, Idscp2Server> servers = new ConcurrentHashMap<>();
 
     public Idscp2ServerComponent() {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
index 3ca887848..64890880f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
@@ -23,7 +23,7 @@
 public class Idscp2Configuration implements Idscp2Callback {
     private static final Logger LOG = LoggerFactory.getLogger(Idscp2Configuration.class);
 
-    private final Idscp2EndpointListener user;
+    private final Idscp2EndpointListener endpointListener;
     private final DapsDriver dapsDriver;
     private final SecureChannelDriver secureChannelDriver;
     private final String[] localExpectedRatCipher;
@@ -31,14 +31,14 @@ public class Idscp2Configuration implements Idscp2Callback {
     private final int ratTimeout;
 
 
-    public Idscp2Configuration(Idscp2EndpointListener initiator,
+    public Idscp2Configuration(Idscp2EndpointListener endpointListener,
                                DapsDriver dapsDriver,
                                SecureChannelDriver secureChannelDriver,
                                AttestationConfig expectedAttestation,
                                AttestationConfig supportedAttestation,
                                int ratTimeout
     ){
-        this.user = initiator;
+        this.endpointListener = endpointListener;
         this.dapsDriver = dapsDriver;
         this.secureChannelDriver = secureChannelDriver;
         this.localExpectedRatCipher = expectedAttestation.getRatMechanisms();
@@ -86,7 +86,7 @@ public Idscp2Server listen(Idscp2Settings settings) throws Idscp2Exception {
     public void secureChannelConnectHandler(SecureChannel secureChannel) {
         if (secureChannel == null){
             LOG.warn("IDSCP2 connect failed because no secure channel was established");
-            user.onError("IDSCP2 connect failed because no secure channel was established");
+            endpointListener.onError("IDSCP2 connect failed because no secure channel was established");
         } else {
             LOG.debug("A new secure channel for an outgoing idscpv2 connection was established");
             FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher,
@@ -102,7 +102,7 @@ public void secureChannelConnectHandler(SecureChannel secureChannel) {
             Idscp2Connection newConnection = new Idscp2Connection(fsm, connectionId);
             fsm.registerConnection(newConnection);
             LOG.info("A new IDSCP2 connection with id {} was created", connectionId);
-            user.onConnection(newConnection);
+            endpointListener.onConnection(newConnection);
         }
     }
 
@@ -137,7 +137,7 @@ public void secureChannelListenHandler(SecureChannel secureChannel,
             LOG.info("A new idscpv2 connection with id {} was created", connectionId);
             // Complete the connection promise for the IDSCP server
             connectionPromise.complete(newConnection);
-            user.onConnection(newConnection);
+            endpointListener.onConnection(newConnection);
         } else {
             LOG.warn("An incoming idscpv2 client connection request failed because the secure channel is null.");
         }
diff --git a/settings.gradle b/settings.gradle
index 322be4211..ca6f28465 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -1,6 +1,7 @@
 rootProject.name = 'trusted-connector-core'
 
 include ':camel-ids'
+include ':camel-idscp2'
 include ':camel-influxdb'
 include ':camel-multipart-processor'
 include ':cxf-jaxws-patch'

From 7a5051329cd9a081af1f0b62e0e4c2250bb7a997 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Sun, 24 May 2020 17:48:18 +0200
Subject: [PATCH 077/237] Implemented JWT wrapper bundle for correct
 io.jsonwebtoken exports

---
 jsonwebtoken-wrapper/LICENSE.txt      | 201 ++++++++++++++++++++++++++
 jsonwebtoken-wrapper/README.md        |   1 +
 jsonwebtoken-wrapper/bnd.bnd          |   8 +
 jsonwebtoken-wrapper/build.gradle.kts |   8 +
 karaf-assembly/build.gradle           |   1 +
 karaf-features-ids/build.gradle       |   2 +-
 settings.gradle                       |   1 +
 7 files changed, 221 insertions(+), 1 deletion(-)
 create mode 100644 jsonwebtoken-wrapper/LICENSE.txt
 create mode 100644 jsonwebtoken-wrapper/README.md
 create mode 100644 jsonwebtoken-wrapper/bnd.bnd
 create mode 100644 jsonwebtoken-wrapper/build.gradle.kts

diff --git a/jsonwebtoken-wrapper/LICENSE.txt b/jsonwebtoken-wrapper/LICENSE.txt
new file mode 100644
index 000000000..261eeb9e9
--- /dev/null
+++ b/jsonwebtoken-wrapper/LICENSE.txt
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/jsonwebtoken-wrapper/README.md b/jsonwebtoken-wrapper/README.md
new file mode 100644
index 000000000..94bec9404
--- /dev/null
+++ b/jsonwebtoken-wrapper/README.md
@@ -0,0 +1 @@
+The _jsonwebtoken-wrapper_ module wraps the io.jsonwebsocket package to make it available to the OSGi layer. This is needed for idscp2 and ids-token-manager.
diff --git a/jsonwebtoken-wrapper/bnd.bnd b/jsonwebtoken-wrapper/bnd.bnd
new file mode 100644
index 000000000..2d384e18d
--- /dev/null
+++ b/jsonwebtoken-wrapper/bnd.bnd
@@ -0,0 +1,8 @@
+Bundle-Name: JWT (JSON web token) Wrapper
+Bundle-Description: JWT (JSON web token) Wrapper Bundle
+Import-Package: \
+  !io.jsonwebtoken*,\
+  *
+# Merge split-package io.jsonwebtoken
+Export-Package: \
+  io.jsonwebtoken*;-split-package:=merge-last
diff --git a/jsonwebtoken-wrapper/build.gradle.kts b/jsonwebtoken-wrapper/build.gradle.kts
new file mode 100644
index 000000000..5cb1bfa31
--- /dev/null
+++ b/jsonwebtoken-wrapper/build.gradle.kts
@@ -0,0 +1,8 @@
+@Suppress("UNCHECKED_CAST") val libraryVersions =
+        rootProject.ext.get("libraryVersions") as Map<String, String>
+
+dependencies {
+    providedByBundle("io.jsonwebtoken", "jjwt-impl", libraryVersions["jsonwebtoken"])
+    providedByBundle("io.jsonwebtoken", "jjwt-jackson", libraryVersions["jsonwebtoken"])
+    providedByBundle("io.jsonwebtoken", "jjwt-api", libraryVersions["jsonwebtoken"])
+}
diff --git a/karaf-assembly/build.gradle b/karaf-assembly/build.gradle
index 367ce7969..f05178224 100644
--- a/karaf-assembly/build.gradle
+++ b/karaf-assembly/build.gradle
@@ -54,6 +54,7 @@ task assembleKaraf(type: CrossPlatformExec) {
     commandLine "./mvnw", "--no-transfer-progress", "clean", "package"
 }
 // Sometimes required to fix an error caused by a non-existing folder (maybe caused by mvn clean)
+mkdir("${project.buildDir}/classes/kotlin/test")
 assembleKaraf.doLast {
     mkdir("${project.buildDir}/classes/kotlin/test")
 }
diff --git a/karaf-features-ids/build.gradle b/karaf-features-ids/build.gradle
index 3231dbea3..dd6078524 100644
--- a/karaf-features-ids/build.gradle
+++ b/karaf-features-ids/build.gradle
@@ -9,7 +9,7 @@ ext {
 
 rootProject.configurations.findAll { it.name.endsWith('Bundle') }.each { project.ext.bundleConfigurations.add(it.name) }
 
-rootProject.subprojects.findAll { it.name.matches("(^(camel|ids|jnr)-.*|.*-patch\$)") }.each { p ->
+rootProject.subprojects.findAll { it.name.matches("(^(camel|ids)-.*|.*-(patch|wrapper)\$)") }.each { p ->
     Boolean included = false
     // Include each sub-project declaring dependencies with a configuration ending on "Bundle",
     // using exactly that configuration for the dependency itself and selection of additional recursive dependencies.
diff --git a/settings.gradle b/settings.gradle
index ca6f28465..5e0df3d66 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -21,6 +21,7 @@ include ':ids-webconsole'
 include ':idscp2'
 include ':javax-xml-bind-patch'
 include ':jnr-unixsocket-wrapper'
+include ':jsonwebtoken-wrapper'
 include ':karaf-assembly'
 include ':karaf-features-ids'
 include ':rat-repository'

From f19e800dce1272f2e6583cfd526e94ab154f5428 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Sun, 24 May 2020 17:48:45 +0200
Subject: [PATCH 078/237] Changed token manager to use JWT wrapper

---
 ids-token-manager/bnd.bnd      | 6 ++----
 ids-token-manager/build.gradle | 6 +++---
 2 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/ids-token-manager/bnd.bnd b/ids-token-manager/bnd.bnd
index eb54369e5..91074f4d8 100755
--- a/ids-token-manager/bnd.bnd
+++ b/ids-token-manager/bnd.bnd
@@ -1,6 +1,4 @@
 Bundle-Name: IDS :: Token Manager
 Import-Package: \
-   !com.android.org.conscrypt,\
-	*
-Private-Package: \
-    io.jsonwebtoken*;-split-package:=merge-last
\ No newline at end of file
+  !com.android.org.conscrypt,\
+  *
\ No newline at end of file
diff --git a/ids-token-manager/build.gradle b/ids-token-manager/build.gradle
index 297a6459f..dfcd54352 100755
--- a/ids-token-manager/build.gradle
+++ b/ids-token-manager/build.gradle
@@ -3,9 +3,9 @@ dependencies {
 
     osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
 
-    providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-impl', version: libraryVersions.jsonwebtoken
-    providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: libraryVersions.jsonwebtoken
-    providedByBundle group: 'io.jsonwebtoken', name: 'jjwt-api', version: libraryVersions.jsonwebtoken
+    implementation group: 'io.jsonwebtoken', name: 'jjwt-impl', version: libraryVersions.jsonwebtoken
+    implementation group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: libraryVersions.jsonwebtoken
+    implementation group: 'io.jsonwebtoken', name: 'jjwt-api', version: libraryVersions.jsonwebtoken
     providedByBundle group: 'com.squareup.okhttp3', name: 'okhttp', version: libraryVersions.okhttp
     providedByBundle group: 'com.squareup.okio', name: 'okio', version: libraryVersions.okio
     providedByBundle group: 'org.bitbucket.b_c', name: 'jose4j', version: libraryVersions.jose4j

From 152ab3d7268e487e852d39f1e44d46dfe05e832a Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Sun, 24 May 2020 17:53:20 +0200
Subject: [PATCH 079/237] Massive IDSCP2 refactoring, cleanup, bug fixes,
 example files

---
 idscp2/build.gradle.kts                       |  11 +-
 .../daps/DefaultDapsDriver.java               | 101 ++--
 .../daps/DefaultDapsDriverConfig.java         | 148 +++---
 .../daps/SecurityRequirements.java            |  41 +-
 .../CustomX509ExtendedKeyManager.java         |  24 +-
 .../keystores/PreConfiguration.java           |  13 +-
 .../rat/dummy/RatProverDummy.java             |   6 +-
 .../rat/dummy/RatVerifierDummy.java           |   6 +-
 .../rat/tpm2d/TPM2dHelper.java                | 117 ++---
 .../rat/tpm2d/TPM2dMessageFactory.java        | 142 +++---
 .../rat/tpm2d/TPM2dProver.java                | 374 +++++++-------
 .../rat/tpm2d/TPM2dProverConfig.java          |  57 +--
 .../rat/tpm2d/TPM2dSocket.java                |  38 +-
 .../rat/tpm2d/TPM2dVerifier.java              | 464 +++++++++---------
 .../rat/tpm2d/TPM2dVerifierConfig.java        |  96 ++--
 .../secure_channel/NativeTLSDriver.java       |  45 +-
 .../secure_channel/TLSConstants.java          |  67 +++
 .../TLSSessionVerificationHelper.java         | 324 ++++++------
 .../secure_channel/TlsConstants.java          | 117 -----
 .../client/DataAvailableListener.java         |   2 +-
 .../client/InputListenerThread.java           |  10 +-
 .../secure_channel/client/TLSClient.java      | 105 ++--
 .../secure_channel/server/TLSServer.java      | 121 +++--
 .../server/TLSServerThread.java               | 126 ++---
 .../drivers/interfaces/RatProverDriver.java   |   9 +-
 .../drivers/interfaces/RatVerifierDriver.java |   7 +-
 .../interfaces/SecureChannelDriver.java       |  11 +-
 .../ids/idscp2/error/Idscp2Exception.java     |   2 +-
 .../idscp2/example/Idscp2ClientInitiator.java |  71 +--
 .../idscp2/example/Idscp2ServerInitiator.java |  84 ++--
 .../ids/idscp2/example/RunTLSClient.java      |  18 +-
 .../ids/idscp2/example/RunTLSServer.java      |  18 +-
 .../ids/idscp2/idscp_core/FastLatch.java      |  50 ++
 .../idscp2/idscp_core/Idscp2Connection.java   |  97 ++--
 .../idscp_core/Idscp2ConnectionAdapter.java   |  12 +
 .../idscp_core/Idscp2ConnectionListener.java  |   2 +-
 .../idscp_core/Idscp2MessageHelper.java       |  24 +-
 .../configuration/AttestationConfig.java      |   6 +-
 .../configuration/Idscp2Configuration.java    | 110 ++---
 .../configuration/Idscp2Settings.java         |  53 +-
 ...ck.java => SecureChannelInitListener.java} |  17 +-
 .../finite_state_machine/Event.java           |  21 +-
 .../idscp_core/finite_state_machine/FSM.java  | 128 +++--
 .../InternalControlMessage.java               |  12 +-
 .../finite_state_machine/State.java           |  15 +-
 .../finite_state_machine/StateClosed.java     |  29 +-
 .../StateEstablished.java                     |  34 +-
 .../StateWaitForDatAndRat.java                |  34 +-
 .../StateWaitForDatAndRatVerifier.java        |  26 +-
 .../StateWaitForHello.java                    |  24 +-
 .../finite_state_machine/StateWaitForRat.java |  34 +-
 .../StateWaitForRatProver.java                |  36 +-
 .../StateWaitForRatVerifier.java              |  26 +-
 .../finite_state_machine/Timer.java           |  10 +-
 .../finite_state_machine/TimerThread.java     |  10 +-
 .../finite_state_machine/Transition.java      |   6 +-
 .../idscp_core/idscp_server/Idscp2Server.java |  51 +-
 .../ServerConnectionListener.java             |  10 +
 .../rat_registry/RatProverDriverRegistry.java |  29 +-
 .../RatVerifierDriverRegistry.java            |  27 +-
 .../secure_channel/SecureChannel.java         |  47 +-
 .../secure_channel/SecureChannelEndpoint.java |   2 +-
 idscp2/src/main/proto/idscpv2.proto           |   2 +-
 idscp2/src/main/proto/tpm2dAttestation.proto  |   2 +-
 .../main/resources/simplelogger.properties    |   1 +
 .../ssl/aisecconnector1-keystore.jks          | Bin
 .../ssl/aisecconnector2-keystore.jks          | Bin
 .../resources/ssl/client-truststore_new.jks   | Bin
 .../resources/ssl/consumer-core-keystore.jks  | Bin
 .../ssl/consumer-core-truststore.jks          | Bin
 .../resources/ssl/consumer-core.cert          |   0
 .../resources/ssl/consumer-core.p12           | Bin
 .../resources/ssl/provider-core-keystore.jks  | Bin
 .../ssl/provider-core-truststore.jks          | Bin
 .../resources/ssl/provider-core.cert          |   0
 .../resources/ssl/provider-core.p12           | Bin
 idscp2/src/test/java/DapsDriverTest.java      |  21 +-
 .../etc/idscp2/aisecconnector1-keystore.jks   | Bin 0 -> 2527 bytes
 .../etc/idscp2/client-truststore_new.jks      | Bin 0 -> 1974 bytes
 79 files changed, 1870 insertions(+), 1913 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.java
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/{Idscp2Callback.java => SecureChannelInitListener.java} (52%)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/ServerConnectionListener.java
 create mode 100644 idscp2/src/main/resources/simplelogger.properties
 rename idscp2/src/{test => main}/resources/ssl/aisecconnector1-keystore.jks (100%)
 rename idscp2/src/{test => main}/resources/ssl/aisecconnector2-keystore.jks (100%)
 rename idscp2/src/{test => main}/resources/ssl/client-truststore_new.jks (100%)
 rename idscp2/src/{test => main}/resources/ssl/consumer-core-keystore.jks (100%)
 rename idscp2/src/{test => main}/resources/ssl/consumer-core-truststore.jks (100%)
 rename idscp2/src/{test => main}/resources/ssl/consumer-core.cert (100%)
 rename idscp2/src/{test => main}/resources/ssl/consumer-core.p12 (100%)
 rename idscp2/src/{test => main}/resources/ssl/provider-core-keystore.jks (100%)
 rename idscp2/src/{test => main}/resources/ssl/provider-core-truststore.jks (100%)
 rename idscp2/src/{test => main}/resources/ssl/provider-core.cert (100%)
 rename idscp2/src/{test => main}/resources/ssl/provider-core.p12 (100%)
 create mode 100644 karaf-assembly/src/main/resources/etc/idscp2/aisecconnector1-keystore.jks
 create mode 100644 karaf-assembly/src/main/resources/etc/idscp2/client-truststore_new.jks

diff --git a/idscp2/build.gradle.kts b/idscp2/build.gradle.kts
index 249056733..ad98fbd39 100644
--- a/idscp2/build.gradle.kts
+++ b/idscp2/build.gradle.kts
@@ -1,9 +1,8 @@
 import com.google.protobuf.gradle.protobuf
 import org.gradle.plugins.ide.idea.model.IdeaModel
-import org.yaml.snakeyaml.Yaml
 
 @Suppress("UNCHECKED_CAST") val libraryVersions =
-        Yaml().load(File("${rootDir}/libraryVersions.yaml").inputStream()) as Map<String, String>
+        rootProject.ext.get("libraryVersions") as Map<String, String>
 
 version = libraryVersions["idscp2"] ?: error("IDSCP2 version not specified")
 
@@ -30,15 +29,17 @@ configure<IdeaModel> {
 }
 
 dependencies {
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+
     providedByBundle("com.github.microsoft", "TSS.Java", libraryVersions["tssJava"])
 
     providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
     
     publishCompile("org.checkerframework", "checker-qual", libraryVersions["checkerQual"])
 
-    providedByBundle("io.jsonwebtoken", "jjwt-impl", libraryVersions["jsonwebtoken"])
-    providedByBundle("io.jsonwebtoken", "jjwt-jackson", libraryVersions["jsonwebtoken"])
-    providedByBundle("io.jsonwebtoken", "jjwt-api", libraryVersions["jsonwebtoken"])
+    implementation("io.jsonwebtoken", "jjwt-impl", libraryVersions["jsonwebtoken"])
+    implementation("io.jsonwebtoken", "jjwt-jackson", libraryVersions["jsonwebtoken"])
+    implementation("io.jsonwebtoken", "jjwt-api", libraryVersions["jsonwebtoken"])
     providedByBundle("org.json", "json", libraryVersions["orgJson"])
     providedByBundle("org.bitbucket.b_c", "jose4j", libraryVersions["jose4j"])
     providedByBundle("com.squareup.okhttp3", "okhttp", libraryVersions["okhttp"])
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 3c6279d70..ea830f884 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -39,7 +39,7 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class DefaultDapsDriver implements DapsDriver {
-    private static final  Logger LOG = LoggerFactory.getLogger(DefaultDapsDriver.class);
+    private static final Logger LOG = LoggerFactory.getLogger(DefaultDapsDriver.class);
 
     private final SSLSocketFactory sslSocketFactory; //ssl socket factory can be reused
     private final X509ExtendedTrustManager trustManager; //trust manager can be reused
@@ -55,14 +55,14 @@ public DefaultDapsDriver(DefaultDapsDriverConfig config) {
 
         //create ssl socket factory for secure
         privateKey = PreConfiguration.getKey(
-            config.getKeyStorePath(),
-            config.getKeyStorePassword(),
-            config.getKeyAlias()
+                config.getKeyStorePath(),
+                config.getKeyStorePassword(),
+                config.getKeyAlias()
         );
 
         TrustManager[] trustManagers = PreConfiguration.getX509ExtTrustManager(
-            config.getTrustStorePath(),
-            config.getTrustStorePassword()
+                config.getTrustStorePath(),
+                config.getTrustStorePassword()
         );
 
         this.trustManager = (X509ExtendedTrustManager) trustManagers[0];
@@ -91,38 +91,38 @@ public byte[] getToken() {
 
         //create signed JWT
         String jwt =
-            Jwts.builder()
-            .setIssuer(connectorUUID)
-            .setSubject(connectorUUID)
-            .setExpiration(Date.from(Instant.now().plusSeconds(86400)))
-            .setIssuedAt(Date.from(Instant.now()))
-            .setNotBefore(Date.from(Instant.now()))
-            .setAudience(targetAudience)
-            .signWith(privateKey, SignatureAlgorithm.RS256).compact();
+                Jwts.builder()
+                        .setIssuer(connectorUUID)
+                        .setSubject(connectorUUID)
+                        .setExpiration(Date.from(Instant.now().plusSeconds(86400)))
+                        .setIssuedAt(Date.from(Instant.now()))
+                        .setNotBefore(Date.from(Instant.now()))
+                        .setAudience(targetAudience)
+                        .signWith(privateKey, SignatureAlgorithm.RS256).compact();
 
         //build http client and request for DAPS
         RequestBody formBody =
-            new FormBody.Builder()
-                .add("grant_type", "client_credentials")
-                .add(
-                    "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
-                .add("client_assertion", jwt)
-                .add("scope", "ids_connector")
-                .build();
+                new FormBody.Builder()
+                        .add("grant_type", "client_credentials")
+                        .add(
+                                "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
+                        .add("client_assertion", jwt)
+                        .add("scope", "ids_connector")
+                        .build();
 
         OkHttpClient client =
-            new OkHttpClient.Builder()
-                .sslSocketFactory(sslSocketFactory, trustManager)
-                .connectTimeout(15, TimeUnit.SECONDS)
-                .writeTimeout(15, TimeUnit.SECONDS)
-                .readTimeout(15, TimeUnit.SECONDS)
-                .build();
+                new OkHttpClient.Builder()
+                        .sslSocketFactory(sslSocketFactory, trustManager)
+                        .connectTimeout(15, TimeUnit.SECONDS)
+                        .writeTimeout(15, TimeUnit.SECONDS)
+                        .readTimeout(15, TimeUnit.SECONDS)
+                        .build();
 
         Request request =
-            new Request.Builder()
-            .url(dapsUrl.concat("/token"))
-            .post(formBody)
-            .build();
+                new Request.Builder()
+                        .url(dapsUrl.concat("/token"))
+                        .post(formBody)
+                        .build();
 
         try {
             //get http response from DAPS
@@ -200,24 +200,24 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
 
         // create new jwks key resolver, selects jwk based on key ID in jwt header
         HttpsJwksVerificationKeyResolver jwksKeyResolver
-            = new HttpsJwksVerificationKeyResolver(httpsJwks);
+                = new HttpsJwksVerificationKeyResolver(httpsJwks);
 
         //create validation requirements
         JwtConsumer jwtConsumer =
-            new JwtConsumerBuilder()
-                .setRequireExpirationTime()         // has expiration time
-                .setAllowedClockSkewInSeconds(30)   // leeway in validation time
-                .setRequireSubject()                // has subject
-                .setExpectedAudience(targetAudience)
-                .setExpectedIssuer(dapsUrl)         // e.g. https://daps.aisec.fraunhofer.de
-                .setVerificationKeyResolver(jwksKeyResolver) //get decryption key from jwks
-                .setJweAlgorithmConstraints(
-                    new AlgorithmConstraints(
-                        ConstraintType.WHITELIST,
-                        AlgorithmIdentifiers.RSA_USING_SHA256
-                    )
-                )
-                .build();
+                new JwtConsumerBuilder()
+                        .setRequireExpirationTime()         // has expiration time
+                        .setAllowedClockSkewInSeconds(30)   // leeway in validation time
+                        .setRequireSubject()                // has subject
+                        .setExpectedAudience(targetAudience)
+                        .setExpectedIssuer(dapsUrl)         // e.g. https://daps.aisec.fraunhofer.de
+                        .setVerificationKeyResolver(jwksKeyResolver) //get decryption key from jwks
+                        .setJweAlgorithmConstraints(
+                                new AlgorithmConstraints(
+                                        ConstraintType.WHITELIST,
+                                        AlgorithmIdentifiers.RSA_USING_SHA256
+                                )
+                        )
+                        .build();
 
         //verify dat
         JwtClaims claims;
@@ -252,15 +252,14 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
             if (securityRequirements instanceof SecurityRequirements) {
                 SecurityRequirements secRequirements = (SecurityRequirements) securityRequirements;
                 SecurityRequirements providedSecurityProfile =
-                    parseSecurityRequirements(claims.toJson());
+                        parseSecurityRequirements(claims.toJson());
 
                 if (providedSecurityProfile == null) {
                     return -1;
                 }
 
                 //toDo add further security attribute validation
-                if (secRequirements.getAuditLogging() <= providedSecurityProfile.getAuditLogging())
-                {
+                if (secRequirements.getAuditLogging() <= providedSecurityProfile.getAuditLogging()) {
                     LOG.info("DAT is valid and secure");
                     return validityTime;
                 } else {
@@ -312,7 +311,7 @@ private SecurityRequirements parseSecurityRequirements(String dynamicAttrToken)
         //toDo parse further security attributes
 
         return new SecurityRequirements.Builder()
-            .setAuditLogging(securityProfile.getInt("audit_logging"))
-            .build();
+                .setAuditLogging(securityProfile.getInt("audit_logging"))
+                .build();
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
index 9164d72ad..64f171996 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
@@ -9,97 +9,105 @@
  */
 public class DefaultDapsDriverConfig {
 
-  @NonNull private String dapsUrl = "https://daps.aisec.fraunhofer.de";
-  @NonNull private String keyStorePath = "";
-  @NonNull private String keyStorePassword = "password";
-  @NonNull private String keyAlias = "1";
-  @NonNull private String trustStorePath = "";
-  @NonNull private String trustStorePassword = "password";
-  @NonNull private String connectorUUID = "";
-
-  public static class Builder {
-    @NonNull private final DefaultDapsDriverConfig config = new DefaultDapsDriverConfig();
-
     @NonNull
-    public Builder setDapsUrl(String dapsUrl) {
-      this.config.dapsUrl = dapsUrl;
-      return this;
+    private String dapsUrl = "https://daps.aisec.fraunhofer.de";
+    @NonNull
+    private String keyStorePath = "";
+    @NonNull
+    private String keyStorePassword = "password";
+    @NonNull
+    private String keyAlias = "1";
+    @NonNull
+    private String trustStorePath = "";
+    @NonNull
+    private String trustStorePassword = "password";
+    @NonNull
+    private String connectorUUID = "";
+
+    public static class Builder {
+        @NonNull
+        private final DefaultDapsDriverConfig config = new DefaultDapsDriverConfig();
+
+        @NonNull
+        public Builder setDapsUrl(String dapsUrl) {
+            this.config.dapsUrl = dapsUrl;
+            return this;
+        }
+
+        @NonNull
+        public Builder setKeyStorePath(String path) {
+            this.config.keyStorePath = path;
+            return this;
+        }
+
+        @NonNull
+        public Builder setKeyStorePassword(String password) {
+            this.config.keyStorePassword = password;
+            return this;
+        }
+
+        @NonNull
+        public Builder setKeyAlias(String alias) {
+            this.config.keyAlias = alias;
+            return this;
+        }
+
+        @NonNull
+        public Builder setTrustStorePath(String path) {
+            this.config.trustStorePath = path;
+            return this;
+        }
+
+        @NonNull
+        public Builder setTrustStorePassword(String password) {
+            this.config.trustStorePassword = password;
+            return this;
+        }
+
+        @NonNull
+        public Builder setConnectorUUID(String uuid) {
+            this.config.connectorUUID = uuid;
+            return this;
+        }
+
+        @NonNull
+        public DefaultDapsDriverConfig build() {
+            return config;
+        }
     }
 
     @NonNull
-    public Builder setKeyStorePath(String path) {
-      this.config.keyStorePath = path;
-      return this;
+    public String getDapsUrl() {
+        return dapsUrl;
     }
 
     @NonNull
-    public Builder setKeyStorePassword(String password) {
-      this.config.keyStorePassword = password;
-      return this;
+    public String getKeyStorePath() {
+        return keyStorePath;
     }
 
     @NonNull
-    public Builder setKeyAlias(String alias) {
-      this.config.keyAlias = alias;
-      return this;
+    public String getKeyStorePassword() {
+        return keyStorePassword;
     }
 
     @NonNull
-    public Builder setTrustStorePath(String path) {
-      this.config.trustStorePath = path;
-      return this;
+    public String getKeyAlias() {
+        return keyAlias;
     }
 
     @NonNull
-    public Builder setTrustStorePassword(String password) {
-      this.config.trustStorePassword = password;
-      return this;
+    public String getTrustStorePath() {
+        return trustStorePath;
     }
 
     @NonNull
-    public Builder setConnectorUUID(String uuid) {
-      this.config.connectorUUID = uuid;
-      return this;
+    public String getTrustStorePassword() {
+        return trustStorePassword;
     }
 
     @NonNull
-    public DefaultDapsDriverConfig build() {
-      return config;
+    public String getConnectorUUID() {
+        return connectorUUID;
     }
-  }
-
-  @NonNull
-  public String getDapsUrl() {
-    return dapsUrl;
-  }
-
-  @NonNull
-  public String getKeyStorePath() {
-    return keyStorePath;
-  }
-
-  @NonNull
-  public String getKeyStorePassword() {
-    return keyStorePassword;
-  }
-
-  @NonNull
-  public String getKeyAlias() {
-    return keyAlias;
-  }
-
-  @NonNull
-  public String getTrustStorePath() {
-    return trustStorePath;
-  }
-
-  @NonNull
-  public String getTrustStorePassword() {
-    return trustStorePassword;
-  }
-
-  @NonNull
-  public String getConnectorUUID() {
-    return connectorUUID;
-  }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
index 275f82c19..7e588989b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
@@ -11,24 +11,25 @@
  */
 public class SecurityRequirements {
 
-  private int auditLogging;
-
-  public static class Builder {
-   @NonNull private final SecurityRequirements requirements = new SecurityRequirements();
-
-   @NonNull
-   public Builder setAuditLogging(int auditLogging) {
-     this.requirements.auditLogging = auditLogging;
-     return this;
-   }
-
-   @NonNull
-   public SecurityRequirements build() {
-     return requirements;
-   }
-  }
-
-  public int getAuditLogging() {
-    return auditLogging;
-  }
+    private int auditLogging;
+
+    public static class Builder {
+        @NonNull
+        private final SecurityRequirements requirements = new SecurityRequirements();
+
+        @NonNull
+        public Builder setAuditLogging(int auditLogging) {
+            this.requirements.auditLogging = auditLogging;
+            return this;
+        }
+
+        @NonNull
+        public SecurityRequirements build() {
+            return requirements;
+        }
+    }
+
+    public int getAuditLogging() {
+        return auditLogging;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
index 67ac13189..8d109d4d1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
@@ -18,7 +18,7 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class CustomX509ExtendedKeyManager extends X509ExtendedKeyManager{
+public class CustomX509ExtendedKeyManager extends X509ExtendedKeyManager {
     private static final Logger LOG = LoggerFactory.getLogger(CustomX509ExtendedKeyManager.class);
 
     private final String certAlias;
@@ -32,7 +32,7 @@ public class CustomX509ExtendedKeyManager extends X509ExtendedKeyManager{
     // also cache the aliases and its properties in the following HashMap.
     private final HashMap<String, CachedAliasValue> cachedAliases = new HashMap<>();
 
-    CustomX509ExtendedKeyManager(String alias, String keyType, final X509ExtendedKeyManager delegate){
+    CustomX509ExtendedKeyManager(String alias, String keyType, final X509ExtendedKeyManager delegate) {
         super();
         this.certAlias = alias;
         this.keyType = keyType;
@@ -51,7 +51,7 @@ public String[] getClientAliases(String keyType, Principal[] issuers) {
     /* returns an existing certAlias that matches one of the given KeyTypes, or null;
        called only by client in TLS handshake */
     public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket socket) {
-        if (Arrays.asList(keyTypes).contains(this.keyType)){
+        if (Arrays.asList(keyTypes).contains(this.keyType)) {
             if ((cachedAliases.containsKey(this.certAlias) &&
                     cachedAliases.get(this.certAlias).match(keyType, issuers))
                     || Arrays.asList(getClientAliases(keyType, issuers)).contains(this.certAlias)) {
@@ -81,7 +81,7 @@ public String[] getServerAliases(String keyType, Principal[] issuers) {
     /* returns an existing certAlias that matches the given KeyType, or null;
        called only by server in TLS handshake*/
     public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
-        if (keyType.equals(this.keyType)){
+        if (keyType.equals(this.keyType)) {
             if ((cachedAliases.containsKey(certAlias) && cachedAliases.get(this.certAlias).match(keyType, issuers))
                     || Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
                 LOG.debug("CertificateAlias is {}", this.certAlias);
@@ -101,7 +101,7 @@ public String chooseServerAlias(String keyType, Principal[] issuers, Socket sock
     /* returns the certificate chain of a given certificateAlias;
        called by client and server in TLS Handshake after alias was chosen */
     public X509Certificate[] getCertificateChain(String certAlias) {
-        if (certAlias.equals(this.certAlias)){
+        if (certAlias.equals(this.certAlias)) {
             X509Certificate[] ret = delegate.getCertificateChain(certAlias);
             LOG.debug("Certificate Chain: {}", Arrays.toString(ret));
             return ret;
@@ -114,9 +114,9 @@ public X509Certificate[] getCertificateChain(String certAlias) {
 
     @Override
     /* returns a privateKey of a given certificateAlias;
-    *  called by client and server in TLS Handshake after alias was chosen */
+     *  called by client and server in TLS Handshake after alias was chosen */
     public PrivateKey getPrivateKey(String certAlias) {
-        if (certAlias.equals(this.certAlias)){
+        if (certAlias.equals(this.certAlias)) {
             return delegate.getPrivateKey(certAlias);
         } else {
             LOG.warn("Invalid certAlias '{}' in getPrivateKey() in class X509ExtendedKeyManager", certAlias);
@@ -126,12 +126,12 @@ public PrivateKey getPrivateKey(String certAlias) {
     }
 
     @Override
-    public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine sslEngine){
+    public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine sslEngine) {
         return delegate.chooseEngineClientAlias(keyType, issuers, sslEngine);
     }
 
     @Override
-    public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine sslEngine){
+    public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine sslEngine) {
         return delegate.chooseEngineServerAlias(keyType, issuers, sslEngine);
     }
 
@@ -140,7 +140,7 @@ private static class CachedAliasValue {
         private final String keyType; //key algorithm type name
         private final Principal issuer; //certificate issuer
 
-        CachedAliasValue(String keyType, Principal issuer){
+        CachedAliasValue(String keyType, Principal issuer) {
             this.keyType = keyType;
             this.issuer = issuer;
         }
@@ -156,9 +156,9 @@ private static class CachedAliasValue {
          *
          * returns true, if the keyAlias fulfills the requirements
          */
-        boolean match(String keyType, Principal[] issuers){
+        boolean match(String keyType, Principal[] issuers) {
             return this.keyType.equals(keyType) && (issuers == null
-                || Arrays.asList(issuers).contains(issuer));
+                    || Arrays.asList(issuers).contains(issuer));
         }
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index 93550c54b..e12a2c38d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -103,12 +103,12 @@ public static KeyManager[] getX509ExtKeyManager(
      * throws RuntimeException if key is not available or key access was not permitted
      */
     public static Key getKey(
-        String keyStorePath,
-        String keyStorePassword,
-        String keyAlias
+            String keyStorePath,
+            String keyStorePassword,
+            String keyAlias
     ) {
         try (
-            InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath))
+                InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath))
         ) {
             /* create KeyManager for remote authentication */
             KeyStore keystore = KeyStore.getInstance("JKS");
@@ -125,7 +125,7 @@ public static Key getKey(
             }
 
         } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException
-            | UnrecoverableKeyException e) {
+                | UnrecoverableKeyException e) {
             throw new RuntimeException(e);
         }
     }
@@ -150,7 +150,8 @@ private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore, Date
                             } catch (CertificateException e) {
                                 return false;
                             }
-                            return true; }).collect(Collectors.toSet());
+                            return true;
+                        }).collect(Collectors.toSet());
 
         // Create PKIXBuilderParameters parameters
         return new PKIXBuilderParameters(validTrustAnchors, new X509CertSelector());
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
index 87fbc1ca6..2454756fb 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
@@ -18,7 +18,7 @@ public class RatProverDummy extends RatProverDriver {
 
     private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
 
-    public RatProverDummy(){
+    public RatProverDummy() {
         super();
     }
 
@@ -33,11 +33,11 @@ public void delegate(byte[] message) {
     @Override
     public void run() {
         int countDown = 2;
-        while (running){
+        while (running) {
             try {
                 sleep(1000);
                 fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
-                    "test".getBytes());
+                        "test".getBytes());
                 if (LOG.isDebugEnabled()) {
                     LOG.debug("Prover waits");
                 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
index 9127ddfae..f05c165e6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
@@ -18,7 +18,7 @@ public class RatVerifierDummy extends RatVerifierDriver {
 
     private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
 
-    public RatVerifierDummy(){
+    public RatVerifierDummy() {
         super();
     }
 
@@ -31,9 +31,9 @@ public void delegate(byte[] message) {
     }
 
     @Override
-    public void run(){
+    public void run() {
         int countDown = 2;
-        while (running){
+        while (running) {
             try {
                 sleep(1000);
                 if (LOG.isDebugEnabled()) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java
index 0639288dc..268dc1093 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java
@@ -9,75 +9,76 @@
 import java.security.cert.Certificate;
 
 public class TPM2dHelper {
-  private static final Logger LOG = LoggerFactory.getLogger(TPM2dHelper.class);
-  private static final SecureRandom sr = new SecureRandom();
+    private static final Logger LOG = LoggerFactory.getLogger(TPM2dHelper.class);
+    private static final SecureRandom sr = new SecureRandom();
 
-  private TPM2dHelper() {}
+    private TPM2dHelper() {
+    }
 
-  /**
-   * Generate a crypto-secure random hex String of length numChars
-   *
-   * @param numBytes Desired String length
-   * @return The generated crypto-secure random hex String
-   */
-  static byte[] generateNonce(int numBytes) {
-    byte[] randBytes = new byte[numBytes];
-    sr.nextBytes(randBytes);
-    return randBytes;
-  }
+    /**
+     * Generate a crypto-secure random hex String of length numChars
+     *
+     * @param numBytes Desired String length
+     * @return The generated crypto-secure random hex String
+     */
+    static byte[] generateNonce(int numBytes) {
+        byte[] randBytes = new byte[numBytes];
+        sr.nextBytes(randBytes);
+        return randBytes;
+    }
 
-  /**
-   * Calculate SHA-1 hash of (nonce|certificate).
-   *
-   * @param nonce The plain, initial nonce
-   * @param certificate The certificate to hash-combine with the nonce
-   * @return The new nonce, updated with the given certificate using SHA-1
-   */
-  static byte[] calculateHash(byte[] nonce, @Nullable Certificate certificate) {
-    try {
-      MessageDigest digest = MessageDigest.getInstance("SHA-1");
-      digest.update(nonce);
-      if (certificate != null) {
-        digest.update(certificate.getEncoded());
-      } else {
-        if (LOG.isWarnEnabled()) {
-          LOG.warn(
-              "No client certificate available. Cannot bind nonce to public key to prevent masquerading attack. TLS misconfiguration!");
+    /**
+     * Calculate SHA-1 hash of (nonce|certificate).
+     *
+     * @param nonce       The plain, initial nonce
+     * @param certificate The certificate to hash-combine with the nonce
+     * @return The new nonce, updated with the given certificate using SHA-1
+     */
+    static byte[] calculateHash(byte[] nonce, @Nullable Certificate certificate) {
+        try {
+            MessageDigest digest = MessageDigest.getInstance("SHA-1");
+            digest.update(nonce);
+            if (certificate != null) {
+                digest.update(certificate.getEncoded());
+            } else {
+                if (LOG.isWarnEnabled()) {
+                    LOG.warn(
+                            "No client certificate available. Cannot bind nonce to public key to prevent masquerading attack. TLS misconfiguration!");
+                }
+            }
+            return digest.digest();
+        } catch (Exception e1) {
+            LOG.error("Could not create hash of own nonce and local certificate", e1);
+            return nonce;
         }
-      }
-      return digest.digest();
-    } catch (Exception e1) {
-      LOG.error("Could not create hash of own nonce and local certificate", e1);
-      return nonce;
     }
-  }
 
-  static class ByteArrayUtil {
+    static class ByteArrayUtil {
 
-    private static final String[] lookup = new String[256];
+        private static final String[] lookup = new String[256];
 
-    static {
-      for (int i = 0; i < lookup.length; ++i) {
-        if (i < 16) {
-          lookup[i] = "0" + Integer.toHexString(i);
-        } else {
-          lookup[i] = Integer.toHexString(i);
+        static {
+            for (int i = 0; i < lookup.length; ++i) {
+                if (i < 16) {
+                    lookup[i] = "0" + Integer.toHexString(i);
+                } else {
+                    lookup[i] = Integer.toHexString(i);
+                }
+            }
         }
-      }
-    }
 
-    static String toPrintableHexString(byte[] bytes) {
-      StringBuilder s = new StringBuilder();
-      for (int i = 0; i < bytes.length; ++i) {
-        if (i > 0 && i % 16 == 0) {
-          s.append('\n');
-        } else {
-          s.append(' ');
+        static String toPrintableHexString(byte[] bytes) {
+            StringBuilder s = new StringBuilder();
+            for (int i = 0; i < bytes.length; ++i) {
+                if (i > 0 && i % 16 == 0) {
+                    s.append('\n');
+                } else {
+                    s.append(' ');
+                }
+                s.append(lookup[bytes[i] & 0xff]);
+            }
+            return s.toString();
         }
-        s.append(lookup[bytes[i] & 0xff]);
-      }
-      return s.toString();
     }
-  }
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java
index effae50fe..e01bf145f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java
@@ -2,8 +2,8 @@
 
 
 import com.google.protobuf.ByteString;
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.*;
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.RemoteToTpm2d.Code;
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.*;
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.RemoteToTpm2d.Code;
 
 import java.util.List;
 
@@ -14,66 +14,66 @@
  */
 public class TPM2dMessageFactory {
 
-  static Tpm2dMessageWrapper getAttestationChallengeMessage(
-      byte[] nonce,
-      IdsAttestationType aType,
-      int pcrIndices
-  ) {
-    return Tpm2dMessageWrapper.newBuilder().setRatChallenge(
-        Tpm2dRatChallenge.newBuilder()
-            .setAtype(aType)
-            .setNonce(ByteString.copyFrom(nonce))
-            .setPcrIndices(pcrIndices)
-            .build()
-    ).build();
-  }
+    static Tpm2dMessageWrapper getAttestationChallengeMessage(
+            byte[] nonce,
+            IdsAttestationType aType,
+            int pcrIndices
+    ) {
+        return Tpm2dMessageWrapper.newBuilder().setRatChallenge(
+                Tpm2dRatChallenge.newBuilder()
+                        .setAtype(aType)
+                        .setNonce(ByteString.copyFrom(nonce))
+                        .setPcrIndices(pcrIndices)
+                        .build()
+        ).build();
+    }
 
-  static Tpm2dMessageWrapper getAttestationResponseMessage(
-      IdsAttestationType aType,
-      String hash_alg,
-      ByteString quoted,
-      ByteString signature,
-      List<Pcr> pcrValues,
-      ByteString certificate
-  ) {
-    return Tpm2dMessageWrapper.newBuilder().setRatResponse(
-        Tpm2dRatResponse.newBuilder()
-            .setAtype(aType)
-            .setHashAlg(hash_alg)
-            .setQuoted(quoted)
-            .setSignature(signature)
-            .addAllPcrValues(pcrValues)
-            .setCertificate(certificate)
-            .build()
-    ).build();
-  }
+    static Tpm2dMessageWrapper getAttestationResponseMessage(
+            IdsAttestationType aType,
+            String hash_alg,
+            ByteString quoted,
+            ByteString signature,
+            List<Pcr> pcrValues,
+            ByteString certificate
+    ) {
+        return Tpm2dMessageWrapper.newBuilder().setRatResponse(
+                Tpm2dRatResponse.newBuilder()
+                        .setAtype(aType)
+                        .setHashAlg(hash_alg)
+                        .setQuoted(quoted)
+                        .setSignature(signature)
+                        .addAllPcrValues(pcrValues)
+                        .setCertificate(certificate)
+                        .build()
+        ).build();
+    }
 
-  static Tpm2dMessageWrapper getAttestationResponseMessage(
-      Tpm2dToRemote response
-  ) {
-    return Tpm2dMessageWrapper.newBuilder().setRatResponse(
-        Tpm2dRatResponse.newBuilder()
-            .setAtype(response.getAtype())
-            .setHashAlg(response.getHalg().name())
-            .setQuoted(response.getQuoted())
-            .setSignature(response.getSignature())
-            .addAllPcrValues(response.getPcrValuesList())
-            .setCertificate(response.getCertificate())
-            .build()
-    ).build();
-  }
+    static Tpm2dMessageWrapper getAttestationResponseMessage(
+            Tpm2dToRemote response
+    ) {
+        return Tpm2dMessageWrapper.newBuilder().setRatResponse(
+                Tpm2dRatResponse.newBuilder()
+                        .setAtype(response.getAtype())
+                        .setHashAlg(response.getHalg().name())
+                        .setQuoted(response.getQuoted())
+                        .setSignature(response.getSignature())
+                        .addAllPcrValues(response.getPcrValuesList())
+                        .setCertificate(response.getCertificate())
+                        .build()
+        ).build();
+    }
 
-  static Tpm2dMessageWrapper getAttestationResultMessage(
-      //IdsAttestationType aType,
-      boolean result
-  ) {
-    return Tpm2dMessageWrapper.newBuilder().setRatResult(
-        Tpm2dRatResult.newBuilder()
-            //.setAtype(aType)
-            .setResult(result)
-            .build()
-    ).build();
-  }
+    static Tpm2dMessageWrapper getAttestationResultMessage(
+            //IdsAttestationType aType,
+            boolean result
+    ) {
+        return Tpm2dMessageWrapper.newBuilder().setRatResult(
+                Tpm2dRatResult.newBuilder()
+                        //.setAtype(aType)
+                        .setResult(result)
+                        .build()
+        ).build();
+    }
 
   /*static Tpm2dMessageWrapper getAttestationRepositoryRequestMessage(
       IdsAttestationType aType,
@@ -94,16 +94,16 @@ static Tpm2dMessageWrapper getAttestationRepositoryResponseMessage() {
     ).build();
   }*/
 
-  static RemoteToTpm2d getRemoteToTPM2dMessage(
-      IdsAttestationType aType,
-      byte[] hash,
-      int pcrIndices
-  ) {
-    return RemoteToTpm2d.newBuilder()
-        .setAtype(aType)
-        .setQualifyingData(ByteString.copyFrom(hash))
-        .setCode(Code.ATTESTATION_REQ)
-        .setPcrs(pcrIndices)
-        .build();
-  }
+    static RemoteToTpm2d getRemoteToTPM2dMessage(
+            IdsAttestationType aType,
+            byte[] hash,
+            int pcrIndices
+    ) {
+        return RemoteToTpm2d.newBuilder()
+                .setAtype(aType)
+                .setQualifyingData(ByteString.copyFrom(hash))
+                .setCode(Code.ATTESTATION_REQ)
+                .setPcrs(pcrIndices)
+                .build();
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java
index b2ff18fb0..2603c425a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java
@@ -3,7 +3,7 @@
 import com.google.protobuf.InvalidProtocolBufferException;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.*;
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -17,197 +17,197 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class TPM2dProver extends RatProverDriver {
-  private static final Logger LOG = LoggerFactory.getLogger(TPM2dProver.class);
-
-  /*
-   * ******************* Protocol *******************
-   *
-   * Verifier: (Challenger)
-   * -------------------------
-   * Generate NonceV
-   * create RatChallenge (NonceV, aType, pcr_mask)
-   * -------------------------
-   *
-   * Prover: (Responder)
-   * -------------------------
-   * get RatChallenge (NonceV, aType, pcr_mask)
-   * hash = calculateHash(nonceV, certV)
-   * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
-   * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
-   * create AttestationResponse from tpm response
-   * -------------------------
-   *
-   * Verifier: (Responder)
-   * -------------------------
-   * get AttestationResponse
-   * hash = calculateHash(nonceV, certV)
-   * check signature(response, hash)
-   * check repo(aType, response, ttpUri)
-   * create RatResult
-   * -------------------------
-   *
-   * Prover: (Requester)
-   * -------------------------
-   * get AttestationResult
-   * -------------------------
-   *
-   */
-
-  private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
-  private TPM2dProverConfig config = new TPM2dProverConfig.Builder().build();
-
-  public TPM2dProver(){
-    super();
-  }
-
-  @Override
-  public void setConfig(Object config) {
-    if (config instanceof TPM2dProverConfig) {
-      if (LOG.isDebugEnabled()) {
-        LOG.debug("Set rat prover config");
-      }
-      this.config = (TPM2dProverConfig) config;
-    } else {
-      if (LOG.isWarnEnabled()) {
-        LOG.warn("Invalid prover config");
-      }
+    private static final Logger LOG = LoggerFactory.getLogger(TPM2dProver.class);
+
+    /*
+     * ******************* Protocol *******************
+     *
+     * Verifier: (Challenger)
+     * -------------------------
+     * Generate NonceV
+     * create RatChallenge (NonceV, aType, pcr_mask)
+     * -------------------------
+     *
+     * Prover: (Responder)
+     * -------------------------
+     * get RatChallenge (NonceV, aType, pcr_mask)
+     * hash = calculateHash(nonceV, certV)
+     * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
+     * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
+     * create AttestationResponse from tpm response
+     * -------------------------
+     *
+     * Verifier: (Responder)
+     * -------------------------
+     * get AttestationResponse
+     * hash = calculateHash(nonceV, certV)
+     * check signature(response, hash)
+     * check repo(aType, response, ttpUri)
+     * create RatResult
+     * -------------------------
+     *
+     * Prover: (Requester)
+     * -------------------------
+     * get AttestationResult
+     * -------------------------
+     *
+     */
+
+    private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
+    private TPM2dProverConfig config = new TPM2dProverConfig.Builder().build();
+
+    public TPM2dProver() {
+        super();
     }
-  }
 
-  @Override
-  public void delegate(byte[] message) {
-    queue.add(message);
-    if (LOG.isDebugEnabled()) {
-      LOG.debug("Delegated to prover");
-    }
-  }
-
-  @Override
-  public void run() {
-    //TPM2d Challenge-Response Protocol
-
-    // wait for RatChallenge from Verifier
-    byte[] msg;
-    try {
-      msg = queue.take();
-      if (LOG.isDebugEnabled()) {
-        LOG.debug("Prover receives new message");
-      }
-    } catch (InterruptedException e) {
-      if (this.running){
-        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-      }
-      return;
-    }
-
-    // parse body to expected tpm2d message wrapper
-    Tpm2dMessageWrapper tpm2dMessageWrapper;
-    try {
-      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
-    } catch (InvalidProtocolBufferException e) {
-      LOG.error("Cannot parse IdscpRatVerifier body", e);
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-      return;
-    }
-
-    // check if wrapper contains expected rat challenge
-    if (!tpm2dMessageWrapper.hasRatChallenge()) {
-      //unexpected message
-      if (LOG.isWarnEnabled()) {
-        LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatChallenge");
-      }
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-      return;
-    }
-
-    if (LOG.isDebugEnabled()) {
-      LOG.debug("Get rat challenge from rat verifier");
-    }
-    Tpm2dRatChallenge challenge = tpm2dMessageWrapper.getRatChallenge();
-
-    if (LOG.isDebugEnabled()) {
-      LOG.debug("Requesting attestation from TPM ...");
+    @Override
+    public void setConfig(Object config) {
+        if (config instanceof TPM2dProverConfig) {
+            if (LOG.isDebugEnabled()) {
+                LOG.debug("Set rat prover config");
+            }
+            this.config = (TPM2dProverConfig) config;
+        } else {
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("Invalid prover config");
+            }
+        }
     }
 
-    // hash
-    byte[] hash = TPM2dHelper.calculateHash(challenge.getNonce().toByteArray(),
-        config.getRemoteCertificate());
-
-    // generate RemoteToTPM2dRequest
-    RemoteToTpm2d tpmRequest = TPM2dMessageFactory.getRemoteToTPM2dMessage(
-        challenge.getAtype(),
-        hash,
-        challenge.hasPcrIndices() ? challenge.getPcrIndices() : 0
-    );
-
-    // get TPM response
-    Tpm2dToRemote tpmResponse;
-    try {
-      TPM2dSocket tpmSocket = new TPM2dSocket(config.getTpm2dHost());
-      tpmResponse = tpmSocket.requestAttestation(tpmRequest);
-    } catch (IOException e) {
-      LOG.error("Cannot access TPM", e);
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-      return;
+    @Override
+    public void delegate(byte[] message) {
+        queue.add(message);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Delegated to prover");
+        }
     }
 
-    // create Tpm2dResponse
-    byte[] response = TPM2dMessageFactory.getAttestationResponseMessage(tpmResponse)
-        .toByteArray();
-
-    if (LOG.isDebugEnabled()) {
-      LOG.debug("Send rat response to verifier");
-    }
-    fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG, response);
-
-    // wait for result
-    try {
-      msg = queue.take();
-      if (LOG.isDebugEnabled()) {
-        LOG.debug("Prover receives new message");
-      }
-    } catch (InterruptedException e) {
-      if (this.running) {
-        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-      }
-      return;
-    }
-
-    // parse body to expected tpm2d message wrapper
-    try {
-      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
-    } catch (InvalidProtocolBufferException e) {
-      LOG.error("Cannot parse IdscpRatVerifier body", e);
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-      return;
-    }
-
-    // check if wrapper contains expected rat result
-    if (!tpm2dMessageWrapper.hasRatResult()) {
-      //unexpected message
-      if (LOG.isWarnEnabled()) {
-        LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResult");
-      }
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-      return;
-    }
-
-    if (LOG.isDebugEnabled()) {
-      LOG.debug("Get rat challenge from rat verifier");
-    }
-    Tpm2dRatResult result = tpm2dMessageWrapper.getRatResult();
-
-    // notify fsm
-    if (result.getResult()) {
-      if (LOG.isDebugEnabled()) {
-        LOG.debug("Attestation succeed");
-      }
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
-    } else {
-      if (LOG.isWarnEnabled()) {
-        LOG.warn("Attestation failed");
-      }
-      fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+    @Override
+    public void run() {
+        //TPM2d Challenge-Response Protocol
+
+        // wait for RatChallenge from Verifier
+        byte[] msg;
+        try {
+            msg = queue.take();
+            if (LOG.isDebugEnabled()) {
+                LOG.debug("Prover receives new message");
+            }
+        } catch (InterruptedException e) {
+            if (this.running) {
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+            }
+            return;
+        }
+
+        // parse body to expected tpm2d message wrapper
+        Tpm2dMessageWrapper tpm2dMessageWrapper;
+        try {
+            tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
+        } catch (InvalidProtocolBufferException e) {
+            LOG.error("Cannot parse IdscpRatVerifier body", e);
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+            return;
+        }
+
+        // check if wrapper contains expected rat challenge
+        if (!tpm2dMessageWrapper.hasRatChallenge()) {
+            //unexpected message
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatChallenge");
+            }
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+            return;
+        }
+
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Get rat challenge from rat verifier");
+        }
+        Tpm2dRatChallenge challenge = tpm2dMessageWrapper.getRatChallenge();
+
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Requesting attestation from TPM ...");
+        }
+
+        // hash
+        byte[] hash = TPM2dHelper.calculateHash(challenge.getNonce().toByteArray(),
+                config.getRemoteCertificate());
+
+        // generate RemoteToTPM2dRequest
+        RemoteToTpm2d tpmRequest = TPM2dMessageFactory.getRemoteToTPM2dMessage(
+                challenge.getAtype(),
+                hash,
+                challenge.hasPcrIndices() ? challenge.getPcrIndices() : 0
+        );
+
+        // get TPM response
+        Tpm2dToRemote tpmResponse;
+        try {
+            TPM2dSocket tpmSocket = new TPM2dSocket(config.getTpm2dHost());
+            tpmResponse = tpmSocket.requestAttestation(tpmRequest);
+        } catch (IOException e) {
+            LOG.error("Cannot access TPM", e);
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+            return;
+        }
+
+        // create Tpm2dResponse
+        byte[] response = TPM2dMessageFactory.getAttestationResponseMessage(tpmResponse)
+                .toByteArray();
+
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Send rat response to verifier");
+        }
+        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG, response);
+
+        // wait for result
+        try {
+            msg = queue.take();
+            if (LOG.isDebugEnabled()) {
+                LOG.debug("Prover receives new message");
+            }
+        } catch (InterruptedException e) {
+            if (this.running) {
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+            }
+            return;
+        }
+
+        // parse body to expected tpm2d message wrapper
+        try {
+            tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
+        } catch (InvalidProtocolBufferException e) {
+            LOG.error("Cannot parse IdscpRatVerifier body", e);
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+            return;
+        }
+
+        // check if wrapper contains expected rat result
+        if (!tpm2dMessageWrapper.hasRatResult()) {
+            //unexpected message
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResult");
+            }
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+            return;
+        }
+
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Get rat challenge from rat verifier");
+        }
+        Tpm2dRatResult result = tpm2dMessageWrapper.getRatResult();
+
+        // notify fsm
+        if (result.getResult()) {
+            if (LOG.isDebugEnabled()) {
+                LOG.debug("Attestation succeed");
+            }
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
+        } else {
+            if (LOG.isWarnEnabled()) {
+                LOG.warn("Attestation failed");
+            }
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
+        }
     }
-  }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java
index b9a64a8c8..99f31acd7 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java
@@ -11,40 +11,41 @@
  */
 public class TPM2dProverConfig {
 
-  private Certificate remoteCertificate;
-  @NonNull private String tpm2dHost;
+    private Certificate remoteCertificate;
+    @NonNull
+    private String tpm2dHost;
 
-  private TPM2dProverConfig() {
-    tpm2dHost = System.getenv("TPM_HOST") != null ?
-        System.getenv("TPM_HOST") : "localhost";
-  }
+    private TPM2dProverConfig() {
+        tpm2dHost = System.getenv("TPM_HOST") != null ?
+                System.getenv("TPM_HOST") : "localhost";
+    }
 
-  public static class Builder {
-    private static final TPM2dProverConfig config = new TPM2dProverConfig();
+    public static class Builder {
+        private static final TPM2dProverConfig config = new TPM2dProverConfig();
 
-    @NonNull
-    public Builder setRemoteCertificate(Certificate remoteCert) {
-      config.remoteCertificate = remoteCert;
-      return this;
-    }
+        @NonNull
+        public Builder setRemoteCertificate(Certificate remoteCert) {
+            config.remoteCertificate = remoteCert;
+            return this;
+        }
 
-    @NonNull
-    public Builder setTpmHost(String host) {
-      config.tpm2dHost = host;
-      return this;
-    }
+        @NonNull
+        public Builder setTpmHost(String host) {
+            config.tpm2dHost = host;
+            return this;
+        }
 
-    public TPM2dProverConfig build() {
-      return config;
+        public TPM2dProverConfig build() {
+            return config;
+        }
     }
-  }
 
-  public Certificate getRemoteCertificate() {
-    return remoteCertificate;
-  }
+    public Certificate getRemoteCertificate() {
+        return remoteCertificate;
+    }
 
-  @NonNull
-  public String getTpm2dHost() {
-    return tpm2dHost;
-  }
+    @NonNull
+    public String getTpm2dHost() {
+        return tpm2dHost;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java
index 943de0690..56c32cd37 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
 
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.RemoteToTpm2d;
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dToRemote;
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.RemoteToTpm2d;
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dToRemote;
 
 import java.io.DataInputStream;
 import java.io.DataOutputStream;
@@ -13,23 +13,23 @@
  */
 public class TPM2dSocket extends Socket {
 
-  private final DataInputStream is;
-  private final DataOutputStream os;
+    private final DataInputStream is;
+    private final DataOutputStream os;
 
-  public TPM2dSocket(String host) throws IOException {
-    super(host, 9505);
-    is = new DataInputStream(this.getInputStream());
-    os = new DataOutputStream(this.getOutputStream());
-  }
+    public TPM2dSocket(String host) throws IOException {
+        super(host, 9505);
+        is = new DataInputStream(this.getInputStream());
+        os = new DataOutputStream(this.getOutputStream());
+    }
 
-  public Tpm2dToRemote requestAttestation(RemoteToTpm2d request) throws IOException {
-    // Write attestation request message
-    byte[] requestBytes = request.toByteArray();
-    os.writeInt(requestBytes.length);
-    os.write(requestBytes);
-    // Read attestation result message
-    byte[] resultBytes = new byte[is.readInt()];
-    is.readFully(resultBytes);
-    return Tpm2dToRemote.parseFrom(resultBytes);
-  }
+    public Tpm2dToRemote requestAttestation(RemoteToTpm2d request) throws IOException {
+        // Write attestation request message
+        byte[] requestBytes = request.toByteArray();
+        os.writeInt(requestBytes.length);
+        os.write(requestBytes);
+        // Read attestation result message
+        byte[] resultBytes = new byte[is.readInt()];
+        is.readFully(resultBytes);
+        return Tpm2dToRemote.parseFrom(resultBytes);
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java
index 3b65cc1a8..03f470053 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java
@@ -3,8 +3,8 @@
 import com.google.protobuf.InvalidProtocolBufferException;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dMessageWrapper;
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.Tpm2dRatResponse;
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dMessageWrapper;
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dRatResponse;
 import org.checkerframework.checker.nullness.qual.NonNull;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -28,254 +28,254 @@
  * A TPM2d RatVerifier driver that verifies the remote peer's identity using TPM2d
  */
 public class TPM2dVerifier extends RatVerifierDriver {
-  private static final Logger LOG = LoggerFactory.getLogger(TPM2dVerifier.class);
-
-  /*
-   * ******************* Protocol *******************
-   *
-   * Verifier: (Challenger)
-   * -------------------------
-   * Generate NonceV
-   * create RatChallenge (NonceV, aType, pcr_mask)
-   * -------------------------
-   *
-   * Prover: (Responder)
-   * -------------------------
-   * get RatChallenge (NonceV, aType, pcr_mask)
-   * hash = calculateHash(nonceV, certV)
-   * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
-   * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
-   * create AttestationResponse from tpm response
-   * -------------------------
-   *
-   * Verifier: (Responder)
-   * -------------------------
-   * get AttestationResponse
-   * hash = calculateHash(nonceV, certV)
-   * check signature(response, hash)
-   * check repo(aType, response, ttpUri)
-   * create RatResult
-   * -------------------------
-   *
-   * Prover: (Requester)
-   * -------------------------
-   * get AttestationResult
-   * -------------------------
-   *
-   */
-
-  private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
-  private TPM2dVerifierConfig config = new TPM2dVerifierConfig.Builder().build();
-
-  public TPM2dVerifier(){
-    super();
-  }
-
-  @Override
-  public void setConfig(Object config) {
-    if (config instanceof TPM2dVerifierConfig) {
-      LOG.debug("Set rat verifier config");
-      this.config = (TPM2dVerifierConfig) config;
-    } else {
-      LOG.warn("Invalid config");
-    }
-  }
-
-  @Override
-  public void delegate(byte[] message) {
-    queue.add(message);
-    LOG.debug("Delegated to Verifier");
-  }
-
-  @Override
-  public void run(){
-    //TPM2d Challenge-Response Protocol
-
-    // create rat challenge with fresh nonce
-    LOG.debug("Generate and send rat challenge for rat prover");
-    byte[] nonce = TPM2dHelper.generateNonce(20);
-
-    // send challenge as RAT Verifier Message
-    byte[] ratChallenge = TPM2dMessageFactory.getAttestationChallengeMessage(
-        nonce, config.getExpectedAType(), config.getExpectedAttestationMask()).toByteArray();
-
-    fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratChallenge);
-
-    // wait for attestation response
-    byte[] msg;
-    try {
-      msg = queue.take();
-      LOG.debug("Verifier receives new message");
-    } catch (InterruptedException e) {
-      if (this.running) {
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-      }
-      return;
+    private static final Logger LOG = LoggerFactory.getLogger(TPM2dVerifier.class);
+
+    /*
+     * ******************* Protocol *******************
+     *
+     * Verifier: (Challenger)
+     * -------------------------
+     * Generate NonceV
+     * create RatChallenge (NonceV, aType, pcr_mask)
+     * -------------------------
+     *
+     * Prover: (Responder)
+     * -------------------------
+     * get RatChallenge (NonceV, aType, pcr_mask)
+     * hash = calculateHash(nonceV, certV)
+     * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
+     * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
+     * create AttestationResponse from tpm response
+     * -------------------------
+     *
+     * Verifier: (Responder)
+     * -------------------------
+     * get AttestationResponse
+     * hash = calculateHash(nonceV, certV)
+     * check signature(response, hash)
+     * check repo(aType, response, ttpUri)
+     * create RatResult
+     * -------------------------
+     *
+     * Prover: (Requester)
+     * -------------------------
+     * get AttestationResult
+     * -------------------------
+     *
+     */
+
+    private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
+    private TPM2dVerifierConfig config = new TPM2dVerifierConfig.Builder().build();
+
+    public TPM2dVerifier() {
+        super();
     }
 
-    // parse body to expected tpm2d message wrapper
-    Tpm2dMessageWrapper tpm2dMessageWrapper;
-    try {
-      tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
-    } catch (InvalidProtocolBufferException e) {
-      LOG.error("Cannot parse IdscpRatProver body", e);
-      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-      return;
+    @Override
+    public void setConfig(Object config) {
+        if (config instanceof TPM2dVerifierConfig) {
+            LOG.debug("Set rat verifier config");
+            this.config = (TPM2dVerifierConfig) config;
+        } else {
+            LOG.warn("Invalid config");
+        }
     }
 
-    // check if wrapper contains expected rat response
-    if (!tpm2dMessageWrapper.hasRatResponse()) {
-      //unexpected message
-      LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResponse");
-      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-      return;
+    @Override
+    public void delegate(byte[] message) {
+        queue.add(message);
+        LOG.debug("Delegated to Verifier");
     }
 
-    LOG.debug("Get rat response from remote prover");
-    //validate rat response
-    Tpm2dRatResponse resp = tpm2dMessageWrapper.getRatResponse();
+    @Override
+    public void run() {
+        //TPM2d Challenge-Response Protocol
+
+        // create rat challenge with fresh nonce
+        LOG.debug("Generate and send rat challenge for rat prover");
+        byte[] nonce = TPM2dHelper.generateNonce(20);
+
+        // send challenge as RAT Verifier Message
+        byte[] ratChallenge = TPM2dMessageFactory.getAttestationChallengeMessage(
+                nonce, config.getExpectedAType(), config.getExpectedAttestationMask()).toByteArray();
+
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratChallenge);
+
+        // wait for attestation response
+        byte[] msg;
+        try {
+            msg = queue.take();
+            LOG.debug("Verifier receives new message");
+        } catch (InterruptedException e) {
+            if (this.running) {
+                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+            }
+            return;
+        }
 
-    LOG.debug("Validate rat response: signature and rat repository checks");
+        // parse body to expected tpm2d message wrapper
+        Tpm2dMessageWrapper tpm2dMessageWrapper;
+        try {
+            tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
+        } catch (InvalidProtocolBufferException e) {
+            LOG.error("Cannot parse IdscpRatProver body", e);
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+            return;
+        }
 
-    // validate signature
-    boolean result = true;
-    byte[] hash = TPM2dHelper.calculateHash(nonce, config.getLocalCertificate());
+        // check if wrapper contains expected rat response
+        if (!tpm2dMessageWrapper.hasRatResponse()) {
+            //unexpected message
+            LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResponse");
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+            return;
+        }
 
-    if (!checkSignature(resp, hash)) {
-      result = false;
-      LOG.warn("Invalid rat signature");
-    }
+        LOG.debug("Get rat response from remote prover");
+        //validate rat response
+        Tpm2dRatResponse resp = tpm2dMessageWrapper.getRatResponse();
 
-    // toDo check rat repo!!!!!!!!! --> Problems with current Rat Repo Protobuf format
+        LOG.debug("Validate rat response: signature and rat repository checks");
 
-    // create and send rat result
-    LOG.debug("Send rat result to remote prover");
-    byte[] ratResult = TPM2dMessageFactory.getAttestationResultMessage(result).toByteArray();
-    fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratResult);
+        // validate signature
+        boolean result = true;
+        byte[] hash = TPM2dHelper.calculateHash(nonce, config.getLocalCertificate());
 
-    // notify fsm about result
-    if (result) {
-      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
-    } else {
-      fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-    }
-  }
+        if (!checkSignature(resp, hash)) {
+            result = false;
+            LOG.warn("Invalid rat signature");
+        }
 
-  private boolean checkSignature(@NonNull Tpm2dRatResponse response, byte[] hash) {
-    byte[] byteSignature = response.getSignature().toByteArray();
-    byte[] byteCert = response.getCertificate().toByteArray();
-    byte[] byteQuoted = response.getQuoted().toByteArray();
+        // toDo check rat repo!!!!!!!!! --> Problems with current Rat Repo Protobuf format
 
-    if (LOG.isDebugEnabled()) {
-      LOG.debug("signature: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature));
-      LOG.debug("cert: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteCert));
-      LOG.debug("quoted: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted));
-    }
+        // create and send rat result
+        LOG.debug("Send rat result to remote prover");
+        byte[] ratResult = TPM2dMessageFactory.getAttestationResultMessage(result).toByteArray();
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratResult);
 
-    if (byteSignature.length == 0 || byteCert.length == 0 || byteQuoted.length == 0) {
-      LOG.warn("Some required part (signature, cert or quoted) is empty!");
-      return false;
+        // notify fsm about result
+        if (result) {
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
+        } else {
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
+        }
     }
 
-    try {
-      CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
-
-      // Load trust anchor certificate
-      final X509Certificate rootCertificate;
-      Path rootCertPath = FileSystems.getDefault().getPath("etc", "rootca-cert.pem");
-      try (BufferedReader reader =
-          Files.newBufferedReader(rootCertPath, StandardCharsets.US_ASCII)) {
-        StringBuilder builder = new StringBuilder();
-        for (String line = reader.readLine(); line != null; line = reader.readLine()) {
-          if (!line.startsWith("-")) {
-            builder.append(line.trim());
-          }
+    private boolean checkSignature(@NonNull Tpm2dRatResponse response, byte[] hash) {
+        byte[] byteSignature = response.getSignature().toByteArray();
+        byte[] byteCert = response.getCertificate().toByteArray();
+        byte[] byteQuoted = response.getQuoted().toByteArray();
+
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("signature: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature));
+            LOG.debug("cert: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteCert));
+            LOG.debug("quoted: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted));
         }
-        byte[] rootCertBytes = Base64.getDecoder().decode(builder.toString());
-        rootCertificate =
-            (X509Certificate)
-                certFactory.generateCertificate(new ByteArrayInputStream(rootCertBytes));
-      } catch (Exception e) {
-        LOG.error("Error parsing root certificate", e);
-        return false;
-      }
-
-      // Create X509Certificate instance from certBytes
-      final X509Certificate certificate =
-          (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(byteCert));
-      // Verify the TPM certificate
-      try {
-        certificate.verify(rootCertificate.getPublicKey());
-      } catch (Exception e) {
-        LOG.error("TPM certificate is invalid", e);
-        return false;
-      }
-
-      // Construct a new TPMT_SIGNATURE instance from byteSignature bytes
-      final TPMT_SIGNATURE tpmtSignature;
-      try {
-        tpmtSignature = TPMT_SIGNATURE.fromTpm(byteSignature);
-      } catch (Exception ex) {
-        LOG.warn(
-            "Could not create a TPMT_SIGNATURE from bytes:\n"
-                + TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature),
-            ex);
-        return false;
-      }
-
-      // Construct a new TPMS_ATTEST instance from byteQuoted bytes
-      final TPMS_ATTEST tpmsAttest;
-      try {
-        tpmsAttest = TPMS_ATTEST.fromTpm(byteQuoted);
-      } catch (Exception ex) {
-        LOG.warn(
-            "Could not create a TPMS_ATTEST from bytes:\n"
-                + TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted),
-            ex);
-        return false;
-      }
-
-      // check hash value (extra data) against expected hash
-      byte[] extraBytes = tpmsAttest.extraData;
-      if (!Arrays.equals(extraBytes, hash)) {
-        if (LOG.isWarnEnabled()) {
-          LOG.warn(
-              "The hash (extra data) in TPMS_ATTEST structure is invalid!"
-                  + "\nextra data: {}\nhash: {}",
-              TPM2dHelper.ByteArrayUtil.toPrintableHexString(extraBytes),
-              TPM2dHelper.ByteArrayUtil.toPrintableHexString(hash));
+
+        if (byteSignature.length == 0 || byteCert.length == 0 || byteQuoted.length == 0) {
+            LOG.warn("Some required part (signature, cert or quoted) is empty!");
+            return false;
+        }
+
+        try {
+            CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
+
+            // Load trust anchor certificate
+            final X509Certificate rootCertificate;
+            Path rootCertPath = FileSystems.getDefault().getPath("etc", "rootca-cert.pem");
+            try (BufferedReader reader =
+                         Files.newBufferedReader(rootCertPath, StandardCharsets.US_ASCII)) {
+                StringBuilder builder = new StringBuilder();
+                for (String line = reader.readLine(); line != null; line = reader.readLine()) {
+                    if (!line.startsWith("-")) {
+                        builder.append(line.trim());
+                    }
+                }
+                byte[] rootCertBytes = Base64.getDecoder().decode(builder.toString());
+                rootCertificate =
+                        (X509Certificate)
+                                certFactory.generateCertificate(new ByteArrayInputStream(rootCertBytes));
+            } catch (Exception e) {
+                LOG.error("Error parsing root certificate", e);
+                return false;
+            }
+
+            // Create X509Certificate instance from certBytes
+            final X509Certificate certificate =
+                    (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(byteCert));
+            // Verify the TPM certificate
+            try {
+                certificate.verify(rootCertificate.getPublicKey());
+            } catch (Exception e) {
+                LOG.error("TPM certificate is invalid", e);
+                return false;
+            }
+
+            // Construct a new TPMT_SIGNATURE instance from byteSignature bytes
+            final TPMT_SIGNATURE tpmtSignature;
+            try {
+                tpmtSignature = TPMT_SIGNATURE.fromTpm(byteSignature);
+            } catch (Exception ex) {
+                LOG.warn(
+                        "Could not create a TPMT_SIGNATURE from bytes:\n"
+                                + TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature),
+                        ex);
+                return false;
+            }
+
+            // Construct a new TPMS_ATTEST instance from byteQuoted bytes
+            final TPMS_ATTEST tpmsAttest;
+            try {
+                tpmsAttest = TPMS_ATTEST.fromTpm(byteQuoted);
+            } catch (Exception ex) {
+                LOG.warn(
+                        "Could not create a TPMS_ATTEST from bytes:\n"
+                                + TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted),
+                        ex);
+                return false;
+            }
+
+            // check hash value (extra data) against expected hash
+            byte[] extraBytes = tpmsAttest.extraData;
+            if (!Arrays.equals(extraBytes, hash)) {
+                if (LOG.isWarnEnabled()) {
+                    LOG.warn(
+                            "The hash (extra data) in TPMS_ATTEST structure is invalid!"
+                                    + "\nextra data: {}\nhash: {}",
+                            TPM2dHelper.ByteArrayUtil.toPrintableHexString(extraBytes),
+                            TPM2dHelper.ByteArrayUtil.toPrintableHexString(hash));
+                }
+                return false;
+            }
+
+            // Check signature of attestation
+            final int tpmSigAlg = tpmtSignature.GetUnionSelector_signature();
+            final int tpmSigHashAlg;
+            final byte[] tpmSig;
+            if (tpmSigAlg == TPM_ALG_ID.RSAPSS.toInt()) {
+                tpmSigHashAlg = ((TPMS_SIGNATURE_RSAPSS) tpmtSignature.signature).hash.toInt();
+                tpmSig = ((TPMS_SIGNATURE_RSAPSS) tpmtSignature.signature).sig;
+            } else if (tpmSigAlg == TPM_ALG_ID.RSASSA.toInt()) {
+                tpmSigHashAlg = ((TPMS_SIGNATURE_RSASSA) tpmtSignature.signature).hash.toInt();
+                tpmSig = ((TPMS_SIGNATURE_RSASSA) tpmtSignature.signature).sig;
+            } else {
+                throw new Exception(
+                        "Unknown or unimplemented signature scheme: " + tpmtSignature.signature.getClass());
+            }
+            if (tpmSigHashAlg != TPM_ALG_ID.SHA256.toInt()) {
+                throw new Exception("Only SHA256withRSA TPM signature hash algorithm is allowed!");
+            }
+            Signature sig = Signature.getInstance("SHA256withRSA");
+            sig.initVerify(certificate.getPublicKey());
+            sig.update(byteQuoted);
+            boolean result = sig.verify(tpmSig);
+            if (!result && LOG.isWarnEnabled()) {
+                LOG.warn("Attestation signature invalid!");
+            }
+            return result;
+        } catch (Exception ex) {
+            LOG.warn("Error during attestation validation", ex);
+            return false;
         }
-        return false;
-      }
-
-      // Check signature of attestation
-      final int tpmSigAlg = tpmtSignature.GetUnionSelector_signature();
-      final int tpmSigHashAlg;
-      final byte[] tpmSig;
-      if (tpmSigAlg == TPM_ALG_ID.RSAPSS.toInt()) {
-        tpmSigHashAlg = ((TPMS_SIGNATURE_RSAPSS) tpmtSignature.signature).hash.toInt();
-        tpmSig = ((TPMS_SIGNATURE_RSAPSS) tpmtSignature.signature).sig;
-      } else if (tpmSigAlg == TPM_ALG_ID.RSASSA.toInt()) {
-        tpmSigHashAlg = ((TPMS_SIGNATURE_RSASSA) tpmtSignature.signature).hash.toInt();
-        tpmSig = ((TPMS_SIGNATURE_RSASSA) tpmtSignature.signature).sig;
-      } else {
-        throw new Exception(
-            "Unknown or unimplemented signature scheme: " + tpmtSignature.signature.getClass());
-      }
-      if (tpmSigHashAlg != TPM_ALG_ID.SHA256.toInt()) {
-        throw new Exception("Only SHA256withRSA TPM signature hash algorithm is allowed!");
-      }
-      Signature sig = Signature.getInstance("SHA256withRSA");
-      sig.initVerify(certificate.getPublicKey());
-      sig.update(byteQuoted);
-      boolean result = sig.verify(tpmSig);
-      if (!result && LOG.isWarnEnabled()) {
-        LOG.warn("Attestation signature invalid!");
-      }
-      return result;
-    } catch (Exception ex) {
-      LOG.warn("Error during attestation validation", ex);
-      return false;
     }
-  }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java
index 3dee225a5..db9d0ad1d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java
@@ -1,6 +1,6 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
 
-import de.fhg.aisec.ids.messages.Tpm2dAttestation.IdsAttestationType;
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.IdsAttestationType;
 import org.checkerframework.checker.nullness.qual.NonNull;
 
 import java.net.URI;
@@ -14,65 +14,67 @@
  */
 public class TPM2dVerifierConfig {
 
-  private Certificate localCertificate;
-  @NonNull private URI ttpUri;
-  @NonNull private IdsAttestationType expectedAType = IdsAttestationType.BASIC;
-  private int expectedAttestationMask = 0;
+    private Certificate localCertificate;
+    @NonNull
+    private URI ttpUri;
+    @NonNull
+    private IdsAttestationType expectedAType = IdsAttestationType.BASIC;
+    private int expectedAttestationMask = 0;
 
-  private TPM2dVerifierConfig() {
-    try {
-      ttpUri = new URI("https://invalid-ttp-uri/rat-verify");
-    } catch (URISyntaxException e) {
-      throw new RuntimeException(e);
+    private TPM2dVerifierConfig() {
+        try {
+            ttpUri = new URI("https://invalid-ttp-uri/rat-verify");
+        } catch (URISyntaxException e) {
+            throw new RuntimeException(e);
+        }
     }
-  }
 
-  public static class Builder {
-    private static final TPM2dVerifierConfig config = new TPM2dVerifierConfig();
+    public static class Builder {
+        private static final TPM2dVerifierConfig config = new TPM2dVerifierConfig();
 
-    @NonNull
-    public Builder setTtpUri(URI ttpUri) {
-      config.ttpUri = ttpUri;
-      return this;
+        @NonNull
+        public Builder setTtpUri(URI ttpUri) {
+            config.ttpUri = ttpUri;
+            return this;
+        }
+
+        @NonNull
+        public Builder setLocalCertificate(Certificate localCert) {
+            config.localCertificate = localCert;
+            return this;
+        }
+
+        @NonNull
+        public Builder setExpectedAttestationType(IdsAttestationType aType) {
+            config.expectedAType = aType;
+            return this;
+        }
+
+        public Builder setExpectedAttestationMask(int mask) {
+            config.expectedAttestationMask = mask;
+            return this;
+        }
+
+        public TPM2dVerifierConfig build() {
+            return config;
+        }
     }
 
     @NonNull
-    public Builder setLocalCertificate(Certificate localCert) {
-      config.localCertificate = localCert;
-      return this;
+    public URI getTtpUri() {
+        return ttpUri;
     }
 
     @NonNull
-    public Builder setExpectedAttestationType(IdsAttestationType aType) {
-      config.expectedAType = aType;
-      return this;
+    public IdsAttestationType getExpectedAType() {
+        return expectedAType;
     }
 
-    public Builder setExpectedAttestationMask(int mask) {
-      config.expectedAttestationMask = mask;
-      return this;
+    public Certificate getLocalCertificate() {
+        return localCertificate;
     }
 
-    public TPM2dVerifierConfig build() {
-      return config;
+    public int getExpectedAttestationMask() {
+        return expectedAttestationMask;
     }
-  }
-
-  @NonNull
-  public URI getTtpUri() {
-    return ttpUri;
-  }
-
-  @NonNull
-  public IdsAttestationType getExpectedAType() {
-    return expectedAType;
-  }
-
-  public Certificate getLocalCertificate() {
-    return localCertificate;
-  }
-
-  public int getExpectedAttestationMask() {
-    return expectedAttestationMask;
-  }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
index 47190ab5c..1a2500856 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
@@ -4,16 +4,16 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server.TLSServer;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Callback;
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.io.IOException;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
-import java.util.Arrays;
 import java.util.concurrent.CompletableFuture;
 
 /**
@@ -24,40 +24,33 @@
 public class NativeTLSDriver implements SecureChannelDriver {
     private static final Logger LOG = LoggerFactory.getLogger(NativeTLSDriver.class);
 
-    /*
-     * Asynchronous client connect to a TLS server
+    /**
+     * Performs an asynchronous client connect to a TLS server.
      */
     @Override
-    public void connect(Idscp2Settings settings, Idscp2Callback callback) {
+    public void connect(Idscp2Settings settings, SecureChannelInitListener channelInitListener) {
         try {
-            TLSClient tlsClient = new TLSClient(settings, callback);
+            TLSClient tlsClient = new TLSClient(settings, channelInitListener);
             tlsClient.connect(settings.getHost(), settings.getServerPort());
-
-        } catch (IOException | NoSuchAlgorithmException | KeyManagementException e){
-
-            LOG.error("listen() failed. {}", e.getMessage());
-            LOG.debug(Arrays.toString(e.getStackTrace()));
-            callback.secureChannelConnectHandler(null);
+        } catch (IOException | NoSuchAlgorithmException | KeyManagementException e) {
+            LOG.error("Call to connect() has failed", e);
+            channelInitListener.onSecureChannel(null, null);
         }
     }
 
-    /*
-     * Starting TLS Server
+    /**
+     * Creates and starts a new TLS Server instance.
      *
-     * return null on failure
+     * @return The SecureServer instance
+     * @throws Idscp2Exception If any error occurred during server creation/start
      */
     @Override
-    public SecureServer listen(Idscp2Settings settings, Idscp2Callback configCallback,
-                               CompletableFuture<Idscp2Connection> connectionPromise) {
+    public SecureServer listen(Idscp2Settings settings, SecureChannelInitListener channelInitListener,
+                               CompletableFuture<ServerConnectionListener> serverListenerPromise) {
         try {
-            TLSServer tlsServer = new TLSServer(settings, configCallback, connectionPromise);
-            tlsServer.start();
-            return tlsServer;
-
-        } catch (IOException | NoSuchAlgorithmException | KeyManagementException e){
-            LOG.error("listen() failed.", e);
+            return new TLSServer(settings, channelInitListener, serverListenerPromise);
+        } catch (IOException | NoSuchAlgorithmException | KeyManagementException e) {
+            throw new Idscp2Exception("Error while trying to to start SecureServer", e);
         }
-
-        return null;
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.java
new file mode 100644
index 000000000..0e2e66c85
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.java
@@ -0,0 +1,67 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel;
+
+/**
+ * TLS Constants
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public final class TLSConstants {
+
+    // Used TLS version
+    public static final String TLS_INSTANCE = "TLSv1.3";
+
+    // Enabled encryption protocols
+    public static final String[] TLS_ENABLED_PROTOCOLS = { TLS_INSTANCE };
+
+    // Acceptable TLS ciphers
+    public static final String[] TLS_ENABLED_CIPHERS = {
+//            "TLS_AES_128_GCM_SHA256",
+            "TLS_AES_256_GCM_SHA384",
+            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+//            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
+//            "TLS_RSA_WITH_AES_256_GCM_SHA384",
+//            "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+//            "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
+//            "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
+//            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+//            "TLS_RSA_WITH_AES_128_GCM_SHA256",
+//            "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
+//            "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
+//            "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
+//            "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
+//            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
+//            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
+//            "TLS_RSA_WITH_AES_256_CBC_SHA256",
+//            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
+//            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
+//            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
+//            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
+//            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
+//            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
+//            "TLS_RSA_WITH_AES_256_CBC_SHA",
+//            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
+//            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
+//            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
+//            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
+//            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
+//            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
+//            "TLS_RSA_WITH_AES_128_CBC_SHA256",
+//            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
+//            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
+//            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
+//            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
+//            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
+//            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
+//            "TLS_RSA_WITH_AES_128_CBC_SHA",
+//            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
+//            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
+//            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
+//            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
+//            "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
+    };
+
+    private TLSConstants() {
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java
index 9a3952894..78679508d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java
@@ -20,186 +20,186 @@
  * @author Leon Beckmann (leon.beckmannn@aisec.fraunhofer.de)
  */
 public class TLSSessionVerificationHelper {
-  private static final Logger LOG = LoggerFactory.getLogger(TLSSessionVerificationHelper.class);
-
-  private static final String ipv4Pattern =
-      "(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])";
-  private static final String ipv6Pattern = "([0-9a-f]{1,4}:){7}([0-9a-f]){1,4}";
-
-  /*
-   * Checks if the ssl session is valid and the remote host can be trusted
-   *
-   * Due to the fact, that hostname verification is not specified in the secure socket layer,
-   * we have to check if the connected hostname matches to the subject of the peer certificate to
-   * avoid Man-In-The-Middle Attacks. This is required for every raw tls!
-   *
-   * Further we check the peer certificate validity to avoid the case that some of the certificates
-   * in our local trust_store are not valid anymore and allow a peer connector to connect with an
-   * expired certificate
-   *
-   * Throws SSlPeerUnverifiedException if peer certificate is not secure for this peer
-   */
-  public static void verifyTlsSession(SSLSession sslSession) throws SSLPeerUnverifiedException{
-
-    String host = sslSession.getPeerHost();
-
-    LOG.debug("Connected to {}:{}", host, sslSession.getPeerPort());
-    try {
-
-      //get certificate
-      Certificate[] certificates = sslSession.getPeerCertificates();
-      if (certificates.length != 1) {
-        throw new SSLPeerUnverifiedException("Unexpected number of certificates");
-      }
-      X509Certificate peerCert = (X509Certificate) certificates[0];
-
-      /*
-       * According to RFC6125, hostname verification should be done against the certificate's
-       * subject alternative name's (SANs) dNSName field or the SANs IPAddress. In some legacy
-       * implementations, the check is done against the certificate's commonName, but this is
-       * deprecated for quite a while and is therefore not supported anymore in te IDSCP2 protocol.
-       */
-      Collection<List<?>> sans = peerCert.getSubjectAlternativeNames();
-      if (sans == null) {
-        throw new SSLPeerUnverifiedException("No Subject alternative names for hostname "
-            + "verification provided");
-      }
-
-      ArrayList<String> acceptedDnsNames = new ArrayList<>();
-      ArrayList<String> acceptedIpAddresses = new ArrayList<>();
-
-      for (List<?> subjectAltName : sans) {
-        if (subjectAltName.size() != 2) {
-          continue;
-        }
-        Object value = subjectAltName.get(1);
-        switch ((Integer)subjectAltName.get(0)) {
-          case 2: //DNS_NAME
-            if (value instanceof String) {
-              acceptedDnsNames.add((String)value);
-            } else if (value instanceof byte[]) {
-              acceptedDnsNames.add(new String((byte[]) value));
+    private static final Logger LOG = LoggerFactory.getLogger(TLSSessionVerificationHelper.class);
+
+    private static final String ipv4Pattern =
+            "(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])";
+    private static final String ipv6Pattern = "([0-9a-f]{1,4}:){7}([0-9a-f]){1,4}";
+
+    /*
+     * Checks if the ssl session is valid and the remote host can be trusted
+     *
+     * Due to the fact, that hostname verification is not specified in the secure socket layer,
+     * we have to check if the connected hostname matches to the subject of the peer certificate to
+     * avoid Man-In-The-Middle Attacks. This is required for every raw tls!
+     *
+     * Further we check the peer certificate validity to avoid the case that some of the certificates
+     * in our local trust_store are not valid anymore and allow a peer connector to connect with an
+     * expired certificate
+     *
+     * Throws SSlPeerUnverifiedException if peer certificate is not secure for this peer
+     */
+    public static void verifyTlsSession(SSLSession sslSession) throws SSLPeerUnverifiedException {
+
+        String host = sslSession.getPeerHost();
+
+        LOG.debug("Connected to {}:{}", host, sslSession.getPeerPort());
+        try {
+
+            //get certificate
+            Certificate[] certificates = sslSession.getPeerCertificates();
+            if (certificates.length != 1) {
+                throw new SSLPeerUnverifiedException("Unexpected number of certificates");
             }
-            break;
-          case 7: //IP_ADDRESS
-            if (value instanceof String) {
-              acceptedIpAddresses.add((String)value);
-            } else if (value instanceof byte[]) {
-              acceptedIpAddresses.add(new String((byte[]) value));
+            X509Certificate peerCert = (X509Certificate) certificates[0];
+
+            /*
+             * According to RFC6125, hostname verification should be done against the certificate's
+             * subject alternative name's (SANs) dNSName field or the SANs IPAddress. In some legacy
+             * implementations, the check is done against the certificate's commonName, but this is
+             * deprecated for quite a while and is therefore not supported anymore in te IDSCP2 protocol.
+             */
+            Collection<List<?>> sans = peerCert.getSubjectAlternativeNames();
+            if (sans == null) {
+                throw new SSLPeerUnverifiedException("No Subject alternative names for hostname "
+                        + "verification provided");
             }
-            break;
-          case 0: //OTHER_NAME - Not Supported
-          case 1: //RFC_822_Name - Not Supported
-          case 3: //X400_ADDRESS - Not Supported
-          case 4: //DIRECTORY_NAME - Not Supported
-          case 5: //EDI_PARTY_NAME - Not supported
-          case 6: //URI - Not Supported
-          case 8: //REGISTERED_ID - Not Supported
-          default: //unspecified General Name - should never happen
-            break;
-        }
-      }
-
-      //toDo localhost is matched manually to 127.0.0.1 for testing..
-      // automatic dns resolving via DNS service is not an option since we cannot trust the DNS
-      if (acceptedDnsNames.contains("localhost")) {
-        acceptedIpAddresses.add("127.0.0.1");
-      }
-
-
-      if (isIpAddress(host)) {
-        //FIXME The server should provide a possibility to validate clients dnsNames against SANs in
-        // Client certificate to avoid MITMs. This is an open issue
-        //check ip addresses RFC 2818 (Section 3.1)
-        if (!acceptedIpAddresses.contains(host)) {
-          throw new SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
-              + "not belong to peer host");
-        }
-      } else {
-        //check hostname
-        String[] hostLabels = host.split("\\.");
-        boolean found = false;
-
-        for (String entry : acceptedDnsNames) {
-          if (checkHostname(entry.split("\\.", -1), hostLabels)) {
-            found = true;
-            break;
-          }
-        }
 
-        if (!found) {
-          throw new SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
-              + "not belong to peer host");
-        }
-      }
+            ArrayList<String> acceptedDnsNames = new ArrayList<>();
+            ArrayList<String> acceptedIpAddresses = new ArrayList<>();
+
+            for (List<?> subjectAltName : sans) {
+                if (subjectAltName.size() != 2) {
+                    continue;
+                }
+                Object value = subjectAltName.get(1);
+                switch ((Integer) subjectAltName.get(0)) {
+                    case 2: //DNS_NAME
+                        if (value instanceof String) {
+                            acceptedDnsNames.add((String) value);
+                        } else if (value instanceof byte[]) {
+                            acceptedDnsNames.add(new String((byte[]) value));
+                        }
+                        break;
+                    case 7: //IP_ADDRESS
+                        if (value instanceof String) {
+                            acceptedIpAddresses.add((String) value);
+                        } else if (value instanceof byte[]) {
+                            acceptedIpAddresses.add(new String((byte[]) value));
+                        }
+                        break;
+                    case 0: //OTHER_NAME - Not Supported
+                    case 1: //RFC_822_Name - Not Supported
+                    case 3: //X400_ADDRESS - Not Supported
+                    case 4: //DIRECTORY_NAME - Not Supported
+                    case 5: //EDI_PARTY_NAME - Not supported
+                    case 6: //URI - Not Supported
+                    case 8: //REGISTERED_ID - Not Supported
+                    default: //unspecified General Name - should never happen
+                        break;
+                }
+            }
 
+            //toDo localhost is matched manually to 127.0.0.1 for testing..
+            // automatic dns resolving via DNS service is not an option since we cannot trust the DNS
+            if (acceptedDnsNames.contains("localhost")) {
+                acceptedIpAddresses.add("127.0.0.1");
+            }
 
-      //check certificate validity for now and at least one day
-      Date oneDay = new Date();
-      oneDay.setTime(oneDay.getTime() + 86400000);
 
-      peerCert.checkValidity();
-      peerCert.checkValidity(oneDay);
+            if (isIpAddress(host)) {
+                //FIXME The server should provide a possibility to validate clients dnsNames against SANs in
+                // Client certificate to avoid MITMs. This is an open issue
+                //check ip addresses RFC 2818 (Section 3.1)
+                if (!acceptedIpAddresses.contains(host)) {
+                    throw new SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
+                            + "not belong to peer host");
+                }
+            } else {
+                //check hostname
+                String[] hostLabels = host.split("\\.");
+                boolean found = false;
+
+                for (String entry : acceptedDnsNames) {
+                    if (checkHostname(entry.split("\\.", -1), hostLabels)) {
+                        found = true;
+                        break;
+                    }
+                }
+
+                if (!found) {
+                    throw new SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
+                            + "not belong to peer host");
+                }
+            }
 
-    } catch (CertificateParsingException | CertificateNotYetValidException |
-        CertificateExpiredException e) {
-      throw new SSLPeerUnverifiedException("TLS Session Verification failed "+ e);
-    }
-  }
 
+            //check certificate validity for now and at least one day
+            Date oneDay = new Date();
+            oneDay.setTime(oneDay.getTime() + 86400000);
 
-  /*
-   * check if host is an IP Address
-   */
-  private static boolean isIpAddress(String host){
+            peerCert.checkValidity();
+            peerCert.checkValidity(oneDay);
 
-    Matcher ip4 = Pattern.compile(ipv4Pattern, Pattern.CASE_INSENSITIVE).matcher(host);
-    if (ip4.matches()) {
-      return true;
+        } catch (CertificateParsingException | CertificateNotYetValidException |
+                CertificateExpiredException e) {
+            throw new SSLPeerUnverifiedException("TLS Session Verification failed " + e);
+        }
     }
 
-    Matcher ip6 = Pattern.compile(ipv6Pattern, Pattern.CASE_INSENSITIVE).matcher(host);
-    return ip6.matches();
-  }
-
-  /*
-   * match dNS Name
-   */
-  private static boolean checkHostname(String[] dnsNameLabels, String[] hostNameLabels) {
 
     /*
-     * support wildcard matching of DNS names as described in RFC6125 Section 6.4.3
-     *
-     * Rules:
-     * 1. The client SHOULD NOT attempt to match a presented identifier in which the wildcard
-     * character comprises a label other than the left-most label
-     * (e.g., do not match bar.*.example.net).
-     *
-     * 2. If the wildcard character is the only character of the left-most label in the
-     * presented identifier, the client SHOULD NOT compare against anything but the left-most
-     * label of the reference identifier (e.g., *.example.com would match foo.example.com but
-     * not bar.foo.example.com or example.com).
-     *
-     * 3. The client MAY match a presented identifier in which the wildcard character is not the
-     * only character of the label (e.g., baz*.example.net and *baz.example.net and
-     * b*z.example.net would be taken to match baz1.example.net and foobaz.example.net and
-     * buzz.example.net, respectively).  However, the client SHOULD NOT attempt to match a
-     * presented identifier where the wildcard character is embedded within an A-label or
-     * U-label of an internationalized domain name.
+     * check if host is an IP Address
      */
-    if (dnsNameLabels.length == hostNameLabels.length) { //include rule 2
-      //all labels without the first one must match completely (rule 1)
-      for (int i = 1; i < dnsNameLabels.length; i++) {
-        if (!dnsNameLabels[i].equals(hostNameLabels[i])) {
-          return false;
+    private static boolean isIpAddress(String host) {
+
+        Matcher ip4 = Pattern.compile(ipv4Pattern, Pattern.CASE_INSENSITIVE).matcher(host);
+        if (ip4.matches()) {
+            return true;
         }
-      }
 
-      //first label could include wildcard character '*' (rule 1+3)
-      return hostNameLabels[0].matches(dnsNameLabels[0].replace("*", ".*"));
+        Matcher ip6 = Pattern.compile(ipv6Pattern, Pattern.CASE_INSENSITIVE).matcher(host);
+        return ip6.matches();
     }
 
-    return false;
-  }
+    /*
+     * match dNS Name
+     */
+    private static boolean checkHostname(String[] dnsNameLabels, String[] hostNameLabels) {
+
+        /*
+         * support wildcard matching of DNS names as described in RFC6125 Section 6.4.3
+         *
+         * Rules:
+         * 1. The client SHOULD NOT attempt to match a presented identifier in which the wildcard
+         * character comprises a label other than the left-most label
+         * (e.g., do not match bar.*.example.net).
+         *
+         * 2. If the wildcard character is the only character of the left-most label in the
+         * presented identifier, the client SHOULD NOT compare against anything but the left-most
+         * label of the reference identifier (e.g., *.example.com would match foo.example.com but
+         * not bar.foo.example.com or example.com).
+         *
+         * 3. The client MAY match a presented identifier in which the wildcard character is not the
+         * only character of the label (e.g., baz*.example.net and *baz.example.net and
+         * b*z.example.net would be taken to match baz1.example.net and foobaz.example.net and
+         * buzz.example.net, respectively).  However, the client SHOULD NOT attempt to match a
+         * presented identifier where the wildcard character is embedded within an A-label or
+         * U-label of an internationalized domain name.
+         */
+        if (dnsNameLabels.length == hostNameLabels.length) { //include rule 2
+            //all labels without the first one must match completely (rule 1)
+            for (int i = 1; i < dnsNameLabels.length; i++) {
+                if (!dnsNameLabels[i].equals(hostNameLabels[i])) {
+                    return false;
+                }
+            }
+
+            //first label could include wildcard character '*' (rule 1+3)
+            return hostNameLabels[0].matches(dnsNameLabels[0].replace("*", ".*"));
+        }
+
+        return false;
+    }
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java
deleted file mode 100644
index bbbec4b60..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TlsConstants.java
+++ /dev/null
@@ -1,117 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel;
-
-/**
- * TLS Constants
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public final class TlsConstants {
-
-    public static final String END_OF_STREAM = "End of stream";
-
-    /* TLS specific settings */
-
-    //socket instances
-    public static final String TLS_INSTANCE = "TLSv1.3";
-
-    //enabled protocols
-    public static final String[] TLS_ENABLED_PROTOCOLS = {TLS_INSTANCE};
-
-    //enabled ciphers (only uncommented ciphers are activated)
-    public static final String[] TLS_ENABLED_CIPHER_TLS12 = {
-            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-            "TLS_RSA_WITH_AES_256_CBC_SHA256",
-            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
-            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
-            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
-            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
-            /*"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
-            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
-            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
-            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
-            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
-            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
-            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-            "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
-            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
-            "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"*/
-    };
-
-    // not all of the enabled ciphers are supported by openssl yet
-    public static final String[] TLS_ENABLED_CIPHER_TLS13 = {
-            //"TLS_AES_128_GCM_SHA256",
-            "TLS_AES_256_GCM_SHA384",
-            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-            //"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-            "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
-            /*"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
-            "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",*/
-            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-            "TLS_RSA_WITH_AES_256_CBC_SHA256",
-            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
-            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
-            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
-            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
-            /*"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
-            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
-            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
-            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
-            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
-            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
-            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
-            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
-            "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"*/
-    };
-
-    private TlsConstants() {}
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
index 6249c795e..c0101dcf3 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
 
 /**
- * An interface for DataAvailableListeners, that will be notified when new data were received
+ * An interface for DataAvailableListeners, that will be notified when new data has been received
  * at the sslSocket
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index e3f60a084..3874c8c8f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -8,7 +8,7 @@
 
 /**
  * A simple Listener thread that listens to an input stream and notifies a listeners
- * when new data were received
+ * when new data has been received
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -18,16 +18,16 @@ public class InputListenerThread extends Thread implements InputListener {
     private DataAvailableListener listener = null; //no race conditions, could be empty list
     private volatile boolean running = true;
 
-    public InputListenerThread(InputStream in){
+    public InputListenerThread(InputStream in) {
         this.in = new DataInputStream(in);
     }
 
     /*
      * Run the input listener thread that reads from wire and provides data to upper layer
      */
-    public void run(){
+    public void run() {
         byte[] buf;
-        while (running){
+        while (running) {
             try {
                 //first read the length
                 int len = in.readInt();
@@ -38,7 +38,7 @@ public void run(){
                 this.listener.onMessage(buf);
             } catch (SocketTimeoutException ignore) {
                 //timeout to catch safeStop() call
-            } catch (EOFException e){
+            } catch (EOFException e) {
                 listener.onClose();
                 running = false; //terminate
             } catch (IOException e) {
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index b3c16f91e..dfead2cbe 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -1,10 +1,10 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
@@ -18,7 +18,7 @@
 import java.net.Socket;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
-import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * A TLS Client that notifies an Idscp2Configuration when a secure channel was created and the
@@ -34,62 +34,61 @@ public class TLSClient implements HandshakeCompletedListener, DataAvailableListe
     private final Socket clientSocket;
     private DataOutputStream out;
     private InputListenerThread inputListenerThread;
-    private SecureChannelListener listener; //race conditions are avoided using CountDownLatch
-    private final CountDownLatch listenerLatch = new CountDownLatch(1);
-    private final Idscp2Callback callback;
+    private final CompletableFuture<SecureChannelListener> listenerPromise = new CompletableFuture<>();
+    private final SecureChannelInitListener secureChannelInitListener;
 
+    public TLSClient(Idscp2Settings clientSettings, SecureChannelInitListener secureChannelInitListener)
+            throws IOException, KeyManagementException, NoSuchAlgorithmException {
+        this.secureChannelInitListener = secureChannelInitListener;
 
-    public TLSClient(Idscp2Settings clientSettings, Idscp2Callback callback)
-            throws IOException, KeyManagementException, NoSuchAlgorithmException{
-        this.callback = callback;
-        /* init TLS Client */
+        // init TLS Client
 
-        /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
-         * hostVerification and algorithm constraints */
+        // get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
+        // hostVerification and algorithm constraints
         TrustManager[] myTrustManager = PreConfiguration.getX509ExtTrustManager(
                 clientSettings.getTrustStorePath(),
                 clientSettings.getTrustStorePassword()
         );
 
-        /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
-         * connection specific key selection via key alias*/
+        // get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
+        // connection specific key selection via key alias
         KeyManager[] myKeyManager = PreConfiguration.getX509ExtKeyManager(
                 clientSettings.getKeyStorePath(),
                 clientSettings.getKeyStorePassword(),
-                clientSettings.getCertAlias(),
+                clientSettings.getCertificateAlias(),
                 clientSettings.getKeyStoreKeyType()
         );
 
-        SSLContext sslContext = SSLContext.getInstance(TlsConstants.TLS_INSTANCE);
+        SSLContext sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE);
         sslContext.init(myKeyManager, myTrustManager, null);
 
         SSLSocketFactory socketFactory = sslContext.getSocketFactory();
 
-        //create server socket
+        // create server socket
         clientSocket = socketFactory.createSocket();
 
         SSLSocket sslSocket = (SSLSocket) clientSocket;
 
-        //set TLS constraints
+        // set TLS constraints
         SSLParameters sslParameters = sslSocket.getSSLParameters();
-        sslParameters.setUseCipherSuitesOrder(false); //use server priority order
+        sslParameters.setUseCipherSuitesOrder(false);  // use server priority order
         sslParameters.setNeedClientAuth(true);
-        sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.3
-        sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher
-        //sslParameters.setEndpointIdentificationAlgorithm("HTTPS"); is done in application layer
+        sslParameters.setProtocols(TLSConstants.TLS_ENABLED_PROTOCOLS);  // only TLSv1.3
+        sslParameters.setCipherSuites(TLSConstants.TLS_ENABLED_CIPHERS);  // only allow strong cipher
+//        sslParameters.setEndpointIdentificationAlgorithm("HTTPS");  // is done in application layer
         sslSocket.setSSLParameters(sslParameters);
         LOG.debug("TLS Client was initialized successfully");
     }
 
 
-    /*
+    /**
      * Connect to TLS server and start TLS Handshake
      */
-    public void connect(String hostname, int port){
+    public void connect(String hostname, int port) {
         SSLSocket sslSocket = (SSLSocket) clientSocket;
-        if (sslSocket == null || sslSocket.isClosed()){
+        if (sslSocket == null || sslSocket.isClosed()) {
             LOG.warn("Client socket is not available");
-            callback.secureChannelConnectHandler(null);
+            secureChannelInitListener.onSecureChannel(null, null);
             return;
         }
 
@@ -111,25 +110,25 @@ public void connect(String hostname, int port){
             sslSocket.addHandshakeCompletedListener(this);
             LOG.debug("Start TLS Handshake");
             sslSocket.startHandshake();
-        } catch (SSLHandshakeException | SSLProtocolException e){
+        } catch (SSLHandshakeException | SSLProtocolException e) {
             LOG.warn("TLS Handshake failed: {}", e.getMessage());
             disconnect();
-            callback.secureChannelConnectHandler(null);
+            secureChannelInitListener.onSecureChannel(null, null);
         } catch (IOException e) {
             LOG.error("Connecting TLS client to server failed " + e.getMessage());
             disconnect();
-            callback.secureChannelConnectHandler(null);
+            secureChannelInitListener.onSecureChannel(null, null);
         }
     }
 
-    private void disconnect(){
+    private void disconnect() {
         LOG.debug("Disconnecting from tls server");
         //close listener
         if (inputListenerThread != null && inputListenerThread.isAlive()) {
             inputListenerThread.safeStop();
         }
 
-        if (clientSocket != null && !clientSocket.isClosed()){
+        if (clientSocket != null && !clientSocket.isClosed()) {
             try {
                 clientSocket.close();
             } catch (IOException e) {
@@ -139,23 +138,13 @@ private void disconnect(){
     }
 
     @Override
-    public void onClose(){
-        try {
-            listenerLatch.await();
-            listener.onClose();
-        } catch (InterruptedException e) {
-            Thread.currentThread().interrupt();
-        }
+    public void onClose() {
+        listenerPromise.thenAccept(SecureChannelListener::onClose);
     }
 
     @Override
-    public void onError(){
-        try {
-            listenerLatch.await();
-            listener.onError();
-        } catch (InterruptedException e) {
-            Thread.currentThread().interrupt();
-        }
+    public void onError() {
+        listenerPromise.thenAccept(SecureChannelListener::onError);
     }
 
     @Override
@@ -164,8 +153,8 @@ public void close() {
     }
 
     @Override
-    public boolean send(byte[] data){
-        if (!isConnected()){
+    public boolean send(byte[] data) {
+        if (!isConnected()) {
             LOG.error("Client cannot send data because socket is not connected");
             return false;
         } else {
@@ -175,14 +164,14 @@ public boolean send(byte[] data){
                 out.flush();
                 LOG.debug("Send message");
                 return true;
-            } catch (IOException e){
+            } catch (IOException e) {
                 LOG.error("Client cannot send data");
                 return false;
             }
         }
     }
 
-    public boolean isConnected(){
+    public boolean isConnected() {
         return clientSocket != null && clientSocket.isConnected();
     }
 
@@ -202,27 +191,19 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
                 LOG.warn("TLS session is not valid. Close TLS connection", e);
             }
             disconnect();
-            callback.secureChannelConnectHandler(null);
+            secureChannelInitListener.onSecureChannel(null, null);
             return;
         }
 
-        //Create secure channel, register secure channel as message listener and provide it to
-        // IDSCP2 Configuration.
-        //Start Input Listener
+        // Create secure channel, register secure channel as message listener and notify IDSCP2 Configuration.
         SecureChannel secureChannel = new SecureChannel(this);
-        this.listener = secureChannel;
-        listenerLatch.countDown();
+        this.listenerPromise.complete(secureChannel);
         inputListenerThread.start();
-        callback.secureChannelConnectHandler(secureChannel);
+        secureChannelInitListener.onSecureChannel(secureChannel, null);
     }
 
     @Override
     public void onMessage(byte[] data) {
-        try{
-            listenerLatch.await();
-            listener.onMessage(data);
-        } catch (InterruptedException e){
-            Thread.currentThread().interrupt();
-        }
+        listenerPromise.thenAccept(listener -> listener.onMessage(data));
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index 17bba4e93..254d3f328 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -1,17 +1,18 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TlsConstants;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Callback;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.net.ssl.*;
 import java.io.IOException;
 import java.net.ServerSocket;
+import java.net.SocketException;
 import java.net.SocketTimeoutException;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
@@ -23,117 +24,131 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class TLSServer extends Thread implements SecureServer {
+public class TLSServer implements Runnable, SecureServer {
     private static final Logger LOG = LoggerFactory.getLogger(TLSServer.class);
 
     private volatile boolean isRunning = false;
     private final ServerSocket serverSocket;
-    private final Idscp2Callback idscpConfigCallback; //no race conditions
-    private final CompletableFuture<Idscp2Connection> connectionPromise;
+    private final SecureChannelInitListener secureChannelInitListener;
+    private final CompletableFuture<ServerConnectionListener> serverListenerPromise;
+    private final Thread serverThread;
 
-    public TLSServer(Idscp2Settings serverSettings, Idscp2Callback configCallback,
-                     CompletableFuture<Idscp2Connection> connectionPromise)
+    public TLSServer(Idscp2Settings serverSettings, SecureChannelInitListener secureChannelInitListener,
+                     CompletableFuture<ServerConnectionListener> serverListenerPromise)
             throws IOException, NoSuchAlgorithmException, KeyManagementException {
-        this.idscpConfigCallback = configCallback;
-        this.connectionPromise = connectionPromise;
+        this.secureChannelInitListener = secureChannelInitListener;
+        this.serverListenerPromise = serverListenerPromise;
 
         /* init server for TCP/TLS communication */
 
-        /* get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
-         * hostVerification and algorithm constraints */
-        LOG.debug("Create trust manager for tls server");
+        // Get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager,
+        // which enables host verification and algorithm constraints
+        LOG.debug("Creating trust manager for TLS server...");
         TrustManager[] myTrustManager = PreConfiguration.getX509ExtTrustManager(
                 serverSettings.getTrustStorePath(),
                 serverSettings.getTrustStorePassword()
         );
 
-        /* get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
-         * connection specific key selection via key alias*/
-        LOG.debug("Create key manager for tls server");
+        // Get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager,
+        // which enables connection specific key selection via key alias
+        LOG.debug("Creating key manager for TLS server...");
         KeyManager[] myKeyManager = PreConfiguration.getX509ExtKeyManager(
                 serverSettings.getKeyStorePath(),
                 serverSettings.getKeyStorePassword(),
-                serverSettings.getCertAlias(),
+                serverSettings.getCertificateAlias(),
                 serverSettings.getKeyStoreKeyType()
         );
 
-        LOG.debug("Set tls security attributes and create tls server socket");
-
-        // create tls context based on keyManager and trustManager
-        SSLContext sslContext = SSLContext.getInstance(TlsConstants.TLS_INSTANCE);
+        LOG.debug("Setting TLS security attributes and creating TLS server socket...");
+        // Create TLS context based on keyManager and trustManager
+        SSLContext sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE);
         sslContext.init(myKeyManager, myTrustManager, null);
         SSLServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
 
-        //create server socket
-        serverSocket =  socketFactory.createServerSocket(serverSettings.getServerPort());
-        //set timeout for serverSocket.accept() to allow safeStop()
+        serverSocket = socketFactory.createServerSocket(serverSettings.getServerPort());
+        // Set timeout for serverSocket.accept()
         serverSocket.setSoTimeout(5000);
 
         SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
 
-        //set tls constraints
+        // Set TLS constraints
         SSLParameters sslParameters = sslServerSocket.getSSLParameters();
         sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
         sslParameters.setNeedClientAuth(true); //client must authenticate
-        sslParameters.setProtocols(TlsConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.3
-        sslParameters.setCipherSuites(TlsConstants.TLS_ENABLED_CIPHER_TLS13); //only allow strong cipher suite
+        sslParameters.setProtocols(TLSConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.3
+        sslParameters.setCipherSuites(TLSConstants.TLS_ENABLED_CIPHERS); //only allow strong cipher suite
         sslServerSocket.setSSLParameters(sslParameters);
-        LOG.debug("TLS server was initialized successfully");
+
+        LOG.debug("Starting TLS server...");
+        serverThread = new Thread(this, "TLS Server Thread "
+                + serverSettings.getHost() + ":" + serverSettings.getServerPort());
+        serverThread.start();
     }
 
     @Override
-    public void run(){
-        LOG.debug("Starting tls server");
-
-        if (serverSocket == null || serverSocket.isClosed()){
-            LOG.error("TLS Server socket is not available");
+    public void run() {
+        final ServerSocket serverSocket;
+        if ((serverSocket = this.serverSocket) == null || serverSocket.isClosed()) {
+            LOG.error("ServerSocket is not available, server thread is stopping now.");
             return;
         }
 
-        SSLSocket sslSocket;
         isRunning = true;
-        LOG.debug("TLS server is running");
-        while(isRunning){
+        LOG.debug("TLS server started, entering accept() loop...");
+        while (isRunning) {
             try {
-                sslSocket = (SSLSocket) serverSocket.accept();
-            } catch (SocketTimeoutException e){
+                final var sslSocket = (SSLSocket) serverSocket.accept();
+                try {
+                    // Start new server thread
+                    LOG.debug("New TLS client has connected. Creating new server thread...");
+                    final var serverThread = new TLSServerThread(sslSocket, secureChannelInitListener, serverListenerPromise);
+                    sslSocket.addHandshakeCompletedListener(serverThread);
+                    serverThread.start();
+                } catch (Exception serverThreadException) {
+                    LOG.error("Error whilst creating/starting TLSServerThread", serverThreadException);
+                }
+            } catch (SocketTimeoutException e) {
                 //timeout on serverSocket blocking functions was reached
                 //in this way we can catch safeStop() function, that makes isRunning false
                 //without closing the serverSocket, so we can stop and restart the server
                 //alternative: close serverSocket. But then we cannot reuse it
-                continue;
+            } catch (SocketException e) {
+                LOG.debug("Server socket has been closed.");
+                isRunning = false;
             } catch (IOException e) {
-                LOG.error("TLS Server failed");
-                e.printStackTrace();
+                LOG.error("TLS server socket accept failed", e);
                 isRunning = false;
-                return;
             }
-
-            //start new server thread
-            LOG.debug("New TLS client has connected. Create new server session");
-            TLSServerThread server = new TLSServerThread(sslSocket, idscpConfigCallback, connectionPromise);
-            sslSocket.addHandshakeCompletedListener(server);
-            server.start();
         }
 
-        if (!serverSocket.isClosed()){
+        if (!serverSocket.isClosed()) {
             try {
                 serverSocket.close();
             } catch (IOException e) {
-                LOG.warn("Could not close TLS server socket");
-                e.printStackTrace();
+                LOG.warn("Could not close TLS server socket", e);
             }
         }
     }
 
     @Override
-    public void safeStop(){
+    public void safeStop() {
         LOG.debug("Stopping tls server");
         isRunning = false;
+//        try {
+//            serverSocket.close();
+//        } catch (IOException e) {
+//            LOG.warn("Trying to close server socket failed!", e);
+//        }
+        try {
+            this.serverThread.join();
+        } catch (InterruptedException e) {
+            LOG.warn("InterruptedException whilst waiting for server stop", e);
+            Thread.currentThread().interrupt();
+        }
     }
 
     @Override
-    public boolean isRunning(){
+    public boolean isRunning() {
         return isRunning;
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index e82c35c33..b513d0989 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -1,8 +1,9 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Callback;
+import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
@@ -13,89 +14,69 @@
 import javax.net.ssl.HandshakeCompletedListener;
 import javax.net.ssl.SSLPeerUnverifiedException;
 import javax.net.ssl.SSLSocket;
-import java.io.DataInputStream;
-import java.io.DataOutputStream;
-import java.io.EOFException;
-import java.io.IOException;
+import java.io.*;
 import java.net.SocketTimeoutException;
 import java.util.concurrent.CompletableFuture;
-import java.util.concurrent.CountDownLatch;
 
 /**
  * A TLSServerThread that notifies an IDSCP2Config when a secure channel was created and the
  * TLS handshake is done
- *
+ * <p>
  * When new data are available the serverThread transfers it to the SecureChannelListener
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class TLSServerThread extends Thread implements HandshakeCompletedListener, SecureChannelEndpoint {
+public class TLSServerThread extends Thread implements HandshakeCompletedListener, SecureChannelEndpoint, Closeable {
     private static final Logger LOG = LoggerFactory.getLogger(TLSServerThread.class);
 
-    private final SSLSocket sslSocket;
     private volatile boolean running = true;
-    private DataInputStream in;
-    private DataOutputStream out;
-    private SecureChannelListener listener = null;  // race conditions are avoided using CountDownLatch
-    private final Idscp2Callback configCallback;
-    private final CompletableFuture<Idscp2Connection> connectionPromise;
-    private final CountDownLatch listenerLatch = new CountDownLatch(1);
-    private final CountDownLatch tlsVerificationLatch = new CountDownLatch(1);
-
+    private final DataInputStream in;
+    private final DataOutputStream out;
+    private final SSLSocket sslSocket;
+    private final SecureChannelInitListener configCallback;
+    private final CompletableFuture<ServerConnectionListener> serverListenerPromise;
+    private final CompletableFuture<SecureChannelListener> channelListenerPromise = new CompletableFuture<>();
+    private final FastLatch tlsVerificationLatch = new FastLatch();
 
-    TLSServerThread(SSLSocket sslSocket, Idscp2Callback configCallback,
-                    CompletableFuture<Idscp2Connection> connectionPromise){
+    TLSServerThread(SSLSocket sslSocket, SecureChannelInitListener configCallback,
+                    CompletableFuture<ServerConnectionListener> serverListenerPromise) throws IOException {
         this.sslSocket = sslSocket;
         this.configCallback = configCallback;
-        this.connectionPromise = connectionPromise;
-
-        try {
-            //set timout for blocking read
-            sslSocket.setSoTimeout(5000);
-            in = new DataInputStream(sslSocket.getInputStream());
-            out = new DataOutputStream(sslSocket.getOutputStream());
-        } catch (IOException e){
-            LOG.error(e.getMessage());
-            running = false;
-        }
+        this.serverListenerPromise = serverListenerPromise;
+        // Set timeout for blocking read
+        sslSocket.setSoTimeout(5000);
+        in = new DataInputStream(sslSocket.getInputStream());
+        out = new DataOutputStream(sslSocket.getOutputStream());
     }
 
     @Override
-    public void run(){
+    public void run() {
         // first run the tls handshake to enforce catching every error occurred during the handshake
         // before reading from buffer. Else if there exists any non-catched exception during handshake
         // the thread would wait forever in onError() until handshakeCompleteListener is called
         try {
             sslSocket.startHandshake();
-            //wait for tls session verification
-            while (true) {
-                try {
-                    tlsVerificationLatch.await();
-                    break;
-                } catch (InterruptedException e) {
-                    Thread.currentThread().interrupt();
-                }
-            }
+            // Wait for TLS session verification
+            tlsVerificationLatch.await();
         } catch (IOException e) {
-            LOG.warn("SSLHandshakeException occurred. Quit server session", e);
+            LOG.warn("Exception occurred during SSL handshake. Quiting server thread...", e);
             running = false;
         }
 
         //wait for new data while running
         byte[] buf;
-        while (running){
+        while (running) {
             try {
                 int len = in.readInt();
                 buf = new byte[len];
                 in.readFully(buf, 0, len);
                 onMessage(buf);
-
             } catch (SocketTimeoutException ignore) {
-                //timeout catches safeStop() call and allows to send server_goodbye
-            } catch (EOFException e){
+                // Timeout catches safeStop() call and allows to send server_goodbye
+            } catch (EOFException e) {
                 onClose();
                 running = false;
-            } catch (IOException e){
+            } catch (IOException e) {
                 onError();
                 running = false;
             }
@@ -103,17 +84,18 @@ public void run(){
         closeSockets();
     }
 
-    private void closeSockets(){
+    private void closeSockets() {
         try {
             out.close();
             in.close();
             sslSocket.close();
-        } catch (IOException ignore) {}
+        } catch (IOException ignore) {
+        }
     }
 
     @Override
     public boolean send(byte[] data) {
-        if (!isConnected()){
+        if (!isConnected()) {
             LOG.error("Server cannot send data because socket is not connected");
             closeSockets();
             return false;
@@ -122,9 +104,9 @@ public boolean send(byte[] data) {
                 out.writeInt(data.length);
                 out.write(data);
                 out.flush();
-                LOG.debug("Send message: " + new String(data));
+                LOG.trace("Send message: " + new String(data));
                 return true;
-            } catch (IOException e){
+            } catch (IOException e) {
                 LOG.error("ServerThread cannot send data.");
                 closeSockets();
                 return false;
@@ -132,22 +114,12 @@ public boolean send(byte[] data) {
         }
     }
 
-    private void onClose(){
-        try {
-            listenerLatch.await();
-            listener.onClose();
-        } catch (InterruptedException e) {
-            Thread.currentThread().interrupt();
-        }
+    private void onClose() {
+        channelListenerPromise.thenAccept(SecureChannelListener::onClose);
     }
 
-    private void onError(){
-        try {
-            listenerLatch.await();
-            listener.onError();
-        } catch (InterruptedException e) {
-            Thread.currentThread().interrupt();
-        }
+    private void onError() {
+        channelListenerPromise.thenAccept(SecureChannelListener::onError);
     }
 
     @Override
@@ -156,16 +128,11 @@ public void close() {
     }
 
     @Override
-    public void onMessage(byte[] data)  {
-        try{
-            listenerLatch.await();
-            this.listener.onMessage(data);
-        } catch (InterruptedException e){
-            Thread.currentThread().interrupt();
-        }
+    public void onMessage(byte[] data) {
+        channelListenerPromise.thenAccept(listener -> listener.onMessage(data));
     }
 
-    private void safeStop(){
+    private void safeStop() {
         running = false;
     }
 
@@ -183,20 +150,19 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
         try {
             TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
             LOG.debug("TLS session is valid");
-            tlsVerificationLatch.countDown();
         } catch (SSLPeerUnverifiedException e) {
             if (LOG.isWarnEnabled()) {
                 LOG.warn("TLS session is not valid. Close TLS connection", e);
             }
-            running = false; //set running false before tlsVerificationLatch is decremented
-            tlsVerificationLatch.countDown();
+            running = false;  // set running false before tlsVerificationLatch is decremented
             return;
+        } finally {
+            tlsVerificationLatch.unlock();
         }
 
         //provide secure channel to IDSCP2 Config and register secure channel as listener
         SecureChannel secureChannel = new SecureChannel(this);
-        this.listener = secureChannel;
-        listenerLatch.countDown();
-        configCallback.secureChannelListenHandler(secureChannel, connectionPromise);
+        this.channelListenerPromise.complete(secureChannel);
+        configCallback.onSecureChannel(secureChannel, serverListenerPromise);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
index e26bc966a..28e834095 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
@@ -10,7 +10,7 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public abstract class RatProverDriver extends Thread{
+public abstract class RatProverDriver extends Thread {
     private static final Logger LOG = LoggerFactory.getLogger(RatProverDriver.class);
 
     protected boolean running = true;
@@ -19,7 +19,8 @@ public abstract class RatProverDriver extends Thread{
     /*
      * Delegate an IDSCP2 message to the RatProver driver
      */
-    public void delegate(byte[] message){}
+    public void delegate(byte[] message) {
+    }
 
     /*
      * Terminate and cancel the RatProver driver
@@ -29,11 +30,11 @@ public void terminate() {
         this.interrupt();
     }
 
-    public void setListener(FsmListener listener){
+    public void setListener(FsmListener listener) {
         fsmListener = listener;
     }
 
-    public void setConfig(Object config){
+    public void setConfig(Object config) {
         LOG.warn("Method 'setConfig' for RatProverDriver is not implemented");
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
index 79686cda7..52d269c9f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
@@ -10,7 +10,7 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public abstract class RatVerifierDriver extends Thread{
+public abstract class RatVerifierDriver extends Thread {
     private static final Logger LOG = LoggerFactory.getLogger(RatVerifierDriver.class);
 
     protected boolean running = true;
@@ -19,7 +19,8 @@ public abstract class RatVerifierDriver extends Thread{
     /*
      * Delegate the IDSCP2 message to the RatVerifier driver
      */
-    public void delegate(byte[] message){}
+    public void delegate(byte[] message) {
+    }
 
     /*
      * Terminate and cancel the RatVerifier driver
@@ -29,7 +30,7 @@ public void terminate() {
         this.interrupt();
     }
 
-    public void setListener(FsmListener listener){
+    public void setListener(FsmListener listener) {
         fsmListener = listener;
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
index 02a3f0d0d..09c8202cf 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
@@ -1,8 +1,9 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Callback;
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
 
 import java.util.concurrent.CompletableFuture;
 
@@ -17,11 +18,11 @@ public interface SecureChannelDriver {
     /*
      * Asynchronous method to create a secure connection to a secure server
      */
-    void connect(Idscp2Settings settings, Idscp2Callback configCallback);
+    void connect(Idscp2Settings settings, SecureChannelInitListener channelInitListener);
 
     /*
      * Starting a secure server
      */
-    SecureServer listen(Idscp2Settings settings, Idscp2Callback configCallback,
-                        CompletableFuture<Idscp2Connection> connectionPromise);
+    SecureServer listen(Idscp2Settings settings, SecureChannelInitListener channelInitListener,
+                        CompletableFuture<ServerConnectionListener> serverListenerPromise) throws Idscp2Exception;
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java
index 9c19390ea..cc3b10850 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java
@@ -5,7 +5,7 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class Idscp2Exception extends Exception{
+public class Idscp2Exception extends RuntimeException {
     public Idscp2Exception(String message) {
         super(message);
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
index ecf410568..dbf0223cb 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
@@ -13,81 +13,86 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.nio.charset.StandardCharsets;
+import java.util.concurrent.CompletableFuture;
 
 public class Idscp2ClientInitiator implements Idscp2EndpointListener {
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ClientInitiator.class);
 
-    public void init(Idscp2Settings settings){
+    public void init(Idscp2Settings settings) {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
         DefaultDapsDriverConfig config =
-            new DefaultDapsDriverConfig.Builder()
-                .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
-                .setKeyStorePath(settings.getKeyStorePath())
-                .setTrustStorePath(settings.getTrustStorePath())
-                .setKeyStorePassword(settings.getKeyStorePassword())
-                .setTrustStorePassword(settings.getTrustStorePassword())
-                .setKeyAlias(settings.getDapsKeyAlias())
-                .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                .build();
+                new DefaultDapsDriverConfig.Builder()
+                        .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+                        .setKeyStorePath(settings.getKeyStorePath())
+                        .setTrustStorePath(settings.getTrustStorePath())
+                        .setKeyStorePassword(settings.getKeyStorePassword())
+                        .setTrustStorePassword(settings.getTrustStorePassword())
+                        .setKeyAlias(settings.getDapsKeyAlias())
+                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .build();
 
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
 
         RatProverDriverRegistry.getInstance().registerDriver(
-            "Dummy", RatProverDummy.class, null);
+                "Dummy", RatProverDummy.class, null);
         RatVerifierDriverRegistry.getInstance().registerDriver(
-            "Dummy", RatVerifierDummy.class, null);
+                "Dummy", RatVerifierDummy.class, null);
 
         RatProverDriverRegistry.getInstance().registerDriver(
-            "TPM2d", TPM2dProver.class,
-            new TPM2dProverConfig.Builder().build()
+                "TPM2d", TPM2dProver.class,
+                new TPM2dProverConfig.Builder().build()
         );
         RatVerifierDriverRegistry.getInstance().registerDriver(
-            "TPM2d", TPM2dVerifier.class,
-            new TPM2dVerifierConfig.Builder().build()
+                "TPM2d", TPM2dVerifier.class,
+                new TPM2dVerifierConfig.Builder().build()
         );
 
         Idscp2Configuration clientConfig = new Idscp2Configuration(
-            this,
-            dapsDriver,
-            secureChannelDriver,
-            settings.getExpectedAttestation(),
-            settings.getSupportedAttestation(),
-            settings.getRatTimeoutDelay()
+                this,
+                dapsDriver,
+                secureChannelDriver,
+                settings.getExpectedAttestation(),
+                settings.getSupportedAttestation(),
+                settings.getRatTimeoutDelay()
         );
         clientConfig.connect(settings);
     }
 
     @Override
     public void onConnection(Idscp2Connection connection) {
-        System.out.println("Client: New connection with id " + connection.getConnectionId());
-        connection.addConnectionListener(new Idscp2ConnectionListener() {
+        System.out.println("Client: New connection with id " + connection.getId());
+        connection.addConnectionListener(new Idscp2ConnectionAdapter() {
             @Override
             public void onError(String error) {
-                System.out.println("Client connection error occurred: " + error);
+                LOG.error("Client connection error occurred: " + error);
             }
 
             @Override
-            public void onClose(String connectionId) {
-                System.out.println("Client: Connection with id " + connectionId + " has been closed");
+            public void onClose(Idscp2Connection connection) {
+                LOG.info("Client: Connection with id " + connection.getId() + " has been closed");
             }
         });
         connection.addGenericMessageListener(((c, type, data) -> System.out.println(
-            "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
-        // Register listener for server reply
-        connection.addMessageListener("pong", (c, type, data) ->
-            System.out.println("Received pong message: " + new String(data, StandardCharsets.UTF_8)));
+                "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
+        connection.addMessageListener("ping", (c, type, data) -> {
+            System.out.println("Received ping message: " + new String(data, StandardCharsets.UTF_8));
+            CompletableFuture.runAsync(c::close);  // FSM error if run from the same thread
+        });
         System.out.println("Sending PING...");
         connection.send("ping", "PING".getBytes(StandardCharsets.UTF_8));
     }
 
     @Override
     public void onError(String error) {
-        System.out.println("Client endpoint error occurred: " + error);
+        LOG.error("Client endpoint error occurred: " + error);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
index a5d79ce94..b71befe88 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
@@ -12,98 +12,94 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 import java.nio.charset.StandardCharsets;
 
 
 public class Idscp2ServerInitiator implements Idscp2EndpointListener {
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerInitiator.class);
 
-    public void init(Idscp2Settings serverSettings)  {
+    public void init(Idscp2Settings serverSettings) {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
 
         DefaultDapsDriverConfig config =
-            new DefaultDapsDriverConfig.Builder()
-                .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
-                .setKeyStorePath(serverSettings.getKeyStorePath())
-                .setTrustStorePath(serverSettings.getTrustStorePath())
-                .setKeyStorePassword(serverSettings.getKeyStorePassword())
-                .setTrustStorePassword(serverSettings.getTrustStorePassword())
-                .setKeyAlias(serverSettings.getDapsKeyAlias())
-                .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                .build();
+                new DefaultDapsDriverConfig.Builder()
+                        .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+                        .setKeyStorePath(serverSettings.getKeyStorePath())
+                        .setTrustStorePath(serverSettings.getTrustStorePath())
+                        .setKeyStorePassword(serverSettings.getKeyStorePassword())
+                        .setTrustStorePassword(serverSettings.getTrustStorePassword())
+                        .setKeyAlias(serverSettings.getDapsKeyAlias())
+                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .build();
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
 
         RatProverDriverRegistry.getInstance().registerDriver(
-            "Dummy", RatProverDummy.class, null);
+                "Dummy", RatProverDummy.class, null);
         RatVerifierDriverRegistry.getInstance().registerDriver(
-            "Dummy", RatVerifierDummy.class, null);
+                "Dummy", RatVerifierDummy.class, null);
         RatProverDriverRegistry.getInstance().registerDriver(
-            "TPM2d", TPM2dProver.class,
-            new TPM2dProverConfig.Builder().build()
+                "TPM2d", TPM2dProver.class,
+                new TPM2dProverConfig.Builder().build()
         );
         RatVerifierDriverRegistry.getInstance().registerDriver(
-            "TPM2d", TPM2dVerifier.class,
-            new TPM2dVerifierConfig.Builder().build()
+                "TPM2d", TPM2dVerifier.class,
+                new TPM2dVerifierConfig.Builder().build()
         );
 
         Idscp2Configuration idscpServerConfig = new Idscp2Configuration(
-            this,
-            dapsDriver,
-            secureChannelDriver,
-            serverSettings.getExpectedAttestation(),
-            serverSettings.getSupportedAttestation(),
-            serverSettings.getRatTimeoutDelay()
+                this,
+                dapsDriver,
+                secureChannelDriver,
+                serverSettings.getExpectedAttestation(),
+                serverSettings.getSupportedAttestation(),
+                serverSettings.getRatTimeoutDelay()
         );
 
-        Idscp2Server idscp2Server;
-        try {
-            idscp2Server = idscpServerConfig.listen(serverSettings);
-        } catch (Idscp2Exception e) {
-            //e.printStackTrace();
-            return;
-        }
-        //secureServer.safeStop();
+        Idscp2Server idscp2Server = idscpServerConfig.listen(serverSettings);
+
         try {
-            Thread.sleep(120000); //run server for 2 minutes
-        } catch (Exception e){
-            return;
+            Thread.sleep(40_000); //run server for 2 minutes
+        } catch (Exception ignored) {
+        } finally {
+            idscp2Server.terminate();
         }
-        idscp2Server.terminate();
     }
 
     @Override
     public void onConnection(Idscp2Connection connection) {
-        System.out.println("Server: New connection with id " + connection.getConnectionId());
-        connection.addConnectionListener(new Idscp2ConnectionListener() {
+        System.out.println("Server: New connection with id " + connection.getId());
+        connection.addConnectionListener(new Idscp2ConnectionAdapter() {
             @Override
             public void onError(String error) {
-                System.out.println("Server connection error occurred: " + error);
+                LOG.error("Server connection error occurred: " + error);
             }
 
             @Override
-            public void onClose(String connectionId) {
-                System.out.println("Server: Connection with id " + connectionId + " has been closed");
+            public void onClose(Idscp2Connection connection) {
+                LOG.info("Server: Connection with id " + connection.getId() + " has been closed");
             }
         });
         connection.addGenericMessageListener(((c, type, data) -> System.out.println(
-            "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
+                "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
         connection.addMessageListener("ping", ((c, type, data) -> {
             System.out.println("Received ping message:\n" + new String(data, StandardCharsets.UTF_8));
             System.out.println("Sending PONG...");
-            c.send("pong", "PONG".getBytes(StandardCharsets.UTF_8));
+            c.send("ping", "PONG".getBytes(StandardCharsets.UTF_8));
         }));
     }
 
     @Override
     public void onError(String error) {
-        System.out.println("Server endpoint error occurred: " + error);
+        LOG.error("Server endpoint error occurred: " + error);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
index c97741f93..3b1b52dbd 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
@@ -5,17 +5,17 @@
 
 public class RunTLSClient {
 
-    public static void main(String[] args){
+    public static void main(String[] args) {
         //start client
         Idscp2Settings settings = new Idscp2Settings.Builder()
-            .setKeyStore(RunTLSClient.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
-            .setTrustStore(RunTLSClient.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
-            .setCertificateAlias("1.0.1")
-            .setDapsKeyAlias("1")
-            .setRatTimeoutDelay(10)
-            .build();
+                .setKeyStorePath(RunTLSClient.class.getClassLoader().
+                        getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                .setTrustStorePath(RunTLSClient.class.getClassLoader().
+                        getResource("ssl/client-truststore_new.jks").getPath())
+                .setCertificateAlias("1.0.1")
+                .setDapsKeyAlias("1")
+                .setRatTimeoutDelay(300)
+                .build();
 
         Idscp2ClientInitiator initiator = new Idscp2ClientInitiator();
         initiator.init(settings);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
index 2816fb636..04812608f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
@@ -4,17 +4,17 @@
 
 public class RunTLSServer {
 
-    public static void main(String[] argv){
+    public static void main(String[] argv) {
 
         Idscp2Settings settings = new Idscp2Settings.Builder()
-            .setKeyStore(RunTLSClient.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
-            .setTrustStore(RunTLSServer.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
-            .setCertificateAlias("1.0.1")
-            .setDapsKeyAlias("1")
-            .setRatTimeoutDelay(14)
-            .build();
+                .setKeyStorePath(RunTLSClient.class.getClassLoader().
+                        getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                .setTrustStorePath(RunTLSServer.class.getClassLoader().
+                        getResource("ssl/client-truststore_new.jks").getPath())
+                .setCertificateAlias("1.0.1")
+                .setDapsKeyAlias("1")
+                .setRatTimeoutDelay(300)
+                .build();
 
         Idscp2ServerInitiator initiator = new Idscp2ServerInitiator();
         initiator.init(settings);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.java
new file mode 100644
index 000000000..13ec26836
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.java
@@ -0,0 +1,50 @@
+package de.fhg.aisec.ids.idscp2.idscp_core;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * This latch implementation uses double-checked-locking, a concept that is mostly broken.
+ * However, double-checked locking <b>does</b> work for primitives that are atomic w.r.t. the memory model,
+ * see https://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html
+ * It is assumed that the JVM implementation always handles byte vars atomically,
+ * otherwise the correctness of this code may be broken!
+ *
+ * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
+ */
+public class FastLatch {
+    private static final Logger LOG = LoggerFactory.getLogger(FastLatch.class);
+    private byte locked = 1;
+
+    /**
+     * Wait for this latch to be unlocked.
+     */
+    public void await() {
+        // Check locked flag without synchronization, such that method returns immediately
+        // without synchronization overhead if unlocked.
+        while (locked != 0) {
+            synchronized (this) {
+                // Check the locked flag again to prevent eternal waiting if notifyAll() has been called
+                // before this critical section.
+                if (locked != 0) {
+                    try {
+                        wait();
+                    } catch (InterruptedException ie) {
+                        LOG.warn("Ignored InterruptException, awaiting unlock...", ie);
+                    }
+                }
+            }
+        }
+    }
+
+    /**
+     * Unlocks this latch instance.
+     */
+    public void unlock() {
+        synchronized (this) {
+            locked = 0;
+            notifyAll();
+        }
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
index 0546b40c6..4451794ce 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
@@ -18,28 +18,33 @@ public class Idscp2Connection {
 
     private final FSM fsm;
     private final String connectionId;
-    private final Set<Idscp2ConnectionListener> connectionListeners = new HashSet<>();
-    private final Set<Idscp2MessageListener> genericMessageListeners = new HashSet<>();
+    private final Set<Idscp2ConnectionListener> connectionListeners = Collections.synchronizedSet(new HashSet<>());
+    private final Set<Idscp2MessageListener> genericMessageListeners = Collections.synchronizedSet(new HashSet<>());
     private final Map<String, Set<Idscp2MessageListener>> messageListeners = new HashMap<>();
+    private final FastLatch messageLatch = new FastLatch();
 
     public Idscp2Connection(FSM fsm, String connectionId) {
         this.fsm = fsm;
         this.connectionId = connectionId;
     }
 
-    /*
+    public void unlockMessaging() {
+        messageLatch.unlock();
+    }
+
+    /**
      * Close the idscp connection
      */
     public void close() {
-        // unregister connection from the idscp server
-        synchronized (connectionListeners) {
-            connectionListeners.forEach(l -> l.onClose(connectionId));
+        // Unregister connection from the server
+        if (fsm.isNotClosed()) {
+            connectionListeners.forEach(l -> l.onClose(this));
         }
         fsm.terminate();
     }
 
-    /*
-     * Send data to the peer idscp connector
+    /**
+     * Send data to the peer IDSCP2 connector
      */
     public void send(String type, byte[] msg) {
         LOG.debug("Send data of type \"" + type + "\" ");
@@ -47,10 +52,10 @@ public void send(String type, byte[] msg) {
     }
 
     public void onMessage(String type, byte[] msg) {
+        // When unlock is called, although not synchronized, this will eventually stop blocking.
+        messageLatch.await();
         LOG.debug("Received new IDSCP Message: " + Arrays.toString(msg));
-        synchronized (genericMessageListeners) {
-            genericMessageListeners.forEach(l -> l.onMessage(this, type, msg));
-        }
+        genericMessageListeners.forEach(l -> l.onMessage(this, type, msg));
         Set<Idscp2MessageListener> listeners = messageListeners.get(type);
         if (listeners != null) {
             //noinspection SynchronizationOnLocalVariableOrMethodParameter
@@ -61,74 +66,66 @@ public void onMessage(String type, byte[] msg) {
     }
 
     public void onClose() {
-        LOG.debug("Connection with id {} has been closed, notify user", connectionId);
-        synchronized (connectionListeners) {
-            connectionListeners.forEach(l -> l.onClose(connectionId));
-        }
+        LOG.debug("Connection with id {} has been closed, notify listeners", connectionId);
+        connectionListeners.forEach(l -> l.onClose(this));
     }
 
-    /*
+    /**
      * Check if the idscp connection is currently established
+     *
+     * @return Connection established state
      */
+    @SuppressWarnings("unused")
     public boolean isConnected() {
         return fsm.isConnected();
     }
 
-    public String getConnectionId() {
+    public String getId() {
         return connectionId;
     }
 
     public void addConnectionListener(Idscp2ConnectionListener listener) {
-        synchronized (connectionListeners) {
-            connectionListeners.add(listener);
-        }
+        connectionListeners.add(listener);
     }
 
+    @SuppressWarnings("unused")
     public boolean removeConnectionListener(Idscp2ConnectionListener listener) {
-        synchronized (connectionListeners) {
-            return connectionListeners.remove(listener);
-        }
+        return connectionListeners.remove(listener);
     }
 
     public void addGenericMessageListener(Idscp2MessageListener listener) {
-        synchronized (genericMessageListeners) {
-            genericMessageListeners.add(listener);
-        }
+        genericMessageListeners.add(listener);
     }
 
+    @SuppressWarnings("UnusedReturnValue")
     public boolean removeGenericMessageListener(Idscp2MessageListener listener) {
-        synchronized (genericMessageListeners) {
-            return genericMessageListeners.remove(listener);
-        }
+        return genericMessageListeners.remove(listener);
     }
 
     public void addMessageListener(@Nullable String type, Idscp2MessageListener listener) {
-        synchronized (messageListeners) {
-            Set<Idscp2MessageListener> messageTypeListeners
+        Set<Idscp2MessageListener> messageTypeListeners
                 = messageListeners.computeIfAbsent(type, k -> new HashSet<>());
-            //noinspection SynchronizationOnLocalVariableOrMethodParameter
-            synchronized (messageTypeListeners) {
-                messageTypeListeners.add(listener);
-            }
-            messageListeners.put(type, messageTypeListeners);
+        //noinspection SynchronizationOnLocalVariableOrMethodParameter
+        synchronized (messageTypeListeners) {
+            messageTypeListeners.add(listener);
         }
+        messageListeners.put(type, messageTypeListeners);
     }
 
+    @SuppressWarnings("unused")
     public boolean removeMessageListener(@Nullable String type, Idscp2MessageListener listener) {
-        synchronized (messageListeners) {
-            Set<Idscp2MessageListener> messageTypeListeners = messageListeners.get(type);
-            if (messageTypeListeners == null) {
-                return false;
-            }
-            final boolean ret;
-            //noinspection SynchronizationOnLocalVariableOrMethodParameter
-            synchronized (messageTypeListeners) {
-                ret = messageTypeListeners.remove(listener);
-            }
-            if (messageTypeListeners.isEmpty()) {
-                messageListeners.remove(type);
-            }
-            return ret;
+        Set<Idscp2MessageListener> messageTypeListeners = messageListeners.get(type);
+        if (messageTypeListeners == null) {
+            return false;
+        }
+        final boolean ret;
+        //noinspection SynchronizationOnLocalVariableOrMethodParameter
+        synchronized (messageTypeListeners) {
+            ret = messageTypeListeners.remove(listener);
+        }
+        if (messageTypeListeners.isEmpty()) {
+            messageListeners.remove(type);
         }
+        return ret;
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
new file mode 100644
index 000000000..9588fe687
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
@@ -0,0 +1,12 @@
+package de.fhg.aisec.ids.idscp2.idscp_core;
+
+public class Idscp2ConnectionAdapter implements Idscp2ConnectionListener {
+
+    @Override
+    public void onError(String error) {
+    }
+
+    @Override
+    public void onClose(Idscp2Connection connection) {
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
index 0441615d8..40bd19b1c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
@@ -8,5 +8,5 @@ public interface Idscp2ConnectionListener {
 
     void onError(String error);
 
-    void onClose(String connectionId);
+    void onClose(Idscp2Connection connection);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java
index 1c038d099..658d0f1c1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core;
 
 import com.google.protobuf.ByteString;
-import de.fhg.aisec.ids.messages.IDSCP2.*;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.*;
 
 import java.util.Arrays;
 
@@ -12,7 +12,7 @@
  */
 public class Idscp2MessageHelper {
 
-    public static IdscpMessage createIdscpHelloMessage(byte[] dat, String[] supportedRatSuite, String[] expectedRatSuite){
+    public static IdscpMessage createIdscpHelloMessage(byte[] dat, String[] supportedRatSuite, String[] expectedRatSuite) {
         IdscpDat idscpDat = IdscpDat.newBuilder()
                 .setToken(ByteString.copyFrom(dat))
                 .build();
@@ -29,7 +29,7 @@ public static IdscpMessage createIdscpHelloMessage(byte[] dat, String[] supporte
                 .build();
     }
 
-    public static IdscpMessage createIdscpCloseMessage(String closeMsg, IdscpClose.CloseCause causeCode){
+    public static IdscpMessage createIdscpCloseMessage(String closeMsg, IdscpClose.CloseCause causeCode) {
         IdscpClose idscpClose = IdscpClose.newBuilder()
                 .setCauseCode(causeCode)
                 .setCauseMsg(closeMsg)
@@ -40,13 +40,13 @@ public static IdscpMessage createIdscpCloseMessage(String closeMsg, IdscpClose.C
                 .build();
     }
 
-    public static IdscpMessage createIdscpDatExpiredMessage(){
+    public static IdscpMessage createIdscpDatExpiredMessage() {
         return IdscpMessage.newBuilder()
                 .setIdscpDatExpired(IdscpDatExpired.newBuilder().build())
                 .build();
     }
 
-    public static IdscpMessage createIdscpDatMessage(byte[] dat){
+    public static IdscpMessage createIdscpDatMessage(byte[] dat) {
         IdscpDat idscpDat = IdscpDat.newBuilder()
                 .setToken(ByteString.copyFrom(dat))
                 .build();
@@ -56,7 +56,7 @@ public static IdscpMessage createIdscpDatMessage(byte[] dat){
                 .build();
     }
 
-    public static IdscpMessage createIdscpReRatMessage(String cause){
+    public static IdscpMessage createIdscpReRatMessage(String cause) {
         IdscpReRat idscpReRat = IdscpReRat.newBuilder()
                 .setCause(cause)
                 .build();
@@ -89,20 +89,20 @@ public static IdscpMessage createIdscpDataMessage(String type, byte[] data) {
         return createIdscpDataMessage(type, null, data);
     }
 
-    public static IdscpMessage createIdscpRatProverMessage(byte[] body){
+    public static IdscpMessage createIdscpRatProverMessage(byte[] body) {
         IdscpRatProver idscpRatProver = IdscpRatProver.newBuilder()
-            .setData(ByteString.copyFrom(body))
-            .build();
+                .setData(ByteString.copyFrom(body))
+                .build();
 
         return IdscpMessage.newBuilder()
                 .setIdscpRatProver(idscpRatProver)
                 .build();
     }
 
-    public static IdscpMessage createIdscpRatVerifierMessage(byte[] body){
+    public static IdscpMessage createIdscpRatVerifierMessage(byte[] body) {
         IdscpRatVerifier idscpRatVerifier = IdscpRatVerifier.newBuilder()
-            .setData(ByteString.copyFrom(body))
-            .build();
+                .setData(ByteString.copyFrom(body))
+                .build();
 
         return IdscpMessage.newBuilder()
                 .setIdscpRatVerifier(idscpRatVerifier)
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
index fbb1214c8..6c97a752f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
@@ -8,12 +8,12 @@
  */
 public class AttestationConfig {
 
-    public AttestationConfig(){
+    public AttestationConfig() {
 
     }
 
-    public String[] getRatMechanisms(){
-        return new String[] {"Dummy", "TPM2d"};
+    public String[] getRatMechanisms() {
+        return new String[]{"Dummy", "TPM2d"};
     }
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
index 64890880f..9ff5d8cf1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
@@ -3,11 +3,12 @@
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -20,7 +21,7 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class Idscp2Configuration implements Idscp2Callback {
+public class Idscp2Configuration implements SecureChannelInitListener {
     private static final Logger LOG = LoggerFactory.getLogger(Idscp2Configuration.class);
 
     private final Idscp2EndpointListener endpointListener;
@@ -30,14 +31,13 @@ public class Idscp2Configuration implements Idscp2Callback {
     private final String[] localSupportedRatCipher;
     private final int ratTimeout;
 
-
     public Idscp2Configuration(Idscp2EndpointListener endpointListener,
                                DapsDriver dapsDriver,
                                SecureChannelDriver secureChannelDriver,
                                AttestationConfig expectedAttestation,
                                AttestationConfig supportedAttestation,
                                int ratTimeout
-    ){
+    ) {
         this.endpointListener = endpointListener;
         this.dapsDriver = dapsDriver;
         this.secureChannelDriver = secureChannelDriver;
@@ -46,11 +46,11 @@ public Idscp2Configuration(Idscp2EndpointListener endpointListener,
         this.ratTimeout = ratTimeout;
     }
 
-    /*
+    /**
      * User API to create a IDSCP2 connection as a client
      */
-    public void connect(Idscp2Settings settings){
-        LOG.info("Connect to an idscpv2 server ({})", settings.getHost());
+    public void connect(Idscp2Settings settings) {
+        LOG.info("Connect to an IDSCP2 server ({})", settings.getHost());
         secureChannelDriver.connect(settings, this);
     }
 
@@ -61,85 +61,61 @@ public void connect(Idscp2Settings settings){
     public Idscp2Server listen(Idscp2Settings settings) throws Idscp2Exception {
         LOG.info("Starting new IDSCP2 server at port {}", settings.getServerPort());
 
-        // requires Promise<Idscp2Connection>
-        final var connectionPromise = new CompletableFuture<Idscp2Connection>();
-        final SecureServer secureServer;
-
-        if ((secureServer = secureChannelDriver.listen(settings, this, connectionPromise)) == null) {
-            throw new Idscp2Exception("Idscpv2 listen() failed. Cannot create SecureServer");
-        }
-
-        return new Idscp2Server(secureServer, connectionPromise);
+        final var serverListenerPromise = new CompletableFuture<ServerConnectionListener>();
+        final var secureServer = secureChannelDriver.listen(settings, this, serverListenerPromise);
+        final var server = new Idscp2Server(secureServer);
+        serverListenerPromise.complete(server);
+        return server;
     }
 
-    /*
-     * A callback implementation to receive a new established secure channel from an Secure client
-     *
+    /**
+     * A callback implementation to receive a new established secure channel from an Secure client/server.
+     * <p>
      * If the secure channel is null, no secure channel was established and an error is provided
-     * to the user
-     *
+     * to the user (or the error is ignored, in server case).
+     * <p>
      * If the secure channel was established, a new FSM is created for this connection and the
      * IDSCP2 handshake is started. After a successful handshake, a new Idscp2Connection is
-     * created and provided to the user
+     * created and provided to the user (and the IDSCP2 server).
      */
     @Override
-    public void secureChannelConnectHandler(SecureChannel secureChannel) {
-        if (secureChannel == null){
-            LOG.warn("IDSCP2 connect failed because no secure channel was established");
-            endpointListener.onError("IDSCP2 connect failed because no secure channel was established");
+    public synchronized void onSecureChannel(SecureChannel secureChannel,
+                                             CompletableFuture<ServerConnectionListener> serverListenerPromise) {
+        if (secureChannel == null) {
+            LOG.warn("IDSCP2 connect failed because no secure channel available");
+            endpointListener.onError("IDSCP2 connect failed because no secure channel available");
         } else {
-            LOG.debug("A new secure channel for an outgoing idscpv2 connection was established");
+            LOG.trace("A new secure channel for an IDSCP2 connection was established");
             FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher,
-                localExpectedRatCipher, ratTimeout);
+                    localExpectedRatCipher, ratTimeout);
 
             try {
-                fsm.startIdscpHandshake(); //blocking until handshake is done
-            } catch (Idscp2Exception e){
+                // Blocking until handshake is done
+                fsm.startIdscpHandshake();
+            } catch (Idscp2Exception e) {
                 return;
             }
 
             String connectionId = UUID.randomUUID().toString();
+            // Threads calling onMessage() will be blocked until all listeners have been registered, see below
             Idscp2Connection newConnection = new Idscp2Connection(fsm, connectionId);
             fsm.registerConnection(newConnection);
-            LOG.info("A new IDSCP2 connection with id {} was created", connectionId);
-            endpointListener.onConnection(newConnection);
-        }
-    }
-
-    /*
-     * A callback implementation to receive a new established secure channel from an Secure server
-     *
-     * If the secure channel is null, no secure channel was established and the result will be
-     * ignored
-     *
-     * If the secure channel was established, a new FSM is created for this connection and the
-     * IDSCP2 handshake is started. After a successful handshake, a new Idscp2Connection is
-     * created and provided to the user and the IDSCP2 server
-     */
-    @Override
-    public void secureChannelListenHandler(SecureChannel secureChannel,
-                                           CompletableFuture<Idscp2Connection> connectionPromise) {
-        if (secureChannel != null){
-            LOG.debug("A new secure channel for an incoming idscpv2 connection was established");
-            FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher,
-                localExpectedRatCipher, ratTimeout);
-
-            try {
-                fsm.startIdscpHandshake(); //blocking until handshake is done
-            } catch (Idscp2Exception e){
-                return;
+            LOG.debug("A new IDSCP2 connection with id {} was created", connectionId);
+            if (serverListenerPromise != null) {
+                // Complete the connection promise for the IDSCP server
+                serverListenerPromise.thenAccept(serverListener -> {
+                    serverListener.onConnectionCreated(newConnection);
+                    newConnection.addConnectionListener(new Idscp2ConnectionAdapter() {
+                        @Override
+                        public void onClose(Idscp2Connection connection) {
+                            serverListener.onConnectionClose(connection);
+                        }
+                    });
+                });
             }
-
-            //create new Idscp2Connection
-            String connectionId = UUID.randomUUID().toString();
-            Idscp2Connection newConnection = new Idscp2Connection(fsm, connectionId);
-            fsm.registerConnection(newConnection);
-            LOG.info("A new idscpv2 connection with id {} was created", connectionId);
-            // Complete the connection promise for the IDSCP server
-            connectionPromise.complete(newConnection);
             endpointListener.onConnection(newConnection);
-        } else {
-            LOG.warn("An incoming idscpv2 client connection request failed because the secure channel is null.");
+            newConnection.unlockMessaging();
         }
     }
+
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
index fc4021914..b2fa66ec9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
@@ -17,7 +17,7 @@ public class Idscp2Settings {
     private String trustStorePassword = "password";
     private String keyStorePath = null;
     private String keyStorePassword = "password";
-    private String certAlias = "1.0.1";
+    private String certificateAlias = "1.0.1";
     private String dapsKeyAlias = "1";
     private String keyStoreKeyType = "RSA";
     private AttestationConfig supportedAttestation = new AttestationConfig();
@@ -42,32 +42,32 @@ public Builder setServerPort(int serverPort) {
         }
 
         @NonNull
-        public Builder setTrustStore(String path) {
+        public Builder setTrustStorePath(String path) {
             this.settings.trustStorePath = path;
             return this;
         }
 
         @NonNull
-        public Builder setKeyStore(String path) {
+        public Builder setKeyStorePath(String path) {
             this.settings.keyStorePath = path;
             return this;
         }
 
         @NonNull
-        public Builder setTrustStorePwd(String pwd) {
+        public Builder setTrustStorePassword(String pwd) {
             this.settings.trustStorePassword = pwd;
             return this;
         }
 
         @NonNull
-        public Builder setKeyStorePwd(String pwd) {
+        public Builder setKeyStorePassword(String pwd) {
             this.settings.keyStorePassword = pwd;
             return this;
         }
 
         @NonNull
         public Builder setCertificateAlias(String alias) {
-            this.settings.certAlias = alias;
+            this.settings.certificateAlias = alias;
             return this;
         }
 
@@ -84,13 +84,13 @@ public Builder setKeyStoreKeyType(String keyType) {
         }
 
         @NonNull
-        public Builder setSupportedAttestationSuite(AttestationConfig suite) {
+        public Builder setSupportedAttestation(AttestationConfig suite) {
             this.settings.supportedAttestation = suite;
             return this;
         }
 
         @NonNull
-        public Builder setExpectedAttestationSuite(AttestationConfig suite) {
+        public Builder setExpectedAttestation(AttestationConfig suite) {
             this.settings.expectedAttestation = suite;
             return this;
         }
@@ -107,16 +107,20 @@ public Idscp2Settings build() {
 
     }
 
-    public AttestationConfig getExpectedAttestation() {
-        return expectedAttestation;
+    public int getServerPort() {
+        return serverPort;
     }
 
-    public AttestationConfig getSupportedAttestation() {
-        return supportedAttestation;
+    public String getHost() {
+        return host;
     }
 
-    public int getServerPort() {
-        return serverPort;
+    public String getTrustStorePath() {
+        return trustStorePath;
+    }
+
+    public String getTrustStorePassword() {
+        return trustStorePassword;
     }
 
     public String getKeyStorePath() {
@@ -127,31 +131,28 @@ public String getKeyStorePassword() {
         return keyStorePassword;
     }
 
-    public String getTrustStorePath() {
-        return trustStorePath;
+    public String getCertificateAlias() {
+        return certificateAlias;
     }
 
-    public String getTrustStorePassword() {
-        return trustStorePassword;
+    public String getDapsKeyAlias() {
+        return dapsKeyAlias;
     }
 
     public String getKeyStoreKeyType() {
         return keyStoreKeyType;
     }
 
-    public String getCertAlias() {
-        return certAlias;
-    }
-
-    public String getDapsKeyAlias() {
-        return dapsKeyAlias;
+    public AttestationConfig getSupportedAttestation() {
+        return supportedAttestation;
     }
 
-    public String getHost() {
-        return host;
+    public AttestationConfig getExpectedAttestation() {
+        return expectedAttestation;
     }
 
     public int getRatTimeoutDelay() {
         return ratTimeoutDelay;
     }
+
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Callback.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java
similarity index 52%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Callback.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java
index 9b7c4e948..2af24aa22 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Callback.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java
@@ -1,6 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 
 import java.util.concurrent.CompletableFuture;
@@ -11,19 +11,14 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public interface Idscp2Callback {
+public interface SecureChannelInitListener {
 
-    /*
-     * Notify the client about a new secure channel
-     */
-    void secureChannelConnectHandler(SecureChannel secureChannel);
-
-    /*
+    /**
      * Notify the server about new secureChannel
      */
-    void secureChannelListenHandler(
-        SecureChannel secureChannel,
-        CompletableFuture<Idscp2Connection> connectionPromise
+    void onSecureChannel(
+            SecureChannel secureChannel,
+            CompletableFuture<ServerConnectionListener> serverListenerPromise
     );
 
 }
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
index 8f1b1a60f..15a1a804e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
@@ -1,6 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
 
-import de.fhg.aisec.ids.messages.IDSCP2.IdscpMessage;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage;
 
 /**
  * An Event class for the Finite State Machine. Triggers a transition and holds
@@ -22,7 +22,7 @@ public enum EventType {
     /*
      * Create an Event with an Internal Control Message
      */
-    public Event(InternalControlMessage controlMessage){
+    public Event(InternalControlMessage controlMessage) {
         this.key = controlMessage.getValue();
         this.type = EventType.INTERNAL_CONTROL_MESSAGE;
         this.controlMessage = controlMessage;
@@ -32,7 +32,7 @@ public Event(InternalControlMessage controlMessage){
     /*
      * Create an Event with an Idscpv2 Message
      */
-    public Event (IdscpMessage idscpMessage){
+    public Event(IdscpMessage idscpMessage) {
         this.key = idscpMessage.getMessageCase().getNumber();
         this.type = EventType.IDSCP_MESSAGE;
         this.idscpMessage = idscpMessage;
@@ -44,10 +44,9 @@ public Event (IdscpMessage idscpMessage){
      *
      * throws an IllegalStateException if this event is requested for other purposes
      */
-    public Event (InternalControlMessage controlMessage, IdscpMessage idscpMessage){
+    public Event(InternalControlMessage controlMessage, IdscpMessage idscpMessage) {
         if (controlMessage.equals(InternalControlMessage.RAT_PROVER_MSG) ||
-                controlMessage.equals(InternalControlMessage.RAT_VERIFIER_MSG))
-        {
+                controlMessage.equals(InternalControlMessage.RAT_VERIFIER_MSG)) {
             this.key = controlMessage.getValue();
             this.type = EventType.INTERNAL_CONTROL_MESSAGE;
             this.idscpMessage = idscpMessage;
@@ -58,6 +57,16 @@ public Event (InternalControlMessage controlMessage, IdscpMessage idscpMessage){
         }
     }
 
+    @Override
+    public String toString() {
+        return "Event{" +
+                "key=" + key +
+                ", type=" + type +
+                ", idscpMessage=" + idscpMessage +
+                ", controlMessage=" + controlMessage +
+                '}';
+    }
+
     //
     // Getter methods
     //
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 2960d7e9a..0b797578f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -5,23 +5,23 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
+import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import de.fhg.aisec.ids.messages.IDSCP2.IdscpMessage;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.util.HashMap;
-import java.util.concurrent.CountDownLatch;
 import java.util.concurrent.locks.Condition;
 import java.util.concurrent.locks.ReentrantLock;
 
 /**
  * The finite state machine FSM of the IDSCP2 protocol
- *
+ * <p>
  * Manages IDSCP2 Handshake, Re-Attestation, DAT-ReRequest and DAT-Re-Validation. Delivers
  * Internal Control Messages and Idscpv2Messages to the target receivers,
  * creates and manages the states and its transitions and implements security restriction to protect
@@ -29,7 +29,7 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class FSM implements FsmListener{
+public class FSM implements FsmListener {
     private static final Logger LOG = LoggerFactory.getLogger(FSM.class);
 
     /*  -----------   IDSCP2 Protocol States   ---------- */
@@ -75,7 +75,7 @@ enum FSM_STATE {
      * lost
      */
     private Idscp2Connection connection;
-    private final CountDownLatch connectionLatch = new CountDownLatch(1);
+    private final FastLatch connectionLatch = new FastLatch();
 
     /*
      * A FIFO-fair synchronization lock for the finite state machine
@@ -109,7 +109,7 @@ enum FSM_STATE {
     /*  ----------------   end of Timer   --------------- */
 
     public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
-               String[] localSupportedRatSuite, String[] localExpectedRatSuite, int ratTimeout){
+               String[] localSupportedRatSuite, String[] localExpectedRatSuite, int ratTimeout) {
 
 
         /* ------------- Timeout Handler Routines ------------*/
@@ -154,22 +154,22 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
         ));
 
         states.put(FSM_STATE.STATE_WAIT_FOR_RAT, new StateWaitForRat(this, handshakeTimer,
-            verifierHandshakeTimer, proverHandshakeTimer, ratTimer, ratTimeout, dapsDriver));
+                verifierHandshakeTimer, proverHandshakeTimer, ratTimer, ratTimeout, dapsDriver));
 
         states.put(FSM_STATE.STATE_WAIT_FOR_RAT_PROVER, new StateWaitForRatProver(this,
-            ratTimer, handshakeTimer, proverHandshakeTimer, dapsDriver));
+                ratTimer, handshakeTimer, proverHandshakeTimer, dapsDriver));
 
         states.put(FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER, new StateWaitForRatVerifier(this,
-            dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, ratTimeout));
+                dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, ratTimeout));
 
         states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT, new StateWaitForDatAndRat(this,
-            handshakeTimer, proverHandshakeTimer, datTimer, dapsDriver));
+                handshakeTimer, proverHandshakeTimer, datTimer, dapsDriver));
 
         states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER,
-            new StateWaitForDatAndRatVerifier(this, handshakeTimer, datTimer, dapsDriver));
+                new StateWaitForDatAndRatVerifier(this, handshakeTimer, datTimer, dapsDriver));
 
         states.put(FSM_STATE.STATE_ESTABLISHED, new StateEstablished(this, dapsDriver,
-            ratTimer, handshakeTimer));
+                ratTimer, handshakeTimer));
 
 
         //set initial state
@@ -181,14 +181,13 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
     }
 
     private void checkForFsmCircles() {
-
         // check if current thread holds already the fsm lock, then we have a circle
         // this runs into an issue: onControlMessage must be called only from other threads!
         // if the current thread currently stuck within a fsm transition it will trigger another
         // transition on the old state and undefined behaviour occurred
         //
-        // The idscpv2 core and default driver will not run into this issue. It's a protection for
-        // avoiding incorrect usage of the idscpv2 library from further driver implementations
+        // The IDSCP2 core and default driver will not run into this issue. It's a protection for
+        // avoiding incorrect usage of the IDSCP2 library from further driver implementations
         //
         // Example:
         // Thread A stuck within a transition t1 that calls a function that calls
@@ -201,8 +200,11 @@ private void checkForFsmCircles() {
         // vulnerabilities
         //
         if (fsmIsBusy.isHeldByCurrentThread()) {
-            throw new RuntimeException("The current thread holds the fsm lock already. "
-                + "A circle might occur that could lead to undefined behaviour within the fsm");
+            final var e = new RuntimeException("The current thread holds the fsm lock already. "
+                    + "A circle might occur that could lead to undefined behaviour within the fsm");
+            // Log exception before throwing, since some threads swallow the exception without any notification
+            LOG.error(e.getMessage(), e);
+            throw e;
         }
     }
 
@@ -213,7 +215,7 @@ private void checkForFsmCircles() {
      * driver implementations
      */
     @Override
-    public void onMessage(byte[] data){
+    public void onMessage(byte[] data) {
 
         //check for incorrect usage
         checkForFsmCircles();
@@ -233,7 +235,7 @@ public void onMessage(byte[] data){
         // leaving STATE_CLOSED
         fsmIsBusy.lock();
         try {
-            while (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))){
+            while (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))) {
 
                 if (fsmIsClosed) {
                     return;
@@ -285,7 +287,7 @@ public void onRatProverMessage(InternalControlMessage controlMessage, byte[] rat
 
         //only allow rat prover messages from current thread
         Event e;
-        if (ratMessage == null){
+        if (ratMessage == null) {
             e = new Event(controlMessage);
         } else {
             IdscpMessage idscpMessage = Idscp2MessageHelper.createIdscpRatProverMessage(ratMessage);
@@ -323,7 +325,7 @@ public void onRatVerifierMessage(InternalControlMessage controlMessage, byte[] r
 
         //only allow rat verifier messages from current thread
         Event e;
-        if (ratMessage == null){
+        if (ratMessage == null) {
             e = new Event(controlMessage);
         } else {
             IdscpMessage idscpMessage = Idscp2MessageHelper.createIdscpRatVerifierMessage(ratMessage);
@@ -331,7 +333,7 @@ public void onRatVerifierMessage(InternalControlMessage controlMessage, byte[] r
         }
 
         fsmIsBusy.lock();
-        try{
+        try {
             if (Long.toString(Thread.currentThread().getId()).equals(currentRatVerifierId)) {
                 feedEvent(e);
             } else {
@@ -345,7 +347,7 @@ public void onRatVerifierMessage(InternalControlMessage controlMessage, byte[] r
     /*
      * Feed the event to the current state and execute the runEntry method if the state has changed
      */
-    private void feedEvent(Event event){
+    private void feedEvent(Event event) {
         State prevState = currentState;
         currentState = currentState.feedEvent(event);
 
@@ -360,15 +362,15 @@ private void feedEvent(Event event){
      * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
      * driver implementations
      */
-    public void terminate(){
-
+    public void terminate() {
         //check for incorrect usage
         checkForFsmCircles();
 
-        LOG.info("Close idscp connection");
+        LOG.debug("Close IDSCP2 connection");
         onControlMessage(InternalControlMessage.IDSCP_STOP);
-        LOG.debug("Close secure channel");
+        LOG.trace("Close secure channel");
         secureChannel.close();
+        LOG.debug("IDSCP2 connection closed");
     }
 
     /*
@@ -397,7 +399,7 @@ public void startIdscpHandshake() throws Idscp2Exception {
                     idscpHandshakeLock.await();
                 }
 
-                if (!isConnected()){
+                if (!isConnected()) {
                     //handshake failed, throw exception
                     throw new Idscp2Exception("Handshake failed");
                 }
@@ -415,7 +417,7 @@ public void startIdscpHandshake() throws Idscp2Exception {
     /*
      * Send idscp data from the fsm via the secure channel to the peer
      */
-    boolean sendFromFSM(IdscpMessage msg){
+    boolean sendFromFSM(IdscpMessage msg) {
         //send messages from fsm
         return secureChannel.send(msg.toByteArray());
     }
@@ -427,7 +429,7 @@ boolean sendFromFSM(IdscpMessage msg){
      * driver implementations
      */
     @Override
-    public void onError(){
+    public void onError() {
 
         //check for incorrect usage
         checkForFsmCircles();
@@ -442,7 +444,7 @@ public void onError(){
      * driver implementations
      */
     @Override
-    public void onClose(){
+    public void onClose() {
 
         //check for incorrect usage
         checkForFsmCircles();
@@ -453,11 +455,11 @@ public void onClose(){
     /*
      * Send idscp message from the User via the secure channel
      */
-    public void send(String type, byte[] msg){
+    public void send(String type, byte[] msg) {
         //send messages from user only when idscp connection is established
         fsmIsBusy.lock();
-        try{
-            if(isConnected()){
+        try {
+            if (isConnected()) {
                 IdscpMessage idscpMessage = Idscp2MessageHelper.createIdscpDataMessage(type, msg);
                 if (!secureChannel.send(idscpMessage.toByteArray())) {
                     LOG.error("Cannot send IDSCP_DATA via secure channel");
@@ -474,22 +476,22 @@ public void send(String type, byte[] msg){
     /*
      * Check if FSM is in STATE ESTABLISHED
      */
-    public boolean isConnected(){
+    public boolean isConnected() {
         return currentState.equals(states.get(FSM_STATE.STATE_ESTABLISHED));
     }
 
     /*
      * Register an IDSCP2 message listener
      */
-    public void registerConnection(Idscp2Connection connection){
+    public void registerConnection(Idscp2Connection connection) {
         this.connection = connection;
-        connectionLatch.countDown();
+        connectionLatch.unlock();
     }
 
     /*
      * Notify handshake lock about result
      */
-    void notifyHandshakeCompleteLock(){
+    void notifyHandshakeCompleteLock() {
         fsmIsBusy.lock();
         try {
             handshakeResultAvailable = true;
@@ -504,7 +506,7 @@ void notifyHandshakeCompleteLock(){
      *
      * Return the String of the cipher or null if no match was found
      */
-    String getRatProverMechanism(String[] localSupportedProver, Object[] remoteExpectedVerifier){
+    String getRatProverMechanism(String[] localSupportedProver, Object[] remoteExpectedVerifier) {
         //toDo implement logic
         return localSupportedProver[0];
     }
@@ -514,7 +516,7 @@ String getRatProverMechanism(String[] localSupportedProver, Object[] remoteExpec
      *
      * Return the String of the cipher or null if no match was found
      */
-    String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSupportedProver){
+    String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSupportedProver) {
         //toDo implement logic
         return localExpectedVerifier[0];
     }
@@ -526,11 +528,11 @@ String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSu
      * return false if no match was found
      */
     @SuppressWarnings("BooleanMethodIsAlwaysInverted")
-    boolean restartRatVerifierDriver(){
+    boolean restartRatVerifierDriver() {
         //assume verifier mechanism is set
         stopRatVerifierDriver();
         ratVerifierDriver = RatVerifierDriverRegistry.startRatVerifierDriver(verifierMechanism, this);
-        if (ratVerifierDriver == null){
+        if (ratVerifierDriver == null) {
             LOG.error("Cannot create instance of RAT_VERIFIER_DRIVER");
             currentRatVerifierId = "";
             return false;
@@ -548,7 +550,7 @@ boolean restartRatVerifierDriver(){
      */
     void stopRatVerifierDriver() {
         verifierHandshakeTimer.cancelTimeout();
-        if (ratVerifierDriver != null && ratVerifierDriver.isAlive()){
+        if (ratVerifierDriver != null && ratVerifierDriver.isAlive()) {
             ratVerifierDriver.interrupt();
             ratVerifierDriver.terminate();
         }
@@ -561,11 +563,11 @@ void stopRatVerifierDriver() {
      * return false if no match was found
      */
     @SuppressWarnings("BooleanMethodIsAlwaysInverted")
-    boolean restartRatProverDriver(){
+    boolean restartRatProverDriver() {
         //assume prover mechanism is set
         stopRatProverDriver();
         ratProverDriver = RatProverDriverRegistry.startRatProverDriver(proverMechanism, this);
-        if (ratProverDriver == null){
+        if (ratProverDriver == null) {
             LOG.error("Cannot create instance of RAT_PROVER_DRIVER");
             currentRatProverId = "";
             return false;
@@ -581,9 +583,9 @@ boolean restartRatProverDriver(){
     /*
      * Terminate the RatProverDriver
      */
-    void stopRatProverDriver(){
+    void stopRatProverDriver() {
         proverHandshakeTimer.cancelTimeout();
-        if (ratProverDriver != null && ratProverDriver.isAlive()){
+        if (ratProverDriver != null && ratProverDriver.isAlive()) {
             ratProverDriver.interrupt();
             ratProverDriver.terminate();
         }
@@ -604,16 +606,12 @@ void shutdownFsm() {
         this.stopRatVerifierDriver();
         fsmIsClosed = true;
 
-        //notify upper layer via handshake or closeListener
-        try {
-            if (handshakeResultAvailable) {
-                connectionLatch.await();
-                connection.onClose();
-            } else {
-                notifyHandshakeCompleteLock();
-            }
-        } catch (InterruptedException e) {
-            Thread.currentThread().interrupt();
+        // Notify upper layer via handshake or closeListener
+        if (handshakeResultAvailable) {
+            connectionLatch.await();
+            connection.onClose();
+        } else {
+            notifyHandshakeCompleteLock();
         }
     }
 
@@ -621,13 +619,9 @@ void shutdownFsm() {
      * Provide IDSCP2 message to the message listener
      */
     void notifyIdscpMsgListener(String type, byte[] data) {
-        try {
-            this.connectionLatch.await();
-            this.connection.onMessage(type, data);
-            LOG.debug("Idscp data were passed to connection listener");
-        } catch (InterruptedException ex) {
-            Thread.currentThread().interrupt();
-        }
+        this.connectionLatch.await();
+        this.connection.onMessage(type, data);
+        LOG.debug("Idscp data has been passed to connection listener");
     }
 
     //
@@ -642,10 +636,14 @@ RatProverDriver getRatProverDriver() {
         return ratProverDriver;
     }
 
-    State getState(FSM_STATE state){
+    State getState(FSM_STATE state) {
         return states.get(state);
     }
 
+    public boolean isNotClosed() {
+        return currentState.equals(getState(FSM_STATE.STATE_CLOSED));
+    }
+
     //
     // Setter
     //
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
index d569e8ba9..671ed27e0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
@@ -2,7 +2,7 @@
 
 /**
  * An enum that wraps the internal control messages of the IDSCP2 protocol to trigger transitions
- * by non-idscpv2-message-events
+ * by non-IDSCP2-message-events
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
@@ -23,6 +23,12 @@ public enum InternalControlMessage {
 
     //set unique values that are different from IdscpMessage.MessageCase ot identify event.key
     private final String id;
-    InternalControlMessage(String id) {this.id = id;}
-    public String getValue() {return id;}
+
+    InternalControlMessage(String id) {
+        this.id = id;
+    }
+
+    public String getValue() {
+        return id;
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
index 412b84c59..0d301e5e8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
@@ -12,8 +12,8 @@
  */
 public class State {
 
-    private final ConcurrentHashMap<Object,Transition> transitions = new ConcurrentHashMap<>();
-    private Function<Event,State> noTransitionHandler = null;
+    private final ConcurrentHashMap<Object, Transition> transitions = new ConcurrentHashMap<>();
+    private Function<Event, State> noTransitionHandler = null;
 
     /*
      * A method for triggering aa transition of the current state by a given event
@@ -22,9 +22,9 @@ public class State {
      *
      * Returns the target state of the triggered transition (new current state of the fsm)
      */
-    State feedEvent(Event e){
+    State feedEvent(Event e) {
         Transition t = transitions.get(e.getKey());
-        if (t != null){
+        if (t != null) {
             return t.doTransition(e);
         } else {
             return noTransitionHandler.apply(e);
@@ -34,8 +34,8 @@ State feedEvent(Event e){
     /*
      * Add ann outgoing transition to the state
      */
-    void addTransition(Object k, Transition t){
-        transitions.put(k,t);
+    void addTransition(Object k, Transition t) {
+        transitions.put(k, t);
     }
 
     /*
@@ -48,6 +48,7 @@ void setNoTransitionHandler(Function<Event, State> noTransitionHandler) {
     /*
      * run a sequence of code when the state is entered
      */
-    void runEntryCode(FSM fsm) {}
+    void runEntryCode(FSM fsm) {
+    }
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
index 8b5c0f5fb..b6acac5b5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
@@ -4,18 +4,20 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCP2;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import java.util.Arrays;
 import java.util.concurrent.locks.Condition;
+import java.util.stream.Collectors;
 
 /**
  * The Closed State of the FSM of the IDSCP2 protocol.
  * The FSM is in the Closed state either before any transition was triggered (in this case, the
  * Closed State is the FSM Start state) or after the connection was closed (in this case, the
  * Closed State is the FSM final state without any outgoing transitions)
- *
+ * <p>
  * When the FSM go from any State into the Closed State again, the FSM is locked forever and all
  * involved actors like RatDrivers and Timers will be terminated
  *
@@ -28,7 +30,7 @@ public StateClosed(FSM fsm,
                        DapsDriver dapsDriver,
                        Condition onMessageLock,
                        String[] localSupportedRatSuite,
-                       String[] localExpectedRatSuite){
+                       String[] localExpectedRatSuite) {
 
 
         /*---------------------------------------------------
@@ -45,13 +47,13 @@ public StateClosed(FSM fsm,
 
                     LOG.debug("Send IDSCP_HELLO");
                     IDSCP2.IdscpMessage idscpHello = Idscp2MessageHelper.
-                        createIdscpHelloMessage(dat, localSupportedRatSuite, localExpectedRatSuite);
+                            createIdscpHelloMessage(dat, localSupportedRatSuite, localExpectedRatSuite);
 
                     if (!fsm.sendFromFSM(idscpHello)) {
-                      LOG.error("Cannot send IdscpHello. Close connection");
-                      runEntryCode(fsm);
-                      onMessageLock.signalAll();
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send IdscpHello. Close connection");
+                        runEntryCode(fsm);
+                        onMessageLock.signalAll();
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     runExitCode(onMessageLock);
@@ -62,7 +64,12 @@ public StateClosed(FSM fsm,
 
         this.setNoTransitionHandler(
                 event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
+                    LOG.debug("No transition available for given event {}, stack trace for analysis:\n{}",
+                            event,
+                            Arrays.stream(Thread.currentThread().getStackTrace())
+                                    .skip(1)
+                                    .map(Object::toString)
+                                    .collect(Collectors.joining("\n")));
                     LOG.debug("Stay in state STATE_CLOSED");
                     return this;
                 }
@@ -70,13 +77,13 @@ public StateClosed(FSM fsm,
 
     }
 
-    private void runExitCode(Condition onMessageLock){
+    private void runExitCode(Condition onMessageLock) {
         //State Closed exit code
         onMessageLock.signalAll(); //enables fsm.onMessage()
     }
 
     @Override
-    void runEntryCode(FSM fsm){
+    void runEntryCode(FSM fsm) {
         //State Closed entry code
         LOG.debug("Switched to state STATE_CLOSED");
         LOG.debug("Terminate and free all resources and lock fsm forever");
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
index 4e9a865bc..b7e09f9a9 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
@@ -3,7 +3,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCP2;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -58,13 +58,13 @@ public StateEstablished(FSM fsm,
                     ratTimer.cancelTimeout();
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                      LOG.error("Cannot send ReRat message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send ReRat message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     if (!fsm.restartRatVerifierDriver()) {
-                      LOG.error("Cannot run Rat verifier, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat verifier, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
@@ -76,14 +76,14 @@ public StateEstablished(FSM fsm,
                     ratTimer.cancelTimeout();
                     LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                      LOG.error("Cannot send DatExpired message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send DatExpired message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
-                  LOG.debug("Set handshake timeout");
-                  handshakeTimer.resetTimeout(5);
+                    LOG.debug("Set handshake timeout");
+                    handshakeTimer.resetTimeout(5);
 
-                  return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
+                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
                 }
         ));
 
@@ -92,8 +92,8 @@ public StateEstablished(FSM fsm,
                     LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER");
 
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
@@ -105,13 +105,13 @@ public StateEstablished(FSM fsm,
                     LOG.debug("DAT expired. Send new DAT and repeat RAT");
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                      LOG.error("Cannot send Dat message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send Dat message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
@@ -143,7 +143,7 @@ public StateEstablished(FSM fsm,
     }
 
     @Override
-    void runEntryCode(FSM fsm){
+    void runEntryCode(FSM fsm) {
         LOG.debug("Switched to state STATE_ESTABLISHED");
         fsm.notifyHandshakeCompleteLock();
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
index 8d4b688c4..afd823d77 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
@@ -3,7 +3,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCP2;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -22,7 +22,7 @@ public StateWaitForDatAndRat(FSM fsm,
                                  Timer proverHandshakeTimer,
                                  Timer datTimer,
                                  DapsDriver dapsDriver
-                                 ){
+    ) {
 
         /*---------------------------------------------------
          * STATE_WAIT_FOR_DAT_AND_RAT - Transition Description
@@ -44,7 +44,7 @@ public StateWaitForDatAndRat(FSM fsm,
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
                     LOG.debug("Send IDSC_CLOSE");
-                   fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
                             IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -88,8 +88,8 @@ public StateWaitForDatAndRat(FSM fsm,
                 event -> {
                     LOG.debug("Send IDSCP_RAT_PROVER");
                     if (!fsm.sendFromFSM(event.getIdscpMessage())) {
-                      LOG.error("Cannot send rat prover message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send rat prover message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
                     return this;
                 }
@@ -109,10 +109,10 @@ public StateWaitForDatAndRat(FSM fsm,
                     //check if Dat is available and verify dat
                     byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
                     long datValidityPeriod;
-                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
+                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))) {
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                            "No valid DAT", IDSCP2.IdscpClose.CloseCause.NO_VALID_DAT));
+                                "No valid DAT", IDSCP2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
 
@@ -120,8 +120,8 @@ public StateWaitForDatAndRat(FSM fsm,
                     datTimer.resetTimeout(datValidityPeriod);
                     //start RAT Verifier
                     if (!fsm.restartRatVerifierDriver()) {
-                      LOG.error("Cannot run Rat verifier, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat verifier, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
@@ -133,13 +133,13 @@ public StateWaitForDatAndRat(FSM fsm,
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                      LOG.error("Cannot send Dat message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send Dat message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return this;
@@ -151,7 +151,7 @@ public StateWaitForDatAndRat(FSM fsm,
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
                     assert event.getIdscpMessage().hasIdscpRatVerifier();
                     fsm.getRatProverDriver().delegate(event.getIdscpMessage().getIdscpRatVerifier()
-                        .getData().toByteArray());
+                            .getData().toByteArray());
                     return this;
                 }
         ));
@@ -160,8 +160,8 @@ public StateWaitForDatAndRat(FSM fsm,
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
                     return this;
                 }
@@ -176,7 +176,7 @@ public StateWaitForDatAndRat(FSM fsm,
     }
 
     @Override
-    void runEntryCode(FSM fsm){
+    void runEntryCode(FSM fsm) {
         LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT");
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
index 80ae6af9a..afaa67b9b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
@@ -3,14 +3,14 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCP2;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 /**
  * The Wait_For_Dat_And_Rat_Verifier State of the FSM of the IDSCP2 protocol.
  * Wait for a new dynamic attribute token from the peer, since the old one is not valid anymore
- * and waits for the RatVerifier after successful verification of the Dat to decide if the idscpv2
+ * and waits for the RatVerifier after successful verification of the Dat to decide if the IDSCP2
  * connection will be established
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
@@ -21,7 +21,7 @@ public class StateWaitForDatAndRatVerifier extends State {
     public StateWaitForDatAndRatVerifier(FSM fsm,
                                          Timer handshakeTimer,
                                          Timer datTimer,
-                                         DapsDriver dapsDriver){
+                                         DapsDriver dapsDriver) {
 
         /*---------------------------------------------------
          * STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER - Transition Description
@@ -75,7 +75,7 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                     //check if Dat is available and verify dat
                     byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
                     long datValidityPeriod;
-                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))){
+                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))) {
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT", IDSCP2.IdscpClose.CloseCause.NO_VALID_DAT));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
@@ -84,8 +84,8 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                     datTimer.resetTimeout(datValidityPeriod);
                     //start RAT Verifier
                     if (!fsm.restartRatVerifierDriver()) {
-                      LOG.error("Cannot run Rat verifier, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat verifier, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
@@ -97,13 +97,13 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                      LOG.error("Cannot send DAT message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send DAT message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
                 }
@@ -113,8 +113,8 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
                 }
@@ -129,7 +129,7 @@ public StateWaitForDatAndRatVerifier(FSM fsm,
     }
 
     @Override
-    void runEntryCode(FSM fsm){
+    void runEntryCode(FSM fsm) {
         LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
         LOG.debug("Set handshake timeout");
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
index cbfec036e..db821241b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
@@ -3,7 +3,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCP2;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -11,7 +11,7 @@
  * The Wait_For_Hello State of the FSM of the IDSCP2 protocol.
  * Waits for the Idscpv2 Hellp Message that contains the protocol version, the supported and
  * expected remote attestation cipher suites and the dynamic attribute token (DAT) of the peer.
- *
+ * <p>
  * Goes into the WAIT_FOR_RAT State when valid Rat mechanisms were found and the DAT is valid
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
@@ -85,18 +85,20 @@ public StateWaitForHello(FSM fsm,
                     LOG.debug("Calculate Rat mechanisms");
                     String proverMechanism = fsm.getRatProverMechanism(localSupportedRatSuite,
                             idscpHello.getExpectedRatSuiteList().toArray());
-                    if (proverMechanism == null){
+                    if (proverMechanism == null) {
                         LOG.debug("Cannot find a match for RAT proverr. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No match for RAT Prover mechanism",
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
+                                "No match for RAT Prover mechanism",
                                 IDSCP2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
 
                     String verifierMechanism = fsm.getRatVerifierMechanism(localExpectedRatSuite,
                             idscpHello.getSupportedRatSuiteList().toArray());
-                    if (verifierMechanism == null){
+                    if (verifierMechanism == null) {
                         LOG.debug("Cannot find a match for RAT verifier. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No match for RAT Verifier mechanism",
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
+                                "No match for RAT Verifier mechanism",
                                 IDSCP2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
                         return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                     }
@@ -105,7 +107,7 @@ public StateWaitForHello(FSM fsm,
                     //check if Dat is available and verify dat
                     long datValidityPeriod;
                     if (!idscpHello.hasDynamicAttributeToken() || 0 > (datValidityPeriod = dapsDriver
-                            .verifyToken(idscpHello.getDynamicAttributeToken().getToken().toByteArray(), null))){
+                            .verifyToken(idscpHello.getDynamicAttributeToken().getToken().toByteArray(), null))) {
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
                         fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT",
                                 IDSCP2.IdscpClose.CloseCause.NO_VALID_DAT));
@@ -120,13 +122,13 @@ public StateWaitForHello(FSM fsm,
                     LOG.debug("Start RAT Prover and Verifier");
 
                     if (!fsm.restartRatVerifierDriver()) {
-                      LOG.error("Cannot run Rat verifier, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat verifier, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
index ff05c3c1d..5aa079906 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
@@ -3,7 +3,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCP2;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -23,7 +23,7 @@ public StateWaitForRat(FSM fsm,
                            Timer proverHandshakeTimer,
                            Timer ratTimer,
                            int ratTimerDelay,
-                           DapsDriver dapsDriver){
+                           DapsDriver dapsDriver) {
 
 
         /*---------------------------------------------------
@@ -46,7 +46,7 @@ public StateWaitForRat(FSM fsm,
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
          * --------------------------------------------------- */
         this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event ->  {
+                event -> {
                     LOG.debug("An internal control error occurred");
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
                 }
@@ -103,8 +103,8 @@ public StateWaitForRat(FSM fsm,
                     LOG.debug("Send IDSCP_RAT_PROVER");
 
                     if (!fsm.sendFromFSM(event.getIdscpMessage())) {
-                      LOG.error("Cannot send rat prover message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send rat prover message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return this;
@@ -116,8 +116,8 @@ public StateWaitForRat(FSM fsm,
                     LOG.debug("Send IDSCP_RAT_VERIFIER");
 
                     if (!fsm.sendFromFSM(event.getIdscpMessage())) {
-                      LOG.error("Cannot send rat verifier message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send rat verifier message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return this;
@@ -130,8 +130,8 @@ public StateWaitForRat(FSM fsm,
                     fsm.stopRatVerifierDriver();
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                      LOG.error("Cannot send DatExpired message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send DatExpired message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     LOG.debug("Start Handshake Timer");
@@ -155,7 +155,7 @@ public StateWaitForRat(FSM fsm,
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
                     assert event.getIdscpMessage().hasIdscpRatVerifier();
                     fsm.getRatProverDriver().delegate(event.getIdscpMessage().getIdscpRatVerifier()
-                        .getData().toByteArray());
+                            .getData().toByteArray());
 
                     return this;
                 }
@@ -166,7 +166,7 @@ public StateWaitForRat(FSM fsm,
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
                     assert event.getIdscpMessage().hasIdscpRatProver();
                     fsm.getRatVerifierDriver().delegate(event.getIdscpMessage().getIdscpRatProver()
-                        .getData().toByteArray());
+                            .getData().toByteArray());
 
                     return this;
                 }
@@ -177,13 +177,13 @@ public StateWaitForRat(FSM fsm,
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                      LOG.error("Cannot send DAT message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send DAT message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return this;
@@ -206,8 +206,8 @@ public StateWaitForRat(FSM fsm,
         );
     }
 
-  @Override
-    void runEntryCode(FSM fsm){
+    @Override
+    void runEntryCode(FSM fsm) {
         LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
index 9978c65ee..dc5f144d5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
@@ -3,7 +3,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCP2;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -20,7 +20,7 @@ public StateWaitForRatProver(FSM fsm,
                                  Timer ratTimer,
                                  Timer handshakeTimer,
                                  Timer proverHandshakeTimer,
-                                 DapsDriver dapsDriver){
+                                 DapsDriver dapsDriver) {
 
 
         /*---------------------------------------------------
@@ -70,8 +70,8 @@ public StateWaitForRatProver(FSM fsm,
                     ratTimer.cancelTimeout();
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                      LOG.error("Cannot send DatExpired message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send DatExpired message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     LOG.debug("Start Handshake Timer");
@@ -104,8 +104,8 @@ public StateWaitForRatProver(FSM fsm,
                     LOG.debug("Send IDSCP_RAT_PROVER");
 
                     if (!fsm.sendFromFSM(event.getIdscpMessage())) {
-                      LOG.error("Cannot send rat prover message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send rat prover message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return this;
@@ -117,15 +117,15 @@ public StateWaitForRatProver(FSM fsm,
                     LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER");
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                      LOG.error("Cannot send ReRat message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send ReRat message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     ratTimer.cancelTimeout();
 
                     if (!fsm.restartRatVerifierDriver()) {
-                      LOG.error("Cannot run Rat verifier, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat verifier, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
@@ -144,13 +144,13 @@ public StateWaitForRatProver(FSM fsm,
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                      LOG.error("Cannot send DAT message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send DAT message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return this;
@@ -162,7 +162,7 @@ public StateWaitForRatProver(FSM fsm,
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
                     assert event.getIdscpMessage().hasIdscpRatVerifier();
                     fsm.getRatProverDriver().delegate(event.getIdscpMessage().getIdscpRatVerifier()
-                        .getData().toByteArray());
+                            .getData().toByteArray());
 
                     return this;
                 }
@@ -172,8 +172,8 @@ public StateWaitForRatProver(FSM fsm,
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
                     return this;
                 }
@@ -189,7 +189,7 @@ public StateWaitForRatProver(FSM fsm,
     }
 
     @Override
-    void runEntryCode(FSM fsm){
+    void runEntryCode(FSM fsm) {
         LOG.debug("Switched to state STATE_WAIT_FOR_RAT_PROVER");
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
index 77b74f9ea..211082e3d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
@@ -3,7 +3,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.messages.IDSCP2;
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -69,8 +69,8 @@ public StateWaitForRatVerifier(FSM fsm,
                     fsm.stopRatVerifierDriver();
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                      LOG.error("Cannot send DatExpired message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send DatExpired message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     LOG.debug("Start Handshake Timer");
@@ -105,8 +105,8 @@ public StateWaitForRatVerifier(FSM fsm,
                     LOG.debug("Send IDSCP_RAT_VERIFIER");
 
                     if (!fsm.sendFromFSM(event.getIdscpMessage())) {
-                      LOG.error("Cannot send rat verifier message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send rat verifier message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return this;
@@ -125,13 +125,13 @@ public StateWaitForRatVerifier(FSM fsm,
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
 
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                      LOG.error("Cannot send DAT message");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot send DAT message");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
 
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
@@ -143,7 +143,7 @@ public StateWaitForRatVerifier(FSM fsm,
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
                     assert event.getIdscpMessage().hasIdscpRatProver();
                     fsm.getRatVerifierDriver().delegate(event.getIdscpMessage().getIdscpRatProver()
-                        .getData().toByteArray());
+                            .getData().toByteArray());
                     return this;
                 }
         ));
@@ -152,8 +152,8 @@ public StateWaitForRatVerifier(FSM fsm,
                 event -> {
                     LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
                     if (!fsm.restartRatProverDriver()) {
-                      LOG.error("Cannot run Rat prover, close idscp connection");
-                      return fsm.getState(FSM_STATE.STATE_CLOSED);
+                        LOG.error("Cannot run Rat prover, close idscp connection");
+                        return fsm.getState(FSM_STATE.STATE_CLOSED);
                     }
                     return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
                 }
@@ -169,7 +169,7 @@ public StateWaitForRatVerifier(FSM fsm,
     }
 
     @Override
-    void runEntryCode(FSM fsm){
+    void runEntryCode(FSM fsm) {
         LOG.debug("Switched to state STATE_WAIT_FOR_RAT_VERIFIER");
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
index b2b2643ab..44a78b5ad 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
@@ -15,12 +15,12 @@ public class Timer {
     private final ReentrantLock mutex = new ReentrantLock(true);
     private final Runnable timeoutHandler;
 
-    Timer(ReentrantLock fsmIsBusy, Runnable timeoutHandler){
+    Timer(ReentrantLock fsmIsBusy, Runnable timeoutHandler) {
         this.fsmIsBusy = fsmIsBusy;
         this.timeoutHandler = timeoutHandler;
     }
 
-    void resetTimeout(long delay){
+    void resetTimeout(long delay) {
         cancelTimeout();
         start(delay);
     }
@@ -28,7 +28,7 @@ void resetTimeout(long delay){
     /*
      * Start a timer thread that triggers the timeout handler routine after a given timout delay
      */
-    public void start(long delay){
+    public void start(long delay) {
         mutex.lock();
         thread = new TimerThread(delay, timeoutHandler, fsmIsBusy);
         thread.start();
@@ -38,9 +38,9 @@ public void start(long delay){
     /*
      * Cancel the current timer thread
      */
-    void cancelTimeout(){
+    void cancelTimeout() {
         mutex.lock();
-        if (thread != null){
+        if (thread != null) {
             thread.safeStop();
             thread = null;
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
index dd01ca635..c6cd4ccfa 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
@@ -9,14 +9,14 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class TimerThread extends Thread{
+public class TimerThread extends Thread {
 
     private volatile boolean canceled = false;
     private final long delay; //timeout delay in seconds
     private final Runnable timeoutHandler; //timeout handler routine
     private final ReentrantLock fsmIsBusy; //lock for the fsm
 
-    TimerThread(long delay, Runnable timeoutHandler, ReentrantLock fsmIsBusy){
+    TimerThread(long delay, Runnable timeoutHandler, ReentrantLock fsmIsBusy) {
         this.delay = delay;
         this.timeoutHandler = timeoutHandler;
         this.fsmIsBusy = fsmIsBusy;
@@ -31,7 +31,7 @@ public class TimerThread extends Thread{
      * If the timout was not canceled so far, the timer thread calls a timeout handler
      * routine, that triggers the timeout transition in the fsm
      */
-    public void run(){
+    public void run() {
         try {
             Thread.sleep(delay * 1000);
         } catch (InterruptedException e) {
@@ -46,7 +46,7 @@ public void run(){
 
         fsmIsBusy.lock();
         try {
-            if (!canceled){
+            if (!canceled) {
                 timeoutHandler.run();
             }
         } finally {
@@ -57,7 +57,7 @@ public void run(){
     /*
      * A method to stop the execution of the timer thread and cancel the timeout
      */
-    public void safeStop(){
+    public void safeStop() {
         canceled = true;
         this.interrupt();
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
index 3ab864f57..95ed0ba81 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
@@ -9,13 +9,13 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class Transition {
-    private final Function<Event,State> eventHandler;
+    private final Function<Event, State> eventHandler;
 
-    Transition(Function<Event,State> eventHandler){
+    Transition(Function<Event, State> eventHandler) {
         this.eventHandler = eventHandler;
     }
 
-    State doTransition(Event e){
+    State doTransition(Event e) {
         return eventHandler.apply(e);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java
index 80bc672ac..5f54eae88 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java
@@ -5,10 +5,9 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.Collection;
 import java.util.Collections;
-import java.util.concurrent.CompletableFuture;
-import java.util.concurrent.ConcurrentHashMap;
+import java.util.HashSet;
+import java.util.Set;
 
 /**
  * An IDSCP2 Server that has the control about the underlying secure server and caches all active
@@ -16,58 +15,56 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class Idscp2Server {
+public class Idscp2Server implements ServerConnectionListener {
     private static final Logger LOG = LoggerFactory.getLogger(Idscp2Server.class);
 
     private final SecureServer secureServer;
-    private final ConcurrentHashMap<String, Idscp2Connection> connections = new ConcurrentHashMap<>();
+    private final Set<Idscp2Connection> connections = Collections.synchronizedSet(new HashSet<>());
 
-    public Idscp2Server(SecureServer secureServer, CompletableFuture<Idscp2Connection> connectionPromise) {
+    public Idscp2Server(SecureServer secureServer) {
         this.secureServer = secureServer;
-        connectionPromise.thenAccept(connection -> connections.put(connection.getConnectionId(), connection));
     }
 
     /*
      * Terminate the IDSCP2 server, the secure server and close all connections
      */
-    public void terminate(){
-        LOG.info("Terminating idscp server {}", this.toString());
-        secureServer.safeStop();
+    public void terminate() {
+        LOG.info("Terminating IDSCP2 server {}", this.toString());
         terminateAllSessions();
+        secureServer.safeStop();
     }
 
     /*
      * Close all open IDSCP2 connections of this server
      */
-    public void terminateAllSessions(){
-        for (Idscp2Connection c : connections.values()){
-            c.close();
-            LOG.debug("Idscp connection with id {} has been closed", c.getConnectionId());
-            connections.remove(c.getConnectionId());
+    public void terminateAllSessions() {
+        for (Idscp2Connection connection : connections) {
+            connection.close();
+            LOG.debug("Idscp connection with id {} has been closed", connection.getId());
+            connections.remove(connection);
         }
     }
 
-    /*
-     * Check if the server is running
-     */
-    public boolean isRunning(){
-        return secureServer.isRunning();
+    public void onConnectionCreated(Idscp2Connection connection) {
+        connections.add(connection);
+    }
+
+    public void onConnectionClose(Idscp2Connection connection) {
+        connections.remove(connection);
     }
 
     /*
-     * Get a Idscp2Connection from the server cache by the connectionID
-     *
-     * return null if no connection was found with this ID
+     * Check if the server is running
      */
-    public Idscp2Connection getConnectionById(String connectionId){
-        return connections.get(connectionId);
+    public boolean isRunning() {
+        return secureServer.isRunning();
     }
 
     /*
      * return a list of all open IDSCP2 connections of this server
      */
-    public Collection<Idscp2Connection> getAllConnections(){
-        return Collections.unmodifiableCollection(connections.values());
+    public Set<Idscp2Connection> getAllConnections() {
+        return Collections.unmodifiableSet(connections);
     }
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/ServerConnectionListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/ServerConnectionListener.java
new file mode 100644
index 000000000..548a7f051
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/ServerConnectionListener.java
@@ -0,0 +1,10 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.idscp_server;
+
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+
+public interface ServerConnectionListener {
+
+    void onConnectionCreated(Idscp2Connection connection);
+
+    void onConnectionClose(Idscp2Connection connection);
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
index 552307aca..a9c052dfa 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
@@ -9,7 +9,7 @@
 /**
  * A Rat Prover Driver Registry
  * The User can register Driver implementation instances and its configurations to the registry
- *
+ * <p>
  * The Idscpv2 protocol will select during the idscp handshake a Rat Prover mechanism and will
  * check for this RatProver in this registry
  *
@@ -19,11 +19,12 @@ public class RatProverDriverRegistry {
     private static RatProverDriverRegistry instance;
     private static final ConcurrentHashMap<String, DriverWrapper> drivers = new ConcurrentHashMap<>();
 
-    private RatProverDriverRegistry(){}
+    private RatProverDriverRegistry() {
+    }
 
-    public static RatProverDriverRegistry getInstance(){
-        if (instance == null){
-           instance = new RatProverDriverRegistry();
+    public static RatProverDriverRegistry getInstance() {
+        if (instance == null) {
+            instance = new RatProverDriverRegistry();
         }
 
         return instance;
@@ -38,7 +39,7 @@ public static RatProverDriverRegistry getInstance(){
      * The finite state machine is registered as the communication partner for the RatProver.
      * The RatProver will be initialized with a configuration, if present. Then it is started.
      */
-    public static RatProverDriver startRatProverDriver(String instance, FsmListener listener){
+    public static RatProverDriver startRatProverDriver(String instance, FsmListener listener) {
         DriverWrapper driverWrapper = drivers.get(instance);
         if (driverWrapper == null) {
             return null;
@@ -54,7 +55,7 @@ public static RatProverDriver startRatProverDriver(String instance, FsmListener
             return driver;
 
         } catch (NoSuchMethodException | InstantiationException | IllegalAccessException |
-            InvocationTargetException e) {
+                InvocationTargetException e) {
             return null;
         }
     }
@@ -64,17 +65,17 @@ public static RatProverDriver startRatProverDriver(String instance, FsmListener
      * Register Rat Prover driver and an optional configuration in the registry
      */
     public void registerDriver(
-        String instance,
-        Class<? extends RatProverDriver> driverClass,
-        Object driverConfig
-    ){
+            String instance,
+            Class<? extends RatProverDriver> driverClass,
+            Object driverConfig
+    ) {
         drivers.put(instance, new DriverWrapper(driverClass, driverConfig));
     }
 
     /*
      * Unregister the driver from the registry
      */
-    public void unregisterDriver(String instance){
+    public void unregisterDriver(String instance) {
         drivers.remove(instance);
     }
 
@@ -86,8 +87,8 @@ private static class DriverWrapper {
         private final Object driverConfig;
 
         private DriverWrapper(
-            Class<? extends RatProverDriver> driverClass,
-            Object driverConfig
+                Class<? extends RatProverDriver> driverClass,
+                Object driverConfig
         ) {
             this.driverClass = driverClass;
             this.driverConfig = driverConfig;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
index 9d4cbbb82..1522bf175 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
@@ -9,7 +9,7 @@
 /**
  * A Rat Verifier Driver Registry
  * The User can register Driver implementation instances and its configurations to the registry
- *
+ * <p>
  * The Idscpv2 protocol will select during the idscp handshake a Rat Verifier mechanism and will
  * check for this RatVerifier in this registry
  *
@@ -18,12 +18,13 @@
 public class RatVerifierDriverRegistry {
     private static RatVerifierDriverRegistry instance;
     private static final ConcurrentHashMap<String, DriverWrapper> drivers
-        = new ConcurrentHashMap<>();
+            = new ConcurrentHashMap<>();
 
-    private RatVerifierDriverRegistry(){}
+    private RatVerifierDriverRegistry() {
+    }
 
-    public static RatVerifierDriverRegistry getInstance(){
-        if (instance == null){
+    public static RatVerifierDriverRegistry getInstance() {
+        if (instance == null) {
             instance = new RatVerifierDriverRegistry();
         }
         return instance;
@@ -39,7 +40,7 @@ public static RatVerifierDriverRegistry getInstance(){
      * The finite state machine is registered as the communication partner for the RatVerifier.
      * The RatVerifier will be initialized with a configuration, if present. Then it is started.
      */
-    public static RatVerifierDriver startRatVerifierDriver(String mechanism, FsmListener listener){
+    public static RatVerifierDriver startRatVerifierDriver(String mechanism, FsmListener listener) {
         DriverWrapper driverWrapper = drivers.get(mechanism);
 
         try {
@@ -60,17 +61,17 @@ public static RatVerifierDriver startRatVerifierDriver(String mechanism, FsmList
      * Register Rat Verifier driver and an optional configuration in the registry
      */
     public void registerDriver(
-        String mechanism,
-        Class<? extends RatVerifierDriver> driverClass,
-        Object driverConfig
-    ){
+            String mechanism,
+            Class<? extends RatVerifierDriver> driverClass,
+            Object driverConfig
+    ) {
         drivers.put(mechanism, new DriverWrapper(driverClass, driverConfig));
     }
 
     /*
      * Unregister the driver from the registry
      */
-    public void unregisterDriver(String instance){
+    public void unregisterDriver(String instance) {
         drivers.remove(instance);
     }
 
@@ -82,8 +83,8 @@ private static class DriverWrapper {
         private final Object driverConfig;
 
         private DriverWrapper(
-            Class<? extends RatVerifierDriver> driver,
-            Object driverConfig
+                Class<? extends RatVerifierDriver> driver,
+                Object driverConfig
         ) {
             this.driverClass = driver;
             this.driverConfig = driverConfig;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index ff409ea7f..1b33c3730 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -4,7 +4,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.concurrent.CountDownLatch;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * A secureChannel which is the secure underlying basis of the IDSCP2 protocol,
@@ -16,64 +16,48 @@ public class SecureChannel implements SecureChannelListener {
     private static final Logger LOG = LoggerFactory.getLogger(SecureChannel.class);
 
     private final SecureChannelEndpoint endpoint;
-    private final CountDownLatch fsmLatch = new CountDownLatch(1);
-    private FsmListener fsm = null;
+    private final CompletableFuture<FsmListener> fsmPromise = new CompletableFuture<>();
 
-    public SecureChannel(SecureChannelEndpoint secureChannelEndpoint){
+    public SecureChannel(SecureChannelEndpoint secureChannelEndpoint) {
         this.endpoint = secureChannelEndpoint;
     }
 
     /*
      * close the secure channel forever
      */
-    public void close(){
+    public void close() {
         endpoint.close();
     }
 
     /*
      * Send data via the secure channel endpoint to the peer connector
      *
-     * return true if the data were sent successfully, else false
+     * return true if the data has been sent successfully, else false
      */
-    public boolean send(byte[] msg){
+    public boolean send(byte[] msg) {
         LOG.debug("Send message via secure channel");
         return endpoint.send(msg);
     }
 
     @Override
-    public void onMessage(byte[] data){
-        LOG.debug("New raw data were received via the secure channel");
-        try {
-            fsmLatch.await();
-            fsm.onMessage(data);
-        } catch (InterruptedException e){
-            Thread.currentThread().interrupt();
-        }
+    public void onMessage(byte[] data) {
+        LOG.debug("New raw data has been received via the secure channel");
+        fsmPromise.thenAccept(fsmListener -> fsmListener.onMessage(data));
     }
 
     @Override
     public void onError() {
-        //tell fsm an error occurred in secure channel
-        try {
-            fsmLatch.await();
-            fsm.onError();
-        } catch (InterruptedException e) {
-            Thread.currentThread().interrupt();
-        }
+        // Tell fsm an error occurred in secure channel
+        fsmPromise.thenAccept(FsmListener::onError);
     }
 
     @Override
     public void onClose() {
-        //tell fsm secure channel received EOF
-        try {
-            fsmLatch.await();
-            fsm.onClose();
-        } catch (InterruptedException e) {
-            Thread.currentThread().interrupt();
-        }
+        // Tell fsm secure channel received EOF
+        fsmPromise.thenAccept(FsmListener::onClose);
     }
 
-    public boolean isConnected(){
+    public boolean isConnected() {
         return endpoint.isConnected();
     }
 
@@ -81,7 +65,6 @@ public boolean isConnected(){
      * set the corresponding finite state machine
      */
     public void setFsm(FsmListener fsm) {
-        this.fsm = fsm;
-        fsmLatch.countDown();
+        fsmPromise.complete(fsm);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
index 77afc5e8a..eadaa39c5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
@@ -21,7 +21,7 @@ public interface SecureChannelEndpoint {
     /*
      * Send data from the secure channel endpoint to the peer connector
      *
-     * return true when data was sent, else false
+     * return true when data has been sent, else false
      */
     boolean send(byte[] bytes);
 
diff --git a/idscp2/src/main/proto/idscpv2.proto b/idscp2/src/main/proto/idscpv2.proto
index 196503c04..6ef30fd1b 100644
--- a/idscp2/src/main/proto/idscpv2.proto
+++ b/idscp2/src/main/proto/idscpv2.proto
@@ -1,5 +1,5 @@
 syntax = "proto3";
-option java_package = "de.fhg.aisec.ids.messages";
+option java_package = "de.fhg.aisec.ids.idscp2.messages";
 option java_outer_classname = "IDSCP2";
 
 //IDSCP message frame
diff --git a/idscp2/src/main/proto/tpm2dAttestation.proto b/idscp2/src/main/proto/tpm2dAttestation.proto
index 74b9c3a69..a35025346 100644
--- a/idscp2/src/main/proto/tpm2dAttestation.proto
+++ b/idscp2/src/main/proto/tpm2dAttestation.proto
@@ -1,5 +1,5 @@
 syntax = "proto2";
-option java_package = "de.fhg.aisec.ids.messages";
+option java_package = "de.fhg.aisec.ids.idscp2.messages";
 option java_outer_classname = "Tpm2dAttestation";
 
 // protobuf messages for communicating with TPM
diff --git a/idscp2/src/main/resources/simplelogger.properties b/idscp2/src/main/resources/simplelogger.properties
new file mode 100644
index 000000000..eafa2b0f4
--- /dev/null
+++ b/idscp2/src/main/resources/simplelogger.properties
@@ -0,0 +1 @@
+org.slf4j.simpleLogger.defaultLogLevel=debug
\ No newline at end of file
diff --git a/idscp2/src/test/resources/ssl/aisecconnector1-keystore.jks b/idscp2/src/main/resources/ssl/aisecconnector1-keystore.jks
similarity index 100%
rename from idscp2/src/test/resources/ssl/aisecconnector1-keystore.jks
rename to idscp2/src/main/resources/ssl/aisecconnector1-keystore.jks
diff --git a/idscp2/src/test/resources/ssl/aisecconnector2-keystore.jks b/idscp2/src/main/resources/ssl/aisecconnector2-keystore.jks
similarity index 100%
rename from idscp2/src/test/resources/ssl/aisecconnector2-keystore.jks
rename to idscp2/src/main/resources/ssl/aisecconnector2-keystore.jks
diff --git a/idscp2/src/test/resources/ssl/client-truststore_new.jks b/idscp2/src/main/resources/ssl/client-truststore_new.jks
similarity index 100%
rename from idscp2/src/test/resources/ssl/client-truststore_new.jks
rename to idscp2/src/main/resources/ssl/client-truststore_new.jks
diff --git a/idscp2/src/test/resources/ssl/consumer-core-keystore.jks b/idscp2/src/main/resources/ssl/consumer-core-keystore.jks
similarity index 100%
rename from idscp2/src/test/resources/ssl/consumer-core-keystore.jks
rename to idscp2/src/main/resources/ssl/consumer-core-keystore.jks
diff --git a/idscp2/src/test/resources/ssl/consumer-core-truststore.jks b/idscp2/src/main/resources/ssl/consumer-core-truststore.jks
similarity index 100%
rename from idscp2/src/test/resources/ssl/consumer-core-truststore.jks
rename to idscp2/src/main/resources/ssl/consumer-core-truststore.jks
diff --git a/idscp2/src/test/resources/ssl/consumer-core.cert b/idscp2/src/main/resources/ssl/consumer-core.cert
similarity index 100%
rename from idscp2/src/test/resources/ssl/consumer-core.cert
rename to idscp2/src/main/resources/ssl/consumer-core.cert
diff --git a/idscp2/src/test/resources/ssl/consumer-core.p12 b/idscp2/src/main/resources/ssl/consumer-core.p12
similarity index 100%
rename from idscp2/src/test/resources/ssl/consumer-core.p12
rename to idscp2/src/main/resources/ssl/consumer-core.p12
diff --git a/idscp2/src/test/resources/ssl/provider-core-keystore.jks b/idscp2/src/main/resources/ssl/provider-core-keystore.jks
similarity index 100%
rename from idscp2/src/test/resources/ssl/provider-core-keystore.jks
rename to idscp2/src/main/resources/ssl/provider-core-keystore.jks
diff --git a/idscp2/src/test/resources/ssl/provider-core-truststore.jks b/idscp2/src/main/resources/ssl/provider-core-truststore.jks
similarity index 100%
rename from idscp2/src/test/resources/ssl/provider-core-truststore.jks
rename to idscp2/src/main/resources/ssl/provider-core-truststore.jks
diff --git a/idscp2/src/test/resources/ssl/provider-core.cert b/idscp2/src/main/resources/ssl/provider-core.cert
similarity index 100%
rename from idscp2/src/test/resources/ssl/provider-core.cert
rename to idscp2/src/main/resources/ssl/provider-core.cert
diff --git a/idscp2/src/test/resources/ssl/provider-core.p12 b/idscp2/src/main/resources/ssl/provider-core.p12
similarity index 100%
rename from idscp2/src/test/resources/ssl/provider-core.p12
rename to idscp2/src/main/resources/ssl/provider-core.p12
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index e601c6a2a..bae9c249c 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -2,19 +2,13 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.SecurityRequirements;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import org.junit.Ignore;
 import org.junit.Test;
+
 import static org.junit.Assert.*;
 
 public class DapsDriverTest {
-  //toDo add further junit tests
-
-  private String getExpiredToken() {
-    return "";
-  }
 
   @Test
-  @Ignore
   public void testValidToken() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -46,7 +40,6 @@ public void testValidToken() {
   }
 
   @Test
-  @Ignore
   public void testInvalidClient() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -67,7 +60,6 @@ public void testInvalidClient() {
   }
 
   @Test
-  @Ignore
   public void testInvalidUrlNonSecure() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -88,7 +80,6 @@ public void testInvalidUrlNonSecure() {
   }
 
   @Test
-  @Ignore
   public void testInvalidUrl404() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -109,7 +100,6 @@ public void testInvalidUrl404() {
   }
 
   @Test (expected = RuntimeException.class)
-  @Ignore
   public void testInvalidPassword1() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -124,11 +114,10 @@ public void testInvalidPassword1() {
             .setDapsUrl("https://daps.aisec.fraunhofer.de")
             .build();
 
-    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+    new DefaultDapsDriver(config);
   }
 
   @Test (expected = RuntimeException.class)
-  @Ignore
   public void testInvalidPassword2() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -143,11 +132,10 @@ public void testInvalidPassword2() {
             .setDapsUrl("https://daps.aisec.fraunhofer.de")
             .build();
 
-    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+    new DefaultDapsDriver(config);
   }
 
   @Test (expected = RuntimeException.class)
-  @Ignore
   public void testInvalidKeyAlias() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
@@ -162,11 +150,10 @@ public void testInvalidKeyAlias() {
             .setDapsUrl("https://daps.aisec.fraunhofer.de")
             .build();
 
-    DapsDriver dapsDriver = new DefaultDapsDriver(config);
+    new DefaultDapsDriver(config);
   }
 
   @Test
-  @Ignore
   public void testInvalidAuditLogging() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
diff --git a/karaf-assembly/src/main/resources/etc/idscp2/aisecconnector1-keystore.jks b/karaf-assembly/src/main/resources/etc/idscp2/aisecconnector1-keystore.jks
new file mode 100644
index 0000000000000000000000000000000000000000..8cac581c388491153679329a43ce082c6877ea64
GIT binary patch
literal 2527
zcma)7c{tSD8=vo(rOY5ROvSaAvW@Q;W9<$ajeQA~J+ojcjL@Yd3?sU>a4(}|m+jh;
zx}{vCv6gb_whA{(wh^w9<u}~rxqsY0e&>14=XpP8dEax+^LgL1F}pDffk2?b4s3UT
zAhcMvQr6872pkG>U>l$~LR13*zyNiqBmlr6Fb?cv-KJ@&kq+ja7sO?NWIV!)lDM=O
zThg^J9CI+W@tY}G<q{KI)7;Q$i~PZNDWy<Jtw_P$WbZi(S|Ip&#|gxTiQsI;oK|{D
zSwk&WB;)GJ5?xW+yJ`GwlVPkS*xh%uq~1d1w*sa@@h{z-G4a#QGw_qQD|t~Jk|lBR
zM%~{rBrqzG*LVC#^rJ5Odn^Vm%ZGX&+7)o1*%X;}AvyTj1G6{m2-e<DTGoTHU+ttK
zQ3GcEEj~sI_l8@KP)>MCmQHwP<jY0cd#v3v2;GBoIDFqa;D~svBVm1g)9{{aG`&i1
zO3q~e(ULUHvijF$Uca5pvcd;Ov<|;0DI{;EK2#H&w@1$PBoFQ%$h%S;{kYu5o78x=
zv#u(23b?$&_+|Dbq^PC-13q40v1f8cRI{)26gAe^jh80VNaa8JG${sI5`0$jQg3<^
z%~yGE9XFWkaX9)`@tLJt^J+<T4bP3s<WZRxu_G0LR0sNVcjF(%wrkDy9Cyg_^w-CR
zSzH79mv<R=xXlX9Zx?mLZ}K(Mes)l>uFO4O<l2xgeTk)gpze;JBmIzCNIbY<-a2`v
z5<ZY9YlC*XNDZujm*qxP&m0<ZUb>Md*!6A0xpjm7WT$Jq;=N;v<NFNUet=fVoK+?k
z1<$N>ugZ0+`MTS{zD>ob%e25AL~8DpY!z+nh%`@Isikt8I|+syQq@DJ$T5ru^A<5_
z<5GeLvAa6URbw>9DO*ReBEe0gbu34*Fjx9Uw1SWO@vo@`CEw+zD;5@4)kIvL7DWQs
z>wn}V55|=hni6%XxVPt3Q~Zu+g)Zh4m2{7jvk<(sXMOi0><QZZMHv*~^UzSc7E<11
z=3r|rp)0&D^|$c#dbz=NGFpJq5d?ciR@=V7VUXNT23tb>Vx?uFT}5N6V;Whdf?h-#
zF)%Ym?Y%C`pDCl%9kOP3iu>#0*-p=6vS#Wp2QWgGSEL>sbeek>pR_TDJ6rZ<RNX_+
zZ@RW-WQ&=P{PILrUrAOri<&$+lwz;H062Y@Wji_U^n)`@B8f^?{TbL#X;<p*Xs?B7
zkac9IA6QinB}z<B)davaf%<-%hQrF;xHu`V=~rDw>L@3fQ$52GK0S*iZc4I!AjxXz
z9ZS`(rv^gF&F^({3vtVYGQ?!#m2Zq_?N7?LzMDc;)-dT?x@B@Yr)RU*YcA$wtHB$`
zW4`l;35;H~pFH;%w`hJk+2gp`J%NJe(K2t#lbkujMcn*G%N~o#@qzdTR{5Eduuznu
zaa-d8WC4D<Z{Eo(Ew(;g<DuiTg=ETm3lAFEXrX32M@vRNDDBtyTIX7hVNO4Cr|O;7
z>tn1=yNl6zgWkmFOeN~-PGaEfmj-CB;R{==+(@PLO=IJoj`)NNHl!NP-IW2ci9o%D
z;`e$(i{u|?DCsBZCk^Gls^0;iKF3(BkAU<Y=ISW1<{EDiZ+U25<7x|1Tm9je(RmU^
zP+RS<PMVJp=MXy}gAa>ESWDk)I5A%zNk4G&@i1J<=|rDKxcg?8b`JJUvrh;A*42y_
zO`nO8bz*v?x6g?FN}i;P_0t5~q&&`JLhA3N`)l#H*NVPBJ~!w3B|f5^$JL=<r_W@(
zPF|%`Q<6;(mu%}j`2#Rqk#ZZvx;ZHB!|j|luho*vF<d+I(&r}@>eFQ~+eH!XiYI}F
z5D4s=upnlG9Fgb(5hwtK0=q#m#7^}D%Y+p%06@VZpeX?b?nH<jgCVd`^CJW-D7i&M
z(W2B4+PNSW+s`+I@C_)lH7J6{TA4d5y7-2MDLS8{Q_K`~K!O1%zgvu82oeaogsrCU
zzFSO(Af&{<C`kK1B8Y?Ntq3SI+|0`P2!)^pYWx{-pD&X^V(Qb0S~Q}eftId;AE-s6
z(?KnwK8Zjgf(%_hUna-_l>dD%Va*re01^=4xG0nZ0FdmnT&-%}gEpi@(v+f^roH&%
zUI#1VhTG`!^?Y?Cr8xb<_pMZPP8%yoY!3p%JMC#{FRPvEacVfR{WNO~F&m}UlocGF
zG7~O%=5Nh9KkU^74LLNkDF1W(wPNYpX2@GDvsZQcKk1ED&(>9VrY^HD+-P$9w!wkL
z!?w*{jc`Da0~us_>IB?WBV*&-Q;;-7*>Svea-JyX!WD=ZrRJ%lI#ON&#LD_uKf;42
z<Qa#nbMLP7t@taruUpob$Qxv<cJ{k^JG?>(yfd@8V|g;Y&2e6{tWPhE=HP0k`8k#*
ziWjRVvz04*>r`keuZ|GlQ+^(=dS9o_EiVq^xKI%Q0u*zA^THQ72g(VbR!$s-gGs&Z
zSx05Y69LI-udJ-ZhY?XH)~rE=t!Wk59uOBJ)sxI`;+`*8DeIB0+U=-4?o08S+?I<R
z76t_&AZlx^1Pmqug%^POTSNf{f_PA~K)v8#f+{O4EZ9g}n-LO#r=1G*W#Ik(5fz^4
zt9^<YiWkm-E{Gk%{~8WQ0szbsq=M#ua}b(f@RtuJJ3J_WO%v|;FHa$Cb{K=k@C^wQ
zN>UHMW&C-~{V*IT^|w0_=sy+!25y~J66OaoIXeT`3|at-9U8__5}t{{4hr&Rgt0>i
z{}t;pOqgMi%P>&@DzS~bwo!5$G24jUMyYL--bUQN<ta=%p*#V|&DVB570>n^FLWI{
zI(_X2>9eX`jj#DAwSwUTF9md(%G;w@lV2Zy^Sm+csb*owj;iw0Bj^`FxKTT?rF^)^
zlz&xAU<_9rs!uhGbzFO*`^zKKYIm$>pi9i7OSx+nKcS}y#7%VY;d*{_{}Zc^dQZoE
zWT}Kz61-k76P>5M-}b}uRIpwIW2PMWE-H$sj5G+AiE&fSef4pl+++mHKXHnOm9HOa
zm>s=oQy#+pRQ-f`FS5ayvR35W)^RHF0OHIpj_wHm3g0$3lLuzR+9kffzq;>tzK;(h
zr&(_oKJ`&#yUR$a4e7dDcq!SG$1tbpONmRd4^J$1DZPNN6y$1Pyv9;8RB%nIvx`Fs
KwRVuWxBmm2L>qhn

literal 0
HcmV?d00001

diff --git a/karaf-assembly/src/main/resources/etc/idscp2/client-truststore_new.jks b/karaf-assembly/src/main/resources/etc/idscp2/client-truststore_new.jks
new file mode 100644
index 0000000000000000000000000000000000000000..998f04c7d601ba0540b4d4d15fe86bdcb7af0bbf
GIT binary patch
literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jf5m7g0V2#i-HLzr0V9qvZVoo<`V)9?W%*4pV#L2LU
z@x9*Bv>WXPylk9WZ60mkc^Mg5Ss4tR47m+B*_cCF*o2u}Tn&W{1VJ1w9xk_{#L~Qs
z{It{}LpcK(kRUUUsHaP?LQsBwi9$$fafyPnqk@rvp@o5*IIp3Fp@FfXp_!qPfl-t=
zuQ8BoWCrC@#f~OMC1j^FvNA9?G4eAQG%<29H8C<WY?5tN?)^5Q*D*0+%@qazhG|QD
zqy@Hr@PA{%c`KBAiqOI>vpkK@<?@GzH*|O}5KMY{Sina0&jg>{zD!3f<TUMmtq<~_
zT-+~h!uwaet9;I*o9Ds=1(zJ(rJwyH;Jv)wW1orZ+#a0O-27+71BUVgi(Z%S?Ob-r
zXKz8w?wMkhECNNVGjv3pWbRC!@Z?=&Wmvg^*NrtT{hKHEy|Yp_-|y37-EzrY$8|r`
zd>L8WmPNPq_~x&Fw@qo$5yw>f^<FE!$;&;sTP1t-^dg(dS-HPdKHL`;C_7QZ!}u<K
z)twKMN;h2$f3l``pO$gS<wmtWY36U2zLYH4XQ<-fVj{7le7V=eU9n8ej0}v66Aa=E
zWPx!d%f}+dA~OB?n{ZE-?w+*t$KgB6_{$c2NS<II50X}9kuVTzz^;HFq(GRF@jnZz
z0W**?;06isv#<bDk{fay0Fw_e4j36an3bnx9s70Sl1AY+_Vo3?s?FuTc4e_Bt#0E@
zsf)g?cGhuD@|-7(^`W;d_wQHtZIwE3PdWYnvu7L5e+=xjP+z=w_i^I{Ul-?p=9UiS
z9S=U2n>z%Zipp*lu$0)ca^by}UFXjJ-QyZ?{>+ZV)9WPPWv_2jS{fCjs&lH-W0AJn
z^d`@i3n>%5^?q;5x~aP$C}VQp@AKi}X;aJWgPVg@UHk&fq9!lNkFaBXHhY0NA8+i_
z0|h1%t(fN-%nR$yK6gH$%}Ddu&jpRiqF$e_G?cswTARIFYr)q`)f4V%ADcNjK_c{Q
z_q-7GTP|1ZCae^(R(4Tf{QLLpf@vwwp0dPEJAHcYPH;|SEiO$0XT+SFY+JMu8SxV^
zBfbM>#A}d@$jFEsg4{I8fF{5U2+Vv2MwZ|VXcA@MKtv{&F^~erGcc12gEBcde+QQ)
z!Lm4^?6+E_C(QqrT35-%gSVdjJEkXlX2wb9;|r=H&qqG5@jDQwm3?>1vkmJM4k%n(
zWv&{pG$U!(o-1X4P89uFp5kG)-PAZD(@k=FV1bFvhNg&8W6iMqlh41(Dg6<-eZFGO
zN~O6gqQ3`)HTed1&Qp6Y(r*y`BceUJ`C-GRNBlWeWeayq(t8#haQL8tV;V2-&qF^h
zo0Pr35$7su*`aXqw@F9hk+cPe1tJctZOfML_ddntp6}9fIC9deG*Ly7N>#??wqo-l
z84qW^R&lRtdE3}~<fpfHX*VZVh+ui+ZJ~Vud$Zf7{z}W=V(;q5y<UnxFkDLe{hl{5
z*A|(7oI3xMSFypix33}DuknLH<6EQ*c)I8Kw${oO%F9lRt`-l_f0pVT`+~9z*k)i3
z%8l|Y1_pWtIt#QGXtb$il#~=$>FXyK<>)157N;ibrNN7Cy_8h_%#>n1pqxPn8;3R<
zu*_#?WMuI$a5Hd$@eP>TETCqj<d^5=<R=1kU^A%*Sn?+)CZ`sa0E>MyJrDyeHG|6o
z!KqSj-)zyd{agKa!QYw;4yWw+wJm3*g11jl;{112E#n$j-WJx6t=(6%)q*aUGGw#;
zy5KBQD;fNflWV%jv40{$Cu%Mn59m$5oqTVV=eg`$_O5mFERRlnzrL02cVNM#Bj2{L
zt8KjXc+FOed5P!u`?=4S4b1Y%-??DNvK1R{JxO@1*&4G}H&rvC`l;9g`I=)%Z~u9)
zG}_O%emwg|cZGCR_eZxl%g_5C^<^ZTee+9vMniO0Y-gh0r`;LVbKcZFJ($0dnWyoe
zYrYYqA=e$%<_Ut+7Vmn}bu&WYORM6`YKBXK_xC*O*&X-8P$I!$Zrc3ySu?wxy5@h*
jKJsPXQbv^>U)0#*vbc9$N>rMBDW~+|HRjd{yhWM-qpIG&

literal 0
HcmV?d00001


From 05150cb5df0021ae639000e2d5dc73bea5377ff3 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Sun, 24 May 2020 17:54:39 +0200
Subject: [PATCH 080/237] Finalized camel IDSCP2 server component, added
 example route XML

---
 .../idscp2/server/Idscp2ServerComponent.java  |  7 +++
 .../idscp2/server/Idscp2ServerEndpoint.java   | 28 +++++-----
 examples/route-examples/example-idscp2.xml    | 51 +++++++++++++++++++
 3 files changed, 74 insertions(+), 12 deletions(-)
 create mode 100644 examples/route-examples/example-idscp2.xml

diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
index 5a7375185..38c9a7ce6 100644
--- a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
+++ b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
@@ -42,6 +42,13 @@ public synchronized void addServer(int port, Idscp2Server server) {
         servers.put(port, server);
     }
 
+    public synchronized void removeServer(int port) {
+        final var server = servers.get(port);
+        if (server != null) {
+            servers.remove(port);
+        }
+    }
+
     @Override
     protected synchronized void doStop() throws Exception {
         for (Idscp2Server s : servers.values()) {
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java
index b82150b7f..0151a188b 100644
--- a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java
+++ b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java
@@ -16,6 +16,7 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.server;
 
+import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent;
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
@@ -29,8 +30,6 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
-import de.fhg.aisec.ids.idscp2.example.RunTLSClient;
-import de.fhg.aisec.ids.idscp2.example.RunTLSServer;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
@@ -66,11 +65,13 @@ public class Idscp2ServerEndpoint extends DefaultEndpoint implements Idscp2Endpo
 
     public Idscp2ServerEndpoint(String uri, String remaining, Idscp2ServerComponent component) {
         super(uri, component);
-        final var uriMatcher = URI_REGEX.matcher(remaining);
-        if (!uriMatcher.matches()) {
-            throw new IllegalArgumentException(remaining + " is not a valid URI.");
+        final var settings = Idscp2OsgiComponent.getSettings();
+
+        final var remainingMatcher = URI_REGEX.matcher(remaining);
+        if (!remainingMatcher.matches()) {
+            throw new IllegalArgumentException(remaining + " is not a valid URI remainder, must be \"host:port\".");
         }
-        final var matchResult = uriMatcher.toMatchResult();
+        final var matchResult = remainingMatcher.toMatchResult();
         final var host = matchResult.group(1);
         final var port = Integer.parseInt(matchResult.group(2));
 
@@ -79,15 +80,17 @@ public Idscp2ServerEndpoint(String uri, String remaining, Idscp2ServerComponent
         serverSettings = new Idscp2Settings.Builder()
             .setHost(host)
             .setServerPort(port)
-            .setKeyStore(RunTLSClient.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
-            .setTrustStore(RunTLSServer.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+            .setKeyStorePath("etc/idscp2/aisecconnector1-keystore.jks")
+            .setTrustStorePath("etc/idscp2/client-truststore_new.jks")
             .setCertificateAlias("1.0.1")
             .setDapsKeyAlias("1")
-            .setRatTimeoutDelay(14)
+            .setRatTimeoutDelay(300)
             .build();
 
+        if(settings == null) {
+            throw new RuntimeException("Settings not available");
+        }
+
         DefaultDapsDriverConfig config =
             new DefaultDapsDriverConfig.Builder()
                 .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
@@ -96,7 +99,7 @@ public Idscp2ServerEndpoint(String uri, String remaining, Idscp2ServerComponent
                 .setKeyStorePassword(serverSettings.getKeyStorePassword())
                 .setTrustStorePassword(serverSettings.getTrustStorePassword())
                 .setKeyAlias(serverSettings.getDapsKeyAlias())
-                .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                .setDapsUrl(settings.getConnectorConfig().getDapsUrl())
                 .build();
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
 
@@ -169,6 +172,7 @@ public synchronized void doStart() throws Idscp2Exception {
     public synchronized void doStop() {
         LOG.debug("Stopping IDSCP2 server endpoint " + getEndpointUri());
         this.server.terminate();
+        ((Idscp2ServerComponent) this.getComponent()).removeServer(this.serverSettings.getServerPort());
     }
 
 }
diff --git a/examples/route-examples/example-idscp2.xml b/examples/route-examples/example-idscp2.xml
new file mode 100644
index 000000000..07c50dd8c
--- /dev/null
+++ b/examples/route-examples/example-idscp2.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
+
+    <!-- Define TLS configuration for data consumer -->
+<!--    <camel:sslContextParameters id="serverSslContext">-->
+<!--        <camel:keyManagers keyPassword="password">-->
+<!--            <camel:keyStore resource="etc/server-keystore.jks" password="password"/>-->
+<!--        </camel:keyManagers>-->
+<!--        <camel:trustManagers>-->
+<!--            <camel:keyStore resource="etc/server-truststore.jks" password="password"/>-->
+<!--        </camel:trustManagers>-->
+<!--    </camel:sslContextParameters>-->
+
+    <!-- Define TLS configuration for data provider -->
+<!--    <camel:sslContextParameters id="clientSslContext">-->
+<!--        <camel:keyManagers keyPassword="password">-->
+<!--            <camel:keyStore resource="etc/client-keystore.jks" password="password"/>-->
+<!--        </camel:keyManagers>-->
+<!--        <camel:trustManagers>-->
+<!--            <camel:keyStore resource="etc/client-truststore.jks" password="password"/>-->
+<!--        </camel:trustManagers>-->
+<!--    </camel:sslContextParameters>-->
+
+    <!-- Routes -->
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+<!--        <route id="sendIdscp2">-->
+<!--            <from uri="timer://perSecondTimer?fixedRate=true&amp;period=10000"/>-->
+<!--            <setBody>-->
+<!--                <simple>Message at $simple{date:now:yyyy-MM-dd HH:mm:ss}</simple>-->
+<!--            </setBody>-->
+<!--            <log message="Sending message body &quot;${body}&quot;..."/>-->
+<!--            <to uri="idscp2client://consumer-core:8080" />-->
+<!--        </route>-->
+
+        <route id="receiveIdscp2">
+            <from uri="idscp2server://0.0.0.0:8080"/>
+            <log message="Received via IDS protocol: ${body}"/>
+            <setBody>
+                <simple>PONG</simple>
+            </setBody>
+            <log message="Response IDS message: ${body}"/>
+        </route>
+
+    </camelContext>
+
+</blueprint>

From 00c2043b74f0acc3218e71d282dbe99d80af6902 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 26 May 2020 11:16:17 +0200
Subject: [PATCH 081/237] Simplified configuration classes, some cleanup

---
 .../idscp2/example/Idscp2ClientInitiator.java |  8 +++---
 .../idscp2/example/Idscp2ServerInitiator.java | 25 +++++++++--------
 .../ids/idscp2/example/RunTLSClient.java      |  3 +--
 .../ids/idscp2/example/RunTLSServer.java      |  2 +-
 .../configuration/AttestationConfig.java      | 20 ++++++++++++--
 .../configuration/Idscp2Configuration.java    | 22 +++++++--------
 .../configuration/Idscp2Settings.java         | 27 +++++++++++++++++++
 7 files changed, 73 insertions(+), 34 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
index dbf0223cb..c7419d64f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
@@ -29,6 +29,7 @@ public class Idscp2ClientInitiator implements Idscp2EndpointListener {
 
     public void init(Idscp2Settings settings) {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
+
         DefaultDapsDriverConfig config =
                 new DefaultDapsDriverConfig.Builder()
                         .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
@@ -58,12 +59,11 @@ public void init(Idscp2Settings settings) {
 
         Idscp2Configuration clientConfig = new Idscp2Configuration(
                 this,
+                settings,
                 dapsDriver,
-                secureChannelDriver,
-                settings.getExpectedAttestation(),
-                settings.getSupportedAttestation(),
-                settings.getRatTimeoutDelay()
+                secureChannelDriver
         );
+
         clientConfig.connect(settings);
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
index b71befe88..171bbc053 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
@@ -24,29 +24,30 @@
 
 import java.nio.charset.StandardCharsets;
 
-
 public class Idscp2ServerInitiator implements Idscp2EndpointListener {
     private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerInitiator.class);
 
-    public void init(Idscp2Settings serverSettings) {
+    public void init(Idscp2Settings settings) {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
 
         DefaultDapsDriverConfig config =
                 new DefaultDapsDriverConfig.Builder()
                         .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
-                        .setKeyStorePath(serverSettings.getKeyStorePath())
-                        .setTrustStorePath(serverSettings.getTrustStorePath())
-                        .setKeyStorePassword(serverSettings.getKeyStorePassword())
-                        .setTrustStorePassword(serverSettings.getTrustStorePassword())
-                        .setKeyAlias(serverSettings.getDapsKeyAlias())
+                        .setKeyStorePath(settings.getKeyStorePath())
+                        .setTrustStorePath(settings.getTrustStorePath())
+                        .setKeyStorePassword(settings.getKeyStorePassword())
+                        .setTrustStorePassword(settings.getTrustStorePassword())
+                        .setKeyAlias(settings.getDapsKeyAlias())
                         .setDapsUrl("https://daps.aisec.fraunhofer.de")
                         .build();
+
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
 
         RatProverDriverRegistry.getInstance().registerDriver(
                 "Dummy", RatProverDummy.class, null);
         RatVerifierDriverRegistry.getInstance().registerDriver(
                 "Dummy", RatVerifierDummy.class, null);
+
         RatProverDriverRegistry.getInstance().registerDriver(
                 "TPM2d", TPM2dProver.class,
                 new TPM2dProverConfig.Builder().build()
@@ -56,16 +57,14 @@ public void init(Idscp2Settings serverSettings) {
                 new TPM2dVerifierConfig.Builder().build()
         );
 
-        Idscp2Configuration idscpServerConfig = new Idscp2Configuration(
+        Idscp2Configuration serverConfig = new Idscp2Configuration(
                 this,
+                settings,
                 dapsDriver,
-                secureChannelDriver,
-                serverSettings.getExpectedAttestation(),
-                serverSettings.getSupportedAttestation(),
-                serverSettings.getRatTimeoutDelay()
+                secureChannelDriver
         );
 
-        Idscp2Server idscp2Server = idscpServerConfig.listen(serverSettings);
+        Idscp2Server idscp2Server = serverConfig.listen(settings);
 
         try {
             Thread.sleep(40_000); //run server for 2 minutes
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
index 3b1b52dbd..98d71595c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
@@ -2,11 +2,10 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 
-
 public class RunTLSClient {
 
     public static void main(String[] args) {
-        //start client
+
         Idscp2Settings settings = new Idscp2Settings.Builder()
                 .setKeyStorePath(RunTLSClient.class.getClassLoader().
                         getResource("ssl/aisecconnector1-keystore.jks").getPath())
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
index 04812608f..da28471a5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
@@ -7,7 +7,7 @@ public class RunTLSServer {
     public static void main(String[] argv) {
 
         Idscp2Settings settings = new Idscp2Settings.Builder()
-                .setKeyStorePath(RunTLSClient.class.getClassLoader().
+                .setKeyStorePath(RunTLSServer.class.getClassLoader().
                         getResource("ssl/aisecconnector1-keystore.jks").getPath())
                 .setTrustStorePath(RunTLSServer.class.getClassLoader().
                         getResource("ssl/client-truststore_new.jks").getPath())
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
index 6c97a752f..8281b2e05 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
@@ -1,5 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
 
+import java.util.Arrays;
+
 /**
  * Attestation configuration class, containing attestation suite for supported / expected
  * attestation types
@@ -7,13 +9,27 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class AttestationConfig {
+    public final static String[] DEFAULT_RAT_MECHANISMS = new String[] {"Dummy", "TPM2d"};
+    private final String[] ratMechanisms;
 
     public AttestationConfig() {
-
+        this.ratMechanisms = DEFAULT_RAT_MECHANISMS;
     }
 
     public String[] getRatMechanisms() {
-        return new String[]{"Dummy", "TPM2d"};
+        return ratMechanisms;
     }
 
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (o == null || getClass() != o.getClass()) return false;
+        AttestationConfig that = (AttestationConfig) o;
+        return Arrays.equals(ratMechanisms, that.ratMechanisms);
+    }
+
+    @Override
+    public int hashCode() {
+        return Arrays.hashCode(ratMechanisms);
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
index 9ff5d8cf1..4dc185fa5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
@@ -25,25 +25,19 @@ public class Idscp2Configuration implements SecureChannelInitListener {
     private static final Logger LOG = LoggerFactory.getLogger(Idscp2Configuration.class);
 
     private final Idscp2EndpointListener endpointListener;
+    private final Idscp2Settings settings;
     private final DapsDriver dapsDriver;
     private final SecureChannelDriver secureChannelDriver;
-    private final String[] localExpectedRatCipher;
-    private final String[] localSupportedRatCipher;
-    private final int ratTimeout;
 
     public Idscp2Configuration(Idscp2EndpointListener endpointListener,
+                               Idscp2Settings settings,
                                DapsDriver dapsDriver,
-                               SecureChannelDriver secureChannelDriver,
-                               AttestationConfig expectedAttestation,
-                               AttestationConfig supportedAttestation,
-                               int ratTimeout
+                               SecureChannelDriver secureChannelDriver
     ) {
         this.endpointListener = endpointListener;
+        this.settings = settings;
         this.dapsDriver = dapsDriver;
         this.secureChannelDriver = secureChannelDriver;
-        this.localExpectedRatCipher = expectedAttestation.getRatMechanisms();
-        this.localSupportedRatCipher = supportedAttestation.getRatMechanisms();
-        this.ratTimeout = ratTimeout;
     }
 
     /**
@@ -86,8 +80,12 @@ public synchronized void onSecureChannel(SecureChannel secureChannel,
             endpointListener.onError("IDSCP2 connect failed because no secure channel available");
         } else {
             LOG.trace("A new secure channel for an IDSCP2 connection was established");
-            FSM fsm = new FSM(secureChannel, dapsDriver, localSupportedRatCipher,
-                    localExpectedRatCipher, ratTimeout);
+            FSM fsm = new FSM(
+                    secureChannel,
+                    dapsDriver,
+                    settings.getSupportedAttestation().getRatMechanisms(),
+                    settings.getExpectedAttestation().getRatMechanisms(),
+                    settings.getRatTimeoutDelay());
 
             try {
                 // Blocking until handshake is done
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
index b2fa66ec9..6c22dda3f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
@@ -2,6 +2,8 @@
 
 import org.checkerframework.checker.nullness.qual.NonNull;
 
+import java.util.Objects;
+
 /**
  * IDSCP2 configuration class, contains information about keyStore and TrustStores,
  * Attestation Types, host, DAPS, ...
@@ -155,4 +157,29 @@ public int getRatTimeoutDelay() {
         return ratTimeoutDelay;
     }
 
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (o == null || getClass() != o.getClass()) return false;
+        Idscp2Settings that = (Idscp2Settings) o;
+        return serverPort == that.serverPort &&
+                ratTimeoutDelay == that.ratTimeoutDelay &&
+                Objects.equals(host, that.host) &&
+                Objects.equals(trustStorePath, that.trustStorePath) &&
+                Objects.equals(trustStorePassword, that.trustStorePassword) &&
+                Objects.equals(keyStorePath, that.keyStorePath) &&
+                Objects.equals(keyStorePassword, that.keyStorePassword) &&
+                Objects.equals(certificateAlias, that.certificateAlias) &&
+                Objects.equals(dapsKeyAlias, that.dapsKeyAlias) &&
+                Objects.equals(keyStoreKeyType, that.keyStoreKeyType) &&
+                Objects.equals(supportedAttestation, that.supportedAttestation) &&
+                Objects.equals(expectedAttestation, that.expectedAttestation);
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(serverPort, host, trustStorePath, trustStorePassword, keyStorePath,
+                keyStorePassword, certificateAlias, dapsKeyAlias, keyStoreKeyType, supportedAttestation,
+                expectedAttestation, ratTimeoutDelay);
+    }
 }

From ef8c2217ecd4eebbe21c2bbc7d0fb4632f79887c Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 26 May 2020 11:18:07 +0200
Subject: [PATCH 082/237] Disabled sporadically failing unit tests

---
 idscp2/src/test/java/DapsDriverTest.java | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index bae9c249c..6808ce21e 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -2,10 +2,12 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.SecurityRequirements;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import org.junit.Ignore;
 import org.junit.Test;
 
 import static org.junit.Assert.*;
 
+@Ignore("Some test rely on external server resources and are somewhat unreliable right now.")
 public class DapsDriverTest {
 
   @Test

From bb2cbd2d58e01d434de165b61f84f1505d818a1c Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 26 May 2020 11:22:26 +0200
Subject: [PATCH 083/237] Kotlin migration, server fixes

---
 camel-idscp2/build.gradle                     |  22 ---
 camel-idscp2/build.gradle.kts                 |  25 +++
 .../ids/camel/idscp2/Idscp2OsgiComponent.java | 123 ------------
 .../idscp2/server/Idscp2ServerComponent.java  |  59 ------
 .../idscp2/server/Idscp2ServerConsumer.java   |  71 -------
 .../idscp2/server/Idscp2ServerEndpoint.java   | 178 ------------------
 .../ids/camel/idscp2/Idscp2OsgiComponent.kt   | 101 ++++++++++
 .../camel/idscp2/server/CamelIdscp2Server.kt  |  50 +++++
 .../idscp2/server/Idscp2ServerComponent.kt    |  91 +++++++++
 .../idscp2/server/Idscp2ServerConsumer.kt     |  64 +++++++
 .../idscp2/server/Idscp2ServerEndpoint.kt     | 124 ++++++++++++
 .../idscp2/server/Idscp2ServerProducer.kt}    |  27 +--
 12 files changed, 465 insertions(+), 470 deletions(-)
 delete mode 100644 camel-idscp2/build.gradle
 create mode 100644 camel-idscp2/build.gradle.kts
 delete mode 100644 camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.java
 delete mode 100644 camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
 delete mode 100644 camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.java
 delete mode 100644 camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
 rename camel-idscp2/src/main/{java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.java => kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt} (57%)

diff --git a/camel-idscp2/build.gradle b/camel-idscp2/build.gradle
deleted file mode 100644
index ad2d9c165..000000000
--- a/camel-idscp2/build.gradle
+++ /dev/null
@@ -1,22 +0,0 @@
-description = 'Camel IDS Component'
-
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-    providedByBundle(project(':idscp2')) { transitive = false }
-
-    // Bill of Materials (BOM) for Camel
-    bom group: 'org.apache.camel', name: 'camel-parent', version: libraryVersions.camel
-
-    providedByFeature group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
-
-    compileOnly group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
-
-    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-    osgiCore group: 'org.osgi', name: 'org.osgi.core', version: libraryVersions.osgi
-
-    providedByFeature group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
-
-    testImplementation group: 'junit', name: 'junit'
-    testImplementation group: 'org.apache.camel', name: 'camel-test', version: libraryVersions.camel
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-}
diff --git a/camel-idscp2/build.gradle.kts b/camel-idscp2/build.gradle.kts
new file mode 100644
index 000000000..aa84e4e55
--- /dev/null
+++ b/camel-idscp2/build.gradle.kts
@@ -0,0 +1,25 @@
+description = "Camel IDS Component"
+
+dependencies {
+    @Suppress("UNCHECKED_CAST") val libraryVersions =
+            rootProject.ext.get("libraryVersions") as Map<String, String>
+    
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+    providedByBundle(project(":idscp2")) { isTransitive = false }
+
+    // Bill of Materials (BOM) for Camel
+    bom("org.apache.camel", "camel-parent", libraryVersions["camel"])
+
+    providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
+
+    compileOnly("org.checkerframework", "checker-qual", libraryVersions["checkerQual"])
+
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
+    osgiCore("org.osgi", "org.osgi.core", libraryVersions["osgi"])
+
+    providedByFeature("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.apache.camel", "camel-test", libraryVersions["camel"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+}
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.java
deleted file mode 100644
index b6f204bcc..000000000
--- a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.idscp2;
-
-import de.fhg.aisec.ids.api.endpointconfig.EndpointConfigManager;
-import de.fhg.aisec.ids.api.infomodel.InfoModel;
-import de.fhg.aisec.ids.api.settings.Settings;
-import de.fhg.aisec.ids.api.tokenm.TokenManager;
-import org.checkerframework.checker.nullness.qual.Nullable;
-import org.osgi.service.component.annotations.*;
-
-@Component
-public class Idscp2OsgiComponent {
-
-  @Reference(cardinality = ReferenceCardinality.MANDATORY)
-  private Settings settings = null;
-
-  @Reference(cardinality = ReferenceCardinality.MANDATORY)
-  private InfoModel infoModelManager = null;
-
-  @Reference(cardinality = ReferenceCardinality.OPTIONAL)
-  private TokenManager tokenManager = null;
-
-  @Reference(cardinality = ReferenceCardinality.OPTIONAL)
-  private EndpointConfigManager endpointConfigManager = null;
-
-  private static Idscp2OsgiComponent instance;
-
-  @Activate
-  @SuppressWarnings("squid:S2696")
-  protected void activate() {
-    instance = this;
-  }
-
-  @Deactivate
-  @SuppressWarnings("squid:S2696")
-  protected void deactivate() {
-    instance = null;
-  }
-
-  @Nullable
-  public static Settings getSettings() {
-    Idscp2OsgiComponent in = instance;
-    if (in != null) {
-      return in.settings;
-    }
-    return null;
-  }
-
-  /**
-   * Is actually NonNull due to ReferenceCardinality.MANDATORY,
-   * but instance might be null for Unit Tests
-   * @return Info-Model-Manager instance
-   */
-  @Nullable
-  public static InfoModel getInfoModelManager() {
-    Idscp2OsgiComponent in = instance;
-    if (in != null) {
-      return in.infoModelManager;
-    }
-    return null;
-  }
-
-  /**
-   * Is actually NonNull due to ReferenceCardinality.MANDATORY,
-   * but instance might be null for Unit Tests
-   * @return Token-Manager instance
-   */
-  @Nullable
-  public static TokenManager getTokenManager() {
-    Idscp2OsgiComponent in = instance;
-    if (in != null) {
-      return in.tokenManager;
-    }
-    return null;
-  }
-
-  @Nullable
-  public static EndpointConfigManager getEndpointConfigManager() {
-    Idscp2OsgiComponent in = instance;
-    if (in != null) {
-      return in.endpointConfigManager;
-    }
-    return null;
-  }
-
-  public void setSettings(Settings settings) {
-    this.settings = settings;
-  }
-
-  public void setInfoModelManager(InfoModel infoModelManager) {
-    this.infoModelManager = infoModelManager;
-  }
-
-  public void setTokenManager(TokenManager tokenManager) {
-    this.tokenManager = tokenManager;
-  }
-
-  public void setEndpointConfigManager(EndpointConfigManager endpointConfigManager) {
-    this.endpointConfigManager = endpointConfigManager;
-  }
-
-  public static void setInstance(Idscp2OsgiComponent instance) {
-    Idscp2OsgiComponent.instance = instance;
-  }
-}
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
deleted file mode 100644
index 38c9a7ce6..000000000
--- a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.java
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.server;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
-import org.apache.camel.Endpoint;
-import org.apache.camel.spi.annotations.Component;
-import org.apache.camel.support.DefaultComponent;
-
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
-
-@Component("idscp2server")
-public class Idscp2ServerComponent extends DefaultComponent {
-    final Map<Integer, Idscp2Server> servers = new ConcurrentHashMap<>();
-
-    public Idscp2ServerComponent() {
-    }
-
-    @Override
-    protected Endpoint createEndpoint(String uri, String remaining, Map<String, Object> parameters) throws Exception {
-        Endpoint endpoint = new Idscp2ServerEndpoint(uri, remaining, this);
-        setProperties(endpoint, parameters);
-        return endpoint;
-    }
-
-    public synchronized void addServer(int port, Idscp2Server server) {
-        servers.put(port, server);
-    }
-
-    public synchronized void removeServer(int port) {
-        final var server = servers.get(port);
-        if (server != null) {
-            servers.remove(port);
-        }
-    }
-
-    @Override
-    protected synchronized void doStop() throws Exception {
-        for (Idscp2Server s : servers.values()) {
-            s.terminate();
-        }
-        super.doStop();
-    }
-}
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.java
deleted file mode 100644
index ce5706cf2..000000000
--- a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.server;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener;
-import org.apache.camel.Message;
-import org.apache.camel.Processor;
-import org.apache.camel.support.DefaultConsumer;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * The IDSCP2 server consumer.
- */
-public class Idscp2ServerConsumer extends DefaultConsumer implements Idscp2MessageListener {
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerConsumer.class);
-    private final Idscp2ServerEndpoint endpoint;
-
-    public Idscp2ServerConsumer(final Idscp2ServerEndpoint endpoint, final Processor processor) {
-        super(endpoint, processor);
-        this.endpoint = endpoint;
-    }
-
-    @Override
-    protected void doStart() throws Exception {
-        super.doStart();
-        endpoint.addConsumer(this);
-    }
-
-    @Override
-    protected void doStop() throws Exception {
-        endpoint.removeConsumer(this);
-        super.doStop();
-    }
-
-    @Override
-    public void onMessage(Idscp2Connection connection, String type, byte[] data) {
-        final var exchange = endpoint.createExchange();
-        try {
-            this.createUoW(exchange);
-            // Set relevant information
-            exchange.getIn().setHeader("idscp2.type", type);
-            exchange.getIn().setBody(data, byte[].class);
-            // Do processing
-            getProcessor().process(exchange);
-            // Handle response
-            Message response = exchange.getMessage();
-            String responseType = response.getHeader("idscp2.type", String.class);
-            connection.send(responseType, response.getBody(byte[].class));
-        } catch (Exception e) {
-            LOG.error("Error in Idscp2ServerConsumer.onMessage()", e);
-        } finally {
-            this.doneUoW(exchange);
-        }
-    }
-}
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java b/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java
deleted file mode 100644
index 0151a188b..000000000
--- a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.java
+++ /dev/null
@@ -1,178 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.server;
-
-import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent;
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
-import org.apache.camel.Consumer;
-import org.apache.camel.Processor;
-import org.apache.camel.Producer;
-import org.apache.camel.spi.UriEndpoint;
-import org.apache.camel.support.DefaultEndpoint;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.HashSet;
-import java.util.Set;
-import java.util.regex.Pattern;
-
-@UriEndpoint(
-    scheme = "idscp2server",
-    title = "IDSCP2 Server Socket",
-    syntax = "idscp2server://host:port",
-    label = "ids"
-)
-public class Idscp2ServerEndpoint extends DefaultEndpoint implements Idscp2EndpointListener {
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerEndpoint.class);
-    private static final Pattern URI_REGEX = Pattern.compile("(.*?):(\\d+)$");
-
-    private final Idscp2Configuration serverConfiguration;
-    private final Idscp2Settings serverSettings;
-    private Idscp2Server server;
-    private final Set<Idscp2ServerConsumer> consumers = new HashSet<>();
-
-    public Idscp2ServerEndpoint(String uri, String remaining, Idscp2ServerComponent component) {
-        super(uri, component);
-        final var settings = Idscp2OsgiComponent.getSettings();
-
-        final var remainingMatcher = URI_REGEX.matcher(remaining);
-        if (!remainingMatcher.matches()) {
-            throw new IllegalArgumentException(remaining + " is not a valid URI remainder, must be \"host:port\".");
-        }
-        final var matchResult = remainingMatcher.toMatchResult();
-        final var host = matchResult.group(1);
-        final var port = Integer.parseInt(matchResult.group(2));
-
-        SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
-
-        serverSettings = new Idscp2Settings.Builder()
-            .setHost(host)
-            .setServerPort(port)
-            .setKeyStorePath("etc/idscp2/aisecconnector1-keystore.jks")
-            .setTrustStorePath("etc/idscp2/client-truststore_new.jks")
-            .setCertificateAlias("1.0.1")
-            .setDapsKeyAlias("1")
-            .setRatTimeoutDelay(300)
-            .build();
-
-        if(settings == null) {
-            throw new RuntimeException("Settings not available");
-        }
-
-        DefaultDapsDriverConfig config =
-            new DefaultDapsDriverConfig.Builder()
-                .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
-                .setKeyStorePath(serverSettings.getKeyStorePath())
-                .setTrustStorePath(serverSettings.getTrustStorePath())
-                .setKeyStorePassword(serverSettings.getKeyStorePassword())
-                .setTrustStorePassword(serverSettings.getTrustStorePassword())
-                .setKeyAlias(serverSettings.getDapsKeyAlias())
-                .setDapsUrl(settings.getConnectorConfig().getDapsUrl())
-                .build();
-        DapsDriver dapsDriver = new DefaultDapsDriver(config);
-
-        RatProverDriverRegistry.getInstance().registerDriver(
-            "Dummy", RatProverDummy.class, null);
-        RatVerifierDriverRegistry.getInstance().registerDriver(
-            "Dummy", RatVerifierDummy.class, null);
-        RatProverDriverRegistry.getInstance().registerDriver(
-            "TPM2d", TPM2dProver.class,
-            new TPM2dProverConfig.Builder().build()
-        );
-        RatVerifierDriverRegistry.getInstance().registerDriver(
-            "TPM2d", TPM2dVerifier.class,
-            new TPM2dVerifierConfig.Builder().build()
-        );
-
-        serverConfiguration = new Idscp2Configuration(
-            this,
-            dapsDriver,
-            secureChannelDriver,
-            serverSettings.getExpectedAttestation(),
-            serverSettings.getSupportedAttestation(),
-            serverSettings.getRatTimeoutDelay()
-        );
-    }
-
-    public synchronized void addConsumer(Idscp2ServerConsumer consumer) {
-        this.consumers.add(consumer);
-        this.server.getAllConnections().forEach(c -> c.addGenericMessageListener(consumer));
-    }
-
-    public synchronized void removeConsumer(Idscp2ServerConsumer consumer) {
-        this.consumers.remove(consumer);
-        this.server.getAllConnections().forEach(c -> c.removeGenericMessageListener(consumer));
-    }
-
-    public synchronized void sendMessage(String type, byte[] body) {
-        this.server.getAllConnections().forEach(connection -> connection.send(type, body));
-    }
-
-    @Override
-    public synchronized Producer createProducer() {
-        return new Idscp2ServerProducer(this);
-    }
-
-    @Override
-    public synchronized Consumer createConsumer(Processor processor) {
-        return new Idscp2ServerConsumer(this, processor);
-    }
-
-    @Override
-    public synchronized void onConnection(Idscp2Connection connection) {
-        LOG.debug("New IDSCP2 connection on " + getEndpointUri() + ", register consumer listeners");
-        this.consumers.forEach(connection::addGenericMessageListener);
-    }
-
-    @Override
-    public void onError(String error) {
-        LOG.error("Error in IDSCP2 server endpoint " + getEndpointUri() + ":\n" + error);
-    }
-
-    @Override
-    public synchronized void doStart() throws Idscp2Exception {
-        LOG.debug("Starting IDSCP2 server endpoint " + getEndpointUri());
-        this.server = serverConfiguration.listen(serverSettings);
-        ((Idscp2ServerComponent) this.getComponent()).addServer(this.serverSettings.getServerPort(), this.server);
-    }
-
-    @Override
-    public synchronized void doStop() {
-        LOG.debug("Stopping IDSCP2 server endpoint " + getEndpointUri());
-        this.server.terminate();
-        ((Idscp2ServerComponent) this.getComponent()).removeServer(this.serverSettings.getServerPort());
-    }
-
-}
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt
new file mode 100644
index 000000000..142f0c1ae
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt
@@ -0,0 +1,101 @@
+/*-
+ * ========================LICENSE_START=================================
+ * camel-ids
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.camel.idscp2
+
+import de.fhg.aisec.ids.api.endpointconfig.EndpointConfigManager
+import de.fhg.aisec.ids.api.infomodel.InfoModel
+import de.fhg.aisec.ids.api.settings.Settings
+import de.fhg.aisec.ids.api.tokenm.TokenManager
+import org.osgi.service.component.annotations.*
+
+@Component
+class Idscp2OsgiComponent {
+    @Reference(cardinality = ReferenceCardinality.MANDATORY)
+    private lateinit var settings: Settings
+
+    @Reference(cardinality = ReferenceCardinality.MANDATORY)
+    private lateinit var infoModelManager: InfoModel
+
+    @Reference(cardinality = ReferenceCardinality.OPTIONAL)
+    private var tokenManager: TokenManager? = null
+
+    @Reference(cardinality = ReferenceCardinality.OPTIONAL)
+    private var endpointConfigManager: EndpointConfigManager? = null
+
+    @Activate
+    fun activate() {
+        instance = this
+    }
+
+    @Deactivate
+    fun deactivate() {
+        instance = null
+    }
+
+    fun setSettings(settings: Settings) {
+        this.settings = settings
+    }
+
+    fun setInfoModelManager(infoModelManager: InfoModel) {
+        this.infoModelManager = infoModelManager
+    }
+
+    fun setTokenManager(tokenManager: TokenManager?) {
+        this.tokenManager = tokenManager
+    }
+
+    fun setEndpointConfigManager(endpointConfigManager: EndpointConfigManager?) {
+        this.endpointConfigManager = endpointConfigManager
+    }
+
+    companion object {
+        private var instance: Idscp2OsgiComponent? = null
+
+        fun setInstance(instance: Idscp2OsgiComponent?) {
+            Companion.instance = instance
+        }
+
+        /**
+         * Is never null due to ReferenceCardinality.MANDATORY,
+         * but instance might be null for Unit Tests
+         * @return Token-Manager instance
+         */
+        fun getSettings(): Settings {
+            return instance!!.settings
+        }
+
+        /**
+         * Is never null due to ReferenceCardinality.MANDATORY,
+         * but instance might be null for Unit Tests
+         * @return Info-Model-Manager instance
+         */
+        fun getInfoModelManager(): InfoModel {
+            return instance!!.infoModelManager
+        }
+
+        fun getTokenManager(): TokenManager? {
+            return instance?.tokenManager
+        }
+
+        fun getEndpointConfigManager(): EndpointConfigManager? {
+            return instance?.endpointConfigManager
+        }
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
new file mode 100644
index 000000000..f531083ff
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -0,0 +1,50 @@
+package de.fhg.aisec.ids.camel.idscp2.server
+
+import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server
+import java.util.*
+
+class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener {
+    private val server: Idscp2Server
+    val listeners: MutableSet<Idscp2EndpointListener> = Collections.synchronizedSet(HashSet())
+
+    init {
+        val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
+                .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+                .setKeyStorePath(serverSettings.keyStorePath)
+                .setTrustStorePath(serverSettings.trustStorePath)
+                .setKeyStorePassword(serverSettings.keyStorePassword)
+                .setTrustStorePassword(serverSettings.trustStorePassword)
+                .setKeyAlias(serverSettings.dapsKeyAlias)
+                .setDapsUrl(Idscp2OsgiComponent.getSettings().connectorConfig.dapsUrl)
+                .build()
+        val serverConfiguration = Idscp2Configuration(
+                this,
+                serverSettings,
+                DefaultDapsDriver(dapsDriverConfig),
+                NativeTLSDriver()
+        )
+        server = serverConfiguration.listen(serverSettings)
+    }
+
+    override fun onConnection(connection: Idscp2Connection) {
+        listeners.forEach { it.onConnection(connection) }
+    }
+
+    override fun onError(error: String) {
+        listeners.forEach { it.onError(error) }
+    }
+
+    val allConnections: Set<Idscp2Connection> = server.allConnections
+
+    fun terminate() {
+        server.terminate()
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
new file mode 100644
index 000000000..f6f732f80
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
@@ -0,0 +1,91 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.server
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
+import org.apache.camel.Endpoint
+import org.apache.camel.spi.annotations.Component
+import org.apache.camel.support.DefaultComponent
+import java.lang.IllegalStateException
+
+@Component("idscp2server")
+class Idscp2ServerComponent : DefaultComponent() {
+    private val servers: MutableMap<Idscp2Settings, Pair<Int, CamelIdscp2Server>> = HashMap()
+
+    init {
+        RatProverDriverRegistry.getInstance().registerDriver(
+                "Dummy", RatProverDummy::class.java, null)
+        RatVerifierDriverRegistry.getInstance().registerDriver(
+                "Dummy", RatVerifierDummy::class.java, null)
+        RatProverDriverRegistry.getInstance().registerDriver(
+                "TPM2d", TPM2dProver::class.java,
+                TPM2dProverConfig.Builder().build()
+        )
+        RatVerifierDriverRegistry.getInstance().registerDriver(
+                "TPM2d", TPM2dVerifier::class.java,
+                TPM2dVerifierConfig.Builder().build()
+        )
+    }
+
+    override fun createEndpoint(uri: String, remaining: String, parameters: Map<String, Any>): Endpoint {
+        val endpoint: Endpoint = Idscp2ServerEndpoint(uri, remaining, this)
+        setProperties(endpoint, parameters)
+        return endpoint
+    }
+
+    @Synchronized
+    fun getServer(serverSettings: Idscp2Settings): CamelIdscp2Server {
+        if (serverSettings in servers) {
+            servers[serverSettings]?.let {
+                servers[serverSettings] = Pair(it.first + 1, it.second)
+                return it.second
+            } ?: throw IllegalStateException("This should never happen, please inform developers of this error!")
+        } else {
+            val server = CamelIdscp2Server(serverSettings)
+            servers[serverSettings] = Pair(1, server)
+            return server
+        }
+    }
+
+    @Synchronized
+    fun freeServer(serverSettings: Idscp2Settings) {
+        servers[serverSettings]?.let {
+            if (it.first > 1) {
+                servers[serverSettings] = Pair(it.first - 1, it.second)
+            } else {
+                it.second.terminate()
+                servers.remove(serverSettings)
+            }
+        }
+    }
+
+    @Synchronized
+    override fun doStop() {
+        servers.values.parallelStream()
+                .forEach { it.second.terminate() }
+        servers.clear()
+        super.doStop()
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
new file mode 100644
index 000000000..6b053557d
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.server
+
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener
+import org.apache.camel.Processor
+import org.apache.camel.support.DefaultConsumer
+import org.slf4j.LoggerFactory
+
+/**
+ * The IDSCP2 server consumer.
+ */
+class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor: Processor) :
+        DefaultConsumer(endpoint, processor), Idscp2MessageListener {
+    override fun doStart() {
+        super.doStart()
+        endpoint.addConsumer(this)
+    }
+
+    override fun doStop() {
+        endpoint.removeConsumer(this)
+        super.doStop()
+    }
+
+    override fun onMessage(connection: Idscp2Connection, type: String, data: ByteArray) {
+        val exchange = endpoint.createExchange()
+        try {
+            createUoW(exchange)
+            // Set relevant information
+            exchange.getIn().setHeader("idscp2.type", type)
+            exchange.getIn().setBody(data, ByteArray::class.java)
+            // Do processing
+            processor.process(exchange)
+            // Handle response
+            val response = exchange.message
+            val responseType = response.getHeader("idscp2.type", String::class.java)
+            connection.send(responseType, response.getBody(ByteArray::class.java))
+        } catch (e: Exception) {
+            LOG.error("Error in Idscp2ServerConsumer.onMessage()", e)
+        } finally {
+            doneUoW(exchange)
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ServerConsumer::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
new file mode 100644
index 000000000..7cb58bb04
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -0,0 +1,124 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.server
+
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
+import org.apache.camel.Processor
+import org.apache.camel.Producer
+import org.apache.camel.spi.UriEndpoint
+import org.apache.camel.support.DefaultEndpoint
+import org.slf4j.LoggerFactory
+import java.util.*
+import java.util.regex.Pattern
+
+@UriEndpoint(
+        scheme = "idscp2server",
+        title = "IDSCP2 Server Socket",
+        syntax = "idscp2server://host:port",
+        label = "ids"
+)
+class Idscp2ServerEndpoint(uri: String?, remaining: String, component: Idscp2ServerComponent?) :
+        DefaultEndpoint(uri, component), Idscp2EndpointListener {
+    private val serverSettings: Idscp2Settings
+    private lateinit var server: CamelIdscp2Server
+    private val consumers: MutableSet<Idscp2ServerConsumer> = HashSet()
+
+    init {
+        val remainingMatcher = URI_REGEX.matcher(remaining)
+        require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
+        val matchResult = remainingMatcher.toMatchResult()
+        val host = matchResult.group(1)
+        val port = matchResult.group(2).toInt()
+        serverSettings = Idscp2Settings.Builder()
+                .setHost(host)
+                .setServerPort(port)
+                .setKeyStorePath("etc/idscp2/aisecconnector1-keystore.jks")
+                .setTrustStorePath("etc/idscp2/client-truststore_new.jks")
+                .setCertificateAlias("1.0.1")
+                .setDapsKeyAlias("1")
+                .setRatTimeoutDelay(300)
+                .build()
+    }
+
+    @Synchronized
+    fun addConsumer(consumer: Idscp2ServerConsumer) {
+        consumers.add(consumer)
+        server.allConnections.forEach { it.addGenericMessageListener(consumer) }
+    }
+
+    @Synchronized
+    fun removeConsumer(consumer: Idscp2ServerConsumer) {
+        consumers.remove(consumer)
+        server.allConnections.forEach { it.removeGenericMessageListener(consumer) }
+    }
+
+    @Synchronized
+    fun sendMessage(type: String, body: ByteArray) {
+        server.allConnections.forEach { it.send(type, body) }
+    }
+
+    @Synchronized
+    override fun createProducer(): Producer {
+        return Idscp2ServerProducer(this)
+    }
+
+    @Synchronized
+    override fun createConsumer(processor: Processor): org.apache.camel.Consumer {
+        return Idscp2ServerConsumer(this, processor)
+    }
+
+    @Synchronized
+    override fun onConnection(connection: Idscp2Connection) {
+        LOG.debug("New IDSCP2 connection on $endpointUri, register consumer listeners")
+        consumers.forEach { connection.addGenericMessageListener(it) }
+    }
+
+    override fun onError(error: String) {
+        LOG.error("Error in IDSCP2 server endpoint $endpointUri:\n$error")
+    }
+
+    @Synchronized
+    public override fun doStart() {
+        LOG.debug("Starting IDSCP2 server endpoint $endpointUri")
+        server = (component as Idscp2ServerComponent).getServer(serverSettings)
+        // Add this endpoint to this server's Idscp2EndpointListener set
+        server.listeners += this
+    }
+
+    @Synchronized
+    public override fun doStop() {
+        LOG.debug("Stopping IDSCP2 server endpoint $endpointUri")
+        // Remove this endpoint from the server's Idscp2EndpointListener set
+        server.listeners -= this
+        (component as Idscp2ServerComponent).freeServer(serverSettings)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ServerEndpoint::class.java)
+        private val URI_REGEX = Pattern.compile("(.*?):(\\d+)$")
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.java b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
similarity index 57%
rename from camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.java
rename to camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
index 579279079..691a0f4b9 100644
--- a/camel-idscp2/src/main/java/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.java
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
@@ -14,29 +14,22 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
-package de.fhg.aisec.ids.camel.idscp2.server;
+package de.fhg.aisec.ids.camel.idscp2.server
 
-import org.apache.camel.Exchange;
-import org.apache.camel.Message;
-import org.apache.camel.support.DefaultProducer;
+import org.apache.camel.Exchange
+import org.apache.camel.support.DefaultProducer
 
 /**
  * The IDSCP2 server producer.
  * Sends each message to all clients connected to this server endpoint.
  */
-public class Idscp2ServerProducer extends DefaultProducer {
-    private final Idscp2ServerEndpoint endpoint;
+class Idscp2ServerProducer(private val endpoint: Idscp2ServerEndpoint) : DefaultProducer(endpoint) {
 
-    public Idscp2ServerProducer(Idscp2ServerEndpoint endpoint) {
-        super(endpoint);
-        this.endpoint = endpoint;
+    override fun process(exchange: Exchange) {
+        val message = exchange.getIn()
+        val type = message.getHeader("idscp.type", String::class.java)
+        val body = message.getBody(ByteArray::class.java)
+        endpoint.sendMessage(type, body)
     }
 
-    @Override
-    public void process(Exchange exchange) {
-        Message message = exchange.getIn();
-        String type = message.getHeader("idscp.type", String.class);
-        byte[] body = message.getBody(byte[].class);
-        endpoint.sendMessage(type, body);
-    }
-}
+}
\ No newline at end of file

From 49c48b735d362e4a5135d61c1f024df4d721994f Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 26 May 2020 11:23:02 +0200
Subject: [PATCH 084/237] IDSCP2 camel client implementation

---
 .../idscp2/client/Idscp2ClientComponent.kt    |  55 +++++++
 .../idscp2/client/Idscp2ClientConsumer.kt     |  64 +++++++++
 .../idscp2/client/Idscp2ClientEndpoint.kt     | 135 ++++++++++++++++++
 .../idscp2/client/Idscp2ClientProducer.kt     |  35 +++++
 .../idscp2/server/Idscp2ServerEndpoint.kt     |  26 ++--
 .../org/apache/camel/component/idscp2client   |   2 +-
 6 files changed, 300 insertions(+), 17 deletions(-)
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
new file mode 100644
index 000000000..5ff106b07
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
@@ -0,0 +1,55 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.client
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
+import org.apache.camel.Endpoint
+import org.apache.camel.spi.annotations.Component
+import org.apache.camel.support.DefaultComponent
+
+@Component("idscp2server")
+class Idscp2ClientComponent : DefaultComponent() {
+
+    init {
+        RatProverDriverRegistry.getInstance().registerDriver(
+                "Dummy", RatProverDummy::class.java, null)
+        RatVerifierDriverRegistry.getInstance().registerDriver(
+                "Dummy", RatVerifierDummy::class.java, null)
+        RatProverDriverRegistry.getInstance().registerDriver(
+                "TPM2d", TPM2dProver::class.java,
+                TPM2dProverConfig.Builder().build()
+        )
+        RatVerifierDriverRegistry.getInstance().registerDriver(
+                "TPM2d", TPM2dVerifier::class.java,
+                TPM2dVerifierConfig.Builder().build()
+        )
+    }
+
+    override fun createEndpoint(uri: String, remaining: String, parameters: Map<String, Any>): Endpoint {
+        val endpoint: Endpoint = Idscp2ClientEndpoint(uri, remaining, this)
+        setProperties(endpoint, parameters)
+        return endpoint
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
new file mode 100644
index 000000000..13d6a27e4
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.client
+
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener
+import org.apache.camel.Processor
+import org.apache.camel.support.DefaultConsumer
+import org.slf4j.LoggerFactory
+
+/**
+ * The IDSCP2 server consumer.
+ */
+class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor: Processor) :
+        DefaultConsumer(endpoint, processor), Idscp2MessageListener {
+    override fun doStart() {
+        super.doStart()
+        endpoint.addConsumer(this)
+    }
+
+    override fun doStop() {
+        endpoint.removeConsumer(this)
+        super.doStop()
+    }
+
+    override fun onMessage(connection: Idscp2Connection, type: String, data: ByteArray) {
+        val exchange = endpoint.createExchange()
+        try {
+            createUoW(exchange)
+            // Set relevant information
+            exchange.getIn().setHeader("idscp2.type", type)
+            exchange.getIn().setBody(data, ByteArray::class.java)
+            // Do processing
+            processor.process(exchange)
+            // Handle response
+            val response = exchange.message
+            val responseType = response.getHeader("idscp2.type", String::class.java)
+            connection.send(responseType, response.getBody(ByteArray::class.java))
+        } catch (e: Exception) {
+            LOG.error("Error in Idscp2ServerConsumer.onMessage()", e)
+        } finally {
+            doneUoW(exchange)
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ClientConsumer::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
new file mode 100644
index 000000000..52a4ec275
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -0,0 +1,135 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.client
+
+import de.fhg.aisec.ids.api.settings.Settings
+import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import org.apache.camel.Processor
+import org.apache.camel.Producer
+import org.apache.camel.spi.UriEndpoint
+import org.apache.camel.support.DefaultEndpoint
+import org.slf4j.LoggerFactory
+import java.util.*
+import java.util.regex.Pattern
+
+@UriEndpoint(
+        scheme = "idscp2client",
+        title = "IDSCP2 Client Socket",
+        syntax = "idscp2client://host:port",
+        label = "ids"
+)
+class Idscp2ClientEndpoint(uri: String?, remaining: String, component: Idscp2ClientComponent?) :
+        DefaultEndpoint(uri, component), Idscp2EndpointListener {
+    private val clientConfiguration: Idscp2Configuration
+    private val clientSettings: Idscp2Settings
+    private var connection: Idscp2Connection? = null
+    private val consumers: MutableSet<Idscp2ClientConsumer> = HashSet()
+
+    init {
+        val settings: Settings = Idscp2OsgiComponent.getSettings()
+        val remainingMatcher = URI_REGEX.matcher(remaining)
+        require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
+        val matchResult = remainingMatcher.toMatchResult()
+        val host = matchResult.group(1)
+        val port = matchResult.group(2).toInt()
+        clientSettings = Idscp2Settings.Builder()
+                .setHost(host)
+                .setServerPort(port)
+                .setKeyStorePath("etc/idscp2/aisecconnector1-keystore.jks")
+                .setTrustStorePath("etc/idscp2/client-truststore_new.jks")
+                .setCertificateAlias("1.0.1")
+                .setDapsKeyAlias("1")
+                .setRatTimeoutDelay(300)
+                .build()
+        val config = DefaultDapsDriverConfig.Builder()
+                .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+                .setKeyStorePath(clientSettings.keyStorePath)
+                .setTrustStorePath(clientSettings.trustStorePath)
+                .setKeyStorePassword(clientSettings.keyStorePassword)
+                .setTrustStorePassword(clientSettings.trustStorePassword)
+                .setKeyAlias(clientSettings.dapsKeyAlias)
+                .setDapsUrl(settings.connectorConfig.dapsUrl)
+                .build()
+        clientConfiguration = Idscp2Configuration(
+                this,
+                clientSettings,
+                DefaultDapsDriver(config),
+                NativeTLSDriver()
+        )
+    }
+
+    @Synchronized
+    fun addConsumer(consumer: Idscp2ClientConsumer) {
+        consumers.add(consumer)
+        connection?.addGenericMessageListener(consumer)
+    }
+
+    @Synchronized
+    fun removeConsumer(consumer: Idscp2ClientConsumer) {
+        consumers.remove(consumer)
+        connection?.removeGenericMessageListener(consumer)
+    }
+
+    @Synchronized
+    fun sendMessage(type: String, body: ByteArray) {
+        connection?.send(type, body)
+    }
+
+    @Synchronized
+    override fun createProducer(): Producer {
+        return Idscp2ClientProducer(this)
+    }
+
+    @Synchronized
+    override fun createConsumer(processor: Processor): org.apache.camel.Consumer {
+        return Idscp2ClientConsumer(this, processor)
+    }
+
+    @Synchronized
+    override fun onConnection(connection: Idscp2Connection) {
+        LOG.debug("New IDSCP2 connection on $endpointUri, register consumer listeners")
+        consumers.forEach { connection.addGenericMessageListener(it) }
+    }
+
+    override fun onError(error: String) {
+        LOG.error("Error in IDSCP2 client endpoint $endpointUri:\n$error")
+    }
+
+    @Synchronized
+    public override fun doStart() {
+        LOG.debug("Starting IDSCP2 client endpoint $endpointUri")
+        clientConfiguration.connect(clientSettings)
+    }
+
+    @Synchronized
+    public override fun doStop() {
+        LOG.debug("Stopping IDSCP2 client endpoint $endpointUri")
+        connection?.close()
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ClientEndpoint::class.java)
+        private val URI_REGEX = Pattern.compile("(.*?):(\\d+)$")
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
new file mode 100644
index 000000000..380ae3f28
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2.client
+
+import org.apache.camel.Exchange
+import org.apache.camel.support.DefaultProducer
+
+/**
+ * The IDSCP2 server producer.
+ * Sends each message to all clients connected to this server endpoint.
+ */
+class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : DefaultProducer(endpoint) {
+
+    override fun process(exchange: Exchange) {
+        val message = exchange.getIn()
+        val type = message.getHeader("idscp2.type", String::class.java)
+        val body = message.getBody(ByteArray::class.java)
+        endpoint.sendMessage(type, body)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index 7cb58bb04..b75b13056 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -17,16 +17,8 @@
 package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.apache.camel.Processor
 import org.apache.camel.Producer
 import org.apache.camel.spi.UriEndpoint
@@ -44,7 +36,7 @@ import java.util.regex.Pattern
 class Idscp2ServerEndpoint(uri: String?, remaining: String, component: Idscp2ServerComponent?) :
         DefaultEndpoint(uri, component), Idscp2EndpointListener {
     private val serverSettings: Idscp2Settings
-    private lateinit var server: CamelIdscp2Server
+    private var server: CamelIdscp2Server? = null
     private val consumers: MutableSet<Idscp2ServerConsumer> = HashSet()
 
     init {
@@ -67,18 +59,18 @@ class Idscp2ServerEndpoint(uri: String?, remaining: String, component: Idscp2Ser
     @Synchronized
     fun addConsumer(consumer: Idscp2ServerConsumer) {
         consumers.add(consumer)
-        server.allConnections.forEach { it.addGenericMessageListener(consumer) }
+        server?.let { server -> server.allConnections.forEach { it.addGenericMessageListener(consumer) } }
     }
 
     @Synchronized
     fun removeConsumer(consumer: Idscp2ServerConsumer) {
+        server?.let { server -> server.allConnections.forEach { it.removeGenericMessageListener(consumer) } }
         consumers.remove(consumer)
-        server.allConnections.forEach { it.removeGenericMessageListener(consumer) }
     }
 
     @Synchronized
     fun sendMessage(type: String, body: ByteArray) {
-        server.allConnections.forEach { it.send(type, body) }
+        server?.let { server -> server.allConnections.forEach { it.send(type, body) } }
     }
 
     @Synchronized
@@ -104,16 +96,18 @@ class Idscp2ServerEndpoint(uri: String?, remaining: String, component: Idscp2Ser
     @Synchronized
     public override fun doStart() {
         LOG.debug("Starting IDSCP2 server endpoint $endpointUri")
-        server = (component as Idscp2ServerComponent).getServer(serverSettings)
-        // Add this endpoint to this server's Idscp2EndpointListener set
-        server.listeners += this
+        (component as Idscp2ServerComponent).getServer(serverSettings).let {
+            server = it
+            // Add this endpoint to this server's Idscp2EndpointListener set
+            it.listeners += this
+        }
     }
 
     @Synchronized
     public override fun doStop() {
         LOG.debug("Stopping IDSCP2 server endpoint $endpointUri")
         // Remove this endpoint from the server's Idscp2EndpointListener set
-        server.listeners -= this
+        server?.let { it.listeners -= this }
         (component as Idscp2ServerComponent).freeServer(serverSettings)
     }
 
diff --git a/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client b/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
index 57aaa95c7..f0e6faab9 100644
--- a/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
+++ b/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
@@ -14,4 +14,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-class=de.fhg.aisec.ids.camel.idscp2.client.WsComponent
+class=de.fhg.aisec.ids.camel.idscp2.client.Idscp2ClientComponent

From 350cc622b580803731139d371c49637ef881b3a9 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 26 May 2020 13:53:38 +0200
Subject: [PATCH 085/237] Fixed error handling to "fail fast", handlers for
 async errors only

---
 .../ids/idscp2/Idscp2EndpointListener.java    |  2 +-
 .../secure_channel/NativeTLSDriver.java       |  3 +-
 .../client/DataAvailableListener.java         |  2 +-
 .../client/InputListenerThread.java           |  2 +-
 .../secure_channel/client/TLSClient.java      | 21 ++----
 .../secure_channel/server/TLSServer.java      |  3 +-
 .../server/TLSServerThread.java               | 15 +++--
 .../interfaces/SecureChannelDriver.java       |  3 +-
 .../idscp2/example/Idscp2ClientInitiator.java |  8 +--
 .../idscp2/example/Idscp2ServerInitiator.java |  8 +--
 .../idscp2/idscp_core/Idscp2Connection.java   |  4 ++
 .../idscp_core/Idscp2ConnectionAdapter.java   |  2 +-
 .../idscp_core/Idscp2ConnectionListener.java  |  2 +-
 .../configuration/Idscp2Configuration.java    | 65 +++++++++----------
 .../SecureChannelInitListener.java            |  2 +
 .../idscp_core/finite_state_machine/FSM.java  |  4 +-
 .../finite_state_machine/FsmListener.java     |  2 +-
 .../secure_channel/SecureChannel.java         |  4 +-
 .../secure_channel/SecureChannelListener.java |  2 +-
 19 files changed, 75 insertions(+), 79 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java
index dda504f89..08c8f9077 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java
@@ -18,5 +18,5 @@ public interface Idscp2EndpointListener {
     /*
      * Called when an error occurred in the underlying IDSCP2 protocol
      */
-    void onError(String error);
+    void onError(Throwable t);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
index 1a2500856..674ddc9e0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
@@ -33,8 +33,7 @@ public void connect(Idscp2Settings settings, SecureChannelInitListener channelIn
             TLSClient tlsClient = new TLSClient(settings, channelInitListener);
             tlsClient.connect(settings.getHost(), settings.getServerPort());
         } catch (IOException | NoSuchAlgorithmException | KeyManagementException e) {
-            LOG.error("Call to connect() has failed", e);
-            channelInitListener.onSecureChannel(null, null);
+            throw new Idscp2Exception("Call to connect() has failed", e);
         }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
index c0101dcf3..c59b4c912 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
@@ -16,7 +16,7 @@ public interface DataAvailableListener {
     /*
      * Notify listener that an error has occurred
      */
-    void onError();
+    void onError(Throwable e);
 
     /*
      * Notify listener that the socket has been closed
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index 3874c8c8f..49f9f6302 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -42,7 +42,7 @@ public void run() {
                 listener.onClose();
                 running = false; //terminate
             } catch (IOException e) {
-                listener.onError();
+                listener.onError(e);
                 running = false;
             }
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index dfead2cbe..01616a4e1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -3,6 +3,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper;
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
@@ -87,9 +88,7 @@ public TLSClient(Idscp2Settings clientSettings, SecureChannelInitListener secure
     public void connect(String hostname, int port) {
         SSLSocket sslSocket = (SSLSocket) clientSocket;
         if (sslSocket == null || sslSocket.isClosed()) {
-            LOG.warn("Client socket is not available");
-            secureChannelInitListener.onSecureChannel(null, null);
-            return;
+            throw new Idscp2Exception("Client socket is not available");
         }
 
         try {
@@ -111,13 +110,11 @@ public void connect(String hostname, int port) {
             LOG.debug("Start TLS Handshake");
             sslSocket.startHandshake();
         } catch (SSLHandshakeException | SSLProtocolException e) {
-            LOG.warn("TLS Handshake failed: {}", e.getMessage());
             disconnect();
-            secureChannelInitListener.onSecureChannel(null, null);
+            throw new Idscp2Exception("TLS Handshake failed", e);
         } catch (IOException e) {
-            LOG.error("Connecting TLS client to server failed " + e.getMessage());
             disconnect();
-            secureChannelInitListener.onSecureChannel(null, null);
+            throw new Idscp2Exception("Connecting TLS client to server failed", e);
         }
     }
 
@@ -143,8 +140,8 @@ public void onClose() {
     }
 
     @Override
-    public void onError() {
-        listenerPromise.thenAccept(SecureChannelListener::onError);
+    public void onError(Throwable t) {
+        listenerPromise.thenAccept(secureChannelListener -> secureChannelListener.onError(t));
     }
 
     @Override
@@ -187,12 +184,8 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
             TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
             LOG.debug("TLS session is valid");
         } catch (SSLPeerUnverifiedException e) {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("TLS session is not valid. Close TLS connection", e);
-            }
             disconnect();
-            secureChannelInitListener.onSecureChannel(null, null);
-            return;
+            throw new Idscp2Exception("TLS session is not valid. Close TLS connection", e);
         }
 
         // Create secure channel, register secure channel as message listener and notify IDSCP2 Configuration.
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index 254d3f328..f172c53da 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -116,7 +116,8 @@ public void run() {
                 LOG.debug("Server socket has been closed.");
                 isRunning = false;
             } catch (IOException e) {
-                LOG.error("TLS server socket accept failed", e);
+                LOG.error("Error during TLS server socket accept, notifying error handlers...");
+                secureChannelInitListener.onError(e);
                 isRunning = false;
             }
         }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
index b513d0989..480410f61 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
@@ -58,8 +58,9 @@ public void run() {
             sslSocket.startHandshake();
             // Wait for TLS session verification
             tlsVerificationLatch.await();
-        } catch (IOException e) {
-            LOG.warn("Exception occurred during SSL handshake. Quiting server thread...", e);
+        } catch (Exception e) {
+            LOG.error("Exception occurred during SSL handshake. Quiting server thread...", e);
+            onError(e);
             running = false;
         }
 
@@ -77,7 +78,7 @@ public void run() {
                 onClose();
                 running = false;
             } catch (IOException e) {
-                onError();
+                onError(e);
                 running = false;
             }
         }
@@ -104,10 +105,10 @@ public boolean send(byte[] data) {
                 out.writeInt(data.length);
                 out.write(data);
                 out.flush();
-                LOG.trace("Send message: " + new String(data));
+                LOG.trace("Sent message: " + new String(data));
                 return true;
             } catch (IOException e) {
-                LOG.error("ServerThread cannot send data.");
+                LOG.error("Server could not send data.");
                 closeSockets();
                 return false;
             }
@@ -118,8 +119,8 @@ private void onClose() {
         channelListenerPromise.thenAccept(SecureChannelListener::onClose);
     }
 
-    private void onError() {
-        channelListenerPromise.thenAccept(SecureChannelListener::onError);
+    private void onError(Throwable t) {
+        channelListenerPromise.thenAccept(secureChannelListener -> secureChannelListener.onError(t));
     }
 
     @Override
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
index 09c8202cf..ac954f550 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
@@ -1,6 +1,5 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
@@ -24,5 +23,5 @@ public interface SecureChannelDriver {
      * Starting a secure server
      */
     SecureServer listen(Idscp2Settings settings, SecureChannelInitListener channelInitListener,
-                        CompletableFuture<ServerConnectionListener> serverListenerPromise) throws Idscp2Exception;
+                        CompletableFuture<ServerConnectionListener> serverListenerPromise);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
index c7419d64f..07b580f40 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
@@ -72,8 +72,8 @@ public void onConnection(Idscp2Connection connection) {
         System.out.println("Client: New connection with id " + connection.getId());
         connection.addConnectionListener(new Idscp2ConnectionAdapter() {
             @Override
-            public void onError(String error) {
-                LOG.error("Client connection error occurred: " + error);
+            public void onError(Throwable t) {
+                LOG.error("Client connection error occurred", t);
             }
 
             @Override
@@ -92,7 +92,7 @@ public void onClose(Idscp2Connection connection) {
     }
 
     @Override
-    public void onError(String error) {
-        LOG.error("Client endpoint error occurred: " + error);
+    public void onError(Throwable t) {
+        LOG.error("Client endpoint error occurred", t);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
index 171bbc053..960a477f6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
@@ -79,8 +79,8 @@ public void onConnection(Idscp2Connection connection) {
         System.out.println("Server: New connection with id " + connection.getId());
         connection.addConnectionListener(new Idscp2ConnectionAdapter() {
             @Override
-            public void onError(String error) {
-                LOG.error("Server connection error occurred: " + error);
+            public void onError(Throwable t) {
+                LOG.error("Server connection error occurred", t);
             }
 
             @Override
@@ -98,7 +98,7 @@ public void onClose(Idscp2Connection connection) {
     }
 
     @Override
-    public void onError(String error) {
-        LOG.error("Server endpoint error occurred: " + error);
+    public void onError(Throwable t) {
+        LOG.error("Server endpoint error occurred", t);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
index 4451794ce..74dc49f6b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
@@ -65,6 +65,10 @@ public void onMessage(String type, byte[] msg) {
         }
     }
 
+    public void onError(Throwable t) {
+        connectionListeners.forEach(idscp2ConnectionListener -> idscp2ConnectionListener.onError(t));
+    }
+
     public void onClose() {
         LOG.debug("Connection with id {} has been closed, notify listeners", connectionId);
         connectionListeners.forEach(l -> l.onClose(this));
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
index 9588fe687..d45391ea8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
@@ -3,7 +3,7 @@
 public class Idscp2ConnectionAdapter implements Idscp2ConnectionListener {
 
     @Override
-    public void onError(String error) {
+    public void onError(Throwable t) {
     }
 
     @Override
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
index 40bd19b1c..83a020c40 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
@@ -6,7 +6,7 @@
  */
 public interface Idscp2ConnectionListener {
 
-    void onError(String error);
+    void onError(Throwable t);
 
     void onClose(Idscp2Connection connection);
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
index 4dc185fa5..57d871d1b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
@@ -75,45 +75,40 @@ public Idscp2Server listen(Idscp2Settings settings) throws Idscp2Exception {
     @Override
     public synchronized void onSecureChannel(SecureChannel secureChannel,
                                              CompletableFuture<ServerConnectionListener> serverListenerPromise) {
-        if (secureChannel == null) {
-            LOG.warn("IDSCP2 connect failed because no secure channel available");
-            endpointListener.onError("IDSCP2 connect failed because no secure channel available");
-        } else {
-            LOG.trace("A new secure channel for an IDSCP2 connection was established");
-            FSM fsm = new FSM(
-                    secureChannel,
-                    dapsDriver,
-                    settings.getSupportedAttestation().getRatMechanisms(),
-                    settings.getExpectedAttestation().getRatMechanisms(),
-                    settings.getRatTimeoutDelay());
+        LOG.trace("A new secure channel for an IDSCP2 connection was established");
+        FSM fsm = new FSM(
+                secureChannel,
+                dapsDriver,
+                settings.getSupportedAttestation().getRatMechanisms(),
+                settings.getExpectedAttestation().getRatMechanisms(),
+                settings.getRatTimeoutDelay());
 
-            try {
-                // Blocking until handshake is done
-                fsm.startIdscpHandshake();
-            } catch (Idscp2Exception e) {
-                return;
-            }
+        fsm.startIdscpHandshake();
 
-            String connectionId = UUID.randomUUID().toString();
-            // Threads calling onMessage() will be blocked until all listeners have been registered, see below
-            Idscp2Connection newConnection = new Idscp2Connection(fsm, connectionId);
-            fsm.registerConnection(newConnection);
-            LOG.debug("A new IDSCP2 connection with id {} was created", connectionId);
-            if (serverListenerPromise != null) {
-                // Complete the connection promise for the IDSCP server
-                serverListenerPromise.thenAccept(serverListener -> {
-                    serverListener.onConnectionCreated(newConnection);
-                    newConnection.addConnectionListener(new Idscp2ConnectionAdapter() {
-                        @Override
-                        public void onClose(Idscp2Connection connection) {
-                            serverListener.onConnectionClose(connection);
-                        }
-                    });
+        String connectionId = UUID.randomUUID().toString();
+        // Threads calling onMessage() will be blocked until all listeners have been registered, see below
+        Idscp2Connection newConnection = new Idscp2Connection(fsm, connectionId);
+        fsm.registerConnection(newConnection);
+        LOG.debug("A new IDSCP2 connection with id {} was created", connectionId);
+        if (serverListenerPromise != null) {
+            // Complete the connection promise for the IDSCP server
+            serverListenerPromise.thenAccept(serverListener -> {
+                serverListener.onConnectionCreated(newConnection);
+                newConnection.addConnectionListener(new Idscp2ConnectionAdapter() {
+                    @Override
+                    public void onClose(Idscp2Connection connection) {
+                        serverListener.onConnectionClose(connection);
+                    }
                 });
-            }
-            endpointListener.onConnection(newConnection);
-            newConnection.unlockMessaging();
+            });
         }
+        endpointListener.onConnection(newConnection);
+        newConnection.unlockMessaging();
+    }
+
+    @Override
+    public void onError(Throwable t) {
+        endpointListener.onError(t);
     }
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java
index 2af24aa22..9c733f7a8 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java
@@ -21,4 +21,6 @@ void onSecureChannel(
             CompletableFuture<ServerConnectionListener> serverListenerPromise
     );
 
+    void onError(Throwable t);
+
 }
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 0b797578f..07a7158cd 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -429,7 +429,9 @@ boolean sendFromFSM(IdscpMessage msg) {
      * driver implementations
      */
     @Override
-    public void onError() {
+    public void onError(Throwable t) {
+        // Broadcast the error to the respective listeners
+        connection.onError(t);
 
         //check for incorrect usage
         checkForFsmCircles();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
index 3b2b322c8..673631110 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
@@ -27,7 +27,7 @@ public interface FsmListener {
     /*
      * A method for providing internal errors to the fsm
      */
-    void onError();
+    void onError(Throwable t);
 
     /*
      * A method for notifying the fsm about closure of the secure channel
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index 1b33c3730..ffae9c55a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -46,9 +46,9 @@ public void onMessage(byte[] data) {
     }
 
     @Override
-    public void onError() {
+    public void onError(Throwable t) {
         // Tell fsm an error occurred in secure channel
-        fsmPromise.thenAccept(FsmListener::onError);
+        fsmPromise.thenAccept(fsmListener -> fsmListener.onError(t));
     }
 
     @Override
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
index 024f397e2..06efc83e0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
@@ -13,7 +13,7 @@ public interface SecureChannelListener {
     /*
      * Delegate an error from an secure channel endpoint to the secure channel
      */
-    void onError();
+    void onError(Throwable t);
 
     /*
      * Notify secure channel that secure channel endpoint has been closed

From f3de18c3d9754f228697d0d22c0bef76cdf4e19b Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 26 May 2020 14:23:56 +0200
Subject: [PATCH 086/237] Separated example routes

---
 .../route-examples/example-idscp2-client.xml  | 25 +++++++++
 .../route-examples/example-idscp2-server.xml  | 24 +++++++++
 examples/route-examples/example-idscp2.xml    | 51 -------------------
 3 files changed, 49 insertions(+), 51 deletions(-)
 create mode 100644 examples/route-examples/example-idscp2-client.xml
 create mode 100644 examples/route-examples/example-idscp2-server.xml
 delete mode 100644 examples/route-examples/example-idscp2.xml

diff --git a/examples/route-examples/example-idscp2-client.xml b/examples/route-examples/example-idscp2-client.xml
new file mode 100644
index 000000000..eb7569ffd
--- /dev/null
+++ b/examples/route-examples/example-idscp2-client.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+        <route id="idscp2Client">
+            <from uri="timer://tenSecondsTimer?fixedRate=true&amp;period=10000"/>
+            <setBody>
+                <simple>PING</simple>
+            </setBody>
+            <setHeader name="idscp2.type">
+                <simple>ping</simple>
+            </setHeader>
+            <log message="Client sends: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <to uri="idscp2client://localhost:29292" />
+            <log message="Client received: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+        </route>
+
+    </camelContext>
+
+</blueprint>
diff --git a/examples/route-examples/example-idscp2-server.xml b/examples/route-examples/example-idscp2-server.xml
new file mode 100644
index 000000000..44f24e692
--- /dev/null
+++ b/examples/route-examples/example-idscp2-server.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+        <route id="idscp2Server">
+            <from uri="idscp2server://0.0.0.0:29292"/>
+            <log message="Server received: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <setBody>
+                <simple>PONG</simple>
+            </setBody>
+            <setHeader name="idscp2.type">
+                <simple>pong</simple>
+            </setHeader>
+            <log message="Server response: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+        </route>
+
+    </camelContext>
+
+</blueprint>
diff --git a/examples/route-examples/example-idscp2.xml b/examples/route-examples/example-idscp2.xml
deleted file mode 100644
index 07c50dd8c..000000000
--- a/examples/route-examples/example-idscp2.xml
+++ /dev/null
@@ -1,51 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
-           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-           xsi:schemaLocation="
- http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
- http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
-
-    <!-- Define TLS configuration for data consumer -->
-<!--    <camel:sslContextParameters id="serverSslContext">-->
-<!--        <camel:keyManagers keyPassword="password">-->
-<!--            <camel:keyStore resource="etc/server-keystore.jks" password="password"/>-->
-<!--        </camel:keyManagers>-->
-<!--        <camel:trustManagers>-->
-<!--            <camel:keyStore resource="etc/server-truststore.jks" password="password"/>-->
-<!--        </camel:trustManagers>-->
-<!--    </camel:sslContextParameters>-->
-
-    <!-- Define TLS configuration for data provider -->
-<!--    <camel:sslContextParameters id="clientSslContext">-->
-<!--        <camel:keyManagers keyPassword="password">-->
-<!--            <camel:keyStore resource="etc/client-keystore.jks" password="password"/>-->
-<!--        </camel:keyManagers>-->
-<!--        <camel:trustManagers>-->
-<!--            <camel:keyStore resource="etc/client-truststore.jks" password="password"/>-->
-<!--        </camel:trustManagers>-->
-<!--    </camel:sslContextParameters>-->
-
-    <!-- Routes -->
-    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
-
-<!--        <route id="sendIdscp2">-->
-<!--            <from uri="timer://perSecondTimer?fixedRate=true&amp;period=10000"/>-->
-<!--            <setBody>-->
-<!--                <simple>Message at $simple{date:now:yyyy-MM-dd HH:mm:ss}</simple>-->
-<!--            </setBody>-->
-<!--            <log message="Sending message body &quot;${body}&quot;..."/>-->
-<!--            <to uri="idscp2client://consumer-core:8080" />-->
-<!--        </route>-->
-
-        <route id="receiveIdscp2">
-            <from uri="idscp2server://0.0.0.0:8080"/>
-            <log message="Received via IDS protocol: ${body}"/>
-            <setBody>
-                <simple>PONG</simple>
-            </setBody>
-            <log message="Response IDS message: ${body}"/>
-        </route>
-
-    </camelContext>
-
-</blueprint>

From cf813db503a8c64fc35bdbd9442425664396926b Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 27 May 2020 01:16:00 +0200
Subject: [PATCH 087/237] Separated "connection factories", Future-based client
 connection handling

---
 .../secure_channel/NativeTLSDriver.java       | 10 ++-
 .../secure_channel/client/TLSClient.java      | 32 ++++----
 .../interfaces/SecureChannelDriver.java       |  3 +-
 .../idscp2/example/Idscp2ClientInitiator.java | 69 ++++++++--------
 .../idscp2/example/Idscp2ServerInitiator.java | 16 ++--
 .../idscp2/idscp_core/Idscp2Connection.java   | 24 +++++-
 .../configuration/Idscp2ClientFactory.java    | 37 +++++++++
 ...guration.java => Idscp2ServerFactory.java} | 52 ++++---------
 .../configuration/Idscp2Settings.java         |  2 +-
 .../idscp_core/finite_state_machine/FSM.java  | 78 +++++++++----------
 .../finite_state_machine/StateClosed.java     | 27 +++++--
 .../StateWaitForHello.java                    |  2 +-
 12 files changed, 194 insertions(+), 158 deletions(-)
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.java
 rename idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/{Idscp2Configuration.java => Idscp2ServerFactory.java} (65%)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
index 674ddc9e0..98582b0ba 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
@@ -2,9 +2,11 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client.TLSClient;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server.TLSServer;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
@@ -28,12 +30,14 @@ public class NativeTLSDriver implements SecureChannelDriver {
      * Performs an asynchronous client connect to a TLS server.
      */
     @Override
-    public void connect(Idscp2Settings settings, SecureChannelInitListener channelInitListener) {
+    public void connect(Idscp2Settings settings,
+                        DapsDriver dapsDriver,
+                        CompletableFuture<Idscp2Connection> connectionFuture) {
         try {
-            TLSClient tlsClient = new TLSClient(settings, channelInitListener);
+            TLSClient tlsClient = new TLSClient(settings, dapsDriver, connectionFuture);
             tlsClient.connect(settings.getHost(), settings.getServerPort());
         } catch (IOException | NoSuchAlgorithmException | KeyManagementException e) {
-            throw new Idscp2Exception("Call to connect() has failed", e);
+            connectionFuture.completeExceptionally(new Idscp2Exception("Call to connect() has failed", e));
         }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 01616a4e1..cfdf24e59 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -3,9 +3,10 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
@@ -22,7 +23,7 @@
 import java.util.concurrent.CompletableFuture;
 
 /**
- * A TLS Client that notifies an Idscp2Configuration when a secure channel was created and the
+ * A TLS Client that notifies an Idscp2ServerFactory when a secure channel was created and the
  * TLS handshake is done. The client is notified from an InputListenerThread when new data are
  * available and transfer it to the SecureChannelListener
  *
@@ -36,11 +37,17 @@ public class TLSClient implements HandshakeCompletedListener, DataAvailableListe
     private DataOutputStream out;
     private InputListenerThread inputListenerThread;
     private final CompletableFuture<SecureChannelListener> listenerPromise = new CompletableFuture<>();
-    private final SecureChannelInitListener secureChannelInitListener;
+    private final Idscp2Settings clientSettings;
+    private final DapsDriver dapsDriver;
+    private final CompletableFuture<Idscp2Connection> connectionFuture;
 
-    public TLSClient(Idscp2Settings clientSettings, SecureChannelInitListener secureChannelInitListener)
+    public TLSClient(Idscp2Settings clientSettings,
+                     DapsDriver dapsDriver,
+                     CompletableFuture<Idscp2Connection> connectionFuture)
             throws IOException, KeyManagementException, NoSuchAlgorithmException {
-        this.secureChannelInitListener = secureChannelInitListener;
+        this.clientSettings = clientSettings;
+        this.dapsDriver = dapsDriver;
+        this.connectionFuture = connectionFuture;
 
         // init TLS Client
 
@@ -92,8 +99,7 @@ public void connect(String hostname, int port) {
         }
 
         try {
-            sslSocket.connect(new InetSocketAddress(hostname,
-                    port));
+            sslSocket.connect(new InetSocketAddress(hostname, port));
             LOG.debug("Client is connected to server {}:{}", hostname, port);
 
             //set clientSocket timeout to allow safeStop()
@@ -105,7 +111,6 @@ public void connect(String hostname, int port) {
             inputListenerThread = new InputListenerThread(clientSocket.getInputStream());
             inputListenerThread.register(this);
 
-            //start tls handshake
             sslSocket.addHandshakeCompletedListener(this);
             LOG.debug("Start TLS Handshake");
             sslSocket.startHandshake();
@@ -119,7 +124,7 @@ public void connect(String hostname, int port) {
     }
 
     private void disconnect() {
-        LOG.debug("Disconnecting from tls server");
+        LOG.debug("Disconnecting from TLS server...");
         //close listener
         if (inputListenerThread != null && inputListenerThread.isAlive()) {
             inputListenerThread.safeStop();
@@ -129,7 +134,7 @@ private void disconnect() {
             try {
                 clientSocket.close();
             } catch (IOException e) {
-                //nothing to do
+                onError(e);
             }
         }
     }
@@ -141,7 +146,7 @@ public void onClose() {
 
     @Override
     public void onError(Throwable t) {
-        listenerPromise.thenAccept(secureChannelListener -> secureChannelListener.onError(t));
+        listenerPromise.thenAccept(listener -> listener.onError(t));
     }
 
     @Override
@@ -185,14 +190,15 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
             LOG.debug("TLS session is valid");
         } catch (SSLPeerUnverifiedException e) {
             disconnect();
-            throw new Idscp2Exception("TLS session is not valid. Close TLS connection", e);
+            connectionFuture.completeExceptionally(
+                    new Idscp2Exception("TLS session is not valid. Close TLS connection", e));
         }
 
         // Create secure channel, register secure channel as message listener and notify IDSCP2 Configuration.
         SecureChannel secureChannel = new SecureChannel(this);
         this.listenerPromise.complete(secureChannel);
+        this.connectionFuture.complete(new Idscp2Connection(secureChannel, clientSettings, dapsDriver));
         inputListenerThread.start();
-        secureChannelInitListener.onSecureChannel(secureChannel, null);
     }
 
     @Override
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
index ac954f550..d6af0fc05 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
@@ -1,5 +1,6 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces;
 
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
@@ -17,7 +18,7 @@ public interface SecureChannelDriver {
     /*
      * Asynchronous method to create a secure connection to a secure server
      */
-    void connect(Idscp2Settings settings, SecureChannelInitListener channelInitListener);
+    void connect(Idscp2Settings settings, DapsDriver dapsDriver, CompletableFuture<Idscp2Connection> connectionFuture);
 
     /*
      * Starting a secure server
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
index 07b580f40..109444db7 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
@@ -1,6 +1,5 @@
 package de.fhg.aisec.ids.idscp2.example;
 
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
@@ -10,11 +9,10 @@
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig;
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ClientFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
@@ -24,9 +22,11 @@
 import java.nio.charset.StandardCharsets;
 import java.util.concurrent.CompletableFuture;
 
-public class Idscp2ClientInitiator implements Idscp2EndpointListener {
+public class Idscp2ClientInitiator {
     private static final Logger LOG = LoggerFactory.getLogger(Idscp2ClientInitiator.class);
 
+    private final CompletableFuture<Idscp2Connection> connectionFuture = new CompletableFuture<>();
+
     public void init(Idscp2Settings settings) {
         SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
 
@@ -41,8 +41,6 @@ public void init(Idscp2Settings settings) {
                         .setDapsUrl("https://daps.aisec.fraunhofer.de")
                         .build();
 
-        DapsDriver dapsDriver = new DefaultDapsDriver(config);
-
         RatProverDriverRegistry.getInstance().registerDriver(
                 "Dummy", RatProverDummy.class, null);
         RatVerifierDriverRegistry.getInstance().registerDriver(
@@ -57,42 +55,37 @@ public void init(Idscp2Settings settings) {
                 new TPM2dVerifierConfig.Builder().build()
         );
 
-        Idscp2Configuration clientConfig = new Idscp2Configuration(
-                this,
-                settings,
-                dapsDriver,
+        final var clientConfig = new Idscp2ClientFactory(
+                new DefaultDapsDriver(config),
                 secureChannelDriver
         );
 
-        clientConfig.connect(settings);
-    }
-
-    @Override
-    public void onConnection(Idscp2Connection connection) {
-        System.out.println("Client: New connection with id " + connection.getId());
-        connection.addConnectionListener(new Idscp2ConnectionAdapter() {
-            @Override
-            public void onError(Throwable t) {
-                LOG.error("Client connection error occurred", t);
-            }
+        clientConfig.connect(settings, connectionFuture);
+        connectionFuture.thenAccept(connection -> {
+            System.out.println("Client: New connection with id " + connection.getId());
+            connection.addConnectionListener(new Idscp2ConnectionAdapter() {
+                @Override
+                public void onError(Throwable t) {
+                    LOG.error("Client connection error occurred", t);
+                }
 
-            @Override
-            public void onClose(Idscp2Connection connection) {
-                LOG.info("Client: Connection with id " + connection.getId() + " has been closed");
-            }
+                @Override
+                public void onClose(Idscp2Connection connection) {
+                    LOG.info("Client: Connection with id " + connection.getId() + " has been closed");
+                }
+            });
+            connection.addGenericMessageListener(((c, type, data) -> System.out.println(
+                    "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
+            connection.addMessageListener("ping", (c, type, data) -> {
+                System.out.println("Received ping message: " + new String(data, StandardCharsets.UTF_8));
+                CompletableFuture.runAsync(c::close);  // FSM error if run from the same thread
+            });
+            connection.unlockMessaging();
+            System.out.println("Sending PING...");
+            connection.send("ping", "PING".getBytes(StandardCharsets.UTF_8));
+        }).exceptionally(t -> {
+            LOG.error("Client endpoint error occurred", t);
+            return null;
         });
-        connection.addGenericMessageListener(((c, type, data) -> System.out.println(
-                "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
-        connection.addMessageListener("ping", (c, type, data) -> {
-            System.out.println("Received ping message: " + new String(data, StandardCharsets.UTF_8));
-            CompletableFuture.runAsync(c::close);  // FSM error if run from the same thread
-        });
-        System.out.println("Sending PING...");
-        connection.send("ping", "PING".getBytes(StandardCharsets.UTF_8));
-    }
-
-    @Override
-    public void onError(Throwable t) {
-        LOG.error("Client endpoint error occurred", t);
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
index 960a477f6..5ad62b29e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
@@ -14,7 +14,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory;
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
@@ -57,7 +57,7 @@ public void init(Idscp2Settings settings) {
                 new TPM2dVerifierConfig.Builder().build()
         );
 
-        Idscp2Configuration serverConfig = new Idscp2Configuration(
+        Idscp2ServerFactory serverConfig = new Idscp2ServerFactory(
                 this,
                 settings,
                 dapsDriver,
@@ -66,12 +66,12 @@ public void init(Idscp2Settings settings) {
 
         Idscp2Server idscp2Server = serverConfig.listen(settings);
 
-        try {
-            Thread.sleep(40_000); //run server for 2 minutes
-        } catch (Exception ignored) {
-        } finally {
-            idscp2Server.terminate();
-        }
+//        try {
+//            Thread.sleep(40_000); //run server for 2 minutes
+//        } catch (Exception ignored) {
+//        } finally {
+//            idscp2Server.terminate();
+//        }
     }
 
     @Override
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
index 74dc49f6b..e8860d1a4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
@@ -1,11 +1,15 @@
 package de.fhg.aisec.ids.idscp2.idscp_core;
 
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import org.jetbrains.annotations.Nullable;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.util.*;
+import java.util.concurrent.CompletableFuture;
 
 /**
  * The IDSCP2 Connection class holds connections between connectors
@@ -23,9 +27,19 @@ public class Idscp2Connection {
     private final Map<String, Set<Idscp2MessageListener>> messageListeners = new HashMap<>();
     private final FastLatch messageLatch = new FastLatch();
 
-    public Idscp2Connection(FSM fsm, String connectionId) {
-        this.fsm = fsm;
-        this.connectionId = connectionId;
+    public Idscp2Connection(SecureChannel secureChannel, Idscp2Settings settings, DapsDriver dapsDriver) {
+        this.connectionId = UUID.randomUUID().toString();
+        fsm = new FSM(
+                this,
+                secureChannel,
+                dapsDriver,
+                settings.getSupportedAttestation().getRatMechanisms(),
+                settings.getExpectedAttestation().getRatMechanisms(),
+                settings.getRatTimeoutDelay());
+        secureChannel.setFsm(fsm);
+        LOG.debug("A new IDSCP2 connection with id {} was created, starting handshake...", connectionId);
+        // Schedule IDSCP handshake asynchronously
+        CompletableFuture.runAsync(fsm::startIdscpHandshake);
     }
 
     public void unlockMessaging() {
@@ -36,11 +50,13 @@ public void unlockMessaging() {
      * Close the idscp connection
      */
     public void close() {
-        // Unregister connection from the server
+        LOG.debug("Closing connection {}...", connectionId);
+        // If server connection, this also unregisters the connection from the server.
         if (fsm.isNotClosed()) {
             connectionListeners.forEach(l -> l.onClose(this));
         }
         fsm.terminate();
+        LOG.debug("IDSCP2 connection {} closed", connectionId);
     }
 
     /**
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.java
new file mode 100644
index 000000000..fad670b6c
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.java
@@ -0,0 +1,37 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.util.concurrent.CompletableFuture;
+
+/**
+ * Idscp2ServerFactory class, provides IDSCP2 API to the User (Idscp2EndpointListener)
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+public class Idscp2ClientFactory {
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ClientFactory.class);
+
+    private final DapsDriver dapsDriver;
+    private final SecureChannelDriver secureChannelDriver;
+
+    public Idscp2ClientFactory(DapsDriver dapsDriver,
+                               SecureChannelDriver secureChannelDriver
+    ) {
+        this.dapsDriver = dapsDriver;
+        this.secureChannelDriver = secureChannelDriver;
+    }
+
+    /**
+     * User API to create a IDSCP2 connection as a client
+     */
+    public void connect(Idscp2Settings settings, CompletableFuture<Idscp2Connection> connectionFuture) {
+        LOG.info("Connect to an IDSCP2 server ({})", settings.getHost());
+        secureChannelDriver.connect(settings, dapsDriver, connectionFuture);
+    }
+
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java
similarity index 65%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
rename to idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java
index 57d871d1b..9de609093 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java
@@ -6,30 +6,28 @@
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import java.util.UUID;
 import java.util.concurrent.CompletableFuture;
 
 /**
- * Idscp2Configuration class, provides IDSCP2 API to the User (Idscp2EndpointListener)
+ * Idscp2ServerFactory class, provides IDSCP2 API to the User (Idscp2EndpointListener)
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class Idscp2Configuration implements SecureChannelInitListener {
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2Configuration.class);
+public class Idscp2ServerFactory implements SecureChannelInitListener {
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerFactory.class);
 
     private final Idscp2EndpointListener endpointListener;
     private final Idscp2Settings settings;
     private final DapsDriver dapsDriver;
     private final SecureChannelDriver secureChannelDriver;
 
-    public Idscp2Configuration(Idscp2EndpointListener endpointListener,
+    public Idscp2ServerFactory(Idscp2EndpointListener endpointListener,
                                Idscp2Settings settings,
                                DapsDriver dapsDriver,
                                SecureChannelDriver secureChannelDriver
@@ -40,14 +38,6 @@ public Idscp2Configuration(Idscp2EndpointListener endpointListener,
         this.secureChannelDriver = secureChannelDriver;
     }
 
-    /**
-     * User API to create a IDSCP2 connection as a client
-     */
-    public void connect(Idscp2Settings settings) {
-        LOG.info("Connect to an IDSCP2 server ({})", settings.getHost());
-        secureChannelDriver.connect(settings, this);
-    }
-
     /*
      * User API to create a new IDSCP2 Server that starts a Secure Server that listens to new
      * secure channels
@@ -76,32 +66,18 @@ public Idscp2Server listen(Idscp2Settings settings) throws Idscp2Exception {
     public synchronized void onSecureChannel(SecureChannel secureChannel,
                                              CompletableFuture<ServerConnectionListener> serverListenerPromise) {
         LOG.trace("A new secure channel for an IDSCP2 connection was established");
-        FSM fsm = new FSM(
-                secureChannel,
-                dapsDriver,
-                settings.getSupportedAttestation().getRatMechanisms(),
-                settings.getExpectedAttestation().getRatMechanisms(),
-                settings.getRatTimeoutDelay());
-
-        fsm.startIdscpHandshake();
-
-        String connectionId = UUID.randomUUID().toString();
         // Threads calling onMessage() will be blocked until all listeners have been registered, see below
-        Idscp2Connection newConnection = new Idscp2Connection(fsm, connectionId);
-        fsm.registerConnection(newConnection);
-        LOG.debug("A new IDSCP2 connection with id {} was created", connectionId);
-        if (serverListenerPromise != null) {
-            // Complete the connection promise for the IDSCP server
-            serverListenerPromise.thenAccept(serverListener -> {
-                serverListener.onConnectionCreated(newConnection);
-                newConnection.addConnectionListener(new Idscp2ConnectionAdapter() {
-                    @Override
-                    public void onClose(Idscp2Connection connection) {
-                        serverListener.onConnectionClose(connection);
-                    }
-                });
+        Idscp2Connection newConnection = new Idscp2Connection(secureChannel, settings, dapsDriver);
+        // Complete the connection promise for the IDSCP server
+        serverListenerPromise.thenAccept(serverListener -> {
+            serverListener.onConnectionCreated(newConnection);
+            newConnection.addConnectionListener(new Idscp2ConnectionAdapter() {
+                @Override
+                public void onClose(Idscp2Connection connection) {
+                    serverListener.onConnectionClose(connection);
+                }
             });
-        }
+        });
         endpointListener.onConnection(newConnection);
         newConnection.unlockMessaging();
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
index 6c22dda3f..8fdf3cc8b 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
@@ -11,7 +11,7 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class Idscp2Settings {
-    public static final int DEFAULT_SERVER_PORT = 8080;
+    public static final int DEFAULT_SERVER_PORT = 29292;
 
     private int serverPort = DEFAULT_SERVER_PORT;
     private String host = "localhost";
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 07a7158cd..8df2dcd40 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -5,7 +5,6 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
@@ -49,7 +48,9 @@ enum FSM_STATE {
     private State currentState;
     /*  ----------------   end of states   --------------- */
 
-    private final SecureChannel secureChannel; //secure underlying channel
+
+    private final Idscp2Connection connection;
+    private final SecureChannel secureChannel;
 
     private RatProverDriver ratProverDriver;
     private RatVerifierDriver ratVerifierDriver;
@@ -69,14 +70,6 @@ enum FSM_STATE {
     private String proverMechanism = null; //RAT prover mechanism
     private String verifierMechanism = null; //RAT Verifier mechanism
 
-    /*
-     * The idscp message listener, that should receive the IDSCP2 messages from the fsm
-     * And a listener latch to ensure that the listener is available and the message does not get
-     * lost
-     */
-    private Idscp2Connection connection;
-    private final FastLatch connectionLatch = new FastLatch();
-
     /*
      * A FIFO-fair synchronization lock for the finite state machine
      */
@@ -98,7 +91,7 @@ enum FSM_STATE {
     /*
      * Check if FSM is closed forever
      */
-    private boolean fsmIsClosed = false;
+    private boolean fsmTerminated = false;
 
     /* ---------------------- Timer ---------------------- */
     private final Timer datTimer;
@@ -108,7 +101,7 @@ enum FSM_STATE {
     private final Timer verifierHandshakeTimer;
     /*  ----------------   end of Timer   --------------- */
 
-    public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
+    public FSM(Idscp2Connection connection, SecureChannel secureChannel, DapsDriver dapsDriver,
                String[] localSupportedRatSuite, String[] localExpectedRatSuite, int ratTimeout) {
 
 
@@ -172,12 +165,11 @@ public FSM(SecureChannel secureChannel, DapsDriver dapsDriver,
                 ratTimer, handshakeTimer));
 
 
-        //set initial state
+        // Set initial state
         currentState = states.get(FSM_STATE.STATE_CLOSED);
 
-        //register fsm to the secure channel for bi-directional communication between fsm and sc
+        this.connection = connection;
         this.secureChannel = secureChannel;
-        secureChannel.setFsm(this);
     }
 
     private void checkForFsmCircles() {
@@ -237,7 +229,7 @@ public void onMessage(byte[] data) {
         try {
             while (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))) {
 
-                if (fsmIsClosed) {
+                if (fsmTerminated) {
                     return;
                 }
 
@@ -366,11 +358,8 @@ public void terminate() {
         //check for incorrect usage
         checkForFsmCircles();
 
-        LOG.debug("Close IDSCP2 connection");
+        LOG.debug("Sending stop message to connection peer...");
         onControlMessage(InternalControlMessage.IDSCP_STOP);
-        LOG.trace("Close secure channel");
-        secureChannel.close();
-        LOG.debug("IDSCP2 connection closed");
     }
 
     /*
@@ -380,26 +369,25 @@ public void terminate() {
      * driver implementations
      */
     public void startIdscpHandshake() throws Idscp2Exception {
-
         //check for incorrect usage
         checkForFsmCircles();
 
         fsmIsBusy.lock();
         try {
             if (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))) {
-                if (fsmIsClosed) {
+                if (fsmTerminated) {
                     throw new Idscp2Exception("FSM is in a final closed state forever");
                 }
 
-                //trigger handshake init
+                // trigger handshake init
                 onControlMessage(InternalControlMessage.START_IDSCP_HANDSHAKE);
 
-                //wait until handshake was successful or failed
+                // wait until handshake was successful or failed
                 while (!handshakeResultAvailable) {
                     idscpHandshakeLock.await();
                 }
 
-                if (!isConnected()) {
+                if (!isConnected() && !fsmTerminated) {
                     //handshake failed, throw exception
                     throw new Idscp2Exception("Handshake failed");
                 }
@@ -433,7 +421,7 @@ public void onError(Throwable t) {
         // Broadcast the error to the respective listeners
         connection.onError(t);
 
-        //check for incorrect usage
+        // Check for incorrect usage
         checkForFsmCircles();
 
         onControlMessage(InternalControlMessage.ERROR);
@@ -447,11 +435,10 @@ public void onError(Throwable t) {
      */
     @Override
     public void onClose() {
-
-        //check for incorrect usage
+        // Check for incorrect usage
         checkForFsmCircles();
 
-        onControlMessage(InternalControlMessage.ERROR);
+        onControlMessage(InternalControlMessage.IDSCP_STOP);
     }
 
     /*
@@ -482,14 +469,6 @@ public boolean isConnected() {
         return currentState.equals(states.get(FSM_STATE.STATE_ESTABLISHED));
     }
 
-    /*
-     * Register an IDSCP2 message listener
-     */
-    public void registerConnection(Idscp2Connection connection) {
-        this.connection = connection;
-        connectionLatch.unlock();
-    }
-
     /*
      * Notify handshake lock about result
      */
@@ -598,21 +577,35 @@ void stopRatProverDriver() {
      * and notify User or handshake lock about closure
      */
     void shutdownFsm() {
+        LOG.debug("Shutting down FSM of connection {}...", connection.getId());
+
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("Closing secure channel of connection {}...", connection.getId());
+        }
         secureChannel.close();
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("Clearing timeouts...");
+        }
         datTimer.cancelTimeout();
         ratTimer.cancelTimeout();
         handshakeTimer.cancelTimeout();
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("Stopping RAT components...");
+        }
         // Cancels proverHandshakeTimer
         this.stopRatProverDriver();
         // Cancels verifierHandshakeTimer
         this.stopRatVerifierDriver();
-        fsmIsClosed = true;
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("Mark FSM as terminated...");
+        }
+        fsmTerminated = true;
 
         // Notify upper layer via handshake or closeListener
-        if (handshakeResultAvailable) {
-            connectionLatch.await();
-            connection.onClose();
-        } else {
+        if (!handshakeResultAvailable) {
+            if (LOG.isTraceEnabled()) {
+                LOG.trace("Notify handshake lock...");
+            }
             notifyHandshakeCompleteLock();
         }
     }
@@ -621,7 +614,6 @@ void shutdownFsm() {
      * Provide IDSCP2 message to the message listener
      */
     void notifyIdscpMsgListener(String type, byte[] data) {
-        this.connectionLatch.await();
         this.connection.onMessage(type, data);
         LOG.debug("Idscp data has been passed to connection listener");
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
index b6acac5b5..f445fbab6 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
@@ -62,15 +62,27 @@ public StateClosed(FSM fsm,
                 }
         ));
 
+        // This origins from onClose(), so just ignore it
+        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
+                event -> {
+                    if (LOG.isTraceEnabled()) {
+                        LOG.trace("Received STOP in STATE_CLOSED, ignored.");
+                    }
+                    return this;
+                }
+        ));
+
         this.setNoTransitionHandler(
                 event -> {
-                    LOG.debug("No transition available for given event {}, stack trace for analysis:\n{}",
-                            event,
-                            Arrays.stream(Thread.currentThread().getStackTrace())
-                                    .skip(1)
-                                    .map(Object::toString)
-                                    .collect(Collectors.joining("\n")));
-                    LOG.debug("Stay in state STATE_CLOSED");
+                    if (LOG.isDebugEnabled()) {
+                        LOG.debug("No transition available for given event {}, stack trace for analysis:\n{}",
+                                event,
+                                Arrays.stream(Thread.currentThread().getStackTrace())
+                                        .skip(1)
+                                        .map(Object::toString)
+                                        .collect(Collectors.joining("\n")));
+                        LOG.debug("Stay in state STATE_CLOSED");
+                    }
                     return this;
                 }
         );
@@ -86,7 +98,6 @@ private void runExitCode(Condition onMessageLock) {
     void runEntryCode(FSM fsm) {
         //State Closed entry code
         LOG.debug("Switched to state STATE_CLOSED");
-        LOG.debug("Terminate and free all resources and lock fsm forever");
         fsm.shutdownFsm();
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
index db821241b..d4f3edb9a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
@@ -52,7 +52,7 @@ public StateWaitForHello(FSM fsm,
 
         this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
                 event -> {
-                    LOG.debug("Received stop signal from user. Send IDSC_CLOSE");
+                    LOG.debug("Received stop signal from user. Send IDSCP_CLOSE");
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
                             IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
                     return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);

From dd976bc7c6efbf7c3cbbede0ed1717926b00f4d8 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 27 May 2020 01:21:56 +0200
Subject: [PATCH 088/237] Fixed client producer (send only), added untested
 client consumer

---
 .../idscp2/client/Idscp2ClientConsumer.kt     | 24 ++++++--
 .../idscp2/client/Idscp2ClientEndpoint.kt     | 55 +++----------------
 .../idscp2/client/Idscp2ClientProducer.kt     | 28 +++++++++-
 .../camel/idscp2/server/CamelIdscp2Server.kt  | 10 ++--
 .../idscp2/server/Idscp2ServerConsumer.kt     |  4 +-
 .../idscp2/server/Idscp2ServerEndpoint.kt     |  4 +-
 6 files changed, 64 insertions(+), 61 deletions(-)

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index 13d6a27e4..563df78cf 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -21,20 +21,30 @@ import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener
 import org.apache.camel.Processor
 import org.apache.camel.support.DefaultConsumer
 import org.slf4j.LoggerFactory
+import java.util.concurrent.CompletableFuture
 
 /**
  * The IDSCP2 server consumer.
  */
 class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor: Processor) :
         DefaultConsumer(endpoint, processor), Idscp2MessageListener {
+    private val connectionFuture = CompletableFuture<Idscp2Connection>()
+
     override fun doStart() {
         super.doStart()
-        endpoint.addConsumer(this)
+        endpoint.makeConnection(connectionFuture)
+        connectionFuture.thenAccept { it.addGenericMessageListener(this) }
     }
 
-    override fun doStop() {
-        endpoint.removeConsumer(this)
-        super.doStop()
+    public override fun doStop() {
+        if (connectionFuture.isDone) {
+            val connection = connectionFuture.get()
+            LOG.debug("Stopping IDSCP2 client connection {}...", connection.id)
+            connection.close()
+        } else {
+            LOG.debug("Canceling IDSCP2 client connection...")
+            connectionFuture.cancel(true)
+        }
     }
 
     override fun onMessage(connection: Idscp2Connection, type: String, data: ByteArray) {
@@ -49,9 +59,11 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
             // Handle response
             val response = exchange.message
             val responseType = response.getHeader("idscp2.type", String::class.java)
-            connection.send(responseType, response.getBody(ByteArray::class.java))
+            if (response.body != null && responseType != null) {
+                connection.send(responseType, response.getBody(ByteArray::class.java))
+            }
         } catch (e: Exception) {
-            LOG.error("Error in Idscp2ServerConsumer.onMessage()", e)
+            LOG.error("Error in Idscp2ClientConsumer.onMessage()", e)
         } finally {
             doneUoW(exchange)
         }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 52a4ec275..3f923369e 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -18,19 +18,18 @@ package de.fhg.aisec.ids.camel.idscp2.client
 
 import de.fhg.aisec.ids.api.settings.Settings
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ClientFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import org.apache.camel.Processor
 import org.apache.camel.Producer
 import org.apache.camel.spi.UriEndpoint
 import org.apache.camel.support.DefaultEndpoint
 import org.slf4j.LoggerFactory
-import java.util.*
+import java.util.concurrent.CompletableFuture
 import java.util.regex.Pattern
 
 @UriEndpoint(
@@ -40,11 +39,9 @@ import java.util.regex.Pattern
         label = "ids"
 )
 class Idscp2ClientEndpoint(uri: String?, remaining: String, component: Idscp2ClientComponent?) :
-        DefaultEndpoint(uri, component), Idscp2EndpointListener {
-    private val clientConfiguration: Idscp2Configuration
+        DefaultEndpoint(uri, component) {
+    private val dapsDriverConfig: DefaultDapsDriverConfig
     private val clientSettings: Idscp2Settings
-    private var connection: Idscp2Connection? = null
-    private val consumers: MutableSet<Idscp2ClientConsumer> = HashSet()
 
     init {
         val settings: Settings = Idscp2OsgiComponent.getSettings()
@@ -62,8 +59,8 @@ class Idscp2ClientEndpoint(uri: String?, remaining: String, component: Idscp2Cli
                 .setDapsKeyAlias("1")
                 .setRatTimeoutDelay(300)
                 .build()
-        val config = DefaultDapsDriverConfig.Builder()
-                .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+        dapsDriverConfig = DefaultDapsDriverConfig.Builder()
+                .setConnectorUUID(settings.connectorConfig.connectorUUID)
                 .setKeyStorePath(clientSettings.keyStorePath)
                 .setTrustStorePath(clientSettings.trustStorePath)
                 .setKeyStorePassword(clientSettings.keyStorePassword)
@@ -71,61 +68,27 @@ class Idscp2ClientEndpoint(uri: String?, remaining: String, component: Idscp2Cli
                 .setKeyAlias(clientSettings.dapsKeyAlias)
                 .setDapsUrl(settings.connectorConfig.dapsUrl)
                 .build()
-        clientConfiguration = Idscp2Configuration(
-                this,
-                clientSettings,
-                DefaultDapsDriver(config),
-                NativeTLSDriver()
-        )
     }
 
-    @Synchronized
-    fun addConsumer(consumer: Idscp2ClientConsumer) {
-        consumers.add(consumer)
-        connection?.addGenericMessageListener(consumer)
+    fun makeConnection(connectionFuture: CompletableFuture<Idscp2Connection>) {
+        return Idscp2ClientFactory(DefaultDapsDriver(dapsDriverConfig), NativeTLSDriver())
+                .connect(clientSettings, connectionFuture)
     }
 
-    @Synchronized
-    fun removeConsumer(consumer: Idscp2ClientConsumer) {
-        consumers.remove(consumer)
-        connection?.removeGenericMessageListener(consumer)
-    }
-
-    @Synchronized
-    fun sendMessage(type: String, body: ByteArray) {
-        connection?.send(type, body)
-    }
-
-    @Synchronized
     override fun createProducer(): Producer {
         return Idscp2ClientProducer(this)
     }
 
-    @Synchronized
     override fun createConsumer(processor: Processor): org.apache.camel.Consumer {
         return Idscp2ClientConsumer(this, processor)
     }
 
-    @Synchronized
-    override fun onConnection(connection: Idscp2Connection) {
-        LOG.debug("New IDSCP2 connection on $endpointUri, register consumer listeners")
-        consumers.forEach { connection.addGenericMessageListener(it) }
-    }
-
-    override fun onError(error: String) {
-        LOG.error("Error in IDSCP2 client endpoint $endpointUri:\n$error")
-    }
-
-    @Synchronized
     public override fun doStart() {
         LOG.debug("Starting IDSCP2 client endpoint $endpointUri")
-        clientConfiguration.connect(clientSettings)
     }
 
-    @Synchronized
     public override fun doStop() {
         LOG.debug("Stopping IDSCP2 client endpoint $endpointUri")
-        connection?.close()
     }
 
     companion object {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
index 380ae3f28..a8755252a 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -16,20 +16,46 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.client
 
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import org.apache.camel.Exchange
 import org.apache.camel.support.DefaultProducer
+import org.slf4j.LoggerFactory
+import java.util.concurrent.CompletableFuture
 
 /**
  * The IDSCP2 server producer.
  * Sends each message to all clients connected to this server endpoint.
  */
 class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : DefaultProducer(endpoint) {
+    private val connectionFuture = CompletableFuture<Idscp2Connection>()
 
     override fun process(exchange: Exchange) {
         val message = exchange.getIn()
         val type = message.getHeader("idscp2.type", String::class.java)
         val body = message.getBody(ByteArray::class.java)
-        endpoint.sendMessage(type, body)
+        connectionFuture.get().let {
+            it.unlockMessaging()
+            it.send(type, body)
+        }
     }
 
+    override fun doStart() {
+        super.doStart()
+        endpoint.makeConnection(connectionFuture)
+    }
+
+    public override fun doStop() {
+        if (connectionFuture.isDone) {
+            val connection = connectionFuture.get()
+            LOG.debug("Stopping IDSCP2 client connection {}...", connection.id)
+            connection.close()
+        } else {
+            LOG.debug("Canceling IDSCP2 client connection...")
+            connectionFuture.cancel(true)
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ClientProducer::class.java)
+    }
 }
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index f531083ff..5a84164a4 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -6,7 +6,7 @@ import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDrive
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server
 import java.util.*
@@ -17,7 +17,7 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
 
     init {
         val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
-                .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
+                .setConnectorUUID(Idscp2OsgiComponent.getSettings().connectorConfig.connectorUUID)
                 .setKeyStorePath(serverSettings.keyStorePath)
                 .setTrustStorePath(serverSettings.trustStorePath)
                 .setKeyStorePassword(serverSettings.keyStorePassword)
@@ -25,7 +25,7 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
                 .setKeyAlias(serverSettings.dapsKeyAlias)
                 .setDapsUrl(Idscp2OsgiComponent.getSettings().connectorConfig.dapsUrl)
                 .build()
-        val serverConfiguration = Idscp2Configuration(
+        val serverConfiguration = Idscp2ServerFactory(
                 this,
                 serverSettings,
                 DefaultDapsDriver(dapsDriverConfig),
@@ -38,8 +38,8 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
         listeners.forEach { it.onConnection(connection) }
     }
 
-    override fun onError(error: String) {
-        listeners.forEach { it.onError(error) }
+    override fun onError(t: Throwable) {
+        listeners.forEach { it.onError(t) }
     }
 
     val allConnections: Set<Idscp2Connection> = server.allConnections
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
index 6b053557d..04ec67ee5 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
@@ -49,7 +49,9 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
             // Handle response
             val response = exchange.message
             val responseType = response.getHeader("idscp2.type", String::class.java)
-            connection.send(responseType, response.getBody(ByteArray::class.java))
+            if (response.body != null && responseType != null) {
+                connection.send(responseType, response.getBody(ByteArray::class.java))
+            }
         } catch (e: Exception) {
             LOG.error("Error in Idscp2ServerConsumer.onMessage()", e)
         } finally {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index b75b13056..3c1f87f95 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -89,8 +89,8 @@ class Idscp2ServerEndpoint(uri: String?, remaining: String, component: Idscp2Ser
         consumers.forEach { connection.addGenericMessageListener(it) }
     }
 
-    override fun onError(error: String) {
-        LOG.error("Error in IDSCP2 server endpoint $endpointUri:\n$error")
+    override fun onError(t: Throwable) {
+        LOG.error("Error in IDSCP2 server endpoint $endpointUri", t)
     }
 
     @Synchronized

From 4601b3a6beea27d9d2a0c771501c79f2a87fa28a Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 27 May 2020 16:42:53 +0200
Subject: [PATCH 089/237] Added keyPassword parameter, changed timeout from int
 to long

---
 .../keystores/PreConfiguration.java             |  3 ++-
 .../secure_channel/client/TLSClient.java        |  1 +
 .../secure_channel/server/TLSServer.java        |  1 +
 .../configuration/Idscp2Settings.java           | 17 ++++++++++++++---
 .../idscp_core/finite_state_machine/FSM.java    |  2 +-
 .../finite_state_machine/StateWaitForRat.java   |  2 +-
 .../StateWaitForRatVerifier.java                |  2 +-
 7 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index e12a2c38d..5c334dadc 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -62,6 +62,7 @@ public static TrustManager[] getX509ExtTrustManager(
      * throws RuntimeException of creating KeyManager fails
      */
     public static KeyManager[] getX509ExtKeyManager(
+            String keyPassword,
             String keyStorePath,
             String keyStorePassword,
             String certAlias,
@@ -76,7 +77,7 @@ public static KeyManager[] getX509ExtKeyManager(
             keystore.load(jksKeyStoreIn, keyStorePassword.toCharArray());
             final KeyManagerFactory keyManagerFactory =
                     KeyManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
-            keyManagerFactory.init(keystore, keyStorePassword.toCharArray());
+            keyManagerFactory.init(keystore, keyPassword.toCharArray());
             myKeyManager = keyManagerFactory.getKeyManagers();
 
             /* set up keyManager config */
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index cfdf24e59..03065d17f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -61,6 +61,7 @@ public TLSClient(Idscp2Settings clientSettings,
         // get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
         // connection specific key selection via key alias
         KeyManager[] myKeyManager = PreConfiguration.getX509ExtKeyManager(
+                clientSettings.getKeyPassword(),
                 clientSettings.getKeyStorePath(),
                 clientSettings.getKeyStorePassword(),
                 clientSettings.getCertificateAlias(),
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
index f172c53da..d2e48e7a4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
@@ -53,6 +53,7 @@ public TLSServer(Idscp2Settings serverSettings, SecureChannelInitListener secure
         // which enables connection specific key selection via key alias
         LOG.debug("Creating key manager for TLS server...");
         KeyManager[] myKeyManager = PreConfiguration.getX509ExtKeyManager(
+                serverSettings.getKeyPassword(),
                 serverSettings.getKeyStorePath(),
                 serverSettings.getKeyStorePassword(),
                 serverSettings.getCertificateAlias(),
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
index 8fdf3cc8b..974e5b074 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
@@ -12,11 +12,13 @@
  */
 public class Idscp2Settings {
     public static final int DEFAULT_SERVER_PORT = 29292;
+    public static final String DEFAULT_RAT_TIMEOUT_DELAY = "600";
 
     private int serverPort = DEFAULT_SERVER_PORT;
     private String host = "localhost";
     private String trustStorePath = null;
     private String trustStorePassword = "password";
+    private String keyPassword = "password";
     private String keyStorePath = null;
     private String keyStorePassword = "password";
     private String certificateAlias = "1.0.1";
@@ -24,7 +26,7 @@ public class Idscp2Settings {
     private String keyStoreKeyType = "RSA";
     private AttestationConfig supportedAttestation = new AttestationConfig();
     private AttestationConfig expectedAttestation = new AttestationConfig();
-    private int ratTimeoutDelay = 20;
+    private long ratTimeoutDelay = Integer.parseInt(DEFAULT_RAT_TIMEOUT_DELAY);
 
     @SuppressWarnings("unused")
     public static class Builder {
@@ -43,6 +45,11 @@ public Builder setServerPort(int serverPort) {
             return this;
         }
 
+        public Builder setKeyPassword(String pwd) {
+            this.settings.keyPassword = pwd;
+            return this;
+        }
+
         @NonNull
         public Builder setTrustStorePath(String path) {
             this.settings.trustStorePath = path;
@@ -97,7 +104,7 @@ public Builder setExpectedAttestation(AttestationConfig suite) {
             return this;
         }
 
-        public Builder setRatTimeoutDelay(int delay) {
+        public Builder setRatTimeoutDelay(long delay) {
             this.settings.ratTimeoutDelay = delay;
             return this;
         }
@@ -125,6 +132,10 @@ public String getTrustStorePassword() {
         return trustStorePassword;
     }
 
+    public String getKeyPassword() {
+        return keyPassword;
+    }
+
     public String getKeyStorePath() {
         return keyStorePath;
     }
@@ -153,7 +164,7 @@ public AttestationConfig getExpectedAttestation() {
         return expectedAttestation;
     }
 
-    public int getRatTimeoutDelay() {
+    public long getRatTimeoutDelay() {
         return ratTimeoutDelay;
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 8df2dcd40..21ddf8a68 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -102,7 +102,7 @@ enum FSM_STATE {
     /*  ----------------   end of Timer   --------------- */
 
     public FSM(Idscp2Connection connection, SecureChannel secureChannel, DapsDriver dapsDriver,
-               String[] localSupportedRatSuite, String[] localExpectedRatSuite, int ratTimeout) {
+               String[] localSupportedRatSuite, String[] localExpectedRatSuite, long ratTimeout) {
 
 
         /* ------------- Timeout Handler Routines ------------*/
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
index 5aa079906..14f59d985 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
@@ -22,7 +22,7 @@ public StateWaitForRat(FSM fsm,
                            Timer verifierHandshakeTimer,
                            Timer proverHandshakeTimer,
                            Timer ratTimer,
-                           int ratTimerDelay,
+                           long ratTimerDelay,
                            DapsDriver dapsDriver) {
 
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
index 211082e3d..e0a3d5460 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
@@ -21,7 +21,7 @@ public StateWaitForRatVerifier(FSM fsm,
                                    Timer ratTimer,
                                    Timer handshakeTimer,
                                    Timer verifierHandshakeTimer,
-                                   int ratTimeoutDelay) {
+                                   long ratTimeoutDelay) {
 
         /*---------------------------------------------------
          * STATE_WAIT_FOR_RAT_VERIFIER - Transition Description

From c9ec3108ff21321e4ecfbdeffea145267f4603e9 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 27 May 2020 17:07:38 +0200
Subject: [PATCH 090/237] Typo fix for server producer

---
 .../fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
index 691a0f4b9..f48147343 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
@@ -27,7 +27,7 @@ class Idscp2ServerProducer(private val endpoint: Idscp2ServerEndpoint) : Default
 
     override fun process(exchange: Exchange) {
         val message = exchange.getIn()
-        val type = message.getHeader("idscp.type", String::class.java)
+        val type = message.getHeader("idscp2.type", String::class.java)
         val body = message.getBody(ByteArray::class.java)
         endpoint.sendMessage(type, body)
     }

From a84291f0fcf28261f733c79527b28d91bfb1bac1 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 27 May 2020 18:57:08 +0200
Subject: [PATCH 091/237] Reduced key manager log verbosity

---
 .../CustomX509ExtendedKeyManager.java         | 21 ++++++++-----------
 1 file changed, 9 insertions(+), 12 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
index 8d109d4d1..06173e5f7 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
@@ -88,13 +88,12 @@ public String chooseServerAlias(String keyType, Principal[] issuers, Socket sock
                 return this.certAlias;
             } else {
                 LOG.warn("certAlias '{}' was not found in keystore", this.certAlias);
-                return null;
             }
-        } else {
-            LOG.warn("Invalid keyType '{}' in chooseServerAlias() in class X509ExtendedKeyManager", keyType);
-            LOG.warn("Expected: '{}'", this.keyType);
-            return null;
+        } else if (LOG.isDebugEnabled()) {
+            LOG.debug("Different keyType '{}' in chooseServerAlias() in CustomX509ExtendedKeyManager, expected '{}'",
+                    keyType, this.keyType);
         }
+        return null;
     }
 
     @Override
@@ -102,12 +101,10 @@ public String chooseServerAlias(String keyType, Principal[] issuers, Socket sock
        called by client and server in TLS Handshake after alias was chosen */
     public X509Certificate[] getCertificateChain(String certAlias) {
         if (certAlias.equals(this.certAlias)) {
-            X509Certificate[] ret = delegate.getCertificateChain(certAlias);
-            LOG.debug("Certificate Chain: {}", Arrays.toString(ret));
-            return ret;
+            return delegate.getCertificateChain(certAlias);
         } else {
-            LOG.warn("Invalid certAlias '{}' in getCertificateChain() in class X509ExtendedKeyManager", certAlias);
-            LOG.warn("Expected: '{}'", this.certAlias);
+            LOG.warn("Different certAlias '{}' in getCertificateChain() in class X509ExtendedKeyManager, " +
+                    "expected: '{}'", certAlias, this.certAlias);
             return null;
         }
     }
@@ -119,8 +116,8 @@ public PrivateKey getPrivateKey(String certAlias) {
         if (certAlias.equals(this.certAlias)) {
             return delegate.getPrivateKey(certAlias);
         } else {
-            LOG.warn("Invalid certAlias '{}' in getPrivateKey() in class X509ExtendedKeyManager", certAlias);
-            LOG.warn("Expected: '{}'", this.certAlias);
+            LOG.warn("Different certAlias '{}' in getPrivateKey() in class X509ExtendedKeyManager, expected '{}'",
+                    certAlias, this.certAlias);
             return null;
         }
     }

From 8ff4beef11b1164434e64957b742372af542638a Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 28 May 2020 14:17:58 +0200
Subject: [PATCH 092/237] Improved/adjusted log outputs, added TODOs

---
 .../CustomX509ExtendedKeyManager.java         | 14 +++++-----
 .../client/InputListenerThread.java           |  2 +-
 .../secure_channel/client/TLSClient.java      | 27 ++++++++++++++-----
 .../idscp2/example/Idscp2ServerInitiator.java |  2 +-
 .../idscp2/idscp_core/Idscp2Connection.java   | 24 ++++++++++-------
 .../idscp_core/Idscp2ConnectionAdapter.java   |  5 ++++
 .../configuration/Idscp2ServerFactory.java    |  1 +
 .../idscp_core/finite_state_machine/FSM.java  | 12 ++++++---
 .../secure_channel/SecureChannel.java         |  8 ++++--
 9 files changed, 64 insertions(+), 31 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
index 06173e5f7..92291cb56 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
@@ -59,14 +59,12 @@ public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket s
                 return this.certAlias;
             } else {
                 LOG.warn("certAlias '{}' was not found in keystore", this.certAlias);
-                return null;
             }
-        } else {
-            LOG.warn("Invalid keyType '{}' in chooseClientAlias() in class X509ExtendedKeyManager",
-                    Arrays.toString(keyTypes));
-            LOG.warn("Expected: '{}'", this.keyType);
-            return null;
+        } else if (LOG.isTraceEnabled()) {
+            LOG.trace("Different keyType '{}' in chooseClientAlias() in CustomX509ExtendedKeyManager, expected '{}'",
+                    keyType, this.keyType);
         }
+        return null;
     }
 
     @Override
@@ -89,8 +87,8 @@ public String chooseServerAlias(String keyType, Principal[] issuers, Socket sock
             } else {
                 LOG.warn("certAlias '{}' was not found in keystore", this.certAlias);
             }
-        } else if (LOG.isDebugEnabled()) {
-            LOG.debug("Different keyType '{}' in chooseServerAlias() in CustomX509ExtendedKeyManager, expected '{}'",
+        } else if (LOG.isTraceEnabled()) {
+            LOG.trace("Different keyType '{}' in chooseServerAlias() in CustomX509ExtendedKeyManager, expected '{}'",
                     keyType, this.keyType);
         }
         return null;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
index 49f9f6302..bd7572a80 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
@@ -40,7 +40,7 @@ public void run() {
                 //timeout to catch safeStop() call
             } catch (EOFException e) {
                 listener.onClose();
-                running = false; //terminate
+                running = false;
             } catch (IOException e) {
                 listener.onError(e);
                 running = false;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 03065d17f..997b5f6ba 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -108,7 +108,7 @@ public void connect(String hostname, int port) {
 
             out = new DataOutputStream(clientSocket.getOutputStream());
 
-            //add inputListener but start it not before handshake is complete
+            // Add inputListener but start it not before handshake is complete
             inputListenerThread = new InputListenerThread(clientSocket.getInputStream());
             inputListenerThread.register(this);
 
@@ -116,9 +116,11 @@ public void connect(String hostname, int port) {
             LOG.debug("Start TLS Handshake");
             sslSocket.startHandshake();
         } catch (SSLHandshakeException | SSLProtocolException e) {
+            // FIXME: Any such disconnect makes the server maintain a broken connection
             disconnect();
             throw new Idscp2Exception("TLS Handshake failed", e);
         } catch (IOException e) {
+            // FIXME: Any such disconnect makes the server maintain a broken connection
             disconnect();
             throw new Idscp2Exception("Connecting TLS client to server failed", e);
         }
@@ -185,21 +187,32 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
             LOG.debug("TLS Handshake was successful");
         }
 
+        if (!this.connectionFuture.isCancelled()) {
+            // TODO: When server behavior fixed, disconnect and return here instantly
+//            disconnect();
+//            return;
+        }
+
         // verify tls session on application layer: hostname verification, certificate validity
         try {
             TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
             LOG.debug("TLS session is valid");
+            // Create secure channel, register secure channel as message listener and notify IDSCP2 Configuration.
+            SecureChannel secureChannel = new SecureChannel(this);
+            this.listenerPromise.complete(secureChannel);
+            final var connection = new Idscp2Connection(secureChannel, clientSettings, dapsDriver);
+            inputListenerThread.start();
+            // Try to complete, won't do anything if promise has been cancelled
+            this.connectionFuture.complete(connection);
+            if (this.connectionFuture.isCancelled()) {
+                connection.close();
+            }
         } catch (SSLPeerUnverifiedException e) {
+            // FIXME: Any such disconnect makes the server maintain a broken connection
             disconnect();
             connectionFuture.completeExceptionally(
                     new Idscp2Exception("TLS session is not valid. Close TLS connection", e));
         }
-
-        // Create secure channel, register secure channel as message listener and notify IDSCP2 Configuration.
-        SecureChannel secureChannel = new SecureChannel(this);
-        this.listenerPromise.complete(secureChannel);
-        this.connectionFuture.complete(new Idscp2Connection(secureChannel, clientSettings, dapsDriver));
-        inputListenerThread.start();
     }
 
     @Override
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
index 5ad62b29e..4993ea47f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
@@ -70,7 +70,7 @@ public void init(Idscp2Settings settings) {
 //            Thread.sleep(40_000); //run server for 2 minutes
 //        } catch (Exception ignored) {
 //        } finally {
-//            idscp2Server.terminate();
+//            idscp2Server.closeConnection();
 //        }
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
index e8860d1a4..0593f822c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
@@ -10,6 +10,7 @@
 
 import java.util.*;
 import java.util.concurrent.CompletableFuture;
+import java.util.stream.Collectors;
 
 /**
  * The IDSCP2 Connection class holds connections between connectors
@@ -37,7 +38,14 @@ public Idscp2Connection(SecureChannel secureChannel, Idscp2Settings settings, Da
                 settings.getExpectedAttestation().getRatMechanisms(),
                 settings.getRatTimeoutDelay());
         secureChannel.setFsm(fsm);
-        LOG.debug("A new IDSCP2 connection with id {} was created, starting handshake...", connectionId);
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("A new IDSCP2 connection with id {} was created, starting handshake...", connectionId);
+        }
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("Stack Trace of Idscp2Connection {} constructor:\n"
+                    + Arrays.stream(Thread.currentThread().getStackTrace())
+                    .skip(1).map(Object::toString).collect(Collectors.joining("\n")), connectionId);
+        }
         // Schedule IDSCP handshake asynchronously
         CompletableFuture.runAsync(fsm::startIdscpHandshake);
     }
@@ -51,11 +59,7 @@ public void unlockMessaging() {
      */
     public void close() {
         LOG.debug("Closing connection {}...", connectionId);
-        // If server connection, this also unregisters the connection from the server.
-        if (fsm.isNotClosed()) {
-            connectionListeners.forEach(l -> l.onClose(this));
-        }
-        fsm.terminate();
+        fsm.closeConnection();
         LOG.debug("IDSCP2 connection {} closed", connectionId);
     }
 
@@ -63,14 +67,16 @@ public void close() {
      * Send data to the peer IDSCP2 connector
      */
     public void send(String type, byte[] msg) {
-        LOG.debug("Send data of type \"" + type + "\" ");
+        LOG.debug("Send data of type \"" + type + "\" via connection {}", connectionId);
         fsm.send(type, msg);
     }
 
     public void onMessage(String type, byte[] msg) {
         // When unlock is called, although not synchronized, this will eventually stop blocking.
         messageLatch.await();
-        LOG.debug("Received new IDSCP Message: " + Arrays.toString(msg));
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("Received new IDSCP Message");
+        }
         genericMessageListeners.forEach(l -> l.onMessage(this, type, msg));
         Set<Idscp2MessageListener> listeners = messageListeners.get(type);
         if (listeners != null) {
@@ -86,7 +92,7 @@ public void onError(Throwable t) {
     }
 
     public void onClose() {
-        LOG.debug("Connection with id {} has been closed, notify listeners", connectionId);
+        LOG.debug("Connection with id {} is closing, notify listeners...", connectionId);
         connectionListeners.forEach(l -> l.onClose(this));
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
index d45391ea8..2f348da8a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
@@ -1,9 +1,14 @@
 package de.fhg.aisec.ids.idscp2.idscp_core;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 public class Idscp2ConnectionAdapter implements Idscp2ConnectionListener {
+    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ConnectionAdapter.class);
 
     @Override
     public void onError(Throwable t) {
+        LOG.error("Error received in Idscp2ConnectionAdapter", t);
     }
 
     @Override
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java
index 9de609093..c79b37b60 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java
@@ -79,6 +79,7 @@ public void onClose(Idscp2Connection connection) {
             });
         });
         endpointListener.onConnection(newConnection);
+        // Listeners have been applied in onConnection() callback above, so we can safely unlock messaging now
         newConnection.unlockMessaging();
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 21ddf8a68..7a1e2a14e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -354,7 +354,7 @@ private void feedEvent(Event event) {
      * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
      * driver implementations
      */
-    public void terminate() {
+    public void closeConnection() {
         //check for incorrect usage
         checkForFsmCircles();
 
@@ -574,11 +574,15 @@ void stopRatProverDriver() {
 
     /*
      * Lock the fsm forever, terminate the timers and drivers, close the secure channel
-     * and notify User or handshake lock about closure
+     * and notify handshake lock if necessary
      */
     void shutdownFsm() {
         LOG.debug("Shutting down FSM of connection {}...", connection.getId());
 
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("Running close handlers of connection {}...", connection.getId());
+        }
+        connection.onClose();
         if (LOG.isTraceEnabled()) {
             LOG.trace("Closing secure channel of connection {}...", connection.getId());
         }
@@ -615,7 +619,9 @@ void shutdownFsm() {
      */
     void notifyIdscpMsgListener(String type, byte[] data) {
         this.connection.onMessage(type, data);
-        LOG.debug("Idscp data has been passed to connection listener");
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("Idscp data of type \"{}\" has been passed to connection listener", type);
+        }
     }
 
     //
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
index ffae9c55a..16ddd2590 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
@@ -35,13 +35,17 @@ public void close() {
      * return true if the data has been sent successfully, else false
      */
     public boolean send(byte[] msg) {
-        LOG.debug("Send message via secure channel");
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("Send message via secure channel");
+        }
         return endpoint.send(msg);
     }
 
     @Override
     public void onMessage(byte[] data) {
-        LOG.debug("New raw data has been received via the secure channel");
+        if (LOG.isTraceEnabled()) {
+            LOG.trace("New raw data has been received via the secure channel");
+        }
         fsmPromise.thenAccept(fsmListener -> fsmListener.onMessage(data));
     }
 

From 8eba384948688f0a9de0898986780ad4102284c9 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 28 May 2020 14:41:19 +0200
Subject: [PATCH 093/237] Endpoint parameterization, finished client/server
 side examples

---
 .../ids/camel/idscp2/RefCountingHashMap.kt    |  77 ++++++++++++
 .../idscp2/client/Idscp2ClientConsumer.kt     |  32 +++--
 .../idscp2/client/Idscp2ClientEndpoint.kt     | 118 +++++++++++++-----
 .../idscp2/client/Idscp2ClientProducer.kt     |  22 ++--
 .../camel/idscp2/server/CamelIdscp2Server.kt  |  20 ++-
 .../idscp2/server/Idscp2ServerComponent.kt    |  34 ++---
 .../idscp2/server/Idscp2ServerEndpoint.kt     |  72 ++++++++---
 .../example-idscp2-client-broadcast.xml       |  28 +++++
 .../route-examples/example-idscp2-client.xml  |  21 +++-
 .../example-idscp2-server-broadcast.xml       |  33 +++++
 .../route-examples/example-idscp2-server.xml  |  13 +-
 11 files changed, 358 insertions(+), 112 deletions(-)
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/RefCountingHashMap.kt
 create mode 100644 examples/route-examples/example-idscp2-client-broadcast.xml
 create mode 100644 examples/route-examples/example-idscp2-server-broadcast.xml

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/RefCountingHashMap.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/RefCountingHashMap.kt
new file mode 100644
index 000000000..6c7fa5a1b
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/RefCountingHashMap.kt
@@ -0,0 +1,77 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package de.fhg.aisec.ids.camel.idscp2
+
+/**
+ * A wrapped, synchronized HashMap counting the number of references to its values.
+ * When all references are released, releaseFunction will be called to finalize the freed value.
+ *
+ * @author Michael Lux <michael.lux@aisec.fraunhofer.de>
+ *
+ * @param releaseFunction The function used to finalize elements without remaining references.
+ */
+class RefCountingHashMap<K, V>(private val releaseFunction: (V) -> Unit) {
+    private val map = HashMap<K, Pair<Int, V>>()
+
+    /**
+     * Increments the reference count of an existing element
+     * or inserts the element newly created by mappingFunction with reference count 1.
+     *
+     * @param key The key of the element to be retrieved (w. increased reference count)
+     * or created with reference count 1.
+     * @param mappingFunction The function to create the element if it doesn't exist
+     */
+    @Synchronized
+    fun computeIfAbsent(key: K, mappingFunction: (K) -> V): V {
+        return map[key]?.let {
+            map[key] = Pair(it.first + 1, it.second)
+            it.second
+        } ?: let {
+            val value = mappingFunction(key)
+            map[key] = Pair(1, value)
+            value
+        }
+    }
+
+    /**
+     * Decrements the reference count of an existing element,
+     * deleting it and finalizing it using releaseFunction if reference count becomes zero.
+     */
+    @Synchronized
+    fun release(key: K) {
+        map[key]?.let {
+            if (it.first == 1) {
+                releaseFunction(it.second)
+                map.remove(key)
+            } else {
+                map[key] = Pair(it.first - 1, it.second)
+            }
+        }
+    }
+
+    /**
+     * Frees all resources (using releaseFunction) and clears the map.
+     *
+     * @param parallel Whether to use parallelStream() (default) or just stream() for iteration
+     */
+    @Synchronized
+    fun freeAll(parallel: Boolean = true) {
+        map.values.let { if (parallel) it.parallelStream() else it.stream() }
+                .forEach { releaseFunction(it.second) }
+        map.clear()
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index 563df78cf..2ba59579d 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -17,6 +17,7 @@
 package de.fhg.aisec.ids.camel.idscp2.client
 
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener
 import org.apache.camel.Processor
 import org.apache.camel.support.DefaultConsumer
@@ -28,23 +29,30 @@ import java.util.concurrent.CompletableFuture
  */
 class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor: Processor) :
         DefaultConsumer(endpoint, processor), Idscp2MessageListener {
-    private val connectionFuture = CompletableFuture<Idscp2Connection>()
+    private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
 
     override fun doStart() {
         super.doStart()
-        endpoint.makeConnection(connectionFuture)
-        connectionFuture.thenAccept { it.addGenericMessageListener(this) }
+        connectionFuture = endpoint.makeConnection()
+        connectionFuture.thenAccept {
+            it.addGenericMessageListener(this)
+            // Handle connection errors and closing
+            it.addConnectionListener(object : Idscp2ConnectionListener {
+                override fun onError(t: Throwable?) {
+                    LOG.error("Error in Idscp2ClientConsumer connection", t)
+                }
+                override fun onClose(connection: Idscp2Connection) {
+                    stop()
+                }
+            })
+            it.unlockMessaging()
+        }
     }
 
     public override fun doStop() {
-        if (connectionFuture.isDone) {
-            val connection = connectionFuture.get()
-            LOG.debug("Stopping IDSCP2 client connection {}...", connection.id)
-            connection.close()
-        } else {
-            LOG.debug("Canceling IDSCP2 client connection...")
-            connectionFuture.cancel(true)
-        }
+        LOG.debug("Stopping/releasing IDSCP2 client consumer connection {}...",
+                if (connectionFuture.isDone) connectionFuture.get().id else "<pending>")
+        endpoint.releaseConnection(connectionFuture)
     }
 
     override fun onMessage(connection: Idscp2Connection, type: String, data: ByteArray) {
@@ -62,8 +70,6 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
             if (response.body != null && responseType != null) {
                 connection.send(responseType, response.getBody(ByteArray::class.java))
             }
-        } catch (e: Exception) {
-            LOG.error("Error in Idscp2ClientConsumer.onMessage()", e)
         } finally {
             doneUoW(exchange)
         }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 3f923369e..675a44fc3 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -18,6 +18,7 @@ package de.fhg.aisec.ids.camel.idscp2.client
 
 import de.fhg.aisec.ids.api.settings.Settings
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
+import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
@@ -27,7 +28,9 @@ import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import org.apache.camel.Processor
 import org.apache.camel.Producer
 import org.apache.camel.spi.UriEndpoint
+import org.apache.camel.spi.UriParam
 import org.apache.camel.support.DefaultEndpoint
+import org.apache.camel.support.jsse.SSLContextParameters
 import org.slf4j.LoggerFactory
 import java.util.concurrent.CompletableFuture
 import java.util.regex.Pattern
@@ -38,41 +41,51 @@ import java.util.regex.Pattern
         syntax = "idscp2client://host:port",
         label = "ids"
 )
-class Idscp2ClientEndpoint(uri: String?, remaining: String, component: Idscp2ClientComponent?) :
+class Idscp2ClientEndpoint(uri: String?, private val remaining: String, component: Idscp2ClientComponent?) :
         DefaultEndpoint(uri, component) {
-    private val dapsDriverConfig: DefaultDapsDriverConfig
-    private val clientSettings: Idscp2Settings
+    private lateinit var dapsDriverConfig: DefaultDapsDriverConfig
+    private lateinit var clientSettings: Idscp2Settings
 
-    init {
-        val settings: Settings = Idscp2OsgiComponent.getSettings()
-        val remainingMatcher = URI_REGEX.matcher(remaining)
-        require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
-        val matchResult = remainingMatcher.toMatchResult()
-        val host = matchResult.group(1)
-        val port = matchResult.group(2).toInt()
-        clientSettings = Idscp2Settings.Builder()
-                .setHost(host)
-                .setServerPort(port)
-                .setKeyStorePath("etc/idscp2/aisecconnector1-keystore.jks")
-                .setTrustStorePath("etc/idscp2/client-truststore_new.jks")
-                .setCertificateAlias("1.0.1")
-                .setDapsKeyAlias("1")
-                .setRatTimeoutDelay(300)
-                .build()
-        dapsDriverConfig = DefaultDapsDriverConfig.Builder()
-                .setConnectorUUID(settings.connectorConfig.connectorUUID)
-                .setKeyStorePath(clientSettings.keyStorePath)
-                .setTrustStorePath(clientSettings.trustStorePath)
-                .setKeyStorePassword(clientSettings.keyStorePassword)
-                .setTrustStorePassword(clientSettings.trustStorePassword)
-                .setKeyAlias(clientSettings.dapsKeyAlias)
-                .setDapsUrl(settings.connectorConfig.dapsUrl)
-                .build()
-    }
+    @UriParam(
+            label = "security",
+            description = "The SSL context for the IDSCP2 endpoint"
+    )
+    var sslContextParameters: SSLContextParameters? = null
+    @UriParam(
+            label = "security",
+            description = "The alias of the DAPS key in the keystore provided by sslContextParameters"
+    )
+    var dapsKeyAlias: String? = null
+    @UriParam(
+            label = "security",
+            description = "The validity time of remote attestation and DAT in seconds",
+            defaultValue = "600"
+    )
+    var dapsRatTimeoutDelay: Long? = null
+    @UriParam(
+            label = "client",
+            description = "Used to make N endpoints share the same connection, " +
+                    "e.g. for using a consumer to receive responses to the requests of another producer"
+    )
+    var connectionShareId: String? = null
 
-    fun makeConnection(connectionFuture: CompletableFuture<Idscp2Connection>) {
-        return Idscp2ClientFactory(DefaultDapsDriver(dapsDriverConfig), NativeTLSDriver())
+    private fun makeConnectionInternal(): CompletableFuture<Idscp2Connection> {
+        val connectionFuture = CompletableFuture<Idscp2Connection>()
+        Idscp2ClientFactory(DefaultDapsDriver(dapsDriverConfig), NativeTLSDriver())
                 .connect(clientSettings, connectionFuture)
+        return connectionFuture
+    }
+
+    fun makeConnection(): CompletableFuture<Idscp2Connection> {
+        connectionShareId?.let {
+            return sharedConnections.computeIfAbsent(it) {
+                makeConnectionInternal()
+            }
+        } ?: return makeConnectionInternal()
+    }
+
+    fun releaseConnection(connectionFuture: CompletableFuture<Idscp2Connection>) {
+        connectionShareId?.let { sharedConnections.release(it) } ?: releaseConnectionInternal(connectionFuture)
     }
 
     override fun createProducer(): Producer {
@@ -85,6 +98,37 @@ class Idscp2ClientEndpoint(uri: String?, remaining: String, component: Idscp2Cli
 
     public override fun doStart() {
         LOG.debug("Starting IDSCP2 client endpoint $endpointUri")
+        val settings: Settings = Idscp2OsgiComponent.getSettings()
+        val remainingMatcher = URI_REGEX.matcher(remaining)
+        require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
+        val matchResult = remainingMatcher.toMatchResult()
+        val host = matchResult.group(1)
+        val port = matchResult.group(2)?.toInt() ?: Idscp2Settings.DEFAULT_SERVER_PORT
+        val clientSettingsBuilder = Idscp2Settings.Builder()
+                .setHost(host)
+                .setServerPort(port)
+                .setRatTimeoutDelay(dapsRatTimeoutDelay ?: Idscp2Settings.DEFAULT_RAT_TIMEOUT_DELAY.toLong())
+                .setDapsKeyAlias(dapsKeyAlias ?: "1")
+        sslContextParameters?.let {
+            clientSettingsBuilder
+                    .setKeyPassword(it.keyManagers?.keyPassword ?: "password")
+                    .setKeyStorePath(it.keyManagers?.keyStore?.resource)
+                    .setKeyStoreKeyType(it.keyManagers?.keyStore?.type ?: "RSA")
+                    .setKeyStorePassword(it.keyManagers?.keyStore?.password ?: "password")
+                    .setTrustStorePath(it.trustManagers?.keyStore?.resource)
+                    .setTrustStorePassword(it.trustManagers?.keyStore?.password ?: "password")
+                    .setCertificateAlias(it.certAlias ?: "1.0.1")
+        }
+        clientSettings = clientSettingsBuilder.build()
+        dapsDriverConfig = DefaultDapsDriverConfig.Builder()
+                .setConnectorUUID(settings.connectorConfig.connectorUUID)
+                .setDapsUrl(settings.connectorConfig.dapsUrl)
+                .setKeyAlias(clientSettings.dapsKeyAlias)
+                .setKeyStorePath(clientSettings.keyStorePath)
+                .setTrustStorePath(clientSettings.trustStorePath)
+                .setKeyStorePassword(clientSettings.keyStorePassword)
+                .setTrustStorePassword(clientSettings.trustStorePassword)
+                .build()
     }
 
     public override fun doStop() {
@@ -93,6 +137,16 @@ class Idscp2ClientEndpoint(uri: String?, remaining: String, component: Idscp2Cli
 
     companion object {
         private val LOG = LoggerFactory.getLogger(Idscp2ClientEndpoint::class.java)
-        private val URI_REGEX = Pattern.compile("(.*?):(\\d+)$")
+        private val URI_REGEX = Pattern.compile("(.*?)(?::(\\d+))?/?$")
+        private val sharedConnections = RefCountingHashMap<String, CompletableFuture<Idscp2Connection>> { connection ->
+            releaseConnectionInternal(connection)
+        }
+        private fun releaseConnectionInternal(connectionFuture: CompletableFuture<Idscp2Connection>) {
+            if (connectionFuture.isDone) {
+                connectionFuture.get().close()
+            } else if (!(connectionFuture.isCancelled || connectionFuture.isCompletedExceptionally)) {
+                connectionFuture.cancel(true)
+            }
+        }
     }
 }
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
index a8755252a..44a07a81d 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -27,32 +27,26 @@ import java.util.concurrent.CompletableFuture
  * Sends each message to all clients connected to this server endpoint.
  */
 class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : DefaultProducer(endpoint) {
-    private val connectionFuture = CompletableFuture<Idscp2Connection>()
+    private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
 
     override fun process(exchange: Exchange) {
         val message = exchange.getIn()
         val type = message.getHeader("idscp2.type", String::class.java)
         val body = message.getBody(ByteArray::class.java)
-        connectionFuture.get().let {
-            it.unlockMessaging()
-            it.send(type, body)
-        }
+        connectionFuture.get().send(type, body)
     }
 
     override fun doStart() {
         super.doStart()
-        endpoint.makeConnection(connectionFuture)
+        connectionFuture = endpoint.makeConnection()
+        // Unlock messaging immediately after obtaining connection
+        connectionFuture.thenAccept { it.unlockMessaging() }
     }
 
     public override fun doStop() {
-        if (connectionFuture.isDone) {
-            val connection = connectionFuture.get()
-            LOG.debug("Stopping IDSCP2 client connection {}...", connection.id)
-            connection.close()
-        } else {
-            LOG.debug("Canceling IDSCP2 client connection...")
-            connectionFuture.cancel(true)
-        }
+        LOG.debug("Stopping/releasing IDSCP2 client producer connection {}...",
+                if (connectionFuture.isDone) connectionFuture.get().id else "<pending>")
+        endpoint.releaseConnection(connectionFuture)
     }
 
     companion object {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index 5a84164a4..b14e51298 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -1,3 +1,19 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
@@ -18,12 +34,12 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
     init {
         val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
                 .setConnectorUUID(Idscp2OsgiComponent.getSettings().connectorConfig.connectorUUID)
+                .setDapsUrl(Idscp2OsgiComponent.getSettings().connectorConfig.dapsUrl)
+                .setKeyAlias(serverSettings.dapsKeyAlias)
                 .setKeyStorePath(serverSettings.keyStorePath)
                 .setTrustStorePath(serverSettings.trustStorePath)
                 .setKeyStorePassword(serverSettings.keyStorePassword)
                 .setTrustStorePassword(serverSettings.trustStorePassword)
-                .setKeyAlias(serverSettings.dapsKeyAlias)
-                .setDapsUrl(Idscp2OsgiComponent.getSettings().connectorConfig.dapsUrl)
                 .build()
         val serverConfiguration = Idscp2ServerFactory(
                 this,
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
index f6f732f80..94f429453 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
@@ -16,6 +16,7 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.server
 
+import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
@@ -28,11 +29,12 @@ import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.apache.camel.Endpoint
 import org.apache.camel.spi.annotations.Component
 import org.apache.camel.support.DefaultComponent
-import java.lang.IllegalStateException
 
 @Component("idscp2server")
 class Idscp2ServerComponent : DefaultComponent() {
-    private val servers: MutableMap<Idscp2Settings, Pair<Int, CamelIdscp2Server>> = HashMap()
+    private val servers = RefCountingHashMap<Idscp2Settings, CamelIdscp2Server> {
+        it.terminate()
+    }
 
     init {
         RatProverDriverRegistry.getInstance().registerDriver(
@@ -56,36 +58,14 @@ class Idscp2ServerComponent : DefaultComponent() {
     }
 
     @Synchronized
-    fun getServer(serverSettings: Idscp2Settings): CamelIdscp2Server {
-        if (serverSettings in servers) {
-            servers[serverSettings]?.let {
-                servers[serverSettings] = Pair(it.first + 1, it.second)
-                return it.second
-            } ?: throw IllegalStateException("This should never happen, please inform developers of this error!")
-        } else {
-            val server = CamelIdscp2Server(serverSettings)
-            servers[serverSettings] = Pair(1, server)
-            return server
-        }
-    }
+    fun getServer(serverSettings: Idscp2Settings) = servers.computeIfAbsent(serverSettings) { CamelIdscp2Server(it) }
 
     @Synchronized
-    fun freeServer(serverSettings: Idscp2Settings) {
-        servers[serverSettings]?.let {
-            if (it.first > 1) {
-                servers[serverSettings] = Pair(it.first - 1, it.second)
-            } else {
-                it.second.terminate()
-                servers.remove(serverSettings)
-            }
-        }
-    }
+    fun freeServer(serverSettings: Idscp2Settings) = servers.release(serverSettings)
 
     @Synchronized
     override fun doStop() {
-        servers.values.parallelStream()
-                .forEach { it.second.terminate() }
-        servers.clear()
+        servers.freeAll()
         super.doStop()
     }
 }
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index 3c1f87f95..70e85dd6f 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -18,11 +18,14 @@ package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import org.apache.camel.Processor
 import org.apache.camel.Producer
 import org.apache.camel.spi.UriEndpoint
+import org.apache.camel.spi.UriParam
 import org.apache.camel.support.DefaultEndpoint
+import org.apache.camel.support.jsse.SSLContextParameters
 import org.slf4j.LoggerFactory
 import java.util.*
 import java.util.regex.Pattern
@@ -33,28 +36,29 @@ import java.util.regex.Pattern
         syntax = "idscp2server://host:port",
         label = "ids"
 )
-class Idscp2ServerEndpoint(uri: String?, remaining: String, component: Idscp2ServerComponent?) :
+class Idscp2ServerEndpoint(uri: String?, private val remaining: String, component: Idscp2ServerComponent?) :
         DefaultEndpoint(uri, component), Idscp2EndpointListener {
-    private val serverSettings: Idscp2Settings
+    private lateinit var serverSettings: Idscp2Settings
     private var server: CamelIdscp2Server? = null
     private val consumers: MutableSet<Idscp2ServerConsumer> = HashSet()
 
-    init {
-        val remainingMatcher = URI_REGEX.matcher(remaining)
-        require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
-        val matchResult = remainingMatcher.toMatchResult()
-        val host = matchResult.group(1)
-        val port = matchResult.group(2).toInt()
-        serverSettings = Idscp2Settings.Builder()
-                .setHost(host)
-                .setServerPort(port)
-                .setKeyStorePath("etc/idscp2/aisecconnector1-keystore.jks")
-                .setTrustStorePath("etc/idscp2/client-truststore_new.jks")
-                .setCertificateAlias("1.0.1")
-                .setDapsKeyAlias("1")
-                .setRatTimeoutDelay(300)
-                .build()
-    }
+    @UriParam(
+            label = "security",
+            description = "The SSL context for the IDSCP2 endpoint"
+    )
+    var sslContextParameters: SSLContextParameters? = null
+    @UriParam(
+            label = "security",
+            description = "The alias of the DAPS key in the keystore provided by sslContextParameters",
+            defaultValue = "1"
+    )
+    var dapsKeyAlias: String = "1"
+    @UriParam(
+            label = "security",
+            description = "The validity time of remote attestation and DAT in seconds",
+            defaultValue = "600"
+    )
+    var dapsRatTimeoutDelay: Long = Idscp2Settings.DEFAULT_RAT_TIMEOUT_DELAY.toLong()
 
     @Synchronized
     fun addConsumer(consumer: Idscp2ServerConsumer) {
@@ -87,6 +91,15 @@ class Idscp2ServerEndpoint(uri: String?, remaining: String, component: Idscp2Ser
     override fun onConnection(connection: Idscp2Connection) {
         LOG.debug("New IDSCP2 connection on $endpointUri, register consumer listeners")
         consumers.forEach { connection.addGenericMessageListener(it) }
+        // Handle connection errors and closing
+        connection.addConnectionListener(object : Idscp2ConnectionListener {
+            override fun onError(t: Throwable?) {
+                LOG.error("Error in Idscp2ServerEndpoint-managed connection", t)
+            }
+            override fun onClose(connection: Idscp2Connection) {
+                consumers.forEach { connection.removeGenericMessageListener(it) }
+            }
+        })
     }
 
     override fun onError(t: Throwable) {
@@ -96,6 +109,27 @@ class Idscp2ServerEndpoint(uri: String?, remaining: String, component: Idscp2Ser
     @Synchronized
     public override fun doStart() {
         LOG.debug("Starting IDSCP2 server endpoint $endpointUri")
+        val remainingMatcher = URI_REGEX.matcher(remaining)
+        require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
+        val matchResult = remainingMatcher.toMatchResult()
+        val host = matchResult.group(1)
+        val port = matchResult.group(2)?.toInt() ?: Idscp2Settings.DEFAULT_SERVER_PORT
+        val clientSettingsBuilder = Idscp2Settings.Builder()
+                .setHost(host)
+                .setServerPort(port)
+                .setRatTimeoutDelay(dapsRatTimeoutDelay)
+                .setDapsKeyAlias(dapsKeyAlias)
+        sslContextParameters?.let {
+            clientSettingsBuilder
+                    .setKeyPassword(it.keyManagers?.keyPassword ?: "password")
+                    .setKeyStorePath(it.keyManagers?.keyStore?.resource)
+                    .setKeyStoreKeyType(it.keyManagers?.keyStore?.type ?: "RSA")
+                    .setKeyStorePassword(it.keyManagers?.keyStore?.password ?: "password")
+                    .setTrustStorePath(it.trustManagers?.keyStore?.resource)
+                    .setTrustStorePassword(it.trustManagers?.keyStore?.password ?: "password")
+                    .setCertificateAlias(it.certAlias ?: "1.0.1")
+        }
+        serverSettings = clientSettingsBuilder.build()
         (component as Idscp2ServerComponent).getServer(serverSettings).let {
             server = it
             // Add this endpoint to this server's Idscp2EndpointListener set
@@ -113,6 +147,6 @@ class Idscp2ServerEndpoint(uri: String?, remaining: String, component: Idscp2Ser
 
     companion object {
         private val LOG = LoggerFactory.getLogger(Idscp2ServerEndpoint::class.java)
-        private val URI_REGEX = Pattern.compile("(.*?):(\\d+)$")
+        private val URI_REGEX = Pattern.compile("(.*?)(?::(\\d+))?/?$")
     }
 }
\ No newline at end of file
diff --git a/examples/route-examples/example-idscp2-client-broadcast.xml b/examples/route-examples/example-idscp2-client-broadcast.xml
new file mode 100644
index 000000000..b9ca71854
--- /dev/null
+++ b/examples/route-examples/example-idscp2-client-broadcast.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+    <camel:sslContextParameters id="clientSslContext" certAlias="1.0.1">
+        <camel:keyManagers keyPassword="password">
+            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.jks" password="password"/>
+        </camel:keyManagers>
+        <camel:trustManagers>
+            <camel:keyStore resource="etc/idscp2/client-truststore_new.jks" password="password"/>
+        </camel:trustManagers>
+    </camel:sslContextParameters>
+
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+        <route id="idscp2ReceiverClient">
+            <from uri="idscp2client://localhost:29292?sslContextParameters=#clientSslContext"/>
+            <log message="Client received: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <!-- Prevents the client consumer from sending the message back to the server -->
+            <removeHeader headerName="idscp2.type"/>
+        </route>
+
+    </camelContext>
+
+</blueprint>
diff --git a/examples/route-examples/example-idscp2-client.xml b/examples/route-examples/example-idscp2-client.xml
index eb7569ffd..b803ed2cd 100644
--- a/examples/route-examples/example-idscp2-client.xml
+++ b/examples/route-examples/example-idscp2-client.xml
@@ -1,13 +1,22 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-           xsi:schemaLocation="
+           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
  http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
  http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
 
+    <camel:sslContextParameters id="clientSslContext" certAlias="1.0.1">
+        <camel:keyManagers keyPassword="password">
+            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.jks" password="password"/>
+        </camel:keyManagers>
+        <camel:trustManagers>
+            <camel:keyStore resource="etc/idscp2/client-truststore_new.jks" password="password"/>
+        </camel:trustManagers>
+    </camel:sslContextParameters>
+
     <camelContext xmlns="http://camel.apache.org/schema/blueprint">
 
-        <route id="idscp2Client">
+        <route id="idscp2SenderClient">
             <from uri="timer://tenSecondsTimer?fixedRate=true&amp;period=10000"/>
             <setBody>
                 <simple>PING</simple>
@@ -16,8 +25,14 @@
                 <simple>ping</simple>
             </setHeader>
             <log message="Client sends: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
-            <to uri="idscp2client://localhost:29292" />
+            <to uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#clientSslContext"/>
+        </route>
+
+        <route id="idscp2ReceiverClient">
+            <from uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#clientSslContext"/>
             <log message="Client received: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <!-- Prevents the client consumer from sending the message back to the server -->
+            <removeHeader headerName="idscp2.type"/>
         </route>
 
     </camelContext>
diff --git a/examples/route-examples/example-idscp2-server-broadcast.xml b/examples/route-examples/example-idscp2-server-broadcast.xml
new file mode 100644
index 000000000..31aaffb0c
--- /dev/null
+++ b/examples/route-examples/example-idscp2-server-broadcast.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+    <camel:sslContextParameters id="serverSslContext" certAlias="1.0.1">
+        <camel:keyManagers keyPassword="password">
+            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.jks" password="password"/>
+        </camel:keyManagers>
+        <camel:trustManagers>
+            <camel:keyStore resource="etc/idscp2/client-truststore_new.jks" password="password"/>
+        </camel:trustManagers>
+    </camel:sslContextParameters>
+
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+        <route id="idscp2Server">
+            <from uri="timer://tenSecondsTimer?fixedRate=true&amp;period=10000"/>
+            <setBody>
+                <simple>BROADCAST</simple>
+            </setBody>
+            <setHeader name="idscp2.type">
+                <simple>broadcast</simple>
+            </setHeader>
+            <log message="Server broadcast to connected clients: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <to uri="idscp2server://0.0.0.0:29292?sslContextParameters=#serverSslContext"/>
+        </route>
+
+    </camelContext>
+
+</blueprint>
diff --git a/examples/route-examples/example-idscp2-server.xml b/examples/route-examples/example-idscp2-server.xml
index 44f24e692..98a87f346 100644
--- a/examples/route-examples/example-idscp2-server.xml
+++ b/examples/route-examples/example-idscp2-server.xml
@@ -1,14 +1,23 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-           xsi:schemaLocation="
+           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
  http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
  http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
 
+    <camel:sslContextParameters id="serverSslContext" certAlias="1.0.1">
+        <camel:keyManagers keyPassword="password">
+            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.jks" password="password"/>
+        </camel:keyManagers>
+        <camel:trustManagers>
+            <camel:keyStore resource="etc/idscp2/client-truststore_new.jks" password="password"/>
+        </camel:trustManagers>
+    </camel:sslContextParameters>
+
     <camelContext xmlns="http://camel.apache.org/schema/blueprint">
 
         <route id="idscp2Server">
-            <from uri="idscp2server://0.0.0.0:29292"/>
+            <from uri="idscp2server://0.0.0.0:29292?sslContextParameters=#serverSslContext"/>
             <log message="Server received: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
             <setBody>
                 <simple>PONG</simple>

From 719383fd490f57919656bd50c647c8e180c3b44f Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 1 Jul 2020 20:34:34 +0200
Subject: [PATCH 094/237] hack to accept new DAT

---
 .../de/fhg/aisec/ids/tokenmanager/TokenManagerService.java    | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index a8f374fe3..c8870d859 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -258,7 +258,9 @@ public Map<String, Object> verifyJWT(
               .setRequireSubject() // the JWT must have a subject claim
               .setExpectedIssuer(
                   "https://daps.aisec.fraunhofer.de") // whom the JWT needs to have been issued by
-              .setExpectedAudience(targetAudience) // to whom the JWT is intended for
+              //.setExpectedAudience(targetAudience) // to whom the JWT is intended for
+              //FIXME: Evil hack to support both audience types from DAPSv1 and v2. We need to get versioning going and we need to get it right. Until then, just hack in second value
+              .setExpectedAudience(targetAudience, "idsc:IDS_CONNECTORS_ALL") // to whom the JWT is intended for
               .setVerificationKeyResolver(httpsJwksKeyResolver)
               .setJwsAlgorithmConstraints( // only allow the expected signature algorithm(s) in the
                   // given context

From 0945263b0a4719653d30a50545f9cb8d63ba1fcb Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Mon, 6 Jul 2020 13:41:34 +0200
Subject: [PATCH 095/237] remove audience check without proper versioning

---
 .../aisec/ids/camel/ids/server/DefaultWebsocket.java |  5 +----
 .../IdsClientServerPlaintextWithAttestationTest.java |  2 +-
 .../de/fhg/aisec/ids/api/tokenm/TokenManager.java    |  1 -
 .../aisec/ids/tokenmanager/TokenManagerService.java  | 12 ++++--------
 4 files changed, 6 insertions(+), 14 deletions(-)

diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
index 5e9691df0..6163e3211 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
@@ -234,13 +234,10 @@ private void validateDynamicAttributeToken(@NonNull String dat) throws DatExcept
         ConnectionSettings connectionSettings = settings.getConnectionSettings(consumer.getEndpoint().getHost() + ":"
                 + consumer.getEndpoint().getPort().toString());
 
-        // This is a bug in the DAPS.
-        // Audience should not be set to default value "IDS_Connector"
-        String targetAudience = "IDS_Connector";
 
         try {
             //validate token signature, target Audience, expire date
-            var claims = tokenManager.verifyJWT(dat, targetAudience, dapsUrl);
+            var claims = tokenManager.verifyJWT(dat, dapsUrl);
             //validate supported security attributes
             tokenManager.validateDATSecurityAttributes(claims, connectionSettings);
         } catch (Exception e) {
diff --git a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
index eacfd8287..560696cd2 100644
--- a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
+++ b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
@@ -56,7 +56,7 @@ public void mockRequiredBundles() throws Exception {
     when(settings.getConnectionSettings(anyString())).thenReturn(new ConnectionSettings());
     cc.setSettings(settings);
     TokenManager tm = mock(TokenManager.class);
-    when(tm.verifyJWT(anyString(), anyString(), anyString())).thenReturn(Collections.emptyMap());
+    when(tm.verifyJWT(anyString(), anyString())).thenReturn(Collections.emptyMap());
     doNothing().when(tm).validateDATSecurityAttributes(any(), any(ConnectionSettings.class));
     cc.setTokenManager(tm);
     CamelComponent.setInstance(cc);
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
index d0ecadc5c..5c3d45c0d 100755
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
@@ -45,7 +45,6 @@ Map<String, Object> acquireToken(
 
   Map<String, Object> verifyJWT(
       String dynamicAttributeToken,
-      String targetAudience,
       String dapsUrl) throws Exception;
 
   void validateDATSecurityAttributes(
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index c8870d859..f49126390 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -99,9 +99,7 @@ public Map<String, Object> acquireToken(
       String keystoreAliasName,
       String trustStoreName,
       String connectorUUID) {
-    // This is a bug in the DAPS.
-    // Audience should not be set to default value "IDS_Connector"
-    String targetAudience = "IDS_Connector";
+
     String dynamicAttributeToken = "INVALID_TOKEN";
     Map<String, Object> jwtClaims = null;
 
@@ -202,7 +200,7 @@ public Map<String, Object> acquireToken(
 
       LOG.info("Dynamic Attribute Token: " + dynamicAttributeToken);
 
-      jwtClaims = verifyJWT(dynamicAttributeToken, targetAudience, dapsUrl);
+      jwtClaims = verifyJWT(dynamicAttributeToken, dapsUrl);
     } catch (KeyStoreException
         | NoSuchAlgorithmException
         | CertificateException
@@ -222,7 +220,6 @@ public Map<String, Object> acquireToken(
   @Override
   public Map<String, Object> verifyJWT(
       String dynamicAttributeToken,
-      String targetAudience,
       String dapsUrl) throws Exception {
     if (sslSocketFactory == null) {
       throw new JwtException("SSLSocketFactory is null, acquireToken() must be called first!");
@@ -258,9 +255,8 @@ public Map<String, Object> verifyJWT(
               .setRequireSubject() // the JWT must have a subject claim
               .setExpectedIssuer(
                   "https://daps.aisec.fraunhofer.de") // whom the JWT needs to have been issued by
-              //.setExpectedAudience(targetAudience) // to whom the JWT is intended for
-              //FIXME: Evil hack to support both audience types from DAPSv1 and v2. We need to get versioning going and we need to get it right. Until then, just hack in second value
-              .setExpectedAudience(targetAudience, "idsc:IDS_CONNECTORS_ALL") // to whom the JWT is intended for
+              //FIXME: Hardcoded two v1 and v2 values. Need to add versioning to correctly handle tokens.
+              .setExpectedAudience(true, "IDS_Connector", "idsc:IDS_CONNECTORS_ALL") // to whom the JWT is intended for
               .setVerificationKeyResolver(httpsJwksKeyResolver)
               .setJwsAlgorithmConstraints( // only allow the expected signature algorithm(s) in the
                   // given context

From 6d93ef67a0b0e4036e0e34d3c3eaa179f662121b Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Mon, 6 Jul 2020 14:10:15 +0200
Subject: [PATCH 096/237] fix audience

---
 .../de/fhg/aisec/ids/tokenmanager/TokenManagerService.java     | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index f49126390..2963f25d0 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -101,6 +101,8 @@ public Map<String, Object> acquireToken(
       String connectorUUID) {
 
     String dynamicAttributeToken = "INVALID_TOKEN";
+    String targetAudience = "IDS_Connector";
+
     Map<String, Object> jwtClaims = null;
 
     // Try clause for setup phase (loading keys, building trust manager)
@@ -146,6 +148,7 @@ public Map<String, Object> acquireToken(
         throw new RuntimeException(e);
       }
 
+
       LOG.info("Retrieving Dynamic Attribute Token...");
 
       // create signed JWT (JWS)

From b4a83bc62a769544a683e0c9ac8f6b68afe77ff2 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 8 Jul 2020 10:08:32 +0200
Subject: [PATCH 097/237] retrieve DAPSv2 token

---
 .../ids/tokenmanager/TokenManagerService.java |  54 +++++++++++-------
 .../src/main/resources/etc/settings.mapdb     | Bin 2097152 -> 2097152 bytes
 2 files changed, 33 insertions(+), 21 deletions(-)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index 2963f25d0..68e07c2f1 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -57,6 +57,7 @@
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.time.Instant;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
 import java.util.Map;
@@ -116,7 +117,7 @@ public Map<String, Object> acquireToken(
       KeyStore trustManagerKeyStore = KeyStore.getInstance("JKS");
 
       LOG.info("Loading key store: " + keyStoreName);
-      LOG.info("Loading trus store: " + trustStoreName);
+      LOG.info("Loading trust store: " + trustStoreName);
       keystore.load(jksKeyStoreInputStream, keyStorePassword.toCharArray());
       trustManagerKeyStore.load(jksTrustStoreInputStream, keyStorePassword.toCharArray());
       java.security.cert.Certificate[] certs = trustManagerKeyStore.getCertificateChain("ca");
@@ -131,6 +132,8 @@ public Map<String, Object> acquireToken(
       // Get certificate of public key
       X509Certificate cert = (X509Certificate) keystore.getCertificate(keystoreAliasName);
 
+
+
       TrustManager[] trustManagers;
       try {
         TrustManagerFactory trustManagerFactory =
@@ -148,9 +151,17 @@ public Map<String, Object> acquireToken(
         throw new RuntimeException(e);
       }
 
-
+      LOG.info("\tCertificate Subject: " + cert.getSubjectDN());
+      //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
+      String authorityKeyIndentifier = new String (cert.getExtensionValue("2.5.29.35"));
+      String subjectKeyIdenfier = new String (cert.getExtensionValue("2.5.29.14"));
+      LOG.info("AKI: " + authorityKeyIndentifier);
+      LOG.info("SKI: " + subjectKeyIdenfier);
+      //connectorUUID = subjectKeyIdenfier + ":" + authorityKeyIndentifier.substring(0, authorityKeyIndentifier.length() - 1);
+      LOG.info("ConnectorUUID: " + connectorUUID);
       LOG.info("Retrieving Dynamic Attribute Token...");
 
+
       // create signed JWT (JWS)
       // Create expiry date one day (86400 seconds) from now
       Date expiryDate = Date.from(Instant.now().plusSeconds(86400));
@@ -158,12 +169,15 @@ public Map<String, Object> acquireToken(
           Jwts.builder()
               .setIssuer(connectorUUID)
               .setSubject(connectorUUID)
+              .claim("@context", "https://w3id.org/idsa/contexts/context.jsonld")
+              .claim("@type", "ids:DatRequestToken")
               .setExpiration(expiryDate)
               .setIssuedAt(Date.from(Instant.now()))
               .setAudience(targetAudience)
               .setNotBefore(Date.from(Instant.now()));
-      LOG.info("\tCertificate Subject: " + cert.getSubjectDN());
+
       String jws = jwtb.signWith(privKey, SignatureAlgorithm.RS256).compact();
+      LOG.info("Request token: " + jws);
 
       // build form body to embed client assertion into post request
       RequestBody formBody =
@@ -172,7 +186,7 @@ public Map<String, Object> acquireToken(
               .add(
                   "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
               .add("client_assertion", jws)
-              .add("scope", "ids_connector")
+              .add("scope", "idsc:IDS_CONNECTOR_ATTRIBUTES_ALL")
               .build();
 
       OkHttpClient.Builder builder = new OkHttpClient.Builder();
@@ -186,7 +200,7 @@ public Map<String, Object> acquireToken(
               .readTimeout(15, TimeUnit.SECONDS)
               .build();
 
-      Request request = new Request.Builder().url(dapsUrl + "/token").post(formBody).build();
+      Request request = new Request.Builder().url(dapsUrl + "/v2/token").post(formBody).build();
       Response jwtResponse = client.newCall(request).execute();
       if (!jwtResponse.isSuccessful()) {
         throw new IOException("Unexpected code " + jwtResponse);
@@ -310,24 +324,22 @@ public Map<String, Object> verifyJWT(
   public void validateDATSecurityAttributes(Map<String, Object> claims, ConnectionSettings connectionSettings)
       throws DatException {
     try {
-      Object idsAttributesObject = claims.get("ids_attributes");
-      Map<String, Object> securityProfile;
-      if (idsAttributesObject instanceof Map) {
-        var securityProfileObject = ((Map<String, Object>) idsAttributesObject).get("security_profile");
-        if (securityProfileObject instanceof Map) {
-          securityProfile = (Map<String, Object>) securityProfileObject;
-        } else {
-          throw new DatException("No security_profile found in claims " + securityProfileObject);
-        }
-      } else {
-        throw new DatException("No ids_attributes claims found in claims " + idsAttributesObject);
-      }
 
-      // Validate audit_logging
-      var auditLogging = Integer.parseInt(securityProfile.get("audit_logging").toString());
-      if (Integer.parseInt(connectionSettings.getAuditLogging()) > auditLogging) {
-        throw new DatException("Client does not support the security requirements for audit_logging.");
+      String securityProfile = claims.get("securityProfile").toString();
+
+      //FIXME: Validate security profile the proper way
+
+      ArrayList<String> validTrustProfiles=new ArrayList<String>();
+      validTrustProfiles.add("idsc:TRUST_SECURITY_PROFILE");
+      validTrustProfiles.add("idsc:BASE_SECURITY_PROFILE");
+      validTrustProfiles.add("idsc:TRUST+_SECURITY_PROFILE");
+
+      if (!validTrustProfiles.contains(securityProfile)) {
+        throw new DatException("Client does not support valid trust profile.");
       }
+      //TODO Check for trust profile
+      //if (Integer.parseInt(connectionSettings.getAuditLogging()) > auditLogging) {
+      //  throw new DatException("Client does not support the security requirements for audit_logging.");
 
       // TODO: validate further security attributes
     } catch (NumberFormatException e) {
diff --git a/karaf-assembly/src/main/resources/etc/settings.mapdb b/karaf-assembly/src/main/resources/etc/settings.mapdb
index 937ee9b5ed76d41326329502fa6b8e39c9cd60af..d2098f4a3bf0822e9f3344dd1de9e68b31263155 100644
GIT binary patch
delta 1690
zcmbtUOOM-B6wY*}%nU7^DX0ReELb2Gm5M+}ERm2{!KM;_fGsS5k=P+M8FkT0P!&{F
z-4<A}pz<S5?7K_+ik;Yw9Xoz(Mz)hl{ED4So|cffj;g|*D}O%sp67SZv0SNCb}A6R
z+_?Ge+dq|xb^P)Dtt{=lv6b(%e|>y%`sU$I>3U(k^(T7g>z(~8#s2+6{MpX+JzTx~
z){px)3e9c*aaQ^2gWXTJ=08eDg)Dtp+JUlkv|GAXocBN4yI05$XQi8kyiMObIlX^!
zx&v_uVi#f$;xfc55c?1Z5Qh-2LR^8k3h^4mwff2FQTOhXJIBXI4;~6~ztItxGhJ!3
zGV$H<C%5(<9h82qqqmNacE7mybg-GYN#LKk^Z6|B7W3iRJdK8v-zt#C%eCcNoPPi2
zhu5bs)o}A{d)PfVd;~l4r2hT8$Dds)|IILfZUT-0NE1*vAgch!0fGV)1#A-#44|sT
zLz1A$f;tK63?S-&qd~O+qTwbO6yYQd=sIZD07-y41sWv4aL}j~CX@gT_^ty20T>6^
z8mJMViWiw#^1)N*z2k@F2Zxp6Mnr~IBTxdd-AC1+LyI%lREu-un9g`$t`Q+v1-7}K
z2w@r+v9ytOJ2+RL!_eF@Wz<h%WY}+RJj}^F-Y7ydrzM9<to8bR*|1QVQ_+5}*Vh~i
zZT57;5p~uGI%Qhiz#6eX5i>6tFdjxMU_!*hg(68hXlW}YAeXio7lp$A*w>vzi#?Mp
z_%;Tuc;)njnvleipJ%LXX{v3-7aqn%1$UK~m)=B+hpp|swt4+LU6wnzpTo;8JY1Y~
zFc^%nOB<sW1HNA!w4{IcG%@v|-s86oLi~hV_;_>aPc+7{M8rqs)Yb)54j_qew6;Sw
zS9m#;O%=0qV<m-Lq%aa9=@BC5>P9xTz|o~LA%!DM!lbp6sJVn0RY?~R31bll-cDv<
z+OQcZrk2=Yqqu1f$*mkq3Y7RFa7`_@^Gwt@`CLUPMUVPSpQU;h!Wn%|6xFzIXnkli
z){+n-7ed0J4*jA_m{jW-WlgsbxvNJ6oR8Ku;up@aWv(UX#kk#;hWIV1*4a>zZ8h^w
z!eu_z4?Bsov912X<*CH6goOj=UJx9Z+tINalQC+T@fwq^)G#HaJgv%1nnSsg^mHxh
z8K;)R6on21G!&>ROh#*ZiYrWtLp>_z8L#FkqUzbqvEt0xCQYkqo-xoy%OOl!`0H5{
z#%!cKYsz6!I9<z7x0QK{O3<c-83+9_=#M}Wux`ec6<UC8Ap!@^P0|fWf+b|#K$PAp
zaIEnPb^s=din$Szt`hL0_bEZ3?Ky`~w5=G`nH2DIbIGC9EHo0KIbC*Y^2DLU+BoUC
zsOHLv)E!XDkQZw{GM^USxH($Z0t1uE^gL=W&fKxy=}nNvh#o5=YCN`7FRD7#U@{W8
zNMEDMnSje&gB^B7bm+A&f^0)9#d&~^)!ds+6iyQq`rJ3iEskq->*(|hQ)kRzIXYjo
z6`>JaNHc+4*($Yecz-#=iR$75cB;?Bvcmg*o%S^{Z)Y2NNiu9aq%Y!jw<&NFbl}(O
z&T2Y~;*~q6)uog1c1VTUA~6@ixiN3J<ievCYo!sHvtCb=y-e*2?Sb1eU3NxR8+n$e
ve7EWPsl^YL{xl~tdEVy9D3T+Rr-Q4)$jE6c*K9Xa|L4#A>@Hq8eg64Brzxv>

delta 275
zcmXBOJqp4w7{>9WAJ+QSIEaEv2d7FWFW?Onynw57aS}>i<)w>5wRj0Psp1s`2k{Vs
zZXUs>HSp&p3HcGNwbUr>^e3;gD3%Iu<rLB=r+?pNL|s>kR&g5~Pt%3WKX%W`pLTEM
zsNz&a*;mhf<6Ue9k?_jHnUI*mGyhMW(S|4?lE^?NvXG4`$U#-)q8h5B25O?#mB@R<
zSxW80RH<xD{za=WkXw9ie;p5%Ha1KNLucp=ouM;yhR)C#IzwmZ44t7fbcW94-Qzr^
G<?IKNWLM+>


From 80a360708e5a54584bb47cf216933ed60531ae03 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 8 Jul 2020 12:04:32 +0200
Subject: [PATCH 098/237] upgraded to DAPSv2

---
 buildx/docker-buildx.sh                       |   0
 .../ids/api/infomodel/ConnectorProfile.java   |   2 +-
 .../ids/api/settings/ConnectionSettings.java  |  49 +--
 .../InfoModelService.kt                       |   2 +-
 .../ids/tokenmanager/TokenManagerService.java |  38 +-
 .../connection-configuration/configuration.ts |   9 +-
 .../connection-configuration.component.html   | 342 +-----------------
 .../settings.interface.ts                     |   9 +-
 .../daps/DefaultDapsDriver.java               |  67 ++--
 .../daps/SecurityRequirements.java            |  10 +-
 .../src/main/resources/etc/settings.mapdb     | Bin 2097152 -> 2097152 bytes
 11 files changed, 110 insertions(+), 418 deletions(-)
 mode change 100644 => 100755 buildx/docker-buildx.sh

diff --git a/buildx/docker-buildx.sh b/buildx/docker-buildx.sh
old mode 100644
new mode 100755
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java
index e1d5c0032..d6c13d6c8 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java
@@ -35,7 +35,7 @@ public final class ConnectorProfile implements Serializable {
   private List<PlainLiteral> connectorEntityNames;
 
   public ConnectorProfile() {
-    this.securityProfile = SecurityProfile.BASE_CONNECTOR_SECURITY_PROFILE;
+    this.securityProfile = SecurityProfile.TRUSTED_CONNECTOR_SECURITY_PROFILE;
     this.connectorUrl = null;
     this.maintainerUrl = null;
     this.connectorEntityNames = null;
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
index 92438d7fc..5622f839a 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
@@ -24,55 +24,14 @@
 public final class ConnectionSettings implements Serializable {
   private static final long serialVersionUID = 1L;
 
-  private final String integrityProtectionAndVerification;
-  private final String authentication;
-  private final String serviceIsolation;
-  private final String integrityProtectionVerificationScope;
-  private final String appExecutionResources;
-  private final String dataUsageControlSupport;
-  private final String auditLogging;
-  private final String localDataConfidentiality;
+  private final String securityProfile;
 
   public ConnectionSettings() {
-    integrityProtectionAndVerification = "1";
-    authentication = "1";
-    serviceIsolation = "1";
-    integrityProtectionVerificationScope = "1";
-    appExecutionResources = "1";
-    dataUsageControlSupport = "1";
-    auditLogging = "1";
-    localDataConfidentiality = "1";
+    securityProfile = "1";
   }
 
-  public String getIntegrityProtectionAndVerification() {
-    return integrityProtectionAndVerification;
+  public String getRequiredSecurityProfile() {
+    return securityProfile;
   }
 
-  public String getAuthentication() {
-    return authentication;
-  }
-
-  public String getServiceIsolation() {
-    return serviceIsolation;
-  }
-
-  public String getIntegrityProtectionVerificationScope() {
-    return integrityProtectionVerificationScope;
-  }
-
-  public String getAppExecutionResources() {
-    return appExecutionResources;
-  }
-
-  public String getDataUsageControlSupport() {
-    return dataUsageControlSupport;
-  }
-
-  public String getAuditLogging() {
-    return auditLogging;
-  }
-
-  public String getLocalDataConfidentiality() {
-    return localDataConfidentiality;
-  }
 }
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
index c51fb8a15..6c3b3c7ce 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
@@ -117,7 +117,7 @@ class InfoModelService : InfoModel {
     // generates RDF description from Connector object and returns building success
     override fun setConnector(profile: ConnectorProfile): Boolean {
         if (profile.securityProfile == null) {
-            profile.securityProfile = SecurityProfile.BASE_CONNECTOR_SECURITY_PROFILE
+            profile.securityProfile = SecurityProfile.TRUSTED_CONNECTOR_SECURITY_PROFILE
         }
         return if (settings != null) {
             settings?.connectorProfile = profile
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index 68e07c2f1..a61a9c380 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -338,8 +338,42 @@ public void validateDATSecurityAttributes(Map<String, Object> claims, Connection
         throw new DatException("Client does not support valid trust profile.");
       }
       //TODO Check for trust profile
-      //if (Integer.parseInt(connectionSettings.getAuditLogging()) > auditLogging) {
-      //  throw new DatException("Client does not support the security requirements for audit_logging.");
+
+      if(connectionSettings.getRequiredSecurityProfile().equals("idsc:BASE_SECURITY_PROFILE")) {
+        if (!securityProfile.equals("idsc:BASE_SECURITY_PROFILE")
+            && !securityProfile.equals("idsc:TRUST_SECURITY_PROFILE")
+            && !securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+
+          throw new DatException(
+              "Client does not support required trust profile: Required: "
+                  + connectionSettings.getRequiredSecurityProfile()
+                  + " given: "
+                  + securityProfile);
+        }
+      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUST_SECURITY_PROFILE")) {
+        if (!securityProfile.equals("idsc:TRUST_SECURITY_PROFILE") &&
+            !securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+          throw new DatException(
+              "Client does not support required trust profile: Required: "
+                  + connectionSettings.getRequiredSecurityProfile()
+                  + " given: "
+                  + securityProfile);
+        }
+      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+          if (!securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+            throw new DatException(
+                "Client does not support required trust profile: Required: "
+                    + connectionSettings.getRequiredSecurityProfile()
+                    + " given: "
+                    + securityProfile);
+          }
+      } else {
+        throw new DatException(
+            "Client does not support any valid trust profile: Required: "
+                + connectionSettings.getRequiredSecurityProfile()
+                + " given: "
+                + securityProfile);
+      }
 
       // TODO: validate further security attributes
     } catch (NumberFormatException e) {
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
index 7851c8738..68b8ae162 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
@@ -11,14 +11,7 @@ export class Configuration {
             this.settings = settings;
         } else {
             this.settings = {
-                integrityProtectionAndVerification: '1',
-                authentication: '1',
-                serviceIsolation: '1',
-                integrityProtectionVerificationScope: '1',
-                appExecutionResources: '1',
-                dataUsageControlSupport: '1',
-                auditLogging: '1',
-                localDataConfidentiality: '1'
+                securityProfile: 'idsc:BASE_SECURITY_PROFILE'
             };
         }
     }
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
index 17cd095cf..e2886832b 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
@@ -27,72 +27,26 @@ <h5>Endpoint Security Requirements</h5>
           <p class="loading" *ngIf="!model">Loading Settings...</p>
           <table *ngIf="model" cellpadding="0" cellspacing="0" border="0" (click)="model.dirty = true">
             <tbody>
-            <!-- <tr>
-              <td width="50%">
-                <h5>Integrity</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Local Integrity Protection</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Remote integrity verification</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                </ul>
-              </td>
-              <td width="50%">
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_1_left"
-                           [(ngModel)]="model.settings.integrityProtectionAndVerification"
-                           name="integrityProtectionAndVerification" [value]="'1'"
-                           [checked]="model.settings.integrityProtectionAndVerification === '1'"
-                    />
-                    <label class="labelSmall" for="switch_1_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_1_center"
-                           [(ngModel)]="model.settings.integrityProtectionAndVerification"
-                           name="integrityProtectionAndVerification" [value]="'2'"
-                           [checked]="model.settings.integrityProtectionAndVerification === '2'"
-                    />
-                    <label class="labelWide" for="switch_1_center">Local Integrity Protection</label>
-                    <input class="switch-button" type="radio" id="switch_1_right"
-                           [(ngModel)]="model.settings.integrityProtectionAndVerification"
-                           name="integrityProtectionAndVerification" [value]="'3'"
-                           [checked]="model.settings.integrityProtectionAndVerification === '3'"
-                    />
-                    <label class="labelWide" for="switch_1_right">Remote integrity verification</label>
-                  </div>
-                </form>
-              </td>
-            </tr> -->
+
             <tr>
               <td>
-                <h5>Authentication</h5>
+                <h5>Required Security Profile</h5>
                 <ul class="mdl-list">
                   <li class="mdl-list__item mdl-list__item--two-line">
                     <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">No endpoint authentication required. Connections are encrypted, but authenticity of the communication partner cannot be guaranteed. Data may be sent to malicious endpoints.</span>
+                      <span><b>BASE Security Profile</b></span>
+                    <span class="mdl-list__item-sub-title">BASE security profile required. Lower security requirements for incoming connection requests.</span>
                   </span>
                   </li>
                   <li class="mdl-list__item mdl-list__item--two-line">
                     <span class="mdl-list__item-primary-content">
-                      <span><b>Server Authentication</b></span>
-                    <span class="mdl-list__item-sub-title">Authenticity of the server must be guaranteed. Authenticity of the client is not checked.</span>
+                      <span><b>TRUST Security Profile</b></span>
+                    <span class="mdl-list__item-sub-title">TRUST security profile required. High security requirments for incoming connection requests.</span>
                   </span>
                   <li class="mdl-list__item mdl-list__item--two-line">
                     <span class="mdl-list__item-primary-content">
-                      <span><b>Mutual Authentication</b></span>
-                    <span class="mdl-list__item-sub-title">Authenticity of server and client must be guaranteed.</span>
+                      <span><b>TRUST+ Security Profile</b></span>
+                    <span class="mdl-list__item-sub-title">TRUST+ security profile required. Highest security requirments for incoming connection requests.</span>
                   </span>
                 </ul>
               </td>
@@ -100,281 +54,25 @@ <h5>Authentication</h5>
                 <form class="form">
                   <div class="switch-field">
                     <input class="switch-button" type="radio" id="switch_2_left"
-                           [(ngModel)]="model.settings.authentication"
-                           name="authentication"
-                           [value]="'1'" [checked]="model.settings.authentication === '1'"/>
-                    <label class="labelSmall" for="switch_2_left">None</label>
+                           [(ngModel)]="model.settings.securityProfile"
+                           name="securityProfile"
+                           [value]="'idsc:BASE_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:BASE_SECURITY_PROFILE'"/>
+                    <label class="labelSmall" for="switch_2_left">Base Profile</label>
                     <input class="switch-button" type="radio" id="switch_2_center"
-                           [(ngModel)]="model.settings.authentication"
-                           name="authentication"
-                           [value]="'2'" [checked]="model.settings.authentication === '2'"/>
-                    <label class="labelWide" for="switch_2_center">Server Authentication</label>
+                           [(ngModel)]="model.settings.securityProfile"
+                           name="securityProfile"
+                           [value]="'idsc:TRUST_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUST_SECURITY_PROFILE'"/>
+                    <label class="labelWide" for="switch_2_center">Trust Profile</label>
                     <input class="switch-button" type="radio" id="switch_2_right"
-                           [(ngModel)]="model.settings.authentication"
-                           name="authentication"
-                           [value]="'3'" [checked]="model.settings.authentication === '3'"/>
-                    <label class="labelWide" for="switch_2_right">Mutual Authentication</label>
+                           [(ngModel)]="model.settings.securityProfile"
+                           name="securityProfile"
+                           [value]="'idsc:TRUST+_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUST+_SECURITY_PROFILE'"/>
+                    <label class="labelWide" for="switch_2_right">Trust+ Profile</label>
                   </div>
                 </form>
               </td>
             </tr>
-            <tr>
-              <td width="50%">
-                <h5>App Isolation</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">Apps are not isolated. A malicious app may compromise the whole connector.</span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Containers</b></span>
-                    <span class="mdl-list__item-sub-title">Apps run in separate containers but may still communicate with each other and the Internet.</span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Trusted Containers</b></span>
-                    <span class="mdl-list__item-sub-title">Apps run in separate, signed and restricted containers. By default, they may only communicate with the Core Platform which enforces usage control policies.</span>
-                  </span>
-                  </ul>
-              </td>
-              <td width="50%">
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_3_left"
-                           [(ngModel)]="model.settings.serviceIsolation"
-                           name="serviceIsolation"
-                           [value]="'1'" [checked]="model.settings.serviceIsolation === '1'"/>
-                    <label class="labelSmall" for="switch_3_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_3_center"
-                           [(ngModel)]="model.settings.serviceIsolation" name="serviceIsolation"
-                           [value]="'2'" [checked]="model.settings.serviceIsolation === '2'"/>
-                    <label class="labelWide" for="switch_3_center">Containers</label>
-                    <input class="switch-button" type="radio" id="switch_3_right"
-                           [(ngModel)]="model.settings.serviceIsolation" name="serviceIsolation"
-                           [value]="'3'" [checked]="model.settings.serviceIsolation === '3'"/>
-                    <label class="labelWide" for="switch_3_right">Trusted Containers</label>
-                  </div>
-                </form>
-              </td>
-            </tr>
-            <tr>
-              <td>
-                <h5>Attestation Scope</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">Integrity of the remote connector is not attested. There will be no guarantees about the software stack running on a remote connector. Any data sent to the remote connector must be considered unprotected.</span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Kernel &amp; Core Platform</b></span>
-                    <span class="mdl-list__item-sub-title">Integrity of the remote connector's kernel and Core Platform will be attested. These components will be guaranteed to be in a known state, but apps remain unattested.</span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Full Stack</b></span>
-                    <span class="mdl-list__item-sub-title">Integrity of the remote connector's kernel, Core Platform, and apps will be attested. All these components will be guaranteed to be in a known state.</span>
-                  </span>
-                </ul>
-              </td>
-              <td>
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_4_left"
-                           [(ngModel)]="model.settings.integrityProtectionVerificationScope"
-                           name="integrityProtectionVerificationScope" [value]="'1'"
-                           [checked]="model.settings.integrityProtectionVerificationScope === '1'"
-                    />
-                    <label class="labelSmall" for="switch_4_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_4_center"
-                           [(ngModel)]="model.settings.integrityProtectionVerificationScope"
-                           name="integrityProtectionVerificationScope" [value]="'2'"
-                           [checked]="model.settings.integrityProtectionVerificationScope === '2'"
-                    />
-                    <label class="labelWide" for="switch_4_center">Kernel &amp; Core Platform</label>
-                    <input class="switch-button" type="radio" id="switch_4_right"
-                           [(ngModel)]="model.settings.integrityProtectionVerificationScope"
-                           name="integrityProtectionVerificationScope" [value]="'3'"
-                           [checked]="model.settings.integrityProtectionVerificationScope === '3'"
-                    />
-                    <label class="labelWide" for="switch_4_right">Full Stack</label>
-                  </div>
-                </form>
-              </td>
-            </tr>
-            <!--<tr>
-              <td>
-                <h5>App Execution Resources</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Local Enforcement</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Remote Verification</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                </ul>
 
-              </td>
-              <td>
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_5_left"
-                           [(ngModel)]="model.settings.appExecutionResources" name="appExecutionResources"
-                           [value]="'1'" [checked]="model.settings.appExecutionResources === '1'"/>
-                    <label class="labelSmall" for="switch_5_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_5_center"
-                           [(ngModel)]="model.settings.appExecutionResources" name="appExecutionResources"
-                           [value]="'2'" [checked]="model.settings.appExecutionResources === '2'"/>
-                    <label class="labelWide" for="switch_5_center">Local enforcement</label>
-                    <input class="switch-button" type="radio" id="switch_5_right"
-                           [(ngModel)]="model.settings.appExecutionResources" name="appExecutionResources"
-                           [value]="'3'" [checked]="model.settings.appExecutionResources === '3'"/>
-                    <label class="labelWide" for="switch_5_right">Remote verification</label>
-                  </div>
-                </form>
-              </td>
-            </tr> -->
-            <tr>
-              <td>
-                <h5>Data Usage Control</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">Remote connector is not expected to provide usage control.</span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Compliance</b></span>
-                    <span class="mdl-list__item-sub-title">Remote connector is expected to apply usage control policies, but not to strictly enforce them at a technical level. Legal usage obligations may still apply</span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Enforcement</b></span>
-                    <span class="mdl-list__item-sub-title">Remote connector must be able to technically enforce usage control policies. This requires a trusted remote platform.</span>
-                  </span>
-                </ul>
-              </td>
-              <td>
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_6_left"
-                           [(ngModel)]="model.settings.dataUsageControlSupport" name="dataUsageControlSupport"
-                           [value]="'1'" [checked]="model.settings.dataUsageControlSupport === '1'"/>
-                    <label class="labelSmall" for="switch_6_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_6_center"
-                           [(ngModel)]="model.settings.dataUsageControlSupport" name="dataUsageControlSupport"
-                           [value]="'2'" [checked]="model.settings.dataUsageControlSupport === '2'"/>
-                    <label class="labelWide" for="switch_6_center">Compliance</label>
-                    <input class="switch-button" type="radio" id="switch_6_right"
-                           [(ngModel)]="model.settings.dataUsageControlSupport" name="dataUsageControlSupport"
-                           [value]="'3'" [checked]="model.settings.dataUsageControlSupport === '3'"/>
-                    <label class="labelWide" for="switch_6_right">Enforcement</label>
-                  </div>
-                </form>
-              </td>
-            </tr>
-            <tr>
-              <td>
-                <h5>Audit Logging</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">No audit logging.</span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Local</b></span>
-                    <span class="mdl-list__item-sub-title">Local audit logging.</span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Remote Ledger</b></span>
-                    <span class="mdl-list__item-sub-title">Non-repudiatable audit logging in a remote ledger.</span>
-                  </span>
-                </ul>
-              </td>
-              <td>
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_7_left"
-                           [(ngModel)]="model.settings.auditLogging"
-                           name="auditLogging"
-                           [value]="'1'" [checked]="model.settings.auditLogging === '1'"/>
-                    <label class="labelSmall" for="switch_7_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_7_center"
-                           [(ngModel)]="model.settings.auditLogging"
-                           name="auditLogging"
-                           [value]="'2'" [checked]="model.settings.auditLogging === '2'"/>
-                    <label class="labelWide" for="switch_7_center">Local</label>
-                    <input class="switch-button" type="radio" id="switch_7_right"
-                           [(ngModel)]="model.settings.auditLogging"
-                           name="auditLogging"
-                           [value]="'3'" [checked]="model.settings.auditLogging === '3'"/>
-                    <label class="labelWide" for="switch_7_right">Remote Ledger</label>
-                  </div>
-                </form>
-              </td>
-            </tr>
-            <tr>
-              <td>
-                <h5>Local data protection</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">Data is stored without additional protection. Administrators or malicious users may be able to read/modify/delete stored data.</span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Secure data erasure</b></span>
-                    <span class="mdl-list__item-sub-title">Locally stored data may be securely erased.  Administrators or malicious users may still be able to read/modify/delete stored data.</span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Full Disk Encryption</b></span>
-                    <span class="mdl-list__item-sub-title">Local data is stored on a full disk encryption (FDE) medium.</span>
-                  </span>
-                </ul>
-              </td>
-              <td>
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_8_left"
-                           [(ngModel)]="model.settings.localDataConfidentiality" name="localDataConfidentiality"
-                           [value]="'1'" [checked]="model.settings.localDataConfidentiality === '1'"/>
-                    <label class="labelSmall" for="switch_8_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_8_center"
-                           [(ngModel)]="model.settings.localDataConfidentiality" name="localDataConfidentiality"
-                           [value]="'2'" [checked]="model.settings.localDataConfidentiality === '2'"/>
-                    <label class="labelWide" for="switch_8_center">Secure data erasure</label>
-                    <input class="switch-button" type="radio" id="switch_8_right"
-                           [(ngModel)]="model.settings.localDataConfidentiality" name="localDataConfidentiality"
-                           [value]="'3'" [checked]="model.settings.localDataConfidentiality === '3'"/>
-                    <label class="labelWide" for="switch_8_right">Local full data encryption</label>
-                  </div>
-                </form>
-              </td>
-            </tr>
             </tbody>
           </table>
         </div>
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/settings.interface.ts b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/settings.interface.ts
index f6455eb84..7f146dd74 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/settings.interface.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/settings.interface.ts
@@ -1,10 +1,3 @@
 export interface Settings {
-  integrityProtectionAndVerification: string;
-  authentication: string;
-  serviceIsolation: string;
-  integrityProtectionVerificationScope: string;
-  appExecutionResources: string;
-  dataUsageControlSupport: string;
-  auditLogging: string;
-  localDataConfidentiality: string;
+  securityProfile: string;
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index ea830f884..836d4ddcf 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -259,15 +259,48 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                 }
 
                 //toDo add further security attribute validation
-                if (secRequirements.getAuditLogging() <= providedSecurityProfile.getAuditLogging()) {
-                    LOG.info("DAT is valid and secure");
-                    return validityTime;
+
+
+                if(secRequirements.getRequiredSecurityLevel().equals("idsc:BASE_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:BASE_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                        LOG.info("DAT is valid and secure");
+                        return validityTime;
+                    } else {
+                        if (LOG.isWarnEnabled()) {
+                            LOG.warn("DAT does not fulfill the security requirements");
+                        }
+                        return -1;
+                    }
+                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                        LOG.info("DAT is valid and secure");
+                        return validityTime;
+                    } else {
+                        if (LOG.isWarnEnabled()) {
+                            LOG.warn("DAT does not fulfill the security requirements, TRUST LEVEL not reached");
+                        }
+                        return -1;
+                    }
+                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                        LOG.info("DAT is valid and secure");
+                        return validityTime;
+                    } else {
+                        if (LOG.isWarnEnabled()) {
+                            LOG.warn("DAT does not fulfill the security requirements, TRUST+ LEVEL not reached");
+                        }
+                        return -1;
+                    }
                 } else {
                     if (LOG.isWarnEnabled()) {
-                        LOG.warn("DAT does not fulfill the security requirements");
+                        LOG.warn("DAT does not fulfill the security requirements, not supported trust level");
                     }
                     return -1;
                 }
+
             } else {
                 //invalid security requirements format
                 if (LOG.isWarnEnabled()) {
@@ -284,34 +317,16 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
     private SecurityRequirements parseSecurityRequirements(String dynamicAttrToken) {
         JSONObject asJson = new JSONObject(dynamicAttrToken);
 
-        if (!asJson.has("ids_attributes")) {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("DAT does not contain ids_attributes");
-            }
-            return null;
-        }
-        JSONObject idsAttributes = asJson.getJSONObject("ids_attributes");
-
-        if (!idsAttributes.has("security_profile")) {
+        if (!asJson.has("securityProfile")) {
             if (LOG.isWarnEnabled()) {
-                LOG.warn("DAT does not contain security_profile");
+                LOG.warn("DAT does not contain securityProfile");
             }
             return null;
         }
-        JSONObject securityProfile = idsAttributes.getJSONObject("security_profile");
-
-        //check if all security requirements are available
-        if (!securityProfile.has("audit_logging")) {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("DAT does not contain audit_logging");
-            }
-            return null;
-        }
-
         //toDo parse further security attributes
-
+        //FIXME: Does this make sense? How are security requirements mapped?
         return new SecurityRequirements.Builder()
-                .setAuditLogging(securityProfile.getInt("audit_logging"))
+                .setRequiredSecurityLevel(asJson.getString("securityProfile"))
                 .build();
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
index 7e588989b..1cbe92d1f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
@@ -11,15 +11,15 @@
  */
 public class SecurityRequirements {
 
-    private int auditLogging;
+    private String securityLevel;
 
     public static class Builder {
         @NonNull
         private final SecurityRequirements requirements = new SecurityRequirements();
 
         @NonNull
-        public Builder setAuditLogging(int auditLogging) {
-            this.requirements.auditLogging = auditLogging;
+        public Builder setRequiredSecurityLevel(String requiredSecurityLevel) {
+            this.requirements.securityLevel = requiredSecurityLevel;
             return this;
         }
 
@@ -29,7 +29,7 @@ public SecurityRequirements build() {
         }
     }
 
-    public int getAuditLogging() {
-        return auditLogging;
+    public String getRequiredSecurityLevel() {
+        return securityLevel;
     }
 }
diff --git a/karaf-assembly/src/main/resources/etc/settings.mapdb b/karaf-assembly/src/main/resources/etc/settings.mapdb
index d2098f4a3bf0822e9f3344dd1de9e68b31263155..ad8f1bf13b1dfa14f3c2c16162b97dee06a38310 100644
GIT binary patch
delta 568
zcmZo@Xkcsr;t3)$E;WBwGJt>przn_aVAukt6;4l_+}J42$;iMBlI4h)7~sgx2VydJ
zY<|GnR<-#Zs|TyllZ#MY3{2`ENrvXh6%BSw9G@reXi#()01E{%fQ%MkPJ+-Zj~Ez1
zn)sO+z~(V+V&Dg>OJ<M;(Jac$-XNNl87f}X+}POO*vJUPOhC*G#4JF}3dC$c%nrmH
zK+FlmTtLhX#5_RE3&ece8yor0*G-<#SSa7od-B}1gJ(`2xqs#S>7(Zun!DdVeEIJF
z<M;2Ly?j2kVQamBF(c>pt=o5O*}7@x_URY71>TDQ-2nv6T~8j}|Mv9L=a=u_O>6)L
z%Sv^y4?uF0gk1{1fEX~a0L)<KV7SS_*a1{KY5D<O0ZFFGAbo52;QFRyl?Z*@o~j~n
zg;7#5ppmIbxhk`{{muKw58teN@&5CdmfF^i>(d1V1(ZZzzI*cZ^OsLAAHG@p<l&cx
yYd?Q@`1tAcbp`_4Sm(d^^5w(yhiU?~TyT3q7R^CeG|kQ-?lHw7xOqaOP6Yr3?8u)0

delta 7361
zcmds6ZB!fAnI7?Bu$#4&I5|1lxLXsq`_b0eiM?*TKe{0f_0n>HW9+ouAL~+(9dcZt
zSZ>{R!w4`&aqJ{)HpSg-S{f&N(k>P=5(2dQry!6JAPIec^ap1&8l;g%nqf2&pxqwt
zy(1y>A>r(9&)IWU=Unc+^S<}J&wcOvK6mb*P$(n{P~Ls=P<7j(w-ES~p6VBCL~>B9
z56=(0SJD0SUJ3Fzlz#Eo0}WMWhhcNi^?`=d2R;LvC7&Q-ec<Z@4bML<HlI`i0sKia
zqQm__R3?hb-UI_P%_F}XXm}>mtlWzaJzkP&|HbS0(Az(LB52E)K#-CTKucPF<h|>P
zuNEC{es4lifj$KvmGmHD{b%3J)JMspzlYDi^m3+u_+>;2`$$oyE_)(dKbMgoIFjvW
z^~xHv{pM`lDG{fBOpiPR?d)$Zu7Y*ty+20|h=v=%3c>F{F|r@_%TAQ^!uok0c^1}3
z^}Q9{{T1C3P>Mh)2Bid)Qc(7QQU*#nD0@NK2g+wac?^_40%iYrMfZWlu4BD##RxjS
zM6&T^I`n}8QQk3G+>;BY=_RLie#Qc(+49q((i4)s8hjKRAJdGE4gR}Cn*3?0^o6Hx
zzD<xZYLVpy4;28`B)xQ882nDDv|-RvDm^s#uY072zH?J?<lwFDil6lKGb~9ksxX@n
zdX?hHe;XMIut_FJ@i&wMVL{;F1D=giyo%*ReSJJ3sCbHFx1d3`pdV0xX!_*yqRXJ#
zKXmPpJ2&eOiJjtd#0?bRhp;96gC|O*Z#;zfTE7UfsHfs5y_-PZ*bcHU56GKaK;|a<
zeR&C9Uh<#i#f#<p`pWlBmhW9D-**=v7~0=^D;QWxQG9}C<G+OH&+N+$gQ@X8I`jeX
zWt<`fps|#o1c8o+68FF}(h;VYg>KES^2?KPf#U5HNe2^(pXXBv(tO6k_{aIg)EY<g
zlpf_NLZEC(DoH8etUHio^+YwNbD<miu&|bq5;B&CcGVHhWI>@@*PWTo#RWeNsEnFu
zEw2Z{L?Y~<sNgLeS8H_`HmcR_aAq;^_TZdE`o-t}DIaErN>NOrdvrLDaPZk8>7Ss#
z$RoMOv#gNWn?YPRtj31b_^?_%tkw*xM~BtgVfEPEe8Yrwj_RKUsLcfT%X|tcf=N=Q
zI77#&zGZ?*P<ORG(&O9Gl`X~;*kEy~^b076DMvP>5JdSt!ErNd6q$rRw^Io=$&*w9
zc{f6&2o*!bLn?>BgYdgeB!jfDz=lGgvs3&wkrcvIT%bt;8rrEa2zHNfC5RA8>Djoz
zvy3Cjaez2>s(uJKgbMMru)fH%LM96)<3TsY)5`_zf0Sp?<`E8(<tR88x^-Q5MNXOq
z-~g;;ItbT5FktSTxZX`re2OM1Q-Wm*ta3!5RCM9pU3gCy-rI%W=)(KD@S9zDe-{o|
zsP}y%6@QZA31&!~ER+QN2E6spkOWi@DeUJ5|Mu1FnJID?vOy1$UqgBjDNG3|Y+NMR
zFDbL^b>zpbkD#yl!N4Brb9<rR0sm9{;4@{?zueagh&MsUFcl8WfBXkFe`@f{<<ied
zC}4Ud$8*KMhYLY5#Ym7+Er&xYf=*DR3h<VS;Aj;cUuI)$kYZH8Pmq0B9)!X&%}@w(
z;~&Y5XER{0gmnuM0|EQC7_cCU8Px)v5N_v`Ts(u^7KL$2P`T_2ci_<{E+6H02;TuP
zlG)G`=ld53kSCJyFuM#+B^m%#QJ^@s>WwIFDDHJ*-JcXt7lAD@VCDrHa5TXnNRJYQ
z`IRI>Vq9(w%RVuycgEmIcaH+4;@!#tC!b6RR1ii|#zWm$&z5x}l98U_7*cw*^8kvX
z50J-RZ~8$~Wt&W1dEs2`^^OM*9-yE+cpyhU+uYvPCTo_rcUCsFUX?XhUg~VR*7jQa
zC0S=>i%gCn-$%NTA~{m}nq1y-wc~ovqYP*59(;r~G-Iw8>-|juw{7#XDaHZE-TLWL
ze$pB)U}Z8N#obvV(9M)~uh8I4N?_tGG`B%v1t-p@ty~Ha2`XrfBPdp2&PARIQp+Gg
zgWDW%cWHx0x3j3KfGNmqkaoA}|7Ho~0Qv})-B{jl3)nV2lBcs4eg<dTKAD3=Atj3p
zkSD?N7#BJGXG;YcyO5~`_}ZC=;?cX{<!URXZ!EcxJ01D;d+6X+k{Ri}rNC|!jEhV_
zqFWDLiDcvkOxUh$!hX3$wmB19K{i#&K&k5JsJ<?1z9w&NZ#yTu+J3FGS$6e$cF=w?
z%da%GU9PNdyY{{79dblkSAVgpq2Xfnx2n%vIA2p=*Nydw(T?VE`{br@2Y~uE13FR&
z(6yFUd2RdU%dKsfABE$>D>dgY*4CdrTT^!y?ZIvqbWy(40f26922{{P*W|Cs+T^Xx
zP0&Y;*E%}dJLNl(p*a^l4qbHN{NGg9ov%4l1%1?u_5ZiC6Ts`=4DWaWe>HT<T4a}6
z+fZ3cBiP5zR{4(_I@>R`UXks@n1lFKZS||wwZ|L59-gZ?|Lulz^<S&0t-gUN3x#Td
z%m*Nq4?%)+0Z@G2Fngs*-gMz=(`DJ2_BMHE`;~%j%t3^KcA>HAZ1u%6^>ydZ)z|i6
zZ|=q&=<Y9h*<1vG-+T!80rFA-yftld+2yP+<=`{}J73k-@~W(}^-_UAKzHWK(_jfT
zb?2+kLLXlQPCj3K28P2;>{cOmDMVBN_pQyikL|#XX7V`?@W$r$j@^RcxeImQsH^{G
zU0$pg8_(1?RQF?V6+*nhhv@cqUI6*6-63ZX*S0q|U4iidLgP|v3rw}9D<Fz@3EwAx
zV?k7Wt>zV&V^y`ly-F0jT_|`9@GJm$do#d7vD+x?{6TB8tmbO_m0c(R-OQ3t0)UOx
z=U%NjQ+=_fvA$Mhfj2+pn@;%;PqemFws&5ZBQGCoZMoWXtm&G({j#j>7<ir9oZ!b!
z9&i4N?D*+ZN1HCm&=-%MJlXuh(bFxmlSi9QpFZ*8$rC4EZ2rpeZSPx|OF-^#??CS5
zc8SZp77r+L(p)3=MdTM>ed+JW++)xf5<A7^MI|%2`^24baG&_5M7&TOx>Mjn@kXCA
z-woo_(T}JgsSS<?H1`ROZsPvv#4>iD2n4YEnsF_z)nMf4G8I%Rhu|lk#GtcG`Vzbq
zROIdh<sU;JW2I7)<d5OUqN1MdcbPxj)NeeU^F_`@LkC~^zM!e-W+XXCr5}O*DT#E$
zS;&8sBkz<Ww*k<1{!cD0rrj<srvE<|7t?MRmm2s&^95AAi2T*DW4m5lcDtvDcAniZ
zljojt9o$L^-u=+6mp{Nty_;F-Pj@hVhBiO_VgI?8s~W{qv<@6U_2&RFWlnu~B7tLH
zQayO6MEcnmex=BTGHB$Y`NP-cPpoW~42hlM^1bi;57TUH&%@Mx1I?LM?p09ha~S2F
zq^<Payc@UC3;H>p@YrBK>i77=LC+dyqE~63XDx1uu(XRYuUnixdfBD|L(_hb1t((+
zM!Bcf18P4PFuLGS&Od93SQ)#+?Y6kQxW!<@-42J_?)TzT4%CVH=bSSxIM+IugCXN{
zTp$*l4yd(BU=RyvOwb4$oVBl7>4}uj!@!9mo8)T?F*_6ROh6lx!C7Y2?=X#-Voa1w
zb2C1#-RAQ$iGbP=h1hLIODYhzGt{iOE>tv3rrFejhD?LSCIgze_<|Y?R?nn-YF#pD
zbdLsS%@5mp?FtE=2aKYFFfwLHlA5U$8MjaSy>l3eTUejdgj;9;A`)8jMP|}gqa|YT
z*wntXYt<YvM6J_i%<PO}mNaTxw|MNd-)YvGBO$d}ZC>-oY-zLFHEMR6Ftd6F^Mln{
zrh(bWRMhIR$9$1VxY9HLx9azrX)BYU36DMPOLKE}gJs!<>8#GEd)hstb9ga>%WasO
zvoUU$-3?@}HM5Dq5~i2|_v-;b6uL=m9&@<tPA_IzbVjvcf9#7cCaVlwMtCi0xZT98
z9V2JWV+-rLsLwl<UWgeuQtgf`#Qf_%uRBQ?buqu!l=OprhX8{faqDL6)7-Qz!Wr$;
z?5ZuoYRzeO)H2PcLA{Eao$Q*~$r*qE2MSssfMwJ=&FSq<R%4xJHQ+gJNpnV9n#F8R
zj`w>R&Mz8eM{Q|t8p!mP2rvruo!k@{vu;jvQ<eyvm|e4gXJVaZaWjzFBb))~tARd>
z0Tf_j&S2G>fLpY*AMBgi=>i~Tv=*levpQC3zc;)JJOB(u;l63jPMa14J*hL9^gh9W
z>GVFUYm_(BM!}OZ;5t6yikYTXQVV02xL-Fn7LGXx+)h|x=Eb1SN*U+INK9CP+Nj18
zN{!JjwOKDj=aWlB*ty_{W0N6$*c#G>!(Lk;I_e(<-)T*TsB;asE}1kI!{iLLIEPb#
z`2@|aYg2OqjfZXN03Wv+>?W&zne>Eb4TjmpaeQS-ZR4kdsnBwA-fEhp6K38tvFfww
z)+Ph@{Zt&a5t`u4ij$wS8cA|oPueHa^W3^VH8DNIQ2GQjzc^(w#PJ|GHtt_t;iJqd
zA?R%>KWFqsbP+BY^CanImoQ08Bm=tSnsqYj;T;aUCBWGhP4huw)<ewj6Qh%9F3lPj
zrwEeu8iOfvC9UNw!o2aRiD=XkoiOTYQ^=Lpd((Cw!P)+o{}lUcRCBz$?(6>rKk`G4


From f4506a2e4bbea54098af14943596bbeca49bb241 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 8 Jul 2020 12:04:32 +0200
Subject: [PATCH 099/237] upgraded to DAPSv2

---
 idscp2/src/test/java/DapsDriverTest.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 6808ce21e..745d5c7b5 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -30,15 +30,15 @@ public void testValidToken() {
     assertNotEquals(token, "INVALID_TOKEN");
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setAuditLogging(2)
+        .setRequiredSecurityLevel("idsc:TRUST_SECURITY_PROFILE")
         .build();
 
     SecurityRequirements requirements2 = new SecurityRequirements.Builder()
-        .setAuditLogging(1)
+        .setRequiredSecurityLevel("idsc:BASE_SECURITY_PROFILE")
         .build();
 
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) >= 0);
-    assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements2) >= 0);
+    assertFalse(dapsDriver.verifyToken(token.getBytes(), requirements2) >= 0);
   }
 
   @Test

From 92d7e85d89f98879d702a499663bd24a06dc8fc9 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 8 Jul 2020 12:04:32 +0200
Subject: [PATCH 100/237] upgraded to DAPSv2

---
 idscp2/src/test/java/DapsDriverTest.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 745d5c7b5..e0861325f 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -175,7 +175,7 @@ public void testInvalidAuditLogging() {
     assertNotEquals(token, "INVALID_TOKEN");
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setAuditLogging(3) //token has supports only audit_logging 2
+        .setRequiredSecurityLevel("\"idsc:TRUST+_SECURITY_PROFILE\"")() //token has supports only audit_logging 2
         .build();
 
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) < 0);
@@ -201,7 +201,7 @@ public static void main(String[] args) {
     System.out.println(token);
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setAuditLogging(2)
+        .setRequiredSecurityLevel("idsc:TRUST_SECURITY_PROFILE")
         .build();
 
     long ret;

From da3512993020a329906787b67ea68206407b53ff Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 8 Jul 2020 12:04:32 +0200
Subject: [PATCH 101/237] upgraded to DAPSv2

---
 idscp2/src/test/java/DapsDriverTest.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index e0861325f..72b9f598b 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -175,7 +175,7 @@ public void testInvalidAuditLogging() {
     assertNotEquals(token, "INVALID_TOKEN");
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("\"idsc:TRUST+_SECURITY_PROFILE\"")() //token has supports only audit_logging 2
+        .setRequiredSecurityLevel("idsc:TRUST+_SECURITY_PROFILE")
         .build();
 
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) < 0);

From 35a3340e1806fc738757487f7502256977eb3b39 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Thu, 9 Jul 2020 10:02:00 +0200
Subject: [PATCH 102/237] Synched with info model

---
 .../ids/tokenmanager/TokenManagerService.java | 24 +++++++++----------
 .../connection-configuration/configuration.ts |  2 +-
 .../connection-configuration.component.html   |  6 ++---
 .../daps/DefaultDapsDriver.java               | 18 +++++++-------
 idscp2/src/test/java/DapsDriverTest.java      |  8 +++----
 5 files changed, 29 insertions(+), 29 deletions(-)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index a61a9c380..7a0de99f3 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -330,19 +330,19 @@ public void validateDATSecurityAttributes(Map<String, Object> claims, Connection
       //FIXME: Validate security profile the proper way
 
       ArrayList<String> validTrustProfiles=new ArrayList<String>();
-      validTrustProfiles.add("idsc:TRUST_SECURITY_PROFILE");
-      validTrustProfiles.add("idsc:BASE_SECURITY_PROFILE");
-      validTrustProfiles.add("idsc:TRUST+_SECURITY_PROFILE");
+      validTrustProfiles.add("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE");
+      validTrustProfiles.add("idsc:BASE_CONNECTOR_SECURITY_PROFILE");
+      validTrustProfiles.add("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE");
 
       if (!validTrustProfiles.contains(securityProfile)) {
         throw new DatException("Client does not support valid trust profile.");
       }
       //TODO Check for trust profile
 
-      if(connectionSettings.getRequiredSecurityProfile().equals("idsc:BASE_SECURITY_PROFILE")) {
-        if (!securityProfile.equals("idsc:BASE_SECURITY_PROFILE")
-            && !securityProfile.equals("idsc:TRUST_SECURITY_PROFILE")
-            && !securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+      if(connectionSettings.getRequiredSecurityProfile().equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")) {
+        if (!securityProfile.equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")
+            && !securityProfile.equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
+            && !securityProfile.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
 
           throw new DatException(
               "Client does not support required trust profile: Required: "
@@ -350,17 +350,17 @@ public void validateDATSecurityAttributes(Map<String, Object> claims, Connection
                   + " given: "
                   + securityProfile);
         }
-      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUST_SECURITY_PROFILE")) {
-        if (!securityProfile.equals("idsc:TRUST_SECURITY_PROFILE") &&
-            !securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) {
+        if (!securityProfile.equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE") &&
+            !securityProfile.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
           throw new DatException(
               "Client does not support required trust profile: Required: "
                   + connectionSettings.getRequiredSecurityProfile()
                   + " given: "
                   + securityProfile);
         }
-      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUST+_SECURITY_PROFILE")) {
-          if (!securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
+          if (!securityProfile.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
             throw new DatException(
                 "Client does not support required trust profile: Required: "
                     + connectionSettings.getRequiredSecurityProfile()
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
index 68b8ae162..731992e41 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
@@ -11,7 +11,7 @@ export class Configuration {
             this.settings = settings;
         } else {
             this.settings = {
-                securityProfile: 'idsc:BASE_SECURITY_PROFILE'
+                securityProfile: 'idsc:BASE_CONNECTOR_SECURITY_PROFILE'
             };
         }
     }
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
index e2886832b..237d95f37 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
@@ -56,17 +56,17 @@ <h5>Required Security Profile</h5>
                     <input class="switch-button" type="radio" id="switch_2_left"
                            [(ngModel)]="model.settings.securityProfile"
                            name="securityProfile"
-                           [value]="'idsc:BASE_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:BASE_SECURITY_PROFILE'"/>
+                           [value]="'idsc:BASE_CONNECTOR_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:BASE_CONNECTOR_SECURITY_PROFILE'"/>
                     <label class="labelSmall" for="switch_2_left">Base Profile</label>
                     <input class="switch-button" type="radio" id="switch_2_center"
                            [(ngModel)]="model.settings.securityProfile"
                            name="securityProfile"
-                           [value]="'idsc:TRUST_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUST_SECURITY_PROFILE'"/>
+                           [value]="'idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE'"/>
                     <label class="labelWide" for="switch_2_center">Trust Profile</label>
                     <input class="switch-button" type="radio" id="switch_2_right"
                            [(ngModel)]="model.settings.securityProfile"
                            name="securityProfile"
-                           [value]="'idsc:TRUST+_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUST+_SECURITY_PROFILE'"/>
+                           [value]="'idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE'"/>
                     <label class="labelWide" for="switch_2_right">Trust+ Profile</label>
                   </div>
                 </form>
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 836d4ddcf..639a74488 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -261,10 +261,10 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                 //toDo add further security attribute validation
 
 
-                if(secRequirements.getRequiredSecurityLevel().equals("idsc:BASE_SECURITY_PROFILE")) {
-                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:BASE_SECURITY_PROFILE") ||
-                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE") ||
-                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                if(secRequirements.getRequiredSecurityLevel().equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
                         LOG.info("DAT is valid and secure");
                         return validityTime;
                     } else {
@@ -273,9 +273,9 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                         }
                         return -1;
                     }
-                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE")) {
-                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE") ||
-                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
                         LOG.info("DAT is valid and secure");
                         return validityTime;
                     } else {
@@ -284,8 +284,8 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                         }
                         return -1;
                     }
-                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
-                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
                         LOG.info("DAT is valid and secure");
                         return validityTime;
                     } else {
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 72b9f598b..27e88d723 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -30,11 +30,11 @@ public void testValidToken() {
     assertNotEquals(token, "INVALID_TOKEN");
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:TRUST_SECURITY_PROFILE")
+        .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
         .build();
 
     SecurityRequirements requirements2 = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:BASE_SECURITY_PROFILE")
+        .setRequiredSecurityLevel("idsc:BASE_CONNECTOR_SECURITY_PROFILE")
         .build();
 
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) >= 0);
@@ -175,7 +175,7 @@ public void testInvalidAuditLogging() {
     assertNotEquals(token, "INVALID_TOKEN");
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:TRUST+_SECURITY_PROFILE")
+        .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")
         .build();
 
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) < 0);
@@ -201,7 +201,7 @@ public static void main(String[] args) {
     System.out.println(token);
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:TRUST_SECURITY_PROFILE")
+        .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
         .build();
 
     long ret;

From 589b732093f27ebdce476f7b2a3e6ceb6ec46a66 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Thu, 9 Jul 2020 12:12:21 +0200
Subject: [PATCH 103/237] Fixed audience

---
 .../java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java | 2 +-
 .../drivers/default_driver_impl/daps/DefaultDapsDriver.java     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index 7a0de99f3..d940af467 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -102,7 +102,7 @@ public Map<String, Object> acquireToken(
       String connectorUUID) {
 
     String dynamicAttributeToken = "INVALID_TOKEN";
-    String targetAudience = "IDS_Connector";
+    String targetAudience = "idsc:IDS_CONNECTORS_ALL";
 
     Map<String, Object> jwtClaims = null;
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 639a74488..820e6700f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -46,7 +46,7 @@ public class DefaultDapsDriver implements DapsDriver {
     private final Key privateKey; //private key can be reused
     private final String connectorUUID;
     private final String dapsUrl;
-    private final String targetAudience = "IDS_Connector";
+    private final String targetAudience = "idsc:IDS_CONNECTORS_ALL";
 
     public DefaultDapsDriver(DefaultDapsDriverConfig config) {
 

From 5315043164f02683274328a72194fc3270b050a8 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Tue, 14 Jul 2020 15:26:01 +0200
Subject: [PATCH 104/237] Automatically generate connector uuid (client id)
 from AKI and SKI. Remove connector uuid from db and configuration options
 since obsolete.

---
 .../idscp2/client/Idscp2ClientEndpoint.kt     |   1 -
 .../camel/idscp2/server/CamelIdscp2Server.kt  |   1 -
 .../ids/api/settings/ConnectorConfig.java     |   7 +-
 .../aisec/ids/api/tokenm/TokenManager.java    |   3 +-
 ids-token-manager/build.gradle                |   1 +
 .../ids/tokenmanager/TokenManagerService.java |  93 ++++++++++++++---
 .../aisec/ids/webconsole/api/ConfigApi.java   |   3 +-
 .../www/src/app/ids/ids.component.html        |   7 --
 .../www/src/app/ids/ids.component.ts          |   3 +-
 .../www/src/app/ids/settings.interface.ts     |   1 -
 .../daps/DefaultDapsDriver.java               |  97 +++++++++++++++++-
 .../daps/DefaultDapsDriverConfig.java         |  12 ---
 .../keystores/PreConfiguration.java           |  34 ++++++
 .../idscp2/example/Idscp2ClientInitiator.java |   1 -
 .../idscp2/example/Idscp2ServerInitiator.java |   1 -
 idscp2/src/test/java/DapsDriverTest.java      |  16 +--
 .../src/main/resources/etc/settings.mapdb     | Bin 2097152 -> 2097152 bytes
 libraryVersions.yaml                          |   1 +
 18 files changed, 218 insertions(+), 64 deletions(-)

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 675a44fc3..7a212bb69 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -121,7 +121,6 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         }
         clientSettings = clientSettingsBuilder.build()
         dapsDriverConfig = DefaultDapsDriverConfig.Builder()
-                .setConnectorUUID(settings.connectorConfig.connectorUUID)
                 .setDapsUrl(settings.connectorConfig.dapsUrl)
                 .setKeyAlias(clientSettings.dapsKeyAlias)
                 .setKeyStorePath(clientSettings.keyStorePath)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index b14e51298..ccd159c5b 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -33,7 +33,6 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
 
     init {
         val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
-                .setConnectorUUID(Idscp2OsgiComponent.getSettings().connectorConfig.connectorUUID)
                 .setDapsUrl(Idscp2OsgiComponent.getSettings().connectorConfig.dapsUrl)
                 .setKeyAlias(serverSettings.dapsKeyAlias)
                 .setKeyStorePath(serverSettings.keyStorePath)
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
index a373bc7c8..18b754efb 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
@@ -37,7 +37,6 @@ public final class ConnectorConfig implements Serializable {
   private final String keystorePassword;
   private final String keystoreAliasName;
   private final String truststoreName;
-  private final String connectorUUID;
 
   public ConnectorConfig() {
     appstoreUrl =
@@ -49,12 +48,11 @@ public ConnectorConfig() {
     acmeDnsWebcon = "";
     acmePortWebcon = 80;
     tosAcceptWebcon = false;
-    dapsUrl = "http://daps.aisec.fraunhofer.de/token";
+    dapsUrl = "https://daps.aisec.fraunhofer.de";
     keystoreName = "client-keystore.jks";
     keystorePassword = "password";
     keystoreAliasName = "1";
     truststoreName = "client-truststore.jks";
-    connectorUUID = "00c6155a-966d-4d2c-af6e-60f997e24da2";
   }
 
   public String getAppstoreUrl() {
@@ -109,7 +107,4 @@ public String getTruststoreName() {
     return truststoreName;
   }
 
-  public String getConnectorUUID() {
-    return connectorUUID;
-  }
 }
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
index 5c3d45c0d..abf1a6a3c 100755
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
@@ -40,8 +40,7 @@ Map<String, Object> acquireToken(
       String keyStoreName,
       String keyStorePassword,
       String keystoreAliasName,
-      String trustStoreName,
-      String connectorUUID);
+      String trustStoreName);
 
   Map<String, Object> verifyJWT(
       String dynamicAttributeToken,
diff --git a/ids-token-manager/build.gradle b/ids-token-manager/build.gradle
index dfcd54352..2b852b204 100755
--- a/ids-token-manager/build.gradle
+++ b/ids-token-manager/build.gradle
@@ -10,6 +10,7 @@ dependencies {
     providedByBundle group: 'com.squareup.okio', name: 'okio', version: libraryVersions.okio
     providedByBundle group: 'org.bitbucket.b_c', name: 'jose4j', version: libraryVersions.jose4j
     providedByBundle group: 'org.json', name: 'json', version: libraryVersions.orgJson
+    providedByBundle group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: libraryVersions.bouncycastle
 
     testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
     testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index d940af467..183255e00 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -29,6 +29,11 @@
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import okhttp3.*;
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.DEROctetString;
+import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
+import org.bouncycastle.asn1.x509.Extension;
+import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
 import org.jose4j.http.Get;
 import org.jose4j.jwk.HttpsJwks;
 import org.jose4j.jws.AlgorithmIdentifiers;
@@ -82,14 +87,12 @@ public class TokenManagerService implements TokenManager {
    * (DAPS)
    *
    * @param targetDirectory   The directory the keystore resides in
-   * @param dapsUrl           The token aquiry URL (e.g., http://daps.aisec.fraunhofer.de/token
+   * @param dapsUrl           The token aquiry URL (e.g., http://daps.aisec.fraunhofer.de
    * @param keyStoreName      Name of the keystore file (e.g., server-keystore.jks)
    * @param keyStorePassword  Password of keystore
    * @param keystoreAliasName Alias of the connector's key entry. For default keystores with only
    *                          one entry, this is '1'
    * @param trustStoreName    Name of the truststore file
-   * @param connectorUUID     The UUID used to register the connector at the DAPS. Should be replaced by
-   *                          working code that does this automatically
    */
   @Override
   public Map<String, Object> acquireToken(
@@ -98,8 +101,7 @@ public Map<String, Object> acquireToken(
       String keyStoreName,
       String keyStorePassword,
       String keystoreAliasName,
-      String trustStoreName,
-      String connectorUUID) {
+      String trustStoreName) {
 
     String dynamicAttributeToken = "INVALID_TOKEN";
     String targetAudience = "idsc:IDS_CONNECTORS_ALL";
@@ -151,13 +153,26 @@ public Map<String, Object> acquireToken(
         throw new RuntimeException(e);
       }
 
-      LOG.info("\tCertificate Subject: " + cert.getSubjectDN());
+      // Get AKI
       //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
-      String authorityKeyIndentifier = new String (cert.getExtensionValue("2.5.29.35"));
-      String subjectKeyIdenfier = new String (cert.getExtensionValue("2.5.29.14"));
-      LOG.info("AKI: " + authorityKeyIndentifier);
-      LOG.info("SKI: " + subjectKeyIdenfier);
-      //connectorUUID = subjectKeyIdenfier + ":" + authorityKeyIndentifier.substring(0, authorityKeyIndentifier.length() - 1);
+      String aki_oid = Extension.authorityKeyIdentifier.getId();
+      byte[] rawAuthorityKeyIdentifier = cert.getExtensionValue(aki_oid);
+      ASN1OctetString akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIdentifier);
+      AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(akiOc.getOctets());
+      byte[] authorityKeyIdentifier = aki.getKeyIdentifier();
+
+      //GET SKI
+      String ski_oid = Extension.subjectKeyIdentifier.getId();
+      byte[] rawSubjectKeyIdentifier = cert.getExtensionValue(ski_oid);
+      ASN1OctetString ski0c = ASN1OctetString.getInstance(rawSubjectKeyIdentifier);
+      SubjectKeyIdentifier ski = SubjectKeyIdentifier.getInstance(ski0c.getOctets());
+      byte[] subjectKeyIdentifier = ski.getKeyIdentifier();
+
+      String aki_result = beatifyHex(encodeHexString(authorityKeyIdentifier).toUpperCase());
+      String ski_result = beatifyHex(encodeHexString(subjectKeyIdentifier).toUpperCase());
+
+      String connectorUUID = ski_result + "keyid:" + aki_result.substring(0, aki_result.length() - 1);
+
       LOG.info("ConnectorUUID: " + connectorUUID);
       LOG.info("Retrieving Dynamic Attribute Token...");
 
@@ -381,6 +396,59 @@ public void validateDATSecurityAttributes(Map<String, Object> claims, Connection
     }
   }
 
+  /***
+   * Split string ever len chars and return string array
+   * @param src
+   * @param len
+   * @return
+   */
+  public static String[] split(String src, int len) {
+    String[] result = new String[(int)Math.ceil((double)src.length()/(double)len)];
+    for (int i=0; i<result.length; i++)
+      result[i] = src.substring(i*len, Math.min(src.length(), (i+1)*len));
+    return result;
+  }
+
+  /***
+   * Beautyfies Hex strings and will generate a result later used to create the client id (XX:YY:ZZ)
+   * @param hexString HexString to be beautified
+   * @return beautifiedHex result
+   */
+  private String beatifyHex(String hexString) {
+    String[] splitString = split(hexString, 2);
+    StringBuffer sb = new StringBuffer();
+    for(int i =0; i < splitString.length; i++) {
+      sb.append(splitString[i]);
+      sb.append(":");
+    }
+    return sb.toString();
+  }
+
+  /**
+   * Convert byte array to hex without any dependencies to libraries.
+   * @param num
+   * @return
+   */
+  private String byteToHex(byte num) {
+    char[] hexDigits = new char[2];
+    hexDigits[0] = Character.forDigit((num >> 4) & 0xF, 16);
+    hexDigits[1] = Character.forDigit((num & 0xF), 16);
+    return new String(hexDigits);
+  }
+
+  /**
+   * Encode a byte array to an hex string
+   * @param byteArray
+   * @return
+   */
+  private String encodeHexString(byte[] byteArray) {
+    StringBuffer hexStringBuffer = new StringBuffer();
+    for (int i = 0; i < byteArray.length; i++) {
+      hexStringBuffer.append(byteToHex(byteArray[i]));
+    }
+    return hexStringBuffer.toString();
+  }
+
   @Activate
   public void run() {
     LOG.info("Token renewal triggered.");
@@ -392,8 +460,7 @@ public void run() {
           config.getKeystoreName(),
           config.getKeystorePassword(),
           config.getKeystoreAliasName(),
-          config.getTruststoreName(),
-          config.getConnectorUUID());
+          config.getTruststoreName());
 
     } catch (Exception e) {
       LOG.error("Token renewal failed", e);
diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
index 40cdbc205..6fad55564 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
@@ -106,8 +106,7 @@ public String set(ConnectorConfig config) {
           config.getKeystoreName(),
           config.getKeystorePassword(),
           config.getKeystoreAliasName(),
-          config.getTruststoreName(),
-          config.getConnectorUUID());
+          config.getTruststoreName());
     } catch (Exception e) {
       e.printStackTrace();
     }
diff --git a/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.html b/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.html
index 1650937a8..dfd31343f 100644
--- a/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.html
+++ b/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.html
@@ -116,13 +116,6 @@ <h2 class="mdl-card__title-text">Settings</h2>
           <span class="mdl-textfield__error"> Valid truststore name required </span>
         </div>
 
-        <div mdl-textfield class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label has-placeholder mdl-cell--12-col form-group">
-          <input class="mdl-textfield__input" id="connectorUUID"	type="string" formControlName="connectorUUID"
-                 required minlength="1">
-          <label class="mdl-textfield__label" for="connectorUUID">Connector UUID</label>
-          <span class="mdl-textfield__error"> Valid UUID required </span>
-        </div>
-
         <div class="mdl-cell--12-col">
 					<button type="submit" class="mdl-button mdl-js-button mdl-button--raised" [ngClass]="{'mdl-button--colored': !saved}">
 						Save Settings
diff --git a/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.ts b/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.ts
index 3d58e8bbd..69a9dfb5e 100644
--- a/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.ts
@@ -56,8 +56,7 @@ export class IdsComponent implements OnInit {
                     keystoreName: response.keystoreName,
                     keystorePassword: response.keystorePassword,
                     keystoreAliasName: response.keystoreAliasName,
-                    truststoreName: response.truststoreName,
-                    connectorUUID: response.connectorUUID
+                    truststoreName: response.truststoreName
 
                 });
                 this.subscribeToFormChanges();
diff --git a/ids-webconsole/src/main/resources/www/src/app/ids/settings.interface.ts b/ids-webconsole/src/main/resources/www/src/app/ids/settings.interface.ts
index c7523aa5d..20a88109c 100644
--- a/ids-webconsole/src/main/resources/www/src/app/ids/settings.interface.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/ids/settings.interface.ts
@@ -12,6 +12,5 @@ export interface Settings {
   keystorePassword: string;
   keystoreAliasName: string;
   truststoreName: string;
-  connectorUUID: string;
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 820e6700f..8b95dd922 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -17,6 +17,11 @@
 import org.jose4j.jwt.consumer.JwtConsumer;
 import org.jose4j.jwt.consumer.JwtConsumerBuilder;
 import org.jose4j.keys.resolvers.HttpsJwksVerificationKeyResolver;
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.DEROctetString;
+import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
+import org.bouncycastle.asn1.x509.Extension;
+import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
 import org.json.JSONObject;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -29,6 +34,7 @@
 import java.security.Key;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
 import java.time.Instant;
 import java.util.Date;
 import java.util.concurrent.TimeUnit;
@@ -37,6 +43,7 @@
  * Default DAPS Driver Implementation for requesting valid dynamicAttributeToken and verifying DAT
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ * @author Gerd Brost (gerd.brost@aisec.fraunhofer.de)
  */
 public class DefaultDapsDriver implements DapsDriver {
     private static final Logger LOG = LoggerFactory.getLogger(DefaultDapsDriver.class);
@@ -44,13 +51,11 @@ public class DefaultDapsDriver implements DapsDriver {
     private final SSLSocketFactory sslSocketFactory; //ssl socket factory can be reused
     private final X509ExtendedTrustManager trustManager; //trust manager can be reused
     private final Key privateKey; //private key can be reused
-    private final String connectorUUID;
     private final String dapsUrl;
     private final String targetAudience = "idsc:IDS_CONNECTORS_ALL";
+    private final X509Certificate cert;
 
     public DefaultDapsDriver(DefaultDapsDriverConfig config) {
-
-        this.connectorUUID = config.getConnectorUUID();
         this.dapsUrl = config.getDapsUrl();
 
         //create ssl socket factory for secure
@@ -60,6 +65,11 @@ public DefaultDapsDriver(DefaultDapsDriverConfig config) {
                 config.getKeyAlias()
         );
 
+        cert = PreConfiguration.getCertificate(
+            config.getKeyStorePath(),
+            config.getKeyStorePassword(),
+            config.getKeyAlias());
+
         TrustManager[] trustManagers = PreConfiguration.getX509ExtTrustManager(
                 config.getTrustStorePath(),
                 config.getTrustStorePassword()
@@ -89,6 +99,34 @@ public byte[] getToken() {
 
         LOG.info("Retrieving Dynamic Attribute Token from Daps ...");
 
+        //Create connectorUUID
+        // Get AKI
+        //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
+        String aki_oid = Extension.authorityKeyIdentifier.getId();
+        byte[] rawAuthorityKeyIndentifier = cert.getExtensionValue(aki_oid);
+        ASN1OctetString akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIndentifier);
+        AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(akiOc.getOctets());
+        byte[] authorityKeyIndentifier = aki.getKeyIdentifier();
+
+        //GET SKI
+        byte[] octets = DEROctetString.getInstance(rawAuthorityKeyIndentifier).getOctets();
+        AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(octets);
+        byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier();
+        String ski_oid = Extension.subjectKeyIdentifier.getId();
+        byte[] rawSubjectKeyIdenfier = cert.getExtensionValue(ski_oid);
+        ASN1OctetString ski0c = ASN1OctetString.getInstance(rawSubjectKeyIdenfier);
+        SubjectKeyIdentifier ski = SubjectKeyIdentifier.getInstance(ski0c.getOctets());
+
+        byte[] subjectKeyIdentifier = ski.getKeyIdentifier();
+
+        DEROctetString dos = new DEROctetString(authorityKeyIndentifier);
+        String aki_result = beatifyHex(encodeHexString(authorityKeyIndentifier).toUpperCase());
+        String ski_result = beatifyHex(encodeHexString(subjectKeyIdentifier).toUpperCase());
+        LOG.info("AKI: " + aki_result);
+        LOG.info("SKI: " + ski_result);
+
+        String connectorUUID = ski_result + "keyid:" + aki_result.substring(0, aki_result.length() - 1);
+
         //create signed JWT
         String jwt =
                 Jwts.builder()
@@ -329,4 +367,57 @@ private SecurityRequirements parseSecurityRequirements(String dynamicAttrToken)
                 .setRequiredSecurityLevel(asJson.getString("securityProfile"))
                 .build();
     }
+
+    /***
+     * Split string ever len chars and return string array
+     * @param src
+     * @param len
+     * @return
+     */
+    public static String[] split(String src, int len) {
+        String[] result = new String[(int)Math.ceil((double)src.length()/(double)len)];
+        for (int i=0; i<result.length; i++)
+            result[i] = src.substring(i*len, Math.min(src.length(), (i+1)*len));
+        return result;
+    }
+
+    /***
+     * Beautyfies Hex strings and will generate a result later used to create the client id (XX:YY:ZZ)
+     * @param hexString HexString to be beautified
+     * @return beautifiedHex result
+     */
+    private String beatifyHex(String hexString) {
+        String[] splitString = split(hexString, 2);
+        StringBuffer sb = new StringBuffer();
+        for(int i =0; i < splitString.length; i++) {
+            sb.append(splitString[i]);
+            sb.append(":");
+        }
+        return sb.toString();
+    }
+
+    /**
+     * Convert byte array to hex without any dependencies to libraries.
+     * @param num
+     * @return
+     */
+    private String byteToHex(byte num) {
+        char[] hexDigits = new char[2];
+        hexDigits[0] = Character.forDigit((num >> 4) & 0xF, 16);
+        hexDigits[1] = Character.forDigit((num & 0xF), 16);
+        return new String(hexDigits);
+    }
+
+    /**
+     * Encode a byte array to an hex string
+     * @param byteArray
+     * @return
+     */
+    private String encodeHexString(byte[] byteArray) {
+        StringBuffer hexStringBuffer = new StringBuffer();
+        for (int i = 0; i < byteArray.length; i++) {
+            hexStringBuffer.append(byteToHex(byteArray[i]));
+        }
+        return hexStringBuffer.toString();
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
index 64f171996..987a31b13 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
@@ -21,8 +21,6 @@ public class DefaultDapsDriverConfig {
     private String trustStorePath = "";
     @NonNull
     private String trustStorePassword = "password";
-    @NonNull
-    private String connectorUUID = "";
 
     public static class Builder {
         @NonNull
@@ -64,12 +62,6 @@ public Builder setTrustStorePassword(String password) {
             return this;
         }
 
-        @NonNull
-        public Builder setConnectorUUID(String uuid) {
-            this.config.connectorUUID = uuid;
-            return this;
-        }
-
         @NonNull
         public DefaultDapsDriverConfig build() {
             return config;
@@ -106,8 +98,4 @@ public String getTrustStorePassword() {
         return trustStorePassword;
     }
 
-    @NonNull
-    public String getConnectorUUID() {
-        return connectorUUID;
-    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index 5c334dadc..bf31564c4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -131,6 +131,40 @@ public static Key getKey(
         }
     }
 
+    /*
+     * Get the certificate from the key store
+     *
+     * throws RuntimeException if key is not available or key access was not permitted
+     */
+    public static X509Certificate getCertificate(
+        String keyStorePath,
+        String keyStorePassword,
+        String keyAlias
+    ) {
+        try (
+            InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath))
+        ) {
+            /* create KeyManager for remote authentication */
+            KeyStore keystore = KeyStore.getInstance("JKS");
+
+            //load keystore
+            keystore.load(jksKeyStoreIn, keyStorePassword.toCharArray());
+
+            // get private key
+            X509Certificate cert = (X509Certificate) keystore.getCertificate(keyAlias);
+            Key key = keystore.getKey(keyAlias, keyStorePassword.toCharArray());
+            if (cert == null) {
+                throw new RuntimeException("No cert was found in keystore for given alias");
+            } else {
+                return cert;
+            }
+
+        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException
+            | UnrecoverableKeyException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
     /*
      * This method can be used for filtering certificates in the trust store
      * to avoid expired certificates
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
index 109444db7..dafb8d77c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
@@ -32,7 +32,6 @@ public void init(Idscp2Settings settings) {
 
         DefaultDapsDriverConfig config =
                 new DefaultDapsDriverConfig.Builder()
-                        .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
                         .setKeyStorePath(settings.getKeyStorePath())
                         .setTrustStorePath(settings.getTrustStorePath())
                         .setKeyStorePassword(settings.getKeyStorePassword())
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
index 4993ea47f..52795c060 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
@@ -32,7 +32,6 @@ public void init(Idscp2Settings settings) {
 
         DefaultDapsDriverConfig config =
                 new DefaultDapsDriverConfig.Builder()
-                        .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
                         .setKeyStorePath(settings.getKeyStorePath())
                         .setTrustStorePath(settings.getTrustStorePath())
                         .setKeyStorePassword(settings.getKeyStorePassword())
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 27e88d723..7f67a987d 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -14,7 +14,6 @@ public class DapsDriverTest {
   public void testValidToken() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -40,12 +39,11 @@ public void testValidToken() {
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) >= 0);
     assertFalse(dapsDriver.verifyToken(token.getBytes(), requirements2) >= 0);
   }
-
+  /****
   @Test
   public void testInvalidClient() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("INVALID_CLIENT")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -60,12 +58,12 @@ public void testInvalidClient() {
     String token = new String(dapsDriver.getToken());
     assertEquals(token, "INVALID_TOKEN");
   }
+   **/
 
   @Test
   public void testInvalidUrlNonSecure() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -73,7 +71,7 @@ public void testInvalidUrlNonSecure() {
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
-            .setDapsUrl("http://daps.aisec.fraunhofer.de")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
             .build();
 
     DapsDriver dapsDriver = new DefaultDapsDriver(config);
@@ -85,7 +83,6 @@ public void testInvalidUrlNonSecure() {
   public void testInvalidUrl404() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -93,7 +90,7 @@ public void testInvalidUrl404() {
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de/token")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
             .build();
 
     DapsDriver dapsDriver = new DefaultDapsDriver(config);
@@ -105,7 +102,6 @@ public void testInvalidUrl404() {
   public void testInvalidPassword1() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -123,7 +119,6 @@ public void testInvalidPassword1() {
   public void testInvalidPassword2() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -141,7 +136,6 @@ public void testInvalidPassword2() {
   public void testInvalidKeyAlias() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -159,7 +153,6 @@ public void testInvalidKeyAlias() {
   public void testInvalidAuditLogging() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -185,7 +178,6 @@ public static void main(String[] args) {
     //get token
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
diff --git a/karaf-assembly/src/main/resources/etc/settings.mapdb b/karaf-assembly/src/main/resources/etc/settings.mapdb
index ad8f1bf13b1dfa14f3c2c16162b97dee06a38310..3594cd79886fc931840555633497eb44e742c63f 100644
GIT binary patch
delta 2358
zcmbtWOK;=W6_)IIcqT6eMVrN-MU1T4O<Uv#wB2=?B8%>d{DEw`=`NCH5R8*1Knx>r
z&?c?ZLD3el9g=z{$ikvTiIhl*6vY=%7!-MB@lErg2Uoq6l_o)ypg;wD`gqUz&bjBF
za|y6eC}ax|?|uKlpMRid(qHa-zg=@C6R-Kj-r>=H@r8TY%u}iN*&iRi@~gYgr;odj
z4^J-cuC03pdU7ZKyv}YyGq*lW759$*Q21r`)uVdh*RS1rv<`1(9;AHhrJaAKe0w+Z
zT*{f>L!`WO!+V?c-owrMXv0r7jBOa-F!yM`_;|mVh1h}Eg}4QA8{!VcU5Gu1dl2^_
zo`QH9;u(l%|FK_uE?;>q_nYi}3@w)$b*zSzYM*6uqwMZpc3wN&&3&BBzI*)g?Og5n
z{+-<CKYX{a|4MP^;Y-=i9v!?liy}Y#^pj6Q&jIIgU?2bcPVRU4qpz7KfoFl>@xjR#
zR$cYObJYlec0LW%*qwP(5S;7a;0^SxgCos0fE%4zU=>DQ0M1P-eEUsb4a0>O=zlzT
zf8&pWIE?<Qc<12oi|nEI46G#pzIXEvC-|@9#a{01`zNr=nau89CY|d0`IC<{&vk(o
z8J>F?f+#ZFtMCc5X``7jjf$m@xBFu^0s#j!Lk|ldZj<OnaFe0-_ib*l^o;=E`2eU9
zU}F%2Lb~fWD%t4PGM?`jk-vSrsso~%Oef!|S*O_)mH+y=Z+08|`u|eYjclE5YX@d(
zI2!?=zlEYz1gTa^$Txera}^#_+1yWl{-<pv+h7jtuvk9b;yiw^llxKrFIzlM0?&(X
zMstjnPO<VSRyoD0r&#S2tDj<x(-QK*wy<dBgU4N1G_Cr7-6oi;b___@HeB%LRJB9!
zLFHlYr(b<%j^R6V{pA&VXMM#E?iIj_LV$E(3=FC#psdlysX!IkbZsf3GSkH+LK+K0
z7MCt*ddAqMR}3#3Q}!H&CW^?QnqwnCXs#xh;!ir`G}KqRj5)BmksvT*31tWt6-Fb0
zQzW!G;t_@7+he1j$Eg+E!`58NpE!DJf>mOe5Sf(7G>NBoxy8V!&t=h0H!{ECU-li&
zo{06d-V42JFO(5kB^}$+62C1=94kw9IKc=jt)1;K^NGvZpu0ZTI<J;^^L)RgCGfEE
zq(r%W3<hKExr{Ypy(5(MF8$>*Ub)twebQMs2+<rO)=JH}=5j4Xq7V&bJeem^#(+hb
zS4-J!CxZ@SG9rt~$#_AVgf(c<2+dmvldvmB<P3$U^A*~>!f1?MDh`{_*tksdBtm0t
zM1iMcS}?8Iv<4#Q$mT_Q(gYT_P$b$I*rB0{Tp}kv#SzSuMH&O%5?VsLF_I8sED#jM
z+QOI<pl`gSNgD}Chd>p4(<O|qj>dV8mk?&iTNOATZaB6#V%RcOVv=;+YL`Q_E?w=f
z8kQ_IlfFav8YY;1M_I{|5UZVrqex_|z`3Ud>f(BIZLa0FSkv!tEpNe^UWHD)GSl)B
z$P1eHmNf4ZY~J)xD5yY3it?c4;~ejm1}(1y?I@G@9X9b0miGfivVCQp)GM=z--14z
zF=5hF&-+anv!WBf$(ZTJ-jac~H76cQLmy}Q1k__tkH8|}zCMv3;3RBI#ZchfXnqWf
z&=T6bsL=SrP^8%cb^s<yXGX(OSPOXRZ5{0r)9LkWq(m|&MCLf2V;6H>WhX#c1p1=2
zity_OLF!Yii-Fl{g{aDvfLUG`i?yaTTt$8)+f5CiSbn_d4W!1XDOLOhW-Gz6IuD&N
z;)f2=38XWVuHtyf3yeB77z#r_>CHRWtE<^iYSrc*!6kGp7CCgGP?w31p+m%JoncqH
zM)oeR9ihZ|^mJ4;Nxn1&X4&b8V&YP6WR-hiDd|_xFb{eiy?K4fHt?97nm$vzX3rG4
z6*@J_VX#ZB%`Kx~+6z?^^X;X@O*?19Snbv7HSw%oX@@ppQDiN)8c8%}+H<!t?bDS3
z->r|N4i4Jox;#WpcFr43TdYny7hQs+@gTk|Ph?ip*r$8Rz{Pd@l3p_G|M8JfgC7aM
M$d`UreB<^10NB#E<p2Nx

delta 624
zcmXYuO=uHA6o7a0pVlU$Pz&Y~so+)dF7_sPsV6;2gC{RCcqxdcy9UWxZ8h#;FQQ%r
zO|#kE%;w#aY=YuJJQTd9$=1Y#Y}}1V4@KXE4)eV?%$pfz=945zl#o};nMcPT1l~w;
zd7cHqoagM<lA4oOlA^H4tBKpC^|g4455tPFA;z}U`{L)*{qHB6gwRD^6Vy%Vni#0I
zbUiDi=QDSO49}6(@C}}$;gk6Xg`8Z>$s!U$!bk*(A~7V6B#<PsfGi@XkR>F=a&r1#
zUZwJywLxx*3p%ryZCcej(=IKM-`d9zIl$Y$X4wciBZ|A)l_+7Uot`(DxV@R@@9%$c
zv>#FO?d+~}eq9bdS$%k~P#k-`?zlYgf|=&T$epdyU^bh=-rj-lja<L%`9F)wvEx9i
z2^|M2O{g1Sn_w7F(LvXt-2}^ly2-n3L$eLc2Ihdppwj}g0VDTl*yr2r7PJ^NYhYWz
z>d>&EYCxmLOS%OOj0~)E6{vQgU4xnhrooSH+lumzUrM_gCz%V+^7^)-_QpeZGW&#Q
z2lz6#{A(0Ee>&|3!C%ksztA4X$;#y&<*n~dy<mtdj>_F(;P%Rge)rF0;2q-2`YxKm
z_I@722|>cod!yY-knIAMixeeMltfVyMM)GTQItec5=BWAB~g?_Q4&Q-6eUrVMCJ4}
JZ&3N==6`+aGot_i

diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index b3887ada6..6b7ddb46e 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -79,6 +79,7 @@ okhttp: "3.11.0"
 okio: "1.15.0"
 orgJson: "20180813"
 jose4j: "0.6.5"
+bouncycastle: "1.66"
 
 # Needed for web console
 javaxServlet: "4.0.1"

From 3bcda62d23cf41f971e4c12126b1ee572f868ace Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 15 Jul 2020 09:21:11 +0200
Subject: [PATCH 105/237] fixed connection setting and logging

---
 .../de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java    | 3 ++-
 .../java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
index 6163e3211..da374c274 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
@@ -241,7 +241,8 @@ private void validateDynamicAttributeToken(@NonNull String dat) throws DatExcept
             //validate supported security attributes
             tokenManager.validateDATSecurityAttributes(claims, connectionSettings);
         } catch (Exception e) {
-            throw new DatException("DAT verification failed!", e);
+            LOG.debug("Dat Verification failed: Message: " + e.getMessage() + "\n Trace:" + e.getStackTrace());
+            throw new DatException(e.getMessage(), e);
         }
     }
 
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
index 5622f839a..7c297b7be 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
@@ -27,7 +27,7 @@ public final class ConnectionSettings implements Serializable {
   private final String securityProfile;
 
   public ConnectionSettings() {
-    securityProfile = "1";
+    securityProfile = "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE";
   }
 
   public String getRequiredSecurityProfile() {

From 167eb5bc43317014548ed78484893ff5a8c9bf73 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 15 Jul 2020 09:39:10 +0200
Subject: [PATCH 106/237] Cleaned up example, changed keytores to p12, updated
 settings db

---
 certificate.pem                               |   0
 .../example-idscp-localloop.xml               |   8 ++++----
 .../main/resources/etc/client-keystore.jks    | Bin 2527 -> 0 bytes
 .../main/resources/etc/client-truststore.jks  | Bin 1974 -> 0 bytes
 .../main/resources/etc/consumer-keystore.p12  | Bin 0 -> 2693 bytes
 .../src/main/resources/etc/keystore.jks       | Bin 4393 -> 0 bytes
 .../main/resources/etc/provider-keystore.p12  | Bin 0 -> 2693 bytes
 .../main/resources/etc/server-keystore.jks    | Bin 2525 -> 0 bytes
 .../main/resources/etc/server-truststore.jks  | Bin 1974 -> 0 bytes
 .../src/main/resources/etc/settings.mapdb     | Bin 2097152 -> 2097152 bytes
 .../src/main/resources/etc/truststore.jks     | Bin 22615 -> 0 bytes
 .../src/main/resources/etc/truststore.p12     | Bin 0 -> 2266 bytes
 12 files changed, 4 insertions(+), 4 deletions(-)
 create mode 100644 certificate.pem
 delete mode 100644 karaf-assembly/src/main/resources/etc/client-keystore.jks
 delete mode 100644 karaf-assembly/src/main/resources/etc/client-truststore.jks
 create mode 100644 karaf-assembly/src/main/resources/etc/consumer-keystore.p12
 delete mode 100644 karaf-assembly/src/main/resources/etc/keystore.jks
 create mode 100644 karaf-assembly/src/main/resources/etc/provider-keystore.p12
 delete mode 100644 karaf-assembly/src/main/resources/etc/server-keystore.jks
 delete mode 100644 karaf-assembly/src/main/resources/etc/server-truststore.jks
 delete mode 100644 karaf-assembly/src/main/resources/etc/truststore.jks
 create mode 100644 karaf-assembly/src/main/resources/etc/truststore.p12

diff --git a/certificate.pem b/certificate.pem
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/route-examples/example-idscp-localloop.xml b/examples/route-examples/example-idscp-localloop.xml
index eb6d8fab5..047dde31d 100644
--- a/examples/route-examples/example-idscp-localloop.xml
+++ b/examples/route-examples/example-idscp-localloop.xml
@@ -8,20 +8,20 @@
     <!-- Define TLS configuration for data consumer -->
     <camel:sslContextParameters id="serverSslContext">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/server-keystore.jks" password="password"/>
+            <camel:keyStore resource="etc/consumer-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
-            <camel:keyStore resource="etc/server-truststore.jks" password="password"/>
+            <camel:keyStore resource="etc/truststore.p12" password="password"/>
         </camel:trustManagers>
     </camel:sslContextParameters>
 
     <!-- Define TLS configuration for data provider -->
     <camel:sslContextParameters id="clientSslContext">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/client-keystore.jks" password="password"/>
+            <camel:keyStore resource="etc/provider-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
-            <camel:keyStore resource="etc/client-truststore.jks" password="password"/>
+            <camel:keyStore resource="etc/truststore.p12" password="password"/>
         </camel:trustManagers>
     </camel:sslContextParameters>
 
diff --git a/karaf-assembly/src/main/resources/etc/client-keystore.jks b/karaf-assembly/src/main/resources/etc/client-keystore.jks
deleted file mode 100644
index 8cac581c388491153679329a43ce082c6877ea64..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2527
zcma)7c{tSD8=vo(rOY5ROvSaAvW@Q;W9<$ajeQA~J+ojcjL@Yd3?sU>a4(}|m+jh;
zx}{vCv6gb_whA{(wh^w9<u}~rxqsY0e&>14=XpP8dEax+^LgL1F}pDffk2?b4s3UT
zAhcMvQr6872pkG>U>l$~LR13*zyNiqBmlr6Fb?cv-KJ@&kq+ja7sO?NWIV!)lDM=O
zThg^J9CI+W@tY}G<q{KI)7;Q$i~PZNDWy<Jtw_P$WbZi(S|Ip&#|gxTiQsI;oK|{D
zSwk&WB;)GJ5?xW+yJ`GwlVPkS*xh%uq~1d1w*sa@@h{z-G4a#QGw_qQD|t~Jk|lBR
zM%~{rBrqzG*LVC#^rJ5Odn^Vm%ZGX&+7)o1*%X;}AvyTj1G6{m2-e<DTGoTHU+ttK
zQ3GcEEj~sI_l8@KP)>MCmQHwP<jY0cd#v3v2;GBoIDFqa;D~svBVm1g)9{{aG`&i1
zO3q~e(ULUHvijF$Uca5pvcd;Ov<|;0DI{;EK2#H&w@1$PBoFQ%$h%S;{kYu5o78x=
zv#u(23b?$&_+|Dbq^PC-13q40v1f8cRI{)26gAe^jh80VNaa8JG${sI5`0$jQg3<^
z%~yGE9XFWkaX9)`@tLJt^J+<T4bP3s<WZRxu_G0LR0sNVcjF(%wrkDy9Cyg_^w-CR
zSzH79mv<R=xXlX9Zx?mLZ}K(Mes)l>uFO4O<l2xgeTk)gpze;JBmIzCNIbY<-a2`v
z5<ZY9YlC*XNDZujm*qxP&m0<ZUb>Md*!6A0xpjm7WT$Jq;=N;v<NFNUet=fVoK+?k
z1<$N>ugZ0+`MTS{zD>ob%e25AL~8DpY!z+nh%`@Isikt8I|+syQq@DJ$T5ru^A<5_
z<5GeLvAa6URbw>9DO*ReBEe0gbu34*Fjx9Uw1SWO@vo@`CEw+zD;5@4)kIvL7DWQs
z>wn}V55|=hni6%XxVPt3Q~Zu+g)Zh4m2{7jvk<(sXMOi0><QZZMHv*~^UzSc7E<11
z=3r|rp)0&D^|$c#dbz=NGFpJq5d?ciR@=V7VUXNT23tb>Vx?uFT}5N6V;Whdf?h-#
zF)%Ym?Y%C`pDCl%9kOP3iu>#0*-p=6vS#Wp2QWgGSEL>sbeek>pR_TDJ6rZ<RNX_+
zZ@RW-WQ&=P{PILrUrAOri<&$+lwz;H062Y@Wji_U^n)`@B8f^?{TbL#X;<p*Xs?B7
zkac9IA6QinB}z<B)davaf%<-%hQrF;xHu`V=~rDw>L@3fQ$52GK0S*iZc4I!AjxXz
z9ZS`(rv^gF&F^({3vtVYGQ?!#m2Zq_?N7?LzMDc;)-dT?x@B@Yr)RU*YcA$wtHB$`
zW4`l;35;H~pFH;%w`hJk+2gp`J%NJe(K2t#lbkujMcn*G%N~o#@qzdTR{5Eduuznu
zaa-d8WC4D<Z{Eo(Ew(;g<DuiTg=ETm3lAFEXrX32M@vRNDDBtyTIX7hVNO4Cr|O;7
z>tn1=yNl6zgWkmFOeN~-PGaEfmj-CB;R{==+(@PLO=IJoj`)NNHl!NP-IW2ci9o%D
z;`e$(i{u|?DCsBZCk^Gls^0;iKF3(BkAU<Y=ISW1<{EDiZ+U25<7x|1Tm9je(RmU^
zP+RS<PMVJp=MXy}gAa>ESWDk)I5A%zNk4G&@i1J<=|rDKxcg?8b`JJUvrh;A*42y_
zO`nO8bz*v?x6g?FN}i;P_0t5~q&&`JLhA3N`)l#H*NVPBJ~!w3B|f5^$JL=<r_W@(
zPF|%`Q<6;(mu%}j`2#Rqk#ZZvx;ZHB!|j|luho*vF<d+I(&r}@>eFQ~+eH!XiYI}F
z5D4s=upnlG9Fgb(5hwtK0=q#m#7^}D%Y+p%06@VZpeX?b?nH<jgCVd`^CJW-D7i&M
z(W2B4+PNSW+s`+I@C_)lH7J6{TA4d5y7-2MDLS8{Q_K`~K!O1%zgvu82oeaogsrCU
zzFSO(Af&{<C`kK1B8Y?Ntq3SI+|0`P2!)^pYWx{-pD&X^V(Qb0S~Q}eftId;AE-s6
z(?KnwK8Zjgf(%_hUna-_l>dD%Va*re01^=4xG0nZ0FdmnT&-%}gEpi@(v+f^roH&%
zUI#1VhTG`!^?Y?Cr8xb<_pMZPP8%yoY!3p%JMC#{FRPvEacVfR{WNO~F&m}UlocGF
zG7~O%=5Nh9KkU^74LLNkDF1W(wPNYpX2@GDvsZQcKk1ED&(>9VrY^HD+-P$9w!wkL
z!?w*{jc`Da0~us_>IB?WBV*&-Q;;-7*>Svea-JyX!WD=ZrRJ%lI#ON&#LD_uKf;42
z<Qa#nbMLP7t@taruUpob$Qxv<cJ{k^JG?>(yfd@8V|g;Y&2e6{tWPhE=HP0k`8k#*
ziWjRVvz04*>r`keuZ|GlQ+^(=dS9o_EiVq^xKI%Q0u*zA^THQ72g(VbR!$s-gGs&Z
zSx05Y69LI-udJ-ZhY?XH)~rE=t!Wk59uOBJ)sxI`;+`*8DeIB0+U=-4?o08S+?I<R
z76t_&AZlx^1Pmqug%^POTSNf{f_PA~K)v8#f+{O4EZ9g}n-LO#r=1G*W#Ik(5fz^4
zt9^<YiWkm-E{Gk%{~8WQ0szbsq=M#ua}b(f@RtuJJ3J_WO%v|;FHa$Cb{K=k@C^wQ
zN>UHMW&C-~{V*IT^|w0_=sy+!25y~J66OaoIXeT`3|at-9U8__5}t{{4hr&Rgt0>i
z{}t;pOqgMi%P>&@DzS~bwo!5$G24jUMyYL--bUQN<ta=%p*#V|&DVB570>n^FLWI{
zI(_X2>9eX`jj#DAwSwUTF9md(%G;w@lV2Zy^Sm+csb*owj;iw0Bj^`FxKTT?rF^)^
zlz&xAU<_9rs!uhGbzFO*`^zKKYIm$>pi9i7OSx+nKcS}y#7%VY;d*{_{}Zc^dQZoE
zWT}Kz61-k76P>5M-}b}uRIpwIW2PMWE-H$sj5G+AiE&fSef4pl+++mHKXHnOm9HOa
zm>s=oQy#+pRQ-f`FS5ayvR35W)^RHF0OHIpj_wHm3g0$3lLuzR+9kffzq;>tzK;(h
zr&(_oKJ`&#yUR$a4e7dDcq!SG$1tbpONmRd4^J$1DZPNN6y$1Pyv9;8RB%nIvx`Fs
KwRVuWxBmm2L>qhn

diff --git a/karaf-assembly/src/main/resources/etc/client-truststore.jks b/karaf-assembly/src/main/resources/etc/client-truststore.jks
deleted file mode 100644
index 998f04c7d601ba0540b4d4d15fe86bdcb7af0bbf..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jf5m7g0V2#i-HLzr0V9qvZVoo<`V)9?W%*4pV#L2LU
z@x9*Bv>WXPylk9WZ60mkc^Mg5Ss4tR47m+B*_cCF*o2u}Tn&W{1VJ1w9xk_{#L~Qs
z{It{}LpcK(kRUUUsHaP?LQsBwi9$$fafyPnqk@rvp@o5*IIp3Fp@FfXp_!qPfl-t=
zuQ8BoWCrC@#f~OMC1j^FvNA9?G4eAQG%<29H8C<WY?5tN?)^5Q*D*0+%@qazhG|QD
zqy@Hr@PA{%c`KBAiqOI>vpkK@<?@GzH*|O}5KMY{Sina0&jg>{zD!3f<TUMmtq<~_
zT-+~h!uwaet9;I*o9Ds=1(zJ(rJwyH;Jv)wW1orZ+#a0O-27+71BUVgi(Z%S?Ob-r
zXKz8w?wMkhECNNVGjv3pWbRC!@Z?=&Wmvg^*NrtT{hKHEy|Yp_-|y37-EzrY$8|r`
zd>L8WmPNPq_~x&Fw@qo$5yw>f^<FE!$;&;sTP1t-^dg(dS-HPdKHL`;C_7QZ!}u<K
z)twKMN;h2$f3l``pO$gS<wmtWY36U2zLYH4XQ<-fVj{7le7V=eU9n8ej0}v66Aa=E
zWPx!d%f}+dA~OB?n{ZE-?w+*t$KgB6_{$c2NS<II50X}9kuVTzz^;HFq(GRF@jnZz
z0W**?;06isv#<bDk{fay0Fw_e4j36an3bnx9s70Sl1AY+_Vo3?s?FuTc4e_Bt#0E@
zsf)g?cGhuD@|-7(^`W;d_wQHtZIwE3PdWYnvu7L5e+=xjP+z=w_i^I{Ul-?p=9UiS
z9S=U2n>z%Zipp*lu$0)ca^by}UFXjJ-QyZ?{>+ZV)9WPPWv_2jS{fCjs&lH-W0AJn
z^d`@i3n>%5^?q;5x~aP$C}VQp@AKi}X;aJWgPVg@UHk&fq9!lNkFaBXHhY0NA8+i_
z0|h1%t(fN-%nR$yK6gH$%}Ddu&jpRiqF$e_G?cswTARIFYr)q`)f4V%ADcNjK_c{Q
z_q-7GTP|1ZCae^(R(4Tf{QLLpf@vwwp0dPEJAHcYPH;|SEiO$0XT+SFY+JMu8SxV^
zBfbM>#A}d@$jFEsg4{I8fF{5U2+Vv2MwZ|VXcA@MKtv{&F^~erGcc12gEBcde+QQ)
z!Lm4^?6+E_C(QqrT35-%gSVdjJEkXlX2wb9;|r=H&qqG5@jDQwm3?>1vkmJM4k%n(
zWv&{pG$U!(o-1X4P89uFp5kG)-PAZD(@k=FV1bFvhNg&8W6iMqlh41(Dg6<-eZFGO
zN~O6gqQ3`)HTed1&Qp6Y(r*y`BceUJ`C-GRNBlWeWeayq(t8#haQL8tV;V2-&qF^h
zo0Pr35$7su*`aXqw@F9hk+cPe1tJctZOfML_ddntp6}9fIC9deG*Ly7N>#??wqo-l
z84qW^R&lRtdE3}~<fpfHX*VZVh+ui+ZJ~Vud$Zf7{z}W=V(;q5y<UnxFkDLe{hl{5
z*A|(7oI3xMSFypix33}DuknLH<6EQ*c)I8Kw${oO%F9lRt`-l_f0pVT`+~9z*k)i3
z%8l|Y1_pWtIt#QGXtb$il#~=$>FXyK<>)157N;ibrNN7Cy_8h_%#>n1pqxPn8;3R<
zu*_#?WMuI$a5Hd$@eP>TETCqj<d^5=<R=1kU^A%*Sn?+)CZ`sa0E>MyJrDyeHG|6o
z!KqSj-)zyd{agKa!QYw;4yWw+wJm3*g11jl;{112E#n$j-WJx6t=(6%)q*aUGGw#;
zy5KBQD;fNflWV%jv40{$Cu%Mn59m$5oqTVV=eg`$_O5mFERRlnzrL02cVNM#Bj2{L
zt8KjXc+FOed5P!u`?=4S4b1Y%-??DNvK1R{JxO@1*&4G}H&rvC`l;9g`I=)%Z~u9)
zG}_O%emwg|cZGCR_eZxl%g_5C^<^ZTee+9vMniO0Y-gh0r`;LVbKcZFJ($0dnWyoe
zYrYYqA=e$%<_Ut+7Vmn}bu&WYORM6`YKBXK_xC*O*&X-8P$I!$Zrc3ySu?wxy5@h*
jKJsPXQbv^>U)0#*vbc9$N>rMBDW~+|HRjd{yhWM-qpIG&

diff --git a/karaf-assembly/src/main/resources/etc/consumer-keystore.p12 b/karaf-assembly/src/main/resources/etc/consumer-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..6607767d644aea4ea7a11e98ac540c623b80283e
GIT binary patch
literal 2693
zcmY+^c{me}9|v%oZEjNTkejgC%rV#ZtNNm(CKKhpG734SAy+F$TXQXP--^vdu`x%k
zkXx=UBv;PlOvtbA^Zb6l@9+1==lML(`~5ucKVNVH_dOth9ZujjgK(+Fo{!z-18@NH
z3EU_Ufm`c$42Kgy3;$G*d;;j*?`Q-FVEg_0{%HVkNeK797kB{>I6sK9JVi88`A7=|
z1ah)P6F~VZywpW&3z4n6S^2p{Kk$V%E=f<@tZGQd-P=J8Hk|AIlG1>yU0>xCvxy@*
z72iX0<MIOefUNp&&$JM;961h+{cg|@_u!jcYnmQriu!MBv7?C;peo0T2%TybEVl_d
zEJ=tNTPbGq=}&eh?I591@6lwCN|7l-RHEglMCu{Dw4|yoVe6osk#U1_NT5wVlp_%<
zbLUafGQ)k@tA6F|uR#xIE`b(okJy1PxZ=sU7Hxd=G|UA*!IE_wIc@PeJ%7gg0O5I`
zo)v0;OZkM1Q4-jo%*85{*-+nSn6~+T`-8H(cf;k#?*2{oeW}g~Bj=_^D?bnM%as>B
z^iNOOYZnWAA17!za&dVjSl|0p{BTpRI7}087_@ATLFmf_szlX=%EBu2{)pmvw&aJx
zG6#b{-am5m!=QAl{S4&x>Mb)z5*-oub}-w+acmngdOgJ$qpu{_qK;afIiH=4fT0dv
zNAG?Q*OEFm!#bpEeQa>jv&y9hxDw;TSjy=FZ{}(a5pzSxiIT=yj%fvu#`m%BZ09m_
zABR8-G<rK_W(&wIPgdJ&N}a}|-3x=#b7>2y_w6^$79uhophGzE4&(>1$(|D;UF)i$
z{*NqRf9&PtUYvuAHQHGCyKM@yxV~SE){sbW40>n@)%*)61=3!ny(OLjxUa>2!IoK0
znXUnu=C1Qy;hskX3utTp)SU~Hrj+#54C_ddr(fD0x3AlknVEjGmqTmVekc@oLI`68
zK1+t0bc<oZirFdCVKOe%O5a=T;g1%tC?o&O$pq9opS62x=3q?fqt!7oFP^Okrvpb6
z&|cdiDn-q|4EXAr?~cb#Cj8>N@aEZyisINyA$LE`vT(z>Z0fq3?+E`@;tcaa@5Rr3
zDaeeIVB_@uC`Nkfa0*$0Zj<D|Vl-YGlK<;7N&#m?kIU6MCsczoIC^SQM--f&blng3
zj!$beE#qIW<yewVJSL_$O8J;9HPC;+nTu0<-ahZW*On)2qM+pHLl0m(N{Si4ZG0t%
z#x9D7eF_7+$tqHlkw`)9=QsTgCC~=OOd|`Id1sw;^sT^s*Td(Uqi2q^B=1$(T&l~e
zR3J%~zIc>5upWWjWzgmqC8h@gfy&tULFrOE9jMxCrxyD07OQ(2>W^QkYMmZrbM((0
zctCIT{255Lfk%t;1j+&v>#Kt{&uPcSpZCIJIVUufon9=&wyH~_R9W&N$kGg+z@{PL
zY(*<if?&i|T$kl|<V$}3-J_PYliF&HTTm-=yvYF`pfajpa)MX%Ozm<<a1)1aqTBs}
zdc-L^|2E#8Dq8PyfY{Hewvn&&^ky2JWl|-7V#3^gF4q0bYmbMteLk0rHm5&YhrRN0
zcUdrziI;5k`^h@R(I;6&MoI<LEv!!xqM|3AZ!a0C{L^Z_olk8@#O%6tYO%kYVOhf6
zJuFq0)`K@BUmgV*L7+oon4pX)d`}1Q+{?aryRHI3-N72&u*nK3Uys8ogvu}7V=mO<
z<ynS`?P06D&||)Q{XS8P72Yf60Z$5Dau8+GdafKNHfIW({g_+6s1b=UI01a-e?ZG8
zfHgq`Fzk1%`umh1JpbX18vy+6;M#8hm;O&Z_P^CD&4=j4Jk31yw|XD~s7p^Uqvrf)
z;_>5K;}aUBm)tJPzh0H|s}Dy~vKQ_UI>E+cr0q;n63IIU+Yk#YA`&h8BlimIKJQO*
z!>${8(V*eS_X{sYHoMBdpCcd3E=#aCNmC*5fQBOZ%(*3Xfll1AzPb<Z;{bhVOb52Q
zg?IeJ!A#y33tg5|zP2dE@^N<KU6xZ@uM&raJk=&H(}HK(-Z^ofiXk=1G4V`k)b#%M
ziS=`@k2AxG8lOxUm^WrOa6hdl0Z(-Dhd5;PHGX|jx8BE92*}IW!<bJgYDMlYf*2&G
zjJ#`L8)*G$T84dQR+Q-*TDJ1cH;}hHNXr;BFFW^QX(Q`8gmL(4mKdipM+-xpv@D2w
zuG`PE!Atpq(~t3OnKrd5RiB#wG`M$4il9SjaJl`qW+@F+F1FUpMLXk>R~TGUrc)nT
zGo*-VxZR358&I5M)MfLluG;rccK;s@j#tzcy*M-`Sa%a5lIh!Fs9wlw)bo<ZqBj}o
z__1|D3OOq-e$fH;08g$?+iLzW-z1Kmfhisj{?2imWs0I!tTC1XUs1KEic{>p)-<Ec
zuM6ySLuvTFn-vcrYE50o-UQy%KIa>bx++A>y3?OEjjAaxCa)^L!NG(rEE1#5k&`I5
z6jxwSFKq4RaIU#3b1T1)r~KLj=Wg7+<(_fk?xjKb9y*tnDN$rT0-YT{d+*5Pby|}J
zrD^GNQ<VU4lmWcenN!$&YSrx8i*eenJsLgCbO^|F?<Gg#<o3XmdWLFLz3@ewUEbxn
z!bTa(m4$}*nFSf%=3waJU)K^Q(5XS&nfMZ9ElTA&gle*E&N>bwHq_T$;Beg66qdG8
zO;2vL4nn~8uo;P`G2h1$nbFagdwVHS@XIKp8kbHi?kGryS*cQ0Ng6Y>;Lri{{K%n6
z!2k3N3*RC44)xH9!K&C-ZLMJM>Arm@q*@f9*Dt7R$B1gavI(*799D7w9`PA@B8)Q?
zWfkS~_9YLpKjw{9e`Rimmr#@zNP_Y!!}`4kvuGV+-lc$c^-qN4{i)d>Fg}m+LD<97
zg$ELBiTJa(Vp*$6OEGE)e69OoBHnUlbIgoYX)7dTv-Y-h?qule3m<bEnv(70HtU`_
z$w~?89YTAGWm~?vn~0~Ibk->J(NX}H>gXT?0gKHAc5m4GP9-ld#v3ha=8)GL&M@z(
ztjZ7TM${6Iw0NtV0S=eDj|RGCg`L>dgF~<4NvDjjK}SQv$kJ2h3Dyz*i9T!<E9I-z
zPuP(M3C&52vuC&blH0+@!d3<CC^ZOCkm^J>{lb-R!&|MzClh?;^W+@-tW{05F?w<5
z(z}Ip4kPmN2kYC|Z^v}BRDL0=UhcO^dNFA^chxakzg}Gh@wjfTfWL5H_6)4MskT6|
zLM`|XL*e`eByU^Vuv%KU{vz7{J;8S<ujOZMjf>p76@$k;+mo}~m6Um+61^<X7b?`N
zC9o0jjWtlJQ{<U_Wg{?tVT4Z65a<TFrQWI-#{NhT^6?dYsZ~XXkBX->@$*YdK72rK
z<3^vjq&E$`h^9B*&bu#RLLd2}EC>g~>`X%F+s?MRGpX;DG~T^dInUj$FsV07dbPG=
zCVK7(#`e^P#jKik9~GUCP=w3>S4S>kga}CJeMEJi#7poF&yM-m$u)bS(k-btI07yU
x=YoLM_}PIHU^bADxShH5uH&M#q<dn(n2|6+$>zmn5a<0*Q!>&8%Qya3@?X+^2G#%o

literal 0
HcmV?d00001

diff --git a/karaf-assembly/src/main/resources/etc/keystore.jks b/karaf-assembly/src/main/resources/etc/keystore.jks
deleted file mode 100644
index 688ef84318764e1d66e4f504d56d6865938d25ce..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 4393
zcmeH}XH-*(630{N)gVPyK&l|+hKLXm=@=A5>4FL|2@(j26hS~xf&@^S(m@e)X)aa3
zb?KlK3l_S7fGZM;NB|K*#Fqqjm)+yO_s-cp@9c;7A#?BCGD+sl|M#D@nY9@Z2n1n%
zVC*9VhXsMaPKGlr8X&l%x)y*2fuIur6*>k`A&;}65HJJ+1_S&Y+$uB-ZHXTY=7oa*
zJtQx{%>lK8aUdWjrbq-J%u0Cpc+7mTr^)UVH-ZmR0uW<egz^cQo7l)$Qz(8i#)dMQ
z0CE=~CB~1`1~idcNC1V_L^_G_Yico5)YlZy{V&Rk0h`y$3$V)DoIdeOaVl7L<Ie@d
zK~O4K5Cl-cJP;}v47zjI24m_K>kd`R;H-WUkL>M{4qSOVc|9HaK<yxXO1uW7!{@nx
zyyem3XmmV(MZ&Q>5;=5Hs`~runf5`IW);TM`&6fv1W{kwW6B2LaU!c8&cSuuOBZej
z4}PMThjivV6Udu&)-L61y5p~qX_QFEfu2rS(=6Y)6j(Y)I-U)Hn|Ih*$;nJNx7F)S
zs>C?XS)10&7*q!L7q(19b^egQ*-z6W?A#<Mj2O?aR}98zN$(%>d!y^T^f2AFqWfW?
z-KjeRLBuJyr*fjYQ#Kmq!`D-HoXvCJR^q4~Jv(Mud@J?Py-4gl2KA|NKll4uMBaE-
z=z#=PD$#>vyLzJ#0tJJ>H^Ue}*bK0h*}|;?Fj1ID^d;)7r}~(I+LNQCr8DY5Wx*0#
z0cqB4IhZ&gdR`>Gx+J8#X0bMjTBbRGjrG4l>YoM#Sq~t<;4d&Z0A(HkUe*Oc7>qeL
zG(ek`NW%a?9Z=0y$=*&=bocW+wOd02=R;D*5`76cb+=#VMIBGjAmV-1nfCx&4z3*>
zU^tu;42EF<Gr;7R9DvYtzSh7~0>~r^miflFD)}(S4Tr@MeEe7gr_MUrI26noW)1}y
zq}@N7Frl|r%fBf+xiagKE<$G6@&>x%k+g|gRRAK}N%tk_^kNPjGrBwW!ad%T({Dq&
zOQS!{?0BUWv~cf)YWU8Wmj!AXGYO~jEuxh$E2btpa8vW9a^i9B2i_L1s3PVR_6mxe
zu0adn2`9C#hlqLwNd?|Bv}#Bb`S`rZ5-B<u*DM=tA3rMDxSD+HQD{MSM&f`=$K=)w
z#~1C$Scgw8b)mJ0*Q0HCg86pYsHc11yMDI0%DW1wY3Cxh33AO+5}f0e_~M^&i^fSZ
zj2@1d!@0WnyH-D)Qp)PdOgrQ${AITP3<9R%b?sFA$48treLH*ewgYNnPo7@ERa@+N
z%SHf<)vR?0+)w)r0$3&ljxix%x()$u(1&Kc$oRsprj3n+|J^VEm@q)G*Z{C$066_s
z*8C?N+?H%>jtl$XGVKXFT;!uV`gXL#GSzQOOfoveJK@FmYQ+@f)ZR4hC-W_jI__JG
zzCIiRZr|5c8!MFzP0o=+rk(hBaKQD=SdT#^=}lZk)1VObF)4z7O-NTiW$$f!@hlsf
z#K55#$g;MiFwNF*`3_MfszbbX_7=4&5)&Xido!dS)hM|Cg*y6GnA-x;j*B*W_Qy1X
zcvXA1<7uvE_1q-vVobcXqXMUNkG8&C3_p^J=pgP380jI#d;UaCxyhd%*`a80Nnmfq
zp8P&6W2GY)-ia(xRW7usQ8WmLWYTz!7OGqWMJY@rIfe8;3k;rAim$hIDS}8qVyQN%
z<u2<ua0QNUfWbGl{+D22_J^Tit1ov>-$L=eiRT~~9jtO{tij;gR%hr%j9zaO=Ho|2
z`*4NUi%po;#_BJjA`|;=Yc~{4$`Z5s9&XNP#P^*MARZtm1bqg}cMD!@jF55D)90x6
zW^9UcRp3-TXyQI5J}rRF6)(Os-Dua%FXnNpL%I@FB6k2K-dZVPv2ul@woRkV_(k_5
zVX}CaP<n-q#hiJp!Le|1F5*2@njxhwJ#HB~kfD@<dg6k*tGO*e2cN^qw~sy>*?F|i
z*k=0N&J>OvMIplt=)J!7TVyZEMtKnyLWl8PqcJ>t=5!IuK|(E%kU$Oa^>OOBf{vbi
zNH0q2CEU)dWue5iGGq^_*)@@^J`Nm-NFaaJUrY0^`h(>HR9FsEgVA42m}g@PStk6K
zT=F*y)<iLVm#I1=n(fHzDd7Ek3l?O4In&I!_&AKPfdn5iQkczt7$+Z><!J&L=T0Dh
zdkYW%_*gIU^1%(wZA^_fYz6FGhGpKy><%yu`rjLOlUZQls=VlxbLIXkiF)?tIr@WK
zZsmF{#UA@jr{`SgY8fe#8t_yHrI%{&j>Qz!XEM|kUBtJ^Rv9kj5iXH0B#z9EsTFke
ze6iajeN8pMSiiE}LR`TaeZ71#IiuGppVPJXQiqr)E$t-D)O=)dN;%a3HML<>NxA(o
zRkk|L%eVXzv`0mP*peFD`*<~>K~UZ5?GK6q;MT=?Tib(vwmWNwMUJU;gK~zVF7zAl
zZV`JFEPJt7uPBorA95JK>5%_mgNI3E6^d*7{rD*P^5(*7x+A?Kz40FWyZy*j-w|)a
z67C5PBvCoIXbrRK!NVX8#mNhKVsdYmzB7IvSG=xND)<buQ+^xNDjVTY6#IaF$n9?R
zmru2u&+N3GkNKT-f79Dp>)TcY3<7{Qm^M87pJv+Z4MhPa3W)r&13)3ao`C@p>t6`N
z2mp@CO`_niBzKChA616ANZ=@BG6CmD@%h$%5XoA8L6I;XFhr0Yh1gM;9XGKff*nQJ
zaWgxL{y~6jhFLEqiJGW1zn-nUoQRd^Trj&Ee?0m-?H)#~?liEk`9<#MCXComQWv}O
z)i{jbpp7)I&K2&PlMfy!ElGV{6O&ekid@h&mQ7zYx+8r8N*Dcrt?vDiXS<#Rxo@aF
zbe=cWY)gN#ckF<yX>atzf$?jPT&|o~yje(EJ$rub^-Ro%YXO!VJBi83b!&{{4sq`y
z2o8M@!~?E6-W!|#o>Q1%h%L1+kne(mqa%)RyZXN^`Pt@ae0`x{OM33^-6OuT=8G=|
zj4=g0I>`Z`JyL44;iNLq1oDDP40P<lT$z>8Rj#=_F>x(^asI-5$uPs+m1+yKf))oc
z`5!1r3%&G`E$a;PCHVLgeAah}R=+=I81Eli_;)f4{d<O?o&JdoD-F_?*MIJMqr7K+
zPwM^*tNU=y<sw&WZA1TS_U}fkUPtcOwn&KU8;sLQc5)IQq1ab01UUaZ<Waw-YbDn8
zV9q4e{aBvU$1lTDvaY**GwIDDMv^`bSxey)H)cH}jynwFd1lm>%A`#fEETX)uMDhm
zkr(qbR-8?Ghm@1Ylki5={L;->{-IEOg4S$^MfFT~zMVVv{8)*|yYZV``aB6e9NABW
z5LIj3&a3nzPduI}1mZ~|F2~|2j%BnOW!myI?R+2EETs(V>YWGDs*A3495YWM-r(5P
z_Mob0;Kbo=Y0dUFw-22t4Yxdz*?LGx^aT)q7u|{Ipu?VKI^+I~VddNu8I6TPbw(oY
zfx#wmRC*qq{C|f1j~M1&8L+H$#AN5s?`NO;963mqlyfy)YSq+1B&A`B7|T8LL$<}o
z%Z7_1WGZNjooCA<)CU=#qV8&YKU=7m^c^kB9Q~1GM$h=1_mFcA-gnNU)6?vYbumXU
z+N&UExt|eirJJ%z+VHau{l;hIxNf)o0`l>$T|D}BE(K|N5p`KLU8roubXD2ufbLhL
zt6_Q4==v0&;wGOKEIk$&Zs#^^%s=^X6THGSTdu06*zf}_^kr53V+w&dT8;LqQ^I9T
z2W3cJz8U+8d=)><WtJCOk(#)C>vBe}O~MtE(UWa-#yQfnBlL!Cml5<z&ywy7D3!4h
l|1I_@%8E+`UbA+IjwQYfD~55>rF%8r{#lj$$#+WX{sl`wG28$E

diff --git a/karaf-assembly/src/main/resources/etc/provider-keystore.p12 b/karaf-assembly/src/main/resources/etc/provider-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..830797f6993b334c9886c6aae7031b06a96bcb4d
GIT binary patch
literal 2693
zcmV;03VQW0f(n5G0Ru3C3P%PBDuzgg_YDCD0ic2kI0S+UG%$h+Fff7y=LQKXhDe6@
z4FLxRpn?S0FoFcs0s#Opf&|S52`Yw2hW8Bt2LUh~1_~;MNQU<f0So~KFb)I=Vvy#5
zT{2-d0s;sCfPw^|?tC<TC?UZ;9eDHOfZFxQ3Y%}jQ2TqNDPQHSB!;RPNAlP`<aX~1
zJcw@u5zD^m_8gqGq@OI@p>C=P4`0diku|3S-viqdC5RvVs(UOdNUl56m%D<=xme)b
z(Lj`prw;QCn^QG)H!EQa>LfG5&oVGnDs>tfBcWZd-R(=P+%N^V#o#daU^6#NN1ZHO
zd6fw@D&3T~1o5)A!QA0DcoJ^mPa>I11jI9?7#8xD0u?uotnIAw0y4xS?ZQdfu0+>&
z;V5@m@Rgv4GCaPVqDD)Uz;|k@{HEdy7b-Ij6IS#c5+#+3gxAB*#T7GE87ioc>Lqt)
zJoG-$y!;$|KQ)BNKz&XsI>$0XVMe0A26znjv@ym(9nbKeTnUS=283=deM)@-h`TO>
zsc(s?w8aXfjRaoOo{aY*Q&S+ZhK_QE)I&c@uHLTwiHmB=3So(?W|8)A#`l77{~Qjg
z`_Ta_lpnr}#0)dDN%Tr*WDb@c4#w!=12LJ906C|_nFyU|C1cDscx7ZI*uy)~qTtAF
zSGSN=Jlzv~qBQd|8qJPr+V17BLKCB7-<Ly10Ov1byDB}6GL2hKOsZ^iCW0AWp~`Nr
z6~ciL!K%aZcKsIH7D33E0dB(Mv?TH-p|eHZW>)HQJpN_NOQgAz*m;d(2fs_#rOaia
zS=GZKXH$Fs5YUi1tjIhJsv((G@qQRSNImd$K%&}BbiA3mY};mB?nJL8J`N5iq%1N9
zv)QPr8@UWg?^2#DE0^lB7te=4t%`s}a}z<59{um^f$gabq&O@GC1U03qP!Q;bh|$D
zydu^7oo>sL25~rGnWl=$)L(K2o>3B$)&}Mm%0@9$YIn7iZt_?MN2IFAB<T2^Ppi^Q
z?_#ZT`DKn6{`IOD9~yk)(tIRPCh`-x9@}|Uk=F=<2m?qifHKEo2ouKtA~L;%mMkY^
z6>&66jyZna_N`}IO0|j8=uIaGn)<Ouas{2#+JwC<2z@hsR^fDHUXF+ml$)rj8UC@6
zS<dFih=&aQjgOP(Esa&+!h{*YQ2x3a;1$pP$trc_$!GRRvQDll$o<|?+rYh^iFyNN
zuQhT#V>_Cr@UTJ5Tvs|X4NfH2=B+gxn^lavqNCSqvnynm4MoJS45G&@y!~wosRZ(L
z(-okxDS-KLrMabk)klbB98!w1Hwcj+YAhOOIWd{9F3UrD7=vR))WS@Q{gNin9<6E~
zY2uq(GWfY0_Zq<RyCVq=UTGsgx>y*{2c5L8*bGfk9S?+G76kK8LXoWC_O`d|fhmm9
z-i0MoDOJShVV(KE4Mf}cPFF9f4B;PCkLOPY6CsW&LrYYU#RUMZImHx}>&N+M;#}<%
zh#=Z3AA)4xP{hcoBk3M9aDF#`Iwt#rie-1JlCB|%$f5V-lNsw%+_pZ)Rz3e5X6uR3
zYR8YJs40ylQ<$28U3TJ3_e)bvXvF}urqm-!^@L1-uO|k)7LcmyDvdq(i6OkE?(e5G
z{A+njhF>&SMnJRC01AFo29F3z^lR0`cLgtZ0#X`C-E6JP?5sRF5RkG;%4Dyy?@pQf
zFoFd^1_>&LNQU<f0S5t~f(0@Jf(0%xf(0rtf(0f93o3?4hW8Bt3<?1Ppn?SMFoFc?
zFdPO7Duzgg_YDCI0Ru1&1PDnN3itLn_?Q9$2ml0v1jualuo5@V015%iOrUAAp9#S&
zT@GJOm771f%+z#i#->p$?v0_$$Vh(@(gh%^<r1^jHP3LJ!0jo{4gYpEW=z($c4Un$
znXs&lKLCMUM8ErrT;WzPn@mpMzJ@5re4VJm5`m^hq2!(=zyhuWEYbHDCF0iRMkVZs
zBrJZSNa@~sfFeO+piruaoDH(<!O^}8JBaR*q1f<S6X2}kA)qVkip$<OuOG52qa9Mk
zAjf88pEy7YYQuO`-O2m=NNG-Bc+5w~M#x1($4|1QKLYjB7$kaoN_A;oV7T_6z}+EC
zF7-P3D?WmZfc=f`TA{I%sNNr}KijoX<da-toW(r$n0<;ia=%d>dOXv5Exv4LOzZEQ
z$6nkDS$@L&5#ga-1@-n!IEgNgXi$MCq*T1FIR>+4UrE_iQ+vBTa|i`dh*UGUf}~b)
z+S$2a%k)07^pPXPghmATr+0d=4wFZU(@NfpL(tj53Ry7*^0xk2_bMyo^TuetHP)Li
z%o$a1ch@Rsv1|@de>@ZEyH*l-CBN)|n9OUFk*<Hs^^c1k1}IKeEI_O}l!6%-#$orP
zEJ&!l#uW)m+%O|dqPk3;QzAa~0%sAckHy@(Gpq-S_M`Vm{I>Qd%MLGQh3untshR5-
zG~Hfmr5t_L_?$_M^x`H$noAaze^A-Ivmz@%(X98RR50mbYrIW_rRA)J1Ad8F?g9=v
zsf)k3#@<zecpUZGmP3k~3}W@gL4ykFO<Qm>bytCBrDkI~pd&j|X*)yrXqeQ=`Aym1
z;)=pCX2b<Rxey1D<_JL??cSUGZL5Nv<A&mMz&{#o2J}K^(@4Yjf#2YvEx&z&>+?-@
ztZy|hKFyb1vrv$%FjPNAR$>It#DUEbQz0p!v<p0))Dpz#(%;-wV(nUG-ecX}hP`xf
zVXuC!gGqXsMPrU@_z;`acf&kya+mXz0^nU}>UB`=nh1p#oJ(O6+~Dy_UDL({job8=
zYbUQS$|ZU5kpU}NoBsd9q6ajj+>(Ib<&E-Xjc+xl=7ng@x?PPJY<^|<GwH>6V_%J?
zhJoyaO9FsPkzPK^KjJ`vGg=gs1w_N%qt^si`-pX5XtyvJWsanz%TfHOH)$nW(2{4h
zj{sJOISE!j8QiDembWVq4Y{<%g+(!e!DrCIE+AdU(H2uwTgv*zQ~aP2H_;}>h&d}_
ztRYHVLo?=g(Uxh46%4h%g0Tbs#Ac`vo*5VY$B;bMXYuS&9$boLcn+EUt#Xb&K*!ur
zRs&HrtJ20j5mXCv!eD(nIyLENrD1@|XF6jV9l&eCJV-j<z0vB{dBxx0GqAxbB8=30
zk;d1C<s{RijnsSYCxrmn6FF@2zX?pU@0N@b!BDQFKR&-BXarmyX&wReL5jK6=QRtG
zz4N`=xn)B5w;H%edj){p>VJkeKD-5)V{F{D@r=T!eZ*5`;G6J19mmKanB^r;Y=cVR
zFLH3isFZcvw3VhE(y?CE9-znszOAs5iq>U&VtA#XQD!rT01QUYfySIA?jmRM=_Bv`
z3O?zFPy#mXoJ?bXeCW%!1CW)Ip9o7(u;tvB7X_W%Ct-xR7m%d0x}BT<TvIXAG{2#H
zaOYyc!6yNDOvN!JFe3&DDuzgg_YDCF6)_eB6vbXL?22j=Lp9k6J?iOsIzzkldN46C
zAutIB1uG5%0vZJX1QbU}8;WOzT&}LIy(BW#<3QlwJ;($I-FzHzECO!O0s;sCi+B4r

literal 0
HcmV?d00001

diff --git a/karaf-assembly/src/main/resources/etc/server-keystore.jks b/karaf-assembly/src/main/resources/etc/server-keystore.jks
deleted file mode 100644
index 2e9d53bd189ed9b992228bdbbbf3a850e3f0e0e9..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2525
zcma)7c|6ql8=vo(5#w$c$2OU1BqlSy!??04206w#6tlvZV~J)M(_s09Db!TfCPh|`
z<jO6Q<k;M_rF4>|GNCQGw$#cFd%X6K{p0t?=ly!#pW}I+&*%02JkOW6U*19>5U6wj
z8v`Iotx&3Z#svrj4gp25-$7+r#7<cN2H>G;004);M6l^m(cZ>g1dp{T&CH?AA9me*
zdXW4H;uc{xj^6g6Dg1-3Sz!@JaDG>9l;6rjxoODUczsmp)!WkzQ%RZ5WV66zm9Jat
z$i<EecFB5(Y`f+P_X&prT<iPtw9L!D>19xUK~dz>?M9QZIoqT8UgQ^bAwyK}b8K9%
zXG}769C7%)S?1`id5bvaL`(+ueLn#)hk1EG^(f@=y}Px0_%=U5H^+qZV8075>&Fu8
zs?&b#m^-m!sjmHZ_T6B^wpR18C1;{_mT0i1G*v8Y7}f#@JuU|24AwN8E*MhEQ$3F-
zT=?{@sm7Ux;+6BGvDYIi?qU5?G7s6H?s%zMI=5O5n7C)_#3iZCmMwG(gQJ2j`7?CW
ziF;B8p1Iar+x9D0IR$0m`c}Ovmke#vYX%_B;cR*dd~w;`IMOD(f5H#7#U6GmxBFB}
zds~28<gig#S@7+%y@LL4P~s?u@tIKvD;Gr7*fqn|-on(JitPE1k2keNye)lqXxpdP
z4@-$P=OtUJ(-uRQIV+kreSzHA(+UpP%C(m{4RKGB-KJtE>CsQmcBj6`%~LkORVazu
zxGNnpyfT{mXO=-sG&?gzr@DRmf~f}ZtU0+GnLcDN50gA-Z^Hxk`>L7Y#ii7?sK!9o
z9I-f0>FonnzKxMy6EY*@zWSwQRP6~MJ_O~izC>Gig52gTqNI&9SdxWooT|)9&~nQ`
zf0j?{9dCmcih0{<>l3i2(^@Xr?Pv5(t)xFDZjF0G3|aO-dvfAC<z46U$R}5OxQkc#
zcVh5UqPNo@McuceVy;Lik?(lITekcCeWJvx0q<13+b5Hpws+X=(7EkMUsmqgTB0%A
zo>$PJF&5Kh^`e%sc7nRFz01LOHXxC8|9JakGRH_fiFU88UKF3Q9@}&voK}1}UhB6y
z0FoPJHzNPg6n#+DB{nO8+w|;iN|>Ql39}kmgl>91aC)!dg!dzY<I#D}Z?Db{odcCB
z9B}b)y~p$2g$@xJ7hm3>>thVzA-x0ju21%J6|Hjhy$1#6*2#XmZ>Ac+d(Uw!8oj$>
zh1fTplUlmn<G+MG_h?_nnPcQ<Xg_{@)6!?Omfv`&Bwu?lJ3AO}oi@|b@$D_MBVQdp
zhlU34J2QSGrU$~JCs!(SaJ@T5qRh(dhY?8Mt_$x@XCLb_T^_z3n`Vvd;R)aP8P2Ae
zN+u+~TlKZy3_!nO)6p+oKU|DoI9#Fs{gVB?tFJ*XAp6{DeU17IiKLZ6?P~U8_kT)C
z>D9{N&lauRAxz<$L&|JV7S+70xi*mUYhjf>+u(l?KQ8n3l^(V1k6#uw7rtISi*)#v
z7Q7T-!C147=N$9z)E=7S<y2pSVGPgf%^(7lZ2PA>cJ9*bR#E#QJ<^YN97EczMLYg3
zK0dDgadbT{T>JXbhjr7cv8qdP)lPeRU|Ht}PQL%SXJy;L7wD5Mp_SD{JZE#>laVL}
z;fcG}^A@-qQjTtP(<@^0sOsTslRl!O7QQ3&tUft({xy|n*xo>Q-xy&W+@v|7Jgbg~
zq{dcOKJA}*^uyVU^1Fvkl|ZHIhMkOHr<cQWVKEnrjkm?S%Jady`iZX%8Z=&KIqq~E
z-1EwF{KDa$&P~fx--fMWz_l$UODW>>YKns;C!9i9q5IAI#Z?J_fm!BO7n81{X#7S=
zg!>WAKr09YmMblX7eJ9rVu1`4fI<NcP)SxEpX!wQK?wj9q}6gSNdc6XmGOniBBAyU
zBqXS|P7sO+M?T{SH<ZU=^GRDko%Kl>MWnMm4dcU(7GP*cLMXNv6Od#HZq-yGS%D-H
znM49jOvrRiB@>dAn*K#W#{UsP8B|=4pr8o1b*4E`NCa@_pAq#~WJ{J6o5>+CLs(V>
zvK5m|2w|~70?1*4(rGfw+{ywJ0o(q4FKNY>5dkXFRsbNNA^?DN<?tJm&y=}9Bh_q<
z<UiMD1RN-K)hJKjG-g?uIkdWU=k$*x@+LQ<Xe`Q>f*8_R(QZT@nlB3M3w_AFABOBq
z_x*CCC<F0XPk28v{I1~AE~f*9#_d*JJ~r+7dq=9e)|@q0;X$nnl&9s&y>kURnEKGQ
z{UUhwK8JbIWD@ro0af(CF4g=eWNGn3yqVjALnA#wcj{z|Kqt|W{TS_bj~1&ihHSw)
zqZoS1`*coO4X96@n9;7VzT!HZCmeRJ>=t`blP7T6mzy{@%reEEpM&O;$%_xB%YAHp
zbpuiN%!a6p0z7$UvdlH_a`Hm1-6yDeRgMrw+b?i|23bI500?kd1jI>S<OqnCJ}p`q
zhJvZzNuvh2(-IZ3kCxM$WGCy6_d^sx-SuT0ObbLMsSlp+ZAytN!<7tbT-Ee6mar)Y
zr#Iw+M#7*V1XNhxs{(_`K;Z?T#X8Z2fglkyD!>;Qr0RzX1d+RpjhXxiA|ouC%_MUE
z5fzceHV$J&6QygQkF1=uTf^a-008C$I)e6pa}b(p`IiqCFNPbzV@OZ@mnS}tCtxy|
zY`#D$Nps@5@#i(S!%(35-|l3f|5yNccs*M+7zbpD<Rf@YMnottS|Gwob7JziTsBj{
z<CFd?RvJwD!ysue1OQdpK-CRY+rZ5mh}=N+4b<2`)W78^{dQ7$0@5DqlgW1TFEo^a
z6M{&Am4yw)S~6;}xC)OTp+=PgcSp~Cp*!T8uU_R6Ji1_<73ybor1H{ttVh2bu&o+V
zwb*Rk@b>ukRTLX_cZrZ*^vcAk<NaBW)eictO8%aYxo>2fan10I#Ya`@S7wR+{JvZZ
zh&447^ZMsrOi#Q;n)oxx@@~=3)O~o&?o!-nWeXRvwS#$;=<<|x+u8fIV#h1^sNL>Y
z)mx^og@=9lVW=>lQgh@O|5uMgvo)nj%AHygdoQj}f<DJ5#kILsqRM<htJQ0uOYkjn
zi8hjoJrh^cK1IxpC6N6XKIXKPo|kvZzOR64RbhwDph6T`u0CpCt9WYXR7GR0ze=QK
L8oqB?Gl=~I&$keh

diff --git a/karaf-assembly/src/main/resources/etc/server-truststore.jks b/karaf-assembly/src/main/resources/etc/server-truststore.jks
deleted file mode 100644
index 998f04c7d601ba0540b4d4d15fe86bdcb7af0bbf..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jf5m7g0V2#i-HLzr0V9qvZVoo<`V)9?W%*4pV#L2LU
z@x9*Bv>WXPylk9WZ60mkc^Mg5Ss4tR47m+B*_cCF*o2u}Tn&W{1VJ1w9xk_{#L~Qs
z{It{}LpcK(kRUUUsHaP?LQsBwi9$$fafyPnqk@rvp@o5*IIp3Fp@FfXp_!qPfl-t=
zuQ8BoWCrC@#f~OMC1j^FvNA9?G4eAQG%<29H8C<WY?5tN?)^5Q*D*0+%@qazhG|QD
zqy@Hr@PA{%c`KBAiqOI>vpkK@<?@GzH*|O}5KMY{Sina0&jg>{zD!3f<TUMmtq<~_
zT-+~h!uwaet9;I*o9Ds=1(zJ(rJwyH;Jv)wW1orZ+#a0O-27+71BUVgi(Z%S?Ob-r
zXKz8w?wMkhECNNVGjv3pWbRC!@Z?=&Wmvg^*NrtT{hKHEy|Yp_-|y37-EzrY$8|r`
zd>L8WmPNPq_~x&Fw@qo$5yw>f^<FE!$;&;sTP1t-^dg(dS-HPdKHL`;C_7QZ!}u<K
z)twKMN;h2$f3l``pO$gS<wmtWY36U2zLYH4XQ<-fVj{7le7V=eU9n8ej0}v66Aa=E
zWPx!d%f}+dA~OB?n{ZE-?w+*t$KgB6_{$c2NS<II50X}9kuVTzz^;HFq(GRF@jnZz
z0W**?;06isv#<bDk{fay0Fw_e4j36an3bnx9s70Sl1AY+_Vo3?s?FuTc4e_Bt#0E@
zsf)g?cGhuD@|-7(^`W;d_wQHtZIwE3PdWYnvu7L5e+=xjP+z=w_i^I{Ul-?p=9UiS
z9S=U2n>z%Zipp*lu$0)ca^by}UFXjJ-QyZ?{>+ZV)9WPPWv_2jS{fCjs&lH-W0AJn
z^d`@i3n>%5^?q;5x~aP$C}VQp@AKi}X;aJWgPVg@UHk&fq9!lNkFaBXHhY0NA8+i_
z0|h1%t(fN-%nR$yK6gH$%}Ddu&jpRiqF$e_G?cswTARIFYr)q`)f4V%ADcNjK_c{Q
z_q-7GTP|1ZCae^(R(4Tf{QLLpf@vwwp0dPEJAHcYPH;|SEiO$0XT+SFY+JMu8SxV^
zBfbM>#A}d@$jFEsg4{I8fF{5U2+Vv2MwZ|VXcA@MKtv{&F^~erGcc12gEBcde+QQ)
z!Lm4^?6+E_C(QqrT35-%gSVdjJEkXlX2wb9;|r=H&qqG5@jDQwm3?>1vkmJM4k%n(
zWv&{pG$U!(o-1X4P89uFp5kG)-PAZD(@k=FV1bFvhNg&8W6iMqlh41(Dg6<-eZFGO
zN~O6gqQ3`)HTed1&Qp6Y(r*y`BceUJ`C-GRNBlWeWeayq(t8#haQL8tV;V2-&qF^h
zo0Pr35$7su*`aXqw@F9hk+cPe1tJctZOfML_ddntp6}9fIC9deG*Ly7N>#??wqo-l
z84qW^R&lRtdE3}~<fpfHX*VZVh+ui+ZJ~Vud$Zf7{z}W=V(;q5y<UnxFkDLe{hl{5
z*A|(7oI3xMSFypix33}DuknLH<6EQ*c)I8Kw${oO%F9lRt`-l_f0pVT`+~9z*k)i3
z%8l|Y1_pWtIt#QGXtb$il#~=$>FXyK<>)157N;ibrNN7Cy_8h_%#>n1pqxPn8;3R<
zu*_#?WMuI$a5Hd$@eP>TETCqj<d^5=<R=1kU^A%*Sn?+)CZ`sa0E>MyJrDyeHG|6o
z!KqSj-)zyd{agKa!QYw;4yWw+wJm3*g11jl;{112E#n$j-WJx6t=(6%)q*aUGGw#;
zy5KBQD;fNflWV%jv40{$Cu%Mn59m$5oqTVV=eg`$_O5mFERRlnzrL02cVNM#Bj2{L
zt8KjXc+FOed5P!u`?=4S4b1Y%-??DNvK1R{JxO@1*&4G}H&rvC`l;9g`I=)%Z~u9)
zG}_O%emwg|cZGCR_eZxl%g_5C^<^ZTee+9vMniO0Y-gh0r`;LVbKcZFJ($0dnWyoe
zYrYYqA=e$%<_Ut+7Vmn}bu&WYORM6`YKBXK_xC*O*&X-8P$I!$Zrc3ySu?wxy5@h*
jKJsPXQbv^>U)0#*vbc9$N>rMBDW~+|HRjd{yhWM-qpIG&

diff --git a/karaf-assembly/src/main/resources/etc/settings.mapdb b/karaf-assembly/src/main/resources/etc/settings.mapdb
index 3594cd79886fc931840555633497eb44e742c63f..5899ed5b5ea39ee9098a77647ca88e868574b39f 100644
GIT binary patch
delta 1593
zcmbtUO^e%B6!nZ}l1V>i49$>577dgJx-4BZtA6~0>_T@L0)^5|$q$HaLg=JT+X+Jn
zStZay+r>;|*^)=08;>l@@>oxnEXkHOgDlzlwp>fLN7}Sco}~Q&ed6d`y?frdmn(RM
zLSdx<vA2Eo*LUw^(v{o3wdBmo>XNUWJl@|aUb(cA*-W#SpFY0%`Nb<~n0>f^d!<(X
zV&(Vz$9w6<CYiaK^4fc=zofjrn%PP@a~C4z)pOpso7qmkw?EpyQT$-*K^ngkp64##
zzrR!bcBi-ku?mreSc6!HxBzhxVguq5#2XNALc9g>HpFIir?@q_huzM7n7y!(t#7Qk
zu=R)4YiqervNwO8OoO>?45tU~Fb<<&Iy{_|(C;2hv@l!*Q{(&HAEW6kjQ&kM+I?(A
z(IkBN;zbzv!^7!t5-eZmA+-LZdTS%sTHpV&_$<47>4zueX6{Z-kc1JB5S-}Bb(tc%
zPp)s}KFjOP*4*$tSM4*Af)cUX#ay*lnltvo=9>bh(~`~Et%=%Xae;0i65YTCG-0VE
z6Eg0xGe9v!?OO=r1h&=`5FP5;F;Qkw&u#nAFDBqwV6{;&AB+WW*c6igVm?39#xUWZ
zxoJV8*|G*>uo#qE2#?CK(FCGKQ!x;gv<XY4rG+9|Hk+t02ENkcODfHxDlNOJNL7Gy
zY;ipWQxXXSqK<O3g0U!zay?*yx{k1p;IMVeg69@WQY)#wJXJ~y>##eWmJ`OA3>Y{K
z9cA&ZB#3<kbVL_x@Fk%mdBm~Y5V~EdCCiiya}8D`TSl8~Sw@e4H6`G1u185FqAnsB
zCrCgNORZO0I5FQ#^q9dJ-$IP$al+;8qq#~q7J7_XS|4~yjQP6XC=GmTuKIG^_62X*
zU|F`)5%W$B=jtZTiz!n$EAcpwC^(-mIPXA+(lQTV%qBX{Q49{CmPMe}F>w}tv!V<4
zARHIZYp9HAz0`z(Vip?d&`5zM5)Kj<8p1;k+!tXHs9|9NUP@U%H+B_VfH~kmeVxSt
zY)BAI8%|}W`0%$mREZP$GAEiSs4H*+az!VXJ{YK*`337R2pA)WL$lH!nf>VKEO4Z`
zX4l(7ABnX#K?>Y>qzy_@>&yYuqfx~kutr>=K`^e6V}<ljs{Oh#*JGs{l(=egI_WPo
z((Z`b!X&_gJ|Pn{7$CaPYb5k+E^~8@K~b7^@oCx4vlXp74mD3Y;;g!SbaGZ}l9ifS
z#$w(}0N|x*j2)=-#9rtPo#ap2j>q6bi!l6>@AX-}Rq;C{>Y8S6J~@bh#zqHfSY-xM
z&?A_zBq3BtF@Z9wdZ$J>Fgmgtqm(6@9S)NiU)w?Zt~IO9Cef&6594wWoSmU$q}%S1
zc*YJHwM?39g;qwPPk4)3HD-n!Ayg1Pq57k7B}oKBpMY+S;>`uuw3{cash(2mUq^~p
zv#VOAyMWih^DI(8o@Cc^@8|7c+#N=dJvPHkrub7h)MryWiaXO_WP8KRo}<mRLr)u<
zhuvrjRWAy~!tQUj5$Z2RLF$TB{gmVYph%GuPP-H-35=+mb_A}$v?+LBzFzkqA&1N7
uC4my?vqI+iGIKGzvAVaBc?6q!y1DXN{QRp=ub=$S>-Fz@<!_3Ae*F(U+(gI#

delta 1403
zcmX|Bzi-=C5SF8)agsK6P_!Mg1n88pOWUbv|ATBnw*c+hf&K#`sX>vT4bTQgkfBS*
zbg)BFqGWZmNRgtXM~W0B{#Xo&lx+SIDUlSVH}&MWCGhck@9y5+y?ek{EEac)fImLD
z|L3Q6Zu{+j{P>b{x%84BbYC43rO$5d<nC;}cOSlb^xe&S+hzXw;gg-y%J(~O3tv6E
z^fhz$w|xEcYj3xFBcI#ba_#`I<!kSG_iDfU^WoQ}htCd5&kssFfNOv};5y(2-~+%-
zz%Jkx;5Oh6;6uPifV=gB(%$^(VX<_NezN~X9{T*f{^0ulH~B}0mhVjG$&okR#7VfE
z9=l%r>o3tbj<axS|Muebl|Nagaq@q}%NMUMk|c`%dG{_3gX!^d8inuwkoxcX<K6wv
zjoW|0RdTufZtf)*U*})kD!yUv?*H)S%f0<?3x?)nQxn|@MW?{zq#~?)f#OfJ6Q{>?
zPVKgznFFCF1iokCsAcGiZ0LSGp*T-)GDqgc)nu;t)3)qLPA9b6N@n43)vH)|tjX!5
z(wX-tI7_uw2GvMyepI#F=)ZNLYBTi00>^}xw*^Tn;8Ls7Tv>C4HFemR#n4cNvgkk)
z?)lnqTUg>nSJY(6z{3o=oF}n}M5;%MSl)=5;+QI;k$X-d3a!mR#)ukLkt&dgYLO;f
zPGljg+w>%@pah0{x-E>MyUf&)Bl)p2))Z{usH1S=OePzW>W$b@t1-|?ZaCsP9oZiZ
zl@a)cYb5w&ECgKHWUi(}q1s@ms5&Y3RgdQ6veF;=SFtd$u`Xi44V`gYA+16i)q0zT
zXXs7b3%JOlMs6=KH-<h+$9y9&bs;tR;bnuiCTvICQrL)<-H2D%Fq7SoMmVgBY>0s~
zq=svxMjY77;HSa9MO9)WMp46x#D*2Hmqi@$G7iattVT;y_apN%X;_tU#DbF%T}Zk;
zphitNv_Uv(ite^>xE8^7$v7+{@F{M@K|BTVBs2kqBTixjm<sKf@N7sOLK7B7?kSC!
z%rW(g3?=}1yaK!#g17LpnSAWq<u*5)EiMLTVko1;9i}VlbY+j_$<)l2cE)ZJX3^jT
zdq%aX>BVM4j?MEC<%Myo)tg>_lSGN(H?3)z8fINdZw#6`9c7enF4whH9K?y*4>*3Q
zAGxT;FqLpwa85c>f7Fj~cf~I@=NEmQt*=5(!Kj{UN;xw-XE>tDeKKH=sB_yAx@U`E
zR8c}S8`NAutqiAbHQ+T3&pY$Pt9IiG?$PCV+U4!$;!JKZsW5XRvA&RxOoNSsdM6O6
zGpnVnljW@YV?1`L$X|QPj6dq9<8J+=t{t7wt=Q+hj!;j%22O@zYc+4odWe?P_Q^o!
znQ5zfV)V<dyi%Q}uhnM!X`2%evrNyb6GOHvxr?PaWBX@lEy~Y`(sKd?ivYnQK(Gi9
qECK|J0Kp<aum}(=0tAZy!6HDg2oNj+1d9N{B1(JV(@L=<{`4<V!scuM

diff --git a/karaf-assembly/src/main/resources/etc/truststore.jks b/karaf-assembly/src/main/resources/etc/truststore.jks
deleted file mode 100644
index c5022af560dc92a27973ebd969f3ee0107bd83e3..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 22615
zcmd741yo$g*1wIrdvFPEjk`O+-Q9z`6WlF8f(3U;a0pJ2Ab|vTcY?d~Z<5JOGWX8B
z@3-D>&AqGzO?CG<r@GIsr+#}^?R~#@zXt*W0tWm={q_jy<YHuO2m%7CCDes*1_G(U
zzy{y~0Ri6v1c0vr0>D0HfrEj9fq{Yo5TRgcLL@^j5J5rVAwd9qOz;3$C~#E>D0DDU
zF(z~X>SF^A0Z!b}(8bom&dk)2=?MV)@kww56e&?<VkJ8}XJQc{VrBpnJAe=yk%<Gq
z%*4h7VBunB(!xe$W&<`^erp1F{uigm24H?aJ<{Xpm0gT}oIC)O^ylt^LV|z?fFgqc
z0zl!w0zg4Q>Kc?K#cZN2!0A(=8;4?<CdP?8u6MUHQ^5P^<u-S4nm{-ao}Vz4SdD84
z>lI!<(Wne%nu{Q8%*#wu^Q;lC7Wpbcw{wBa^3WSqF#{QcaciaR)dG7FROK~$vsvjg
zlKlm#;6R(>9YRN)D|wo5!lp6E=PjiW*?s*YS#>-OZ#PJ(K~;G&;;$b*w(@P$L}?r;
ziM0|7)_6@7cW;G_lonz-Gh6xlZG-q*#v<~SgG#ayNzXa2^Jri6r>Inq^%tw!*UflZ
z?wEZh!{XUdW~^Mud`;_JU_tU$gCqQ4O}4z`wL)j8;jtvkO}jMgX)}7kMuzXRIJy8!
zD{Gb8oMJF=P!P~u|3iTP9)JM&6%rspU_oGnM+O``XIK-YAJVbDaA)wW@OnZ3AbNb6
z3<3v$^#UWM@vYBT(^+$3Kn3%RVYF+G_0(4Y^5YxOK|voNAOYaO2LSxz6UYz{K)VS6
za6C4MAOHXc09_VM7F7s^g|o9gHzT95qcww}rIV>KgW2!)!eC;`Xldfa0DKLg0tG`0
z1qulX4GIb&2@nT}{%8ZhLO6drhl!n=t+kyY@Q8nRCP$#T85<g#IyyfZ9K+*3KN|(m
zhJi)_3c@k96t~59-;9VBm{gN7z=KYFC7Z)lJwPN%U+adRrNuK3;&PU~DY?WQ9n=YL
z{&m-P>|OZH9_=!l=Sim#T_9`Jd=Wk4UYtvzOgN?FwU{Wa@y@Xr8BUDFv)%G*I`kuQ
zeq;=nCN3lsQ**XVA1oVBLXS=%`L<+?%i%IvCal?*52WF0u}gUEw@D=fzC~H72{ZbG
z+XSf^)4fd5>Nol=zRl>XOCL>4rKm{5KJ%X%+$pES--0#u!q|R9hB>f{(~hM?i2VYK
z6@zyu+`lLV2{Vc~dV6C}nK7Q0tneK5;b6)g9fHy3jeYFp0Cb3es+!ctXY|-ZpI;g`
z%JA-fqX4{#rMczfH$?x91twYmM36sN&<A8eH;@J8-&ueHR;EK?1uvKu3-59KR-D}J
z=dTqKhz9GQ#;&R|6D9y1Xax{(=m?^~tB3%vLM&x#`~wc~=qPS(ZVW#<z+h}=!$b?9
zemnvko%Hu3BrVM?h=rV-TpSH;jZKNg)PCUPkt6_iCMG7p_a7ihSb(kHoBwcc{wMVG
zd|G$fxEX6&r>AEwSX}oP=o=)Ls&k;}98Y95&w<0Q(6=lQtn8|<iv5zDS1hE-Jvx^-
z!8_~BnJ4{8mOS7>I$s%$bN@uj#v$I<xURH7zcVlBQr<|h^|E_+mh<H*)H+N&LKl^g
z>dk;wIHs?|7F(OFBP?GlH>ZNO8xvl1^~a}TsfA@WAQ)N@^^NFX72%SFgh=H~4MY8f
z6bd|a!WW)MtB*5m=;ABW`6dtILSf}uIDKJ-K-bB37}fGtoz*j0<_HC-L9C<JP`^Ms
z^56=~0YmksG^-D*cR%ijE8;ALGx^YFrkfPhkxfn*s*9@tPmK0SsL2*yk+b31z<2Z*
z0}KI3-#GCIj_;`W7m)lxrb_-!OYqA!3DB`*3S1bl17j1~&R@v%Z{P6Kgax$9Z-X5l
z7wYxgWO^oVm>Cp|I>{`F#3hY+NgEEct00PcN5qNeG^%L~+jYjRSZ&6%4AZlQ_$?8-
zm}>W-*;Qo^hlzEPM9>-4(A1|U=MiR~7ScHei&!fy)5v-=+(~KeMOIZMm<*pBXmkfN
z$^p)^n6SutH&;xtSO(f~@v`_X`}HE3A`M`|=@FoGl<K>#;F5<i^)u00z1fX9TSW8x
z)+lJ<x?Wo%Zbz-Oqo_CZx}wFa9!pwIHPe7;Ba4m^GtHhh+EeJp8Dum+!-i$786Xs~
z=!2&07}2@dA$f0smd=~rmT~(+C(U?pSE7WR(madf1SG&mWwQ8kn*lx7ZHq|y+h7O#
zG2cVp|1ri5fn!`3IL5`kk8xO#^A9E%8z<}?e;(Zbzs~!B$I<#I0|4LVeSp^gRaX2@
z!><bO<A)gkbN#Q+Ar#9T>6Uhv24!D6<3=TM`8dQ)=h2tjG41dta||7K4-9rGVXZ3q
zfc8p^Hb)aCfhT2?F(n&a%FP(8uZ;`VSg*%acg&&$e6kKkyhq^?c*S3(hLfQj@?=IK
z3hasl4>d$Z=&H_=CTtL=`Jg1AHdN9L^&r=$m8Bh7dYXZ2+28EMQWYj-$-6#TFqTfu
zOfT8Mo6qctYLuu0N0`SBk5140S)k@?^g&Arx5aVG*yry9UgaXDgbq^3L?ZE5^A=7T
z9$pW6L5?uJrK2vEX`&De1WOBn(<!ET0}@8Qlc?o0^~J+$n=-alMZXN}30QQ1^6N_d
z@59dkp!d_f|8J-D|I@rL{wJgPHumz51Y{_>M4!)sa(U6%ueAxjA<zbokmQ@_ki5L4
zPzxmQiRh5*X>WY+#n_Ul;%F<|Cbi6%?8i)PH<@%tvV3M6=XnSEbPPG7J($>xPXMaX
z;SepxfE=1mPSj!z=PQz7K2CYv*LKx0L~N^)L82Ovw`9*)aC&N<$XvgKYW~PrAu>I-
zZMt2~j*?Q%DRU$hEvOr4n~#19PIO4fK(rz2JCjQJie*TjrGc5mjngC>8bM<7Aaq2h
zMMU|lAL}b9+A^PoHZFcAHC)n2(l8s-6W;}s(WNLj-Xk9LD^HYeFdq*_(9Dg14RTJt
zr#=%bg!7Q9Hr*$04QhONtv?tf0LLCE2$YGbjU5y7qu!33WjzEc@h0G)s|Ugm4k&jZ
zKxx2GL4k4=A^<FRYT`4v+g+`dHJ0dQAXr^Y4E5D2pA0dg_7P>hjkntV*9#^JLG=W~
zL5P-0H)YMQCEFV@IlZV`vrZ6zo5b_*!Cl!mhAdufInNbA^Cg2;&B!j*xrJYecSqhI
zu;ba!(uaCeyoF|f3+upSf$3SKZ7#RU!W(Hs$arr9zli04gX*%&l6CpjMfUlmhy4m+
zBo19S3E_&;=dWpRAxk~rV9!K1dg{8Vg6|)m!BE!mEi*q%u~Vz~C1r^D9*rGF%)_?o
z5#cb^7xRAE?L5DfX^P@W@zPwqAVreAXFL9?&(cG~)ItGSx^D_|(U2yu-O}-{Y-Ku?
z^Dw&Z#(ul*?k%Bv(kBh!Ek4}lc7WjVmRfwu)mt{APK#;my9#oc2C2I^@gaFTB!|qB
zuJ{)`Be+>R0o!0gVu+A5b{O7ewsM{X{L=9!sbNuQVfSoahLI6omT+>CFsG#aR^D&n
z-YjG_e8rBk5{Ei`cKhB{W`(-C(3Hp!eWJcVeXGmbHkT`~7g_Iy_iZ%@x3^+Qgc<1K
z^Cx!A9z8qU@f5=B*aSh5*UL7ROZsrSi#PD#v-~ltq}I@j!?c}<kZfl~tOOvow}Okz
zC5vlOm2M-5jW_zkW&9DtpBW`ka}X)BwJ?s89{3Zx534jW-NzX3=;YsQ(lgjqmq}35
zL>jLM8aWj#2X#0?3tq;sXb|L_b)0Pk5URCHR~%5DDHgz3Hf0d|Mo>3EFxRFwf-HLv
zTLdyf7sFi%u7A9{Sz`)UKPe_iG(@(68WKxYgI_@IRNnNn4i4B2egPtLvL~vqy2^u<
zDNPT13@tzHXcF}Ll7m;n#!lK#L|3d{$bvQTE?H0AAr0@HM@{reJ^jOd9a388gSQa*
z%9VA=M2o3zq#Kf6Lz(C|lm6i{g1G@L*$L=l&3&IjAT;WQwf_VHfG-ouw}~I<H9||6
zI@%c8di;0>1|3@1(ACh<(vS%mco<OsL8C*-y4YG8TQFe&(7sDZ_-~$`p{<FLojVgD
z0RQn>cyvrDTN4*2XW*gM#G;1IhQ!MDK;h4X`pr23%19VdQ)@d*XJ^yj+)fq%)1&9f
z%mSQ#fL<sY%Qr_9*!++8&p-3$Z|u==^^XPt_=kh}`-9{wMDE%MrO$io=l8j=uJ(Wu
z5a-LkC>CFMTmP<@`gUwQKSxe{by)_dtl%XaJj4pI<Y#Wwh{N?VUTcRu$aL7T;nq>U
zPt`aRt8y<aF192v*C4@z&;t*NEKC4yfWt^0B_{yv`zZ>a0_BVWBnD-X59pbLhXicd
zfI{eC0%X;1bH~r!dsJ1xexWkVDITMWxQqKUioJ4jtwv~-(*=J<MPkSZcnC79hg0Rl
z=Pvu|(uHF&b)4HnzUL}u&Uaf1W*1iCe*`50HhR#A&pTzMB#e!E?I=;fk5VLi@5TsP
z-mYn$zZ1iqLMeH&J)v*z_*Rt0+wN?<U`~FQY&?pf1To`vtN+<L|6?5E2UwZDfpsRp
z83@)!pgGq48?ffA7TV>b-wG5tBaP3!lvy(}nS7r|gB9QwUzbWT;Bgiuyc@*&+{R4!
z*^UizzC|Dg+d-L~{p5CLee>-0=d*Ohxs5&n+owD_JkgSo0N%1^KDynRDP>H0I7H$P
zunZTOMfq85UxQYd(JL^vr?cKxXp3aT5n_<b3EWa92e5)NTK5|Ht(+<<6=7Ro?cdrh
z5ir9@94b-Nih<AwsGNJt#)^7aVj}0gz(!!0>!B*KvMQ_s%c#5P0Sg;7DdWtBAZ8zE
zPm>KKhvmVZy-=A|Ymrk~0Sbw1#6`5h+^pqV9wZ3wnR@BCt1i;dIZbL!o5^d*4Cn>s
z<c#WW7S!M&^LPi_=$X~)&MO5F`Z2W-qCWB~?`OV*R4C6aCRsvK&6oAbV-88(D>~YD
zOo)EIG0d#9Vg7(RwH2|j3L_nIC{KS%0j@O_xQ`05Og>!f3`k1Jde^PSOerhh<C9AB
zzP5oIIy)_Hag#MsdOHDP&)5A_-?Go|9tBe4o%AH6DfeXZ%xk1B43uIsAw(vLxBJ})
zELFnLD^%tY_)?jaj-CN`wpKUit8Rlm9S*f7J4>u2YgF%aMwXog4quLmE6cxwSvZmv
z#VD9YhPh1;3W=_ePrkB_Fg04$hnk$FTj;s7BjLX^@(um)cFXs4RDm?6`4+%?e7TwI
zj(=6g>?!9&#I~rUZ)8fbH+?)*Rynn=0Pn*nVGQl*9;K3)NA#ZB3{#{kTTrDx_1JAW
zlJMmVQVyND#odaN`^|nof*u6RHN9P=noC>abgrJPkuLpA2*L)fXzJ;0%g7LMh=r{v
zu_m;=!WFMo3ci)o`b`5Vb1DzmM2w<&Wp9%f<}A(C52?G6Sj0@2Ms=R=GYgxbe0`Sd
z2lS?I1$iHY_+%B}e&uQ?(2xUxT;2VHtMq>wh5-NI9~k{7zzU28J%Se;9ogB!!^z3i
z_PL{ry*;sz#4mgWuyFj$*T?36O+WvRvjwjXU7K`RR&4W^l3y6#i_I;)rpRl~WUs9-
z=EFbmcj0swN{=obqGJ4j4I$cbR;J4OMhubp6`#?zgp?nSW>Huwl-ynl^VfmdO0_MM
z835${IrCIw0!uBy#Qu8}FjKNd9(RD_MZ^bD6(R*PpO^S7PNUbnDgFl1eisYWxwL=9
z*{AF13-%G|o^R-VUMQ40Lvx|O_s5mz@zJKFZ*1D2-f6AP_F_$hJ}`j~V<4VvrVc4S
zkyB^<7{EN^ZA(Q>>Um7G2cSB~e0eUP=az6C$!7xwbGSeKfPp+|*oBra`iXL*#52T9
zDvN-(T9MtK@~vHsD%~9HJ1jO&8`#Rq7O0;%3;51ifwaF9u!^0aS!YNlW;id<v=>m4
z_Krh8?K+k^Sy&Wk);td+)qb`^kSpaJObB`=ruUvXE!-j#5_8{-z&J-*+oGLZL2CQ8
zBobGrZw36@a7#Pg)OzBotqxKwcPNqiD$kU5G%|X`&{4*WR4M8B_{Mt`3xsC+ee&T<
z?t&M6X0&j)Uet&jm%%T?wDLcyZVEdY@}VTJWg*TrI4$C<*g_87YLIy`5zh&eyP0wy
zUZ);Z#DR{&w<(DV<>jkurp}|poVm+?J|#3DM^vygdZ2pmJ2%tc3@MY|-WTQ~C`6$b
zX_qd;UiU@3%t^JAyAJfL6bwE^Rx_A}dm;ZKVt%XsdIBD9P-%|UiqUZVn_`C~lqVXz
zw!AhA&LzbQ+J<qPaXQ2<))3&)X^VxWWXM$G(4t(aLYki)WA0ETRNlbp>Yy+P-rQ`r
z43>@2!7m1dNnqUJmUk_>Wdy7#`1X5<NE|(sv5##p$dP(g;gqq<pcQSrLe5irW@O3*
zdsClc8$7$o-+8C!7?j!HKIJR^NfaKL3~!+kFq=F0MYZ$>vJEW-XA0g+{7JK*1;<#M
z-#Ox$QndrlMVi@H=z}V+@p5<J5zGL;OSVA_FTafmb_kl<C?emjqgBw0HX4>QfsO3y
zafpZrtNXS$8SOZ1k)GyvN0vk%QJtB1Wb|L>AXm4?N1gU9!pNSrKtW1h1Dwp!LXPtS
zu0PdDiEyA>i*K0aSra@5<&$HWqx8dXV5q7^(NED2q3WhzdUd^gro3Wbj&HQVM(4o1
zzM27F{n=Lbb95`AF+Va^>BQnl9t1Smlg!o*ISk|~K~YuCjb0y(QE*7@IuU&2jNC#B
zsDU6<f)5GYJ;PRYI@qN03N^7|^ho1&O|kI$6|66jm_s4aaAO#weg&-u5VS5p&@TJ|
zTKqqQ*6*L>EE)ji8)p$<RXWqvh?P5=O@1XT^J4(zcLfUoHUa<f4*nfl2P#Z`^&2w*
zTO>LrcERes2BD_-yJJecG7VA?Mrkj!`tVpB@n7aL2n1q`#l_k0@>k7RYt-kW9Cm0=
zgR}$Yy<t!KG%!>u-OxKNPV0Fj&m)V8tg|(I$*q*ErWc|_z2UU6N$TXU&)7)4Dj$}@
zxj6;Z0po`akjzuB%f@85{tB&;+lPr?->Njeii%iVcMq_!fx?|kEuAT@rrvp=#rD%x
z?%nQY-YwSK&XwoM(z)<1>733Tn?mlgDvQ5ZFpzC}?cnv4rUY6ZLLc^E)~Y>KST9U2
zwxS;MB&}D{fw2)aWUQpyNXTz}NyJgf&AJHkbnD~c+=u9-eBJpq*-pKZ?{@eY8vw4o
z0Yd{bFy4Ph))!lwQm^k<Ohb3RVjZ^SbPQ=^eNI5*TUb!Ro0nP&Ue4aLCtW@~mjkTC
zv*@>|K1*g}(n5CJ4nCrDy2ls^zkN4g-|7!2Xz7()vegDvp2V$QQ9s!T^LkIbY1?FZ
z!Nl{bOm^rNFvK1ZNsPcFS0;;S2@8ky1tebZzF|o2E<AGO)ipkn@U(r2+Je%0m3fqs
zrvY73K>9ApETN!b?9&mjDsxm7HhJy|Kh}3!JiNtUVr%AlA82gn6YuqkVz?=@KbWw`
z$~NtaX3yz}Lfc;Kn+E!KbixwBJ=j>;S`~-(^50NnyhjXLY%FxRk@nVHCJ$>dep{&j
zC6vd#7BgTqeQB?4uaN7#ziZW}0@E;R-D{F&Q8!cLhi2%q&2BF34Tj15H(uQ>Ul{j$
zJ7wr22qB=hBDhgg4#N-^ZmLKW_S(0eTTbjQlNw~}jws{8ck2&Crnsw4LYqI0XoCpa
zTSIj9DW1K%&y=R}`_P#Qi7aK3mqS)-kdrw)6f0=mddButIy#fHLH=`F<o;K$RDS0o
zdAX&CF|YhHxC=~unPsO|2-+tlKDp*Cj?SR@Yj`AOjZwqA6SfV?Lvr$ObJYW_E;U)j
zte?SUxg)$eWVkW(QZZS25fL{sPE2ibJnkJ&ZU8Fq^2&Wy_68v$)Q8a21on*;G%x(}
zmI|XY#}yI@0SD4zEvq==RMWtS3e!{egRT1b2R{GBtu&bJ*3Mx;N*3Hmj$$&zGY;up
z6p9c-M^xNuv1d~JK2&)fD>E#9AVsKG^$!3`rNNBG>v`#Dk;6mQ^xQ-42esKyOo5Ti
z!e)AW6u?5P#C7(T?@+?$Gk+nb1@t$O4f13UJX*tbZYwZ^nr?xwEiE5d3uadCn$D%Y
zo>O7WTDEn(Afx>_@he#)fn){BSkS{i$cpr5vigVqlW4^S;Cz>`sLI9`hNfm_)~1fc
z5|1+W*B}7^!2Szjfla`FPf!1jwKdvn)<_p1@A?YS?_D6u5t1BkTQslgI~xv7R2!jT
zM;6yTJw-bQ9YxmYS-I1sRk8J)Rvq@6!4RceGc#O4(2m!YBDSBSz1A%B<XVy!&6)8$
z*MH5ozi2v|7Q79RE7{odB7B;=E_Z0@y^hCX`4l1hgXE4$xT7yif0eDIr0id@mMZtq
zVh)_|W7Vsc4Q_uSBYw1z3XG_7gKZHCBX%ym6^(ZcR`bvucp;y#Bc;m`Z50K;s!)z3
zFyQgbQg`D&cWF>N#3OWv^5EW%k#2M2#q_lH4(X~o`UKru*!38X8(a}@CJo|FczYHl
zYJ0f{t2EL9hRcMr`s(rfD_5SfrvAZN&Tp)p&cFe(_C3%-YyVBOAUkS_T<qEOC%b1A
zlgD3U1ms?Dp0+X0hp?5-1^J!nq2f12tz`#A-?2n1&!^sR3J2&|v0=KbCAz2}D)YgX
z$xP-*JSg|&_OrFVwTJV&<{Q+;QIgh<)nS;QLV+sog0Slym3_9i<(OKyH4=3JmMuJx
zvCQ1>{NaS3u8&yDTP~TnDqvsuR_VEXP>E&Zb1y=0eY&(5RKBQB)?2i*?j-z%b{fG9
z$kC$_AmQ7A{z5$<XM&1WT&)rB_G^@?EKEO(I;xn*Lcv;vea2#;<KGv;;yp4w9@xoP
z1hj+FttcOKX<18a;+Nc&JMsAdG7_)OQj(*3+q*%-GEWHDYTjWfN|SSx)$Gjrg1Lfr
zj|Ub=1hdv?zQZvc!4%BkIw=^uu?P(!j)89B_LzJ#2OWvP)3nyY^xCwajlDfHxL=8m
zvyyytq)nQwL)FW3?P`s-Zid=kco26%i7|Jq6g{MQF7?3ky;=r^mrh<zMyGE5*2luQ
zBC%N(61}vR@usO*RA}OatOvml)A?-AMYU?qN!iWA!`W*Mxr9Ji?<|GnF};)GEe<g%
z2@<3E*X^vggXNs4Pd;3SpWZz=I@iooznsv8i@<w(&16Z=rjz-q(9gV2J;IIN<e7@!
zY>GklmCl)Ur1Kc;iQ-Gbb}W^dBk-;bFm=eOda{M9^14^V7`dRBb;jCW0`PA9JesSO
z{jkIR6?~gIa>+_%?VTDaXs6zKF^B=r1Xj2fkYA1t)HtY?<1HFhSI>Xxh;z*1z3Y08
ztf`U_CF++Felw+TON}=*=NquZt3AUZ-xZ@}LnE6P5`wk2%1Jkr8eS=A$;9M|0V(KK
zTCzT${+U_IPcd=%ieFsoX<oqE>~%@KVUt2$&l{HDv*m#$p?9p$c<zA<^}z7g??G6g
zeg$&?l6K~I(h8mYnY2FtBxrw&_kyECD@%zy`%{d7m5YVzC%k@Z0{+9@`#Yuv<&SFf
zzyg*Sf}^=AtmMU65$17ZnIR#{-d!~v`fkrhq=YC)yc<@n?iCR7cZc41QhlbCq!LZm
zTAN(v;!Atb=<Y*7i0IKaj=MfW3|cm*LwCeCs|rFq$dVMuR_7{xgrcHIs%&T54_2in
zk)cYmHMWm>*`$onp`i$HkL{`dE2gSIoWDiqE!ytgo3ogay_n=kTAuC`%U9XSoQB?;
zw?F0u%(7-oGdxwAo-|qr_u{GoNoAD15WOO|=cpN;n#YevUVz;lrqEvlY{sZ=$}zyz
zYqbe3URk+>Y1bd*YYg1bMsHL&iT4&SAYH~UT9M^ZTqmkcz7s$FLZudZu8#KyQ#rmf
zmE|!4`<F{w42dQ!zBw;tSvDM;EvE44dW{Ro7+GND3}j_>9*!WOVfY%XUT|BN%au4D
z#>O5!d>!S&rpY;eGHi@MQ1S74G4)cu5oWUDva=|KL1N*nX(BD!xb99oCx3lm8_MuB
z#;tgICbFoY9@A|oErVqi<yQ9AM`3cOk9e=I+tQ5B`@j>8oh+84qi`bgjv^io@1z@B
zJyzeBCr!M$<;&YHCgt<i+SsO_6vVJjQ7b!A-&CyP(0{3~zR_CNzd16LHvQhEiwn^n
zKD#(3RWG(Nwpq~0RleGSvX(v|-g!b|B~5FRSJIE@J)Nl`3GAnb!1rijetG3Y9aa&d
z?IBo$BSascBV;a%)qk|j9h>CUJ)iV^a(_zaim1kRs+x`F->Z_&coya#YcY^d#o11^
z=#VQ_PJocQK^36_+O@=vHuSneftMBF-)xBT#jR%VD6>nRm-&K@FN4zhs@Y9!jk=6Y
zKl&+v=_K|AEBHWkRgOv6rA}N`r0g-|+d?etE_EjMPdR~wwbajV75yb&Gm;JM%`v+Z
zUW6?5m%ty9X$d`uL)X^!d?<bD@B0PnMS&3Z${zdLswNJGw%GQvO!w14z8r?7X~7#g
z0g+{RS5~p@PfjJNp9@{QXv-p9xZ~xvnB-wFde7vck&jC1S2{jJcrNJ-slWP|2}^I}
zN-sN)AWVH_Q&RL+tR`VL>ZQPiEV(fQu|0<)m*7L%Gm5#2%e9yL#N~?om{IN#%UH<G
zLlHxmT$Co|YOh-pGd{QM_Z48hMMFlt%h?DgcH$)-+Z<kmawmn75GIAInhMj`+HMXs
zicxL}S(5BnE|1OlWZZ&WLF&Ew<cWy2&bhduDAGqhr5?c}iFKu#b(WR+FRrKXAFfCB
z>w8i#!VI!q{m3N-e1D~?50I+B=m6--A5@+EGgbXx{F7MyZNDWrI-HW2x)@No+PT>O
z92;QeVtU+E`6D*)tqJ%q=;Ghewd)ko3sXdXBOB}_)l(!CWNnjDf40}nPZKL6_z)W;
z%(MIS0;?vL0xa1xVp!+P7K=Wr$KmmGy~u#R4$46$NT|mw-|aj3@`o{^uW1YtYAp}m
z1Cd9j43*;va}&DAjKS}xo+3Wse-+`)0^?xlrK*{=)3Sz)doc85szxuA1oE%wYJlFn
zU>kW;FFu!(Vz#u?53Xj!=RJPyNiNB6!jJG0LFUyhR356k#WL@HCz-V6h6A*HXlrK9
zWR}bWT^6I@wj&naz*GfPwp-xplAGx9HILJx$5ONbc6&arKB07z56^mtQ;dpmV(X`)
zB?pzZAczNz)u^abL|LZT>E{esw|~%;{Tp4U_8I?<uB82dK&WQ;%&-z>fs&W{xJ%J>
z&}R6g1vBgJh6*1oXB<zsZkOa6(#E>B2ut!Q$g!$3(d~E5NlepVVdERU^FVh+utcZ(
zX>sM*B#}=i?#g(}5QWbPD9YD@u%GPW>-4?8H%3CKdbK_&ISWT5HND}}Edqy6@D=IU
zifoa*{u~PI;fyza)Mo=Cfiu=}v83+(#9+hI-30%DTfazC2#8cRwA-x$w`g1_uJwU4
zDgiaQh(rwRDLZS$mo(G)bD@Oh1PryLq|%?>&ZbT>R*n_jTP{9P>J8gEi+8{jzL$6b
z0flEAZrX{tK`$}yXQ)oW+h7X*+IDP+14ka!O@_igu9Ja6fu%-#(!XZ7gJmyR+l+m$
zn1?-RH3{u72CQ~LOn{+McG7gURJsGX$-s}K?Ya0xCV18Xc-;lr6bG}dYcyLgyDXh=
z#Z|ecql;>%l>eEa_62FHV^~Ahv1%EW9KfyvOMso9S6O(yq0mu^&3uQ%oNs}sLP%J7
zcl2v9q=m_($>5&B(4^$G@YGQuq2`>>sJ_#O?ebuIv}Z$KapjDR6Y)C6Vz+!8E+g#D
zRd}eJj`o!VT}aBb{pLUOS~k0mLZ%iLgudOtsZJIkv|?d8c)-ShwZ=`f^YZKLzCbW$
ziFz$vcz0~r!_E+~5oPdHyq0M@y>|2!W%>=iPb1cc2nc6oXVS*~o}9VVD_1~+;r)2u
zhXyuW*eTXi?wi(+7agK-paci>o_t|+F=i3^JQcE2DkBf0`*IShA6P0|jXko=kIBT}
zy$Dx!r#i~ce|IIl!qd<L@9wL<VMKRkZ-#*aYn28m%OBH#)Hj>9%{doy5FJzERk<|$
zN!Xh2i@cNmSGrX14^^9K3qhuzVsiPB`=aXgBLY_oq-`wAex+*?kgoASx?cZ5*Pef&
zYt%nUSE6s*qks!sSoV&<eX(wa&ZdqQb}qo}%64}4rjAa(kd~8;^=HyPHUa+sUETdV
z>gMk26Mju2bnBA04+~6{6w`mEpZgJp#xvRZ1r$t5$$`=em3B9({VU=eI>$!lJ}_B*
zA~AP-y5$k7{X*i7;_}TVu)PTCeFu58hv7E0WQ*G<Vs-Z_=io&M$;c4U^hn4BwN02+
zQy*Pc89Vu)9T?6^t?A_#$Gt^~3-7JnU*Y`~bzhA39&n+vhaG@Jr_r-emJlz(ev~Ry
ztJYcHz0}nyT$Qi5d7l;}kr)@Z4ee@`ryl>-_e=CHju(~Sy83-2o1SMN`hu@00iJp2
zN2zDo<=xBjk-h?o4nv!Z!_ajz*Zv&`5ikHrs2h^5Qc5%WTBACG{HRYbP`YdHKCy4`
zL}vd%UAFJktq1Nj_-jpTSA*jEl#dpcJX+<THpx#KRJ4QHxW?_%DwP)3>TKAZC^uS=
zq&pECto?~eI(3T!XZA~i)bbRIFFV4bgpw}Y@Gtl#?j#bmFy4=R&7`qdF5k{FvG+uH
zkR1Z#6VGbVE}CWdgQW^hF%<;SVw#$Yg_T=I+Qs5P9c^O|81zMP$jzz2&GH`C_wOr~
z9U)f?*dY`0LA^B5v7N3oM4ia1bJq(FIHp7(e72l-!V@$wpVckp8pYvCd1B7RA|%eo
zd$3Iv96V3_w8pMsH@kP=E@~vU4HXqTK%{$wbAQA7(n+Zj#jPdOt7Q{H#mzJ|Iij-{
zgO`OnjKvinu!;IgprF37U|NSJy;*@fwd_7UaH@!F@VfU_<b-SV^a|mAuLyG$X(Q8%
z@axhSl*{;I=E$X{?59W1+-vBBV<&2=6%+etElXc^yGjerr0;!Q>3+Sm-2{E!2nXr>
z3ZtVv?qbk*h)WqQP94VfRrKHjHs%Y0nvKSXY2H48Tv(VHCzQDALqWuwMQR0IK4Zrj
zafj<IXR5Cdg*i=&01@wm7!gz%fHT%t_0PH{d$^twJ`ugPWHeK7`EYxgABHi_Ie1fg
zE5&QTtHI~?PrTG~RJj6T8tv6x$z3FDiE*RctaP9riY!nSao+EdqrPLY)2Jt6&75Rk
zi4{vE)A(XN^puv`3@rgZjj1V%@GhWc{8Rb5Ara>F3+`aiUh-EFHW2MeIXD?BRkS&R
z$SNmcZDjoQ37~>(HJd>t5T?0bm`~B^pSco4y(jVmPhP5kD*8N7f%%}vf?Je998{4c
zV%-G@gE4f!i1Uyw5=@Y_m_`WXi4SlzHrSj{=nv}?Le1E0#8m2cd|Ac8NZ=STnH*NV
z74nKWfp3Lt4(4;O3_7_7teEDn)CF$U0<!~Bcj^!7HvE~o-v1<Yf7|s1jt(UQ+~aR&
z^DAUoe_rZh<peeX|JmOC9a973^0N42aqS7cdswEk4~ib(-DFsj5}`e|9OMXs35}`T
z?($hk3Ydu##7{KuJ)k8`l9B>g#H$5{(hqwdR0D!k3YIo$@;8;22Np*dJ*(H_*gY15
z1(GzzQA;x&j8$Ko_62r#<d!?UDmRoC*HjXauAOABnHMHpx~bBuhi3aLrt&=~$7*rc
zH6d)2!S0xKL31C#kA-1|ejW}ggOR0iH^Ie6?<K1i*W3&6sRgeeWa-fz5tQS<sF^6Q
zy3WjZ$!hi#d#d66h5Q_BMY%>!Pz+zP#;8}>a~<Q$73qMA!L1sxV3=lkfs<2q{_?P<
ztpGW}_?PE2_c=sXtXOn_tM`8}mGwJQg{gr|Z3bFm!@r5W<}rV0*qMwYp<TByCZy*+
z0tuw#vZP2tmmr9j6@k^K=quOT6_IdluGzIo<c``wt}`(OM}-&a-N^}ROZf;DnZcT$
z95zlkV>A8&7oTOwj8QL03yC!Vn=gdR$N966$b{caprkDHK~2B}_{-xDR1L%S^x{g%
zYE^Q`#coQ;stf^cnzviR!zKU{l7ivNGh$-+5WhbC7Z;0(s2mC%)yr6=nTj3>JR7wj
z{>8FaEb})a@N#_Gxa{~)eJ}6bRa~{p&baFyCNBq50Aep<`t-LD7a&@6`2@QJ@b0|U
zx6(ADTk|c}YP?a8j`=6XV|17;kV{sEdn?EfugafMWZsm;VCwdIaY8SmBhd+589XI+
zu!qAXoseb&muQ(v&b>Xhby(UAQLT1+@umt4$wy7f<LeU=`Go-pG=nx2)i$<DDFE7B
zdOv=jOo=fWJ}b#PoqUv!8co3{Yg}RHJ2B1NVo4=wua&tv;|@H6xegC}JIn)@&zwG?
z;l9dxZUCJiWS+86)mYAGITdQ1ug#_b(u_FwutES8>AsBYOjXUU+SP-*JBXx5NPj~c
zk1j9ML+C(n>QrTFr^rX2!mUacxLNfPr<3+5nqy7Q_!XR$H}np&p6v>Oj*;?+g}Chm
z=94TbS^n{Q%e<D5cv}gi2(pk8OzhWc$J`I*bYPNL;Z;i5iv}g)EKy}teRyCFVB*bv
zeWi@)&M}Jz@de>;Smy6~&s9apH@@QeSiaRhXBoRY`VtpVlp(Z-y;tjKLlg5xzqLpt
zyyjg&Y+q;`<%bK@A|p~xbIg9}D!9{~@+YIi8EPLW&#otCycam?bgLUCb7rj%I1Jug
z70Xo@-w{VJd$GcTy;-F?otpS!F3+=&s~t$qyoyK~H$0v;j_G3>H1{i1|8)<nQ0kwd
z`XAZ@D{SZiT;lq5j}|K@)2~<sHvdz5V1Mu5-+?veM8&B(yqunnI$Ks!Q;skl`88Vt
zj>alF!k1KLCUvtLz?PLXpF{}A#cG!=`i?-oIg4=|zfL|gn~6_y0*=IHy&PQ0d+>G?
z3L64lD`#X?4U=fP!qu^Cz4H+V?k6aM6W8n3mu-AO=nj4E(j8}wuD($^?x9~;-<gIx
z#X`CL6<C8Ri8&K1*{@sS^4gVJ+8R^`C7Cy%JnZ{Hm=X}s$dN%!#4%ak;&h&?XfP#R
z4C>*R1soB(K)-sbp?c}gkw|A?IAxhhiqPLWwKx>4Xd(@nNlM_rxJBR|cvLEiyU~oT
zj`DQ-wJBd?dcsuM?rnDr;rl-ED?R(5PtA26>zUt^3m_ji5U_j)E1bdKiB<bAWR7Jv
zO(lpPA@>T)rh4Vvn<Di#{gdwsNF}Mx((9$XeMRU{!sW?zGeUPP?9>XyLnvoNHSR(0
zGTQq55{HgLtWg?-Hd2gE-Y+GWv-Ik?Z;fAcOFX~h<rntYD*uFKM60T{`qXF=we!tn
zec(*+-2L#Ote^=&gO@cU_V#D3l@Hq??+TKGO8j1+q-kNFSJ`EFi0GDDsPV6Z)tMB$
z>ySgCI}KICMBHjtpv1))^G=*R;$U(}V{cc;+giblcwqIJN`QGzxh0#>NE+bNvBD_k
zxPL6$KlAKbfZkz~H;LJ(Ujlqr<q5Nmx2~XJ_B0Hj2eQa#-ENuKhnngoEUeG+J=ii0
zwlNh4CVyEh39QLdyS2@pp=V?&|GNkS@`V1UjM$wPUP}*~$sO3C<FNSHn)8^LHH_Z5
z5;Q4HdLaOibbk(6j#9>tT$MqAQi^MhyL9Td3h8!tyF=Cr_9@})!N<(Oo#+FvL(%uD
z-wY**gdBrImoV|7>Q>iqonW8^YQq`?#~8IMV+XJ2GG^<N*}eVTZ`+bN?t|7<NC~EC
zOJ$AS5YToBCo#v58JqSIYXthOZgrAYU*h;h3Wr9r>HKVWvQ(^}8wifX=O->P6z1lP
zP(kB?C@sC$(fz}wdma~ufD32tSCXP>rCMKjtM!!wkLhMcjD_#%4G|$Rq(u}xdGAgo
zKseNqO*=>%di(tH304E1>|G-p-lQ0=DWvk1TC0KN${Y$UoPCs6?g`CmgQ{dHgLrf4
zgFW0_n$qQ;3j;MQr>{jXp7=pzzy8QJvTb2#?+6A&VYd~R9M8CYnbkcq9F_n{#?iVH
zJ!b_NeHA-LxM-z|f^v1e)3?~fUvN*)HRBxchVG&$I`9kICE6da>lJagd0|hm^D9?@
zOIlzyK(RXUhggmLGgrO-NwJCqK={6Y08-e_$=Ko-t;)g1_H#hsu?hH(cJA+p`aXOi
zLEtHbm^nw;75A8$e3T>KuA(A!3|&y-B&>mwzW;3ZI76Nh3x@QVv5sv3n(+pN@|YKQ
zYwZKvTZ+!Wl&CXQ^h(A$)8k;H1Z?$=cP$b{w~=uAFi@Mj5c3nCVF{0nMXeTPA)U?L
z6f4F>=y~x|EJVvJZV&iNsu5}>>HmtTw8d_F2XqJwjy~%mU6!?S27`vLeH@b0M={b-
zyV!le(}ot!gob2Nn(4J@4BQ7^ByFJ|>DCh}Z_z)UhrQz}CGnXi^IgN6Dm95;k3djx
zE{+EM^pGs!Qe*>DdNEr|ym_E<=B-uiBy7*%>R%~YX2>IG5WP^#S7L8;FNmor0kl6b
z5GZp?XA2i2AW}`VU;{q<zRU_O4hVo21_VISe78pwI4FRypLX+}r8<{sLY)}V&$jtk
zEy3mgni9<lVE%4zw7;iBD@zJ76N|Y!o7$R~nh>iQT3ebJI$PS=5-XcJx&o(q5utBZ
z$q8Tsa00&l0IiZ4xS<8W!UTK(0H=EYk4yvryvGwGBVZ^vTDk%QUBvQ^=7zSGp5M;(
zt*!(7x74%%4qh-&aC9(WM)zY~ho7DV`<7s1=w|3>%JkcEFC;oN8xtGQ@&Uho@ZXj#
zV9?=2fc-VIbF>Af`(Obu9=iaIj;L&COAM?ZVQXyZWNi0S;<$vRv!sg=-DBQ3!;exE
zz@?Axcjqx>9EgU$FZs~JTXM|%8iBh*o~qo@-e+{^eXW60o^x7+oA{k)van1y;E8%_
zF$?^%t}Kd1zgtRY!pW6OTytB~Qc@#BceIls<S0r|QFV9&qf^u&jcx1x+rVc5sFj9y
zZiX{yc&TI$QNB5#Q1ion%CBHLw5~VX`+G&B)C-FY_015~M;l(1)k&v!>}=h<5~M!I
z1k^%Qe1fbC>U^r1<d<U_w_Z_=>!R5uz=Q!e{;7mJ7*Yv}`4zO`B4q%=MewWv(;=)v
zcReoIa)l4r83tkBz?Lr!3&gpifKoE%HoU8Zj;!?aZWzqBm&5AYJN6h4ePZtsyqiyL
zHXxO*qFyxFtHmQf`!>vS1Hgf+Sl}+d<WBRAD&$XOmG7TO8^D>4l8jwmP9Xo39oqLn
z+0g8beku7W#UL_gYLV2AWHEpoc)tixA%F>30YBY@0HnuE{-18jFDc%TS>Mk}4)J)u
zf2-~Q4*L6lU;vlLvl2nr0;~b7S<G305QaaBMX>x*A%M}z!jPHX)Ro@po2k>AGk+@@
z@h?ZQ{%?+Y_IO!h2vLAAuv`VKL5L)1$elG9D1Zh)^`moOpjh~ieQ^R-uK07c0!9%9
zWdJl3q`5x=uu6)5*pFj?g)6)Po`9!6+5pfHoZmi=ow1YsFFgY&{r)bn5b+<M`dje|
zr(fR4_+#`x4*nlw|Bs>nedLP>0ly9BZxht_${b*T$J!^pzvY-tcz{8GK?H!>0)MSQ
zEkImB^4`P7)!=Aggf^k)d@{F(<7G>RxWZd(0H)v|^&-xp0QqMuWMl)(OMw6fkpPH+
zk$?=Fy}5N@E7R}^amLlVUmex*Vz{>jMWJtX4rP2s{lo~280Ovp_r7Ydpt=jKjsx^f
zs`XnGWu-tXL9uGsBq0OkB;a+`FrZQyCqL|to-MbCR`GuncYWWSf~wPgkeIAG5&mWV
zx9igXblsf&@WhsYjp3Ha>?TnU6r2nts(s(^?mB|E69ma;Sma>DY6xtg87|H5MA@l3
z0&Ri?ux_V$1`+nS<n@-jorR}DfY)uBUTh|caHvg4Bzs-*(o2F<JqfN<X$v>*l?i(c
z;c)P8*IoSSy4izc{fe^DS8g=+<w)cagNNeG8CsY<xSYLL+(_kJ{9we+!&goHALb?K
zk|5ooXIP)hu#ZMiAfiH1v)Q7hi@UG=X-fE(6K#*I^{P-~y)EKR5oIzhh#y5U^h~2y
zfQtM(%g@cnn&7m@<IWo7Q-pcMu0{sbPBfEqpX}U%pZD85y<|g|5ExmpgnPqE@8y*?
zNa!-IV9h^(p9`ogc?n(2?dmGl;vU~MgquOS1|QzI5!K-lklQfUeoI8ZC#$3?L{r2~
zR}Ss?7H*`+yh|P$8z<$$v{>B$Q;Ssw_4E1X=OpYe4tkDMj49Z-_M5r_P12siIqhai
zVmbA`pOjQpOZL2IdaYxb2ZaOSK69V!+Dgjk2kjOr7xpCeQgv4cjYd;)R*D}}&s-}<
zZ~v1rRTL6S0tUDVeD}ILY$B+Z%k9fI@Af=_!Jo&yOOI~L_mt?#p>yE0`<Hw1YFul#
z`gGkf8*0mIyY|;l?`@unzd)U+-eAhJ@2bN}o=x0G=YN@`;&6AA8?4io$Pk{^fy8_B
zWMX2W&Xf)TE&7vmus-Ds*;XhHgvr1H0fF#*AsE|H<-t1VwQPz;1eP=kNI}bSB*YrG
zyYD#UW!DMI=_zVW>f4XhmX$5-L_-u!?u}98vWN4R&-A%J4Oop#A~zw~J5t6i25OI6
z(W(gy*~jlDu_%`iWxX~9N6(R>SRp&K1UU}hy)HLQBOX>&-G(9tze0FfT!b9Y5j1JZ
zXubY9Gvf;vSoP~neC@)<*;89gQ*k1FsUT2#Jsr$xa@S|Vd?b};A_??DA~up0!mV;6
zzT6Nn8KwmFG(3t^gxzmX(WR^G!oAkeh<Z!&X2juxz#UW8(PJH;hLyv1di=3DVrNag
zTEU4R$42<{!C%5jp;fIt7qphUCAnSX$YnCYM2=R#rqRV}Qz0;`(cL{Oe(HSis=IQ1
zAKko6@RDtt8<cpn<lXVUS-$y8jj1QC>BJ2z@5}`DNBtDLU#oCm780s3Vx8h*h8+(<
zVCkY26iQgHexAQr@JvWxoqri?zHw$8n37L?Z1@@TgtYaIsqHv821EVE0(*(JNqrCY
z96Fc%QZ8RZ9%FH1qN9An82w8xHnWzm@A}QkW<U?O&I_G3HCL$Mz0WFWZO<jb!*CtL
z!Ey#B%;IvD#y))N*=b~H)0wVjgpE&EHqT-8B8|A2Hjla8WB0IAdX_0FAQQ=pk3+<C
z^o6!I!X?xZR0qZfnl}w>XXYxW=F`(5?@ZCJ2GfF?R~_|?J!=vjL-WCBoP~QuB3!;g
zo|aR_gj?Qwc|uYk!Qs=V9E0regos?zhH^vdM%vV7kTlKYxn0k&6X$JnW<a?V(j0zu
zT7YYsV9`MEp8w&rc>hd+$67i55kDl;Kasfio7e+K#}KwNwQ#hwH3#ZMDd1mg3scKq
z1MVEZ2HYQ;|6QH^JEtZwmYvH@;h;LmpP-xLA@XUVt1|oE+Kdwqj1nuyT*1d4)C5kr
z_qyCN#lkK(cw3@=n&9sI!wrkLlj1ZAZtZ(79W`rhgoyi|W62>b?|~&J*yu9!$55x7
z96T(?gjX%asGT509C2AEY=!VEVv8<7ERZFo(_-ss!^4&@zmmuNE2qW}0k~Imp%12}
zw-&t=$(61`#deNH#u3}-7;0f)@}smW+;a_;Fa~Rn#%zWnrnDy5mT}Z(MIU;4vI0Cl
ziXBj8-hQRd!n!XHx>`u`pJue5GsG%Lt|j2%=X%%cYnd0k!0!zqL0Y5G0}MxUubuW!
zgDdRa&68Fz`1or!OEubkb83)HeiVE9uAYDl1{QoWul(J+fdHmXL(~C<V#aUY4T49p
zXhjri67fqz{gvkgfj=AZqj&R<7kqlG6UWT_n->FgYJg$P-<$s_U+aJJKqi&*AQUfC
z3a})fnNyY|NPXejL#U_#2|Y5W3JH#iF`j9z6y#hPJ=@KP#A)E;?@qyH-o=T!K0+uk
zAqgIUMq#Z`3Zo^mNE@k)MXRVD*$g8hI^c9uQPzLqA;5rJQbhQS7O}M6_&r;_4@R@*
zvqeSek?a+OmAHUVtG7FoCKJi3TX*kp6|7a7QIGGWkKZ);A)Su5#$bh`sZO;!u<oDF
z(eHMJl7~c3k*rn7B81OzQDD!XPbLOWL6F$Lv9o*7X?(IQHlU_X<%^Ffq+U|rK-pBe
zc1?3YLgs>7PM;RS7M1Q+>r_6KNWXT1@Mgb5&d3+L-64Z+;phs5>Iutl9tfxukceX6
z>N$KDr!W90U=b)VP!Qk>5KxFC|4|X@TLGxQb{ANGXl9_&rUFp>FO~K;wNLa-?F(k{
zXYqz`|B%~`)_-yrerWB-+GD?$9urf0tYi31Vp{|FzPk?WfJgTn0_a76{D1Nq{-|*E
zZ=JB8Yw-L}6|R1ivwKtbB`#z+1Z=N6>yQ=Sxg*;3QwUtqp>%}sgg|exY`Hf~`9_^W
zLk_NN7<45y$=v2l4=>5mDyo!ynI{2gUOy_gdZ~{(jiB@0C_yle!lJr_OSX?HF@pq$
zf@73l0N#jEEIqi^OlNQQ5S>yEi1AmaMu%Q0O0w4`!5N%L<;E7gjY|F+9=UV~iwibi
znT{K?yseMu#+F;$f;hm3m}`4e{c)vV%JGP&2HywfTxCS%enQl%=KBoc9*cqD#hm^T
zq(G;uHd{4XOU)vW)V_q*-(mVqkr>bE`gxAx{6{aNEjt9~uMIPoZJ~%B3h{AiI6U#1
zlt*k-=%p0C;}@QPD9Z1(ASNQg|4vcD+6X<jMv`;y*ieP<bd9@mO~-Au^|m*!!yjts
zJy>y>KX(}}wWj|B3QNs&|4#0R4Ug`M9s0iC;dZD^8)8-si3wgJfwgV))r6yguY&JZ
z#RNu`#atmjqU6CX1f`hjxG5785v@DjxXr~4;eE=zpUv{E&5(FY_7dt`Iqf(HXY-D9
zF#EbY9*W#E9uH1#4+a<r#62m;bRvyyoe2x$+p^e3yVG7_a7RBrDHxbLDAdl>Qujue
zA*OkX5~7h%)HQ74A(@xuFQwMG?UiwlEl;*YLd=SrS+3yVTP$aG+lNe?Yx2Tnn$W+b
zeqn6SNDhO2DdNd3{ozoAr<t_SPAZ9YhaGU4>bqRFOuWIrp8aIAusOB`_Jm-spAy4&
z=CuQiDfKRw;RGM`7zrq0v5+0R+}E^Yi5*F2qN^Jth=b%4nS$4NHwp^Em?^J>2z5tx
zqY)F<w~R)v+M#;QOU6?mQ1XyJ1gowwS6rzV!wc|n2FC3_L==!@G|$vS#@<n8Y@Z!I
zoxi(RJYk*=0!Wkf2-LT;THqsg!-4Gg$>3LTo(FxcynmH`M&T(@;>wm)YcAjDw6e5!
zhWW_`&A@)?4Kf?wy9ykXK(C221Hujn(TLqA0%tA)PaCI17h*fZ^?W_+ZNZP4PLtvt
zs<|Rh9z<3{O1ne{+#-gIu*Nn{kT?kHjFUbr#D&k!>mcbYf~;Oc;0ceY;A_ztj$Bek
z0vK4$Gjt93E0uGI@fm?D&ap5RuBDBOY~4csIz5t;r6h23_SdW?D^S!N+AjzFM>3dP
z^Bbz^*N(>8B<Z3~4DHX_^ZZ8R??}_hk|AWv6Pm)vuLkYCoSd7K5N&J0*o8D<dl+Ss
z?=e|;y*QzQsLCG@A*D%L9vY#N1)yAiRg}Oo5MX{les2AtD5-y*jK3+$z<*Lv{ua9f
ze~jH(ds><Ui|qW%A|pG~&xIgZADaOG|B7Dzora8IwewxaG<gx5csnqVHh`~=B1D1l
z9BSU)8fWu#eROg2q5evJsW(Fv<#z6Rg3oe|4->@3=KWJy=m|ZqBEdAptvXV!?%=&<
zIp36FG8Yyuv3v0wJOXS?!Z3v1x^DX{ZN-6M4RP4zJ@dqj!t36x*kG<AwH>b&Wy@DF
zy7QTTr6IlD`<I_s8)?$Li?!CII$=D#x;#^K_)x@iQbGxWUI3Zw?8!PRa{s{h9=;v)
zwT5b@#wtNCpAuXVTmGVW;K=0&t-TUOh6IX)^L$oXPn~bYdQ|!c1m%xDL3?GPW_M9&
z6N|#kqtN7jRzsf8Ny}?oNm&mQLnT1z?n}ihgFF-{Rx)9`-Y!K-g3-s89uo9Vba?px
EKfaCG(*OVf

diff --git a/karaf-assembly/src/main/resources/etc/truststore.p12 b/karaf-assembly/src/main/resources/etc/truststore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..aa430cd6cea20b45cab4ee93b93ddb5bfa565792
GIT binary patch
literal 2266
zcmV<02qpJ0f(X_E0Ru3C2#*E{Duzgg_YDCD0ic2ifCPdFd@zCtcrbzpbOs43hDe6@
z4FLxRpn?cxFoFnS0s#Opf(Tj$2`Yw2hW8Bt2LUiC1_~;MNQU<f0So~KFdGCE_36Ya
zczgI;K&GhWQwt~?3?38Z0s{cUP=JC6Ah4OOG_z4f+DDNe9|M><HIXW^6acL}6(g0U
zPL!ra3<ycM3+|1I6+_y4yL+w>6_}Q(yvfcC^&_cW>yQk#7^I_Wt0KctQ=k1`yr(d#
zb;{`+63xwPvoOWD9ETRg$o}Djc(-5VqqNAi(~e`$Jssy-<S9k!hg{F-Mcdp*eupZ!
zg;!FoF{B>(RDqQX(jg7`kr&|?5$;7qey&L;K<Tglw64WfU4F?OaPI#$>;G+Ywjj}N
zyBSX-knuHx5!^vju>gYVJS$SiB<3PylUj5JN$Oge=LS6)uZ^fpdXX|LY=6Rt9DQ04
zV`FUftPZ7LtfP>ly7142kK=tPtclXZt`W9mw?tUxQ~&@{9*sm@c~RQ-EPtNxmc@6n
zNYN4id|h3hz66q~-rawCg6x+>bZV;ocRNT`p7V7!Qou70Y=6L0PphATL1)#C=iQz6
zOD3evIJ2?$EccK66fL11J|BHT$PEtY+(3L{RcW||w@38yKMMk}<Y1h|`!I$zjdeHG
zu+G*}M^b^c0c>O(b^P0iic6jq>M>3mG6<yPA1(_$TiDeXZCQZ}zGo)xk-WuDJF|x!
zFiRkH<le=5PfLa+?b49Eb*chVuwvKIBAed?13tjfGiZo<f(DNn)~<X!=f@V@l2cPE
zqC`Yie_M-A%<i{Io7XXSMnpB_PvOyl=x*}%CaNbC=kgiTZmylR-LVRDAujh8lktWo
zb?L;+QiMv$QP1-vg+@kNAg*4Efmn5md_KMA<@KRioQ(Wc=kfq4J&W4F6oZNc)k=<K
zWj`~_(f<5(Cu?klyEvKsrS&BJsX01EVhUpu+|`7&vV*_L&hTJhWBBU7<6h3-jYyZG
zOMg>ysV;)*j6`OQ0GsWw>aN^MJ2x=0Ki2mw5yw-34ZHFA2V8}mPov2wN;{VLJuK&;
zP1?@ngT_;Ep1~sA+dFa9u4axP`JwJV3PmfBYlvtO=}Gi%eHY#d7{d`l`=6dMcM@7v
zWu&2v*Gt+agxuPlQ9F;83GAOfPB2K_i9)v%b6Xh|oeZ|sM;Sht&S{v0L_)%A@_VmM
z-$B<S_T!r)C$x%hCMAdKVpK|K)D_;0F~maS5BqE-CRmvxZh({pf^n!F8t_bPw_kJB
z$U|BuB#B2*6U<VFkV0kCAXNzo@tUHM2=jH}5R%dZbg2bRw3J^*?_Z9e+SwWz9QB5x
zSL_;u=gB(V&R^tf*$4Lzb->-p4lb?sOC3vPa+XpxB3^8#)HMa*ay(fD2%|IiNz!<6
zmk>&2z<ZX;#q1?0G^oMjR{5>Ry9ujZK5|V-VlNy!Cn|pK$UIA1NbF1Se;XjBz=s(z
zV^V@==Qqs7q<|>BDUF1}teO2ER#Om~g;RBr;tx!6wS)G(ZZg4P#45d;`SLSaDev7c
zA;y^Yx(dfE0+>3&jJ@D|*m#+fFIQG<!!{6d)ubtFbj%4Nq)VSHa{g!oV6!lDZg(fH
zL2}Ow$Qb0zJ1rBzJJe8Y2$8`w0`m}9VbxQtG=d7G-`LQ#7@ghTIM$?hn~g*2WNes|
zyqCTQEk?2G>HmFs@B)oU9iCc>Ny3w$oKRSM`D@s#F3d?fmA*Gi6kO=F0`!4y1O<fq
zlrS^2n_v9DIm({G-!z@*T8EXn(^VO5dwU}YT=ypCzSJ0?c$*&j+rQaV04V^Je*4}V
zCgPXf28A!Kp*8Pso=49g#~QQEDXQ`!p03E;!*gPZPf^u97a!U$5jLT%;5)vxk$tG)
zffaqF_ZI#P&CCgapV~#fVJA<sQrQ1}*@<@j%1F0v{-&Z;g-hTI*Or>KyUr|(u2g+l
z771#owy3aSd-kkXZ=&`kr$gB*P@Pml5JwK$C8ghMXT+?zfjtR&dW3`?#n86oI`~#)
z*<w$g(7su80a1-8a4QF;_85vM?%4NhA|&@SdhXNu!-`1luNfW?mc1p08Q@mO5H^}(
z5vEG`ps(5@3p-yI@ulUE)ivYr^M+sKY>7!By8c#@`#xb#77z0BEbZON;L*1f)Z$VF
z|6;XpQE3sou*&^%u#v@oBtU)SASL-^RB<jukXCqR)C-$2#uKlM&5%3xJ9$0?s15pR
zeuXHSuJSvexm99m#<HC`)f7~&v}@baCne$<+c?q{GBl|2^@;eVuC_U-)k>+rd^yTi
z@q{o;j4Ka_+`if-%mT{3vy>OaSJmx?i(1=>p6qr?8xWhl=7xD7?KX6aYADM6K8_0B
zr+6l(!2Q^^5_nl!Efb`tbMl1<1z1x;-xb2ensA-Fk{P!8Ca*I8BWfkTK~bkue#Wb&
zdd38WlkgkZ!WU}-d{9c+E>}MY&ISqAY{ph!foUms&aOjgYR4%#Dh21F0c(H<)OkVI
z8?3lc+Ha#&8&2bqKo~3GH;N8ej3HD%8;!k+ZNMl1>7#^3lb!VoL?#o0VrZuT9Zdzf
zK4;)R7!CsL6bcrh^tel4il$0nPl5U1209G^rJ~sqx~kcod%Bvw17L3X@Wd^X&<i8g
zSMk{ir5EC7Iegz%(IA#fkhJ_SmX58(aa~Y_FYnEa1Do5NZ@$j0-q?})%BgG{xk5`A
zYHML!{NLY6M<opaNnhqr6WJ7<Vc5#)jQaKpi^)QHbRY+>J-F}B;tFlBx)wXUx6r`4
z)nc_2q~%*k1a4t56^Ldi01ZJ;v&NO)8(T5(2WJFuF8(18!kk)al}*tB_KY{^-qBte
z%wvOgf>hFgG4w>LJbeEp=LET#9k%K)EHFMWAutIB1uG5%0vZJX1QaB+4I|w6w3iur
oMHiK}SS7VKy59s8_s+sV^Tu!qIt)hP^g8I#Y)O}U0s{etp!Rk@DF6Tf

literal 0
HcmV?d00001


From ac50a35351d3122f65bb4d1a9258f4a9309e2fec Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Thu, 16 Jul 2020 16:54:54 +0200
Subject: [PATCH 107/237] Fixed keystore names

---
 examples/example-getting-started/system.properties            | 4 ++--
 examples/example-idscp/system.properties                      | 4 ++--
 .../java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java   | 4 ++--
 .../main/java/de/fhg/aisec/ids/webconsole/api/CertApi.java    | 4 ++--
 karaf-assembly/src/main/resources/etc/system.properties       | 4 ++--
 5 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/examples/example-getting-started/system.properties b/examples/example-getting-started/system.properties
index bc0db3a40..f9e88f63b 100644
--- a/examples/example-getting-started/system.properties
+++ b/examples/example-getting-started/system.properties
@@ -148,7 +148,7 @@ karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
 # the karaf.lock.slave.block property (false by default):
 # karaf.lock.slave.block=true
 
-javax.net.ssl.keyStore=${karaf.etc}/client-keystore.jks
+javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
 javax.net.ssl.keyStorePassword=password
-javax.net.ssl.trustStore=${karaf.etc}/client-truststore.jks
+javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
 javax.net.ssl.trustStorePassword=password
\ No newline at end of file
diff --git a/examples/example-idscp/system.properties b/examples/example-idscp/system.properties
index bc0db3a40..f9e88f63b 100644
--- a/examples/example-idscp/system.properties
+++ b/examples/example-idscp/system.properties
@@ -148,7 +148,7 @@ karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
 # the karaf.lock.slave.block property (false by default):
 # karaf.lock.slave.block=true
 
-javax.net.ssl.keyStore=${karaf.etc}/client-keystore.jks
+javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
 javax.net.ssl.keyStorePassword=password
-javax.net.ssl.trustStore=${karaf.etc}/client-truststore.jks
+javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
 javax.net.ssl.trustStorePassword=password
\ No newline at end of file
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
index 18b754efb..4445cf458 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
@@ -49,10 +49,10 @@ public ConnectorConfig() {
     acmePortWebcon = 80;
     tosAcceptWebcon = false;
     dapsUrl = "https://daps.aisec.fraunhofer.de";
-    keystoreName = "client-keystore.jks";
+    keystoreName = "provider-keystore.p12";
     keystorePassword = "password";
     keystoreAliasName = "1";
-    truststoreName = "client-truststore.jks";
+    truststoreName = "truststore.p12";
   }
 
   public String getAppstoreUrl() {
diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/CertApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/CertApi.java
index f77c8bb19..9d9dc1d54 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/CertApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/CertApi.java
@@ -68,8 +68,8 @@
 public class CertApi {
   private static final Logger LOG = LoggerFactory.getLogger(CertApi.class);
   private static final String KEYSTORE_PWD = "password";
-  private static final String TRUSTSTORE_FILE = "client-truststore.jks";
-  private static final String KEYSTORE_FILE = "client-keystore.jks";
+  private static final String TRUSTSTORE_FILE = "truststore.p12";
+  private static final String KEYSTORE_FILE = "provider-keystore.p12";
 
   @GET
   @ApiOperation(value = "Starts ACME renewal over X509v3 certificates")
diff --git a/karaf-assembly/src/main/resources/etc/system.properties b/karaf-assembly/src/main/resources/etc/system.properties
index 73eea6e96..3c042fc0d 100644
--- a/karaf-assembly/src/main/resources/etc/system.properties
+++ b/karaf-assembly/src/main/resources/etc/system.properties
@@ -148,8 +148,8 @@ karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
 # the karaf.lock.slave.block property (false by default):
 # karaf.lock.slave.block=true
 
-javax.net.ssl.keyStore=${karaf.etc}/keystore.jks
+javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
 javax.net.ssl.keyStorePassword=password
-javax.net.ssl.trustStore=${karaf.etc}/truststore.jks
+javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
 javax.net.ssl-trustStorePassword=password
 

From 80006cf3f49df1c343ddbc28f4d656fee61abab5 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Thu, 16 Jul 2020 17:14:45 +0200
Subject: [PATCH 108/237] fixed ressources for tests

---
 .../src/test/resources/client-keystore.jks      | Bin 2537 -> 0 bytes
 .../src/test/resources/client-truststore.jks    | Bin 18467 -> 0 bytes
 .../src/test/resources/consumer-keystore.p12    | Bin 0 -> 2693 bytes
 .../src/test/resources/provider-keystore.p12    | Bin 0 -> 2693 bytes
 .../src/test/resources/truststore.p12           | Bin 0 -> 2266 bytes
 5 files changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 ids-webconsole/src/test/resources/client-keystore.jks
 delete mode 100644 ids-webconsole/src/test/resources/client-truststore.jks
 create mode 100644 ids-webconsole/src/test/resources/consumer-keystore.p12
 create mode 100644 ids-webconsole/src/test/resources/provider-keystore.p12
 create mode 100644 ids-webconsole/src/test/resources/truststore.p12

diff --git a/ids-webconsole/src/test/resources/client-keystore.jks b/ids-webconsole/src/test/resources/client-keystore.jks
deleted file mode 100644
index b892a543f451d0ac961064942e2140f89d279b9f..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2537
zcmZuyc{r5o8=h}AjAd*M23gL?(#-gVC`y(=I2}3|w4iB>FwTr+EOAH^V^<Pca*(a5
z#7HOPq-;@WLnT?FbSyEJR!wI(zjLmB*LD7Q@9Vjr_x<kodEe`PpHDb1oQFUlP|*N3
z20#);2dq2PA|Mb16y(5#pbQeV6$!ur1E?GTARurKd}jIxQhxLz-gWS^;JAMHuPz1{
zWP?rvcXtj$zvmaZ8~29~=Nia7RiSjl<b2|Ne*I&z)UV1ZEH(AZZnn<w@=>zNp(V?H
z*RP{9l~&o4MU=cL_SBE6-VQ63v38%I==xrIs83(5C8UkS@_WqU@SnLF@=~_NhV~fQ
z`O52z;++%Wtsaja>*Ym_n8>qNTHbfOF8O%9z^^NmJTckVSLh691-4fzpID-|QXZ(3
z@ZZQ!DiodXON>a4d})aB{axpdf3@&Yrms;4xX1Ze`5Erw;8KSSpN>r(VYi<0j_BqI
zzo9FL0onF?@$Rc%dq1Jbn~p5D=ft~zYYZ7aS^rAapH+d*)AM<I?W|5zPGlmzP&KBW
zB&erZ>!S7<{Zz6!cx|}lWOz+{KOz86-BdxCe_Mx3N;2u-Y*Qn=B>JTMIGdQ(^nqZY
z7nd-Y`}k0w#mS=~@%diH32jd!Qrp~I(!^Akeqi)$0UqK^VBxrUhFJ%;x9bQ2(?6yV
zz-wxK!0Qv&ZH=NEUCJG&npM9>gxWs1q-lt^H7zgj=nIa<D$dHTDBc{uVG)>A|G8Mu
zYMkU1SaIf0DnI=;`7u$=mY|1OytsV(U?E1`X@Hi9t@^wJSW(8;k~u!1NjJ^q`X6O#
za(h-A$;d+9M-z_&Dg#w&T5(-Yl)HxcssmHHemML$8!@co(FDET(r2ohWojOF5BPF~
zxv|;N^EXdO@45W0Op_#WSqEupntimrQUCdcxes%yyPF7VU3JE?FkFT}_Ab4s3g;s%
z(31=DPN=<Iq5oJp76k5Qu!i?t$Z{PwWXWVJYJCm#Fwcra_thF6+=aLIslD%-+W$gq
z+^Q__;8v5WYlqqJ7ZE8yMO_2uKn=e=hz7m<G0a`yxnL=vjGSIdAv}OMMz$9&&XBm}
zY5kPD9On!By;`FSCBz?kAD{5*iCb}aKVSrpd*_>IBe;2~;a>HViTvI7kP#-748HK^
zP)CbAH6#2(hWVd&+MGh0CY!%1cOJ9iVUueULb3OP)N0wCHx8M+ik#4h%|4&sPwh;B
z$D6139)EG9AmkPUpZR)aAa$$T#le6U8IKSLbg!FN(a@_2-3uox8yT5Zv0`&^Wfh>A
z>)^{cj}h<fVq%sq2b&q1wVuYdXT!c&wP<iw_ogB5Idf{1if6#Iq_)vVue@H{!{R@E
zN%t3L&7&$CVn*`@cI2~I)}sr}TCL?Oji^~Mt0tB#TxH96V7zC#O_=(%+n<~@3ktDc
z?INPGibw4n&7Aw{8CB1BElWtno)+%5{AI$BT-d0kWg|6xjOof7OSvmA|Ih+c+uk1`
zGgO2-kQ=?JdOF~fqt`$lBWCT`Xy+|vrp${(=4SC{0Z=V<rKaEQRWC#$n&05-?rJ=J
za{V-xN4X!7E5vH;Npykv*Q5ABV<Zj7gqCIo`SQ#u!s8G(kA*{*@J^kJVrP2ajT4bI
zIiC!x0g9!|+_Gkfw;M!YbqAw3s&IPZhsfVnbYBB2XIZ9Y6HNazGh|BFiAgj(lGIQ_
zew0$e%I)m~KN4gMO)1OC*Bogc-!2Yb+RC4MQ#9VwXY=IxM^n?%XNc4F$m-jwbBeef
zzs0<I8ROUGDeiMk=Vs4K8EWInc2u)Nq-I<4Ud{I0wX(99{dL}4&Q-URlEv2Uj~h)9
z;YBn7%^(nXrKlm6fgD(BDGUlgp#Tb$MoJiP9k?H)0YDM~0e6xlK?x*`0!J!9ZS6=3
zpxin^Nulh+s1eKnmOnj=qy%nSPr{^R9Bth+-6D>Vtu>86k}0@ZNt(1BG$NUhjEs#*
z-~kae`;LO4|1XXfZ7$LgmqOZ5kI}=JBsmbho)D7~|0#mbqy^BK|6PC#D7C&$QVL=1
z=w?SIsenp<7bLsEHP_1`2M5xbY>)$Je}6<#`-gD=G(?m~K{)^bxnqBfw}!)<InIy#
zoMYkPSZ4V`+@EjJSrg=BH!JX+CKTqW8Y0el>b@kr^Uk<(t7wt9#aCHN`?~dV6+NAq
zm@~F8MYz~E_>HnlqZl7WwruF$tE_X-tc3q(ZsE{@YO%vZ>3vEJZvIiOo#WW*jDCFN
zB&T&;SHHWLqureKOE^CrHfW#{*m*8?sCVsjE1KvscX^8p(6zec?(WQX-_|m!=uH@a
zl#Qe$KC_a<D&3FOPOGuFQY7sc_p_h;zQ`A?LAJ@)jm7mkPNm@ZZM^1buj#&m+wBN7
zC(>H@Sg7??iMK(dK>gS&LWi{=)MD^R7EYGoP+4C4j{GRA1_}cpKsg797TpLNR2N;N
zx(plxSJY1Oypq{7z0bd~`P-M4P0`z2moh+&_30nr${;2|F*TjDz#vXp5&91We~2c=
z)Wxc(Z#YL?0S*Nrpyc{mG#n0tB1*yS>qG+%f<zEsYEY`j-4eiNhnO20(!zp?)WC2$
zjp+ZczleTx!$7}qqG%3uM~aJn-3Wvj0KgqUd(ieD4nny*{-@!`ied({sG=|aODT-S
zV$-NJdKi1%qQv#!?_=t~F`(i<axmz>5da3SS1SjngEWprFpEYF4q%0|IhvxHXe=g^
zPGhse{%fmbxah4xlHn)-irzrk4V2qJ`3+RqK*bH*w1JrK-6?v2B6k81*AHhgwgzpJ
z3k}&hRF%ie_Kl}}Qq{H(E@tkW1^2W)ul#z)L8)nT+LLMmlKk4t#^}6&w?}}B9j?84
zZt`YEew}gh@=mgL!K%&g8b@H$nD^A?p&KYY3l-+mk?!~<$#eGDXSt!7!`gO3sc(OL
zQ+(g|Ov09OUhvwl3Bt+wjQ7P+KOwgT=H~t(T=enGdY44^eA=TNb>6FeYPLd5Zqb@r
zyVnZ$1O}ug?Uy(lId}Dy+k;cLc<9c8N^|qEaBauc=fh-&i-S9IqaeFB6S$*i>mYAQ
zi3S<4sUAU{i_Lj)L6wrSiL|mbuUhqlwRr<!c>%rG*`fM9>+JH-^i^#1_CIda8Bu26
Q@1I4>Ib^G3O7cGZ1-fG;0RR91

diff --git a/ids-webconsole/src/test/resources/client-truststore.jks b/ids-webconsole/src/test/resources/client-truststore.jks
deleted file mode 100644
index 141687e9b03864f90c4851fe9412a11e0d80e2cc..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 18467
zcmd7ZbyOXB_8@TF-Gc`w*n@`zcMb0D9^BnsgKKb?;1b+}1PBCocXww=_sn#sf788t
z&hGZiAMm*KUe)=YcW!;^a_iR9;nN`q2ng8A57IBMkoJ!H26`YMpz8cR2$vv`s`M-X
zb`TKo9e^MB2EY&OYZf>dC>R(hC;$-(_Dzsj&^00`C_E$xfSVB>01E}K1ObH(CM3*=
z4nX}8z#+hi*y%Z1nOYkg*)hHXVE@<%j({RAq(CfhZS6oT$WP1!U}OalVk0uL0hkzB
z7y&?bCPsB^L?)J(5crP}!1;f0cx(XXuZKtaad-ts{eK?Z50vEh%LRo50rvw%1_Ahi
z!h!jLf`ZgHDu@YNMw)`tr9wB2L^DoJ61m<T>}IBb570?(@8L9qyhV6_&RAkTsVbmd
zc=t-RDwuI0jIb#$Gfmm8R-{I7UzB$58X5T9A5l368HMp+uHoJadmT{iK7YSm<vE`H
z4XNN*gRKIgv)+k3O(1UD0AzGWK1k|Fr$|Z#Pu0U2QhZoRhLm`}>q{H=?wbhJQ+eSw
zV!m4Und07^knz$&Oa~@&U+-NIU$baL?s8Bu79xoShfPk6>%kPonu)<;C7b#=H?uwC
zQBo|<Jq3oUrOYH6j{?)zpH$gGk2j>sOOj-}gZ0kDfcG5|uoo@p1zQ<j?>^A_nVDNC
zKI9aGfrEm8=K7uhd=CKxFJB=65(E|mMrgR-@q79WKDrT2i)$Bpw@UX{1OTERZ<9jc
z0I+;8Qkp(_PBdS(#QRk;&FMut<yg$@1CW1w038(c83Gaj{_+BV|FHoX0^%iaf&gqk
z0wM?ifF3}b^(Kodh{Dvt!G?o@!NAUfUeC<l$bjDXU-?3BXvAP<Xixw09zYQah6V~0
z5)v8|6haIj0ucIV3;+vy`;TK7T02`=SnIv)@$Zgg_mXY~dIm;z4nGo({>LA`Pl}fu
zen|>Y5Vo0>4?EmXEr@9T3AGtRoan^2QaS83LqtM!b<XHn>YR%pj+fcnVk;bx0p0K>
z`v+bV6`}WsG^;Fb=iU0W{>%}JMRW{@9~=uMLn+1XgoS7f_RfS!aiUD$9hBeEqMwrU
zAY(W-vm+TAnXqJfVp+Nox_0x+v?pWSjFm|-V$DZ&k%THoui$k&B$Nz!6=kKy&FKv9
z5~Qlm_A^GR-0QS@wV<!Bd@(c<ry>a%<+;#(R7i(^0Bi1tvHF4xb8P)VBbpK+`Wq}(
z6yAxz;IcR*%y-1^5BD~d8Ix(rvhPu!k7r!aAs8$_+C<+BK?m_FDT{x3M~6K!8f(xb
z$#w9H0$~3n0P^WK0`y)8(0U<2_*Vj8L9V(CF}BWGJAeN*LjJ#|0PsQq@P`b5Unl^m
z|KCdUzr&y!?@L#d@0HH}dkDEQJKB|lm0_tQ2i%ARc2C<6vw3vo){J{R$!sHMy+gx2
z@>uI~o}m4r-&-OH6TlO)Ng0#%Z=~mRH#a8vYArUSYC7jp{JvTQB0iyT@+R_BE8}D+
z1ihM*jR3o4!$S>H<iD*qdlNE@({fzmR~IbijC!2w*#_)DmYAhyU-dOUH&cQMTJdN|
z=8L9PHr7to_24#sr4%7#%NF9g$En%3c<HZ}gg$I0>byK@7XALSUt%s|O7Jj+WH=H}
z4Oii`-pSptJLEXyCtB)a$z}>Zf3UP5IL+cWA3;LM_u|z(XTG_*?@~s$De9Dgy#kB$
zQ%I`P`4t0QfcEbw__t^J{}lxye@L2N&b|CoUP+1`q4)Ek?Cx)DHrn|<5@>*jiE&SL
zirw5$DEpK5g>{Pcbu>MDVeE)jv$dD)l9**o4`QZv7*4w&nZ2|6;PwbgHh~=05lC#z
z%?s6Jdx93FOAbvdEo8cZvyY^gk5gX1-=Q>th;3dnOjHZ<iS!*1r?2*v<XtRO%NK@9
z!P$vjqup{=l$4sclBeR4d|Lii`REtmL??vwL|al`bE%Yxz!4o_Bhzc=w}#o!2%_7^
z!Q+~(f(rZI%!yDmWu8mz>^%0$xFq2uA(lqxUQ34GS0doJPC3zU-B5bLJY5+;Gq?P<
z$lr34c}@Wd7a^4_d(S`V)_QVTbm_*uoO_@kP=-d9){IO)F2UjR%qK4w=jNA_t^t4q
z1@|H#1n3(uRM3|z7=#~K?#$FExbtJ3xdoQcjXzj@R222?I=3V-qQ)s@gQbV^(f&0f
z1)oZs-Y`UKm9v7{e#!1uR8BwY&b&PY;6DB;bofB(qaM(`J?Fg~Xuep$x-sdE3Wq?V
zNN@PlF)N<UJYBE{#V2TbxR6dvAWYvfO-s3X7T$OhLdIuH_+>0x98|{xVAjpPqtyFp
zSDQ7$a2(p+*Mw{Gqx)%}AWL20U@wKX`s#bB0-v7W!BEz7uQEN)uu>~}Cu9hFolcyD
zEyA{G6X7s66mxw$=)Ss<Y>wbeaaUWvCP5N=VmaH_0rtINY^8uKJu-s1ZcLNWXzi>h
zTboUNdlFfHZ?jwf_=(UZ;j5~^4mWN~2Y~NvM>!_t_7e+Hx9KeQV<kCEqxj<okr5ed
zB-_lAo){m_aonsuzg;kXVMNF`))*dTR?=<+JQ6YIsUZ<)Ax|vsdf{R2W^mGCFc%~|
z<{qEmJ}zZ7?qf%oi$I;cd-&`mxkg=6XhfukKGjg5veRQ>mCNqmkF0&q^{EDg!$U48
z%oud}{VVGh*S<ZD7zzPaY=VIByH!iG6&*OO<$HMWd7daG5)0_%F`8~fNS4bYW&#ka
z2fk&dlI4wvD(7*;rhA>SGM=!pQ3g@e97M`&b&RuwXP)@plWH|gmkEYPTA7dAboACW
zWunw?!VT8=^z92)13K-X`EH_sssuTgotImFgvuQfmB*Bqas@DE%^AdAVbqNfOm(SE
zAgdl@rv41j#c;QLn_nL9HyA@z&Wj1+^^h&0Mubz9;g^uR6}G)C0{spGeLy774~2A;
z);X~<CFo$!pk-$53<HvG*tk?JttGq#wS*h^O_}2#leJZB)9@->Ya`Da=$@bIk<x;n
zJ^0DjZY@ftT8*^AosqN~%Y=SO>3>#{V9qa@Z2wYrE&O^3flzG_(D(xc053+Amt6m)
zkc1XBva{5)a{cEP7<6a>JtsXoGd)J+m)%}I1C0(P<!EJQV9JOAK>M))4julN;!n@Y
zP~X~xkr06YV=Fv5rnr@%qrJn+t`@{XdJcNT3N|mb03+%z^$G+yI*gE!g|(T3gV8@K
zQ6PZvM={C-e7XF*6s9b|Uux5r@ISsj-^|~CV?SzH-$)REZz!0rFG#*@_<<#V`l5$U
z{(vL%dLJkOalVXCvB=V=hKge9hl$Dj9BGmDRY{z(f>=0sh&5udQ4Z9wlg%<N3)?)%
zbl8cpw(s0uYjCF4rF~4VcSJEaAi)FB{ZEKY4FS%8lW<OXdjRa`84Aw=g^VF2dIiBQ
z^vvNC0+wt*A#@-CveGZtj^8iur5pf%Sr;n(g4`LZpo@qvgK(m~Qw>6!v=;a~s@Hl9
zfad_?1~?^de2%hx#~vKhnX}wJ@<S(S6YhsnFzb*K-%}_-u<yrB_*^sQ@&eeXcXpzc
zJSas{PtFXW<sE7!`Fl|uDU@R8yHh$QcAtdacvxRf7A(jdkWNMrlptm#wfSCd@}T|>
zR>ogoo%3^efwk!+9qa!MtU2q2*7@iUyhRR3lMAtu8~TRRpYz^e`8mhbr&0{LUPcHU
z1Teq1G!}TbXNjC|>W{&4TxM-Ey_?z4GQT@|nJ%}mHNa~{#;M5}DHaakDtqUt)ti}8
z#;A=$B=QVPf1O#BpT)8tu*QU5iLpDI^{G-rFyjLu2Dvov17)%wGbn>azrOd{g`9j5
zwkg)pgY^ml6O8DIJVl)_$Qxe8D-Wq?Ay+d@<UAj21p0+OsuFYa!fLRL`s+Thkne_N
zZ?hqYS%*5(r2NTYIkD%j73Y;(r4`p+3W;pQWwhbktkpVBBnXeW28j>1JtU(!&C1Q&
z$s5V^=mjR^3@Xm1)Zjsjc*ncwnKhdZYXuNGQFRbPo-%8n=e`A1Dl9A~m_br4mJP^Y
zj)*_W+1YeX360+CW!76Vb)nAege|SZNCch8&|Oe~tIzl!p@OWEj}<!r5>m1%dX<?d
zrDXa%Q{Q~9Yvh2=PW!OD%^WYW8wYXd<#M58HsJk)0;yUdF%4<NF`Yb@gw%t9Qf$nR
z$SC^hs22fPEdaenWfF!jo=Iuv=J#l2et)&@Jlxl5TW7ep!u)!JszP&o)q(dUc0xo!
zrUGW^R7wb=U=|tXA&x&NvQj4b)*{SEe_aP^dY*Qv@6q}-&yBuUaM!0DuZ!=pBvCC7
z0Isu}?PM4H+cG9MX?r4;WqBQaBZ|Y>vyrl@nIl<vPX<u~Xg8M##rQm;&(y}4g4Nl4
zii4?V&a2^su|6bhnhVPZmFG{}gWd#v2xc4F2S~LyR>bM-eOco@I++lJjp~uqv%6;D
zK_U=KI}yUoXorPs?&}oXYZndMy5c5OuCVbKMT-g^hOJClYU^F82jN)6jF|fMZl5y?
zo1wfsR~v@3XCL^up82_@WZ`~xHTWfw{a;)?_{~+iKb(dD-@tz|3WfgvAJ&(D5P!f6
zj*jeL>S}LqWcA+8(Z+_DU-Tzm0YJ9j`}!mNuUY3`Ia`o;;?%4OT(inwN%k>#5?)wI
zqR4B>WUZ?-;Ko1pb$si>pB`B{LdDR94I$KdS*FDNQ5caakz0RPRNNa!ttccFO8PK`
zX@6+GN_od{4gmRd#Wd3t2dpEQI{J(PW<=V==>o934(k$9B$6fdjKv4qf4}2O@zs^^
zzFwlvrTH^w$u`lKY{JsrKGJ#m$d)=lv!j3Z#g*ao)S#qmYTlyWYpct4XO4$HHiQqM
zC!TJh4k|vER$=(!$28|*MMX{Gc1Cmvpt{10y^_guj=KxzwgiJYIhuXOK%Um?LCY8V
zO1V|y7Gx}*MZi@f$LdS@$+}jFb^*2mi^a_nwyLTX>UYipesz{N?XL=0xo*&`OC&>M
z93M1|C6t82v*51>cBS^FrUh!X@BK+M-t7_OiaP`nf?f)1e`ZPxHO+*?JTfLQ$dS-6
z?I4#G-%S!jV(<2<g#Q$3X04UlKwQ1kNrL49CD>5ymePSnN{1NyogpJtTp}i>=}FNP
zp@r^<d@Pfrz-Pdi1`gMq8j<ZLFg8Rz|BKSLfW00!O7cb);zFbSGQOe}<j8|6sXHU_
zf&jU*5y#10>T%@<(C_f=@<RN1`6_Cuizrc-E;6GRgu3L2vex>~RG+;T<_23JCDS_w
zLLB+{DYV0_(<NE!zloIDD|K_!gYJvN;8SF^fT_9^@+>3fx9M!g;o%09=9sVPkHvf}
zwoO2JrOIW+Wx3=~QoN+0_hI{kCb6Rh1bAfHa$zYcGSwus5PK@W+NfRBBdVz4M>s7_
z6neh<``y;zvI$!F<$w@Tj7Qw^o@M6@zYSThL03W1)8{hQiQOe>68CDHGFC~nqOC;a
zJmq)#M(nWn4JlTE^V>Y#kJ@$tnS&iOULs$G;E_r3mYM+bxx?R-O79`t(Nb_`;N3-D
zweXp;O|*MoAzsSY*y3EL8Sg_MSG!M^y9kV9`gz~53}d)^Z%wg6ys3*I^4d9F2fc28
z1H9zj%C4D&2n#cRYX6wgfx{B+X7YGyM)U>Mfss>ECn*QHrXwceVqh6Y>arCIQsNF^
zZ-N$dmgjf(wO(A14c$Uy%Q(-1;5{g}H2nglH-001bsdUMicSz!FWpMw-Rh;nnoT*r
z{uT?ZEz{<D27Jw^mDFft8=(OYGFIu-@^~HuH0i6%woYjb<Z3=4rMFxCo~qx$AvNj+
z@sTrf3n`$60#FIM;yC)o%<DC=Nn~VeqeJMBCas&J;dLsRW09DGA<=N77$Sa#*7XHi
z#}{aqeuEbOkI;Jmoz9{GP=0Y10amd)U71*+yT$NlVVQn3Q2tfH0$xJEe|&*|Me9(d
zk(W+WCSd2arlED9O22Nf5&pr1JeOpnID~$hkNN-}&<;N~m!8)jW8%XHn**NeISbW>
zT$GbejaiTmz@i82`G6{hVwE#`x9LR#r`T0^F_A^Ksu#Jry!q@>gpdcE2KMWEnY&9C
z68Ea-l~9hid@6v+lSW9UnWVA_N%lXZHGKCZe*cqVQ({Ee@}`TQr6m;ZbZY5baSip}
zGYz)4mO}q-FVjJ>_HM2WXO`x*M@jc=?!*jok9k?l^^&esbCRt)*_#q*83-NN<9YLr
zQ~~V}>FCM^%=5H<F<XWv)S!uyUVVP=%@sjAd1s3v$cvpXCktJX3He%!8&cicCBNq3
zkKVvbJN~6LFbCuDSF-x-Y>Ov7tr-RH?PHy^=X8#!W{t+7aW5??;w_4=1g>Tu+K{ZC
zTuB4gVt_iWO7D_c7}b&Ob^}jo?Vm8lLmw)JY}$MQ1+D#JD^?ny3e&hXYbxhkA?}}v
zx2>AZt{FKK%cMpg03)n^;lv1>(q&SJX0UKr-#}vco*GA_A49{}67TSl1ZHhYl$Yc;
zt4$*0-E?Ua{L&9z&lB?LMU#z#RhytHvdC~uc{5k+aB>xYi>_Vhe|}@N82_YQ6vaWA
z-DSucE!BJ=l)a!S1Z{PFWaRJL*$qns_iSlyWnLWI&vQ?W@fk5-xv9|hUcy6dl{}=?
z;8UT_w_r|}I!wRy^p(T*!$S7YzE0I&3yeajweDWG2ss-WJhwoXZTGTkY|&5We{}C{
z{l;+A-z`ZOMhF456UKp>auR~LbYJ~i_ON5;z1h^kDv55k*0=&Le6P+>c#4bCG_(m>
zSUW_(;Rd3UXYu^wQ>Fx!cUN~NB(k_+UJhxUZcgUdNHm{C+a(K`L}cdMMw!v}@S}bA
zR33*S8R?a<3HSU<xNA%u$yNI{2%1+Vp1CHib`GHV8+fnFnj*%yrmPwjMx<pv<*N9b
z->5MQTfBqIazXfbLVvI4u4uU86ZT<zl9<}?Y|<l!To;r#_SR)y>K-91*ptx65cZ=v
zG#C8pjv|8t+bz;-0yd=OI%W}undYH!MMg5#<DG_>XKvr+oiv!;w(c=LN+51HTQMo(
zC7Z+n3Pq5f9V%{(@H=rHPpZ7mwK<?SND=C7!!y84emJA)Zc!pq@Z^L!J@<s;S$RGf
zlXpC`u!RmE1+Ww?dY8T9H4-;^>C4Z!g#IzSQHJ!HQ+=%7c@2h8&DlT6%<P%DU~cWP
z`AWk5Jr%~hS$n4sDb1IupJfeyk@cmF1wHvqR-`}5>Kpub(uxbf`L%>aRWLBsGcq=|
zFtQ^S{ZYpL+#~=1Sbrk+B?SEUtn{y}t<~7DK)MF07$`)4a)c;HNU(iqRl9BIZagtm
zYJ!FxU*2?c6Y3te6WpL<=17xJ!q&E5w>@eBLzHOC%y0rhJKK~G+kKCgq*mz0z9J)(
zGv{`tlf-?rZ1g=Xa2Ft5vUTWANS3=PePZUZi3c<zL&)wD+cONc^8yZ5TZxHD{h75?
zxhJLz;M`xT6I-`9eEIcx(8en<BFc4l1u67d*|pbHE9lJ^p*!({zG8<<lp|Wn@q$&O
zoQh(=;~A$O#EkZ+QrpHL^agX{K1`78a^OYvwe^o^DcN}jJegYe8BFTl5^pCA<4$?F
z6~$|~y96pW(E`TG1hNJi@CU2b$e2@qv-a&T*3M?&yjc7BB}41}O}8LBVuf7z-RxKE
zca_s;`%%2oK5sAD85V<BN*4mWFSSwen<6%{10o-RkqV2cPul{1n&vE+jvMigiiir_
zuw|0dIik-B1G$4NZJ%u5yzjV&HE`r5G@>=>7iUnQihCfe`@c)QJKV8LE!-K8xCYA>
z7|K{>8g%G7=b;@SR`-xjCa(575_ph*FB4E=*7V+;5L|~gEee%8;;Y3D&AiKN9zAQ-
zKziiJ?_nUJyZ*lXeIS>7a^~!9VHHQU^3|qBqe6CyCecu^<{_h4Kw6$7ek`t2qqCvC
zjAcLvDD9fUagVx%gc^RyW4S%ICm<vK_A(_oqQ9dTG$iw!fTgwqOHP8Et*mx$-V4kL
zw0F|KKs1oKR;>cZXdII-gZ;c<_}(-)fH(@emBV%V;{tRz0%!9^D`S$;APZ|pX5gSa
z?b|By@8j(fES*a3ZX357H1%`THUh)AOY#i46Q$@uEeol~Zl9GiDBLykax%KL8g{-E
zekc;22fo%$Yn^PKiAIGcj>~%H>zd7Hc`u}1dqu)(5*o@{r^n6@!u)8)FN5ik5Mz3R
zQAH3R$+Kx~u^T9DPkr8X7kcsd>hwx2PvvGx3oZ=r(;cH3Ig4gyVxhOmfJ&G%o#8u0
z@A(wn>|4!Ci*Sbt*mJp9!VWCOxl{0-Eie_xnFi9O+w%HEVvJl+%z6V2cV2jB9!|CO
zszKPX!AkCJP3dI$vW{-m6toKu?I=XQcf4!tOUSX`hiYw=%JG)<Yibt1b$+nR;(F|P
zkF2Jc5h3KA5_&%)`#_C1v*6{o!lg0CCest8Zuv$kFDMA>aQ!XqNNQ*mpBW>g8wMnw
zb7{%uV)`hPxVK#V>Mf6mI$56I#{6ALgI=?2Uf)Mx;N|Mj3V#LjJI*J>pQU}NU%_l&
zq@DYhwEX9Pl-Bd_g!Ui(UT}111#!W5f9Me~vjf?G$LlX4;6J>)zcMu-|GNe!EMSE`
zFp|B}Tt<W$VG&1)2@;~L;<ow3Yj-g$B}i7ZVoa%~pO@d)1$ygM&82#RVkBu>U2>VD
z7tL{#izfvkqHFsk?&df#XxXqP?J4)X5(x1yFu|Xt-bvyVMNy7K!P;sNtXf$#L+SO-
z#1ZOEvjRe=svN*2y078SOjU%q`h?C^wA+8UU^*vtJ<XP|Iy)eoueg^v3w^j~bH)Xj
zXU>?VCzGF@)?W&BXRiiHWstfSx+S+^s~wwJ#E(H<f;||c(AfZNM=5Pf)5A5WxAQIE
znmdMQG#uxv4&Bp4ZdKZg^cOE7-NY=Lljc#}#Vb!&h+KT5QVzaS!TZfrwqH#J{^-E|
z>8&mLc*9n&oLDK~maT*73_fkYK_Mvv5LQ}ON=ozj6apHCyV2Z-!=hZe#O@?I`t*7K
zJ3IE9oU>PB1_%U|U+$JuZ)BQarYmo{i&E%Cm-da~Y0xIM_F~@hG!(X@jLl*^h@@vC
z3-M_)J_OUyn`Ke%Wbb?tAh-X5mvq;jW^gqC9&cc8x*8dQ6P|Y(_I&av(bVR;{<%D1
z>f-}<-fl4ow}<-HF5NUAhDC~U*{RC5Ts50ctd7c7TiM|D_(<C9XU86PL>u_*;;2;Z
z=%(lvK6@vb8dJ(TI=>i)Dbckw^=U3KZ=%n%MtZMdzdrkaMho%ID<|qS4-@JL!WteY
z`tlwjb5*$Ei&gH#G?&)ZwA-tv3tA^cWtI!2Y&73~#dL<t5Z`Fip?s>h9aPJ<x#Hyn
z2&r3CVTzzVE39ZENtLo(%mCjOJ(O?GwTGvfJu+NO*R<Rjloq!w&cYkiWh^?8WB|tV
zXdh<qp~&hS!;l-z57psPXON!?v9Nno7+JsO_!rhuzkiVP6-#0u9XVWJav{79S{W>X
zKP6S?e-?qRtLy73CG++A2IW)0kG*!ty0NZ?gP|e3yDHgBHq4zvzcR~rFU>2s3h%@$
zy!+L@Bz3gV(VeC&+>s+jdWTU42BZH{1{(Raq+zXd6vAyqb3`TaOC~Ixz7w6)B7y+*
ztz}8kC*j(-`G{EFYbkOAdSV+kJ9fV3w09H>l{Xu)N5tiFJeUzKVXIikEhAwgnCz5>
z<;qEI@foA7M*{^|pU{v|A9J=siS4<FC$`6yp<GCyL<LCTs%JuU)OTC_^`jJ8gI2^k
zSIeU_z8bV5SCV+Fzj`HTp?M{uCxrBcTfUF)RCH6mb`!X^_|548zU%J0PD5V`Mu={<
zlQ+5Okk`+udcLUo(j5R@`%Ts9KdS2M^LMiPj}a_zbU1lo72%i4)!NbK_q_pTcE%rb
zR{!h`{1O8G3zqm-y7pWkx?>8;Y-NL;r@9FSgKTV5>df~$d#hn(1fF1ngt+xyTw~Qn
zQ-CGAg^g)`+X3pJx}KcPHV6*sXrdfvf&{zHb3atbls``p?WfU;Dz`p+427Q>(N|5z
zElg=4GX#E~Awzt{lNja!gt66gS5nK`Yu!M`Jsx>AQ>z{P8uHI{)kSYvvI@U%5Lw7c
zF<#jl1XtGQ_L#hLBNyW_<Uxo<kW74l%0qQAUFACJCY3PTvW2z@Zp+M>&XRnl&0^r&
zwZp<2nyG}!cJ^OiaTYqe<FsFPU5V7i?#SoTA(UwL<lGFhk5UwfZ~J<>VyoC50P(E4
z9uaYYD8(2(`<@=_;Wu4bf6;a3h~ckvB^d<xL$$zXhLkYzmc;7du0+;D8{?A{%x${p
z$$l}LvpZ*hSdnQ=o9NjgEXk)J$EwLhw>dC*ZIlKJ8`I>G2YMigB{VxogDb-#hI}#g
zSjJU`C~!qUQN9s?{ptW;b0F!-012f!adTR19*#(ScFVI@5DuSUAL-1TbeX*23JUD`
zk}KxB=N3fV+i0`plKRh6!;NGIalU>J-r+_N5UDI^4?6|Uk+@Lon?sjWyvovH@fg@M
z))sQHZ)Wosf(cCs=<7&GB))!{Pn~9{nkafQTYe?qAF^{9V~Z*9B<ceJg=Y|I)Q!1C
zC%WjZr$WKiXat^QH8H}5BZKNJNn!J$o1Q`zSSvE^TRYYXJPgz@W<4zCWDQtPKs$*7
zt6LK0rLU5jHd-&0=tOST^?u#{UgSCxJnI;|{+e`#jmgR>lBJ(jiq@<0wp`85QK?(p
z_mWTJnxxGxq%rGEsf<b*VBLwu%gV#0Ah6k3XeZ8MviI7Adx@x$UqIpD`+hN`so}KY
z@S*O=wAh`%%xNK^+5-P~9s91`@<1E3cO(0_()tGRc%2i`JD#>TVb)iQoK*IwNAi4*
zugf&N7e~3wTAaQ^rWO_if7-&SN#-Rq2QnT%V`IQt;Kp0Kdw2I<BNzZ9k|YWr&-D6O
z>BF`nbjd{O7<bd_z9&+q-{X5WVReN;I4C%fG#&NjETrB#0UGt5CI`A2S#V)zm@hc)
z+rC_P3c-OA9MidRhtNhDhv{%uO3f&aKYu@x7FFs3R<#+pW|^Fkid6W7D!5RcX6IMj
zO001<_QAV&sch-fUfLLApun1^K}zvNH6jhnr|rI7h&qmpDsit`8T%?=!Tn9fUT2>+
z)uXF=J8dbz=xbCi5Ar}ngHD+LdVz$cS=rCJCcNkx^P=nBZ@TvV4_zbvPF;z98IO9o
z!G&dGXJ%mJtmj~4XKL;EGQntVZDV9-|C6+DS(tw>?T--P``@+Pzfw2%NQZDgjnKJA
z#wNr+RZLjtolfo-m^W_84n9yYDJ949Yg8J&s5XhjIka|7Oaow2Iz+-Q__V9zR7Zux
zoyFzb&0vRN)JL{5XwPHq%E_h=5yUDk)eeEn5Mtp$py}a|OUm0Y>qeeh%#zkJ0ediS
ztJG&#ea`xe;+H;KxFq8JnYupT`;XbtSwoJ&q0{JqlqJN=uwTRrm1{IN4{o$H3)f{T
z??0ynh{k{TunX;Eo~IJ?$?IF>0ggKr-=@k_IE%KMKl+lF5CNV^@E7rS+2y^fGT~ml
za<(Je%VW^>b9cU-$6+u4F{u03J*AY!bandm1o;tPVW6}&D!#IAafWCArY_5`>NdPg
z8vJ=pYh8=tM8-`6OCG6sT$kW20V>qVWKiq;b)8C`eSJRUQHTRAK+J`R1=i-=FrB*9
z_HA}7L27x5>9;)rAwn@n4tO8#sYlUxb&SvB`<ZV{SIc*^3~k&Ho~1?r`NZ?;G|R>r
zzF?{RGmHfRG?+$4!Xf2m;nvYOP^Y`tL%IVIY|;zLaPwSe4TDE=Wv9rML)OTI+)%NG
znpU$_dZ<%*^)A|herJ>jgzr}K&N%~y7PETAog&zrD9=sUf&3!eT*tdqfq{#}WVP0f
z2ig5c))C{;?Wm~OeuBN@Z;!StZtUf&P@G$X-CMUI6rGJylf%0EF}Q#nAwVa5z&2_k
zZ$U#-!K~(+^cGo;)Uu~^|Cu88;k*6^!E^TS7q<vcheep{NL!iig!?PsP;O$*n8H_@
zv&l~1xzy4ML{HV$$i)xPn3cx%I!W-&r62CE^(L+CHbY-E!9hACVsv(VxE?kbVOK!=
zpaNr+7&*Lzjp;*ByVdkO%Qe883kx%6kMg1Bgb(q4nOath+rVy4#P)8-fodP3FsFGL
zAm|YnC5S2saKPGE8Pzg8#B~$(4C}WdeKP}>4|kZ^HHK-z#+A}vB~lAs1HN!{?yi!f
z#O@c>WTWCl?kH+Sj2q!>t_k&AWQr<>^ZAe*wE}3Z+CapdInBBjEgVm(`psg5jE346
zEe<}7u{n$I(XV#$Yx$-g5$2r_N1#wYd19C)L`OmnPR3d_O%5Nj;(16rDNjQjC?8Ah
zc0dV)QSLXU3v{}7PQ*~3iM+v+S1O^3Mu#dfpS6LwMH$2al?j3tJ%A7xJ(uebu2MyO
zaZ;wU2>zTges%`B+f%ZGAp`uV8QV>m@`HA<)ocs|c45=WAvHTeiNtZ-YwQa!qy3WT
z<gT#7YCo&{GO7h;{i5#7Z|XMwQC*L}6WxDIeSxDxN$Ob{SX=&#Ec5Sgbuqtv2?77v
z)%}&Je$shaJkhu|gdTms+3e$@XLx5xU_v~!>yE87K_H<4mGfgh@O1$bah%Ax+LJ4^
zm|;SKA5f%*cO?C!|5?c|K(SzD`%V6~!s^iSID=cw<_A{S<v`v9)k)OSOj`q`B%=ZU
z-p<@|+r)A`2@y4UUWvMC*4jk@!j=1K?FML;KQop4Ss_}TqrMqos|<F}xCff!7=9uI
zGkA0?pbSRpjf){JK6*cCjfmQzpJyF-!!WQ<Yn)G-=el;Py!tLP-!ZGjO_)s8;~V)E
z*qTDEG@mfOSgn4)g4-s>w_B1SMcoHwV!jZy@&bGN?EKX+H7j0ng2`|1-#q0InKNV2
z0&YM5W-9ZqrV3EMnA-A^iH-lJ_nODl)wnnP;Wf>ssR1D!$0>+ECA%3#0=g(cjFcd(
z4#hyZ_JN?NQ%miEWjsg39&){*5jZM5fB#-iKzqs;sPGKt{N#{H!a2)HA6$Ikh%tk9
zfI1ShA2xRoyQjk_zu=VjoWGb9^l`1<6nN}e7ggh!4V{R5vU0UFa<Q{~vJ$<Yv)aRs
zz?dQ6_3MJMs!L*G_#p2A9iQvvcvLpo&YD%M(o8wmIL@s)5Z_{{Tj1ioAiOlU1}-Z;
z)IjW$i=vZ8*(FE)^YqPd3P9K=YCvZPaS5VTi<_^97w^%1b0<wLvMt|qqt*lU^o(a}
zGD?%l6uD$=tiO`{<hJ}BMdp236sA_c`&;N`bR=5dTU|0@TN^lBk|_xmaM9M8<lKid
zE8CUrAf*~-pO4jGNS?~#uKTZE%Pb8+py{@wD7CXxi389U(g*PeBuflP@tI#&Xy&7Q
zQEd)H*<cU3+KX!85KbsbOHyF({&4IX$bNF{)oJ3tdTIX^4L33Cy)JYdze&ncbyGQm
z*-WrSz6OgbNDJb^^BMtExXUWC162*HQcoZ5!7!3GA>BPq47!YDAE7Osk$tt1wH!BH
z3WpM@|915koNk)aNVW}WgG4xU59mE)ZL2i`O?`!NQxU5v%vV|BQaqClW_hhaF;=2T
zVWdGNnAl0mXB^Kav|wUbq1E!(%eo~Zz=$%c0X#5UFp-vlfl`Kahp6S_n1axcz{SV@
zD<whlt$jRCvrigVz=_AxZy)@MGWZX%59{nK-$Z@XX)6*8t*t1C9ti$G*>#Otq)+nJ
z1anZL8t!7R{MGld4COA$%e$#Lk0rKxt(wN^oOz35Hr<c6#nLs!kHle2?#!@YAJ?fa
zW~RQG$Z#&@YWPz#ts|0r7@JI+#Pl=@Soj&$|2YH8pZZ5s|3fpd0(!15x43?u(PDnf
z_%o|7;eTod_FwD!D_En>742(6%jsyTv!%q;qzTiJlUU+#RM*iFzNIoTsu<q`cFZNX
zMT0=D*L$qc_jnsjfCe9UH1nBQ3_X+Ma74Eoq~S_FgLj}%SQ2QNJ0L5m8b;C<u1{oZ
zUya*xyh7ody4$q4Y3B|=w;gbi=)7!l@`})O3I4`hVH9c~4dwi2um)5Szm2bAy=#NZ
z>yU44Z&Vr<W7>jpwHX9qj6*;pM+P+%!32K7>Aq4_WlXpp*2XXMJ0*66P9#%Rx^ZEP
zr`6S)G0P-D7;Kwa9to5)lz_}6A+TlGA#m|OEfvDuYQa`PA=^zd;%-Whn<+bZ=#3)$
zJRowbZ4>adrQUTj^Vf$9Ab$)H0DpxQPWP{hRhw_5c4d~$C5Wy;PqM2<+T|SEf(@2~
z(-j3IVpNyu4dNbNg0v{1GUQqr!F#6G%7r39lygF=PoR$(?E~KNBd0+YD2@DEDf;K1
zSCY$t{hBU2lh?hX?;p8%1YCE@zhddrC@HU#=})6}f1Gacp9@@g8at8VGbCtqw_w2D
z9aUfJ+6}5GNDe6R_CZNg$G)nz&TtjfDm7K+*#xUMEU4&|Mxnh3R>nl!X_2MG#hLJk
zpFU+{v`u5}kj>j!!wh?7_MC}>c~7|`71u=K=h?Z&AZ&MZCN((s?v9tvcAG1KNq<lj
z{6O&)lck3ipI-JX44@CP$aB+rmDrP-Di#*jbM*;q^$oTG6&of`S@dgI!<7yT%R@c4
z@Km0PFkSMvK{5vHZd3P_=k4T9?BGdQd~CHvOw3vak6h6=DU8}d0FZQFHYv7JhA-?@
z0si808%+naDps=T){h4x7P2-ep{#*tOo83#LrKBthczEZ5(I<Jz@bYRxlpxgYT3^*
z(EK%EbpxaHI~1@3H**=XwMeZ$jSgD1W=?vd^%PQqsaa83U^n`;-@u73@L)!#eZd-s
z{-jltpgs^kd7Z+hnryT<-<vER?d=SLBRcxZF^a;(gaImG(jTR@|1NTH%;?bd`UG(8
zz>z2>lvb+#jjKjS!T*eQZrniNiB1m@5<@~z&W-EwLKK8e1=*;Rq_Ka%JD*_P@73WQ
zvfh1)-iB-{cd3OkNUr1w|I+0b8HK*!tahj>U>U^68&B-9meQ0S-&`1|F=-ujI+6G;
z!J~##tMK-vk;79M5ZQw^Tyi{vj#Xxt@K9I+BuP7qZuFeBm+q_Z6~c8JZ3L8))1!{*
zHvW=Jdam)?ArI&tilSrhkOQKl$@+dl7fT--g1w(zeYvFtX8BUAPW@J_hX2u3_rJ4P
zMFJrFIzIp@U~O+;`ctjS#=`RZhQN;y@E={=Uy1rTbSaLP3_{q1t?ZU#LRlulj{87P
zjyj4qAbuKFS6;_=zIT#7PalXOF=3!-<%edl1)(tE&e2x)4EKqm+dn1Z5*59Qq2A~$
zP(Kb^rL&?{wCEumP6q~R`v78bY8006)Ii95Sqjp@#96L#Qjm@dKgCq2%=F=yr=$j<
zPK@r)M5QTqK0KyHpttkf6znmplhz&9OY*c$PXCUPj@rZO37$5xY|K9*nbJb1{zlhj
z$R}Y3{Zy-gP+^CTY!UX6z4W!`EUDK9-b|@s%w`yZtV3}m=-20DQO6=nn9}R{I^ykP
z#Y+$MVtWA_dMDp1u`)eQKHbQrI_?r1{U<(5HPPQn)nA|1njX1&5%o{U1Zth?b_TRu
zFdOU2>w1nhFP<#PM0`-EYPJ~jY<lXklIP=((0O7L6m1_*a|1Qo<LN`wI+3{UUrkLd
z)f>?wphbR_2-KmRBi#wcfiN6eA|Mc0ECgdYtvcR(dnc8m8ipl-0#eX=77nq&;o>z3
zdDC+aytqKEP5tzR+N`RzgJ^`J*`+ChT<T=;=A915*CF%qY2;=k8#~Gm%l;aZ<}}K@
zBQ`My2|$GsqO2q%aP%B;iZ#*`Gmx{;gS&FQG~zKOrClgu@LPn~;v(c2wt#6f28+$n
z%#3gBU^PjZ_!@;x^A}c_Mj}Ky;sKy^+M1ZN<WBDdxL;RY3dYg#3tEa*3baX&dvQR(
zWEc@Nyy29aA?*Ehfi6*P9qPV;M$})LHzxug0B)DEi5_hWHKq`<*XN7P7Cmp|-Udzt
zIWf+y10D+}j#j<#p3g%1;q}8ZTP~v^CUT@K_8Tp%c0~f?TCIc2Vls#0#NMjSBXpB8
zz8jWZ4p8Fll8Un<<9w4?)tOgq>BNn|3S-`*@7{8~Ns1gdg@lR>SQogMA!j2HSXyWW
zg`yVgql?!|ZgFwUi?PurTbBm@Dfz@_dZU=<ByAs!tR}%R=o_|{SW7ev8~U&p(AjNP
za=9Dx7>b+X?PMA!=wjVjj9d3B293++Ku>nA3hlSm)~Mh;E-PuQu0%saaP30Da)zdi
zKjg|!bbamHYXY`w&ekx%#-uBl<S@IFgx$}YL_Hj`x?0P>%M{|34ClhfA!0oJMpGB&
z7;Fcs3F8UPl?JvqcbilDm2AW#Q)pjzmQU@rvw@*+L$q^bG4S$j;bD;=yBEKk*^B|<
zj>lmhzc@%>=<EgCFe^MEBKxeK^oWYS2DLHdn-=oio_E;si&i;vpzN|~wm*CN(ryKd
zeDU<^H%~qO=&5hm-w7%K0Pj~&F$AoQOzq69OkS#0@t5BgrbcEz_X5~{?gjh^0smEt
z{VQ+dqgmOVWshqDd<lBlp2NusofKFPH|Fd)VdR<F77D)fp~k(1`>e$wSuEgqkGCV_
ztp@JGGuF6_J1z1?*16*_)=sU?lAn0sJ(e`W>LFNioTV21U=(%A`SJ5=RA}`|l=3-3
z*eSb3+)faW9JbIB#1d&jIt{kA20U!}YN8D0pLy$z@G{1-GyqfEUx!|b<V0JkXtnT0
z(hghy3~Fg;`iq1T+<R5U5PA#Orfm8m#<XVG)=AVBIZrw|(gHkgiak&Tu0i?k!uoH|
zTIxtLU*|O5(?`pSZN%Z>=Xx~gsGAh{;P(f;M%tjz28@MsY+MY^g3BI0E|OHzd-|%i
zh&NgP=IyT!aZQDT|CP6}mi+H6kfdEYx0K+!oj%+;rQ^0)dDxiL<Bv4<AFnwsUOA4H
zTF`w3g{5YEs*pZq!K1xpg?<{eeHdxifS6ZCVuTlsV{ZSRIAy2nCF`|QIfYSex=_f2
zD0ch+K`E>>X~f7#MB_p`X?cB5_>}VGZMphjIU>@Uy@I+>PBY2&wq;Kukag1q4@LSN
zr|Vk|S9%x-#6xkrbRyMV%_&oZhqCA<>x+H?a64~qaTu6KDAexMQkN#j5ynM|5~A^7
z)D3Ln5y{x{Sn*8`8wK1mv-2InAmic|;4K_{tJ&N^$B3arZC<EkGy1pGZwwt7$sw?@
zf^HlVT_=K^EhL53;t9-qtbm(Tuhp_u;w_%d>{r``Ezzy8=LCm?lo(!fNwzRX)CcT(
zQ{2=OuR#fm`K?){_tVZq_rx5CZtwLWj+4(N3zG2eWn~30Qxf?JwZ;!35#u&@^v7>I
zp!!WpCQ~3#@{qd%l{T0vZ&ixndAZ;Ee>i#$D|nsJGS>hZ{YaUydwD{(`1mAu&NLeU
zkRa{jZRlV&#YgOg134Oy#IJmN6|i6Rl$d@=;U-$*#FABKBGY8QwsLrh`PC9l*JkA-
zG7EP_B@T+e`_!c_VJC!8*ug8_OGjR^rWv87=<ZN$FSiCO@YCjtgc#cz_VDv(!S$fh
z9-$%Uun~Q%iLG-aHiCMCgs!Czq4SHHNSeza>vs@%0^^GK>a=>}H<aN3dS;UhEnS`}
zg&bmhhL=`RG)$#aY11-GFTby5pV)NiYq$lQJ7&W*C~7v1*kRxC3`VE?#u~bf(}{L5
z+K6*Ko6C+o@9!~>B<ZBd5K`rF%^~Es!#3{r4$bn2R&`*k{A#d$43f!Dm_RP~w@?98
z<<E$a60cjIo1l_;p`3p9_T~94Fz**{cYgDh`hR%q|95(e1;F^#TSNst3pX>9m#1U@
zM|Xgg@%K+~G5-hwzW)`g{3~Ijn614wF%5m9;~$2G(uVL=Q1~e@-a{?gSm115Y<^$f
zer~u`S?SMELU~xYo8mUx;Kl^8wERpa1wEzhUc{Fsw^L8T-Wzz>BJGtjM(PM;7k(1C
z$0NYTBn(05ukW?V(vTY(Qx$<-Jv52WD7@?6i4J5hQr>f4Q!q=6(pt>?Ghsbk23KEM
z=&R9IL|dp)oim)=-dxJrb`^1+mr#PB7eFRExG{ehe0t{o4Br8oq^gvux=zr~Ee}`3
zlD{nCKYlY#V<S(IA&MgEu$YzBSMOE18Ij(Fpzy^r;IJ&%_%Q-)YFU8kJ2bhs`H0(l
slJZ(766TZmU{O%or&5us09RSd%kqX3CSVPwKnb}il!`Pfjx6i{0tT2aYybcN

diff --git a/ids-webconsole/src/test/resources/consumer-keystore.p12 b/ids-webconsole/src/test/resources/consumer-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..6607767d644aea4ea7a11e98ac540c623b80283e
GIT binary patch
literal 2693
zcmY+^c{me}9|v%oZEjNTkejgC%rV#ZtNNm(CKKhpG734SAy+F$TXQXP--^vdu`x%k
zkXx=UBv;PlOvtbA^Zb6l@9+1==lML(`~5ucKVNVH_dOth9ZujjgK(+Fo{!z-18@NH
z3EU_Ufm`c$42Kgy3;$G*d;;j*?`Q-FVEg_0{%HVkNeK797kB{>I6sK9JVi88`A7=|
z1ah)P6F~VZywpW&3z4n6S^2p{Kk$V%E=f<@tZGQd-P=J8Hk|AIlG1>yU0>xCvxy@*
z72iX0<MIOefUNp&&$JM;961h+{cg|@_u!jcYnmQriu!MBv7?C;peo0T2%TybEVl_d
zEJ=tNTPbGq=}&eh?I591@6lwCN|7l-RHEglMCu{Dw4|yoVe6osk#U1_NT5wVlp_%<
zbLUafGQ)k@tA6F|uR#xIE`b(okJy1PxZ=sU7Hxd=G|UA*!IE_wIc@PeJ%7gg0O5I`
zo)v0;OZkM1Q4-jo%*85{*-+nSn6~+T`-8H(cf;k#?*2{oeW}g~Bj=_^D?bnM%as>B
z^iNOOYZnWAA17!za&dVjSl|0p{BTpRI7}087_@ATLFmf_szlX=%EBu2{)pmvw&aJx
zG6#b{-am5m!=QAl{S4&x>Mb)z5*-oub}-w+acmngdOgJ$qpu{_qK;afIiH=4fT0dv
zNAG?Q*OEFm!#bpEeQa>jv&y9hxDw;TSjy=FZ{}(a5pzSxiIT=yj%fvu#`m%BZ09m_
zABR8-G<rK_W(&wIPgdJ&N}a}|-3x=#b7>2y_w6^$79uhophGzE4&(>1$(|D;UF)i$
z{*NqRf9&PtUYvuAHQHGCyKM@yxV~SE){sbW40>n@)%*)61=3!ny(OLjxUa>2!IoK0
znXUnu=C1Qy;hskX3utTp)SU~Hrj+#54C_ddr(fD0x3AlknVEjGmqTmVekc@oLI`68
zK1+t0bc<oZirFdCVKOe%O5a=T;g1%tC?o&O$pq9opS62x=3q?fqt!7oFP^Okrvpb6
z&|cdiDn-q|4EXAr?~cb#Cj8>N@aEZyisINyA$LE`vT(z>Z0fq3?+E`@;tcaa@5Rr3
zDaeeIVB_@uC`Nkfa0*$0Zj<D|Vl-YGlK<;7N&#m?kIU6MCsczoIC^SQM--f&blng3
zj!$beE#qIW<yewVJSL_$O8J;9HPC;+nTu0<-ahZW*On)2qM+pHLl0m(N{Si4ZG0t%
z#x9D7eF_7+$tqHlkw`)9=QsTgCC~=OOd|`Id1sw;^sT^s*Td(Uqi2q^B=1$(T&l~e
zR3J%~zIc>5upWWjWzgmqC8h@gfy&tULFrOE9jMxCrxyD07OQ(2>W^QkYMmZrbM((0
zctCIT{255Lfk%t;1j+&v>#Kt{&uPcSpZCIJIVUufon9=&wyH~_R9W&N$kGg+z@{PL
zY(*<if?&i|T$kl|<V$}3-J_PYliF&HTTm-=yvYF`pfajpa)MX%Ozm<<a1)1aqTBs}
zdc-L^|2E#8Dq8PyfY{Hewvn&&^ky2JWl|-7V#3^gF4q0bYmbMteLk0rHm5&YhrRN0
zcUdrziI;5k`^h@R(I;6&MoI<LEv!!xqM|3AZ!a0C{L^Z_olk8@#O%6tYO%kYVOhf6
zJuFq0)`K@BUmgV*L7+oon4pX)d`}1Q+{?aryRHI3-N72&u*nK3Uys8ogvu}7V=mO<
z<ynS`?P06D&||)Q{XS8P72Yf60Z$5Dau8+GdafKNHfIW({g_+6s1b=UI01a-e?ZG8
zfHgq`Fzk1%`umh1JpbX18vy+6;M#8hm;O&Z_P^CD&4=j4Jk31yw|XD~s7p^Uqvrf)
z;_>5K;}aUBm)tJPzh0H|s}Dy~vKQ_UI>E+cr0q;n63IIU+Yk#YA`&h8BlimIKJQO*
z!>${8(V*eS_X{sYHoMBdpCcd3E=#aCNmC*5fQBOZ%(*3Xfll1AzPb<Z;{bhVOb52Q
zg?IeJ!A#y33tg5|zP2dE@^N<KU6xZ@uM&raJk=&H(}HK(-Z^ofiXk=1G4V`k)b#%M
ziS=`@k2AxG8lOxUm^WrOa6hdl0Z(-Dhd5;PHGX|jx8BE92*}IW!<bJgYDMlYf*2&G
zjJ#`L8)*G$T84dQR+Q-*TDJ1cH;}hHNXr;BFFW^QX(Q`8gmL(4mKdipM+-xpv@D2w
zuG`PE!Atpq(~t3OnKrd5RiB#wG`M$4il9SjaJl`qW+@F+F1FUpMLXk>R~TGUrc)nT
zGo*-VxZR358&I5M)MfLluG;rccK;s@j#tzcy*M-`Sa%a5lIh!Fs9wlw)bo<ZqBj}o
z__1|D3OOq-e$fH;08g$?+iLzW-z1Kmfhisj{?2imWs0I!tTC1XUs1KEic{>p)-<Ec
zuM6ySLuvTFn-vcrYE50o-UQy%KIa>bx++A>y3?OEjjAaxCa)^L!NG(rEE1#5k&`I5
z6jxwSFKq4RaIU#3b1T1)r~KLj=Wg7+<(_fk?xjKb9y*tnDN$rT0-YT{d+*5Pby|}J
zrD^GNQ<VU4lmWcenN!$&YSrx8i*eenJsLgCbO^|F?<Gg#<o3XmdWLFLz3@ewUEbxn
z!bTa(m4$}*nFSf%=3waJU)K^Q(5XS&nfMZ9ElTA&gle*E&N>bwHq_T$;Beg66qdG8
zO;2vL4nn~8uo;P`G2h1$nbFagdwVHS@XIKp8kbHi?kGryS*cQ0Ng6Y>;Lri{{K%n6
z!2k3N3*RC44)xH9!K&C-ZLMJM>Arm@q*@f9*Dt7R$B1gavI(*799D7w9`PA@B8)Q?
zWfkS~_9YLpKjw{9e`Rimmr#@zNP_Y!!}`4kvuGV+-lc$c^-qN4{i)d>Fg}m+LD<97
zg$ELBiTJa(Vp*$6OEGE)e69OoBHnUlbIgoYX)7dTv-Y-h?qule3m<bEnv(70HtU`_
z$w~?89YTAGWm~?vn~0~Ibk->J(NX}H>gXT?0gKHAc5m4GP9-ld#v3ha=8)GL&M@z(
ztjZ7TM${6Iw0NtV0S=eDj|RGCg`L>dgF~<4NvDjjK}SQv$kJ2h3Dyz*i9T!<E9I-z
zPuP(M3C&52vuC&blH0+@!d3<CC^ZOCkm^J>{lb-R!&|MzClh?;^W+@-tW{05F?w<5
z(z}Ip4kPmN2kYC|Z^v}BRDL0=UhcO^dNFA^chxakzg}Gh@wjfTfWL5H_6)4MskT6|
zLM`|XL*e`eByU^Vuv%KU{vz7{J;8S<ujOZMjf>p76@$k;+mo}~m6Um+61^<X7b?`N
zC9o0jjWtlJQ{<U_Wg{?tVT4Z65a<TFrQWI-#{NhT^6?dYsZ~XXkBX->@$*YdK72rK
z<3^vjq&E$`h^9B*&bu#RLLd2}EC>g~>`X%F+s?MRGpX;DG~T^dInUj$FsV07dbPG=
zCVK7(#`e^P#jKik9~GUCP=w3>S4S>kga}CJeMEJi#7poF&yM-m$u)bS(k-btI07yU
x=YoLM_}PIHU^bADxShH5uH&M#q<dn(n2|6+$>zmn5a<0*Q!>&8%Qya3@?X+^2G#%o

literal 0
HcmV?d00001

diff --git a/ids-webconsole/src/test/resources/provider-keystore.p12 b/ids-webconsole/src/test/resources/provider-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..830797f6993b334c9886c6aae7031b06a96bcb4d
GIT binary patch
literal 2693
zcmV;03VQW0f(n5G0Ru3C3P%PBDuzgg_YDCD0ic2kI0S+UG%$h+Fff7y=LQKXhDe6@
z4FLxRpn?S0FoFcs0s#Opf&|S52`Yw2hW8Bt2LUh~1_~;MNQU<f0So~KFb)I=Vvy#5
zT{2-d0s;sCfPw^|?tC<TC?UZ;9eDHOfZFxQ3Y%}jQ2TqNDPQHSB!;RPNAlP`<aX~1
zJcw@u5zD^m_8gqGq@OI@p>C=P4`0diku|3S-viqdC5RvVs(UOdNUl56m%D<=xme)b
z(Lj`prw;QCn^QG)H!EQa>LfG5&oVGnDs>tfBcWZd-R(=P+%N^V#o#daU^6#NN1ZHO
zd6fw@D&3T~1o5)A!QA0DcoJ^mPa>I11jI9?7#8xD0u?uotnIAw0y4xS?ZQdfu0+>&
z;V5@m@Rgv4GCaPVqDD)Uz;|k@{HEdy7b-Ij6IS#c5+#+3gxAB*#T7GE87ioc>Lqt)
zJoG-$y!;$|KQ)BNKz&XsI>$0XVMe0A26znjv@ym(9nbKeTnUS=283=deM)@-h`TO>
zsc(s?w8aXfjRaoOo{aY*Q&S+ZhK_QE)I&c@uHLTwiHmB=3So(?W|8)A#`l77{~Qjg
z`_Ta_lpnr}#0)dDN%Tr*WDb@c4#w!=12LJ906C|_nFyU|C1cDscx7ZI*uy)~qTtAF
zSGSN=Jlzv~qBQd|8qJPr+V17BLKCB7-<Ly10Ov1byDB}6GL2hKOsZ^iCW0AWp~`Nr
z6~ciL!K%aZcKsIH7D33E0dB(Mv?TH-p|eHZW>)HQJpN_NOQgAz*m;d(2fs_#rOaia
zS=GZKXH$Fs5YUi1tjIhJsv((G@qQRSNImd$K%&}BbiA3mY};mB?nJL8J`N5iq%1N9
zv)QPr8@UWg?^2#DE0^lB7te=4t%`s}a}z<59{um^f$gabq&O@GC1U03qP!Q;bh|$D
zydu^7oo>sL25~rGnWl=$)L(K2o>3B$)&}Mm%0@9$YIn7iZt_?MN2IFAB<T2^Ppi^Q
z?_#ZT`DKn6{`IOD9~yk)(tIRPCh`-x9@}|Uk=F=<2m?qifHKEo2ouKtA~L;%mMkY^
z6>&66jyZna_N`}IO0|j8=uIaGn)<Ouas{2#+JwC<2z@hsR^fDHUXF+ml$)rj8UC@6
zS<dFih=&aQjgOP(Esa&+!h{*YQ2x3a;1$pP$trc_$!GRRvQDll$o<|?+rYh^iFyNN
zuQhT#V>_Cr@UTJ5Tvs|X4NfH2=B+gxn^lavqNCSqvnynm4MoJS45G&@y!~wosRZ(L
z(-okxDS-KLrMabk)klbB98!w1Hwcj+YAhOOIWd{9F3UrD7=vR))WS@Q{gNin9<6E~
zY2uq(GWfY0_Zq<RyCVq=UTGsgx>y*{2c5L8*bGfk9S?+G76kK8LXoWC_O`d|fhmm9
z-i0MoDOJShVV(KE4Mf}cPFF9f4B;PCkLOPY6CsW&LrYYU#RUMZImHx}>&N+M;#}<%
zh#=Z3AA)4xP{hcoBk3M9aDF#`Iwt#rie-1JlCB|%$f5V-lNsw%+_pZ)Rz3e5X6uR3
zYR8YJs40ylQ<$28U3TJ3_e)bvXvF}urqm-!^@L1-uO|k)7LcmyDvdq(i6OkE?(e5G
z{A+njhF>&SMnJRC01AFo29F3z^lR0`cLgtZ0#X`C-E6JP?5sRF5RkG;%4Dyy?@pQf
zFoFd^1_>&LNQU<f0S5t~f(0@Jf(0%xf(0rtf(0f93o3?4hW8Bt3<?1Ppn?SMFoFc?
zFdPO7Duzgg_YDCI0Ru1&1PDnN3itLn_?Q9$2ml0v1jualuo5@V015%iOrUAAp9#S&
zT@GJOm771f%+z#i#->p$?v0_$$Vh(@(gh%^<r1^jHP3LJ!0jo{4gYpEW=z($c4Un$
znXs&lKLCMUM8ErrT;WzPn@mpMzJ@5re4VJm5`m^hq2!(=zyhuWEYbHDCF0iRMkVZs
zBrJZSNa@~sfFeO+piruaoDH(<!O^}8JBaR*q1f<S6X2}kA)qVkip$<OuOG52qa9Mk
zAjf88pEy7YYQuO`-O2m=NNG-Bc+5w~M#x1($4|1QKLYjB7$kaoN_A;oV7T_6z}+EC
zF7-P3D?WmZfc=f`TA{I%sNNr}KijoX<da-toW(r$n0<;ia=%d>dOXv5Exv4LOzZEQ
z$6nkDS$@L&5#ga-1@-n!IEgNgXi$MCq*T1FIR>+4UrE_iQ+vBTa|i`dh*UGUf}~b)
z+S$2a%k)07^pPXPghmATr+0d=4wFZU(@NfpL(tj53Ry7*^0xk2_bMyo^TuetHP)Li
z%o$a1ch@Rsv1|@de>@ZEyH*l-CBN)|n9OUFk*<Hs^^c1k1}IKeEI_O}l!6%-#$orP
zEJ&!l#uW)m+%O|dqPk3;QzAa~0%sAckHy@(Gpq-S_M`Vm{I>Qd%MLGQh3untshR5-
zG~Hfmr5t_L_?$_M^x`H$noAaze^A-Ivmz@%(X98RR50mbYrIW_rRA)J1Ad8F?g9=v
zsf)k3#@<zecpUZGmP3k~3}W@gL4ykFO<Qm>bytCBrDkI~pd&j|X*)yrXqeQ=`Aym1
z;)=pCX2b<Rxey1D<_JL??cSUGZL5Nv<A&mMz&{#o2J}K^(@4Yjf#2YvEx&z&>+?-@
ztZy|hKFyb1vrv$%FjPNAR$>It#DUEbQz0p!v<p0))Dpz#(%;-wV(nUG-ecX}hP`xf
zVXuC!gGqXsMPrU@_z;`acf&kya+mXz0^nU}>UB`=nh1p#oJ(O6+~Dy_UDL({job8=
zYbUQS$|ZU5kpU}NoBsd9q6ajj+>(Ib<&E-Xjc+xl=7ng@x?PPJY<^|<GwH>6V_%J?
zhJoyaO9FsPkzPK^KjJ`vGg=gs1w_N%qt^si`-pX5XtyvJWsanz%TfHOH)$nW(2{4h
zj{sJOISE!j8QiDembWVq4Y{<%g+(!e!DrCIE+AdU(H2uwTgv*zQ~aP2H_;}>h&d}_
ztRYHVLo?=g(Uxh46%4h%g0Tbs#Ac`vo*5VY$B;bMXYuS&9$boLcn+EUt#Xb&K*!ur
zRs&HrtJ20j5mXCv!eD(nIyLENrD1@|XF6jV9l&eCJV-j<z0vB{dBxx0GqAxbB8=30
zk;d1C<s{RijnsSYCxrmn6FF@2zX?pU@0N@b!BDQFKR&-BXarmyX&wReL5jK6=QRtG
zz4N`=xn)B5w;H%edj){p>VJkeKD-5)V{F{D@r=T!eZ*5`;G6J19mmKanB^r;Y=cVR
zFLH3isFZcvw3VhE(y?CE9-znszOAs5iq>U&VtA#XQD!rT01QUYfySIA?jmRM=_Bv`
z3O?zFPy#mXoJ?bXeCW%!1CW)Ip9o7(u;tvB7X_W%Ct-xR7m%d0x}BT<TvIXAG{2#H
zaOYyc!6yNDOvN!JFe3&DDuzgg_YDCF6)_eB6vbXL?22j=Lp9k6J?iOsIzzkldN46C
zAutIB1uG5%0vZJX1QbU}8;WOzT&}LIy(BW#<3QlwJ;($I-FzHzECO!O0s;sCi+B4r

literal 0
HcmV?d00001

diff --git a/ids-webconsole/src/test/resources/truststore.p12 b/ids-webconsole/src/test/resources/truststore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..aa430cd6cea20b45cab4ee93b93ddb5bfa565792
GIT binary patch
literal 2266
zcmV<02qpJ0f(X_E0Ru3C2#*E{Duzgg_YDCD0ic2ifCPdFd@zCtcrbzpbOs43hDe6@
z4FLxRpn?cxFoFnS0s#Opf(Tj$2`Yw2hW8Bt2LUiC1_~;MNQU<f0So~KFdGCE_36Ya
zczgI;K&GhWQwt~?3?38Z0s{cUP=JC6Ah4OOG_z4f+DDNe9|M><HIXW^6acL}6(g0U
zPL!ra3<ycM3+|1I6+_y4yL+w>6_}Q(yvfcC^&_cW>yQk#7^I_Wt0KctQ=k1`yr(d#
zb;{`+63xwPvoOWD9ETRg$o}Djc(-5VqqNAi(~e`$Jssy-<S9k!hg{F-Mcdp*eupZ!
zg;!FoF{B>(RDqQX(jg7`kr&|?5$;7qey&L;K<Tglw64WfU4F?OaPI#$>;G+Ywjj}N
zyBSX-knuHx5!^vju>gYVJS$SiB<3PylUj5JN$Oge=LS6)uZ^fpdXX|LY=6Rt9DQ04
zV`FUftPZ7LtfP>ly7142kK=tPtclXZt`W9mw?tUxQ~&@{9*sm@c~RQ-EPtNxmc@6n
zNYN4id|h3hz66q~-rawCg6x+>bZV;ocRNT`p7V7!Qou70Y=6L0PphATL1)#C=iQz6
zOD3evIJ2?$EccK66fL11J|BHT$PEtY+(3L{RcW||w@38yKMMk}<Y1h|`!I$zjdeHG
zu+G*}M^b^c0c>O(b^P0iic6jq>M>3mG6<yPA1(_$TiDeXZCQZ}zGo)xk-WuDJF|x!
zFiRkH<le=5PfLa+?b49Eb*chVuwvKIBAed?13tjfGiZo<f(DNn)~<X!=f@V@l2cPE
zqC`Yie_M-A%<i{Io7XXSMnpB_PvOyl=x*}%CaNbC=kgiTZmylR-LVRDAujh8lktWo
zb?L;+QiMv$QP1-vg+@kNAg*4Efmn5md_KMA<@KRioQ(Wc=kfq4J&W4F6oZNc)k=<K
zWj`~_(f<5(Cu?klyEvKsrS&BJsX01EVhUpu+|`7&vV*_L&hTJhWBBU7<6h3-jYyZG
zOMg>ysV;)*j6`OQ0GsWw>aN^MJ2x=0Ki2mw5yw-34ZHFA2V8}mPov2wN;{VLJuK&;
zP1?@ngT_;Ep1~sA+dFa9u4axP`JwJV3PmfBYlvtO=}Gi%eHY#d7{d`l`=6dMcM@7v
zWu&2v*Gt+agxuPlQ9F;83GAOfPB2K_i9)v%b6Xh|oeZ|sM;Sht&S{v0L_)%A@_VmM
z-$B<S_T!r)C$x%hCMAdKVpK|K)D_;0F~maS5BqE-CRmvxZh({pf^n!F8t_bPw_kJB
z$U|BuB#B2*6U<VFkV0kCAXNzo@tUHM2=jH}5R%dZbg2bRw3J^*?_Z9e+SwWz9QB5x
zSL_;u=gB(V&R^tf*$4Lzb->-p4lb?sOC3vPa+XpxB3^8#)HMa*ay(fD2%|IiNz!<6
zmk>&2z<ZX;#q1?0G^oMjR{5>Ry9ujZK5|V-VlNy!Cn|pK$UIA1NbF1Se;XjBz=s(z
zV^V@==Qqs7q<|>BDUF1}teO2ER#Om~g;RBr;tx!6wS)G(ZZg4P#45d;`SLSaDev7c
zA;y^Yx(dfE0+>3&jJ@D|*m#+fFIQG<!!{6d)ubtFbj%4Nq)VSHa{g!oV6!lDZg(fH
zL2}Ow$Qb0zJ1rBzJJe8Y2$8`w0`m}9VbxQtG=d7G-`LQ#7@ghTIM$?hn~g*2WNes|
zyqCTQEk?2G>HmFs@B)oU9iCc>Ny3w$oKRSM`D@s#F3d?fmA*Gi6kO=F0`!4y1O<fq
zlrS^2n_v9DIm({G-!z@*T8EXn(^VO5dwU}YT=ypCzSJ0?c$*&j+rQaV04V^Je*4}V
zCgPXf28A!Kp*8Pso=49g#~QQEDXQ`!p03E;!*gPZPf^u97a!U$5jLT%;5)vxk$tG)
zffaqF_ZI#P&CCgapV~#fVJA<sQrQ1}*@<@j%1F0v{-&Z;g-hTI*Or>KyUr|(u2g+l
z771#owy3aSd-kkXZ=&`kr$gB*P@Pml5JwK$C8ghMXT+?zfjtR&dW3`?#n86oI`~#)
z*<w$g(7su80a1-8a4QF;_85vM?%4NhA|&@SdhXNu!-`1luNfW?mc1p08Q@mO5H^}(
z5vEG`ps(5@3p-yI@ulUE)ivYr^M+sKY>7!By8c#@`#xb#77z0BEbZON;L*1f)Z$VF
z|6;XpQE3sou*&^%u#v@oBtU)SASL-^RB<jukXCqR)C-$2#uKlM&5%3xJ9$0?s15pR
zeuXHSuJSvexm99m#<HC`)f7~&v}@baCne$<+c?q{GBl|2^@;eVuC_U-)k>+rd^yTi
z@q{o;j4Ka_+`if-%mT{3vy>OaSJmx?i(1=>p6qr?8xWhl=7xD7?KX6aYADM6K8_0B
zr+6l(!2Q^^5_nl!Efb`tbMl1<1z1x;-xb2ensA-Fk{P!8Ca*I8BWfkTK~bkue#Wb&
zdd38WlkgkZ!WU}-d{9c+E>}MY&ISqAY{ph!foUms&aOjgYR4%#Dh21F0c(H<)OkVI
z8?3lc+Ha#&8&2bqKo~3GH;N8ej3HD%8;!k+ZNMl1>7#^3lb!VoL?#o0VrZuT9Zdzf
zK4;)R7!CsL6bcrh^tel4il$0nPl5U1209G^rJ~sqx~kcod%Bvw17L3X@Wd^X&<i8g
zSMk{ir5EC7Iegz%(IA#fkhJ_SmX58(aa~Y_FYnEa1Do5NZ@$j0-q?})%BgG{xk5`A
zYHML!{NLY6M<opaNnhqr6WJ7<Vc5#)jQaKpi^)QHbRY+>J-F}B;tFlBx)wXUx6r`4
z)nc_2q~%*k1a4t56^Ldi01ZJ;v&NO)8(T5(2WJFuF8(18!kk)al}*tB_KY{^-qBte
z%wvOgf>hFgG4w>LJbeEp=LET#9k%K)EHFMWAutIB1uG5%0vZJX1QaB+4I|w6w3iur
oMHiK}SS7VKy59s8_s+sV^Tu!qIt)hP^g8I#Y)O}U0s{etp!Rk@DF6Tf

literal 0
HcmV?d00001


From 4bc2d8469c9007bab6fc0dea35ab97abee62cf2a Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Thu, 16 Jul 2020 17:38:34 +0200
Subject: [PATCH 109/237] updated example zip

---
 .../trusted-connector-examples_develop.zip    | Bin 34532 -> 34291 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/examples/trusted-connector-examples_develop.zip b/examples/trusted-connector-examples_develop.zip
index 2bbc2455e33664028836170830f50031007c86be..2dcc43638ad70d86bede01bdb99748bda12508f6 100644
GIT binary patch
delta 6063
zcmeI0c{EgiAIGn)8I&y98YLRr*t3>(LJcE(BuhN#v9Cj-T-%7o#Lp#d_Fa}Vv<Pj}
z&yp=<DPa(4p^)r7SI;?5^n3FB{(Am$o$oo<z3=z?^PcaSIp=l0qh$IS5<SWU&%n3~
zKq8R<0AS(u^AduVKr|%9%3MJRWx*hj#A|amBUu1|2(L|C0E7?UPmy9JvWOy(E4Q)c
zQUAk3spqC+7C|6!sp207;To^t^_%=8X*A@CbAyA6ZRKTL;jZ5B`i&T%42d10hqV@|
zUDpxx0N}&4iB=BtfL;QDtQ2o1g~M8}-<N<VN<g%|C`eI|8$_va){a|cek>)A=4p#u
zuMH+4PG0UV7B@3U?)hNw7GRS{=khzyJE%IFEle#{NAR;rhpJq_A^w<u*Va>x3R#$L
zTUlUvNUx=m->&>FCDw>a=9xLdJx}p<`Iy`@+*B2mm+fbHqnX#Lfc{h!Z>u}4rZBBX
z--zZpd%EvP323RGZ{krNSn9RiESA_^GBh_yTO2k^&hPk#%i(Iqm9)6)XpFZZd)ka~
zcC=j8Nq)0(jH49Kd*}EbkGEETmSx@V3#AO`(hl7`-+SeVD0b&)+i>w+F?3@I|3DbQ
zE9ms-8Mb=eWmFQb?e4TXvs#w9?DQ(B6TGM~+2bx-LISgQgrIGwSl;MfVSW8R|3DMZ
zV#7o1&f#f!lHc<}U!4lACn+ONho5Pln(w3b)}$LfD1$DRUT!TfsD(OF(cgmn&i;A1
z06*oGr=#5*=0-kRk{X(|o6oXPq`B1M=>1Voc{Yb5;~azs>9L6siHu~fpjbN}k!3+a
z?b&2**)dkouQpg{pqaOaq|Z4+Tco{tvxNBK7zS!RJb$mwHugcNpWm6KxkcLIB+p<O
zb$Kplesyu~ldh{S+qK!UFQZI`O1qBNHn~my@$x#hFl#F71ySM{9pY2<aS!Qk@0+zE
z?TW8@L``BC;%!B+DMiPegNfq<`YdA^cF{NXMY@gb0Szy1+h;e?aUy!BwW@Zp!f}zy
zyK&ZZJ8WDqMt1$dJ!LAwA9cEvoXMkw4P#G7G`!2mF7*nx>a6TjP9Z7?+Ojg-u~KJ|
zBr4g4WZ)AhQcb>duEz8MrKz+BE#&%84=4Vbapf`J93yD~!~fA!uewOxWC$fwBa5>U
z9+KKm0;ONGoI%i%-y_5>?l5Df&hf;=xnfEa3FY`ED`EMrD8jM%Nz=nA&Be~9We2b1
zQibhVfW_s;yVVw6+`Ns-R2|WR)5FuNtCN~}pDbS<B65ias9Q^MtLaV0S?1>HD9|{@
z2$H0jS~BZ4&-(@9OPYXV1L1Ar`xNoon_sxEfcbJyR2zJ4cWM=u-a#D19qb*&IAuIZ
zH4eXur+8~HpqNS}fVP~jMT2e|HQkA!r<ki!M@8F0s1?R4Ww_jUS8)#I-PJm@V>(F2
z?V+jXJh*b%MT}=VGGeyN@gC3F#jLv!LPtOGC90pt{w8uc$}Fzc^xplG`y9H&9#t#N
zJpmsxbqkY~Oiwo|eDRb%NNJb%4R)_m2(%$NguOi9haS9rj!s8nx0!8fd|&2%4%<ss
z`$*sY!ekT!k2JCAQhH8k8Dr_}{P%oI>W!>uT-g?How!HAZ(yXb!&D5P1yrU_Wm!u$
ze61cb6k5I}5$>ePn5+HrL=ol*p{O`B1Fr$bUgzmYea~zs1dC?-P`bW}`#(-;HxIz1
zvfRsZeKk~wq3p6xk$!VkWPeg}=+U<ky`~fwzONnrkC+DK<0_Iq=8AbFGQ5WO*Zru)
z)2iX(ra)Y?hc|;3cM3~H^ZAv45wf&l4l=9A@IuR~vMhS)04@gqZXzL;Z!$ez9vcXz
zqRvdun-=Z!xa&^KM5}-wMQ(83il~fgDEZ2|*ks}B*;(Ko>VGIDBl=Z<!#@i%U-dF4
zk}W61Y;x3=^#juz-3k+RL#n-p>wFG|c4XaYEs35RSV;7*)T`)NM)pp*0|VS%*N{Ri
ztlD^sOgsH#hW)o=?&#O1_uH5?zAYI84Mks|peDDXiv{7q9TwvzcX;xzoHPfJLLmim
zGVFDGB~6HxmqaenU5i^qP)4%o6plPK2b7OCHkB4Dt2GvA$3G9!*wz01kpA2~<-JWR
z=2$+tb9d)cIR+aal6Ic-;%a%=_pKp4Rwe<^RoG(`&PWp-zk21Z@K?Q71JzsGeL>SI
z$u}8J0|<3j|CSlS&O6Wg>)HDfhuCzIQtHbjMdh4B?xxxuFmcCsRYe+i%QKupOMC8*
z7Ex%U_Kz3Ec+C0?YrW#_8duKmWxtUjH8zJ;i@D8HyqYm>cq2FMH6QQEf>bl&$+~Op
zCkqWK@5~;=)3*mta0EP?4ECtEY_tL;G)CHI*rC|b*wq){BLtRL`pA3c#WMomGPg%0
z+VGuG)zp8ga>N=rgnr8`>khhFPGkz`Hd7l<8QY#fT|J)Tm^F5~+$h27c{fk)UQ|Kb
zid-{~J$Q_tbB2U^p{nhWVQ-zSy`z(1RKi@8bOX(>6mucr;=KcbPRHB3aLutGU0VAw
z)jCk&VIm;EWEbynzpJ4<0y8~0HW8>>$B<xnK+#>1E6LlnQ1vzo&QXwM{4pmPpM_2k
z{&M&>{)+f}Wh$d&So!6gx^Be%ggv!guP`R%E}FTYS1KTdv6i|Lzit8C3p7@-`gF$q
zRvk^{#|lx@NOlEiXQ!HKQy>JY7n@~_Ih<|Rtc`CAVa}%NGS1w?@8j!AxZlP>bpZ|X
z4ck_yZT$7?hrdZgk9{q-_us*hyluzRH~gjG9OJw~eE#7R=S#xB@%Cafo|lfiId{?V
z%S5o~+cXOY>4d<pnv6s+GJ#pik&MeOi0`jov^*h65SKL?XfX~59sh6^BoK=Hd_!rL
z%8Jj-L-adP$J^s677KCpZH>!Rqt^JneSr4OVmG3MB2}UVMe}@fEhYVOaAErgGjHKn
z0x4YvIqAiT(e@qa))}>ynt2BC*-M6t^2CDI?Fq8RD^A2!9qobKZy&?>d=~#$dUwt;
zvdS?jSA#u2;~0utrSo0BQg0etXMgf)U{q7R(m>`&TSL@^!Hdj?Z1!|~P7QAB%wc0#
zzAWg@ccJJRp~-*0w&dU(@_Py7EhYedt$3beL+Sd!HDyDN)3TV>pW;ueFC;EYbG~o8
zwTG{!MP)FIHkR<2KkwExrG=+r<80iYuQtsmeSVtv&*AT^CU}^b0%sMYVNhY(^?R@Z
z08SWKT!J0Fd_7&H-JAoQd}U=^yn`SQocrJ8C`kLz2bli`WFzC6;Vgc-&8A@h$TV7z
z5~o*54|}WyW~q5FPC0G+8=f?E;u@~i;aook!5;QaJQS?jemYot8lRdw2X~6vq!Xm7
zB>;I4xhTnpYu56=3aju`!}-gb<*RD(GQe6y-k#PmSWDeR3x&%|Y;oWg2X1lT76)!|
z;1&mNao`pQ{(TN~|G#md5R@g2qRdLK(81?i#@So~(=arZGi(NC8b2%|a=dG-b$d59
z@-xg@ahtFfMd7T=Hdwni<&mu+%uL`W$7mEzeO9@>2qY*GQ29v~4h~+cLPx&~_<0@)
z4S{@cLjXRClwe)|TsC~|`3uM(eB<-5a6U!=$l->ba|=lRnzsJXPykN-c{M?_aFpB{
z7ys&6e|RYQ(*WO{6NJEs0~=b^M66Bk7lL2xhKw*MsbAC96T8HQv|98JlcFF8G!(^z
zU-wzpw_aoUpVt-X|3>z|&V)Wkt+mpYfwo8Q-B9-uaqWev>>9B{jYLkdbyL?<IOgX_
z_|E9S4}F^Y4yZkvX}xDXjf-sX2q?iGsrB0R6uxmMT$CYoEk2mo`8Jdtie4)lbP!sO
zmRldReoF;645g?;52Hjkgp@|Eg+%K?ta7{g&GfLk$Mj^pod2?8%Rgk#j>0l6_P@N%
zh~e`CfPMM^K=AbnaPyM&_wga<U}c>A3BPLBf46xyl)GvCAN#*kPB}Xg9AyZO{w8=P
S_?H6!T<{+qeAf@I{r4{uC#c&1

delta 6333
zcmeI0c{o&U8^F)l$u7(YV@nJ(ma>;E#bjTTijXDQViLlbL8u7lwIyqoY>}CYtO;dn
z5h>CeMZETk%98Jlw_ZlydtKij-=E!c%{<q+?)ACP+~@k8=hG#c_i;3OW`?wMEC9g7
z1Vn^bm;sQ`P<|j`g}%-%emJy0&d1NiUyc@_wvD>FSW1LkqgZaiOIi3fhgq%Cv5Z((
zktSHmsC5RZQj>o&0l)wgsg@VUEU?*+lJ;kMH~=OR1cbL{J>|K!909qrYzF}8brX=4
z$OX>rrNfKg<*HvkoD*>T7P(N{dgPdLEA3$!7weRrsW-Y^J4b0%TM`mn!xh4Z6R@L=
zAI{S57Q9K0<w#){n}3#F;h^$)X#u(Xi7kvi%-bl}>!}P^X3P%sSR883ZMfs5bVY0O
z>FGlU-j%7Q%iT1gZ}5=2*4G?lu2BJAYkoD}T@`1GFHbVcePKUoHwe$?+*W?%{`Am;
zh1LQo<AT<XNF4K$29FBX>UElk`iE>iW=D_Piuv}|&9<_=?eL2Jj*832_xqE+xYoxu
zpS4-8RERSo3O~wjwe~SJNIJ5+Zgpy4s_W6LV0`RXMv25Mt<FypQ;{b19m^FaYm$rA
z4yE;#82m-$@kHNx861xz#<Mh|L+a?b_!`5$n9dKfZRqRGY^~p!4#!_%=3NdMcH?pW
z6retR&jfYHPQ5W}(Zs}u^UYxEDB@@qCX}4a4pUezR}#KuKNIC~!ZtTW{;q}4XcDPa
zH5`$t|8zQ7OqW5IdymOW(SZ8oIeZB4%+jXrsvN#$VI(<F#o?HoB(|$)GMeKY64_Gp
zZFO~Jad^p3bY`Ztb!d8dGJ3N1Xh<#hr@<#94<`q|@Z@r-x%bqzf&B7)W>yQRq8fc0
zABNlu4bcbr3-{0qk|%A-Z`;<EFQ#ZecX!CpMzG8KCDU0KDkl!}W}V+9orcG8`4O24
z<Idsbr3J!q1%}RCnkR>W;>T9WwjLrb^m{y$i&f8_d3U__O-v<+d4GaZ(si*6jw@fP
zYm`%jo-{3)2U&;lxAeg3tF1(;-iyj|t9YYP^?k|X$^#$g4^BTu-L(fJb5{98b3J)J
zGdjQIksT{NSxMrZDEz2R@Ts0_5c7%+Cta4s-|>`rEfi^4g1jcBY_OAa@F-j|ub8ac
zQ;(5$h;1?B=usMu)@Qa>EKNF4Gj<}0`%<7ZFg^;-o-H0gVUoOJqK!<tTSiw`he8hx
zmY1Am*<~~qSY?X}xcHu@+`ur}wOPDt!iJCS{0@HBmwu+^i=jYs!bFE?pNx6%;de6f
zcw@)NGYP}h!eJIiy*T_5{3_e6+ccx(vVq;Hu0z2L$}D!4K$d>-LUP&NfS8{9(bkGb
z;*GKvVw|(Rk0lx)o|%bx?!iSjXI$W9f-hpey^u5zJ(M+Gpv8tbfhjpC%^mY`frhT<
z9b*l;&W7tNV*z*ObzlG6+D$i1!_S_cio!>1D?1=?I<G6qZRC}mpKGr3+qqs3x4-W2
z-Cr^M;sS<rexzqDa5p$}T+uZmUe8y}o*?^u@>|W*UWBv;XScoc>Rx(!T>IJAhEChs
zB){yCchw2#Y6-e>{g8g9Y!uDY;D%_|a*_T?;_j%q(}h6%H_ikaYv+OzrsoAE#4yYP
zUc}qZ*JmYD_xW&oOhdPYR^B7}!@8#3#m7)@FXWwyxL(p_5omn}=azEWz+y%ynbAqV
zJH@fruoK1~@=&7fP!*U}ro-;JV^O(8$egYJVkxR$RKcf)ZN<V0MW^^>x*|^Hj(nV0
zWTB#v^73F^LS3f_0+U;$CFWFpUa^g?4}aYIb^AO00%F-vNmNAA>y?^R-$P9dJ?vtn
z7Zu|&miKQNJCsbfPgsR<c|0Lx<`O-ecWEoz6=ZwH&CKoU3z96#)#aX;xEH(JFgk^e
z9#AK751jw7zvCHS>!DBLCmKs(frrVb#3H3+0kk<GV5d3z<wpVok_*9pKG>b9q^tPd
z>3Tj!sG<T?7R?COGIRecyEG>cW0*+fcxH38_SfJtZQdUB6jcUy$))VB_-KYMIGZW#
zrQlAPyCnlt64^8gn85`z?X^jXSMLS_rT#RccWjy)8ks$~BC;l?dFr<Do;B}3#m|e~
z+e^dQjZ=kjM`m1eb4t0?%daLg+@#oqKhSp*hmQ|J&gHZ#J;56d^7$k8pWIK>V8z-9
z*WOHPN|+e34`|meMw|DuXdZdU8j?t^jN?q{+RNjgT_kYx*=(!UZMhpyyo_#%s%jnS
znvMuybwOLLYK^9=Vm0n6V8|wN1uVBicIVzUOLq5~@K2%3neP!FyErueBECGy2X7JF
zmis|elB=C-_4-;k2N7d;xtHhjtm=#of=2YN{ETl%(gmN(Rh&)O4j%j7?@!Bmbkt(f
zVnMCU>PltB(t{6lySv|96Rt=pM;q)@HpyOgOheawk5`l!<5$T$6W*j*U!_M7C}ezO
zS!l$khGke}<3RGBarvvQB&RqrjSEk!o}1wtvgREo3UgYlh2QrpPIREPe&5*rd@?44
zQ8@jid#}5s#L!c-Gbecynl-mSj@T)Xs*4pqFcNh#Ro=YUD~8!-#U8C6TF&8z)CexV
zZJlG^8DcQJ9J<S`D<kyCyE3(eJS@>2*RAQF86DzDbYqC67j>0H7M}C{V^R_yWL2Qq
zeg9)lXfPssfm<&&mTBxvs<!+Mq<^+}Oy~DMjMB40muKH6#kb-MIj{CN26ZdxnF;J+
zJ?BRLKEgcb1~-nXT(X7D%2h^arXGD5{cZb$k>~S99U8?=cEXc4g0w`}=#V@f%>s#f
zrihv=3+0tI<7W2PLejFw79aP2!jF$zynDOYT<+<9vFLMBzDh|B!maot&y{TOTWsbv
z#J(z6xQ+F57EAXS%d0BQukI<y>_g9+<@Oi6)+4K-ijxoSvleBp&&OW-aPDf*JfqpT
zQ2J+Q7Sp@ANQbPYhb*hn;dR*ASF7@GK8t^O_N|QW^aBa(c@ZP63}uve;WJ~UTN*-z
zHPWk-49Qnc*XcaWPGsb0<mJKLQO_Tio6joJ7h?E|*6NjKx4bm*$LPUun}%tw?|C2^
zEoe7=tMmF%Qtu?s?9sSbEvt{%Sw!Z;8)y`*^OH&h{N9zOna(d^7amGQ_La3G8&uCV
ztz8lbTt2PNelGjeH#ur7vP$jEV1yvXhaLcA)&Yf7g%qTr;vBM6*QIdC#tQ<O-4q)o
z5?YK%!@HS<?0EquXNZSf!C_$ue1`%%QJa(g=^M+HmaF2no;sc)w{pTSre!uNa-DlL
z<uo#_P`7kkLDo*h=;{$O{ya^Gm)q#u1)b)Neeyz;Wm>i`v19x3eIYZ|wYv|;s5>jI
z9UoBmeC1|lv~MGG<1sIdEpSIoVgNXzj}Y35Vy1aKf*)Z3P(cd-qTpNo9i)2)R$){i
zSS6rCoP%P;!bn5<N-(|68{C|N9lCG{boBD|bU~jw>F@0O3vF(2AK1B9`Zw$SX1(96
z_nY;8v)*sk`^|d4S?_;mJ)8e0>%Ea9#&$vIf`Eaxm`N(cb2UuOUxZW<5FqUYz_5s2
zpo7v^Dw75S_o)Dg0y!A~00n@LiAYkcViXM(Krt2wJsyK>S{O+2YW%cRx&<*6zI%{v
zg#nCL6C|Z8KcS|~BZ8k>3Lw4n&-k*Wbh#pG$}BmifN_V)^ad-?5&QlP&ln*KoUfPv
zDX(9+3@`0Zo|c33fuskf+vKSV6i#kBW&|b2Gm%uWE(``Rn(egze%1)ZfP@p6)}gGM
zPae$-sXf6dJe)S4Ae*>Df_JNK{pb;#$MewT6Q)_fX%=zWttJ~MkN_Y+$@N3>2^G9x
zBd_2u4ir7q$8~}KSSgjR>a+<{4k>?e*nm~aA?1dU3E$Tppd(AZZJSyF3KHN@y^nTL
zqJb6!_^wS#>X(Jh!Qd#!UVXFeKQ9fCnc#*gkWZM9rNmA`(*05_#q7WD?gAPd))(O1
z+CQ)|5>7`ZG^}gEu}F5Rt*ospXXPMQE%&Xin{!c^|8JpmQe9!|8^BiI%}quAbcI$j
z!Ce8wM@mvv;YFmBD5VY_!ytayG4*V2gd!89HK0kA-P}>?A>FXeCphh;j4T+d$o6Z8
zSfM856GXH?f-)S`j-<Mu8)HlT=g21*>w?cB<Tq!h9^uW|O%6cW6{z-%Cc^Rg1Pz0&
zjl{Tk2W)L7CDhNGPMPk%g>oaFL;gQzeXG;PtOEewPakL{6PA8Bxj|2eznvXUI^rBL
wI7h#&K{g%=0Ki2RWJl0Hnf-ixaQk&I&VD#ELwe{50swI6qY71;f~Q>l2ll8eS^xk5


From 5d0be9a927ef46552f4d0ba33c608528630ae153 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 16 Jul 2020 19:12:22 +0000
Subject: [PATCH 110/237] Bump lodash in /ids-webconsole/src/main/resources/www

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19)

Signed-off-by: dependabot[bot] <support@github.com>
---
 ids-webconsole/src/main/resources/www/yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index a2e3ebddf..bac884af6 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -4681,9 +4681,9 @@ lodash.uniq@^4.5.0:
   integrity sha1-0CJTc662Uq3BvILklFM5qEJ1R3M=
 
 lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.15:
-  version "4.17.15"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.15.tgz#b447f6670a0455bbfeedd11392eff330ea097548"
-  integrity sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A==
+  version "4.17.19"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.19.tgz#e48ddedbe30b3321783c5b4301fbd353bc1e4a4b"
+  integrity sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==
 
 log-symbols@^3.0.0:
   version "3.0.0"

From 893bf0a13124733a5d5d31eced5532f9116ec71f Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 1 Jul 2020 15:41:48 +0200
Subject: [PATCH 111/237] Updated InfoModel to version 3.1.0

---
 ids-infomodel-manager/bnd.bnd | 3 +++
 libraryVersions.yaml          | 4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/ids-infomodel-manager/bnd.bnd b/ids-infomodel-manager/bnd.bnd
index eb5e35ef0..88631cd51 100644
--- a/ids-infomodel-manager/bnd.bnd
+++ b/ids-infomodel-manager/bnd.bnd
@@ -7,6 +7,8 @@ Export-Package: \
   !org.apache.logging*,\
   org.apache*
 Import-Package: \
+  com.github.jsonldjava.shaded.com.google.common.util.concurrent.internal;resolution:=optional,\
+  com.google.*;resolution:=optional,\
   com.sun.jdmk.comm;resolution:=optional,\
   com.sun.org.apache.xerces*;resolution:=optional,\
   edu.sussex.nlp.jws;resolution:=optional,\
@@ -15,6 +17,7 @@ Import-Package: \
   net.spy.memcached;resolution:=optional,\
   org.apache.commons*;resolution:=optional,\
   org.apache.log;resolution:=optional,\
+  !org.checkerframework.checker*,\
   org.eclipse*;resolution:=optional,\
   org.slf4j.ext;resolution:=optional,\
   org.zeromq;resolution:=optional,\
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index b3887ada6..945a27941 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -9,8 +9,8 @@ karaf: "4.2.8"
 jetty: "9.4.22.v20191022"
 
 # The used version of the infomodel from IESE
-infomodel: "3.0.0"
-infomodelSerializer: "3.0.0"
+infomodel: "3.1.0"
+infomodelSerializer: "3.1.0"
 
 # For javax.xml.bind support in newer java versions
 jaxb: "2.2.11"

From cb3ed93ff86d2df55660aad843b077690a6def85 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 21 Jul 2020 18:09:43 +0200
Subject: [PATCH 112/237] camel-idscp bug fixes

---
 .../ids/camel/ids/client/WsProducer.java      | 27 ++++++++++---------
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
index 6843941ce..51ff8b576 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
@@ -27,9 +27,9 @@
 import java.io.IOException;
 import java.io.InputStream;
 
-/** */
+
 public class WsProducer extends DefaultProducer {
-  private static final int DEFAULT_STREAM_BUFFER_SIZE = 127;
+  private static final int DEFAULT_STREAM_BUFFER_SIZE = 8192;
 
   private final int streamBufferSize = DEFAULT_STREAM_BUFFER_SIZE;
 
@@ -64,14 +64,17 @@ public void process(Exchange exchange) throws Exception {
   }
 
   private void sendMessage(WebSocket webSocket, String msg, boolean streaming) {
-    if (streaming) {
+    if (streaming && msg.length() > streamBufferSize) {
       int p = 0;
       while (p < msg.length()) {
         if (msg.length() - p < streamBufferSize) {
           webSocket.sendContinuationFrame(msg.substring(p), true, 0);
           p = msg.length();
+        } else if (p == 0) {
+          webSocket.sendTextFrame(msg.substring(0, streamBufferSize), false, 0);
+          p = streamBufferSize;
         } else {
-          webSocket.sendContinuationFrame(msg.substring(p, streamBufferSize), false, 0);
+          webSocket.sendContinuationFrame(msg.substring(p, p + streamBufferSize), false, 0);
           p += streamBufferSize;
         }
       }
@@ -81,26 +84,24 @@ private void sendMessage(WebSocket webSocket, String msg, boolean streaming) {
   }
 
   private void sendMessage(WebSocket webSocket, byte[] msg, boolean streaming) {
-    if (streaming) {
+    if (streaming && msg.length > streamBufferSize) {
       int p = 0;
       byte[] writebuf = new byte[streamBufferSize];
       while (p < msg.length) {
         if (msg.length - p < streamBufferSize) {
           int rest = msg.length - p;
           // bug in grizzly? we need to create a byte array with the exact length
-          // webSocket.stream(msg, p, rest, true);
-          System.arraycopy(msg, p, writebuf, 0, rest);
           byte[] tmpbuf = new byte[rest];
-          System.arraycopy(writebuf, 0, tmpbuf, 0, rest);
-          webSocket.sendContinuationFrame(tmpbuf, false, 0);
-          // ends
+          System.arraycopy(msg, p, tmpbuf, 0, rest);
+          webSocket.sendContinuationFrame(tmpbuf, true, 0);
           p = msg.length;
+        } else if (p == 0) {
+          System.arraycopy(msg, p, writebuf, 0, streamBufferSize);
+          webSocket.sendBinaryFrame(writebuf, false, 0);
+          p = streamBufferSize;
         } else {
-          // bug in grizzly? we need to create a byte array with the exact length
-          // webSocket.stream(msg, p, streamBufferSize, false);
           System.arraycopy(msg, p, writebuf, 0, streamBufferSize);
           webSocket.sendContinuationFrame(writebuf, false, 0);
-          // ends
           p += streamBufferSize;
         }
       }

From 242aa68345296b306117e7d7377fa162fc96862f Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 23 Jul 2020 20:41:09 +0200
Subject: [PATCH 113/237] Fixed IDSCP message handling, added UnitTests

---
 .../ids/camel/ids/client/WsProducer.java      | 86 +++++++++--------
 .../ids/server/WebSocketComponentServlet.java |  4 +
 .../camel/ids/client/WebSocketMockHelper.java | 68 +++++++++++++
 .../ids/camel/ids/client/WsProducerTest.java  | 95 +++++++++++++++++++
 .../ids/comm/server/ServerSocketServlet.java  |  6 +-
 5 files changed, 221 insertions(+), 38 deletions(-)
 create mode 100644 camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WebSocketMockHelper.java
 create mode 100644 camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WsProducerTest.java

diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
index 51ff8b576..cf6638804 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
@@ -29,9 +29,7 @@
 
 
 public class WsProducer extends DefaultProducer {
-  private static final int DEFAULT_STREAM_BUFFER_SIZE = 8192;
-
-  private final int streamBufferSize = DEFAULT_STREAM_BUFFER_SIZE;
+  public static final int STREAM_BUFFER_SIZE = 8192;
 
   public WsProducer(WsEndpoint endpoint) {
     super(endpoint);
@@ -63,19 +61,20 @@ public void process(Exchange exchange) throws Exception {
     }
   }
 
-  private void sendMessage(WebSocket webSocket, String msg, boolean streaming) {
-    if (streaming && msg.length() > streamBufferSize) {
+  public static void sendMessage(WebSocket webSocket, String msg, boolean streaming) {
+    if (streaming && msg.length() > STREAM_BUFFER_SIZE) {
       int p = 0;
       while (p < msg.length()) {
-        if (msg.length() - p < streamBufferSize) {
+        if (msg.length() - p < STREAM_BUFFER_SIZE) {
           webSocket.sendContinuationFrame(msg.substring(p), true, 0);
           p = msg.length();
         } else if (p == 0) {
-          webSocket.sendTextFrame(msg.substring(0, streamBufferSize), false, 0);
-          p = streamBufferSize;
+          p = STREAM_BUFFER_SIZE;
+          webSocket.sendTextFrame(msg.substring(0, STREAM_BUFFER_SIZE), false, 0);
         } else {
-          webSocket.sendContinuationFrame(msg.substring(p, p + streamBufferSize), false, 0);
-          p += streamBufferSize;
+          var substring = msg.substring(p, p + STREAM_BUFFER_SIZE);
+          p += STREAM_BUFFER_SIZE;
+          webSocket.sendContinuationFrame(substring, msg.length() == p, 0);
         }
       }
     } else {
@@ -83,26 +82,26 @@ private void sendMessage(WebSocket webSocket, String msg, boolean streaming) {
     }
   }
 
-  private void sendMessage(WebSocket webSocket, byte[] msg, boolean streaming) {
-    if (streaming && msg.length > streamBufferSize) {
+  public static void sendMessage(WebSocket webSocket, byte[] msg, boolean streaming) {
+    if (streaming && msg.length > STREAM_BUFFER_SIZE) {
       int p = 0;
-      byte[] writebuf = new byte[streamBufferSize];
+      byte[] writebuf = new byte[STREAM_BUFFER_SIZE];
       while (p < msg.length) {
-        if (msg.length - p < streamBufferSize) {
+        if (msg.length - p < STREAM_BUFFER_SIZE) {
           int rest = msg.length - p;
           // bug in grizzly? we need to create a byte array with the exact length
           byte[] tmpbuf = new byte[rest];
           System.arraycopy(msg, p, tmpbuf, 0, rest);
-          webSocket.sendContinuationFrame(tmpbuf, true, 0);
           p = msg.length;
+          webSocket.sendContinuationFrame(tmpbuf, true, 0);
         } else if (p == 0) {
-          System.arraycopy(msg, p, writebuf, 0, streamBufferSize);
+          System.arraycopy(msg, p, writebuf, 0, STREAM_BUFFER_SIZE);
+          p = STREAM_BUFFER_SIZE;
           webSocket.sendBinaryFrame(writebuf, false, 0);
-          p = streamBufferSize;
         } else {
-          System.arraycopy(msg, p, writebuf, 0, streamBufferSize);
-          webSocket.sendContinuationFrame(writebuf, false, 0);
-          p += streamBufferSize;
+          System.arraycopy(msg, p, writebuf, 0, STREAM_BUFFER_SIZE);
+          p += STREAM_BUFFER_SIZE;
+          webSocket.sendContinuationFrame(writebuf, msg.length == p, 0);
         }
       }
     } else {
@@ -110,26 +109,39 @@ private void sendMessage(WebSocket webSocket, byte[] msg, boolean streaming) {
     }
   }
 
-  private void sendStreamMessage(WebSocket webSocket, InputStream in) throws IOException {
-    byte[] readbuf = new byte[streamBufferSize];
-    byte[] writebuf = new byte[streamBufferSize];
-    int rn;
-    int wn = 0;
+  public static void sendStreamMessage(WebSocket webSocket, InputStream in) throws IOException {
     try (in) {
-      while ((rn = in.read(readbuf, 0, readbuf.length)) != -1) {
-        if (wn > 0) {
-          webSocket.sendContinuationFrame(writebuf, false, 0);
+      byte[] buffer = new byte[STREAM_BUFFER_SIZE];
+      int rn;
+      if ((rn = in.read(buffer, 0, STREAM_BUFFER_SIZE)) < STREAM_BUFFER_SIZE) {
+        if (rn >= 0) {
+          byte[] smallBuffer = new byte[rn];
+          if (rn > 0) {
+            System.arraycopy(buffer, 0, smallBuffer, 0, rn);
+          }
+          webSocket.sendBinaryFrame(smallBuffer, true, 0);
+        }
+      } else {
+        byte[] nextBuffer = new byte[STREAM_BUFFER_SIZE];
+        int rnNext = in.read(nextBuffer, 0, STREAM_BUFFER_SIZE);
+        // Send first (maybe last) frame
+        webSocket.sendBinaryFrame(buffer, rnNext <= 0, 0);
+        while (rnNext == STREAM_BUFFER_SIZE) {
+          // swap buffer and nextBuffer
+          byte[] swap = buffer;
+          buffer = nextBuffer;
+          nextBuffer = swap;
+          rnNext = in.read(nextBuffer, 0, STREAM_BUFFER_SIZE);
+          // Send chunk read in previous round
+          webSocket.sendContinuationFrame(buffer, rnNext <= 0, 0);
+        }
+        // Send final chunk with length-adjusted byte array
+        if (rnNext > 0) {
+          byte[] finalBuffer = new byte[rnNext];
+          System.arraycopy(nextBuffer, 0, finalBuffer, 0, rnNext);
+          webSocket.sendContinuationFrame(finalBuffer, true, 0);
         }
-        System.arraycopy(readbuf, 0, writebuf, 0, rn);
-        wn = rn;
       }
-      // a bug in grizzly? we need to create a byte array with the exact length
-      if (wn < writebuf.length) {
-        byte[] tmpbuf = writebuf;
-        writebuf = new byte[wn];
-        System.arraycopy(tmpbuf, 0, writebuf, 0, wn);
-      } // ends
-      webSocket.sendContinuationFrame(writebuf, true, 0);
     }
   }
 
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java
index 35e4fe787..d36179308 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java
@@ -27,6 +27,8 @@
 import java.util.Map;
 
 public class WebSocketComponentServlet extends WebSocketServlet {
+  public static final int MAX_MESSAGE_SIZE = 100 * 1024 * 1024;
+
   private static final long serialVersionUID = 1L;
   private static final Logger LOG = LoggerFactory.getLogger(WebSocketComponentServlet.class);
 
@@ -53,6 +55,8 @@ public void setConsumer(WebSocketConsumer consumer) {
 
   @Override
   public void configure(WebSocketServletFactory factory) {
+    factory.getPolicy().setMaxBinaryMessageSize(MAX_MESSAGE_SIZE);
+    factory.getPolicy().setMaxTextMessageSize(MAX_MESSAGE_SIZE);
     factory.setCreator(
         (req, resp) -> {
           String protocolKey = "ids";
diff --git a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WebSocketMockHelper.java b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WebSocketMockHelper.java
new file mode 100644
index 000000000..e55623f3a
--- /dev/null
+++ b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WebSocketMockHelper.java
@@ -0,0 +1,68 @@
+package de.fhg.aisec.ids.camel.ids.client;
+
+import org.asynchttpclient.ws.WebSocket;
+import org.mockito.stubbing.Answer;
+
+import java.nio.charset.StandardCharsets;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+public class WebSocketMockHelper {
+    private final WebSocket mock;
+    private final byte[] buffer = new byte[3 * WsProducer.STREAM_BUFFER_SIZE];
+    private int bufferOffset = 0;
+    private byte[] resultBytes = null;
+
+    public WebSocketMockHelper() {
+        mock = mock(WebSocket.class);
+        var bytesAnswer = (Answer<?>) invocation -> {
+            var nArgs = invocation.getArguments().length;
+            handleFrame(
+                    invocation.getArgument(0, byte[].class),
+                    nArgs > 1 ? invocation.getArgument(1, Boolean.class) : true);
+            return null;
+        };
+        var stringAnswer = (Answer<?>) invocation -> {
+            var nArgs = invocation.getArguments().length;
+            handleFrame(
+                    invocation.getArgument(0, String.class).getBytes(StandardCharsets.US_ASCII),
+                    nArgs > 1 ? invocation.getArgument(1, Boolean.class) : true);
+            return null;
+        };
+        when(mock.sendBinaryFrame(any(byte[].class), any(Boolean.class), any(Integer.class))).thenAnswer(bytesAnswer);
+        when(mock.sendBinaryFrame(any(byte[].class))).thenAnswer(bytesAnswer);
+        when(mock.sendTextFrame(any(String.class), any(Boolean.class), any(Integer.class))).thenAnswer(stringAnswer);
+        when(mock.sendTextFrame(any(String.class))).thenAnswer(stringAnswer);
+        when(mock.sendContinuationFrame(any(byte[].class), any(Boolean.class), any(Integer.class))).thenAnswer(bytesAnswer);
+        when(mock.sendContinuationFrame(any(String.class), any(Boolean.class), any(Integer.class))).thenAnswer(stringAnswer);
+    }
+
+    private synchronized void handleFrame(byte[] buffer, boolean isFinal) {
+        if (resultBytes != null) {
+            throw new RuntimeException("WebSocket mock received a final frame, fix the bug just observed " +
+                    "or call resetBuffer() before reuse if intended!");
+        }
+        System.arraycopy(buffer, 0, this.buffer, bufferOffset, buffer.length);
+        bufferOffset += buffer.length;
+        // Set result on final frame
+        if (isFinal) {
+            resultBytes = new byte[bufferOffset];
+            System.arraycopy(this.buffer, 0, resultBytes, 0, bufferOffset);
+        }
+    }
+
+    public synchronized void resetBuffer() {
+        bufferOffset = 0;
+        resultBytes = null;
+    }
+
+    public WebSocket getMock() {
+        return mock;
+    }
+
+    public byte[] getResultBytes() {
+        return resultBytes;
+    }
+}
diff --git a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WsProducerTest.java b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WsProducerTest.java
new file mode 100644
index 000000000..aeeaddef0
--- /dev/null
+++ b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WsProducerTest.java
@@ -0,0 +1,95 @@
+/*-
+ * ========================LICENSE_START=================================
+ * camel-ids
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.camel.ids.client;
+
+import org.junit.Test;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
+import java.util.Random;
+import java.util.stream.Stream;
+
+import static de.fhg.aisec.ids.camel.ids.client.WsProducer.STREAM_BUFFER_SIZE;
+import static org.junit.Assert.assertArrayEquals;
+
+public class WsProducerTest {
+    public static final int[] TEST_SIZES = {
+            0, 1,
+            STREAM_BUFFER_SIZE - 1, STREAM_BUFFER_SIZE, STREAM_BUFFER_SIZE + 1,
+            STREAM_BUFFER_SIZE * 2 - 1, STREAM_BUFFER_SIZE * 2, STREAM_BUFFER_SIZE * 2 + 1
+    };
+
+    public byte[] getRandomPrintableAsciiBytes(int length) {
+        byte[] buffer = new byte[length];
+        var rand = new Random();
+        for (int i = 0; i < length; i++) {
+            buffer[i] = (byte)('!' + rand.nextInt('~' - '!'));
+        }
+        return buffer;
+    }
+
+    public Stream<byte[]> getTestByteArrayStream() {
+        return Arrays.stream(TEST_SIZES).mapToObj(this::getRandomPrintableAsciiBytes);
+    }
+
+//    public Exchange getTestExchange(Object body) {
+//        var message = mock(Message.class);
+//        when(message.getBody()).thenReturn(body);
+//        var exchange = mock(Exchange.class);
+//        when(exchange.getIn()).thenReturn(message);
+//        return exchange;
+//    }
+//
+//    public WsProducer getProducerMock(WebSocketMockHelper mockHelper, boolean streaming) throws Exception {
+//        var endpoint = mock(WsEndpoint.class);
+//        when(endpoint.isUseStreaming()).thenReturn(streaming);
+//        when(endpoint.getWebSocket()).thenReturn(mockHelper.getMock());
+//        var producer = mock(WsProducer.class);
+//        when(producer.getEndpoint()).thenReturn(endpoint);
+//        doCallRealMethod().when(producer).process(any(Exchange.class));
+//        return producer;
+//    }
+
+    @Test
+    public void testSendMessage() {
+        var wsMockHelper = new WebSocketMockHelper();
+//        var producerMockDefault = getProducerMock(wsMockHelper, false);
+//        var producerMockStreaming = getProducerMock(wsMockHelper, true);
+        getTestByteArrayStream().forEach(bytes -> {
+            try {
+                WsProducer.sendMessage(wsMockHelper.getMock(), bytes, false);
+                assertArrayEquals("sendMessage() (bytes, non-streaming) seems flawed", bytes, wsMockHelper.getResultBytes());
+                wsMockHelper.resetBuffer();
+                WsProducer.sendMessage(wsMockHelper.getMock(), bytes, true);
+                assertArrayEquals("sendMessage() (bytes, streaming) seems flawed", bytes, wsMockHelper.getResultBytes());
+                wsMockHelper.resetBuffer();
+                var string = new String(bytes, StandardCharsets.US_ASCII);
+                WsProducer.sendMessage(wsMockHelper.getMock(), string, false);
+                assertArrayEquals("sendMessage() (String, non-streaming) seems flawed", bytes, wsMockHelper.getResultBytes());
+                wsMockHelper.resetBuffer();
+                WsProducer.sendMessage(wsMockHelper.getMock(), string, true);
+                assertArrayEquals("sendMessage() (String, streaming) seems flawed", bytes, wsMockHelper.getResultBytes());
+                wsMockHelper.resetBuffer();
+            } catch (Exception e) {
+                throw new RuntimeException(e);
+            }
+        });
+    }
+}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerSocketServlet.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerSocketServlet.java
index 76233b72d..24f3b302f 100644
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerSocketServlet.java
+++ b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerSocketServlet.java
@@ -23,9 +23,11 @@
 import org.eclipse.jetty.websocket.servlet.WebSocketServletFactory;
 
 public class ServerSocketServlet extends WebSocketServlet {
+  public static final int MAX_MESSAGE_SIZE = 100 * 1024 * 1024;
+
   private static final long serialVersionUID = -3504454673920877370L;
   private final ServerConfiguration config;
-  private SocketListener socketListener;
+  private final SocketListener socketListener;
 
   public ServerSocketServlet(ServerConfiguration config, SocketListener socketListener) {
     this.config = config;
@@ -34,6 +36,8 @@ public ServerSocketServlet(ServerConfiguration config, SocketListener socketList
 
   @Override
   public void configure(WebSocketServletFactory factory) {
+    factory.getPolicy().setMaxBinaryMessageSize(MAX_MESSAGE_SIZE);
+    factory.getPolicy().setMaxTextMessageSize(MAX_MESSAGE_SIZE);
     factory.setCreator(new IdscpWebSocketCreator(this.config, this.socketListener));
   }
 }

From 52a2f5984a834b334fce3be05b52c3634d77eb28 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 1 Jul 2020 20:34:34 +0200
Subject: [PATCH 114/237] hack to accept new DAT

---
 .../de/fhg/aisec/ids/tokenmanager/TokenManagerService.java    | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index a8f374fe3..c8870d859 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -258,7 +258,9 @@ public Map<String, Object> verifyJWT(
               .setRequireSubject() // the JWT must have a subject claim
               .setExpectedIssuer(
                   "https://daps.aisec.fraunhofer.de") // whom the JWT needs to have been issued by
-              .setExpectedAudience(targetAudience) // to whom the JWT is intended for
+              //.setExpectedAudience(targetAudience) // to whom the JWT is intended for
+              //FIXME: Evil hack to support both audience types from DAPSv1 and v2. We need to get versioning going and we need to get it right. Until then, just hack in second value
+              .setExpectedAudience(targetAudience, "idsc:IDS_CONNECTORS_ALL") // to whom the JWT is intended for
               .setVerificationKeyResolver(httpsJwksKeyResolver)
               .setJwsAlgorithmConstraints( // only allow the expected signature algorithm(s) in the
                   // given context

From 59f78e884d2b9fd2005ee7e88a25f8b17c4c030b Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Mon, 6 Jul 2020 13:41:34 +0200
Subject: [PATCH 115/237] remove audience check without proper versioning

---
 .../aisec/ids/camel/ids/server/DefaultWebsocket.java |  5 +----
 .../IdsClientServerPlaintextWithAttestationTest.java |  2 +-
 .../de/fhg/aisec/ids/api/tokenm/TokenManager.java    |  1 -
 .../aisec/ids/tokenmanager/TokenManagerService.java  | 12 ++++--------
 4 files changed, 6 insertions(+), 14 deletions(-)

diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
index 5e9691df0..6163e3211 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
@@ -234,13 +234,10 @@ private void validateDynamicAttributeToken(@NonNull String dat) throws DatExcept
         ConnectionSettings connectionSettings = settings.getConnectionSettings(consumer.getEndpoint().getHost() + ":"
                 + consumer.getEndpoint().getPort().toString());
 
-        // This is a bug in the DAPS.
-        // Audience should not be set to default value "IDS_Connector"
-        String targetAudience = "IDS_Connector";
 
         try {
             //validate token signature, target Audience, expire date
-            var claims = tokenManager.verifyJWT(dat, targetAudience, dapsUrl);
+            var claims = tokenManager.verifyJWT(dat, dapsUrl);
             //validate supported security attributes
             tokenManager.validateDATSecurityAttributes(claims, connectionSettings);
         } catch (Exception e) {
diff --git a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
index eacfd8287..560696cd2 100644
--- a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
+++ b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
@@ -56,7 +56,7 @@ public void mockRequiredBundles() throws Exception {
     when(settings.getConnectionSettings(anyString())).thenReturn(new ConnectionSettings());
     cc.setSettings(settings);
     TokenManager tm = mock(TokenManager.class);
-    when(tm.verifyJWT(anyString(), anyString(), anyString())).thenReturn(Collections.emptyMap());
+    when(tm.verifyJWT(anyString(), anyString())).thenReturn(Collections.emptyMap());
     doNothing().when(tm).validateDATSecurityAttributes(any(), any(ConnectionSettings.class));
     cc.setTokenManager(tm);
     CamelComponent.setInstance(cc);
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
index d0ecadc5c..5c3d45c0d 100755
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
@@ -45,7 +45,6 @@ Map<String, Object> acquireToken(
 
   Map<String, Object> verifyJWT(
       String dynamicAttributeToken,
-      String targetAudience,
       String dapsUrl) throws Exception;
 
   void validateDATSecurityAttributes(
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index c8870d859..f49126390 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -99,9 +99,7 @@ public Map<String, Object> acquireToken(
       String keystoreAliasName,
       String trustStoreName,
       String connectorUUID) {
-    // This is a bug in the DAPS.
-    // Audience should not be set to default value "IDS_Connector"
-    String targetAudience = "IDS_Connector";
+
     String dynamicAttributeToken = "INVALID_TOKEN";
     Map<String, Object> jwtClaims = null;
 
@@ -202,7 +200,7 @@ public Map<String, Object> acquireToken(
 
       LOG.info("Dynamic Attribute Token: " + dynamicAttributeToken);
 
-      jwtClaims = verifyJWT(dynamicAttributeToken, targetAudience, dapsUrl);
+      jwtClaims = verifyJWT(dynamicAttributeToken, dapsUrl);
     } catch (KeyStoreException
         | NoSuchAlgorithmException
         | CertificateException
@@ -222,7 +220,6 @@ public Map<String, Object> acquireToken(
   @Override
   public Map<String, Object> verifyJWT(
       String dynamicAttributeToken,
-      String targetAudience,
       String dapsUrl) throws Exception {
     if (sslSocketFactory == null) {
       throw new JwtException("SSLSocketFactory is null, acquireToken() must be called first!");
@@ -258,9 +255,8 @@ public Map<String, Object> verifyJWT(
               .setRequireSubject() // the JWT must have a subject claim
               .setExpectedIssuer(
                   "https://daps.aisec.fraunhofer.de") // whom the JWT needs to have been issued by
-              //.setExpectedAudience(targetAudience) // to whom the JWT is intended for
-              //FIXME: Evil hack to support both audience types from DAPSv1 and v2. We need to get versioning going and we need to get it right. Until then, just hack in second value
-              .setExpectedAudience(targetAudience, "idsc:IDS_CONNECTORS_ALL") // to whom the JWT is intended for
+              //FIXME: Hardcoded two v1 and v2 values. Need to add versioning to correctly handle tokens.
+              .setExpectedAudience(true, "IDS_Connector", "idsc:IDS_CONNECTORS_ALL") // to whom the JWT is intended for
               .setVerificationKeyResolver(httpsJwksKeyResolver)
               .setJwsAlgorithmConstraints( // only allow the expected signature algorithm(s) in the
                   // given context

From 508e5d3ec8adc4272bd30a2f69d81d530624f1d4 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Mon, 6 Jul 2020 14:10:15 +0200
Subject: [PATCH 116/237] fix audience

---
 .../de/fhg/aisec/ids/tokenmanager/TokenManagerService.java     | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index f49126390..2963f25d0 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -101,6 +101,8 @@ public Map<String, Object> acquireToken(
       String connectorUUID) {
 
     String dynamicAttributeToken = "INVALID_TOKEN";
+    String targetAudience = "IDS_Connector";
+
     Map<String, Object> jwtClaims = null;
 
     // Try clause for setup phase (loading keys, building trust manager)
@@ -146,6 +148,7 @@ public Map<String, Object> acquireToken(
         throw new RuntimeException(e);
       }
 
+
       LOG.info("Retrieving Dynamic Attribute Token...");
 
       // create signed JWT (JWS)

From 09d3bb4c98e94ddf02b766b7ab1fda6a5400ce9c Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 8 Jul 2020 10:08:32 +0200
Subject: [PATCH 117/237] retrieve DAPSv2 token

---
 .../ids/tokenmanager/TokenManagerService.java |  54 +++++++++++-------
 .../src/main/resources/etc/settings.mapdb     | Bin 2097152 -> 2097152 bytes
 2 files changed, 33 insertions(+), 21 deletions(-)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index 2963f25d0..68e07c2f1 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -57,6 +57,7 @@
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
 import java.time.Instant;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
 import java.util.Map;
@@ -116,7 +117,7 @@ public Map<String, Object> acquireToken(
       KeyStore trustManagerKeyStore = KeyStore.getInstance("JKS");
 
       LOG.info("Loading key store: " + keyStoreName);
-      LOG.info("Loading trus store: " + trustStoreName);
+      LOG.info("Loading trust store: " + trustStoreName);
       keystore.load(jksKeyStoreInputStream, keyStorePassword.toCharArray());
       trustManagerKeyStore.load(jksTrustStoreInputStream, keyStorePassword.toCharArray());
       java.security.cert.Certificate[] certs = trustManagerKeyStore.getCertificateChain("ca");
@@ -131,6 +132,8 @@ public Map<String, Object> acquireToken(
       // Get certificate of public key
       X509Certificate cert = (X509Certificate) keystore.getCertificate(keystoreAliasName);
 
+
+
       TrustManager[] trustManagers;
       try {
         TrustManagerFactory trustManagerFactory =
@@ -148,9 +151,17 @@ public Map<String, Object> acquireToken(
         throw new RuntimeException(e);
       }
 
-
+      LOG.info("\tCertificate Subject: " + cert.getSubjectDN());
+      //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
+      String authorityKeyIndentifier = new String (cert.getExtensionValue("2.5.29.35"));
+      String subjectKeyIdenfier = new String (cert.getExtensionValue("2.5.29.14"));
+      LOG.info("AKI: " + authorityKeyIndentifier);
+      LOG.info("SKI: " + subjectKeyIdenfier);
+      //connectorUUID = subjectKeyIdenfier + ":" + authorityKeyIndentifier.substring(0, authorityKeyIndentifier.length() - 1);
+      LOG.info("ConnectorUUID: " + connectorUUID);
       LOG.info("Retrieving Dynamic Attribute Token...");
 
+
       // create signed JWT (JWS)
       // Create expiry date one day (86400 seconds) from now
       Date expiryDate = Date.from(Instant.now().plusSeconds(86400));
@@ -158,12 +169,15 @@ public Map<String, Object> acquireToken(
           Jwts.builder()
               .setIssuer(connectorUUID)
               .setSubject(connectorUUID)
+              .claim("@context", "https://w3id.org/idsa/contexts/context.jsonld")
+              .claim("@type", "ids:DatRequestToken")
               .setExpiration(expiryDate)
               .setIssuedAt(Date.from(Instant.now()))
               .setAudience(targetAudience)
               .setNotBefore(Date.from(Instant.now()));
-      LOG.info("\tCertificate Subject: " + cert.getSubjectDN());
+
       String jws = jwtb.signWith(privKey, SignatureAlgorithm.RS256).compact();
+      LOG.info("Request token: " + jws);
 
       // build form body to embed client assertion into post request
       RequestBody formBody =
@@ -172,7 +186,7 @@ public Map<String, Object> acquireToken(
               .add(
                   "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
               .add("client_assertion", jws)
-              .add("scope", "ids_connector")
+              .add("scope", "idsc:IDS_CONNECTOR_ATTRIBUTES_ALL")
               .build();
 
       OkHttpClient.Builder builder = new OkHttpClient.Builder();
@@ -186,7 +200,7 @@ public Map<String, Object> acquireToken(
               .readTimeout(15, TimeUnit.SECONDS)
               .build();
 
-      Request request = new Request.Builder().url(dapsUrl + "/token").post(formBody).build();
+      Request request = new Request.Builder().url(dapsUrl + "/v2/token").post(formBody).build();
       Response jwtResponse = client.newCall(request).execute();
       if (!jwtResponse.isSuccessful()) {
         throw new IOException("Unexpected code " + jwtResponse);
@@ -310,24 +324,22 @@ public Map<String, Object> verifyJWT(
   public void validateDATSecurityAttributes(Map<String, Object> claims, ConnectionSettings connectionSettings)
       throws DatException {
     try {
-      Object idsAttributesObject = claims.get("ids_attributes");
-      Map<String, Object> securityProfile;
-      if (idsAttributesObject instanceof Map) {
-        var securityProfileObject = ((Map<String, Object>) idsAttributesObject).get("security_profile");
-        if (securityProfileObject instanceof Map) {
-          securityProfile = (Map<String, Object>) securityProfileObject;
-        } else {
-          throw new DatException("No security_profile found in claims " + securityProfileObject);
-        }
-      } else {
-        throw new DatException("No ids_attributes claims found in claims " + idsAttributesObject);
-      }
 
-      // Validate audit_logging
-      var auditLogging = Integer.parseInt(securityProfile.get("audit_logging").toString());
-      if (Integer.parseInt(connectionSettings.getAuditLogging()) > auditLogging) {
-        throw new DatException("Client does not support the security requirements for audit_logging.");
+      String securityProfile = claims.get("securityProfile").toString();
+
+      //FIXME: Validate security profile the proper way
+
+      ArrayList<String> validTrustProfiles=new ArrayList<String>();
+      validTrustProfiles.add("idsc:TRUST_SECURITY_PROFILE");
+      validTrustProfiles.add("idsc:BASE_SECURITY_PROFILE");
+      validTrustProfiles.add("idsc:TRUST+_SECURITY_PROFILE");
+
+      if (!validTrustProfiles.contains(securityProfile)) {
+        throw new DatException("Client does not support valid trust profile.");
       }
+      //TODO Check for trust profile
+      //if (Integer.parseInt(connectionSettings.getAuditLogging()) > auditLogging) {
+      //  throw new DatException("Client does not support the security requirements for audit_logging.");
 
       // TODO: validate further security attributes
     } catch (NumberFormatException e) {
diff --git a/karaf-assembly/src/main/resources/etc/settings.mapdb b/karaf-assembly/src/main/resources/etc/settings.mapdb
index 937ee9b5ed76d41326329502fa6b8e39c9cd60af..d2098f4a3bf0822e9f3344dd1de9e68b31263155 100644
GIT binary patch
delta 1690
zcmbtUOOM-B6wY*}%nU7^DX0ReELb2Gm5M+}ERm2{!KM;_fGsS5k=P+M8FkT0P!&{F
z-4<A}pz<S5?7K_+ik;Yw9Xoz(Mz)hl{ED4So|cffj;g|*D}O%sp67SZv0SNCb}A6R
z+_?Ge+dq|xb^P)Dtt{=lv6b(%e|>y%`sU$I>3U(k^(T7g>z(~8#s2+6{MpX+JzTx~
z){px)3e9c*aaQ^2gWXTJ=08eDg)Dtp+JUlkv|GAXocBN4yI05$XQi8kyiMObIlX^!
zx&v_uVi#f$;xfc55c?1Z5Qh-2LR^8k3h^4mwff2FQTOhXJIBXI4;~6~ztItxGhJ!3
zGV$H<C%5(<9h82qqqmNacE7mybg-GYN#LKk^Z6|B7W3iRJdK8v-zt#C%eCcNoPPi2
zhu5bs)o}A{d)PfVd;~l4r2hT8$Dds)|IILfZUT-0NE1*vAgch!0fGV)1#A-#44|sT
zLz1A$f;tK63?S-&qd~O+qTwbO6yYQd=sIZD07-y41sWv4aL}j~CX@gT_^ty20T>6^
z8mJMViWiw#^1)N*z2k@F2Zxp6Mnr~IBTxdd-AC1+LyI%lREu-un9g`$t`Q+v1-7}K
z2w@r+v9ytOJ2+RL!_eF@Wz<h%WY}+RJj}^F-Y7ydrzM9<to8bR*|1QVQ_+5}*Vh~i
zZT57;5p~uGI%Qhiz#6eX5i>6tFdjxMU_!*hg(68hXlW}YAeXio7lp$A*w>vzi#?Mp
z_%;Tuc;)njnvleipJ%LXX{v3-7aqn%1$UK~m)=B+hpp|swt4+LU6wnzpTo;8JY1Y~
zFc^%nOB<sW1HNA!w4{IcG%@v|-s86oLi~hV_;_>aPc+7{M8rqs)Yb)54j_qew6;Sw
zS9m#;O%=0qV<m-Lq%aa9=@BC5>P9xTz|o~LA%!DM!lbp6sJVn0RY?~R31bll-cDv<
z+OQcZrk2=Yqqu1f$*mkq3Y7RFa7`_@^Gwt@`CLUPMUVPSpQU;h!Wn%|6xFzIXnkli
z){+n-7ed0J4*jA_m{jW-WlgsbxvNJ6oR8Ku;up@aWv(UX#kk#;hWIV1*4a>zZ8h^w
z!eu_z4?Bsov912X<*CH6goOj=UJx9Z+tINalQC+T@fwq^)G#HaJgv%1nnSsg^mHxh
z8K;)R6on21G!&>ROh#*ZiYrWtLp>_z8L#FkqUzbqvEt0xCQYkqo-xoy%OOl!`0H5{
z#%!cKYsz6!I9<z7x0QK{O3<c-83+9_=#M}Wux`ec6<UC8Ap!@^P0|fWf+b|#K$PAp
zaIEnPb^s=din$Szt`hL0_bEZ3?Ky`~w5=G`nH2DIbIGC9EHo0KIbC*Y^2DLU+BoUC
zsOHLv)E!XDkQZw{GM^USxH($Z0t1uE^gL=W&fKxy=}nNvh#o5=YCN`7FRD7#U@{W8
zNMEDMnSje&gB^B7bm+A&f^0)9#d&~^)!ds+6iyQq`rJ3iEskq->*(|hQ)kRzIXYjo
z6`>JaNHc+4*($Yecz-#=iR$75cB;?Bvcmg*o%S^{Z)Y2NNiu9aq%Y!jw<&NFbl}(O
z&T2Y~;*~q6)uog1c1VTUA~6@ixiN3J<ievCYo!sHvtCb=y-e*2?Sb1eU3NxR8+n$e
ve7EWPsl^YL{xl~tdEVy9D3T+Rr-Q4)$jE6c*K9Xa|L4#A>@Hq8eg64Brzxv>

delta 275
zcmXBOJqp4w7{>9WAJ+QSIEaEv2d7FWFW?Onynw57aS}>i<)w>5wRj0Psp1s`2k{Vs
zZXUs>HSp&p3HcGNwbUr>^e3;gD3%Iu<rLB=r+?pNL|s>kR&g5~Pt%3WKX%W`pLTEM
zsNz&a*;mhf<6Ue9k?_jHnUI*mGyhMW(S|4?lE^?NvXG4`$U#-)q8h5B25O?#mB@R<
zSxW80RH<xD{za=WkXw9ie;p5%Ha1KNLucp=ouM;yhR)C#IzwmZ44t7fbcW94-Qzr^
G<?IKNWLM+>


From ad7ee876495e24a630184d3d507eb5dc2da77ba5 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 8 Jul 2020 12:04:32 +0200
Subject: [PATCH 118/237] upgraded to DAPSv2

---
 buildx/docker-buildx.sh                       |   0
 .../ids/api/infomodel/ConnectorProfile.java   |   2 +-
 .../ids/api/settings/ConnectionSettings.java  |  49 +--
 .../InfoModelService.kt                       |   2 +-
 .../ids/tokenmanager/TokenManagerService.java |  38 +-
 .../connection-configuration/configuration.ts |   9 +-
 .../connection-configuration.component.html   | 342 +-----------------
 .../settings.interface.ts                     |   9 +-
 .../daps/DefaultDapsDriver.java               |  67 ++--
 .../daps/SecurityRequirements.java            |  10 +-
 .../src/main/resources/etc/settings.mapdb     | Bin 2097152 -> 2097152 bytes
 11 files changed, 110 insertions(+), 418 deletions(-)
 mode change 100644 => 100755 buildx/docker-buildx.sh

diff --git a/buildx/docker-buildx.sh b/buildx/docker-buildx.sh
old mode 100644
new mode 100755
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java
index e1d5c0032..d6c13d6c8 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java
@@ -35,7 +35,7 @@ public final class ConnectorProfile implements Serializable {
   private List<PlainLiteral> connectorEntityNames;
 
   public ConnectorProfile() {
-    this.securityProfile = SecurityProfile.BASE_CONNECTOR_SECURITY_PROFILE;
+    this.securityProfile = SecurityProfile.TRUSTED_CONNECTOR_SECURITY_PROFILE;
     this.connectorUrl = null;
     this.maintainerUrl = null;
     this.connectorEntityNames = null;
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
index 92438d7fc..5622f839a 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
@@ -24,55 +24,14 @@
 public final class ConnectionSettings implements Serializable {
   private static final long serialVersionUID = 1L;
 
-  private final String integrityProtectionAndVerification;
-  private final String authentication;
-  private final String serviceIsolation;
-  private final String integrityProtectionVerificationScope;
-  private final String appExecutionResources;
-  private final String dataUsageControlSupport;
-  private final String auditLogging;
-  private final String localDataConfidentiality;
+  private final String securityProfile;
 
   public ConnectionSettings() {
-    integrityProtectionAndVerification = "1";
-    authentication = "1";
-    serviceIsolation = "1";
-    integrityProtectionVerificationScope = "1";
-    appExecutionResources = "1";
-    dataUsageControlSupport = "1";
-    auditLogging = "1";
-    localDataConfidentiality = "1";
+    securityProfile = "1";
   }
 
-  public String getIntegrityProtectionAndVerification() {
-    return integrityProtectionAndVerification;
+  public String getRequiredSecurityProfile() {
+    return securityProfile;
   }
 
-  public String getAuthentication() {
-    return authentication;
-  }
-
-  public String getServiceIsolation() {
-    return serviceIsolation;
-  }
-
-  public String getIntegrityProtectionVerificationScope() {
-    return integrityProtectionVerificationScope;
-  }
-
-  public String getAppExecutionResources() {
-    return appExecutionResources;
-  }
-
-  public String getDataUsageControlSupport() {
-    return dataUsageControlSupport;
-  }
-
-  public String getAuditLogging() {
-    return auditLogging;
-  }
-
-  public String getLocalDataConfidentiality() {
-    return localDataConfidentiality;
-  }
 }
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
index c51fb8a15..6c3b3c7ce 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
@@ -117,7 +117,7 @@ class InfoModelService : InfoModel {
     // generates RDF description from Connector object and returns building success
     override fun setConnector(profile: ConnectorProfile): Boolean {
         if (profile.securityProfile == null) {
-            profile.securityProfile = SecurityProfile.BASE_CONNECTOR_SECURITY_PROFILE
+            profile.securityProfile = SecurityProfile.TRUSTED_CONNECTOR_SECURITY_PROFILE
         }
         return if (settings != null) {
             settings?.connectorProfile = profile
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index 68e07c2f1..a61a9c380 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -338,8 +338,42 @@ public void validateDATSecurityAttributes(Map<String, Object> claims, Connection
         throw new DatException("Client does not support valid trust profile.");
       }
       //TODO Check for trust profile
-      //if (Integer.parseInt(connectionSettings.getAuditLogging()) > auditLogging) {
-      //  throw new DatException("Client does not support the security requirements for audit_logging.");
+
+      if(connectionSettings.getRequiredSecurityProfile().equals("idsc:BASE_SECURITY_PROFILE")) {
+        if (!securityProfile.equals("idsc:BASE_SECURITY_PROFILE")
+            && !securityProfile.equals("idsc:TRUST_SECURITY_PROFILE")
+            && !securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+
+          throw new DatException(
+              "Client does not support required trust profile: Required: "
+                  + connectionSettings.getRequiredSecurityProfile()
+                  + " given: "
+                  + securityProfile);
+        }
+      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUST_SECURITY_PROFILE")) {
+        if (!securityProfile.equals("idsc:TRUST_SECURITY_PROFILE") &&
+            !securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+          throw new DatException(
+              "Client does not support required trust profile: Required: "
+                  + connectionSettings.getRequiredSecurityProfile()
+                  + " given: "
+                  + securityProfile);
+        }
+      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+          if (!securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+            throw new DatException(
+                "Client does not support required trust profile: Required: "
+                    + connectionSettings.getRequiredSecurityProfile()
+                    + " given: "
+                    + securityProfile);
+          }
+      } else {
+        throw new DatException(
+            "Client does not support any valid trust profile: Required: "
+                + connectionSettings.getRequiredSecurityProfile()
+                + " given: "
+                + securityProfile);
+      }
 
       // TODO: validate further security attributes
     } catch (NumberFormatException e) {
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
index 7851c8738..68b8ae162 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
@@ -11,14 +11,7 @@ export class Configuration {
             this.settings = settings;
         } else {
             this.settings = {
-                integrityProtectionAndVerification: '1',
-                authentication: '1',
-                serviceIsolation: '1',
-                integrityProtectionVerificationScope: '1',
-                appExecutionResources: '1',
-                dataUsageControlSupport: '1',
-                auditLogging: '1',
-                localDataConfidentiality: '1'
+                securityProfile: 'idsc:BASE_SECURITY_PROFILE'
             };
         }
     }
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
index 17cd095cf..e2886832b 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
@@ -27,72 +27,26 @@ <h5>Endpoint Security Requirements</h5>
           <p class="loading" *ngIf="!model">Loading Settings...</p>
           <table *ngIf="model" cellpadding="0" cellspacing="0" border="0" (click)="model.dirty = true">
             <tbody>
-            <!-- <tr>
-              <td width="50%">
-                <h5>Integrity</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Local Integrity Protection</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Remote integrity verification</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                </ul>
-              </td>
-              <td width="50%">
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_1_left"
-                           [(ngModel)]="model.settings.integrityProtectionAndVerification"
-                           name="integrityProtectionAndVerification" [value]="'1'"
-                           [checked]="model.settings.integrityProtectionAndVerification === '1'"
-                    />
-                    <label class="labelSmall" for="switch_1_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_1_center"
-                           [(ngModel)]="model.settings.integrityProtectionAndVerification"
-                           name="integrityProtectionAndVerification" [value]="'2'"
-                           [checked]="model.settings.integrityProtectionAndVerification === '2'"
-                    />
-                    <label class="labelWide" for="switch_1_center">Local Integrity Protection</label>
-                    <input class="switch-button" type="radio" id="switch_1_right"
-                           [(ngModel)]="model.settings.integrityProtectionAndVerification"
-                           name="integrityProtectionAndVerification" [value]="'3'"
-                           [checked]="model.settings.integrityProtectionAndVerification === '3'"
-                    />
-                    <label class="labelWide" for="switch_1_right">Remote integrity verification</label>
-                  </div>
-                </form>
-              </td>
-            </tr> -->
+
             <tr>
               <td>
-                <h5>Authentication</h5>
+                <h5>Required Security Profile</h5>
                 <ul class="mdl-list">
                   <li class="mdl-list__item mdl-list__item--two-line">
                     <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">No endpoint authentication required. Connections are encrypted, but authenticity of the communication partner cannot be guaranteed. Data may be sent to malicious endpoints.</span>
+                      <span><b>BASE Security Profile</b></span>
+                    <span class="mdl-list__item-sub-title">BASE security profile required. Lower security requirements for incoming connection requests.</span>
                   </span>
                   </li>
                   <li class="mdl-list__item mdl-list__item--two-line">
                     <span class="mdl-list__item-primary-content">
-                      <span><b>Server Authentication</b></span>
-                    <span class="mdl-list__item-sub-title">Authenticity of the server must be guaranteed. Authenticity of the client is not checked.</span>
+                      <span><b>TRUST Security Profile</b></span>
+                    <span class="mdl-list__item-sub-title">TRUST security profile required. High security requirments for incoming connection requests.</span>
                   </span>
                   <li class="mdl-list__item mdl-list__item--two-line">
                     <span class="mdl-list__item-primary-content">
-                      <span><b>Mutual Authentication</b></span>
-                    <span class="mdl-list__item-sub-title">Authenticity of server and client must be guaranteed.</span>
+                      <span><b>TRUST+ Security Profile</b></span>
+                    <span class="mdl-list__item-sub-title">TRUST+ security profile required. Highest security requirments for incoming connection requests.</span>
                   </span>
                 </ul>
               </td>
@@ -100,281 +54,25 @@ <h5>Authentication</h5>
                 <form class="form">
                   <div class="switch-field">
                     <input class="switch-button" type="radio" id="switch_2_left"
-                           [(ngModel)]="model.settings.authentication"
-                           name="authentication"
-                           [value]="'1'" [checked]="model.settings.authentication === '1'"/>
-                    <label class="labelSmall" for="switch_2_left">None</label>
+                           [(ngModel)]="model.settings.securityProfile"
+                           name="securityProfile"
+                           [value]="'idsc:BASE_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:BASE_SECURITY_PROFILE'"/>
+                    <label class="labelSmall" for="switch_2_left">Base Profile</label>
                     <input class="switch-button" type="radio" id="switch_2_center"
-                           [(ngModel)]="model.settings.authentication"
-                           name="authentication"
-                           [value]="'2'" [checked]="model.settings.authentication === '2'"/>
-                    <label class="labelWide" for="switch_2_center">Server Authentication</label>
+                           [(ngModel)]="model.settings.securityProfile"
+                           name="securityProfile"
+                           [value]="'idsc:TRUST_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUST_SECURITY_PROFILE'"/>
+                    <label class="labelWide" for="switch_2_center">Trust Profile</label>
                     <input class="switch-button" type="radio" id="switch_2_right"
-                           [(ngModel)]="model.settings.authentication"
-                           name="authentication"
-                           [value]="'3'" [checked]="model.settings.authentication === '3'"/>
-                    <label class="labelWide" for="switch_2_right">Mutual Authentication</label>
+                           [(ngModel)]="model.settings.securityProfile"
+                           name="securityProfile"
+                           [value]="'idsc:TRUST+_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUST+_SECURITY_PROFILE'"/>
+                    <label class="labelWide" for="switch_2_right">Trust+ Profile</label>
                   </div>
                 </form>
               </td>
             </tr>
-            <tr>
-              <td width="50%">
-                <h5>App Isolation</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">Apps are not isolated. A malicious app may compromise the whole connector.</span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Containers</b></span>
-                    <span class="mdl-list__item-sub-title">Apps run in separate containers but may still communicate with each other and the Internet.</span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Trusted Containers</b></span>
-                    <span class="mdl-list__item-sub-title">Apps run in separate, signed and restricted containers. By default, they may only communicate with the Core Platform which enforces usage control policies.</span>
-                  </span>
-                  </ul>
-              </td>
-              <td width="50%">
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_3_left"
-                           [(ngModel)]="model.settings.serviceIsolation"
-                           name="serviceIsolation"
-                           [value]="'1'" [checked]="model.settings.serviceIsolation === '1'"/>
-                    <label class="labelSmall" for="switch_3_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_3_center"
-                           [(ngModel)]="model.settings.serviceIsolation" name="serviceIsolation"
-                           [value]="'2'" [checked]="model.settings.serviceIsolation === '2'"/>
-                    <label class="labelWide" for="switch_3_center">Containers</label>
-                    <input class="switch-button" type="radio" id="switch_3_right"
-                           [(ngModel)]="model.settings.serviceIsolation" name="serviceIsolation"
-                           [value]="'3'" [checked]="model.settings.serviceIsolation === '3'"/>
-                    <label class="labelWide" for="switch_3_right">Trusted Containers</label>
-                  </div>
-                </form>
-              </td>
-            </tr>
-            <tr>
-              <td>
-                <h5>Attestation Scope</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">Integrity of the remote connector is not attested. There will be no guarantees about the software stack running on a remote connector. Any data sent to the remote connector must be considered unprotected.</span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Kernel &amp; Core Platform</b></span>
-                    <span class="mdl-list__item-sub-title">Integrity of the remote connector's kernel and Core Platform will be attested. These components will be guaranteed to be in a known state, but apps remain unattested.</span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Full Stack</b></span>
-                    <span class="mdl-list__item-sub-title">Integrity of the remote connector's kernel, Core Platform, and apps will be attested. All these components will be guaranteed to be in a known state.</span>
-                  </span>
-                </ul>
-              </td>
-              <td>
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_4_left"
-                           [(ngModel)]="model.settings.integrityProtectionVerificationScope"
-                           name="integrityProtectionVerificationScope" [value]="'1'"
-                           [checked]="model.settings.integrityProtectionVerificationScope === '1'"
-                    />
-                    <label class="labelSmall" for="switch_4_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_4_center"
-                           [(ngModel)]="model.settings.integrityProtectionVerificationScope"
-                           name="integrityProtectionVerificationScope" [value]="'2'"
-                           [checked]="model.settings.integrityProtectionVerificationScope === '2'"
-                    />
-                    <label class="labelWide" for="switch_4_center">Kernel &amp; Core Platform</label>
-                    <input class="switch-button" type="radio" id="switch_4_right"
-                           [(ngModel)]="model.settings.integrityProtectionVerificationScope"
-                           name="integrityProtectionVerificationScope" [value]="'3'"
-                           [checked]="model.settings.integrityProtectionVerificationScope === '3'"
-                    />
-                    <label class="labelWide" for="switch_4_right">Full Stack</label>
-                  </div>
-                </form>
-              </td>
-            </tr>
-            <!--<tr>
-              <td>
-                <h5>App Execution Resources</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Local Enforcement</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Remote Verification</b></span>
-                    <span class="mdl-list__item-sub-title"></span>
-                  </span>
-                </ul>
 
-              </td>
-              <td>
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_5_left"
-                           [(ngModel)]="model.settings.appExecutionResources" name="appExecutionResources"
-                           [value]="'1'" [checked]="model.settings.appExecutionResources === '1'"/>
-                    <label class="labelSmall" for="switch_5_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_5_center"
-                           [(ngModel)]="model.settings.appExecutionResources" name="appExecutionResources"
-                           [value]="'2'" [checked]="model.settings.appExecutionResources === '2'"/>
-                    <label class="labelWide" for="switch_5_center">Local enforcement</label>
-                    <input class="switch-button" type="radio" id="switch_5_right"
-                           [(ngModel)]="model.settings.appExecutionResources" name="appExecutionResources"
-                           [value]="'3'" [checked]="model.settings.appExecutionResources === '3'"/>
-                    <label class="labelWide" for="switch_5_right">Remote verification</label>
-                  </div>
-                </form>
-              </td>
-            </tr> -->
-            <tr>
-              <td>
-                <h5>Data Usage Control</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">Remote connector is not expected to provide usage control.</span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Compliance</b></span>
-                    <span class="mdl-list__item-sub-title">Remote connector is expected to apply usage control policies, but not to strictly enforce them at a technical level. Legal usage obligations may still apply</span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Enforcement</b></span>
-                    <span class="mdl-list__item-sub-title">Remote connector must be able to technically enforce usage control policies. This requires a trusted remote platform.</span>
-                  </span>
-                </ul>
-              </td>
-              <td>
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_6_left"
-                           [(ngModel)]="model.settings.dataUsageControlSupport" name="dataUsageControlSupport"
-                           [value]="'1'" [checked]="model.settings.dataUsageControlSupport === '1'"/>
-                    <label class="labelSmall" for="switch_6_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_6_center"
-                           [(ngModel)]="model.settings.dataUsageControlSupport" name="dataUsageControlSupport"
-                           [value]="'2'" [checked]="model.settings.dataUsageControlSupport === '2'"/>
-                    <label class="labelWide" for="switch_6_center">Compliance</label>
-                    <input class="switch-button" type="radio" id="switch_6_right"
-                           [(ngModel)]="model.settings.dataUsageControlSupport" name="dataUsageControlSupport"
-                           [value]="'3'" [checked]="model.settings.dataUsageControlSupport === '3'"/>
-                    <label class="labelWide" for="switch_6_right">Enforcement</label>
-                  </div>
-                </form>
-              </td>
-            </tr>
-            <tr>
-              <td>
-                <h5>Audit Logging</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">No audit logging.</span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Local</b></span>
-                    <span class="mdl-list__item-sub-title">Local audit logging.</span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Remote Ledger</b></span>
-                    <span class="mdl-list__item-sub-title">Non-repudiatable audit logging in a remote ledger.</span>
-                  </span>
-                </ul>
-              </td>
-              <td>
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_7_left"
-                           [(ngModel)]="model.settings.auditLogging"
-                           name="auditLogging"
-                           [value]="'1'" [checked]="model.settings.auditLogging === '1'"/>
-                    <label class="labelSmall" for="switch_7_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_7_center"
-                           [(ngModel)]="model.settings.auditLogging"
-                           name="auditLogging"
-                           [value]="'2'" [checked]="model.settings.auditLogging === '2'"/>
-                    <label class="labelWide" for="switch_7_center">Local</label>
-                    <input class="switch-button" type="radio" id="switch_7_right"
-                           [(ngModel)]="model.settings.auditLogging"
-                           name="auditLogging"
-                           [value]="'3'" [checked]="model.settings.auditLogging === '3'"/>
-                    <label class="labelWide" for="switch_7_right">Remote Ledger</label>
-                  </div>
-                </form>
-              </td>
-            </tr>
-            <tr>
-              <td>
-                <h5>Local data protection</h5>
-                <ul class="mdl-list">
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>None</b></span>
-                    <span class="mdl-list__item-sub-title">Data is stored without additional protection. Administrators or malicious users may be able to read/modify/delete stored data.</span>
-                  </span>
-                  </li>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Secure data erasure</b></span>
-                    <span class="mdl-list__item-sub-title">Locally stored data may be securely erased.  Administrators or malicious users may still be able to read/modify/delete stored data.</span>
-                  </span>
-                  <li class="mdl-list__item mdl-list__item--two-line">
-                    <span class="mdl-list__item-primary-content">
-                      <span><b>Full Disk Encryption</b></span>
-                    <span class="mdl-list__item-sub-title">Local data is stored on a full disk encryption (FDE) medium.</span>
-                  </span>
-                </ul>
-              </td>
-              <td>
-                <form class="form">
-                  <div class="switch-field">
-                    <input class="switch-button" type="radio" id="switch_8_left"
-                           [(ngModel)]="model.settings.localDataConfidentiality" name="localDataConfidentiality"
-                           [value]="'1'" [checked]="model.settings.localDataConfidentiality === '1'"/>
-                    <label class="labelSmall" for="switch_8_left">None</label>
-                    <input class="switch-button" type="radio" id="switch_8_center"
-                           [(ngModel)]="model.settings.localDataConfidentiality" name="localDataConfidentiality"
-                           [value]="'2'" [checked]="model.settings.localDataConfidentiality === '2'"/>
-                    <label class="labelWide" for="switch_8_center">Secure data erasure</label>
-                    <input class="switch-button" type="radio" id="switch_8_right"
-                           [(ngModel)]="model.settings.localDataConfidentiality" name="localDataConfidentiality"
-                           [value]="'3'" [checked]="model.settings.localDataConfidentiality === '3'"/>
-                    <label class="labelWide" for="switch_8_right">Local full data encryption</label>
-                  </div>
-                </form>
-              </td>
-            </tr>
             </tbody>
           </table>
         </div>
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/settings.interface.ts b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/settings.interface.ts
index f6455eb84..7f146dd74 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/settings.interface.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/settings.interface.ts
@@ -1,10 +1,3 @@
 export interface Settings {
-  integrityProtectionAndVerification: string;
-  authentication: string;
-  serviceIsolation: string;
-  integrityProtectionVerificationScope: string;
-  appExecutionResources: string;
-  dataUsageControlSupport: string;
-  auditLogging: string;
-  localDataConfidentiality: string;
+  securityProfile: string;
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index ea830f884..836d4ddcf 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -259,15 +259,48 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                 }
 
                 //toDo add further security attribute validation
-                if (secRequirements.getAuditLogging() <= providedSecurityProfile.getAuditLogging()) {
-                    LOG.info("DAT is valid and secure");
-                    return validityTime;
+
+
+                if(secRequirements.getRequiredSecurityLevel().equals("idsc:BASE_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:BASE_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                        LOG.info("DAT is valid and secure");
+                        return validityTime;
+                    } else {
+                        if (LOG.isWarnEnabled()) {
+                            LOG.warn("DAT does not fulfill the security requirements");
+                        }
+                        return -1;
+                    }
+                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                        LOG.info("DAT is valid and secure");
+                        return validityTime;
+                    } else {
+                        if (LOG.isWarnEnabled()) {
+                            LOG.warn("DAT does not fulfill the security requirements, TRUST LEVEL not reached");
+                        }
+                        return -1;
+                    }
+                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                        LOG.info("DAT is valid and secure");
+                        return validityTime;
+                    } else {
+                        if (LOG.isWarnEnabled()) {
+                            LOG.warn("DAT does not fulfill the security requirements, TRUST+ LEVEL not reached");
+                        }
+                        return -1;
+                    }
                 } else {
                     if (LOG.isWarnEnabled()) {
-                        LOG.warn("DAT does not fulfill the security requirements");
+                        LOG.warn("DAT does not fulfill the security requirements, not supported trust level");
                     }
                     return -1;
                 }
+
             } else {
                 //invalid security requirements format
                 if (LOG.isWarnEnabled()) {
@@ -284,34 +317,16 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
     private SecurityRequirements parseSecurityRequirements(String dynamicAttrToken) {
         JSONObject asJson = new JSONObject(dynamicAttrToken);
 
-        if (!asJson.has("ids_attributes")) {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("DAT does not contain ids_attributes");
-            }
-            return null;
-        }
-        JSONObject idsAttributes = asJson.getJSONObject("ids_attributes");
-
-        if (!idsAttributes.has("security_profile")) {
+        if (!asJson.has("securityProfile")) {
             if (LOG.isWarnEnabled()) {
-                LOG.warn("DAT does not contain security_profile");
+                LOG.warn("DAT does not contain securityProfile");
             }
             return null;
         }
-        JSONObject securityProfile = idsAttributes.getJSONObject("security_profile");
-
-        //check if all security requirements are available
-        if (!securityProfile.has("audit_logging")) {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("DAT does not contain audit_logging");
-            }
-            return null;
-        }
-
         //toDo parse further security attributes
-
+        //FIXME: Does this make sense? How are security requirements mapped?
         return new SecurityRequirements.Builder()
-                .setAuditLogging(securityProfile.getInt("audit_logging"))
+                .setRequiredSecurityLevel(asJson.getString("securityProfile"))
                 .build();
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
index 7e588989b..1cbe92d1f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
@@ -11,15 +11,15 @@
  */
 public class SecurityRequirements {
 
-    private int auditLogging;
+    private String securityLevel;
 
     public static class Builder {
         @NonNull
         private final SecurityRequirements requirements = new SecurityRequirements();
 
         @NonNull
-        public Builder setAuditLogging(int auditLogging) {
-            this.requirements.auditLogging = auditLogging;
+        public Builder setRequiredSecurityLevel(String requiredSecurityLevel) {
+            this.requirements.securityLevel = requiredSecurityLevel;
             return this;
         }
 
@@ -29,7 +29,7 @@ public SecurityRequirements build() {
         }
     }
 
-    public int getAuditLogging() {
-        return auditLogging;
+    public String getRequiredSecurityLevel() {
+        return securityLevel;
     }
 }
diff --git a/karaf-assembly/src/main/resources/etc/settings.mapdb b/karaf-assembly/src/main/resources/etc/settings.mapdb
index d2098f4a3bf0822e9f3344dd1de9e68b31263155..ad8f1bf13b1dfa14f3c2c16162b97dee06a38310 100644
GIT binary patch
delta 568
zcmZo@Xkcsr;t3)$E;WBwGJt>przn_aVAukt6;4l_+}J42$;iMBlI4h)7~sgx2VydJ
zY<|GnR<-#Zs|TyllZ#MY3{2`ENrvXh6%BSw9G@reXi#()01E{%fQ%MkPJ+-Zj~Ez1
zn)sO+z~(V+V&Dg>OJ<M;(Jac$-XNNl87f}X+}POO*vJUPOhC*G#4JF}3dC$c%nrmH
zK+FlmTtLhX#5_RE3&ece8yor0*G-<#SSa7od-B}1gJ(`2xqs#S>7(Zun!DdVeEIJF
z<M;2Ly?j2kVQamBF(c>pt=o5O*}7@x_URY71>TDQ-2nv6T~8j}|Mv9L=a=u_O>6)L
z%Sv^y4?uF0gk1{1fEX~a0L)<KV7SS_*a1{KY5D<O0ZFFGAbo52;QFRyl?Z*@o~j~n
zg;7#5ppmIbxhk`{{muKw58teN@&5CdmfF^i>(d1V1(ZZzzI*cZ^OsLAAHG@p<l&cx
yYd?Q@`1tAcbp`_4Sm(d^^5w(yhiU?~TyT3q7R^CeG|kQ-?lHw7xOqaOP6Yr3?8u)0

delta 7361
zcmds6ZB!fAnI7?Bu$#4&I5|1lxLXsq`_b0eiM?*TKe{0f_0n>HW9+ouAL~+(9dcZt
zSZ>{R!w4`&aqJ{)HpSg-S{f&N(k>P=5(2dQry!6JAPIec^ap1&8l;g%nqf2&pxqwt
zy(1y>A>r(9&)IWU=Unc+^S<}J&wcOvK6mb*P$(n{P~Ls=P<7j(w-ES~p6VBCL~>B9
z56=(0SJD0SUJ3Fzlz#Eo0}WMWhhcNi^?`=d2R;LvC7&Q-ec<Z@4bML<HlI`i0sKia
zqQm__R3?hb-UI_P%_F}XXm}>mtlWzaJzkP&|HbS0(Az(LB52E)K#-CTKucPF<h|>P
zuNEC{es4lifj$KvmGmHD{b%3J)JMspzlYDi^m3+u_+>;2`$$oyE_)(dKbMgoIFjvW
z^~xHv{pM`lDG{fBOpiPR?d)$Zu7Y*ty+20|h=v=%3c>F{F|r@_%TAQ^!uok0c^1}3
z^}Q9{{T1C3P>Mh)2Bid)Qc(7QQU*#nD0@NK2g+wac?^_40%iYrMfZWlu4BD##RxjS
zM6&T^I`n}8QQk3G+>;BY=_RLie#Qc(+49q((i4)s8hjKRAJdGE4gR}Cn*3?0^o6Hx
zzD<xZYLVpy4;28`B)xQ882nDDv|-RvDm^s#uY072zH?J?<lwFDil6lKGb~9ksxX@n
zdX?hHe;XMIut_FJ@i&wMVL{;F1D=giyo%*ReSJJ3sCbHFx1d3`pdV0xX!_*yqRXJ#
zKXmPpJ2&eOiJjtd#0?bRhp;96gC|O*Z#;zfTE7UfsHfs5y_-PZ*bcHU56GKaK;|a<
zeR&C9Uh<#i#f#<p`pWlBmhW9D-**=v7~0=^D;QWxQG9}C<G+OH&+N+$gQ@X8I`jeX
zWt<`fps|#o1c8o+68FF}(h;VYg>KES^2?KPf#U5HNe2^(pXXBv(tO6k_{aIg)EY<g
zlpf_NLZEC(DoH8etUHio^+YwNbD<miu&|bq5;B&CcGVHhWI>@@*PWTo#RWeNsEnFu
zEw2Z{L?Y~<sNgLeS8H_`HmcR_aAq;^_TZdE`o-t}DIaErN>NOrdvrLDaPZk8>7Ss#
z$RoMOv#gNWn?YPRtj31b_^?_%tkw*xM~BtgVfEPEe8Yrwj_RKUsLcfT%X|tcf=N=Q
zI77#&zGZ?*P<ORG(&O9Gl`X~;*kEy~^b076DMvP>5JdSt!ErNd6q$rRw^Io=$&*w9
zc{f6&2o*!bLn?>BgYdgeB!jfDz=lGgvs3&wkrcvIT%bt;8rrEa2zHNfC5RA8>Djoz
zvy3Cjaez2>s(uJKgbMMru)fH%LM96)<3TsY)5`_zf0Sp?<`E8(<tR88x^-Q5MNXOq
z-~g;;ItbT5FktSTxZX`re2OM1Q-Wm*ta3!5RCM9pU3gCy-rI%W=)(KD@S9zDe-{o|
zsP}y%6@QZA31&!~ER+QN2E6spkOWi@DeUJ5|Mu1FnJID?vOy1$UqgBjDNG3|Y+NMR
zFDbL^b>zpbkD#yl!N4Brb9<rR0sm9{;4@{?zueagh&MsUFcl8WfBXkFe`@f{<<ied
zC}4Ud$8*KMhYLY5#Ym7+Er&xYf=*DR3h<VS;Aj;cUuI)$kYZH8Pmq0B9)!X&%}@w(
z;~&Y5XER{0gmnuM0|EQC7_cCU8Px)v5N_v`Ts(u^7KL$2P`T_2ci_<{E+6H02;TuP
zlG)G`=ld53kSCJyFuM#+B^m%#QJ^@s>WwIFDDHJ*-JcXt7lAD@VCDrHa5TXnNRJYQ
z`IRI>Vq9(w%RVuycgEmIcaH+4;@!#tC!b6RR1ii|#zWm$&z5x}l98U_7*cw*^8kvX
z50J-RZ~8$~Wt&W1dEs2`^^OM*9-yE+cpyhU+uYvPCTo_rcUCsFUX?XhUg~VR*7jQa
zC0S=>i%gCn-$%NTA~{m}nq1y-wc~ovqYP*59(;r~G-Iw8>-|juw{7#XDaHZE-TLWL
ze$pB)U}Z8N#obvV(9M)~uh8I4N?_tGG`B%v1t-p@ty~Ha2`XrfBPdp2&PARIQp+Gg
zgWDW%cWHx0x3j3KfGNmqkaoA}|7Ho~0Qv})-B{jl3)nV2lBcs4eg<dTKAD3=Atj3p
zkSD?N7#BJGXG;YcyO5~`_}ZC=;?cX{<!URXZ!EcxJ01D;d+6X+k{Ri}rNC|!jEhV_
zqFWDLiDcvkOxUh$!hX3$wmB19K{i#&K&k5JsJ<?1z9w&NZ#yTu+J3FGS$6e$cF=w?
z%da%GU9PNdyY{{79dblkSAVgpq2Xfnx2n%vIA2p=*Nydw(T?VE`{br@2Y~uE13FR&
z(6yFUd2RdU%dKsfABE$>D>dgY*4CdrTT^!y?ZIvqbWy(40f26922{{P*W|Cs+T^Xx
zP0&Y;*E%}dJLNl(p*a^l4qbHN{NGg9ov%4l1%1?u_5ZiC6Ts`=4DWaWe>HT<T4a}6
z+fZ3cBiP5zR{4(_I@>R`UXks@n1lFKZS||wwZ|L59-gZ?|Lulz^<S&0t-gUN3x#Td
z%m*Nq4?%)+0Z@G2Fngs*-gMz=(`DJ2_BMHE`;~%j%t3^KcA>HAZ1u%6^>ydZ)z|i6
zZ|=q&=<Y9h*<1vG-+T!80rFA-yftld+2yP+<=`{}J73k-@~W(}^-_UAKzHWK(_jfT
zb?2+kLLXlQPCj3K28P2;>{cOmDMVBN_pQyikL|#XX7V`?@W$r$j@^RcxeImQsH^{G
zU0$pg8_(1?RQF?V6+*nhhv@cqUI6*6-63ZX*S0q|U4iidLgP|v3rw}9D<Fz@3EwAx
zV?k7Wt>zV&V^y`ly-F0jT_|`9@GJm$do#d7vD+x?{6TB8tmbO_m0c(R-OQ3t0)UOx
z=U%NjQ+=_fvA$Mhfj2+pn@;%;PqemFws&5ZBQGCoZMoWXtm&G({j#j>7<ir9oZ!b!
z9&i4N?D*+ZN1HCm&=-%MJlXuh(bFxmlSi9QpFZ*8$rC4EZ2rpeZSPx|OF-^#??CS5
zc8SZp77r+L(p)3=MdTM>ed+JW++)xf5<A7^MI|%2`^24baG&_5M7&TOx>Mjn@kXCA
z-woo_(T}JgsSS<?H1`ROZsPvv#4>iD2n4YEnsF_z)nMf4G8I%Rhu|lk#GtcG`Vzbq
zROIdh<sU;JW2I7)<d5OUqN1MdcbPxj)NeeU^F_`@LkC~^zM!e-W+XXCr5}O*DT#E$
zS;&8sBkz<Ww*k<1{!cD0rrj<srvE<|7t?MRmm2s&^95AAi2T*DW4m5lcDtvDcAniZ
zljojt9o$L^-u=+6mp{Nty_;F-Pj@hVhBiO_VgI?8s~W{qv<@6U_2&RFWlnu~B7tLH
zQayO6MEcnmex=BTGHB$Y`NP-cPpoW~42hlM^1bi;57TUH&%@Mx1I?LM?p09ha~S2F
zq^<Payc@UC3;H>p@YrBK>i77=LC+dyqE~63XDx1uu(XRYuUnixdfBD|L(_hb1t((+
zM!Bcf18P4PFuLGS&Od93SQ)#+?Y6kQxW!<@-42J_?)TzT4%CVH=bSSxIM+IugCXN{
zTp$*l4yd(BU=RyvOwb4$oVBl7>4}uj!@!9mo8)T?F*_6ROh6lx!C7Y2?=X#-Voa1w
zb2C1#-RAQ$iGbP=h1hLIODYhzGt{iOE>tv3rrFejhD?LSCIgze_<|Y?R?nn-YF#pD
zbdLsS%@5mp?FtE=2aKYFFfwLHlA5U$8MjaSy>l3eTUejdgj;9;A`)8jMP|}gqa|YT
z*wntXYt<YvM6J_i%<PO}mNaTxw|MNd-)YvGBO$d}ZC>-oY-zLFHEMR6Ftd6F^Mln{
zrh(bWRMhIR$9$1VxY9HLx9azrX)BYU36DMPOLKE}gJs!<>8#GEd)hstb9ga>%WasO
zvoUU$-3?@}HM5Dq5~i2|_v-;b6uL=m9&@<tPA_IzbVjvcf9#7cCaVlwMtCi0xZT98
z9V2JWV+-rLsLwl<UWgeuQtgf`#Qf_%uRBQ?buqu!l=OprhX8{faqDL6)7-Qz!Wr$;
z?5ZuoYRzeO)H2PcLA{Eao$Q*~$r*qE2MSssfMwJ=&FSq<R%4xJHQ+gJNpnV9n#F8R
zj`w>R&Mz8eM{Q|t8p!mP2rvruo!k@{vu;jvQ<eyvm|e4gXJVaZaWjzFBb))~tARd>
z0Tf_j&S2G>fLpY*AMBgi=>i~Tv=*levpQC3zc;)JJOB(u;l63jPMa14J*hL9^gh9W
z>GVFUYm_(BM!}OZ;5t6yikYTXQVV02xL-Fn7LGXx+)h|x=Eb1SN*U+INK9CP+Nj18
zN{!JjwOKDj=aWlB*ty_{W0N6$*c#G>!(Lk;I_e(<-)T*TsB;asE}1kI!{iLLIEPb#
z`2@|aYg2OqjfZXN03Wv+>?W&zne>Eb4TjmpaeQS-ZR4kdsnBwA-fEhp6K38tvFfww
z)+Ph@{Zt&a5t`u4ij$wS8cA|oPueHa^W3^VH8DNIQ2GQjzc^(w#PJ|GHtt_t;iJqd
zA?R%>KWFqsbP+BY^CanImoQ08Bm=tSnsqYj;T;aUCBWGhP4huw)<ewj6Qh%9F3lPj
zrwEeu8iOfvC9UNw!o2aRiD=XkoiOTYQ^=Lpd((Cw!P)+o{}lUcRCBz$?(6>rKk`G4


From 53ddb5113e3be19c5818ef4df7500e0263f26987 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 8 Jul 2020 12:04:32 +0200
Subject: [PATCH 119/237] upgraded to DAPSv2

---
 idscp2/src/test/java/DapsDriverTest.java | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 6808ce21e..745d5c7b5 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -30,15 +30,15 @@ public void testValidToken() {
     assertNotEquals(token, "INVALID_TOKEN");
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setAuditLogging(2)
+        .setRequiredSecurityLevel("idsc:TRUST_SECURITY_PROFILE")
         .build();
 
     SecurityRequirements requirements2 = new SecurityRequirements.Builder()
-        .setAuditLogging(1)
+        .setRequiredSecurityLevel("idsc:BASE_SECURITY_PROFILE")
         .build();
 
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) >= 0);
-    assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements2) >= 0);
+    assertFalse(dapsDriver.verifyToken(token.getBytes(), requirements2) >= 0);
   }
 
   @Test

From 00eb2467117228721fb6ff3f79f8c785e6ad0d01 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 8 Jul 2020 12:04:32 +0200
Subject: [PATCH 120/237] upgraded to DAPSv2

---
 idscp2/src/test/java/DapsDriverTest.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 745d5c7b5..e0861325f 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -175,7 +175,7 @@ public void testInvalidAuditLogging() {
     assertNotEquals(token, "INVALID_TOKEN");
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setAuditLogging(3) //token has supports only audit_logging 2
+        .setRequiredSecurityLevel("\"idsc:TRUST+_SECURITY_PROFILE\"")() //token has supports only audit_logging 2
         .build();
 
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) < 0);
@@ -201,7 +201,7 @@ public static void main(String[] args) {
     System.out.println(token);
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setAuditLogging(2)
+        .setRequiredSecurityLevel("idsc:TRUST_SECURITY_PROFILE")
         .build();
 
     long ret;

From 9e617131f662b94cc7af19dd8f9518563e8bd3db Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 8 Jul 2020 12:04:32 +0200
Subject: [PATCH 121/237] upgraded to DAPSv2

---
 idscp2/src/test/java/DapsDriverTest.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index e0861325f..72b9f598b 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -175,7 +175,7 @@ public void testInvalidAuditLogging() {
     assertNotEquals(token, "INVALID_TOKEN");
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("\"idsc:TRUST+_SECURITY_PROFILE\"")() //token has supports only audit_logging 2
+        .setRequiredSecurityLevel("idsc:TRUST+_SECURITY_PROFILE")
         .build();
 
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) < 0);

From be1cbb9dbf58598161b41a9d50fe3d3972d6bb42 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Thu, 9 Jul 2020 10:02:00 +0200
Subject: [PATCH 122/237] Synched with info model

---
 .../ids/tokenmanager/TokenManagerService.java | 24 +++++++++----------
 .../connection-configuration/configuration.ts |  2 +-
 .../connection-configuration.component.html   |  6 ++---
 .../daps/DefaultDapsDriver.java               | 18 +++++++-------
 idscp2/src/test/java/DapsDriverTest.java      |  8 +++----
 5 files changed, 29 insertions(+), 29 deletions(-)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index a61a9c380..7a0de99f3 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -330,19 +330,19 @@ public void validateDATSecurityAttributes(Map<String, Object> claims, Connection
       //FIXME: Validate security profile the proper way
 
       ArrayList<String> validTrustProfiles=new ArrayList<String>();
-      validTrustProfiles.add("idsc:TRUST_SECURITY_PROFILE");
-      validTrustProfiles.add("idsc:BASE_SECURITY_PROFILE");
-      validTrustProfiles.add("idsc:TRUST+_SECURITY_PROFILE");
+      validTrustProfiles.add("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE");
+      validTrustProfiles.add("idsc:BASE_CONNECTOR_SECURITY_PROFILE");
+      validTrustProfiles.add("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE");
 
       if (!validTrustProfiles.contains(securityProfile)) {
         throw new DatException("Client does not support valid trust profile.");
       }
       //TODO Check for trust profile
 
-      if(connectionSettings.getRequiredSecurityProfile().equals("idsc:BASE_SECURITY_PROFILE")) {
-        if (!securityProfile.equals("idsc:BASE_SECURITY_PROFILE")
-            && !securityProfile.equals("idsc:TRUST_SECURITY_PROFILE")
-            && !securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+      if(connectionSettings.getRequiredSecurityProfile().equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")) {
+        if (!securityProfile.equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")
+            && !securityProfile.equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
+            && !securityProfile.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
 
           throw new DatException(
               "Client does not support required trust profile: Required: "
@@ -350,17 +350,17 @@ public void validateDATSecurityAttributes(Map<String, Object> claims, Connection
                   + " given: "
                   + securityProfile);
         }
-      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUST_SECURITY_PROFILE")) {
-        if (!securityProfile.equals("idsc:TRUST_SECURITY_PROFILE") &&
-            !securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) {
+        if (!securityProfile.equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE") &&
+            !securityProfile.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
           throw new DatException(
               "Client does not support required trust profile: Required: "
                   + connectionSettings.getRequiredSecurityProfile()
                   + " given: "
                   + securityProfile);
         }
-      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUST+_SECURITY_PROFILE")) {
-          if (!securityProfile.equals("idsc:TRUST+_SECURITY_PROFILE")) {
+      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
+          if (!securityProfile.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
             throw new DatException(
                 "Client does not support required trust profile: Required: "
                     + connectionSettings.getRequiredSecurityProfile()
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
index 68b8ae162..731992e41 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/configuration.ts
@@ -11,7 +11,7 @@ export class Configuration {
             this.settings = settings;
         } else {
             this.settings = {
-                securityProfile: 'idsc:BASE_SECURITY_PROFILE'
+                securityProfile: 'idsc:BASE_CONNECTOR_SECURITY_PROFILE'
             };
         }
     }
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
index e2886832b..237d95f37 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.html
@@ -56,17 +56,17 @@ <h5>Required Security Profile</h5>
                     <input class="switch-button" type="radio" id="switch_2_left"
                            [(ngModel)]="model.settings.securityProfile"
                            name="securityProfile"
-                           [value]="'idsc:BASE_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:BASE_SECURITY_PROFILE'"/>
+                           [value]="'idsc:BASE_CONNECTOR_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:BASE_CONNECTOR_SECURITY_PROFILE'"/>
                     <label class="labelSmall" for="switch_2_left">Base Profile</label>
                     <input class="switch-button" type="radio" id="switch_2_center"
                            [(ngModel)]="model.settings.securityProfile"
                            name="securityProfile"
-                           [value]="'idsc:TRUST_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUST_SECURITY_PROFILE'"/>
+                           [value]="'idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE'"/>
                     <label class="labelWide" for="switch_2_center">Trust Profile</label>
                     <input class="switch-button" type="radio" id="switch_2_right"
                            [(ngModel)]="model.settings.securityProfile"
                            name="securityProfile"
-                           [value]="'idsc:TRUST+_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUST+_SECURITY_PROFILE'"/>
+                           [value]="'idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE'" [checked]="model.settings.securityProfile === 'idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE'"/>
                     <label class="labelWide" for="switch_2_right">Trust+ Profile</label>
                   </div>
                 </form>
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 836d4ddcf..639a74488 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -261,10 +261,10 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                 //toDo add further security attribute validation
 
 
-                if(secRequirements.getRequiredSecurityLevel().equals("idsc:BASE_SECURITY_PROFILE")) {
-                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:BASE_SECURITY_PROFILE") ||
-                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE") ||
-                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                if(secRequirements.getRequiredSecurityLevel().equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
                         LOG.info("DAT is valid and secure");
                         return validityTime;
                     } else {
@@ -273,9 +273,9 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                         }
                         return -1;
                     }
-                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE")) {
-                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST_SECURITY_PROFILE") ||
-                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE") ||
+                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
                         LOG.info("DAT is valid and secure");
                         return validityTime;
                     } else {
@@ -284,8 +284,8 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                         }
                         return -1;
                     }
-                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
-                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUST+_SECURITY_PROFILE")) {
+                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
+                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
                         LOG.info("DAT is valid and secure");
                         return validityTime;
                     } else {
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 72b9f598b..27e88d723 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -30,11 +30,11 @@ public void testValidToken() {
     assertNotEquals(token, "INVALID_TOKEN");
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:TRUST_SECURITY_PROFILE")
+        .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
         .build();
 
     SecurityRequirements requirements2 = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:BASE_SECURITY_PROFILE")
+        .setRequiredSecurityLevel("idsc:BASE_CONNECTOR_SECURITY_PROFILE")
         .build();
 
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) >= 0);
@@ -175,7 +175,7 @@ public void testInvalidAuditLogging() {
     assertNotEquals(token, "INVALID_TOKEN");
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:TRUST+_SECURITY_PROFILE")
+        .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")
         .build();
 
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) < 0);
@@ -201,7 +201,7 @@ public static void main(String[] args) {
     System.out.println(token);
 
     SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:TRUST_SECURITY_PROFILE")
+        .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
         .build();
 
     long ret;

From 5064bd311557a7e809af88ad35616e47836c1e85 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Thu, 9 Jul 2020 12:12:21 +0200
Subject: [PATCH 123/237] Fixed audience

---
 .../java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java | 2 +-
 .../drivers/default_driver_impl/daps/DefaultDapsDriver.java     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index 7a0de99f3..d940af467 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -102,7 +102,7 @@ public Map<String, Object> acquireToken(
       String connectorUUID) {
 
     String dynamicAttributeToken = "INVALID_TOKEN";
-    String targetAudience = "IDS_Connector";
+    String targetAudience = "idsc:IDS_CONNECTORS_ALL";
 
     Map<String, Object> jwtClaims = null;
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 639a74488..820e6700f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -46,7 +46,7 @@ public class DefaultDapsDriver implements DapsDriver {
     private final Key privateKey; //private key can be reused
     private final String connectorUUID;
     private final String dapsUrl;
-    private final String targetAudience = "IDS_Connector";
+    private final String targetAudience = "idsc:IDS_CONNECTORS_ALL";
 
     public DefaultDapsDriver(DefaultDapsDriverConfig config) {
 

From ca7debb04e4bfcbb31a405cf977ab5e0988b8fde Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Tue, 14 Jul 2020 15:26:01 +0200
Subject: [PATCH 124/237] Automatically generate connector uuid (client id)
 from AKI and SKI. Remove connector uuid from db and configuration options
 since obsolete.

---
 .../idscp2/client/Idscp2ClientEndpoint.kt     |   1 -
 .../camel/idscp2/server/CamelIdscp2Server.kt  |   1 -
 .../ids/api/settings/ConnectorConfig.java     |   7 +-
 .../aisec/ids/api/tokenm/TokenManager.java    |   3 +-
 ids-token-manager/build.gradle                |   1 +
 .../ids/tokenmanager/TokenManagerService.java |  93 ++++++++++++++---
 .../aisec/ids/webconsole/api/ConfigApi.java   |   3 +-
 .../www/src/app/ids/ids.component.html        |   7 --
 .../www/src/app/ids/ids.component.ts          |   3 +-
 .../www/src/app/ids/settings.interface.ts     |   1 -
 .../daps/DefaultDapsDriver.java               |  97 +++++++++++++++++-
 .../daps/DefaultDapsDriverConfig.java         |  12 ---
 .../keystores/PreConfiguration.java           |  34 ++++++
 .../idscp2/example/Idscp2ClientInitiator.java |   1 -
 .../idscp2/example/Idscp2ServerInitiator.java |   1 -
 idscp2/src/test/java/DapsDriverTest.java      |  16 +--
 .../src/main/resources/etc/settings.mapdb     | Bin 2097152 -> 2097152 bytes
 libraryVersions.yaml                          |   1 +
 18 files changed, 218 insertions(+), 64 deletions(-)

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 675a44fc3..7a212bb69 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -121,7 +121,6 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         }
         clientSettings = clientSettingsBuilder.build()
         dapsDriverConfig = DefaultDapsDriverConfig.Builder()
-                .setConnectorUUID(settings.connectorConfig.connectorUUID)
                 .setDapsUrl(settings.connectorConfig.dapsUrl)
                 .setKeyAlias(clientSettings.dapsKeyAlias)
                 .setKeyStorePath(clientSettings.keyStorePath)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index b14e51298..ccd159c5b 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -33,7 +33,6 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
 
     init {
         val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
-                .setConnectorUUID(Idscp2OsgiComponent.getSettings().connectorConfig.connectorUUID)
                 .setDapsUrl(Idscp2OsgiComponent.getSettings().connectorConfig.dapsUrl)
                 .setKeyAlias(serverSettings.dapsKeyAlias)
                 .setKeyStorePath(serverSettings.keyStorePath)
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
index a373bc7c8..18b754efb 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
@@ -37,7 +37,6 @@ public final class ConnectorConfig implements Serializable {
   private final String keystorePassword;
   private final String keystoreAliasName;
   private final String truststoreName;
-  private final String connectorUUID;
 
   public ConnectorConfig() {
     appstoreUrl =
@@ -49,12 +48,11 @@ public ConnectorConfig() {
     acmeDnsWebcon = "";
     acmePortWebcon = 80;
     tosAcceptWebcon = false;
-    dapsUrl = "http://daps.aisec.fraunhofer.de/token";
+    dapsUrl = "https://daps.aisec.fraunhofer.de";
     keystoreName = "client-keystore.jks";
     keystorePassword = "password";
     keystoreAliasName = "1";
     truststoreName = "client-truststore.jks";
-    connectorUUID = "00c6155a-966d-4d2c-af6e-60f997e24da2";
   }
 
   public String getAppstoreUrl() {
@@ -109,7 +107,4 @@ public String getTruststoreName() {
     return truststoreName;
   }
 
-  public String getConnectorUUID() {
-    return connectorUUID;
-  }
 }
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
index 5c3d45c0d..abf1a6a3c 100755
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
@@ -40,8 +40,7 @@ Map<String, Object> acquireToken(
       String keyStoreName,
       String keyStorePassword,
       String keystoreAliasName,
-      String trustStoreName,
-      String connectorUUID);
+      String trustStoreName);
 
   Map<String, Object> verifyJWT(
       String dynamicAttributeToken,
diff --git a/ids-token-manager/build.gradle b/ids-token-manager/build.gradle
index dfcd54352..2b852b204 100755
--- a/ids-token-manager/build.gradle
+++ b/ids-token-manager/build.gradle
@@ -10,6 +10,7 @@ dependencies {
     providedByBundle group: 'com.squareup.okio', name: 'okio', version: libraryVersions.okio
     providedByBundle group: 'org.bitbucket.b_c', name: 'jose4j', version: libraryVersions.jose4j
     providedByBundle group: 'org.json', name: 'json', version: libraryVersions.orgJson
+    providedByBundle group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: libraryVersions.bouncycastle
 
     testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
     testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index d940af467..183255e00 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -29,6 +29,11 @@
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import okhttp3.*;
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.DEROctetString;
+import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
+import org.bouncycastle.asn1.x509.Extension;
+import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
 import org.jose4j.http.Get;
 import org.jose4j.jwk.HttpsJwks;
 import org.jose4j.jws.AlgorithmIdentifiers;
@@ -82,14 +87,12 @@ public class TokenManagerService implements TokenManager {
    * (DAPS)
    *
    * @param targetDirectory   The directory the keystore resides in
-   * @param dapsUrl           The token aquiry URL (e.g., http://daps.aisec.fraunhofer.de/token
+   * @param dapsUrl           The token aquiry URL (e.g., http://daps.aisec.fraunhofer.de
    * @param keyStoreName      Name of the keystore file (e.g., server-keystore.jks)
    * @param keyStorePassword  Password of keystore
    * @param keystoreAliasName Alias of the connector's key entry. For default keystores with only
    *                          one entry, this is '1'
    * @param trustStoreName    Name of the truststore file
-   * @param connectorUUID     The UUID used to register the connector at the DAPS. Should be replaced by
-   *                          working code that does this automatically
    */
   @Override
   public Map<String, Object> acquireToken(
@@ -98,8 +101,7 @@ public Map<String, Object> acquireToken(
       String keyStoreName,
       String keyStorePassword,
       String keystoreAliasName,
-      String trustStoreName,
-      String connectorUUID) {
+      String trustStoreName) {
 
     String dynamicAttributeToken = "INVALID_TOKEN";
     String targetAudience = "idsc:IDS_CONNECTORS_ALL";
@@ -151,13 +153,26 @@ public Map<String, Object> acquireToken(
         throw new RuntimeException(e);
       }
 
-      LOG.info("\tCertificate Subject: " + cert.getSubjectDN());
+      // Get AKI
       //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
-      String authorityKeyIndentifier = new String (cert.getExtensionValue("2.5.29.35"));
-      String subjectKeyIdenfier = new String (cert.getExtensionValue("2.5.29.14"));
-      LOG.info("AKI: " + authorityKeyIndentifier);
-      LOG.info("SKI: " + subjectKeyIdenfier);
-      //connectorUUID = subjectKeyIdenfier + ":" + authorityKeyIndentifier.substring(0, authorityKeyIndentifier.length() - 1);
+      String aki_oid = Extension.authorityKeyIdentifier.getId();
+      byte[] rawAuthorityKeyIdentifier = cert.getExtensionValue(aki_oid);
+      ASN1OctetString akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIdentifier);
+      AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(akiOc.getOctets());
+      byte[] authorityKeyIdentifier = aki.getKeyIdentifier();
+
+      //GET SKI
+      String ski_oid = Extension.subjectKeyIdentifier.getId();
+      byte[] rawSubjectKeyIdentifier = cert.getExtensionValue(ski_oid);
+      ASN1OctetString ski0c = ASN1OctetString.getInstance(rawSubjectKeyIdentifier);
+      SubjectKeyIdentifier ski = SubjectKeyIdentifier.getInstance(ski0c.getOctets());
+      byte[] subjectKeyIdentifier = ski.getKeyIdentifier();
+
+      String aki_result = beatifyHex(encodeHexString(authorityKeyIdentifier).toUpperCase());
+      String ski_result = beatifyHex(encodeHexString(subjectKeyIdentifier).toUpperCase());
+
+      String connectorUUID = ski_result + "keyid:" + aki_result.substring(0, aki_result.length() - 1);
+
       LOG.info("ConnectorUUID: " + connectorUUID);
       LOG.info("Retrieving Dynamic Attribute Token...");
 
@@ -381,6 +396,59 @@ public void validateDATSecurityAttributes(Map<String, Object> claims, Connection
     }
   }
 
+  /***
+   * Split string ever len chars and return string array
+   * @param src
+   * @param len
+   * @return
+   */
+  public static String[] split(String src, int len) {
+    String[] result = new String[(int)Math.ceil((double)src.length()/(double)len)];
+    for (int i=0; i<result.length; i++)
+      result[i] = src.substring(i*len, Math.min(src.length(), (i+1)*len));
+    return result;
+  }
+
+  /***
+   * Beautyfies Hex strings and will generate a result later used to create the client id (XX:YY:ZZ)
+   * @param hexString HexString to be beautified
+   * @return beautifiedHex result
+   */
+  private String beatifyHex(String hexString) {
+    String[] splitString = split(hexString, 2);
+    StringBuffer sb = new StringBuffer();
+    for(int i =0; i < splitString.length; i++) {
+      sb.append(splitString[i]);
+      sb.append(":");
+    }
+    return sb.toString();
+  }
+
+  /**
+   * Convert byte array to hex without any dependencies to libraries.
+   * @param num
+   * @return
+   */
+  private String byteToHex(byte num) {
+    char[] hexDigits = new char[2];
+    hexDigits[0] = Character.forDigit((num >> 4) & 0xF, 16);
+    hexDigits[1] = Character.forDigit((num & 0xF), 16);
+    return new String(hexDigits);
+  }
+
+  /**
+   * Encode a byte array to an hex string
+   * @param byteArray
+   * @return
+   */
+  private String encodeHexString(byte[] byteArray) {
+    StringBuffer hexStringBuffer = new StringBuffer();
+    for (int i = 0; i < byteArray.length; i++) {
+      hexStringBuffer.append(byteToHex(byteArray[i]));
+    }
+    return hexStringBuffer.toString();
+  }
+
   @Activate
   public void run() {
     LOG.info("Token renewal triggered.");
@@ -392,8 +460,7 @@ public void run() {
           config.getKeystoreName(),
           config.getKeystorePassword(),
           config.getKeystoreAliasName(),
-          config.getTruststoreName(),
-          config.getConnectorUUID());
+          config.getTruststoreName());
 
     } catch (Exception e) {
       LOG.error("Token renewal failed", e);
diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
index 40cdbc205..6fad55564 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
@@ -106,8 +106,7 @@ public String set(ConnectorConfig config) {
           config.getKeystoreName(),
           config.getKeystorePassword(),
           config.getKeystoreAliasName(),
-          config.getTruststoreName(),
-          config.getConnectorUUID());
+          config.getTruststoreName());
     } catch (Exception e) {
       e.printStackTrace();
     }
diff --git a/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.html b/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.html
index 1650937a8..dfd31343f 100644
--- a/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.html
+++ b/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.html
@@ -116,13 +116,6 @@ <h2 class="mdl-card__title-text">Settings</h2>
           <span class="mdl-textfield__error"> Valid truststore name required </span>
         </div>
 
-        <div mdl-textfield class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label has-placeholder mdl-cell--12-col form-group">
-          <input class="mdl-textfield__input" id="connectorUUID"	type="string" formControlName="connectorUUID"
-                 required minlength="1">
-          <label class="mdl-textfield__label" for="connectorUUID">Connector UUID</label>
-          <span class="mdl-textfield__error"> Valid UUID required </span>
-        </div>
-
         <div class="mdl-cell--12-col">
 					<button type="submit" class="mdl-button mdl-js-button mdl-button--raised" [ngClass]="{'mdl-button--colored': !saved}">
 						Save Settings
diff --git a/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.ts b/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.ts
index 3d58e8bbd..69a9dfb5e 100644
--- a/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/ids/ids.component.ts
@@ -56,8 +56,7 @@ export class IdsComponent implements OnInit {
                     keystoreName: response.keystoreName,
                     keystorePassword: response.keystorePassword,
                     keystoreAliasName: response.keystoreAliasName,
-                    truststoreName: response.truststoreName,
-                    connectorUUID: response.connectorUUID
+                    truststoreName: response.truststoreName
 
                 });
                 this.subscribeToFormChanges();
diff --git a/ids-webconsole/src/main/resources/www/src/app/ids/settings.interface.ts b/ids-webconsole/src/main/resources/www/src/app/ids/settings.interface.ts
index c7523aa5d..20a88109c 100644
--- a/ids-webconsole/src/main/resources/www/src/app/ids/settings.interface.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/ids/settings.interface.ts
@@ -12,6 +12,5 @@ export interface Settings {
   keystorePassword: string;
   keystoreAliasName: string;
   truststoreName: string;
-  connectorUUID: string;
 
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 820e6700f..8b95dd922 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -17,6 +17,11 @@
 import org.jose4j.jwt.consumer.JwtConsumer;
 import org.jose4j.jwt.consumer.JwtConsumerBuilder;
 import org.jose4j.keys.resolvers.HttpsJwksVerificationKeyResolver;
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.DEROctetString;
+import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
+import org.bouncycastle.asn1.x509.Extension;
+import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
 import org.json.JSONObject;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -29,6 +34,7 @@
 import java.security.Key;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
 import java.time.Instant;
 import java.util.Date;
 import java.util.concurrent.TimeUnit;
@@ -37,6 +43,7 @@
  * Default DAPS Driver Implementation for requesting valid dynamicAttributeToken and verifying DAT
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ * @author Gerd Brost (gerd.brost@aisec.fraunhofer.de)
  */
 public class DefaultDapsDriver implements DapsDriver {
     private static final Logger LOG = LoggerFactory.getLogger(DefaultDapsDriver.class);
@@ -44,13 +51,11 @@ public class DefaultDapsDriver implements DapsDriver {
     private final SSLSocketFactory sslSocketFactory; //ssl socket factory can be reused
     private final X509ExtendedTrustManager trustManager; //trust manager can be reused
     private final Key privateKey; //private key can be reused
-    private final String connectorUUID;
     private final String dapsUrl;
     private final String targetAudience = "idsc:IDS_CONNECTORS_ALL";
+    private final X509Certificate cert;
 
     public DefaultDapsDriver(DefaultDapsDriverConfig config) {
-
-        this.connectorUUID = config.getConnectorUUID();
         this.dapsUrl = config.getDapsUrl();
 
         //create ssl socket factory for secure
@@ -60,6 +65,11 @@ public DefaultDapsDriver(DefaultDapsDriverConfig config) {
                 config.getKeyAlias()
         );
 
+        cert = PreConfiguration.getCertificate(
+            config.getKeyStorePath(),
+            config.getKeyStorePassword(),
+            config.getKeyAlias());
+
         TrustManager[] trustManagers = PreConfiguration.getX509ExtTrustManager(
                 config.getTrustStorePath(),
                 config.getTrustStorePassword()
@@ -89,6 +99,34 @@ public byte[] getToken() {
 
         LOG.info("Retrieving Dynamic Attribute Token from Daps ...");
 
+        //Create connectorUUID
+        // Get AKI
+        //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
+        String aki_oid = Extension.authorityKeyIdentifier.getId();
+        byte[] rawAuthorityKeyIndentifier = cert.getExtensionValue(aki_oid);
+        ASN1OctetString akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIndentifier);
+        AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(akiOc.getOctets());
+        byte[] authorityKeyIndentifier = aki.getKeyIdentifier();
+
+        //GET SKI
+        byte[] octets = DEROctetString.getInstance(rawAuthorityKeyIndentifier).getOctets();
+        AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(octets);
+        byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier();
+        String ski_oid = Extension.subjectKeyIdentifier.getId();
+        byte[] rawSubjectKeyIdenfier = cert.getExtensionValue(ski_oid);
+        ASN1OctetString ski0c = ASN1OctetString.getInstance(rawSubjectKeyIdenfier);
+        SubjectKeyIdentifier ski = SubjectKeyIdentifier.getInstance(ski0c.getOctets());
+
+        byte[] subjectKeyIdentifier = ski.getKeyIdentifier();
+
+        DEROctetString dos = new DEROctetString(authorityKeyIndentifier);
+        String aki_result = beatifyHex(encodeHexString(authorityKeyIndentifier).toUpperCase());
+        String ski_result = beatifyHex(encodeHexString(subjectKeyIdentifier).toUpperCase());
+        LOG.info("AKI: " + aki_result);
+        LOG.info("SKI: " + ski_result);
+
+        String connectorUUID = ski_result + "keyid:" + aki_result.substring(0, aki_result.length() - 1);
+
         //create signed JWT
         String jwt =
                 Jwts.builder()
@@ -329,4 +367,57 @@ private SecurityRequirements parseSecurityRequirements(String dynamicAttrToken)
                 .setRequiredSecurityLevel(asJson.getString("securityProfile"))
                 .build();
     }
+
+    /***
+     * Split string ever len chars and return string array
+     * @param src
+     * @param len
+     * @return
+     */
+    public static String[] split(String src, int len) {
+        String[] result = new String[(int)Math.ceil((double)src.length()/(double)len)];
+        for (int i=0; i<result.length; i++)
+            result[i] = src.substring(i*len, Math.min(src.length(), (i+1)*len));
+        return result;
+    }
+
+    /***
+     * Beautyfies Hex strings and will generate a result later used to create the client id (XX:YY:ZZ)
+     * @param hexString HexString to be beautified
+     * @return beautifiedHex result
+     */
+    private String beatifyHex(String hexString) {
+        String[] splitString = split(hexString, 2);
+        StringBuffer sb = new StringBuffer();
+        for(int i =0; i < splitString.length; i++) {
+            sb.append(splitString[i]);
+            sb.append(":");
+        }
+        return sb.toString();
+    }
+
+    /**
+     * Convert byte array to hex without any dependencies to libraries.
+     * @param num
+     * @return
+     */
+    private String byteToHex(byte num) {
+        char[] hexDigits = new char[2];
+        hexDigits[0] = Character.forDigit((num >> 4) & 0xF, 16);
+        hexDigits[1] = Character.forDigit((num & 0xF), 16);
+        return new String(hexDigits);
+    }
+
+    /**
+     * Encode a byte array to an hex string
+     * @param byteArray
+     * @return
+     */
+    private String encodeHexString(byte[] byteArray) {
+        StringBuffer hexStringBuffer = new StringBuffer();
+        for (int i = 0; i < byteArray.length; i++) {
+            hexStringBuffer.append(byteToHex(byteArray[i]));
+        }
+        return hexStringBuffer.toString();
+    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
index 64f171996..987a31b13 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
@@ -21,8 +21,6 @@ public class DefaultDapsDriverConfig {
     private String trustStorePath = "";
     @NonNull
     private String trustStorePassword = "password";
-    @NonNull
-    private String connectorUUID = "";
 
     public static class Builder {
         @NonNull
@@ -64,12 +62,6 @@ public Builder setTrustStorePassword(String password) {
             return this;
         }
 
-        @NonNull
-        public Builder setConnectorUUID(String uuid) {
-            this.config.connectorUUID = uuid;
-            return this;
-        }
-
         @NonNull
         public DefaultDapsDriverConfig build() {
             return config;
@@ -106,8 +98,4 @@ public String getTrustStorePassword() {
         return trustStorePassword;
     }
 
-    @NonNull
-    public String getConnectorUUID() {
-        return connectorUUID;
-    }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index 5c334dadc..bf31564c4 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -131,6 +131,40 @@ public static Key getKey(
         }
     }
 
+    /*
+     * Get the certificate from the key store
+     *
+     * throws RuntimeException if key is not available or key access was not permitted
+     */
+    public static X509Certificate getCertificate(
+        String keyStorePath,
+        String keyStorePassword,
+        String keyAlias
+    ) {
+        try (
+            InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath))
+        ) {
+            /* create KeyManager for remote authentication */
+            KeyStore keystore = KeyStore.getInstance("JKS");
+
+            //load keystore
+            keystore.load(jksKeyStoreIn, keyStorePassword.toCharArray());
+
+            // get private key
+            X509Certificate cert = (X509Certificate) keystore.getCertificate(keyAlias);
+            Key key = keystore.getKey(keyAlias, keyStorePassword.toCharArray());
+            if (cert == null) {
+                throw new RuntimeException("No cert was found in keystore for given alias");
+            } else {
+                return cert;
+            }
+
+        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException
+            | UnrecoverableKeyException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
     /*
      * This method can be used for filtering certificates in the trust store
      * to avoid expired certificates
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
index 109444db7..dafb8d77c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
@@ -32,7 +32,6 @@ public void init(Idscp2Settings settings) {
 
         DefaultDapsDriverConfig config =
                 new DefaultDapsDriverConfig.Builder()
-                        .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
                         .setKeyStorePath(settings.getKeyStorePath())
                         .setTrustStorePath(settings.getTrustStorePath())
                         .setKeyStorePassword(settings.getKeyStorePassword())
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
index 4993ea47f..52795c060 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
@@ -32,7 +32,6 @@ public void init(Idscp2Settings settings) {
 
         DefaultDapsDriverConfig config =
                 new DefaultDapsDriverConfig.Builder()
-                        .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
                         .setKeyStorePath(settings.getKeyStorePath())
                         .setTrustStorePath(settings.getTrustStorePath())
                         .setKeyStorePassword(settings.getKeyStorePassword())
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 27e88d723..7f67a987d 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -14,7 +14,6 @@ public class DapsDriverTest {
   public void testValidToken() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -40,12 +39,11 @@ public void testValidToken() {
     assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) >= 0);
     assertFalse(dapsDriver.verifyToken(token.getBytes(), requirements2) >= 0);
   }
-
+  /****
   @Test
   public void testInvalidClient() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("INVALID_CLIENT")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -60,12 +58,12 @@ public void testInvalidClient() {
     String token = new String(dapsDriver.getToken());
     assertEquals(token, "INVALID_TOKEN");
   }
+   **/
 
   @Test
   public void testInvalidUrlNonSecure() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -73,7 +71,7 @@ public void testInvalidUrlNonSecure() {
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
-            .setDapsUrl("http://daps.aisec.fraunhofer.de")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
             .build();
 
     DapsDriver dapsDriver = new DefaultDapsDriver(config);
@@ -85,7 +83,6 @@ public void testInvalidUrlNonSecure() {
   public void testInvalidUrl404() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -93,7 +90,7 @@ public void testInvalidUrl404() {
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de/token")
+            .setDapsUrl("https://daps.aisec.fraunhofer.de")
             .build();
 
     DapsDriver dapsDriver = new DefaultDapsDriver(config);
@@ -105,7 +102,6 @@ public void testInvalidUrl404() {
   public void testInvalidPassword1() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -123,7 +119,6 @@ public void testInvalidPassword1() {
   public void testInvalidPassword2() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -141,7 +136,6 @@ public void testInvalidPassword2() {
   public void testInvalidKeyAlias() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -159,7 +153,6 @@ public void testInvalidKeyAlias() {
   public void testInvalidAuditLogging() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
@@ -185,7 +178,6 @@ public static void main(String[] args) {
     //get token
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
-            .setConnectorUUID("edc5d7b3-a398-48f0-abb0-3751530c4fed")
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
                 getResource("ssl/aisecconnector1-keystore.jks").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
diff --git a/karaf-assembly/src/main/resources/etc/settings.mapdb b/karaf-assembly/src/main/resources/etc/settings.mapdb
index ad8f1bf13b1dfa14f3c2c16162b97dee06a38310..3594cd79886fc931840555633497eb44e742c63f 100644
GIT binary patch
delta 2358
zcmbtWOK;=W6_)IIcqT6eMVrN-MU1T4O<Uv#wB2=?B8%>d{DEw`=`NCH5R8*1Knx>r
z&?c?ZLD3el9g=z{$ikvTiIhl*6vY=%7!-MB@lErg2Uoq6l_o)ypg;wD`gqUz&bjBF
za|y6eC}ax|?|uKlpMRid(qHa-zg=@C6R-Kj-r>=H@r8TY%u}iN*&iRi@~gYgr;odj
z4^J-cuC03pdU7ZKyv}YyGq*lW759$*Q21r`)uVdh*RS1rv<`1(9;AHhrJaAKe0w+Z
zT*{f>L!`WO!+V?c-owrMXv0r7jBOa-F!yM`_;|mVh1h}Eg}4QA8{!VcU5Gu1dl2^_
zo`QH9;u(l%|FK_uE?;>q_nYi}3@w)$b*zSzYM*6uqwMZpc3wN&&3&BBzI*)g?Og5n
z{+-<CKYX{a|4MP^;Y-=i9v!?liy}Y#^pj6Q&jIIgU?2bcPVRU4qpz7KfoFl>@xjR#
zR$cYObJYlec0LW%*qwP(5S;7a;0^SxgCos0fE%4zU=>DQ0M1P-eEUsb4a0>O=zlzT
zf8&pWIE?<Qc<12oi|nEI46G#pzIXEvC-|@9#a{01`zNr=nau89CY|d0`IC<{&vk(o
z8J>F?f+#ZFtMCc5X``7jjf$m@xBFu^0s#j!Lk|ldZj<OnaFe0-_ib*l^o;=E`2eU9
zU}F%2Lb~fWD%t4PGM?`jk-vSrsso~%Oef!|S*O_)mH+y=Z+08|`u|eYjclE5YX@d(
zI2!?=zlEYz1gTa^$Txera}^#_+1yWl{-<pv+h7jtuvk9b;yiw^llxKrFIzlM0?&(X
zMstjnPO<VSRyoD0r&#S2tDj<x(-QK*wy<dBgU4N1G_Cr7-6oi;b___@HeB%LRJB9!
zLFHlYr(b<%j^R6V{pA&VXMM#E?iIj_LV$E(3=FC#psdlysX!IkbZsf3GSkH+LK+K0
z7MCt*ddAqMR}3#3Q}!H&CW^?QnqwnCXs#xh;!ir`G}KqRj5)BmksvT*31tWt6-Fb0
zQzW!G;t_@7+he1j$Eg+E!`58NpE!DJf>mOe5Sf(7G>NBoxy8V!&t=h0H!{ECU-li&
zo{06d-V42JFO(5kB^}$+62C1=94kw9IKc=jt)1;K^NGvZpu0ZTI<J;^^L)RgCGfEE
zq(r%W3<hKExr{Ypy(5(MF8$>*Ub)twebQMs2+<rO)=JH}=5j4Xq7V&bJeem^#(+hb
zS4-J!CxZ@SG9rt~$#_AVgf(c<2+dmvldvmB<P3$U^A*~>!f1?MDh`{_*tksdBtm0t
zM1iMcS}?8Iv<4#Q$mT_Q(gYT_P$b$I*rB0{Tp}kv#SzSuMH&O%5?VsLF_I8sED#jM
z+QOI<pl`gSNgD}Chd>p4(<O|qj>dV8mk?&iTNOATZaB6#V%RcOVv=;+YL`Q_E?w=f
z8kQ_IlfFav8YY;1M_I{|5UZVrqex_|z`3Ud>f(BIZLa0FSkv!tEpNe^UWHD)GSl)B
z$P1eHmNf4ZY~J)xD5yY3it?c4;~ejm1}(1y?I@G@9X9b0miGfivVCQp)GM=z--14z
zF=5hF&-+anv!WBf$(ZTJ-jac~H76cQLmy}Q1k__tkH8|}zCMv3;3RBI#ZchfXnqWf
z&=T6bsL=SrP^8%cb^s<yXGX(OSPOXRZ5{0r)9LkWq(m|&MCLf2V;6H>WhX#c1p1=2
zity_OLF!Yii-Fl{g{aDvfLUG`i?yaTTt$8)+f5CiSbn_d4W!1XDOLOhW-Gz6IuD&N
z;)f2=38XWVuHtyf3yeB77z#r_>CHRWtE<^iYSrc*!6kGp7CCgGP?w31p+m%JoncqH
zM)oeR9ihZ|^mJ4;Nxn1&X4&b8V&YP6WR-hiDd|_xFb{eiy?K4fHt?97nm$vzX3rG4
z6*@J_VX#ZB%`Kx~+6z?^^X;X@O*?19Snbv7HSw%oX@@ppQDiN)8c8%}+H<!t?bDS3
z->r|N4i4Jox;#WpcFr43TdYny7hQs+@gTk|Ph?ip*r$8Rz{Pd@l3p_G|M8JfgC7aM
M$d`UreB<^10NB#E<p2Nx

delta 624
zcmXYuO=uHA6o7a0pVlU$Pz&Y~so+)dF7_sPsV6;2gC{RCcqxdcy9UWxZ8h#;FQQ%r
zO|#kE%;w#aY=YuJJQTd9$=1Y#Y}}1V4@KXE4)eV?%$pfz=945zl#o};nMcPT1l~w;
zd7cHqoagM<lA4oOlA^H4tBKpC^|g4455tPFA;z}U`{L)*{qHB6gwRD^6Vy%Vni#0I
zbUiDi=QDSO49}6(@C}}$;gk6Xg`8Z>$s!U$!bk*(A~7V6B#<PsfGi@XkR>F=a&r1#
zUZwJywLxx*3p%ryZCcej(=IKM-`d9zIl$Y$X4wciBZ|A)l_+7Uot`(DxV@R@@9%$c
zv>#FO?d+~}eq9bdS$%k~P#k-`?zlYgf|=&T$epdyU^bh=-rj-lja<L%`9F)wvEx9i
z2^|M2O{g1Sn_w7F(LvXt-2}^ly2-n3L$eLc2Ihdppwj}g0VDTl*yr2r7PJ^NYhYWz
z>d>&EYCxmLOS%OOj0~)E6{vQgU4xnhrooSH+lumzUrM_gCz%V+^7^)-_QpeZGW&#Q
z2lz6#{A(0Ee>&|3!C%ksztA4X$;#y&<*n~dy<mtdj>_F(;P%Rge)rF0;2q-2`YxKm
z_I@722|>cod!yY-knIAMixeeMltfVyMM)GTQItec5=BWAB~g?_Q4&Q-6eUrVMCJ4}
JZ&3N==6`+aGot_i

diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index 945a27941..355fe7ff1 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -79,6 +79,7 @@ okhttp: "3.11.0"
 okio: "1.15.0"
 orgJson: "20180813"
 jose4j: "0.6.5"
+bouncycastle: "1.66"
 
 # Needed for web console
 javaxServlet: "4.0.1"

From fbb746a7e5c13e90a467f10efb91c6043ea90198 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 15 Jul 2020 09:21:11 +0200
Subject: [PATCH 125/237] fixed connection setting and logging

---
 .../de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java    | 3 ++-
 .../java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
index 6163e3211..da374c274 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
@@ -241,7 +241,8 @@ private void validateDynamicAttributeToken(@NonNull String dat) throws DatExcept
             //validate supported security attributes
             tokenManager.validateDATSecurityAttributes(claims, connectionSettings);
         } catch (Exception e) {
-            throw new DatException("DAT verification failed!", e);
+            LOG.debug("Dat Verification failed: Message: " + e.getMessage() + "\n Trace:" + e.getStackTrace());
+            throw new DatException(e.getMessage(), e);
         }
     }
 
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
index 5622f839a..7c297b7be 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectionSettings.java
@@ -27,7 +27,7 @@ public final class ConnectionSettings implements Serializable {
   private final String securityProfile;
 
   public ConnectionSettings() {
-    securityProfile = "1";
+    securityProfile = "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE";
   }
 
   public String getRequiredSecurityProfile() {

From 645fd2dd8ddfba3cbdc79af4ab82db033c2d2ce3 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 15 Jul 2020 09:39:10 +0200
Subject: [PATCH 126/237] Cleaned up example, changed keytores to p12, updated
 settings db

---
 certificate.pem                               |   0
 .../example-idscp-localloop.xml               |   8 ++++----
 .../main/resources/etc/client-keystore.jks    | Bin 2527 -> 0 bytes
 .../main/resources/etc/client-truststore.jks  | Bin 1974 -> 0 bytes
 .../main/resources/etc/consumer-keystore.p12  | Bin 0 -> 2693 bytes
 .../src/main/resources/etc/keystore.jks       | Bin 4393 -> 0 bytes
 .../main/resources/etc/provider-keystore.p12  | Bin 0 -> 2693 bytes
 .../main/resources/etc/server-keystore.jks    | Bin 2525 -> 0 bytes
 .../main/resources/etc/server-truststore.jks  | Bin 1974 -> 0 bytes
 .../src/main/resources/etc/settings.mapdb     | Bin 2097152 -> 2097152 bytes
 .../src/main/resources/etc/truststore.jks     | Bin 22615 -> 0 bytes
 .../src/main/resources/etc/truststore.p12     | Bin 0 -> 2266 bytes
 12 files changed, 4 insertions(+), 4 deletions(-)
 create mode 100644 certificate.pem
 delete mode 100644 karaf-assembly/src/main/resources/etc/client-keystore.jks
 delete mode 100644 karaf-assembly/src/main/resources/etc/client-truststore.jks
 create mode 100644 karaf-assembly/src/main/resources/etc/consumer-keystore.p12
 delete mode 100644 karaf-assembly/src/main/resources/etc/keystore.jks
 create mode 100644 karaf-assembly/src/main/resources/etc/provider-keystore.p12
 delete mode 100644 karaf-assembly/src/main/resources/etc/server-keystore.jks
 delete mode 100644 karaf-assembly/src/main/resources/etc/server-truststore.jks
 delete mode 100644 karaf-assembly/src/main/resources/etc/truststore.jks
 create mode 100644 karaf-assembly/src/main/resources/etc/truststore.p12

diff --git a/certificate.pem b/certificate.pem
new file mode 100644
index 000000000..e69de29bb
diff --git a/examples/route-examples/example-idscp-localloop.xml b/examples/route-examples/example-idscp-localloop.xml
index eb6d8fab5..047dde31d 100644
--- a/examples/route-examples/example-idscp-localloop.xml
+++ b/examples/route-examples/example-idscp-localloop.xml
@@ -8,20 +8,20 @@
     <!-- Define TLS configuration for data consumer -->
     <camel:sslContextParameters id="serverSslContext">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/server-keystore.jks" password="password"/>
+            <camel:keyStore resource="etc/consumer-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
-            <camel:keyStore resource="etc/server-truststore.jks" password="password"/>
+            <camel:keyStore resource="etc/truststore.p12" password="password"/>
         </camel:trustManagers>
     </camel:sslContextParameters>
 
     <!-- Define TLS configuration for data provider -->
     <camel:sslContextParameters id="clientSslContext">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/client-keystore.jks" password="password"/>
+            <camel:keyStore resource="etc/provider-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
-            <camel:keyStore resource="etc/client-truststore.jks" password="password"/>
+            <camel:keyStore resource="etc/truststore.p12" password="password"/>
         </camel:trustManagers>
     </camel:sslContextParameters>
 
diff --git a/karaf-assembly/src/main/resources/etc/client-keystore.jks b/karaf-assembly/src/main/resources/etc/client-keystore.jks
deleted file mode 100644
index 8cac581c388491153679329a43ce082c6877ea64..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2527
zcma)7c{tSD8=vo(rOY5ROvSaAvW@Q;W9<$ajeQA~J+ojcjL@Yd3?sU>a4(}|m+jh;
zx}{vCv6gb_whA{(wh^w9<u}~rxqsY0e&>14=XpP8dEax+^LgL1F}pDffk2?b4s3UT
zAhcMvQr6872pkG>U>l$~LR13*zyNiqBmlr6Fb?cv-KJ@&kq+ja7sO?NWIV!)lDM=O
zThg^J9CI+W@tY}G<q{KI)7;Q$i~PZNDWy<Jtw_P$WbZi(S|Ip&#|gxTiQsI;oK|{D
zSwk&WB;)GJ5?xW+yJ`GwlVPkS*xh%uq~1d1w*sa@@h{z-G4a#QGw_qQD|t~Jk|lBR
zM%~{rBrqzG*LVC#^rJ5Odn^Vm%ZGX&+7)o1*%X;}AvyTj1G6{m2-e<DTGoTHU+ttK
zQ3GcEEj~sI_l8@KP)>MCmQHwP<jY0cd#v3v2;GBoIDFqa;D~svBVm1g)9{{aG`&i1
zO3q~e(ULUHvijF$Uca5pvcd;Ov<|;0DI{;EK2#H&w@1$PBoFQ%$h%S;{kYu5o78x=
zv#u(23b?$&_+|Dbq^PC-13q40v1f8cRI{)26gAe^jh80VNaa8JG${sI5`0$jQg3<^
z%~yGE9XFWkaX9)`@tLJt^J+<T4bP3s<WZRxu_G0LR0sNVcjF(%wrkDy9Cyg_^w-CR
zSzH79mv<R=xXlX9Zx?mLZ}K(Mes)l>uFO4O<l2xgeTk)gpze;JBmIzCNIbY<-a2`v
z5<ZY9YlC*XNDZujm*qxP&m0<ZUb>Md*!6A0xpjm7WT$Jq;=N;v<NFNUet=fVoK+?k
z1<$N>ugZ0+`MTS{zD>ob%e25AL~8DpY!z+nh%`@Isikt8I|+syQq@DJ$T5ru^A<5_
z<5GeLvAa6URbw>9DO*ReBEe0gbu34*Fjx9Uw1SWO@vo@`CEw+zD;5@4)kIvL7DWQs
z>wn}V55|=hni6%XxVPt3Q~Zu+g)Zh4m2{7jvk<(sXMOi0><QZZMHv*~^UzSc7E<11
z=3r|rp)0&D^|$c#dbz=NGFpJq5d?ciR@=V7VUXNT23tb>Vx?uFT}5N6V;Whdf?h-#
zF)%Ym?Y%C`pDCl%9kOP3iu>#0*-p=6vS#Wp2QWgGSEL>sbeek>pR_TDJ6rZ<RNX_+
zZ@RW-WQ&=P{PILrUrAOri<&$+lwz;H062Y@Wji_U^n)`@B8f^?{TbL#X;<p*Xs?B7
zkac9IA6QinB}z<B)davaf%<-%hQrF;xHu`V=~rDw>L@3fQ$52GK0S*iZc4I!AjxXz
z9ZS`(rv^gF&F^({3vtVYGQ?!#m2Zq_?N7?LzMDc;)-dT?x@B@Yr)RU*YcA$wtHB$`
zW4`l;35;H~pFH;%w`hJk+2gp`J%NJe(K2t#lbkujMcn*G%N~o#@qzdTR{5Eduuznu
zaa-d8WC4D<Z{Eo(Ew(;g<DuiTg=ETm3lAFEXrX32M@vRNDDBtyTIX7hVNO4Cr|O;7
z>tn1=yNl6zgWkmFOeN~-PGaEfmj-CB;R{==+(@PLO=IJoj`)NNHl!NP-IW2ci9o%D
z;`e$(i{u|?DCsBZCk^Gls^0;iKF3(BkAU<Y=ISW1<{EDiZ+U25<7x|1Tm9je(RmU^
zP+RS<PMVJp=MXy}gAa>ESWDk)I5A%zNk4G&@i1J<=|rDKxcg?8b`JJUvrh;A*42y_
zO`nO8bz*v?x6g?FN}i;P_0t5~q&&`JLhA3N`)l#H*NVPBJ~!w3B|f5^$JL=<r_W@(
zPF|%`Q<6;(mu%}j`2#Rqk#ZZvx;ZHB!|j|luho*vF<d+I(&r}@>eFQ~+eH!XiYI}F
z5D4s=upnlG9Fgb(5hwtK0=q#m#7^}D%Y+p%06@VZpeX?b?nH<jgCVd`^CJW-D7i&M
z(W2B4+PNSW+s`+I@C_)lH7J6{TA4d5y7-2MDLS8{Q_K`~K!O1%zgvu82oeaogsrCU
zzFSO(Af&{<C`kK1B8Y?Ntq3SI+|0`P2!)^pYWx{-pD&X^V(Qb0S~Q}eftId;AE-s6
z(?KnwK8Zjgf(%_hUna-_l>dD%Va*re01^=4xG0nZ0FdmnT&-%}gEpi@(v+f^roH&%
zUI#1VhTG`!^?Y?Cr8xb<_pMZPP8%yoY!3p%JMC#{FRPvEacVfR{WNO~F&m}UlocGF
zG7~O%=5Nh9KkU^74LLNkDF1W(wPNYpX2@GDvsZQcKk1ED&(>9VrY^HD+-P$9w!wkL
z!?w*{jc`Da0~us_>IB?WBV*&-Q;;-7*>Svea-JyX!WD=ZrRJ%lI#ON&#LD_uKf;42
z<Qa#nbMLP7t@taruUpob$Qxv<cJ{k^JG?>(yfd@8V|g;Y&2e6{tWPhE=HP0k`8k#*
ziWjRVvz04*>r`keuZ|GlQ+^(=dS9o_EiVq^xKI%Q0u*zA^THQ72g(VbR!$s-gGs&Z
zSx05Y69LI-udJ-ZhY?XH)~rE=t!Wk59uOBJ)sxI`;+`*8DeIB0+U=-4?o08S+?I<R
z76t_&AZlx^1Pmqug%^POTSNf{f_PA~K)v8#f+{O4EZ9g}n-LO#r=1G*W#Ik(5fz^4
zt9^<YiWkm-E{Gk%{~8WQ0szbsq=M#ua}b(f@RtuJJ3J_WO%v|;FHa$Cb{K=k@C^wQ
zN>UHMW&C-~{V*IT^|w0_=sy+!25y~J66OaoIXeT`3|at-9U8__5}t{{4hr&Rgt0>i
z{}t;pOqgMi%P>&@DzS~bwo!5$G24jUMyYL--bUQN<ta=%p*#V|&DVB570>n^FLWI{
zI(_X2>9eX`jj#DAwSwUTF9md(%G;w@lV2Zy^Sm+csb*owj;iw0Bj^`FxKTT?rF^)^
zlz&xAU<_9rs!uhGbzFO*`^zKKYIm$>pi9i7OSx+nKcS}y#7%VY;d*{_{}Zc^dQZoE
zWT}Kz61-k76P>5M-}b}uRIpwIW2PMWE-H$sj5G+AiE&fSef4pl+++mHKXHnOm9HOa
zm>s=oQy#+pRQ-f`FS5ayvR35W)^RHF0OHIpj_wHm3g0$3lLuzR+9kffzq;>tzK;(h
zr&(_oKJ`&#yUR$a4e7dDcq!SG$1tbpONmRd4^J$1DZPNN6y$1Pyv9;8RB%nIvx`Fs
KwRVuWxBmm2L>qhn

diff --git a/karaf-assembly/src/main/resources/etc/client-truststore.jks b/karaf-assembly/src/main/resources/etc/client-truststore.jks
deleted file mode 100644
index 998f04c7d601ba0540b4d4d15fe86bdcb7af0bbf..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jf5m7g0V2#i-HLzr0V9qvZVoo<`V)9?W%*4pV#L2LU
z@x9*Bv>WXPylk9WZ60mkc^Mg5Ss4tR47m+B*_cCF*o2u}Tn&W{1VJ1w9xk_{#L~Qs
z{It{}LpcK(kRUUUsHaP?LQsBwi9$$fafyPnqk@rvp@o5*IIp3Fp@FfXp_!qPfl-t=
zuQ8BoWCrC@#f~OMC1j^FvNA9?G4eAQG%<29H8C<WY?5tN?)^5Q*D*0+%@qazhG|QD
zqy@Hr@PA{%c`KBAiqOI>vpkK@<?@GzH*|O}5KMY{Sina0&jg>{zD!3f<TUMmtq<~_
zT-+~h!uwaet9;I*o9Ds=1(zJ(rJwyH;Jv)wW1orZ+#a0O-27+71BUVgi(Z%S?Ob-r
zXKz8w?wMkhECNNVGjv3pWbRC!@Z?=&Wmvg^*NrtT{hKHEy|Yp_-|y37-EzrY$8|r`
zd>L8WmPNPq_~x&Fw@qo$5yw>f^<FE!$;&;sTP1t-^dg(dS-HPdKHL`;C_7QZ!}u<K
z)twKMN;h2$f3l``pO$gS<wmtWY36U2zLYH4XQ<-fVj{7le7V=eU9n8ej0}v66Aa=E
zWPx!d%f}+dA~OB?n{ZE-?w+*t$KgB6_{$c2NS<II50X}9kuVTzz^;HFq(GRF@jnZz
z0W**?;06isv#<bDk{fay0Fw_e4j36an3bnx9s70Sl1AY+_Vo3?s?FuTc4e_Bt#0E@
zsf)g?cGhuD@|-7(^`W;d_wQHtZIwE3PdWYnvu7L5e+=xjP+z=w_i^I{Ul-?p=9UiS
z9S=U2n>z%Zipp*lu$0)ca^by}UFXjJ-QyZ?{>+ZV)9WPPWv_2jS{fCjs&lH-W0AJn
z^d`@i3n>%5^?q;5x~aP$C}VQp@AKi}X;aJWgPVg@UHk&fq9!lNkFaBXHhY0NA8+i_
z0|h1%t(fN-%nR$yK6gH$%}Ddu&jpRiqF$e_G?cswTARIFYr)q`)f4V%ADcNjK_c{Q
z_q-7GTP|1ZCae^(R(4Tf{QLLpf@vwwp0dPEJAHcYPH;|SEiO$0XT+SFY+JMu8SxV^
zBfbM>#A}d@$jFEsg4{I8fF{5U2+Vv2MwZ|VXcA@MKtv{&F^~erGcc12gEBcde+QQ)
z!Lm4^?6+E_C(QqrT35-%gSVdjJEkXlX2wb9;|r=H&qqG5@jDQwm3?>1vkmJM4k%n(
zWv&{pG$U!(o-1X4P89uFp5kG)-PAZD(@k=FV1bFvhNg&8W6iMqlh41(Dg6<-eZFGO
zN~O6gqQ3`)HTed1&Qp6Y(r*y`BceUJ`C-GRNBlWeWeayq(t8#haQL8tV;V2-&qF^h
zo0Pr35$7su*`aXqw@F9hk+cPe1tJctZOfML_ddntp6}9fIC9deG*Ly7N>#??wqo-l
z84qW^R&lRtdE3}~<fpfHX*VZVh+ui+ZJ~Vud$Zf7{z}W=V(;q5y<UnxFkDLe{hl{5
z*A|(7oI3xMSFypix33}DuknLH<6EQ*c)I8Kw${oO%F9lRt`-l_f0pVT`+~9z*k)i3
z%8l|Y1_pWtIt#QGXtb$il#~=$>FXyK<>)157N;ibrNN7Cy_8h_%#>n1pqxPn8;3R<
zu*_#?WMuI$a5Hd$@eP>TETCqj<d^5=<R=1kU^A%*Sn?+)CZ`sa0E>MyJrDyeHG|6o
z!KqSj-)zyd{agKa!QYw;4yWw+wJm3*g11jl;{112E#n$j-WJx6t=(6%)q*aUGGw#;
zy5KBQD;fNflWV%jv40{$Cu%Mn59m$5oqTVV=eg`$_O5mFERRlnzrL02cVNM#Bj2{L
zt8KjXc+FOed5P!u`?=4S4b1Y%-??DNvK1R{JxO@1*&4G}H&rvC`l;9g`I=)%Z~u9)
zG}_O%emwg|cZGCR_eZxl%g_5C^<^ZTee+9vMniO0Y-gh0r`;LVbKcZFJ($0dnWyoe
zYrYYqA=e$%<_Ut+7Vmn}bu&WYORM6`YKBXK_xC*O*&X-8P$I!$Zrc3ySu?wxy5@h*
jKJsPXQbv^>U)0#*vbc9$N>rMBDW~+|HRjd{yhWM-qpIG&

diff --git a/karaf-assembly/src/main/resources/etc/consumer-keystore.p12 b/karaf-assembly/src/main/resources/etc/consumer-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..6607767d644aea4ea7a11e98ac540c623b80283e
GIT binary patch
literal 2693
zcmY+^c{me}9|v%oZEjNTkejgC%rV#ZtNNm(CKKhpG734SAy+F$TXQXP--^vdu`x%k
zkXx=UBv;PlOvtbA^Zb6l@9+1==lML(`~5ucKVNVH_dOth9ZujjgK(+Fo{!z-18@NH
z3EU_Ufm`c$42Kgy3;$G*d;;j*?`Q-FVEg_0{%HVkNeK797kB{>I6sK9JVi88`A7=|
z1ah)P6F~VZywpW&3z4n6S^2p{Kk$V%E=f<@tZGQd-P=J8Hk|AIlG1>yU0>xCvxy@*
z72iX0<MIOefUNp&&$JM;961h+{cg|@_u!jcYnmQriu!MBv7?C;peo0T2%TybEVl_d
zEJ=tNTPbGq=}&eh?I591@6lwCN|7l-RHEglMCu{Dw4|yoVe6osk#U1_NT5wVlp_%<
zbLUafGQ)k@tA6F|uR#xIE`b(okJy1PxZ=sU7Hxd=G|UA*!IE_wIc@PeJ%7gg0O5I`
zo)v0;OZkM1Q4-jo%*85{*-+nSn6~+T`-8H(cf;k#?*2{oeW}g~Bj=_^D?bnM%as>B
z^iNOOYZnWAA17!za&dVjSl|0p{BTpRI7}087_@ATLFmf_szlX=%EBu2{)pmvw&aJx
zG6#b{-am5m!=QAl{S4&x>Mb)z5*-oub}-w+acmngdOgJ$qpu{_qK;afIiH=4fT0dv
zNAG?Q*OEFm!#bpEeQa>jv&y9hxDw;TSjy=FZ{}(a5pzSxiIT=yj%fvu#`m%BZ09m_
zABR8-G<rK_W(&wIPgdJ&N}a}|-3x=#b7>2y_w6^$79uhophGzE4&(>1$(|D;UF)i$
z{*NqRf9&PtUYvuAHQHGCyKM@yxV~SE){sbW40>n@)%*)61=3!ny(OLjxUa>2!IoK0
znXUnu=C1Qy;hskX3utTp)SU~Hrj+#54C_ddr(fD0x3AlknVEjGmqTmVekc@oLI`68
zK1+t0bc<oZirFdCVKOe%O5a=T;g1%tC?o&O$pq9opS62x=3q?fqt!7oFP^Okrvpb6
z&|cdiDn-q|4EXAr?~cb#Cj8>N@aEZyisINyA$LE`vT(z>Z0fq3?+E`@;tcaa@5Rr3
zDaeeIVB_@uC`Nkfa0*$0Zj<D|Vl-YGlK<;7N&#m?kIU6MCsczoIC^SQM--f&blng3
zj!$beE#qIW<yewVJSL_$O8J;9HPC;+nTu0<-ahZW*On)2qM+pHLl0m(N{Si4ZG0t%
z#x9D7eF_7+$tqHlkw`)9=QsTgCC~=OOd|`Id1sw;^sT^s*Td(Uqi2q^B=1$(T&l~e
zR3J%~zIc>5upWWjWzgmqC8h@gfy&tULFrOE9jMxCrxyD07OQ(2>W^QkYMmZrbM((0
zctCIT{255Lfk%t;1j+&v>#Kt{&uPcSpZCIJIVUufon9=&wyH~_R9W&N$kGg+z@{PL
zY(*<if?&i|T$kl|<V$}3-J_PYliF&HTTm-=yvYF`pfajpa)MX%Ozm<<a1)1aqTBs}
zdc-L^|2E#8Dq8PyfY{Hewvn&&^ky2JWl|-7V#3^gF4q0bYmbMteLk0rHm5&YhrRN0
zcUdrziI;5k`^h@R(I;6&MoI<LEv!!xqM|3AZ!a0C{L^Z_olk8@#O%6tYO%kYVOhf6
zJuFq0)`K@BUmgV*L7+oon4pX)d`}1Q+{?aryRHI3-N72&u*nK3Uys8ogvu}7V=mO<
z<ynS`?P06D&||)Q{XS8P72Yf60Z$5Dau8+GdafKNHfIW({g_+6s1b=UI01a-e?ZG8
zfHgq`Fzk1%`umh1JpbX18vy+6;M#8hm;O&Z_P^CD&4=j4Jk31yw|XD~s7p^Uqvrf)
z;_>5K;}aUBm)tJPzh0H|s}Dy~vKQ_UI>E+cr0q;n63IIU+Yk#YA`&h8BlimIKJQO*
z!>${8(V*eS_X{sYHoMBdpCcd3E=#aCNmC*5fQBOZ%(*3Xfll1AzPb<Z;{bhVOb52Q
zg?IeJ!A#y33tg5|zP2dE@^N<KU6xZ@uM&raJk=&H(}HK(-Z^ofiXk=1G4V`k)b#%M
ziS=`@k2AxG8lOxUm^WrOa6hdl0Z(-Dhd5;PHGX|jx8BE92*}IW!<bJgYDMlYf*2&G
zjJ#`L8)*G$T84dQR+Q-*TDJ1cH;}hHNXr;BFFW^QX(Q`8gmL(4mKdipM+-xpv@D2w
zuG`PE!Atpq(~t3OnKrd5RiB#wG`M$4il9SjaJl`qW+@F+F1FUpMLXk>R~TGUrc)nT
zGo*-VxZR358&I5M)MfLluG;rccK;s@j#tzcy*M-`Sa%a5lIh!Fs9wlw)bo<ZqBj}o
z__1|D3OOq-e$fH;08g$?+iLzW-z1Kmfhisj{?2imWs0I!tTC1XUs1KEic{>p)-<Ec
zuM6ySLuvTFn-vcrYE50o-UQy%KIa>bx++A>y3?OEjjAaxCa)^L!NG(rEE1#5k&`I5
z6jxwSFKq4RaIU#3b1T1)r~KLj=Wg7+<(_fk?xjKb9y*tnDN$rT0-YT{d+*5Pby|}J
zrD^GNQ<VU4lmWcenN!$&YSrx8i*eenJsLgCbO^|F?<Gg#<o3XmdWLFLz3@ewUEbxn
z!bTa(m4$}*nFSf%=3waJU)K^Q(5XS&nfMZ9ElTA&gle*E&N>bwHq_T$;Beg66qdG8
zO;2vL4nn~8uo;P`G2h1$nbFagdwVHS@XIKp8kbHi?kGryS*cQ0Ng6Y>;Lri{{K%n6
z!2k3N3*RC44)xH9!K&C-ZLMJM>Arm@q*@f9*Dt7R$B1gavI(*799D7w9`PA@B8)Q?
zWfkS~_9YLpKjw{9e`Rimmr#@zNP_Y!!}`4kvuGV+-lc$c^-qN4{i)d>Fg}m+LD<97
zg$ELBiTJa(Vp*$6OEGE)e69OoBHnUlbIgoYX)7dTv-Y-h?qule3m<bEnv(70HtU`_
z$w~?89YTAGWm~?vn~0~Ibk->J(NX}H>gXT?0gKHAc5m4GP9-ld#v3ha=8)GL&M@z(
ztjZ7TM${6Iw0NtV0S=eDj|RGCg`L>dgF~<4NvDjjK}SQv$kJ2h3Dyz*i9T!<E9I-z
zPuP(M3C&52vuC&blH0+@!d3<CC^ZOCkm^J>{lb-R!&|MzClh?;^W+@-tW{05F?w<5
z(z}Ip4kPmN2kYC|Z^v}BRDL0=UhcO^dNFA^chxakzg}Gh@wjfTfWL5H_6)4MskT6|
zLM`|XL*e`eByU^Vuv%KU{vz7{J;8S<ujOZMjf>p76@$k;+mo}~m6Um+61^<X7b?`N
zC9o0jjWtlJQ{<U_Wg{?tVT4Z65a<TFrQWI-#{NhT^6?dYsZ~XXkBX->@$*YdK72rK
z<3^vjq&E$`h^9B*&bu#RLLd2}EC>g~>`X%F+s?MRGpX;DG~T^dInUj$FsV07dbPG=
zCVK7(#`e^P#jKik9~GUCP=w3>S4S>kga}CJeMEJi#7poF&yM-m$u)bS(k-btI07yU
x=YoLM_}PIHU^bADxShH5uH&M#q<dn(n2|6+$>zmn5a<0*Q!>&8%Qya3@?X+^2G#%o

literal 0
HcmV?d00001

diff --git a/karaf-assembly/src/main/resources/etc/keystore.jks b/karaf-assembly/src/main/resources/etc/keystore.jks
deleted file mode 100644
index 688ef84318764e1d66e4f504d56d6865938d25ce..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 4393
zcmeH}XH-*(630{N)gVPyK&l|+hKLXm=@=A5>4FL|2@(j26hS~xf&@^S(m@e)X)aa3
zb?KlK3l_S7fGZM;NB|K*#Fqqjm)+yO_s-cp@9c;7A#?BCGD+sl|M#D@nY9@Z2n1n%
zVC*9VhXsMaPKGlr8X&l%x)y*2fuIur6*>k`A&;}65HJJ+1_S&Y+$uB-ZHXTY=7oa*
zJtQx{%>lK8aUdWjrbq-J%u0Cpc+7mTr^)UVH-ZmR0uW<egz^cQo7l)$Qz(8i#)dMQ
z0CE=~CB~1`1~idcNC1V_L^_G_Yico5)YlZy{V&Rk0h`y$3$V)DoIdeOaVl7L<Ie@d
zK~O4K5Cl-cJP;}v47zjI24m_K>kd`R;H-WUkL>M{4qSOVc|9HaK<yxXO1uW7!{@nx
zyyem3XmmV(MZ&Q>5;=5Hs`~runf5`IW);TM`&6fv1W{kwW6B2LaU!c8&cSuuOBZej
z4}PMThjivV6Udu&)-L61y5p~qX_QFEfu2rS(=6Y)6j(Y)I-U)Hn|Ih*$;nJNx7F)S
zs>C?XS)10&7*q!L7q(19b^egQ*-z6W?A#<Mj2O?aR}98zN$(%>d!y^T^f2AFqWfW?
z-KjeRLBuJyr*fjYQ#Kmq!`D-HoXvCJR^q4~Jv(Mud@J?Py-4gl2KA|NKll4uMBaE-
z=z#=PD$#>vyLzJ#0tJJ>H^Ue}*bK0h*}|;?Fj1ID^d;)7r}~(I+LNQCr8DY5Wx*0#
z0cqB4IhZ&gdR`>Gx+J8#X0bMjTBbRGjrG4l>YoM#Sq~t<;4d&Z0A(HkUe*Oc7>qeL
zG(ek`NW%a?9Z=0y$=*&=bocW+wOd02=R;D*5`76cb+=#VMIBGjAmV-1nfCx&4z3*>
zU^tu;42EF<Gr;7R9DvYtzSh7~0>~r^miflFD)}(S4Tr@MeEe7gr_MUrI26noW)1}y
zq}@N7Frl|r%fBf+xiagKE<$G6@&>x%k+g|gRRAK}N%tk_^kNPjGrBwW!ad%T({Dq&
zOQS!{?0BUWv~cf)YWU8Wmj!AXGYO~jEuxh$E2btpa8vW9a^i9B2i_L1s3PVR_6mxe
zu0adn2`9C#hlqLwNd?|Bv}#Bb`S`rZ5-B<u*DM=tA3rMDxSD+HQD{MSM&f`=$K=)w
z#~1C$Scgw8b)mJ0*Q0HCg86pYsHc11yMDI0%DW1wY3Cxh33AO+5}f0e_~M^&i^fSZ
zj2@1d!@0WnyH-D)Qp)PdOgrQ${AITP3<9R%b?sFA$48treLH*ewgYNnPo7@ERa@+N
z%SHf<)vR?0+)w)r0$3&ljxix%x()$u(1&Kc$oRsprj3n+|J^VEm@q)G*Z{C$066_s
z*8C?N+?H%>jtl$XGVKXFT;!uV`gXL#GSzQOOfoveJK@FmYQ+@f)ZR4hC-W_jI__JG
zzCIiRZr|5c8!MFzP0o=+rk(hBaKQD=SdT#^=}lZk)1VObF)4z7O-NTiW$$f!@hlsf
z#K55#$g;MiFwNF*`3_MfszbbX_7=4&5)&Xido!dS)hM|Cg*y6GnA-x;j*B*W_Qy1X
zcvXA1<7uvE_1q-vVobcXqXMUNkG8&C3_p^J=pgP380jI#d;UaCxyhd%*`a80Nnmfq
zp8P&6W2GY)-ia(xRW7usQ8WmLWYTz!7OGqWMJY@rIfe8;3k;rAim$hIDS}8qVyQN%
z<u2<ua0QNUfWbGl{+D22_J^Tit1ov>-$L=eiRT~~9jtO{tij;gR%hr%j9zaO=Ho|2
z`*4NUi%po;#_BJjA`|;=Yc~{4$`Z5s9&XNP#P^*MARZtm1bqg}cMD!@jF55D)90x6
zW^9UcRp3-TXyQI5J}rRF6)(Os-Dua%FXnNpL%I@FB6k2K-dZVPv2ul@woRkV_(k_5
zVX}CaP<n-q#hiJp!Le|1F5*2@njxhwJ#HB~kfD@<dg6k*tGO*e2cN^qw~sy>*?F|i
z*k=0N&J>OvMIplt=)J!7TVyZEMtKnyLWl8PqcJ>t=5!IuK|(E%kU$Oa^>OOBf{vbi
zNH0q2CEU)dWue5iGGq^_*)@@^J`Nm-NFaaJUrY0^`h(>HR9FsEgVA42m}g@PStk6K
zT=F*y)<iLVm#I1=n(fHzDd7Ek3l?O4In&I!_&AKPfdn5iQkczt7$+Z><!J&L=T0Dh
zdkYW%_*gIU^1%(wZA^_fYz6FGhGpKy><%yu`rjLOlUZQls=VlxbLIXkiF)?tIr@WK
zZsmF{#UA@jr{`SgY8fe#8t_yHrI%{&j>Qz!XEM|kUBtJ^Rv9kj5iXH0B#z9EsTFke
ze6iajeN8pMSiiE}LR`TaeZ71#IiuGppVPJXQiqr)E$t-D)O=)dN;%a3HML<>NxA(o
zRkk|L%eVXzv`0mP*peFD`*<~>K~UZ5?GK6q;MT=?Tib(vwmWNwMUJU;gK~zVF7zAl
zZV`JFEPJt7uPBorA95JK>5%_mgNI3E6^d*7{rD*P^5(*7x+A?Kz40FWyZy*j-w|)a
z67C5PBvCoIXbrRK!NVX8#mNhKVsdYmzB7IvSG=xND)<buQ+^xNDjVTY6#IaF$n9?R
zmru2u&+N3GkNKT-f79Dp>)TcY3<7{Qm^M87pJv+Z4MhPa3W)r&13)3ao`C@p>t6`N
z2mp@CO`_niBzKChA616ANZ=@BG6CmD@%h$%5XoA8L6I;XFhr0Yh1gM;9XGKff*nQJ
zaWgxL{y~6jhFLEqiJGW1zn-nUoQRd^Trj&Ee?0m-?H)#~?liEk`9<#MCXComQWv}O
z)i{jbpp7)I&K2&PlMfy!ElGV{6O&ekid@h&mQ7zYx+8r8N*Dcrt?vDiXS<#Rxo@aF
zbe=cWY)gN#ckF<yX>atzf$?jPT&|o~yje(EJ$rub^-Ro%YXO!VJBi83b!&{{4sq`y
z2o8M@!~?E6-W!|#o>Q1%h%L1+kne(mqa%)RyZXN^`Pt@ae0`x{OM33^-6OuT=8G=|
zj4=g0I>`Z`JyL44;iNLq1oDDP40P<lT$z>8Rj#=_F>x(^asI-5$uPs+m1+yKf))oc
z`5!1r3%&G`E$a;PCHVLgeAah}R=+=I81Eli_;)f4{d<O?o&JdoD-F_?*MIJMqr7K+
zPwM^*tNU=y<sw&WZA1TS_U}fkUPtcOwn&KU8;sLQc5)IQq1ab01UUaZ<Waw-YbDn8
zV9q4e{aBvU$1lTDvaY**GwIDDMv^`bSxey)H)cH}jynwFd1lm>%A`#fEETX)uMDhm
zkr(qbR-8?Ghm@1Ylki5={L;->{-IEOg4S$^MfFT~zMVVv{8)*|yYZV``aB6e9NABW
z5LIj3&a3nzPduI}1mZ~|F2~|2j%BnOW!myI?R+2EETs(V>YWGDs*A3495YWM-r(5P
z_Mob0;Kbo=Y0dUFw-22t4Yxdz*?LGx^aT)q7u|{Ipu?VKI^+I~VddNu8I6TPbw(oY
zfx#wmRC*qq{C|f1j~M1&8L+H$#AN5s?`NO;963mqlyfy)YSq+1B&A`B7|T8LL$<}o
z%Z7_1WGZNjooCA<)CU=#qV8&YKU=7m^c^kB9Q~1GM$h=1_mFcA-gnNU)6?vYbumXU
z+N&UExt|eirJJ%z+VHau{l;hIxNf)o0`l>$T|D}BE(K|N5p`KLU8roubXD2ufbLhL
zt6_Q4==v0&;wGOKEIk$&Zs#^^%s=^X6THGSTdu06*zf}_^kr53V+w&dT8;LqQ^I9T
z2W3cJz8U+8d=)><WtJCOk(#)C>vBe}O~MtE(UWa-#yQfnBlL!Cml5<z&ywy7D3!4h
l|1I_@%8E+`UbA+IjwQYfD~55>rF%8r{#lj$$#+WX{sl`wG28$E

diff --git a/karaf-assembly/src/main/resources/etc/provider-keystore.p12 b/karaf-assembly/src/main/resources/etc/provider-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..830797f6993b334c9886c6aae7031b06a96bcb4d
GIT binary patch
literal 2693
zcmV;03VQW0f(n5G0Ru3C3P%PBDuzgg_YDCD0ic2kI0S+UG%$h+Fff7y=LQKXhDe6@
z4FLxRpn?S0FoFcs0s#Opf&|S52`Yw2hW8Bt2LUh~1_~;MNQU<f0So~KFb)I=Vvy#5
zT{2-d0s;sCfPw^|?tC<TC?UZ;9eDHOfZFxQ3Y%}jQ2TqNDPQHSB!;RPNAlP`<aX~1
zJcw@u5zD^m_8gqGq@OI@p>C=P4`0diku|3S-viqdC5RvVs(UOdNUl56m%D<=xme)b
z(Lj`prw;QCn^QG)H!EQa>LfG5&oVGnDs>tfBcWZd-R(=P+%N^V#o#daU^6#NN1ZHO
zd6fw@D&3T~1o5)A!QA0DcoJ^mPa>I11jI9?7#8xD0u?uotnIAw0y4xS?ZQdfu0+>&
z;V5@m@Rgv4GCaPVqDD)Uz;|k@{HEdy7b-Ij6IS#c5+#+3gxAB*#T7GE87ioc>Lqt)
zJoG-$y!;$|KQ)BNKz&XsI>$0XVMe0A26znjv@ym(9nbKeTnUS=283=deM)@-h`TO>
zsc(s?w8aXfjRaoOo{aY*Q&S+ZhK_QE)I&c@uHLTwiHmB=3So(?W|8)A#`l77{~Qjg
z`_Ta_lpnr}#0)dDN%Tr*WDb@c4#w!=12LJ906C|_nFyU|C1cDscx7ZI*uy)~qTtAF
zSGSN=Jlzv~qBQd|8qJPr+V17BLKCB7-<Ly10Ov1byDB}6GL2hKOsZ^iCW0AWp~`Nr
z6~ciL!K%aZcKsIH7D33E0dB(Mv?TH-p|eHZW>)HQJpN_NOQgAz*m;d(2fs_#rOaia
zS=GZKXH$Fs5YUi1tjIhJsv((G@qQRSNImd$K%&}BbiA3mY};mB?nJL8J`N5iq%1N9
zv)QPr8@UWg?^2#DE0^lB7te=4t%`s}a}z<59{um^f$gabq&O@GC1U03qP!Q;bh|$D
zydu^7oo>sL25~rGnWl=$)L(K2o>3B$)&}Mm%0@9$YIn7iZt_?MN2IFAB<T2^Ppi^Q
z?_#ZT`DKn6{`IOD9~yk)(tIRPCh`-x9@}|Uk=F=<2m?qifHKEo2ouKtA~L;%mMkY^
z6>&66jyZna_N`}IO0|j8=uIaGn)<Ouas{2#+JwC<2z@hsR^fDHUXF+ml$)rj8UC@6
zS<dFih=&aQjgOP(Esa&+!h{*YQ2x3a;1$pP$trc_$!GRRvQDll$o<|?+rYh^iFyNN
zuQhT#V>_Cr@UTJ5Tvs|X4NfH2=B+gxn^lavqNCSqvnynm4MoJS45G&@y!~wosRZ(L
z(-okxDS-KLrMabk)klbB98!w1Hwcj+YAhOOIWd{9F3UrD7=vR))WS@Q{gNin9<6E~
zY2uq(GWfY0_Zq<RyCVq=UTGsgx>y*{2c5L8*bGfk9S?+G76kK8LXoWC_O`d|fhmm9
z-i0MoDOJShVV(KE4Mf}cPFF9f4B;PCkLOPY6CsW&LrYYU#RUMZImHx}>&N+M;#}<%
zh#=Z3AA)4xP{hcoBk3M9aDF#`Iwt#rie-1JlCB|%$f5V-lNsw%+_pZ)Rz3e5X6uR3
zYR8YJs40ylQ<$28U3TJ3_e)bvXvF}urqm-!^@L1-uO|k)7LcmyDvdq(i6OkE?(e5G
z{A+njhF>&SMnJRC01AFo29F3z^lR0`cLgtZ0#X`C-E6JP?5sRF5RkG;%4Dyy?@pQf
zFoFd^1_>&LNQU<f0S5t~f(0@Jf(0%xf(0rtf(0f93o3?4hW8Bt3<?1Ppn?SMFoFc?
zFdPO7Duzgg_YDCI0Ru1&1PDnN3itLn_?Q9$2ml0v1jualuo5@V015%iOrUAAp9#S&
zT@GJOm771f%+z#i#->p$?v0_$$Vh(@(gh%^<r1^jHP3LJ!0jo{4gYpEW=z($c4Un$
znXs&lKLCMUM8ErrT;WzPn@mpMzJ@5re4VJm5`m^hq2!(=zyhuWEYbHDCF0iRMkVZs
zBrJZSNa@~sfFeO+piruaoDH(<!O^}8JBaR*q1f<S6X2}kA)qVkip$<OuOG52qa9Mk
zAjf88pEy7YYQuO`-O2m=NNG-Bc+5w~M#x1($4|1QKLYjB7$kaoN_A;oV7T_6z}+EC
zF7-P3D?WmZfc=f`TA{I%sNNr}KijoX<da-toW(r$n0<;ia=%d>dOXv5Exv4LOzZEQ
z$6nkDS$@L&5#ga-1@-n!IEgNgXi$MCq*T1FIR>+4UrE_iQ+vBTa|i`dh*UGUf}~b)
z+S$2a%k)07^pPXPghmATr+0d=4wFZU(@NfpL(tj53Ry7*^0xk2_bMyo^TuetHP)Li
z%o$a1ch@Rsv1|@de>@ZEyH*l-CBN)|n9OUFk*<Hs^^c1k1}IKeEI_O}l!6%-#$orP
zEJ&!l#uW)m+%O|dqPk3;QzAa~0%sAckHy@(Gpq-S_M`Vm{I>Qd%MLGQh3untshR5-
zG~Hfmr5t_L_?$_M^x`H$noAaze^A-Ivmz@%(X98RR50mbYrIW_rRA)J1Ad8F?g9=v
zsf)k3#@<zecpUZGmP3k~3}W@gL4ykFO<Qm>bytCBrDkI~pd&j|X*)yrXqeQ=`Aym1
z;)=pCX2b<Rxey1D<_JL??cSUGZL5Nv<A&mMz&{#o2J}K^(@4Yjf#2YvEx&z&>+?-@
ztZy|hKFyb1vrv$%FjPNAR$>It#DUEbQz0p!v<p0))Dpz#(%;-wV(nUG-ecX}hP`xf
zVXuC!gGqXsMPrU@_z;`acf&kya+mXz0^nU}>UB`=nh1p#oJ(O6+~Dy_UDL({job8=
zYbUQS$|ZU5kpU}NoBsd9q6ajj+>(Ib<&E-Xjc+xl=7ng@x?PPJY<^|<GwH>6V_%J?
zhJoyaO9FsPkzPK^KjJ`vGg=gs1w_N%qt^si`-pX5XtyvJWsanz%TfHOH)$nW(2{4h
zj{sJOISE!j8QiDembWVq4Y{<%g+(!e!DrCIE+AdU(H2uwTgv*zQ~aP2H_;}>h&d}_
ztRYHVLo?=g(Uxh46%4h%g0Tbs#Ac`vo*5VY$B;bMXYuS&9$boLcn+EUt#Xb&K*!ur
zRs&HrtJ20j5mXCv!eD(nIyLENrD1@|XF6jV9l&eCJV-j<z0vB{dBxx0GqAxbB8=30
zk;d1C<s{RijnsSYCxrmn6FF@2zX?pU@0N@b!BDQFKR&-BXarmyX&wReL5jK6=QRtG
zz4N`=xn)B5w;H%edj){p>VJkeKD-5)V{F{D@r=T!eZ*5`;G6J19mmKanB^r;Y=cVR
zFLH3isFZcvw3VhE(y?CE9-znszOAs5iq>U&VtA#XQD!rT01QUYfySIA?jmRM=_Bv`
z3O?zFPy#mXoJ?bXeCW%!1CW)Ip9o7(u;tvB7X_W%Ct-xR7m%d0x}BT<TvIXAG{2#H
zaOYyc!6yNDOvN!JFe3&DDuzgg_YDCF6)_eB6vbXL?22j=Lp9k6J?iOsIzzkldN46C
zAutIB1uG5%0vZJX1QbU}8;WOzT&}LIy(BW#<3QlwJ;($I-FzHzECO!O0s;sCi+B4r

literal 0
HcmV?d00001

diff --git a/karaf-assembly/src/main/resources/etc/server-keystore.jks b/karaf-assembly/src/main/resources/etc/server-keystore.jks
deleted file mode 100644
index 2e9d53bd189ed9b992228bdbbbf3a850e3f0e0e9..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2525
zcma)7c|6ql8=vo(5#w$c$2OU1BqlSy!??04206w#6tlvZV~J)M(_s09Db!TfCPh|`
z<jO6Q<k;M_rF4>|GNCQGw$#cFd%X6K{p0t?=ly!#pW}I+&*%02JkOW6U*19>5U6wj
z8v`Iotx&3Z#svrj4gp25-$7+r#7<cN2H>G;004);M6l^m(cZ>g1dp{T&CH?AA9me*
zdXW4H;uc{xj^6g6Dg1-3Sz!@JaDG>9l;6rjxoODUczsmp)!WkzQ%RZ5WV66zm9Jat
z$i<EecFB5(Y`f+P_X&prT<iPtw9L!D>19xUK~dz>?M9QZIoqT8UgQ^bAwyK}b8K9%
zXG}769C7%)S?1`id5bvaL`(+ueLn#)hk1EG^(f@=y}Px0_%=U5H^+qZV8075>&Fu8
zs?&b#m^-m!sjmHZ_T6B^wpR18C1;{_mT0i1G*v8Y7}f#@JuU|24AwN8E*MhEQ$3F-
zT=?{@sm7Ux;+6BGvDYIi?qU5?G7s6H?s%zMI=5O5n7C)_#3iZCmMwG(gQJ2j`7?CW
ziF;B8p1Iar+x9D0IR$0m`c}Ovmke#vYX%_B;cR*dd~w;`IMOD(f5H#7#U6GmxBFB}
zds~28<gig#S@7+%y@LL4P~s?u@tIKvD;Gr7*fqn|-on(JitPE1k2keNye)lqXxpdP
z4@-$P=OtUJ(-uRQIV+kreSzHA(+UpP%C(m{4RKGB-KJtE>CsQmcBj6`%~LkORVazu
zxGNnpyfT{mXO=-sG&?gzr@DRmf~f}ZtU0+GnLcDN50gA-Z^Hxk`>L7Y#ii7?sK!9o
z9I-f0>FonnzKxMy6EY*@zWSwQRP6~MJ_O~izC>Gig52gTqNI&9SdxWooT|)9&~nQ`
zf0j?{9dCmcih0{<>l3i2(^@Xr?Pv5(t)xFDZjF0G3|aO-dvfAC<z46U$R}5OxQkc#
zcVh5UqPNo@McuceVy;Lik?(lITekcCeWJvx0q<13+b5Hpws+X=(7EkMUsmqgTB0%A
zo>$PJF&5Kh^`e%sc7nRFz01LOHXxC8|9JakGRH_fiFU88UKF3Q9@}&voK}1}UhB6y
z0FoPJHzNPg6n#+DB{nO8+w|;iN|>Ql39}kmgl>91aC)!dg!dzY<I#D}Z?Db{odcCB
z9B}b)y~p$2g$@xJ7hm3>>thVzA-x0ju21%J6|Hjhy$1#6*2#XmZ>Ac+d(Uw!8oj$>
zh1fTplUlmn<G+MG_h?_nnPcQ<Xg_{@)6!?Omfv`&Bwu?lJ3AO}oi@|b@$D_MBVQdp
zhlU34J2QSGrU$~JCs!(SaJ@T5qRh(dhY?8Mt_$x@XCLb_T^_z3n`Vvd;R)aP8P2Ae
zN+u+~TlKZy3_!nO)6p+oKU|DoI9#Fs{gVB?tFJ*XAp6{DeU17IiKLZ6?P~U8_kT)C
z>D9{N&lauRAxz<$L&|JV7S+70xi*mUYhjf>+u(l?KQ8n3l^(V1k6#uw7rtISi*)#v
z7Q7T-!C147=N$9z)E=7S<y2pSVGPgf%^(7lZ2PA>cJ9*bR#E#QJ<^YN97EczMLYg3
zK0dDgadbT{T>JXbhjr7cv8qdP)lPeRU|Ht}PQL%SXJy;L7wD5Mp_SD{JZE#>laVL}
z;fcG}^A@-qQjTtP(<@^0sOsTslRl!O7QQ3&tUft({xy|n*xo>Q-xy&W+@v|7Jgbg~
zq{dcOKJA}*^uyVU^1Fvkl|ZHIhMkOHr<cQWVKEnrjkm?S%Jady`iZX%8Z=&KIqq~E
z-1EwF{KDa$&P~fx--fMWz_l$UODW>>YKns;C!9i9q5IAI#Z?J_fm!BO7n81{X#7S=
zg!>WAKr09YmMblX7eJ9rVu1`4fI<NcP)SxEpX!wQK?wj9q}6gSNdc6XmGOniBBAyU
zBqXS|P7sO+M?T{SH<ZU=^GRDko%Kl>MWnMm4dcU(7GP*cLMXNv6Od#HZq-yGS%D-H
znM49jOvrRiB@>dAn*K#W#{UsP8B|=4pr8o1b*4E`NCa@_pAq#~WJ{J6o5>+CLs(V>
zvK5m|2w|~70?1*4(rGfw+{ywJ0o(q4FKNY>5dkXFRsbNNA^?DN<?tJm&y=}9Bh_q<
z<UiMD1RN-K)hJKjG-g?uIkdWU=k$*x@+LQ<Xe`Q>f*8_R(QZT@nlB3M3w_AFABOBq
z_x*CCC<F0XPk28v{I1~AE~f*9#_d*JJ~r+7dq=9e)|@q0;X$nnl&9s&y>kURnEKGQ
z{UUhwK8JbIWD@ro0af(CF4g=eWNGn3yqVjALnA#wcj{z|Kqt|W{TS_bj~1&ihHSw)
zqZoS1`*coO4X96@n9;7VzT!HZCmeRJ>=t`blP7T6mzy{@%reEEpM&O;$%_xB%YAHp
zbpuiN%!a6p0z7$UvdlH_a`Hm1-6yDeRgMrw+b?i|23bI500?kd1jI>S<OqnCJ}p`q
zhJvZzNuvh2(-IZ3kCxM$WGCy6_d^sx-SuT0ObbLMsSlp+ZAytN!<7tbT-Ee6mar)Y
zr#Iw+M#7*V1XNhxs{(_`K;Z?T#X8Z2fglkyD!>;Qr0RzX1d+RpjhXxiA|ouC%_MUE
z5fzceHV$J&6QygQkF1=uTf^a-008C$I)e6pa}b(p`IiqCFNPbzV@OZ@mnS}tCtxy|
zY`#D$Nps@5@#i(S!%(35-|l3f|5yNccs*M+7zbpD<Rf@YMnottS|Gwob7JziTsBj{
z<CFd?RvJwD!ysue1OQdpK-CRY+rZ5mh}=N+4b<2`)W78^{dQ7$0@5DqlgW1TFEo^a
z6M{&Am4yw)S~6;}xC)OTp+=PgcSp~Cp*!T8uU_R6Ji1_<73ybor1H{ttVh2bu&o+V
zwb*Rk@b>ukRTLX_cZrZ*^vcAk<NaBW)eictO8%aYxo>2fan10I#Ya`@S7wR+{JvZZ
zh&447^ZMsrOi#Q;n)oxx@@~=3)O~o&?o!-nWeXRvwS#$;=<<|x+u8fIV#h1^sNL>Y
z)mx^og@=9lVW=>lQgh@O|5uMgvo)nj%AHygdoQj}f<DJ5#kILsqRM<htJQ0uOYkjn
zi8hjoJrh^cK1IxpC6N6XKIXKPo|kvZzOR64RbhwDph6T`u0CpCt9WYXR7GR0ze=QK
L8oqB?Gl=~I&$keh

diff --git a/karaf-assembly/src/main/resources/etc/server-truststore.jks b/karaf-assembly/src/main/resources/etc/server-truststore.jks
deleted file mode 100644
index 998f04c7d601ba0540b4d4d15fe86bdcb7af0bbf..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jf5m7g0V2#i-HLzr0V9qvZVoo<`V)9?W%*4pV#L2LU
z@x9*Bv>WXPylk9WZ60mkc^Mg5Ss4tR47m+B*_cCF*o2u}Tn&W{1VJ1w9xk_{#L~Qs
z{It{}LpcK(kRUUUsHaP?LQsBwi9$$fafyPnqk@rvp@o5*IIp3Fp@FfXp_!qPfl-t=
zuQ8BoWCrC@#f~OMC1j^FvNA9?G4eAQG%<29H8C<WY?5tN?)^5Q*D*0+%@qazhG|QD
zqy@Hr@PA{%c`KBAiqOI>vpkK@<?@GzH*|O}5KMY{Sina0&jg>{zD!3f<TUMmtq<~_
zT-+~h!uwaet9;I*o9Ds=1(zJ(rJwyH;Jv)wW1orZ+#a0O-27+71BUVgi(Z%S?Ob-r
zXKz8w?wMkhECNNVGjv3pWbRC!@Z?=&Wmvg^*NrtT{hKHEy|Yp_-|y37-EzrY$8|r`
zd>L8WmPNPq_~x&Fw@qo$5yw>f^<FE!$;&;sTP1t-^dg(dS-HPdKHL`;C_7QZ!}u<K
z)twKMN;h2$f3l``pO$gS<wmtWY36U2zLYH4XQ<-fVj{7le7V=eU9n8ej0}v66Aa=E
zWPx!d%f}+dA~OB?n{ZE-?w+*t$KgB6_{$c2NS<II50X}9kuVTzz^;HFq(GRF@jnZz
z0W**?;06isv#<bDk{fay0Fw_e4j36an3bnx9s70Sl1AY+_Vo3?s?FuTc4e_Bt#0E@
zsf)g?cGhuD@|-7(^`W;d_wQHtZIwE3PdWYnvu7L5e+=xjP+z=w_i^I{Ul-?p=9UiS
z9S=U2n>z%Zipp*lu$0)ca^by}UFXjJ-QyZ?{>+ZV)9WPPWv_2jS{fCjs&lH-W0AJn
z^d`@i3n>%5^?q;5x~aP$C}VQp@AKi}X;aJWgPVg@UHk&fq9!lNkFaBXHhY0NA8+i_
z0|h1%t(fN-%nR$yK6gH$%}Ddu&jpRiqF$e_G?cswTARIFYr)q`)f4V%ADcNjK_c{Q
z_q-7GTP|1ZCae^(R(4Tf{QLLpf@vwwp0dPEJAHcYPH;|SEiO$0XT+SFY+JMu8SxV^
zBfbM>#A}d@$jFEsg4{I8fF{5U2+Vv2MwZ|VXcA@MKtv{&F^~erGcc12gEBcde+QQ)
z!Lm4^?6+E_C(QqrT35-%gSVdjJEkXlX2wb9;|r=H&qqG5@jDQwm3?>1vkmJM4k%n(
zWv&{pG$U!(o-1X4P89uFp5kG)-PAZD(@k=FV1bFvhNg&8W6iMqlh41(Dg6<-eZFGO
zN~O6gqQ3`)HTed1&Qp6Y(r*y`BceUJ`C-GRNBlWeWeayq(t8#haQL8tV;V2-&qF^h
zo0Pr35$7su*`aXqw@F9hk+cPe1tJctZOfML_ddntp6}9fIC9deG*Ly7N>#??wqo-l
z84qW^R&lRtdE3}~<fpfHX*VZVh+ui+ZJ~Vud$Zf7{z}W=V(;q5y<UnxFkDLe{hl{5
z*A|(7oI3xMSFypix33}DuknLH<6EQ*c)I8Kw${oO%F9lRt`-l_f0pVT`+~9z*k)i3
z%8l|Y1_pWtIt#QGXtb$il#~=$>FXyK<>)157N;ibrNN7Cy_8h_%#>n1pqxPn8;3R<
zu*_#?WMuI$a5Hd$@eP>TETCqj<d^5=<R=1kU^A%*Sn?+)CZ`sa0E>MyJrDyeHG|6o
z!KqSj-)zyd{agKa!QYw;4yWw+wJm3*g11jl;{112E#n$j-WJx6t=(6%)q*aUGGw#;
zy5KBQD;fNflWV%jv40{$Cu%Mn59m$5oqTVV=eg`$_O5mFERRlnzrL02cVNM#Bj2{L
zt8KjXc+FOed5P!u`?=4S4b1Y%-??DNvK1R{JxO@1*&4G}H&rvC`l;9g`I=)%Z~u9)
zG}_O%emwg|cZGCR_eZxl%g_5C^<^ZTee+9vMniO0Y-gh0r`;LVbKcZFJ($0dnWyoe
zYrYYqA=e$%<_Ut+7Vmn}bu&WYORM6`YKBXK_xC*O*&X-8P$I!$Zrc3ySu?wxy5@h*
jKJsPXQbv^>U)0#*vbc9$N>rMBDW~+|HRjd{yhWM-qpIG&

diff --git a/karaf-assembly/src/main/resources/etc/settings.mapdb b/karaf-assembly/src/main/resources/etc/settings.mapdb
index 3594cd79886fc931840555633497eb44e742c63f..5899ed5b5ea39ee9098a77647ca88e868574b39f 100644
GIT binary patch
delta 1593
zcmbtUO^e%B6!nZ}l1V>i49$>577dgJx-4BZtA6~0>_T@L0)^5|$q$HaLg=JT+X+Jn
zStZay+r>;|*^)=08;>l@@>oxnEXkHOgDlzlwp>fLN7}Sco}~Q&ed6d`y?frdmn(RM
zLSdx<vA2Eo*LUw^(v{o3wdBmo>XNUWJl@|aUb(cA*-W#SpFY0%`Nb<~n0>f^d!<(X
zV&(Vz$9w6<CYiaK^4fc=zofjrn%PP@a~C4z)pOpso7qmkw?EpyQT$-*K^ngkp64##
zzrR!bcBi-ku?mreSc6!HxBzhxVguq5#2XNALc9g>HpFIir?@q_huzM7n7y!(t#7Qk
zu=R)4YiqervNwO8OoO>?45tU~Fb<<&Iy{_|(C;2hv@l!*Q{(&HAEW6kjQ&kM+I?(A
z(IkBN;zbzv!^7!t5-eZmA+-LZdTS%sTHpV&_$<47>4zueX6{Z-kc1JB5S-}Bb(tc%
zPp)s}KFjOP*4*$tSM4*Af)cUX#ay*lnltvo=9>bh(~`~Et%=%Xae;0i65YTCG-0VE
z6Eg0xGe9v!?OO=r1h&=`5FP5;F;Qkw&u#nAFDBqwV6{;&AB+WW*c6igVm?39#xUWZ
zxoJV8*|G*>uo#qE2#?CK(FCGKQ!x;gv<XY4rG+9|Hk+t02ENkcODfHxDlNOJNL7Gy
zY;ipWQxXXSqK<O3g0U!zay?*yx{k1p;IMVeg69@WQY)#wJXJ~y>##eWmJ`OA3>Y{K
z9cA&ZB#3<kbVL_x@Fk%mdBm~Y5V~EdCCiiya}8D`TSl8~Sw@e4H6`G1u185FqAnsB
zCrCgNORZO0I5FQ#^q9dJ-$IP$al+;8qq#~q7J7_XS|4~yjQP6XC=GmTuKIG^_62X*
zU|F`)5%W$B=jtZTiz!n$EAcpwC^(-mIPXA+(lQTV%qBX{Q49{CmPMe}F>w}tv!V<4
zARHIZYp9HAz0`z(Vip?d&`5zM5)Kj<8p1;k+!tXHs9|9NUP@U%H+B_VfH~kmeVxSt
zY)BAI8%|}W`0%$mREZP$GAEiSs4H*+az!VXJ{YK*`337R2pA)WL$lH!nf>VKEO4Z`
zX4l(7ABnX#K?>Y>qzy_@>&yYuqfx~kutr>=K`^e6V}<ljs{Oh#*JGs{l(=egI_WPo
z((Z`b!X&_gJ|Pn{7$CaPYb5k+E^~8@K~b7^@oCx4vlXp74mD3Y;;g!SbaGZ}l9ifS
z#$w(}0N|x*j2)=-#9rtPo#ap2j>q6bi!l6>@AX-}Rq;C{>Y8S6J~@bh#zqHfSY-xM
z&?A_zBq3BtF@Z9wdZ$J>Fgmgtqm(6@9S)NiU)w?Zt~IO9Cef&6594wWoSmU$q}%S1
zc*YJHwM?39g;qwPPk4)3HD-n!Ayg1Pq57k7B}oKBpMY+S;>`uuw3{cash(2mUq^~p
zv#VOAyMWih^DI(8o@Cc^@8|7c+#N=dJvPHkrub7h)MryWiaXO_WP8KRo}<mRLr)u<
zhuvrjRWAy~!tQUj5$Z2RLF$TB{gmVYph%GuPP-H-35=+mb_A}$v?+LBzFzkqA&1N7
uC4my?vqI+iGIKGzvAVaBc?6q!y1DXN{QRp=ub=$S>-Fz@<!_3Ae*F(U+(gI#

delta 1403
zcmX|Bzi-=C5SF8)agsK6P_!Mg1n88pOWUbv|ATBnw*c+hf&K#`sX>vT4bTQgkfBS*
zbg)BFqGWZmNRgtXM~W0B{#Xo&lx+SIDUlSVH}&MWCGhck@9y5+y?ek{EEac)fImLD
z|L3Q6Zu{+j{P>b{x%84BbYC43rO$5d<nC;}cOSlb^xe&S+hzXw;gg-y%J(~O3tv6E
z^fhz$w|xEcYj3xFBcI#ba_#`I<!kSG_iDfU^WoQ}htCd5&kssFfNOv};5y(2-~+%-
zz%Jkx;5Oh6;6uPifV=gB(%$^(VX<_NezN~X9{T*f{^0ulH~B}0mhVjG$&okR#7VfE
z9=l%r>o3tbj<axS|Muebl|Nagaq@q}%NMUMk|c`%dG{_3gX!^d8inuwkoxcX<K6wv
zjoW|0RdTufZtf)*U*})kD!yUv?*H)S%f0<?3x?)nQxn|@MW?{zq#~?)f#OfJ6Q{>?
zPVKgznFFCF1iokCsAcGiZ0LSGp*T-)GDqgc)nu;t)3)qLPA9b6N@n43)vH)|tjX!5
z(wX-tI7_uw2GvMyepI#F=)ZNLYBTi00>^}xw*^Tn;8Ls7Tv>C4HFemR#n4cNvgkk)
z?)lnqTUg>nSJY(6z{3o=oF}n}M5;%MSl)=5;+QI;k$X-d3a!mR#)ukLkt&dgYLO;f
zPGljg+w>%@pah0{x-E>MyUf&)Bl)p2))Z{usH1S=OePzW>W$b@t1-|?ZaCsP9oZiZ
zl@a)cYb5w&ECgKHWUi(}q1s@ms5&Y3RgdQ6veF;=SFtd$u`Xi44V`gYA+16i)q0zT
zXXs7b3%JOlMs6=KH-<h+$9y9&bs;tR;bnuiCTvICQrL)<-H2D%Fq7SoMmVgBY>0s~
zq=svxMjY77;HSa9MO9)WMp46x#D*2Hmqi@$G7iattVT;y_apN%X;_tU#DbF%T}Zk;
zphitNv_Uv(ite^>xE8^7$v7+{@F{M@K|BTVBs2kqBTixjm<sKf@N7sOLK7B7?kSC!
z%rW(g3?=}1yaK!#g17LpnSAWq<u*5)EiMLTVko1;9i}VlbY+j_$<)l2cE)ZJX3^jT
zdq%aX>BVM4j?MEC<%Myo)tg>_lSGN(H?3)z8fINdZw#6`9c7enF4whH9K?y*4>*3Q
zAGxT;FqLpwa85c>f7Fj~cf~I@=NEmQt*=5(!Kj{UN;xw-XE>tDeKKH=sB_yAx@U`E
zR8c}S8`NAutqiAbHQ+T3&pY$Pt9IiG?$PCV+U4!$;!JKZsW5XRvA&RxOoNSsdM6O6
zGpnVnljW@YV?1`L$X|QPj6dq9<8J+=t{t7wt=Q+hj!;j%22O@zYc+4odWe?P_Q^o!
znQ5zfV)V<dyi%Q}uhnM!X`2%evrNyb6GOHvxr?PaWBX@lEy~Y`(sKd?ivYnQK(Gi9
qECK|J0Kp<aum}(=0tAZy!6HDg2oNj+1d9N{B1(JV(@L=<{`4<V!scuM

diff --git a/karaf-assembly/src/main/resources/etc/truststore.jks b/karaf-assembly/src/main/resources/etc/truststore.jks
deleted file mode 100644
index c5022af560dc92a27973ebd969f3ee0107bd83e3..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 22615
zcmd741yo$g*1wIrdvFPEjk`O+-Q9z`6WlF8f(3U;a0pJ2Ab|vTcY?d~Z<5JOGWX8B
z@3-D>&AqGzO?CG<r@GIsr+#}^?R~#@zXt*W0tWm={q_jy<YHuO2m%7CCDes*1_G(U
zzy{y~0Ri6v1c0vr0>D0HfrEj9fq{Yo5TRgcLL@^j5J5rVAwd9qOz;3$C~#E>D0DDU
zF(z~X>SF^A0Z!b}(8bom&dk)2=?MV)@kww56e&?<VkJ8}XJQc{VrBpnJAe=yk%<Gq
z%*4h7VBunB(!xe$W&<`^erp1F{uigm24H?aJ<{Xpm0gT}oIC)O^ylt^LV|z?fFgqc
z0zl!w0zg4Q>Kc?K#cZN2!0A(=8;4?<CdP?8u6MUHQ^5P^<u-S4nm{-ao}Vz4SdD84
z>lI!<(Wne%nu{Q8%*#wu^Q;lC7Wpbcw{wBa^3WSqF#{QcaciaR)dG7FROK~$vsvjg
zlKlm#;6R(>9YRN)D|wo5!lp6E=PjiW*?s*YS#>-OZ#PJ(K~;G&;;$b*w(@P$L}?r;
ziM0|7)_6@7cW;G_lonz-Gh6xlZG-q*#v<~SgG#ayNzXa2^Jri6r>Inq^%tw!*UflZ
z?wEZh!{XUdW~^Mud`;_JU_tU$gCqQ4O}4z`wL)j8;jtvkO}jMgX)}7kMuzXRIJy8!
zD{Gb8oMJF=P!P~u|3iTP9)JM&6%rspU_oGnM+O``XIK-YAJVbDaA)wW@OnZ3AbNb6
z3<3v$^#UWM@vYBT(^+$3Kn3%RVYF+G_0(4Y^5YxOK|voNAOYaO2LSxz6UYz{K)VS6
za6C4MAOHXc09_VM7F7s^g|o9gHzT95qcww}rIV>KgW2!)!eC;`Xldfa0DKLg0tG`0
z1qulX4GIb&2@nT}{%8ZhLO6drhl!n=t+kyY@Q8nRCP$#T85<g#IyyfZ9K+*3KN|(m
zhJi)_3c@k96t~59-;9VBm{gN7z=KYFC7Z)lJwPN%U+adRrNuK3;&PU~DY?WQ9n=YL
z{&m-P>|OZH9_=!l=Sim#T_9`Jd=Wk4UYtvzOgN?FwU{Wa@y@Xr8BUDFv)%G*I`kuQ
zeq;=nCN3lsQ**XVA1oVBLXS=%`L<+?%i%IvCal?*52WF0u}gUEw@D=fzC~H72{ZbG
z+XSf^)4fd5>Nol=zRl>XOCL>4rKm{5KJ%X%+$pES--0#u!q|R9hB>f{(~hM?i2VYK
z6@zyu+`lLV2{Vc~dV6C}nK7Q0tneK5;b6)g9fHy3jeYFp0Cb3es+!ctXY|-ZpI;g`
z%JA-fqX4{#rMczfH$?x91twYmM36sN&<A8eH;@J8-&ueHR;EK?1uvKu3-59KR-D}J
z=dTqKhz9GQ#;&R|6D9y1Xax{(=m?^~tB3%vLM&x#`~wc~=qPS(ZVW#<z+h}=!$b?9
zemnvko%Hu3BrVM?h=rV-TpSH;jZKNg)PCUPkt6_iCMG7p_a7ihSb(kHoBwcc{wMVG
zd|G$fxEX6&r>AEwSX}oP=o=)Ls&k;}98Y95&w<0Q(6=lQtn8|<iv5zDS1hE-Jvx^-
z!8_~BnJ4{8mOS7>I$s%$bN@uj#v$I<xURH7zcVlBQr<|h^|E_+mh<H*)H+N&LKl^g
z>dk;wIHs?|7F(OFBP?GlH>ZNO8xvl1^~a}TsfA@WAQ)N@^^NFX72%SFgh=H~4MY8f
z6bd|a!WW)MtB*5m=;ABW`6dtILSf}uIDKJ-K-bB37}fGtoz*j0<_HC-L9C<JP`^Ms
z^56=~0YmksG^-D*cR%ijE8;ALGx^YFrkfPhkxfn*s*9@tPmK0SsL2*yk+b31z<2Z*
z0}KI3-#GCIj_;`W7m)lxrb_-!OYqA!3DB`*3S1bl17j1~&R@v%Z{P6Kgax$9Z-X5l
z7wYxgWO^oVm>Cp|I>{`F#3hY+NgEEct00PcN5qNeG^%L~+jYjRSZ&6%4AZlQ_$?8-
zm}>W-*;Qo^hlzEPM9>-4(A1|U=MiR~7ScHei&!fy)5v-=+(~KeMOIZMm<*pBXmkfN
z$^p)^n6SutH&;xtSO(f~@v`_X`}HE3A`M`|=@FoGl<K>#;F5<i^)u00z1fX9TSW8x
z)+lJ<x?Wo%Zbz-Oqo_CZx}wFa9!pwIHPe7;Ba4m^GtHhh+EeJp8Dum+!-i$786Xs~
z=!2&07}2@dA$f0smd=~rmT~(+C(U?pSE7WR(madf1SG&mWwQ8kn*lx7ZHq|y+h7O#
zG2cVp|1ri5fn!`3IL5`kk8xO#^A9E%8z<}?e;(Zbzs~!B$I<#I0|4LVeSp^gRaX2@
z!><bO<A)gkbN#Q+Ar#9T>6Uhv24!D6<3=TM`8dQ)=h2tjG41dta||7K4-9rGVXZ3q
zfc8p^Hb)aCfhT2?F(n&a%FP(8uZ;`VSg*%acg&&$e6kKkyhq^?c*S3(hLfQj@?=IK
z3hasl4>d$Z=&H_=CTtL=`Jg1AHdN9L^&r=$m8Bh7dYXZ2+28EMQWYj-$-6#TFqTfu
zOfT8Mo6qctYLuu0N0`SBk5140S)k@?^g&Arx5aVG*yry9UgaXDgbq^3L?ZE5^A=7T
z9$pW6L5?uJrK2vEX`&De1WOBn(<!ET0}@8Qlc?o0^~J+$n=-alMZXN}30QQ1^6N_d
z@59dkp!d_f|8J-D|I@rL{wJgPHumz51Y{_>M4!)sa(U6%ueAxjA<zbokmQ@_ki5L4
zPzxmQiRh5*X>WY+#n_Ul;%F<|Cbi6%?8i)PH<@%tvV3M6=XnSEbPPG7J($>xPXMaX
z;SepxfE=1mPSj!z=PQz7K2CYv*LKx0L~N^)L82Ovw`9*)aC&N<$XvgKYW~PrAu>I-
zZMt2~j*?Q%DRU$hEvOr4n~#19PIO4fK(rz2JCjQJie*TjrGc5mjngC>8bM<7Aaq2h
zMMU|lAL}b9+A^PoHZFcAHC)n2(l8s-6W;}s(WNLj-Xk9LD^HYeFdq*_(9Dg14RTJt
zr#=%bg!7Q9Hr*$04QhONtv?tf0LLCE2$YGbjU5y7qu!33WjzEc@h0G)s|Ugm4k&jZ
zKxx2GL4k4=A^<FRYT`4v+g+`dHJ0dQAXr^Y4E5D2pA0dg_7P>hjkntV*9#^JLG=W~
zL5P-0H)YMQCEFV@IlZV`vrZ6zo5b_*!Cl!mhAdufInNbA^Cg2;&B!j*xrJYecSqhI
zu;ba!(uaCeyoF|f3+upSf$3SKZ7#RU!W(Hs$arr9zli04gX*%&l6CpjMfUlmhy4m+
zBo19S3E_&;=dWpRAxk~rV9!K1dg{8Vg6|)m!BE!mEi*q%u~Vz~C1r^D9*rGF%)_?o
z5#cb^7xRAE?L5DfX^P@W@zPwqAVreAXFL9?&(cG~)ItGSx^D_|(U2yu-O}-{Y-Ku?
z^Dw&Z#(ul*?k%Bv(kBh!Ek4}lc7WjVmRfwu)mt{APK#;my9#oc2C2I^@gaFTB!|qB
zuJ{)`Be+>R0o!0gVu+A5b{O7ewsM{X{L=9!sbNuQVfSoahLI6omT+>CFsG#aR^D&n
z-YjG_e8rBk5{Ei`cKhB{W`(-C(3Hp!eWJcVeXGmbHkT`~7g_Iy_iZ%@x3^+Qgc<1K
z^Cx!A9z8qU@f5=B*aSh5*UL7ROZsrSi#PD#v-~ltq}I@j!?c}<kZfl~tOOvow}Okz
zC5vlOm2M-5jW_zkW&9DtpBW`ka}X)BwJ?s89{3Zx534jW-NzX3=;YsQ(lgjqmq}35
zL>jLM8aWj#2X#0?3tq;sXb|L_b)0Pk5URCHR~%5DDHgz3Hf0d|Mo>3EFxRFwf-HLv
zTLdyf7sFi%u7A9{Sz`)UKPe_iG(@(68WKxYgI_@IRNnNn4i4B2egPtLvL~vqy2^u<
zDNPT13@tzHXcF}Ll7m;n#!lK#L|3d{$bvQTE?H0AAr0@HM@{reJ^jOd9a388gSQa*
z%9VA=M2o3zq#Kf6Lz(C|lm6i{g1G@L*$L=l&3&IjAT;WQwf_VHfG-ouw}~I<H9||6
zI@%c8di;0>1|3@1(ACh<(vS%mco<OsL8C*-y4YG8TQFe&(7sDZ_-~$`p{<FLojVgD
z0RQn>cyvrDTN4*2XW*gM#G;1IhQ!MDK;h4X`pr23%19VdQ)@d*XJ^yj+)fq%)1&9f
z%mSQ#fL<sY%Qr_9*!++8&p-3$Z|u==^^XPt_=kh}`-9{wMDE%MrO$io=l8j=uJ(Wu
z5a-LkC>CFMTmP<@`gUwQKSxe{by)_dtl%XaJj4pI<Y#Wwh{N?VUTcRu$aL7T;nq>U
zPt`aRt8y<aF192v*C4@z&;t*NEKC4yfWt^0B_{yv`zZ>a0_BVWBnD-X59pbLhXicd
zfI{eC0%X;1bH~r!dsJ1xexWkVDITMWxQqKUioJ4jtwv~-(*=J<MPkSZcnC79hg0Rl
z=Pvu|(uHF&b)4HnzUL}u&Uaf1W*1iCe*`50HhR#A&pTzMB#e!E?I=;fk5VLi@5TsP
z-mYn$zZ1iqLMeH&J)v*z_*Rt0+wN?<U`~FQY&?pf1To`vtN+<L|6?5E2UwZDfpsRp
z83@)!pgGq48?ffA7TV>b-wG5tBaP3!lvy(}nS7r|gB9QwUzbWT;Bgiuyc@*&+{R4!
z*^UizzC|Dg+d-L~{p5CLee>-0=d*Ohxs5&n+owD_JkgSo0N%1^KDynRDP>H0I7H$P
zunZTOMfq85UxQYd(JL^vr?cKxXp3aT5n_<b3EWa92e5)NTK5|Ht(+<<6=7Ro?cdrh
z5ir9@94b-Nih<AwsGNJt#)^7aVj}0gz(!!0>!B*KvMQ_s%c#5P0Sg;7DdWtBAZ8zE
zPm>KKhvmVZy-=A|Ymrk~0Sbw1#6`5h+^pqV9wZ3wnR@BCt1i;dIZbL!o5^d*4Cn>s
z<c#WW7S!M&^LPi_=$X~)&MO5F`Z2W-qCWB~?`OV*R4C6aCRsvK&6oAbV-88(D>~YD
zOo)EIG0d#9Vg7(RwH2|j3L_nIC{KS%0j@O_xQ`05Og>!f3`k1Jde^PSOerhh<C9AB
zzP5oIIy)_Hag#MsdOHDP&)5A_-?Go|9tBe4o%AH6DfeXZ%xk1B43uIsAw(vLxBJ})
zELFnLD^%tY_)?jaj-CN`wpKUit8Rlm9S*f7J4>u2YgF%aMwXog4quLmE6cxwSvZmv
z#VD9YhPh1;3W=_ePrkB_Fg04$hnk$FTj;s7BjLX^@(um)cFXs4RDm?6`4+%?e7TwI
zj(=6g>?!9&#I~rUZ)8fbH+?)*Rynn=0Pn*nVGQl*9;K3)NA#ZB3{#{kTTrDx_1JAW
zlJMmVQVyND#odaN`^|nof*u6RHN9P=noC>abgrJPkuLpA2*L)fXzJ;0%g7LMh=r{v
zu_m;=!WFMo3ci)o`b`5Vb1DzmM2w<&Wp9%f<}A(C52?G6Sj0@2Ms=R=GYgxbe0`Sd
z2lS?I1$iHY_+%B}e&uQ?(2xUxT;2VHtMq>wh5-NI9~k{7zzU28J%Se;9ogB!!^z3i
z_PL{ry*;sz#4mgWuyFj$*T?36O+WvRvjwjXU7K`RR&4W^l3y6#i_I;)rpRl~WUs9-
z=EFbmcj0swN{=obqGJ4j4I$cbR;J4OMhubp6`#?zgp?nSW>Huwl-ynl^VfmdO0_MM
z835${IrCIw0!uBy#Qu8}FjKNd9(RD_MZ^bD6(R*PpO^S7PNUbnDgFl1eisYWxwL=9
z*{AF13-%G|o^R-VUMQ40Lvx|O_s5mz@zJKFZ*1D2-f6AP_F_$hJ}`j~V<4VvrVc4S
zkyB^<7{EN^ZA(Q>>Um7G2cSB~e0eUP=az6C$!7xwbGSeKfPp+|*oBra`iXL*#52T9
zDvN-(T9MtK@~vHsD%~9HJ1jO&8`#Rq7O0;%3;51ifwaF9u!^0aS!YNlW;id<v=>m4
z_Krh8?K+k^Sy&Wk);td+)qb`^kSpaJObB`=ruUvXE!-j#5_8{-z&J-*+oGLZL2CQ8
zBobGrZw36@a7#Pg)OzBotqxKwcPNqiD$kU5G%|X`&{4*WR4M8B_{Mt`3xsC+ee&T<
z?t&M6X0&j)Uet&jm%%T?wDLcyZVEdY@}VTJWg*TrI4$C<*g_87YLIy`5zh&eyP0wy
zUZ);Z#DR{&w<(DV<>jkurp}|poVm+?J|#3DM^vygdZ2pmJ2%tc3@MY|-WTQ~C`6$b
zX_qd;UiU@3%t^JAyAJfL6bwE^Rx_A}dm;ZKVt%XsdIBD9P-%|UiqUZVn_`C~lqVXz
zw!AhA&LzbQ+J<qPaXQ2<))3&)X^VxWWXM$G(4t(aLYki)WA0ETRNlbp>Yy+P-rQ`r
z43>@2!7m1dNnqUJmUk_>Wdy7#`1X5<NE|(sv5##p$dP(g;gqq<pcQSrLe5irW@O3*
zdsClc8$7$o-+8C!7?j!HKIJR^NfaKL3~!+kFq=F0MYZ$>vJEW-XA0g+{7JK*1;<#M
z-#Ox$QndrlMVi@H=z}V+@p5<J5zGL;OSVA_FTafmb_kl<C?emjqgBw0HX4>QfsO3y
zafpZrtNXS$8SOZ1k)GyvN0vk%QJtB1Wb|L>AXm4?N1gU9!pNSrKtW1h1Dwp!LXPtS
zu0PdDiEyA>i*K0aSra@5<&$HWqx8dXV5q7^(NED2q3WhzdUd^gro3Wbj&HQVM(4o1
zzM27F{n=Lbb95`AF+Va^>BQnl9t1Smlg!o*ISk|~K~YuCjb0y(QE*7@IuU&2jNC#B
zsDU6<f)5GYJ;PRYI@qN03N^7|^ho1&O|kI$6|66jm_s4aaAO#weg&-u5VS5p&@TJ|
zTKqqQ*6*L>EE)ji8)p$<RXWqvh?P5=O@1XT^J4(zcLfUoHUa<f4*nfl2P#Z`^&2w*
zTO>LrcERes2BD_-yJJecG7VA?Mrkj!`tVpB@n7aL2n1q`#l_k0@>k7RYt-kW9Cm0=
zgR}$Yy<t!KG%!>u-OxKNPV0Fj&m)V8tg|(I$*q*ErWc|_z2UU6N$TXU&)7)4Dj$}@
zxj6;Z0po`akjzuB%f@85{tB&;+lPr?->Njeii%iVcMq_!fx?|kEuAT@rrvp=#rD%x
z?%nQY-YwSK&XwoM(z)<1>733Tn?mlgDvQ5ZFpzC}?cnv4rUY6ZLLc^E)~Y>KST9U2
zwxS;MB&}D{fw2)aWUQpyNXTz}NyJgf&AJHkbnD~c+=u9-eBJpq*-pKZ?{@eY8vw4o
z0Yd{bFy4Ph))!lwQm^k<Ohb3RVjZ^SbPQ=^eNI5*TUb!Ro0nP&Ue4aLCtW@~mjkTC
zv*@>|K1*g}(n5CJ4nCrDy2ls^zkN4g-|7!2Xz7()vegDvp2V$QQ9s!T^LkIbY1?FZ
z!Nl{bOm^rNFvK1ZNsPcFS0;;S2@8ky1tebZzF|o2E<AGO)ipkn@U(r2+Je%0m3fqs
zrvY73K>9ApETN!b?9&mjDsxm7HhJy|Kh}3!JiNtUVr%AlA82gn6YuqkVz?=@KbWw`
z$~NtaX3yz}Lfc;Kn+E!KbixwBJ=j>;S`~-(^50NnyhjXLY%FxRk@nVHCJ$>dep{&j
zC6vd#7BgTqeQB?4uaN7#ziZW}0@E;R-D{F&Q8!cLhi2%q&2BF34Tj15H(uQ>Ul{j$
zJ7wr22qB=hBDhgg4#N-^ZmLKW_S(0eTTbjQlNw~}jws{8ck2&Crnsw4LYqI0XoCpa
zTSIj9DW1K%&y=R}`_P#Qi7aK3mqS)-kdrw)6f0=mddButIy#fHLH=`F<o;K$RDS0o
zdAX&CF|YhHxC=~unPsO|2-+tlKDp*Cj?SR@Yj`AOjZwqA6SfV?Lvr$ObJYW_E;U)j
zte?SUxg)$eWVkW(QZZS25fL{sPE2ibJnkJ&ZU8Fq^2&Wy_68v$)Q8a21on*;G%x(}
zmI|XY#}yI@0SD4zEvq==RMWtS3e!{egRT1b2R{GBtu&bJ*3Mx;N*3Hmj$$&zGY;up
z6p9c-M^xNuv1d~JK2&)fD>E#9AVsKG^$!3`rNNBG>v`#Dk;6mQ^xQ-42esKyOo5Ti
z!e)AW6u?5P#C7(T?@+?$Gk+nb1@t$O4f13UJX*tbZYwZ^nr?xwEiE5d3uadCn$D%Y
zo>O7WTDEn(Afx>_@he#)fn){BSkS{i$cpr5vigVqlW4^S;Cz>`sLI9`hNfm_)~1fc
z5|1+W*B}7^!2Szjfla`FPf!1jwKdvn)<_p1@A?YS?_D6u5t1BkTQslgI~xv7R2!jT
zM;6yTJw-bQ9YxmYS-I1sRk8J)Rvq@6!4RceGc#O4(2m!YBDSBSz1A%B<XVy!&6)8$
z*MH5ozi2v|7Q79RE7{odB7B;=E_Z0@y^hCX`4l1hgXE4$xT7yif0eDIr0id@mMZtq
zVh)_|W7Vsc4Q_uSBYw1z3XG_7gKZHCBX%ym6^(ZcR`bvucp;y#Bc;m`Z50K;s!)z3
zFyQgbQg`D&cWF>N#3OWv^5EW%k#2M2#q_lH4(X~o`UKru*!38X8(a}@CJo|FczYHl
zYJ0f{t2EL9hRcMr`s(rfD_5SfrvAZN&Tp)p&cFe(_C3%-YyVBOAUkS_T<qEOC%b1A
zlgD3U1ms?Dp0+X0hp?5-1^J!nq2f12tz`#A-?2n1&!^sR3J2&|v0=KbCAz2}D)YgX
z$xP-*JSg|&_OrFVwTJV&<{Q+;QIgh<)nS;QLV+sog0Slym3_9i<(OKyH4=3JmMuJx
zvCQ1>{NaS3u8&yDTP~TnDqvsuR_VEXP>E&Zb1y=0eY&(5RKBQB)?2i*?j-z%b{fG9
z$kC$_AmQ7A{z5$<XM&1WT&)rB_G^@?EKEO(I;xn*Lcv;vea2#;<KGv;;yp4w9@xoP
z1hj+FttcOKX<18a;+Nc&JMsAdG7_)OQj(*3+q*%-GEWHDYTjWfN|SSx)$Gjrg1Lfr
zj|Ub=1hdv?zQZvc!4%BkIw=^uu?P(!j)89B_LzJ#2OWvP)3nyY^xCwajlDfHxL=8m
zvyyytq)nQwL)FW3?P`s-Zid=kco26%i7|Jq6g{MQF7?3ky;=r^mrh<zMyGE5*2luQ
zBC%N(61}vR@usO*RA}OatOvml)A?-AMYU?qN!iWA!`W*Mxr9Ji?<|GnF};)GEe<g%
z2@<3E*X^vggXNs4Pd;3SpWZz=I@iooznsv8i@<w(&16Z=rjz-q(9gV2J;IIN<e7@!
zY>GklmCl)Ur1Kc;iQ-Gbb}W^dBk-;bFm=eOda{M9^14^V7`dRBb;jCW0`PA9JesSO
z{jkIR6?~gIa>+_%?VTDaXs6zKF^B=r1Xj2fkYA1t)HtY?<1HFhSI>Xxh;z*1z3Y08
ztf`U_CF++Felw+TON}=*=NquZt3AUZ-xZ@}LnE6P5`wk2%1Jkr8eS=A$;9M|0V(KK
zTCzT${+U_IPcd=%ieFsoX<oqE>~%@KVUt2$&l{HDv*m#$p?9p$c<zA<^}z7g??G6g
zeg$&?l6K~I(h8mYnY2FtBxrw&_kyECD@%zy`%{d7m5YVzC%k@Z0{+9@`#Yuv<&SFf
zzyg*Sf}^=AtmMU65$17ZnIR#{-d!~v`fkrhq=YC)yc<@n?iCR7cZc41QhlbCq!LZm
zTAN(v;!Atb=<Y*7i0IKaj=MfW3|cm*LwCeCs|rFq$dVMuR_7{xgrcHIs%&T54_2in
zk)cYmHMWm>*`$onp`i$HkL{`dE2gSIoWDiqE!ytgo3ogay_n=kTAuC`%U9XSoQB?;
zw?F0u%(7-oGdxwAo-|qr_u{GoNoAD15WOO|=cpN;n#YevUVz;lrqEvlY{sZ=$}zyz
zYqbe3URk+>Y1bd*YYg1bMsHL&iT4&SAYH~UT9M^ZTqmkcz7s$FLZudZu8#KyQ#rmf
zmE|!4`<F{w42dQ!zBw;tSvDM;EvE44dW{Ro7+GND3}j_>9*!WOVfY%XUT|BN%au4D
z#>O5!d>!S&rpY;eGHi@MQ1S74G4)cu5oWUDva=|KL1N*nX(BD!xb99oCx3lm8_MuB
z#;tgICbFoY9@A|oErVqi<yQ9AM`3cOk9e=I+tQ5B`@j>8oh+84qi`bgjv^io@1z@B
zJyzeBCr!M$<;&YHCgt<i+SsO_6vVJjQ7b!A-&CyP(0{3~zR_CNzd16LHvQhEiwn^n
zKD#(3RWG(Nwpq~0RleGSvX(v|-g!b|B~5FRSJIE@J)Nl`3GAnb!1rijetG3Y9aa&d
z?IBo$BSascBV;a%)qk|j9h>CUJ)iV^a(_zaim1kRs+x`F->Z_&coya#YcY^d#o11^
z=#VQ_PJocQK^36_+O@=vHuSneftMBF-)xBT#jR%VD6>nRm-&K@FN4zhs@Y9!jk=6Y
zKl&+v=_K|AEBHWkRgOv6rA}N`r0g-|+d?etE_EjMPdR~wwbajV75yb&Gm;JM%`v+Z
zUW6?5m%ty9X$d`uL)X^!d?<bD@B0PnMS&3Z${zdLswNJGw%GQvO!w14z8r?7X~7#g
z0g+{RS5~p@PfjJNp9@{QXv-p9xZ~xvnB-wFde7vck&jC1S2{jJcrNJ-slWP|2}^I}
zN-sN)AWVH_Q&RL+tR`VL>ZQPiEV(fQu|0<)m*7L%Gm5#2%e9yL#N~?om{IN#%UH<G
zLlHxmT$Co|YOh-pGd{QM_Z48hMMFlt%h?DgcH$)-+Z<kmawmn75GIAInhMj`+HMXs
zicxL}S(5BnE|1OlWZZ&WLF&Ew<cWy2&bhduDAGqhr5?c}iFKu#b(WR+FRrKXAFfCB
z>w8i#!VI!q{m3N-e1D~?50I+B=m6--A5@+EGgbXx{F7MyZNDWrI-HW2x)@No+PT>O
z92;QeVtU+E`6D*)tqJ%q=;Ghewd)ko3sXdXBOB}_)l(!CWNnjDf40}nPZKL6_z)W;
z%(MIS0;?vL0xa1xVp!+P7K=Wr$KmmGy~u#R4$46$NT|mw-|aj3@`o{^uW1YtYAp}m
z1Cd9j43*;va}&DAjKS}xo+3Wse-+`)0^?xlrK*{=)3Sz)doc85szxuA1oE%wYJlFn
zU>kW;FFu!(Vz#u?53Xj!=RJPyNiNB6!jJG0LFUyhR356k#WL@HCz-V6h6A*HXlrK9
zWR}bWT^6I@wj&naz*GfPwp-xplAGx9HILJx$5ONbc6&arKB07z56^mtQ;dpmV(X`)
zB?pzZAczNz)u^abL|LZT>E{esw|~%;{Tp4U_8I?<uB82dK&WQ;%&-z>fs&W{xJ%J>
z&}R6g1vBgJh6*1oXB<zsZkOa6(#E>B2ut!Q$g!$3(d~E5NlepVVdERU^FVh+utcZ(
zX>sM*B#}=i?#g(}5QWbPD9YD@u%GPW>-4?8H%3CKdbK_&ISWT5HND}}Edqy6@D=IU
zifoa*{u~PI;fyza)Mo=Cfiu=}v83+(#9+hI-30%DTfazC2#8cRwA-x$w`g1_uJwU4
zDgiaQh(rwRDLZS$mo(G)bD@Oh1PryLq|%?>&ZbT>R*n_jTP{9P>J8gEi+8{jzL$6b
z0flEAZrX{tK`$}yXQ)oW+h7X*+IDP+14ka!O@_igu9Ja6fu%-#(!XZ7gJmyR+l+m$
zn1?-RH3{u72CQ~LOn{+McG7gURJsGX$-s}K?Ya0xCV18Xc-;lr6bG}dYcyLgyDXh=
z#Z|ecql;>%l>eEa_62FHV^~Ahv1%EW9KfyvOMso9S6O(yq0mu^&3uQ%oNs}sLP%J7
zcl2v9q=m_($>5&B(4^$G@YGQuq2`>>sJ_#O?ebuIv}Z$KapjDR6Y)C6Vz+!8E+g#D
zRd}eJj`o!VT}aBb{pLUOS~k0mLZ%iLgudOtsZJIkv|?d8c)-ShwZ=`f^YZKLzCbW$
ziFz$vcz0~r!_E+~5oPdHyq0M@y>|2!W%>=iPb1cc2nc6oXVS*~o}9VVD_1~+;r)2u
zhXyuW*eTXi?wi(+7agK-paci>o_t|+F=i3^JQcE2DkBf0`*IShA6P0|jXko=kIBT}
zy$Dx!r#i~ce|IIl!qd<L@9wL<VMKRkZ-#*aYn28m%OBH#)Hj>9%{doy5FJzERk<|$
zN!Xh2i@cNmSGrX14^^9K3qhuzVsiPB`=aXgBLY_oq-`wAex+*?kgoASx?cZ5*Pef&
zYt%nUSE6s*qks!sSoV&<eX(wa&ZdqQb}qo}%64}4rjAa(kd~8;^=HyPHUa+sUETdV
z>gMk26Mju2bnBA04+~6{6w`mEpZgJp#xvRZ1r$t5$$`=em3B9({VU=eI>$!lJ}_B*
zA~AP-y5$k7{X*i7;_}TVu)PTCeFu58hv7E0WQ*G<Vs-Z_=io&M$;c4U^hn4BwN02+
zQy*Pc89Vu)9T?6^t?A_#$Gt^~3-7JnU*Y`~bzhA39&n+vhaG@Jr_r-emJlz(ev~Ry
ztJYcHz0}nyT$Qi5d7l;}kr)@Z4ee@`ryl>-_e=CHju(~Sy83-2o1SMN`hu@00iJp2
zN2zDo<=xBjk-h?o4nv!Z!_ajz*Zv&`5ikHrs2h^5Qc5%WTBACG{HRYbP`YdHKCy4`
zL}vd%UAFJktq1Nj_-jpTSA*jEl#dpcJX+<THpx#KRJ4QHxW?_%DwP)3>TKAZC^uS=
zq&pECto?~eI(3T!XZA~i)bbRIFFV4bgpw}Y@Gtl#?j#bmFy4=R&7`qdF5k{FvG+uH
zkR1Z#6VGbVE}CWdgQW^hF%<;SVw#$Yg_T=I+Qs5P9c^O|81zMP$jzz2&GH`C_wOr~
z9U)f?*dY`0LA^B5v7N3oM4ia1bJq(FIHp7(e72l-!V@$wpVckp8pYvCd1B7RA|%eo
zd$3Iv96V3_w8pMsH@kP=E@~vU4HXqTK%{$wbAQA7(n+Zj#jPdOt7Q{H#mzJ|Iij-{
zgO`OnjKvinu!;IgprF37U|NSJy;*@fwd_7UaH@!F@VfU_<b-SV^a|mAuLyG$X(Q8%
z@axhSl*{;I=E$X{?59W1+-vBBV<&2=6%+etElXc^yGjerr0;!Q>3+Sm-2{E!2nXr>
z3ZtVv?qbk*h)WqQP94VfRrKHjHs%Y0nvKSXY2H48Tv(VHCzQDALqWuwMQR0IK4Zrj
zafj<IXR5Cdg*i=&01@wm7!gz%fHT%t_0PH{d$^twJ`ugPWHeK7`EYxgABHi_Ie1fg
zE5&QTtHI~?PrTG~RJj6T8tv6x$z3FDiE*RctaP9riY!nSao+EdqrPLY)2Jt6&75Rk
zi4{vE)A(XN^puv`3@rgZjj1V%@GhWc{8Rb5Ara>F3+`aiUh-EFHW2MeIXD?BRkS&R
z$SNmcZDjoQ37~>(HJd>t5T?0bm`~B^pSco4y(jVmPhP5kD*8N7f%%}vf?Je998{4c
zV%-G@gE4f!i1Uyw5=@Y_m_`WXi4SlzHrSj{=nv}?Le1E0#8m2cd|Ac8NZ=STnH*NV
z74nKWfp3Lt4(4;O3_7_7teEDn)CF$U0<!~Bcj^!7HvE~o-v1<Yf7|s1jt(UQ+~aR&
z^DAUoe_rZh<peeX|JmOC9a973^0N42aqS7cdswEk4~ib(-DFsj5}`e|9OMXs35}`T
z?($hk3Ydu##7{KuJ)k8`l9B>g#H$5{(hqwdR0D!k3YIo$@;8;22Np*dJ*(H_*gY15
z1(GzzQA;x&j8$Ko_62r#<d!?UDmRoC*HjXauAOABnHMHpx~bBuhi3aLrt&=~$7*rc
zH6d)2!S0xKL31C#kA-1|ejW}ggOR0iH^Ie6?<K1i*W3&6sRgeeWa-fz5tQS<sF^6Q
zy3WjZ$!hi#d#d66h5Q_BMY%>!Pz+zP#;8}>a~<Q$73qMA!L1sxV3=lkfs<2q{_?P<
ztpGW}_?PE2_c=sXtXOn_tM`8}mGwJQg{gr|Z3bFm!@r5W<}rV0*qMwYp<TByCZy*+
z0tuw#vZP2tmmr9j6@k^K=quOT6_IdluGzIo<c``wt}`(OM}-&a-N^}ROZf;DnZcT$
z95zlkV>A8&7oTOwj8QL03yC!Vn=gdR$N966$b{caprkDHK~2B}_{-xDR1L%S^x{g%
zYE^Q`#coQ;stf^cnzviR!zKU{l7ivNGh$-+5WhbC7Z;0(s2mC%)yr6=nTj3>JR7wj
z{>8FaEb})a@N#_Gxa{~)eJ}6bRa~{p&baFyCNBq50Aep<`t-LD7a&@6`2@QJ@b0|U
zx6(ADTk|c}YP?a8j`=6XV|17;kV{sEdn?EfugafMWZsm;VCwdIaY8SmBhd+589XI+
zu!qAXoseb&muQ(v&b>Xhby(UAQLT1+@umt4$wy7f<LeU=`Go-pG=nx2)i$<DDFE7B
zdOv=jOo=fWJ}b#PoqUv!8co3{Yg}RHJ2B1NVo4=wua&tv;|@H6xegC}JIn)@&zwG?
z;l9dxZUCJiWS+86)mYAGITdQ1ug#_b(u_FwutES8>AsBYOjXUU+SP-*JBXx5NPj~c
zk1j9ML+C(n>QrTFr^rX2!mUacxLNfPr<3+5nqy7Q_!XR$H}np&p6v>Oj*;?+g}Chm
z=94TbS^n{Q%e<D5cv}gi2(pk8OzhWc$J`I*bYPNL;Z;i5iv}g)EKy}teRyCFVB*bv
zeWi@)&M}Jz@de>;Smy6~&s9apH@@QeSiaRhXBoRY`VtpVlp(Z-y;tjKLlg5xzqLpt
zyyjg&Y+q;`<%bK@A|p~xbIg9}D!9{~@+YIi8EPLW&#otCycam?bgLUCb7rj%I1Jug
z70Xo@-w{VJd$GcTy;-F?otpS!F3+=&s~t$qyoyK~H$0v;j_G3>H1{i1|8)<nQ0kwd
z`XAZ@D{SZiT;lq5j}|K@)2~<sHvdz5V1Mu5-+?veM8&B(yqunnI$Ks!Q;skl`88Vt
zj>alF!k1KLCUvtLz?PLXpF{}A#cG!=`i?-oIg4=|zfL|gn~6_y0*=IHy&PQ0d+>G?
z3L64lD`#X?4U=fP!qu^Cz4H+V?k6aM6W8n3mu-AO=nj4E(j8}wuD($^?x9~;-<gIx
z#X`CL6<C8Ri8&K1*{@sS^4gVJ+8R^`C7Cy%JnZ{Hm=X}s$dN%!#4%ak;&h&?XfP#R
z4C>*R1soB(K)-sbp?c}gkw|A?IAxhhiqPLWwKx>4Xd(@nNlM_rxJBR|cvLEiyU~oT
zj`DQ-wJBd?dcsuM?rnDr;rl-ED?R(5PtA26>zUt^3m_ji5U_j)E1bdKiB<bAWR7Jv
zO(lpPA@>T)rh4Vvn<Di#{gdwsNF}Mx((9$XeMRU{!sW?zGeUPP?9>XyLnvoNHSR(0
zGTQq55{HgLtWg?-Hd2gE-Y+GWv-Ik?Z;fAcOFX~h<rntYD*uFKM60T{`qXF=we!tn
zec(*+-2L#Ote^=&gO@cU_V#D3l@Hq??+TKGO8j1+q-kNFSJ`EFi0GDDsPV6Z)tMB$
z>ySgCI}KICMBHjtpv1))^G=*R;$U(}V{cc;+giblcwqIJN`QGzxh0#>NE+bNvBD_k
zxPL6$KlAKbfZkz~H;LJ(Ujlqr<q5Nmx2~XJ_B0Hj2eQa#-ENuKhnngoEUeG+J=ii0
zwlNh4CVyEh39QLdyS2@pp=V?&|GNkS@`V1UjM$wPUP}*~$sO3C<FNSHn)8^LHH_Z5
z5;Q4HdLaOibbk(6j#9>tT$MqAQi^MhyL9Td3h8!tyF=Cr_9@})!N<(Oo#+FvL(%uD
z-wY**gdBrImoV|7>Q>iqonW8^YQq`?#~8IMV+XJ2GG^<N*}eVTZ`+bN?t|7<NC~EC
zOJ$AS5YToBCo#v58JqSIYXthOZgrAYU*h;h3Wr9r>HKVWvQ(^}8wifX=O->P6z1lP
zP(kB?C@sC$(fz}wdma~ufD32tSCXP>rCMKjtM!!wkLhMcjD_#%4G|$Rq(u}xdGAgo
zKseNqO*=>%di(tH304E1>|G-p-lQ0=DWvk1TC0KN${Y$UoPCs6?g`CmgQ{dHgLrf4
zgFW0_n$qQ;3j;MQr>{jXp7=pzzy8QJvTb2#?+6A&VYd~R9M8CYnbkcq9F_n{#?iVH
zJ!b_NeHA-LxM-z|f^v1e)3?~fUvN*)HRBxchVG&$I`9kICE6da>lJagd0|hm^D9?@
zOIlzyK(RXUhggmLGgrO-NwJCqK={6Y08-e_$=Ko-t;)g1_H#hsu?hH(cJA+p`aXOi
zLEtHbm^nw;75A8$e3T>KuA(A!3|&y-B&>mwzW;3ZI76Nh3x@QVv5sv3n(+pN@|YKQ
zYwZKvTZ+!Wl&CXQ^h(A$)8k;H1Z?$=cP$b{w~=uAFi@Mj5c3nCVF{0nMXeTPA)U?L
z6f4F>=y~x|EJVvJZV&iNsu5}>>HmtTw8d_F2XqJwjy~%mU6!?S27`vLeH@b0M={b-
zyV!le(}ot!gob2Nn(4J@4BQ7^ByFJ|>DCh}Z_z)UhrQz}CGnXi^IgN6Dm95;k3djx
zE{+EM^pGs!Qe*>DdNEr|ym_E<=B-uiBy7*%>R%~YX2>IG5WP^#S7L8;FNmor0kl6b
z5GZp?XA2i2AW}`VU;{q<zRU_O4hVo21_VISe78pwI4FRypLX+}r8<{sLY)}V&$jtk
zEy3mgni9<lVE%4zw7;iBD@zJ76N|Y!o7$R~nh>iQT3ebJI$PS=5-XcJx&o(q5utBZ
z$q8Tsa00&l0IiZ4xS<8W!UTK(0H=EYk4yvryvGwGBVZ^vTDk%QUBvQ^=7zSGp5M;(
zt*!(7x74%%4qh-&aC9(WM)zY~ho7DV`<7s1=w|3>%JkcEFC;oN8xtGQ@&Uho@ZXj#
zV9?=2fc-VIbF>Af`(Obu9=iaIj;L&COAM?ZVQXyZWNi0S;<$vRv!sg=-DBQ3!;exE
zz@?Axcjqx>9EgU$FZs~JTXM|%8iBh*o~qo@-e+{^eXW60o^x7+oA{k)van1y;E8%_
zF$?^%t}Kd1zgtRY!pW6OTytB~Qc@#BceIls<S0r|QFV9&qf^u&jcx1x+rVc5sFj9y
zZiX{yc&TI$QNB5#Q1ion%CBHLw5~VX`+G&B)C-FY_015~M;l(1)k&v!>}=h<5~M!I
z1k^%Qe1fbC>U^r1<d<U_w_Z_=>!R5uz=Q!e{;7mJ7*Yv}`4zO`B4q%=MewWv(;=)v
zcReoIa)l4r83tkBz?Lr!3&gpifKoE%HoU8Zj;!?aZWzqBm&5AYJN6h4ePZtsyqiyL
zHXxO*qFyxFtHmQf`!>vS1Hgf+Sl}+d<WBRAD&$XOmG7TO8^D>4l8jwmP9Xo39oqLn
z+0g8beku7W#UL_gYLV2AWHEpoc)tixA%F>30YBY@0HnuE{-18jFDc%TS>Mk}4)J)u
zf2-~Q4*L6lU;vlLvl2nr0;~b7S<G305QaaBMX>x*A%M}z!jPHX)Ro@po2k>AGk+@@
z@h?ZQ{%?+Y_IO!h2vLAAuv`VKL5L)1$elG9D1Zh)^`moOpjh~ieQ^R-uK07c0!9%9
zWdJl3q`5x=uu6)5*pFj?g)6)Po`9!6+5pfHoZmi=ow1YsFFgY&{r)bn5b+<M`dje|
zr(fR4_+#`x4*nlw|Bs>nedLP>0ly9BZxht_${b*T$J!^pzvY-tcz{8GK?H!>0)MSQ
zEkImB^4`P7)!=Aggf^k)d@{F(<7G>RxWZd(0H)v|^&-xp0QqMuWMl)(OMw6fkpPH+
zk$?=Fy}5N@E7R}^amLlVUmex*Vz{>jMWJtX4rP2s{lo~280Ovp_r7Ydpt=jKjsx^f
zs`XnGWu-tXL9uGsBq0OkB;a+`FrZQyCqL|to-MbCR`GuncYWWSf~wPgkeIAG5&mWV
zx9igXblsf&@WhsYjp3Ha>?TnU6r2nts(s(^?mB|E69ma;Sma>DY6xtg87|H5MA@l3
z0&Ri?ux_V$1`+nS<n@-jorR}DfY)uBUTh|caHvg4Bzs-*(o2F<JqfN<X$v>*l?i(c
z;c)P8*IoSSy4izc{fe^DS8g=+<w)cagNNeG8CsY<xSYLL+(_kJ{9we+!&goHALb?K
zk|5ooXIP)hu#ZMiAfiH1v)Q7hi@UG=X-fE(6K#*I^{P-~y)EKR5oIzhh#y5U^h~2y
zfQtM(%g@cnn&7m@<IWo7Q-pcMu0{sbPBfEqpX}U%pZD85y<|g|5ExmpgnPqE@8y*?
zNa!-IV9h^(p9`ogc?n(2?dmGl;vU~MgquOS1|QzI5!K-lklQfUeoI8ZC#$3?L{r2~
zR}Ss?7H*`+yh|P$8z<$$v{>B$Q;Ssw_4E1X=OpYe4tkDMj49Z-_M5r_P12siIqhai
zVmbA`pOjQpOZL2IdaYxb2ZaOSK69V!+Dgjk2kjOr7xpCeQgv4cjYd;)R*D}}&s-}<
zZ~v1rRTL6S0tUDVeD}ILY$B+Z%k9fI@Af=_!Jo&yOOI~L_mt?#p>yE0`<Hw1YFul#
z`gGkf8*0mIyY|;l?`@unzd)U+-eAhJ@2bN}o=x0G=YN@`;&6AA8?4io$Pk{^fy8_B
zWMX2W&Xf)TE&7vmus-Ds*;XhHgvr1H0fF#*AsE|H<-t1VwQPz;1eP=kNI}bSB*YrG
zyYD#UW!DMI=_zVW>f4XhmX$5-L_-u!?u}98vWN4R&-A%J4Oop#A~zw~J5t6i25OI6
z(W(gy*~jlDu_%`iWxX~9N6(R>SRp&K1UU}hy)HLQBOX>&-G(9tze0FfT!b9Y5j1JZ
zXubY9Gvf;vSoP~neC@)<*;89gQ*k1FsUT2#Jsr$xa@S|Vd?b};A_??DA~up0!mV;6
zzT6Nn8KwmFG(3t^gxzmX(WR^G!oAkeh<Z!&X2juxz#UW8(PJH;hLyv1di=3DVrNag
zTEU4R$42<{!C%5jp;fIt7qphUCAnSX$YnCYM2=R#rqRV}Qz0;`(cL{Oe(HSis=IQ1
zAKko6@RDtt8<cpn<lXVUS-$y8jj1QC>BJ2z@5}`DNBtDLU#oCm780s3Vx8h*h8+(<
zVCkY26iQgHexAQr@JvWxoqri?zHw$8n37L?Z1@@TgtYaIsqHv821EVE0(*(JNqrCY
z96Fc%QZ8RZ9%FH1qN9An82w8xHnWzm@A}QkW<U?O&I_G3HCL$Mz0WFWZO<jb!*CtL
z!Ey#B%;IvD#y))N*=b~H)0wVjgpE&EHqT-8B8|A2Hjla8WB0IAdX_0FAQQ=pk3+<C
z^o6!I!X?xZR0qZfnl}w>XXYxW=F`(5?@ZCJ2GfF?R~_|?J!=vjL-WCBoP~QuB3!;g
zo|aR_gj?Qwc|uYk!Qs=V9E0regos?zhH^vdM%vV7kTlKYxn0k&6X$JnW<a?V(j0zu
zT7YYsV9`MEp8w&rc>hd+$67i55kDl;Kasfio7e+K#}KwNwQ#hwH3#ZMDd1mg3scKq
z1MVEZ2HYQ;|6QH^JEtZwmYvH@;h;LmpP-xLA@XUVt1|oE+Kdwqj1nuyT*1d4)C5kr
z_qyCN#lkK(cw3@=n&9sI!wrkLlj1ZAZtZ(79W`rhgoyi|W62>b?|~&J*yu9!$55x7
z96T(?gjX%asGT509C2AEY=!VEVv8<7ERZFo(_-ss!^4&@zmmuNE2qW}0k~Imp%12}
zw-&t=$(61`#deNH#u3}-7;0f)@}smW+;a_;Fa~Rn#%zWnrnDy5mT}Z(MIU;4vI0Cl
ziXBj8-hQRd!n!XHx>`u`pJue5GsG%Lt|j2%=X%%cYnd0k!0!zqL0Y5G0}MxUubuW!
zgDdRa&68Fz`1or!OEubkb83)HeiVE9uAYDl1{QoWul(J+fdHmXL(~C<V#aUY4T49p
zXhjri67fqz{gvkgfj=AZqj&R<7kqlG6UWT_n->FgYJg$P-<$s_U+aJJKqi&*AQUfC
z3a})fnNyY|NPXejL#U_#2|Y5W3JH#iF`j9z6y#hPJ=@KP#A)E;?@qyH-o=T!K0+uk
zAqgIUMq#Z`3Zo^mNE@k)MXRVD*$g8hI^c9uQPzLqA;5rJQbhQS7O}M6_&r;_4@R@*
zvqeSek?a+OmAHUVtG7FoCKJi3TX*kp6|7a7QIGGWkKZ);A)Su5#$bh`sZO;!u<oDF
z(eHMJl7~c3k*rn7B81OzQDD!XPbLOWL6F$Lv9o*7X?(IQHlU_X<%^Ffq+U|rK-pBe
zc1?3YLgs>7PM;RS7M1Q+>r_6KNWXT1@Mgb5&d3+L-64Z+;phs5>Iutl9tfxukceX6
z>N$KDr!W90U=b)VP!Qk>5KxFC|4|X@TLGxQb{ANGXl9_&rUFp>FO~K;wNLa-?F(k{
zXYqz`|B%~`)_-yrerWB-+GD?$9urf0tYi31Vp{|FzPk?WfJgTn0_a76{D1Nq{-|*E
zZ=JB8Yw-L}6|R1ivwKtbB`#z+1Z=N6>yQ=Sxg*;3QwUtqp>%}sgg|exY`Hf~`9_^W
zLk_NN7<45y$=v2l4=>5mDyo!ynI{2gUOy_gdZ~{(jiB@0C_yle!lJr_OSX?HF@pq$
zf@73l0N#jEEIqi^OlNQQ5S>yEi1AmaMu%Q0O0w4`!5N%L<;E7gjY|F+9=UV~iwibi
znT{K?yseMu#+F;$f;hm3m}`4e{c)vV%JGP&2HywfTxCS%enQl%=KBoc9*cqD#hm^T
zq(G;uHd{4XOU)vW)V_q*-(mVqkr>bE`gxAx{6{aNEjt9~uMIPoZJ~%B3h{AiI6U#1
zlt*k-=%p0C;}@QPD9Z1(ASNQg|4vcD+6X<jMv`;y*ieP<bd9@mO~-Au^|m*!!yjts
zJy>y>KX(}}wWj|B3QNs&|4#0R4Ug`M9s0iC;dZD^8)8-si3wgJfwgV))r6yguY&JZ
z#RNu`#atmjqU6CX1f`hjxG5785v@DjxXr~4;eE=zpUv{E&5(FY_7dt`Iqf(HXY-D9
zF#EbY9*W#E9uH1#4+a<r#62m;bRvyyoe2x$+p^e3yVG7_a7RBrDHxbLDAdl>Qujue
zA*OkX5~7h%)HQ74A(@xuFQwMG?UiwlEl;*YLd=SrS+3yVTP$aG+lNe?Yx2Tnn$W+b
zeqn6SNDhO2DdNd3{ozoAr<t_SPAZ9YhaGU4>bqRFOuWIrp8aIAusOB`_Jm-spAy4&
z=CuQiDfKRw;RGM`7zrq0v5+0R+}E^Yi5*F2qN^Jth=b%4nS$4NHwp^Em?^J>2z5tx
zqY)F<w~R)v+M#;QOU6?mQ1XyJ1gowwS6rzV!wc|n2FC3_L==!@G|$vS#@<n8Y@Z!I
zoxi(RJYk*=0!Wkf2-LT;THqsg!-4Gg$>3LTo(FxcynmH`M&T(@;>wm)YcAjDw6e5!
zhWW_`&A@)?4Kf?wy9ykXK(C221Hujn(TLqA0%tA)PaCI17h*fZ^?W_+ZNZP4PLtvt
zs<|Rh9z<3{O1ne{+#-gIu*Nn{kT?kHjFUbr#D&k!>mcbYf~;Oc;0ceY;A_ztj$Bek
z0vK4$Gjt93E0uGI@fm?D&ap5RuBDBOY~4csIz5t;r6h23_SdW?D^S!N+AjzFM>3dP
z^Bbz^*N(>8B<Z3~4DHX_^ZZ8R??}_hk|AWv6Pm)vuLkYCoSd7K5N&J0*o8D<dl+Ss
z?=e|;y*QzQsLCG@A*D%L9vY#N1)yAiRg}Oo5MX{les2AtD5-y*jK3+$z<*Lv{ua9f
ze~jH(ds><Ui|qW%A|pG~&xIgZADaOG|B7Dzora8IwewxaG<gx5csnqVHh`~=B1D1l
z9BSU)8fWu#eROg2q5evJsW(Fv<#z6Rg3oe|4->@3=KWJy=m|ZqBEdAptvXV!?%=&<
zIp36FG8Yyuv3v0wJOXS?!Z3v1x^DX{ZN-6M4RP4zJ@dqj!t36x*kG<AwH>b&Wy@DF
zy7QTTr6IlD`<I_s8)?$Li?!CII$=D#x;#^K_)x@iQbGxWUI3Zw?8!PRa{s{h9=;v)
zwT5b@#wtNCpAuXVTmGVW;K=0&t-TUOh6IX)^L$oXPn~bYdQ|!c1m%xDL3?GPW_M9&
z6N|#kqtN7jRzsf8Ny}?oNm&mQLnT1z?n}ihgFF-{Rx)9`-Y!K-g3-s89uo9Vba?px
EKfaCG(*OVf

diff --git a/karaf-assembly/src/main/resources/etc/truststore.p12 b/karaf-assembly/src/main/resources/etc/truststore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..aa430cd6cea20b45cab4ee93b93ddb5bfa565792
GIT binary patch
literal 2266
zcmV<02qpJ0f(X_E0Ru3C2#*E{Duzgg_YDCD0ic2ifCPdFd@zCtcrbzpbOs43hDe6@
z4FLxRpn?cxFoFnS0s#Opf(Tj$2`Yw2hW8Bt2LUiC1_~;MNQU<f0So~KFdGCE_36Ya
zczgI;K&GhWQwt~?3?38Z0s{cUP=JC6Ah4OOG_z4f+DDNe9|M><HIXW^6acL}6(g0U
zPL!ra3<ycM3+|1I6+_y4yL+w>6_}Q(yvfcC^&_cW>yQk#7^I_Wt0KctQ=k1`yr(d#
zb;{`+63xwPvoOWD9ETRg$o}Djc(-5VqqNAi(~e`$Jssy-<S9k!hg{F-Mcdp*eupZ!
zg;!FoF{B>(RDqQX(jg7`kr&|?5$;7qey&L;K<Tglw64WfU4F?OaPI#$>;G+Ywjj}N
zyBSX-knuHx5!^vju>gYVJS$SiB<3PylUj5JN$Oge=LS6)uZ^fpdXX|LY=6Rt9DQ04
zV`FUftPZ7LtfP>ly7142kK=tPtclXZt`W9mw?tUxQ~&@{9*sm@c~RQ-EPtNxmc@6n
zNYN4id|h3hz66q~-rawCg6x+>bZV;ocRNT`p7V7!Qou70Y=6L0PphATL1)#C=iQz6
zOD3evIJ2?$EccK66fL11J|BHT$PEtY+(3L{RcW||w@38yKMMk}<Y1h|`!I$zjdeHG
zu+G*}M^b^c0c>O(b^P0iic6jq>M>3mG6<yPA1(_$TiDeXZCQZ}zGo)xk-WuDJF|x!
zFiRkH<le=5PfLa+?b49Eb*chVuwvKIBAed?13tjfGiZo<f(DNn)~<X!=f@V@l2cPE
zqC`Yie_M-A%<i{Io7XXSMnpB_PvOyl=x*}%CaNbC=kgiTZmylR-LVRDAujh8lktWo
zb?L;+QiMv$QP1-vg+@kNAg*4Efmn5md_KMA<@KRioQ(Wc=kfq4J&W4F6oZNc)k=<K
zWj`~_(f<5(Cu?klyEvKsrS&BJsX01EVhUpu+|`7&vV*_L&hTJhWBBU7<6h3-jYyZG
zOMg>ysV;)*j6`OQ0GsWw>aN^MJ2x=0Ki2mw5yw-34ZHFA2V8}mPov2wN;{VLJuK&;
zP1?@ngT_;Ep1~sA+dFa9u4axP`JwJV3PmfBYlvtO=}Gi%eHY#d7{d`l`=6dMcM@7v
zWu&2v*Gt+agxuPlQ9F;83GAOfPB2K_i9)v%b6Xh|oeZ|sM;Sht&S{v0L_)%A@_VmM
z-$B<S_T!r)C$x%hCMAdKVpK|K)D_;0F~maS5BqE-CRmvxZh({pf^n!F8t_bPw_kJB
z$U|BuB#B2*6U<VFkV0kCAXNzo@tUHM2=jH}5R%dZbg2bRw3J^*?_Z9e+SwWz9QB5x
zSL_;u=gB(V&R^tf*$4Lzb->-p4lb?sOC3vPa+XpxB3^8#)HMa*ay(fD2%|IiNz!<6
zmk>&2z<ZX;#q1?0G^oMjR{5>Ry9ujZK5|V-VlNy!Cn|pK$UIA1NbF1Se;XjBz=s(z
zV^V@==Qqs7q<|>BDUF1}teO2ER#Om~g;RBr;tx!6wS)G(ZZg4P#45d;`SLSaDev7c
zA;y^Yx(dfE0+>3&jJ@D|*m#+fFIQG<!!{6d)ubtFbj%4Nq)VSHa{g!oV6!lDZg(fH
zL2}Ow$Qb0zJ1rBzJJe8Y2$8`w0`m}9VbxQtG=d7G-`LQ#7@ghTIM$?hn~g*2WNes|
zyqCTQEk?2G>HmFs@B)oU9iCc>Ny3w$oKRSM`D@s#F3d?fmA*Gi6kO=F0`!4y1O<fq
zlrS^2n_v9DIm({G-!z@*T8EXn(^VO5dwU}YT=ypCzSJ0?c$*&j+rQaV04V^Je*4}V
zCgPXf28A!Kp*8Pso=49g#~QQEDXQ`!p03E;!*gPZPf^u97a!U$5jLT%;5)vxk$tG)
zffaqF_ZI#P&CCgapV~#fVJA<sQrQ1}*@<@j%1F0v{-&Z;g-hTI*Or>KyUr|(u2g+l
z771#owy3aSd-kkXZ=&`kr$gB*P@Pml5JwK$C8ghMXT+?zfjtR&dW3`?#n86oI`~#)
z*<w$g(7su80a1-8a4QF;_85vM?%4NhA|&@SdhXNu!-`1luNfW?mc1p08Q@mO5H^}(
z5vEG`ps(5@3p-yI@ulUE)ivYr^M+sKY>7!By8c#@`#xb#77z0BEbZON;L*1f)Z$VF
z|6;XpQE3sou*&^%u#v@oBtU)SASL-^RB<jukXCqR)C-$2#uKlM&5%3xJ9$0?s15pR
zeuXHSuJSvexm99m#<HC`)f7~&v}@baCne$<+c?q{GBl|2^@;eVuC_U-)k>+rd^yTi
z@q{o;j4Ka_+`if-%mT{3vy>OaSJmx?i(1=>p6qr?8xWhl=7xD7?KX6aYADM6K8_0B
zr+6l(!2Q^^5_nl!Efb`tbMl1<1z1x;-xb2ensA-Fk{P!8Ca*I8BWfkTK~bkue#Wb&
zdd38WlkgkZ!WU}-d{9c+E>}MY&ISqAY{ph!foUms&aOjgYR4%#Dh21F0c(H<)OkVI
z8?3lc+Ha#&8&2bqKo~3GH;N8ej3HD%8;!k+ZNMl1>7#^3lb!VoL?#o0VrZuT9Zdzf
zK4;)R7!CsL6bcrh^tel4il$0nPl5U1209G^rJ~sqx~kcod%Bvw17L3X@Wd^X&<i8g
zSMk{ir5EC7Iegz%(IA#fkhJ_SmX58(aa~Y_FYnEa1Do5NZ@$j0-q?})%BgG{xk5`A
zYHML!{NLY6M<opaNnhqr6WJ7<Vc5#)jQaKpi^)QHbRY+>J-F}B;tFlBx)wXUx6r`4
z)nc_2q~%*k1a4t56^Ldi01ZJ;v&NO)8(T5(2WJFuF8(18!kk)al}*tB_KY{^-qBte
z%wvOgf>hFgG4w>LJbeEp=LET#9k%K)EHFMWAutIB1uG5%0vZJX1QaB+4I|w6w3iur
oMHiK}SS7VKy59s8_s+sV^Tu!qIt)hP^g8I#Y)O}U0s{etp!Rk@DF6Tf

literal 0
HcmV?d00001


From eacd8b932698b01821f5d22f3161d6bac776e6c9 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Thu, 16 Jul 2020 16:54:54 +0200
Subject: [PATCH 127/237] Fixed keystore names

---
 examples/example-getting-started/system.properties            | 4 ++--
 examples/example-idscp/system.properties                      | 4 ++--
 .../java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java   | 4 ++--
 .../main/java/de/fhg/aisec/ids/webconsole/api/CertApi.java    | 4 ++--
 karaf-assembly/src/main/resources/etc/system.properties       | 4 ++--
 5 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/examples/example-getting-started/system.properties b/examples/example-getting-started/system.properties
index bc0db3a40..f9e88f63b 100644
--- a/examples/example-getting-started/system.properties
+++ b/examples/example-getting-started/system.properties
@@ -148,7 +148,7 @@ karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
 # the karaf.lock.slave.block property (false by default):
 # karaf.lock.slave.block=true
 
-javax.net.ssl.keyStore=${karaf.etc}/client-keystore.jks
+javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
 javax.net.ssl.keyStorePassword=password
-javax.net.ssl.trustStore=${karaf.etc}/client-truststore.jks
+javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
 javax.net.ssl.trustStorePassword=password
\ No newline at end of file
diff --git a/examples/example-idscp/system.properties b/examples/example-idscp/system.properties
index bc0db3a40..f9e88f63b 100644
--- a/examples/example-idscp/system.properties
+++ b/examples/example-idscp/system.properties
@@ -148,7 +148,7 @@ karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
 # the karaf.lock.slave.block property (false by default):
 # karaf.lock.slave.block=true
 
-javax.net.ssl.keyStore=${karaf.etc}/client-keystore.jks
+javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
 javax.net.ssl.keyStorePassword=password
-javax.net.ssl.trustStore=${karaf.etc}/client-truststore.jks
+javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
 javax.net.ssl.trustStorePassword=password
\ No newline at end of file
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
index 18b754efb..4445cf458 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/ConnectorConfig.java
@@ -49,10 +49,10 @@ public ConnectorConfig() {
     acmePortWebcon = 80;
     tosAcceptWebcon = false;
     dapsUrl = "https://daps.aisec.fraunhofer.de";
-    keystoreName = "client-keystore.jks";
+    keystoreName = "provider-keystore.p12";
     keystorePassword = "password";
     keystoreAliasName = "1";
-    truststoreName = "client-truststore.jks";
+    truststoreName = "truststore.p12";
   }
 
   public String getAppstoreUrl() {
diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/CertApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/CertApi.java
index f77c8bb19..9d9dc1d54 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/CertApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/CertApi.java
@@ -68,8 +68,8 @@
 public class CertApi {
   private static final Logger LOG = LoggerFactory.getLogger(CertApi.class);
   private static final String KEYSTORE_PWD = "password";
-  private static final String TRUSTSTORE_FILE = "client-truststore.jks";
-  private static final String KEYSTORE_FILE = "client-keystore.jks";
+  private static final String TRUSTSTORE_FILE = "truststore.p12";
+  private static final String KEYSTORE_FILE = "provider-keystore.p12";
 
   @GET
   @ApiOperation(value = "Starts ACME renewal over X509v3 certificates")
diff --git a/karaf-assembly/src/main/resources/etc/system.properties b/karaf-assembly/src/main/resources/etc/system.properties
index 73eea6e96..3c042fc0d 100644
--- a/karaf-assembly/src/main/resources/etc/system.properties
+++ b/karaf-assembly/src/main/resources/etc/system.properties
@@ -148,8 +148,8 @@ karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
 # the karaf.lock.slave.block property (false by default):
 # karaf.lock.slave.block=true
 
-javax.net.ssl.keyStore=${karaf.etc}/keystore.jks
+javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
 javax.net.ssl.keyStorePassword=password
-javax.net.ssl.trustStore=${karaf.etc}/truststore.jks
+javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
 javax.net.ssl-trustStorePassword=password
 

From ec315d286ac7d8678fd4312c9ddc9d9a5d352fd3 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Thu, 16 Jul 2020 17:14:45 +0200
Subject: [PATCH 128/237] fixed ressources for tests

---
 .../src/test/resources/client-keystore.jks      | Bin 2537 -> 0 bytes
 .../src/test/resources/client-truststore.jks    | Bin 18467 -> 0 bytes
 .../src/test/resources/consumer-keystore.p12    | Bin 0 -> 2693 bytes
 .../src/test/resources/provider-keystore.p12    | Bin 0 -> 2693 bytes
 .../src/test/resources/truststore.p12           | Bin 0 -> 2266 bytes
 5 files changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 ids-webconsole/src/test/resources/client-keystore.jks
 delete mode 100644 ids-webconsole/src/test/resources/client-truststore.jks
 create mode 100644 ids-webconsole/src/test/resources/consumer-keystore.p12
 create mode 100644 ids-webconsole/src/test/resources/provider-keystore.p12
 create mode 100644 ids-webconsole/src/test/resources/truststore.p12

diff --git a/ids-webconsole/src/test/resources/client-keystore.jks b/ids-webconsole/src/test/resources/client-keystore.jks
deleted file mode 100644
index b892a543f451d0ac961064942e2140f89d279b9f..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2537
zcmZuyc{r5o8=h}AjAd*M23gL?(#-gVC`y(=I2}3|w4iB>FwTr+EOAH^V^<Pca*(a5
z#7HOPq-;@WLnT?FbSyEJR!wI(zjLmB*LD7Q@9Vjr_x<kodEe`PpHDb1oQFUlP|*N3
z20#);2dq2PA|Mb16y(5#pbQeV6$!ur1E?GTARurKd}jIxQhxLz-gWS^;JAMHuPz1{
zWP?rvcXtj$zvmaZ8~29~=Nia7RiSjl<b2|Ne*I&z)UV1ZEH(AZZnn<w@=>zNp(V?H
z*RP{9l~&o4MU=cL_SBE6-VQ63v38%I==xrIs83(5C8UkS@_WqU@SnLF@=~_NhV~fQ
z`O52z;++%Wtsaja>*Ym_n8>qNTHbfOF8O%9z^^NmJTckVSLh691-4fzpID-|QXZ(3
z@ZZQ!DiodXON>a4d})aB{axpdf3@&Yrms;4xX1Ze`5Erw;8KSSpN>r(VYi<0j_BqI
zzo9FL0onF?@$Rc%dq1Jbn~p5D=ft~zYYZ7aS^rAapH+d*)AM<I?W|5zPGlmzP&KBW
zB&erZ>!S7<{Zz6!cx|}lWOz+{KOz86-BdxCe_Mx3N;2u-Y*Qn=B>JTMIGdQ(^nqZY
z7nd-Y`}k0w#mS=~@%diH32jd!Qrp~I(!^Akeqi)$0UqK^VBxrUhFJ%;x9bQ2(?6yV
zz-wxK!0Qv&ZH=NEUCJG&npM9>gxWs1q-lt^H7zgj=nIa<D$dHTDBc{uVG)>A|G8Mu
zYMkU1SaIf0DnI=;`7u$=mY|1OytsV(U?E1`X@Hi9t@^wJSW(8;k~u!1NjJ^q`X6O#
za(h-A$;d+9M-z_&Dg#w&T5(-Yl)HxcssmHHemML$8!@co(FDET(r2ohWojOF5BPF~
zxv|;N^EXdO@45W0Op_#WSqEupntimrQUCdcxes%yyPF7VU3JE?FkFT}_Ab4s3g;s%
z(31=DPN=<Iq5oJp76k5Qu!i?t$Z{PwWXWVJYJCm#Fwcra_thF6+=aLIslD%-+W$gq
z+^Q__;8v5WYlqqJ7ZE8yMO_2uKn=e=hz7m<G0a`yxnL=vjGSIdAv}OMMz$9&&XBm}
zY5kPD9On!By;`FSCBz?kAD{5*iCb}aKVSrpd*_>IBe;2~;a>HViTvI7kP#-748HK^
zP)CbAH6#2(hWVd&+MGh0CY!%1cOJ9iVUueULb3OP)N0wCHx8M+ik#4h%|4&sPwh;B
z$D6139)EG9AmkPUpZR)aAa$$T#le6U8IKSLbg!FN(a@_2-3uox8yT5Zv0`&^Wfh>A
z>)^{cj}h<fVq%sq2b&q1wVuYdXT!c&wP<iw_ogB5Idf{1if6#Iq_)vVue@H{!{R@E
zN%t3L&7&$CVn*`@cI2~I)}sr}TCL?Oji^~Mt0tB#TxH96V7zC#O_=(%+n<~@3ktDc
z?INPGibw4n&7Aw{8CB1BElWtno)+%5{AI$BT-d0kWg|6xjOof7OSvmA|Ih+c+uk1`
zGgO2-kQ=?JdOF~fqt`$lBWCT`Xy+|vrp${(=4SC{0Z=V<rKaEQRWC#$n&05-?rJ=J
za{V-xN4X!7E5vH;Npykv*Q5ABV<Zj7gqCIo`SQ#u!s8G(kA*{*@J^kJVrP2ajT4bI
zIiC!x0g9!|+_Gkfw;M!YbqAw3s&IPZhsfVnbYBB2XIZ9Y6HNazGh|BFiAgj(lGIQ_
zew0$e%I)m~KN4gMO)1OC*Bogc-!2Yb+RC4MQ#9VwXY=IxM^n?%XNc4F$m-jwbBeef
zzs0<I8ROUGDeiMk=Vs4K8EWInc2u)Nq-I<4Ud{I0wX(99{dL}4&Q-URlEv2Uj~h)9
z;YBn7%^(nXrKlm6fgD(BDGUlgp#Tb$MoJiP9k?H)0YDM~0e6xlK?x*`0!J!9ZS6=3
zpxin^Nulh+s1eKnmOnj=qy%nSPr{^R9Bth+-6D>Vtu>86k}0@ZNt(1BG$NUhjEs#*
z-~kae`;LO4|1XXfZ7$LgmqOZ5kI}=JBsmbho)D7~|0#mbqy^BK|6PC#D7C&$QVL=1
z=w?SIsenp<7bLsEHP_1`2M5xbY>)$Je}6<#`-gD=G(?m~K{)^bxnqBfw}!)<InIy#
zoMYkPSZ4V`+@EjJSrg=BH!JX+CKTqW8Y0el>b@kr^Uk<(t7wt9#aCHN`?~dV6+NAq
zm@~F8MYz~E_>HnlqZl7WwruF$tE_X-tc3q(ZsE{@YO%vZ>3vEJZvIiOo#WW*jDCFN
zB&T&;SHHWLqureKOE^CrHfW#{*m*8?sCVsjE1KvscX^8p(6zec?(WQX-_|m!=uH@a
zl#Qe$KC_a<D&3FOPOGuFQY7sc_p_h;zQ`A?LAJ@)jm7mkPNm@ZZM^1buj#&m+wBN7
zC(>H@Sg7??iMK(dK>gS&LWi{=)MD^R7EYGoP+4C4j{GRA1_}cpKsg797TpLNR2N;N
zx(plxSJY1Oypq{7z0bd~`P-M4P0`z2moh+&_30nr${;2|F*TjDz#vXp5&91We~2c=
z)Wxc(Z#YL?0S*Nrpyc{mG#n0tB1*yS>qG+%f<zEsYEY`j-4eiNhnO20(!zp?)WC2$
zjp+ZczleTx!$7}qqG%3uM~aJn-3Wvj0KgqUd(ieD4nny*{-@!`ied({sG=|aODT-S
zV$-NJdKi1%qQv#!?_=t~F`(i<axmz>5da3SS1SjngEWprFpEYF4q%0|IhvxHXe=g^
zPGhse{%fmbxah4xlHn)-irzrk4V2qJ`3+RqK*bH*w1JrK-6?v2B6k81*AHhgwgzpJ
z3k}&hRF%ie_Kl}}Qq{H(E@tkW1^2W)ul#z)L8)nT+LLMmlKk4t#^}6&w?}}B9j?84
zZt`YEew}gh@=mgL!K%&g8b@H$nD^A?p&KYY3l-+mk?!~<$#eGDXSt!7!`gO3sc(OL
zQ+(g|Ov09OUhvwl3Bt+wjQ7P+KOwgT=H~t(T=enGdY44^eA=TNb>6FeYPLd5Zqb@r
zyVnZ$1O}ug?Uy(lId}Dy+k;cLc<9c8N^|qEaBauc=fh-&i-S9IqaeFB6S$*i>mYAQ
zi3S<4sUAU{i_Lj)L6wrSiL|mbuUhqlwRr<!c>%rG*`fM9>+JH-^i^#1_CIda8Bu26
Q@1I4>Ib^G3O7cGZ1-fG;0RR91

diff --git a/ids-webconsole/src/test/resources/client-truststore.jks b/ids-webconsole/src/test/resources/client-truststore.jks
deleted file mode 100644
index 141687e9b03864f90c4851fe9412a11e0d80e2cc..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 18467
zcmd7ZbyOXB_8@TF-Gc`w*n@`zcMb0D9^BnsgKKb?;1b+}1PBCocXww=_sn#sf788t
z&hGZiAMm*KUe)=YcW!;^a_iR9;nN`q2ng8A57IBMkoJ!H26`YMpz8cR2$vv`s`M-X
zb`TKo9e^MB2EY&OYZf>dC>R(hC;$-(_Dzsj&^00`C_E$xfSVB>01E}K1ObH(CM3*=
z4nX}8z#+hi*y%Z1nOYkg*)hHXVE@<%j({RAq(CfhZS6oT$WP1!U}OalVk0uL0hkzB
z7y&?bCPsB^L?)J(5crP}!1;f0cx(XXuZKtaad-ts{eK?Z50vEh%LRo50rvw%1_Ahi
z!h!jLf`ZgHDu@YNMw)`tr9wB2L^DoJ61m<T>}IBb570?(@8L9qyhV6_&RAkTsVbmd
zc=t-RDwuI0jIb#$Gfmm8R-{I7UzB$58X5T9A5l368HMp+uHoJadmT{iK7YSm<vE`H
z4XNN*gRKIgv)+k3O(1UD0AzGWK1k|Fr$|Z#Pu0U2QhZoRhLm`}>q{H=?wbhJQ+eSw
zV!m4Und07^knz$&Oa~@&U+-NIU$baL?s8Bu79xoShfPk6>%kPonu)<;C7b#=H?uwC
zQBo|<Jq3oUrOYH6j{?)zpH$gGk2j>sOOj-}gZ0kDfcG5|uoo@p1zQ<j?>^A_nVDNC
zKI9aGfrEm8=K7uhd=CKxFJB=65(E|mMrgR-@q79WKDrT2i)$Bpw@UX{1OTERZ<9jc
z0I+;8Qkp(_PBdS(#QRk;&FMut<yg$@1CW1w038(c83Gaj{_+BV|FHoX0^%iaf&gqk
z0wM?ifF3}b^(Kodh{Dvt!G?o@!NAUfUeC<l$bjDXU-?3BXvAP<Xixw09zYQah6V~0
z5)v8|6haIj0ucIV3;+vy`;TK7T02`=SnIv)@$Zgg_mXY~dIm;z4nGo({>LA`Pl}fu
zen|>Y5Vo0>4?EmXEr@9T3AGtRoan^2QaS83LqtM!b<XHn>YR%pj+fcnVk;bx0p0K>
z`v+bV6`}WsG^;Fb=iU0W{>%}JMRW{@9~=uMLn+1XgoS7f_RfS!aiUD$9hBeEqMwrU
zAY(W-vm+TAnXqJfVp+Nox_0x+v?pWSjFm|-V$DZ&k%THoui$k&B$Nz!6=kKy&FKv9
z5~Qlm_A^GR-0QS@wV<!Bd@(c<ry>a%<+;#(R7i(^0Bi1tvHF4xb8P)VBbpK+`Wq}(
z6yAxz;IcR*%y-1^5BD~d8Ix(rvhPu!k7r!aAs8$_+C<+BK?m_FDT{x3M~6K!8f(xb
z$#w9H0$~3n0P^WK0`y)8(0U<2_*Vj8L9V(CF}BWGJAeN*LjJ#|0PsQq@P`b5Unl^m
z|KCdUzr&y!?@L#d@0HH}dkDEQJKB|lm0_tQ2i%ARc2C<6vw3vo){J{R$!sHMy+gx2
z@>uI~o}m4r-&-OH6TlO)Ng0#%Z=~mRH#a8vYArUSYC7jp{JvTQB0iyT@+R_BE8}D+
z1ihM*jR3o4!$S>H<iD*qdlNE@({fzmR~IbijC!2w*#_)DmYAhyU-dOUH&cQMTJdN|
z=8L9PHr7to_24#sr4%7#%NF9g$En%3c<HZ}gg$I0>byK@7XALSUt%s|O7Jj+WH=H}
z4Oii`-pSptJLEXyCtB)a$z}>Zf3UP5IL+cWA3;LM_u|z(XTG_*?@~s$De9Dgy#kB$
zQ%I`P`4t0QfcEbw__t^J{}lxye@L2N&b|CoUP+1`q4)Ek?Cx)DHrn|<5@>*jiE&SL
zirw5$DEpK5g>{Pcbu>MDVeE)jv$dD)l9**o4`QZv7*4w&nZ2|6;PwbgHh~=05lC#z
z%?s6Jdx93FOAbvdEo8cZvyY^gk5gX1-=Q>th;3dnOjHZ<iS!*1r?2*v<XtRO%NK@9
z!P$vjqup{=l$4sclBeR4d|Lii`REtmL??vwL|al`bE%Yxz!4o_Bhzc=w}#o!2%_7^
z!Q+~(f(rZI%!yDmWu8mz>^%0$xFq2uA(lqxUQ34GS0doJPC3zU-B5bLJY5+;Gq?P<
z$lr34c}@Wd7a^4_d(S`V)_QVTbm_*uoO_@kP=-d9){IO)F2UjR%qK4w=jNA_t^t4q
z1@|H#1n3(uRM3|z7=#~K?#$FExbtJ3xdoQcjXzj@R222?I=3V-qQ)s@gQbV^(f&0f
z1)oZs-Y`UKm9v7{e#!1uR8BwY&b&PY;6DB;bofB(qaM(`J?Fg~Xuep$x-sdE3Wq?V
zNN@PlF)N<UJYBE{#V2TbxR6dvAWYvfO-s3X7T$OhLdIuH_+>0x98|{xVAjpPqtyFp
zSDQ7$a2(p+*Mw{Gqx)%}AWL20U@wKX`s#bB0-v7W!BEz7uQEN)uu>~}Cu9hFolcyD
zEyA{G6X7s66mxw$=)Ss<Y>wbeaaUWvCP5N=VmaH_0rtINY^8uKJu-s1ZcLNWXzi>h
zTboUNdlFfHZ?jwf_=(UZ;j5~^4mWN~2Y~NvM>!_t_7e+Hx9KeQV<kCEqxj<okr5ed
zB-_lAo){m_aonsuzg;kXVMNF`))*dTR?=<+JQ6YIsUZ<)Ax|vsdf{R2W^mGCFc%~|
z<{qEmJ}zZ7?qf%oi$I;cd-&`mxkg=6XhfukKGjg5veRQ>mCNqmkF0&q^{EDg!$U48
z%oud}{VVGh*S<ZD7zzPaY=VIByH!iG6&*OO<$HMWd7daG5)0_%F`8~fNS4bYW&#ka
z2fk&dlI4wvD(7*;rhA>SGM=!pQ3g@e97M`&b&RuwXP)@plWH|gmkEYPTA7dAboACW
zWunw?!VT8=^z92)13K-X`EH_sssuTgotImFgvuQfmB*Bqas@DE%^AdAVbqNfOm(SE
zAgdl@rv41j#c;QLn_nL9HyA@z&Wj1+^^h&0Mubz9;g^uR6}G)C0{spGeLy774~2A;
z);X~<CFo$!pk-$53<HvG*tk?JttGq#wS*h^O_}2#leJZB)9@->Ya`Da=$@bIk<x;n
zJ^0DjZY@ftT8*^AosqN~%Y=SO>3>#{V9qa@Z2wYrE&O^3flzG_(D(xc053+Amt6m)
zkc1XBva{5)a{cEP7<6a>JtsXoGd)J+m)%}I1C0(P<!EJQV9JOAK>M))4julN;!n@Y
zP~X~xkr06YV=Fv5rnr@%qrJn+t`@{XdJcNT3N|mb03+%z^$G+yI*gE!g|(T3gV8@K
zQ6PZvM={C-e7XF*6s9b|Uux5r@ISsj-^|~CV?SzH-$)REZz!0rFG#*@_<<#V`l5$U
z{(vL%dLJkOalVXCvB=V=hKge9hl$Dj9BGmDRY{z(f>=0sh&5udQ4Z9wlg%<N3)?)%
zbl8cpw(s0uYjCF4rF~4VcSJEaAi)FB{ZEKY4FS%8lW<OXdjRa`84Aw=g^VF2dIiBQ
z^vvNC0+wt*A#@-CveGZtj^8iur5pf%Sr;n(g4`LZpo@qvgK(m~Qw>6!v=;a~s@Hl9
zfad_?1~?^de2%hx#~vKhnX}wJ@<S(S6YhsnFzb*K-%}_-u<yrB_*^sQ@&eeXcXpzc
zJSas{PtFXW<sE7!`Fl|uDU@R8yHh$QcAtdacvxRf7A(jdkWNMrlptm#wfSCd@}T|>
zR>ogoo%3^efwk!+9qa!MtU2q2*7@iUyhRR3lMAtu8~TRRpYz^e`8mhbr&0{LUPcHU
z1Teq1G!}TbXNjC|>W{&4TxM-Ey_?z4GQT@|nJ%}mHNa~{#;M5}DHaakDtqUt)ti}8
z#;A=$B=QVPf1O#BpT)8tu*QU5iLpDI^{G-rFyjLu2Dvov17)%wGbn>azrOd{g`9j5
zwkg)pgY^ml6O8DIJVl)_$Qxe8D-Wq?Ay+d@<UAj21p0+OsuFYa!fLRL`s+Thkne_N
zZ?hqYS%*5(r2NTYIkD%j73Y;(r4`p+3W;pQWwhbktkpVBBnXeW28j>1JtU(!&C1Q&
z$s5V^=mjR^3@Xm1)Zjsjc*ncwnKhdZYXuNGQFRbPo-%8n=e`A1Dl9A~m_br4mJP^Y
zj)*_W+1YeX360+CW!76Vb)nAege|SZNCch8&|Oe~tIzl!p@OWEj}<!r5>m1%dX<?d
zrDXa%Q{Q~9Yvh2=PW!OD%^WYW8wYXd<#M58HsJk)0;yUdF%4<NF`Yb@gw%t9Qf$nR
z$SC^hs22fPEdaenWfF!jo=Iuv=J#l2et)&@Jlxl5TW7ep!u)!JszP&o)q(dUc0xo!
zrUGW^R7wb=U=|tXA&x&NvQj4b)*{SEe_aP^dY*Qv@6q}-&yBuUaM!0DuZ!=pBvCC7
z0Isu}?PM4H+cG9MX?r4;WqBQaBZ|Y>vyrl@nIl<vPX<u~Xg8M##rQm;&(y}4g4Nl4
zii4?V&a2^su|6bhnhVPZmFG{}gWd#v2xc4F2S~LyR>bM-eOco@I++lJjp~uqv%6;D
zK_U=KI}yUoXorPs?&}oXYZndMy5c5OuCVbKMT-g^hOJClYU^F82jN)6jF|fMZl5y?
zo1wfsR~v@3XCL^up82_@WZ`~xHTWfw{a;)?_{~+iKb(dD-@tz|3WfgvAJ&(D5P!f6
zj*jeL>S}LqWcA+8(Z+_DU-Tzm0YJ9j`}!mNuUY3`Ia`o;;?%4OT(inwN%k>#5?)wI
zqR4B>WUZ?-;Ko1pb$si>pB`B{LdDR94I$KdS*FDNQ5caakz0RPRNNa!ttccFO8PK`
zX@6+GN_od{4gmRd#Wd3t2dpEQI{J(PW<=V==>o934(k$9B$6fdjKv4qf4}2O@zs^^
zzFwlvrTH^w$u`lKY{JsrKGJ#m$d)=lv!j3Z#g*ao)S#qmYTlyWYpct4XO4$HHiQqM
zC!TJh4k|vER$=(!$28|*MMX{Gc1Cmvpt{10y^_guj=KxzwgiJYIhuXOK%Um?LCY8V
zO1V|y7Gx}*MZi@f$LdS@$+}jFb^*2mi^a_nwyLTX>UYipesz{N?XL=0xo*&`OC&>M
z93M1|C6t82v*51>cBS^FrUh!X@BK+M-t7_OiaP`nf?f)1e`ZPxHO+*?JTfLQ$dS-6
z?I4#G-%S!jV(<2<g#Q$3X04UlKwQ1kNrL49CD>5ymePSnN{1NyogpJtTp}i>=}FNP
zp@r^<d@Pfrz-Pdi1`gMq8j<ZLFg8Rz|BKSLfW00!O7cb);zFbSGQOe}<j8|6sXHU_
zf&jU*5y#10>T%@<(C_f=@<RN1`6_Cuizrc-E;6GRgu3L2vex>~RG+;T<_23JCDS_w
zLLB+{DYV0_(<NE!zloIDD|K_!gYJvN;8SF^fT_9^@+>3fx9M!g;o%09=9sVPkHvf}
zwoO2JrOIW+Wx3=~QoN+0_hI{kCb6Rh1bAfHa$zYcGSwus5PK@W+NfRBBdVz4M>s7_
z6neh<``y;zvI$!F<$w@Tj7Qw^o@M6@zYSThL03W1)8{hQiQOe>68CDHGFC~nqOC;a
zJmq)#M(nWn4JlTE^V>Y#kJ@$tnS&iOULs$G;E_r3mYM+bxx?R-O79`t(Nb_`;N3-D
zweXp;O|*MoAzsSY*y3EL8Sg_MSG!M^y9kV9`gz~53}d)^Z%wg6ys3*I^4d9F2fc28
z1H9zj%C4D&2n#cRYX6wgfx{B+X7YGyM)U>Mfss>ECn*QHrXwceVqh6Y>arCIQsNF^
zZ-N$dmgjf(wO(A14c$Uy%Q(-1;5{g}H2nglH-001bsdUMicSz!FWpMw-Rh;nnoT*r
z{uT?ZEz{<D27Jw^mDFft8=(OYGFIu-@^~HuH0i6%woYjb<Z3=4rMFxCo~qx$AvNj+
z@sTrf3n`$60#FIM;yC)o%<DC=Nn~VeqeJMBCas&J;dLsRW09DGA<=N77$Sa#*7XHi
z#}{aqeuEbOkI;Jmoz9{GP=0Y10amd)U71*+yT$NlVVQn3Q2tfH0$xJEe|&*|Me9(d
zk(W+WCSd2arlED9O22Nf5&pr1JeOpnID~$hkNN-}&<;N~m!8)jW8%XHn**NeISbW>
zT$GbejaiTmz@i82`G6{hVwE#`x9LR#r`T0^F_A^Ksu#Jry!q@>gpdcE2KMWEnY&9C
z68Ea-l~9hid@6v+lSW9UnWVA_N%lXZHGKCZe*cqVQ({Ee@}`TQr6m;ZbZY5baSip}
zGYz)4mO}q-FVjJ>_HM2WXO`x*M@jc=?!*jok9k?l^^&esbCRt)*_#q*83-NN<9YLr
zQ~~V}>FCM^%=5H<F<XWv)S!uyUVVP=%@sjAd1s3v$cvpXCktJX3He%!8&cicCBNq3
zkKVvbJN~6LFbCuDSF-x-Y>Ov7tr-RH?PHy^=X8#!W{t+7aW5??;w_4=1g>Tu+K{ZC
zTuB4gVt_iWO7D_c7}b&Ob^}jo?Vm8lLmw)JY}$MQ1+D#JD^?ny3e&hXYbxhkA?}}v
zx2>AZt{FKK%cMpg03)n^;lv1>(q&SJX0UKr-#}vco*GA_A49{}67TSl1ZHhYl$Yc;
zt4$*0-E?Ua{L&9z&lB?LMU#z#RhytHvdC~uc{5k+aB>xYi>_Vhe|}@N82_YQ6vaWA
z-DSucE!BJ=l)a!S1Z{PFWaRJL*$qns_iSlyWnLWI&vQ?W@fk5-xv9|hUcy6dl{}=?
z;8UT_w_r|}I!wRy^p(T*!$S7YzE0I&3yeajweDWG2ss-WJhwoXZTGTkY|&5We{}C{
z{l;+A-z`ZOMhF456UKp>auR~LbYJ~i_ON5;z1h^kDv55k*0=&Le6P+>c#4bCG_(m>
zSUW_(;Rd3UXYu^wQ>Fx!cUN~NB(k_+UJhxUZcgUdNHm{C+a(K`L}cdMMw!v}@S}bA
zR33*S8R?a<3HSU<xNA%u$yNI{2%1+Vp1CHib`GHV8+fnFnj*%yrmPwjMx<pv<*N9b
z->5MQTfBqIazXfbLVvI4u4uU86ZT<zl9<}?Y|<l!To;r#_SR)y>K-91*ptx65cZ=v
zG#C8pjv|8t+bz;-0yd=OI%W}undYH!MMg5#<DG_>XKvr+oiv!;w(c=LN+51HTQMo(
zC7Z+n3Pq5f9V%{(@H=rHPpZ7mwK<?SND=C7!!y84emJA)Zc!pq@Z^L!J@<s;S$RGf
zlXpC`u!RmE1+Ww?dY8T9H4-;^>C4Z!g#IzSQHJ!HQ+=%7c@2h8&DlT6%<P%DU~cWP
z`AWk5Jr%~hS$n4sDb1IupJfeyk@cmF1wHvqR-`}5>Kpub(uxbf`L%>aRWLBsGcq=|
zFtQ^S{ZYpL+#~=1Sbrk+B?SEUtn{y}t<~7DK)MF07$`)4a)c;HNU(iqRl9BIZagtm
zYJ!FxU*2?c6Y3te6WpL<=17xJ!q&E5w>@eBLzHOC%y0rhJKK~G+kKCgq*mz0z9J)(
zGv{`tlf-?rZ1g=Xa2Ft5vUTWANS3=PePZUZi3c<zL&)wD+cONc^8yZ5TZxHD{h75?
zxhJLz;M`xT6I-`9eEIcx(8en<BFc4l1u67d*|pbHE9lJ^p*!({zG8<<lp|Wn@q$&O
zoQh(=;~A$O#EkZ+QrpHL^agX{K1`78a^OYvwe^o^DcN}jJegYe8BFTl5^pCA<4$?F
z6~$|~y96pW(E`TG1hNJi@CU2b$e2@qv-a&T*3M?&yjc7BB}41}O}8LBVuf7z-RxKE
zca_s;`%%2oK5sAD85V<BN*4mWFSSwen<6%{10o-RkqV2cPul{1n&vE+jvMigiiir_
zuw|0dIik-B1G$4NZJ%u5yzjV&HE`r5G@>=>7iUnQihCfe`@c)QJKV8LE!-K8xCYA>
z7|K{>8g%G7=b;@SR`-xjCa(575_ph*FB4E=*7V+;5L|~gEee%8;;Y3D&AiKN9zAQ-
zKziiJ?_nUJyZ*lXeIS>7a^~!9VHHQU^3|qBqe6CyCecu^<{_h4Kw6$7ek`t2qqCvC
zjAcLvDD9fUagVx%gc^RyW4S%ICm<vK_A(_oqQ9dTG$iw!fTgwqOHP8Et*mx$-V4kL
zw0F|KKs1oKR;>cZXdII-gZ;c<_}(-)fH(@emBV%V;{tRz0%!9^D`S$;APZ|pX5gSa
z?b|By@8j(fES*a3ZX357H1%`THUh)AOY#i46Q$@uEeol~Zl9GiDBLykax%KL8g{-E
zekc;22fo%$Yn^PKiAIGcj>~%H>zd7Hc`u}1dqu)(5*o@{r^n6@!u)8)FN5ik5Mz3R
zQAH3R$+Kx~u^T9DPkr8X7kcsd>hwx2PvvGx3oZ=r(;cH3Ig4gyVxhOmfJ&G%o#8u0
z@A(wn>|4!Ci*Sbt*mJp9!VWCOxl{0-Eie_xnFi9O+w%HEVvJl+%z6V2cV2jB9!|CO
zszKPX!AkCJP3dI$vW{-m6toKu?I=XQcf4!tOUSX`hiYw=%JG)<Yibt1b$+nR;(F|P
zkF2Jc5h3KA5_&%)`#_C1v*6{o!lg0CCest8Zuv$kFDMA>aQ!XqNNQ*mpBW>g8wMnw
zb7{%uV)`hPxVK#V>Mf6mI$56I#{6ALgI=?2Uf)Mx;N|Mj3V#LjJI*J>pQU}NU%_l&
zq@DYhwEX9Pl-Bd_g!Ui(UT}111#!W5f9Me~vjf?G$LlX4;6J>)zcMu-|GNe!EMSE`
zFp|B}Tt<W$VG&1)2@;~L;<ow3Yj-g$B}i7ZVoa%~pO@d)1$ygM&82#RVkBu>U2>VD
z7tL{#izfvkqHFsk?&df#XxXqP?J4)X5(x1yFu|Xt-bvyVMNy7K!P;sNtXf$#L+SO-
z#1ZOEvjRe=svN*2y078SOjU%q`h?C^wA+8UU^*vtJ<XP|Iy)eoueg^v3w^j~bH)Xj
zXU>?VCzGF@)?W&BXRiiHWstfSx+S+^s~wwJ#E(H<f;||c(AfZNM=5Pf)5A5WxAQIE
znmdMQG#uxv4&Bp4ZdKZg^cOE7-NY=Lljc#}#Vb!&h+KT5QVzaS!TZfrwqH#J{^-E|
z>8&mLc*9n&oLDK~maT*73_fkYK_Mvv5LQ}ON=ozj6apHCyV2Z-!=hZe#O@?I`t*7K
zJ3IE9oU>PB1_%U|U+$JuZ)BQarYmo{i&E%Cm-da~Y0xIM_F~@hG!(X@jLl*^h@@vC
z3-M_)J_OUyn`Ke%Wbb?tAh-X5mvq;jW^gqC9&cc8x*8dQ6P|Y(_I&av(bVR;{<%D1
z>f-}<-fl4ow}<-HF5NUAhDC~U*{RC5Ts50ctd7c7TiM|D_(<C9XU86PL>u_*;;2;Z
z=%(lvK6@vb8dJ(TI=>i)Dbckw^=U3KZ=%n%MtZMdzdrkaMho%ID<|qS4-@JL!WteY
z`tlwjb5*$Ei&gH#G?&)ZwA-tv3tA^cWtI!2Y&73~#dL<t5Z`Fip?s>h9aPJ<x#Hyn
z2&r3CVTzzVE39ZENtLo(%mCjOJ(O?GwTGvfJu+NO*R<Rjloq!w&cYkiWh^?8WB|tV
zXdh<qp~&hS!;l-z57psPXON!?v9Nno7+JsO_!rhuzkiVP6-#0u9XVWJav{79S{W>X
zKP6S?e-?qRtLy73CG++A2IW)0kG*!ty0NZ?gP|e3yDHgBHq4zvzcR~rFU>2s3h%@$
zy!+L@Bz3gV(VeC&+>s+jdWTU42BZH{1{(Raq+zXd6vAyqb3`TaOC~Ixz7w6)B7y+*
ztz}8kC*j(-`G{EFYbkOAdSV+kJ9fV3w09H>l{Xu)N5tiFJeUzKVXIikEhAwgnCz5>
z<;qEI@foA7M*{^|pU{v|A9J=siS4<FC$`6yp<GCyL<LCTs%JuU)OTC_^`jJ8gI2^k
zSIeU_z8bV5SCV+Fzj`HTp?M{uCxrBcTfUF)RCH6mb`!X^_|548zU%J0PD5V`Mu={<
zlQ+5Okk`+udcLUo(j5R@`%Ts9KdS2M^LMiPj}a_zbU1lo72%i4)!NbK_q_pTcE%rb
zR{!h`{1O8G3zqm-y7pWkx?>8;Y-NL;r@9FSgKTV5>df~$d#hn(1fF1ngt+xyTw~Qn
zQ-CGAg^g)`+X3pJx}KcPHV6*sXrdfvf&{zHb3atbls``p?WfU;Dz`p+427Q>(N|5z
zElg=4GX#E~Awzt{lNja!gt66gS5nK`Yu!M`Jsx>AQ>z{P8uHI{)kSYvvI@U%5Lw7c
zF<#jl1XtGQ_L#hLBNyW_<Uxo<kW74l%0qQAUFACJCY3PTvW2z@Zp+M>&XRnl&0^r&
zwZp<2nyG}!cJ^OiaTYqe<FsFPU5V7i?#SoTA(UwL<lGFhk5UwfZ~J<>VyoC50P(E4
z9uaYYD8(2(`<@=_;Wu4bf6;a3h~ckvB^d<xL$$zXhLkYzmc;7du0+;D8{?A{%x${p
z$$l}LvpZ*hSdnQ=o9NjgEXk)J$EwLhw>dC*ZIlKJ8`I>G2YMigB{VxogDb-#hI}#g
zSjJU`C~!qUQN9s?{ptW;b0F!-012f!adTR19*#(ScFVI@5DuSUAL-1TbeX*23JUD`
zk}KxB=N3fV+i0`plKRh6!;NGIalU>J-r+_N5UDI^4?6|Uk+@Lon?sjWyvovH@fg@M
z))sQHZ)Wosf(cCs=<7&GB))!{Pn~9{nkafQTYe?qAF^{9V~Z*9B<ceJg=Y|I)Q!1C
zC%WjZr$WKiXat^QH8H}5BZKNJNn!J$o1Q`zSSvE^TRYYXJPgz@W<4zCWDQtPKs$*7
zt6LK0rLU5jHd-&0=tOST^?u#{UgSCxJnI;|{+e`#jmgR>lBJ(jiq@<0wp`85QK?(p
z_mWTJnxxGxq%rGEsf<b*VBLwu%gV#0Ah6k3XeZ8MviI7Adx@x$UqIpD`+hN`so}KY
z@S*O=wAh`%%xNK^+5-P~9s91`@<1E3cO(0_()tGRc%2i`JD#>TVb)iQoK*IwNAi4*
zugf&N7e~3wTAaQ^rWO_if7-&SN#-Rq2QnT%V`IQt;Kp0Kdw2I<BNzZ9k|YWr&-D6O
z>BF`nbjd{O7<bd_z9&+q-{X5WVReN;I4C%fG#&NjETrB#0UGt5CI`A2S#V)zm@hc)
z+rC_P3c-OA9MidRhtNhDhv{%uO3f&aKYu@x7FFs3R<#+pW|^Fkid6W7D!5RcX6IMj
zO001<_QAV&sch-fUfLLApun1^K}zvNH6jhnr|rI7h&qmpDsit`8T%?=!Tn9fUT2>+
z)uXF=J8dbz=xbCi5Ar}ngHD+LdVz$cS=rCJCcNkx^P=nBZ@TvV4_zbvPF;z98IO9o
z!G&dGXJ%mJtmj~4XKL;EGQntVZDV9-|C6+DS(tw>?T--P``@+Pzfw2%NQZDgjnKJA
z#wNr+RZLjtolfo-m^W_84n9yYDJ949Yg8J&s5XhjIka|7Oaow2Iz+-Q__V9zR7Zux
zoyFzb&0vRN)JL{5XwPHq%E_h=5yUDk)eeEn5Mtp$py}a|OUm0Y>qeeh%#zkJ0ediS
ztJG&#ea`xe;+H;KxFq8JnYupT`;XbtSwoJ&q0{JqlqJN=uwTRrm1{IN4{o$H3)f{T
z??0ynh{k{TunX;Eo~IJ?$?IF>0ggKr-=@k_IE%KMKl+lF5CNV^@E7rS+2y^fGT~ml
za<(Je%VW^>b9cU-$6+u4F{u03J*AY!bandm1o;tPVW6}&D!#IAafWCArY_5`>NdPg
z8vJ=pYh8=tM8-`6OCG6sT$kW20V>qVWKiq;b)8C`eSJRUQHTRAK+J`R1=i-=FrB*9
z_HA}7L27x5>9;)rAwn@n4tO8#sYlUxb&SvB`<ZV{SIc*^3~k&Ho~1?r`NZ?;G|R>r
zzF?{RGmHfRG?+$4!Xf2m;nvYOP^Y`tL%IVIY|;zLaPwSe4TDE=Wv9rML)OTI+)%NG
znpU$_dZ<%*^)A|herJ>jgzr}K&N%~y7PETAog&zrD9=sUf&3!eT*tdqfq{#}WVP0f
z2ig5c))C{;?Wm~OeuBN@Z;!StZtUf&P@G$X-CMUI6rGJylf%0EF}Q#nAwVa5z&2_k
zZ$U#-!K~(+^cGo;)Uu~^|Cu88;k*6^!E^TS7q<vcheep{NL!iig!?PsP;O$*n8H_@
zv&l~1xzy4ML{HV$$i)xPn3cx%I!W-&r62CE^(L+CHbY-E!9hACVsv(VxE?kbVOK!=
zpaNr+7&*Lzjp;*ByVdkO%Qe883kx%6kMg1Bgb(q4nOath+rVy4#P)8-fodP3FsFGL
zAm|YnC5S2saKPGE8Pzg8#B~$(4C}WdeKP}>4|kZ^HHK-z#+A}vB~lAs1HN!{?yi!f
z#O@c>WTWCl?kH+Sj2q!>t_k&AWQr<>^ZAe*wE}3Z+CapdInBBjEgVm(`psg5jE346
zEe<}7u{n$I(XV#$Yx$-g5$2r_N1#wYd19C)L`OmnPR3d_O%5Nj;(16rDNjQjC?8Ah
zc0dV)QSLXU3v{}7PQ*~3iM+v+S1O^3Mu#dfpS6LwMH$2al?j3tJ%A7xJ(uebu2MyO
zaZ;wU2>zTges%`B+f%ZGAp`uV8QV>m@`HA<)ocs|c45=WAvHTeiNtZ-YwQa!qy3WT
z<gT#7YCo&{GO7h;{i5#7Z|XMwQC*L}6WxDIeSxDxN$Ob{SX=&#Ec5Sgbuqtv2?77v
z)%}&Je$shaJkhu|gdTms+3e$@XLx5xU_v~!>yE87K_H<4mGfgh@O1$bah%Ax+LJ4^
zm|;SKA5f%*cO?C!|5?c|K(SzD`%V6~!s^iSID=cw<_A{S<v`v9)k)OSOj`q`B%=ZU
z-p<@|+r)A`2@y4UUWvMC*4jk@!j=1K?FML;KQop4Ss_}TqrMqos|<F}xCff!7=9uI
zGkA0?pbSRpjf){JK6*cCjfmQzpJyF-!!WQ<Yn)G-=el;Py!tLP-!ZGjO_)s8;~V)E
z*qTDEG@mfOSgn4)g4-s>w_B1SMcoHwV!jZy@&bGN?EKX+H7j0ng2`|1-#q0InKNV2
z0&YM5W-9ZqrV3EMnA-A^iH-lJ_nODl)wnnP;Wf>ssR1D!$0>+ECA%3#0=g(cjFcd(
z4#hyZ_JN?NQ%miEWjsg39&){*5jZM5fB#-iKzqs;sPGKt{N#{H!a2)HA6$Ikh%tk9
zfI1ShA2xRoyQjk_zu=VjoWGb9^l`1<6nN}e7ggh!4V{R5vU0UFa<Q{~vJ$<Yv)aRs
zz?dQ6_3MJMs!L*G_#p2A9iQvvcvLpo&YD%M(o8wmIL@s)5Z_{{Tj1ioAiOlU1}-Z;
z)IjW$i=vZ8*(FE)^YqPd3P9K=YCvZPaS5VTi<_^97w^%1b0<wLvMt|qqt*lU^o(a}
zGD?%l6uD$=tiO`{<hJ}BMdp236sA_c`&;N`bR=5dTU|0@TN^lBk|_xmaM9M8<lKid
zE8CUrAf*~-pO4jGNS?~#uKTZE%Pb8+py{@wD7CXxi389U(g*PeBuflP@tI#&Xy&7Q
zQEd)H*<cU3+KX!85KbsbOHyF({&4IX$bNF{)oJ3tdTIX^4L33Cy)JYdze&ncbyGQm
z*-WrSz6OgbNDJb^^BMtExXUWC162*HQcoZ5!7!3GA>BPq47!YDAE7Osk$tt1wH!BH
z3WpM@|915koNk)aNVW}WgG4xU59mE)ZL2i`O?`!NQxU5v%vV|BQaqClW_hhaF;=2T
zVWdGNnAl0mXB^Kav|wUbq1E!(%eo~Zz=$%c0X#5UFp-vlfl`Kahp6S_n1axcz{SV@
zD<whlt$jRCvrigVz=_AxZy)@MGWZX%59{nK-$Z@XX)6*8t*t1C9ti$G*>#Otq)+nJ
z1anZL8t!7R{MGld4COA$%e$#Lk0rKxt(wN^oOz35Hr<c6#nLs!kHle2?#!@YAJ?fa
zW~RQG$Z#&@YWPz#ts|0r7@JI+#Pl=@Soj&$|2YH8pZZ5s|3fpd0(!15x43?u(PDnf
z_%o|7;eTod_FwD!D_En>742(6%jsyTv!%q;qzTiJlUU+#RM*iFzNIoTsu<q`cFZNX
zMT0=D*L$qc_jnsjfCe9UH1nBQ3_X+Ma74Eoq~S_FgLj}%SQ2QNJ0L5m8b;C<u1{oZ
zUya*xyh7ody4$q4Y3B|=w;gbi=)7!l@`})O3I4`hVH9c~4dwi2um)5Szm2bAy=#NZ
z>yU44Z&Vr<W7>jpwHX9qj6*;pM+P+%!32K7>Aq4_WlXpp*2XXMJ0*66P9#%Rx^ZEP
zr`6S)G0P-D7;Kwa9to5)lz_}6A+TlGA#m|OEfvDuYQa`PA=^zd;%-Whn<+bZ=#3)$
zJRowbZ4>adrQUTj^Vf$9Ab$)H0DpxQPWP{hRhw_5c4d~$C5Wy;PqM2<+T|SEf(@2~
z(-j3IVpNyu4dNbNg0v{1GUQqr!F#6G%7r39lygF=PoR$(?E~KNBd0+YD2@DEDf;K1
zSCY$t{hBU2lh?hX?;p8%1YCE@zhddrC@HU#=})6}f1Gacp9@@g8at8VGbCtqw_w2D
z9aUfJ+6}5GNDe6R_CZNg$G)nz&TtjfDm7K+*#xUMEU4&|Mxnh3R>nl!X_2MG#hLJk
zpFU+{v`u5}kj>j!!wh?7_MC}>c~7|`71u=K=h?Z&AZ&MZCN((s?v9tvcAG1KNq<lj
z{6O&)lck3ipI-JX44@CP$aB+rmDrP-Di#*jbM*;q^$oTG6&of`S@dgI!<7yT%R@c4
z@Km0PFkSMvK{5vHZd3P_=k4T9?BGdQd~CHvOw3vak6h6=DU8}d0FZQFHYv7JhA-?@
z0si808%+naDps=T){h4x7P2-ep{#*tOo83#LrKBthczEZ5(I<Jz@bYRxlpxgYT3^*
z(EK%EbpxaHI~1@3H**=XwMeZ$jSgD1W=?vd^%PQqsaa83U^n`;-@u73@L)!#eZd-s
z{-jltpgs^kd7Z+hnryT<-<vER?d=SLBRcxZF^a;(gaImG(jTR@|1NTH%;?bd`UG(8
zz>z2>lvb+#jjKjS!T*eQZrniNiB1m@5<@~z&W-EwLKK8e1=*;Rq_Ka%JD*_P@73WQ
zvfh1)-iB-{cd3OkNUr1w|I+0b8HK*!tahj>U>U^68&B-9meQ0S-&`1|F=-ujI+6G;
z!J~##tMK-vk;79M5ZQw^Tyi{vj#Xxt@K9I+BuP7qZuFeBm+q_Z6~c8JZ3L8))1!{*
zHvW=Jdam)?ArI&tilSrhkOQKl$@+dl7fT--g1w(zeYvFtX8BUAPW@J_hX2u3_rJ4P
zMFJrFIzIp@U~O+;`ctjS#=`RZhQN;y@E={=Uy1rTbSaLP3_{q1t?ZU#LRlulj{87P
zjyj4qAbuKFS6;_=zIT#7PalXOF=3!-<%edl1)(tE&e2x)4EKqm+dn1Z5*59Qq2A~$
zP(Kb^rL&?{wCEumP6q~R`v78bY8006)Ii95Sqjp@#96L#Qjm@dKgCq2%=F=yr=$j<
zPK@r)M5QTqK0KyHpttkf6znmplhz&9OY*c$PXCUPj@rZO37$5xY|K9*nbJb1{zlhj
z$R}Y3{Zy-gP+^CTY!UX6z4W!`EUDK9-b|@s%w`yZtV3}m=-20DQO6=nn9}R{I^ykP
z#Y+$MVtWA_dMDp1u`)eQKHbQrI_?r1{U<(5HPPQn)nA|1njX1&5%o{U1Zth?b_TRu
zFdOU2>w1nhFP<#PM0`-EYPJ~jY<lXklIP=((0O7L6m1_*a|1Qo<LN`wI+3{UUrkLd
z)f>?wphbR_2-KmRBi#wcfiN6eA|Mc0ECgdYtvcR(dnc8m8ipl-0#eX=77nq&;o>z3
zdDC+aytqKEP5tzR+N`RzgJ^`J*`+ChT<T=;=A915*CF%qY2;=k8#~Gm%l;aZ<}}K@
zBQ`My2|$GsqO2q%aP%B;iZ#*`Gmx{;gS&FQG~zKOrClgu@LPn~;v(c2wt#6f28+$n
z%#3gBU^PjZ_!@;x^A}c_Mj}Ky;sKy^+M1ZN<WBDdxL;RY3dYg#3tEa*3baX&dvQR(
zWEc@Nyy29aA?*Ehfi6*P9qPV;M$})LHzxug0B)DEi5_hWHKq`<*XN7P7Cmp|-Udzt
zIWf+y10D+}j#j<#p3g%1;q}8ZTP~v^CUT@K_8Tp%c0~f?TCIc2Vls#0#NMjSBXpB8
zz8jWZ4p8Fll8Un<<9w4?)tOgq>BNn|3S-`*@7{8~Ns1gdg@lR>SQogMA!j2HSXyWW
zg`yVgql?!|ZgFwUi?PurTbBm@Dfz@_dZU=<ByAs!tR}%R=o_|{SW7ev8~U&p(AjNP
za=9Dx7>b+X?PMA!=wjVjj9d3B293++Ku>nA3hlSm)~Mh;E-PuQu0%saaP30Da)zdi
zKjg|!bbamHYXY`w&ekx%#-uBl<S@IFgx$}YL_Hj`x?0P>%M{|34ClhfA!0oJMpGB&
z7;Fcs3F8UPl?JvqcbilDm2AW#Q)pjzmQU@rvw@*+L$q^bG4S$j;bD;=yBEKk*^B|<
zj>lmhzc@%>=<EgCFe^MEBKxeK^oWYS2DLHdn-=oio_E;si&i;vpzN|~wm*CN(ryKd
zeDU<^H%~qO=&5hm-w7%K0Pj~&F$AoQOzq69OkS#0@t5BgrbcEz_X5~{?gjh^0smEt
z{VQ+dqgmOVWshqDd<lBlp2NusofKFPH|Fd)VdR<F77D)fp~k(1`>e$wSuEgqkGCV_
ztp@JGGuF6_J1z1?*16*_)=sU?lAn0sJ(e`W>LFNioTV21U=(%A`SJ5=RA}`|l=3-3
z*eSb3+)faW9JbIB#1d&jIt{kA20U!}YN8D0pLy$z@G{1-GyqfEUx!|b<V0JkXtnT0
z(hghy3~Fg;`iq1T+<R5U5PA#Orfm8m#<XVG)=AVBIZrw|(gHkgiak&Tu0i?k!uoH|
zTIxtLU*|O5(?`pSZN%Z>=Xx~gsGAh{;P(f;M%tjz28@MsY+MY^g3BI0E|OHzd-|%i
zh&NgP=IyT!aZQDT|CP6}mi+H6kfdEYx0K+!oj%+;rQ^0)dDxiL<Bv4<AFnwsUOA4H
zTF`w3g{5YEs*pZq!K1xpg?<{eeHdxifS6ZCVuTlsV{ZSRIAy2nCF`|QIfYSex=_f2
zD0ch+K`E>>X~f7#MB_p`X?cB5_>}VGZMphjIU>@Uy@I+>PBY2&wq;Kukag1q4@LSN
zr|Vk|S9%x-#6xkrbRyMV%_&oZhqCA<>x+H?a64~qaTu6KDAexMQkN#j5ynM|5~A^7
z)D3Ln5y{x{Sn*8`8wK1mv-2InAmic|;4K_{tJ&N^$B3arZC<EkGy1pGZwwt7$sw?@
zf^HlVT_=K^EhL53;t9-qtbm(Tuhp_u;w_%d>{r``Ezzy8=LCm?lo(!fNwzRX)CcT(
zQ{2=OuR#fm`K?){_tVZq_rx5CZtwLWj+4(N3zG2eWn~30Qxf?JwZ;!35#u&@^v7>I
zp!!WpCQ~3#@{qd%l{T0vZ&ixndAZ;Ee>i#$D|nsJGS>hZ{YaUydwD{(`1mAu&NLeU
zkRa{jZRlV&#YgOg134Oy#IJmN6|i6Rl$d@=;U-$*#FABKBGY8QwsLrh`PC9l*JkA-
zG7EP_B@T+e`_!c_VJC!8*ug8_OGjR^rWv87=<ZN$FSiCO@YCjtgc#cz_VDv(!S$fh
z9-$%Uun~Q%iLG-aHiCMCgs!Czq4SHHNSeza>vs@%0^^GK>a=>}H<aN3dS;UhEnS`}
zg&bmhhL=`RG)$#aY11-GFTby5pV)NiYq$lQJ7&W*C~7v1*kRxC3`VE?#u~bf(}{L5
z+K6*Ko6C+o@9!~>B<ZBd5K`rF%^~Es!#3{r4$bn2R&`*k{A#d$43f!Dm_RP~w@?98
z<<E$a60cjIo1l_;p`3p9_T~94Fz**{cYgDh`hR%q|95(e1;F^#TSNst3pX>9m#1U@
zM|Xgg@%K+~G5-hwzW)`g{3~Ijn614wF%5m9;~$2G(uVL=Q1~e@-a{?gSm115Y<^$f
zer~u`S?SMELU~xYo8mUx;Kl^8wERpa1wEzhUc{Fsw^L8T-Wzz>BJGtjM(PM;7k(1C
z$0NYTBn(05ukW?V(vTY(Qx$<-Jv52WD7@?6i4J5hQr>f4Q!q=6(pt>?Ghsbk23KEM
z=&R9IL|dp)oim)=-dxJrb`^1+mr#PB7eFRExG{ehe0t{o4Br8oq^gvux=zr~Ee}`3
zlD{nCKYlY#V<S(IA&MgEu$YzBSMOE18Ij(Fpzy^r;IJ&%_%Q-)YFU8kJ2bhs`H0(l
slJZ(766TZmU{O%or&5us09RSd%kqX3CSVPwKnb}il!`Pfjx6i{0tT2aYybcN

diff --git a/ids-webconsole/src/test/resources/consumer-keystore.p12 b/ids-webconsole/src/test/resources/consumer-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..6607767d644aea4ea7a11e98ac540c623b80283e
GIT binary patch
literal 2693
zcmY+^c{me}9|v%oZEjNTkejgC%rV#ZtNNm(CKKhpG734SAy+F$TXQXP--^vdu`x%k
zkXx=UBv;PlOvtbA^Zb6l@9+1==lML(`~5ucKVNVH_dOth9ZujjgK(+Fo{!z-18@NH
z3EU_Ufm`c$42Kgy3;$G*d;;j*?`Q-FVEg_0{%HVkNeK797kB{>I6sK9JVi88`A7=|
z1ah)P6F~VZywpW&3z4n6S^2p{Kk$V%E=f<@tZGQd-P=J8Hk|AIlG1>yU0>xCvxy@*
z72iX0<MIOefUNp&&$JM;961h+{cg|@_u!jcYnmQriu!MBv7?C;peo0T2%TybEVl_d
zEJ=tNTPbGq=}&eh?I591@6lwCN|7l-RHEglMCu{Dw4|yoVe6osk#U1_NT5wVlp_%<
zbLUafGQ)k@tA6F|uR#xIE`b(okJy1PxZ=sU7Hxd=G|UA*!IE_wIc@PeJ%7gg0O5I`
zo)v0;OZkM1Q4-jo%*85{*-+nSn6~+T`-8H(cf;k#?*2{oeW}g~Bj=_^D?bnM%as>B
z^iNOOYZnWAA17!za&dVjSl|0p{BTpRI7}087_@ATLFmf_szlX=%EBu2{)pmvw&aJx
zG6#b{-am5m!=QAl{S4&x>Mb)z5*-oub}-w+acmngdOgJ$qpu{_qK;afIiH=4fT0dv
zNAG?Q*OEFm!#bpEeQa>jv&y9hxDw;TSjy=FZ{}(a5pzSxiIT=yj%fvu#`m%BZ09m_
zABR8-G<rK_W(&wIPgdJ&N}a}|-3x=#b7>2y_w6^$79uhophGzE4&(>1$(|D;UF)i$
z{*NqRf9&PtUYvuAHQHGCyKM@yxV~SE){sbW40>n@)%*)61=3!ny(OLjxUa>2!IoK0
znXUnu=C1Qy;hskX3utTp)SU~Hrj+#54C_ddr(fD0x3AlknVEjGmqTmVekc@oLI`68
zK1+t0bc<oZirFdCVKOe%O5a=T;g1%tC?o&O$pq9opS62x=3q?fqt!7oFP^Okrvpb6
z&|cdiDn-q|4EXAr?~cb#Cj8>N@aEZyisINyA$LE`vT(z>Z0fq3?+E`@;tcaa@5Rr3
zDaeeIVB_@uC`Nkfa0*$0Zj<D|Vl-YGlK<;7N&#m?kIU6MCsczoIC^SQM--f&blng3
zj!$beE#qIW<yewVJSL_$O8J;9HPC;+nTu0<-ahZW*On)2qM+pHLl0m(N{Si4ZG0t%
z#x9D7eF_7+$tqHlkw`)9=QsTgCC~=OOd|`Id1sw;^sT^s*Td(Uqi2q^B=1$(T&l~e
zR3J%~zIc>5upWWjWzgmqC8h@gfy&tULFrOE9jMxCrxyD07OQ(2>W^QkYMmZrbM((0
zctCIT{255Lfk%t;1j+&v>#Kt{&uPcSpZCIJIVUufon9=&wyH~_R9W&N$kGg+z@{PL
zY(*<if?&i|T$kl|<V$}3-J_PYliF&HTTm-=yvYF`pfajpa)MX%Ozm<<a1)1aqTBs}
zdc-L^|2E#8Dq8PyfY{Hewvn&&^ky2JWl|-7V#3^gF4q0bYmbMteLk0rHm5&YhrRN0
zcUdrziI;5k`^h@R(I;6&MoI<LEv!!xqM|3AZ!a0C{L^Z_olk8@#O%6tYO%kYVOhf6
zJuFq0)`K@BUmgV*L7+oon4pX)d`}1Q+{?aryRHI3-N72&u*nK3Uys8ogvu}7V=mO<
z<ynS`?P06D&||)Q{XS8P72Yf60Z$5Dau8+GdafKNHfIW({g_+6s1b=UI01a-e?ZG8
zfHgq`Fzk1%`umh1JpbX18vy+6;M#8hm;O&Z_P^CD&4=j4Jk31yw|XD~s7p^Uqvrf)
z;_>5K;}aUBm)tJPzh0H|s}Dy~vKQ_UI>E+cr0q;n63IIU+Yk#YA`&h8BlimIKJQO*
z!>${8(V*eS_X{sYHoMBdpCcd3E=#aCNmC*5fQBOZ%(*3Xfll1AzPb<Z;{bhVOb52Q
zg?IeJ!A#y33tg5|zP2dE@^N<KU6xZ@uM&raJk=&H(}HK(-Z^ofiXk=1G4V`k)b#%M
ziS=`@k2AxG8lOxUm^WrOa6hdl0Z(-Dhd5;PHGX|jx8BE92*}IW!<bJgYDMlYf*2&G
zjJ#`L8)*G$T84dQR+Q-*TDJ1cH;}hHNXr;BFFW^QX(Q`8gmL(4mKdipM+-xpv@D2w
zuG`PE!Atpq(~t3OnKrd5RiB#wG`M$4il9SjaJl`qW+@F+F1FUpMLXk>R~TGUrc)nT
zGo*-VxZR358&I5M)MfLluG;rccK;s@j#tzcy*M-`Sa%a5lIh!Fs9wlw)bo<ZqBj}o
z__1|D3OOq-e$fH;08g$?+iLzW-z1Kmfhisj{?2imWs0I!tTC1XUs1KEic{>p)-<Ec
zuM6ySLuvTFn-vcrYE50o-UQy%KIa>bx++A>y3?OEjjAaxCa)^L!NG(rEE1#5k&`I5
z6jxwSFKq4RaIU#3b1T1)r~KLj=Wg7+<(_fk?xjKb9y*tnDN$rT0-YT{d+*5Pby|}J
zrD^GNQ<VU4lmWcenN!$&YSrx8i*eenJsLgCbO^|F?<Gg#<o3XmdWLFLz3@ewUEbxn
z!bTa(m4$}*nFSf%=3waJU)K^Q(5XS&nfMZ9ElTA&gle*E&N>bwHq_T$;Beg66qdG8
zO;2vL4nn~8uo;P`G2h1$nbFagdwVHS@XIKp8kbHi?kGryS*cQ0Ng6Y>;Lri{{K%n6
z!2k3N3*RC44)xH9!K&C-ZLMJM>Arm@q*@f9*Dt7R$B1gavI(*799D7w9`PA@B8)Q?
zWfkS~_9YLpKjw{9e`Rimmr#@zNP_Y!!}`4kvuGV+-lc$c^-qN4{i)d>Fg}m+LD<97
zg$ELBiTJa(Vp*$6OEGE)e69OoBHnUlbIgoYX)7dTv-Y-h?qule3m<bEnv(70HtU`_
z$w~?89YTAGWm~?vn~0~Ibk->J(NX}H>gXT?0gKHAc5m4GP9-ld#v3ha=8)GL&M@z(
ztjZ7TM${6Iw0NtV0S=eDj|RGCg`L>dgF~<4NvDjjK}SQv$kJ2h3Dyz*i9T!<E9I-z
zPuP(M3C&52vuC&blH0+@!d3<CC^ZOCkm^J>{lb-R!&|MzClh?;^W+@-tW{05F?w<5
z(z}Ip4kPmN2kYC|Z^v}BRDL0=UhcO^dNFA^chxakzg}Gh@wjfTfWL5H_6)4MskT6|
zLM`|XL*e`eByU^Vuv%KU{vz7{J;8S<ujOZMjf>p76@$k;+mo}~m6Um+61^<X7b?`N
zC9o0jjWtlJQ{<U_Wg{?tVT4Z65a<TFrQWI-#{NhT^6?dYsZ~XXkBX->@$*YdK72rK
z<3^vjq&E$`h^9B*&bu#RLLd2}EC>g~>`X%F+s?MRGpX;DG~T^dInUj$FsV07dbPG=
zCVK7(#`e^P#jKik9~GUCP=w3>S4S>kga}CJeMEJi#7poF&yM-m$u)bS(k-btI07yU
x=YoLM_}PIHU^bADxShH5uH&M#q<dn(n2|6+$>zmn5a<0*Q!>&8%Qya3@?X+^2G#%o

literal 0
HcmV?d00001

diff --git a/ids-webconsole/src/test/resources/provider-keystore.p12 b/ids-webconsole/src/test/resources/provider-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..830797f6993b334c9886c6aae7031b06a96bcb4d
GIT binary patch
literal 2693
zcmV;03VQW0f(n5G0Ru3C3P%PBDuzgg_YDCD0ic2kI0S+UG%$h+Fff7y=LQKXhDe6@
z4FLxRpn?S0FoFcs0s#Opf&|S52`Yw2hW8Bt2LUh~1_~;MNQU<f0So~KFb)I=Vvy#5
zT{2-d0s;sCfPw^|?tC<TC?UZ;9eDHOfZFxQ3Y%}jQ2TqNDPQHSB!;RPNAlP`<aX~1
zJcw@u5zD^m_8gqGq@OI@p>C=P4`0diku|3S-viqdC5RvVs(UOdNUl56m%D<=xme)b
z(Lj`prw;QCn^QG)H!EQa>LfG5&oVGnDs>tfBcWZd-R(=P+%N^V#o#daU^6#NN1ZHO
zd6fw@D&3T~1o5)A!QA0DcoJ^mPa>I11jI9?7#8xD0u?uotnIAw0y4xS?ZQdfu0+>&
z;V5@m@Rgv4GCaPVqDD)Uz;|k@{HEdy7b-Ij6IS#c5+#+3gxAB*#T7GE87ioc>Lqt)
zJoG-$y!;$|KQ)BNKz&XsI>$0XVMe0A26znjv@ym(9nbKeTnUS=283=deM)@-h`TO>
zsc(s?w8aXfjRaoOo{aY*Q&S+ZhK_QE)I&c@uHLTwiHmB=3So(?W|8)A#`l77{~Qjg
z`_Ta_lpnr}#0)dDN%Tr*WDb@c4#w!=12LJ906C|_nFyU|C1cDscx7ZI*uy)~qTtAF
zSGSN=Jlzv~qBQd|8qJPr+V17BLKCB7-<Ly10Ov1byDB}6GL2hKOsZ^iCW0AWp~`Nr
z6~ciL!K%aZcKsIH7D33E0dB(Mv?TH-p|eHZW>)HQJpN_NOQgAz*m;d(2fs_#rOaia
zS=GZKXH$Fs5YUi1tjIhJsv((G@qQRSNImd$K%&}BbiA3mY};mB?nJL8J`N5iq%1N9
zv)QPr8@UWg?^2#DE0^lB7te=4t%`s}a}z<59{um^f$gabq&O@GC1U03qP!Q;bh|$D
zydu^7oo>sL25~rGnWl=$)L(K2o>3B$)&}Mm%0@9$YIn7iZt_?MN2IFAB<T2^Ppi^Q
z?_#ZT`DKn6{`IOD9~yk)(tIRPCh`-x9@}|Uk=F=<2m?qifHKEo2ouKtA~L;%mMkY^
z6>&66jyZna_N`}IO0|j8=uIaGn)<Ouas{2#+JwC<2z@hsR^fDHUXF+ml$)rj8UC@6
zS<dFih=&aQjgOP(Esa&+!h{*YQ2x3a;1$pP$trc_$!GRRvQDll$o<|?+rYh^iFyNN
zuQhT#V>_Cr@UTJ5Tvs|X4NfH2=B+gxn^lavqNCSqvnynm4MoJS45G&@y!~wosRZ(L
z(-okxDS-KLrMabk)klbB98!w1Hwcj+YAhOOIWd{9F3UrD7=vR))WS@Q{gNin9<6E~
zY2uq(GWfY0_Zq<RyCVq=UTGsgx>y*{2c5L8*bGfk9S?+G76kK8LXoWC_O`d|fhmm9
z-i0MoDOJShVV(KE4Mf}cPFF9f4B;PCkLOPY6CsW&LrYYU#RUMZImHx}>&N+M;#}<%
zh#=Z3AA)4xP{hcoBk3M9aDF#`Iwt#rie-1JlCB|%$f5V-lNsw%+_pZ)Rz3e5X6uR3
zYR8YJs40ylQ<$28U3TJ3_e)bvXvF}urqm-!^@L1-uO|k)7LcmyDvdq(i6OkE?(e5G
z{A+njhF>&SMnJRC01AFo29F3z^lR0`cLgtZ0#X`C-E6JP?5sRF5RkG;%4Dyy?@pQf
zFoFd^1_>&LNQU<f0S5t~f(0@Jf(0%xf(0rtf(0f93o3?4hW8Bt3<?1Ppn?SMFoFc?
zFdPO7Duzgg_YDCI0Ru1&1PDnN3itLn_?Q9$2ml0v1jualuo5@V015%iOrUAAp9#S&
zT@GJOm771f%+z#i#->p$?v0_$$Vh(@(gh%^<r1^jHP3LJ!0jo{4gYpEW=z($c4Un$
znXs&lKLCMUM8ErrT;WzPn@mpMzJ@5re4VJm5`m^hq2!(=zyhuWEYbHDCF0iRMkVZs
zBrJZSNa@~sfFeO+piruaoDH(<!O^}8JBaR*q1f<S6X2}kA)qVkip$<OuOG52qa9Mk
zAjf88pEy7YYQuO`-O2m=NNG-Bc+5w~M#x1($4|1QKLYjB7$kaoN_A;oV7T_6z}+EC
zF7-P3D?WmZfc=f`TA{I%sNNr}KijoX<da-toW(r$n0<;ia=%d>dOXv5Exv4LOzZEQ
z$6nkDS$@L&5#ga-1@-n!IEgNgXi$MCq*T1FIR>+4UrE_iQ+vBTa|i`dh*UGUf}~b)
z+S$2a%k)07^pPXPghmATr+0d=4wFZU(@NfpL(tj53Ry7*^0xk2_bMyo^TuetHP)Li
z%o$a1ch@Rsv1|@de>@ZEyH*l-CBN)|n9OUFk*<Hs^^c1k1}IKeEI_O}l!6%-#$orP
zEJ&!l#uW)m+%O|dqPk3;QzAa~0%sAckHy@(Gpq-S_M`Vm{I>Qd%MLGQh3untshR5-
zG~Hfmr5t_L_?$_M^x`H$noAaze^A-Ivmz@%(X98RR50mbYrIW_rRA)J1Ad8F?g9=v
zsf)k3#@<zecpUZGmP3k~3}W@gL4ykFO<Qm>bytCBrDkI~pd&j|X*)yrXqeQ=`Aym1
z;)=pCX2b<Rxey1D<_JL??cSUGZL5Nv<A&mMz&{#o2J}K^(@4Yjf#2YvEx&z&>+?-@
ztZy|hKFyb1vrv$%FjPNAR$>It#DUEbQz0p!v<p0))Dpz#(%;-wV(nUG-ecX}hP`xf
zVXuC!gGqXsMPrU@_z;`acf&kya+mXz0^nU}>UB`=nh1p#oJ(O6+~Dy_UDL({job8=
zYbUQS$|ZU5kpU}NoBsd9q6ajj+>(Ib<&E-Xjc+xl=7ng@x?PPJY<^|<GwH>6V_%J?
zhJoyaO9FsPkzPK^KjJ`vGg=gs1w_N%qt^si`-pX5XtyvJWsanz%TfHOH)$nW(2{4h
zj{sJOISE!j8QiDembWVq4Y{<%g+(!e!DrCIE+AdU(H2uwTgv*zQ~aP2H_;}>h&d}_
ztRYHVLo?=g(Uxh46%4h%g0Tbs#Ac`vo*5VY$B;bMXYuS&9$boLcn+EUt#Xb&K*!ur
zRs&HrtJ20j5mXCv!eD(nIyLENrD1@|XF6jV9l&eCJV-j<z0vB{dBxx0GqAxbB8=30
zk;d1C<s{RijnsSYCxrmn6FF@2zX?pU@0N@b!BDQFKR&-BXarmyX&wReL5jK6=QRtG
zz4N`=xn)B5w;H%edj){p>VJkeKD-5)V{F{D@r=T!eZ*5`;G6J19mmKanB^r;Y=cVR
zFLH3isFZcvw3VhE(y?CE9-znszOAs5iq>U&VtA#XQD!rT01QUYfySIA?jmRM=_Bv`
z3O?zFPy#mXoJ?bXeCW%!1CW)Ip9o7(u;tvB7X_W%Ct-xR7m%d0x}BT<TvIXAG{2#H
zaOYyc!6yNDOvN!JFe3&DDuzgg_YDCF6)_eB6vbXL?22j=Lp9k6J?iOsIzzkldN46C
zAutIB1uG5%0vZJX1QbU}8;WOzT&}LIy(BW#<3QlwJ;($I-FzHzECO!O0s;sCi+B4r

literal 0
HcmV?d00001

diff --git a/ids-webconsole/src/test/resources/truststore.p12 b/ids-webconsole/src/test/resources/truststore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..aa430cd6cea20b45cab4ee93b93ddb5bfa565792
GIT binary patch
literal 2266
zcmV<02qpJ0f(X_E0Ru3C2#*E{Duzgg_YDCD0ic2ifCPdFd@zCtcrbzpbOs43hDe6@
z4FLxRpn?cxFoFnS0s#Opf(Tj$2`Yw2hW8Bt2LUiC1_~;MNQU<f0So~KFdGCE_36Ya
zczgI;K&GhWQwt~?3?38Z0s{cUP=JC6Ah4OOG_z4f+DDNe9|M><HIXW^6acL}6(g0U
zPL!ra3<ycM3+|1I6+_y4yL+w>6_}Q(yvfcC^&_cW>yQk#7^I_Wt0KctQ=k1`yr(d#
zb;{`+63xwPvoOWD9ETRg$o}Djc(-5VqqNAi(~e`$Jssy-<S9k!hg{F-Mcdp*eupZ!
zg;!FoF{B>(RDqQX(jg7`kr&|?5$;7qey&L;K<Tglw64WfU4F?OaPI#$>;G+Ywjj}N
zyBSX-knuHx5!^vju>gYVJS$SiB<3PylUj5JN$Oge=LS6)uZ^fpdXX|LY=6Rt9DQ04
zV`FUftPZ7LtfP>ly7142kK=tPtclXZt`W9mw?tUxQ~&@{9*sm@c~RQ-EPtNxmc@6n
zNYN4id|h3hz66q~-rawCg6x+>bZV;ocRNT`p7V7!Qou70Y=6L0PphATL1)#C=iQz6
zOD3evIJ2?$EccK66fL11J|BHT$PEtY+(3L{RcW||w@38yKMMk}<Y1h|`!I$zjdeHG
zu+G*}M^b^c0c>O(b^P0iic6jq>M>3mG6<yPA1(_$TiDeXZCQZ}zGo)xk-WuDJF|x!
zFiRkH<le=5PfLa+?b49Eb*chVuwvKIBAed?13tjfGiZo<f(DNn)~<X!=f@V@l2cPE
zqC`Yie_M-A%<i{Io7XXSMnpB_PvOyl=x*}%CaNbC=kgiTZmylR-LVRDAujh8lktWo
zb?L;+QiMv$QP1-vg+@kNAg*4Efmn5md_KMA<@KRioQ(Wc=kfq4J&W4F6oZNc)k=<K
zWj`~_(f<5(Cu?klyEvKsrS&BJsX01EVhUpu+|`7&vV*_L&hTJhWBBU7<6h3-jYyZG
zOMg>ysV;)*j6`OQ0GsWw>aN^MJ2x=0Ki2mw5yw-34ZHFA2V8}mPov2wN;{VLJuK&;
zP1?@ngT_;Ep1~sA+dFa9u4axP`JwJV3PmfBYlvtO=}Gi%eHY#d7{d`l`=6dMcM@7v
zWu&2v*Gt+agxuPlQ9F;83GAOfPB2K_i9)v%b6Xh|oeZ|sM;Sht&S{v0L_)%A@_VmM
z-$B<S_T!r)C$x%hCMAdKVpK|K)D_;0F~maS5BqE-CRmvxZh({pf^n!F8t_bPw_kJB
z$U|BuB#B2*6U<VFkV0kCAXNzo@tUHM2=jH}5R%dZbg2bRw3J^*?_Z9e+SwWz9QB5x
zSL_;u=gB(V&R^tf*$4Lzb->-p4lb?sOC3vPa+XpxB3^8#)HMa*ay(fD2%|IiNz!<6
zmk>&2z<ZX;#q1?0G^oMjR{5>Ry9ujZK5|V-VlNy!Cn|pK$UIA1NbF1Se;XjBz=s(z
zV^V@==Qqs7q<|>BDUF1}teO2ER#Om~g;RBr;tx!6wS)G(ZZg4P#45d;`SLSaDev7c
zA;y^Yx(dfE0+>3&jJ@D|*m#+fFIQG<!!{6d)ubtFbj%4Nq)VSHa{g!oV6!lDZg(fH
zL2}Ow$Qb0zJ1rBzJJe8Y2$8`w0`m}9VbxQtG=d7G-`LQ#7@ghTIM$?hn~g*2WNes|
zyqCTQEk?2G>HmFs@B)oU9iCc>Ny3w$oKRSM`D@s#F3d?fmA*Gi6kO=F0`!4y1O<fq
zlrS^2n_v9DIm({G-!z@*T8EXn(^VO5dwU}YT=ypCzSJ0?c$*&j+rQaV04V^Je*4}V
zCgPXf28A!Kp*8Pso=49g#~QQEDXQ`!p03E;!*gPZPf^u97a!U$5jLT%;5)vxk$tG)
zffaqF_ZI#P&CCgapV~#fVJA<sQrQ1}*@<@j%1F0v{-&Z;g-hTI*Or>KyUr|(u2g+l
z771#owy3aSd-kkXZ=&`kr$gB*P@Pml5JwK$C8ghMXT+?zfjtR&dW3`?#n86oI`~#)
z*<w$g(7su80a1-8a4QF;_85vM?%4NhA|&@SdhXNu!-`1luNfW?mc1p08Q@mO5H^}(
z5vEG`ps(5@3p-yI@ulUE)ivYr^M+sKY>7!By8c#@`#xb#77z0BEbZON;L*1f)Z$VF
z|6;XpQE3sou*&^%u#v@oBtU)SASL-^RB<jukXCqR)C-$2#uKlM&5%3xJ9$0?s15pR
zeuXHSuJSvexm99m#<HC`)f7~&v}@baCne$<+c?q{GBl|2^@;eVuC_U-)k>+rd^yTi
z@q{o;j4Ka_+`if-%mT{3vy>OaSJmx?i(1=>p6qr?8xWhl=7xD7?KX6aYADM6K8_0B
zr+6l(!2Q^^5_nl!Efb`tbMl1<1z1x;-xb2ensA-Fk{P!8Ca*I8BWfkTK~bkue#Wb&
zdd38WlkgkZ!WU}-d{9c+E>}MY&ISqAY{ph!foUms&aOjgYR4%#Dh21F0c(H<)OkVI
z8?3lc+Ha#&8&2bqKo~3GH;N8ej3HD%8;!k+ZNMl1>7#^3lb!VoL?#o0VrZuT9Zdzf
zK4;)R7!CsL6bcrh^tel4il$0nPl5U1209G^rJ~sqx~kcod%Bvw17L3X@Wd^X&<i8g
zSMk{ir5EC7Iegz%(IA#fkhJ_SmX58(aa~Y_FYnEa1Do5NZ@$j0-q?})%BgG{xk5`A
zYHML!{NLY6M<opaNnhqr6WJ7<Vc5#)jQaKpi^)QHbRY+>J-F}B;tFlBx)wXUx6r`4
z)nc_2q~%*k1a4t56^Ldi01ZJ;v&NO)8(T5(2WJFuF8(18!kk)al}*tB_KY{^-qBte
z%wvOgf>hFgG4w>LJbeEp=LET#9k%K)EHFMWAutIB1uG5%0vZJX1QaB+4I|w6w3iur
oMHiK}SS7VKy59s8_s+sV^Tu!qIt)hP^g8I#Y)O}U0s{etp!Rk@DF6Tf

literal 0
HcmV?d00001


From 3715b99ecdca9c0c795067ea6957c2d7ad3089e1 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Thu, 16 Jul 2020 17:38:34 +0200
Subject: [PATCH 129/237] updated example zip

---
 .../trusted-connector-examples_develop.zip    | Bin 34532 -> 34291 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/examples/trusted-connector-examples_develop.zip b/examples/trusted-connector-examples_develop.zip
index 2bbc2455e33664028836170830f50031007c86be..2dcc43638ad70d86bede01bdb99748bda12508f6 100644
GIT binary patch
delta 6063
zcmeI0c{EgiAIGn)8I&y98YLRr*t3>(LJcE(BuhN#v9Cj-T-%7o#Lp#d_Fa}Vv<Pj}
z&yp=<DPa(4p^)r7SI;?5^n3FB{(Am$o$oo<z3=z?^PcaSIp=l0qh$IS5<SWU&%n3~
zKq8R<0AS(u^AduVKr|%9%3MJRWx*hj#A|amBUu1|2(L|C0E7?UPmy9JvWOy(E4Q)c
zQUAk3spqC+7C|6!sp207;To^t^_%=8X*A@CbAyA6ZRKTL;jZ5B`i&T%42d10hqV@|
zUDpxx0N}&4iB=BtfL;QDtQ2o1g~M8}-<N<VN<g%|C`eI|8$_va){a|cek>)A=4p#u
zuMH+4PG0UV7B@3U?)hNw7GRS{=khzyJE%IFEle#{NAR;rhpJq_A^w<u*Va>x3R#$L
zTUlUvNUx=m->&>FCDw>a=9xLdJx}p<`Iy`@+*B2mm+fbHqnX#Lfc{h!Z>u}4rZBBX
z--zZpd%EvP323RGZ{krNSn9RiESA_^GBh_yTO2k^&hPk#%i(Iqm9)6)XpFZZd)ka~
zcC=j8Nq)0(jH49Kd*}EbkGEETmSx@V3#AO`(hl7`-+SeVD0b&)+i>w+F?3@I|3DbQ
zE9ms-8Mb=eWmFQb?e4TXvs#w9?DQ(B6TGM~+2bx-LISgQgrIGwSl;MfVSW8R|3DMZ
zV#7o1&f#f!lHc<}U!4lACn+ONho5Pln(w3b)}$LfD1$DRUT!TfsD(OF(cgmn&i;A1
z06*oGr=#5*=0-kRk{X(|o6oXPq`B1M=>1Voc{Yb5;~azs>9L6siHu~fpjbN}k!3+a
z?b&2**)dkouQpg{pqaOaq|Z4+Tco{tvxNBK7zS!RJb$mwHugcNpWm6KxkcLIB+p<O
zb$Kplesyu~ldh{S+qK!UFQZI`O1qBNHn~my@$x#hFl#F71ySM{9pY2<aS!Qk@0+zE
z?TW8@L``BC;%!B+DMiPegNfq<`YdA^cF{NXMY@gb0Szy1+h;e?aUy!BwW@Zp!f}zy
zyK&ZZJ8WDqMt1$dJ!LAwA9cEvoXMkw4P#G7G`!2mF7*nx>a6TjP9Z7?+Ojg-u~KJ|
zBr4g4WZ)AhQcb>duEz8MrKz+BE#&%84=4Vbapf`J93yD~!~fA!uewOxWC$fwBa5>U
z9+KKm0;ONGoI%i%-y_5>?l5Df&hf;=xnfEa3FY`ED`EMrD8jM%Nz=nA&Be~9We2b1
zQibhVfW_s;yVVw6+`Ns-R2|WR)5FuNtCN~}pDbS<B65ias9Q^MtLaV0S?1>HD9|{@
z2$H0jS~BZ4&-(@9OPYXV1L1Ar`xNoon_sxEfcbJyR2zJ4cWM=u-a#D19qb*&IAuIZ
zH4eXur+8~HpqNS}fVP~jMT2e|HQkA!r<ki!M@8F0s1?R4Ww_jUS8)#I-PJm@V>(F2
z?V+jXJh*b%MT}=VGGeyN@gC3F#jLv!LPtOGC90pt{w8uc$}Fzc^xplG`y9H&9#t#N
zJpmsxbqkY~Oiwo|eDRb%NNJb%4R)_m2(%$NguOi9haS9rj!s8nx0!8fd|&2%4%<ss
z`$*sY!ekT!k2JCAQhH8k8Dr_}{P%oI>W!>uT-g?How!HAZ(yXb!&D5P1yrU_Wm!u$
ze61cb6k5I}5$>ePn5+HrL=ol*p{O`B1Fr$bUgzmYea~zs1dC?-P`bW}`#(-;HxIz1
zvfRsZeKk~wq3p6xk$!VkWPeg}=+U<ky`~fwzONnrkC+DK<0_Iq=8AbFGQ5WO*Zru)
z)2iX(ra)Y?hc|;3cM3~H^ZAv45wf&l4l=9A@IuR~vMhS)04@gqZXzL;Z!$ez9vcXz
zqRvdun-=Z!xa&^KM5}-wMQ(83il~fgDEZ2|*ks}B*;(Ko>VGIDBl=Z<!#@i%U-dF4
zk}W61Y;x3=^#juz-3k+RL#n-p>wFG|c4XaYEs35RSV;7*)T`)NM)pp*0|VS%*N{Ri
ztlD^sOgsH#hW)o=?&#O1_uH5?zAYI84Mks|peDDXiv{7q9TwvzcX;xzoHPfJLLmim
zGVFDGB~6HxmqaenU5i^qP)4%o6plPK2b7OCHkB4Dt2GvA$3G9!*wz01kpA2~<-JWR
z=2$+tb9d)cIR+aal6Ic-;%a%=_pKp4Rwe<^RoG(`&PWp-zk21Z@K?Q71JzsGeL>SI
z$u}8J0|<3j|CSlS&O6Wg>)HDfhuCzIQtHbjMdh4B?xxxuFmcCsRYe+i%QKupOMC8*
z7Ex%U_Kz3Ec+C0?YrW#_8duKmWxtUjH8zJ;i@D8HyqYm>cq2FMH6QQEf>bl&$+~Op
zCkqWK@5~;=)3*mta0EP?4ECtEY_tL;G)CHI*rC|b*wq){BLtRL`pA3c#WMomGPg%0
z+VGuG)zp8ga>N=rgnr8`>khhFPGkz`Hd7l<8QY#fT|J)Tm^F5~+$h27c{fk)UQ|Kb
zid-{~J$Q_tbB2U^p{nhWVQ-zSy`z(1RKi@8bOX(>6mucr;=KcbPRHB3aLutGU0VAw
z)jCk&VIm;EWEbynzpJ4<0y8~0HW8>>$B<xnK+#>1E6LlnQ1vzo&QXwM{4pmPpM_2k
z{&M&>{)+f}Wh$d&So!6gx^Be%ggv!guP`R%E}FTYS1KTdv6i|Lzit8C3p7@-`gF$q
zRvk^{#|lx@NOlEiXQ!HKQy>JY7n@~_Ih<|Rtc`CAVa}%NGS1w?@8j!AxZlP>bpZ|X
z4ck_yZT$7?hrdZgk9{q-_us*hyluzRH~gjG9OJw~eE#7R=S#xB@%Cafo|lfiId{?V
z%S5o~+cXOY>4d<pnv6s+GJ#pik&MeOi0`jov^*h65SKL?XfX~59sh6^BoK=Hd_!rL
z%8Jj-L-adP$J^s677KCpZH>!Rqt^JneSr4OVmG3MB2}UVMe}@fEhYVOaAErgGjHKn
z0x4YvIqAiT(e@qa))}>ynt2BC*-M6t^2CDI?Fq8RD^A2!9qobKZy&?>d=~#$dUwt;
zvdS?jSA#u2;~0utrSo0BQg0etXMgf)U{q7R(m>`&TSL@^!Hdj?Z1!|~P7QAB%wc0#
zzAWg@ccJJRp~-*0w&dU(@_Py7EhYedt$3beL+Sd!HDyDN)3TV>pW;ueFC;EYbG~o8
zwTG{!MP)FIHkR<2KkwExrG=+r<80iYuQtsmeSVtv&*AT^CU}^b0%sMYVNhY(^?R@Z
z08SWKT!J0Fd_7&H-JAoQd}U=^yn`SQocrJ8C`kLz2bli`WFzC6;Vgc-&8A@h$TV7z
z5~o*54|}WyW~q5FPC0G+8=f?E;u@~i;aook!5;QaJQS?jemYot8lRdw2X~6vq!Xm7
zB>;I4xhTnpYu56=3aju`!}-gb<*RD(GQe6y-k#PmSWDeR3x&%|Y;oWg2X1lT76)!|
z;1&mNao`pQ{(TN~|G#md5R@g2qRdLK(81?i#@So~(=arZGi(NC8b2%|a=dG-b$d59
z@-xg@ahtFfMd7T=Hdwni<&mu+%uL`W$7mEzeO9@>2qY*GQ29v~4h~+cLPx&~_<0@)
z4S{@cLjXRClwe)|TsC~|`3uM(eB<-5a6U!=$l->ba|=lRnzsJXPykN-c{M?_aFpB{
z7ys&6e|RYQ(*WO{6NJEs0~=b^M66Bk7lL2xhKw*MsbAC96T8HQv|98JlcFF8G!(^z
zU-wzpw_aoUpVt-X|3>z|&V)Wkt+mpYfwo8Q-B9-uaqWev>>9B{jYLkdbyL?<IOgX_
z_|E9S4}F^Y4yZkvX}xDXjf-sX2q?iGsrB0R6uxmMT$CYoEk2mo`8Jdtie4)lbP!sO
zmRldReoF;645g?;52Hjkgp@|Eg+%K?ta7{g&GfLk$Mj^pod2?8%Rgk#j>0l6_P@N%
zh~e`CfPMM^K=AbnaPyM&_wga<U}c>A3BPLBf46xyl)GvCAN#*kPB}Xg9AyZO{w8=P
S_?H6!T<{+qeAf@I{r4{uC#c&1

delta 6333
zcmeI0c{o&U8^F)l$u7(YV@nJ(ma>;E#bjTTijXDQViLlbL8u7lwIyqoY>}CYtO;dn
z5h>CeMZETk%98Jlw_ZlydtKij-=E!c%{<q+?)ACP+~@k8=hG#c_i;3OW`?wMEC9g7
z1Vn^bm;sQ`P<|j`g}%-%emJy0&d1NiUyc@_wvD>FSW1LkqgZaiOIi3fhgq%Cv5Z((
zktSHmsC5RZQj>o&0l)wgsg@VUEU?*+lJ;kMH~=OR1cbL{J>|K!909qrYzF}8brX=4
z$OX>rrNfKg<*HvkoD*>T7P(N{dgPdLEA3$!7weRrsW-Y^J4b0%TM`mn!xh4Z6R@L=
zAI{S57Q9K0<w#){n}3#F;h^$)X#u(Xi7kvi%-bl}>!}P^X3P%sSR883ZMfs5bVY0O
z>FGlU-j%7Q%iT1gZ}5=2*4G?lu2BJAYkoD}T@`1GFHbVcePKUoHwe$?+*W?%{`Am;
zh1LQo<AT<XNF4K$29FBX>UElk`iE>iW=D_Piuv}|&9<_=?eL2Jj*832_xqE+xYoxu
zpS4-8RERSo3O~wjwe~SJNIJ5+Zgpy4s_W6LV0`RXMv25Mt<FypQ;{b19m^FaYm$rA
z4yE;#82m-$@kHNx861xz#<Mh|L+a?b_!`5$n9dKfZRqRGY^~p!4#!_%=3NdMcH?pW
z6retR&jfYHPQ5W}(Zs}u^UYxEDB@@qCX}4a4pUezR}#KuKNIC~!ZtTW{;q}4XcDPa
zH5`$t|8zQ7OqW5IdymOW(SZ8oIeZB4%+jXrsvN#$VI(<F#o?HoB(|$)GMeKY64_Gp
zZFO~Jad^p3bY`Ztb!d8dGJ3N1Xh<#hr@<#94<`q|@Z@r-x%bqzf&B7)W>yQRq8fc0
zABNlu4bcbr3-{0qk|%A-Z`;<EFQ#ZecX!CpMzG8KCDU0KDkl!}W}V+9orcG8`4O24
z<Idsbr3J!q1%}RCnkR>W;>T9WwjLrb^m{y$i&f8_d3U__O-v<+d4GaZ(si*6jw@fP
zYm`%jo-{3)2U&;lxAeg3tF1(;-iyj|t9YYP^?k|X$^#$g4^BTu-L(fJb5{98b3J)J
zGdjQIksT{NSxMrZDEz2R@Ts0_5c7%+Cta4s-|>`rEfi^4g1jcBY_OAa@F-j|ub8ac
zQ;(5$h;1?B=usMu)@Qa>EKNF4Gj<}0`%<7ZFg^;-o-H0gVUoOJqK!<tTSiw`he8hx
zmY1Am*<~~qSY?X}xcHu@+`ur}wOPDt!iJCS{0@HBmwu+^i=jYs!bFE?pNx6%;de6f
zcw@)NGYP}h!eJIiy*T_5{3_e6+ccx(vVq;Hu0z2L$}D!4K$d>-LUP&NfS8{9(bkGb
z;*GKvVw|(Rk0lx)o|%bx?!iSjXI$W9f-hpey^u5zJ(M+Gpv8tbfhjpC%^mY`frhT<
z9b*l;&W7tNV*z*ObzlG6+D$i1!_S_cio!>1D?1=?I<G6qZRC}mpKGr3+qqs3x4-W2
z-Cr^M;sS<rexzqDa5p$}T+uZmUe8y}o*?^u@>|W*UWBv;XScoc>Rx(!T>IJAhEChs
zB){yCchw2#Y6-e>{g8g9Y!uDY;D%_|a*_T?;_j%q(}h6%H_ikaYv+OzrsoAE#4yYP
zUc}qZ*JmYD_xW&oOhdPYR^B7}!@8#3#m7)@FXWwyxL(p_5omn}=azEWz+y%ynbAqV
zJH@fruoK1~@=&7fP!*U}ro-;JV^O(8$egYJVkxR$RKcf)ZN<V0MW^^>x*|^Hj(nV0
zWTB#v^73F^LS3f_0+U;$CFWFpUa^g?4}aYIb^AO00%F-vNmNAA>y?^R-$P9dJ?vtn
z7Zu|&miKQNJCsbfPgsR<c|0Lx<`O-ecWEoz6=ZwH&CKoU3z96#)#aX;xEH(JFgk^e
z9#AK751jw7zvCHS>!DBLCmKs(frrVb#3H3+0kk<GV5d3z<wpVok_*9pKG>b9q^tPd
z>3Tj!sG<T?7R?COGIRecyEG>cW0*+fcxH38_SfJtZQdUB6jcUy$))VB_-KYMIGZW#
zrQlAPyCnlt64^8gn85`z?X^jXSMLS_rT#RccWjy)8ks$~BC;l?dFr<Do;B}3#m|e~
z+e^dQjZ=kjM`m1eb4t0?%daLg+@#oqKhSp*hmQ|J&gHZ#J;56d^7$k8pWIK>V8z-9
z*WOHPN|+e34`|meMw|DuXdZdU8j?t^jN?q{+RNjgT_kYx*=(!UZMhpyyo_#%s%jnS
znvMuybwOLLYK^9=Vm0n6V8|wN1uVBicIVzUOLq5~@K2%3neP!FyErueBECGy2X7JF
zmis|elB=C-_4-;k2N7d;xtHhjtm=#of=2YN{ETl%(gmN(Rh&)O4j%j7?@!Bmbkt(f
zVnMCU>PltB(t{6lySv|96Rt=pM;q)@HpyOgOheawk5`l!<5$T$6W*j*U!_M7C}ezO
zS!l$khGke}<3RGBarvvQB&RqrjSEk!o}1wtvgREo3UgYlh2QrpPIREPe&5*rd@?44
zQ8@jid#}5s#L!c-Gbecynl-mSj@T)Xs*4pqFcNh#Ro=YUD~8!-#U8C6TF&8z)CexV
zZJlG^8DcQJ9J<S`D<kyCyE3(eJS@>2*RAQF86DzDbYqC67j>0H7M}C{V^R_yWL2Qq
zeg9)lXfPssfm<&&mTBxvs<!+Mq<^+}Oy~DMjMB40muKH6#kb-MIj{CN26ZdxnF;J+
zJ?BRLKEgcb1~-nXT(X7D%2h^arXGD5{cZb$k>~S99U8?=cEXc4g0w`}=#V@f%>s#f
zrihv=3+0tI<7W2PLejFw79aP2!jF$zynDOYT<+<9vFLMBzDh|B!maot&y{TOTWsbv
z#J(z6xQ+F57EAXS%d0BQukI<y>_g9+<@Oi6)+4K-ijxoSvleBp&&OW-aPDf*JfqpT
zQ2J+Q7Sp@ANQbPYhb*hn;dR*ASF7@GK8t^O_N|QW^aBa(c@ZP63}uve;WJ~UTN*-z
zHPWk-49Qnc*XcaWPGsb0<mJKLQO_Tio6joJ7h?E|*6NjKx4bm*$LPUun}%tw?|C2^
zEoe7=tMmF%Qtu?s?9sSbEvt{%Sw!Z;8)y`*^OH&h{N9zOna(d^7amGQ_La3G8&uCV
ztz8lbTt2PNelGjeH#ur7vP$jEV1yvXhaLcA)&Yf7g%qTr;vBM6*QIdC#tQ<O-4q)o
z5?YK%!@HS<?0EquXNZSf!C_$ue1`%%QJa(g=^M+HmaF2no;sc)w{pTSre!uNa-DlL
z<uo#_P`7kkLDo*h=;{$O{ya^Gm)q#u1)b)Neeyz;Wm>i`v19x3eIYZ|wYv|;s5>jI
z9UoBmeC1|lv~MGG<1sIdEpSIoVgNXzj}Y35Vy1aKf*)Z3P(cd-qTpNo9i)2)R$){i
zSS6rCoP%P;!bn5<N-(|68{C|N9lCG{boBD|bU~jw>F@0O3vF(2AK1B9`Zw$SX1(96
z_nY;8v)*sk`^|d4S?_;mJ)8e0>%Ea9#&$vIf`Eaxm`N(cb2UuOUxZW<5FqUYz_5s2
zpo7v^Dw75S_o)Dg0y!A~00n@LiAYkcViXM(Krt2wJsyK>S{O+2YW%cRx&<*6zI%{v
zg#nCL6C|Z8KcS|~BZ8k>3Lw4n&-k*Wbh#pG$}BmifN_V)^ad-?5&QlP&ln*KoUfPv
zDX(9+3@`0Zo|c33fuskf+vKSV6i#kBW&|b2Gm%uWE(``Rn(egze%1)ZfP@p6)}gGM
zPae$-sXf6dJe)S4Ae*>Df_JNK{pb;#$MewT6Q)_fX%=zWttJ~MkN_Y+$@N3>2^G9x
zBd_2u4ir7q$8~}KSSgjR>a+<{4k>?e*nm~aA?1dU3E$Tppd(AZZJSyF3KHN@y^nTL
zqJb6!_^wS#>X(Jh!Qd#!UVXFeKQ9fCnc#*gkWZM9rNmA`(*05_#q7WD?gAPd))(O1
z+CQ)|5>7`ZG^}gEu}F5Rt*ospXXPMQE%&Xin{!c^|8JpmQe9!|8^BiI%}quAbcI$j
z!Ce8wM@mvv;YFmBD5VY_!ytayG4*V2gd!89HK0kA-P}>?A>FXeCphh;j4T+d$o6Z8
zSfM856GXH?f-)S`j-<Mu8)HlT=g21*>w?cB<Tq!h9^uW|O%6cW6{z-%Cc^Rg1Pz0&
zjl{Tk2W)L7CDhNGPMPk%g>oaFL;gQzeXG;PtOEewPakL{6PA8Bxj|2eznvXUI^rBL
wI7h#&K{g%=0Ki2RWJl0Hnf-ixaQk&I&VD#ELwe{50swI6qY71;f~Q>l2ll8eS^xk5


From 69a96d18b6ca14282437ec8ccca13fd907cc69fd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 30 Jul 2020 14:54:37 +0200
Subject: [PATCH 130/237] Bump elliptic in
 /ids-webconsole/src/main/resources/www (#21)

Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 ids-webconsole/src/main/resources/www/yarn.lock | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index a2e3ebddf..a1dade341 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -1675,9 +1675,9 @@ bluebird@^3.5.1, bluebird@^3.5.3, bluebird@^3.5.5:
   integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==
 
 bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.4.0:
-  version "4.11.8"
-  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.8.tgz#2cde09eb5ee341f484746bb0309b3253b1b1442f"
-  integrity sha512-ItfYfPLkWHUjckQCk8xC+LwxgK8NYcXywGigJgSwOP8Y2iyWT4f2vsZnoOXTTbo+o5yXmIUJ4gn5538SO5S3gA==
+  version "4.11.9"
+  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.9.tgz#26d556829458f9d1e81fc48952493d0ba3507828"
+  integrity sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==
 
 bn.js@^5.1.1:
   version "5.1.1"
@@ -2959,9 +2959,9 @@ electron-to-chromium@^1.3.413:
   integrity sha512-ty0LEroTap/xfMy31oQ3XX+Q377QvWvJaha2cmuXcbmBiX2EIB5SNDQ0hp8lhvxj63WG0zOgm/4MQ/oUBdfQqg==
 
 elliptic@^6.0.0, elliptic@^6.5.2:
-  version "6.5.2"
-  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.2.tgz#05c5678d7173c049d8ca433552224a495d0e3762"
-  integrity sha512-f4x70okzZbIQl/NSRLkI/+tteV/9WqL98zx+SQ69KbXxmVrmjwsNUPn/gYJJ0sHvEak24cZgHIPegRePAtA/xw==
+  version "6.5.3"
+  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.3.tgz#cb59eb2efdaf73a0bd78ccd7015a62ad6e0f93d6"
+  integrity sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==
   dependencies:
     bn.js "^4.4.0"
     brorand "^1.0.1"

From de410d47eb12e4bfeb8a6f40a0633b36802916f2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 30 Jul 2020 12:56:41 +0000
Subject: [PATCH 131/237] Bump npm-registry-fetch in
 /ids-webconsole/src/main/resources/www

Bumps [npm-registry-fetch](https://github.com/npm/registry-fetch) from 4.0.4 to 4.0.5.
- [Release notes](https://github.com/npm/registry-fetch/releases)
- [Changelog](https://github.com/npm/npm-registry-fetch/blob/latest/CHANGELOG.md)
- [Commits](https://github.com/npm/registry-fetch/commits)

Signed-off-by: dependabot[bot] <support@github.com>
---
 .../src/main/resources/www/yarn.lock          | 25 ++++++++++++-------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index a1dade341..b34f90cd7 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -2992,11 +2992,11 @@ encodeurl@~1.0.2:
   integrity sha1-rT/0yG7C0CkyL1oCw6mmBslbP1k=
 
 encoding@^0.1.11:
-  version "0.1.12"
-  resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz#538b66f3ee62cd1ab51ec323829d1f9480c74beb"
-  integrity sha1-U4tm8+5izRq1HsMjgp0flIDHS+s=
+  version "0.1.13"
+  resolved "https://registry.yarnpkg.com/encoding/-/encoding-0.1.13.tgz#56574afdd791f54a8e9b2785c0582a2d26210fa9"
+  integrity sha512-ETBauow1T35Y/WZMkio9jiM0Z5xjHHmJ4XmjZOq1l/dXz3lr2sRn87nJy20RupqSh1F2m3HHPSp8ShIPQJrJ3A==
   dependencies:
-    iconv-lite "~0.4.13"
+    iconv-lite "^0.6.2"
 
 end-of-stream@^1.0.0, end-of-stream@^1.1.0:
   version "1.4.4"
@@ -3869,13 +3869,20 @@ humanize-ms@^1.2.1:
   dependencies:
     ms "^2.0.0"
 
-iconv-lite@0.4.24, iconv-lite@^0.4.24, iconv-lite@~0.4.13:
+iconv-lite@0.4.24, iconv-lite@^0.4.24:
   version "0.4.24"
   resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.4.24.tgz#2022b4b25fbddc21d2f524974a474aafe733908b"
   integrity sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==
   dependencies:
     safer-buffer ">= 2.1.2 < 3"
 
+iconv-lite@^0.6.2:
+  version "0.6.2"
+  resolved "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.2.tgz#ce13d1875b0c3a674bd6a04b7f76b01b1b6ded01"
+  integrity sha512-2y91h5OpQlolefMPmUlivelittSWy0rP+oYVpn6A7GwVHNE8AWzoYOBNmlwks3LobaJxgHCYZAnyNo2GgpNRNQ==
+  dependencies:
+    safer-buffer ">= 2.1.2 < 3.0.0"
+
 icss-utils@^4.0.0, icss-utils@^4.1.1:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/icss-utils/-/icss-utils-4.1.1.tgz#21170b53789ee27447c2f47dd683081403f9a467"
@@ -5274,9 +5281,9 @@ npm-pick-manifest@^3.0.0:
     semver "^5.4.1"
 
 npm-registry-fetch@^4.0.0:
-  version "4.0.4"
-  resolved "https://registry.yarnpkg.com/npm-registry-fetch/-/npm-registry-fetch-4.0.4.tgz#2da1ecf3f43d419d96abf313664291a4623d3ea5"
-  integrity sha512-6jb34hX/iYNQebqWUHtU8YF6Cjb1H6ouTFPClYsyiW6lpFkljTpdeftm53rRojtja1rKAvKNIIiTS5Sjpw4wsA==
+  version "4.0.5"
+  resolved "https://registry.yarnpkg.com/npm-registry-fetch/-/npm-registry-fetch-4.0.5.tgz#cb87cf7f25bfb048d6c3ee19d115bebf93ea5bfa"
+  integrity sha512-yQ0/U4fYpCCqmueB2g8sc+89ckQ3eXpmU4+Yi2j5o/r0WkKvE2+Y0tK3DEILAtn2UaQTkjTHxIXe2/CSdit+/Q==
   dependencies:
     JSONStream "^1.3.4"
     bluebird "^3.5.1"
@@ -6682,7 +6689,7 @@ safe-regex@^1.1.0:
   dependencies:
     ret "~0.1.10"
 
-"safer-buffer@>= 2.1.2 < 3", safer-buffer@^2.0.2, safer-buffer@^2.1.0, safer-buffer@^2.1.2, safer-buffer@~2.1.0:
+"safer-buffer@>= 2.1.2 < 3", "safer-buffer@>= 2.1.2 < 3.0.0", safer-buffer@^2.0.2, safer-buffer@^2.1.0, safer-buffer@^2.1.2, safer-buffer@~2.1.0:
   version "2.1.2"
   resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
   integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==

From 833e576ec89fb045c13e6cf1529037ff9de3df7b Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Tue, 4 Aug 2020 10:30:46 +0200
Subject: [PATCH 132/237] Add CSV support

---
 karaf-features-ids/build.gradle | 1 +
 1 file changed, 1 insertion(+)

diff --git a/karaf-features-ids/build.gradle b/karaf-features-ids/build.gradle
index dd6078524..c3def8217 100644
--- a/karaf-features-ids/build.gradle
+++ b/karaf-features-ids/build.gradle
@@ -83,6 +83,7 @@ karaf {
             feature 'camel-paho'
             //feature 'camel-mqtt'
             feature 'camel-jsonpath'
+            feature 'camel-csv'
 
             // start our bundles a lit bit later
             bundle ('de.fhg.aisec.ids') {

From 44288d1e3828c2e98e35a60a2f07bc6cce1f3ebc Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 12 Aug 2020 15:42:18 +0200
Subject: [PATCH 133/237] yarn upgrade

---
 .../src/main/resources/www/yarn.lock          | 2146 ++++++++---------
 1 file changed, 1061 insertions(+), 1085 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index 99fcfe260..ad9bcda89 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -2,37 +2,37 @@
 # yarn lockfile v1
 
 
-"@angular-devkit/architect@0.901.6":
-  version "0.901.6"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/architect/-/architect-0.901.6.tgz#5fb113850b025bdac894d1bb306b4d2ea51f8416"
-  integrity sha512-0pWzn10gCZxMCrS62NlD38qE2R7l5fPfBuNylntNqvzw9L7iS1ARgqMlAKn8KLaNG6FrXONmgUWHsV987ZICIw==
+"@angular-devkit/architect@0.901.12":
+  version "0.901.12"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/architect/-/architect-0.901.12.tgz#e0f78b7282f851d27af6802dc7a261022421b2d5"
+  integrity sha512-gLlsxa+3JPV1m1gRvRMujOs4xKox6I5BkYmOD1zfu+dB6y3LuBAvHfXA6FaTDVOMBrmSlWnE4PmOmB6xd7wxMA==
   dependencies:
-    "@angular-devkit/core" "9.1.6"
+    "@angular-devkit/core" "9.1.12"
     rxjs "6.5.4"
 
 "@angular-devkit/build-angular@~0.901.0":
-  version "0.901.6"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/build-angular/-/build-angular-0.901.6.tgz#034f7ba5a5adda715fcbcc35f33ff8a7c62dd4a2"
-  integrity sha512-jgLFKRWSZIZZVb7fiGC0SHzBFYBkDOLTw/MRta8p81o8WzLe0uxGVP4RlIj6fZxv3Vvb1NZI4HHrgt/jASaj4A==
-  dependencies:
-    "@angular-devkit/architect" "0.901.6"
-    "@angular-devkit/build-optimizer" "0.901.6"
-    "@angular-devkit/build-webpack" "0.901.6"
-    "@angular-devkit/core" "9.1.6"
+  version "0.901.12"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/build-angular/-/build-angular-0.901.12.tgz#5b588e530be01502e350ceae17b21b4fc6676650"
+  integrity sha512-enK+u1Lg1a/KWUs3r8Tc7Igduu5ph9fgziV8bjQeVrswrqFb0m0eEhxe/zV8rvE92H3NBZp5Z+uzOYIcg4eirw==
+  dependencies:
+    "@angular-devkit/architect" "0.901.12"
+    "@angular-devkit/build-optimizer" "0.901.12"
+    "@angular-devkit/build-webpack" "0.901.12"
+    "@angular-devkit/core" "9.1.12"
     "@babel/core" "7.9.0"
     "@babel/generator" "7.9.3"
     "@babel/preset-env" "7.9.0"
     "@babel/template" "7.8.6"
     "@jsdevtools/coverage-istanbul-loader" "3.0.3"
-    "@ngtools/webpack" "9.1.6"
-    ajv "6.12.0"
+    "@ngtools/webpack" "9.1.12"
+    ajv "6.12.3"
     autoprefixer "9.7.4"
     babel-loader "8.0.6"
     browserslist "^4.9.1"
     cacache "15.0.0"
     caniuse-lite "^1.0.30001032"
     circular-dependency-plugin "5.2.0"
-    copy-webpack-plugin "5.1.1"
+    copy-webpack-plugin "6.0.3"
     core-js "3.6.4"
     css-loader "3.5.1"
     cssnano "4.1.10"
@@ -41,7 +41,7 @@
     glob "7.1.6"
     jest-worker "25.1.0"
     karma-source-map-support "1.4.0"
-    less "3.11.1"
+    less "3.11.3"
     less-loader "5.0.0"
     license-webpack-plugin "2.1.4"
     loader-utils "2.0.0"
@@ -67,20 +67,20 @@
     stylus "0.54.7"
     stylus-loader "3.0.2"
     terser "4.6.10"
-    terser-webpack-plugin "2.3.5"
+    terser-webpack-plugin "3.0.3"
     tree-kill "1.2.2"
     webpack "4.42.0"
     webpack-dev-middleware "3.7.2"
-    webpack-dev-server "3.10.3"
+    webpack-dev-server "3.11.0"
     webpack-merge "4.2.2"
     webpack-sources "1.4.3"
     webpack-subresource-integrity "1.4.0"
     worker-plugin "4.0.3"
 
-"@angular-devkit/build-optimizer@0.901.6":
-  version "0.901.6"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/build-optimizer/-/build-optimizer-0.901.6.tgz#2dc85c5ae61113df16566949ae3833283864bb8b"
-  integrity sha512-M0H9SrOq4QOYqGCIguGQDWizf+XL7whJjBtYHxI7jEjtzar3zkTFgzZ/znv49R56Zch1niH0mBgtDxCFFWqarQ==
+"@angular-devkit/build-optimizer@0.901.12":
+  version "0.901.12"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/build-optimizer/-/build-optimizer-0.901.12.tgz#327066ba0d7f2f4fc82960618906e4f916f7bf7c"
+  integrity sha512-XuXA+6y9QkIAwSVZhWmne4r7qugUUWaXobgRefbn9heiRlY8/7XkZmmvbSrxc1fgQfQar52W9fAa19fAIeNvnw==
   dependencies:
     loader-utils "2.0.0"
     source-map "0.7.3"
@@ -88,50 +88,50 @@
     typescript "3.6.5"
     webpack-sources "1.4.3"
 
-"@angular-devkit/build-webpack@0.901.6":
-  version "0.901.6"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/build-webpack/-/build-webpack-0.901.6.tgz#62a0d8cd94c8c61b734b0a6c149c922dd8908c42"
-  integrity sha512-jEk850AtIFK+xbXXiloVvueXTbJOL1mANR2UBrmWk7V4Bct+gHVerdXjn9vo1Tsd8BgemUYAcqvLldCx9MSDTg==
+"@angular-devkit/build-webpack@0.901.12":
+  version "0.901.12"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/build-webpack/-/build-webpack-0.901.12.tgz#fcbe22d6c41f3f626342c3bd8f734104d4a65a8c"
+  integrity sha512-zrhZV2LhQ4uFl9at9i2jiedIu932HsaFN4OMMsTFlV+6CZxtEUBI85hhnPa5KQtIYQr2OMQSQf/FyhnBGs0riQ==
   dependencies:
-    "@angular-devkit/architect" "0.901.6"
-    "@angular-devkit/core" "9.1.6"
+    "@angular-devkit/architect" "0.901.12"
+    "@angular-devkit/core" "9.1.12"
     rxjs "6.5.4"
 
-"@angular-devkit/core@9.1.6":
-  version "9.1.6"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/core/-/core-9.1.6.tgz#d108430a48e58bf1efd1b87aa2edb64e3b9241d1"
-  integrity sha512-lYXoRtsMsfyIrNAa49Hcx79FPRW6ZrWjK2yJ3avON1Q3WEHYb/DIUP+ItyOQAkNUsCVMyK4wkddsu8PsqEW6tg==
+"@angular-devkit/core@9.1.12":
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/core/-/core-9.1.12.tgz#7cebce51918fe7f3462d8c58c9fbd5a3e2c3b3e7"
+  integrity sha512-D/GnBeSlmdgGn7EhuE32HuPuRAjvUuxi7Q6WywBI8PSsXKAGnrypghBwMATNnOA24//CgbW2533Y9VWHaeXdeA==
   dependencies:
-    ajv "6.12.0"
+    ajv "6.12.3"
     fast-json-stable-stringify "2.1.0"
     magic-string "0.25.7"
     rxjs "6.5.4"
     source-map "0.7.3"
 
-"@angular-devkit/schematics@9.1.6":
-  version "9.1.6"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/schematics/-/schematics-9.1.6.tgz#759b01ef6815fd2d7366c3f1907d5878403a816e"
-  integrity sha512-twS8Sxc6NG4A0n7yITugP0snIMJ2Rm6aOGkckomWjZAP1fPo8pup8EFGc5wUBAtAOM3DJBphEnskpwEWCkBaLg==
+"@angular-devkit/schematics@9.1.12":
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/schematics/-/schematics-9.1.12.tgz#bbf457f1b35941fddeeb1ee77336dd04ca60b8ba"
+  integrity sha512-+GYnUzmIy1/QpYitCC8mI7jcrViGHTtOKvvDPEFjU2nggjNEQaMmsHcdIsjrqggEc23ZZyebNAIewT8CMkJyrQ==
   dependencies:
-    "@angular-devkit/core" "9.1.6"
+    "@angular-devkit/core" "9.1.12"
     ora "4.0.3"
     rxjs "6.5.4"
 
 "@angular/animations@~9.1.0":
-  version "9.1.7"
-  resolved "https://registry.yarnpkg.com/@angular/animations/-/animations-9.1.7.tgz#09bf7c84c234d8b6ecaa101024a3b3e69ab198cd"
-  integrity sha512-1wW8ndGMLDuE2LpTN2RNRz1Dt7JgVBeVmOPMgzoA7g1uuvm+jESTrGG7W3BzLzG0BE2TeXt0fY90o4iU+S2Rmg==
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/animations/-/animations-9.1.12.tgz#1c9c1a792be4b52b196cab1e5c88bd319b60716d"
+  integrity sha512-tphpf9QHnOPoL2Jl7KpR+R5aHNW3oifLEmRUTajJYJGvo1uzdUDE82+V9OGOinxJsYseCth9gYJhN24aYTB9NA==
 
 "@angular/cli@~9.1.0":
-  version "9.1.6"
-  resolved "https://registry.yarnpkg.com/@angular/cli/-/cli-9.1.6.tgz#9622745d3fdf73b3045048e7df6c44f5aa8e97f5"
-  integrity sha512-hQnad0LQx0n+FiMRUV2RX9+L0dLsISu7uzimGLjgJVtW6Bc1cVnaTkKhOqHRQG2Q4Iv8adKWf5UL5tMZz/roDA==
-  dependencies:
-    "@angular-devkit/architect" "0.901.6"
-    "@angular-devkit/core" "9.1.6"
-    "@angular-devkit/schematics" "9.1.6"
-    "@schematics/angular" "9.1.6"
-    "@schematics/update" "0.901.6"
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/cli/-/cli-9.1.12.tgz#c6e41c80c387200766fc52a6b42fde869dcc0cef"
+  integrity sha512-B0yOab5WbD84bIRRUKOPAJnpka8Qj+CRt61wJfjsqpd/Rj7pD/3ubmdCNoBH7Xa6UlOb0tdYqRPsqfK7uEL0sw==
+  dependencies:
+    "@angular-devkit/architect" "0.901.12"
+    "@angular-devkit/core" "9.1.12"
+    "@angular-devkit/schematics" "9.1.12"
+    "@schematics/angular" "9.1.12"
+    "@schematics/update" "0.901.12"
     "@yarnpkg/lockfile" "1.1.0"
     ansi-colors "4.1.1"
     debug "4.1.1"
@@ -149,14 +149,14 @@
     uuid "7.0.2"
 
 "@angular/common@~9.1.0":
-  version "9.1.7"
-  resolved "https://registry.yarnpkg.com/@angular/common/-/common-9.1.7.tgz#79ebbe3c08ced0070314beb10bbccfb8927dfe62"
-  integrity sha512-04ef+J8bnOnjYbdRsm82IdIaaLFZ6QWh4SLtjnYhgCjEe4Stf59g+zRNPMauMFDQYDCp3foPo0djk1CPfEd8AQ==
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/common/-/common-9.1.12.tgz#731701fae63ae8e2ee2ce00e7d51f458ecd00c7c"
+  integrity sha512-XSIqkbM6VV1yixF9zuzeE5eqN1VsiXS517K2VU0XgCRSAzhVhLOeKsdYjeLf7PdSu/HgW/Tr81H+isi9A9I0YA==
 
 "@angular/compiler-cli@~9.1.0":
-  version "9.1.7"
-  resolved "https://registry.yarnpkg.com/@angular/compiler-cli/-/compiler-cli-9.1.7.tgz#ecd1d47b0368ed21dfcef980b3aaeb37085a3612"
-  integrity sha512-8HT8+UuSohrXlF90eewG2XuhtOEIfJ2UlijnSB10/+ZyroSdTKckoiFSps86nTd/EfrBblqNUMbwjOxIkzac3w==
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/compiler-cli/-/compiler-cli-9.1.12.tgz#37ba1a8b483ab1382414d0a13a35a1fd2020abd1"
+  integrity sha512-bbqJ+fbY+aQejSYuHUjE1qYJCXkZBM5Hru9eN7m/j376u83MQ5jWdC290uYx+ipsXcPTa/YRZ44jpL+5cCzIrg==
   dependencies:
     canonical-path "1.0.0"
     chokidar "^3.0.0"
@@ -172,56 +172,56 @@
     yargs "15.3.0"
 
 "@angular/compiler@~9.1.0":
-  version "9.1.7"
-  resolved "https://registry.yarnpkg.com/@angular/compiler/-/compiler-9.1.7.tgz#e094f99f8742994761adeb1fd8090b21d2abff98"
-  integrity sha512-BiHJ3rAd00aJkur7ohnXjqBmz2QkSTAAFWLuBTYuHysxP4zJD54y4uUtsrCUReKL+8dkUv8AcfXBAkCBLvBUYg==
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/compiler/-/compiler-9.1.12.tgz#3066a637bfe09642dd5c4a4dd029e7a771988311"
+  integrity sha512-suefk0OFkaJpUUKnV+phbL4T8fmVGHvzkereY5eqybQlumOez8NPL1PJcygAylh/E6OIAYm8SWookYwM6ZY9dg==
 
 "@angular/core@~9.1.0":
-  version "9.1.7"
-  resolved "https://registry.yarnpkg.com/@angular/core/-/core-9.1.7.tgz#0465c26d9101389602e3ff9e502f83f3655e9fe1"
-  integrity sha512-uJSZ+rdGL47gc3A+Fal1XwJYB4WWpYJrNifvoQ2nOs+X5Qu+j0HN6GXPJb4kixoNzjYCGxmLoirdT3xhNZFcfQ==
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/core/-/core-9.1.12.tgz#e7e10f72f84f0787551424ad86279436e0b5edbe"
+  integrity sha512-WVA/eh3fzjx0apOzkKot4YRRUsGkHj50zFQWrAOMgivGaj1YVrvhf+m3hpglj5fn/BkLiFDl8RT0wAE8z9X+gQ==
 
 "@angular/forms@~9.1.0":
-  version "9.1.7"
-  resolved "https://registry.yarnpkg.com/@angular/forms/-/forms-9.1.7.tgz#cdefbc7c7093fd37b417975f18b875a798cbd2d9"
-  integrity sha512-/bRs5hSFDUjOrq2vw11HoS25oEu7KYVxPbQiEjeBHJo82yDmSO+1cVukh6ulDi7iv1sJwSzikDtE9+xDx1ocfQ==
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/forms/-/forms-9.1.12.tgz#8ae7ac480031e1e4097eeff9b45f5e6d2cce6b7c"
+  integrity sha512-LhjnZlC4WEsEsAJfOZLte+Lks3WBAFVeRv2lzoQNFVr/IMzBNDVfjEaaSqKF1cei3cjY39Df2nYDMJM7HfqbJA==
 
 "@angular/platform-browser-dynamic@~9.1.0":
-  version "9.1.7"
-  resolved "https://registry.yarnpkg.com/@angular/platform-browser-dynamic/-/platform-browser-dynamic-9.1.7.tgz#cf20e8f9ba3512ca906d7f21cf0926f0222a95ad"
-  integrity sha512-DyUDGxp4kF4majcm9COVzu/9wzmgnfj+d6GUEjYkbqSH9QP05LonJ6wHMNxNMN6qMfawdCxDe0TnNDRPmHUj9w==
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/platform-browser-dynamic/-/platform-browser-dynamic-9.1.12.tgz#332935d5ec4b44daaad1beae496dd994e2847a03"
+  integrity sha512-NmwUZaQeMnA6f+vP9Fp9P+qjL72H8dKlxLS76ujlKHVf75pP5oahWS8wfl7KXel1tKW3FQWMMffmKf5/NHRiSw==
 
 "@angular/platform-browser@~9.1.0":
-  version "9.1.7"
-  resolved "https://registry.yarnpkg.com/@angular/platform-browser/-/platform-browser-9.1.7.tgz#47e473660c772f80245bcf872aa7e3df9e875a70"
-  integrity sha512-zwNCnn4Ozax80YrkFcLoQ/7bVR7jPk7+QT++Nf9MmQwsaqa0Ve1IYa6Hg9Y1Kf4wquI9TdxMN17TPKmX8iNIaA==
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/platform-browser/-/platform-browser-9.1.12.tgz#f99fc360c40efd013677cc9ef4ead13425084a91"
+  integrity sha512-rPa/hJcLfdId6bYB0b6pFUo3QIgjZlvUlmtKMGdrLNLYR8XQxPa2Y/UdN/5YeZ12htGw6GXrX9U8U7nTbUSpkw==
 
 "@angular/platform-server@~9.1.0":
-  version "9.1.7"
-  resolved "https://registry.yarnpkg.com/@angular/platform-server/-/platform-server-9.1.7.tgz#b6648cfd2aeb922f1df9954483f7a1538fbf396b"
-  integrity sha512-EapDvdLuW0HAg17FOFpwPAPAPk6/qV14rJj1gylqXfjsVNmjwxJvEkwgzXGnV28w7kJzTfm5J+jBCw5MWe80tA==
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/platform-server/-/platform-server-9.1.12.tgz#cd7f92f0e44d90cb82b653a841a7cd16727d07ed"
+  integrity sha512-pNczGCl8Cux1jGyW/dvzzru4QsObWCN46Y7s5Giq7waXlHr3gP2vx+tlYzk2LcjDzfgsl53i5fXk2yS6S+90Og==
   dependencies:
     domino "^2.1.2"
     xhr2 "^0.2.0"
 
 "@angular/router@~9.1.0":
-  version "9.1.7"
-  resolved "https://registry.yarnpkg.com/@angular/router/-/router-9.1.7.tgz#ce9af75cec470f69122f2217bd5bdcfac7b74201"
-  integrity sha512-ycrkhkCbfOMCe9PngFjnyk8nH5jt0Kyb2NPtjmaGOtSCuZBZ0kOU0rQGmQnj3d2PiT0Yir59S8eEAf3Fh0iDuw==
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@angular/router/-/router-9.1.12.tgz#4f7fc170e1e7ef72ca1714dbc7a3888aedc33f2d"
+  integrity sha512-+qCaXa9y0nsRhzjAYBqmGoQ2YkrdXgftZwuFDf6t4qEi30EXa0oS97KrlFq0M5GKdLIDGrbUm9PcdHSTOI+ZhA==
 
-"@babel/code-frame@^7.0.0", "@babel/code-frame@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.8.3.tgz#33e25903d7481181534e12ec0a25f16b6fcf419e"
-  integrity sha512-a9gxpmdXtZEInkCSHUJDLHZVBgb1QS0jhss4cPP93EW7s+uC5bikET2twEF3KV+7rDblJcmNvTR7VJejqd2C2g==
+"@babel/code-frame@^7.0.0", "@babel/code-frame@^7.10.4", "@babel/code-frame@^7.8.3":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.10.4.tgz#168da1a36e90da68ae8d49c0f1b48c7c6249213a"
+  integrity sha512-vG6SvB6oYEhvgisZNFRmRCUkLz11c7rp+tbNTynGqc6mS1d5ATd/sGyV6W0KZZnXRKMTzZDRgQT3Ou9jhpAfUg==
   dependencies:
-    "@babel/highlight" "^7.8.3"
+    "@babel/highlight" "^7.10.4"
 
-"@babel/compat-data@^7.9.0", "@babel/compat-data@^7.9.6":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/compat-data/-/compat-data-7.9.6.tgz#3f604c40e420131affe6f2c8052e9a275ae2049b"
-  integrity sha512-5QPTrNen2bm7RBc7dsOmcA5hbrS4O2Vhmk5XOL4zWW/zD/hV0iinpefDlkm+tBBy8kDtFaaeEvmAqt+nURAV2g==
+"@babel/compat-data@^7.10.4", "@babel/compat-data@^7.9.0":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/compat-data/-/compat-data-7.11.0.tgz#e9f73efe09af1355b723a7f39b11bad637d7c99c"
+  integrity sha512-TPSvJfv73ng0pfnEOh17bYMPQbI95+nGWc71Ss4vZdRBHTDqmM9Z8ZV4rYz8Ks7sfzc95n30k6ODIq5UGnXcYQ==
   dependencies:
-    browserslist "^4.11.1"
+    browserslist "^4.12.0"
     invariant "^2.2.4"
     semver "^5.5.0"
 
@@ -248,23 +248,23 @@
     source-map "^0.5.0"
 
 "@babel/core@^7.7.5":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.9.6.tgz#d9aa1f580abf3b2286ef40b6904d390904c63376"
-  integrity sha512-nD3deLvbsApbHAHttzIssYqgb883yU/d9roe4RZymBCDaZryMJDbptVpEpeQuRh4BJ+SYI8le9YGxKvFEvl1Wg==
-  dependencies:
-    "@babel/code-frame" "^7.8.3"
-    "@babel/generator" "^7.9.6"
-    "@babel/helper-module-transforms" "^7.9.0"
-    "@babel/helpers" "^7.9.6"
-    "@babel/parser" "^7.9.6"
-    "@babel/template" "^7.8.6"
-    "@babel/traverse" "^7.9.6"
-    "@babel/types" "^7.9.6"
+  version "7.11.1"
+  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.11.1.tgz#2c55b604e73a40dc21b0e52650b11c65cf276643"
+  integrity sha512-XqF7F6FWQdKGGWAzGELL+aCO1p+lRY5Tj5/tbT3St1G8NaH70jhhDIKknIZaDans0OQBG5wRAldROLHSt44BgQ==
+  dependencies:
+    "@babel/code-frame" "^7.10.4"
+    "@babel/generator" "^7.11.0"
+    "@babel/helper-module-transforms" "^7.11.0"
+    "@babel/helpers" "^7.10.4"
+    "@babel/parser" "^7.11.1"
+    "@babel/template" "^7.10.4"
+    "@babel/traverse" "^7.11.0"
+    "@babel/types" "^7.11.0"
     convert-source-map "^1.7.0"
     debug "^4.1.0"
     gensync "^1.0.0-beta.1"
     json5 "^2.1.2"
-    lodash "^4.17.13"
+    lodash "^4.17.19"
     resolve "^1.3.2"
     semver "^5.4.1"
     source-map "^0.5.0"
@@ -279,284 +279,291 @@
     lodash "^4.17.13"
     source-map "^0.5.0"
 
-"@babel/generator@^7.9.0", "@babel/generator@^7.9.6":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.9.6.tgz#5408c82ac5de98cda0d77d8124e99fa1f2170a43"
-  integrity sha512-+htwWKJbH2bL72HRluF8zumBxzuX0ZZUFl3JLNyoUjM/Ho8wnVpPXM6aUz8cfKDqQ/h7zHqKt4xzJteUosckqQ==
+"@babel/generator@^7.11.0", "@babel/generator@^7.9.0":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.11.0.tgz#4b90c78d8c12825024568cbe83ee6c9af193585c"
+  integrity sha512-fEm3Uzw7Mc9Xi//qU20cBKatTfs2aOtKqmvy/Vm7RkJEGFQ4xc9myCfbXxqK//ZS8MR/ciOHw6meGASJuKmDfQ==
   dependencies:
-    "@babel/types" "^7.9.6"
+    "@babel/types" "^7.11.0"
     jsesc "^2.5.1"
-    lodash "^4.17.13"
     source-map "^0.5.0"
 
-"@babel/helper-annotate-as-pure@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-annotate-as-pure/-/helper-annotate-as-pure-7.8.3.tgz#60bc0bc657f63a0924ff9a4b4a0b24a13cf4deee"
-  integrity sha512-6o+mJrZBxOoEX77Ezv9zwW7WV8DdluouRKNY/IR5u/YTMuKHgugHOzYWlYvYLpLA9nPsQCAAASpCIbjI9Mv+Uw==
+"@babel/helper-annotate-as-pure@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-annotate-as-pure/-/helper-annotate-as-pure-7.10.4.tgz#5bf0d495a3f757ac3bda48b5bf3b3ba309c72ba3"
+  integrity sha512-XQlqKQP4vXFB7BN8fEEerrmYvHp3fK/rBkRFz9jaJbzK0B1DSfej9Kc7ZzE8Z/OnId1jpJdNAZ3BFQjWG68rcA==
   dependencies:
-    "@babel/types" "^7.8.3"
+    "@babel/types" "^7.10.4"
 
-"@babel/helper-builder-binary-assignment-operator-visitor@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-builder-binary-assignment-operator-visitor/-/helper-builder-binary-assignment-operator-visitor-7.8.3.tgz#c84097a427a061ac56a1c30ebf54b7b22d241503"
-  integrity sha512-5eFOm2SyFPK4Rh3XMMRDjN7lBH0orh3ss0g3rTYZnBQ+r6YPj7lgDyCvPphynHvUrobJmeMignBr6Acw9mAPlw==
+"@babel/helper-builder-binary-assignment-operator-visitor@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-builder-binary-assignment-operator-visitor/-/helper-builder-binary-assignment-operator-visitor-7.10.4.tgz#bb0b75f31bf98cbf9ff143c1ae578b87274ae1a3"
+  integrity sha512-L0zGlFrGWZK4PbT8AszSfLTM5sDU1+Az/En9VrdT8/LmEiJt4zXt+Jve9DCAnQcbqDhCI+29y/L93mrDzddCcg==
   dependencies:
-    "@babel/helper-explode-assignable-expression" "^7.8.3"
-    "@babel/types" "^7.8.3"
+    "@babel/helper-explode-assignable-expression" "^7.10.4"
+    "@babel/types" "^7.10.4"
 
 "@babel/helper-compilation-targets@^7.8.7":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/helper-compilation-targets/-/helper-compilation-targets-7.9.6.tgz#1e05b7ccc9d38d2f8b40b458b380a04dcfadd38a"
-  integrity sha512-x2Nvu0igO0ejXzx09B/1fGBxY9NXQlBW2kZsSxCJft+KHN8t9XWzIvFxtPHnBOAXpVsdxZKZFbRUC8TsNKajMw==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-compilation-targets/-/helper-compilation-targets-7.10.4.tgz#804ae8e3f04376607cc791b9d47d540276332bd2"
+  integrity sha512-a3rYhlsGV0UHNDvrtOXBg8/OpfV0OKTkxKPzIplS1zpx7CygDcWWxckxZeDd3gzPzC4kUT0A4nVFDK0wGMh4MQ==
   dependencies:
-    "@babel/compat-data" "^7.9.6"
-    browserslist "^4.11.1"
+    "@babel/compat-data" "^7.10.4"
+    browserslist "^4.12.0"
     invariant "^2.2.4"
     levenary "^1.1.1"
     semver "^5.5.0"
 
-"@babel/helper-create-regexp-features-plugin@^7.8.3", "@babel/helper-create-regexp-features-plugin@^7.8.8":
-  version "7.8.8"
-  resolved "https://registry.yarnpkg.com/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.8.8.tgz#5d84180b588f560b7864efaeea89243e58312087"
-  integrity sha512-LYVPdwkrQEiX9+1R29Ld/wTrmQu1SSKYnuOk3g0CkcZMA1p0gsNxJFj/3gBdaJ7Cg0Fnek5z0DsMULePP7Lrqg==
+"@babel/helper-create-regexp-features-plugin@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.10.4.tgz#fdd60d88524659a0b6959c0579925e425714f3b8"
+  integrity sha512-2/hu58IEPKeoLF45DBwx3XFqsbCXmkdAay4spVr2x0jYgRxrSNp+ePwvSsy9g6YSaNDcKIQVPXk1Ov8S2edk2g==
   dependencies:
-    "@babel/helper-annotate-as-pure" "^7.8.3"
-    "@babel/helper-regex" "^7.8.3"
+    "@babel/helper-annotate-as-pure" "^7.10.4"
+    "@babel/helper-regex" "^7.10.4"
     regexpu-core "^4.7.0"
 
-"@babel/helper-define-map@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-define-map/-/helper-define-map-7.8.3.tgz#a0655cad5451c3760b726eba875f1cd8faa02c15"
-  integrity sha512-PoeBYtxoZGtct3md6xZOCWPcKuMuk3IHhgxsRRNtnNShebf4C8YonTSblsK4tvDbm+eJAw2HAPOfCr+Q/YRG/g==
-  dependencies:
-    "@babel/helper-function-name" "^7.8.3"
-    "@babel/types" "^7.8.3"
-    lodash "^4.17.13"
-
-"@babel/helper-explode-assignable-expression@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-explode-assignable-expression/-/helper-explode-assignable-expression-7.8.3.tgz#a728dc5b4e89e30fc2dfc7d04fa28a930653f982"
-  integrity sha512-N+8eW86/Kj147bO9G2uclsg5pwfs/fqqY5rwgIL7eTBklgXjcOJ3btzS5iM6AitJcftnY7pm2lGsrJVYLGjzIw==
-  dependencies:
-    "@babel/traverse" "^7.8.3"
-    "@babel/types" "^7.8.3"
-
-"@babel/helper-function-name@^7.8.3", "@babel/helper-function-name@^7.9.5":
-  version "7.9.5"
-  resolved "https://registry.yarnpkg.com/@babel/helper-function-name/-/helper-function-name-7.9.5.tgz#2b53820d35275120e1874a82e5aabe1376920a5c"
-  integrity sha512-JVcQZeXM59Cd1qanDUxv9fgJpt3NeKUaqBqUEvfmQ+BCOKq2xUgaWZW2hr0dkbyJgezYuplEoh5knmrnS68efw==
-  dependencies:
-    "@babel/helper-get-function-arity" "^7.8.3"
-    "@babel/template" "^7.8.3"
-    "@babel/types" "^7.9.5"
-
-"@babel/helper-get-function-arity@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-get-function-arity/-/helper-get-function-arity-7.8.3.tgz#b894b947bd004381ce63ea1db9f08547e920abd5"
-  integrity sha512-FVDR+Gd9iLjUMY1fzE2SR0IuaJToR4RkCDARVfsBBPSP53GEqSFjD8gNyxg246VUyc/ALRxFaAK8rVG7UT7xRA==
-  dependencies:
-    "@babel/types" "^7.8.3"
-
-"@babel/helper-hoist-variables@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-hoist-variables/-/helper-hoist-variables-7.8.3.tgz#1dbe9b6b55d78c9b4183fc8cdc6e30ceb83b7134"
-  integrity sha512-ky1JLOjcDUtSc+xkt0xhYff7Z6ILTAHKmZLHPxAhOP0Nd77O+3nCsd6uSVYur6nJnCI029CrNbYlc0LoPfAPQg==
-  dependencies:
-    "@babel/types" "^7.8.3"
-
-"@babel/helper-member-expression-to-functions@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.8.3.tgz#659b710498ea6c1d9907e0c73f206eee7dadc24c"
-  integrity sha512-fO4Egq88utkQFjbPrSHGmGLFqmrshs11d46WI+WZDESt7Wu7wN2G2Iu+NMMZJFDOVRHAMIkB5SNh30NtwCA7RA==
-  dependencies:
-    "@babel/types" "^7.8.3"
-
-"@babel/helper-module-imports@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-module-imports/-/helper-module-imports-7.8.3.tgz#7fe39589b39c016331b6b8c3f441e8f0b1419498"
-  integrity sha512-R0Bx3jippsbAEtzkpZ/6FIiuzOURPcMjHp+Z6xPe6DtApDJx+w7UYyOLanZqO8+wKR9G10s/FmHXvxaMd9s6Kg==
-  dependencies:
-    "@babel/types" "^7.8.3"
-
-"@babel/helper-module-transforms@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.9.0.tgz#43b34dfe15961918707d247327431388e9fe96e5"
-  integrity sha512-0FvKyu0gpPfIQ8EkxlrAydOWROdHpBmiCiRwLkUiBGhCUPRRbVD2/tm3sFr/c/GWFrQ/ffutGUAnx7V0FzT2wA==
-  dependencies:
-    "@babel/helper-module-imports" "^7.8.3"
-    "@babel/helper-replace-supers" "^7.8.6"
-    "@babel/helper-simple-access" "^7.8.3"
-    "@babel/helper-split-export-declaration" "^7.8.3"
-    "@babel/template" "^7.8.6"
-    "@babel/types" "^7.9.0"
-    lodash "^4.17.13"
-
-"@babel/helper-optimise-call-expression@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.8.3.tgz#7ed071813d09c75298ef4f208956006b6111ecb9"
-  integrity sha512-Kag20n86cbO2AvHca6EJsvqAd82gc6VMGule4HwebwMlwkpXuVqrNRj6CkCV2sKxgi9MyAUnZVnZ6lJ1/vKhHQ==
-  dependencies:
-    "@babel/types" "^7.8.3"
-
-"@babel/helper-plugin-utils@^7.0.0", "@babel/helper-plugin-utils@^7.8.0", "@babel/helper-plugin-utils@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-plugin-utils/-/helper-plugin-utils-7.8.3.tgz#9ea293be19babc0f52ff8ca88b34c3611b208670"
-  integrity sha512-j+fq49Xds2smCUNYmEHF9kGNkhbet6yVIBp4e6oeQpH1RUs/Ir06xUKzDjDkGcaaokPiTNs2JBWHjaE4csUkZQ==
-
-"@babel/helper-regex@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-regex/-/helper-regex-7.8.3.tgz#139772607d51b93f23effe72105b319d2a4c6965"
-  integrity sha512-BWt0QtYv/cg/NecOAZMdcn/waj/5P26DR4mVLXfFtDokSR6fyuG0Pj+e2FqtSME+MqED1khnSMulkmGl8qWiUQ==
-  dependencies:
-    lodash "^4.17.13"
-
-"@babel/helper-remap-async-to-generator@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-remap-async-to-generator/-/helper-remap-async-to-generator-7.8.3.tgz#273c600d8b9bf5006142c1e35887d555c12edd86"
-  integrity sha512-kgwDmw4fCg7AVgS4DukQR/roGp+jP+XluJE5hsRZwxCYGg+Rv9wSGErDWhlI90FODdYfd4xG4AQRiMDjjN0GzA==
-  dependencies:
-    "@babel/helper-annotate-as-pure" "^7.8.3"
-    "@babel/helper-wrap-function" "^7.8.3"
-    "@babel/template" "^7.8.3"
-    "@babel/traverse" "^7.8.3"
-    "@babel/types" "^7.8.3"
-
-"@babel/helper-replace-supers@^7.8.3", "@babel/helper-replace-supers@^7.8.6":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.9.6.tgz#03149d7e6a5586ab6764996cd31d6981a17e1444"
-  integrity sha512-qX+chbxkbArLyCImk3bWV+jB5gTNU/rsze+JlcF6Nf8tVTigPJSI1o1oBow/9Resa1yehUO9lIipsmu9oG4RzA==
-  dependencies:
-    "@babel/helper-member-expression-to-functions" "^7.8.3"
-    "@babel/helper-optimise-call-expression" "^7.8.3"
-    "@babel/traverse" "^7.9.6"
-    "@babel/types" "^7.9.6"
-
-"@babel/helper-simple-access@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-simple-access/-/helper-simple-access-7.8.3.tgz#7f8109928b4dab4654076986af575231deb639ae"
-  integrity sha512-VNGUDjx5cCWg4vvCTR8qQ7YJYZ+HBjxOgXEl7ounz+4Sn7+LMD3CFrCTEU6/qXKbA2nKg21CwhhBzO0RpRbdCw==
-  dependencies:
-    "@babel/template" "^7.8.3"
-    "@babel/types" "^7.8.3"
-
-"@babel/helper-split-export-declaration@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.8.3.tgz#31a9f30070f91368a7182cf05f831781065fc7a9"
-  integrity sha512-3x3yOeyBhW851hroze7ElzdkeRXQYQbFIb7gLK1WQYsw2GWDay5gAJNw1sWJ0VFP6z5J1whqeXH/WCdCjZv6dA==
-  dependencies:
-    "@babel/types" "^7.8.3"
-
-"@babel/helper-validator-identifier@^7.9.0", "@babel/helper-validator-identifier@^7.9.5":
-  version "7.9.5"
-  resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.9.5.tgz#90977a8e6fbf6b431a7dc31752eee233bf052d80"
-  integrity sha512-/8arLKUFq882w4tWGj9JYzRpAlZgiWUJ+dtteNTDqrRBz9Iguck9Rn3ykuBDoUwh2TO4tSAJlrxDUOXWklJe4g==
-
-"@babel/helper-wrap-function@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/helper-wrap-function/-/helper-wrap-function-7.8.3.tgz#9dbdb2bb55ef14aaa01fe8c99b629bd5352d8610"
-  integrity sha512-LACJrbUET9cQDzb6kG7EeD7+7doC3JNvUgTEQOx2qaO1fKlzE/Bf05qs9w1oXQMmXlPO65lC3Tq9S6gZpTErEQ==
+"@babel/helper-define-map@^7.10.4":
+  version "7.10.5"
+  resolved "https://registry.yarnpkg.com/@babel/helper-define-map/-/helper-define-map-7.10.5.tgz#b53c10db78a640800152692b13393147acb9bb30"
+  integrity sha512-fMw4kgFB720aQFXSVaXr79pjjcW5puTCM16+rECJ/plGS+zByelE8l9nCpV1GibxTnFVmUuYG9U8wYfQHdzOEQ==
+  dependencies:
+    "@babel/helper-function-name" "^7.10.4"
+    "@babel/types" "^7.10.5"
+    lodash "^4.17.19"
+
+"@babel/helper-explode-assignable-expression@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-explode-assignable-expression/-/helper-explode-assignable-expression-7.10.4.tgz#40a1cd917bff1288f699a94a75b37a1a2dbd8c7c"
+  integrity sha512-4K71RyRQNPRrR85sr5QY4X3VwG4wtVoXZB9+L3r1Gp38DhELyHCtovqydRi7c1Ovb17eRGiQ/FD5s8JdU0Uy5A==
+  dependencies:
+    "@babel/traverse" "^7.10.4"
+    "@babel/types" "^7.10.4"
+
+"@babel/helper-function-name@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-function-name/-/helper-function-name-7.10.4.tgz#d2d3b20c59ad8c47112fa7d2a94bc09d5ef82f1a"
+  integrity sha512-YdaSyz1n8gY44EmN7x44zBn9zQ1Ry2Y+3GTA+3vH6Mizke1Vw0aWDM66FOYEPw8//qKkmqOckrGgTYa+6sceqQ==
   dependencies:
-    "@babel/helper-function-name" "^7.8.3"
-    "@babel/template" "^7.8.3"
-    "@babel/traverse" "^7.8.3"
-    "@babel/types" "^7.8.3"
-
-"@babel/helpers@^7.9.0", "@babel/helpers@^7.9.6":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.9.6.tgz#092c774743471d0bb6c7de3ad465ab3d3486d580"
-  integrity sha512-tI4bUbldloLcHWoRUMAj4g1bF313M/o6fBKhIsb3QnGVPwRm9JsNf/gqMkQ7zjqReABiffPV6RWj7hEglID5Iw==
-  dependencies:
-    "@babel/template" "^7.8.3"
-    "@babel/traverse" "^7.9.6"
-    "@babel/types" "^7.9.6"
-
-"@babel/highlight@^7.8.3":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/highlight/-/highlight-7.9.0.tgz#4e9b45ccb82b79607271b2979ad82c7b68163079"
-  integrity sha512-lJZPilxX7Op3Nv/2cvFdnlepPXDxi29wxteT57Q965oc5R9v86ztx0jfxVrTcBk8C2kcPkkDa2Z4T3ZsPPVWsQ==
-  dependencies:
-    "@babel/helper-validator-identifier" "^7.9.0"
+    "@babel/helper-get-function-arity" "^7.10.4"
+    "@babel/template" "^7.10.4"
+    "@babel/types" "^7.10.4"
+
+"@babel/helper-get-function-arity@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-get-function-arity/-/helper-get-function-arity-7.10.4.tgz#98c1cbea0e2332f33f9a4661b8ce1505b2c19ba2"
+  integrity sha512-EkN3YDB+SRDgiIUnNgcmiD361ti+AVbL3f3Henf6dqqUyr5dMsorno0lJWJuLhDhkI5sYEpgj6y9kB8AOU1I2A==
+  dependencies:
+    "@babel/types" "^7.10.4"
+
+"@babel/helper-hoist-variables@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-hoist-variables/-/helper-hoist-variables-7.10.4.tgz#d49b001d1d5a68ca5e6604dda01a6297f7c9381e"
+  integrity sha512-wljroF5PgCk2juF69kanHVs6vrLwIPNp6DLD+Lrl3hoQ3PpPPikaDRNFA+0t81NOoMt2DL6WW/mdU8k4k6ZzuA==
+  dependencies:
+    "@babel/types" "^7.10.4"
+
+"@babel/helper-member-expression-to-functions@^7.10.4":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.11.0.tgz#ae69c83d84ee82f4b42f96e2a09410935a8f26df"
+  integrity sha512-JbFlKHFntRV5qKw3YC0CvQnDZ4XMwgzzBbld7Ly4Mj4cbFy3KywcR8NtNctRToMWJOVvLINJv525Gd6wwVEx/Q==
+  dependencies:
+    "@babel/types" "^7.11.0"
+
+"@babel/helper-module-imports@^7.10.4", "@babel/helper-module-imports@^7.8.3":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-module-imports/-/helper-module-imports-7.10.4.tgz#4c5c54be04bd31670a7382797d75b9fa2e5b5620"
+  integrity sha512-nEQJHqYavI217oD9+s5MUBzk6x1IlvoS9WTPfgG43CbMEeStE0v+r+TucWdx8KFGowPGvyOkDT9+7DHedIDnVw==
+  dependencies:
+    "@babel/types" "^7.10.4"
+
+"@babel/helper-module-transforms@^7.10.4", "@babel/helper-module-transforms@^7.10.5", "@babel/helper-module-transforms@^7.11.0", "@babel/helper-module-transforms@^7.9.0":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.11.0.tgz#b16f250229e47211abdd84b34b64737c2ab2d359"
+  integrity sha512-02EVu8COMuTRO1TAzdMtpBPbe6aQ1w/8fePD2YgQmxZU4gpNWaL9gK3Jp7dxlkUlUCJOTaSeA+Hrm1BRQwqIhg==
+  dependencies:
+    "@babel/helper-module-imports" "^7.10.4"
+    "@babel/helper-replace-supers" "^7.10.4"
+    "@babel/helper-simple-access" "^7.10.4"
+    "@babel/helper-split-export-declaration" "^7.11.0"
+    "@babel/template" "^7.10.4"
+    "@babel/types" "^7.11.0"
+    lodash "^4.17.19"
+
+"@babel/helper-optimise-call-expression@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.10.4.tgz#50dc96413d594f995a77905905b05893cd779673"
+  integrity sha512-n3UGKY4VXwXThEiKrgRAoVPBMqeoPgHVqiHZOanAJCG9nQUL2pLRQirUzl0ioKclHGpGqRgIOkgcIJaIWLpygg==
+  dependencies:
+    "@babel/types" "^7.10.4"
+
+"@babel/helper-plugin-utils@^7.0.0", "@babel/helper-plugin-utils@^7.10.4", "@babel/helper-plugin-utils@^7.8.0", "@babel/helper-plugin-utils@^7.8.3":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-plugin-utils/-/helper-plugin-utils-7.10.4.tgz#2f75a831269d4f677de49986dff59927533cf375"
+  integrity sha512-O4KCvQA6lLiMU9l2eawBPMf1xPP8xPfB3iEQw150hOVTqj/rfXz0ThTb4HEzqQfs2Bmo5Ay8BzxfzVtBrr9dVg==
+
+"@babel/helper-regex@^7.10.4":
+  version "7.10.5"
+  resolved "https://registry.yarnpkg.com/@babel/helper-regex/-/helper-regex-7.10.5.tgz#32dfbb79899073c415557053a19bd055aae50ae0"
+  integrity sha512-68kdUAzDrljqBrio7DYAEgCoJHxppJOERHOgOrDN7WjOzP0ZQ1LsSDRXcemzVZaLvjaJsJEESb6qt+znNuENDg==
+  dependencies:
+    lodash "^4.17.19"
+
+"@babel/helper-remap-async-to-generator@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-remap-async-to-generator/-/helper-remap-async-to-generator-7.10.4.tgz#fce8bea4e9690bbe923056ded21e54b4e8b68ed5"
+  integrity sha512-86Lsr6NNw3qTNl+TBcF1oRZMaVzJtbWTyTko+CQL/tvNvcGYEFKbLXDPxtW0HKk3McNOk4KzY55itGWCAGK5tg==
+  dependencies:
+    "@babel/helper-annotate-as-pure" "^7.10.4"
+    "@babel/helper-wrap-function" "^7.10.4"
+    "@babel/template" "^7.10.4"
+    "@babel/traverse" "^7.10.4"
+    "@babel/types" "^7.10.4"
+
+"@babel/helper-replace-supers@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.10.4.tgz#d585cd9388ea06e6031e4cd44b6713cbead9e6cf"
+  integrity sha512-sPxZfFXocEymYTdVK1UNmFPBN+Hv5mJkLPsYWwGBxZAxaWfFu+xqp7b6qWD0yjNuNL2VKc6L5M18tOXUP7NU0A==
+  dependencies:
+    "@babel/helper-member-expression-to-functions" "^7.10.4"
+    "@babel/helper-optimise-call-expression" "^7.10.4"
+    "@babel/traverse" "^7.10.4"
+    "@babel/types" "^7.10.4"
+
+"@babel/helper-simple-access@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-simple-access/-/helper-simple-access-7.10.4.tgz#0f5ccda2945277a2a7a2d3a821e15395edcf3461"
+  integrity sha512-0fMy72ej/VEvF8ULmX6yb5MtHG4uH4Dbd6I/aHDb/JVg0bbivwt9Wg+h3uMvX+QSFtwr5MeItvazbrc4jtRAXw==
+  dependencies:
+    "@babel/template" "^7.10.4"
+    "@babel/types" "^7.10.4"
+
+"@babel/helper-skip-transparent-expression-wrappers@^7.11.0":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/helper-skip-transparent-expression-wrappers/-/helper-skip-transparent-expression-wrappers-7.11.0.tgz#eec162f112c2f58d3af0af125e3bb57665146729"
+  integrity sha512-0XIdiQln4Elglgjbwo9wuJpL/K7AGCY26kmEt0+pRP0TAj4jjyNq1MjoRvikrTVqKcx4Gysxt4cXvVFXP/JO2Q==
+  dependencies:
+    "@babel/types" "^7.11.0"
+
+"@babel/helper-split-export-declaration@^7.10.4", "@babel/helper-split-export-declaration@^7.11.0":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/helper-split-export-declaration/-/helper-split-export-declaration-7.11.0.tgz#f8a491244acf6a676158ac42072911ba83ad099f"
+  integrity sha512-74Vejvp6mHkGE+m+k5vHY93FX2cAtrw1zXrZXRlG4l410Nm9PxfEiVTn1PjDPV5SnmieiueY4AFg2xqhNFuuZg==
+  dependencies:
+    "@babel/types" "^7.11.0"
+
+"@babel/helper-validator-identifier@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.10.4.tgz#a78c7a7251e01f616512d31b10adcf52ada5e0d2"
+  integrity sha512-3U9y+43hz7ZM+rzG24Qe2mufW5KhvFg/NhnNph+i9mgCtdTCtMJuI1TMkrIUiK7Ix4PYlRF9I5dhqaLYA/ADXw==
+
+"@babel/helper-wrap-function@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-wrap-function/-/helper-wrap-function-7.10.4.tgz#8a6f701eab0ff39f765b5a1cfef409990e624b87"
+  integrity sha512-6py45WvEF0MhiLrdxtRjKjufwLL1/ob2qDJgg5JgNdojBAZSAKnAjkyOCNug6n+OBl4VW76XjvgSFTdaMcW0Ug==
+  dependencies:
+    "@babel/helper-function-name" "^7.10.4"
+    "@babel/template" "^7.10.4"
+    "@babel/traverse" "^7.10.4"
+    "@babel/types" "^7.10.4"
+
+"@babel/helpers@^7.10.4", "@babel/helpers@^7.9.0":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.10.4.tgz#2abeb0d721aff7c0a97376b9e1f6f65d7a475044"
+  integrity sha512-L2gX/XeUONeEbI78dXSrJzGdz4GQ+ZTA/aazfUsFaWjSe95kiCuOZ5HsXvkiw3iwF+mFHSRUfJU8t6YavocdXA==
+  dependencies:
+    "@babel/template" "^7.10.4"
+    "@babel/traverse" "^7.10.4"
+    "@babel/types" "^7.10.4"
+
+"@babel/highlight@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/highlight/-/highlight-7.10.4.tgz#7d1bdfd65753538fabe6c38596cdb76d9ac60143"
+  integrity sha512-i6rgnR/YgPEQzZZnbTHHuZdlE8qyoBNalD6F+q4vAFlcMEcqmkoG+mPqJYJCo63qPf74+Y1UZsl3l6f7/RIkmA==
+  dependencies:
+    "@babel/helper-validator-identifier" "^7.10.4"
     chalk "^2.0.0"
     js-tokens "^4.0.0"
 
-"@babel/parser@^7.8.6", "@babel/parser@^7.9.0", "@babel/parser@^7.9.6":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.9.6.tgz#3b1bbb30dabe600cd72db58720998376ff653bc7"
-  integrity sha512-AoeIEJn8vt+d/6+PXDRPaksYhnlbMIiejioBZvvMQsOjW/JYK6k/0dKnvvP3EhK5GfMBWDPtrxRtegWdAcdq9Q==
+"@babel/parser@^7.10.4", "@babel/parser@^7.11.0", "@babel/parser@^7.11.1", "@babel/parser@^7.8.6", "@babel/parser@^7.9.0":
+  version "7.11.3"
+  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.11.3.tgz#9e1eae46738bcd08e23e867bab43e7b95299a8f9"
+  integrity sha512-REo8xv7+sDxkKvoxEywIdsNFiZLybwdI7hcT5uEPyQrSMB4YQ973BfC9OOrD/81MaIjh6UxdulIQXkjmiH3PcA==
 
 "@babel/plugin-proposal-async-generator-functions@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-async-generator-functions/-/plugin-proposal-async-generator-functions-7.8.3.tgz#bad329c670b382589721b27540c7d288601c6e6f"
-  integrity sha512-NZ9zLv848JsV3hs8ryEh7Uaz/0KsmPLqv0+PdkDJL1cJy0K4kOCFa8zc1E3mp+RHPQcpdfb/6GovEsW4VDrOMw==
+  version "7.10.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-async-generator-functions/-/plugin-proposal-async-generator-functions-7.10.5.tgz#3491cabf2f7c179ab820606cec27fed15e0e8558"
+  integrity sha512-cNMCVezQbrRGvXJwm9fu/1sJj9bHdGAgKodZdLqOQIpfoH3raqmRPBM17+lh7CzhiKRRBrGtZL9WcjxSoGYUSg==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
-    "@babel/helper-remap-async-to-generator" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/helper-remap-async-to-generator" "^7.10.4"
     "@babel/plugin-syntax-async-generators" "^7.8.0"
 
 "@babel/plugin-proposal-dynamic-import@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-dynamic-import/-/plugin-proposal-dynamic-import-7.8.3.tgz#38c4fe555744826e97e2ae930b0fb4cc07e66054"
-  integrity sha512-NyaBbyLFXFLT9FP+zk0kYlUlA8XtCUbehs67F0nnEg7KICgMc2mNkIeu9TYhKzyXMkrapZFwAhXLdnt4IYHy1w==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-dynamic-import/-/plugin-proposal-dynamic-import-7.10.4.tgz#ba57a26cb98b37741e9d5bca1b8b0ddf8291f17e"
+  integrity sha512-up6oID1LeidOOASNXgv/CFbgBqTuKJ0cJjz6An5tWD+NVBNlp3VNSBxv2ZdU7SYl3NxJC7agAQDApZusV6uFwQ==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-dynamic-import" "^7.8.0"
 
 "@babel/plugin-proposal-json-strings@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-json-strings/-/plugin-proposal-json-strings-7.8.3.tgz#da5216b238a98b58a1e05d6852104b10f9a70d6b"
-  integrity sha512-KGhQNZ3TVCQG/MjRbAUwuH+14y9q0tpxs1nWWs3pbSleRdDro9SAMMDyye8HhY1gqZ7/NqIc8SKhya0wRDgP1Q==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-json-strings/-/plugin-proposal-json-strings-7.10.4.tgz#593e59c63528160233bd321b1aebe0820c2341db"
+  integrity sha512-fCL7QF0Jo83uy1K0P2YXrfX11tj3lkpN7l4dMv9Y9VkowkhkQDwFHFd8IiwyK5MZjE8UpbgokkgtcReH88Abaw==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-json-strings" "^7.8.0"
 
 "@babel/plugin-proposal-nullish-coalescing-operator@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-nullish-coalescing-operator/-/plugin-proposal-nullish-coalescing-operator-7.8.3.tgz#e4572253fdeed65cddeecfdab3f928afeb2fd5d2"
-  integrity sha512-TS9MlfzXpXKt6YYomudb/KU7nQI6/xnapG6in1uZxoxDghuSMZsPb6D2fyUwNYSAp4l1iR7QtFOjkqcRYcUsfw==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-nullish-coalescing-operator/-/plugin-proposal-nullish-coalescing-operator-7.10.4.tgz#02a7e961fc32e6d5b2db0649e01bf80ddee7e04a"
+  integrity sha512-wq5n1M3ZUlHl9sqT2ok1T2/MTt6AXE0e1Lz4WzWBr95LsAZ5qDXe4KnFuauYyEyLiohvXFMdbsOTMyLZs91Zlw==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-nullish-coalescing-operator" "^7.8.0"
 
 "@babel/plugin-proposal-numeric-separator@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-numeric-separator/-/plugin-proposal-numeric-separator-7.8.3.tgz#5d6769409699ec9b3b68684cd8116cedff93bad8"
-  integrity sha512-jWioO1s6R/R+wEHizfaScNsAx+xKgwTLNXSh7tTC4Usj3ItsPEhYkEpU4h+lpnBwq7NBVOJXfO6cRFYcX69JUQ==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-numeric-separator/-/plugin-proposal-numeric-separator-7.10.4.tgz#ce1590ff0a65ad12970a609d78855e9a4c1aef06"
+  integrity sha512-73/G7QoRoeNkLZFxsoCCvlg4ezE4eM+57PnOqgaPOozd5myfj7p0muD1mRVJvbUWbOzD+q3No2bWbaKy+DJ8DA==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
-    "@babel/plugin-syntax-numeric-separator" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/plugin-syntax-numeric-separator" "^7.10.4"
 
 "@babel/plugin-proposal-object-rest-spread@^7.9.0":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.9.6.tgz#7a093586fcb18b08266eb1a7177da671ac575b63"
-  integrity sha512-Ga6/fhGqA9Hj+y6whNpPv8psyaK5xzrQwSPsGPloVkvmH+PqW1ixdnfJ9uIO06OjQNYol3PMnfmJ8vfZtkzF+A==
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.11.0.tgz#bd81f95a1f746760ea43b6c2d3d62b11790ad0af"
+  integrity sha512-wzch41N4yztwoRw0ak+37wxwJM2oiIiy6huGCoqkvSTA9acYWcPfn9Y4aJqmFFJ70KTJUu29f3DQ43uJ9HXzEA==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-object-rest-spread" "^7.8.0"
-    "@babel/plugin-transform-parameters" "^7.9.5"
+    "@babel/plugin-transform-parameters" "^7.10.4"
 
 "@babel/plugin-proposal-optional-catch-binding@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-optional-catch-binding/-/plugin-proposal-optional-catch-binding-7.8.3.tgz#9dee96ab1650eed88646ae9734ca167ac4a9c5c9"
-  integrity sha512-0gkX7J7E+AtAw9fcwlVQj8peP61qhdg/89D5swOkjYbkboA2CVckn3kiyum1DE0wskGb7KJJxBdyEBApDLLVdw==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-optional-catch-binding/-/plugin-proposal-optional-catch-binding-7.10.4.tgz#31c938309d24a78a49d68fdabffaa863758554dd"
+  integrity sha512-LflT6nPh+GK2MnFiKDyLiqSqVHkQnVf7hdoAvyTnnKj9xB3docGRsdPuxp6qqqW19ifK3xgc9U5/FwrSaCNX5g==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-optional-catch-binding" "^7.8.0"
 
 "@babel/plugin-proposal-optional-chaining@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-optional-chaining/-/plugin-proposal-optional-chaining-7.9.0.tgz#31db16b154c39d6b8a645292472b98394c292a58"
-  integrity sha512-NDn5tu3tcv4W30jNhmc2hyD5c56G6cXx4TesJubhxrJeCvuuMpttxr0OnNCqbZGhFjLrg+NIhxxC+BK5F6yS3w==
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-optional-chaining/-/plugin-proposal-optional-chaining-7.11.0.tgz#de5866d0646f6afdaab8a566382fe3a221755076"
+  integrity sha512-v9fZIu3Y8562RRwhm1BbMRxtqZNFmFA2EG+pT2diuU8PT3H6T/KXoZ54KgYisfOFZHV6PfvAiBIZ9Rcz+/JCxA==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/helper-skip-transparent-expression-wrappers" "^7.11.0"
     "@babel/plugin-syntax-optional-chaining" "^7.8.0"
 
 "@babel/plugin-proposal-unicode-property-regex@^7.4.4", "@babel/plugin-proposal-unicode-property-regex@^7.8.3":
-  version "7.8.8"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-unicode-property-regex/-/plugin-proposal-unicode-property-regex-7.8.8.tgz#ee3a95e90cdc04fe8cd92ec3279fa017d68a0d1d"
-  integrity sha512-EVhjVsMpbhLw9ZfHWSx2iy13Q8Z/eg8e8ccVWt23sWQK5l1UdkoLJPN5w69UA4uITGBnEZD2JOe4QOHycYKv8A==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-unicode-property-regex/-/plugin-proposal-unicode-property-regex-7.10.4.tgz#4483cda53041ce3413b7fe2f00022665ddfaa75d"
+  integrity sha512-H+3fOgPnEXFL9zGYtKQe4IDOPKYlZdF1kqFDQRRb8PK4B8af1vAGK04tF5iQAAsui+mHNBQSAtd2/ndEDe9wuA==
   dependencies:
-    "@babel/helper-create-regexp-features-plugin" "^7.8.8"
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-create-regexp-features-plugin" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-syntax-async-generators@^7.8.0":
   version "7.8.4"
@@ -586,12 +593,12 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.8.0"
 
-"@babel/plugin-syntax-numeric-separator@^7.8.0", "@babel/plugin-syntax-numeric-separator@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.8.3.tgz#0e3fb63e09bea1b11e96467271c8308007e7c41f"
-  integrity sha512-H7dCMAdN83PcCmqmkHB5dtp+Xa9a6LKSvA2hiFBC/5alSHxM5VgWZXFqDi0YFe8XNGT6iCa+z4V4zSt/PdZ7Dw==
+"@babel/plugin-syntax-numeric-separator@^7.10.4", "@babel/plugin-syntax-numeric-separator@^7.8.0":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz#b9b070b3e33570cd9fd07ba7fa91c0dd37b9af97"
+  integrity sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-syntax-object-rest-spread@^7.8.0":
   version "7.8.3"
@@ -615,255 +622,255 @@
     "@babel/helper-plugin-utils" "^7.8.0"
 
 "@babel/plugin-syntax-top-level-await@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.8.3.tgz#3acdece695e6b13aaf57fc291d1a800950c71391"
-  integrity sha512-kwj1j9lL/6Wd0hROD3b/OZZ7MSrZLqqn9RAZ5+cYYsflQ9HZBIKCUkr3+uL1MEJ1NePiUbf98jjiMQSv0NMR9g==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.10.4.tgz#4bbeb8917b54fcf768364e0a81f560e33a3ef57d"
+  integrity sha512-ni1brg4lXEmWyafKr0ccFWkJG0CeMt4WV1oyeBW6EFObF4oOHclbkj5cARxAPQyAQ2UTuplJyK4nfkXIMMFvsQ==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-arrow-functions@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-arrow-functions/-/plugin-transform-arrow-functions-7.8.3.tgz#82776c2ed0cd9e1a49956daeb896024c9473b8b6"
-  integrity sha512-0MRF+KC8EqH4dbuITCWwPSzsyO3HIWWlm30v8BbbpOrS1B++isGxPnnuq/IZvOX5J2D/p7DQalQm+/2PnlKGxg==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-arrow-functions/-/plugin-transform-arrow-functions-7.10.4.tgz#e22960d77e697c74f41c501d44d73dbf8a6a64cd"
+  integrity sha512-9J/oD1jV0ZCBcgnoFWFq1vJd4msoKb/TCpGNFyyLt0zABdcvgK3aYikZ8HjzB14c26bc7E3Q1yugpwGy2aTPNA==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-async-to-generator@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.8.3.tgz#4308fad0d9409d71eafb9b1a6ee35f9d64b64086"
-  integrity sha512-imt9tFLD9ogt56Dd5CI/6XgpukMwd/fLGSrix2httihVe7LOGVPhyhMh1BU5kDM7iHD08i8uUtmV2sWaBFlHVQ==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.10.4.tgz#41a5017e49eb6f3cda9392a51eef29405b245a37"
+  integrity sha512-F6nREOan7J5UXTLsDsZG3DXmZSVofr2tGNwfdrVwkDWHfQckbQXnXSPfD7iO+c/2HGqycwyLST3DnZ16n+cBJQ==
   dependencies:
-    "@babel/helper-module-imports" "^7.8.3"
-    "@babel/helper-plugin-utils" "^7.8.3"
-    "@babel/helper-remap-async-to-generator" "^7.8.3"
+    "@babel/helper-module-imports" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/helper-remap-async-to-generator" "^7.10.4"
 
 "@babel/plugin-transform-block-scoped-functions@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoped-functions/-/plugin-transform-block-scoped-functions-7.8.3.tgz#437eec5b799b5852072084b3ae5ef66e8349e8a3"
-  integrity sha512-vo4F2OewqjbB1+yaJ7k2EJFHlTP3jR634Z9Cj9itpqNjuLXvhlVxgnjsHsdRgASR8xYDrx6onw4vW5H6We0Jmg==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoped-functions/-/plugin-transform-block-scoped-functions-7.10.4.tgz#1afa595744f75e43a91af73b0d998ecfe4ebc2e8"
+  integrity sha512-WzXDarQXYYfjaV1szJvN3AD7rZgZzC1JtjJZ8dMHUyiK8mxPRahynp14zzNjU3VkPqPsO38CzxiWO1c9ARZ8JA==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-block-scoping@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.8.3.tgz#97d35dab66857a437c166358b91d09050c868f3a"
-  integrity sha512-pGnYfm7RNRgYRi7bids5bHluENHqJhrV4bCZRwc5GamaWIIs07N4rZECcmJL6ZClwjDz1GbdMZFtPs27hTB06w==
+  version "7.11.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.11.1.tgz#5b7efe98852bef8d652c0b28144cd93a9e4b5215"
+  integrity sha512-00dYeDE0EVEHuuM+26+0w/SCL0BH2Qy7LwHuI4Hi4MH5gkC8/AqMN5uWFJIsoXZrAphiMm1iXzBw6L2T+eA0ew==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
-    lodash "^4.17.13"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-classes@^7.9.0":
-  version "7.9.5"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-classes/-/plugin-transform-classes-7.9.5.tgz#800597ddb8aefc2c293ed27459c1fcc935a26c2c"
-  integrity sha512-x2kZoIuLC//O5iA7PEvecB105o7TLzZo8ofBVhP79N+DO3jaX+KYfww9TQcfBEZD0nikNyYcGB1IKtRq36rdmg==
-  dependencies:
-    "@babel/helper-annotate-as-pure" "^7.8.3"
-    "@babel/helper-define-map" "^7.8.3"
-    "@babel/helper-function-name" "^7.9.5"
-    "@babel/helper-optimise-call-expression" "^7.8.3"
-    "@babel/helper-plugin-utils" "^7.8.3"
-    "@babel/helper-replace-supers" "^7.8.6"
-    "@babel/helper-split-export-declaration" "^7.8.3"
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-classes/-/plugin-transform-classes-7.10.4.tgz#405136af2b3e218bc4a1926228bc917ab1a0adc7"
+  integrity sha512-2oZ9qLjt161dn1ZE0Ms66xBncQH4In8Sqw1YWgBUZuGVJJS5c0OFZXL6dP2MRHrkU/eKhWg8CzFJhRQl50rQxA==
+  dependencies:
+    "@babel/helper-annotate-as-pure" "^7.10.4"
+    "@babel/helper-define-map" "^7.10.4"
+    "@babel/helper-function-name" "^7.10.4"
+    "@babel/helper-optimise-call-expression" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/helper-replace-supers" "^7.10.4"
+    "@babel/helper-split-export-declaration" "^7.10.4"
     globals "^11.1.0"
 
 "@babel/plugin-transform-computed-properties@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-computed-properties/-/plugin-transform-computed-properties-7.8.3.tgz#96d0d28b7f7ce4eb5b120bb2e0e943343c86f81b"
-  integrity sha512-O5hiIpSyOGdrQZRQ2ccwtTVkgUDBBiCuK//4RJ6UfePllUTCENOzKxfh6ulckXKc0DixTFLCfb2HVkNA7aDpzA==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-computed-properties/-/plugin-transform-computed-properties-7.10.4.tgz#9ded83a816e82ded28d52d4b4ecbdd810cdfc0eb"
+  integrity sha512-JFwVDXcP/hM/TbyzGq3l/XWGut7p46Z3QvqFMXTfk6/09m7xZHJUN9xHfsv7vqqD4YnfI5ueYdSJtXqqBLyjBw==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-destructuring@^7.8.3":
-  version "7.9.5"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.9.5.tgz#72c97cf5f38604aea3abf3b935b0e17b1db76a50"
-  integrity sha512-j3OEsGel8nHL/iusv/mRd5fYZ3DrOxWC82x0ogmdN/vHfAP4MYw+AFKYanzWlktNwikKvlzUV//afBW5FTp17Q==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.10.4.tgz#70ddd2b3d1bea83d01509e9bb25ddb3a74fc85e5"
+  integrity sha512-+WmfvyfsyF603iPa6825mq6Qrb7uLjTOsa3XOFzlYcYDHSS4QmpOWOL0NNBY5qMbvrcf3tq0Cw+v4lxswOBpgA==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-dotall-regex@^7.4.4", "@babel/plugin-transform-dotall-regex@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.8.3.tgz#c3c6ec5ee6125c6993c5cbca20dc8621a9ea7a6e"
-  integrity sha512-kLs1j9Nn4MQoBYdRXH6AeaXMbEJFaFu/v1nQkvib6QzTj8MZI5OQzqmD83/2jEM1z0DLilra5aWO5YpyC0ALIw==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.10.4.tgz#469c2062105c1eb6a040eaf4fac4b488078395ee"
+  integrity sha512-ZEAVvUTCMlMFAbASYSVQoxIbHm2OkG2MseW6bV2JjIygOjdVv8tuxrCTzj1+Rynh7ODb8GivUy7dzEXzEhuPaA==
   dependencies:
-    "@babel/helper-create-regexp-features-plugin" "^7.8.3"
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-create-regexp-features-plugin" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-duplicate-keys@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-duplicate-keys/-/plugin-transform-duplicate-keys-7.8.3.tgz#8d12df309aa537f272899c565ea1768e286e21f1"
-  integrity sha512-s8dHiBUbcbSgipS4SMFuWGqCvyge5V2ZeAWzR6INTVC3Ltjig/Vw1G2Gztv0vU/hRG9X8IvKvYdoksnUfgXOEQ==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-duplicate-keys/-/plugin-transform-duplicate-keys-7.10.4.tgz#697e50c9fee14380fe843d1f306b295617431e47"
+  integrity sha512-GL0/fJnmgMclHiBTTWXNlYjYsA7rDrtsazHG6mglaGSTh0KsrW04qml+Bbz9FL0LcJIRwBWL5ZqlNHKTkU3xAA==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-exponentiation-operator@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.8.3.tgz#581a6d7f56970e06bf51560cd64f5e947b70d7b7"
-  integrity sha512-zwIpuIymb3ACcInbksHaNcR12S++0MDLKkiqXHl3AzpgdKlFNhog+z/K0+TGW+b0w5pgTq4H6IwV/WhxbGYSjQ==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.10.4.tgz#5ae338c57f8cf4001bdb35607ae66b92d665af2e"
+  integrity sha512-S5HgLVgkBcRdyQAHbKj+7KyuWx8C6t5oETmUuwz1pt3WTWJhsUV0WIIXuVvfXMxl/QQyHKlSCNNtaIamG8fysw==
   dependencies:
-    "@babel/helper-builder-binary-assignment-operator-visitor" "^7.8.3"
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-builder-binary-assignment-operator-visitor" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-for-of@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.9.0.tgz#0f260e27d3e29cd1bb3128da5e76c761aa6c108e"
-  integrity sha512-lTAnWOpMwOXpyDx06N+ywmF3jNbafZEqZ96CGYabxHrxNX8l5ny7dt4bK/rGwAh9utyP2b2Hv7PlZh1AAS54FQ==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.10.4.tgz#c08892e8819d3a5db29031b115af511dbbfebae9"
+  integrity sha512-ItdQfAzu9AlEqmusA/65TqJ79eRcgGmpPPFvBnGILXZH975G0LNjP1yjHvGgfuCxqrPPueXOPe+FsvxmxKiHHQ==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-function-name@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-function-name/-/plugin-transform-function-name-7.8.3.tgz#279373cb27322aaad67c2683e776dfc47196ed8b"
-  integrity sha512-rO/OnDS78Eifbjn5Py9v8y0aR+aSYhDhqAwVfsTl0ERuMZyr05L1aFSCJnbv2mmsLkit/4ReeQ9N2BgLnOcPCQ==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-function-name/-/plugin-transform-function-name-7.10.4.tgz#6a467880e0fc9638514ba369111811ddbe2644b7"
+  integrity sha512-OcDCq2y5+E0dVD5MagT5X+yTRbcvFjDI2ZVAottGH6tzqjx/LKpgkUepu3hp/u4tZBzxxpNGwLsAvGBvQ2mJzg==
   dependencies:
-    "@babel/helper-function-name" "^7.8.3"
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-function-name" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-literals@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-literals/-/plugin-transform-literals-7.8.3.tgz#aef239823d91994ec7b68e55193525d76dbd5dc1"
-  integrity sha512-3Tqf8JJ/qB7TeldGl+TT55+uQei9JfYaregDcEAyBZ7akutriFrt6C/wLYIer6OYhleVQvH/ntEhjE/xMmy10A==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-literals/-/plugin-transform-literals-7.10.4.tgz#9f42ba0841100a135f22712d0e391c462f571f3c"
+  integrity sha512-Xd/dFSTEVuUWnyZiMu76/InZxLTYilOSr1UlHV+p115Z/Le2Fi1KXkJUYz0b42DfndostYlPub3m8ZTQlMaiqQ==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-member-expression-literals@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-member-expression-literals/-/plugin-transform-member-expression-literals-7.8.3.tgz#963fed4b620ac7cbf6029c755424029fa3a40410"
-  integrity sha512-3Wk2EXhnw+rP+IDkK6BdtPKsUE5IeZ6QOGrPYvw52NwBStw9V1ZVzxgK6fSKSxqUvH9eQPR3tm3cOq79HlsKYA==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-member-expression-literals/-/plugin-transform-member-expression-literals-7.10.4.tgz#b1ec44fcf195afcb8db2c62cd8e551c881baf8b7"
+  integrity sha512-0bFOvPyAoTBhtcJLr9VcwZqKmSjFml1iVxvPL0ReomGU53CX53HsM4h2SzckNdkQcHox1bpAqzxBI1Y09LlBSw==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-modules-amd@^7.9.0":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.9.6.tgz#8539ec42c153d12ea3836e0e3ac30d5aae7b258e"
-  integrity sha512-zoT0kgC3EixAyIAU+9vfaUVKTv9IxBDSabgHoUCBP6FqEJ+iNiN7ip7NBKcYqbfUDfuC2mFCbM7vbu4qJgOnDw==
+  version "7.10.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.10.5.tgz#1b9cddaf05d9e88b3aad339cb3e445c4f020a9b1"
+  integrity sha512-elm5uruNio7CTLFItVC/rIzKLfQ17+fX7EVz5W0TMgIHFo1zY0Ozzx+lgwhL4plzl8OzVn6Qasx5DeEFyoNiRw==
   dependencies:
-    "@babel/helper-module-transforms" "^7.9.0"
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-module-transforms" "^7.10.5"
+    "@babel/helper-plugin-utils" "^7.10.4"
     babel-plugin-dynamic-import-node "^2.3.3"
 
 "@babel/plugin-transform-modules-commonjs@^7.9.0":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.9.6.tgz#64b7474a4279ee588cacd1906695ca721687c277"
-  integrity sha512-7H25fSlLcn+iYimmsNe3uK1at79IE6SKW9q0/QeEHTMC9MdOZ+4bA+T1VFB5fgOqBWoqlifXRzYD0JPdmIrgSQ==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.10.4.tgz#66667c3eeda1ebf7896d41f1f16b17105a2fbca0"
+  integrity sha512-Xj7Uq5o80HDLlW64rVfDBhao6OX89HKUmb+9vWYaLXBZOma4gA6tw4Ni1O5qVDoZWUV0fxMYA0aYzOawz0l+1w==
   dependencies:
-    "@babel/helper-module-transforms" "^7.9.0"
-    "@babel/helper-plugin-utils" "^7.8.3"
-    "@babel/helper-simple-access" "^7.8.3"
+    "@babel/helper-module-transforms" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/helper-simple-access" "^7.10.4"
     babel-plugin-dynamic-import-node "^2.3.3"
 
 "@babel/plugin-transform-modules-systemjs@^7.9.0":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.9.6.tgz#207f1461c78a231d5337a92140e52422510d81a4"
-  integrity sha512-NW5XQuW3N2tTHim8e1b7qGy7s0kZ2OH3m5octc49K1SdAKGxYxeIx7hiIz05kS1R2R+hOWcsr1eYwcGhrdHsrg==
+  version "7.10.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.10.5.tgz#6270099c854066681bae9e05f87e1b9cadbe8c85"
+  integrity sha512-f4RLO/OL14/FP1AEbcsWMzpbUz6tssRaeQg11RH1BP/XnPpRoVwgeYViMFacnkaw4k4wjRSjn3ip1Uw9TaXuMw==
   dependencies:
-    "@babel/helper-hoist-variables" "^7.8.3"
-    "@babel/helper-module-transforms" "^7.9.0"
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-hoist-variables" "^7.10.4"
+    "@babel/helper-module-transforms" "^7.10.5"
+    "@babel/helper-plugin-utils" "^7.10.4"
     babel-plugin-dynamic-import-node "^2.3.3"
 
 "@babel/plugin-transform-modules-umd@^7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-umd/-/plugin-transform-modules-umd-7.9.0.tgz#e909acae276fec280f9b821a5f38e1f08b480697"
-  integrity sha512-uTWkXkIVtg/JGRSIABdBoMsoIeoHQHPTL0Y2E7xf5Oj7sLqwVsNXOkNk0VJc7vF0IMBsPeikHxFjGe+qmwPtTQ==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-umd/-/plugin-transform-modules-umd-7.10.4.tgz#9a8481fe81b824654b3a0b65da3df89f3d21839e"
+  integrity sha512-mohW5q3uAEt8T45YT7Qc5ws6mWgJAaL/8BfWD9Dodo1A3RKWli8wTS+WiQ/knF+tXlPirW/1/MqzzGfCExKECA==
   dependencies:
-    "@babel/helper-module-transforms" "^7.9.0"
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-module-transforms" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-named-capturing-groups-regex@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-named-capturing-groups-regex/-/plugin-transform-named-capturing-groups-regex-7.8.3.tgz#a2a72bffa202ac0e2d0506afd0939c5ecbc48c6c"
-  integrity sha512-f+tF/8UVPU86TrCb06JoPWIdDpTNSGGcAtaD9mLP0aYGA0OS0j7j7DHJR0GTFrUZPUU6loZhbsVZgTh0N+Qdnw==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-named-capturing-groups-regex/-/plugin-transform-named-capturing-groups-regex-7.10.4.tgz#78b4d978810b6f3bcf03f9e318f2fc0ed41aecb6"
+  integrity sha512-V6LuOnD31kTkxQPhKiVYzYC/Jgdq53irJC/xBSmqcNcqFGV+PER4l6rU5SH2Vl7bH9mLDHcc0+l9HUOe4RNGKA==
   dependencies:
-    "@babel/helper-create-regexp-features-plugin" "^7.8.3"
+    "@babel/helper-create-regexp-features-plugin" "^7.10.4"
 
 "@babel/plugin-transform-new-target@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-new-target/-/plugin-transform-new-target-7.8.3.tgz#60cc2ae66d85c95ab540eb34babb6434d4c70c43"
-  integrity sha512-QuSGysibQpyxexRyui2vca+Cmbljo8bcRckgzYV4kRIsHpVeyeC3JDO63pY+xFZ6bWOBn7pfKZTqV4o/ix9sFw==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-new-target/-/plugin-transform-new-target-7.10.4.tgz#9097d753cb7b024cb7381a3b2e52e9513a9c6888"
+  integrity sha512-YXwWUDAH/J6dlfwqlWsztI2Puz1NtUAubXhOPLQ5gjR/qmQ5U96DY4FQO8At33JN4XPBhrjB8I4eMmLROjjLjw==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-object-super@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-object-super/-/plugin-transform-object-super-7.8.3.tgz#ebb6a1e7a86ffa96858bd6ac0102d65944261725"
-  integrity sha512-57FXk+gItG/GejofIyLIgBKTas4+pEU47IXKDBWFTxdPd7F80H8zybyAY7UoblVfBhBGs2EKM+bJUu2+iUYPDQ==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-object-super/-/plugin-transform-object-super-7.10.4.tgz#d7146c4d139433e7a6526f888c667e314a093894"
+  integrity sha512-5iTw0JkdRdJvr7sY0vHqTpnruUpTea32JHmq/atIWqsnNussbRzjEDyWep8UNztt1B5IusBYg8Irb0bLbiEBCQ==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
-    "@babel/helper-replace-supers" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/helper-replace-supers" "^7.10.4"
 
-"@babel/plugin-transform-parameters@^7.8.7", "@babel/plugin-transform-parameters@^7.9.5":
-  version "7.9.5"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.9.5.tgz#173b265746f5e15b2afe527eeda65b73623a0795"
-  integrity sha512-0+1FhHnMfj6lIIhVvS4KGQJeuhe1GI//h5uptK4PvLt+BGBxsoUJbd3/IW002yk//6sZPlFgsG1hY6OHLcy6kA==
+"@babel/plugin-transform-parameters@^7.10.4", "@babel/plugin-transform-parameters@^7.8.7":
+  version "7.10.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.10.5.tgz#59d339d58d0b1950435f4043e74e2510005e2c4a"
+  integrity sha512-xPHwUj5RdFV8l1wuYiu5S9fqWGM2DrYc24TMvUiRrPVm+SM3XeqU9BcokQX/kEUe+p2RBwy+yoiR1w/Blq6ubw==
   dependencies:
-    "@babel/helper-get-function-arity" "^7.8.3"
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-get-function-arity" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-property-literals@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-property-literals/-/plugin-transform-property-literals-7.8.3.tgz#33194300d8539c1ed28c62ad5087ba3807b98263"
-  integrity sha512-uGiiXAZMqEoQhRWMK17VospMZh5sXWg+dlh2soffpkAl96KAm+WZuJfa6lcELotSRmooLqg0MWdH6UUq85nmmg==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-property-literals/-/plugin-transform-property-literals-7.10.4.tgz#f6fe54b6590352298785b83edd815d214c42e3c0"
+  integrity sha512-ofsAcKiUxQ8TY4sScgsGeR2vJIsfrzqvFb9GvJ5UdXDzl+MyYCaBj/FGzXuv7qE0aJcjWMILny1epqelnFlz8g==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-regenerator@^7.8.7":
-  version "7.8.7"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.8.7.tgz#5e46a0dca2bee1ad8285eb0527e6abc9c37672f8"
-  integrity sha512-TIg+gAl4Z0a3WmD3mbYSk+J9ZUH6n/Yc57rtKRnlA/7rcCvpekHXe0CMZHP1gYp7/KLe9GHTuIba0vXmls6drA==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.10.4.tgz#2015e59d839074e76838de2159db421966fd8b63"
+  integrity sha512-3thAHwtor39A7C04XucbMg17RcZ3Qppfxr22wYzZNcVIkPHfpM9J0SO8zuCV6SZa265kxBJSrfKTvDCYqBFXGw==
   dependencies:
     regenerator-transform "^0.14.2"
 
 "@babel/plugin-transform-reserved-words@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-reserved-words/-/plugin-transform-reserved-words-7.8.3.tgz#9a0635ac4e665d29b162837dd3cc50745dfdf1f5"
-  integrity sha512-mwMxcycN3omKFDjDQUl+8zyMsBfjRFr0Zn/64I41pmjv4NJuqcYlEtezwYtw9TFd9WR1vN5kiM+O0gMZzO6L0A==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-reserved-words/-/plugin-transform-reserved-words-7.10.4.tgz#8f2682bcdcef9ed327e1b0861585d7013f8a54dd"
+  integrity sha512-hGsw1O6Rew1fkFbDImZIEqA8GoidwTAilwCyWqLBM9f+e/u/sQMQu7uX6dyokfOayRuuVfKOW4O7HvaBWM+JlQ==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-shorthand-properties@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-shorthand-properties/-/plugin-transform-shorthand-properties-7.8.3.tgz#28545216e023a832d4d3a1185ed492bcfeac08c8"
-  integrity sha512-I9DI6Odg0JJwxCHzbzW08ggMdCezoWcuQRz3ptdudgwaHxTjxw5HgdFJmZIkIMlRymL6YiZcped4TTCB0JcC8w==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-shorthand-properties/-/plugin-transform-shorthand-properties-7.10.4.tgz#9fd25ec5cdd555bb7f473e5e6ee1c971eede4dd6"
+  integrity sha512-AC2K/t7o07KeTIxMoHneyX90v3zkm5cjHJEokrPEAGEy3UCp8sLKfnfOIGdZ194fyN4wfX/zZUWT9trJZ0qc+Q==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-spread@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-spread/-/plugin-transform-spread-7.8.3.tgz#9c8ffe8170fdfb88b114ecb920b82fb6e95fe5e8"
-  integrity sha512-CkuTU9mbmAoFOI1tklFWYYbzX5qCIZVXPVy0jpXgGwkplCndQAa58s2jr66fTeQnA64bDox0HL4U56CFYoyC7g==
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-spread/-/plugin-transform-spread-7.11.0.tgz#fa84d300f5e4f57752fe41a6d1b3c554f13f17cc"
+  integrity sha512-UwQYGOqIdQJe4aWNyS7noqAnN2VbaczPLiEtln+zPowRNlD+79w3oi2TWfYe0eZgd+gjZCbsydN7lzWysDt+gw==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/helper-skip-transparent-expression-wrappers" "^7.11.0"
 
 "@babel/plugin-transform-sticky-regex@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-sticky-regex/-/plugin-transform-sticky-regex-7.8.3.tgz#be7a1290f81dae767475452199e1f76d6175b100"
-  integrity sha512-9Spq0vGCD5Bb4Z/ZXXSK5wbbLFMG085qd2vhL1JYu1WcQ5bXqZBAYRzU1d+p79GcHs2szYv5pVQCX13QgldaWw==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-sticky-regex/-/plugin-transform-sticky-regex-7.10.4.tgz#8f3889ee8657581130a29d9cc91d7c73b7c4a28d"
+  integrity sha512-Ddy3QZfIbEV0VYcVtFDCjeE4xwVTJWTmUtorAJkn6u/92Z/nWJNV+mILyqHKrUxXYKA2EoCilgoPePymKL4DvQ==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
-    "@babel/helper-regex" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/helper-regex" "^7.10.4"
 
 "@babel/plugin-transform-template-literals@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-template-literals/-/plugin-transform-template-literals-7.8.3.tgz#7bfa4732b455ea6a43130adc0ba767ec0e402a80"
-  integrity sha512-820QBtykIQOLFT8NZOcTRJ1UNuztIELe4p9DCgvj4NK+PwluSJ49we7s9FB1HIGNIYT7wFUJ0ar2QpCDj0escQ==
+  version "7.10.5"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-template-literals/-/plugin-transform-template-literals-7.10.5.tgz#78bc5d626a6642db3312d9d0f001f5e7639fde8c"
+  integrity sha512-V/lnPGIb+KT12OQikDvgSuesRX14ck5FfJXt6+tXhdkJ+Vsd0lDCVtF6jcB4rNClYFzaB2jusZ+lNISDk2mMMw==
   dependencies:
-    "@babel/helper-annotate-as-pure" "^7.8.3"
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-annotate-as-pure" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-typeof-symbol@^7.8.4":
-  version "7.8.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-typeof-symbol/-/plugin-transform-typeof-symbol-7.8.4.tgz#ede4062315ce0aaf8a657a920858f1a2f35fc412"
-  integrity sha512-2QKyfjGdvuNfHsb7qnBBlKclbD4CfshH2KvDabiijLMGXPHJXGxtDzwIF7bQP+T0ysw8fYTtxPafgfs/c1Lrqg==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-typeof-symbol/-/plugin-transform-typeof-symbol-7.10.4.tgz#9509f1a7eec31c4edbffe137c16cc33ff0bc5bfc"
+  integrity sha512-QqNgYwuuW0y0H+kUE/GWSR45t/ccRhe14Fs/4ZRouNNQsyd4o3PG4OtHiIrepbM2WKUBDAXKCAK/Lk4VhzTaGA==
   dependencies:
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/plugin-transform-unicode-regex@^7.8.3":
-  version "7.8.3"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-unicode-regex/-/plugin-transform-unicode-regex-7.8.3.tgz#0cef36e3ba73e5c57273effb182f46b91a1ecaad"
-  integrity sha512-+ufgJjYdmWfSQ+6NS9VGUR2ns8cjJjYbrbi11mZBTaWm+Fui/ncTLFF28Ei1okavY+xkojGr1eJxNsWYeA5aZw==
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-unicode-regex/-/plugin-transform-unicode-regex-7.10.4.tgz#e56d71f9282fac6db09c82742055576d5e6d80a8"
+  integrity sha512-wNfsc4s8N2qnIwpO/WP2ZiSyjfpTamT2C9V9FDH/Ljub9zw6P3SjkXcFmc0RQUt96k2fmIvtla2MMjgTwIAC+A==
   dependencies:
-    "@babel/helper-create-regexp-features-plugin" "^7.8.3"
-    "@babel/helper-plugin-utils" "^7.8.3"
+    "@babel/helper-create-regexp-features-plugin" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
 
 "@babel/preset-env@7.9.0":
   version "7.9.0"
@@ -943,13 +950,13 @@
     esutils "^2.0.2"
 
 "@babel/runtime@^7.8.4":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.9.6.tgz#a9102eb5cadedf3f31d08a9ecf294af7827ea29f"
-  integrity sha512-64AF1xY3OAkFHqOb9s4jpgk1Mm5vDZ4L3acHvAml+53nO1XbXLuDodsVpO4OIUsmemlUHMxNdYMNJmsvOwLrvQ==
+  version "7.11.2"
+  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.11.2.tgz#f549c13c754cc40b87644b9fa9f09a6a95fe0736"
+  integrity sha512-TeWkU52so0mPtDcaCTxNBI/IHiz0pZgr8VEFqXFtZWpYD08ZB6FaSwVAS8MKRQAP3bYKiVjwysOJgMFY28o6Tw==
   dependencies:
     regenerator-runtime "^0.13.4"
 
-"@babel/template@7.8.6", "@babel/template@^7.8.3", "@babel/template@^7.8.6":
+"@babel/template@7.8.6":
   version "7.8.6"
   resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.8.6.tgz#86b22af15f828dfb086474f964dcc3e39c43ce2b"
   integrity sha512-zbMsPMy/v0PWFZEhQJ66bqjhH+z0JgMoBWuikXybgG3Gkd/3t5oQ1Rw2WQhnSrsOmsKXnZOx15tkC4qON/+JPg==
@@ -958,28 +965,37 @@
     "@babel/parser" "^7.8.6"
     "@babel/types" "^7.8.6"
 
-"@babel/traverse@^7.8.3", "@babel/traverse@^7.9.0", "@babel/traverse@^7.9.6":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.9.6.tgz#5540d7577697bf619cc57b92aa0f1c231a94f442"
-  integrity sha512-b3rAHSjbxy6VEAvlxM8OV/0X4XrG72zoxme6q1MOoe2vd0bEc+TwayhuC1+Dfgqh1QEG+pj7atQqvUprHIccsg==
-  dependencies:
-    "@babel/code-frame" "^7.8.3"
-    "@babel/generator" "^7.9.6"
-    "@babel/helper-function-name" "^7.9.5"
-    "@babel/helper-split-export-declaration" "^7.8.3"
-    "@babel/parser" "^7.9.6"
-    "@babel/types" "^7.9.6"
+"@babel/template@^7.10.4", "@babel/template@^7.8.6":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.10.4.tgz#3251996c4200ebc71d1a8fc405fba940f36ba278"
+  integrity sha512-ZCjD27cGJFUB6nmCB1Enki3r+L5kJveX9pq1SvAUKoICy6CZ9yD8xO086YXdYhvNjBdnekm4ZnaP5yC8Cs/1tA==
+  dependencies:
+    "@babel/code-frame" "^7.10.4"
+    "@babel/parser" "^7.10.4"
+    "@babel/types" "^7.10.4"
+
+"@babel/traverse@^7.10.4", "@babel/traverse@^7.11.0", "@babel/traverse@^7.9.0":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.11.0.tgz#9b996ce1b98f53f7c3e4175115605d56ed07dd24"
+  integrity sha512-ZB2V+LskoWKNpMq6E5UUCrjtDUh5IOTAyIl0dTjIEoXum/iKWkoIEKIRDnUucO6f+2FzNkE0oD4RLKoPIufDtg==
+  dependencies:
+    "@babel/code-frame" "^7.10.4"
+    "@babel/generator" "^7.11.0"
+    "@babel/helper-function-name" "^7.10.4"
+    "@babel/helper-split-export-declaration" "^7.11.0"
+    "@babel/parser" "^7.11.0"
+    "@babel/types" "^7.11.0"
     debug "^4.1.0"
     globals "^11.1.0"
-    lodash "^4.17.13"
+    lodash "^4.17.19"
 
-"@babel/types@^7.4.4", "@babel/types@^7.8.3", "@babel/types@^7.8.6", "@babel/types@^7.9.0", "@babel/types@^7.9.5", "@babel/types@^7.9.6":
-  version "7.9.6"
-  resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.9.6.tgz#2c5502b427251e9de1bd2dff95add646d95cc9f7"
-  integrity sha512-qxXzvBO//jO9ZnoasKF1uJzHd2+M6Q2ZPIVfnFps8JJvXy0ZBbwbNOmE6SGIY5XOY6d1Bo5lb9d9RJ8nv3WSeA==
+"@babel/types@^7.10.4", "@babel/types@^7.10.5", "@babel/types@^7.11.0", "@babel/types@^7.4.4", "@babel/types@^7.8.6", "@babel/types@^7.9.0":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.11.0.tgz#2ae6bf1ba9ae8c3c43824e5861269871b206e90d"
+  integrity sha512-O53yME4ZZI0jO1EVGtF1ePGl0LHirG4P1ibcD80XyzZcKhcMFeCXmh4Xb1ifGBIV233Qg12x4rBfQgA+tmOukA==
   dependencies:
-    "@babel/helper-validator-identifier" "^7.9.5"
-    lodash "^4.17.13"
+    "@babel/helper-validator-identifier" "^7.10.4"
+    lodash "^4.17.19"
     to-fast-properties "^2.0.0"
 
 "@istanbuljs/schema@^0.1.2":
@@ -998,36 +1014,64 @@
     merge-source-map "^1.1.0"
     schema-utils "^2.6.4"
 
-"@ngtools/webpack@9.1.6":
-  version "9.1.6"
-  resolved "https://registry.yarnpkg.com/@ngtools/webpack/-/webpack-9.1.6.tgz#7fa8763d4e128a4e371bafa9328a64cf1de246dd"
-  integrity sha512-W/9kENoiYARDGXqXSmOekQddUlQUVxfYP7JgQwqdg7JYktIpThicbV/iLBChZwWnmn9mb7MDw1IPeUTkZzrO2Q==
+"@ngtools/webpack@9.1.12":
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@ngtools/webpack/-/webpack-9.1.12.tgz#a6e2feb40db442335a1c79af4044d399767b5e81"
+  integrity sha512-lypMXIq5oxBMsoDu/VOa1yUmmXthhxkCJa8LG0ZohfnbwhmZvz3SAW7omBGuVrb5cVIfLCkaRCSnQ1MNc6ULXw==
   dependencies:
-    "@angular-devkit/core" "9.1.6"
+    "@angular-devkit/core" "9.1.12"
     enhanced-resolve "4.1.1"
     rxjs "6.5.4"
     webpack-sources "1.4.3"
 
+"@nodelib/fs.scandir@2.1.3":
+  version "2.1.3"
+  resolved "https://registry.yarnpkg.com/@nodelib/fs.scandir/-/fs.scandir-2.1.3.tgz#3a582bdb53804c6ba6d146579c46e52130cf4a3b"
+  integrity sha512-eGmwYQn3gxo4r7jdQnkrrN6bY478C3P+a/y72IJukF8LjB6ZHeB3c+Ehacj3sYeSmUXGlnA67/PmbM9CVwL7Dw==
+  dependencies:
+    "@nodelib/fs.stat" "2.0.3"
+    run-parallel "^1.1.9"
+
+"@nodelib/fs.stat@2.0.3", "@nodelib/fs.stat@^2.0.2":
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/@nodelib/fs.stat/-/fs.stat-2.0.3.tgz#34dc5f4cabbc720f4e60f75a747e7ecd6c175bd3"
+  integrity sha512-bQBFruR2TAwoevBEd/NWMoAAtNGzTRgdrqnYCc7dhzfoNvqPzLyqlEQnzZ3kVnNrSp25iyxE00/3h2fqGAGArA==
+
+"@nodelib/fs.walk@^1.2.3":
+  version "1.2.4"
+  resolved "https://registry.yarnpkg.com/@nodelib/fs.walk/-/fs.walk-1.2.4.tgz#011b9202a70a6366e436ca5c065844528ab04976"
+  integrity sha512-1V9XOY4rDW0rehzbrcqAmHnz8e7SKvX27gh8Gt2WgB0+pdzdiLV83p72kZPU+jvMbS1qU5mauP2iOvO8rhmurQ==
+  dependencies:
+    "@nodelib/fs.scandir" "2.1.3"
+    fastq "^1.6.0"
+
+"@npmcli/move-file@^1.0.1":
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/@npmcli/move-file/-/move-file-1.0.1.tgz#de103070dac0f48ce49cf6693c23af59c0f70464"
+  integrity sha512-Uv6h1sT+0DrblvIrolFtbvM1FgWm+/sy4B3pvLp67Zys+thcukzS5ekn7HsZFGpWP4Q3fYJCljbWQE/XivMRLw==
+  dependencies:
+    mkdirp "^1.0.4"
+
 "@saritasa/tslint-config-angular@^2.0.0":
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/@saritasa/tslint-config-angular/-/tslint-config-angular-2.0.0.tgz#9e76c98081b1bc54c260e1c27abd5cd4ef8d2525"
   integrity sha512-zs7nOOgxOA3WpNeRLS2Qcuu0BHU/GN/n9Kfbv//w0fzZinxeZKMaLOOnDcSlq4JGgOp6AbVJeCR8l50enwEasQ==
 
-"@schematics/angular@9.1.6":
-  version "9.1.6"
-  resolved "https://registry.yarnpkg.com/@schematics/angular/-/angular-9.1.6.tgz#411b45174b3900dc79d061a86aec8539894dd06b"
-  integrity sha512-Q9lPTf1/pXBWuFOLzwtrU88Gwkfn9JLiSb45xSQZ771cCD68tZyL4V9fH+u7139y3H3ID2xebMs7WiddAERLyw==
+"@schematics/angular@9.1.12":
+  version "9.1.12"
+  resolved "https://registry.yarnpkg.com/@schematics/angular/-/angular-9.1.12.tgz#608e25dbd517d867002781f695336b51f05417a2"
+  integrity sha512-r4+aPAGhstsKFMwW/kOen1ACnzuLpz+vMxEpndXOqqVXLkAMsuAbQUFYjIlMy6fH4zdhpI90EJZ1PbOrAXvKxA==
   dependencies:
-    "@angular-devkit/core" "9.1.6"
-    "@angular-devkit/schematics" "9.1.6"
+    "@angular-devkit/core" "9.1.12"
+    "@angular-devkit/schematics" "9.1.12"
 
-"@schematics/update@0.901.6":
-  version "0.901.6"
-  resolved "https://registry.yarnpkg.com/@schematics/update/-/update-0.901.6.tgz#a6bf0ec294983373ec8e9d675d50e8b44c6a7bc7"
-  integrity sha512-fKDjD/nGOsrPglOeMVNW+/wa8t73XBrsVneaLg3qmWp6c80JQAxwryE+3MTnBP7apZCLR2YZlKySbY54gLRs6w==
+"@schematics/update@0.901.12":
+  version "0.901.12"
+  resolved "https://registry.yarnpkg.com/@schematics/update/-/update-0.901.12.tgz#7e410ac7a163b71e30d8cc56d7959adf9225078c"
+  integrity sha512-SxGVYLTHhBC0rSF0OWSWPuJUB1Jhfqkl3o5bBgCC9//DutWiN6WoCCBTrCxR7F5vR2iiD7WqOe9CuvWYfvV8oQ==
   dependencies:
-    "@angular-devkit/core" "9.1.6"
-    "@angular-devkit/schematics" "9.1.6"
+    "@angular-devkit/core" "9.1.12"
+    "@angular-devkit/schematics" "9.1.12"
     "@yarnpkg/lockfile" "1.1.0"
     ini "1.3.5"
     npm-package-arg "^8.0.0"
@@ -1041,34 +1085,33 @@
   resolved "https://registry.yarnpkg.com/@types/color-name/-/color-name-1.1.1.tgz#1c1261bbeaa10a8055bbc5d8ab84b7b2afc846a0"
   integrity sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==
 
-"@types/events@*":
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/@types/events/-/events-3.0.0.tgz#2862f3f58a9a7f7c3e78d79f130dd4d71c25c2a7"
-  integrity sha512-EaObqwIvayI5a8dCzhFrjKzVwKLxjoG9T6Ppd5CEo07LRKfQ8Yokw54r5+Wq7FaBQ+yXRvQAYPrHwya1/UFt9g==
-
 "@types/glob@^7.1.1":
-  version "7.1.1"
-  resolved "https://registry.yarnpkg.com/@types/glob/-/glob-7.1.1.tgz#aa59a1c6e3fbc421e07ccd31a944c30eba521575"
-  integrity sha512-1Bh06cbWJUHMC97acuD6UMG29nMt0Aqz1vF3guLfG+kHHJhy3AyohZFFxYk2f7Q1SQIrNwvncxAE0N/9s70F2w==
+  version "7.1.3"
+  resolved "https://registry.yarnpkg.com/@types/glob/-/glob-7.1.3.tgz#e6ba80f36b7daad2c685acd9266382e68985c183"
+  integrity sha512-SEYeGAIQIQX8NN6LDKprLjbrd5dARM5EXsd8GI/A5l0apYI1fGMWgPHSe4ZKL4eozlAyI+doUE9XbYS4xCkQ1w==
   dependencies:
-    "@types/events" "*"
     "@types/minimatch" "*"
     "@types/node" "*"
 
+"@types/json-schema@^7.0.4":
+  version "7.0.5"
+  resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.5.tgz#dcce4430e64b443ba8945f0290fb564ad5bac6dd"
+  integrity sha512-7+2BITlgjgDhH0vvwZU/HZJVyk+2XUlvxXe8dFMedNX/aMkaOq++rMAFXc0tM7ij15QaWlbdQASBR9dihi+bDQ==
+
 "@types/minimatch@*":
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/@types/minimatch/-/minimatch-3.0.3.tgz#3dca0e3f33b200fc7d1139c0cd96c1268cadfd9d"
   integrity sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA==
 
 "@types/node@*":
-  version "14.0.1"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.0.1.tgz#5d93e0a099cd0acd5ef3d5bde3c086e1f49ff68c"
-  integrity sha512-FAYBGwC+W6F9+huFIDtn43cpy7+SzG+atzRiTfdp3inUKL2hXnd4rG8hylJLIh4+hqrQy1P17kvJByE/z825hA==
+  version "14.0.27"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.0.27.tgz#a151873af5a5e851b51b3b065c9e63390a9e0eb1"
+  integrity sha512-kVrqXhbclHNHGu9ztnAwSncIgJv/FaxmzXJvGXNdcCpV1b8u1/Mi6z6m0vwy0LzKeXFTPLH0NzwmoJ3fNCIq0g==
 
 "@types/node@^12.11.1":
-  version "12.12.39"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-12.12.39.tgz#532d25c1e639d89dd6f3aa1d7b3962e3e7fa943d"
-  integrity sha512-pADGfwnDkr6zagDwEiCVE4yQrv7XDkoeVa4OfA9Ju/zRTk6YNDLGtQbkdL4/56mCQQCs4AhNrBIag6jrp7ZuOg==
+  version "12.12.54"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-12.12.54.tgz#a4b58d8df3a4677b6c08bfbc94b7ad7a7a5f82d1"
+  integrity sha512-ge4xZ3vSBornVYlDnk7yZ0gK6ChHf/CHB7Gl1I0Jhah8DDnEQqBzgohYG4FX4p81TNirSETOiSyn+y1r9/IR6w==
 
 "@types/q@^1.5.1":
   version "1.5.4"
@@ -1088,9 +1131,9 @@
     moment ">=2.13.0"
 
 "@types/webpack-sources@^0.1.5":
-  version "0.1.7"
-  resolved "https://registry.yarnpkg.com/@types/webpack-sources/-/webpack-sources-0.1.7.tgz#0a330a9456113410c74a5d64180af0cbca007141"
-  integrity sha512-XyaHrJILjK1VHVC4aVlKsdNN5KBTwufMb43cQs+flGxtPAf/1Qwl8+Q0tp5BwEGaI8D6XT1L+9bSWXckgkjTLw==
+  version "0.1.8"
+  resolved "https://registry.yarnpkg.com/@types/webpack-sources/-/webpack-sources-0.1.8.tgz#078d75410435993ec8a0a2855e88706f3f751f81"
+  integrity sha512-JHB2/xZlXOjzjBB6fMOpH1eQAfsrpqVVIbneE0Rok16WXwFaznaI5vfg75U5WgGJm7V9W1c4xeRQDjX/zwvghA==
   dependencies:
     "@types/node" "*"
     "@types/source-list-map" "*"
@@ -1274,9 +1317,9 @@ accepts@~1.3.4, accepts@~1.3.5, accepts@~1.3.7:
     negotiator "0.6.2"
 
 ace-builds@^1.4.2:
-  version "1.4.11"
-  resolved "https://registry.yarnpkg.com/ace-builds/-/ace-builds-1.4.11.tgz#b1f19a891afcef1d26522473082baf80067e855f"
-  integrity sha512-keACH1d7MvAh72fE/us36WQzOFQPJbHphNpj33pXwVZOM84pTWcdFzIAvngxOGIGLTm7gtUP2eJ4Ku6VaPo8bw==
+  version "1.4.12"
+  resolved "https://registry.yarnpkg.com/ace-builds/-/ace-builds-1.4.12.tgz#888efa386e36f4345f40b5233fcc4fe4c588fae7"
+  integrity sha512-G+chJctFPiiLGvs3+/Mly3apXTcfgE45dT5yp12BcWZ1kUs+gm0qd3/fv4gsz6fVag4mM0moHVpjHDIgph6Psg==
 
 acorn@^6.2.1:
   version "6.4.1"
@@ -1318,24 +1361,14 @@ ajv-errors@^1.0.0:
   integrity sha512-DCRfO/4nQ+89p/RK43i8Ezd41EqdGIU4ld7nGF8OQ14oc/we5rEntLCUa7+jrn3nn83BosfwZA0wb4pon2o8iQ==
 
 ajv-keywords@^3.1.0, ajv-keywords@^3.4.1:
-  version "3.4.1"
-  resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.4.1.tgz#ef916e271c64ac12171fd8384eaae6b2345854da"
-  integrity sha512-RO1ibKvd27e6FEShVFfPALuHI3WjSVNeK5FIsmme/LYRNxjKuNj+Dt7bucLa6NdSv3JcVTyMlm9kGR84z1XpaQ==
-
-ajv@6.12.0:
-  version "6.12.0"
-  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.0.tgz#06d60b96d87b8454a5adaba86e7854da629db4b7"
-  integrity sha512-D6gFiFA0RRLyUbvijN74DWAjXSFxWKaWP7mldxkVhyhAV3+SWA9HEJPHQ2c9soIeTFJqcSdFDGFgdqs1iUU2Hw==
-  dependencies:
-    fast-deep-equal "^3.1.1"
-    fast-json-stable-stringify "^2.0.0"
-    json-schema-traverse "^0.4.1"
-    uri-js "^4.2.2"
+  version "3.5.2"
+  resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.5.2.tgz#31f29da5ab6e00d1c2d329acf7b5929614d5014d"
+  integrity sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ==
 
-ajv@^6.1.0, ajv@^6.10.2, ajv@^6.12.0, ajv@^6.5.5:
-  version "6.12.2"
-  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.2.tgz#c629c5eced17baf314437918d2da88c99d5958cd"
-  integrity sha512-k+V+hzjm5q/Mr8ef/1Y9goCmlsK4I6Sm74teeyGvFk1XrOsbsKLjEdrvny42CZ+a8sXbk8KWpY/bDwS+FLL2UQ==
+ajv@6.12.3, ajv@^6.1.0, ajv@^6.10.2, ajv@^6.12.2, ajv@^6.12.3:
+  version "6.12.3"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.3.tgz#18c5af38a111ddeb4f2697bd78d68abc1cabd706"
+  integrity sha512-4K0cK3L1hsqk9xIb2z9vs/XU+PGJZ9PNpJRDS9YLzmNdX6jmVPfamLvTJr0aDAusnHyCHO6MjzlkAsgtqp9teA==
   dependencies:
     fast-deep-equal "^3.1.1"
     fast-json-stable-stringify "^2.0.0"
@@ -1374,17 +1407,17 @@ ansi-regex@^2.0.0:
   resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-2.1.1.tgz#c3b33ab5ee360d86e0e628f0468ae7ef27d654df"
   integrity sha1-w7M6te42DYbg5ijwRorn7yfWVN8=
 
-ansi-regex@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-3.0.0.tgz#ed0317c322064f79466c02966bddb605ab37d998"
-  integrity sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=
+ansi-regex@^4.1.0:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-4.1.0.tgz#8b9f8f08cf1acb843756a839ca8c7e3168c51997"
+  integrity sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==
 
 ansi-regex@^5.0.0:
   version "5.0.0"
   resolved "https://registry.yarnpkg.com/ansi-regex/-/ansi-regex-5.0.0.tgz#388539f55179bf39339c81af30a654d69f87cb75"
   integrity sha512-bY6fj56OUQ0hU1KjFNDQuJFezqKdrAyFdIevADiqrWHwSlbmBNMHp5ak2f40Pm8JTFyM2mqxkG6ngkHO11f/lg==
 
-ansi-styles@^3.2.1:
+ansi-styles@^3.2.0, ansi-styles@^3.2.1:
   version "3.2.1"
   resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-3.2.1.tgz#41fbb20243e50b12be0f04b8dedbf07520ce841d"
   integrity sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==
@@ -1477,6 +1510,11 @@ array-union@^1.0.1:
   dependencies:
     array-uniq "^1.0.1"
 
+array-union@^2.1.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/array-union/-/array-union-2.1.0.tgz#b798420adbeb1de828d84acd8a2e23d3efe85e8d"
+  integrity sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw==
+
 array-uniq@^1.0.1:
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/array-uniq/-/array-uniq-1.0.3.tgz#af6ac877a25cc7f74e058894753858dfdb24fdb6"
@@ -1492,14 +1530,15 @@ asap@^2.0.0, asap@~2.0.3:
   resolved "https://registry.yarnpkg.com/asap/-/asap-2.0.6.tgz#e50347611d7e690943208bbdafebcbc2fb866d46"
   integrity sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=
 
-asn1.js@^4.0.0:
-  version "4.10.1"
-  resolved "https://registry.yarnpkg.com/asn1.js/-/asn1.js-4.10.1.tgz#b9c2bf5805f1e64aadeed6df3a2bfafb5a73f5a0"
-  integrity sha512-p32cOF5q0Zqs9uBiONKYLm6BClCoBCM5O9JfeUSlnQLBTxYdTK+pW+nXflm8UkKd2UYlEbYz5qEi0JuZR9ckSw==
+asn1.js@^5.2.0:
+  version "5.4.1"
+  resolved "https://registry.yarnpkg.com/asn1.js/-/asn1.js-5.4.1.tgz#11a980b84ebb91781ce35b0fdc2ee294e3783f07"
+  integrity sha512-+I//4cYPccV8LdmBLiX8CYvf9Sp3vQsrqu2QNXRcrbiWvcx/UdlFiqUJJzxRQxgsZmvhXhn4cSKeSmoFjVdupA==
   dependencies:
     bn.js "^4.0.0"
     inherits "^2.0.1"
     minimalistic-assert "^1.0.0"
+    safer-buffer "^2.1.0"
 
 asn1@~0.2.3:
   version "0.2.4"
@@ -1584,9 +1623,9 @@ aws-sign2@~0.7.0:
   integrity sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=
 
 aws4@^1.8.0:
-  version "1.9.1"
-  resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.9.1.tgz#7e33d8f7d449b3f673cd72deb9abdc552dbe528e"
-  integrity sha512-wMHVg2EOHaMRxbzgFJ9gtjOOCrI80OHLG14rxi28XwOW8ux6IiEbRCGGGqCtdAIg4FQCbW20k9RsT4y3gJlFug==
+  version "1.10.1"
+  resolved "https://registry.yarnpkg.com/aws4/-/aws4-1.10.1.tgz#e1e82e4f3e999e2cfd61b161280d16a111f86428"
+  integrity sha512-zg7Hz2k5lI8kb7U32998pRRFin7zJlkfezGJjUc2heaD4Pw2wObakCDVzkKztTm/Ln7eiVvYsjqak0Ed4LkMDA==
 
 axobject-query@2.0.2:
   version "2.0.2"
@@ -1658,9 +1697,9 @@ binary-extensions@^1.0.0:
   integrity sha512-Un7MIEDdUC5gNpcGDV97op1Ywk748MpHcFTHoYs6qnj1Z3j7I53VG3nwZhKzoBZmbdRNnb6WRdFlwl7tSDuZGw==
 
 binary-extensions@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.0.0.tgz#23c0df14f6a88077f5f986c0d167ec03c3d5537c"
-  integrity sha512-Phlt0plgpIIBOGTT/ehfFnbNlfsDEiqmzE2KRXoX1bLIlir4X/MR+zSyBEkL05ffWgnRSf/DXv+WrUAVr93/ow==
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.1.0.tgz#30fa40c9e7fe07dbc895678cd287024dea241dd9"
+  integrity sha512-1Yj8h9Q+QDF5FzhMs/c9+6UntbD5MkRfRwac8DoEm9ZfUBZ7tZ55YcGVAzEe4bXsdQHEk+s9S5wsOKVdZrw0tQ==
 
 bindings@^1.5.0:
   version "1.5.0"
@@ -1680,9 +1719,9 @@ bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.4.0:
   integrity sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==
 
 bn.js@^5.1.1:
-  version "5.1.1"
-  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-5.1.1.tgz#48efc4031a9c4041b9c99c6941d903463ab62eb5"
-  integrity sha512-IUTD/REb78Z2eodka1QZyyEk66pciRcP6Sroka0aI3tG/iwIdYLrBD62RsubR7vqdt3WyX8p4jxeatzmRSphtA==
+  version "5.1.2"
+  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-5.1.2.tgz#c9686902d3c9a27729f43ab10f9d79c2004da7b0"
+  integrity sha512-40rZaf3bUNKTVYu9sIeeEGOg7g14Yvnj9kH7b50EiwX0Q7A6umbvfI5tvHaOERH0XigqKkfLkFQxzb4e6CIXnA==
 
 body-parser@1.19.0:
   version "1.19.0"
@@ -1718,9 +1757,9 @@ boolbase@^1.0.0, boolbase@~1.0.0:
   integrity sha1-aN/1++YMUes3cl6p4+0xDcwed24=
 
 bootstrap@^4.2.1:
-  version "4.5.0"
-  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.5.0.tgz#97d9dbcb5a8972f8722c9962483543b907d9b9ec"
-  integrity sha512-Z93QoXvodoVslA+PWNdk23Hze4RBYIkpb5h8I2HY2Tu2h7A0LpAgLcyrhrSUyo2/Oxm2l1fRZPs1e5hnxnliXA==
+  version "4.5.2"
+  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.5.2.tgz#a85c4eda59155f0d71186b6e6ad9b875813779ab"
+  integrity sha512-vlGn0bcySYl/iV+BGA544JkkZP5LB3jsmkeKLFQakCOwCM3AOk7VkldBz4jrzSe+Z0Ezn99NVXa1o45cQY4R6A==
 
 brace-expansion@^1.1.7:
   version "1.1.11"
@@ -1751,7 +1790,7 @@ braces@^2.3.1, braces@^2.3.2:
     split-string "^3.0.2"
     to-regex "^3.0.1"
 
-braces@~3.0.2:
+braces@^3.0.1, braces@~3.0.2:
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/braces/-/braces-3.0.2.tgz#3454e1a462ee8d599e236df336cd9ea4f8afe107"
   integrity sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==
@@ -1803,15 +1842,15 @@ browserify-rsa@^4.0.0, browserify-rsa@^4.0.1:
     randombytes "^2.0.1"
 
 browserify-sign@^4.0.0:
-  version "4.2.0"
-  resolved "https://registry.yarnpkg.com/browserify-sign/-/browserify-sign-4.2.0.tgz#545d0b1b07e6b2c99211082bf1b12cce7a0b0e11"
-  integrity sha512-hEZC1KEeYuoHRqhGhTy6gWrpJA3ZDjFWv0DE61643ZnOXAKJb3u7yWcrU0mMc9SwAqK1n7myPGndkp0dFG7NFA==
+  version "4.2.1"
+  resolved "https://registry.yarnpkg.com/browserify-sign/-/browserify-sign-4.2.1.tgz#eaf4add46dd54be3bb3b36c0cf15abbeba7956c3"
+  integrity sha512-/vrA5fguVAKKAVTNJjgSm1tRQDHUU6DbwO9IROu/0WAzC8PKhucDSh18J0RMvVeHAn5puMd+QHC2erPRNf8lmg==
   dependencies:
     bn.js "^5.1.1"
     browserify-rsa "^4.0.1"
     create-hash "^1.2.0"
     create-hmac "^1.1.7"
-    elliptic "^6.5.2"
+    elliptic "^6.5.3"
     inherits "^2.0.4"
     parse-asn1 "^5.1.5"
     readable-stream "^3.6.0"
@@ -1824,15 +1863,15 @@ browserify-zlib@^0.2.0:
   dependencies:
     pako "~1.0.5"
 
-browserslist@^4.0.0, browserslist@^4.11.1, browserslist@^4.8.3, browserslist@^4.8.5, browserslist@^4.9.1:
-  version "4.12.0"
-  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.12.0.tgz#06c6d5715a1ede6c51fc39ff67fd647f740b656d"
-  integrity sha512-UH2GkcEDSI0k/lRkuDSzFl9ZZ87skSy9w2XAn1MsZnL+4c4rqbBd3e82UWHbYDpztABrPBhZsTEeuxVfHppqDg==
+browserslist@^4.0.0, browserslist@^4.12.0, browserslist@^4.8.3, browserslist@^4.8.5, browserslist@^4.9.1:
+  version "4.14.0"
+  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.14.0.tgz#2908951abfe4ec98737b72f34c3bcedc8d43b000"
+  integrity sha512-pUsXKAF2lVwhmtpeA3LJrZ76jXuusrNyhduuQs7CDFf9foT4Y38aQOserd2lMe5DSSrjf3fx34oHwryuvxAUgQ==
   dependencies:
-    caniuse-lite "^1.0.30001043"
-    electron-to-chromium "^1.3.413"
-    node-releases "^1.1.53"
-    pkg-up "^2.0.0"
+    caniuse-lite "^1.0.30001111"
+    electron-to-chromium "^1.3.523"
+    escalade "^3.0.2"
+    node-releases "^1.1.60"
 
 buffer-from@^1.0.0:
   version "1.1.1"
@@ -1906,7 +1945,7 @@ cacache@15.0.0:
     tar "^6.0.1"
     unique-filename "^1.1.1"
 
-cacache@^12.0.0, cacache@^12.0.2, cacache@^12.0.3:
+cacache@^12.0.0, cacache@^12.0.2:
   version "12.0.4"
   resolved "https://registry.yarnpkg.com/cacache/-/cacache-12.0.4.tgz#668bcbd105aeb5f1d92fe25570ec9525c8faa40c"
   integrity sha512-a0tMB40oefvuInr4Cwb3GerbL9xTj1D5yg0T5xrjGCGyfvbxseIXX7BAO/u/hIXdafzOI5JC3wDwHyf24buOAQ==
@@ -1927,28 +1966,27 @@ cacache@^12.0.0, cacache@^12.0.2, cacache@^12.0.3:
     unique-filename "^1.1.1"
     y18n "^4.0.0"
 
-cacache@^13.0.1:
-  version "13.0.1"
-  resolved "https://registry.yarnpkg.com/cacache/-/cacache-13.0.1.tgz#a8000c21697089082f85287a1aec6e382024a71c"
-  integrity sha512-5ZvAxd05HDDU+y9BVvcqYu2LLXmPnQ0hW62h32g4xBTgL/MppR4/04NHfj/ycM2y6lmTnbw6HVi+1eN0Psba6w==
+cacache@^15.0.4:
+  version "15.0.5"
+  resolved "https://registry.yarnpkg.com/cacache/-/cacache-15.0.5.tgz#69162833da29170d6732334643c60e005f5f17d0"
+  integrity sha512-lloiL22n7sOjEEXdL8NAjTgv9a1u43xICE9/203qonkZUCj5X1UEWIdf2/Y0d6QcCtMzbKQyhrcDbdvlZTs/+A==
   dependencies:
-    chownr "^1.1.2"
-    figgy-pudding "^3.5.1"
+    "@npmcli/move-file" "^1.0.1"
+    chownr "^2.0.0"
     fs-minipass "^2.0.0"
     glob "^7.1.4"
-    graceful-fs "^4.2.2"
     infer-owner "^1.0.4"
-    lru-cache "^5.1.1"
-    minipass "^3.0.0"
+    lru-cache "^6.0.0"
+    minipass "^3.1.1"
     minipass-collect "^1.0.2"
     minipass-flush "^1.0.5"
     minipass-pipeline "^1.2.2"
-    mkdirp "^0.5.1"
-    move-concurrently "^1.0.1"
-    p-map "^3.0.0"
+    mkdirp "^1.0.3"
+    p-map "^4.0.0"
     promise-inflight "^1.0.1"
-    rimraf "^2.7.1"
-    ssri "^7.0.0"
+    rimraf "^3.0.2"
+    ssri "^8.0.0"
+    tar "^6.0.2"
     unique-filename "^1.1.1"
 
 cache-base@^1.0.1:
@@ -2000,10 +2038,10 @@ caniuse-api@^3.0.0:
     lodash.memoize "^4.1.2"
     lodash.uniq "^4.5.0"
 
-caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001020, caniuse-lite@^1.0.30001032, caniuse-lite@^1.0.30001043:
-  version "1.0.30001062"
-  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001062.tgz#d814b648338504b315222ace6f1a533d9a55e390"
-  integrity sha512-ei9ZqeOnN7edDrb24QfJ0OZicpEbsWxv7WusOiQGz/f2SfvBgHHbOEwBJ8HKGVSyx8Z6ndPjxzR6m0NQq+0bfw==
+caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001020, caniuse-lite@^1.0.30001032, caniuse-lite@^1.0.30001111:
+  version "1.0.30001113"
+  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001113.tgz#22016ab55b5a8b04fa00ca342d9ee1b98df48065"
+  integrity sha512-qMvjHiKH21zzM/VDZr6oosO6Ri3U0V2tC015jRXjOecwQCJtsU5zklTNTk31jQbIOP8gha0h1ccM/g0ECP+4BA==
 
 canonical-path@1.0.0:
   version "1.0.0"
@@ -2037,10 +2075,10 @@ chardet@^0.7.0:
   resolved "https://registry.yarnpkg.com/chardet/-/chardet-0.7.0.tgz#90094849f0937f2eedc2425d0d28a9e5f0cbad9e"
   integrity sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==
 
-"chokidar@>=2.0.0 <4.0.0", chokidar@^3.0.0, chokidar@^3.4.0:
-  version "3.4.0"
-  resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.4.0.tgz#b30611423ce376357c765b9b8f904b9fba3c0be8"
-  integrity sha512-aXAaho2VJtisB/1fg1+3nlLJqGOuewTzQpd/Tz0yTg2R0e4IGtshYvtjowyEumcBv2z+y4+kc75Mz7j5xJskcQ==
+"chokidar@>=2.0.0 <4.0.0", chokidar@^3.0.0, chokidar@^3.4.1:
+  version "3.4.2"
+  resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.4.2.tgz#38dc8e658dec3809741eb3ef7bb0a47fe424232d"
+  integrity sha512-IZHaDeBeI+sZJRX7lGcXsdzgvZqKv6sECqsbErJA4mHWfpRrD8B97kSFN4cQz6nGBGiuFia1MKR4d6c1o8Cv7A==
   dependencies:
     anymatch "~3.1.1"
     braces "~3.0.2"
@@ -2124,23 +2162,23 @@ cli-cursor@^3.1.0:
     restore-cursor "^3.1.0"
 
 cli-spinners@^2.2.0:
-  version "2.3.0"
-  resolved "https://registry.yarnpkg.com/cli-spinners/-/cli-spinners-2.3.0.tgz#0632239a4b5aa4c958610142c34bb7a651fc8df5"
-  integrity sha512-Xs2Hf2nzrvJMFKimOR7YR0QwZ8fc0u98kdtwN1eNAZzNQgH3vK2pXzff6GJtKh7S5hoJ87ECiAiZFS2fb5Ii2w==
+  version "2.4.0"
+  resolved "https://registry.yarnpkg.com/cli-spinners/-/cli-spinners-2.4.0.tgz#c6256db216b878cfba4720e719cec7cf72685d7f"
+  integrity sha512-sJAofoarcm76ZGpuooaO0eDy8saEy+YoZBLjC4h8srt4jeBnkYeOgqxgsJQTpyt2LjI5PTfLJHSL+41Yu4fEJA==
 
 cli-width@^2.0.0:
   version "2.2.1"
   resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.2.1.tgz#b0433d0b4e9c847ef18868a4ef16fd5fc8271c48"
   integrity sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw==
 
-cliui@^4.0.0:
-  version "4.1.0"
-  resolved "https://registry.yarnpkg.com/cliui/-/cliui-4.1.0.tgz#348422dbe82d800b3022eef4f6ac10bf2e4d1b49"
-  integrity sha512-4FG+RSG9DL7uEwRUZXZn3SS34DiDPfzP0VOiEwtUWlE+AR2EIg+hSyvrIgUUfhdgR/UkAeW2QHgeP+hWrXs7jQ==
+cliui@^5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/cliui/-/cliui-5.0.0.tgz#deefcfdb2e800784aa34f46fa08e06851c7bbbc5"
+  integrity sha512-PYeGSEmmHM6zvoef2w8TPzlrnNpXIjTipYK780YswmIP9vjxmd6Y2a3CB2Ks6/AU8NHjZugXvo8w3oWM2qnwXA==
   dependencies:
-    string-width "^2.1.1"
-    strip-ansi "^4.0.0"
-    wrap-ansi "^2.0.0"
+    string-width "^3.1.0"
+    strip-ansi "^5.2.0"
+    wrap-ansi "^5.1.0"
 
 cliui@^6.0.0:
   version "6.0.0"
@@ -2179,11 +2217,6 @@ coa@^2.0.2:
     chalk "^2.4.1"
     q "^1.1.2"
 
-code-point-at@^1.0.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/code-point-at/-/code-point-at-1.1.0.tgz#0d070b4d043a5bea33a2f1a40e2edb3d9a4ccf77"
-  integrity sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c=
-
 codelyzer@^5.1.2:
   version "5.2.2"
   resolved "https://registry.yarnpkg.com/codelyzer/-/codelyzer-5.2.2.tgz#d0530a455784e6bea0b6d7e97166c73c30a5347f"
@@ -2365,23 +2398,22 @@ copy-descriptor@^0.1.0:
   resolved "https://registry.yarnpkg.com/copy-descriptor/-/copy-descriptor-0.1.1.tgz#676f6eb3c39997c2ee1ac3a924fd6124748f578d"
   integrity sha1-Z29us8OZl8LuGsOpJP1hJHSPV40=
 
-copy-webpack-plugin@5.1.1:
-  version "5.1.1"
-  resolved "https://registry.yarnpkg.com/copy-webpack-plugin/-/copy-webpack-plugin-5.1.1.tgz#5481a03dea1123d88a988c6ff8b78247214f0b88"
-  integrity sha512-P15M5ZC8dyCjQHWwd4Ia/dm0SgVvZJMYeykVIVYXbGyqO4dWB5oyPHp9i7wjwo5LhtlhKbiBCdS2NvM07Wlybg==
-  dependencies:
-    cacache "^12.0.3"
-    find-cache-dir "^2.1.0"
-    glob-parent "^3.1.0"
-    globby "^7.1.1"
-    is-glob "^4.0.1"
-    loader-utils "^1.2.3"
-    minimatch "^3.0.4"
+copy-webpack-plugin@6.0.3:
+  version "6.0.3"
+  resolved "https://registry.yarnpkg.com/copy-webpack-plugin/-/copy-webpack-plugin-6.0.3.tgz#2b3d2bfc6861b96432a65f0149720adbd902040b"
+  integrity sha512-q5m6Vz4elsuyVEIUXr7wJdIdePWTubsqVbEMvf1WQnHGv0Q+9yPRu7MtYFPt+GBOXRav9lvIINifTQ1vSCs+eA==
+  dependencies:
+    cacache "^15.0.4"
+    fast-glob "^3.2.4"
+    find-cache-dir "^3.3.1"
+    glob-parent "^5.1.1"
+    globby "^11.0.1"
+    loader-utils "^2.0.0"
     normalize-path "^3.0.0"
-    p-limit "^2.2.1"
-    schema-utils "^1.0.0"
-    serialize-javascript "^2.1.2"
-    webpack-log "^2.0.0"
+    p-limit "^3.0.1"
+    schema-utils "^2.7.0"
+    serialize-javascript "^4.0.0"
+    webpack-sources "^1.4.3"
 
 core-js-compat@^3.6.2:
   version "3.6.5"
@@ -2417,12 +2449,12 @@ cosmiconfig@^5.0.0:
     parse-json "^4.0.0"
 
 create-ecdh@^4.0.0:
-  version "4.0.3"
-  resolved "https://registry.yarnpkg.com/create-ecdh/-/create-ecdh-4.0.3.tgz#c9111b6f33045c4697f144787f9254cdc77c45ff"
-  integrity sha512-GbEHQPMOswGpKXM9kCWVrremUcBmjteUaQ01T9rkKCPDXfUHX0IoP9LpHYo2NPFampa4e+/pFDc3jQdxrxQLaw==
+  version "4.0.4"
+  resolved "https://registry.yarnpkg.com/create-ecdh/-/create-ecdh-4.0.4.tgz#d6e7f4bffa66736085a0762fd3a632684dabcc4e"
+  integrity sha512-mf+TCx8wWc9VpuxfP2ht0iSISLZnt0JgWlrOKZiNqyUZWnjIaCIVNQArMHnCZKfEYRg6IM7A+NeJoN8gf/Ws0A==
   dependencies:
     bn.js "^4.1.0"
-    elliptic "^6.0.0"
+    elliptic "^6.5.3"
 
 create-hash@^1.1.0, create-hash@^1.1.2, create-hash@^1.2.0:
   version "1.2.0"
@@ -2530,13 +2562,12 @@ css-select@^2.0.0:
     nth-check "^1.0.2"
 
 css-selector-tokenizer@^0.7.1:
-  version "0.7.2"
-  resolved "https://registry.yarnpkg.com/css-selector-tokenizer/-/css-selector-tokenizer-0.7.2.tgz#11e5e27c9a48d90284f22d45061c303d7a25ad87"
-  integrity sha512-yj856NGuAymN6r8bn8/Jl46pR+OC3eEvAhfGYDUe7YPtTPAYrSSw4oAniZ9Y8T5B92hjhwTBLUen0/vKPxf6pw==
+  version "0.7.3"
+  resolved "https://registry.yarnpkg.com/css-selector-tokenizer/-/css-selector-tokenizer-0.7.3.tgz#735f26186e67c749aaf275783405cf0661fae8f1"
+  integrity sha512-jWQv3oCEL5kMErj4wRnK/OPoBi0D+P1FR2cDCKYPaMeD2eW3/mttav8HT4hT1CKopiJI/psEULjkClhvJo4Lvg==
   dependencies:
     cssesc "^3.0.0"
     fastparse "^1.1.2"
-    regexpu-core "^4.6.0"
 
 css-tree@1.0.0-alpha.37:
   version "1.0.0-alpha.37"
@@ -2555,9 +2586,9 @@ css-tree@1.0.0-alpha.39:
     source-map "^0.6.1"
 
 css-what@^3.2.1:
-  version "3.2.1"
-  resolved "https://registry.yarnpkg.com/css-what/-/css-what-3.2.1.tgz#f4a8f12421064621b456755e34a03a2c22df5da1"
-  integrity sha512-WwOrosiQTvyms+Ti5ZC5vGEK0Vod3FTt1ca+payZqvKuGJF+dq7bG63DstxtN0dpm6FxY27a/zS3Wten+gEtGw==
+  version "3.3.0"
+  resolved "https://registry.yarnpkg.com/css-what/-/css-what-3.3.0.tgz#10fec696a9ece2e591ac772d759aacabac38cd39"
+  integrity sha512-pv9JPyatiPaQ6pf4OvD/dbfm0o5LviWmwxNWzblYf/1u9QZd0ihV+PMwy5jdQWQ3349kZmKEx9WXuSka2dM4cg==
 
 css@^2.0.0:
   version "2.2.4"
@@ -2860,12 +2891,12 @@ diffie-hellman@^5.0.0:
     miller-rabin "^4.0.0"
     randombytes "^2.0.0"
 
-dir-glob@^2.0.0:
-  version "2.2.2"
-  resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-2.2.2.tgz#fa09f0694153c8918b18ba0deafae94769fc50c4"
-  integrity sha512-f9LBi5QWzIW3I6e//uxZoLBlUt9kcp66qo0sSCxL6YZKc75R1c4MFCoe/LaZiBGmgujvQdxc5Bn3QhfyvK5Hsw==
+dir-glob@^3.0.1:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/dir-glob/-/dir-glob-3.0.1.tgz#56dbf73d992a4a93ba1584f4534063fd2e41717f"
+  integrity sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA==
   dependencies:
-    path-type "^3.0.0"
+    path-type "^4.0.0"
 
 dns-equal@^1.0.0:
   version "1.0.0"
@@ -2911,9 +2942,9 @@ domelementtype@^2.0.1:
   integrity sha512-5HOHUDsYZWV8FGWN0Njbr/Rn7f/eWSQi1v7+HsUVwXgn8nWWlL64zKDkS0n8ZmQ3mlWOMuXOnR+7Nx/5tMO5AQ==
 
 domino@^2.1.2:
-  version "2.1.5"
-  resolved "https://registry.yarnpkg.com/domino/-/domino-2.1.5.tgz#4aa08e395d496c463c3afee1cd0f7173f63eacb5"
-  integrity sha512-vMDo7f6ogUV9PkzmxXLiXzJkJZqU09Le4C40mj+HmAGS/2FPmdetoNOQZXpu2kekn0GJKvtwKMAVoruTj60Xww==
+  version "2.1.6"
+  resolved "https://registry.yarnpkg.com/domino/-/domino-2.1.6.tgz#fe4ace4310526e5e7b9d12c7de01b7f485a57ffe"
+  integrity sha512-3VdM/SXBZX2omc9JF9nOPCtDaYQ67BGp5CoLpIQlO2KCAPETs8TcDHacF26jXadGbvUteZzRTeos2fhID5+ucQ==
 
 domutils@^1.7.0:
   version "1.7.0"
@@ -2953,12 +2984,12 @@ ee-first@1.1.1:
   resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
   integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=
 
-electron-to-chromium@^1.3.413:
-  version "1.3.443"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.443.tgz#b01c8933e820a728afc5dde7dd535c53ff55ab11"
-  integrity sha512-ty0LEroTap/xfMy31oQ3XX+Q377QvWvJaha2cmuXcbmBiX2EIB5SNDQ0hp8lhvxj63WG0zOgm/4MQ/oUBdfQqg==
+electron-to-chromium@^1.3.523:
+  version "1.3.531"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.531.tgz#fe432e23c306f7b3579506de9ca63703ef086b9d"
+  integrity sha512-cRdM9noPSUvZ2TCJByhFL78amPMjNZlGJG27EPuJZK0CwWzBfj3ei7hJh0hNsjvgC0BayRW8Bc06DTCELcMC9Q==
 
-elliptic@^6.0.0, elliptic@^6.5.2:
+elliptic@^6.5.3:
   version "6.5.3"
   resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.3.tgz#cb59eb2efdaf73a0bd78ccd7015a62ad6e0f93d6"
   integrity sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==
@@ -2976,6 +3007,11 @@ emitter-component@^1.1.1:
   resolved "https://registry.yarnpkg.com/emitter-component/-/emitter-component-1.1.1.tgz#065e2dbed6959bf470679edabeaf7981d1003ab6"
   integrity sha1-Bl4tvtaVm/RwZ57avq95gdEAOrY=
 
+emoji-regex@^7.0.1:
+  version "7.0.3"
+  resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-7.0.3.tgz#933a04052860c85e83c122479c4748a8e4c72156"
+  integrity sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA==
+
 emoji-regex@^8.0.0:
   version "8.0.0"
   resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-8.0.0.tgz#e818fd69ce5ccfcb404594f842963bf53164cc37"
@@ -3005,7 +3041,7 @@ end-of-stream@^1.0.0, end-of-stream@^1.1.0:
   dependencies:
     once "^1.4.0"
 
-enhanced-resolve@4.1.1, enhanced-resolve@^4.1.0:
+enhanced-resolve@4.1.1:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-4.1.1.tgz#2937e2b8066cd0fe7ce0990a98f0d71a35189f66"
   integrity sha512-98p2zE+rL7/g/DzMHMTF4zZlCgeVdJ7yr6xzEpJRYwFYrGi9ANdn5DnJURg6RpBkyk60XYDnWIv51VfIhfNGuA==
@@ -3014,10 +3050,19 @@ enhanced-resolve@4.1.1, enhanced-resolve@^4.1.0:
     memory-fs "^0.5.0"
     tapable "^1.0.0"
 
+enhanced-resolve@^4.1.0:
+  version "4.3.0"
+  resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-4.3.0.tgz#3b806f3bfafc1ec7de69551ef93cca46c1704126"
+  integrity sha512-3e87LvavsdxyoCfGusJnrZ5G8SLPOFeHSNpZI/ATL9a5leXo2k0w6MKnbqhdBad9qTobSfB20Ld7UmgoNbAZkQ==
+  dependencies:
+    graceful-fs "^4.1.2"
+    memory-fs "^0.5.0"
+    tapable "^1.0.0"
+
 entities@^2.0.0:
-  version "2.0.2"
-  resolved "https://registry.yarnpkg.com/entities/-/entities-2.0.2.tgz#ac74db0bba8d33808bbf36809c3a5c3683531436"
-  integrity sha512-dmD3AvJQBUjKpcNkoqr+x+IF0SdRtPz9Vk0uTy4yWqga9ibB6s4v++QFWNohjiUGoMlF552ZvNyXDxz5iW0qmw==
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/entities/-/entities-2.0.3.tgz#5c487e5742ab93c15abb5da22759b8590ec03b7f"
+  integrity sha512-MyoZ0jgnLvB2X3Lg5HqpFmn1kybDiIfEQmKzTb5apr51Rb+T3KdmMiqa70T+bhGnyv7bQ6WMj2QMHpGMmlrUYQ==
 
 err-code@^1.0.0:
   version "1.1.2"
@@ -3039,21 +3084,21 @@ error-ex@^1.3.1:
     is-arrayish "^0.2.1"
 
 es-abstract@^1.17.0-next.1, es-abstract@^1.17.2, es-abstract@^1.17.4, es-abstract@^1.17.5:
-  version "1.17.5"
-  resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.17.5.tgz#d8c9d1d66c8981fb9200e2251d799eee92774ae9"
-  integrity sha512-BR9auzDbySxOcfog0tLECW8l28eRGpDpU3Dm3Hp4q/N+VtLTmyj4EUN088XZWQDW/hzj6sYRDXeOFsaAODKvpg==
+  version "1.17.6"
+  resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.17.6.tgz#9142071707857b2cacc7b89ecb670316c3e2d52a"
+  integrity sha512-Fr89bON3WFyUi5EvAeI48QTWX0AyekGgLA8H+c+7fbfCkJwRWRMLd8CQedNEyJuoYYhmtEqY92pgte1FAhBlhw==
   dependencies:
     es-to-primitive "^1.2.1"
     function-bind "^1.1.1"
     has "^1.0.3"
     has-symbols "^1.0.1"
-    is-callable "^1.1.5"
-    is-regex "^1.0.5"
+    is-callable "^1.2.0"
+    is-regex "^1.1.0"
     object-inspect "^1.7.0"
     object-keys "^1.1.1"
     object.assign "^4.1.0"
-    string.prototype.trimleft "^2.1.1"
-    string.prototype.trimright "^2.1.1"
+    string.prototype.trimend "^1.0.1"
+    string.prototype.trimstart "^1.0.1"
 
 es-get-iterator@^1.1.0:
   version "1.1.0"
@@ -3089,6 +3134,11 @@ es6-promisify@^5.0.0:
   dependencies:
     es6-promise "^4.0.3"
 
+escalade@^3.0.2:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.0.2.tgz#6a580d70edb87880f22b4c91d0d56078df6962c4"
+  integrity sha512-gPYAU37hYCUhW5euPeR+Y74F7BL+IBsV93j5cvGriSaD1aG6MGsqsV1yamRdrWrb2j3aiZvb0X+UBOWpx3JWtQ==
+
 escape-html@~1.0.3:
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988"
@@ -3140,9 +3190,9 @@ eventemitter3@^4.0.0:
   integrity sha512-rlaVLnVxtxvoyLsQQFBx53YmXHDxRIzzTLbdfxqi4yocpSjAxXwkU0cScM5JgSKMqEhrZpnvQ2D9gjylR0AimQ==
 
 events@^3.0.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/events/-/events-3.1.0.tgz#84279af1b34cb75aa88bf5ff291f6d0bd9b31a59"
-  integrity sha512-Rv+u8MLHNOdMjTAFeT3nCjHn2aGlx435FP/sDHNaRhDEMwyI/aB22Kj2qIN8R0cw3z28psEQLYwxVKLsKrMgWg==
+  version "3.2.0"
+  resolved "https://registry.yarnpkg.com/events/-/events-3.2.0.tgz#93b87c18f8efcd4202a461aec4dfc0556b639379"
+  integrity sha512-/46HWwbfCX2xTawVfkKLGxMifJYQBWMwY1mjywRtb4c9x8l5NP3KoJtnIOiL1hfdRkIuYhETxQlo62IF8tcnlg==
 
 eventsource@^1.0.7:
   version "1.0.7"
@@ -3275,9 +3325,21 @@ extsprintf@^1.2.0:
   integrity sha1-4mifjzVvrWLMplo6kcXfX5VRaS8=
 
 fast-deep-equal@^3.1.1:
-  version "3.1.1"
-  resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.1.tgz#545145077c501491e33b15ec408c294376e94ae4"
-  integrity sha512-8UEa58QDLauDNfpbrX55Q9jrGHThw2ZMdOky5Gl1CDtVeJDPVrG4Jxx1N8jw2gkWaff5UUuX1KJd+9zGe2B+ZA==
+  version "3.1.3"
+  resolved "https://registry.yarnpkg.com/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz#3a7d56b559d6cbc3eb512325244e619a65c6c525"
+  integrity sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==
+
+fast-glob@^3.1.1, fast-glob@^3.2.4:
+  version "3.2.4"
+  resolved "https://registry.yarnpkg.com/fast-glob/-/fast-glob-3.2.4.tgz#d20aefbf99579383e7f3cc66529158c9b98554d3"
+  integrity sha512-kr/Oo6PX51265qeuCYsyGypiO5uJFgBS0jksyG7FUeCyQzNwYnzrNIMR1NXfkZXsMYXYLRAHgISHBz8gQcxKHQ==
+  dependencies:
+    "@nodelib/fs.stat" "^2.0.2"
+    "@nodelib/fs.walk" "^1.2.3"
+    glob-parent "^5.1.0"
+    merge2 "^1.3.0"
+    micromatch "^4.0.2"
+    picomatch "^2.2.1"
 
 fast-json-stable-stringify@2.1.0, fast-json-stable-stringify@^2.0.0:
   version "2.1.0"
@@ -3289,6 +3351,13 @@ fastparse@^1.1.2:
   resolved "https://registry.yarnpkg.com/fastparse/-/fastparse-1.1.2.tgz#91728c5a5942eced8531283c79441ee4122c35a9"
   integrity sha512-483XLLxTVIwWK3QTrMGRqUfUpoOs/0hbQrl2oz4J0pAcm3A3bu84wxTFqGqkJzewCLdME38xJLJAxBABfQT8sQ==
 
+fastq@^1.6.0:
+  version "1.8.0"
+  resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.8.0.tgz#550e1f9f59bbc65fe185cb6a9b4d95357107f481"
+  integrity sha512-SMIZoZdLh/fgofivvIkmknUXyPnvxRE3DhtZ5Me3Mrsk5gyPL42F0xr51TdRXskBxHfMp+07bcYzfsYEsSQA9Q==
+  dependencies:
+    reusify "^1.0.4"
+
 faye-websocket@^0.10.0:
   version "0.10.0"
   resolved "https://registry.yarnpkg.com/faye-websocket/-/faye-websocket-0.10.0.tgz#4e492f8d04dfb6f89003507f6edbf2d501e7c6f4"
@@ -3358,7 +3427,7 @@ finalhandler@~1.1.2:
     statuses "~1.5.0"
     unpipe "~1.0.0"
 
-find-cache-dir@3.3.1, find-cache-dir@^3.2.0:
+find-cache-dir@3.3.1, find-cache-dir@^3.3.1:
   version "3.3.1"
   resolved "https://registry.yarnpkg.com/find-cache-dir/-/find-cache-dir-3.3.1.tgz#89b33fad4a4670daa94f855f7fbe31d6d84fe880"
   integrity sha512-t2GDMt3oGC/v+BMwzmllWDuJF/xcDtE5j/fCGbqDD7OLuJkj0cfh1YSA5VKPvwMeLFLNDBkwOKZ2X85jGLVftQ==
@@ -3376,13 +3445,6 @@ find-cache-dir@^2.0.0, find-cache-dir@^2.1.0:
     make-dir "^2.0.0"
     pkg-dir "^3.0.0"
 
-find-up@^2.1.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/find-up/-/find-up-2.1.0.tgz#45d1b7e506c717ddd482775a2b77920a3c0c57a7"
-  integrity sha1-RdG35QbHF93UgndaK3eSCjwMV6c=
-  dependencies:
-    locate-path "^2.0.0"
-
 find-up@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/find-up/-/find-up-3.0.0.tgz#49169f1d7993430646da61ecc5ae355c21c97b73"
@@ -3407,11 +3469,9 @@ flush-write-stream@^1.0.0:
     readable-stream "^2.3.6"
 
 follow-redirects@^1.0.0:
-  version "1.11.0"
-  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.11.0.tgz#afa14f08ba12a52963140fe43212658897bc0ecb"
-  integrity sha512-KZm0V+ll8PfBrKwMzdo5D13b1bur9Iq9Zd/RMmAoQQcl2PxxFml8cxXPaaPYVbV0RjNjq1CU7zIzAOqtUPudmA==
-  dependencies:
-    debug "^3.0.0"
+  version "1.13.0"
+  resolved "https://registry.yarnpkg.com/follow-redirects/-/follow-redirects-1.13.0.tgz#b42e8d93a2a7eea5ed88633676d6597bc8e384db"
+  integrity sha512-aq6gF1BEKje4a9i9+5jimNFIpq4Q1WiwBToeRK5NvZBd/TRsmW8BsJfOEGkr76TbOyPVD3OVDN910EcUNtRYEA==
 
 for-in@^1.0.2:
   version "1.0.2"
@@ -3528,11 +3588,6 @@ gensync@^1.0.0-beta.1:
   resolved "https://registry.yarnpkg.com/gensync/-/gensync-1.0.0-beta.1.tgz#58f4361ff987e5ff6e1e7a210827aa371eaac269"
   integrity sha512-r8EC6NO1sngH/zdD9fiRDLdcgnbayXah+mLgManTaIZJqEC1MZstmnox8KpnI2/fxQwrp5OpCOYWLp4rBl4Jcg==
 
-get-caller-file@^1.0.1:
-  version "1.0.3"
-  resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-1.0.3.tgz#f978fa4c90d1dfe7ff2d6beda2a515e713bdcf4a"
-  integrity sha512-3t6rVToeoZfYSGd8YoLFR2DJkiQrIiUrGcjvFX2mDw3bn6k2OtwHN0TNCLbBO+w8qTvimhDkv+LSscbJY1vE6w==
-
 get-caller-file@^2.0.1:
   version "2.0.5"
   resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e"
@@ -3565,14 +3620,14 @@ glob-parent@^3.1.0:
     is-glob "^3.1.0"
     path-dirname "^1.0.0"
 
-glob-parent@~5.1.0:
+glob-parent@^5.1.0, glob-parent@^5.1.1, glob-parent@~5.1.0:
   version "5.1.1"
   resolved "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.1.tgz#b6c1ef417c4e5663ea498f1c45afac6916bbc229"
   integrity sha512-FnI+VGOpnlGHWZxthPGR+QhR78fuiK0sNLkHQv+bL9fQi57lNNdquIbna/WrfROrolq8GK5Ek6BiMwqL/voRYQ==
   dependencies:
     is-glob "^4.0.1"
 
-glob@7.1.6, glob@^7.0.3, glob@^7.1.1, glob@^7.1.2, glob@^7.1.3, glob@^7.1.4:
+glob@7.1.6, glob@^7.0.3, glob@^7.1.1, glob@^7.1.3, glob@^7.1.4:
   version "7.1.6"
   resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.6.tgz#141f33b81a7c2492e125594307480c46679278a6"
   integrity sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==
@@ -3589,6 +3644,18 @@ globals@^11.1.0:
   resolved "https://registry.yarnpkg.com/globals/-/globals-11.12.0.tgz#ab8795338868a0babd8525758018c2a7eb95c42e"
   integrity sha512-WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA==
 
+globby@^11.0.1:
+  version "11.0.1"
+  resolved "https://registry.yarnpkg.com/globby/-/globby-11.0.1.tgz#9a2bf107a068f3ffeabc49ad702c79ede8cfd357"
+  integrity sha512-iH9RmgwCmUJHi2z5o2l3eTtGBtXek1OYlHrbcxOYugyHLmAsZrPj43OtHThd62Buh/Vv6VyCBD2bdyWcGNQqoQ==
+  dependencies:
+    array-union "^2.1.0"
+    dir-glob "^3.0.1"
+    fast-glob "^3.1.1"
+    ignore "^5.1.4"
+    merge2 "^1.3.0"
+    slash "^3.0.0"
+
 globby@^6.1.0:
   version "6.1.0"
   resolved "https://registry.yarnpkg.com/globby/-/globby-6.1.0.tgz#f5a6d70e8395e21c858fb0489d64df02424d506c"
@@ -3600,19 +3667,7 @@ globby@^6.1.0:
     pify "^2.0.0"
     pinkie-promise "^2.0.0"
 
-globby@^7.1.1:
-  version "7.1.1"
-  resolved "https://registry.yarnpkg.com/globby/-/globby-7.1.1.tgz#fb2ccff9401f8600945dfada97440cca972b8680"
-  integrity sha1-+yzP+UAfhgCUXfral0QMypcrhoA=
-  dependencies:
-    array-union "^1.0.1"
-    dir-glob "^2.0.0"
-    glob "^7.1.2"
-    ignore "^3.3.5"
-    pify "^3.0.0"
-    slash "^1.0.0"
-
-graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.1.6, graceful-fs@^4.2.2:
+graceful-fs@^4.1.11, graceful-fs@^4.1.15, graceful-fs@^4.1.2, graceful-fs@^4.1.6:
   version "4.2.4"
   resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.4.tgz#2256bde14d3632958c465ebc96dc467ca07a29fb"
   integrity sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw==
@@ -3633,11 +3688,11 @@ har-schema@^2.0.0:
   integrity sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=
 
 har-validator@~5.1.3:
-  version "5.1.3"
-  resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-5.1.3.tgz#1ef89ebd3e4996557675eed9893110dc350fa080"
-  integrity sha512-sNvOCzEQNr/qrvJgc3UG/kD4QtlHycrzwS+6mfTrrSq97BvaYcPZZI1ZSqGSPR73Cxn4LKTD4PttRwfU7jWq5g==
+  version "5.1.5"
+  resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-5.1.5.tgz#1f0803b9f8cb20c0fa13822df1ecddb36bde1efd"
+  integrity sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==
   dependencies:
-    ajv "^6.5.5"
+    ajv "^6.12.3"
     har-schema "^2.0.0"
 
 has-flag@^3.0.0:
@@ -3730,11 +3785,11 @@ hosted-git-info@^2.1.4, hosted-git-info@^2.7.1:
   integrity sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==
 
 hosted-git-info@^3.0.2:
-  version "3.0.4"
-  resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-3.0.4.tgz#be4973eb1fd2737b11c9c7c19380739bb249f60d"
-  integrity sha512-4oT62d2jwSDBbLLFLZE+1vPuQ1h8p9wjrJ8Mqx5TjsyWmBMV5B13eJqn8pvluqubLf3cJPTfiYCIwNwDNmzScQ==
+  version "3.0.5"
+  resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-3.0.5.tgz#bea87905ef7317442e8df3087faa3c842397df03"
+  integrity sha512-i4dpK6xj9BIpVOTboXIlKG9+8HMKggcrMX7WA24xZtKwX0TPelq/rbaS5rCKeNX8sJXZJGdSxpnEGtta+wismQ==
   dependencies:
-    lru-cache "^5.1.1"
+    lru-cache "^6.0.0"
 
 hpack.js@^2.1.6:
   version "2.1.6"
@@ -3761,7 +3816,7 @@ html-comment-regex@^1.1.0:
   resolved "https://registry.yarnpkg.com/html-comment-regex/-/html-comment-regex-1.1.2.tgz#97d4688aeb5c81886a364faa0cad1dda14d433a7"
   integrity sha512-P+M65QY2JQ5Y0G9KKdlDpo0zK+/OHptU5AaBwUfAIDJZk1MYf32Frm84EcOytfJE0t5JvkAnKlmjsXDnWzCJmQ==
 
-html-entities@^1.2.1:
+html-entities@^1.3.1:
   version "1.3.1"
   resolved "https://registry.yarnpkg.com/html-entities/-/html-entities-1.3.1.tgz#fb9a1a4b5b14c5daba82d3e34c6ae4fe701a0e44"
   integrity sha512-rhE/4Z3hIhzHAUKbW8jVcCyuT5oJCXXqhN/6mXXVCpzTmvJnoH2HL/bt3EZ6p55jbFJBeAe1ZNpL5BugLujxNA==
@@ -3808,10 +3863,10 @@ http-errors@~1.7.2:
     statuses ">= 1.5.0 < 2"
     toidentifier "1.0.0"
 
-"http-parser-js@>=0.4.0 <0.4.11":
-  version "0.4.10"
-  resolved "https://registry.yarnpkg.com/http-parser-js/-/http-parser-js-0.4.10.tgz#92c9c1374c35085f75db359ec56cc257cbb93fa4"
-  integrity sha1-ksnBN0w1CF912zWexWzCV8u5P6Q=
+http-parser-js@>=0.5.1:
+  version "0.5.2"
+  resolved "https://registry.yarnpkg.com/http-parser-js/-/http-parser-js-0.5.2.tgz#da2e31d237b393aae72ace43882dd7e270a8ff77"
+  integrity sha512-opCO9ASqg5Wy2FNo7A0sxy71yGbbkJJXLdgMK04Tcypw9jr2MgWbyubb0+WdmDmGnFflO7fRbqbaihh/ENDlRQ==
 
 http-proxy-agent@^2.1.0:
   version "2.1.0"
@@ -3907,10 +3962,10 @@ ignore-walk@^3.0.1:
   dependencies:
     minimatch "^3.0.4"
 
-ignore@^3.3.5:
-  version "3.3.10"
-  resolved "https://registry.yarnpkg.com/ignore/-/ignore-3.3.10.tgz#0a97fb876986e8081c631160f8f9f389157f0043"
-  integrity sha512-Pgs951kaMm5GXP7MOvxERINe3gsaVjUWFm+UZPSq9xYriQAksyhg0csnS0KXSNRD5NmNdapXEpjxG49+AKh/ug==
+ignore@^5.1.4:
+  version "5.1.8"
+  resolved "https://registry.yarnpkg.com/ignore/-/ignore-5.1.8.tgz#f150a8b50a34289b33e22f5889abd4d8016f0e57"
+  integrity sha512-BMpfD7PpiETpBl/A6S498BaIJ6Y/ABT93ETbby2fP00v4EbvPBXWEoaR1UBPKs3iR53pJY7EtZk5KACI57i1Uw==
 
 image-size@~0.5.0:
   version "0.5.5"
@@ -4029,11 +4084,6 @@ invariant@^2.2.2, invariant@^2.2.4:
   dependencies:
     loose-envify "^1.0.0"
 
-invert-kv@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/invert-kv/-/invert-kv-2.0.0.tgz#7393f5afa59ec9ff5f67a27620d11c226e3eec02"
-  integrity sha512-wPVv/y/QQ/Uiirj/vh3oP+1Ww+AWehmi1g5fFWGPF6IpCBCDVrhgHRMvrLfdYcwDh3QJbGXDW4JAuzxElLSqKA==
-
 ip-regex@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/ip-regex/-/ip-regex-2.1.0.tgz#fa78bf5d2e6913c911ce9f819ee5146bb6d844e9"
@@ -4117,10 +4167,10 @@ is-buffer@^1.1.5:
   resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.6.tgz#efaa2ea9daa0d7ab2ea13a97b2b8ad51fefbe8be"
   integrity sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==
 
-is-callable@^1.1.4, is-callable@^1.1.5:
-  version "1.1.5"
-  resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.1.5.tgz#f7e46b596890456db74e7f6e976cb3273d06faab"
-  integrity sha512-ESKv5sMCJB2jnHTWZ3O5itG+O128Hsus4K4Qh1h2/cgn2vbgnLSVqfV46AeJA9D5EeeLa9w81KUXMtn34zhX+Q==
+is-callable@^1.1.4, is-callable@^1.2.0:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.0.tgz#83336560b54a38e35e3a2df7afd0454d691468bb"
+  integrity sha512-pyVD9AaGLxtg6srb2Ng6ynWJqkHU9bEM087AKck0w8QwDarTfNcpIYoU8x8Hv2Icm8u6kFJM18Dag8lyqGkviw==
 
 is-color-stop@^1.0.0:
   version "1.1.0"
@@ -4177,9 +4227,9 @@ is-directory@^0.3.1:
   integrity sha1-YTObbyR1/Hcv2cnYP1yFddwVSuE=
 
 is-docker@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/is-docker/-/is-docker-2.0.0.tgz#2cb0df0e75e2d064fe1864c37cdeacb7b2dcf25b"
-  integrity sha512-pJEdRugimx4fBMra5z2/5iRdZ63OhYV0vr0Dwm5+xtW4D1FvRkB8hamMIhnWfyJeDdyr/aa7BDyNbtG38VxgoQ==
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/is-docker/-/is-docker-2.1.1.tgz#4125a88e44e450d384e09047ede71adc2d144156"
+  integrity sha512-ZOoqiXfEwtGknTiuDEy8pN2CfE3TxMHprvNer1mXiqwkOT77Rw3YVrUQ52EqAOU3QAWDQ+bQdx7HJzrv7LS2Hw==
 
 is-extendable@^0.1.0, is-extendable@^0.1.1:
   version "0.1.1"
@@ -4198,13 +4248,6 @@ is-extglob@^2.1.0, is-extglob@^2.1.1:
   resolved "https://registry.yarnpkg.com/is-extglob/-/is-extglob-2.1.1.tgz#a88c02535791f02ed37c76a1b9ea9773c833f8c2"
   integrity sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=
 
-is-fullwidth-code-point@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz#ef9e31386f031a7f0d643af82fde50c457ef00cb"
-  integrity sha1-754xOG8DGn8NZDr4L95QxFfvAMs=
-  dependencies:
-    number-is-nan "^1.0.0"
-
 is-fullwidth-code-point@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz#a3b30a5c4f199183167aaab93beefae3ddfb654f"
@@ -4292,12 +4335,12 @@ is-plain-object@^2.0.3, is-plain-object@^2.0.4:
   dependencies:
     isobject "^3.0.1"
 
-is-regex@^1.0.4, is-regex@^1.0.5:
-  version "1.0.5"
-  resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.0.5.tgz#39d589a358bf18967f726967120b8fc1aed74eae"
-  integrity sha512-vlKW17SNq44owv5AQR3Cq0bQPEb8+kF3UKZ2fiZNOWtztYE5i0CzCZxFDwO58qAOWtxdBRVO/V5Qin1wjCqFYQ==
+is-regex@^1.0.4, is-regex@^1.0.5, is-regex@^1.1.0:
+  version "1.1.1"
+  resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.1.1.tgz#c6f98aacc546f6cec5468a07b7b153ab564a57b9"
+  integrity sha512-1+QkEcxiLlB7VEyFtyBg94e08OAsvq7FUBgApTq/w2ymCLyKJgDPsybBENVtA7XCQEgEXxKPonG+mvYRxh/LIg==
   dependencies:
-    has "^1.0.3"
+    has-symbols "^1.0.1"
 
 is-resolvable@^1.0.0:
   version "1.1.0"
@@ -4430,11 +4473,12 @@ jest-worker@25.1.0:
     merge-stream "^2.0.0"
     supports-color "^7.0.0"
 
-jest-worker@^25.1.0:
-  version "25.5.0"
-  resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-25.5.0.tgz#2611d071b79cea0f43ee57a3d118593ac1547db1"
-  integrity sha512-/dsSmUkIy5EBGfv/IjjqmFxrNAUpBERfGs1oHROyD7yxjG/w+t0GOJDX8O1k32ySmd7+a5IhnJU2qQFcJ4n1vw==
+jest-worker@^26.0.0:
+  version "26.3.0"
+  resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-26.3.0.tgz#7c8a97e4f4364b4f05ed8bca8ca0c24de091871f"
+  integrity sha512-Vmpn2F6IASefL+DVBhPzI2J9/GJUsqzomdeN+P+dK8/jKxbh8R3BtFnx3FIta7wYlPU62cpJMJQo4kuOowcMnw==
   dependencies:
+    "@types/node" "*"
     merge-stream "^2.0.0"
     supports-color "^7.0.0"
 
@@ -4449,9 +4493,9 @@ jquery@^3.5.1:
   integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==
 
 js-yaml@^3.13.1:
-  version "3.13.1"
-  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.13.1.tgz#aff151b30bfdfa8e49e05da22e7415e9dfa37847"
-  integrity sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==
+  version "3.14.0"
+  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.0.tgz#a7a34170f26a21bb162424d8adacb4113a69e482"
+  integrity sha512-/4IbIeHcD9VMHFqDR/gQ7EdZdLimOvW2DdcxFjdyyZ9NsbS+ccrXqVWDtab/lRl5AlUqmpBx8EhPaWR+OtY17A==
   dependencies:
     argparse "^1.0.7"
     esprima "^4.0.0"
@@ -4573,13 +4617,6 @@ kind-of@^6.0.0, kind-of@^6.0.2:
   resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-6.0.3.tgz#07c05034a6c349fa06e24fa35aa76db4580ce4dd"
   integrity sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==
 
-lcid@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/lcid/-/lcid-2.0.0.tgz#6ef5d2df60e52f82eb228a4c373e8d1f397253cf"
-  integrity sha512-avPEb8P8EGnwXKClwsNUgryVjllcRqtMYa49NTsbQagYuT1DcXnl1915oxWjoyGrXR6zH/Y0Zc96xWsPcoDKeA==
-  dependencies:
-    invert-kv "^2.0.0"
-
 less-loader@5.0.0:
   version "5.0.0"
   resolved "https://registry.yarnpkg.com/less-loader/-/less-loader-5.0.0.tgz#498dde3a6c6c4f887458ee9ed3f086a12ad1b466"
@@ -4589,10 +4626,10 @@ less-loader@5.0.0:
     loader-utils "^1.1.0"
     pify "^4.0.1"
 
-less@3.11.1:
-  version "3.11.1"
-  resolved "https://registry.yarnpkg.com/less/-/less-3.11.1.tgz#c6bf08e39e02404fe6b307a3dfffafdc55bd36e2"
-  integrity sha512-tlWX341RECuTOvoDIvtFqXsKj072hm3+9ymRBe76/mD6O5ZZecnlAOVDlWAleF2+aohFrxNidXhv2773f6kY7g==
+less@3.11.3:
+  version "3.11.3"
+  resolved "https://registry.yarnpkg.com/less/-/less-3.11.3.tgz#2d853954fcfe0169a8af869620bcaa16563dcc1c"
+  integrity sha512-VkZiTDdtNEzXA3LgjQiC3D7/ejleBPFVvq+aRI9mIj+Zhmif5TvFPM244bT4rzkvOCvJ9q4zAztok1M7Nygagw==
   dependencies:
     clone "^2.1.2"
     tslib "^1.10.0"
@@ -4600,8 +4637,8 @@ less@3.11.1:
     errno "^0.1.1"
     graceful-fs "^4.1.2"
     image-size "~0.5.0"
+    make-dir "^2.1.0"
     mime "^1.4.1"
-    mkdirp "^0.5.0"
     promise "^7.1.1"
     request "^2.83.0"
     source-map "~0.6.0"
@@ -4649,14 +4686,6 @@ loader-utils@^1.0.2, loader-utils@^1.1.0, loader-utils@^1.2.3, loader-utils@^1.4
     emojis-list "^3.0.0"
     json5 "^1.0.1"
 
-locate-path@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/locate-path/-/locate-path-2.0.0.tgz#2b568b265eec944c6d9c0de9c3dbbbca0354cd8e"
-  integrity sha1-K1aLJl7slExtnA3pw9u7ygNUzY4=
-  dependencies:
-    p-locate "^2.0.0"
-    path-exists "^3.0.0"
-
 locate-path@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/locate-path/-/locate-path-3.0.0.tgz#dbec3b3ab759758071b58fe59fc41871af21400e"
@@ -4687,7 +4716,7 @@ lodash.uniq@^4.5.0:
   resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773"
   integrity sha1-0CJTc662Uq3BvILklFM5qEJ1R3M=
 
-lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.15:
+lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.15, lodash@^4.17.19:
   version "4.17.19"
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.19.tgz#e48ddedbe30b3321783c5b4301fbd353bc1e4a4b"
   integrity sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==
@@ -4699,7 +4728,7 @@ log-symbols@^3.0.0:
   dependencies:
     chalk "^2.4.2"
 
-loglevel@^1.6.6:
+loglevel@^1.6.8:
   version "1.6.8"
   resolved "https://registry.yarnpkg.com/loglevel/-/loglevel-1.6.8.tgz#8a25fb75d092230ecd4457270d80b54e28011171"
   integrity sha512-bsU7+gc9AJ2SqpzxwU3+1fedl8zAntbtC5XYlt3s2j1hJcn2PsXSmgN8TaLG/J1/2mod4+cE/3vNL70/c1RNCA==
@@ -4718,6 +4747,13 @@ lru-cache@^5.1.1:
   dependencies:
     yallist "^3.0.2"
 
+lru-cache@^6.0.0:
+  version "6.0.0"
+  resolved "https://registry.yarnpkg.com/lru-cache/-/lru-cache-6.0.0.tgz#6d6fe6570ebd96aaf90fcad1dafa3b2566db3a94"
+  integrity sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==
+  dependencies:
+    yallist "^4.0.0"
+
 magic-string@0.25.7, magic-string@^0.25.0:
   version "0.25.7"
   resolved "https://registry.yarnpkg.com/magic-string/-/magic-string-0.25.7.tgz#3f497d6fd34c669c6798dcb821f2ef31f5445051"
@@ -4725,7 +4761,7 @@ magic-string@0.25.7, magic-string@^0.25.0:
   dependencies:
     sourcemap-codec "^1.4.4"
 
-make-dir@^2.0.0:
+make-dir@^2.0.0, make-dir@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/make-dir/-/make-dir-2.1.0.tgz#5f0310e18b8be898cc07009295a30ae41e91e6f5"
   integrity sha512-LS9X+dc8KLxXCb8dni79fLIIUA5VyZoyjSMCwTluaXA0o27cCK0bhXkpgw+sTXVpPy/lSO57ilRixqk0vDmtRA==
@@ -4762,13 +4798,6 @@ mamacro@^0.0.3:
   resolved "https://registry.yarnpkg.com/mamacro/-/mamacro-0.0.3.tgz#ad2c9576197c9f1abf308d0787865bd975a3f3e4"
   integrity sha512-qMEwh+UujcQ+kbz3T6V+wAmO2U8veoq2w+3wY8MquqwVA3jChfwY+Tk52GZKDfACEPjuZ7r2oJLejwpt8jtwTA==
 
-map-age-cleaner@^0.1.1:
-  version "0.1.3"
-  resolved "https://registry.yarnpkg.com/map-age-cleaner/-/map-age-cleaner-0.1.3.tgz#7d583a7306434c055fe474b0f45078e6e1b4b92a"
-  integrity sha512-bJzx6nMoP6PDLPBFmg7+xRKeFZvFboMrGlxmNj9ClvX53KrmvM5bXFXEWjbz4cz1AFn+jWJ9z/DJSz7hrs0w3w==
-  dependencies:
-    p-defer "^1.0.0"
-
 map-cache@^0.2.2:
   version "0.2.2"
   resolved "https://registry.yarnpkg.com/map-cache/-/map-cache-0.2.2.tgz#c32abd0bd6525d9b051645bb4f26ac5dc98a0dbf"
@@ -4810,15 +4839,6 @@ media-typer@0.3.0:
   resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748"
   integrity sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=
 
-mem@^4.0.0:
-  version "4.3.0"
-  resolved "https://registry.yarnpkg.com/mem/-/mem-4.3.0.tgz#461af497bc4ae09608cdb2e60eefb69bff744178"
-  integrity sha512-qX2bG48pTqYRVmDB37rn/6PT7LcR8T7oAX3bf99u1Tt1nzxYfxkgqDwUwolPlXweM0XzBOBFzSx4kfp7KP1s/w==
-  dependencies:
-    map-age-cleaner "^0.1.1"
-    mimic-fn "^2.0.0"
-    p-is-promise "^2.0.0"
-
 memory-fs@^0.4.1:
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/memory-fs/-/memory-fs-0.4.1.tgz#3a9a20b8462523e447cfbc7e8bb80ed667bfc552"
@@ -4852,6 +4872,11 @@ merge-stream@^2.0.0:
   resolved "https://registry.yarnpkg.com/merge-stream/-/merge-stream-2.0.0.tgz#52823629a14dd00c9770fb6ad47dc6310f2c1f60"
   integrity sha512-abv/qOcuPfk3URPfDzmZU1LKmuw8kT+0nIHvKrKgFrwifol/doWcdA4ZqsWQ8ENrFKkd67Mfpo/LovbIUsbt3w==
 
+merge2@^1.3.0:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/merge2/-/merge2-1.4.1.tgz#4368892f885e907455a6fd7dc55c0c9d404990ae"
+  integrity sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==
+
 methods@~1.1.2:
   version "1.1.2"
   resolved "https://registry.yarnpkg.com/methods/-/methods-1.1.2.tgz#5529a4d67654134edcc5266656835b0f851afcee"
@@ -4876,6 +4901,14 @@ micromatch@^3.1.10, micromatch@^3.1.4:
     snapdragon "^0.8.1"
     to-regex "^3.0.2"
 
+micromatch@^4.0.2:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/micromatch/-/micromatch-4.0.2.tgz#4fcb0999bf9fbc2fcbdd212f6d629b9a56c39259"
+  integrity sha512-y7FpHSbMUMoyPbYUSzO6PaZ6FyRnQOpHuKwbo1G+Knck95XVU4QAiKdGEnj5wwoS7PlOgthX/09u5iFJ+aYf5Q==
+  dependencies:
+    braces "^3.0.1"
+    picomatch "^2.0.5"
+
 miller-rabin@^4.0.0:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/miller-rabin/-/miller-rabin-4.0.1.tgz#f080351c865b0dc562a8462966daa53543c78a4d"
@@ -4902,11 +4935,11 @@ mime@1.6.0, mime@^1.4.1:
   integrity sha512-x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg==
 
 mime@^2.4.4:
-  version "2.4.5"
-  resolved "https://registry.yarnpkg.com/mime/-/mime-2.4.5.tgz#d8de2ecb92982dedbb6541c9b6841d7f218ea009"
-  integrity sha512-3hQhEUF027BuxZjQA3s7rIv/7VCQPa27hN9u9g87sEkWaKwQPuXOkVKtOeiyUrnWqTDiOs8Ed2rwg733mB0R5w==
+  version "2.4.6"
+  resolved "https://registry.yarnpkg.com/mime/-/mime-2.4.6.tgz#e5b407c90db442f2beb5b162373d07b69affa4d1"
+  integrity sha512-RZKhC3EmpBchfTGBVb8fb+RL2cWyw/32lshnsETttkBAyAUXSGHxbEJWWRXc751DrIxG1q04b8QwMbAwkRPpUA==
 
-mimic-fn@^2.0.0, mimic-fn@^2.1.0:
+mimic-fn@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-2.1.0.tgz#7ed2c2ccccaf84d3ffcb7a69b57711fc2083401b"
   integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==
@@ -4958,9 +4991,9 @@ minipass-flush@^1.0.5:
     minipass "^3.0.0"
 
 minipass-pipeline@^1.2.2:
-  version "1.2.3"
-  resolved "https://registry.yarnpkg.com/minipass-pipeline/-/minipass-pipeline-1.2.3.tgz#55f7839307d74859d6e8ada9c3ebe72cec216a34"
-  integrity sha512-cFOknTvng5vqnwOpDsZTWhNll6Jf8o2x+/diplafmxpuIymAjzoOolZG0VvQf3V2HgqzJNhnuKHYp2BqDgz8IQ==
+  version "1.2.4"
+  resolved "https://registry.yarnpkg.com/minipass-pipeline/-/minipass-pipeline-1.2.4.tgz#68472f79711c084657c067c5c6ad93cddea8214c"
+  integrity sha512-xuIq7cIOt09RPRJ19gdi4b+RiNvDFYe5JH+ggNvBqGqpQXcru3PcRmOZuHBKWK1Txf9+cQ+HMVN4d6z46LZP7A==
   dependencies:
     minipass "^3.0.0"
 
@@ -5018,22 +5051,22 @@ mixin-deep@^1.2.0:
     for-in "^1.0.2"
     is-extendable "^1.0.1"
 
-mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@~0.5.1, mkdirp@~0.5.x:
+mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@^0.5.5, mkdirp@~0.5.1, mkdirp@~0.5.x:
   version "0.5.5"
   resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.5.tgz#d91cefd62d1436ca0f41620e251288d420099def"
   integrity sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==
   dependencies:
     minimist "^1.2.5"
 
-mkdirp@^1.0.3:
+mkdirp@^1.0.3, mkdirp@^1.0.4:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.4.tgz#3eb5ed62622756d79a5f0e2a221dfebad75c2f7e"
   integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==
 
 moment@>=2.13.0, moment@^2.18.1:
-  version "2.25.3"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.25.3.tgz#252ff41319cf41e47761a1a88cab30edfe9808c0"
-  integrity sha512-PuYv0PHxZvzc15Sp8ybUCoQ+xpyPWvjOuK72a5ovzp2LI32rJXOiIfyoFoYvG3s6EwwrdkMyWuRiEHSZRLJNdg==
+  version "2.27.0"
+  resolved "https://registry.yarnpkg.com/moment/-/moment-2.27.0.tgz#8bff4e3e26a236220dfe3e36de756b6ebaa0105d"
+  integrity sha512-al0MUK7cpIcglMv3YF13qSgdAIqxHTO7brRtaz3DlSULbqfazqkc5kEjNrLDOM7fsjshoFIihnU8snrP7zUvhQ==
 
 move-concurrently@^1.0.1:
   version "1.0.1"
@@ -5108,9 +5141,9 @@ negotiator@0.6.2:
   integrity sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==
 
 neo-async@^2.5.0, neo-async@^2.6.1:
-  version "2.6.1"
-  resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.1.tgz#ac27ada66167fa8849a6addd837f6b189ad2081c"
-  integrity sha512-iyam8fBuCUpWeKPGpaNMetEocMt364qkCsfL9JuhjXX6dRnguRVOfk2GZaDpPjcOKiiXCPINZC1GczQ7iTq3Zw==
+  version "2.6.2"
+  resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.2.tgz#b4aafb93e3aeb2d8174ca53cf163ab7d7308305f"
+  integrity sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==
 
 ng2-ace-editor@^0.3.9:
   version "0.3.9"
@@ -5168,10 +5201,10 @@ node-libs-browser@^2.2.1:
     util "^0.11.0"
     vm-browserify "^1.0.1"
 
-node-releases@^1.1.53:
-  version "1.1.55"
-  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.55.tgz#8af23b7c561d8e2e6e36a46637bab84633b07cee"
-  integrity sha512-H3R3YR/8TjT5WPin/wOoHOUPHgvj8leuU/Keta/rwelEQN9pA/S2Dx8/se4pZ2LBxSd0nAGzsNzhqwa77v7F1w==
+node-releases@^1.1.60:
+  version "1.1.60"
+  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.60.tgz#6948bdfce8286f0b5d0e5a88e8384e954dfe7084"
+  integrity sha512-gsO4vjEdQaTusZAEebUWp2a5d7dF5DYoIpDG7WySnk7BuZDW+GPpHXoXXuYawRBr/9t5q54tirPz79kFIWg4dA==
 
 normalize-package-data@^2.0.0, normalize-package-data@^2.4.0:
   version "2.5.0"
@@ -5312,11 +5345,6 @@ num2fraction@^1.2.2:
   resolved "https://registry.yarnpkg.com/num2fraction/-/num2fraction-1.2.2.tgz#6f682b6a027a4e9ddfa4564cd2589d1d4e669ede"
   integrity sha1-b2gragJ6Tp3fpFZM0lidHU5mnt4=
 
-number-is-nan@^1.0.0:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/number-is-nan/-/number-is-nan-1.0.1.tgz#097b602b53422a522c1afb8790318336941a011d"
-  integrity sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=
-
 oauth-sign@~0.9.0:
   version "0.9.0"
   resolved "https://registry.yarnpkg.com/oauth-sign/-/oauth-sign-0.9.0.tgz#47a7b016baa68b5fa0ecf3dee08a85c679ac6455"
@@ -5337,9 +5365,9 @@ object-copy@^0.1.0:
     kind-of "^3.0.3"
 
 object-inspect@^1.7.0:
-  version "1.7.0"
-  resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.7.0.tgz#f4f6bd181ad77f006b5ece60bd0b6f398ff74a67"
-  integrity sha512-a7pEHdh1xKIAgTySUGgLMx/xwDZskN1Ud6egYYN3EdRW4ZMPNEDUTF+hwy2LUC+Bl+SyLXANnwz/jyh/qutKUw==
+  version "1.8.0"
+  resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.8.0.tgz#df807e5ecf53a609cc6bfe93eac3cc7be5b3a9d0"
+  integrity sha512-jLdtEOB112fORuypAyl/50VRVIBIdVQOSUUGQHzJ4xBSbit81zRarz7GThkEFZy1RceYrWYcPcBFPQwHyAc1gA==
 
 object-is@^1.0.1, object-is@^1.1.2:
   version "1.1.2"
@@ -5421,9 +5449,9 @@ once@^1.3.0, once@^1.3.1, once@^1.4.0:
     wrappy "1"
 
 onetime@^5.1.0:
-  version "5.1.0"
-  resolved "https://registry.yarnpkg.com/onetime/-/onetime-5.1.0.tgz#fff0f3c91617fe62bb50189636e99ac8a6df7be5"
-  integrity sha512-5NcSkPHhwTVFIQN+TUqXoS5+dlElHXdpAWu9I0HP20YOtIi+aZ0Ct82jdlILDxjLEAWwvm+qj1m6aEtsDVmm6Q==
+  version "5.1.2"
+  resolved "https://registry.yarnpkg.com/onetime/-/onetime-5.1.2.tgz#d0e96ebb56b07476df1dd9c4806e5237985ca45e"
+  integrity sha512-kbpaSSGJTWdAY5KPVeMOKXSrPtr8C8C7wodJbcsd51jRnmD+GZu8Y0VoU6Dm5Z4vWr0Ig/1NKuWRKf7j5aaYSg==
   dependencies:
     mimic-fn "^2.1.0"
 
@@ -5473,15 +5501,6 @@ os-homedir@^1.0.0:
   resolved "https://registry.yarnpkg.com/os-homedir/-/os-homedir-1.0.2.tgz#ffbc4988336e0e833de0c168c7ef152121aa7fb3"
   integrity sha1-/7xJiDNuDoM94MFox+8VISGqf7M=
 
-os-locale@^3.0.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/os-locale/-/os-locale-3.1.0.tgz#a802a6ee17f24c10483ab9935719cef4ed16bf1a"
-  integrity sha512-Z8l3R4wYWM40/52Z+S265okfFj8Kt2cC2MKY+xNi3kFs+XGI7WXu/I309QQQYbRW4ijiZ+yxs9pqEhJh0DqW3Q==
-  dependencies:
-    execa "^1.0.0"
-    lcid "^2.0.0"
-    mem "^4.0.0"
-
 os-tmpdir@^1.0.0, os-tmpdir@~1.0.2:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/os-tmpdir/-/os-tmpdir-1.0.2.tgz#bbe67406c79aa85c5cfec766fe5734555dfa1274"
@@ -5495,41 +5514,24 @@ osenv@^0.1.5:
     os-homedir "^1.0.0"
     os-tmpdir "^1.0.0"
 
-p-defer@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/p-defer/-/p-defer-1.0.0.tgz#9f6eb182f6c9aa8cd743004a7d4f96b196b0fb0c"
-  integrity sha1-n26xgvbJqozXQwBKfU+WsZaw+ww=
-
 p-finally@^1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/p-finally/-/p-finally-1.0.0.tgz#3fbcfb15b899a44123b34b6dcc18b724336a2cae"
   integrity sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=
 
-p-is-promise@^2.0.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/p-is-promise/-/p-is-promise-2.1.0.tgz#918cebaea248a62cf7ffab8e3bca8c5f882fc42e"
-  integrity sha512-Y3W0wlRPK8ZMRbNq97l4M5otioeA5lm1z7bkNkxCka8HSPjR0xRWmpCmc9utiaLP9Jb1eD8BgeIxTW4AIF45Pg==
-
-p-limit@^1.1.0:
-  version "1.3.0"
-  resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-1.3.0.tgz#b86bd5f0c25690911c7590fcbfc2010d54b3ccb8"
-  integrity sha512-vvcXsLAJ9Dr5rQOPk7toZQZJApBl2K4J6dANSsEuh6QI41JYcsS/qhTGa9ErIUUgK3WNQoJYvylxvjqmiqEA9Q==
-  dependencies:
-    p-try "^1.0.0"
-
-p-limit@^2.0.0, p-limit@^2.2.0, p-limit@^2.2.1, p-limit@^2.2.2:
+p-limit@^2.0.0, p-limit@^2.2.0, p-limit@^2.3.0:
   version "2.3.0"
   resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-2.3.0.tgz#3dd33c647a214fdfffd835933eb086da0dc21db1"
   integrity sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==
   dependencies:
     p-try "^2.0.0"
 
-p-locate@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/p-locate/-/p-locate-2.0.0.tgz#20a0103b222a70c8fd39cc2e580680f3dde5ec43"
-  integrity sha1-IKAQOyIqcMj9OcwuWAaA893l7EM=
+p-limit@^3.0.1:
+  version "3.0.2"
+  resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-3.0.2.tgz#1664e010af3cadc681baafd3e2a437be7b0fb5fe"
+  integrity sha512-iwqZSOoWIW+Ew4kAGUlN16J4M7OB3ysMLSZtnhmqx7njIHFPlxWBX8xo3lVTyFVq6mI/lL9qt2IsN1sHwaxJkg==
   dependencies:
-    p-limit "^1.1.0"
+    p-try "^2.0.0"
 
 p-locate@^3.0.0:
   version "3.0.0"
@@ -5557,6 +5559,13 @@ p-map@^3.0.0:
   dependencies:
     aggregate-error "^3.0.0"
 
+p-map@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/p-map/-/p-map-4.0.0.tgz#bb2f95a5eda2ec168ec9274e06a747c3e2904d2b"
+  integrity sha512-/bjOqmgETBYB5BoEeGVea8dmvHb2m9GLy1E9W43yeyfP6QQCZGFNa+XRceJEuDB6zqr+gKpIAmlLebMpykw/MQ==
+  dependencies:
+    aggregate-error "^3.0.0"
+
 p-retry@^3.0.1:
   version "3.0.1"
   resolved "https://registry.yarnpkg.com/p-retry/-/p-retry-3.0.1.tgz#316b4c8893e2c8dc1cfa891f406c4b422bebf328"
@@ -5564,11 +5573,6 @@ p-retry@^3.0.1:
   dependencies:
     retry "^0.12.0"
 
-p-try@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/p-try/-/p-try-1.0.0.tgz#cbc79cdbaf8fd4228e13f621f2b1a237c1b207b3"
-  integrity sha1-y8ec26+P1CKOE/Yh8rGiN8GyB7M=
-
 p-try@^2.0.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/p-try/-/p-try-2.2.0.tgz#cb2868540e313d61de58fafbe35ce9004d5540e6"
@@ -5625,13 +5629,12 @@ parallel-transform@^1.1.0:
     readable-stream "^2.1.5"
 
 parse-asn1@^5.0.0, parse-asn1@^5.1.5:
-  version "5.1.5"
-  resolved "https://registry.yarnpkg.com/parse-asn1/-/parse-asn1-5.1.5.tgz#003271343da58dc94cace494faef3d2147ecea0e"
-  integrity sha512-jkMYn1dcJqF6d5CpU689bq7w/b5ALS9ROVSpQDPrZsqqesUJii9qutvoT5ltGedNXMO2e16YUWIghG9KxaViTQ==
+  version "5.1.6"
+  resolved "https://registry.yarnpkg.com/parse-asn1/-/parse-asn1-5.1.6.tgz#385080a3ec13cb62a62d39409cb3e88844cdaed4"
+  integrity sha512-RnZRo1EPU6JBnra2vGHj0yhp6ebyjBZpmUCLHWiFhxlzvBCCpAuZ7elsBp1PVAbQN0/04VD/19rfzlBSwLstMw==
   dependencies:
-    asn1.js "^4.0.0"
+    asn1.js "^5.2.0"
     browserify-aes "^1.0.0"
-    create-hash "^1.1.0"
     evp_bytestokey "^1.0.0"
     pbkdf2 "^3.0.3"
     safe-buffer "^5.1.1"
@@ -5704,17 +5707,15 @@ path-to-regexp@0.1.7:
   resolved "https://registry.yarnpkg.com/path-to-regexp/-/path-to-regexp-0.1.7.tgz#df604178005f522f15eb4490e7247a1bfaa67f8c"
   integrity sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=
 
-path-type@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/path-type/-/path-type-3.0.0.tgz#cef31dc8e0a1a3bb0d105c0cd97cf3bf47f4e36f"
-  integrity sha512-T2ZUsdZFHgA3u4e5PfPbjd7HDDpxPnQb5jN0SrDsjNSuVXHJqtwTnWqG0B1jZrgmJ/7lj1EmVIByWt1gxGkWvg==
-  dependencies:
-    pify "^3.0.0"
+path-type@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/path-type/-/path-type-4.0.0.tgz#84ed01c0a7ba380afe09d90a8c180dcd9d03043b"
+  integrity sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==
 
 pbkdf2@^3.0.3:
-  version "3.0.17"
-  resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.0.17.tgz#976c206530617b14ebb32114239f7b09336e93a6"
-  integrity sha512-U/il5MsrZp7mGg3mSQfn742na2T+1/vHDCG5/iTI3X9MKUuYUZVLQhyRsg06mCgDBTd57TxzgZt7P+fYfjRLtA==
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.1.1.tgz#cb8724b0fada984596856d1a6ebafd3584654b94"
+  integrity sha512-4Ejy1OPxi9f2tt1rRV7Go7zmfDQ+ZectEQz3VGUQhgq62HtIRPDyG/JtnwIxs6x3uNMwo2V7q1fMvKjb+Tnpqg==
   dependencies:
     create-hash "^1.1.2"
     create-hmac "^1.1.4"
@@ -5727,7 +5728,7 @@ performance-now@^2.1.0:
   resolved "https://registry.yarnpkg.com/performance-now/-/performance-now-2.1.0.tgz#6309f4e0e5fa913ec1c69307ae364b4b377c9e7b"
   integrity sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=
 
-picomatch@^2.0.4, picomatch@^2.2.1:
+picomatch@^2.0.4, picomatch@^2.0.5, picomatch@^2.2.1:
   version "2.2.2"
   resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.2.2.tgz#21f333e9b6b8eaff02468f5146ea406d345f4dad"
   integrity sha512-q0M/9eZHzmr0AulXyPwNfZjtwZ/RBZlbN3K3CErVrk50T2ASYI7Bye0EvekFY3IP1Nt2DHu0re+V2ZHIpMkuWg==
@@ -5737,11 +5738,6 @@ pify@^2.0.0, pify@^2.3.0:
   resolved "https://registry.yarnpkg.com/pify/-/pify-2.3.0.tgz#ed141a6ac043a849ea588498e7dca8b15330e90c"
   integrity sha1-7RQaasBDqEnqWISY59yosVMw6Qw=
 
-pify@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/pify/-/pify-3.0.0.tgz#e5a4acd2c101fdf3d9a4d07f0dbc4db49dd28176"
-  integrity sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY=
-
 pify@^4.0.1:
   version "4.0.1"
   resolved "https://registry.yarnpkg.com/pify/-/pify-4.0.1.tgz#4b2cd25c50d598735c50292224fd8c6df41e3231"
@@ -5773,26 +5769,19 @@ pkg-dir@^4.1.0:
   dependencies:
     find-up "^4.0.0"
 
-pkg-up@^2.0.0:
-  version "2.0.0"
-  resolved "https://registry.yarnpkg.com/pkg-up/-/pkg-up-2.0.0.tgz#c819ac728059a461cab1c3889a2be3c49a004d7f"
-  integrity sha1-yBmscoBZpGHKscOImivjxJoATX8=
-  dependencies:
-    find-up "^2.1.0"
-
 popper.js@^1.16.1:
   version "1.16.1"
   resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.16.1.tgz#2a223cb3dc7b6213d740e40372be40de43e65b1b"
   integrity sha512-Wb4p1J4zyFTbM+u6WuO4XstYx4Ky9Cewe4DWrel7B0w6VVICvPwdOpotjzcf6eD8TsckVnIMNONQyPIUFOUbCQ==
 
-portfinder@^1.0.25:
-  version "1.0.26"
-  resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.26.tgz#475658d56ca30bed72ac7f1378ed350bd1b64e70"
-  integrity sha512-Xi7mKxJHHMI3rIUrnm/jjUgwhbYMkp/XKEcZX3aG4BrumLpq3nmoQMX+ClYnDZnZ/New7IatC1no5RX0zo1vXQ==
+portfinder@^1.0.26:
+  version "1.0.28"
+  resolved "https://registry.yarnpkg.com/portfinder/-/portfinder-1.0.28.tgz#67c4622852bd5374dd1dd900f779f53462fac778"
+  integrity sha512-Se+2isanIcEqf2XMHjyUKskczxbPH7dQnlMjXX6+dybayyHvAf/TCgyMRlzf/B6QDhAEFOGes0pzRo3by4AbMA==
   dependencies:
     async "^2.6.2"
     debug "^3.1.1"
-    mkdirp "^0.5.1"
+    mkdirp "^0.5.5"
 
 posix-character-classes@^0.1.0:
   version "0.1.1"
@@ -5800,9 +5789,9 @@ posix-character-classes@^0.1.0:
   integrity sha1-AerA/jta9xoqbAL+q7jB/vfgDqs=
 
 postcss-calc@^7.0.1:
-  version "7.0.2"
-  resolved "https://registry.yarnpkg.com/postcss-calc/-/postcss-calc-7.0.2.tgz#504efcd008ca0273120568b0792b16cdcde8aac1"
-  integrity sha512-rofZFHUg6ZIrvRwPeFktv06GdbDYLcGqh9EwiMutZg+a0oePCCw1zHOEiji6LCpyRcjTREtPASuUqeAvYlEVvQ==
+  version "7.0.3"
+  resolved "https://registry.yarnpkg.com/postcss-calc/-/postcss-calc-7.0.3.tgz#d65cca92a3c52bf27ad37a5f732e0587b74f1623"
+  integrity sha512-IB/EAEmZhIMEIhG7Ov4x+l47UaXOS1n2f4FBUk/aKllQhtSCxWhTzn0nJgkqN7fo/jcWySvWTSB6Syk9L+31bA==
   dependencies:
     postcss "^7.0.27"
     postcss-selector-parser "^6.0.2"
@@ -5953,14 +5942,14 @@ postcss-modules-extract-imports@^2.0.0:
     postcss "^7.0.5"
 
 postcss-modules-local-by-default@^3.0.2:
-  version "3.0.2"
-  resolved "https://registry.yarnpkg.com/postcss-modules-local-by-default/-/postcss-modules-local-by-default-3.0.2.tgz#e8a6561be914aaf3c052876377524ca90dbb7915"
-  integrity sha512-jM/V8eqM4oJ/22j0gx4jrp63GSvDH6v86OqyTHHUvk4/k1vceipZsaymiZ5PvocqZOl5SFHiFJqjs3la0wnfIQ==
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/postcss-modules-local-by-default/-/postcss-modules-local-by-default-3.0.3.tgz#bb14e0cc78279d504dbdcbfd7e0ca28993ffbbb0"
+  integrity sha512-e3xDq+LotiGesympRlKNgaJ0PCzoUIdpH0dj47iWAui/kyTgh3CiAr1qP54uodmJhl6p9rN6BoNcdEDVJx9RDw==
   dependencies:
     icss-utils "^4.1.1"
-    postcss "^7.0.16"
+    postcss "^7.0.32"
     postcss-selector-parser "^6.0.2"
-    postcss-value-parser "^4.0.0"
+    postcss-value-parser "^4.1.0"
 
 postcss-modules-scope@^2.2.0:
   version "2.2.0"
@@ -6130,7 +6119,7 @@ postcss-value-parser@^3.0.0, postcss-value-parser@^3.2.3:
   resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz#9ff822547e2893213cf1c30efa51ac5fd1ba8281"
   integrity sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==
 
-postcss-value-parser@^4.0.0, postcss-value-parser@^4.0.2, postcss-value-parser@^4.0.3:
+postcss-value-parser@^4.0.2, postcss-value-parser@^4.0.3, postcss-value-parser@^4.1.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.1.0.tgz#443f6a20ced6481a2bda4fa8532a6e55d789a2cb"
   integrity sha512-97DXOFbQJhk71ne5/Mt6cOu6yxsSfM0QGQyl0L25Gca4yGWEGJaig7l7gbCX623VqTBNGLRLaVUCnNkcedlRSQ==
@@ -6144,10 +6133,10 @@ postcss@7.0.27:
     source-map "^0.6.1"
     supports-color "^6.1.0"
 
-postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.14, postcss@^7.0.16, postcss@^7.0.26, postcss@^7.0.27, postcss@^7.0.5, postcss@^7.0.6:
-  version "7.0.30"
-  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.30.tgz#cc9378beffe46a02cbc4506a0477d05fcea9a8e2"
-  integrity sha512-nu/0m+NtIzoubO+xdAlwZl/u5S5vi/y6BCsoL8D+8IxsD3XvBS8X4YEADNIVXKVuQvduiucnRv+vPIqj56EGMQ==
+postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.14, postcss@^7.0.26, postcss@^7.0.27, postcss@^7.0.32, postcss@^7.0.5, postcss@^7.0.6:
+  version "7.0.32"
+  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.32.tgz#4310d6ee347053da3433db2be492883d62cec59d"
+  integrity sha512-03eXong5NLnNCD05xscnGKGDZ98CyzoqPSMjOe6SuoQY7Z2hIj0Ld1g/O/UQRuOle2aRtiIRDg9tDcTGAkLfKw==
   dependencies:
     chalk "^2.4.2"
     source-map "^0.6.1"
@@ -6158,11 +6147,6 @@ prepend-http@^1.0.0:
   resolved "https://registry.yarnpkg.com/prepend-http/-/prepend-http-1.0.4.tgz#d4f4562b0ce3696e41ac52d0e002e57a635dc6dc"
   integrity sha1-1PRWKwzjaW5BrFLQ4ALlemNdxtw=
 
-private@^0.1.8:
-  version "0.1.8"
-  resolved "https://registry.yarnpkg.com/private/-/private-0.1.8.tgz#2381edb3689f7a53d653190060fcf822d2f368ff"
-  integrity sha512-VvivMrbvd2nKkiG38qjULzlc+4Vx4wm/whI9pQD35YrARNnhxeiRktSOhSukRLFNlzg6Br/cJPet5J/u19r/mg==
-
 process-nextick-args@~2.0.0:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/process-nextick-args/-/process-nextick-args-2.0.1.tgz#7820d9b16120cc55ca9ae7792680ae7dba6d7fe2"
@@ -6315,7 +6299,7 @@ querystringify@^2.1.1:
   resolved "https://registry.yarnpkg.com/querystringify/-/querystringify-2.1.1.tgz#60e5a5fd64a7f8bfa4d2ab2ed6fdf4c85bad154e"
   integrity sha512-w7fLxIRCRT7U8Qu53jQnJyPkYZIaR4n5151KMfcJlO/A9397Wxb1amJvROTK6TOnp7PfoAmg/qXiNHI+08jRfA==
 
-randombytes@^2.0.0, randombytes@^2.0.1, randombytes@^2.0.5:
+randombytes@^2.0.0, randombytes@^2.0.1, randombytes@^2.0.5, randombytes@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.1.0.tgz#df6f84372f0270dc65cdf6291349ab7a473d4f2a"
   integrity sha512-vYl3iOX+4CKUWuxGi9Ukhie6fsqXqS9FE2Zaic4tNFD2N2QQaXOMFbuKK4QmDHC0JO6B1Zp41J0LpT0oR68amQ==
@@ -6442,22 +6426,26 @@ regenerate-unicode-properties@^8.2.0:
     regenerate "^1.4.0"
 
 regenerate@^1.4.0:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.4.0.tgz#4a856ec4b56e4077c557589cae85e7a4c8869a11"
-  integrity sha512-1G6jJVDWrt0rK99kBjvEtziZNCICAuvIPkSiUFIQxVP06RCVpq3dmDo2oi6ABpYaDYaTRr67BEhL8r1wgEZZKg==
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.4.1.tgz#cad92ad8e6b591773485fbe05a485caf4f457e6f"
+  integrity sha512-j2+C8+NtXQgEKWk49MMP5P/u2GhnahTtVkRIHr5R5lVRlbKvmQ+oS+A5aLKWp2ma5VkT8sh6v+v4hbH0YHR66A==
 
-regenerator-runtime@0.13.5, regenerator-runtime@^0.13.4:
+regenerator-runtime@0.13.5:
   version "0.13.5"
   resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.5.tgz#d878a1d094b4306d10b9096484b33ebd55e26697"
   integrity sha512-ZS5w8CpKFinUzOwW3c83oPeVXoNsrLsaCoLtJvAClH135j/R77RuymhiSErhm2lKcwSCIpmvIWSbDkIfAqKQlA==
 
+regenerator-runtime@^0.13.4:
+  version "0.13.7"
+  resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.7.tgz#cac2dacc8a1ea675feaabaeb8ae833898ae46f55"
+  integrity sha512-a54FxoJDIr27pgf7IgeQGxmqUNYrcV338lf/6gH456HZ/PhX+5BcwHXG9ajESmwe6WRO0tAzRUrRmNONWgkrew==
+
 regenerator-transform@^0.14.2:
-  version "0.14.4"
-  resolved "https://registry.yarnpkg.com/regenerator-transform/-/regenerator-transform-0.14.4.tgz#5266857896518d1616a78a0479337a30ea974cc7"
-  integrity sha512-EaJaKPBI9GvKpvUz2mz4fhx7WPgvwRLY9v3hlNHWmAuJHI13T4nwKnNvm5RWJzEdnI5g5UwtOww+S8IdoUC2bw==
+  version "0.14.5"
+  resolved "https://registry.yarnpkg.com/regenerator-transform/-/regenerator-transform-0.14.5.tgz#c98da154683671c9c4dcb16ece736517e1b7feb4"
+  integrity sha512-eOf6vka5IO151Jfsw2NO9WpGX58W6wWmefK3I1zEGr0lOD0u8rwPaNqQL1aRxUaxLeKO3ArNh3VYg1KbaD+FFw==
   dependencies:
     "@babel/runtime" "^7.8.4"
-    private "^0.1.8"
 
 regex-not@^1.0.0, regex-not@^1.0.2:
   version "1.0.2"
@@ -6475,7 +6463,7 @@ regexp.prototype.flags@^1.2.0, regexp.prototype.flags@^1.3.0:
     define-properties "^1.1.3"
     es-abstract "^1.17.0-next.1"
 
-regexpu-core@^4.6.0, regexpu-core@^4.7.0:
+regexpu-core@^4.7.0:
   version "4.7.0"
   resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-4.7.0.tgz#fcbf458c50431b0bb7b45d6967b8192d91f3d938"
   integrity sha512-TQ4KXRnIn6tz6tjnrXEkD/sshygKH/j5KzK86X8MkeHyZ8qst/LZ89j3X4/8HEIfHANTFIP/AbXakeRhWIl5YQ==
@@ -6488,9 +6476,9 @@ regexpu-core@^4.6.0, regexpu-core@^4.7.0:
     unicode-match-property-value-ecmascript "^1.2.0"
 
 regjsgen@^0.5.1:
-  version "0.5.1"
-  resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.5.1.tgz#48f0bf1a5ea205196929c0d9798b42d1ed98443c"
-  integrity sha512-5qxzGZjDs9w4tzT3TPhCJqWdCc3RLYwy9J2NB0nm5Lz+S273lvWcpjaTGHsT1dc6Hhfq41uSEOw8wBmxrKOuyg==
+  version "0.5.2"
+  resolved "https://registry.yarnpkg.com/regjsgen/-/regjsgen-0.5.2.tgz#92ff295fb1deecbf6ecdab2543d207e91aa33733"
+  integrity sha512-OFFT3MfrH90xIW8OOSyUrk6QHD5E9JOTeGodiJeBS3J6IwlgzJMNE/1bZklWz5oTg+9dCMyEetclvCVXOPoN3A==
 
 regjsparser@^0.6.4:
   version "0.6.4"
@@ -6545,11 +6533,6 @@ require-directory@^2.1.1:
   resolved "https://registry.yarnpkg.com/require-directory/-/require-directory-2.1.1.tgz#8c64ad5fd30dab1c976e2344ffe7f792a6a6df42"
   integrity sha1-jGStX9MNqxyXbiNE/+f3kqam30I=
 
-require-main-filename@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/require-main-filename/-/require-main-filename-1.0.1.tgz#97f717b69d48784f5f526a6c5aa8ffdda055a4d1"
-  integrity sha1-l/cXtp1IeE9fUmpsWqj/3aBVpNE=
-
 require-main-filename@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/require-main-filename/-/require-main-filename-2.0.0.tgz#d0b329ecc7cc0f61649f62215be69af54aa8989b"
@@ -6607,6 +6590,11 @@ retry@^0.12.0:
   resolved "https://registry.yarnpkg.com/retry/-/retry-0.12.0.tgz#1b42a6266a21f07421d1b0b54b7dc167b01c013b"
   integrity sha1-G0KmJmoh8HQh0bC1S33BZ7AcATs=
 
+reusify@^1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/reusify/-/reusify-1.0.4.tgz#90da382b1e126efc02146e90845a88db12925d76"
+  integrity sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==
+
 rgb-regex@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/rgb-regex/-/rgb-regex-1.0.1.tgz#c0e0d6882df0e23be254a475e8edd41915feaeb1"
@@ -6617,7 +6605,7 @@ rgba-regex@^1.0.0:
   resolved "https://registry.yarnpkg.com/rgba-regex/-/rgba-regex-1.0.0.tgz#43374e2e2ca0968b0ef1523460b7d730ff22eeb3"
   integrity sha1-QzdOLiyglosO8VI0YLfXMP8i7rM=
 
-rimraf@3.0.2:
+rimraf@3.0.2, rimraf@^3.0.2:
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-3.0.2.tgz#f1a5402ba6220ad52cc1282bac1ae3aa49fd061a"
   integrity sha512-JZkJMZkAGFFPP2YqXZXPbMlMBgsxzE8ILs4lMIX/2o0L9UBw9O/Y3o6wFw/i9YLapcUJWwqbi3kdxIPdC62TIA==
@@ -6651,6 +6639,11 @@ run-async@^2.4.0:
   resolved "https://registry.yarnpkg.com/run-async/-/run-async-2.4.1.tgz#8440eccf99ea3e70bd409d49aab88e10c189a455"
   integrity sha512-tvVnVv01b8c1RrA6Ep7JkStj85Guv/YrMcwqYQnwjsAS2cTmmPGBBjAjpCW7RrSodNSoE2/qg9O4bceNvUuDgQ==
 
+run-parallel@^1.1.9:
+  version "1.1.9"
+  resolved "https://registry.yarnpkg.com/run-parallel/-/run-parallel-1.1.9.tgz#c9dd3a7cf9f4b2c4b6244e173a6ed866e61dd679"
+  integrity sha512-DEqnSRTDw/Tc3FXf49zedI638Z9onwUotBMiUFKmrO2sdFKIbXamXGQ3Axd4qgphxKB4kw/qP1w5kTxnfU1B9Q==
+
 run-queue@^1.0.0, run-queue@^1.0.3:
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/run-queue/-/run-queue-1.0.3.tgz#e848396f057d223f24386924618e25694161ec47"
@@ -6666,9 +6659,9 @@ rxjs@6.5.4:
     tslib "^1.9.0"
 
 rxjs@^6.5.2, rxjs@^6.5.3:
-  version "6.5.5"
-  resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.5.5.tgz#c5c884e3094c8cfee31bf27eb87e54ccfc87f9ec"
-  integrity sha512-WfQI+1gohdf0Dai/Bbmk5L5ItH5tYqm3ki2c5GdWhKjalzjg93N3avFjVStyZZz+A2Em+ZxKH5bNghw9UeylGQ==
+  version "6.6.2"
+  resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.6.2.tgz#8096a7ac03f2cc4fe5860ef6e572810d9e01c0d2"
+  integrity sha512-BHdBMVoWC2sL26w//BCu3YzKT4s2jip/WhwsGEDmeKYBhKDZeYezVUnHatYB7L85v5xs0BAQmg6BEYJEKxBabg==
   dependencies:
     tslib "^1.9.0"
 
@@ -6726,12 +6719,13 @@ schema-utils@^1.0.0:
     ajv-errors "^1.0.0"
     ajv-keywords "^3.1.0"
 
-schema-utils@^2.5.0, schema-utils@^2.6.1, schema-utils@^2.6.4, schema-utils@^2.6.5:
-  version "2.6.6"
-  resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-2.6.6.tgz#299fe6bd4a3365dc23d99fd446caff8f1d6c330c"
-  integrity sha512-wHutF/WPSbIi9x6ctjGGk2Hvl0VOz5l3EKEuKbjPlB30mKZUzb9A5k9yEXRX3pwyqVLPvpfZZEllaFq/M718hA==
+schema-utils@^2.5.0, schema-utils@^2.6.1, schema-utils@^2.6.4, schema-utils@^2.6.5, schema-utils@^2.6.6, schema-utils@^2.7.0:
+  version "2.7.0"
+  resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-2.7.0.tgz#17151f76d8eae67fbbf77960c33c676ad9f4efc7"
+  integrity sha512-0ilKFI6QQF5nxDZLFn2dMjvc4hjg/Wkg7rHd3jK6/A4a1Hl9VFdQWvgB1UMGoU94pad1P/8N7fMcEnLnSiju8A==
   dependencies:
-    ajv "^6.12.0"
+    "@types/json-schema" "^7.0.4"
+    ajv "^6.12.2"
     ajv-keywords "^3.4.1"
 
 select-hose@^2.0.0:
@@ -6804,10 +6798,19 @@ send@0.17.1:
     range-parser "~1.2.1"
     statuses "~1.5.0"
 
-serialize-javascript@^2.1.2:
-  version "2.1.2"
-  resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-2.1.2.tgz#ecec53b0e0317bdc95ef76ab7074b7384785fa61"
-  integrity sha512-rs9OggEUF0V4jUSecXazOYsLfu7OGK2qIn3c7IPBiffz32XniEp/TX9Xmc9LQfK2nQ2QKHvZ2oygKUGU0lG4jQ==
+serialize-javascript@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-3.1.0.tgz#8bf3a9170712664ef2561b44b691eafe399214ea"
+  integrity sha512-JIJT1DGiWmIKhzRsG91aS6Ze4sFUrYbltlkg2onR5OrnNM02Kl/hnY/T4FN2omvyeBbQmMJv+K4cPOpGzOTFBg==
+  dependencies:
+    randombytes "^2.1.0"
+
+serialize-javascript@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-4.0.0.tgz#b525e1238489a5ecfc42afacc3fe99e666f4b1aa"
+  integrity sha512-GaNA54380uFefWghODBWEGisLZFj00nS5ACs6yHa9nLqlLpVLO8ChDGeKRjZnV4Nh4n0Qi7nhYZD/9fCPzEqkw==
+  dependencies:
+    randombytes "^2.1.0"
 
 serve-index@^1.9.1:
   version "1.9.1"
@@ -6909,10 +6912,10 @@ simple-swizzle@^0.2.2:
   dependencies:
     is-arrayish "^0.3.1"
 
-slash@^1.0.0:
-  version "1.0.0"
-  resolved "https://registry.yarnpkg.com/slash/-/slash-1.0.0.tgz#c41f2f6c39fc16d1cd17ad4b5d896114ae470d55"
-  integrity sha1-xB8vbDn8FtHNF61LXYlhFK5HDVU=
+slash@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/slash/-/slash-3.0.0.tgz#6539be870c165adbd5240220dbe361f1bc4d4634"
+  integrity sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==
 
 smart-buffer@^4.1.0:
   version "4.1.0"
@@ -6961,13 +6964,14 @@ sockjs-client@1.4.0:
     json3 "^3.3.2"
     url-parse "^1.4.3"
 
-sockjs@0.3.19:
-  version "0.3.19"
-  resolved "https://registry.yarnpkg.com/sockjs/-/sockjs-0.3.19.tgz#d976bbe800af7bd20ae08598d582393508993c0d"
-  integrity sha512-V48klKZl8T6MzatbLlzzRNhMepEys9Y4oGFpypBFFn1gLI/QQ9HtLLyWJNbPlwGLelOVOEijUbTTJeLLI59jLw==
+sockjs@0.3.20:
+  version "0.3.20"
+  resolved "https://registry.yarnpkg.com/sockjs/-/sockjs-0.3.20.tgz#b26a283ec562ef8b2687b44033a4eeceac75d855"
+  integrity sha512-SpmVOVpdq0DJc0qArhF3E5xsxvaiqGNb73XfgBpK1y3UD5gs8DSo8aCTsuT5pX8rssdc2NDIzANwP9eCAiSdTA==
   dependencies:
     faye-websocket "^0.10.0"
-    uuid "^3.0.1"
+    uuid "^3.4.0"
+    websocket-driver "0.6.5"
 
 socks-proxy-agent@^4.0.0:
   version "4.0.2"
@@ -7050,9 +7054,9 @@ sourcemap-codec@^1.4.4, sourcemap-codec@^1.4.8:
   integrity sha512-9NykojV5Uih4lgo5So5dtw+f0JgJX30KCNI8gwhz2J9A15wD0Ml6tjHKwf6fTSa6fAdVBdZeNOs9eJ71qCk8vA==
 
 spdx-correct@^3.0.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-3.1.0.tgz#fb83e504445268f154b074e218c87c003cd31df4"
-  integrity sha512-lr2EZCctC2BNR7j7WzJ2FpDznxky1sjfxvvYEyzxNyb6lZXHODmEoJeFu4JupYlkfha1KZpJyoqiJ7pgA1qq8Q==
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/spdx-correct/-/spdx-correct-3.1.1.tgz#dece81ac9c1e6713e5f7d1b6f17d468fa53d89a9"
+  integrity sha512-cOYcUWwhCuHCXi49RhFRCyJEK3iPj1Ziz9DpViV3tbZOwXD49QzIN3MpOLJNxh2qwq2lJJZaKMVw9qNi4jTC0w==
   dependencies:
     spdx-expression-parse "^3.0.0"
     spdx-license-ids "^3.0.0"
@@ -7087,7 +7091,7 @@ spdy-transport@^3.0.0:
     readable-stream "^3.0.6"
     wbuf "^1.7.3"
 
-spdy@^4.0.1:
+spdy@^4.0.2:
   version "4.0.2"
   resolved "https://registry.yarnpkg.com/spdy/-/spdy-4.0.2.tgz#b74f466203a3eda452c02492b91fb9e84a27677b"
   integrity sha512-r46gZQZQV+Kl9oItvl1JZZqJKGr+oEkB08A6BzkiR7593/7IbtuncXHd2YoYeTsG4157ZssMu9KYvUHLcjcDoA==
@@ -7144,14 +7148,6 @@ ssri@^6.0.0, ssri@^6.0.1:
   dependencies:
     figgy-pudding "^3.5.1"
 
-ssri@^7.0.0:
-  version "7.1.0"
-  resolved "https://registry.yarnpkg.com/ssri/-/ssri-7.1.0.tgz#92c241bf6de82365b5c7fb4bd76e975522e1294d"
-  integrity sha512-77/WrDZUWocK0mvA5NTRQyveUf+wsrIc6vyrxpS8tVvYBcX215QbafrJR3KtkpskIzoFLqqNuuYQvxaMjXJ/0g==
-  dependencies:
-    figgy-pudding "^3.5.1"
-    minipass "^3.1.1"
-
 ssri@^8.0.0:
   version "8.0.0"
   resolved "https://registry.yarnpkg.com/ssri/-/ssri-8.0.0.tgz#79ca74e21f8ceaeddfcb4b90143c458b8d988808"
@@ -7214,22 +7210,14 @@ strict-uri-encode@^1.0.0:
   resolved "https://registry.yarnpkg.com/strict-uri-encode/-/strict-uri-encode-1.1.0.tgz#279b225df1d582b1f54e65addd4352e18faa0713"
   integrity sha1-J5siXfHVgrH1TmWt3UNS4Y+qBxM=
 
-string-width@^1.0.1:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/string-width/-/string-width-1.0.2.tgz#118bdf5b8cdc51a2a7e70d211e07e2b0b9b107d3"
-  integrity sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=
-  dependencies:
-    code-point-at "^1.0.0"
-    is-fullwidth-code-point "^1.0.0"
-    strip-ansi "^3.0.0"
-
-string-width@^2.0.0, string-width@^2.1.1:
-  version "2.1.1"
-  resolved "https://registry.yarnpkg.com/string-width/-/string-width-2.1.1.tgz#ab93f27a8dc13d28cac815c462143a6d9012ae9e"
-  integrity sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==
+string-width@^3.0.0, string-width@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/string-width/-/string-width-3.1.0.tgz#22767be21b62af1081574306f69ac51b62203961"
+  integrity sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==
   dependencies:
+    emoji-regex "^7.0.1"
     is-fullwidth-code-point "^2.0.0"
-    strip-ansi "^4.0.0"
+    strip-ansi "^5.1.0"
 
 string-width@^4.1.0, string-width@^4.2.0:
   version "4.2.0"
@@ -7240,7 +7228,7 @@ string-width@^4.1.0, string-width@^4.2.0:
     is-fullwidth-code-point "^3.0.0"
     strip-ansi "^6.0.0"
 
-string.prototype.trimend@^1.0.0:
+string.prototype.trimend@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/string.prototype.trimend/-/string.prototype.trimend-1.0.1.tgz#85812a6b847ac002270f5808146064c995fb6913"
   integrity sha512-LRPxFUaTtpqYsTeNKaFOw3R4bxIzWOnbQ837QfBylo8jIxtcbK/A/sMV7Q+OAV/vWo+7s25pOE10KYSjaSO06g==
@@ -7248,25 +7236,7 @@ string.prototype.trimend@^1.0.0:
     define-properties "^1.1.3"
     es-abstract "^1.17.5"
 
-string.prototype.trimleft@^2.1.1:
-  version "2.1.2"
-  resolved "https://registry.yarnpkg.com/string.prototype.trimleft/-/string.prototype.trimleft-2.1.2.tgz#4408aa2e5d6ddd0c9a80739b087fbc067c03b3cc"
-  integrity sha512-gCA0tza1JBvqr3bfAIFJGqfdRTyPae82+KTnm3coDXkZN9wnuW3HjGgN386D7hfv5CHQYCI022/rJPVlqXyHSw==
-  dependencies:
-    define-properties "^1.1.3"
-    es-abstract "^1.17.5"
-    string.prototype.trimstart "^1.0.0"
-
-string.prototype.trimright@^2.1.1:
-  version "2.1.2"
-  resolved "https://registry.yarnpkg.com/string.prototype.trimright/-/string.prototype.trimright-2.1.2.tgz#c76f1cef30f21bbad8afeb8db1511496cfb0f2a3"
-  integrity sha512-ZNRQ7sY3KroTaYjRS6EbNiiHrOkjihL9aQE/8gfQ4DtAC/aEBRHFJa44OmoWxGGqXuJlfKkZW4WcXErGr+9ZFg==
-  dependencies:
-    define-properties "^1.1.3"
-    es-abstract "^1.17.5"
-    string.prototype.trimend "^1.0.0"
-
-string.prototype.trimstart@^1.0.0:
+string.prototype.trimstart@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/string.prototype.trimstart/-/string.prototype.trimstart-1.0.1.tgz#14af6d9f34b053f7cfc89b72f8f2ee14b9039a54"
   integrity sha512-XxZn+QpvrBI1FOcg6dIpxUPgWCPuNXvMD72aaRaUQv1eD4e/Qy8i/hFTe0BUmD60p/QA6bh1avmuPTfNjqVWRw==
@@ -7288,19 +7258,19 @@ string_decoder@~1.1.1:
   dependencies:
     safe-buffer "~5.1.0"
 
-strip-ansi@^3.0.0, strip-ansi@^3.0.1:
+strip-ansi@^3.0.1:
   version "3.0.1"
   resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-3.0.1.tgz#6a385fb8853d952d5ff05d0e8aaf94278dc63dcf"
   integrity sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=
   dependencies:
     ansi-regex "^2.0.0"
 
-strip-ansi@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-4.0.0.tgz#a8479022eb1ac368a871389b635262c505ee368f"
-  integrity sha1-qEeQIusaw2iocTibY1JixQXuNo8=
+strip-ansi@^5.0.0, strip-ansi@^5.1.0, strip-ansi@^5.2.0:
+  version "5.2.0"
+  resolved "https://registry.yarnpkg.com/strip-ansi/-/strip-ansi-5.2.0.tgz#8c9a536feb6afc962bdfa5b104a5091c1ad9c0ae"
+  integrity sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==
   dependencies:
-    ansi-regex "^3.0.0"
+    ansi-regex "^4.1.0"
 
 strip-ansi@^6.0.0:
   version "6.0.0"
@@ -7422,7 +7392,7 @@ tar@^4.4.10:
     safe-buffer "^5.1.2"
     yallist "^3.0.3"
 
-tar@^6.0.1:
+tar@^6.0.1, tar@^6.0.2:
   version "6.0.2"
   resolved "https://registry.yarnpkg.com/tar/-/tar-6.0.2.tgz#5df17813468a6264ff14f766886c622b84ae2f39"
   integrity sha512-Glo3jkRtPcvpDlAs/0+hozav78yoXKFr+c4wgw62NNMO3oo4AaJdCo21Uu7lcwr55h39W2XD1LMERc64wtbItg==
@@ -7434,31 +7404,31 @@ tar@^6.0.1:
     mkdirp "^1.0.3"
     yallist "^4.0.0"
 
-terser-webpack-plugin@2.3.5:
-  version "2.3.5"
-  resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-2.3.5.tgz#5ad971acce5c517440ba873ea4f09687de2f4a81"
-  integrity sha512-WlWksUoq+E4+JlJ+h+U+QUzXpcsMSSNXkDy9lBVkSqDn1w23Gg29L/ary9GeJVYCGiNJJX7LnVc4bwL1N3/g1w==
-  dependencies:
-    cacache "^13.0.1"
-    find-cache-dir "^3.2.0"
-    jest-worker "^25.1.0"
-    p-limit "^2.2.2"
-    schema-utils "^2.6.4"
-    serialize-javascript "^2.1.2"
+terser-webpack-plugin@3.0.3:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-3.0.3.tgz#23bda2687b197f878a743373b9411d917adc2e45"
+  integrity sha512-bZFnotuIKq5Rqzrs+qIwFzGdKdffV9epG5vDSEbYzvKAhPeR5RbbrQysfPgbIIMhNAQtZD2hGwBfSKUXjXZZZw==
+  dependencies:
+    cacache "^15.0.4"
+    find-cache-dir "^3.3.1"
+    jest-worker "^26.0.0"
+    p-limit "^2.3.0"
+    schema-utils "^2.6.6"
+    serialize-javascript "^3.1.0"
     source-map "^0.6.1"
-    terser "^4.4.3"
+    terser "^4.6.13"
     webpack-sources "^1.4.3"
 
 terser-webpack-plugin@^1.4.3:
-  version "1.4.3"
-  resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-1.4.3.tgz#5ecaf2dbdc5fb99745fd06791f46fc9ddb1c9a7c"
-  integrity sha512-QMxecFz/gHQwteWwSo5nTc6UaICqN1bMedC5sMtUc7y3Ha3Q8y6ZO0iCR8pq4RJC8Hjf0FEPEHZqcMB/+DFCrA==
+  version "1.4.5"
+  resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-1.4.5.tgz#a217aefaea330e734ffacb6120ec1fa312d6040b"
+  integrity sha512-04Rfe496lN8EYruwi6oPQkG0vo8C+HT49X687FZnpPF0qMAIHONI6HEXYPKDOE8e5HjXTyKfqRd/agHtH0kOtw==
   dependencies:
     cacache "^12.0.2"
     find-cache-dir "^2.1.0"
     is-wsl "^1.1.0"
     schema-utils "^1.0.0"
-    serialize-javascript "^2.1.2"
+    serialize-javascript "^4.0.0"
     source-map "^0.6.1"
     terser "^4.1.2"
     webpack-sources "^1.4.0"
@@ -7473,10 +7443,10 @@ terser@4.6.10:
     source-map "~0.6.1"
     source-map-support "~0.5.12"
 
-terser@^4.1.2, terser@^4.4.3:
-  version "4.7.0"
-  resolved "https://registry.yarnpkg.com/terser/-/terser-4.7.0.tgz#15852cf1a08e3256a80428e865a2fa893ffba006"
-  integrity sha512-Lfb0RiZcjRDXCC3OSHJpEkxJ9Qeqs6mp2v4jf2MHfy8vGERmVDuvjXdd/EnP5Deme5F2yBRBymKmKHCBg2echw==
+terser@^4.1.2, terser@^4.6.13:
+  version "4.8.0"
+  resolved "https://registry.yarnpkg.com/terser/-/terser-4.8.0.tgz#63056343d7c70bb29f3af665865a46fe03a0df17"
+  integrity sha512-EAPipTNeWsb/3wLPeup1tVPaXfIaU68xMnVdPafIL1TV05OhASArYyIfFvnvJCNrR2NIOvDVNNTFRa+Re2MWyw==
   dependencies:
     commander "^2.20.0"
     source-map "~0.6.1"
@@ -7871,7 +7841,7 @@ uuid@7.0.2:
   resolved "https://registry.yarnpkg.com/uuid/-/uuid-7.0.2.tgz#7ff5c203467e91f5e0d85cfcbaaf7d2ebbca9be6"
   integrity sha512-vy9V/+pKG+5ZTYKf+VcphF5Oc6EFiu3W8Nv3P3zIh0EqVI80ZxOzuPfe9EHjkFNvf8+xuTHVeei4Drydlx4zjw==
 
-uuid@^3.0.0, uuid@^3.0.1, uuid@^3.3.2:
+uuid@^3.0.0, uuid@^3.3.2, uuid@^3.4.0:
   version "3.4.0"
   resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.4.0.tgz#b23e4358afa8a202fe7a100af1f5f883f02007ee"
   integrity sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==
@@ -7939,14 +7909,14 @@ watchpack-chokidar2@^2.0.0:
     chokidar "^2.1.8"
 
 watchpack@^1.6.0:
-  version "1.7.2"
-  resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-1.7.2.tgz#c02e4d4d49913c3e7e122c3325365af9d331e9aa"
-  integrity sha512-ymVbbQP40MFTp+cNMvpyBpBtygHnPzPkHqoIwRRj/0B8KhqQwV8LaKjtbaxF2lK4vl8zN9wCxS46IFCU5K4W0g==
+  version "1.7.4"
+  resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-1.7.4.tgz#6e9da53b3c80bb2d6508188f5b200410866cd30b"
+  integrity sha512-aWAgTW4MoSJzZPAicljkO1hsi1oKj/RRq/OJQh2PKI2UKL04c2Bs+MBOB+BBABHTXJpf9mCwHN7ANCvYsvY2sg==
   dependencies:
     graceful-fs "^4.1.2"
     neo-async "^2.5.0"
   optionalDependencies:
-    chokidar "^3.4.0"
+    chokidar "^3.4.1"
     watchpack-chokidar2 "^2.0.0"
 
 wbuf@^1.1.0, wbuf@^1.7.3:
@@ -7974,10 +7944,10 @@ webpack-dev-middleware@3.7.2, webpack-dev-middleware@^3.7.2:
     range-parser "^1.2.1"
     webpack-log "^2.0.0"
 
-webpack-dev-server@3.10.3:
-  version "3.10.3"
-  resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-3.10.3.tgz#f35945036813e57ef582c2420ef7b470e14d3af0"
-  integrity sha512-e4nWev8YzEVNdOMcNzNeCN947sWJNd43E5XvsJzbAL08kGc2frm1tQ32hTJslRS+H65LCb/AaUCYU7fjHCpDeQ==
+webpack-dev-server@3.11.0:
+  version "3.11.0"
+  resolved "https://registry.yarnpkg.com/webpack-dev-server/-/webpack-dev-server-3.11.0.tgz#8f154a3bce1bcfd1cc618ef4e703278855e7ff8c"
+  integrity sha512-PUxZ+oSTxogFQgkTtFndEtJIPNmml7ExwufBZ9L2/Xyyd5PnOL5UreWe5ZT7IU25DSdykL9p1MLQzmLh2ljSeg==
   dependencies:
     ansi-html "0.0.7"
     bonjour "^3.5.0"
@@ -7987,31 +7957,31 @@ webpack-dev-server@3.10.3:
     debug "^4.1.1"
     del "^4.1.1"
     express "^4.17.1"
-    html-entities "^1.2.1"
+    html-entities "^1.3.1"
     http-proxy-middleware "0.19.1"
     import-local "^2.0.0"
     internal-ip "^4.3.0"
     ip "^1.1.5"
     is-absolute-url "^3.0.3"
     killable "^1.0.1"
-    loglevel "^1.6.6"
+    loglevel "^1.6.8"
     opn "^5.5.0"
     p-retry "^3.0.1"
-    portfinder "^1.0.25"
+    portfinder "^1.0.26"
     schema-utils "^1.0.0"
     selfsigned "^1.10.7"
     semver "^6.3.0"
     serve-index "^1.9.1"
-    sockjs "0.3.19"
+    sockjs "0.3.20"
     sockjs-client "1.4.0"
-    spdy "^4.0.1"
+    spdy "^4.0.2"
     strip-ansi "^3.0.1"
     supports-color "^6.1.0"
     url "^0.11.0"
     webpack-dev-middleware "^3.7.2"
     webpack-log "^2.0.0"
     ws "^6.2.1"
-    yargs "12.0.5"
+    yargs "^13.3.2"
 
 webpack-log@^2.0.0:
   version "2.0.0"
@@ -8072,12 +8042,19 @@ webpack@4.42.0:
     watchpack "^1.6.0"
     webpack-sources "^1.4.1"
 
+websocket-driver@0.6.5:
+  version "0.6.5"
+  resolved "https://registry.yarnpkg.com/websocket-driver/-/websocket-driver-0.6.5.tgz#5cb2556ceb85f4373c6d8238aa691c8454e13a36"
+  integrity sha1-XLJVbOuF9Dc8bYI4qmkchFThOjY=
+  dependencies:
+    websocket-extensions ">=0.1.1"
+
 websocket-driver@>=0.5.1:
-  version "0.7.3"
-  resolved "https://registry.yarnpkg.com/websocket-driver/-/websocket-driver-0.7.3.tgz#a2d4e0d4f4f116f1e6297eba58b05d430100e9f9"
-  integrity sha512-bpxWlvbbB459Mlipc5GBzzZwhoZgGEZLuqPaR0INBGnPAY1vdBX6hPnoFXiw+3yWxDuHyQjO2oXTMyS8A5haFg==
+  version "0.7.4"
+  resolved "https://registry.yarnpkg.com/websocket-driver/-/websocket-driver-0.7.4.tgz#89ad5295bbf64b480abcba31e4953aca706f5760"
+  integrity sha512-b17KeDIQVjvb0ssuSDF2cYXSg2iztliJ4B9WdsuB6J952qCPKmnVq4DyW5motImXHDC1cBT/1UezrJVsKw5zjg==
   dependencies:
-    http-parser-js ">=0.4.0 <0.4.11"
+    http-parser-js ">=0.5.1"
     safe-buffer ">=5.1.0"
     websocket-extensions ">=0.1.1"
 
@@ -8150,13 +8127,14 @@ worker-plugin@4.0.3:
   dependencies:
     loader-utils "^1.1.0"
 
-wrap-ansi@^2.0.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-2.1.0.tgz#d8fc3d284dd05794fe84973caecdd1cf824fdd85"
-  integrity sha1-2Pw9KE3QV5T+hJc8rs3Rz4JP3YU=
+wrap-ansi@^5.1.0:
+  version "5.1.0"
+  resolved "https://registry.yarnpkg.com/wrap-ansi/-/wrap-ansi-5.1.0.tgz#1fd1f67235d5b6d0fee781056001bfb694c03b09"
+  integrity sha512-QC1/iN/2/RPVJ5jYK8BGttj5z83LmSKmvbvrXPNCLZSEb32KKVDJDl/MOt2N01qU2H/FkzEa9PKto1BqDjtd7Q==
   dependencies:
-    string-width "^1.0.1"
-    strip-ansi "^3.0.1"
+    ansi-styles "^3.2.0"
+    string-width "^3.0.0"
+    strip-ansi "^5.0.0"
 
 wrap-ansi@^6.2.0:
   version "6.2.0"
@@ -8189,7 +8167,7 @@ xtend@^4.0.0, xtend@~4.0.1:
   resolved "https://registry.yarnpkg.com/xtend/-/xtend-4.0.2.tgz#bb72779f5fa465186b1f438f674fa347fdb5db54"
   integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==
 
-"y18n@^3.2.1 || ^4.0.0", y18n@^4.0.0:
+y18n@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/y18n/-/y18n-4.0.0.tgz#95ef94f85ecc81d007c264e190a120f0a3c8566b"
   integrity sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w==
@@ -8204,10 +8182,10 @@ yallist@^4.0.0:
   resolved "https://registry.yarnpkg.com/yallist/-/yallist-4.0.0.tgz#9bb92790d9c0effec63be73519e11a35019a3a72"
   integrity sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==
 
-yargs-parser@^11.1.1:
-  version "11.1.1"
-  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-11.1.1.tgz#879a0865973bca9f6bab5cbdf3b1c67ec7d3bcf4"
-  integrity sha512-C6kB/WJDiaxONLJQnF8ccx9SEeoTTLek8RVbaOIsrAUS8VrBEXfmeSnCZxygc+XC2sNMBIwOOnfcxiynjHsVSQ==
+yargs-parser@^13.1.2:
+  version "13.1.2"
+  resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-13.1.2.tgz#130f09702ebaeef2650d54ce6e3e5706f7a4fb38"
+  integrity sha512-3lbsNRf/j+A4QuSZfDRA7HRSfWrzO0YjqTJd5kjAq37Zep1CEgaYmrH9Q3GwPiB9cHyd1Y1UwggGhJGoxipbzg==
   dependencies:
     camelcase "^5.0.0"
     decamelize "^1.2.0"
@@ -8220,24 +8198,6 @@ yargs-parser@^18.1.0:
     camelcase "^5.0.0"
     decamelize "^1.2.0"
 
-yargs@12.0.5:
-  version "12.0.5"
-  resolved "https://registry.yarnpkg.com/yargs/-/yargs-12.0.5.tgz#05f5997b609647b64f66b81e3b4b10a368e7ad13"
-  integrity sha512-Lhz8TLaYnxq/2ObqHDql8dX8CJi97oHxrjUcYtzKbbykPtVW9WB+poxI+NM2UIzsMgNCZTIf0AQwsjK5yMAqZw==
-  dependencies:
-    cliui "^4.0.0"
-    decamelize "^1.2.0"
-    find-up "^3.0.0"
-    get-caller-file "^1.0.1"
-    os-locale "^3.0.0"
-    require-directory "^2.1.1"
-    require-main-filename "^1.0.1"
-    set-blocking "^2.0.0"
-    string-width "^2.0.0"
-    which-module "^2.0.0"
-    y18n "^3.2.1 || ^4.0.0"
-    yargs-parser "^11.1.1"
-
 yargs@15.3.0:
   version "15.3.0"
   resolved "https://registry.yarnpkg.com/yargs/-/yargs-15.3.0.tgz#403af6edc75b3ae04bf66c94202228ba119f0976"
@@ -8255,6 +8215,22 @@ yargs@15.3.0:
     y18n "^4.0.0"
     yargs-parser "^18.1.0"
 
+yargs@^13.3.2:
+  version "13.3.2"
+  resolved "https://registry.yarnpkg.com/yargs/-/yargs-13.3.2.tgz#ad7ffefec1aa59565ac915f82dccb38a9c31a2dd"
+  integrity sha512-AX3Zw5iPruN5ie6xGRIDgqkT+ZhnRlZMLMHAs8tg7nRruy2Nb+i5o9bwghAogtM08q1dpr2LVoS8KSTMYpWXUw==
+  dependencies:
+    cliui "^5.0.0"
+    find-up "^3.0.0"
+    get-caller-file "^2.0.1"
+    require-directory "^2.1.1"
+    require-main-filename "^2.0.0"
+    set-blocking "^2.0.0"
+    string-width "^3.0.0"
+    which-module "^2.0.0"
+    y18n "^4.0.0"
+    yargs-parser "^13.1.2"
+
 zone.js@~0.10.2:
   version "0.10.3"
   resolved "https://registry.yarnpkg.com/zone.js/-/zone.js-0.10.3.tgz#3e5e4da03c607c9dcd92e37dd35687a14a140c16"

From 29cc3042ef43df058199000952919116a3abf554 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 12 Aug 2020 19:44:39 +0200
Subject: [PATCH 134/237] Updated InfoModel to version 4.0.0

---
 .../ids/api/infomodel/ConnectorProfile.java   | 15 ++---
 ids-infomodel-manager/bnd.bnd                 |  3 +-
 ids-infomodel-manager/build.gradle.kts        | 29 ++++++++-
 .../InfoModelService.kt                       | 59 +++++++++++++------
 libraryVersions.yaml                          |  4 +-
 5 files changed, 80 insertions(+), 30 deletions(-)

diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java
index d6c13d6c8..96ec04975 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/ConnectorProfile.java
@@ -19,8 +19,9 @@
  */
 package de.fhg.aisec.ids.api.infomodel;
 
-import de.fraunhofer.iais.eis.*;
-import de.fraunhofer.iais.eis.util.PlainLiteral;
+import de.fraunhofer.iais.eis.SecurityProfile;
+import de.fraunhofer.iais.eis.util.TypedLiteral;
+
 import java.io.Serializable;
 import java.net.URI;
 import java.util.List;
@@ -32,10 +33,10 @@ public final class ConnectorProfile implements Serializable {
   private SecurityProfile securityProfile;
   private URI connectorUrl;
   private URI maintainerUrl;
-  private List<PlainLiteral> connectorEntityNames;
+  private List<TypedLiteral> connectorEntityNames;
 
   public ConnectorProfile() {
-    this.securityProfile = SecurityProfile.TRUSTED_CONNECTOR_SECURITY_PROFILE;
+    this.securityProfile = SecurityProfile.TRUST_SECURITY_PROFILE;
     this.connectorUrl = null;
     this.maintainerUrl = null;
     this.connectorEntityNames = null;
@@ -45,7 +46,7 @@ public ConnectorProfile(
       SecurityProfile profile,
       URI connectorUrl,
       URI maintainerUrl,
-      List<PlainLiteral> connectorEntityNames) {
+      List<TypedLiteral> connectorEntityNames) {
     super();
     this.securityProfile = profile;
     this.connectorUrl = connectorUrl;
@@ -65,7 +66,7 @@ public URI getMaintainerUrl() {
     return maintainerUrl;
   }
 
-  public List<PlainLiteral> getConnectorEntityNames() {
+  public List<TypedLiteral> getConnectorEntityNames() {
     return connectorEntityNames;
   }
 
@@ -81,7 +82,7 @@ public void setMaintainerUrl(URI maintainerUrl) {
     this.maintainerUrl = maintainerUrl;
   }
 
-  public void setConnectorEntityNames(List<PlainLiteral> connectorEntityNames) {
+  public void setConnectorEntityNames(List<TypedLiteral> connectorEntityNames) {
     this.connectorEntityNames = connectorEntityNames;
   }
 }
diff --git a/ids-infomodel-manager/bnd.bnd b/ids-infomodel-manager/bnd.bnd
index 88631cd51..44ce5e1b2 100644
--- a/ids-infomodel-manager/bnd.bnd
+++ b/ids-infomodel-manager/bnd.bnd
@@ -1,9 +1,10 @@
 Bundle-Name: IDS :: Information Model Manager
 Export-Package: \
+  com.fasterxml.jackson.annotation,\
+  com.github.jsonldjava*,\
   de.fhg.aisec.ids.informationmodelmanager.deserializer,\
   de.fraunhofer.iais.eis*;-split-package:=merge-last,\
   org.eclipse.rdf4j*,\
-  com.github.jsonldjava*,\
   !org.apache.logging*,\
   org.apache*
 Import-Package: \
diff --git a/ids-infomodel-manager/build.gradle.kts b/ids-infomodel-manager/build.gradle.kts
index 041690bba..aa5a0af3a 100644
--- a/ids-infomodel-manager/build.gradle.kts
+++ b/ids-infomodel-manager/build.gradle.kts
@@ -1,7 +1,30 @@
-dependencies {
-    @Suppress("UNCHECKED_CAST") val libraryVersions =
-            rootProject.ext.get("libraryVersions") as Map<String, String>
+import org.gradle.plugins.ide.idea.model.IdeaModel
+
+plugins {
+    id("com.github.gmazzo.buildconfig") version "2.0.1"
+}
+
+@Suppress("UNCHECKED_CAST") val libraryVersions =
+        rootProject.ext.get("libraryVersions") as Map<String, String>
+
+apply(plugin = "idea")
 
+buildConfig {
+    sourceSets.getByName("main") {
+        packageName("de.fhg.aisec.ids.informationmodelmanager")
+        buildConfigField("String", "INFOMODEL_VERSION",
+                "\"${libraryVersions["infomodel"] ?: error("Infomodel version not available")}\"")
+    }
+}
+
+configure<IdeaModel> {
+    module {
+        // mark as generated sources for IDEA
+        generatedSourceDirs.add(File("${buildDir}/generated/source/buildConfig/main/main"))
+    }
+}
+
+dependencies {
     infomodelBundle(project(":ids-api")) { isTransitive = false }
 
     implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
index 6c3b3c7ce..c1d8345ea 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
@@ -7,8 +7,7 @@ import de.fhg.aisec.ids.api.settings.Settings
 import de.fraunhofer.iais.eis.*
 import de.fraunhofer.iais.eis.ids.jsonld.Serializer
 import de.fraunhofer.iais.eis.util.ConstraintViolationException
-import de.fraunhofer.iais.eis.util.PlainLiteral
-import de.fraunhofer.iais.eis.util.Util
+import de.fraunhofer.iais.eis.util.TypedLiteral
 import org.osgi.service.component.annotations.Component
 import org.osgi.service.component.annotations.Reference
 import org.osgi.service.component.annotations.ReferenceCardinality
@@ -16,6 +15,7 @@ import org.slf4j.LoggerFactory
 import java.net.URI
 import java.net.URISyntaxException
 import java.util.*
+import javax.xml.datatype.DatatypeFactory
 
 
 /**
@@ -32,18 +32,42 @@ class InfoModelService : InfoModel {
     private val connectorProfile: ConnectorProfile?
         get() = settings?.connectorProfile
 
+    /**
+     * Build ConnectorAvailableMessage for IDS message headers
+     */
+    fun getConnectorAvailableMessage(): ConnectorUpdateMessage {
+        val builder = ConnectorUpdateMessageBuilder()
+        settings?.let { settings ->
+            builder._securityToken_(
+                    DynamicAttributeTokenBuilder()
+                            ._tokenFormat_(TokenFormat.JWT)
+                            ._tokenValue_(settings.dynamicAttributeToken)
+                            .build())
+            settings.connectorProfile.maintainerUrl?.let {
+                builder._senderAgent_(it)
+            }
+            settings.connectorProfile.connectorUrl?.let {
+                builder._issuerConnector_(it)._affectedConnector_(it)
+            }
+        }
+        builder._issued_(DatatypeFactory.newInstance().newXMLGregorianCalendar(
+                GregorianCalendar().apply { timeInMillis = System.currentTimeMillis() }))
+        builder._modelVersion_(BuildConfig.INFOMODEL_VERSION)
+        return builder.build()
+    }
+
     /**
      * Build Connector Entity Names from preferences
      */
-    private val connectorEntityNames: List<PlainLiteral>
+    private val connectorEntityNames: List<TypedLiteral>
         get() = connectorProfile?.connectorEntityNames.also {
             if (it == null) {
                 LOG.warn("Settings or ConnectorProfile not available, or no connector entity names provided")
             }
         } ?: emptyList()
 
-    private val catalog: Catalog
-        get() = CatalogBuilder()._offer_(ArrayList(resources)).build()
+    private val catalog: ArrayList<ResourceCatalog>
+        get() = arrayListOf(ResourceCatalogBuilder()._offeredResource_(ArrayList(resources)).build())
 
     /**
      * Build current endpoints as given by connectionManager
@@ -54,8 +78,7 @@ class InfoModelService : InfoModel {
         get() = connectionManager?.let { cm ->
             cm.listAvailableEndpoints().map {
                 val url = URI.create("${it.defaultProtocol}://${it.host}:${it.port}")
-                val host = HostBuilder()._accessUrl_(url)._protocol_(Protocol.IDSCP).build()
-                val endpoint = StaticEndpointBuilder()._endpointHost_(host).build()
+                val endpoint = ConnectorEndpointBuilder()._accessURL_(url).build()
                 ResourceBuilder()._resourceEndpoint_(arrayListOf(endpoint)).build()
             }
         } ?: emptyList()
@@ -72,9 +95,11 @@ class InfoModelService : InfoModel {
             }
         }
 
-    // creates and returns Connector object based on stored preferences
-    // returns random connector_url if none is stored in preferences
-    // op_url and entityNames can not be null
+    /**
+     * Creates and returns Connector object based on stored preferences.
+     * Returns random connector_url if none is stored in preferences.
+     * The fields op_url and entityNames cannot be null.
+     */
     override fun getConnector(): Connector? {
         val maintainerUrl = connectorProfile?.maintainerUrl
         val connectorUrl = connectorProfile?.connectorUrl
@@ -91,13 +116,11 @@ class InfoModelService : InfoModel {
                     TrustedConnectorBuilder()
                 } else {
                     TrustedConnectorBuilder(connectorUrl)
-                            ._host_(Util.asList<Host>(HostBuilder()
-                            ._accessUrl_(connectorUrl).build()))
                 }
                 trustedConnectorBuilder._maintainer_(maintainerUrl)
                 return trustedConnectorBuilder._title_(ArrayList(entityNames))
                         ._securityProfile_(securityProfile)
-                        ._catalog_(catalog)
+                        ._resourceCatalog_(catalog)
                         ._description_(ArrayList(entityNames)).build()
             } catch (ex: ConstraintViolationException) {
                 LOG.error("Caught ConstraintViolationException while building Connector", ex)
@@ -112,12 +135,14 @@ class InfoModelService : InfoModel {
         }
     }
 
-    // store or update new Connector description to preferences
-    // creates random connector_url if null and succeeds only if maintainerUrl and entityNames != null
-    // generates RDF description from Connector object and returns building success
+    /**
+     * Store or update new Connector description to preferences.
+     * Creates random connector_url if null and succeeds only if maintainerUrl and entityNames != null
+     * Generates RDF description from Connector object and returns building success
+     */
     override fun setConnector(profile: ConnectorProfile): Boolean {
         if (profile.securityProfile == null) {
-            profile.securityProfile = SecurityProfile.TRUSTED_CONNECTOR_SECURITY_PROFILE
+            profile.securityProfile = SecurityProfile.TRUST_SECURITY_PROFILE
         }
         return if (settings != null) {
             settings?.connectorProfile = profile
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index 355fe7ff1..fb3ecf2ae 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -9,8 +9,8 @@ karaf: "4.2.8"
 jetty: "9.4.22.v20191022"
 
 # The used version of the infomodel from IESE
-infomodel: "3.1.0"
-infomodelSerializer: "3.1.0"
+infomodel: "4.0.0"
+infomodelSerializer: "4.0.0"
 
 # For javax.xml.bind support in newer java versions
 jaxb: "2.2.11"

From 57caf949ac75837754c19dfc9fb00b03fe7afc3b Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 26 Aug 2020 18:23:34 +0200
Subject: [PATCH 135/237] PKCS12 support for IDSCP2

---
 .../keystores/PreConfiguration.java           | 88 +++++++++++--------
 1 file changed, 49 insertions(+), 39 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index bf31564c4..5f8d75409 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -6,11 +6,9 @@
 import java.nio.file.Files;
 import java.nio.file.Paths;
 import java.security.*;
-import java.security.cert.*;
+import java.security.cert.CertificateException;
+import java.security.cert.X509Certificate;
 import java.util.Arrays;
-import java.util.Date;
-import java.util.Set;
-import java.util.stream.Collectors;
 
 /**
  * A class for creating pre-configured TrustManagers and KeyManagers for TLS Server and TLS Client
@@ -19,6 +17,17 @@
  */
 public class PreConfiguration {
 
+    public static KeyStore getKeyStoreInstanceByPath(String path) throws KeyStoreException {
+        if (path.endsWith(".jks")) {
+            return KeyStore.getInstance("JKS");
+        } else if (path.endsWith(".p12")) {
+            return KeyStore.getInstance("PKCS12");
+        } else {
+            throw new KeyStoreException("Unknown file extension \"" + path.substring(path.lastIndexOf('.')) +
+                    "\", " + "only JKS (.jks) and PKCS12 (.p12) are supported.");
+        }
+    }
+
     /*
      * Get a secure X509ExtendedTrustManager for the SslContext
      *
@@ -30,12 +39,12 @@ public static TrustManager[] getX509ExtTrustManager(
             String trustStorePassword
     ) {
         try (
-                InputStream jksTrustStoreIn = Files.newInputStream(Paths.get(trustStorePath))
+                InputStream trustStoreInputStream = Files.newInputStream(Paths.get(trustStorePath))
         ) {
             /* create TrustManager */
             final TrustManager[] myTrustManager;
-            KeyStore trustStore = KeyStore.getInstance("JKS");
-            trustStore.load(jksTrustStoreIn, trustStorePassword.toCharArray());
+            final KeyStore trustStore = getKeyStoreInstanceByPath(trustStorePath);
+            trustStore.load(trustStoreInputStream, trustStorePassword.toCharArray());
             final TrustManagerFactory trustManagerFactory =
                     TrustManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
 
@@ -69,12 +78,12 @@ public static KeyManager[] getX509ExtKeyManager(
             String keyType
     ) {
         try (
-                InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath))
+                InputStream keyStoreInputStream = Files.newInputStream(Paths.get(keyStorePath))
         ) {
             /* create KeyManager for remote authentication */
             final KeyManager[] myKeyManager;
-            KeyStore keystore = KeyStore.getInstance("JKS");
-            keystore.load(jksKeyStoreIn, keyStorePassword.toCharArray());
+            KeyStore keystore = getKeyStoreInstanceByPath(keyStorePath);
+            keystore.load(keyStoreInputStream, keyStorePassword.toCharArray());
             final KeyManagerFactory keyManagerFactory =
                     KeyManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
             keyManagerFactory.init(keystore, keyPassword.toCharArray());
@@ -109,13 +118,13 @@ public static Key getKey(
             String keyAlias
     ) {
         try (
-                InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath))
+                InputStream keyStoreInputStream = Files.newInputStream(Paths.get(keyStorePath))
         ) {
             /* create KeyManager for remote authentication */
-            KeyStore keystore = KeyStore.getInstance("JKS");
+            KeyStore keystore = getKeyStoreInstanceByPath(keyStorePath);
 
             //load keystore
-            keystore.load(jksKeyStoreIn, keyStorePassword.toCharArray());
+            keystore.load(keyStoreInputStream, keyStorePassword.toCharArray());
 
             // get private key
             Key key = keystore.getKey(keyAlias, keyStorePassword.toCharArray());
@@ -142,17 +151,18 @@ public static X509Certificate getCertificate(
         String keyAlias
     ) {
         try (
-            InputStream jksKeyStoreIn = Files.newInputStream(Paths.get(keyStorePath))
+            InputStream keyStoreInputStream = Files.newInputStream(Paths.get(keyStorePath))
         ) {
             /* create KeyManager for remote authentication */
-            KeyStore keystore = KeyStore.getInstance("JKS");
+            KeyStore keystore = getKeyStoreInstanceByPath(keyStorePath);
 
             //load keystore
-            keystore.load(jksKeyStoreIn, keyStorePassword.toCharArray());
+            keystore.load(keyStoreInputStream, keyStorePassword.toCharArray());
 
             // get private key
             X509Certificate cert = (X509Certificate) keystore.getCertificate(keyAlias);
-            Key key = keystore.getKey(keyAlias, keyStorePassword.toCharArray());
+            // Probe key alias
+            keystore.getKey(keyAlias, keyStorePassword.toCharArray());
             if (cert == null) {
                 throw new RuntimeException("No cert was found in keystore for given alias");
             } else {
@@ -169,26 +179,26 @@ public static X509Certificate getCertificate(
      * This method can be used for filtering certificates in the trust store
      * to avoid expired certificates
      */
-    private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore, Date validityUntilDate)
-            throws KeyStoreException, InvalidAlgorithmParameterException {
-        PKIXParameters params = new PKIXParameters(keyStore);
-
-        // Obtain CA root certificates
-        Set<TrustAnchor> myTrustAnchors = params.getTrustAnchors();
-
-        // Create new set of CA certificates that are still valid for specified date
-        Set<TrustAnchor> validTrustAnchors =
-                myTrustAnchors.stream().filter(
-                        ta -> {
-                            try {
-                                ta.getTrustedCert().checkValidity(validityUntilDate);
-                            } catch (CertificateException e) {
-                                return false;
-                            }
-                            return true;
-                        }).collect(Collectors.toSet());
-
-        // Create PKIXBuilderParameters parameters
-        return new PKIXBuilderParameters(validTrustAnchors, new X509CertSelector());
-    }
+//    private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore, Date validityUntilDate)
+//            throws KeyStoreException, InvalidAlgorithmParameterException {
+//        PKIXParameters params = new PKIXParameters(keyStore);
+//
+//        // Obtain CA root certificates
+//        Set<TrustAnchor> myTrustAnchors = params.getTrustAnchors();
+//
+//        // Create new set of CA certificates that are still valid for specified date
+//        Set<TrustAnchor> validTrustAnchors =
+//                myTrustAnchors.stream().filter(
+//                        ta -> {
+//                            try {
+//                                ta.getTrustedCert().checkValidity(validityUntilDate);
+//                            } catch (CertificateException e) {
+//                                return false;
+//                            }
+//                            return true;
+//                        }).collect(Collectors.toSet());
+//
+//        // Create PKIXBuilderParameters parameters
+//        return new PKIXBuilderParameters(validTrustAnchors, new X509CertSelector());
+//    }
 }
\ No newline at end of file

From 714f2cb2bc25ba768743d17746b991f0b459ad14 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 28 Aug 2020 16:02:24 +0200
Subject: [PATCH 136/237] Add DAPSv2 support for camel-idscp2, still TODO for
 standalone idscp2

---
 .../idscp2/TrustedConnectorDapsDriver.kt      | 17 ++++++++++
 .../idscp2/client/Idscp2ClientEndpoint.kt     |  4 +--
 .../camel/idscp2/server/CamelIdscp2Server.kt  |  4 +--
 .../aisec/ids/api/tokenm/TokenManager.java    | 11 +++---
 .../ids/tokenmanager/TokenManagerService.java | 34 ++++++++-----------
 .../aisec/ids/webconsole/api/ConfigApi.java   | 12 +++----
 6 files changed, 47 insertions(+), 35 deletions(-)
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/TrustedConnectorDapsDriver.kt

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/TrustedConnectorDapsDriver.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/TrustedConnectorDapsDriver.kt
new file mode 100644
index 000000000..c757612ce
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/TrustedConnectorDapsDriver.kt
@@ -0,0 +1,17 @@
+package de.fhg.aisec.ids.camel.idscp2
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
+import java.nio.file.Paths
+
+class TrustedConnectorDapsDriver(private val config: DefaultDapsDriverConfig) : DefaultDapsDriver(config) {
+    override fun getToken(): ByteArray {
+        Idscp2OsgiComponent.getTokenManager()?.acquireToken(
+                config.dapsUrl,
+                Paths.get(config.keyStorePath),
+                config.keyStorePassword,
+                config.keyAlias,
+                Paths.get(config.trustStorePath))
+        return Idscp2OsgiComponent.getSettings().dynamicAttributeToken.toByteArray()
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 7a212bb69..b7dec25ba 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -19,7 +19,7 @@ package de.fhg.aisec.ids.camel.idscp2.client
 import de.fhg.aisec.ids.api.settings.Settings
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.camel.idscp2.TrustedConnectorDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
@@ -71,7 +71,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
 
     private fun makeConnectionInternal(): CompletableFuture<Idscp2Connection> {
         val connectionFuture = CompletableFuture<Idscp2Connection>()
-        Idscp2ClientFactory(DefaultDapsDriver(dapsDriverConfig), NativeTLSDriver())
+        Idscp2ClientFactory(TrustedConnectorDapsDriver(dapsDriverConfig), NativeTLSDriver())
                 .connect(clientSettings, connectionFuture)
         return connectionFuture
     }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index ccd159c5b..1e45481ca 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -17,8 +17,8 @@
 package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
+import de.fhg.aisec.ids.camel.idscp2.TrustedConnectorDapsDriver
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
@@ -43,7 +43,7 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
         val serverConfiguration = Idscp2ServerFactory(
                 this,
                 serverSettings,
-                DefaultDapsDriver(dapsDriverConfig),
+                TrustedConnectorDapsDriver(dapsDriverConfig),
                 NativeTLSDriver()
         )
         server = serverConfiguration.listen(serverSettings)
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
index abf1a6a3c..b29b0533f 100755
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
@@ -35,12 +35,11 @@
 public interface TokenManager {
 
   Map<String, Object> acquireToken(
-      Path targetDirectory,
-      String dapsUrl,
-      String keyStoreName,
-      String keyStorePassword,
-      String keystoreAliasName,
-      String trustStoreName);
+          String dapsUrl,
+          Path keyStorePath,
+          String keyStorePassword,
+          String keystoreAliasName,
+          Path trustStorePath);
 
   Map<String, Object> verifyJWT(
       String dynamicAttributeToken,
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index 183255e00..6d612b71b 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -30,7 +30,6 @@
 import io.jsonwebtoken.SignatureAlgorithm;
 import okhttp3.*;
 import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
 import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
 import org.bouncycastle.asn1.x509.Extension;
 import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
@@ -78,6 +77,7 @@
 public class TokenManagerService implements TokenManager {
   private static final Logger LOG = LoggerFactory.getLogger(TokenManagerService.class);
 
+  @SuppressWarnings("FieldMayBeFinal")
   @Reference(cardinality = ReferenceCardinality.MANDATORY)
   private Settings settings = null;
   private SSLSocketFactory sslSocketFactory = null;
@@ -86,22 +86,20 @@ public class TokenManagerService implements TokenManager {
    * Method to aquire a Dynamic Attribute Token (DAT) from a Dynamic Attribute Provisioning Service
    * (DAPS)
    *
-   * @param targetDirectory   The directory the keystore resides in
    * @param dapsUrl           The token aquiry URL (e.g., http://daps.aisec.fraunhofer.de
-   * @param keyStoreName      Name of the keystore file (e.g., server-keystore.jks)
+   * @param keyStorePath      Name of the keystore file (e.g., server-keystore.jks)
    * @param keyStorePassword  Password of keystore
    * @param keystoreAliasName Alias of the connector's key entry. For default keystores with only
    *                          one entry, this is '1'
-   * @param trustStoreName    Name of the truststore file
+   * @param trustStorePath    Name of the truststore file
    */
   @Override
   public Map<String, Object> acquireToken(
-      Path targetDirectory,
-      String dapsUrl,
-      String keyStoreName,
-      String keyStorePassword,
-      String keystoreAliasName,
-      String trustStoreName) {
+          String dapsUrl,
+          Path keyStorePath,
+          String keyStorePassword,
+          String keystoreAliasName,
+          Path trustStorePath) {
 
     String dynamicAttributeToken = "INVALID_TOKEN";
     String targetAudience = "idsc:IDS_CONNECTORS_ALL";
@@ -110,16 +108,14 @@ public Map<String, Object> acquireToken(
 
     // Try clause for setup phase (loading keys, building trust manager)
     try {
-      InputStream jksKeyStoreInputStream =
-          Files.newInputStream(targetDirectory.resolve(keyStoreName));
-      InputStream jksTrustStoreInputStream =
-          Files.newInputStream(targetDirectory.resolve(trustStoreName));
+      InputStream jksKeyStoreInputStream = Files.newInputStream(keyStorePath);
+      InputStream jksTrustStoreInputStream = Files.newInputStream(trustStorePath);
 
       KeyStore keystore = KeyStore.getInstance("JKS");
       KeyStore trustManagerKeyStore = KeyStore.getInstance("JKS");
 
-      LOG.info("Loading key store: " + keyStoreName);
-      LOG.info("Loading trust store: " + trustStoreName);
+      LOG.info("Loading key store: " + keyStorePath);
+      LOG.info("Loading trust store: " + trustStorePath);
       keystore.load(jksKeyStoreInputStream, keyStorePassword.toCharArray());
       trustManagerKeyStore.load(jksTrustStoreInputStream, keyStorePassword.toCharArray());
       java.security.cert.Certificate[] certs = trustManagerKeyStore.getCertificateChain("ca");
@@ -454,13 +450,13 @@ public void run() {
     LOG.info("Token renewal triggered.");
     try {
       ConnectorConfig config = settings.getConnectorConfig();
+      var ksRoot = FileSystems.getDefault().getPath("etc");
       acquireToken(
-          FileSystems.getDefault().getPath("etc"),
           config.getDapsUrl(),
-          config.getKeystoreName(),
+          ksRoot.resolve(config.getKeystoreName()),
           config.getKeystorePassword(),
           config.getKeystoreAliasName(),
-          config.getTruststoreName());
+          ksRoot.resolve(config.getTruststoreName()));
 
     } catch (Exception e) {
       LOG.error("Token renewal failed", e);
diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
index 6fad55564..13c61d6ff 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
@@ -32,15 +32,15 @@
 import de.fhg.aisec.ids.webconsole.WebConsoleComponent;
 import io.swagger.annotations.*;
 
+import javax.ws.rs.*;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.Response;
 import java.nio.file.FileSystems;
 import java.util.*;
 import java.util.function.Function;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 import java.util.stream.Collectors;
-import javax.ws.rs.*;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
 
 /**
  * REST API interface for configurations in the connector.
@@ -100,13 +100,13 @@ public String set(ConnectorConfig config) {
     }
 
     try {
+      var ksPath = FileSystems.getDefault().getPath("etc");
       tokenManager.acquireToken(
-          FileSystems.getDefault().getPath("etc"),
           config.getDapsUrl(),
-          config.getKeystoreName(),
+          ksPath.resolve(config.getKeystoreName()),
           config.getKeystorePassword(),
           config.getKeystoreAliasName(),
-          config.getTruststoreName());
+          ksPath.resolve(config.getTruststoreName()));
     } catch (Exception e) {
       e.printStackTrace();
     }

From 785eabc8fa11f9abfe4eac69bbd141cea6a97f8f Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 28 Aug 2020 16:03:56 +0200
Subject: [PATCH 137/237] Migrated remaining JKS to PKCS12

---
 .../example-idscp2-client-broadcast.xml       |   4 +-
 .../route-examples/example-idscp2-client.xml  |   4 +-
 .../example-idscp2-server-broadcast.xml       |   4 +-
 .../route-examples/example-idscp2-server.xml  |   4 +-
 .../fhg/aisec/ids/acme/AcmeClientService.kt   |  20 +++++-----
 .../ids/idscp2/example/RunTLSClient.java      |  10 +++--
 .../ids/idscp2/example/RunTLSServer.java      |  10 +++--
 .../ssl/aisecconnector1-keystore.jks          | Bin 2527 -> 0 bytes
 .../ssl/aisecconnector1-keystore.p12          | Bin 0 -> 2853 bytes
 .../ssl/aisecconnector2-keystore.jks          | Bin 2525 -> 0 bytes
 .../ssl/aisecconnector2-keystore.p12          | Bin 0 -> 2853 bytes
 .../resources/ssl/client-truststore_new.jks   | Bin 1974 -> 0 bytes
 .../resources/ssl/client-truststore_new.p12   | Bin 0 -> 2266 bytes
 .../resources/ssl/consumer-core-keystore.jks  | Bin 2441 -> 0 bytes
 .../resources/ssl/consumer-core-keystore.p12  | Bin 0 -> 2765 bytes
 .../ssl/consumer-core-truststore.jks          | Bin 1974 -> 0 bytes
 .../src/main/resources/ssl/consumer-core.p12  | Bin 2693 -> 0 bytes
 .../resources/ssl/provider-core-keystore.jks  | Bin 2443 -> 0 bytes
 .../resources/ssl/provider-core-keystore.p12  | Bin 0 -> 2765 bytes
 .../ssl/provider-core-truststore.jks          | Bin 1974 -> 0 bytes
 .../src/main/resources/ssl/provider-core.p12  | Bin 2693 -> 0 bytes
 idscp2/src/test/java/DapsDriverTest.java      |  36 +++++++++---------
 .../etc/idscp2/aisecconnector1-keystore.jks   | Bin 2527 -> 0 bytes
 .../etc/idscp2/aisecconnector1-keystore.p12   | Bin 0 -> 2853 bytes
 .../etc/idscp2/client-truststore_new.jks      | Bin 1974 -> 0 bytes
 .../etc/idscp2/client-truststore_new.p12      | Bin 0 -> 2266 bytes
 .../src/main/resources/etc/jetty.xml          |   6 +--
 .../etc/tls-webconsole/keystore_latest.jks    | Bin 5239 -> 0 bytes
 .../etc/tls-webconsole/keystore_latest.p12    | Bin 0 -> 5665 bytes
 29 files changed, 51 insertions(+), 47 deletions(-)
 delete mode 100644 idscp2/src/main/resources/ssl/aisecconnector1-keystore.jks
 create mode 100644 idscp2/src/main/resources/ssl/aisecconnector1-keystore.p12
 delete mode 100644 idscp2/src/main/resources/ssl/aisecconnector2-keystore.jks
 create mode 100644 idscp2/src/main/resources/ssl/aisecconnector2-keystore.p12
 delete mode 100644 idscp2/src/main/resources/ssl/client-truststore_new.jks
 create mode 100644 idscp2/src/main/resources/ssl/client-truststore_new.p12
 delete mode 100644 idscp2/src/main/resources/ssl/consumer-core-keystore.jks
 create mode 100644 idscp2/src/main/resources/ssl/consumer-core-keystore.p12
 delete mode 100644 idscp2/src/main/resources/ssl/consumer-core-truststore.jks
 delete mode 100644 idscp2/src/main/resources/ssl/consumer-core.p12
 delete mode 100644 idscp2/src/main/resources/ssl/provider-core-keystore.jks
 create mode 100644 idscp2/src/main/resources/ssl/provider-core-keystore.p12
 delete mode 100644 idscp2/src/main/resources/ssl/provider-core-truststore.jks
 delete mode 100644 idscp2/src/main/resources/ssl/provider-core.p12
 delete mode 100644 karaf-assembly/src/main/resources/etc/idscp2/aisecconnector1-keystore.jks
 create mode 100644 karaf-assembly/src/main/resources/etc/idscp2/aisecconnector1-keystore.p12
 delete mode 100644 karaf-assembly/src/main/resources/etc/idscp2/client-truststore_new.jks
 create mode 100644 karaf-assembly/src/main/resources/etc/idscp2/client-truststore_new.p12
 delete mode 100644 karaf-assembly/src/main/resources/etc/tls-webconsole/keystore_latest.jks
 create mode 100644 karaf-assembly/src/main/resources/etc/tls-webconsole/keystore_latest.p12

diff --git a/examples/route-examples/example-idscp2-client-broadcast.xml b/examples/route-examples/example-idscp2-client-broadcast.xml
index b9ca71854..870753e6e 100644
--- a/examples/route-examples/example-idscp2-client-broadcast.xml
+++ b/examples/route-examples/example-idscp2-client-broadcast.xml
@@ -7,10 +7,10 @@
 
     <camel:sslContextParameters id="clientSslContext" certAlias="1.0.1">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.jks" password="password"/>
+            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
-            <camel:keyStore resource="etc/idscp2/client-truststore_new.jks" password="password"/>
+            <camel:keyStore resource="etc/idscp2/client-truststore_new.p12" password="password"/>
         </camel:trustManagers>
     </camel:sslContextParameters>
 
diff --git a/examples/route-examples/example-idscp2-client.xml b/examples/route-examples/example-idscp2-client.xml
index b803ed2cd..e16eed49a 100644
--- a/examples/route-examples/example-idscp2-client.xml
+++ b/examples/route-examples/example-idscp2-client.xml
@@ -7,10 +7,10 @@
 
     <camel:sslContextParameters id="clientSslContext" certAlias="1.0.1">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.jks" password="password"/>
+            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
-            <camel:keyStore resource="etc/idscp2/client-truststore_new.jks" password="password"/>
+            <camel:keyStore resource="etc/idscp2/client-truststore_new.p12" password="password"/>
         </camel:trustManagers>
     </camel:sslContextParameters>
 
diff --git a/examples/route-examples/example-idscp2-server-broadcast.xml b/examples/route-examples/example-idscp2-server-broadcast.xml
index 31aaffb0c..48bb1321b 100644
--- a/examples/route-examples/example-idscp2-server-broadcast.xml
+++ b/examples/route-examples/example-idscp2-server-broadcast.xml
@@ -7,10 +7,10 @@
 
     <camel:sslContextParameters id="serverSslContext" certAlias="1.0.1">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.jks" password="password"/>
+            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
-            <camel:keyStore resource="etc/idscp2/client-truststore_new.jks" password="password"/>
+            <camel:keyStore resource="etc/idscp2/client-truststore_new.p12" password="password"/>
         </camel:trustManagers>
     </camel:sslContextParameters>
 
diff --git a/examples/route-examples/example-idscp2-server.xml b/examples/route-examples/example-idscp2-server.xml
index 98a87f346..c7b1d330a 100644
--- a/examples/route-examples/example-idscp2-server.xml
+++ b/examples/route-examples/example-idscp2-server.xml
@@ -7,10 +7,10 @@
 
     <camel:sslContextParameters id="serverSslContext" certAlias="1.0.1">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.jks" password="password"/>
+            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
-            <camel:keyStore resource="etc/idscp2/client-truststore_new.jks" password="password"/>
+            <camel:keyStore resource="etc/idscp2/client-truststore_new.p12" password="password"/>
         </camel:trustManagers>
     </camel:sslContextParameters>
 
diff --git a/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeClientService.kt b/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeClientService.kt
index 25166ab14..1a4d00203 100644
--- a/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeClientService.kt
+++ b/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeClientService.kt
@@ -259,18 +259,18 @@ class AcmeClientService : AcmeClient, Runnable {
                             // Download and save certificate
                             val certificate = order.certificate
                             certificate!!.writeCertificate(chainWriter)
-                            // Create JKS keystore from key and certificate chain
-                            val keyStorePath = targetDirectory.resolve("keystore_$timestamp.jks")
+                            // Create PKCS12 keystore from key and certificate chain
+                            val keyStorePath = targetDirectory.resolve("keystore_$timestamp.p12")
                             try {
-                                Files.newOutputStream(keyStorePath).use { jksOutputStream ->
-                                    val store = KeyStore.getInstance("JKS")
+                                Files.newOutputStream(keyStorePath).use { ksOutputStream ->
+                                    val store = KeyStore.getInstance("PKCS12")
                                     store.load(null)
                                     store.setKeyEntry(
                                             "ids",
                                             domainKeyPair.private,
-                                            "ids".toCharArray(),
+                                            "password".toCharArray(),
                                             certificate.certificateChain.toTypedArray<X509Certificate>())
-                                    store.store(jksOutputStream, "ids".toCharArray())
+                                    store.store(ksOutputStream, "password".toCharArray())
                                     // If there is a SslContextFactoryReloader, make it refresh the TLS connections.
                                     LOG.info(
                                             "Reloading of {} SslContextFactoryReloadable implementations...",
@@ -312,9 +312,9 @@ class AcmeClientService : AcmeClient, Runnable {
             return
         }
         try {
-            Files.newInputStream(targetDirectory.resolve(KEYSTORE_LATEST)).use { jksInputStream ->
-                val store = KeyStore.getInstance("JKS")
-                store.load(jksInputStream, "ids".toCharArray())
+            Files.newInputStream(targetDirectory.resolve(KEYSTORE_LATEST)).use { ksInputStream ->
+                val store = KeyStore.getInstance("PKCS12")
+                store.load(ksInputStream, "password".toCharArray())
                 val cert = store.getCertificateChain("ids")[0] as X509Certificate
                 val now = Date().time
                 val notBeforeTime = cert.notBefore.time
@@ -371,7 +371,7 @@ class AcmeClientService : AcmeClient, Runnable {
     companion object {
 
         const val RENEWAL_THRESHOLD = 100.0 / 3.0
-        const val KEYSTORE_LATEST = "keystore_latest.jks"
+        const val KEYSTORE_LATEST = "keystore_latest.p12"
         private val LOG = LoggerFactory.getLogger(AcmeClientService::class.java)!!
         private val challengeMap = HashMap<String, String>()
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
index 98d71595c..8d2371672 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
@@ -2,15 +2,17 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 
+import java.util.Objects;
+
 public class RunTLSClient {
 
     public static void main(String[] args) {
 
         Idscp2Settings settings = new Idscp2Settings.Builder()
-                .setKeyStorePath(RunTLSClient.class.getClassLoader().
-                        getResource("ssl/aisecconnector1-keystore.jks").getPath())
-                .setTrustStorePath(RunTLSClient.class.getClassLoader().
-                        getResource("ssl/client-truststore_new.jks").getPath())
+                .setKeyStorePath(Objects.requireNonNull(RunTLSClient.class.getClassLoader().
+                        getResource("ssl/aisecconnector1-keystore.p12")).getPath())
+                .setTrustStorePath(Objects.requireNonNull(RunTLSClient.class.getClassLoader().
+                        getResource("ssl/client-truststore_new.p12")).getPath())
                 .setCertificateAlias("1.0.1")
                 .setDapsKeyAlias("1")
                 .setRatTimeoutDelay(300)
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
index da28471a5..fc60003ba 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
@@ -2,15 +2,17 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 
+import java.util.Objects;
+
 public class RunTLSServer {
 
     public static void main(String[] argv) {
 
         Idscp2Settings settings = new Idscp2Settings.Builder()
-                .setKeyStorePath(RunTLSServer.class.getClassLoader().
-                        getResource("ssl/aisecconnector1-keystore.jks").getPath())
-                .setTrustStorePath(RunTLSServer.class.getClassLoader().
-                        getResource("ssl/client-truststore_new.jks").getPath())
+                .setKeyStorePath(Objects.requireNonNull(RunTLSServer.class.getClassLoader().
+                        getResource("ssl/aisecconnector1-keystore.p12")).getPath())
+                .setTrustStorePath(Objects.requireNonNull(RunTLSServer.class.getClassLoader().
+                        getResource("ssl/client-truststore_new.p12")).getPath())
                 .setCertificateAlias("1.0.1")
                 .setDapsKeyAlias("1")
                 .setRatTimeoutDelay(300)
diff --git a/idscp2/src/main/resources/ssl/aisecconnector1-keystore.jks b/idscp2/src/main/resources/ssl/aisecconnector1-keystore.jks
deleted file mode 100644
index 8cac581c388491153679329a43ce082c6877ea64..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2527
zcma)7c{tSD8=vo(rOY5ROvSaAvW@Q;W9<$ajeQA~J+ojcjL@Yd3?sU>a4(}|m+jh;
zx}{vCv6gb_whA{(wh^w9<u}~rxqsY0e&>14=XpP8dEax+^LgL1F}pDffk2?b4s3UT
zAhcMvQr6872pkG>U>l$~LR13*zyNiqBmlr6Fb?cv-KJ@&kq+ja7sO?NWIV!)lDM=O
zThg^J9CI+W@tY}G<q{KI)7;Q$i~PZNDWy<Jtw_P$WbZi(S|Ip&#|gxTiQsI;oK|{D
zSwk&WB;)GJ5?xW+yJ`GwlVPkS*xh%uq~1d1w*sa@@h{z-G4a#QGw_qQD|t~Jk|lBR
zM%~{rBrqzG*LVC#^rJ5Odn^Vm%ZGX&+7)o1*%X;}AvyTj1G6{m2-e<DTGoTHU+ttK
zQ3GcEEj~sI_l8@KP)>MCmQHwP<jY0cd#v3v2;GBoIDFqa;D~svBVm1g)9{{aG`&i1
zO3q~e(ULUHvijF$Uca5pvcd;Ov<|;0DI{;EK2#H&w@1$PBoFQ%$h%S;{kYu5o78x=
zv#u(23b?$&_+|Dbq^PC-13q40v1f8cRI{)26gAe^jh80VNaa8JG${sI5`0$jQg3<^
z%~yGE9XFWkaX9)`@tLJt^J+<T4bP3s<WZRxu_G0LR0sNVcjF(%wrkDy9Cyg_^w-CR
zSzH79mv<R=xXlX9Zx?mLZ}K(Mes)l>uFO4O<l2xgeTk)gpze;JBmIzCNIbY<-a2`v
z5<ZY9YlC*XNDZujm*qxP&m0<ZUb>Md*!6A0xpjm7WT$Jq;=N;v<NFNUet=fVoK+?k
z1<$N>ugZ0+`MTS{zD>ob%e25AL~8DpY!z+nh%`@Isikt8I|+syQq@DJ$T5ru^A<5_
z<5GeLvAa6URbw>9DO*ReBEe0gbu34*Fjx9Uw1SWO@vo@`CEw+zD;5@4)kIvL7DWQs
z>wn}V55|=hni6%XxVPt3Q~Zu+g)Zh4m2{7jvk<(sXMOi0><QZZMHv*~^UzSc7E<11
z=3r|rp)0&D^|$c#dbz=NGFpJq5d?ciR@=V7VUXNT23tb>Vx?uFT}5N6V;Whdf?h-#
zF)%Ym?Y%C`pDCl%9kOP3iu>#0*-p=6vS#Wp2QWgGSEL>sbeek>pR_TDJ6rZ<RNX_+
zZ@RW-WQ&=P{PILrUrAOri<&$+lwz;H062Y@Wji_U^n)`@B8f^?{TbL#X;<p*Xs?B7
zkac9IA6QinB}z<B)davaf%<-%hQrF;xHu`V=~rDw>L@3fQ$52GK0S*iZc4I!AjxXz
z9ZS`(rv^gF&F^({3vtVYGQ?!#m2Zq_?N7?LzMDc;)-dT?x@B@Yr)RU*YcA$wtHB$`
zW4`l;35;H~pFH;%w`hJk+2gp`J%NJe(K2t#lbkujMcn*G%N~o#@qzdTR{5Eduuznu
zaa-d8WC4D<Z{Eo(Ew(;g<DuiTg=ETm3lAFEXrX32M@vRNDDBtyTIX7hVNO4Cr|O;7
z>tn1=yNl6zgWkmFOeN~-PGaEfmj-CB;R{==+(@PLO=IJoj`)NNHl!NP-IW2ci9o%D
z;`e$(i{u|?DCsBZCk^Gls^0;iKF3(BkAU<Y=ISW1<{EDiZ+U25<7x|1Tm9je(RmU^
zP+RS<PMVJp=MXy}gAa>ESWDk)I5A%zNk4G&@i1J<=|rDKxcg?8b`JJUvrh;A*42y_
zO`nO8bz*v?x6g?FN}i;P_0t5~q&&`JLhA3N`)l#H*NVPBJ~!w3B|f5^$JL=<r_W@(
zPF|%`Q<6;(mu%}j`2#Rqk#ZZvx;ZHB!|j|luho*vF<d+I(&r}@>eFQ~+eH!XiYI}F
z5D4s=upnlG9Fgb(5hwtK0=q#m#7^}D%Y+p%06@VZpeX?b?nH<jgCVd`^CJW-D7i&M
z(W2B4+PNSW+s`+I@C_)lH7J6{TA4d5y7-2MDLS8{Q_K`~K!O1%zgvu82oeaogsrCU
zzFSO(Af&{<C`kK1B8Y?Ntq3SI+|0`P2!)^pYWx{-pD&X^V(Qb0S~Q}eftId;AE-s6
z(?KnwK8Zjgf(%_hUna-_l>dD%Va*re01^=4xG0nZ0FdmnT&-%}gEpi@(v+f^roH&%
zUI#1VhTG`!^?Y?Cr8xb<_pMZPP8%yoY!3p%JMC#{FRPvEacVfR{WNO~F&m}UlocGF
zG7~O%=5Nh9KkU^74LLNkDF1W(wPNYpX2@GDvsZQcKk1ED&(>9VrY^HD+-P$9w!wkL
z!?w*{jc`Da0~us_>IB?WBV*&-Q;;-7*>Svea-JyX!WD=ZrRJ%lI#ON&#LD_uKf;42
z<Qa#nbMLP7t@taruUpob$Qxv<cJ{k^JG?>(yfd@8V|g;Y&2e6{tWPhE=HP0k`8k#*
ziWjRVvz04*>r`keuZ|GlQ+^(=dS9o_EiVq^xKI%Q0u*zA^THQ72g(VbR!$s-gGs&Z
zSx05Y69LI-udJ-ZhY?XH)~rE=t!Wk59uOBJ)sxI`;+`*8DeIB0+U=-4?o08S+?I<R
z76t_&AZlx^1Pmqug%^POTSNf{f_PA~K)v8#f+{O4EZ9g}n-LO#r=1G*W#Ik(5fz^4
zt9^<YiWkm-E{Gk%{~8WQ0szbsq=M#ua}b(f@RtuJJ3J_WO%v|;FHa$Cb{K=k@C^wQ
zN>UHMW&C-~{V*IT^|w0_=sy+!25y~J66OaoIXeT`3|at-9U8__5}t{{4hr&Rgt0>i
z{}t;pOqgMi%P>&@DzS~bwo!5$G24jUMyYL--bUQN<ta=%p*#V|&DVB570>n^FLWI{
zI(_X2>9eX`jj#DAwSwUTF9md(%G;w@lV2Zy^Sm+csb*owj;iw0Bj^`FxKTT?rF^)^
zlz&xAU<_9rs!uhGbzFO*`^zKKYIm$>pi9i7OSx+nKcS}y#7%VY;d*{_{}Zc^dQZoE
zWT}Kz61-k76P>5M-}b}uRIpwIW2PMWE-H$sj5G+AiE&fSef4pl+++mHKXHnOm9HOa
zm>s=oQy#+pRQ-f`FS5ayvR35W)^RHF0OHIpj_wHm3g0$3lLuzR+9kffzq;>tzK;(h
zr&(_oKJ`&#yUR$a4e7dDcq!SG$1tbpONmRd4^J$1DZPNN6y$1Pyv9;8RB%nIvx`Fs
KwRVuWxBmm2L>qhn

diff --git a/idscp2/src/main/resources/ssl/aisecconnector1-keystore.p12 b/idscp2/src/main/resources/ssl/aisecconnector1-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..62fc410c929ce1ebfa7aa8b7faf24d008c523253
GIT binary patch
literal 2853
zcmY+EcQ71^7Kd%o7FnIEL<!N^MG&G(LJ++~)F4=0a7DLzFJbi(LA2-zLUg-Ah~A<_
zS*)n5bF<HT^WMGlX3m*2^PO{ke||6|1s4zif*~REB;<lo>QQG@08&5^5;6ovLNGVD
z7ltIZ`o9&iE*MFyb%WJ!T8)I_zh9IP0I&!NzJejaXD|U0$p7$7I4hW*VPYdsOIB6l
zMQx2EoNjPcOH~F31QGS#WPt~4qc&19A0cc)(l!mc*-rU2S|k1l_O&!=N5jB(wJls6
zWMH@G_CLuftQ@lB@b76BiR_h(^=L?kX~Ba5%@vx74XO$fF%Jx_YkRi+h17Y+x#~Q$
zp8hC&Ro$vG0hzT?|Loa$zP)pCXSChNq7B3PBRNt(xikMl>0nNt&&ECvRn5$|srGBf
z`~xmR(r)j*`<I1~0KQyIF$X8^mVItFyL84f?YJ8ETJL)LA;3zWk@o4wSBsdTd{j@2
zCn5MqUXY$TK~~smYNOof)}J<Re>7}m9rh)qM6*%bP5av5FoE^`^_egpWkO_oqA=4y
z8ZSXAk?SkNvHQTYnhV<8uFj^^8q5@tasEmYyjD&+0K^LvVtA~1ZjK%pM8|N6AAIBS
zd{?-~Bgq+&?wS&v#S-AN`oYx++F)Kq>S_`{BXuH9_ReReZmFl4J;**OB>DSvm{2$+
z-lE(^Tb+<sJ{Pxzo2qtNt+CZ?xOY^Vbm*WU`qN2}V?NsD&gMS<AW)&N>8kh2Ol(zh
zRRF>;$GLk^2y&E`PZ@u{e8{(?hJE9GUs>vFWH{0B(((xk(&5peYTE<Bwr@itTIt9Y
zx2umn9FKgpTexP_AQ7GQcKa#DpZljj|D>|~c%)xnWmOWNu$q+pha?1NLhp2AzeJ3=
zKV30Q{I<!dE`EidH0R){Pv%{=1Le4mkrF)@tClc?-$aF&m{)z;VYhd$ZXi2wSk|VD
z(jfA{%z6y_hGBKsur-Xbuc2K<MS<&;|Ll<aeEo?<x}q4B&u#0T3ggeyYvb>z|LV)h
zz1KZ2T0WT}VmaRyCMZxiY1Nn_;>KF5pmEUIrSUu@oV9c~>luvJ<Qn|2u8OKyXPZM@
zw6kEv2-n)jsOR4?x~>G(R+dQN4}B57wKHO|SLa=BEljn#Jp^DjgsF}pNJS}82EU~|
zMM?f7KgYje|JEKp+%>X}5WQ7&!W6Q&`^|0Wiko_3c~{EHo9O!W0}q6yPhLyHHa4Hh
zQ>Hnz<rlKQ5cHBIV!m-dqmUfEV@`M0!G7$w6kFW3GuQht(dF1{QFn_YyiHs~&>O3a
z;T=xxUK3`_SWUFNu6Om)uRJyD4zWdA&50ucxKmBaEYVpR@LZ54l`!^Lj^D0Bi=)qQ
zs&C!ns@8ZsF5SP8K(C{@iOLU@D_N5jbx-z7Uh|42;#J<d*6d((h0)VOHJTS%T8Upm
zCuEMN{_=y`f1J&>O8@W!GDlkRE`G=k<0;f7PSL4Z)L#JlBZVRR{bR@DrZV}e{=lS1
zo22xIf+!nWH;oh(Duuw7xJ8(@lZz(JT-Km&%2x)wUE{!2D;2feEQ)5<h>|NaFmtO@
z(N#khTp1!^539-ZEDH=3vCl@QV84WLhWf+9xJQlWEE!wCU|;h)bYCtB8%>TKRQ+V`
z1UuPUzB9X#U<&pwhVfE&z}h@@!QSncJk0O$jtU`qfeLIf6cl|Mdp=j=2^clmFCXe<
zNeKB8M%$9cLvifGPp2Umku)(<NTdmFGH?2Is9>dXuW`l!NVn&<j*$ziO)^wxm$_cS
zVK(go{QaZH*@JuGZW}s8FBLg{MjFFdMNt%A>vu&f%Z0e`5>+MVol5~Wq(OynDHzS)
zswAg}gKq<g;4rR#5CfbZOl#=mYR?J3cV9+I9DY;c5>huFHUImFl%xnrtbKztfB>SK
zq4LiL@PA$<`L|aE<0*f`p&kuPbj5L9#_#2!&tjGS<JC|kF&TwkCWOfj-D|125hp(Q
zQ+z!3q;El@lGho*=T3!w+^U4#qsFsJ;?#XS6Bcm}CO*EKigTvG$*4f$f=}OV>fWTz
z=)I_pr*1;-^=v*pL7^gAv|{AIjHEe7zkfKCy%_=vHGsy$@)2y-hvx>B$Gj)K0iH6x
zoeQK1Eztt&IkZOX6>!Srs>B+J?&wxAgspiw#&7QI{hq4=$3D7(P<v@3|1E-G?hLTL
zaJ6+>+N_#>*95&Zl9>bCrSd*y@>+7wP8C*8B4&-ZSBv(q=nT(qteXJ(e8GD>tDuOY
zyCf|=mV@dB63vZJa#EBka3^0kaCxTSr}c5_hSJxRZEoiVJ6~d*q1J3~Tga4Ecg;*s
z^C2pjsZkuF`8-p@-_)RylBwT<!U_u8b<P<@)X@xnvxe-R#9w(vSmB~a{yGhw8I=|#
zCnkSBpIw1g3KUIIrs<9MUog9u6$5Bk9JPJm$ggh<(q^<}+vG2;TTdkPZgRgR9$YQZ
z-IqiEg0|B~N|y=c3B;mQN}ayV4Ho+?SzG#s3GpvCx3~(NO^6^nFXE%KawoAni(e{Y
zTJ%<@q<ims#=i#DiMWU(c?h@r&eig4xte}&N*Mp_ev(x%;b1G4a3AK|@0DRQjAKB1
zp?&PWpQKUwl+o>*GtjPu%g`_kb}wP^S1&&0oJ)E~90MNH*E)uo%C@6V(pVm{-Qv)^
z%ouN0{_gpJt)yY4{)xWMY%9h{-93=Pnm6#1RaN5@ScB}vvx&EvhGdw+h5OYbFRy%-
zE^&`%^~U4Xbqw3&b7>buif8QJnhu$)STe5Rc0_Vk>Szv9xl^;@$Ddy9N1-rcPC|?`
zi&)!@fbs#h6|xdf)6@n2PU~Mp_2^w-EV3_PA}1-?xXp&njQJrAW-Q(L?heztaMMdY
zfzjra3IyupJ2sI3C5`Q?fFoX$sbn7oC6}+0ot?wUNxE4G>{^;KPby*%cGTK!?IR=g
zp8=~@eQAklcl|kX*B!RE(p%)7Z0X;jQ(l-k3b<l|t&J7usg|e&BR&ETxg@mlzz6l(
zXvfyK458gpTWW3#APv<=af=P<ynYUcwW#iz;vZEs-!6}~f9%-q)pDs%wz9vTzO`my
zA*x@AcJzvkO1?#`TECI&9tKI*dFvF_^eYcn9i>wtbU43Z@YF<DZG?+~W~qpM*c?cm
zsboGd-$9>$l&A8P_F<PBs&n7T3l)>lL+Bnzvy5@W|7q$Gow*~sVYbiV3<Mn?CgaD7
zsf%Sj3M9#c5!4+#Lqfj{C*M;)Onkyx()|*6P+3MV>6XVI0z^yLg)$FexeM>rw#!7Q
z#mxjcKcmX_9^dtt7R>>GT!#1@GDysdXt5TOWA^MKTA3l@<c7JixUJcx<;XLmRFxD7
zN%z9>E&&a5@mXOdyWPdfpk4AJrku~LqjpNYZ2G@9G;_+MMh=xw3MSXq%I4GL_c)Rs
zDh4#bG*vFR#{t~8p*9wD!Ql{<21Py#jgd>Z|N1GugN689-u>r65EqL=d^=WAENtd?
zXC8P>g_S6?0T_tMI`f%-^z#!2j^Aq^c;rGIks(#AYJYb|$ayUHS?Nl`OCWF44gvey
z?NIdo(Qec7+H-Y0QN!~J=A3=d6si`%6UW!5Y!Gz1zcNvu6(g)`xZZmG;*E!nZQGOO
zx@gX759W8p%`|82UXS>DAmIgO#In3F1sE5MoP=2D76`~fOa!L){b3MV++vH>daSz>
n*n7Tw&C^r^rk@m7`cQ6Mj>#CEW*-X3DLcpvm<56WQAPg(!sS~c

literal 0
HcmV?d00001

diff --git a/idscp2/src/main/resources/ssl/aisecconnector2-keystore.jks b/idscp2/src/main/resources/ssl/aisecconnector2-keystore.jks
deleted file mode 100644
index 2e9d53bd189ed9b992228bdbbbf3a850e3f0e0e9..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2525
zcma)7c|6ql8=vo(5#w$c$2OU1BqlSy!??04206w#6tlvZV~J)M(_s09Db!TfCPh|`
z<jO6Q<k;M_rF4>|GNCQGw$#cFd%X6K{p0t?=ly!#pW}I+&*%02JkOW6U*19>5U6wj
z8v`Iotx&3Z#svrj4gp25-$7+r#7<cN2H>G;004);M6l^m(cZ>g1dp{T&CH?AA9me*
zdXW4H;uc{xj^6g6Dg1-3Sz!@JaDG>9l;6rjxoODUczsmp)!WkzQ%RZ5WV66zm9Jat
z$i<EecFB5(Y`f+P_X&prT<iPtw9L!D>19xUK~dz>?M9QZIoqT8UgQ^bAwyK}b8K9%
zXG}769C7%)S?1`id5bvaL`(+ueLn#)hk1EG^(f@=y}Px0_%=U5H^+qZV8075>&Fu8
zs?&b#m^-m!sjmHZ_T6B^wpR18C1;{_mT0i1G*v8Y7}f#@JuU|24AwN8E*MhEQ$3F-
zT=?{@sm7Ux;+6BGvDYIi?qU5?G7s6H?s%zMI=5O5n7C)_#3iZCmMwG(gQJ2j`7?CW
ziF;B8p1Iar+x9D0IR$0m`c}Ovmke#vYX%_B;cR*dd~w;`IMOD(f5H#7#U6GmxBFB}
zds~28<gig#S@7+%y@LL4P~s?u@tIKvD;Gr7*fqn|-on(JitPE1k2keNye)lqXxpdP
z4@-$P=OtUJ(-uRQIV+kreSzHA(+UpP%C(m{4RKGB-KJtE>CsQmcBj6`%~LkORVazu
zxGNnpyfT{mXO=-sG&?gzr@DRmf~f}ZtU0+GnLcDN50gA-Z^Hxk`>L7Y#ii7?sK!9o
z9I-f0>FonnzKxMy6EY*@zWSwQRP6~MJ_O~izC>Gig52gTqNI&9SdxWooT|)9&~nQ`
zf0j?{9dCmcih0{<>l3i2(^@Xr?Pv5(t)xFDZjF0G3|aO-dvfAC<z46U$R}5OxQkc#
zcVh5UqPNo@McuceVy;Lik?(lITekcCeWJvx0q<13+b5Hpws+X=(7EkMUsmqgTB0%A
zo>$PJF&5Kh^`e%sc7nRFz01LOHXxC8|9JakGRH_fiFU88UKF3Q9@}&voK}1}UhB6y
z0FoPJHzNPg6n#+DB{nO8+w|;iN|>Ql39}kmgl>91aC)!dg!dzY<I#D}Z?Db{odcCB
z9B}b)y~p$2g$@xJ7hm3>>thVzA-x0ju21%J6|Hjhy$1#6*2#XmZ>Ac+d(Uw!8oj$>
zh1fTplUlmn<G+MG_h?_nnPcQ<Xg_{@)6!?Omfv`&Bwu?lJ3AO}oi@|b@$D_MBVQdp
zhlU34J2QSGrU$~JCs!(SaJ@T5qRh(dhY?8Mt_$x@XCLb_T^_z3n`Vvd;R)aP8P2Ae
zN+u+~TlKZy3_!nO)6p+oKU|DoI9#Fs{gVB?tFJ*XAp6{DeU17IiKLZ6?P~U8_kT)C
z>D9{N&lauRAxz<$L&|JV7S+70xi*mUYhjf>+u(l?KQ8n3l^(V1k6#uw7rtISi*)#v
z7Q7T-!C147=N$9z)E=7S<y2pSVGPgf%^(7lZ2PA>cJ9*bR#E#QJ<^YN97EczMLYg3
zK0dDgadbT{T>JXbhjr7cv8qdP)lPeRU|Ht}PQL%SXJy;L7wD5Mp_SD{JZE#>laVL}
z;fcG}^A@-qQjTtP(<@^0sOsTslRl!O7QQ3&tUft({xy|n*xo>Q-xy&W+@v|7Jgbg~
zq{dcOKJA}*^uyVU^1Fvkl|ZHIhMkOHr<cQWVKEnrjkm?S%Jady`iZX%8Z=&KIqq~E
z-1EwF{KDa$&P~fx--fMWz_l$UODW>>YKns;C!9i9q5IAI#Z?J_fm!BO7n81{X#7S=
zg!>WAKr09YmMblX7eJ9rVu1`4fI<NcP)SxEpX!wQK?wj9q}6gSNdc6XmGOniBBAyU
zBqXS|P7sO+M?T{SH<ZU=^GRDko%Kl>MWnMm4dcU(7GP*cLMXNv6Od#HZq-yGS%D-H
znM49jOvrRiB@>dAn*K#W#{UsP8B|=4pr8o1b*4E`NCa@_pAq#~WJ{J6o5>+CLs(V>
zvK5m|2w|~70?1*4(rGfw+{ywJ0o(q4FKNY>5dkXFRsbNNA^?DN<?tJm&y=}9Bh_q<
z<UiMD1RN-K)hJKjG-g?uIkdWU=k$*x@+LQ<Xe`Q>f*8_R(QZT@nlB3M3w_AFABOBq
z_x*CCC<F0XPk28v{I1~AE~f*9#_d*JJ~r+7dq=9e)|@q0;X$nnl&9s&y>kURnEKGQ
z{UUhwK8JbIWD@ro0af(CF4g=eWNGn3yqVjALnA#wcj{z|Kqt|W{TS_bj~1&ihHSw)
zqZoS1`*coO4X96@n9;7VzT!HZCmeRJ>=t`blP7T6mzy{@%reEEpM&O;$%_xB%YAHp
zbpuiN%!a6p0z7$UvdlH_a`Hm1-6yDeRgMrw+b?i|23bI500?kd1jI>S<OqnCJ}p`q
zhJvZzNuvh2(-IZ3kCxM$WGCy6_d^sx-SuT0ObbLMsSlp+ZAytN!<7tbT-Ee6mar)Y
zr#Iw+M#7*V1XNhxs{(_`K;Z?T#X8Z2fglkyD!>;Qr0RzX1d+RpjhXxiA|ouC%_MUE
z5fzceHV$J&6QygQkF1=uTf^a-008C$I)e6pa}b(p`IiqCFNPbzV@OZ@mnS}tCtxy|
zY`#D$Nps@5@#i(S!%(35-|l3f|5yNccs*M+7zbpD<Rf@YMnottS|Gwob7JziTsBj{
z<CFd?RvJwD!ysue1OQdpK-CRY+rZ5mh}=N+4b<2`)W78^{dQ7$0@5DqlgW1TFEo^a
z6M{&Am4yw)S~6;}xC)OTp+=PgcSp~Cp*!T8uU_R6Ji1_<73ybor1H{ttVh2bu&o+V
zwb*Rk@b>ukRTLX_cZrZ*^vcAk<NaBW)eictO8%aYxo>2fan10I#Ya`@S7wR+{JvZZ
zh&447^ZMsrOi#Q;n)oxx@@~=3)O~o&?o!-nWeXRvwS#$;=<<|x+u8fIV#h1^sNL>Y
z)mx^og@=9lVW=>lQgh@O|5uMgvo)nj%AHygdoQj}f<DJ5#kILsqRM<htJQ0uOYkjn
zi8hjoJrh^cK1IxpC6N6XKIXKPo|kvZzOR64RbhwDph6T`u0CpCt9WYXR7GR0ze=QK
L8oqB?Gl=~I&$keh

diff --git a/idscp2/src/main/resources/ssl/aisecconnector2-keystore.p12 b/idscp2/src/main/resources/ssl/aisecconnector2-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..aee655d146f41bbfb45af4cf45d0cde079cc45cc
GIT binary patch
literal 2853
zcmY+EXE+;*8plJH5Ho0S?5Z76yLPH*t7=tI8hcmmJ%iYzYOktMyJl%Aszi-c(ONZP
z)CuaKX6@_V=iYOk`{8}w=lT8L_y6&S#?kOnQUK97>hBPk2woe1NJ{~wD8f+>fpFBH
zE^!YU2gd$i1l9xLz&e*$`*JiOH2?jAQ&UhD;Xo&79Ow`&459uXzAWbeF`oxb@)qBd
zq&fQN-yApVtVNyR9!?1a^jvm<`uk?z{c!9I9{{szAC*R?7^VU@URf^GpN(J5`=jgy
z!cC<SkpUZQ?Z}N-=jLO7^6jPfhTNVV%Cwh_Yt*dwG=F{tS*X-!fJ|g%?U&%At&3n=
zR~F{aSZGZxG9&6)xL#Yj((7Os%JitHUp4Lz)!P@p8+65uc?1+9&FgtktlCX_vdGz$
zz?#IK`kV5GI@r!}fhytKX4|Gx!_B+UK%O@fr09y7(?8-Frz^`p_B#$UV4?{S+kG+P
zIUnr2y%~K2tv#=-Nv25Id~T98(snF0M91|k)qS?^V~#V=_vZtMABIAuK*0n^QgxTz
zDET=ITdWJ6rF5o;9)+6|tU?s}m@FShiVC##eF%zPd9KF=d`C3Xbb;HZd*r;{c^{fH
zX1DM%XP0p6^I}<^&ot3aTLk>4Pxp{jae_d;r7O7ZDR4aNTts4M-K!w1Ra^&0B0A7~
zfA-#bRt5JnX%oOXD#2a@rNrG6cJ+2X7Gh;=4cUB`hen<(5xQ0M@>2Su!^@s=*Iul>
z3^h`|a`9I*jdp?oOEaEM?}+nuYMS&;b$^&#i+OufS|a21#*R9hkMlhtClh8=aK5D&
zuY|dQSf*LA>FuOYQWRg8X?1BxwmoF$Y;E^h|E5B47fNyFZ16p6(c<AL-|-2}KyJ96
z1jtopTy6Gn#2jUeidTN7;6mrHSqV3!VCU5Zm4068<o0)nYh&-%4uw9nn5cf@%5cj%
zdoolKAr+MDA*HT*y?op9tsg^*`;Uioq+ch&KaGQW!e>>iUL4zo`Rzo5C}o?KhL48V
zu2uRzmK>quxrT#2GzAEjkLmBRFsSOEd?Q#8p7D@WtVgfig)Vozc?H8et;-=J^L;sb
z@9c6a!FON0iVcjYPy4z_#|0D=j-P$oaHsaJ(NO2!cUitqWLEv6`@a~<&Zx9*&Gc(t
z%PJ+SKI$}1?cSV@vwS;h(c5WR$;5$WAvYq3Ji`(dGka0wlQ;S{;AG#RnTpXC13ER2
z=$)ppZC4?dl~o%TgC{*yd6^Z8K5a6qdkL?7JUl4g+PdX3vbFMemTz<V606t(2AzAo
zT6|0C>PSy-S(`fd4+N?mT`z>I4l2_$v(1fmtaL-&ozm@<S(R6icl{_b3OO}#fSG)_
zI7=<n_N0wRi*tpYPD8H~f_`x{q8LzR?Xmd;`>5^P%3_<NC-$bN;N&SssC;0@LPTy8
zLR1WZelceExJMsb3Km%|UhvhOK^TD`5P(F^a-VL81W{V=Cze}gNFJxD71wbZuFd^d
zRT?0ZygSLS8Cw-i5HlKPKuwXF#H&G^^@_G8ZeKzI#_DEWqC`)ihAtd|`>uUc_ujAe
zz+rq$;(PD(M(W?VpD$7^8?5XxY<3Z#MworlwA+qOjO5x!n24%()L&-IEm5by^1Hj-
ztPC-vkptq$4S&rM<%<#harCcA65NVbdR2gmBR33YcQj2fC|iS*5|J*VvG^I`1E+rS
z;nW5zDQD@J7KSARdHEpy#1KOF#0t%mF+ujs5@bHexyY)W2D;U*Oh-HjWY2K+p7D^p
zGI!r`!lonUvEl92(m(HQc2T_Kwp0>hmExe9IR*DPxK?$G%q!<M>WyZnj8{}j%Ay(n
zRwayC62wIbkVNzTgIFY)K}<$YPwaRkWfbIPuS?2G$xF*CTzb^}?;|Lr2nW7*iEdL;
z04^8ipM>K7ybAfZSLsXQmoRb?C&;?WP4q7bR4F%d^*>$>$APIZCq$b@L-q+Zn~qEZ
zwRXgH(-F<mCH=s;!T632t3@|!VL|iIn;)tX6(+wI@Y1=(Jfyg**;evyLNZc&m49X4
zS&=ug4X3|4VFoMr#LU=-y7zwAZpuh-N%)3HAZ!n*)E`EuSsTG)&NGX00BWi>cMt%_
z$O2Gt1NpZDq?V^N@#>k8#3Qs+7BXJ(Q_{&>JV_1p9$!hRE?}T!a@zigZJM9k3&*G7
z*R_~^^?}llDQRoZ?0vUa{SO>#lPm{FMB#Mmfg2|6TM0ESd9y%QF0pi$7$LwIwUz5w
zVhx{CpvQ2h(1HQgHkq3lRVYg*N-Ml7o7(M}eQT+mCl~n8%RiNT(Nla>TRxU1Y8zCd
z9$-;t+L3|R(W2yqDu*YY#!s${ob#tt$juYEyKdH|)wV`3%NA=COq&Avn*%-9VyA@e
z-1unAvXlA1L8b)zq>%k3d_c7U)l?;aK%O@<)anW?uPXTM1HKO7&xjZ(m@Kb6ngGXP
zmVd-61x$wTVMbfNr$6F~*@8yt(#KGr3h9g~ob+W4x3rJp*$oT6c|48P6%Tm^tA!B-
zy#@WfwEDO<Y|4VCgHcmX`QojN*3!YT%ExV4CCl%KIu|k>H{Ou@J2aY8$LpiUgV*C+
zHRdQ0Ze%g6+VXv^BM7Pi$`%}GXH3OH7$_Ml_~o<sLiIP@WIzbz@xE4P<;^D*oQue%
z$-BlLcT8B`jp5!kD>rX%{cd20plIIOX0%Xi8zW3Um3u*f?VR%nU8K7k?{$P%q<d+V
zH4SJ;lI@;J79ps2VL0};(t9U`%fv25R?3|_)qCEaFYq3N+f2+bCp_-%+Vrm}DvWR7
z^}kHrBsdn8Xaq!B`xxzSr1St%@G}xm9X}{>CTp1+Z{6-`PSgR`_t7jzJ)AUe2^T^G
z4<;IMoeL=H^XFh?!S7#(a*A4P#rK|V+{2uXR*D8OskoWdhL!!whs}Q6NtkEP>qv_z
zEz?JIwH3GcsuK@9(`Xf`ti6XwbMp-&vU@4e9A~4`8lQSKX5G;Fz>PHZGxBR-ByH>K
zfX}wCQo9<Q*lQ71yaN~^nR3Q*hYv-2`UM<a6)6+t9mnY~MxcGGx#$5LvN9Mul#pYj
z6xe-5EB#L%aL>b_LGF#yCOSripWU0C`xx8LxGQU}X+-a?fihu3b!ESjuDsyD+Sug0
zoU(q65xfO|9q&|4zV}@5lAMEF#$zMAUv|tECp)6^;mes6Nq*jn9gcCB_=z8<ZxUMc
zZt|g`i$7vtqxeiyu&qbO-pcNd0?WZzp*+arIhOoBET(-p%1XfiYoX)-4KozxRy+#A
zD7FNn*2w`=tX7;2!bNYu4-lRjtY2E=XQf01=n4wITKfaO#v*a>z^7UHz)h22CA;=8
z7OEV}vx=?xDXzYyo3f$@hM6@;kKf+c;&d2itD#9*CME=ojF;DRB=W;6s6UNQrSdR<
zuAUD)IoNj~!&X#YnfNmaCa?;WXvDJfuU#+^7pmVh@pa#DFX6QQ@d^2y?`KJ|dP@j=
zm))sG^RrQ;E9ekelFh%mK1gKrcHYjTH`}D|URdPaE-rr1`Baw&nVtIe{u<npOiOf2
z=g-g<$9+3<iW>c#e^MEs;el-G4NfLrOawG)wGLfhN1013xFusgv(*&4N*~$#Fp!So
zzQm$3{VP5^_L64RwL~iLe`>$-GjfYo7p;QkMZ+LqQ92+cI~V|BJ^%)l$X{(V`uaR@
oS!}CL+@rwp1jM}5LIb3v@M2pFR^ZN0qhs)H%2%TVQs9gJ1+x`I#{d8T

literal 0
HcmV?d00001

diff --git a/idscp2/src/main/resources/ssl/client-truststore_new.jks b/idscp2/src/main/resources/ssl/client-truststore_new.jks
deleted file mode 100644
index 998f04c7d601ba0540b4d4d15fe86bdcb7af0bbf..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jf5m7g0V2#i-HLzr0V9qvZVoo<`V)9?W%*4pV#L2LU
z@x9*Bv>WXPylk9WZ60mkc^Mg5Ss4tR47m+B*_cCF*o2u}Tn&W{1VJ1w9xk_{#L~Qs
z{It{}LpcK(kRUUUsHaP?LQsBwi9$$fafyPnqk@rvp@o5*IIp3Fp@FfXp_!qPfl-t=
zuQ8BoWCrC@#f~OMC1j^FvNA9?G4eAQG%<29H8C<WY?5tN?)^5Q*D*0+%@qazhG|QD
zqy@Hr@PA{%c`KBAiqOI>vpkK@<?@GzH*|O}5KMY{Sina0&jg>{zD!3f<TUMmtq<~_
zT-+~h!uwaet9;I*o9Ds=1(zJ(rJwyH;Jv)wW1orZ+#a0O-27+71BUVgi(Z%S?Ob-r
zXKz8w?wMkhECNNVGjv3pWbRC!@Z?=&Wmvg^*NrtT{hKHEy|Yp_-|y37-EzrY$8|r`
zd>L8WmPNPq_~x&Fw@qo$5yw>f^<FE!$;&;sTP1t-^dg(dS-HPdKHL`;C_7QZ!}u<K
z)twKMN;h2$f3l``pO$gS<wmtWY36U2zLYH4XQ<-fVj{7le7V=eU9n8ej0}v66Aa=E
zWPx!d%f}+dA~OB?n{ZE-?w+*t$KgB6_{$c2NS<II50X}9kuVTzz^;HFq(GRF@jnZz
z0W**?;06isv#<bDk{fay0Fw_e4j36an3bnx9s70Sl1AY+_Vo3?s?FuTc4e_Bt#0E@
zsf)g?cGhuD@|-7(^`W;d_wQHtZIwE3PdWYnvu7L5e+=xjP+z=w_i^I{Ul-?p=9UiS
z9S=U2n>z%Zipp*lu$0)ca^by}UFXjJ-QyZ?{>+ZV)9WPPWv_2jS{fCjs&lH-W0AJn
z^d`@i3n>%5^?q;5x~aP$C}VQp@AKi}X;aJWgPVg@UHk&fq9!lNkFaBXHhY0NA8+i_
z0|h1%t(fN-%nR$yK6gH$%}Ddu&jpRiqF$e_G?cswTARIFYr)q`)f4V%ADcNjK_c{Q
z_q-7GTP|1ZCae^(R(4Tf{QLLpf@vwwp0dPEJAHcYPH;|SEiO$0XT+SFY+JMu8SxV^
zBfbM>#A}d@$jFEsg4{I8fF{5U2+Vv2MwZ|VXcA@MKtv{&F^~erGcc12gEBcde+QQ)
z!Lm4^?6+E_C(QqrT35-%gSVdjJEkXlX2wb9;|r=H&qqG5@jDQwm3?>1vkmJM4k%n(
zWv&{pG$U!(o-1X4P89uFp5kG)-PAZD(@k=FV1bFvhNg&8W6iMqlh41(Dg6<-eZFGO
zN~O6gqQ3`)HTed1&Qp6Y(r*y`BceUJ`C-GRNBlWeWeayq(t8#haQL8tV;V2-&qF^h
zo0Pr35$7su*`aXqw@F9hk+cPe1tJctZOfML_ddntp6}9fIC9deG*Ly7N>#??wqo-l
z84qW^R&lRtdE3}~<fpfHX*VZVh+ui+ZJ~Vud$Zf7{z}W=V(;q5y<UnxFkDLe{hl{5
z*A|(7oI3xMSFypix33}DuknLH<6EQ*c)I8Kw${oO%F9lRt`-l_f0pVT`+~9z*k)i3
z%8l|Y1_pWtIt#QGXtb$il#~=$>FXyK<>)157N;ibrNN7Cy_8h_%#>n1pqxPn8;3R<
zu*_#?WMuI$a5Hd$@eP>TETCqj<d^5=<R=1kU^A%*Sn?+)CZ`sa0E>MyJrDyeHG|6o
z!KqSj-)zyd{agKa!QYw;4yWw+wJm3*g11jl;{112E#n$j-WJx6t=(6%)q*aUGGw#;
zy5KBQD;fNflWV%jv40{$Cu%Mn59m$5oqTVV=eg`$_O5mFERRlnzrL02cVNM#Bj2{L
zt8KjXc+FOed5P!u`?=4S4b1Y%-??DNvK1R{JxO@1*&4G}H&rvC`l;9g`I=)%Z~u9)
zG}_O%emwg|cZGCR_eZxl%g_5C^<^ZTee+9vMniO0Y-gh0r`;LVbKcZFJ($0dnWyoe
zYrYYqA=e$%<_Ut+7Vmn}bu&WYORM6`YKBXK_xC*O*&X-8P$I!$Zrc3ySu?wxy5@h*
jKJsPXQbv^>U)0#*vbc9$N>rMBDW~+|HRjd{yhWM-qpIG&

diff --git a/idscp2/src/main/resources/ssl/client-truststore_new.p12 b/idscp2/src/main/resources/ssl/client-truststore_new.p12
new file mode 100644
index 0000000000000000000000000000000000000000..3eb864bcd6bc350928b2d0f812edad3e18af58c8
GIT binary patch
literal 2266
zcmV<02qpJ0f(X_E0Ru3C2#*E{Duzgg_YDCD0ic2ifCPdFd@zCtcrbzpbOs43hDe6@
z4FLxRpn?cxFoFnS0s#Opf(Tj$2`Yw2hW8Bt2LUiC1_~;MNQU<f0So~KFdGCED^tB?
z3s0`SMCu2BK)~G&*9n4{0s{cUP=JC6APZuA_c5rxyd$gn@|^rZlqvFQmEOb2`IH>L
zS;N;R&D&T3l~f{;t2E8({}$!tUbX}xxzC`hh2v{(4nLa4ZU41amD-|qRIxn`W~xtn
zXdx1nI%9vt3a*Vd&FJ^>a0f=9(tg;B*WGR{Eq;tC$;l?WS;!r8Y(PPT;$F~d(=gtB
z)W%u4qo_{ERR%6ZVKbpRN{fxm)obj7zT!F##|B@4RUL3%ymrH*BK6i}&d#}WGQJlu
zLjAp(djMT&r5R$Di%YbTU7rn;CfIRJNF(SGP|o()2S}>%DFehqPG_iWK>lU4PcO^O
zLOjDyu;gAu#4%HG2M&q*g$gHAX-GvF$&4TBS6U*kklo{>8<Fp#e1GOfjTUEV_~6Fd
z9DH~L#o7GTh>$XVE{KG?FG9<V(E<??@YFm1o)@3QAO__;mitoYx47JEvJUhy^Q@qD
zC0AoNjS@|}k<No$ppx7haQ6A+nbu1xuQ-a7{$gCN_Nlb!;;Xijp>W9UoaE@ZS~k@R
zTenku>r4FkZwRURpLVmeh9)d(wVzkMhgj<$cMLIeTyLurM9RFWHn~^aSGu9B`l5u{
z<k!WMs$DT#z#^~sN-?5VL(AeNE-Diq5%~wM%&Z6>I69Uk{>`*9|A8DW=~gmYKpUEM
zb_AchmYjQ1mM>fw`1JwBSU|X;uxA<KkTfaF(%O$>XOOW`^Rf*8D!;uQjOljAnO|%{
z5coN~h&0bFXg9%`uUW+XgiCp*^4L|!bpGQW^6lNS&X(rMr!H4C(!!q@pG_TVY3Ikq
znPgbU_8hou#6f}uXZoJq|BMj#5xp|kk-LbGwq(@5C?&7g6|k2t8?BF`6dJz_c@f~b
zamk-c5Trd;?t21w4?31`@k+sOt|pMa@*H+&x{4RZ`V64ci#bMcmb<>0?mxConbF^W
z9y~{eDm)hiV^i+!CrX1Tnork_$IhXUsT|b_|Hfo@=r*aR1fKMhH(W7pJtfX%^E0!5
zu<ENMUZBnU^<xi>COMQRO1I8@LBx-RX%FJ}Xr()kB1ptDef-~qE+eQdpXC5#8MK~<
ztYK**Qjq^*`+{l^4&=M35J4*wH8;wvB7<GP6oDdV@LTr4DqS`tdj$X5P1W@aHn{BQ
zTgDv*Vj4wR=*A0Hqtb=L;aROr6QCpbAj?+=*fle!f#G3xcn?$|U@1g(p#M{PUwD%E
zcjB`{0Z%xLU!aH+*5zXF=-4;{qL(~SdCi~H`AL`jK;|f8)?(^3QobzYI*?O%7;0x~
zp}FTpMbrI%^uTL8!SlcQQ}j9Kc0D$&AF5l!NvMl6t7ykTcm2eQks+kns_@P)cy8W!
z37x>+rVRS(HFsjT2jHmA$r8{(lirasXRuTvS-S3fsM71pus%zF@wdVXEZ}i*U(G)N
zGD7i@lYz^eh{m)p%b=&Ts?Y+R5W$}|edEKWZ0e~OoH#sviE5+?m`Ps}x|xwQzB`Zx
zghJ?=Dx3$TaQF!87nBugc1Et8?jiYM2{ZXR=gFsSX3ML?99g5z%v*$^KX*`ldN;7U
zHL|BV*kA%6QSok)#4T8RE@0<^wlM(hLUb$z;+gtsIs-OUDl)=!iXze`D4bQa_z{A5
z8ygdO&)-3wpG+aKi&c>$fVT&@uMiNUEuLoIS~&P^rGcHT5rA2|%iyUI=a(|^AC3W<
z1W%cdLT<f%$xHhghWz;~`sdavb!3_P>n!fqpb|f@B5c(;tW%x$F9obhh24K`o!+wG
z{g$;=f+mV~zWwD^ITPuntuew-0qVl#4Plw=VF_FEB(R(PpET(Y*>Vj+L?{oY<1Bn3
zrAZH;D!Evxobjia4C0Xu00RF3mVnMbphS7W{`5fj`kfe3R1Gx_!a1y-NzS59nf)Lk
zj&sF+Lnn63<5E;yNLhD?RoSdex!?Nnv-@(nsGzO~J0$jzf&Aznu`!Tm-ZPLFMAHlC
z8eEE;5ccQ+pqw?5yS5jy1v;eGC)@Hp7QUDu+`0Fn%=4pe^f95%RqmMfL)Em*LR_C*
z%O9si`H^4>Y!8DlFJ#XJkMt9+N4b+5K!D3iN?Y)87CSL<aG3$=GLC{G7TyNQCtTfh
zITZ4{ygqp8w%Ww!PcV;_08|eZ%d67F;PTi97Ndm7(8Lr#nmf~t6OJp~-Dr}Ew@J=O
z9N-DlFkK{QYy49yY4ApecOxy^MP>e?1bv@O?e7Kxs@+x+<J3@H?R38n&E9&1&c1nQ
zD+x@if>&Yoqcua>+!YR54k#o|J2eVJa>QrJ!La!h6FiM8>9Q&rm>U$BK346{4)?p4
z`of(RrmN_k()Czx+unqp_6XqenTSF)GP^#BaohSk3&}=8pPg3&Tt$^eU&Q#t6UGHC
znD+W?GERQR$ZA^omOE7p6pS+6V4F8!<Z6>9z}B@q<WRcu{2+wqgWQoRZ(twJu(i+x
zH<@j!LJ_M}&N_IrA&*P{8x5&67pjQ|2lvsNqhtfFb1hz#o0}#Y!^#LYMFgxjkwy<*
zQ$i6NxnYBzvgQHGJ&%IcS{fdy>-V9Qm_udCvY1^;7s0MDs#+%%p0FPl7Li760IIa7
zyiCXRA)oHVUnPxev?Focp`%Mnh^^nr+n^GXYAQgFMtd~af|znt=Xa#n+NqKak*vhn
z(i$|VI(|2z*(DXU{<4%{yz_b7LB`ot_eF9iIsM3^BjHtoOihEsJ~Oz8K#r&GO;GX=
zy&V~nnyd)&E4Jns&+a3%!oB)+Pcya-h%i1dAutIB1uG5%0vZJX1Qb3?)~0Q}9Ipsu
oRs~uk{^L<ialHf-v&!?)z}^Ele6^!UVF#w4zFz1(0s{etpidH0I{*Lx

literal 0
HcmV?d00001

diff --git a/idscp2/src/main/resources/ssl/consumer-core-keystore.jks b/idscp2/src/main/resources/ssl/consumer-core-keystore.jks
deleted file mode 100644
index 2954091c5335e34036ec818d63bf9cd08a9651ea..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2441
zcma)7c{r497oTSqWNf`7M#z?JnDIP}ZDzDslTvn5sKHF5n910RP!k$^%SRHT##Y0d
zq-04+yojQr=(UYD!dteA_(tz?y?=ave1DwlI=^%7`<(ln>vx~CGPN=VgTde;0e%Vq
zi8R(9uGIrD7zzNn$RD7Ln52OifCO;x^#Fi^A-TwpBk@C$CalK(=8^p5DG%fjO-uY_
zRG_kIIpJ~%=7%SmU!7!>a*_1PdP(K<t33zP$XWe&7v|p{qow(6p5XKBq`%y69U9N;
zS>ol?+;5h%gpYmTQ8~ub-xz`$%!~GI0X)XLT>zCXk)`NYBu=&Pb(HgXqODW4;;@M&
zo>h82RP&fHPU#lF>@#M&6wIhyiXm<!H17X;Cb$)^R8hSen5C^(J^E!#sUVe8AQ@Nf
z($yF3ou6=L@#G<4_7;kN+Kg~RwpKmZc(K;zcH+=`q>-}WcAEECWR{hRRk*mb8CFm!
zKjnTKL11`cn++dD6pkO*{rq_8lwx>H0SY%6v4Gq)scGB&{nm?-Z_+b&3C<<QP8^Eu
zVme#4JD9XuMTX#3tuA-WrYTLnskC(VsKj-r4d)Ytugns8$q6Bb={?uWGwd$8&0`-t
zlQK*Xh=9qr01>r5#5{japgh_K|4KQFO?o*J)0;F<n`1Qi?ES}mW_uE>?TAX#gUPG=
z4aBCQ+nyC3DDsA&Bc7_eY+OzAg!MIf-PUvPP+KL>=d*4D=55(l%UPe4>wb%AD7H@+
ze74*b7jd?ofLEOiYL=uoza4Q5S#C?x!R@_Agio2g==es})QOG0%_q6YdM1osEznmy
zkAVpaJB%b3LU`JhQ5Ji4HOcjH!S0LyDOP@2sGOL5;|&EAQZbWWH7UP{AO8Kdd~MF5
z-58Qz94ui>#bpY>W+cbT$#_qYSmWhh8}lebUZ1=cC6hX4E^m5PT6cNqZcO^d{aaaG
z)`Fv0A%S=x%PF>{*s=QXm3D+g%~K;H`MqD$_8F%_`HUerBc;K${esPRTM~}st@R0O
zil})^MN;LX8%`HjOsnedef#O)cSQ7;4=zo5a{Kw3wd9`N&L$cjXW+B@yEq<8c@%#7
z;#-X5WUxN5iLhAi5@M0Ft>b_PnMNKCYRq-vq$Jw;+QcZ*>&X4Bg{FHq#&w$wwPRCe
zvlDA!CS`;yT?#^9In&Q~C6b`Qw_i{d7kKr0lx}s;hDLib1W9eivtxlfe6fUE9}{7J
zEHfv=F5k){MEF(NK8|h5@{`s0r6HdCP(NGvLw7|daZ!SBBbkyzJ)WBeecczqT*at=
z#)Gkm&-W|!^7{3t2h}?b*-XP>KjDi!%v+r&vuaz)8b?~zTg!x%4mK4Bl$lT&e1*L<
zJs_xE%oqJOx|wz;g>kcvjlDfuslk7)ot!!xmDV%o@>L&=@tnA~`%3+IoIE;spLTCK
z#kNvF?3Ey#Q(Gd@j=cUY;UV-u^_c4q%DtLC*shGyZ~5RY4D+hqnC?XZ<zdM5<ngag
z4zP()MREbx=b<~c5Or?ehq#g{IS|_Ws@1MGH6~~LdU5W%_k%7@-Je2v!wt!Y!*)`)
zBIY_jhN?PJDz8;wO{yFpW)J&z=C<+bY=+7iv5=mJ-O(lJeAJ87H>uky(zlaNJ#xO#
zMM`^OX!1MDeSTFzS@CRz{@11Wnpnb?qdU4}YD)DY840f8A#s^42^~U<TMmhLb9p^u
z*9Bp!)ecp}Q}I;K>ReP&ZH2Cm@25+FJ@X}fmt-&c^lS3H6=O9uv_2p6J)8P_utPcD
zc_2Qo?CIFkLq%6U>kNjSOjs5y%taLhIjM2ztlUnHZOZE|mrAzJJND0+i1H?wf|f8C
z(q1$VtwAmVSBQWEa5!KJN{g+-CGALBlm-Aa3I=Y2(BL{Tga=X#1Glw<FyQ(%ASoqj
z&!I)Im}~}}1F3);*Ng}$jH9iax;s5AT-`0g-)6hIF$h_Jn-rxXOUM`kA)=`z1npCl
zHijT$(DE+`(*BPOGN9C22DB7vyQ7<(4TJ{`{>-=;vViDxq6rO82N|Y#A|3L_TM%gh
zcr!ZP-_p{A4q2EpKrW#9@47@IAHfA=VIsREoC^T3CdvslS*~YZRik;>tW9)NFeRWD
zZ5G?oq+8E>5`{>n)K^os=;v6MSj^u!YTI!WJvEgb?vMH*tNt0+ORqj>l8gT}Qx>6K
z?=n>rb)}$faGmXuvBTL_O<$H*v$}m6@drIe7Bf4gZY}`_vU^NlZvJrN)kI6QfHddt
zEF9wFc8qn8$9OZ{?yjg0ir?SjI;t>qPg?@17rISJzm;_@GD3b|>L&lR2h`b{)BQ)v
zF?Q=B-oyL&*s@C(m~r;`4<<tD$4?K$OVdUXnch228U)6j!WBNVdfXly<{#yz@j*$h
zb7nHQ)qOV$G?zK~dQaj2r+Whd7U@*{l#?yKiiRTq7;udXY!-Dy9aI&yR#gV6fRvYy
zzn)INjMip1l*}(TkVCe-EE0lhYi=zh7F0MX-<j5SC-HchR!QfE8;X04-qCG*Km4SN
zDh3G$VIX?#tSl0VfTIdQ^EIG`1VI95ScogsOVVM6haV*w83k~H3ACUvdH{j(52*-&
zbfciaFoMVjx{FDO)-?(x4gkm<pgm~&HwNKJ7JtPEWJj@r*)-9O{}qYDW`_sR0_dD@
z5hcwCYs#NxY9kdu`M<*<;Qwd<h+TW_dgOXgmMa~=W`#wB&^h=3Hi!OiCW(HCh)Dn}
z_Bu-2tM*5|J5OvQP7rC_#kz7qgQV{y4%e&kNYo6D>A!tpdr@WH*gYEK*8vxao#f##
z5ZB05Wu$e;1#($In=W+K%^7u0pLy3iQC)FW!a`8`h+iqJE3@7-(wDONgjS2=o870r
zXTC|&iPrM%L#p5(ExQsIG}56w1J+{E8^l({g<zEqnG?@6q|T*zO3o3QnP+ELzTL+(
zI*Mm~;63?bhF{V(a8M*y)*4#%CCLm7Z#9pe!8D2G=D6i3?NbrsUA4=IN}1L#TNyZg
zCR!@WuRX?EsWZc@ZKvm~-cHihr*+54d~%6^{AfDewq9cM!(4T`eYS(SM?Rn(DkGSg
VRC-r3Q9Eb+oT?yPx+^UZ{1?Je1;+pY

diff --git a/idscp2/src/main/resources/ssl/consumer-core-keystore.p12 b/idscp2/src/main/resources/ssl/consumer-core-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..c1fb9610a86bd9bd3ad5130f327116c78684dd2b
GIT binary patch
literal 2765
zcmY+EXEYlM8^;rgAV^!K)LtD{C8?OPwe|{XHCCy;irOo6jg*QSRn)Cfd#gQb@1QDf
z?Qm7qs#V+dzUO`KJ@><No^yWx=lOs9!Ew-j3LprMgW@1Gf{|*GzvzKf!1p+)7Z?Y1
zzr@aP9Hr&IB1%0lj#BFqt6h!?g!X@5bWkA0dmQ)#jsyRK3qYX%$Cu@7V8#l7b)JIQ
zNr9#zVl|yusrWiXjD-RO=)CL#_aPyV56PAn6j?*9Fe=9^uc`pu`I^=i(`ivNsjZ<a
z(Ev=q))vfNx>j)53izl)7{?^Y>bm${{N4dRod8~?4EbQ9gqSEGIIu2kBD}25$VHHp
z9OJAzs;l#KW~+VKrFUxwxEfbC(ud{9QZsH`GGnRgtzi)pG+Fm1bH@pF-j7P9qqxt#
zb4cXP3G!KcJN9WzMrq$tHV~@)<$(#S<Z#!dEHZmkQIm0f+4TwVtpDjd1sAap0}qZU
zF1hP$H9hRRrh4H+TvR1b;{9n%uZ`^Twb1hSh$*gFPNsdhh2DDRjK~iLIv_mJBR^B5
zr^W^*gJ#hbI=}PYDBSW0(VBj4aN03))yptz=1y{QVvF}$;gg-Y1C2$q>9frZ!I)mL
zKMY-l;u5P`)BsQK!}aJsu!wL*lfhzt)XOZ)MFJm*lM3wbo>oq?J~IwyR$tJA5Di5D
zOUsexPRjX*ncX+HHDUwtEX<`0KB{y2W@O<$JM`EQRD!t8r2VoXyct+T9ngqcOUm9e
zO7;7dGYx)#tEQ-Np(0SzU8L$A;d2?zox{$b0$riO&we?5+102c*;x}jQW<8{OGQVe
zEN#rURL9vzv>A4eXM^@Q9!F)kumu>@q}?a*%5a-D-Re?=wD6wxCpQUJfi3ETr%%gj
z_00f0x3@oWO8XB>egg=e`|g&&mT6#(+?<h^^M+Ly(Vm{}N2dbM`KM21;|<fs`55yu
zG6Xce=Y?M3`s%6+EAZuNh%re{VH#iQZ40xY#NgQ`E+vbtftjtPRDBw~n&axP*=qBy
zH_LEt<@9p5c@G|fi|GVV8EUGT!cZRu_TiXh6xHbAY_Hc&d{RSI&}JB#@0x!|XZ>rf
zq@T_dA9p-Q1jHb3kqf@XQ}NyV&mYqrcuysu8`Qhx9xuW=KR1dUf3B`rh!;NXWtW)s
zdS)3GKCVvSAz{u+J`N5`d7GMC`y&3Coh1SxV9f7#10!Rz(t@Nu`174e@Y)v{cD9&6
z!ZSjMt-eEdmG!71HhZ8z%2#lzD`2B^e#8vKip?R1qm+|ug0|yG)W6dMyYHJ@@8Yvc
zGC2yiIiuqkbO2E=);yc3y&i6P2N~Zp4UQA?(iFDHiR@AtO?w}yg5(nT5pjK8v+_tz
zH&&@A!Q&-$%m8TMv9;Tk>OHZhV+2kI6SeLzKiqAF!hb{v1}c1d4kHnx>aI5MJkqJt
z>EuaVm)A_}agGKJ_nsT>j;}v)x{$>a3QSUCSl5>GkBfRoYaiCe?HSUFW-;~0NIuuh
z%j?kRny<K%tGQ%TEC=Gu!{=?1YozQ|6XrGqO?uo)Gt8*ye|DA{S?6LkSL!=-SZdL}
zqPy^u>jNijs_{JTB`c#WNwFCf;Dvi^$1;@~Z%Ji*0I+SzTW~fD5qPV`Xs~p?pl`+5
z<!AsV^Q&*Y5FU-T{<MZ6hX)GqnqX;*bq--xd4kYSWVTWr2GOaPF0@uNU=i9e^_5JD
zT)MJvKp(2Gdlt*<ACKJBRfo*uha}x6Cb2nlkeBI2y6^1|v=|p15;I$nuG-TJKa#bt
zTxiNRK1%oa%oYY&O03LXH}t&wHl3g&5Z)5-UL+FZd!g%ZJ5D4D+>r9sq+^{xh{Lb_
ztx6h31elWofPnM-gP0JEU<N}+S37P5N=i~3iI6~|;1cjlkAnX`qJmsnbpO(#KPiBK
z%eD4T0{oX(A^-8}v`5PI{gXj}N`J<9`kVwY2CGx`U$2JYz!edMF`gLd)5>swZDm;V
zG;1Pf0ACvKEHm%LPHWYnqZ$vBLh17iE$+(nLH_Ft_B8WFRD?~N@h@QknHsjg(dHTj
zw0+25Rfa`+_6dnf{V~uc%B4X~N+gTCPT-Jqzb}3hmU2Uqup0ZceTp+qlsWsYdX40q
z71#PUQG-1kxwo$Gu%1XPw0C4OL4u!xjNH4bi~S6Kp>Cr|*US;2aB&~S#6e@ED%EuL
zT>^HZC-_H>rrBs1x)^f!K>ZubL`zis7GIIMQ-nx(2~;4VZD)?FR!KJOj(5X5vs&|K
z?8<)4J>)@PQ`^nGsZ;v6NTv0LkN3Mo$`~Z9Q9S+FnyX8S-P-lpncNCP420l24xUn$
zVhBvaK>4~euim$#=p7#ym0k)nJ0}g>qzww&W+iO+_$MRLeW1)<Z;-idS8Vp7uh!x#
zjymmd(Ka`KSU)UjGo`9Hns@jzSWRuUe3)$ia<3dO@UDn3jw)jqF<Db!snV|3r}7j+
z$Dco8q!Kx)AMBU~g@4Y9mSWnfFhJH^<!QwpQp+PDML8pYG`QnzE>hgY&*ApLsWN43
z6AATFi<o2CUymPS-;U@|WTrs9bMp=I^K^wd0B`uc3+i7gwmZT!)-t7jCAYbCSiKHL
zJvk0;S9zbX&L<F9<Pd4!?32Ger6})<WcGrvlRgD@`#a|=KxQH!%0W^#H3uzzikmdC
zi=SjI%tI^c*lk^RtAl&nPgcGoZ;$j|3oe6p%d1bQr%QIliT=2Kp9$;j`=j%^-nicj
zRv_|jn;_zOo73b`Nu|<La}|5A-%)_a#vpFN>}0W7*5$Y{gx)Eoo8!Jwa$dA9Z{v%Z
zh~4NV>UTdjzReW*tt^bn?PG<_=|Xv}Z|e7RVkd9id?f~ZvC2-rq;jj7iBb&v{YgT(
zX;h{2(C9uxR!1pe+^3s(&)sQxOWe!U+!^B{uPcc4(KM25J@33$X5Iam&|S5%DTbF!
z-2EBSKGRE?Re$yh$}2l?8q)sKJuNnxeJCx#j=z!5=_|9fuOFbLg%>i&#3`*(&Gd~X
z0TfD-hunoy#acO7kyt0&J@y}2NMg!rLwpx3W0}A<Q=`=iSM0y5W!iI73o>&Uhc3N_
zbS}0Ye=QG<s+Z!s&|01{2+b#rvYy`nWUi$z_y6gFKj{{=b%MYnkmfdeBFgxh%=v6g
zBoLI5(0J~fT6eNEC)5TaR<c#?1z-sel4j|fO5)j(c2~Jg_PxuoFMjhe@fa$>`g<3E
zQr^z4^!`$aK(~agE~!&n)V<&#$!nY`n7<K|k+(xw=OUBH5h@>FF*xJjC?ztS(U#VZ
z+Z79i?_4Qd%a%^df5Y6LD#QUpjA0FP=&RjRKh9uQw`&0&+pMXYEG&f*!FQAnM6Mp{
zf|X3VV|)FeX4H<YjG=y#@JQC;;oJo@7jK4w;u*d$1%p~bAq?*HMaL3tni<-#S47>u
zIQ9n{7b!S9bxm9eZZ68-5I&Ch;G<R;=w58$s2uvGZ=Z6!YHlxP;(&I!fm8+(KaEev
z@Re1!Mo1jKc!RVqF9Qh^`}mKl@=>~+=6H1AC}X4)e_@g3IRGvP=Yi8eD1~4k3RX%0
zn9(1q1C7XPYA|+5_IvPk*U_vu_fIgRr9q(NA^+VpZXR2-a~B%0d=aHZ0Rl$8{|h%%
B6F>j}

literal 0
HcmV?d00001

diff --git a/idscp2/src/main/resources/ssl/consumer-core-truststore.jks b/idscp2/src/main/resources/ssl/consumer-core-truststore.jks
deleted file mode 100644
index f33b415c29bde31cc216fc32c44a9f91854b6d04..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jq5H$S`18anysevT}19P@P6LY#j6O;b}W+p}^CQgP;
zjPLc1rrl^a;AP{~YV&CO&dbQi%F1BiWXNs6$;KSY!Y0h*;%X>tAPC}c@o>2nC6?x8
z<fo+;8Oj;RfCQO&L_J-C6@v2fOB6y<i%S%o9TkiW3@r@g#CZ)Z3=ND84b2RV42+`0
zd5wWwBQq$MDt0t6Dj_?ak(GhDiIJbdpox)-sfm%1VUujDa__eZy^e_qYpy8xH%wdN
zBQ3D~gZ~>7&Re0}Q-l_7ndNDGE|)(%yrIK;fnd_p!vZ#{e<t|s_GLO^A*X5gYkiRa
z<l=s56W+h#UFCBg-8>g2D7fVKF8%Bu0q^DY9{WsO=l0;N=H@>u9x#+2SoFGlZ|Aa0
zK6?vdcFz>6WDzJ@ouMP*By(r-geUJJE5phSyl$*%>EArL@12#h`F@`s>y}III<EVf
z=F7<1wk*1>$2WidyKPE~jyR^;ulHK<O<wN7-749urx)2w&dU9z^5MR)K-q~J9>#a^
ztL}W5RJ!S6_>(og`?QQpE;p+6Ni%=D^rd9UK0_4;7ZZsc<;%S$?uun%W@KPooL~@V
zAPbBuSw0pq7Ln=C--LUzboZpCKMvnn#$UGJL-GUzd62X+i-dt#19k=cAO*sVjQ?3!
z4VZzH0XIm1pM?dOlH8Ev0GND$alpvX!K^$j>)5Xomoy5uv8S*9Rc$W!wJVE7X>}WK
zN?r7AwX=?MlIJ{OtPj0yxqrX9Z>!XSd&=qmpFP`f{$pULh5F*fyN??u__{d%Gq-do
z?|AUJ+}t7PR8)4efThHil?(5+>^gV$?;h8H^JjJ>o?a*UE_;2O($c6HRh?6v9*eZq
zrZ;)ETu7Pdt@nFd)=k|7K^c?#exDB)Pn%k1AKV<Q>f#q*7BzWEeuN$Cv)K#G`FLZW
z9w;!GXvI9wU|v{n_PO&3ZAO~MelBQC7WMjcrJ>|i(Aw<XS_{5js-AF9``FCM2@;`a
zyXS?d-*UNPH({lSwX%x><KMq$7fefe_LL=V+Ue7CcY<>wYjJ53EF;d-L1e^Fz>N3~
zm=Ui*G9n`*atLzMBm<fNGaxYY85miDGoVS7fddhlT*g2O7|*~=E)2@#;QSq2ngq+@
zgtFgim7XyFTWVb;7Z2Wg_V1XU?3o!SosTc5iaa0ryvFZ9oL2VTEzdTrQ#hb-ZI!ud
zywZ%MU3;#S{W($eXL*W;*>+Roh)g%h?STa*HXE8EN{uzc@=rehDyQ^E<o5ZBIV+Xs
zu895~6xQS$*f~$_y-2@7^pA-4=;ntFn;!A!RFy5<F-h-PaKPb%3XW;Kygv{9xNK7P
z{zjausAY%3$=@a&iAT~F92ST;u(mB*zTf*4mwUcT%i+jLtI|XjMJiPpm)nZXi)1{U
z`C7%js^x8C?~$M0-lg4~Tp@zxjkksN1?<gkoBAs)e~Z1VANP7G{=jf4?e}}$#9Uis
z{&DL3Q(nae+upv0WWUA_290l#GT`Z+<J(#*S12z#ExKAfK>t~)bL<PsGGLp5IVd;E
zvltlY8R#s~TA<OUmQhktV5P60T$H1im|2{ftd|Bay7f|0^)pk7^?-5)A#5DlY``*~
zosp5n!@$kJ1;#gEYO{cvk&<7Ymy@3e)Pc>UB4Ej%oS2+iR01sa&GbMFwA2hP4+N)5
zy?wJq&-QQi-vxhbGB}*F<JY#Fl?vWIL5cI<Rke(3TzOkqKel#X%~lJ#T*{Em_UnSP
zNUdb>OHQuoBFFxT2%V_8a6F(l{dV%bRi5XvbJ@Gr&9gi@@%{Q%w%>sTmyUef!mhUQ
z*5fr>E#@Vj-|y!>TQ)GuCx7RH9m`g1xb-CAv1V(`THRF5gzBea3*>8#CB6OU!P00y
z-}>?F8{HMsQQaTi;w(S!f7F+eboR|J@fi)#U9p{sdY^V@RL^-+_w-=?MrNMIf3EpP
zjD}oyRGTLVPFuX|N!QH?g)gm&FRK|Y3EtoHtY>%J4?~Frhq-C<*JsV_cIuk{Is3?$
heM=ctc6?F$V7{_aql2ICs*3*lb6tsk|Bq?S0{}5o;p_ka

diff --git a/idscp2/src/main/resources/ssl/consumer-core.p12 b/idscp2/src/main/resources/ssl/consumer-core.p12
deleted file mode 100644
index 6607767d644aea4ea7a11e98ac540c623b80283e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2693
zcmY+^c{me}9|v%oZEjNTkejgC%rV#ZtNNm(CKKhpG734SAy+F$TXQXP--^vdu`x%k
zkXx=UBv;PlOvtbA^Zb6l@9+1==lML(`~5ucKVNVH_dOth9ZujjgK(+Fo{!z-18@NH
z3EU_Ufm`c$42Kgy3;$G*d;;j*?`Q-FVEg_0{%HVkNeK797kB{>I6sK9JVi88`A7=|
z1ah)P6F~VZywpW&3z4n6S^2p{Kk$V%E=f<@tZGQd-P=J8Hk|AIlG1>yU0>xCvxy@*
z72iX0<MIOefUNp&&$JM;961h+{cg|@_u!jcYnmQriu!MBv7?C;peo0T2%TybEVl_d
zEJ=tNTPbGq=}&eh?I591@6lwCN|7l-RHEglMCu{Dw4|yoVe6osk#U1_NT5wVlp_%<
zbLUafGQ)k@tA6F|uR#xIE`b(okJy1PxZ=sU7Hxd=G|UA*!IE_wIc@PeJ%7gg0O5I`
zo)v0;OZkM1Q4-jo%*85{*-+nSn6~+T`-8H(cf;k#?*2{oeW}g~Bj=_^D?bnM%as>B
z^iNOOYZnWAA17!za&dVjSl|0p{BTpRI7}087_@ATLFmf_szlX=%EBu2{)pmvw&aJx
zG6#b{-am5m!=QAl{S4&x>Mb)z5*-oub}-w+acmngdOgJ$qpu{_qK;afIiH=4fT0dv
zNAG?Q*OEFm!#bpEeQa>jv&y9hxDw;TSjy=FZ{}(a5pzSxiIT=yj%fvu#`m%BZ09m_
zABR8-G<rK_W(&wIPgdJ&N}a}|-3x=#b7>2y_w6^$79uhophGzE4&(>1$(|D;UF)i$
z{*NqRf9&PtUYvuAHQHGCyKM@yxV~SE){sbW40>n@)%*)61=3!ny(OLjxUa>2!IoK0
znXUnu=C1Qy;hskX3utTp)SU~Hrj+#54C_ddr(fD0x3AlknVEjGmqTmVekc@oLI`68
zK1+t0bc<oZirFdCVKOe%O5a=T;g1%tC?o&O$pq9opS62x=3q?fqt!7oFP^Okrvpb6
z&|cdiDn-q|4EXAr?~cb#Cj8>N@aEZyisINyA$LE`vT(z>Z0fq3?+E`@;tcaa@5Rr3
zDaeeIVB_@uC`Nkfa0*$0Zj<D|Vl-YGlK<;7N&#m?kIU6MCsczoIC^SQM--f&blng3
zj!$beE#qIW<yewVJSL_$O8J;9HPC;+nTu0<-ahZW*On)2qM+pHLl0m(N{Si4ZG0t%
z#x9D7eF_7+$tqHlkw`)9=QsTgCC~=OOd|`Id1sw;^sT^s*Td(Uqi2q^B=1$(T&l~e
zR3J%~zIc>5upWWjWzgmqC8h@gfy&tULFrOE9jMxCrxyD07OQ(2>W^QkYMmZrbM((0
zctCIT{255Lfk%t;1j+&v>#Kt{&uPcSpZCIJIVUufon9=&wyH~_R9W&N$kGg+z@{PL
zY(*<if?&i|T$kl|<V$}3-J_PYliF&HTTm-=yvYF`pfajpa)MX%Ozm<<a1)1aqTBs}
zdc-L^|2E#8Dq8PyfY{Hewvn&&^ky2JWl|-7V#3^gF4q0bYmbMteLk0rHm5&YhrRN0
zcUdrziI;5k`^h@R(I;6&MoI<LEv!!xqM|3AZ!a0C{L^Z_olk8@#O%6tYO%kYVOhf6
zJuFq0)`K@BUmgV*L7+oon4pX)d`}1Q+{?aryRHI3-N72&u*nK3Uys8ogvu}7V=mO<
z<ynS`?P06D&||)Q{XS8P72Yf60Z$5Dau8+GdafKNHfIW({g_+6s1b=UI01a-e?ZG8
zfHgq`Fzk1%`umh1JpbX18vy+6;M#8hm;O&Z_P^CD&4=j4Jk31yw|XD~s7p^Uqvrf)
z;_>5K;}aUBm)tJPzh0H|s}Dy~vKQ_UI>E+cr0q;n63IIU+Yk#YA`&h8BlimIKJQO*
z!>${8(V*eS_X{sYHoMBdpCcd3E=#aCNmC*5fQBOZ%(*3Xfll1AzPb<Z;{bhVOb52Q
zg?IeJ!A#y33tg5|zP2dE@^N<KU6xZ@uM&raJk=&H(}HK(-Z^ofiXk=1G4V`k)b#%M
ziS=`@k2AxG8lOxUm^WrOa6hdl0Z(-Dhd5;PHGX|jx8BE92*}IW!<bJgYDMlYf*2&G
zjJ#`L8)*G$T84dQR+Q-*TDJ1cH;}hHNXr;BFFW^QX(Q`8gmL(4mKdipM+-xpv@D2w
zuG`PE!Atpq(~t3OnKrd5RiB#wG`M$4il9SjaJl`qW+@F+F1FUpMLXk>R~TGUrc)nT
zGo*-VxZR358&I5M)MfLluG;rccK;s@j#tzcy*M-`Sa%a5lIh!Fs9wlw)bo<ZqBj}o
z__1|D3OOq-e$fH;08g$?+iLzW-z1Kmfhisj{?2imWs0I!tTC1XUs1KEic{>p)-<Ec
zuM6ySLuvTFn-vcrYE50o-UQy%KIa>bx++A>y3?OEjjAaxCa)^L!NG(rEE1#5k&`I5
z6jxwSFKq4RaIU#3b1T1)r~KLj=Wg7+<(_fk?xjKb9y*tnDN$rT0-YT{d+*5Pby|}J
zrD^GNQ<VU4lmWcenN!$&YSrx8i*eenJsLgCbO^|F?<Gg#<o3XmdWLFLz3@ewUEbxn
z!bTa(m4$}*nFSf%=3waJU)K^Q(5XS&nfMZ9ElTA&gle*E&N>bwHq_T$;Beg66qdG8
zO;2vL4nn~8uo;P`G2h1$nbFagdwVHS@XIKp8kbHi?kGryS*cQ0Ng6Y>;Lri{{K%n6
z!2k3N3*RC44)xH9!K&C-ZLMJM>Arm@q*@f9*Dt7R$B1gavI(*799D7w9`PA@B8)Q?
zWfkS~_9YLpKjw{9e`Rimmr#@zNP_Y!!}`4kvuGV+-lc$c^-qN4{i)d>Fg}m+LD<97
zg$ELBiTJa(Vp*$6OEGE)e69OoBHnUlbIgoYX)7dTv-Y-h?qule3m<bEnv(70HtU`_
z$w~?89YTAGWm~?vn~0~Ibk->J(NX}H>gXT?0gKHAc5m4GP9-ld#v3ha=8)GL&M@z(
ztjZ7TM${6Iw0NtV0S=eDj|RGCg`L>dgF~<4NvDjjK}SQv$kJ2h3Dyz*i9T!<E9I-z
zPuP(M3C&52vuC&blH0+@!d3<CC^ZOCkm^J>{lb-R!&|MzClh?;^W+@-tW{05F?w<5
z(z}Ip4kPmN2kYC|Z^v}BRDL0=UhcO^dNFA^chxakzg}Gh@wjfTfWL5H_6)4MskT6|
zLM`|XL*e`eByU^Vuv%KU{vz7{J;8S<ujOZMjf>p76@$k;+mo}~m6Um+61^<X7b?`N
zC9o0jjWtlJQ{<U_Wg{?tVT4Z65a<TFrQWI-#{NhT^6?dYsZ~XXkBX->@$*YdK72rK
z<3^vjq&E$`h^9B*&bu#RLLd2}EC>g~>`X%F+s?MRGpX;DG~T^dInUj$FsV07dbPG=
zCVK7(#`e^P#jKik9~GUCP=w3>S4S>kga}CJeMEJi#7poF&yM-m$u)bS(k-btI07yU
x=YoLM_}PIHU^bADxShH5uH&M#q<dn(n2|6+$>zmn5a<0*Q!>&8%Qya3@?X+^2G#%o

diff --git a/idscp2/src/main/resources/ssl/provider-core-keystore.jks b/idscp2/src/main/resources/ssl/provider-core-keystore.jks
deleted file mode 100644
index 21856439f263efd6f9e9499dd037f467166fe84b..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2443
zcma)7X*Anu7td;mt$FP<30k`({}8pb+FBAzOO2(LDv}6-3PBYus+L$v4=S}(sI8i6
z(U&PhEyFaOVAPaaDs2%pmg%C^nGWs5Y-c{aAKnl5ocp`?dG3AgJ-_GP&l{gNKp+rA
zEZ{!`Ob~0)Z`@gVAP^i1WWc@v@)8JR2`~(71VMtqa1bm5wkF6WIBM$rRNd1Ykzk5-
ziQb-#IsRnxpx~{+QuqatUGIQKO4*IO=>B!uR&<Mc-!+0!pc$I^`3d8=hDtbeb}39A
zzaYw6araZad5M2?@G)`~0X#d?*`eruN;pdzGr`PiHRKKko-G*C9eQ1Rr5~-WkCp$j
z-nGX_x1&uao8I32A>Em0kn+vFP6bl+=APaFO~|W#MNYw7MtEKZfxRckrNs4i=g3+l
znjfoiy33=byVU)WBI0PY_huUPH+?qJFL?WiciY>+4rRpFIcH|XB1$iVlPW8j9d#!1
zG_AYPId@Hx+u(Bl;cP)NarT_?w|Mg#Nf)**ZuufNk?q%)x_>-lj0Md^zWP;4U#)*K
z!B-TjIbwl4#NmDQ)NxK(r_@^GYt<RWxo^Gky<Re`4e7&`H>)Z#C)zI7@ud<g9@q8B
zcS=<@?DycAqWak6k-fc;T9iwk^1EXEjziN6Paow5X6`YqabsW9l~)=M`0AYL`p4Ik
z1+}14o4w`y^)w=<Q<$6+QB-h!N1~%NU{G&>9h*V1=hya`eJMs)KX8u}_P^Vi9smkA
zzB=00sVZ|MutL<XW%<%T%CpStN^)VP*|FlD%!Xml!w=AIBH`TT?C^$al!JW|?n_52
zy8*pwub+f(fOX9@I1>58{R~{`e)Vz}a=Xu7>d7%LPG9Y8Lrkgy$9gn*o^nvw+$`lU
zYL3awb2W+Gdbe8Ke<!Yj*VUp(UL=N=zp}{p0j88FU_I@dxj#QA`RYwfl>7Ru8*7cs
zo6ice&%>=+uOLeQv*X#*Hdz#QRgfj6Jn}ukEzky8y_b7z@_@88yTw%d;xWQzFjwe0
zl{GYKraN(cMNjT+^`YCV$L=QHe}m@8%=kRP)fW3@PzLEU!OLkD7&dAgv3)vj#zUhY
z?vitwJMraJrQJM4aOhzjelpBp=Ii{y>#4pXZ$Z^1*Bz2s1<CAJNeK-6>J&Bi&{vt?
z6=^G>4;BZjWj^N{!h|X{b_D$p>uE;F^f_*ez;Hq7NS5lIxu9R}4l(Y9zQbHI9}jGN
zV#z&q=Gx_*`a$Qhif6YXr_H(<lawN*0(3scxY{jizNpdXQ@7dSBbIx9ybU3~X{(~H
z4p~tL<9@0B?Zi7WJ6);H)d_{^+X?4Pqv=yOgeiL?w#He-7w&>4AB{=0n(VXDb}@%@
z`OZPj{8OV?oph5SXaQxdKO)inTJ91$TXYs(@F~pL>!YUdHs)3<hM0;?`C$kdqiBzI
ze(%UrJI@*;Z+F=)K2#lc2>ckz2ypf3H7G8;JlClR<C@Nwj+-b{&6}2$_xaMIwuOrx
zLxJtVxAwOrM0Tc?A%3~R)#T`0PonTao5#8J4o{n#E3@_<kXJ)><**9Ny#@Dj)5~=4
zw?%DUC5IByD_?|sqyM=O#TnvE{|b(?k;~THvth_I$o_Fa>kj8|oy4ilPo&9!TW6nv
z1w!o7K!0JQ;i?=s@Pf^WOCPQvbgW4dcN_b2Vy*bY%}J-)ZQ~a7UoN+Xc4WQiwmmrl
zDoG3Xua8`jESKIeb+had^skc-eUdI8hu)c0lWfyI_z8BN!-+pB6jr@N<j;%N2x+X5
zbd3OrRl%V$b>(IPtCe#wH3)8$^ayvMeZ0p}_IZiy6rRN6JSZHc4Q5JnV}7Q(Q2&^U
za9^A`U<Crf$l{4;2V_8vYM>A>1Og@kauU);*-qIX<-lMWI0!gOkO8D6px!VEMTi55
zpa>v$0YVl*W>FHN!<nIU7GW=-v1^3NDmpuOYI)J);<Y>zsP?v6rU1bbK&#3TtO%wA
zfIu`iHzoS3%9#=frhwI75TN`Y8RP-k-3&6aa9d|jl05+n82_1Zzh!6$#ga;-V@=Hg
z3YJJEnqesxL?SlCibAA?(CKD0-~f;T*7<i`;-L@C04spRb_65?3<kYv?io`m6KxmX
zPH2mE9=lhi{OSAG5l~^85p0>6ay;l#;(L%Q`wNh))I!BRnvd0BxLVy(t9QxKeb7~M
z**DDAS!<i4q@r5@ZIG@wa&lkodlw_dV~T-;x|=LdG8{8whg2qozK7;}H3AnqGCiKZ
z{?PFgvx*dX&UMj``pvrm>u33h=gZ+NsXQ}1k7e2PW~z`Jp#31l&4%{up1*n0#^|FO
z^3?G1eeH8pC;dkLf{vy1jYVL%JMpSYIltr@&%jUOPFSe494d{scCAY|JKeN?@~+Kj
zq<gZNoA1$&&w3S3_}h|kxUqrzc}E9pQnG^eFzrL$Kd^kgbV5}jP%sEwmjT`{?uZtE
z61Ns54^x3DwX$n2qJ9``Z(vg`^4+ZsWYql_0A|;{52gmFq$>#u9(HCW-Q3qGQ0A$+
z<Cp37r&s=<3rZ0N0YHGv?pXyG3<`nQ02aFd0|NjYU{YgLW00*E9v>fLjmOhiQ8)@C
zj!wgc{zEEU2p!J|iNlF~fR}`ncwxigl3*~*2_ORwe`5fWZTVM>5N2X@6q6#p@xLOm
zn9O(@g+^z^iz#^kx2ybFrY=kcQ2IL@6!MP-2Gn+6i-aKog$%hE7V|74gwDd!m@N9g
znI!%pVkUt>^>2G@dsx=IQg*@Hmg7xrJhjTEQk#^gfeTf~V!v~_dU^V6(?;x1sI~KP
zeU;cMo7q6y2nc?W=4ykCpE~y{GE8|wka($y<fNvab;E;Y?{5ex$$z<p8@MAQ@9tH0
z$uaohZF@VzW`Ay9YIo56_?#?tdqDqv=K>1|l5wANGzf^xys+QI?rhKqeQI<f@9+mE
z<SAM;>gze;iIX}!_r+Y10HXm*UUZsW7YXY=u(?wu>|1!lMUi<zP?ve2rgBgWqbD^N
zCVbue-~8-}B3TRC+KR(U$5QW7y}zXHj@4`R?M@r`X5aCf*-c(6og|x;7lt&h!I`bi
dZK!OFOq7?(Yr=x^_u2vHb<94dAt8RNzXRog0pI`t

diff --git a/idscp2/src/main/resources/ssl/provider-core-keystore.p12 b/idscp2/src/main/resources/ssl/provider-core-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..952cab5148316e5460966b80d5bfa9b18d8808d0
GIT binary patch
literal 2765
zcmY+EX*3j!8pmhG*i)9VPWC;?7&48eA^TXeC1jZ}3fT#fdIv*PQrWUILu3nCGxoAg
zvXiYL%aASmNUnR&z3+SOhvz)!{Ql4L|M-L9Sh_(#Iv9=x$H066Z-C!t12O`0a4Z2}
z9E;B>_JrZ+o&GPPHv{A7jZd+`>F6-9{`cz)3lNlp10TU~;C+}Z1Iz#LX*m=OX{QR0
zG1@qGyTiq~TdGSV<+Y1TL3Duj(=Kq=fWdeE4({gluTmP>od$<1me*C?hA37RsHU%7
z54#Rn-f-0l1;MI?4EyeE#?HuOlM2=O7Rh+HaDTpSqYF+jm9<t1;bS+S8JhpgiQiOp
zeL)~#iNN!O!>m0pN#Ay>!6aHPNHmO;|GQd9nb8!#?0VB)0u@)RgJ@JGD}I;`W~-aA
zuH(9}cYR5aJ#F^tC1_MA8byx`g*?C~q62(;Zq$m6H~JF&o+`++R(O9Mc8$4b8X=%b
z;z$WP+z)Q3*8HJNx6@m=KF2>Aru`=Kg|TJsBw=_wGk}a;s!cACf75V4QLLHi(!+iY
zSKnZ&wP1wuhPm1gLW_N77kWuc7eQ?UD-9+}k&gsHiBl;Ov7oFZTESAxa(=ug0wI(~
zY?8({KfqPrJ{ZP)h}!1Oj#MHJt#Z{ItV;}Knn#TIk@_V<sq-b?y?;ptGrCZ7N6+Tl
zlfN{-WdbH6J!5@6vHPO;p}I7&D#|Z8-($JBh+>xBk$~qDHf!Ux<iL04w)bjZ+pLk@
zA;=uhzs}_<bP#`4N`0b{DiX{BdpRS=Rq$L~{f~H^OA583uNn5sB&d_?UA<58W;PO;
zWOwM@TI)hTa0)tghvo~s{brpjQyh{KqWxMhsl!v@@WR@P)=hK5aKrU<3ujsnu?+LZ
zP8iVf`d1dfOG2IF>v`i(d`B{W?rqxFM%fE4ELm?ldI=NQN6yeekTbVP^E>IhH~oq>
z^wVY-4C3Ut>sw#|1HN*t>kPY3e?ZjMX}vE!p2yQ#Q^&T=H=?nRO!wCylRd2Ij@{*d
z(XTc-eqm(}U~M}XRwpLFyfLcqX);lpSMQKbONaKv8j=(Khfp}7xbx+1)MBBEwpSJB
z27zeI858-%d7!UNGVGjlC-8mVcV9~1nTuf155D{s?>)=Sh=8`Ex^w5tXn=>a!?}Cz
zO^uZy6Ca}^rO}F8<hVcSZFDKol00i3115#9t5uIdN}_#{6wpPM!z(1a$x$o+7+V+Z
zeW`(62mjLBP#j#sbD)FgbMc(rYidUz!m*3HKQ-_b-&>=f6m9r9`K#OZ;|)whqG|_2
zm*xGQqOn6Z@ya8iKTFIKq2K0%cxUgteI;fjT!HdBc0m5t&3a{oo=JU^i~h`wczkyb
z0mz%g3)+l4h_lv5$!HFSGv31p@kz~R6!G`aD7Q+P!rXAXQ&-`}pUX!=z{EoMxhG@4
zKzyl1>{}F~E`>L3iYaPRUWWh7u@;l7qBOQP<e9PGU_s2X_VxO*YlKisRHGR-+GwL9
zM-=L@+RGu-AlCdIJ5lQ#-cscFo*86NE7ERcS7?}+V^FU@X)-(4ZV27cvHsJ|!~e|C
zR8F@;Z|yjjUWS)h>a)TIT5OFcuV4^TDbL+J%PtV_Nk`1cTxMc#lE<Q{9+k}b$cqP<
zmtN+w%7*vm`Ob3c19aFYJL&{EB>Hc89jtPkH{xzBcUN_t9$!3$$QpKV26AUmcl0Fn
zmNw@kw>E)Z`Xc?^4U8#vNOIyyuKzo;!3@maVdf{z$kk<%iZ6P~pEqFB!edRuqEqjJ
zMKZ>7ESYe9>%rlGly=0}K)K5AP!a-Qd^5vaRwvj9TBDnJM?U>~Rf=VQ`inV4{iLD_
zjN@-rGD8%>LLh)5O!Obbtq1{gTDf~+MHDY1uc*Kk5lCevnBu8N!G9kyGMrj;_tc_W
zARyp$t^AV!|Ie!o|MqImJ`P{{WO+wEZN@2qKfoa*D4P90UVV%MS8S5*r!3_7bAfXT
zz8!CCGyznuL_?dLZCuEY@~V6`c{WQ_Wsjb>dS~h=SP)c4y&LGL2+U}Z&_qbn_j-lB
zt59>Tj0|wuCo{C6J7Y<kQbvmdyZY9W!89Rao>d7``7wVs@PoSwo3#OIY8bMZ{ORYR
zbdGJ(?_kZXQcCDSqZ$BQk!sYs@;p1fJpIB+yZE$IYpG*Eq#y4H1zjmJx&{BP%UXZy
z<%6P@oix{0O<34?M~Nfc>cG#)c7q|PR_#is=~H2_TnB5szw}BYO?Boy_GDo`GwQxt
z=l1d9=bT$lVvb0Dvdf{!!SdJEh&RO@C?vN=Om}#ZI}|Nr-bK3F>D#WJCOv+~_`cHb
zA!m-Mm;L(c<qu<Tk1svY{poXvC(AGoMg;-n80Sm0E!>*d8g{k9j}`-78wI7Sj@Yb_
z_6*so0*hBIx3F}Qyf)tWu>yU&@a4IU{VUGV;&3I58<yPxyxusd!n3zl$KIY|{Zz&^
zwq^Ve_xTKQE)+HXGrL>t`}+gmR$aK-@jkn|E{SPkrAF#bdw#0z{xy<S1h)mR6%)cN
zUnG&YkV<Xs)yq1XPUL(Ax%7#{$JOFwHjFAT>mU+*qcJ{#oNVO#LT27u1Nv(%PL*$W
zp{+2m&kN+5#kL{`MjXcS1d6}2O=d9Ux3<S=JX32Uh|^Q=bTZCa`i-Vj@I#=IK2Cno
zZId2kY?F&m+t9(AqE8Dc7&?t;y)$_;B}?w;r_R4Z+cZ=yLd1naPJ)4oCwIj(7q1!L
z&GVmlTM<6*fDW1}jQRkV_LjK(5V-~H^DyR#>9kq<IM;bHWVf$POI1Jb`$yela~Ui7
zO-o_(B;i@paJ`2;|2MJ2q_MHG{srd<2D#`f4!?I%rJn8*`A(kA%*-FZCC{C0?_9ws
z8{Nthh|m_Q?D5=7KsQoT{MGWRzWSNoNZ<+N+b`mWHocGGRS|G?jwn{nQ0xA}+Z!<r
zcC>sZS!^87IxoFy3Zc{yM&m{{hr=Iw{7_H{7dk^*KIR#$c$}nJNx{rdainEQQfW&E
z&(HS*?L(y492<I}Soug*RJDdc!^w*5?oHly<i#lJVL_^zJiq-;T2Sq<auU~?MN(Q2
zzO7FbPxT(6Ot4wu8~aCc9;15I{47WIO`7|cO?E`D>EvH7OPS~+ew+elliQxB>fQ-H
z3hzV3+1sBF^jE5VMY#fO8zvwIAwJ=^=R8pw9<y=WSpBi^OeMYDNAE$C$24rT2<$%T
zoql|k=FMzcZfChkf~*ts7-rGV*hHb!qo#{sk)m5>F0jpy>xz}|)4;Svj82Pag)t-p
zMv__tRp7y^-s4^w!e(?bHe0{_ARiW-^3<ZT>HD;H?m*A^m{k|@G30K)RNL+`n|znB
z{?g^+1(Gz=qox<moHi&EDeUYPlP1$oe%CXpkqZ%BDh_Nf6Pjv>@Igk~=F74?etox&
zk(bif?@Hc0%M^C*&{0Y^EZGW(x<NFQ*AnmCpp(nS?>&a^XVlE%`dk%C-C9`%qKDu_
z=Vw0TNSR1+c(GF9rq$5!?y*&mW5reW(KIui)Q2hAWzmZ96yP(sag6pb>?%wY#>_x3
zca{z$Ko0;z0_!b!YU+QyV9jOX5jdEpoIK6&1w%Y@)ZGQW3i#5q)(qyYWM}Ixr653b
IKzz=>024wh_5c6?

literal 0
HcmV?d00001

diff --git a/idscp2/src/main/resources/ssl/provider-core-truststore.jks b/idscp2/src/main/resources/ssl/provider-core-truststore.jks
deleted file mode 100644
index 8ae89ded4a02c09e9dcd78c4c87ba75afb5d559f..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jq5a8Fvz#5@vYGBF0z?^N+#GG!>#N@w#nTe5!iIZUy
z<9ofMX*b#pc-c6$+C196^D;8BvN9Mr8FCwNvN4CUun9A{xEcx@2!c3VJX~%?iKTfN
z`Dv*|hH?fnAVFpxQBRj(g`oWW5`~b|;t~aCM+GATLkj~rab80ULjz+&Lo-7o1EVN$
zUSlBF$PCJ*iXBaiO2|%UWMyD(V&rEqXkz4IYGPz$*d*Jk-1}`puVZ4unkx$a4bztR
zNDFNL;Qz*i^HwPL6rqJ%W_cQ)%jFLbZ|Lw|Aei*@uz-!~p9wy@eVL9}$Z6XBS|8*;
zxwv22g!iv_SNWVrH_wF$3NAUmOF#QZz<YVU$37F+xji_mx%tnE2Mpy07QHUt+qvwL
z&)$NV-8021Sp<q!XXuDH$=sPd;mNzm%CK?+uN!Mx`ZrJRduOF=zTc<Ey5*9)j_ZD=
z`7*M$EsJjJ@y%cVZky7gBaW%|>%CTdlb3sNw@UWv=|wh^vvPl_e7G+xP<En*hw)wf
zsyiPhm2SEi{$x$>J}u*t%Z+M%(#+p3eJNS8&rrp|#YAF9`Esv`yJDG`85tNCCm6&T
z$O7X^mXAe@MP&N(H{qTv-92gPkHdGC@s}<5kUYUa9we>IB4HrbfL#GUNP#dT<9`-b
z17;v)zzq`MXJG-RBsb(Z045(`956C;Fe^{XI`-?tC5^&u?CI-&Rh!Fw?aE?NTHVH*
zQWt$&?X2UR<T+0m>qBo_?%%KO+bVV7o^tyCXU{gA{}|Y5p}u(W?&HP@zAn!H%q<<t
zJ05&4H+Kj+6_wpAU@5U><-&U{yUv~cyT>)){Fxnzr`Jio%U<86v@|M4Rp(Tv$0BXD
z=}n$37g8pA>;2xAbyIgiP{!oG-{-@{)25c$2R8?+y7&c{MNM9kA7RJ(Z1w_kKHk`;
z2MSCkS~1Tvm>1TYeeQfhn~~<Rp9>n3MZG><X()LWv^IOU)`G8>swdpjJ~nf5f<)-q
z?s*~Vw_L8+O;{;nt?Z(}`1kMG1=CWVJ!OfTcKY<(o#33vT3nh0%ZL#Lh>Z9Nm=WIr
zGvYN!Mr33}4nc03WIz*O1_Wk410zdt1~iE>a3CU+%NR%j;~ALAg+ZAdoWFxhlVDk#
zQ1)A`(i7%?ORcNq;=x<b{vFekJu~B^^YH~$k>?|y*Z3WX)5^ZP<=KXH3I`Oftuj}Q
zSDKNuYtNOkKPQU*EKl(;+iq$ck?AJ6J+Q#UW<yg%sj+5Q{>kTG<&^%2+&*71XQk5I
z717^=!kT;oJLjpr7wI>M{t?k0-Tbg&(<A<zs<MSUCh0v34mf;J!7+`O_vfJ>mrcsv
z--vS+wd_zh`P-x;@krW&!vYZp*0yEK_j{k>a?f{ZIUG4@Rhp=xNTn*{a$B)^k&K5k
zU#qxRwY+WYJ@V7ryR@5=D@3ro@wU*ufW6smQ-7u9Z?Sjv<6bYt9~dsB{eI7zm}`s7
zKTe&0%B$F5+uPTW?AQ3gpz$qI20Yz!d|PYf3gu;|MOTXl=s!z!j(tH{25d7h2jxb2
z76Su41Dyq03pCo)GD=Dctn~Ghi*oc5GmBG`_0r%)w_ZxBer8Is9#GC8gpEU+4Or&0
zGcvMx7`Pd@!1xACZ5B{7Qu535a`F>_I<T2k1T6WJ6O&VmN`S?_nI4FNmYTukf#6iB
zw{N!S+5WBmyWnq428UC2{MweYQo-9NC~^L~s+Mt$D{l+y$JXwv*=j+TOBu4+eqC@D
zsg(?V$;mZc<k&wEp%XP1jtBIn-%h@_%JW=yE_>Iyd6q{fzF*(U_B*iP(vfdl*wr@P
zdc0<<#k|Dx`~BQ!%LZoo<nLUtW7&!gx1J<C)@+SgtDCBsQ2kVFfqc!eq__V(SQ_o;
zTR)zCqq{;ns{5l`oaN{JkNPr_&c692KBFPJE4DLH@6+y#>N#)fo*vBK$jsCD&o$qO
z(U9woYV!oaX^VF~>AD%A@TFDpWi`Vk!TWoj_3V!OVJMN{FgI=f`mCAVPF?dqXCL{p
hZz-e7jxTC#=eqI=O`fm2IPt*Zf?a*x#Zzxh1OSMh<4XVl

diff --git a/idscp2/src/main/resources/ssl/provider-core.p12 b/idscp2/src/main/resources/ssl/provider-core.p12
deleted file mode 100644
index 830797f6993b334c9886c6aae7031b06a96bcb4d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2693
zcmV;03VQW0f(n5G0Ru3C3P%PBDuzgg_YDCD0ic2kI0S+UG%$h+Fff7y=LQKXhDe6@
z4FLxRpn?S0FoFcs0s#Opf&|S52`Yw2hW8Bt2LUh~1_~;MNQU<f0So~KFb)I=Vvy#5
zT{2-d0s;sCfPw^|?tC<TC?UZ;9eDHOfZFxQ3Y%}jQ2TqNDPQHSB!;RPNAlP`<aX~1
zJcw@u5zD^m_8gqGq@OI@p>C=P4`0diku|3S-viqdC5RvVs(UOdNUl56m%D<=xme)b
z(Lj`prw;QCn^QG)H!EQa>LfG5&oVGnDs>tfBcWZd-R(=P+%N^V#o#daU^6#NN1ZHO
zd6fw@D&3T~1o5)A!QA0DcoJ^mPa>I11jI9?7#8xD0u?uotnIAw0y4xS?ZQdfu0+>&
z;V5@m@Rgv4GCaPVqDD)Uz;|k@{HEdy7b-Ij6IS#c5+#+3gxAB*#T7GE87ioc>Lqt)
zJoG-$y!;$|KQ)BNKz&XsI>$0XVMe0A26znjv@ym(9nbKeTnUS=283=deM)@-h`TO>
zsc(s?w8aXfjRaoOo{aY*Q&S+ZhK_QE)I&c@uHLTwiHmB=3So(?W|8)A#`l77{~Qjg
z`_Ta_lpnr}#0)dDN%Tr*WDb@c4#w!=12LJ906C|_nFyU|C1cDscx7ZI*uy)~qTtAF
zSGSN=Jlzv~qBQd|8qJPr+V17BLKCB7-<Ly10Ov1byDB}6GL2hKOsZ^iCW0AWp~`Nr
z6~ciL!K%aZcKsIH7D33E0dB(Mv?TH-p|eHZW>)HQJpN_NOQgAz*m;d(2fs_#rOaia
zS=GZKXH$Fs5YUi1tjIhJsv((G@qQRSNImd$K%&}BbiA3mY};mB?nJL8J`N5iq%1N9
zv)QPr8@UWg?^2#DE0^lB7te=4t%`s}a}z<59{um^f$gabq&O@GC1U03qP!Q;bh|$D
zydu^7oo>sL25~rGnWl=$)L(K2o>3B$)&}Mm%0@9$YIn7iZt_?MN2IFAB<T2^Ppi^Q
z?_#ZT`DKn6{`IOD9~yk)(tIRPCh`-x9@}|Uk=F=<2m?qifHKEo2ouKtA~L;%mMkY^
z6>&66jyZna_N`}IO0|j8=uIaGn)<Ouas{2#+JwC<2z@hsR^fDHUXF+ml$)rj8UC@6
zS<dFih=&aQjgOP(Esa&+!h{*YQ2x3a;1$pP$trc_$!GRRvQDll$o<|?+rYh^iFyNN
zuQhT#V>_Cr@UTJ5Tvs|X4NfH2=B+gxn^lavqNCSqvnynm4MoJS45G&@y!~wosRZ(L
z(-okxDS-KLrMabk)klbB98!w1Hwcj+YAhOOIWd{9F3UrD7=vR))WS@Q{gNin9<6E~
zY2uq(GWfY0_Zq<RyCVq=UTGsgx>y*{2c5L8*bGfk9S?+G76kK8LXoWC_O`d|fhmm9
z-i0MoDOJShVV(KE4Mf}cPFF9f4B;PCkLOPY6CsW&LrYYU#RUMZImHx}>&N+M;#}<%
zh#=Z3AA)4xP{hcoBk3M9aDF#`Iwt#rie-1JlCB|%$f5V-lNsw%+_pZ)Rz3e5X6uR3
zYR8YJs40ylQ<$28U3TJ3_e)bvXvF}urqm-!^@L1-uO|k)7LcmyDvdq(i6OkE?(e5G
z{A+njhF>&SMnJRC01AFo29F3z^lR0`cLgtZ0#X`C-E6JP?5sRF5RkG;%4Dyy?@pQf
zFoFd^1_>&LNQU<f0S5t~f(0@Jf(0%xf(0rtf(0f93o3?4hW8Bt3<?1Ppn?SMFoFc?
zFdPO7Duzgg_YDCI0Ru1&1PDnN3itLn_?Q9$2ml0v1jualuo5@V015%iOrUAAp9#S&
zT@GJOm771f%+z#i#->p$?v0_$$Vh(@(gh%^<r1^jHP3LJ!0jo{4gYpEW=z($c4Un$
znXs&lKLCMUM8ErrT;WzPn@mpMzJ@5re4VJm5`m^hq2!(=zyhuWEYbHDCF0iRMkVZs
zBrJZSNa@~sfFeO+piruaoDH(<!O^}8JBaR*q1f<S6X2}kA)qVkip$<OuOG52qa9Mk
zAjf88pEy7YYQuO`-O2m=NNG-Bc+5w~M#x1($4|1QKLYjB7$kaoN_A;oV7T_6z}+EC
zF7-P3D?WmZfc=f`TA{I%sNNr}KijoX<da-toW(r$n0<;ia=%d>dOXv5Exv4LOzZEQ
z$6nkDS$@L&5#ga-1@-n!IEgNgXi$MCq*T1FIR>+4UrE_iQ+vBTa|i`dh*UGUf}~b)
z+S$2a%k)07^pPXPghmATr+0d=4wFZU(@NfpL(tj53Ry7*^0xk2_bMyo^TuetHP)Li
z%o$a1ch@Rsv1|@de>@ZEyH*l-CBN)|n9OUFk*<Hs^^c1k1}IKeEI_O}l!6%-#$orP
zEJ&!l#uW)m+%O|dqPk3;QzAa~0%sAckHy@(Gpq-S_M`Vm{I>Qd%MLGQh3untshR5-
zG~Hfmr5t_L_?$_M^x`H$noAaze^A-Ivmz@%(X98RR50mbYrIW_rRA)J1Ad8F?g9=v
zsf)k3#@<zecpUZGmP3k~3}W@gL4ykFO<Qm>bytCBrDkI~pd&j|X*)yrXqeQ=`Aym1
z;)=pCX2b<Rxey1D<_JL??cSUGZL5Nv<A&mMz&{#o2J}K^(@4Yjf#2YvEx&z&>+?-@
ztZy|hKFyb1vrv$%FjPNAR$>It#DUEbQz0p!v<p0))Dpz#(%;-wV(nUG-ecX}hP`xf
zVXuC!gGqXsMPrU@_z;`acf&kya+mXz0^nU}>UB`=nh1p#oJ(O6+~Dy_UDL({job8=
zYbUQS$|ZU5kpU}NoBsd9q6ajj+>(Ib<&E-Xjc+xl=7ng@x?PPJY<^|<GwH>6V_%J?
zhJoyaO9FsPkzPK^KjJ`vGg=gs1w_N%qt^si`-pX5XtyvJWsanz%TfHOH)$nW(2{4h
zj{sJOISE!j8QiDembWVq4Y{<%g+(!e!DrCIE+AdU(H2uwTgv*zQ~aP2H_;}>h&d}_
ztRYHVLo?=g(Uxh46%4h%g0Tbs#Ac`vo*5VY$B;bMXYuS&9$boLcn+EUt#Xb&K*!ur
zRs&HrtJ20j5mXCv!eD(nIyLENrD1@|XF6jV9l&eCJV-j<z0vB{dBxx0GqAxbB8=30
zk;d1C<s{RijnsSYCxrmn6FF@2zX?pU@0N@b!BDQFKR&-BXarmyX&wReL5jK6=QRtG
zz4N`=xn)B5w;H%edj){p>VJkeKD-5)V{F{D@r=T!eZ*5`;G6J19mmKanB^r;Y=cVR
zFLH3isFZcvw3VhE(y?CE9-znszOAs5iq>U&VtA#XQD!rT01QUYfySIA?jmRM=_Bv`
z3O?zFPy#mXoJ?bXeCW%!1CW)Ip9o7(u;tvB7X_W%Ct-xR7m%d0x}BT<TvIXAG{2#H
zaOYyc!6yNDOvN!JFe3&DDuzgg_YDCF6)_eB6vbXL?22j=Lp9k6J?iOsIzzkldN46C
zAutIB1uG5%0vZJX1QbU}8;WOzT&}LIy(BW#<3QlwJ;($I-FzHzECO!O0s;sCi+B4r

diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 7f67a987d..fabc4eae3 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -15,9 +15,9 @@ public void testValidToken() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                getResource("ssl/aisecconnector1-keystore.p12").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+                getResource("ssl/client-truststore_new.p12").getPath())
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
@@ -45,9 +45,9 @@ public void testInvalidClient() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                getResource("ssl/aisecconnector1-keystore.p12").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+                getResource("ssl/client-truststore_new.p12").getPath())
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
@@ -65,9 +65,9 @@ public void testInvalidUrlNonSecure() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                getResource("ssl/aisecconnector1-keystore.p12").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+                getResource("ssl/client-truststore_new.p12").getPath())
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
@@ -84,9 +84,9 @@ public void testInvalidUrl404() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                getResource("ssl/aisecconnector1-keystore.p12").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+                getResource("ssl/client-truststore_new.p12").getPath())
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
@@ -103,9 +103,9 @@ public void testInvalidPassword1() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                getResource("ssl/aisecconnector1-keystore.p12").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+                getResource("ssl/client-truststore_new.p12").getPath())
             .setKeyStorePassword("INVALID_PASSWORD")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
@@ -120,9 +120,9 @@ public void testInvalidPassword2() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                getResource("ssl/aisecconnector1-keystore.p12").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+                getResource("ssl/client-truststore_new.p12").getPath())
             .setKeyStorePassword("password")
             .setTrustStorePassword("INVALID_PASSWORD")
             .setKeyAlias("1")
@@ -137,9 +137,9 @@ public void testInvalidKeyAlias() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                getResource("ssl/aisecconnector1-keystore.p12").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+                getResource("ssl/client-truststore_new.p12").getPath())
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("INVALID_ALIAS")
@@ -154,9 +154,9 @@ public void testInvalidAuditLogging() {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                getResource("ssl/aisecconnector1-keystore.p12").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+                getResource("ssl/client-truststore_new.p12").getPath())
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
@@ -179,9 +179,9 @@ public static void main(String[] args) {
     DefaultDapsDriverConfig config =
         new DefaultDapsDriverConfig.Builder()
             .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.jks").getPath())
+                getResource("ssl/aisecconnector1-keystore.p12").getPath())
             .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.jks").getPath())
+                getResource("ssl/client-truststore_new.p12").getPath())
             .setKeyStorePassword("password")
             .setTrustStorePassword("password")
             .setKeyAlias("1")
diff --git a/karaf-assembly/src/main/resources/etc/idscp2/aisecconnector1-keystore.jks b/karaf-assembly/src/main/resources/etc/idscp2/aisecconnector1-keystore.jks
deleted file mode 100644
index 8cac581c388491153679329a43ce082c6877ea64..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2527
zcma)7c{tSD8=vo(rOY5ROvSaAvW@Q;W9<$ajeQA~J+ojcjL@Yd3?sU>a4(}|m+jh;
zx}{vCv6gb_whA{(wh^w9<u}~rxqsY0e&>14=XpP8dEax+^LgL1F}pDffk2?b4s3UT
zAhcMvQr6872pkG>U>l$~LR13*zyNiqBmlr6Fb?cv-KJ@&kq+ja7sO?NWIV!)lDM=O
zThg^J9CI+W@tY}G<q{KI)7;Q$i~PZNDWy<Jtw_P$WbZi(S|Ip&#|gxTiQsI;oK|{D
zSwk&WB;)GJ5?xW+yJ`GwlVPkS*xh%uq~1d1w*sa@@h{z-G4a#QGw_qQD|t~Jk|lBR
zM%~{rBrqzG*LVC#^rJ5Odn^Vm%ZGX&+7)o1*%X;}AvyTj1G6{m2-e<DTGoTHU+ttK
zQ3GcEEj~sI_l8@KP)>MCmQHwP<jY0cd#v3v2;GBoIDFqa;D~svBVm1g)9{{aG`&i1
zO3q~e(ULUHvijF$Uca5pvcd;Ov<|;0DI{;EK2#H&w@1$PBoFQ%$h%S;{kYu5o78x=
zv#u(23b?$&_+|Dbq^PC-13q40v1f8cRI{)26gAe^jh80VNaa8JG${sI5`0$jQg3<^
z%~yGE9XFWkaX9)`@tLJt^J+<T4bP3s<WZRxu_G0LR0sNVcjF(%wrkDy9Cyg_^w-CR
zSzH79mv<R=xXlX9Zx?mLZ}K(Mes)l>uFO4O<l2xgeTk)gpze;JBmIzCNIbY<-a2`v
z5<ZY9YlC*XNDZujm*qxP&m0<ZUb>Md*!6A0xpjm7WT$Jq;=N;v<NFNUet=fVoK+?k
z1<$N>ugZ0+`MTS{zD>ob%e25AL~8DpY!z+nh%`@Isikt8I|+syQq@DJ$T5ru^A<5_
z<5GeLvAa6URbw>9DO*ReBEe0gbu34*Fjx9Uw1SWO@vo@`CEw+zD;5@4)kIvL7DWQs
z>wn}V55|=hni6%XxVPt3Q~Zu+g)Zh4m2{7jvk<(sXMOi0><QZZMHv*~^UzSc7E<11
z=3r|rp)0&D^|$c#dbz=NGFpJq5d?ciR@=V7VUXNT23tb>Vx?uFT}5N6V;Whdf?h-#
zF)%Ym?Y%C`pDCl%9kOP3iu>#0*-p=6vS#Wp2QWgGSEL>sbeek>pR_TDJ6rZ<RNX_+
zZ@RW-WQ&=P{PILrUrAOri<&$+lwz;H062Y@Wji_U^n)`@B8f^?{TbL#X;<p*Xs?B7
zkac9IA6QinB}z<B)davaf%<-%hQrF;xHu`V=~rDw>L@3fQ$52GK0S*iZc4I!AjxXz
z9ZS`(rv^gF&F^({3vtVYGQ?!#m2Zq_?N7?LzMDc;)-dT?x@B@Yr)RU*YcA$wtHB$`
zW4`l;35;H~pFH;%w`hJk+2gp`J%NJe(K2t#lbkujMcn*G%N~o#@qzdTR{5Eduuznu
zaa-d8WC4D<Z{Eo(Ew(;g<DuiTg=ETm3lAFEXrX32M@vRNDDBtyTIX7hVNO4Cr|O;7
z>tn1=yNl6zgWkmFOeN~-PGaEfmj-CB;R{==+(@PLO=IJoj`)NNHl!NP-IW2ci9o%D
z;`e$(i{u|?DCsBZCk^Gls^0;iKF3(BkAU<Y=ISW1<{EDiZ+U25<7x|1Tm9je(RmU^
zP+RS<PMVJp=MXy}gAa>ESWDk)I5A%zNk4G&@i1J<=|rDKxcg?8b`JJUvrh;A*42y_
zO`nO8bz*v?x6g?FN}i;P_0t5~q&&`JLhA3N`)l#H*NVPBJ~!w3B|f5^$JL=<r_W@(
zPF|%`Q<6;(mu%}j`2#Rqk#ZZvx;ZHB!|j|luho*vF<d+I(&r}@>eFQ~+eH!XiYI}F
z5D4s=upnlG9Fgb(5hwtK0=q#m#7^}D%Y+p%06@VZpeX?b?nH<jgCVd`^CJW-D7i&M
z(W2B4+PNSW+s`+I@C_)lH7J6{TA4d5y7-2MDLS8{Q_K`~K!O1%zgvu82oeaogsrCU
zzFSO(Af&{<C`kK1B8Y?Ntq3SI+|0`P2!)^pYWx{-pD&X^V(Qb0S~Q}eftId;AE-s6
z(?KnwK8Zjgf(%_hUna-_l>dD%Va*re01^=4xG0nZ0FdmnT&-%}gEpi@(v+f^roH&%
zUI#1VhTG`!^?Y?Cr8xb<_pMZPP8%yoY!3p%JMC#{FRPvEacVfR{WNO~F&m}UlocGF
zG7~O%=5Nh9KkU^74LLNkDF1W(wPNYpX2@GDvsZQcKk1ED&(>9VrY^HD+-P$9w!wkL
z!?w*{jc`Da0~us_>IB?WBV*&-Q;;-7*>Svea-JyX!WD=ZrRJ%lI#ON&#LD_uKf;42
z<Qa#nbMLP7t@taruUpob$Qxv<cJ{k^JG?>(yfd@8V|g;Y&2e6{tWPhE=HP0k`8k#*
ziWjRVvz04*>r`keuZ|GlQ+^(=dS9o_EiVq^xKI%Q0u*zA^THQ72g(VbR!$s-gGs&Z
zSx05Y69LI-udJ-ZhY?XH)~rE=t!Wk59uOBJ)sxI`;+`*8DeIB0+U=-4?o08S+?I<R
z76t_&AZlx^1Pmqug%^POTSNf{f_PA~K)v8#f+{O4EZ9g}n-LO#r=1G*W#Ik(5fz^4
zt9^<YiWkm-E{Gk%{~8WQ0szbsq=M#ua}b(f@RtuJJ3J_WO%v|;FHa$Cb{K=k@C^wQ
zN>UHMW&C-~{V*IT^|w0_=sy+!25y~J66OaoIXeT`3|at-9U8__5}t{{4hr&Rgt0>i
z{}t;pOqgMi%P>&@DzS~bwo!5$G24jUMyYL--bUQN<ta=%p*#V|&DVB570>n^FLWI{
zI(_X2>9eX`jj#DAwSwUTF9md(%G;w@lV2Zy^Sm+csb*owj;iw0Bj^`FxKTT?rF^)^
zlz&xAU<_9rs!uhGbzFO*`^zKKYIm$>pi9i7OSx+nKcS}y#7%VY;d*{_{}Zc^dQZoE
zWT}Kz61-k76P>5M-}b}uRIpwIW2PMWE-H$sj5G+AiE&fSef4pl+++mHKXHnOm9HOa
zm>s=oQy#+pRQ-f`FS5ayvR35W)^RHF0OHIpj_wHm3g0$3lLuzR+9kffzq;>tzK;(h
zr&(_oKJ`&#yUR$a4e7dDcq!SG$1tbpONmRd4^J$1DZPNN6y$1Pyv9;8RB%nIvx`Fs
KwRVuWxBmm2L>qhn

diff --git a/karaf-assembly/src/main/resources/etc/idscp2/aisecconnector1-keystore.p12 b/karaf-assembly/src/main/resources/etc/idscp2/aisecconnector1-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..bca94974f6805074438e1e6324f91800b37241b8
GIT binary patch
literal 2853
zcmY+EXE+;*8plN<wTciVXiH-Rr7>bxjhc;Ft!wWZRkbNC8bpavGmWkGICaR;)+)94
zrlE?UV%4!#QP;iCz2`jV!~49?^ZUQ=|KksZWfGtT08v=R88CwwP8WA{8E^@Zk7eu!
zVHvwGa61Z1XZMeY&KQKH!(3q9i@5`4`rj8bBY-v^3pznzK}RT2FysI6ML91BTI(kM
z34J#7M9FdZbljAe@4jzP6fKaZ{h|xh!_|=Vb6>GutE#`D1%$c1#C(rUbP?Q}!_-z<
z()we0<^0x;>iqW}W4hF>BASz?#rVl=q|&PTjN)A^d3S@3&)e^*MA8Xw-mjc}3>j`t
z2hbf?Jv7jm4vjdxwfDXe1o}FtK;4mvI?3ki;}!dGMTXTPWvvJz0O~_z8X2Z=cpT7j
zH$c$g(8SX9aM980nQAi?YMA9<cT@sC;*r<wa^diiqPM2K>hX3^oX87%a!<ckiI&Av
zu>fd1&x4ln0z;{R$j2O8A26aOk0kN@o1yNDyL!fXN#%EaD>RoX%8`^)VU^P2Zy(EG
zX-Q%2h1BonPP07Q1(>o<dG=GC=%#18&aVY)0EtP61bW;3dQC>d@QF7jCdicTFx@uq
zg)kS&XO_2>i-EF=(dj=*)4Q2*<ul7eUXwzxc$;Qr&U}KFb<Q=Dpq~l&RAJ?ieb?4{
z_R;vay{22x>*fsW+QNM17!TOu$7QPo{&g`0*-u4VoC=>FzP9>xx>5`m9Gd-DTB2)A
zPD%FFd@)a;_T|(WqJqg0i2~{;n%A1U(+mBQeO~B_$S!+Bhgz%dI9{_6FVWt*byQuC
zn=t9%Z@|Fc+|jB;N71J(-3W$9$aGGVGR{-bQ4W@~aD#^6@GYuIs&{Jf7ehb{u1AN-
z7w18J$e<_|RX8Uzc-hKTL}nzx;%J=5QCvO_?bal9%!81Y+#vUOQ<U}wqPc?ut$zdP
zGMxFGXnaKA4&6~X6X!o^>piV;K|$ZB0;GFB4yg)w>+a7uV%zYS9u)!U9R>lXdlemh
z0)KixyA!iE7`Lzp5&8)DAb|^mb7=0d>){_nJe6n`veThKk?@TE>AE&r=Y=LJKFp~n
zxp)J?_)K@7jXC3@YRs(1k$el`i+$WIC>!Rj?*Q)O@+x4If6^rBXVY@yF1n$f-9M1b
zJvIV?n%#d3swJw-&b?w)nO$ZiSZ?+~l$ZVX6UCPwlIjELb^V^r>QJ89OTv?|`Uz|$
zPkuGI2q?Sl(;&<K*bRqmvi*A7*i=#m<qgph9Ln|14P{x_hOGs>FNJB2$kN)(Ie!)W
znKm|y)k0t^_yfoeQ~DYwks*o8_$8KEk9UH!y-b+o5oQ7Ztx2Q7YOJ;7m9__sOEZ*b
z!k`*6S{x<YbQo~|rZ-_Cb=tz21BH2MUEAoJC%!nqzascl0yS4)h13c0<0w|&sC(X<
z(=db#RR#95#|8Ey`<1JY9hHi*tS}H*>5rwGSX+R3l~+%5N~|r_N)@N>wE|f}baAN;
z#!70IPk-j7Lt7YlYCo%MTs)ACgtnl{NYWL*t~8<ai-DTW(1Xnk3q#}SBdrft<&m0?
z-Hwez`D+G4xSrX|OOyOIqk@8|rngV3isH{X5y(oGhN&ZI@e(4_KAtHSnfB_HgsanV
z58tUfNcN_Oj87Y1FKv*TbB4<0m9NVR3EPBgS}0ps><uS_H$0SWOAf!$%TaIPw<l7<
zDT5FoXMUn>(eJ->eP4E_*YfC9t!j=qnGUqMvDMcsZz(IR&$)_?VOlRUTZnteYCTGK
zYL6*C<NPdMrU3gv%6k$%Ixz3{HD!vIy^5u>Rp2p2?-;Sp7^rw`_*8%uTvKcYl#)Y1
z{!%3aR0?#JmPQIC@HgU=f`Zu1+#kE}OQ97N&{9%z^3pO==nIcp|8;Z;oR6h5xIlWe
z0Gf-X@pl6FhgZS>@oM`>mi2=`)sgq(6q$MgZ>ozj4fMZWjlj~;Ywi?~)R>L2GY;T;
z#1tm;L25(sh&zlRr3LKw(=h|6+wCjWK!WqYFABt^N~_=cbT9A!kcmR~lcPH|B|Px0
zX9kkddGlh{4V-RJASnO=nxYza9<uSAWRJHrGqO2EGg3t>CE!a&TKXTxEh-+i;)9S5
zLiNZ?y64p$lP(B#j+ce)i=>#MOPOZ+V=8-czQChyRfZCtbeML6n#&)<mu7$4`FieN
z&sJTs@n+DOZEe0GuiFs`f+hp>GPUD=3choS_0g}R7;Jp+CEJR~tj^@<w^tBjU3MGQ
z==37d_r=tWh`FhxnOHuYzpa%R&E+!PLe}N(TCPApMQ5YpsfBZ(na`S+;>~xm?P)UQ
zvKqMf56(Pty_r>0tWwn7eyq(G+;%h)mLk^5OFtByx)LJqnxrgLgi>N*?RCsbj<lvP
zNMw$=_kwY<J|e$%1fEav*c$`y>XKC=THhG$1-OnDU(L?!;q(}F?$}FR0F({2IQxf6
zWhk~Lc-l+sc-BWS*rD*CumvmPLGtO6-GV$z+JSroA&Vffu=dL^;af06dVG7Fog}pD
zv`wqI8jpkZO~<YLzG;^@J&B$iNIgX%Bl(P;kIoGbBuvz!Ja1($pFOudj@A2;0>6s7
zZb8#2hlB2w`igt5sUiUVWFnWo%LErdnvcqo3gHg^PTZ?3S1z2BJ4+kpw*0iju?%k-
z+byEUe32dyI{!8jJe>sZlyijBcdTlZcgqE(1e*7xvpdKReg4|ELmp7(Hfe}t<`8>0
zI}(+#IPbd3!J8*hn?FF+rcNLC%5daWy|cHUubW!D%J8cVPO_G$i0<fRv(waUQ+&Cm
z&1q#*2`mkbUMEVu6Ohl7R<dz0T7}haSv2Z^#XMA9w{o&2u@q7_1~LWdU!>!DuB@^<
zaZV0y8;=RxerIFn^6i12p8xH;gs}p|l5|X#Wf1Yc1e@aS2F)J>r0Y0m&#~s~qqr@%
zoUSI-APZ2N$%7bDMCP5k9z91EOc%fKpJrZ<H42(aZEjHYX!&<U=mpLze9}Hex<HR9
zrpc@}x@iUtHIML5vwe%4c47*dAB)8cA5Q~c>Sf?6_^>6;gIBtrx3<RydckPUSs6C&
z#Yie*ZW9*6@bbBQ#{QLP%Ka+KI3hmwNc*ZX$^)sh7b5q3Y;^UoA0hg$0ou}K1>cv^
z;9&lgvrjZabr`cX=HEn$KDFE3<}dR294^PVEq32+-dy^UC&K}*$-;GB0X!jFkd@+J
zRuW_cm-4ec2}y&pBP9={6S#E3`rqYV{dPqp;JREu*wH43C0&_L`aqkgUK*fZ<j<!S
zuZa7-xo&c|c4dYC1zgt_xUq5Vy}IdefV%!>M_6T+bM4CA+SV56Bnf?M75>x7J=d}%
zF!l8TLA-ce$)?XRK08mSTDm!gEpL=v8BB~UJQIyLB0FY-SYZ#8ZXT1F@VZuxu@d;z
z+_cOBybSB{j$CdeBnzx(WHuR20Ea#5%IO3`y$`+0;D_$h9=S%~nck%?-j7$(DC$36
ze7AQ!4(_NAWH%>t`85gULyF@WxrbsNC*crrz4K``$7uMS=5n>y(k(5p!PGaQjT%|<
zm%~UcOgN}Av92LGh6vw{J`_R(zF}b}cb4Wi&Wk_4W&9`b8oD$k)KH>IP_j&m(zsq?
zf*QR`7}=hy(tIEGC}U19VN%WigpmoQiV{FEfa%0pfV4bxG$81DhRt@w!w{NRFMo{B
nez-J(_oE^}P@^uhkee0Xwi2tL*YDDoGBH4cw`hR?T>ifS@h&$J

literal 0
HcmV?d00001

diff --git a/karaf-assembly/src/main/resources/etc/idscp2/client-truststore_new.jks b/karaf-assembly/src/main/resources/etc/idscp2/client-truststore_new.jks
deleted file mode 100644
index 998f04c7d601ba0540b4d4d15fe86bdcb7af0bbf..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1974
zcmezO_TO6u1_mZLW=c+EU|`Jf5m7g0V2#i-HLzr0V9qvZVoo<`V)9?W%*4pV#L2LU
z@x9*Bv>WXPylk9WZ60mkc^Mg5Ss4tR47m+B*_cCF*o2u}Tn&W{1VJ1w9xk_{#L~Qs
z{It{}LpcK(kRUUUsHaP?LQsBwi9$$fafyPnqk@rvp@o5*IIp3Fp@FfXp_!qPfl-t=
zuQ8BoWCrC@#f~OMC1j^FvNA9?G4eAQG%<29H8C<WY?5tN?)^5Q*D*0+%@qazhG|QD
zqy@Hr@PA{%c`KBAiqOI>vpkK@<?@GzH*|O}5KMY{Sina0&jg>{zD!3f<TUMmtq<~_
zT-+~h!uwaet9;I*o9Ds=1(zJ(rJwyH;Jv)wW1orZ+#a0O-27+71BUVgi(Z%S?Ob-r
zXKz8w?wMkhECNNVGjv3pWbRC!@Z?=&Wmvg^*NrtT{hKHEy|Yp_-|y37-EzrY$8|r`
zd>L8WmPNPq_~x&Fw@qo$5yw>f^<FE!$;&;sTP1t-^dg(dS-HPdKHL`;C_7QZ!}u<K
z)twKMN;h2$f3l``pO$gS<wmtWY36U2zLYH4XQ<-fVj{7le7V=eU9n8ej0}v66Aa=E
zWPx!d%f}+dA~OB?n{ZE-?w+*t$KgB6_{$c2NS<II50X}9kuVTzz^;HFq(GRF@jnZz
z0W**?;06isv#<bDk{fay0Fw_e4j36an3bnx9s70Sl1AY+_Vo3?s?FuTc4e_Bt#0E@
zsf)g?cGhuD@|-7(^`W;d_wQHtZIwE3PdWYnvu7L5e+=xjP+z=w_i^I{Ul-?p=9UiS
z9S=U2n>z%Zipp*lu$0)ca^by}UFXjJ-QyZ?{>+ZV)9WPPWv_2jS{fCjs&lH-W0AJn
z^d`@i3n>%5^?q;5x~aP$C}VQp@AKi}X;aJWgPVg@UHk&fq9!lNkFaBXHhY0NA8+i_
z0|h1%t(fN-%nR$yK6gH$%}Ddu&jpRiqF$e_G?cswTARIFYr)q`)f4V%ADcNjK_c{Q
z_q-7GTP|1ZCae^(R(4Tf{QLLpf@vwwp0dPEJAHcYPH;|SEiO$0XT+SFY+JMu8SxV^
zBfbM>#A}d@$jFEsg4{I8fF{5U2+Vv2MwZ|VXcA@MKtv{&F^~erGcc12gEBcde+QQ)
z!Lm4^?6+E_C(QqrT35-%gSVdjJEkXlX2wb9;|r=H&qqG5@jDQwm3?>1vkmJM4k%n(
zWv&{pG$U!(o-1X4P89uFp5kG)-PAZD(@k=FV1bFvhNg&8W6iMqlh41(Dg6<-eZFGO
zN~O6gqQ3`)HTed1&Qp6Y(r*y`BceUJ`C-GRNBlWeWeayq(t8#haQL8tV;V2-&qF^h
zo0Pr35$7su*`aXqw@F9hk+cPe1tJctZOfML_ddntp6}9fIC9deG*Ly7N>#??wqo-l
z84qW^R&lRtdE3}~<fpfHX*VZVh+ui+ZJ~Vud$Zf7{z}W=V(;q5y<UnxFkDLe{hl{5
z*A|(7oI3xMSFypix33}DuknLH<6EQ*c)I8Kw${oO%F9lRt`-l_f0pVT`+~9z*k)i3
z%8l|Y1_pWtIt#QGXtb$il#~=$>FXyK<>)157N;ibrNN7Cy_8h_%#>n1pqxPn8;3R<
zu*_#?WMuI$a5Hd$@eP>TETCqj<d^5=<R=1kU^A%*Sn?+)CZ`sa0E>MyJrDyeHG|6o
z!KqSj-)zyd{agKa!QYw;4yWw+wJm3*g11jl;{112E#n$j-WJx6t=(6%)q*aUGGw#;
zy5KBQD;fNflWV%jv40{$Cu%Mn59m$5oqTVV=eg`$_O5mFERRlnzrL02cVNM#Bj2{L
zt8KjXc+FOed5P!u`?=4S4b1Y%-??DNvK1R{JxO@1*&4G}H&rvC`l;9g`I=)%Z~u9)
zG}_O%emwg|cZGCR_eZxl%g_5C^<^ZTee+9vMniO0Y-gh0r`;LVbKcZFJ($0dnWyoe
zYrYYqA=e$%<_Ut+7Vmn}bu&WYORM6`YKBXK_xC*O*&X-8P$I!$Zrc3ySu?wxy5@h*
jKJsPXQbv^>U)0#*vbc9$N>rMBDW~+|HRjd{yhWM-qpIG&

diff --git a/karaf-assembly/src/main/resources/etc/idscp2/client-truststore_new.p12 b/karaf-assembly/src/main/resources/etc/idscp2/client-truststore_new.p12
new file mode 100644
index 0000000000000000000000000000000000000000..0791c1d13bd74468f1a7f3b97338405cb598c3bc
GIT binary patch
literal 2266
zcmV<02qpJ0f(X_E0Ru3C2#*E{Duzgg_YDCD0ic2ifCPdFd@zCtcrbzpbOs43hDe6@
z4FLxRpn?cxFoFnS0s#Opf(Tj$2`Yw2hW8Bt2LUiC1_~;MNQU<f0So~KFdGCE-S2Vh
zK<K6di`MQl#{Ln@vpz9d0s{cUP=JC6AgYOqC|w`W>6ElAa`h9M-QE164`|dDI`^_w
zv7)jKo}Z>9G1`82I#88lDYdC~RTM$_UOXK_om$q&a@9NFKWfhEG}%5gmZfsN1W5T!
z(3dUyQ$g{~HCA|cBITwz(&(Xmk7@L`o*xLNdEUOTE=e}}39460qG8_l-ZM@N>PPlH
zN0f2ywXGRIE*~|OY%F@5g+5NlSrQ9DU~1@Lm%S?M$1KqFN~|(w9ds4V8=`D%k&_aL
zPdVQ#5WXv(P6Yw_#*lhbVDL6Nw(pu0AQX8AsNhgHpmLT*n;D5V?|bRjQx)LYC$|&$
zbbRg#Ik;aUWhvOmsbOv0uC?OHy)3C!^EOx!l@|Pe_?Uii@tCT8_=NKW^Jdf(Wg!a0
z%rt&51d;gM)^q8kg*`+dqYXZ+t+JmQihya5lfQgPPgiT0P=lf=e{kKrBXcz>*(a0)
zTdf-{q{>-(Mymwk<<pzW@vO8bnGiQ?gPZZO?SH(v<+JUF%60^6W*{e`KN*u?L0x`K
z8YmP>N;dd5%=TYg*+PnP5&)$$u|&<0{wRG~w#$|K^>-c1`j*eNQ5S!hyoYH!zr~~P
zHjK@@Y!Wm3#0e`nitpNww_N*@UYU*=U#KdShEphxL;2W>thxNNuhq$@v#@8`+umD6
z!aS=MmH{6amgnk99CEIx{^pHd|LRr8pXEpCCcbs+Y%oisXNb|Y{r_Wc|JSWzsdM2z
z5;VpNY;YfDU`3F-uM-hoXx9bmje86|Ng|sCO$qGOa>Y_7;qz1Eg~NIH7j3{CPU+xc
z&AIGI>MCmVgOo=AtH<2XL@`JrVzq3RuB^4RkS7!O)D9axqdPg$0+qmqr}X`j^^iUK
zBkf$77iBOOL#&QFmA5pw>LL+@tiPgaN++AJTBWU!Oxs`96^P$L?>-A-O~1hQEvIX>
zmm<7R2+|19Pk0KoL*puUn);p8CbD*#hJOoLBvFsj-_QXI8i~MwS*nIjS?S%l(Uyh6
zVDbUg08lz+bNnm{ln0BU+XDU92SVA+Bh84It#wU2DK^l38Pg5u2u-K9WG%JrNR_9Y
z)PWdKN5kOgCe;5~NXRvCnGvOxSOScD-1eduvgC&WOIGa0uJ^Ks$l(<!nK63P;xJA@
zRsZR9wQIW1H+q4HEmZgH(BtV);G1tbs;!^<rDbE2WlHk?Dql5VXSrbvd(3vrlt1cX
zn&*0bS9>S>JdkXGg<Bmix6pYl4e<kbiK@O?cjAG-#~|vgDm~)HV3SPGV{N@#?Y_B^
zp%K(~w9JD8wDQVV`|zhXZuL$7oyhL19X0l)6_H9xYL95Ue&k#f1Zcxd`__b5xrWvs
zH@oL^uLwWVd|NCRyzL*82cNiW2o#qR-%SwWL0@dK554a|Zi#WV)@Dy_P-;{iMiJZ;
z1ABby{k;mlxB6G8KpzD7e@GEPyyE*Ko00SJ{PS?vvw`5wdT?xA^~tR!(U+4a64bYL
zd>-wfHE}~79U+82uqw0ZAMN|R;q5)A4YTgGKR<UL3*w5sCyV*<$l;{2sb#4u1l>In
zq+DD$UdHYu#zwh!_<h9V=Cs84aaK#M46ag@Cq5KnS3@7pmfg#bpKM*x=+J-+EVJa=
z0Z^k9XutJiUH_AOUy=8Lc+*6JOl!}&N5EISMeQEK8Pp|YC}ac5VlGSg91fvud{>Y|
zin``Fb)>*u+>a!$#+znRxIuDPJx&}PIcYB4R)7WNovtK%ua!kZtdCLehAC)iy@xiU
zF~&6;lv%lA%|gXd4Rq#!$EcD>x_&#)lU(toVkq5cs7l?2LUbm#2I)N!G>pE%qwGEA
zOXTPOfD;<>C&j+2s@Wk$2s8z3vi$;F!0FL!>_eWJg07?Y;Nt5v!vuRi{2<*_3|Q%g
zC0dsazU^8B9L~f{Q)mR{F#(PPFP1Y8=r_d+sOK=z^-XhVLspFxJ*8ne#5>JuNQ0oa
z&J6d-p%R%mcP$Z&%_wRJYk!p0-OU^b2(k$c{tcFlDDjr+Pwym9@ZP)gXdPqf$5Pvp
z%^8};Df=U}h3$feNQaKxHgP@LtrA|f*r2J)f*q@?A!EFqEybX?>K<3GZ{;PXaRi_S
zt_)`t1g4`i4V4e`nQ%*7qL;M~)r{x;n)^m|d|suf{;f+fG%vC%u8M*8saUUuQ+Mf2
zN~w)MwZB1lFXi}S=7XXvJ9%`>Wd%NtXZQ}M1dK$pc~%_6QA0sz!0Rr7taG?$TiWt6
zQnh>;u!{`%$(4(tEQ|wD*4xxWQwRAVaao-`r9;{0o62~pj{G%hgYImAuBl+4qn*1q
z)w0ZCh9e2Cx<0&VQ)V>I8x}-me{V6Ets2>g!J#KP1aLB9&@LI9Uf2C24|$^6mAD=-
zl`%RHFx}>(aQ$Rd6iHRx--!C09SUrr`a(zUAtCNdph^SQl$0Mze7T<=pz&y>)T&~Z
zXNw)#U8RQmdq;E<405_ZeY>p!&la%`>7Rw7g-N_TZe09vu(p8id=1;S9{Iyt{47_F
zVB6i+Z>DteknDqc)`Y<0=Zf#$D1gKasno?eKx&#p+y0AIUn7MLJB0&-dATqp1U<aN
zEaI1l%#Q07AXaj^ucwccC5UD{TqlX@8l|e#d_$nY&{hP~MbJm*c0OVNmnRU%s=z~N
z8fO#TyTqf!VVkVPQt+ncW)GYeS%P@y`T+Sms+yUUDp_V$Vm}vf7~-pXen=@(rT1;m
zJrkF)u<A611nsBxCg}DFE|T&Hnbm#$sW3h;AutIB1uG5%0vZJX1Qfg*DLg)vRMa>v
om%xfVy%H3(jb8*5b%|(-C;$1l>4D}SB9CK}(`Xa*0s{etpcWBU(EtDd

literal 0
HcmV?d00001

diff --git a/karaf-assembly/src/main/resources/etc/jetty.xml b/karaf-assembly/src/main/resources/etc/jetty.xml
index 98e1ca6a5..626e0e4f4 100644
--- a/karaf-assembly/src/main/resources/etc/jetty.xml
+++ b/karaf-assembly/src/main/resources/etc/jetty.xml
@@ -26,10 +26,10 @@
   <!-- Use our own Acme-enhanced SslContextFacctory instead of standard org.eclipse.jetty.util.ssl.SslContextFactory -->
   <New id="sslContextFactory" class="de.fhg.aisec.ids.dynamictls.AcmeSslContextFactory">
     <Set name="KeyStorePath">
-      <SystemProperty name="karaf.home"/>/etc/tls-webconsole/keystore_latest.jks
+      <SystemProperty name="karaf.home"/>/etc/tls-webconsole/keystore_latest.p12
     </Set>
-    <Set name="KeyStorePassword">ids</Set>
-    <Set name="KeyManagerPassword">ids</Set>
+    <Set name="KeyStorePassword">password</Set>
+    <Set name="KeyManagerPassword">password</Set>
     <Set name="EndpointIdentificationAlgorithm"/>
 
     <!-- Recent bad/weak protocols and ciphers, taken from defaults in org.eclipse.jetty.util.ssl.SslContextFactory -->
diff --git a/karaf-assembly/src/main/resources/etc/tls-webconsole/keystore_latest.jks b/karaf-assembly/src/main/resources/etc/tls-webconsole/keystore_latest.jks
deleted file mode 100644
index bd19b8f5c0b2c5fd6a92e95e34065036fbfd9bb3..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 5239
zcmai&2T&ACx5qcLWXXtx1tcjfvrCXDQGz4|BnjfOtbl;PE>S^XC5U7Y5kyHM5+w;J
zAQB}@Fn|&y2SIX@^nq9JyZ3vq>ebX#_31g?=S)xc@83Q93;PQo5D0R3gMZyn2V2r%
z*(N+P`#A_i83K?g$p9UK>NElj1D}F0fWdGOj7)iBQeVZ*IAf;^ozoC0WNBt+oB2J@
z;3B0T(;j<bZ{DqfEZ9WK`M3|%UX(Oq3pM7{MnB~h{3>QRxZ3*C*wuUsHiB5k?;B5O
zMJaN_q#Ivl-&6PyxGH&J>vr?N_s4ILPLypb1-M%M<FjIzfk8eiY^}%xZRNI!cI;fD
z?jHT^vyEuG<4j>|xd;UoCS`LK%suxh^~$j?5<`<F*&1H&2UESB)w=zf{PH<yzj18f
zu$&`Va_Iv(qw!+6tFlRi7h~0~xh9G8HphW^D-&x`VL@mzho|3@i7DR&)k^uSeoC8o
zPHJzPXLE0QTQaO08k3}+^#4Rbbc@P2D^%+~aI!#r@fQ@K@->+0;k#?HC(&%wdpZoh
zPgG^fAJNT7EL{mLG<CNktcJrO&7Z8jOZjI-7P!Ov>mHnMnq1{U-ld^7+jwohU{!Y4
z+ara~^k=GK+wp`0*#`OPuNSF`U0+ju&VQG;>l^6u$}8uk7rlyXpr2!<>0B&z&&QFH
zO^c~&26kGSMrDE2%k2+8)tB_3>$E?INX!LQ9I$aQNztFIqaS8_dLn%E;)fgl#qsOa
z$I@btRpnXNY8tP%nHQ9XVhdatpf?5<3$xFa?YDSlW;2rm>`%}Uy5SHnx{f?@|Bu|L
z`z1l_eEYr4=|;7R(F}Xxh3*gNib_%`XndEVx!0e4zU=Sk<~3Ayh1k%a+V8H<EHvSL
zR!Z=ZK*j8c;d;B?qNNq(hbP;Y$9=hP=|`O|)t9*_WT;d(eBB98{1B+B`Mr3Ws5Zq>
z@6zQ#6H>7VmA55xWX%jQ71tKOKjkV`IMas=+$;=euaOpzDIL+gpyJ6G74cS~Nv<at
z&~&r=R2;goTh>I0NVf`L?JJ7*_ACv)?bN|>uA@>fSs_b@tBoPqc5<~twoxGUz{qPT
z$D^xtaB0c7MO>QV9?|+!ajw9C)f4tK;i&cJy*v3l?yYHv^Sp7Ub?mNFP7OJ2-A1qK
z#Jq!qr|2p{7UKOZ49pUnt*^C=C+()XH9Th~kf%I73#^Sti-k;GE_m5`eV)G_b8R+p
z?#kG@K6U+Q;r8fYq0*>Tm0@3T>GkWuG8{1@a|w%YiT1o^j<%uCtZ)Y3ettoJ8M>O<
z_J|)QDh_Xo3op6sn*$TTf2qzOUAg-$wOoV=t9+)Q*?ut!vLB^9ZS7=&`=p^NV(-|c
zch7Wy!<^CGuw1Tw#fS^arr~uXSbZjeKgE@C84r6^5(@R-)^|FYllGk*G@7d=QnF#4
z>H<;HmgTtnxHQx<sjMVQm}P8xy6VAr4f*DPeW$%{zBV~2@f(<PD<KkD#~m!u)REK>
zwNV=Jwf)h&9|1RGb4hP_Fw@IT5U#5g8}S8M#d-k#vbcB-M@Pu$?nZdDuI2=Qe!9e3
zd@Csbx@p%>BTDsJH^afyMcucq6;sz^xL|$zZo$)qDfhw)MV0KFDhk%yMK44WxvOcd
zW<6hAl8qUup%J(~y%c_pJT@yVaKgR%n9d6KU=Zm*EQBvuj<Ca<>#1SQ%-C?LKS<A@
z>(hLJ)Y|!A|Gjzjc*n1IXV+<KrefX<#D;Cq%C52a2gzN_STwq+=bM(AyD|7P*OkmZ
zB0LlMBByJ>i=KJY>z0XKDyYoN=w!QmONk*ZQSgGolmUgPPOOt2I}0(YI&Qis$q_Ds
zZ}g`gkh0MhZ7$#5obM35>i3;}Ya-w}6F(1Qdm=+~joGk)p5^fYPP`Z8*`{fovG-o6
zzMJx4{tGhYri@zMV&frF^3pI`MC7Y?uFfqcQV=aF3*j=MWfCY~baaM!sE|kS*?X+*
zsAg*MSt!RROA6U2%FC2taw#mZQRP)mkDpXC2+ta_z$gBXGJDD;2{hPpjS{8ekE0Fn
zm?1#~>Vj|A_AtL%tI!YX!REy^LeM9%(sfS$uwb5dX<P#0!rvdpMC3DAJxnu0-MXzD
zIgZ>Sn4lvE3>*amcu3rY8_xxFiZlFJGT0&)mI~FZxRAacS|hJ)^7K;_gX^fkNq)Cp
z{UE$Pb;q#c_5#rv2Tz(X)HV#$Ci2PLj<#;E7dX%TR?g~Trp7+>Mxm+7nh+1W^w>MC
zeczJo)m~(Zp~nqe^+~nl3*Dat^`wvOp4OB~Wq6_(*E!@6=PzWsm3cmloE9BRk-Yb4
zZ#DgxT@D{3(z!)GgwuGNffxCdSNfKB%iff~S~qJatvzt#+K%Y5S!-p>mSi8kEN7L4
zq)efzuK$u!_8#;^^){*Oa>s|CYDLSif&}6^^++y=d@u9kTxI3#I()3pjV2Pr)$3mB
z@O;c0^qs^xh_)TJhUGBz$W5}DydPm=!!YeI$+Oq&81s&|W`%uIUGY`FvU9#k9TBH?
zOZilF#%4*7YESrna!O^ZFiV`R7e77CPJDeV2hyBC$Nxri$0p&+@Tr`G%{bBO*k1C}
zmK<KbVYL-@+y;fC`7vusC7P>uU%dZpbsux!rmHCX7=_A{^vQm2TU3u=2)iY@h7|o#
zx#jd0c9yA=Q(NS6U&SRwGu@Yo>z^5QWlIO7S-V$|x`We096aS8MG4*W0<C$PETQcV
z%5y<-oD8h9R$P0{?Q=Fc<pTaY6hU%+Y_;F^>yYNibvT+YGe7c+edFzjt#f-2x^*PL
z&Eag(GjV%z@M<t4=A5=Qb?J~*MJSxTD$|goId#)kWS#pJkFSknx6|IYNujQ_?{GJ<
zcl0L)ozI4G&`*1}vb8fxTK5dyVcLgmNwy*#(lxj)LXXRp#M-Asn3eH*cgZN6-Sk(V
zPl3i8MqS8@fJxEBES;OQ9MylxtWXbb86?wz%_A&6u3+vA3rHwetIj0AUNl;?S6;3(
z;A35RGi#L|g!U>Dhz4g7Isz_r)wH##3&(rV^<FrAx|=&dm0Kl4d0KqOy^(TgWNHaN
z|AKiK@S3r$dcfbJszv9!Pm?`G$`r^A9AMoJZ#pAd9y8uEFRAJza0f%5tje6s+P7!z
z-Vy0o#b>iM78ZH3Hr13%E{WcN9+_^rM!m|xK9c=@+-#LOL$YM<fqG1O=KgNwB_`u(
zn$D*lN`w!in%v78ZCvyw?HH49k(O{zGf}Hdll=*WF+-}p))cg5V({o(shNCg+3^rh
zTS>kSZCf4v{fRicIlnRNYcSywj-}|Kg690NZV!L*;FYw8goN3Q>^wu=Iy#(-D)Ro!
z<;7MqPKoh*2v1_pDWO8&Ut2V|8CnXE1%VLe02y%!Aj1{Ypb#(w!UQ__Hhb~TqK;(Y
zV?Os5*OE@Z34j(sc`8IJWRn&QriOz69t;<70s*}QgVHeDV_jW+Q1)27BY}vzhI1sK
z)Kma&Hd>4fAPGodFp@G-vKGJ0GXVCt39w+80ES;3Fi|<V;Bii9dl!;BK!))BGt}Yc
z5K4y7gAVJdAY=#_RA`GK`(1n<MEebVurYv|L>7jQol(6j;hf}#qB2qlAayk96(Ft+
z@HxV>%LS<hq`q{R3{ymx$B#&)S73AWTj&Wxp@okL{KrD?fGGQiys1_ocP5PUS^N5%
zH0)oljX&w!=#O$Xx0}0;wPJA1<RsAfh;<rgWL=xdqhsXV@{Bk?123mCcZZ;&io+bK
z7B9tpU_<OHJ$=8fDfeo)t+C-%2<Jn7*5Qs1$WNNvnpQ=sycQI7T{WHXq(HsP5?IX{
z6+y)AZSiB^snC<lOAGpR2g334>_wKQt)gL77PSr^uB$}6ZQvf6qK2{1+=T3Ut<)Ml
zc`fMhmOALA@ENzCQ?<|gr>{OQP@K7E)jOBM0^&U288ea<P~cgC*D`m>Y0Vm>t3%>3
zPk%%dmZ4L^R?oY9kZ0be>{U-6pQ8MUY^3bUe@c<AZC%A2;`7KTaFmAG@H*`%cJ%ZQ
zW1V(CF2z*M;dzKcq{{Gj!6L~jK)2=OkKDw9hxd-Va0oKyM=*_szmcm94lo@;lmx!S
zD^V52D1^MUig`IVKU!*Wy0eHie_?)GLHf!iyLuX)k6jd5@3ybDLNp&MU0E8bXtF4C
zF^@iDAtjfG#a1n<gsBF9iC)Ghx2loOT~A9LXH@IIb{FKs^!2N?SRZR@|7=@=S25xW
za$g|SyuMfj4uOI};7l?k?r=s#9iAhgm$>M`-~$*83W28qTt~J5j1^!;AP)~1a5x1N
z{C5cg&>THxI&y~qpue2yV5~6a@$O<&j12p3_7f8Yg#rd_xQo>uz;oox4`T;d1DJQb
z4H&ntvfL3(W%HLjUW%5UQwalX|MUz7!^{8^fbWkDfJ0dA-Q8W~#Kke#Gic!O!pKPi
z09G6T{`P@{oc!%$<Kp3DOCZWgN=g9YIJ`4K+<`>$AP~jy1fn~@a+C%Gj1Hh7|8t!P
z9aZzdPyjc;nZ}XE{&z%zH_qABiGaqtIE&+nP5|!65e2gV%m5?;VHZdPhJXQG1oRXX
z2Aun!oFQP=KRN%a2UpVJK>Qv{2n1lFVNiELncCyrQO5Qz9w<`>r^7W1hW$Rzee!|8
zAh5u7Sl|k13FHYHN|M~onm!rOYGUsfD4B%RF45k6>CpeKI#0>6ZuN%kUkAfyogfel
z3ep75L3lwAPm#2LfZqXgERM}#RzAjE`gLIB3V*^6NV?QiU9&6%r90>LGHaxgKwZY}
z3$+RAZH~LeEO)lKt<zg37h+kHdl;8>#-Xk!VeWIoRwBpvk|%gGVzm4*=D8tz`5k}E
za~9<9xLtq8McMCmIPQ;}eB4r7ef+UTdU3B}Id1_Y%Fcf)zXJ(PDL%|>Ut~8h?XAMo
z{pjW4v-}5mpVZV%K4g!Ai1foO<yl+0e{$;(kx()i3@VMlCEBxvyZL}((YwCZZCs2z
zk}6Ng+e5t-W?!B?S8bfk?x7;7omqC}av0R#a22ojfAw6Bc=buJr!OKg9o?aGJW?;{
zmb*Om{X&RUla2hk!=r7VhDS~|+}9`TJK^2I9or=I@yhxQv5`TShdY>grKK&NV);w5
z!h|ox38AX3YZlRql8dPC92-&LMit?C2D~P#+GpoOS9Mnq9bQ4@b!w`jk@Q;2Ysc{G
z(*D<ApYH}s7wDv5I28r(;ku*oW)p6Lr}Jm>*qUf2&v8V*Sth&2uVD>r3(L{xCsrF7
zBT!;$6XmkEZFlcS+?*bdMjQ5!0@g5$%Qdv`<w&4E8Uxb?$gpz&87lUd#y}V?{%gE|
z(-;xpXj&gi3JQ<IJ32YsutVXAKCbRAc0`=3{U32LG%zs!B`?x|1QrWmCC^A<59I}m
zIW#f9&HrDY$l(7iG~gql0Urv@;g_qY()3A&H!+rYvEe0|KD%y9*Cq|yECVfGdYaC2
zZz0LgT6?N4K7fy4`*bAm_di4>4?cQR7Gmh>_u{LeO8u^J*Mke=3gtwRyLTI*wkIis
zXzJIl*)4fK=o_+m-?PRM`F7#z=ej%BihDaX#3VDXFh_+X<Ydm<l$+ErCi8M68)<1K
ziGeP|7^_G2hWU|K<}(^Z1>+%)EPR$J>Aw}XpJ&mrl&*%o`<ND;krfK+Yl*yIj=J1r
zLffiE&xS275Geu{uu_{lA<;1ggFf5QJC^!>I(Iln6PDeGPa3uu?~fQyIreQS1_sI7
zQq5W2Zq}oO=X@<X>#{VJZ>T7p_Zzfezrzvn0T_=c@{62E0C5P=LnZz<e8C}r{~t~q
z@{k0$0oXtGArA$Av(AA;v_rcSJxJ~jwrCeT$rbHjOSti?;)qy){NHULA>zN=;9Olv
z|8^56y12NL#BE9LM+H32TLSHR2LCT&&puW9@g!?%<>P0cs|xYY&?lo3a{=SOSf~f+
z{DXx`2<l(|qR1nM?*|3|0R1P2LniY5&H;az!ci<SZw%Ur;7%gk_%$)nE<`&(;iy+0
zm=quZVA90X#6nL0X+(7Tue{ZbjE`oonu?i(nxQWGh|j+y>z4}spCa?`ZPzcR<P9rs
zu))(fan0qo&K1RV079>HjJ7J+19ew=PK(Is`FleLvsKHay(e!9%C&H590)fBEvm+7
z=(U=uQ-v2TI`38@nkE9H71$TTts0QK54M6h`U_L_^M#mQs#(q^evL16ZKGhhXSc!N
zAN{)i#UcYoZ%8cU)P(F-KaJbz3-}6ReHGVtE{CC4bZ;U~(3!;6S5+zVvFS2DT0WC=
zDlJ!2?kA2x%##fCUsM1xA;-CLw)N&8a9WGWcnr4ZqQ3W4(t1yd&-v%8#<D5$4~0CF
zI~LzHP<uK3nHJN={0U83NNG%m7xMuc!mPc{Bw}!e{ma(^sM$Rq%EijpZ=Ew2x0qFL
T;Wm%m3f#O&ofx>0at!_-pcl!Y

diff --git a/karaf-assembly/src/main/resources/etc/tls-webconsole/keystore_latest.p12 b/karaf-assembly/src/main/resources/etc/tls-webconsole/keystore_latest.p12
new file mode 100644
index 0000000000000000000000000000000000000000..41b1fa9478b88bf576d9f2a68469017a93eb2010
GIT binary patch
literal 5665
zcmY+IWl$6Vu*W&N<A9S6X^`%2I2!3tI65Sclsu2_P8E*s?k*9e^GNA#1VIt-`QE&k
z_hDyee!Khs{F~*2gJ@9!Xnb&TBqk1LBslV(0DuKRz{y9@;p9XAa33EWXZQb&a2C+v
zI5Yq7#J?KF#QX0nd|Uu30*({-5Bl+OVB-D{{ufS-PPSfZBmsTbY0goXAI=;H9O}-K
z5=BKr8Pffi1wI*|c;=8B$&yWL53}~-iyU`osq50oQ#S`wapvF+Lr4YZcMKH$rrefm
z9ynh<B`2;h44}-@r2vu`McIX^Q<D1{>!!XS^thJM%rjbxnDba}!{k(7^U_Y?dw#pt
z{5gkl=Bg^PYPdllfC8SNplp%nZl}y!^dpdbFUV@?I;5_M_Nw4H;ykW+7p=nfY_CR9
z0@)W#K%>RI;8OI>r<ab<4P}9)#bW86Tpm1PdZM9I<0(e%2<c)IAOKaD&qfqJ3-w%Y
z=l<})#Wd+wgLd!fB>Vs^3#4A(D&J!%2NmSOG4R-YRf7t;M+D!AO?#Ilskc-jb*8ag
z0<qj&=zsJ)&c1o=1MZsebC2X7$T)a8gORG{^Co67ra8?sEULEkODy%Z^Ir7QxJar%
zTNfXya@gcbz)wr+DKrmYUzI#;u+X&h%}Np@H{nF8!<1~yH4RxP336b<7^*u*dmlwq
z8}Q~Td7_`dj42a_Ng9skk7aRS`WV+g&Zt&U*z`P%RxEdONJ{ov%Gp)m;qSxzhlZQT
zyTy)<s+6bQ$LFyQ$xHndAdwQ$y$a9c=%~)U%tY~d>0Q}2zJRn5ems?5nlwInL&nCy
z?vy7ZWw!D|K@?44_G?&;27$&#)Lm@!*V(N#-KoV)z2zIf_Y*p}CBqC&`efNyz!R6T
zPC$*^uYSoqlKQ1yYy+gt;us+OwAgavs25x5iKx8iv2Xu4DKJO6iN<9yqJEDKkZ!YI
zxAlh!i)li9zuJKOQy8GT=+{-4{PO8#`wU4uM%dbMT=|n`_qb;J@dv0d{l*|3i3O@%
z=NLN}KXhl$O#inPmCtEPU!D6T_4AwePxjo&TCbL%N~<8^5R%}6eYz!`I9iKl$9AU)
zG}&89*7{=J^xauhK1RlBQ>_lt+YIEqZF1y_EMaXY=&*W2>A6&n<4;vVWBOsWY`wX>
zvIq7xj5oEW9B0r|s{_A*AACjQu|7SFk#gRsLB8C4ij_6&eG4XBjtCv-FwEhuX@RbN
z$%R#4dv61UZ=sF{8J;V-o*Oldyy!Y@^BuxeiC!(QyXNW%ryV_9GWY6$5uKhHxMOy|
zv!_G&h{MP{_;s-joP@caVDG>Qh%Jh6Db4{J5?u`*7Dx5?`KB3JW0jZrt4T~3bNee2
z{z`PkL-5wphEO$BaVp+971pcG-mHDwR=#gXFaH8Y^Bo*shjO|Cxl3)^dNI=qi{WU6
zIdHegO#H!FyW_WdN<<hIYU_M;3(AK}A0axv%8*z-*){H}=48WF6HoWD)9Uy&W^r0!
z4OMrLH&@GBtG&)gM(JPsf89$zKpJXo%Ng-0tk||K#G2^sb@m^5^c_dzw~N3H9lEUT
zbO)I6(H=%IlRq(Ek+qw;2usN>G7YQK02G1>cigxP;K`^@M{maL#{b%b@Px}sFj$6R
zKJKptg~1ef0Qo_Z*4?eLkFMskTNVqrhB!FyC;_J(%X<$>^wb0ukaxFU9LukaQQWP2
z3@RsI#?+hZf9zR%!{ROYgvqvw%CgIHfEs%Emqlo=_xVq4>Sc71iIB3m7VZ&E(@|{C
z1}HM$Dva@xhoZw&&fxddAdPBP3Q@%}pG3Wxhg<(Ev|`EmRG;sj+>VDh>8qVw3P_GT
zCQ%}o{fiuDcJ|gL+heyI&W7)Q4p15?UE^ce3mWx6W$B<lM6zC98m+0-1-vp!aZ+I6
zT)7*nji5MJ{lp|?xq;2%!x%@@AUYLH3YI>l41+wYT8mrBpgXGQm%U-43@Z!L-$&&#
zi~*dJ5A$c2?keJ6+420p1i6{=6hk<LD}S$_h#yvMAh$<k>j7;-g#M9HE~i>|)sXt_
z@#iG>iQ*C*%OH>1q^c%#ca7RXv-g4r_kduF7ieK-JAX1$6sTDmchAmug2uloO{s+3
zq3k9l#}yLZvhgq$DqQ^`%HD^Ep!ElBZ`<0!qGbBfZ?n}zO~}7drlm7Um2(SaT`3tz
z6;X<NDg>M=quz|KD%g<0SG^R`xSQU3p0p>GVY&1MTEX(}mb%*}#Zx?wB2WwQG{p11
zzQ7I%<oq!pq9`8cjgJ%L-|OmT*Z*mVG}KPtA9$!)_`U!`vjQ#pxM~IR#y3Uxn79)5
zdtJTNfIKDe?;Tq#(`yk-m;Jfo%4alZ57rD1p+QGVt`h}293ImkN}T;~R@4$jF7<E)
znrTc(nn(0@L<|2^gjVzhx6Assu{SU4E2f%T1W!lq3pc(73#FIMdQlf=od=Mt&Yxi&
zw^9!Sc*RnLn~qR%cVIKn+xV5kK&m{w^n4|xCsrsc^M!cb_b8pYj7{-J7kdNR)0E72
z$l7Y}#SVuu^`M;BaKOccGz*fa5_~JkqCsPHJS7hS3W`4w9Z*=3TNDH|<xe>KPAP|a
zeO6Uw`?Kv9${{B|;s6cOYJ>FmT}>^F5PuZ7?_skmG*Z0Kl#;!9S*<`v;a((fb*&=S
zFuMIU^u)LSr7gb}*z_E`{cl}<aMjK`(Zq+rDL+EHWF&L);Ap9A+{Sl%WY-^v*#)!Z
z2}dBT!8T8b7n9NxugQ_+)Hd&6MC6=jy@(wqnrwGKQcFKAQ5w0kFM;~m!<}gPck}K<
z1O}t`&Y;-X?~V)2h_9%p-y6vy2Py9&t2xulx`rCrIpU-4UKwpEQK>z+aInlV8G|cI
zG>EJ(BWl;8MirS~V3OOryk#vGUZWNHHFTSnU+E_^3>d{H=|a7mVK%Jz*y+C|A(AU$
ziGNq$B}*!VHL`l{;Y(*IhSTy8=^LMAgDVtIKtIc?(6`uy!2-$mdvTmg-+Rx4TTJ<J
zH`fLq#k=NPvU8{)tFG4+Ns=ljT+Ed=#kTx95KH4@4tB0|Zx#N1KQJL&=H@$TtTNbJ
zQI)qkir`k;-0V8ILDkv@pfafFDUR)T!i_}#0t8+o`bS<_lWrg)dtZ20_hedry{`;r
z#|u#1A)$PNSh!A=yW5HM=kWRL5(|R`=f^<YiC9X%k9|#*T8p1dmL`{`YUca~FZ>#3
zWmS>fqZI0aRA0@yXyRnnHw*L4$8SK|r}h!`qxz=iKUNkq1(teo-$}>1)2?S7^7;2X
ziEK=f(e}LBApJR;ph5WlDUQ}ED^VTz;`p?p`dor0OXGd&3$f%WuJ)SCmh7xXehEJE
z|5Y^{GJb42OcW;+TNE!o#{a|Q{AB1r11DEI27Y02F%bbietv#oL4H0s-opPbVPPWR
zc*FnD04f0GU+et83E=;^9p-<!-7EC~TjfCsLj(6#3myU|;`vMD=6|^z42}oG6nmK>
zI2?-IWgtoVV57bPoZS50#SGrd{zL0g^F(XWcF7(k()?LCb``LCP-H}{Dq*g}=2lO}
znD`@YPdFwfWI0uy2`cxuqu57z7p-|lnIkX*81BGJ#jfMTe+{W^<+-TyN`y|8Mc$%T
zh=SvWxj1hHv{*4E_Gw!Q`I3A68W9w<i=gn*<dZ_d#(;srfdn-MV^B6yGazy;g&%8Y
z=c`N4@3dWeNc@BLb@#LdRbIm1Fjg!w`wH8643w;r=tAO4{KI|78=;X0=K1WNr!0d+
zgFcWmt&`EJ96gcVUW%Wn<02!(LC`Jb=EWq$7eW{Uv!f$^B@D71OPPUmbjnS$uE%2?
zZRDPL9A1dzy&w$G=qCI?p614Vl$~x3lOV+S2*94$>(#rD1(Dgwng0T5yePG26(-p+
z$Vw~!kiT!q@<c?J?a1NCn!`LC>a`8v(tg}ei*>%@YtLt#j!b%|`XZpjAEeV+1xGhC
zx%u+o7o1rn@$Kpgc#d7fXwM1wi<E0Csx%n!q6|5F*q7w5Jf|3Y2!_*fQ1Nfh4Gg8W
zb_ZjG^EwGq2v7ykCQ7aI{O}z3tU>EJ)ejNlKi4tuTKQoUTcXv9mZZJ@nJ9Bd8qv?7
zABf^}iOQr^qkXh^os?<jX*TDva46O1+fFN`IqDXzII=zA`K<OzdkPO4Yz$_c&gBdg
z%HkBMlGpRrQ~>6EP_{PhHb0U02xYtl$o`-O$J}8wzW9cq#a*m=0%=rm7xfZ77s1-H
zIEk6Lo^pLDpCbmS!=E9r4j7N^#FV9YOI~mVoxkdE2R)qni;<Ua9}}*14<Zty^sMYe
zNquZZN)*UalTO^970M)qgFuFP&!&qf9o3BwPGs`rhAt^>ko(gjx&R)R9PR_Wx;6>z
z=>3PfV%3x*uh6q=#q?ywcLGjr_(8fNX00^XIo-|WaODP!qyuw#WLujU2C)cvojq%<
zuK>fk@95k3a5DN^E}Bi78(bi1ch#NCFK{rAb5jBR8c=!lZx<yAT7sL4XL$ZQY^k#I
z5`$eE#Pq1Fez+5H9XX$l2%5E1wW90|?iIfyg1~r;BHJ)+C<Eg;kqT*{sOua$vxjPv
z9_Fgkr#boMopC=wH<e_S|M%Qaq)Yw1C0b629OCb<7iNiX)8w`!QCO;?2(vkqlb*?S
zqU!NA-sISG`QT&_<e6YIdbRoRW^pU_=jwg9(t8iTcs6E4-(nU%k{!fDs+f9e<12qB
z&B6;_LNM?lmReQL8E^{#K^t)+YJtsf<U^%~DpTr+LW-6t33)*QraE>VvU01rhkd5m
zJQ@yWr%w8QJns0flcjk02DWf5{6dTjzOq5RgRwf4KmGmL7M~f-6Q<emi$C5xW}Ha*
z=?DwsNOelR9I$ox96H0lIU`u0OthH_{bUzp!iw<WwOjdw^7zY8yF#7k+QJnqY>#$A
z1=hgFfmUYJ8&NZ9jqKvlZdoAGB&g#nqVC3DfDvo58Z?WN#CnvH9a_F^k$F{G;tt-d
z%@`M(Rb&ob1P2v4*JP8PGXXuJ-kms0lt0BJIF}XUJFyjsv5q1#zr)uN-7@&wg2@;;
z`BJtECLwFXzpY3~W_OZkO~oZps<J!jEGQLlq`x?uAzrIaklxkB-93U1?|qh4P(mi(
zN15tyEL_iIU&hSa=aHITZGMeuYA|L=#J9~r3ID>e4{QM{thmFRweW+s-nMWVi@7TD
zuWI{gf0H%8yhopLkQJ3D`IS_+`vsqfjgD*U;d1HzdcDy$%nR35`j3rlJ1M6-?dM1@
zu}KBw7!a85U>m!L4p1tk387{G$@G3cjBu+|js>rgpsBpty<H41J7lv_$*r`0a%FYK
zVQfv=CtplfjhEMaA5Xe(@{c9Odo#?}b&VzZpI^m#i#ulp9R0|^4uTI4q1Z=W5RgU<
zMunFe2ze_k1mPO1RCvkHfa@ICcfN#e=pRLncMne+la{{im<h59yglntU$E9Ku%O&m
zoV&I?(i=|y5L<ShEQL_eGf`%@v7)o{MYS&h9o#k_dl;DyMhHZV-eu{ax4kZFdf$*s
zO;l_gHd_U9rD=cu{S<EK^AX*q5ZZwgu8hjMrF8L`EDuAkJS5KKS)jXSI4h(0!>i>H
za$f=_ysnL`9Tgg3DFYceg?uq~Erte+&6e3XMH=Qlabsd7MHd+3YMpQfFG~qsdn*Ze
z0;55B6&Yos?o(W~&8YGENKj;@CQ=POP{edtc!~gM#N#b<ds$4WF`s)hxtv#uwJaCQ
zJg?YW7j925Sj`wH-?ksk?<t$)yDGXx@_wO5N4)VDlw@(ihsr7r7vZDJ*&TH+!U<<T
z(W`_Z?$Va+ls1(aY>~!C1IA3C^}8y<ja{TA&wWC6I^eF^<X*yaedEpNx{L}Orx%FO
zo3?Igxh!Ycw9}8V#g;4<glAzF<1VglxFA%Mz0&TKQgy(8b$O83rNx**H5}X?da)N$
zq8a3UIA(l;{atgKV<q!q+gW@3-f#SZ-$LUklX~5{`$C`VQk=a6ZhhZR^*y+f;F#+Q
zf3+k3dyzBoX()6VKNVES8)3(LBGd1QYDyb($01;cBdcn-N#QOR9;ek<fTw2ZF#`+8
zrXe$;(KRyqD;8#B=ae&MerG7Yx+2a5MvIz%7as)YOk}+-N7<RSh%N<2ov|X1QgE(k
z-AckL!kJWIcVm@S#F@+#b?gr7n)3L5L$}%6idTDOyFm4yajd!v^rNHJgFNz#WIK0<
zz&Lzve}ldA8OcBzrre-+I5|bSZXaX}HZanCG7KFRb*gZTBNwyp6UPeN+#G`B_q<N(
zWTPkYl`QI|6VT01iLpZ@*|bT54qUN+lxu<RMLljPJkCfam(fWd$wJR&RvXZB9HNE>
z&V$ZOkdPb9{BdpeC>KtT*Q!^C5Fw6+(x1OzVMow$(q5rxm)j3CH${0u#?=`)4e6_e
ztcIigeskV8B;Ab`Xswxy32E>LLs;x`I=?-`PDaWm0ihQpiG{}>?DyV!{R(Q5*JL)=
zjQG)CEpRds(=0y`;F&r^%~o3xa3$z*1;xk`d>kV>B4!8a5n_GLfK^1@$Pcx+Ek{&K
znM?*35ay53vPDpec2)Bv`P5JdwKAIDpw;zpMfzhVH*iLG{|lnOARGS$G0|~5h?N1A
z@2vIjL{A;bIOe1U1v&qFP<`Z-@D|nN4}-|h8XOhP82LDeXE-EH=^DfPIxoB4YN3|P
zxJjP}4WS3<L`*;L!g#(p8OJoG#f%Tt8fMgm&|tJTXn$z{g}5&G-1@(*aAWl2apX)c
z;1nEF8)ap(xU`ZaxXw2DnL`7s^;oogM2Q4^VLSNMhJ=m=d!%<T>^A>K6VYt*3#TNq
z9cFj#Fuv%qhuirc9B79w>2QBr`!fgb$CIbb*V7U{3?j{{Vi+1aK@<}{K7^$?F8;V;
zRtfkkvv2%usmMHCA(D5n#%j02)xI55zP$;?26gX8UNj-0j|(N#O?|c3k)7)am+`~y
z811@hD+#Rm*uy_*A;+uh-z+DK4Y4E$T;Y~Ka4y&eN=<FJ#6L=*{^qFHIF^To2(t33
zCSWyXtyCJXsZd(0acb-TaZE^-lTm~+iY$I46nzJ-rEpGN$e#)P&d!1EM0CYZbXC)!
z6oCE{NJXD1FE#!1q{b$K4rsRNZ^~D(H1YGLnot{ZZNITcTt8YdeTp>>&lCOkxE~kW
z+n0+6=$=#!MW3K%B9*Tnc5EIGZx=xXlku$M5j)9|w^+Fa5!R4%Oeg7$0(7Ji`OEsU
z>wf&RIg&B+v7bP1=_b@bs%|^$D-K~o1kUz&_1Y>l&djRMj+r6<vj?A|g$zQyL6q3U
z@i(iw@x~?hx~61^Dv=LYoBFl<_-)N0p9~)(9}Xr47a<xd6$T1AS<D&L$w#(v_g7IS
p<Hxl-re|umpU}z3o0{pohZgVc7mrjH=;+Fgqnim((EyQ%{{XhVk5~Wz

literal 0
HcmV?d00001


From 49c1a1b1e6a19b8cc9c1e4fd9e95f0677345e452 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 2 Sep 2020 18:50:09 +0200
Subject: [PATCH 138/237] Unified DAPS implementations

---
 .../camel/ids/server/DefaultWebsocket.java    |  10 +-
 ...entServerPlaintextWithAttestationTest.java |   6 +-
 .../idscp2/TrustedConnectorDapsDriver.kt      |  17 -
 .../idscp2/client/Idscp2ClientEndpoint.kt     |  19 +-
 .../camel/idscp2/server/CamelIdscp2Server.kt  |   5 +-
 .../idscp2/server/Idscp2ServerEndpoint.kt     |  14 +-
 .../aisec/ids/api/tokenm/TokenManager.java    |  17 +-
 ids-token-manager/build.gradle                |   1 +
 .../ids/tokenmanager/TokenManagerService.java | 466 +++---------------
 .../aisec/ids/webconsole/api/ConfigApi.java   |  13 +-
 .../daps/DefaultDapsDriver.java               | 302 +++++-------
 .../daps/DefaultDapsDriverConfig.java         |  40 +-
 .../keystores/PreConfiguration.java           |  92 ++--
 .../aisec/ids/idscp2/error/DatException.java  |  11 +
 .../idscp2/example/Idscp2ClientInitiator.java |   3 +-
 .../idscp2/example/Idscp2ServerInitiator.java |   1 +
 .../ids/idscp2/example/RunTLSClient.java      |   9 +-
 .../ids/idscp2/example/RunTLSServer.java      |   9 +-
 .../configuration/Idscp2Settings.java         |  36 +-
 idscp2/src/test/java/DapsDriverTest.java      | 394 +++++++--------
 20 files changed, 553 insertions(+), 912 deletions(-)
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/TrustedConnectorDapsDriver.kt
 create mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/DatException.java

diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
index da374c274..6bd50128d 100644
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
+++ b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
@@ -48,6 +48,7 @@
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
 import java.util.UUID;
 
 @WebSocket
@@ -236,12 +237,11 @@ private void validateDynamicAttributeToken(@NonNull String dat) throws DatExcept
 
 
         try {
-            //validate token signature, target Audience, expire date
-            var claims = tokenManager.verifyJWT(dat, dapsUrl);
-            //validate supported security attributes
-            tokenManager.validateDATSecurityAttributes(claims, connectionSettings);
+            //validate token signature, target Audience, expire date and security attributes
+            tokenManager.verifyJWT(dat, connectionSettings);
         } catch (Exception e) {
-            LOG.debug("Dat Verification failed: Message: " + e.getMessage() + "\n Trace:" + e.getStackTrace());
+            LOG.debug("Dat Verification failed: Message: " + e.getMessage() + "\n Trace:" +
+                    Arrays.toString(e.getStackTrace()));
             throw new DatException(e.getMessage(), e);
         }
     }
diff --git a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
index 560696cd2..c27bbd9d1 100644
--- a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
+++ b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
@@ -31,12 +31,9 @@
 import org.apache.camel.component.mock.MockEndpoint;
 import org.apache.camel.test.junit4.CamelTestSupport;
 import org.junit.Before;
-import org.junit.BeforeClass;
 import org.junit.Test;
 
-import java.util.Collections;
 import java.util.List;
-import java.util.Map;
 
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.anyString;
@@ -56,8 +53,7 @@ public void mockRequiredBundles() throws Exception {
     when(settings.getConnectionSettings(anyString())).thenReturn(new ConnectionSettings());
     cc.setSettings(settings);
     TokenManager tm = mock(TokenManager.class);
-    when(tm.verifyJWT(anyString(), anyString())).thenReturn(Collections.emptyMap());
-    doNothing().when(tm).validateDATSecurityAttributes(any(), any(ConnectionSettings.class));
+    doNothing().when(tm).verifyJWT(anyString(), any(ConnectionSettings.class));
     cc.setTokenManager(tm);
     CamelComponent.setInstance(cc);
   }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/TrustedConnectorDapsDriver.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/TrustedConnectorDapsDriver.kt
deleted file mode 100644
index c757612ce..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/TrustedConnectorDapsDriver.kt
+++ /dev/null
@@ -1,17 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2
-
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
-import java.nio.file.Paths
-
-class TrustedConnectorDapsDriver(private val config: DefaultDapsDriverConfig) : DefaultDapsDriver(config) {
-    override fun getToken(): ByteArray {
-        Idscp2OsgiComponent.getTokenManager()?.acquireToken(
-                config.dapsUrl,
-                Paths.get(config.keyStorePath),
-                config.keyStorePassword,
-                config.keyAlias,
-                Paths.get(config.trustStorePath))
-        return Idscp2OsgiComponent.getSettings().dynamicAttributeToken.toByteArray()
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index b7dec25ba..831b2ff3b 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -19,7 +19,7 @@ package de.fhg.aisec.ids.camel.idscp2.client
 import de.fhg.aisec.ids.api.settings.Settings
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
-import de.fhg.aisec.ids.camel.idscp2.TrustedConnectorDapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
@@ -32,6 +32,7 @@ import org.apache.camel.spi.UriParam
 import org.apache.camel.support.DefaultEndpoint
 import org.apache.camel.support.jsse.SSLContextParameters
 import org.slf4j.LoggerFactory
+import java.nio.file.Paths
 import java.util.concurrent.CompletableFuture
 import java.util.regex.Pattern
 
@@ -71,7 +72,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
 
     private fun makeConnectionInternal(): CompletableFuture<Idscp2Connection> {
         val connectionFuture = CompletableFuture<Idscp2Connection>()
-        Idscp2ClientFactory(TrustedConnectorDapsDriver(dapsDriverConfig), NativeTLSDriver())
+        Idscp2ClientFactory(DefaultDapsDriver(dapsDriverConfig), NativeTLSDriver())
                 .connect(clientSettings, connectionFuture)
         return connectionFuture
     }
@@ -111,18 +112,22 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
                 .setDapsKeyAlias(dapsKeyAlias ?: "1")
         sslContextParameters?.let {
             clientSettingsBuilder
-                    .setKeyPassword(it.keyManagers?.keyPassword ?: "password")
-                    .setKeyStorePath(it.keyManagers?.keyStore?.resource)
+                    .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
+                            ?: "password".toCharArray())
+                    .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
                     .setKeyStoreKeyType(it.keyManagers?.keyStore?.type ?: "RSA")
-                    .setKeyStorePassword(it.keyManagers?.keyStore?.password ?: "password")
-                    .setTrustStorePath(it.trustManagers?.keyStore?.resource)
-                    .setTrustStorePassword(it.trustManagers?.keyStore?.password ?: "password")
+                    .setKeyStorePassword(it.keyManagers?.keyStore?.password?.toCharArray()
+                            ?: "password".toCharArray())
+                    .setTrustStorePath(Paths.get(it.trustManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
+                    .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
+                            ?: "password".toCharArray())
                     .setCertificateAlias(it.certAlias ?: "1.0.1")
         }
         clientSettings = clientSettingsBuilder.build()
         dapsDriverConfig = DefaultDapsDriverConfig.Builder()
                 .setDapsUrl(settings.connectorConfig.dapsUrl)
                 .setKeyAlias(clientSettings.dapsKeyAlias)
+                .setKeyPassword(clientSettings.keyPassword)
                 .setKeyStorePath(clientSettings.keyStorePath)
                 .setTrustStorePath(clientSettings.trustStorePath)
                 .setKeyStorePassword(clientSettings.keyStorePassword)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index 1e45481ca..7ca73fc89 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -17,8 +17,8 @@
 package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
-import de.fhg.aisec.ids.camel.idscp2.TrustedConnectorDapsDriver
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
@@ -35,6 +35,7 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
         val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
                 .setDapsUrl(Idscp2OsgiComponent.getSettings().connectorConfig.dapsUrl)
                 .setKeyAlias(serverSettings.dapsKeyAlias)
+                .setKeyPassword(serverSettings.keyPassword)
                 .setKeyStorePath(serverSettings.keyStorePath)
                 .setTrustStorePath(serverSettings.trustStorePath)
                 .setKeyStorePassword(serverSettings.keyStorePassword)
@@ -43,7 +44,7 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
         val serverConfiguration = Idscp2ServerFactory(
                 this,
                 serverSettings,
-                TrustedConnectorDapsDriver(dapsDriverConfig),
+                DefaultDapsDriver(dapsDriverConfig),
                 NativeTLSDriver()
         )
         server = serverConfiguration.listen(serverSettings)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index 70e85dd6f..d609826f8 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -27,6 +27,7 @@ import org.apache.camel.spi.UriParam
 import org.apache.camel.support.DefaultEndpoint
 import org.apache.camel.support.jsse.SSLContextParameters
 import org.slf4j.LoggerFactory
+import java.nio.file.Paths
 import java.util.*
 import java.util.regex.Pattern
 
@@ -121,12 +122,15 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
                 .setDapsKeyAlias(dapsKeyAlias)
         sslContextParameters?.let {
             clientSettingsBuilder
-                    .setKeyPassword(it.keyManagers?.keyPassword ?: "password")
-                    .setKeyStorePath(it.keyManagers?.keyStore?.resource)
+                    .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
+                            ?: "password".toCharArray())
+                    .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
                     .setKeyStoreKeyType(it.keyManagers?.keyStore?.type ?: "RSA")
-                    .setKeyStorePassword(it.keyManagers?.keyStore?.password ?: "password")
-                    .setTrustStorePath(it.trustManagers?.keyStore?.resource)
-                    .setTrustStorePassword(it.trustManagers?.keyStore?.password ?: "password")
+                    .setKeyStorePassword(it.keyManagers?.keyStore?.password?.toCharArray()
+                            ?: "password".toCharArray())
+                    .setTrustStorePath(Paths.get(it.trustManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
+                    .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
+                            ?: "password".toCharArray())
                     .setCertificateAlias(it.certAlias ?: "1.0.1")
         }
         serverSettings = clientSettingsBuilder.build()
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
index b29b0533f..5835d1e99 100755
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
@@ -22,7 +22,6 @@
 import de.fhg.aisec.ids.api.settings.ConnectionSettings;
 
 import java.nio.file.Path;
-import java.util.Map;
 
 /**
  * Interface of the Token Manager.
@@ -34,19 +33,17 @@
  */
 public interface TokenManager {
 
-  Map<String, Object> acquireToken(
+  void acquireToken(
           String dapsUrl,
           Path keyStorePath,
-          String keyStorePassword,
+          char[] keyStorePassword,
           String keystoreAliasName,
-          Path trustStorePath);
+          char[] keyPassword,
+          Path trustStorePath,
+          char[] trustStorePassword);
 
-  Map<String, Object> verifyJWT(
+  void verifyJWT(
       String dynamicAttributeToken,
-      String dapsUrl) throws Exception;
-
-  void validateDATSecurityAttributes(
-      Map<String, Object> claims,
-          ConnectionSettings connectionSettings) throws DatException;
+      ConnectionSettings connectionSettings) throws Exception;
 
 }
diff --git a/ids-token-manager/build.gradle b/ids-token-manager/build.gradle
index 2b852b204..8d8be6f02 100755
--- a/ids-token-manager/build.gradle
+++ b/ids-token-manager/build.gradle
@@ -1,5 +1,6 @@
 dependencies {
     providedByBundle(project(':ids-api')) { transitive = false }
+    providedByBundle(project(':idscp2')) { transitive = false }
 
     osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
 
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index 6d612b71b..4dcbf4e74 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -22,28 +22,10 @@
 import de.fhg.aisec.ids.api.settings.ConnectionSettings;
 import de.fhg.aisec.ids.api.settings.ConnectorConfig;
 import de.fhg.aisec.ids.api.settings.Settings;
-import de.fhg.aisec.ids.api.tokenm.DatException;
 import de.fhg.aisec.ids.api.tokenm.TokenManager;
-import io.jsonwebtoken.JwtBuilder;
-import io.jsonwebtoken.JwtException;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
-import okhttp3.*;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.jose4j.http.Get;
-import org.jose4j.jwk.HttpsJwks;
-import org.jose4j.jws.AlgorithmIdentifiers;
-import org.jose4j.jwt.JwtClaims;
-import org.jose4j.jwt.MalformedClaimException;
-import org.jose4j.jwt.consumer.ErrorCodes;
-import org.jose4j.jwt.consumer.InvalidJwtException;
-import org.jose4j.jwt.consumer.JwtConsumer;
-import org.jose4j.jwt.consumer.JwtConsumerBuilder;
-import org.jose4j.keys.resolvers.HttpsJwksVerificationKeyResolver;
-import org.json.JSONObject;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.SecurityRequirements;
 import org.osgi.service.component.annotations.Activate;
 import org.osgi.service.component.annotations.Component;
 import org.osgi.service.component.annotations.Reference;
@@ -51,21 +33,9 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import javax.net.ssl.*;
-import java.io.IOException;
-import java.io.InputStream;
+import java.nio.charset.StandardCharsets;
 import java.nio.file.FileSystems;
-import java.nio.file.Files;
 import java.nio.file.Path;
-import java.security.*;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.time.Instant;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Date;
-import java.util.Map;
-import java.util.concurrent.TimeUnit;
 
 
 /**
@@ -80,370 +50,87 @@ public class TokenManagerService implements TokenManager {
   @SuppressWarnings("FieldMayBeFinal")
   @Reference(cardinality = ReferenceCardinality.MANDATORY)
   private Settings settings = null;
-  private SSLSocketFactory sslSocketFactory = null;
+  private DefaultDapsDriver driver;
 
   /**
-   * Method to aquire a Dynamic Attribute Token (DAT) from a Dynamic Attribute Provisioning Service
+   * Method to acquire a Dynamic Attribute Token (DAT) from a Dynamic Attribute Provisioning Service
    * (DAPS)
-   *
-   * @param dapsUrl           The token aquiry URL (e.g., http://daps.aisec.fraunhofer.de
-   * @param keyStorePath      Name of the keystore file (e.g., server-keystore.jks)
-   * @param keyStorePassword  Password of keystore
-   * @param keystoreAliasName Alias of the connector's key entry. For default keystores with only
-   *                          one entry, this is '1'
-   * @param trustStorePath    Name of the truststore file
+   * @param dapsUrl            The token aquiry URL (e.g., http://daps.aisec.fraunhofer.de
+   * @param keyStorePath       Name of the keystore file (e.g., server-keystore.p12)
+   * @param keyStorePassword   Password of keystore
+   * @param keystoreAliasName  Alias of the connector's key entry.
+   *                           For default keystores with only one entry, this is '1'
+   * @param trustStorePath     Name of the truststore file
+   * @param trustStorePassword Password of truststore
    */
   @Override
-  public Map<String, Object> acquireToken(
+  public void acquireToken(
           String dapsUrl,
           Path keyStorePath,
-          String keyStorePassword,
+          char[] keyStorePassword,
           String keystoreAliasName,
-          Path trustStorePath) {
-
-    String dynamicAttributeToken = "INVALID_TOKEN";
-    String targetAudience = "idsc:IDS_CONNECTORS_ALL";
-
-    Map<String, Object> jwtClaims = null;
-
-    // Try clause for setup phase (loading keys, building trust manager)
-    try {
-      InputStream jksKeyStoreInputStream = Files.newInputStream(keyStorePath);
-      InputStream jksTrustStoreInputStream = Files.newInputStream(trustStorePath);
-
-      KeyStore keystore = KeyStore.getInstance("JKS");
-      KeyStore trustManagerKeyStore = KeyStore.getInstance("JKS");
-
-      LOG.info("Loading key store: " + keyStorePath);
-      LOG.info("Loading trust store: " + trustStorePath);
-      keystore.load(jksKeyStoreInputStream, keyStorePassword.toCharArray());
-      trustManagerKeyStore.load(jksTrustStoreInputStream, keyStorePassword.toCharArray());
-      java.security.cert.Certificate[] certs = trustManagerKeyStore.getCertificateChain("ca");
-      LOG.info("Cert chain: " + Arrays.toString(certs));
-
-      LOG.info("LOADED CA CERT: " + trustManagerKeyStore.getCertificate("ca"));
-      jksKeyStoreInputStream.close();
-      jksTrustStoreInputStream.close();
-
-      // get private key
-      Key privKey = keystore.getKey(keystoreAliasName, keyStorePassword.toCharArray());
-      // Get certificate of public key
-      X509Certificate cert = (X509Certificate) keystore.getCertificate(keystoreAliasName);
-
-
-
-      TrustManager[] trustManagers;
-      try {
-        TrustManagerFactory trustManagerFactory =
-            TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
-        trustManagerFactory.init(trustManagerKeyStore);
-        trustManagers = trustManagerFactory.getTrustManagers();
-        if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
-          throw new IllegalStateException(
-              "Unexpected default trust managers:" + Arrays.toString(trustManagers));
-        }
-        SSLContext sslContext = SSLContext.getInstance("TLS");
-        sslContext.init(null, trustManagers, null);
-        sslSocketFactory = sslContext.getSocketFactory();
-      } catch (GeneralSecurityException e) {
-        throw new RuntimeException(e);
-      }
-
-      // Get AKI
-      //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
-      String aki_oid = Extension.authorityKeyIdentifier.getId();
-      byte[] rawAuthorityKeyIdentifier = cert.getExtensionValue(aki_oid);
-      ASN1OctetString akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIdentifier);
-      AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(akiOc.getOctets());
-      byte[] authorityKeyIdentifier = aki.getKeyIdentifier();
-
-      //GET SKI
-      String ski_oid = Extension.subjectKeyIdentifier.getId();
-      byte[] rawSubjectKeyIdentifier = cert.getExtensionValue(ski_oid);
-      ASN1OctetString ski0c = ASN1OctetString.getInstance(rawSubjectKeyIdentifier);
-      SubjectKeyIdentifier ski = SubjectKeyIdentifier.getInstance(ski0c.getOctets());
-      byte[] subjectKeyIdentifier = ski.getKeyIdentifier();
-
-      String aki_result = beatifyHex(encodeHexString(authorityKeyIdentifier).toUpperCase());
-      String ski_result = beatifyHex(encodeHexString(subjectKeyIdentifier).toUpperCase());
-
-      String connectorUUID = ski_result + "keyid:" + aki_result.substring(0, aki_result.length() - 1);
-
-      LOG.info("ConnectorUUID: " + connectorUUID);
-      LOG.info("Retrieving Dynamic Attribute Token...");
-
-
-      // create signed JWT (JWS)
-      // Create expiry date one day (86400 seconds) from now
-      Date expiryDate = Date.from(Instant.now().plusSeconds(86400));
-      JwtBuilder jwtb =
-          Jwts.builder()
-              .setIssuer(connectorUUID)
-              .setSubject(connectorUUID)
-              .claim("@context", "https://w3id.org/idsa/contexts/context.jsonld")
-              .claim("@type", "ids:DatRequestToken")
-              .setExpiration(expiryDate)
-              .setIssuedAt(Date.from(Instant.now()))
-              .setAudience(targetAudience)
-              .setNotBefore(Date.from(Instant.now()));
-
-      String jws = jwtb.signWith(privKey, SignatureAlgorithm.RS256).compact();
-      LOG.info("Request token: " + jws);
-
-      // build form body to embed client assertion into post request
-      RequestBody formBody =
-          new FormBody.Builder()
-              .add("grant_type", "client_credentials")
-              .add(
-                  "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
-              .add("client_assertion", jws)
-              .add("scope", "idsc:IDS_CONNECTOR_ATTRIBUTES_ALL")
-              .build();
-
-      OkHttpClient.Builder builder = new OkHttpClient.Builder();
-
-      // configure client with trust manager
-      OkHttpClient client =
-          builder
-              .sslSocketFactory(this.sslSocketFactory, (X509TrustManager) trustManagers[0])
-              .connectTimeout(15, TimeUnit.SECONDS)
-              .writeTimeout(15, TimeUnit.SECONDS)
-              .readTimeout(15, TimeUnit.SECONDS)
-              .build();
-
-      Request request = new Request.Builder().url(dapsUrl + "/v2/token").post(formBody).build();
-      Response jwtResponse = client.newCall(request).execute();
-      if (!jwtResponse.isSuccessful()) {
-        throw new IOException("Unexpected code " + jwtResponse);
-      }
-      var responseBody = jwtResponse.body();
-      if (responseBody == null) {
-        throw new Exception("JWT response is null.");
-      }
-      var jwtString = responseBody.string();
-      LOG.info("Response body of token request:\n{}", jwtString);
-
-      JSONObject jsonObject = new JSONObject(jwtString);
-      dynamicAttributeToken = jsonObject.getString("access_token");
-
-      LOG.info("Dynamic Attribute Token: " + dynamicAttributeToken);
-
-      jwtClaims = verifyJWT(dynamicAttributeToken, dapsUrl);
-    } catch (KeyStoreException
-        | NoSuchAlgorithmException
-        | CertificateException
-        | UnrecoverableKeyException e) {
-      LOG.error("Cannot acquire token:", e);
-    } catch (IOException e) {
-      LOG.error("Error retrieving token:", e);
-    } catch (Exception e) {
-      LOG.error("Something else went wrong:", e);
-    }
-
-    settings.setDynamicAttributeToken(dynamicAttributeToken);
-
-    return jwtClaims;
+          char[] keyPassword,
+          Path trustStorePath,
+          char[] trustStorePassword) {
+
+    final var dapsConfig = new DefaultDapsDriverConfig.Builder()
+            .setDapsUrl(dapsUrl)
+            .setKeyStorePath(keyStorePath)
+            .setKeyStorePassword(keyStorePassword)
+            .setKeyAlias(keystoreAliasName)
+            .setKeyPassword(keyPassword)
+            .setTrustStorePath(trustStorePath)
+            .setTrustStorePassword(trustStorePassword)
+            .build();
+    this.driver = new DefaultDapsDriver(dapsConfig);
+    settings.setDynamicAttributeToken(new String(driver.getToken(), StandardCharsets.UTF_8));
   }
 
   @Override
-  public Map<String, Object> verifyJWT(
+  public void verifyJWT(
       String dynamicAttributeToken,
-      String dapsUrl) throws Exception {
-    if (sslSocketFactory == null) {
-      throw new JwtException("SSLSocketFactory is null, acquireToken() must be called first!");
-    }
-
-    try {
-      // The HttpsJwks retrieves and caches keys from a the given HTTPS JWKS endpoint.
-      // Because it retains the JWKs after fetching them, it can and should be reused
-      // to improve efficiency by reducing the number of outbound calls the the endpoint.
-      HttpsJwks httpsJkws = new HttpsJwks(dapsUrl + "/.well-known/jwks.json");
-      Get getInstance = new Get();
-      getInstance.setSslSocketFactory(sslSocketFactory);
-      httpsJkws.setSimpleHttpGet(getInstance);
-
-      // The HttpsJwksVerificationKeyResolver uses JWKs obtained from the HttpsJwks and will select
-      // the most appropriate one to use for verification based on the Key ID and other factors
-      // provided in the header of the JWS/JWT.
-      HttpsJwksVerificationKeyResolver httpsJwksKeyResolver =
-          new HttpsJwksVerificationKeyResolver(httpsJkws);
-
-      // Use JwtConsumerBuilder to construct an appropriate JwtConsumer, which will
-      // be used to validate and process the JWT.
-      // The specific validation requirements for a JWT are context dependent, however,
-      // it typically advisable to require a (reasonable) expiration time, a trusted issuer, and
-      // and audience that identifies your system as the intended recipient.
-      // If the JWT is encrypted too, you need only provide a decryption key or
-      // decryption key resolver to the builder.
-      JwtConsumer jwtConsumer =
-          new JwtConsumerBuilder()
-              .setRequireExpirationTime() // the JWT must have an expiration time
-              .setAllowedClockSkewInSeconds(
-                  30) // allow some leeway in validating time based claims to account for clock skew
-              .setRequireSubject() // the JWT must have a subject claim
-              .setExpectedIssuer(
-                  "https://daps.aisec.fraunhofer.de") // whom the JWT needs to have been issued by
-              //FIXME: Hardcoded two v1 and v2 values. Need to add versioning to correctly handle tokens.
-              .setExpectedAudience(true, "IDS_Connector", "idsc:IDS_CONNECTORS_ALL") // to whom the JWT is intended for
-              .setVerificationKeyResolver(httpsJwksKeyResolver)
-              .setJwsAlgorithmConstraints( // only allow the expected signature algorithm(s) in the
-                  // given context
-                  new org.jose4j.jwa.AlgorithmConstraints(
-                      org.jose4j.jwa.AlgorithmConstraints.ConstraintType
-                          .WHITELIST, // which is only RS256 here
-                      AlgorithmIdentifiers.RSA_USING_SHA256))
-              .build(); // create the JwtConsumer instance
-
-      LOG.info("Verifying JWT...");
-      //  Validate the JWT and process it to the Claims
-      JwtClaims jwtClaims = jwtConsumer.processToClaims(dynamicAttributeToken);
-      LOG.info("JWT validation succeeded! " + jwtClaims);
-
-      return jwtClaims.getClaimsMap();
-    } catch (InvalidJwtException e) {
-      // InvalidJwtException will be thrown, if the JWT failed processing or validation in anyway.
-      // Hopefully with meaningful explanations(s) about what went wrong.
-      LOG.warn("Invalid JWT!", e);
-
-      // Programmatic access to (some) specific reasons for JWT invalidity is also possible
-      // should you want different error handling behavior for certain conditions.
-
-      // Whether or not the JWT has expired being one common reason for invalidity
-      if (e.hasExpired()) {
-        try {
-          LOG.warn("JWT expired at " + e.getJwtContext().getJwtClaims().getExpirationTime());
-        } catch (MalformedClaimException e1) {
-          LOG.error("Malformed claim encountered", e1);
-        }
-      }
-
-      // Or maybe the audience was invalid
-      if (e.hasErrorCode(ErrorCodes.AUDIENCE_INVALID)) {
-        try {
-          LOG.warn("JWT had wrong audience: " + e.getJwtContext().getJwtClaims().getAudience());
-        } catch (MalformedClaimException e1) {
-          LOG.error("Malformed claim encountered", e1);
-        }
-      }
-
-      throw e;
-    }
-  }
-
-  @Override
-  @SuppressWarnings("unchecked")
-  public void validateDATSecurityAttributes(Map<String, Object> claims, ConnectionSettings connectionSettings)
-      throws DatException {
-    try {
-
-      String securityProfile = claims.get("securityProfile").toString();
-
-      //FIXME: Validate security profile the proper way
-
-      ArrayList<String> validTrustProfiles=new ArrayList<String>();
-      validTrustProfiles.add("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE");
-      validTrustProfiles.add("idsc:BASE_CONNECTOR_SECURITY_PROFILE");
-      validTrustProfiles.add("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE");
-
-      if (!validTrustProfiles.contains(securityProfile)) {
-        throw new DatException("Client does not support valid trust profile.");
-      }
-      //TODO Check for trust profile
-
-      if(connectionSettings.getRequiredSecurityProfile().equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")) {
-        if (!securityProfile.equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")
-            && !securityProfile.equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
-            && !securityProfile.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
-
-          throw new DatException(
-              "Client does not support required trust profile: Required: "
-                  + connectionSettings.getRequiredSecurityProfile()
-                  + " given: "
-                  + securityProfile);
-        }
-      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) {
-        if (!securityProfile.equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE") &&
-            !securityProfile.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
-          throw new DatException(
-              "Client does not support required trust profile: Required: "
-                  + connectionSettings.getRequiredSecurityProfile()
-                  + " given: "
-                  + securityProfile);
-        }
-      } else if(connectionSettings.getRequiredSecurityProfile().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
-          if (!securityProfile.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
-            throw new DatException(
-                "Client does not support required trust profile: Required: "
-                    + connectionSettings.getRequiredSecurityProfile()
-                    + " given: "
-                    + securityProfile);
-          }
-      } else {
-        throw new DatException(
-            "Client does not support any valid trust profile: Required: "
-                + connectionSettings.getRequiredSecurityProfile()
-                + " given: "
-                + securityProfile);
-      }
-
-      // TODO: validate further security attributes
-    } catch (NumberFormatException e) {
-      throw new DatException("Connection settings contains an invalid number format.", e);
-    }
-  }
-
-  /***
-   * Split string ever len chars and return string array
-   * @param src
-   * @param len
-   * @return
-   */
-  public static String[] split(String src, int len) {
-    String[] result = new String[(int)Math.ceil((double)src.length()/(double)len)];
-    for (int i=0; i<result.length; i++)
-      result[i] = src.substring(i*len, Math.min(src.length(), (i+1)*len));
-    return result;
-  }
-
-  /***
-   * Beautyfies Hex strings and will generate a result later used to create the client id (XX:YY:ZZ)
-   * @param hexString HexString to be beautified
-   * @return beautifiedHex result
-   */
-  private String beatifyHex(String hexString) {
-    String[] splitString = split(hexString, 2);
-    StringBuffer sb = new StringBuffer();
-    for(int i =0; i < splitString.length; i++) {
-      sb.append(splitString[i]);
-      sb.append(":");
+      ConnectionSettings connectionSettings) {
+    if (connectionSettings == null) {
+      this.driver.verifyToken(dynamicAttributeToken.getBytes(StandardCharsets.UTF_8), null);
+    } else {
+      SecurityRequirements securityRequirements = new SecurityRequirements.Builder()
+              .setRequiredSecurityLevel(connectionSettings.getRequiredSecurityProfile())
+              .build();
+      this.driver.verifyToken(dynamicAttributeToken.getBytes(StandardCharsets.UTF_8), securityRequirements);
     }
-    return sb.toString();
   }
 
-  /**
-   * Convert byte array to hex without any dependencies to libraries.
-   * @param num
-   * @return
-   */
-  private String byteToHex(byte num) {
-    char[] hexDigits = new char[2];
-    hexDigits[0] = Character.forDigit((num >> 4) & 0xF, 16);
-    hexDigits[1] = Character.forDigit((num & 0xF), 16);
-    return new String(hexDigits);
-  }
-
-  /**
-   * Encode a byte array to an hex string
-   * @param byteArray
-   * @return
-   */
-  private String encodeHexString(byte[] byteArray) {
-    StringBuffer hexStringBuffer = new StringBuffer();
-    for (int i = 0; i < byteArray.length; i++) {
-      hexStringBuffer.append(byteToHex(byteArray[i]));
-    }
-    return hexStringBuffer.toString();
-  }
+//  /**
+//   * Convert byte to hexadecimal chars without any dependencies to libraries.
+//   * @param num Byte to get hexadecimal representation for
+//   * @return The hexadecimal representation of the given byte value
+//   */
+//  private char[] byteToHex(byte num) {
+//    char[] hexDigits = new char[2];
+//    hexDigits[0] = Character.forDigit((num >> 4) & 0xF, 16);
+//    hexDigits[1] = Character.forDigit((num & 0xF), 16);
+//    return hexDigits;
+//  }
+//
+//  /**
+//   * Lookup table for encodeHexString()
+//   */
+//  private final HashMap<Byte, char[]> hexLookup = new HashMap<>();
+//  /**
+//   * Encode a byte array to a hex string
+//   * @param byteArray Byte array to get hexadecimal representation for
+//   * @return Hexadecimal representation of the given bytes
+//   */
+//  private String encodeHexString(byte[] byteArray, @SuppressWarnings("SameParameterValue") boolean beautify) {
+//    StringBuilder sb = new StringBuilder();
+//    for (byte b : byteArray) {
+//      sb.append(hexLookup.computeIfAbsent(b, this::byteToHex));
+//      if (beautify) {
+//        sb.append(':');
+//      }
+//    }
+//    return sb.toString();
+//  }
 
   @Activate
   public void run() {
@@ -451,12 +138,15 @@ public void run() {
     try {
       ConnectorConfig config = settings.getConnectorConfig();
       var ksRoot = FileSystems.getDefault().getPath("etc");
+      char[] ksPassword = config.getKeystorePassword().toCharArray();
       acquireToken(
-          config.getDapsUrl(),
-          ksRoot.resolve(config.getKeystoreName()),
-          config.getKeystorePassword(),
-          config.getKeystoreAliasName(),
-          ksRoot.resolve(config.getTruststoreName()));
+              config.getDapsUrl(),
+              ksRoot.resolve(config.getKeystoreName()),
+              ksPassword,
+              config.getKeystoreAliasName(),
+              ksPassword,
+              ksRoot.resolve(config.getTruststoreName()),
+              ksPassword);
 
     } catch (Exception e) {
       LOG.error("Token renewal failed", e);
diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
index 13c61d6ff..6e057d6fe 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
@@ -101,12 +101,15 @@ public String set(ConnectorConfig config) {
 
     try {
       var ksPath = FileSystems.getDefault().getPath("etc");
+      var password = config.getKeystorePassword().toCharArray();
       tokenManager.acquireToken(
-          config.getDapsUrl(),
-          ksPath.resolve(config.getKeystoreName()),
-          config.getKeystorePassword(),
-          config.getKeystoreAliasName(),
-          ksPath.resolve(config.getTruststoreName()));
+              config.getDapsUrl(),
+              ksPath.resolve(config.getKeystoreName()),
+              password,
+              config.getKeystoreAliasName(),
+              password,
+              ksPath.resolve(config.getTruststoreName()),
+              password);
     } catch (Exception e) {
       e.printStackTrace();
     }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
index 8b95dd922..439075f3e 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
@@ -2,26 +2,25 @@
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.error.DatException;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 import okhttp3.*;
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
+import org.bouncycastle.asn1.x509.Extension;
+import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
+import org.checkerframework.checker.nullness.qual.NonNull;
 import org.jose4j.http.Get;
 import org.jose4j.jwa.AlgorithmConstraints;
 import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
 import org.jose4j.jwk.HttpsJwks;
 import org.jose4j.jws.AlgorithmIdentifiers;
 import org.jose4j.jwt.JwtClaims;
-import org.jose4j.jwt.MalformedClaimException;
 import org.jose4j.jwt.NumericDate;
-import org.jose4j.jwt.consumer.InvalidJwtException;
 import org.jose4j.jwt.consumer.JwtConsumer;
 import org.jose4j.jwt.consumer.JwtConsumerBuilder;
 import org.jose4j.keys.resolvers.HttpsJwksVerificationKeyResolver;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
 import org.json.JSONObject;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -31,12 +30,14 @@
 import javax.net.ssl.TrustManager;
 import javax.net.ssl.X509ExtendedTrustManager;
 import java.io.IOException;
+import java.nio.charset.StandardCharsets;
 import java.security.Key;
 import java.security.KeyManagementException;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.X509Certificate;
 import java.time.Instant;
 import java.util.Date;
+import java.util.HashMap;
 import java.util.concurrent.TimeUnit;
 
 /**
@@ -52,7 +53,7 @@ public class DefaultDapsDriver implements DapsDriver {
     private final X509ExtendedTrustManager trustManager; //trust manager can be reused
     private final Key privateKey; //private key can be reused
     private final String dapsUrl;
-    private final String targetAudience = "idsc:IDS_CONNECTORS_ALL";
+    private final String TARGET_AUDIENCE = "idsc:IDS_CONNECTORS_ALL";
     private final X509Certificate cert;
 
     public DefaultDapsDriver(DefaultDapsDriverConfig config) {
@@ -62,7 +63,8 @@ public DefaultDapsDriver(DefaultDapsDriverConfig config) {
         privateKey = PreConfiguration.getKey(
                 config.getKeyStorePath(),
                 config.getKeyStorePassword(),
-                config.getKeyAlias()
+                config.getKeyAlias(),
+                config.getKeyPassword()
         );
 
         cert = PreConfiguration.getCertificate(
@@ -87,14 +89,11 @@ public DefaultDapsDriver(DefaultDapsDriverConfig config) {
         }
     }
 
-    /*
+    /**
      * Receive the signed and valid dynamic attribute token from the DAPS
-     *
-     * return "INVALID_TOKEN" on failure
      */
     @Override
     public byte[] getToken() {
-        String invalidToken = "INVALID_TOKEN";
         String token;
 
         LOG.info("Retrieving Dynamic Attribute Token from Daps ...");
@@ -103,40 +102,45 @@ public byte[] getToken() {
         // Get AKI
         //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
         String aki_oid = Extension.authorityKeyIdentifier.getId();
-        byte[] rawAuthorityKeyIndentifier = cert.getExtensionValue(aki_oid);
-        ASN1OctetString akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIndentifier);
+        byte[] rawAuthorityKeyIdentifier = cert.getExtensionValue(aki_oid);
+        ASN1OctetString akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIdentifier);
         AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(akiOc.getOctets());
-        byte[] authorityKeyIndentifier = aki.getKeyIdentifier();
+        byte[] authorityKeyIdentifier = aki.getKeyIdentifier();
 
         //GET SKI
-        byte[] octets = DEROctetString.getInstance(rawAuthorityKeyIndentifier).getOctets();
-        AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(octets);
-        byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier();
         String ski_oid = Extension.subjectKeyIdentifier.getId();
-        byte[] rawSubjectKeyIdenfier = cert.getExtensionValue(ski_oid);
-        ASN1OctetString ski0c = ASN1OctetString.getInstance(rawSubjectKeyIdenfier);
+        byte[] rawSubjectKeyIdentifier = cert.getExtensionValue(ski_oid);
+        ASN1OctetString ski0c = ASN1OctetString.getInstance(rawSubjectKeyIdentifier);
         SubjectKeyIdentifier ski = SubjectKeyIdentifier.getInstance(ski0c.getOctets());
-
         byte[] subjectKeyIdentifier = ski.getKeyIdentifier();
 
-        DEROctetString dos = new DEROctetString(authorityKeyIndentifier);
-        String aki_result = beatifyHex(encodeHexString(authorityKeyIndentifier).toUpperCase());
-        String ski_result = beatifyHex(encodeHexString(subjectKeyIdentifier).toUpperCase());
-        LOG.info("AKI: " + aki_result);
-        LOG.info("SKI: " + ski_result);
+        String aki_result = encodeHexString(authorityKeyIdentifier, true).toUpperCase();
+        String ski_result = encodeHexString(subjectKeyIdentifier, true).toUpperCase();
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("AKI: " + aki_result);
+            LOG.debug("SKI: " + ski_result);
+        }
 
         String connectorUUID = ski_result + "keyid:" + aki_result.substring(0, aki_result.length() - 1);
 
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("ConnectorUUID: " + connectorUUID);
+            LOG.debug("Retrieving Dynamic Attribute Token...");
+        }
+
         //create signed JWT
         String jwt =
                 Jwts.builder()
                         .setIssuer(connectorUUID)
                         .setSubject(connectorUUID)
+                        .claim("@context", "https://w3id.org/idsa/contexts/context.jsonld")
+                        .claim("@type", "ids:DatRequestToken")
                         .setExpiration(Date.from(Instant.now().plusSeconds(86400)))
                         .setIssuedAt(Date.from(Instant.now()))
                         .setNotBefore(Date.from(Instant.now()))
-                        .setAudience(targetAudience)
-                        .signWith(privateKey, SignatureAlgorithm.RS256).compact();
+                        .setAudience(TARGET_AUDIENCE)
+                        .signWith(privateKey, SignatureAlgorithm.RS256)
+                        .compact();
 
         //build http client and request for DAPS
         RequestBody formBody =
@@ -145,7 +149,7 @@ public byte[] getToken() {
                         .add(
                                 "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
                         .add("client_assertion", jwt)
-                        .add("scope", "ids_connector")
+                        .add("scope", "idsc:IDS_CONNECTOR_ATTRIBUTES_ALL")
                         .build();
 
         OkHttpClient client =
@@ -158,7 +162,7 @@ public byte[] getToken() {
 
         Request request =
                 new Request.Builder()
-                        .url(dapsUrl.concat("/token"))
+                        .url(dapsUrl.concat("/v2/token"))
                         .post(formBody)
                         .build();
 
@@ -171,64 +175,46 @@ public byte[] getToken() {
 
             //check for valid response
             if (!response.isSuccessful()) {
-                if (LOG.isWarnEnabled()) {
-                    LOG.warn("Get unsuccessful http response: {}", response.toString());
-                }
-                return invalidToken.getBytes();
+                throw new DatException("Received non-200 http response: " + response.code());
             }
 
             if (response.body() == null) {
-                if (LOG.isWarnEnabled()) {
-                    LOG.warn("Get empty DAPS response");
-                }
-                return invalidToken.getBytes();
+                throw new DatException("Received empty DAPS response");
             }
 
             JSONObject json = new JSONObject(response.body().string());
             if (json.has("access_token")) {
                 token = json.getString("access_token");
-                LOG.info("Get access_token from DAPS: {}", token);
-            } else if (json.has("error")) {
-                if (LOG.isWarnEnabled()) {
-                    LOG.warn("Get DAPS error response: {}", json.getString("error"));
+                if (LOG.isDebugEnabled()) {
+                    LOG.debug("Received DAT from DAPS: {}", token);
                 }
-                return invalidToken.getBytes();
+            } else if (json.has("error")) {
+                throw new DatException("DAPS reported error: " + json.getString("error"));
             } else {
-                if (LOG.isWarnEnabled()) {
-                    LOG.warn("Get unknown DAPS response format: {}", json.toString());
-                }
-                return invalidToken.getBytes();
+                throw new DatException("DAPS response does not contain \"access_token\" or \"error\" field.");
             }
 
-            //verify token once without security attr validation before providing it
-            if (verifyToken(token.getBytes(), null) > 0) {
-                LOG.info("DAT is valid");
-                return token.getBytes();
-            } else {
-                if (LOG.isWarnEnabled()) {
-                    LOG.warn("DAT validation failed");
-                }
-                return invalidToken.getBytes();
-            }
+            verifyToken(token.getBytes(StandardCharsets.UTF_8), null);
+            return token.getBytes(StandardCharsets.UTF_8);
         } catch (IOException e) {
-            LOG.error("Cannot acquire DAT from DAPS: ", e);
-            return invalidToken.getBytes();
+            throw new DatException("Error whilst retrieving DAT", e);
         }
     }
 
-    /*
+    /**
      * Verify a given dynamic attribute token
      *
      * If the security requirements is not null and an instance of the SecurityRequirements class
      * the method will also check the provided security attributes of the connector that belongs
      * to the provided DAT
      *
-     * Return the number of seconds, des DAT is valid, or -1 if validation failed
+     * @return The number of seconds this DAT is valid
      */
     @Override
     public long verifyToken(byte[] dat, Object securityRequirements) {
-
-        LOG.info("Verify dynamic attribute token ...");
+        if (LOG.isDebugEnabled()) {
+            LOG.debug("Verifying dynamic attribute token...");
+        }
 
         // Get JsonWebKey JWK from JsonWebKeyStore JWKS using DAPS JWKS endpoint
         HttpsJwks httpsJwks = new HttpsJwks(dapsUrl.concat("/.well-known/jwks.json"));
@@ -246,7 +232,7 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                         .setRequireExpirationTime()         // has expiration time
                         .setAllowedClockSkewInSeconds(30)   // leeway in validation time
                         .setRequireSubject()                // has subject
-                        .setExpectedAudience(targetAudience)
+                        .setExpectedAudience(true, "IDS_Connector", TARGET_AUDIENCE)
                         .setExpectedIssuer(dapsUrl)         // e.g. https://daps.aisec.fraunhofer.de
                         .setVerificationKeyResolver(jwksKeyResolver) //get decryption key from jwks
                         .setJweAlgorithmConstraints(
@@ -257,29 +243,16 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                         )
                         .build();
 
-        //verify dat
+        long validityTime;
         JwtClaims claims;
-        NumericDate expTime;
-
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("Request JWKS from DAPS for validating DAT");
-        }
 
         try {
-            claims = jwtConsumer.processToClaims(new String(dat));
-            expTime = claims.getExpirationTime();
-        } catch (InvalidJwtException e) {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("DAPS response is not a valid DAT format", e);
-            }
-            return -1;
-        } catch (MalformedClaimException e) {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("DAT does not contain expiration time", e);
-            }
-            return -1;
+            claims = jwtConsumer.processToClaims(new String(dat, StandardCharsets.UTF_8));
+            NumericDate expTime = claims.getExpirationTime();
+            validityTime = expTime.getValue() - NumericDate.now().getValue();
+        } catch (Exception e) {
+            throw new DatException("Error during claims processing", e);
         }
-        long validityTime = expTime.getValue() - NumericDate.now().getValue();
 
         //check security requirements
         if (securityRequirements != null) {
@@ -287,137 +260,86 @@ public long verifyToken(byte[] dat, Object securityRequirements) {
                 LOG.debug("Validate security attributes");
             }
 
-            if (securityRequirements instanceof SecurityRequirements) {
-                SecurityRequirements secRequirements = (SecurityRequirements) securityRequirements;
-                SecurityRequirements providedSecurityProfile =
-                        parseSecurityRequirements(claims.toJson());
-
-                if (providedSecurityProfile == null) {
-                    return -1;
-                }
-
-                //toDo add further security attribute validation
+            if (!(securityRequirements instanceof SecurityRequirements)) {
+                throw new DatException("Invalid security requirements format. Expected " +
+                        SecurityRequirements.class.getName());
+            }
+            SecurityRequirements secRequirements = (SecurityRequirements) securityRequirements;
+            final var securityLevel =
+                    parseSecurityRequirements(claims.toJson()).getRequiredSecurityLevel();
 
+            if (securityLevel == null) {
+                throw new DatException("No security profile provided");
+            }
 
-                if(secRequirements.getRequiredSecurityLevel().equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")) {
-                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE") ||
-                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE") ||
-                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
-                        LOG.info("DAT is valid and secure");
-                        return validityTime;
-                    } else {
-                        if (LOG.isWarnEnabled()) {
-                            LOG.warn("DAT does not fulfill the security requirements");
-                        }
-                        return -1;
+            switch (secRequirements.getRequiredSecurityLevel()) {
+                case "idsc:BASE_CONNECTOR_SECURITY_PROFILE":
+                    if (securityLevel.equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")) {
+                        break;
                     }
-                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) {
-                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE") ||
-                        providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
-                        LOG.info("DAT is valid and secure");
-                        return validityTime;
-                    } else {
-                        if (LOG.isWarnEnabled()) {
-                            LOG.warn("DAT does not fulfill the security requirements, TRUST LEVEL not reached");
-                        }
-                        return -1;
+                case "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE":
+                    if (securityLevel.equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) {
+                        break;
                     }
-                } else if(secRequirements.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
-                    if (providedSecurityProfile.getRequiredSecurityLevel().equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
-                        LOG.info("DAT is valid and secure");
-                        return validityTime;
-                    } else {
-                        if (LOG.isWarnEnabled()) {
-                            LOG.warn("DAT does not fulfill the security requirements, TRUST+ LEVEL not reached");
-                        }
-                        return -1;
+                case "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE":
+                    if (securityLevel.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
+                        break;
                     }
-                } else {
-                    if (LOG.isWarnEnabled()) {
-                        LOG.warn("DAT does not fulfill the security requirements, not supported trust level");
-                    }
-                    return -1;
-                }
-
-            } else {
-                //invalid security requirements format
-                if (LOG.isWarnEnabled()) {
-                    LOG.warn("Invalid security requirements format. Expected SecurityRequirements.class");
-                }
-                return -1;
+                default:
+                    throw new DatException(
+                            "Client does not support any valid trust profile: Required: "
+                                    + secRequirements.getRequiredSecurityLevel()
+                                    + " given: "
+                                    + securityLevel);
             }
-        } else {
-            LOG.info("DAT is valid");
-            return validityTime;
         }
-    } //returns number of seconds dat is valid
 
-    private SecurityRequirements parseSecurityRequirements(String dynamicAttrToken) {
-        JSONObject asJson = new JSONObject(dynamicAttrToken);
+        LOG.debug("DAT is valid");
+        return validityTime;
+    }
+
+    @NonNull
+    private SecurityRequirements parseSecurityRequirements(String dat) {
+        JSONObject asJson = new JSONObject(dat);
 
         if (!asJson.has("securityProfile")) {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("DAT does not contain securityProfile");
-            }
-            return null;
+            throw new DatException("DAT does not contain securityProfile");
         }
-        //toDo parse further security attributes
-        //FIXME: Does this make sense? How are security requirements mapped?
+
         return new SecurityRequirements.Builder()
                 .setRequiredSecurityLevel(asJson.getString("securityProfile"))
                 .build();
     }
 
-    /***
-     * Split string ever len chars and return string array
-     * @param src
-     * @param len
-     * @return
-     */
-    public static String[] split(String src, int len) {
-        String[] result = new String[(int)Math.ceil((double)src.length()/(double)len)];
-        for (int i=0; i<result.length; i++)
-            result[i] = src.substring(i*len, Math.min(src.length(), (i+1)*len));
-        return result;
-    }
-
-    /***
-     * Beautyfies Hex strings and will generate a result later used to create the client id (XX:YY:ZZ)
-     * @param hexString HexString to be beautified
-     * @return beautifiedHex result
-     */
-    private String beatifyHex(String hexString) {
-        String[] splitString = split(hexString, 2);
-        StringBuffer sb = new StringBuffer();
-        for(int i =0; i < splitString.length; i++) {
-            sb.append(splitString[i]);
-            sb.append(":");
-        }
-        return sb.toString();
-    }
-
     /**
-     * Convert byte array to hex without any dependencies to libraries.
-     * @param num
-     * @return
+     * Convert byte to hexadecimal chars without any dependencies to libraries.
+     * @param num Byte to get hexadecimal representation for
+     * @return The hexadecimal representation of the given byte value
      */
-    private String byteToHex(byte num) {
+    private char[] byteToHex(byte num) {
         char[] hexDigits = new char[2];
         hexDigits[0] = Character.forDigit((num >> 4) & 0xF, 16);
         hexDigits[1] = Character.forDigit((num & 0xF), 16);
-        return new String(hexDigits);
+        return hexDigits;
     }
 
     /**
-     * Encode a byte array to an hex string
-     * @param byteArray
-     * @return
+     * Lookup table for encodeHexString()
      */
-    private String encodeHexString(byte[] byteArray) {
-        StringBuffer hexStringBuffer = new StringBuffer();
-        for (int i = 0; i < byteArray.length; i++) {
-            hexStringBuffer.append(byteToHex(byteArray[i]));
+    private final HashMap<Byte, char[]> hexLookup = new HashMap<>();
+    /**
+     * Encode a byte array to a hex string
+     * @param byteArray Byte array to get hexadecimal representation for
+     * @return Hexadecimal representation of the given bytes
+     */
+    private String encodeHexString(byte[] byteArray, @SuppressWarnings("SameParameterValue") boolean beautify) {
+        StringBuilder sb = new StringBuilder();
+        for (byte b : byteArray) {
+            sb.append(hexLookup.computeIfAbsent(b, this::byteToHex));
+            if (beautify) {
+                sb.append(':');
+            }
         }
-        return hexStringBuffer.toString();
+        return sb.toString();
     }
 }
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
index 987a31b13..988faae39 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
@@ -2,6 +2,9 @@
 
 import org.checkerframework.checker.nullness.qual.NonNull;
 
+import java.nio.file.Path;
+import java.nio.file.Paths;
+
 /**
  * A Configuration class for the DefaultDapsDriver
  *
@@ -12,15 +15,17 @@ public class DefaultDapsDriverConfig {
     @NonNull
     private String dapsUrl = "https://daps.aisec.fraunhofer.de";
     @NonNull
-    private String keyStorePath = "";
+    private Path keyStorePath = Paths.get("DUMMY-FILENAME.p12");
     @NonNull
-    private String keyStorePassword = "password";
+    private char[] keyStorePassword = "password".toCharArray();
     @NonNull
     private String keyAlias = "1";
     @NonNull
-    private String trustStorePath = "";
+    private char[] keyPassword = "password".toCharArray();
+    @NonNull
+    private Path trustStorePath = Paths.get("DUMMY-FILENAME.p12");
     @NonNull
-    private String trustStorePassword = "password";
+    private char[] trustStorePassword = "password".toCharArray();
 
     public static class Builder {
         @NonNull
@@ -33,13 +38,13 @@ public Builder setDapsUrl(String dapsUrl) {
         }
 
         @NonNull
-        public Builder setKeyStorePath(String path) {
+        public Builder setKeyStorePath(Path path) {
             this.config.keyStorePath = path;
             return this;
         }
 
         @NonNull
-        public Builder setKeyStorePassword(String password) {
+        public Builder setKeyStorePassword(char[] password) {
             this.config.keyStorePassword = password;
             return this;
         }
@@ -51,13 +56,19 @@ public Builder setKeyAlias(String alias) {
         }
 
         @NonNull
-        public Builder setTrustStorePath(String path) {
+        public Builder setKeyPassword(char[] password) {
+            this.config.keyPassword = password;
+            return this;
+        }
+
+        @NonNull
+        public Builder setTrustStorePath(Path path) {
             this.config.trustStorePath = path;
             return this;
         }
 
         @NonNull
-        public Builder setTrustStorePassword(String password) {
+        public Builder setTrustStorePassword(char[] password) {
             this.config.trustStorePassword = password;
             return this;
         }
@@ -74,12 +85,12 @@ public String getDapsUrl() {
     }
 
     @NonNull
-    public String getKeyStorePath() {
+    public Path getKeyStorePath() {
         return keyStorePath;
     }
 
     @NonNull
-    public String getKeyStorePassword() {
+    public char[] getKeyStorePassword() {
         return keyStorePassword;
     }
 
@@ -89,12 +100,17 @@ public String getKeyAlias() {
     }
 
     @NonNull
-    public String getTrustStorePath() {
+    public char[] getKeyPassword() {
+        return keyPassword;
+    }
+
+    @NonNull
+    public Path getTrustStorePath() {
         return trustStorePath;
     }
 
     @NonNull
-    public String getTrustStorePassword() {
+    public char[] getTrustStorePassword() {
         return trustStorePassword;
     }
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
index 5f8d75409..3748f999c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
@@ -1,10 +1,13 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import javax.net.ssl.*;
 import java.io.IOException;
 import java.io.InputStream;
 import java.nio.file.Files;
-import java.nio.file.Paths;
+import java.nio.file.Path;
 import java.security.*;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
@@ -16,16 +19,27 @@
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 public class PreConfiguration {
-
-    public static KeyStore getKeyStoreInstanceByPath(String path) throws KeyStoreException {
-        if (path.endsWith(".jks")) {
-            return KeyStore.getInstance("JKS");
-        } else if (path.endsWith(".p12")) {
-            return KeyStore.getInstance("PKCS12");
+    private static final Logger LOG = LoggerFactory.getLogger(PreConfiguration.class);
+
+    public static KeyStore loadKeyStore(Path keyStorePath, char[] keyStorePassword)
+            throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
+        final KeyStore ks;
+        final var pathString = keyStorePath.toString();
+        if (pathString.endsWith(".jks")) {
+            ks = KeyStore.getInstance("JKS");
+        } else if (pathString.endsWith(".p12")) {
+            ks = KeyStore.getInstance("PKCS12");
         } else {
-            throw new KeyStoreException("Unknown file extension \"" + path.substring(path.lastIndexOf('.')) +
+            throw new KeyStoreException("Unknown file extension \"" + pathString.substring(pathString.lastIndexOf('.')) +
                     "\", " + "only JKS (.jks) and PKCS12 (.p12) are supported.");
         }
+        try (InputStream keyStoreInputStream = Files.newInputStream(keyStorePath)) {
+            if (LOG.isDebugEnabled()) {
+                LOG.debug("Loading key store: " + pathString);
+            }
+            ks.load(keyStoreInputStream, keyStorePassword);
+        }
+        return ks;
     }
 
     /*
@@ -35,16 +49,13 @@ public static KeyStore getKeyStoreInstanceByPath(String path) throws KeyStoreExc
      * throws RuntimeException of creating TrustManager fails
      */
     public static TrustManager[] getX509ExtTrustManager(
-            String trustStorePath,
-            String trustStorePassword
+            Path trustStorePath,
+            char[] trustStorePassword
     ) {
-        try (
-                InputStream trustStoreInputStream = Files.newInputStream(Paths.get(trustStorePath))
-        ) {
+        try {
             /* create TrustManager */
             final TrustManager[] myTrustManager;
-            final KeyStore trustStore = getKeyStoreInstanceByPath(trustStorePath);
-            trustStore.load(trustStoreInputStream, trustStorePassword.toCharArray());
+            final KeyStore trustStore = loadKeyStore(trustStorePath, trustStorePassword);
             final TrustManagerFactory trustManagerFactory =
                     TrustManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
 
@@ -71,22 +82,19 @@ public static TrustManager[] getX509ExtTrustManager(
      * throws RuntimeException of creating KeyManager fails
      */
     public static KeyManager[] getX509ExtKeyManager(
-            String keyPassword,
-            String keyStorePath,
-            String keyStorePassword,
+            char[] keyPassword,
+            Path keyStorePath,
+            char[] keyStorePassword,
             String certAlias,
             String keyType
     ) {
-        try (
-                InputStream keyStoreInputStream = Files.newInputStream(Paths.get(keyStorePath))
-        ) {
+        try {
             /* create KeyManager for remote authentication */
             final KeyManager[] myKeyManager;
-            KeyStore keystore = getKeyStoreInstanceByPath(keyStorePath);
-            keystore.load(keyStoreInputStream, keyStorePassword.toCharArray());
+            KeyStore keystore = loadKeyStore(keyStorePath, keyStorePassword);
             final KeyManagerFactory keyManagerFactory =
                     KeyManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
-            keyManagerFactory.init(keystore, keyPassword.toCharArray());
+            keyManagerFactory.init(keystore, keyPassword);
             myKeyManager = keyManagerFactory.getKeyManagers();
 
             /* set up keyManager config */
@@ -113,21 +121,16 @@ public static KeyManager[] getX509ExtKeyManager(
      * throws RuntimeException if key is not available or key access was not permitted
      */
     public static Key getKey(
-            String keyStorePath,
-            String keyStorePassword,
-            String keyAlias
+            Path keyStorePath,
+            char[] keyStorePassword,
+            String keyAlias,
+            char[] keyPassword
     ) {
-        try (
-                InputStream keyStoreInputStream = Files.newInputStream(Paths.get(keyStorePath))
-        ) {
-            /* create KeyManager for remote authentication */
-            KeyStore keystore = getKeyStoreInstanceByPath(keyStorePath);
-
-            //load keystore
-            keystore.load(keyStoreInputStream, keyStorePassword.toCharArray());
+        try {
+            KeyStore keyStore = loadKeyStore(keyStorePath, keyStorePassword);
 
             // get private key
-            Key key = keystore.getKey(keyAlias, keyStorePassword.toCharArray());
+            Key key = keyStore.getKey(keyAlias, keyPassword);
             if (key == null) {
                 throw new RuntimeException("No key was found in keystore for given alias");
             } else {
@@ -146,29 +149,22 @@ public static Key getKey(
      * throws RuntimeException if key is not available or key access was not permitted
      */
     public static X509Certificate getCertificate(
-        String keyStorePath,
-        String keyStorePassword,
+        Path keyStorePath,
+        char[] keyStorePassword,
         String keyAlias
     ) {
-        try (
-            InputStream keyStoreInputStream = Files.newInputStream(Paths.get(keyStorePath))
-        ) {
-            /* create KeyManager for remote authentication */
-            KeyStore keystore = getKeyStoreInstanceByPath(keyStorePath);
-
-            //load keystore
-            keystore.load(keyStoreInputStream, keyStorePassword.toCharArray());
+        try {
+            KeyStore keystore = loadKeyStore(keyStorePath, keyStorePassword);
 
             // get private key
             X509Certificate cert = (X509Certificate) keystore.getCertificate(keyAlias);
             // Probe key alias
-            keystore.getKey(keyAlias, keyStorePassword.toCharArray());
+            keystore.getKey(keyAlias, keyStorePassword);
             if (cert == null) {
                 throw new RuntimeException("No cert was found in keystore for given alias");
             } else {
                 return cert;
             }
-
         } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException
             | UnrecoverableKeyException e) {
             throw new RuntimeException(e);
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/DatException.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/DatException.java
new file mode 100644
index 000000000..9b5123649
--- /dev/null
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/DatException.java
@@ -0,0 +1,11 @@
+package de.fhg.aisec.ids.idscp2.error;
+
+public class DatException extends RuntimeException {
+    public DatException(String s) {
+        super(s);
+    }
+
+    public DatException(String s, Exception e) {
+        super(s, e);
+    }
+}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
index dafb8d77c..96416570f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
@@ -37,6 +37,7 @@ public void init(Idscp2Settings settings) {
                         .setKeyStorePassword(settings.getKeyStorePassword())
                         .setTrustStorePassword(settings.getTrustStorePassword())
                         .setKeyAlias(settings.getDapsKeyAlias())
+                        .setKeyPassword(settings.getKeyPassword())
                         .setDapsUrl("https://daps.aisec.fraunhofer.de")
                         .build();
 
@@ -80,8 +81,8 @@ public void onClose(Idscp2Connection connection) {
                 CompletableFuture.runAsync(c::close);  // FSM error if run from the same thread
             });
             connection.unlockMessaging();
-            System.out.println("Sending PING...");
             connection.send("ping", "PING".getBytes(StandardCharsets.UTF_8));
+            System.out.println("Sent PING...");
         }).exceptionally(t -> {
             LOG.error("Client endpoint error occurred", t);
             return null;
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
index 52795c060..d2c057b29 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
@@ -37,6 +37,7 @@ public void init(Idscp2Settings settings) {
                         .setKeyStorePassword(settings.getKeyStorePassword())
                         .setTrustStorePassword(settings.getTrustStorePassword())
                         .setKeyAlias(settings.getDapsKeyAlias())
+                        .setKeyPassword(settings.getKeyPassword())
                         .setDapsUrl("https://daps.aisec.fraunhofer.de")
                         .build();
 
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
index 8d2371672..4bb00e499 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
@@ -2,6 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 
+import java.nio.file.Paths;
 import java.util.Objects;
 
 public class RunTLSClient {
@@ -9,10 +10,10 @@ public class RunTLSClient {
     public static void main(String[] args) {
 
         Idscp2Settings settings = new Idscp2Settings.Builder()
-                .setKeyStorePath(Objects.requireNonNull(RunTLSClient.class.getClassLoader().
-                        getResource("ssl/aisecconnector1-keystore.p12")).getPath())
-                .setTrustStorePath(Objects.requireNonNull(RunTLSClient.class.getClassLoader().
-                        getResource("ssl/client-truststore_new.p12")).getPath())
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient.class.getClassLoader().
+                        getResource("ssl/aisecconnector1-keystore.p12")).getPath()))
+                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient.class.getClassLoader().
+                        getResource("ssl/client-truststore_new.p12")).getPath()))
                 .setCertificateAlias("1.0.1")
                 .setDapsKeyAlias("1")
                 .setRatTimeoutDelay(300)
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
index fc60003ba..1d53931d1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
@@ -2,6 +2,7 @@
 
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
 
+import java.nio.file.Paths;
 import java.util.Objects;
 
 public class RunTLSServer {
@@ -9,10 +10,10 @@ public class RunTLSServer {
     public static void main(String[] argv) {
 
         Idscp2Settings settings = new Idscp2Settings.Builder()
-                .setKeyStorePath(Objects.requireNonNull(RunTLSServer.class.getClassLoader().
-                        getResource("ssl/aisecconnector1-keystore.p12")).getPath())
-                .setTrustStorePath(Objects.requireNonNull(RunTLSServer.class.getClassLoader().
-                        getResource("ssl/client-truststore_new.p12")).getPath())
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer.class.getClassLoader().
+                        getResource("ssl/aisecconnector1-keystore.p12")).getPath()))
+                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer.class.getClassLoader().
+                        getResource("ssl/client-truststore_new.p12")).getPath()))
                 .setCertificateAlias("1.0.1")
                 .setDapsKeyAlias("1")
                 .setRatTimeoutDelay(300)
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
index 974e5b074..99f4516d1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
@@ -2,6 +2,8 @@
 
 import org.checkerframework.checker.nullness.qual.NonNull;
 
+import java.nio.file.Path;
+import java.util.Arrays;
 import java.util.Objects;
 
 /**
@@ -16,11 +18,11 @@ public class Idscp2Settings {
 
     private int serverPort = DEFAULT_SERVER_PORT;
     private String host = "localhost";
-    private String trustStorePath = null;
-    private String trustStorePassword = "password";
-    private String keyPassword = "password";
-    private String keyStorePath = null;
-    private String keyStorePassword = "password";
+    private Path trustStorePath = null;
+    private char[] trustStorePassword = "password".toCharArray();
+    private char[] keyPassword = "password".toCharArray();
+    private Path keyStorePath = null;
+    private char[] keyStorePassword = "password".toCharArray();
     private String certificateAlias = "1.0.1";
     private String dapsKeyAlias = "1";
     private String keyStoreKeyType = "RSA";
@@ -45,31 +47,31 @@ public Builder setServerPort(int serverPort) {
             return this;
         }
 
-        public Builder setKeyPassword(String pwd) {
+        public Builder setKeyPassword(char[] pwd) {
             this.settings.keyPassword = pwd;
             return this;
         }
 
         @NonNull
-        public Builder setTrustStorePath(String path) {
+        public Builder setTrustStorePath(Path path) {
             this.settings.trustStorePath = path;
             return this;
         }
 
         @NonNull
-        public Builder setKeyStorePath(String path) {
+        public Builder setKeyStorePath(Path path) {
             this.settings.keyStorePath = path;
             return this;
         }
 
         @NonNull
-        public Builder setTrustStorePassword(String pwd) {
+        public Builder setTrustStorePassword(char[] pwd) {
             this.settings.trustStorePassword = pwd;
             return this;
         }
 
         @NonNull
-        public Builder setKeyStorePassword(String pwd) {
+        public Builder setKeyStorePassword(char[] pwd) {
             this.settings.keyStorePassword = pwd;
             return this;
         }
@@ -124,23 +126,23 @@ public String getHost() {
         return host;
     }
 
-    public String getTrustStorePath() {
+    public Path getTrustStorePath() {
         return trustStorePath;
     }
 
-    public String getTrustStorePassword() {
+    public char[] getTrustStorePassword() {
         return trustStorePassword;
     }
 
-    public String getKeyPassword() {
+    public char[] getKeyPassword() {
         return keyPassword;
     }
 
-    public String getKeyStorePath() {
+    public Path getKeyStorePath() {
         return keyStorePath;
     }
 
-    public String getKeyStorePassword() {
+    public char[] getKeyStorePassword() {
         return keyStorePassword;
     }
 
@@ -177,9 +179,9 @@ public boolean equals(Object o) {
                 ratTimeoutDelay == that.ratTimeoutDelay &&
                 Objects.equals(host, that.host) &&
                 Objects.equals(trustStorePath, that.trustStorePath) &&
-                Objects.equals(trustStorePassword, that.trustStorePassword) &&
+                Arrays.equals(trustStorePassword, that.trustStorePassword) &&
                 Objects.equals(keyStorePath, that.keyStorePath) &&
-                Objects.equals(keyStorePassword, that.keyStorePassword) &&
+                Arrays.equals(keyStorePassword, that.keyStorePassword) &&
                 Objects.equals(certificateAlias, that.certificateAlias) &&
                 Objects.equals(dapsKeyAlias, that.dapsKeyAlias) &&
                 Objects.equals(keyStoreKeyType, that.keyStoreKeyType) &&
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index fabc4eae3..a0e8b0616 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -5,202 +5,212 @@
 import org.junit.Ignore;
 import org.junit.Test;
 
+import java.nio.file.Paths;
+
 import static org.junit.Assert.*;
 
 @Ignore("Some test rely on external server resources and are somewhat unreliable right now.")
 public class DapsDriverTest {
 
-  @Test
-  public void testValidToken() {
-    DefaultDapsDriverConfig config =
-        new DefaultDapsDriverConfig.Builder()
-            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.p12").getPath())
-            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.p12").getPath())
-            .setKeyStorePassword("password")
-            .setTrustStorePassword("password")
-            .setKeyAlias("1")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de")
-            .build();
-
-    DapsDriver dapsDriver = new DefaultDapsDriver(config);
-    String token = new String(dapsDriver.getToken());
-    assertNotEquals(token, "INVALID_TOKEN");
-
-    SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
-        .build();
-
-    SecurityRequirements requirements2 = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:BASE_CONNECTOR_SECURITY_PROFILE")
-        .build();
-
-    assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) >= 0);
-    assertFalse(dapsDriver.verifyToken(token.getBytes(), requirements2) >= 0);
-  }
-  /****
-  @Test
-  public void testInvalidClient() {
-    DefaultDapsDriverConfig config =
-        new DefaultDapsDriverConfig.Builder()
-            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.p12").getPath())
-            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.p12").getPath())
-            .setKeyStorePassword("password")
-            .setTrustStorePassword("password")
-            .setKeyAlias("1")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de")
-            .build();
-
-    DapsDriver dapsDriver = new DefaultDapsDriver(config);
-    String token = new String(dapsDriver.getToken());
-    assertEquals(token, "INVALID_TOKEN");
-  }
-   **/
-
-  @Test
-  public void testInvalidUrlNonSecure() {
-    DefaultDapsDriverConfig config =
-        new DefaultDapsDriverConfig.Builder()
-            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.p12").getPath())
-            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.p12").getPath())
-            .setKeyStorePassword("password")
-            .setTrustStorePassword("password")
-            .setKeyAlias("1")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de")
-            .build();
-
-    DapsDriver dapsDriver = new DefaultDapsDriver(config);
-    String token = new String(dapsDriver.getToken());
-    assertEquals(token, "INVALID_TOKEN");
-  }
-
-  @Test
-  public void testInvalidUrl404() {
-    DefaultDapsDriverConfig config =
-        new DefaultDapsDriverConfig.Builder()
-            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.p12").getPath())
-            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.p12").getPath())
-            .setKeyStorePassword("password")
-            .setTrustStorePassword("password")
-            .setKeyAlias("1")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de")
-            .build();
-
-    DapsDriver dapsDriver = new DefaultDapsDriver(config);
-    String token = new String(dapsDriver.getToken());
-    assertEquals(token, "INVALID_TOKEN");
-  }
-
-  @Test (expected = RuntimeException.class)
-  public void testInvalidPassword1() {
-    DefaultDapsDriverConfig config =
-        new DefaultDapsDriverConfig.Builder()
-            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.p12").getPath())
-            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.p12").getPath())
-            .setKeyStorePassword("INVALID_PASSWORD")
-            .setTrustStorePassword("password")
-            .setKeyAlias("1")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de")
-            .build();
-
-    new DefaultDapsDriver(config);
-  }
-
-  @Test (expected = RuntimeException.class)
-  public void testInvalidPassword2() {
-    DefaultDapsDriverConfig config =
-        new DefaultDapsDriverConfig.Builder()
-            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.p12").getPath())
-            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.p12").getPath())
-            .setKeyStorePassword("password")
-            .setTrustStorePassword("INVALID_PASSWORD")
-            .setKeyAlias("1")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de")
-            .build();
-
-    new DefaultDapsDriver(config);
-  }
-
-  @Test (expected = RuntimeException.class)
-  public void testInvalidKeyAlias() {
-    DefaultDapsDriverConfig config =
-        new DefaultDapsDriverConfig.Builder()
-            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.p12").getPath())
-            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.p12").getPath())
-            .setKeyStorePassword("password")
-            .setTrustStorePassword("password")
-            .setKeyAlias("INVALID_ALIAS")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de")
-            .build();
-
-    new DefaultDapsDriver(config);
-  }
-
-  @Test
-  public void testInvalidAuditLogging() {
-    DefaultDapsDriverConfig config =
-        new DefaultDapsDriverConfig.Builder()
-            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.p12").getPath())
-            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.p12").getPath())
-            .setKeyStorePassword("password")
-            .setTrustStorePassword("password")
-            .setKeyAlias("1")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de")
-            .build();
-
-    DapsDriver dapsDriver = new DefaultDapsDriver(config);
-    String token = new String(dapsDriver.getToken());
-    assertNotEquals(token, "INVALID_TOKEN");
-
-    SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")
-        .build();
-
-    assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) < 0);
-  }
-
-  public static void main(String[] args) {
-    //get token
-    DefaultDapsDriverConfig config =
-        new DefaultDapsDriverConfig.Builder()
-            .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/aisecconnector1-keystore.p12").getPath())
-            .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-                getResource("ssl/client-truststore_new.p12").getPath())
-            .setKeyStorePassword("password")
-            .setTrustStorePassword("password")
-            .setKeyAlias("1")
-            .setDapsUrl("https://daps.aisec.fraunhofer.de")
-            .build();
-
-    DapsDriver dapsDriver = new DefaultDapsDriver(config);
-    String token = new String(dapsDriver.getToken());
-    System.out.println(token);
-
-    SecurityRequirements requirements = new SecurityRequirements.Builder()
-        .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
-        .build();
-
-    long ret;
-    if (0 > (ret = dapsDriver.verifyToken(token.getBytes(), requirements))) {
-      System.out.println("failed");
-    } else {
-      System.out.println("success: " + ret);
+    @Test
+    public void testValidToken() {
+        DefaultDapsDriverConfig config =
+                new DefaultDapsDriverConfig.Builder()
+                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
+                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/client-truststore_new.p12").getPath()))
+                        .setKeyStorePassword("password".toCharArray())
+                        .setTrustStorePassword("password".toCharArray())
+                        .setKeyAlias("1")
+                        .setKeyPassword("password".toCharArray())
+                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .build();
+
+        DapsDriver dapsDriver = new DefaultDapsDriver(config);
+        String token = new String(dapsDriver.getToken());
+        assertNotEquals(token, "INVALID_TOKEN");
+
+        SecurityRequirements requirements = new SecurityRequirements.Builder()
+                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
+                .build();
+
+        SecurityRequirements requirements2 = new SecurityRequirements.Builder()
+                .setRequiredSecurityLevel("idsc:BASE_CONNECTOR_SECURITY_PROFILE")
+                .build();
+
+        assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) >= 0);
+        assertFalse(dapsDriver.verifyToken(token.getBytes(), requirements2) >= 0);
+    }
+
+    /****
+     @Test public void testInvalidClient() {
+     DefaultDapsDriverConfig config =
+     new DefaultDapsDriverConfig.Builder()
+     .setKeyStorePath(DapsDriverTest.class.getClassLoader().
+     getResource("ssl/aisecconnector1-keystore.p12").getPath())
+     .setTrustStorePath(DapsDriverTest.class.getClassLoader().
+     getResource("ssl/client-truststore_new.p12").getPath())
+     .setKeyStorePassword("password")
+     .setTrustStorePassword("password")
+     .setKeyAlias("1")
+     .setDapsUrl("https://daps.aisec.fraunhofer.de")
+     .build();
+
+     DapsDriver dapsDriver = new DefaultDapsDriver(config);
+     String token = new String(dapsDriver.getToken());
+     assertEquals(token, "INVALID_TOKEN");
+     }
+     **/
+
+    @Test
+    public void testInvalidUrlNonSecure() {
+        DefaultDapsDriverConfig config =
+                new DefaultDapsDriverConfig.Builder()
+                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
+                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/client-truststore_new.p12").getPath()))
+                        .setKeyStorePassword("password".toCharArray())
+                        .setTrustStorePassword("password".toCharArray())
+                        .setKeyAlias("1")
+                        .setKeyPassword("password".toCharArray())
+                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .build();
+
+        DapsDriver dapsDriver = new DefaultDapsDriver(config);
+        String token = new String(dapsDriver.getToken());
+        assertEquals(token, "INVALID_TOKEN");
+    }
+
+    @Test
+    public void testInvalidUrl404() {
+        DefaultDapsDriverConfig config =
+                new DefaultDapsDriverConfig.Builder()
+                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
+                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/client-truststore_new.p12").getPath()))
+                        .setKeyStorePassword("password".toCharArray())
+                        .setTrustStorePassword("password".toCharArray())
+                        .setKeyAlias("1")
+                        .setKeyPassword("password".toCharArray())
+                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .build();
+
+        DapsDriver dapsDriver = new DefaultDapsDriver(config);
+        String token = new String(dapsDriver.getToken());
+        assertEquals(token, "INVALID_TOKEN");
+    }
+
+    @Test(expected = RuntimeException.class)
+    public void testInvalidPassword1() {
+        DefaultDapsDriverConfig config =
+                new DefaultDapsDriverConfig.Builder()
+                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
+                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/client-truststore_new.p12").getPath()))
+                        .setKeyStorePassword("INVALID_PASSWORD".toCharArray())
+                        .setTrustStorePassword("password".toCharArray())
+                        .setKeyAlias("1")
+                        .setKeyPassword("password".toCharArray())
+                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .build();
+
+        new DefaultDapsDriver(config);
+    }
+
+    @Test(expected = RuntimeException.class)
+    public void testInvalidPassword2() {
+        DefaultDapsDriverConfig config =
+                new DefaultDapsDriverConfig.Builder()
+                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
+                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/client-truststore_new.p12").getPath()))
+                        .setKeyStorePassword("password".toCharArray())
+                        .setTrustStorePassword("INVALID_PASSWORD".toCharArray())
+                        .setKeyAlias("1")
+                        .setKeyPassword("password".toCharArray())
+                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .build();
+
+        new DefaultDapsDriver(config);
+    }
+
+    @Test(expected = RuntimeException.class)
+    public void testInvalidKeyAlias() {
+        DefaultDapsDriverConfig config =
+                new DefaultDapsDriverConfig.Builder()
+                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
+                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/client-truststore_new.p12").getPath()))
+                        .setKeyStorePassword("password".toCharArray())
+                        .setTrustStorePassword("password".toCharArray())
+                        .setKeyAlias("INVALID_ALIAS")
+                        .setKeyPassword("password".toCharArray())
+                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .build();
+
+        new DefaultDapsDriver(config);
+    }
+
+    @Test
+    public void testInvalidAuditLogging() {
+        DefaultDapsDriverConfig config =
+                new DefaultDapsDriverConfig.Builder()
+                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
+                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/client-truststore_new.p12").getPath()))
+                        .setKeyStorePassword("password".toCharArray())
+                        .setTrustStorePassword("password".toCharArray())
+                        .setKeyAlias("1")
+                        .setKeyPassword("password".toCharArray())
+                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .build();
+
+        DapsDriver dapsDriver = new DefaultDapsDriver(config);
+        String token = new String(dapsDriver.getToken());
+        assertNotEquals(token, "INVALID_TOKEN");
+
+        SecurityRequirements requirements = new SecurityRequirements.Builder()
+                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")
+                .build();
+
+        assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) < 0);
+    }
+
+    public static void main(String[] args) {
+        //get token
+        DefaultDapsDriverConfig config =
+                new DefaultDapsDriverConfig.Builder()
+                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
+                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
+                                getResource("ssl/client-truststore_new.p12").getPath()))
+                        .setKeyStorePassword("password".toCharArray())
+                        .setTrustStorePassword("password".toCharArray())
+                        .setKeyAlias("1")
+                        .setKeyPassword("password".toCharArray())
+                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .build();
+
+        DapsDriver dapsDriver = new DefaultDapsDriver(config);
+        String token = new String(dapsDriver.getToken());
+        System.out.println(token);
+
+        SecurityRequirements requirements = new SecurityRequirements.Builder()
+                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
+                .build();
+
+        long ret;
+        if (0 > (ret = dapsDriver.verifyToken(token.getBytes(), requirements))) {
+            System.out.println("failed");
+        } else {
+            System.out.println("success: " + ret);
+        }
     }
-  }
 }

From 84c1a37b9af343e5fb3402a6f0bc16f6222aa4d0 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 2 Sep 2020 18:51:50 +0200
Subject: [PATCH 139/237] Fixed IDSCP2 message sending bug

---
 .../secure_channel/client/TLSClient.java                    | 1 +
 .../fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java   | 4 +++-
 .../ids/idscp2/idscp_core/finite_state_machine/FSM.java     | 6 +++++-
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
index 997b5f6ba..0f48af800 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
@@ -199,6 +199,7 @@ public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent)
             LOG.debug("TLS session is valid");
             // Create secure channel, register secure channel as message listener and notify IDSCP2 Configuration.
             SecureChannel secureChannel = new SecureChannel(this);
+            // Try to complete, won't do anything if promise has been cancelled
             this.listenerPromise.complete(secureChannel);
             final var connection = new Idscp2Connection(secureChannel, clientSettings, dapsDriver);
             inputListenerThread.start();
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
index 0593f822c..e11eec34c 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
@@ -28,7 +28,9 @@ public class Idscp2Connection {
     private final Map<String, Set<Idscp2MessageListener>> messageListeners = new HashMap<>();
     private final FastLatch messageLatch = new FastLatch();
 
-    public Idscp2Connection(SecureChannel secureChannel, Idscp2Settings settings, DapsDriver dapsDriver) {
+    public Idscp2Connection(SecureChannel secureChannel,
+                            Idscp2Settings settings,
+                            DapsDriver dapsDriver) {
         this.connectionId = UUID.randomUUID().toString();
         fsm = new FSM(
                 this,
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
index 7a1e2a14e..8a287983a 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
@@ -5,6 +5,7 @@
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
+import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
@@ -87,6 +88,7 @@ enum FSM_STATE {
      */
     private final Condition idscpHandshakeLock = fsmIsBusy.newCondition();
     private boolean handshakeResultAvailable = false;
+    private final FastLatch idscpHandshakeCompletedLatch = new FastLatch();
 
     /*
      * Check if FSM is closed forever
@@ -445,7 +447,8 @@ public void onClose() {
      * Send idscp message from the User via the secure channel
      */
     public void send(String type, byte[] msg) {
-        //send messages from user only when idscp connection is established
+        // Send messages from user only when idscp connection is established
+        idscpHandshakeCompletedLatch.await();
         fsmIsBusy.lock();
         try {
             if (isConnected()) {
@@ -477,6 +480,7 @@ void notifyHandshakeCompleteLock() {
         try {
             handshakeResultAvailable = true;
             idscpHandshakeLock.signal();
+            idscpHandshakeCompletedLatch.unlock();
         } finally {
             fsmIsBusy.unlock();
         }

From 7cbc94bacfc60d96997badb7cb0130b13e94915f Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 8 Sep 2020 20:20:14 +0200
Subject: [PATCH 140/237] Fixed default infomodel serialization

---
 .../aisec/ids/webconsole/api/SettingsApi.java |  11 ++++++-----
 .../src/main/resources/etc/settings.mapdb     | Bin 2097152 -> 2097152 bytes
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/SettingsApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/SettingsApi.java
index f8b63ed53..605c31042 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/SettingsApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/SettingsApi.java
@@ -23,16 +23,17 @@
 import de.fhg.aisec.ids.api.infomodel.InfoModel;
 import de.fhg.aisec.ids.webconsole.WebConsoleComponent;
 import de.fraunhofer.iais.eis.Connector;
-import de.fraunhofer.iais.eis.util.PlainLiteral;
+import de.fraunhofer.iais.eis.util.TypedLiteral;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.Authorization;
-import java.util.stream.Collectors;
-import javax.ws.rs.*;
-import javax.ws.rs.core.MediaType;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import javax.ws.rs.*;
+import javax.ws.rs.core.MediaType;
+import java.util.stream.Collectors;
+
 /**
  * REST API interface for Connector settings in the connector.
  *
@@ -87,7 +88,7 @@ public ConnectorProfile getConnectorProfile() {
           c.getSecurityProfile(),
           c.getId(),
           c.getMaintainer(),
-          c.getDescription().stream().map(PlainLiteral.class::cast).collect(Collectors.toList()));
+          c.getDescription().stream().map(TypedLiteral.class::cast).collect(Collectors.toList()));
     }
   }
 
diff --git a/karaf-assembly/src/main/resources/etc/settings.mapdb b/karaf-assembly/src/main/resources/etc/settings.mapdb
index 5899ed5b5ea39ee9098a77647ca88e868574b39f..dae8b18ff5a441150281270e9f64152dfcab9745 100644
GIT binary patch
delta 1495
zcmbu9O-$Qn7{?v57HB)lG}xq7mA1onOmCAmsk=-}LYg$h$6?c?7SS-6+E7B6*kRZq
zOhZ+-6|reMww*NXFd3V~K^(~k#K9!Nv6H}sn%D_W;t%|hkX*JmDIe=#r&;>>{d(TN
z|IhQjGJ+r$1n{WyTHxkQsQ$EHk2G4y@@k`fb7OvC-2Hm11$w2v+VLyi^IlW)<$AyK
zGw*Fn>YIgOWTLsVK5_l&!ZYNp=1gNzUubcUv^Syk!5c~Fd4R_=?*4AvZ2>d^tbmsQ
z7XTLl&43m_E8r5~GT;i}WkB2Vxclm}Y2tSK2OZWH=)o^fI@+;IkAXY{SzD~zz~#@@
zxmI>L*w)@@g^PGRl=sF8TRJI~_W2;`-(*-K&al3CD7zF3RzyywRkEOnOp0C;!Ygb#
z!^h}w5ogjWErf~iwzm`$B*V`X>77K91Ue~S_Ed-1ENm{tA{a_ys_s)2aYa*jW;3jl
z`Yy2oi@SaSBWW`kuSRRRQZbTa^c9tjE(a5<hHoz&tsMvzDztvERx@yK!OQAWSS7Gf
zz@)k5idc+n<(HXCVJ#YGGQ?pG&q{|>Dn;VCT2;vhu;6-j+sgzZ_#vgIgb*#)5&??C
zBNg^Q3r5Q|cq1(B@JgAYiY8C21TdK_OKjQPXF^mcS<!;Jn89{gsSrO5W5ynysMJzI
zx=4BxS|C6u`QVN>X<}w3NyYt<tdAlNSdER5ny6-q{=+@mmx)EBM0J<krpi?{x3MFZ
z{pGD_3it9!e?$@CQp_hCOH!2E3DIdhOegTwv>b{DHEeAgFGMhck5Yx@&HeQlyO9p?
zMj)c`)uqtZQbj276k8$umB!J67lthI0-D>;qnxM<Sybe8lv71ilyi!t@Ina<DzYqO
z4Mj_6N=_^Z5CqTuls%pd%Z6xFW1J-D&<_Q!%%P?smQYI6jfW>etX6^^HWp>UKv|mn
zUgAXA00`QdwI6{EQv;&M-}}98P~%K_U&#p?Dsr%>qXHoLV&Eb&i~Q!s+<*K#{wTa*
zjH#*uPl<-0aU}?vohxy2-sJKE^r+#lK17p-Cd&B-s-~!dW{4oOh11MdH4Wyf_55ZH
zpmlcNw`Hzmo-@Dbo<(3mc3WmFp1FBOGj&7YAD>j$jm^AJBFM5h^QQz|m~dW&VfZiT
z%9n#*4cZ)bmu&#<?Vh^tg5Dl+x$aNAf8)l`n8RToa*a7{gQFAnA=|KXaMCd{Hf(p=
z?%1bh{!{0<%(Y{g^EP`h&zbUz@VVu;SQb5X!_!BG-??M|r;|}2Z?gmX>_d~zQP<Z!
z&avUqyY{K0@U}*NcLyC`*t#5(_v#70*55nO*MF<8>%)QG?*312_4I!7QTNAP(7TXl
l{^V}$f@7**%O}Y3l|F4P$K9vX7hTN%{5>kuUc~+R(BD*DvWfrz

delta 245
zcmW;FJqp4=5QgDw{7K?ZvO<EOg?b9H@eE>PCxRe?rL|#)6sZOhwvhB*K!SJxOR=&Q
z^eBFtg@+k-;a#PaP>@B#%V=wvBcoL{En!!4{LD2`-xHQ^Uc=(LnAv4vzfSpD>YX||
z(%f51{ZkVsGrRxLF6|Sdlt_RLHK;=an&5y79<-nh9q598Ckno?&Zu|W$a#qWi}N&+
ngM=w%BpFFYl96O28A(Qxkz^zpNk)>9WF#3$rr;fy8GR0aKvh)r


From c427296743155171962f01e4659d8251a15d177d Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 15 Sep 2020 10:21:21 +0200
Subject: [PATCH 141/237] Bumped kotlin version

---
 libraryVersions.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index fb3ecf2ae..566e781b8 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -36,7 +36,7 @@ felixFramework: "5.6.10"
 ahc: "2.4.9"
 checkerQual: "2.5.2"
 guava: "27.0-jre"
-kotlin: "1.3.71"
+kotlin: "1.4.10"
 tuprolog: "3.3.0"
 slf4j: "1.7.30"
 junit4: "4.12"

From 62e79750bb28fdbcd1a30b18f8386460dc227795 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 15 Sep 2020 10:22:31 +0200
Subject: [PATCH 142/237] Fixed swtpm version

---
 examples/tpmsim/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/tpmsim/Dockerfile b/examples/tpmsim/Dockerfile
index e484e35c5..177787e89 100644
--- a/examples/tpmsim/Dockerfile
+++ b/examples/tpmsim/Dockerfile
@@ -17,7 +17,7 @@ RUN apt-get update -qq && apt-get install -qq gawk libseccomp-dev \
   # Removed selinux-policy-dev because of build error
   net-tools python3 python3-twisted trousers tpm-tools gnutls-bin gnutls-dev \
   libtasn1-6 libtasn1-6-dev build-essential devscripts equivs socat
-RUN git clone https://github.com/stefanberger/swtpm.git && cd swtpm && \
+RUN git clone https://github.com/stefanberger/swtpm.git && cd swtpm && git checkout stable-0.3.0 && \
   ./autogen.sh && make -j4 && checkinstall --fstrans=no --pkgname=swtpm -y && cp swtpm*.deb ${BUILD_DIR}
 
 # tpm2d dependencies

From f1d7c1a7ed3085ff507b583b9a3d475c81f24989 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 21 Sep 2020 09:32:04 +0200
Subject: [PATCH 143/237] Updated webconsole js dependencies

---
 .../src/main/resources/www/yarn.lock          | 410 ++++++++++--------
 1 file changed, 228 insertions(+), 182 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index ad9bcda89..8e5fd0701 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -248,18 +248,18 @@
     source-map "^0.5.0"
 
 "@babel/core@^7.7.5":
-  version "7.11.1"
-  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.11.1.tgz#2c55b604e73a40dc21b0e52650b11c65cf276643"
-  integrity sha512-XqF7F6FWQdKGGWAzGELL+aCO1p+lRY5Tj5/tbT3St1G8NaH70jhhDIKknIZaDans0OQBG5wRAldROLHSt44BgQ==
+  version "7.11.6"
+  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.11.6.tgz#3a9455dc7387ff1bac45770650bc13ba04a15651"
+  integrity sha512-Wpcv03AGnmkgm6uS6k8iwhIwTrcP0m17TL1n1sy7qD0qelDu4XNeW0dN0mHfa+Gei211yDaLoEe/VlbXQzM4Bg==
   dependencies:
     "@babel/code-frame" "^7.10.4"
-    "@babel/generator" "^7.11.0"
+    "@babel/generator" "^7.11.6"
     "@babel/helper-module-transforms" "^7.11.0"
     "@babel/helpers" "^7.10.4"
-    "@babel/parser" "^7.11.1"
+    "@babel/parser" "^7.11.5"
     "@babel/template" "^7.10.4"
-    "@babel/traverse" "^7.11.0"
-    "@babel/types" "^7.11.0"
+    "@babel/traverse" "^7.11.5"
+    "@babel/types" "^7.11.5"
     convert-source-map "^1.7.0"
     debug "^4.1.0"
     gensync "^1.0.0-beta.1"
@@ -279,12 +279,12 @@
     lodash "^4.17.13"
     source-map "^0.5.0"
 
-"@babel/generator@^7.11.0", "@babel/generator@^7.9.0":
-  version "7.11.0"
-  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.11.0.tgz#4b90c78d8c12825024568cbe83ee6c9af193585c"
-  integrity sha512-fEm3Uzw7Mc9Xi//qU20cBKatTfs2aOtKqmvy/Vm7RkJEGFQ4xc9myCfbXxqK//ZS8MR/ciOHw6meGASJuKmDfQ==
+"@babel/generator@^7.11.5", "@babel/generator@^7.11.6", "@babel/generator@^7.9.0":
+  version "7.11.6"
+  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.11.6.tgz#b868900f81b163b4d464ea24545c61cbac4dc620"
+  integrity sha512-DWtQ1PV3r+cLbySoHrwn9RWEgKMBLLma4OBQloPRyDYvc5msJM9kvTLo1YnlJd1P/ZuKbdli3ijr5q3FvAF3uA==
   dependencies:
-    "@babel/types" "^7.11.0"
+    "@babel/types" "^7.11.5"
     jsesc "^2.5.1"
     source-map "^0.5.0"
 
@@ -333,11 +333,10 @@
     lodash "^4.17.19"
 
 "@babel/helper-explode-assignable-expression@^7.10.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-explode-assignable-expression/-/helper-explode-assignable-expression-7.10.4.tgz#40a1cd917bff1288f699a94a75b37a1a2dbd8c7c"
-  integrity sha512-4K71RyRQNPRrR85sr5QY4X3VwG4wtVoXZB9+L3r1Gp38DhELyHCtovqydRi7c1Ovb17eRGiQ/FD5s8JdU0Uy5A==
+  version "7.11.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-explode-assignable-expression/-/helper-explode-assignable-expression-7.11.4.tgz#2d8e3470252cc17aba917ede7803d4a7a276a41b"
+  integrity sha512-ux9hm3zR4WV1Y3xXxXkdG/0gxF9nvI0YVmKVhvK9AfMoaQkemL3sJpXw+Xbz65azo8qJiEz2XVDUpK3KYhH3ZQ==
   dependencies:
-    "@babel/traverse" "^7.10.4"
     "@babel/types" "^7.10.4"
 
 "@babel/helper-function-name@^7.10.4":
@@ -410,14 +409,13 @@
     lodash "^4.17.19"
 
 "@babel/helper-remap-async-to-generator@^7.10.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-remap-async-to-generator/-/helper-remap-async-to-generator-7.10.4.tgz#fce8bea4e9690bbe923056ded21e54b4e8b68ed5"
-  integrity sha512-86Lsr6NNw3qTNl+TBcF1oRZMaVzJtbWTyTko+CQL/tvNvcGYEFKbLXDPxtW0HKk3McNOk4KzY55itGWCAGK5tg==
+  version "7.11.4"
+  resolved "https://registry.yarnpkg.com/@babel/helper-remap-async-to-generator/-/helper-remap-async-to-generator-7.11.4.tgz#4474ea9f7438f18575e30b0cac784045b402a12d"
+  integrity sha512-tR5vJ/vBa9wFy3m5LLv2faapJLnDFxNWff2SAYkSE4rLUdbp7CdObYFgI7wK4T/Mj4UzpjPwzR8Pzmr5m7MHGA==
   dependencies:
     "@babel/helper-annotate-as-pure" "^7.10.4"
     "@babel/helper-wrap-function" "^7.10.4"
     "@babel/template" "^7.10.4"
-    "@babel/traverse" "^7.10.4"
     "@babel/types" "^7.10.4"
 
 "@babel/helper-replace-supers@^7.10.4":
@@ -485,10 +483,10 @@
     chalk "^2.0.0"
     js-tokens "^4.0.0"
 
-"@babel/parser@^7.10.4", "@babel/parser@^7.11.0", "@babel/parser@^7.11.1", "@babel/parser@^7.8.6", "@babel/parser@^7.9.0":
-  version "7.11.3"
-  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.11.3.tgz#9e1eae46738bcd08e23e867bab43e7b95299a8f9"
-  integrity sha512-REo8xv7+sDxkKvoxEywIdsNFiZLybwdI7hcT5uEPyQrSMB4YQ973BfC9OOrD/81MaIjh6UxdulIQXkjmiH3PcA==
+"@babel/parser@^7.10.4", "@babel/parser@^7.11.5", "@babel/parser@^7.8.6", "@babel/parser@^7.9.0":
+  version "7.11.5"
+  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.11.5.tgz#c7ff6303df71080ec7a4f5b8c003c58f1cf51037"
+  integrity sha512-X9rD8qqm695vgmeaQ4fvz/o3+Wk4ZzQvSHkDBgpYKxpD4qTAUm88ZKtHkVqIOsYFFbIQ6wQYhC6q7pjqVK0E0Q==
 
 "@babel/plugin-proposal-async-generator-functions@^7.8.3":
   version "7.10.5"
@@ -939,9 +937,9 @@
     semver "^5.5.0"
 
 "@babel/preset-modules@^0.1.3":
-  version "0.1.3"
-  resolved "https://registry.yarnpkg.com/@babel/preset-modules/-/preset-modules-0.1.3.tgz#13242b53b5ef8c883c3cf7dddd55b36ce80fbc72"
-  integrity sha512-Ra3JXOHBq2xd56xSF7lMKXdjBn3T772Y1Wet3yWnkDly9zHvJki029tAFzvAAK5cf4YV3yoxuP61crYRol6SVg==
+  version "0.1.4"
+  resolved "https://registry.yarnpkg.com/@babel/preset-modules/-/preset-modules-0.1.4.tgz#362f2b68c662842970fdb5e254ffc8fc1c2e415e"
+  integrity sha512-J36NhwnfdzpmH41M1DrnkkgAqhZaqr/NBdPfQ677mLzlaXo+oDiv1deyCDtgAhz8p328otdob0Du7+xgHGZbKg==
   dependencies:
     "@babel/helper-plugin-utils" "^7.0.0"
     "@babel/plugin-proposal-unicode-property-regex" "^7.4.4"
@@ -974,25 +972,25 @@
     "@babel/parser" "^7.10.4"
     "@babel/types" "^7.10.4"
 
-"@babel/traverse@^7.10.4", "@babel/traverse@^7.11.0", "@babel/traverse@^7.9.0":
-  version "7.11.0"
-  resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.11.0.tgz#9b996ce1b98f53f7c3e4175115605d56ed07dd24"
-  integrity sha512-ZB2V+LskoWKNpMq6E5UUCrjtDUh5IOTAyIl0dTjIEoXum/iKWkoIEKIRDnUucO6f+2FzNkE0oD4RLKoPIufDtg==
+"@babel/traverse@^7.10.4", "@babel/traverse@^7.11.5", "@babel/traverse@^7.9.0":
+  version "7.11.5"
+  resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.11.5.tgz#be777b93b518eb6d76ee2e1ea1d143daa11e61c3"
+  integrity sha512-EjiPXt+r7LiCZXEfRpSJd+jUMnBd4/9OUv7Nx3+0u9+eimMwJmG0Q98lw4/289JCoxSE8OolDMNZaaF/JZ69WQ==
   dependencies:
     "@babel/code-frame" "^7.10.4"
-    "@babel/generator" "^7.11.0"
+    "@babel/generator" "^7.11.5"
     "@babel/helper-function-name" "^7.10.4"
     "@babel/helper-split-export-declaration" "^7.11.0"
-    "@babel/parser" "^7.11.0"
-    "@babel/types" "^7.11.0"
+    "@babel/parser" "^7.11.5"
+    "@babel/types" "^7.11.5"
     debug "^4.1.0"
     globals "^11.1.0"
     lodash "^4.17.19"
 
-"@babel/types@^7.10.4", "@babel/types@^7.10.5", "@babel/types@^7.11.0", "@babel/types@^7.4.4", "@babel/types@^7.8.6", "@babel/types@^7.9.0":
-  version "7.11.0"
-  resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.11.0.tgz#2ae6bf1ba9ae8c3c43824e5861269871b206e90d"
-  integrity sha512-O53yME4ZZI0jO1EVGtF1ePGl0LHirG4P1ibcD80XyzZcKhcMFeCXmh4Xb1ifGBIV233Qg12x4rBfQgA+tmOukA==
+"@babel/types@^7.10.4", "@babel/types@^7.10.5", "@babel/types@^7.11.0", "@babel/types@^7.11.5", "@babel/types@^7.4.4", "@babel/types@^7.8.6", "@babel/types@^7.9.0":
+  version "7.11.5"
+  resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.11.5.tgz#d9de577d01252d77c6800cee039ee64faf75662d"
+  integrity sha512-bvM7Qz6eKnJVFIn+1LPtjlBFPVN5jNDc1XmN15vWe7Q3DPBufWWsLiIvUu7xW87uTG6QoggpIDnUgLQvPheU+Q==
   dependencies:
     "@babel/helper-validator-identifier" "^7.10.4"
     lodash "^4.17.19"
@@ -1093,10 +1091,10 @@
     "@types/minimatch" "*"
     "@types/node" "*"
 
-"@types/json-schema@^7.0.4":
-  version "7.0.5"
-  resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.5.tgz#dcce4430e64b443ba8945f0290fb564ad5bac6dd"
-  integrity sha512-7+2BITlgjgDhH0vvwZU/HZJVyk+2XUlvxXe8dFMedNX/aMkaOq++rMAFXc0tM7ij15QaWlbdQASBR9dihi+bDQ==
+"@types/json-schema@^7.0.5":
+  version "7.0.6"
+  resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.6.tgz#f4c7ec43e81b319a9815115031709f26987891f0"
+  integrity sha512-3c+yGKvVP5Y9TYBEibGNR+kLtijnj7mYrXRg+WpFb2X9xm04g/DXYkfg4hmzJQosc9snFNUPkbYIhu+KAm6jJw==
 
 "@types/minimatch@*":
   version "3.0.3"
@@ -1104,14 +1102,14 @@
   integrity sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA==
 
 "@types/node@*":
-  version "14.0.27"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.0.27.tgz#a151873af5a5e851b51b3b065c9e63390a9e0eb1"
-  integrity sha512-kVrqXhbclHNHGu9ztnAwSncIgJv/FaxmzXJvGXNdcCpV1b8u1/Mi6z6m0vwy0LzKeXFTPLH0NzwmoJ3fNCIq0g==
+  version "14.11.1"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.11.1.tgz#56af902ad157e763f9ba63d671c39cda3193c835"
+  integrity sha512-oTQgnd0hblfLsJ6BvJzzSL+Inogp3lq9fGgqRkMB/ziKMgEUaFl801OncOzUmalfzt14N0oPHMK47ipl+wbTIw==
 
 "@types/node@^12.11.1":
-  version "12.12.54"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-12.12.54.tgz#a4b58d8df3a4677b6c08bfbc94b7ad7a7a5f82d1"
-  integrity sha512-ge4xZ3vSBornVYlDnk7yZ0gK6ChHf/CHB7Gl1I0Jhah8DDnEQqBzgohYG4FX4p81TNirSETOiSyn+y1r9/IR6w==
+  version "12.12.62"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-12.12.62.tgz#733923d73669188d35950253dd18a21570085d2b"
+  integrity sha512-qAfo81CsD7yQIM9mVyh6B/U47li5g7cfpVQEDMfQeF8pSZVwzbhwU3crc0qG4DmpsebpJPR49AKOExQyJ05Cpg==
 
 "@types/q@^1.5.1":
   version "1.5.4"
@@ -1348,9 +1346,9 @@ agentkeepalive@^3.4.1:
     humanize-ms "^1.2.1"
 
 aggregate-error@^3.0.0:
-  version "3.0.1"
-  resolved "https://registry.yarnpkg.com/aggregate-error/-/aggregate-error-3.0.1.tgz#db2fe7246e536f40d9b5442a39e117d7dd6a24e0"
-  integrity sha512-quoaXsZ9/BLNae5yiNoUz+Nhkwz83GhWwtYFglcjEQB2NDHCIpApbqXxIFnm4Pq/Nvhrsq5sYJFyohrrxnTGAA==
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/aggregate-error/-/aggregate-error-3.1.0.tgz#92670ff50f5359bdb7a3e0d40d0ec30c5737687a"
+  integrity sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA==
   dependencies:
     clean-stack "^2.0.0"
     indent-string "^4.0.0"
@@ -1360,12 +1358,12 @@ ajv-errors@^1.0.0:
   resolved "https://registry.yarnpkg.com/ajv-errors/-/ajv-errors-1.0.1.tgz#f35986aceb91afadec4102fbd85014950cefa64d"
   integrity sha512-DCRfO/4nQ+89p/RK43i8Ezd41EqdGIU4ld7nGF8OQ14oc/we5rEntLCUa7+jrn3nn83BosfwZA0wb4pon2o8iQ==
 
-ajv-keywords@^3.1.0, ajv-keywords@^3.4.1:
+ajv-keywords@^3.1.0, ajv-keywords@^3.4.1, ajv-keywords@^3.5.2:
   version "3.5.2"
   resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.5.2.tgz#31f29da5ab6e00d1c2d329acf7b5929614d5014d"
   integrity sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ==
 
-ajv@6.12.3, ajv@^6.1.0, ajv@^6.10.2, ajv@^6.12.2, ajv@^6.12.3:
+ajv@6.12.3:
   version "6.12.3"
   resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.3.tgz#18c5af38a111ddeb4f2697bd78d68abc1cabd706"
   integrity sha512-4K0cK3L1hsqk9xIb2z9vs/XU+PGJZ9PNpJRDS9YLzmNdX6jmVPfamLvTJr0aDAusnHyCHO6MjzlkAsgtqp9teA==
@@ -1375,6 +1373,16 @@ ajv@6.12.3, ajv@^6.1.0, ajv@^6.10.2, ajv@^6.12.2, ajv@^6.12.3:
     json-schema-traverse "^0.4.1"
     uri-js "^4.2.2"
 
+ajv@^6.1.0, ajv@^6.10.2, ajv@^6.12.3, ajv@^6.12.4:
+  version "6.12.5"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.5.tgz#19b0e8bae8f476e5ba666300387775fb1a00a4da"
+  integrity sha512-lRF8RORchjpKG50/WFf8xmg7sgCLFiYNNnqdKflk63whMQcWR5ngGjiSXkL9bjxy6B2npOK2HSMN49jEBMSkag==
+  dependencies:
+    fast-deep-equal "^3.1.1"
+    fast-json-stable-stringify "^2.0.0"
+    json-schema-traverse "^0.4.1"
+    uri-js "^4.2.2"
+
 alphanum-sort@^1.0.0:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/alphanum-sort/-/alphanum-sort-1.0.2.tgz#97a1119649b211ad33691d9f9f486a8ec9fbe0a3"
@@ -1719,9 +1727,9 @@ bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.4.0:
   integrity sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==
 
 bn.js@^5.1.1:
-  version "5.1.2"
-  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-5.1.2.tgz#c9686902d3c9a27729f43ab10f9d79c2004da7b0"
-  integrity sha512-40rZaf3bUNKTVYu9sIeeEGOg7g14Yvnj9kH7b50EiwX0Q7A6umbvfI5tvHaOERH0XigqKkfLkFQxzb4e6CIXnA==
+  version "5.1.3"
+  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-5.1.3.tgz#beca005408f642ebebea80b042b4d18d2ac0ee6b"
+  integrity sha512-GkTiFpjFtUzU9CbMeJ5iazkCzGL3jrhzerzZIuqLABjbwRaFt33I9tUdSNryIptM+RxDet6OKm2WnLXzW51KsQ==
 
 body-parser@1.19.0:
   version "1.19.0"
@@ -1864,14 +1872,14 @@ browserify-zlib@^0.2.0:
     pako "~1.0.5"
 
 browserslist@^4.0.0, browserslist@^4.12.0, browserslist@^4.8.3, browserslist@^4.8.5, browserslist@^4.9.1:
-  version "4.14.0"
-  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.14.0.tgz#2908951abfe4ec98737b72f34c3bcedc8d43b000"
-  integrity sha512-pUsXKAF2lVwhmtpeA3LJrZ76jXuusrNyhduuQs7CDFf9foT4Y38aQOserd2lMe5DSSrjf3fx34oHwryuvxAUgQ==
+  version "4.14.3"
+  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.14.3.tgz#381f9e7f13794b2eb17e1761b4f118e8ae665a53"
+  integrity sha512-GcZPC5+YqyPO4SFnz48/B0YaCwS47Q9iPChRGi6t7HhflKBcINzFrJvRfC+jp30sRMKxF+d4EHGs27Z0XP1NaQ==
   dependencies:
-    caniuse-lite "^1.0.30001111"
-    electron-to-chromium "^1.3.523"
-    escalade "^3.0.2"
-    node-releases "^1.1.60"
+    caniuse-lite "^1.0.30001131"
+    electron-to-chromium "^1.3.570"
+    escalade "^3.1.0"
+    node-releases "^1.1.61"
 
 buffer-from@^1.0.0:
   version "1.1.1"
@@ -2038,10 +2046,10 @@ caniuse-api@^3.0.0:
     lodash.memoize "^4.1.2"
     lodash.uniq "^4.5.0"
 
-caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001020, caniuse-lite@^1.0.30001032, caniuse-lite@^1.0.30001111:
-  version "1.0.30001113"
-  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001113.tgz#22016ab55b5a8b04fa00ca342d9ee1b98df48065"
-  integrity sha512-qMvjHiKH21zzM/VDZr6oosO6Ri3U0V2tC015jRXjOecwQCJtsU5zklTNTk31jQbIOP8gha0h1ccM/g0ECP+4BA==
+caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001020, caniuse-lite@^1.0.30001032, caniuse-lite@^1.0.30001131:
+  version "1.0.30001133"
+  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001133.tgz#ec564c5495311299eb05245e252d589a84acd95e"
+  integrity sha512-s3XAUFaC/ntDb1O3lcw9K8MPeOW7KO3z9+GzAoBxfz1B0VdacXPMKgFUtG4KIsgmnbexmi013s9miVu4h+qMHw==
 
 canonical-path@1.0.0:
   version "1.0.0"
@@ -2718,7 +2726,7 @@ debug@3.1.0, debug@~3.1.0:
   dependencies:
     ms "2.0.0"
 
-debug@4.1.1, debug@^4.1.0, debug@^4.1.1:
+debug@4.1.1:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/debug/-/debug-4.1.1.tgz#3b72260255109c6b589cee050f1d516139664791"
   integrity sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==
@@ -2732,6 +2740,13 @@ debug@^3.0.0, debug@^3.1.0, debug@^3.1.1, debug@^3.2.5:
   dependencies:
     ms "^2.1.1"
 
+debug@^4.1.0, debug@^4.1.1:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/debug/-/debug-4.2.0.tgz#7f150f93920e94c58f5574c2fd01a3110effe7f1"
+  integrity sha512-IX2ncY78vDTjZMFUdmsvIRFY2Cf4FnD0wRs+nQwJU8Lu99/tPFdb0VybiiMTPe3I6rQmwsqQqRBvxU+bZ/I8sg==
+  dependencies:
+    ms "2.1.2"
+
 debuglog@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/debuglog/-/debuglog-1.0.1.tgz#aa24ffb9ac3df9a2351837cfb2d279360cd78492"
@@ -2794,7 +2809,7 @@ defaults@^1.0.3:
   dependencies:
     clone "^1.0.2"
 
-define-properties@^1.1.2, define-properties@^1.1.3:
+define-properties@^1.1.3:
   version "1.1.3"
   resolved "https://registry.yarnpkg.com/define-properties/-/define-properties-1.1.3.tgz#cf88da6cbee26fe6db7094f61d870cbd84cee9f1"
   integrity sha512-3MqfYKj2lLzdMSf8ZIZE/V+Zuy+BgD6f164e8K2w7dgnpKArBDerGYpM46IYYcjnkdPNMjPk9A6VFB8+3SKlXQ==
@@ -2937,9 +2952,9 @@ domelementtype@1:
   integrity sha512-BSKB+TSpMpFI/HOxCNr1O8aMOTZ8hT3pM3GQ0w/mWRmkhEDSFJkkyzz4XQsBV44BChwGkrDfMyjVD0eA2aFV3w==
 
 domelementtype@^2.0.1:
-  version "2.0.1"
-  resolved "https://registry.yarnpkg.com/domelementtype/-/domelementtype-2.0.1.tgz#1f8bdfe91f5a78063274e803b4bdcedf6e94f94d"
-  integrity sha512-5HOHUDsYZWV8FGWN0Njbr/Rn7f/eWSQi1v7+HsUVwXgn8nWWlL64zKDkS0n8ZmQ3mlWOMuXOnR+7Nx/5tMO5AQ==
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/domelementtype/-/domelementtype-2.0.2.tgz#f3b6e549201e46f588b59463dd77187131fe6971"
+  integrity sha512-wFwTwCVebUrMgGeAwRL/NhZtHAUyT9n9yg4IMDwf10+6iCMxSkVq9MGCVEH+QZWo1nNidy8kNvwmv4zWHDTqvA==
 
 domino@^2.1.2:
   version "2.1.6"
@@ -2955,9 +2970,9 @@ domutils@^1.7.0:
     domelementtype "1"
 
 dot-prop@^5.2.0:
-  version "5.2.0"
-  resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-5.2.0.tgz#c34ecc29556dc45f1f4c22697b6f4904e0cc4fcb"
-  integrity sha512-uEUyaDKoSQ1M4Oq8l45hSE26SnTxL6snNnqvK/VWx5wJhmff5z0FUVJDKDanor/6w3kzE3i7XZOk+7wC0EXr1A==
+  version "5.3.0"
+  resolved "https://registry.yarnpkg.com/dot-prop/-/dot-prop-5.3.0.tgz#90ccce708cd9cd82cc4dc8c3ddd9abdd55b20e88"
+  integrity sha512-QM8q3zDe58hqUqjraQOmzZ1LIH9SWQJTlEKCH4kJ2oQvLZk7RbQXvtDM2XEq3fwkV9CCvvH4LA0AV+ogFsBM2Q==
   dependencies:
     is-obj "^2.0.0"
 
@@ -2984,10 +2999,10 @@ ee-first@1.1.1:
   resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
   integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=
 
-electron-to-chromium@^1.3.523:
-  version "1.3.531"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.531.tgz#fe432e23c306f7b3579506de9ca63703ef086b9d"
-  integrity sha512-cRdM9noPSUvZ2TCJByhFL78amPMjNZlGJG27EPuJZK0CwWzBfj3ei7hJh0hNsjvgC0BayRW8Bc06DTCELcMC9Q==
+electron-to-chromium@^1.3.570:
+  version "1.3.570"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.570.tgz#3f5141cc39b4e3892a276b4889980dabf1d29c7f"
+  integrity sha512-Y6OCoVQgFQBP5py6A/06+yWxUZHDlNr/gNDGatjH8AZqXl8X0tE4LfjLJsXGz/JmWJz8a6K7bR1k+QzZ+k//fg==
 
 elliptic@^6.5.3:
   version "6.5.3"
@@ -3100,6 +3115,24 @@ es-abstract@^1.17.0-next.1, es-abstract@^1.17.2, es-abstract@^1.17.4, es-abstrac
     string.prototype.trimend "^1.0.1"
     string.prototype.trimstart "^1.0.1"
 
+es-abstract@^1.18.0-next.0:
+  version "1.18.0-next.0"
+  resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.18.0-next.0.tgz#b302834927e624d8e5837ed48224291f2c66e6fc"
+  integrity sha512-elZXTZXKn51hUBdJjSZGYRujuzilgXo8vSPQzjGYXLvSlGiCo8VO8ZGV3kjo9a0WNJJ57hENagwbtlRuHuzkcQ==
+  dependencies:
+    es-to-primitive "^1.2.1"
+    function-bind "^1.1.1"
+    has "^1.0.3"
+    has-symbols "^1.0.1"
+    is-callable "^1.2.0"
+    is-negative-zero "^2.0.0"
+    is-regex "^1.1.1"
+    object-inspect "^1.8.0"
+    object-keys "^1.1.1"
+    object.assign "^4.1.0"
+    string.prototype.trimend "^1.0.1"
+    string.prototype.trimstart "^1.0.1"
+
 es-get-iterator@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/es-get-iterator/-/es-get-iterator-1.1.0.tgz#bb98ad9d6d63b31aacdc8f89d5d0ee57bcb5b4c8"
@@ -3134,10 +3167,10 @@ es6-promisify@^5.0.0:
   dependencies:
     es6-promise "^4.0.3"
 
-escalade@^3.0.2:
-  version "3.0.2"
-  resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.0.2.tgz#6a580d70edb87880f22b4c91d0d56078df6962c4"
-  integrity sha512-gPYAU37hYCUhW5euPeR+Y74F7BL+IBsV93j5cvGriSaD1aG6MGsqsV1yamRdrWrb2j3aiZvb0X+UBOWpx3JWtQ==
+escalade@^3.1.0:
+  version "3.1.0"
+  resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.1.0.tgz#e8e2d7c7a8b76f6ee64c2181d6b8151441602d4e"
+  integrity sha512-mAk+hPSO8fLDkhV7V0dXazH5pDc6MrjBTPyD3VeKzxnVFjH1MIxbCdqGZB9O8+EwWakZs3ZCbDS4IpRt79V1ig==
 
 escape-html@~1.0.3:
   version "1.0.3"
@@ -3163,17 +3196,22 @@ esprima@^4.0.0:
   integrity sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==
 
 esrecurse@^4.1.0:
-  version "4.2.1"
-  resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.2.1.tgz#007a3b9fdbc2b3bb87e4879ea19c92fdbd3942cf"
-  integrity sha512-64RBB++fIOAXPw3P9cy89qfMlvZEXZkqqJkjqqXIvzP5ezRZjW+lPWjw35UX/3EhUPFYbg5ER4JYgDw4007/DQ==
+  version "4.3.0"
+  resolved "https://registry.yarnpkg.com/esrecurse/-/esrecurse-4.3.0.tgz#7ad7964d679abb28bee72cec63758b1c5d2c9921"
+  integrity sha512-KmfKL3b6G+RXvP8N1vr3Tq1kL/oCFgn2NYXEtqP8/L3pKapUA4G8cFVaoF3SU323CD4XypR/ffioHmkti6/Tag==
   dependencies:
-    estraverse "^4.1.0"
+    estraverse "^5.2.0"
 
-estraverse@^4.1.0, estraverse@^4.1.1:
+estraverse@^4.1.1:
   version "4.3.0"
   resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-4.3.0.tgz#398ad3f3c5a24948be7725e83d11a7de28cdbd1d"
   integrity sha512-39nnKffWz8xN1BU/2c79n9nB9HDzo0niYUqx6xyqUnyoAnQyyWpOTdZEeiCch8BBu515t4wp9ZmgVfVhn9EBpw==
 
+estraverse@^5.2.0:
+  version "5.2.0"
+  resolved "https://registry.yarnpkg.com/estraverse/-/estraverse-5.2.0.tgz#307df42547e6cc7324d3cf03c155d5cdb8c53880"
+  integrity sha512-BxbNGGNm0RyRYvUdHpIwv9IWzeM9XClbOxwoATuFdOE7ZE6wHL+HQ5T8hoPM+zHvmKzzsEqhgy0GrQ5X13afiQ==
+
 esutils@^2.0.2:
   version "2.0.3"
   resolved "https://registry.yarnpkg.com/esutils/-/esutils-2.0.3.tgz#74d2eb4de0b8da1293711910d50775b9b710ef64"
@@ -3185,9 +3223,9 @@ etag@~1.8.1:
   integrity sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc=
 
 eventemitter3@^4.0.0:
-  version "4.0.4"
-  resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-4.0.4.tgz#b5463ace635a083d018bdc7c917b4c5f10a85384"
-  integrity sha512-rlaVLnVxtxvoyLsQQFBx53YmXHDxRIzzTLbdfxqi4yocpSjAxXwkU0cScM5JgSKMqEhrZpnvQ2D9gjylR0AimQ==
+  version "4.0.7"
+  resolved "https://registry.yarnpkg.com/eventemitter3/-/eventemitter3-4.0.7.tgz#2de9b68f6528d5644ef5c59526a1b4a07306169f"
+  integrity sha512-8guHBZCwKnFhYdHr2ysuRWErTwhoN2X8XELRlrRwpmfeY2jjuUN4taQMsULKUVo1K4DvZl+0pgfyoysHxvmvEw==
 
 events@^3.0.0:
   version "3.2.0"
@@ -3705,7 +3743,7 @@ has-flag@^4.0.0:
   resolved "https://registry.yarnpkg.com/has-flag/-/has-flag-4.0.0.tgz#944771fd9c81c81265c4d6941860da06bb59479b"
   integrity sha512-EykJT/Q1KjTWctppgIAgfSO0tKVuZUjhgMr17kqTumMl6Afv3EISleU7qZUzoXDFTAHTDC4NOoG/ZxU3EvlMPQ==
 
-has-symbols@^1.0.0, has-symbols@^1.0.1:
+has-symbols@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.0.1.tgz#9f5214758a44196c406d9bd76cebf81ec2dd31e8"
   integrity sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg==
@@ -4168,9 +4206,9 @@ is-buffer@^1.1.5:
   integrity sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==
 
 is-callable@^1.1.4, is-callable@^1.2.0:
-  version "1.2.0"
-  resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.0.tgz#83336560b54a38e35e3a2df7afd0454d691468bb"
-  integrity sha512-pyVD9AaGLxtg6srb2Ng6ynWJqkHU9bEM087AKck0w8QwDarTfNcpIYoU8x8Hv2Icm8u6kFJM18Dag8lyqGkviw==
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.1.tgz#4d1e21a4f437509d25ce55f8184350771421c96d"
+  integrity sha512-wliAfSzx6V+6WfMOmus1xy0XvSgf/dlStkvTfq7F0g4bOIW0PSUbnyse3NhDwdyYS1ozfUtAAySqTws3z9Eqgg==
 
 is-color-stop@^1.0.0:
   version "1.1.0"
@@ -4282,6 +4320,11 @@ is-map@^2.0.1:
   resolved "https://registry.yarnpkg.com/is-map/-/is-map-2.0.1.tgz#520dafc4307bb8ebc33b813de5ce7c9400d644a1"
   integrity sha512-T/S49scO8plUiAOA2DBTBG3JHpn1yiw0kRp6dgiZ0v2/6twi5eiB0rHtHFH9ZIrvlWc6+4O+m4zg5+Z833aXgw==
 
+is-negative-zero@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/is-negative-zero/-/is-negative-zero-2.0.0.tgz#9553b121b0fac28869da9ed459e20c7543788461"
+  integrity sha1-lVOxIbD6wohp2p7UWeIMdUN4hGE=
+
 is-number-object@^1.0.3:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/is-number-object/-/is-number-object-1.0.4.tgz#36ac95e741cf18b283fc1ddf5e83da798e3ec197"
@@ -4335,7 +4378,7 @@ is-plain-object@^2.0.3, is-plain-object@^2.0.4:
   dependencies:
     isobject "^3.0.1"
 
-is-regex@^1.0.4, is-regex@^1.0.5, is-regex@^1.1.0:
+is-regex@^1.0.4, is-regex@^1.0.5, is-regex@^1.1.0, is-regex@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.1.1.tgz#c6f98aacc546f6cec5468a07b7b153ab564a57b9"
   integrity sha512-1+QkEcxiLlB7VEyFtyBg94e08OAsvq7FUBgApTq/w2ymCLyKJgDPsybBENVtA7XCQEgEXxKPonG+mvYRxh/LIg==
@@ -4520,6 +4563,11 @@ json-parse-better-errors@^1.0.0, json-parse-better-errors@^1.0.1, json-parse-bet
   resolved "https://registry.yarnpkg.com/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz#bb867cfb3450e69107c131d1c514bab3dc8bcaa9"
   integrity sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw==
 
+json-parse-even-better-errors@^2.3.0:
+  version "2.3.1"
+  resolved "https://registry.yarnpkg.com/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz#7c47805a94319928e05777405dc12e1f7a4ee02d"
+  integrity sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==
+
 json-schema-traverse@^0.4.1:
   version "0.4.1"
   resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz#69f6a87d9513ab8bb8fe63bdb0979c448e684660"
@@ -4717,9 +4765,9 @@ lodash.uniq@^4.5.0:
   integrity sha1-0CJTc662Uq3BvILklFM5qEJ1R3M=
 
 lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.15, lodash@^4.17.19:
-  version "4.17.19"
-  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.19.tgz#e48ddedbe30b3321783c5b4301fbd353bc1e4a4b"
-  integrity sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==
+  version "4.17.20"
+  resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.20.tgz#b44a9b6297bcb698f1c51a3545a2b3b368d59c52"
+  integrity sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==
 
 log-symbols@^3.0.0:
   version "3.0.0"
@@ -4729,9 +4777,9 @@ log-symbols@^3.0.0:
     chalk "^2.4.2"
 
 loglevel@^1.6.8:
-  version "1.6.8"
-  resolved "https://registry.yarnpkg.com/loglevel/-/loglevel-1.6.8.tgz#8a25fb75d092230ecd4457270d80b54e28011171"
-  integrity sha512-bsU7+gc9AJ2SqpzxwU3+1fedl8zAntbtC5XYlt3s2j1hJcn2PsXSmgN8TaLG/J1/2mod4+cE/3vNL70/c1RNCA==
+  version "1.7.0"
+  resolved "https://registry.yarnpkg.com/loglevel/-/loglevel-1.7.0.tgz#728166855a740d59d38db01cf46f042caa041bb0"
+  integrity sha512-i2sY04nal5jDcagM3FMfG++T69GEEM8CYuOfeOIvmXzOIcwE9a/CJPR0MFM97pYMj/u10lzz7/zd7+qwhrBTqQ==
 
 loose-envify@^1.0.0:
   version "1.4.0"
@@ -5019,10 +5067,10 @@ minizlib@^1.2.1:
   dependencies:
     minipass "^2.9.0"
 
-minizlib@^2.1.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/minizlib/-/minizlib-2.1.0.tgz#fd52c645301ef09a63a2c209697c294c6ce02cf3"
-  integrity sha512-EzTZN/fjSvifSX0SlqUERCN39o6T40AMarPbv0MrarSFtIITCBh7bi+dU8nxGFHuqs9jdIAeoYoKuQAAASsPPA==
+minizlib@^2.1.1:
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/minizlib/-/minizlib-2.1.2.tgz#e90d3466ba209b932451508a11ce3d3632145931"
+  integrity sha512-bAxsR8BVfj60DWXHE3u30oHzfl4G7khkSuPW+qvpd7jFRHm7dLxOjUk1EHACJ/hxLY8phGJ0YhYHZo7jil7Qdg==
   dependencies:
     minipass "^3.0.0"
     yallist "^4.0.0"
@@ -5064,9 +5112,9 @@ mkdirp@^1.0.3, mkdirp@^1.0.4:
   integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==
 
 moment@>=2.13.0, moment@^2.18.1:
-  version "2.27.0"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.27.0.tgz#8bff4e3e26a236220dfe3e36de756b6ebaa0105d"
-  integrity sha512-al0MUK7cpIcglMv3YF13qSgdAIqxHTO7brRtaz3DlSULbqfazqkc5kEjNrLDOM7fsjshoFIihnU8snrP7zUvhQ==
+  version "2.28.0"
+  resolved "https://registry.yarnpkg.com/moment/-/moment-2.28.0.tgz#cdfe73ce01327cee6537b0fafac2e0f21a237d75"
+  integrity sha512-Z5KOjYmnHyd/ukynmFd/WwyXHd7L4J9vTI/nn5Ap9AVUgaAE15VvQ9MOGmJJygEUklupqIrFnor/tjTwRU+tQw==
 
 move-concurrently@^1.0.1:
   version "1.0.1"
@@ -5090,7 +5138,7 @@ ms@2.1.1:
   resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.1.tgz#30a5864eb3ebb0a66f2ebe6d727af06a09d86e0a"
   integrity sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==
 
-ms@^2.0.0, ms@^2.1.1:
+ms@2.1.2, ms@^2.0.0, ms@^2.1.1:
   version "2.1.2"
   resolved "https://registry.yarnpkg.com/ms/-/ms-2.1.2.tgz#d09d1f357b443f493382a8eb3ccd183872ae6009"
   integrity sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==
@@ -5167,10 +5215,10 @@ node-fetch-npm@^2.0.2:
     json-parse-better-errors "^1.0.0"
     safe-buffer "^5.1.1"
 
-node-forge@0.9.0:
-  version "0.9.0"
-  resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.9.0.tgz#d624050edbb44874adca12bb9a52ec63cb782579"
-  integrity sha512-7ASaDa3pD+lJ3WvXFsxekJQelBKRpne+GOVbLbtHYdd7pFspyeuJHnWfLplGf3SwKGbfs/aYl5V/JCIaHVUKKQ==
+node-forge@^0.10.0:
+  version "0.10.0"
+  resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.10.0.tgz#32dea2afb3e9926f02ee5ce8794902691a676bf3"
+  integrity sha512-PPmu8eEeG9saEUvI97fm4OYxXVB6bFvyNTyiUOBichBpFG8A1Ljw3bY62+5oOjDEMHRnd0Y7HQ+x7uzxOzC6JA==
 
 node-libs-browser@^2.2.1:
   version "2.2.1"
@@ -5201,10 +5249,10 @@ node-libs-browser@^2.2.1:
     util "^0.11.0"
     vm-browserify "^1.0.1"
 
-node-releases@^1.1.60:
-  version "1.1.60"
-  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.60.tgz#6948bdfce8286f0b5d0e5a88e8384e954dfe7084"
-  integrity sha512-gsO4vjEdQaTusZAEebUWp2a5d7dF5DYoIpDG7WySnk7BuZDW+GPpHXoXXuYawRBr/9t5q54tirPz79kFIWg4dA==
+node-releases@^1.1.61:
+  version "1.1.61"
+  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.61.tgz#707b0fca9ce4e11783612ba4a2fcba09047af16e"
+  integrity sha512-DD5vebQLg8jLCOzwupn954fbIiZht05DAZs0k2u8NStSe6h9XdsuIQL8hSRKYiU8WUQRznmSDrKGbv3ObOmC7g==
 
 normalize-package-data@^2.0.0, normalize-package-data@^2.4.0:
   version "2.5.0"
@@ -5314,9 +5362,9 @@ npm-pick-manifest@^3.0.0:
     semver "^5.4.1"
 
 npm-registry-fetch@^4.0.0:
-  version "4.0.5"
-  resolved "https://registry.yarnpkg.com/npm-registry-fetch/-/npm-registry-fetch-4.0.5.tgz#cb87cf7f25bfb048d6c3ee19d115bebf93ea5bfa"
-  integrity sha512-yQ0/U4fYpCCqmueB2g8sc+89ckQ3eXpmU4+Yi2j5o/r0WkKvE2+Y0tK3DEILAtn2UaQTkjTHxIXe2/CSdit+/Q==
+  version "4.0.7"
+  resolved "https://registry.yarnpkg.com/npm-registry-fetch/-/npm-registry-fetch-4.0.7.tgz#57951bf6541e0246b34c9f9a38ab73607c9449d7"
+  integrity sha512-cny9v0+Mq6Tjz+e0erFAB+RYJ/AVGzkjnISiobqP8OWj9c9FLoZZu8/SPSKJWE17F1tk4018wfjV+ZbIbqC7fQ==
   dependencies:
     JSONStream "^1.3.4"
     bluebird "^3.5.1"
@@ -5364,7 +5412,7 @@ object-copy@^0.1.0:
     define-property "^0.2.5"
     kind-of "^3.0.3"
 
-object-inspect@^1.7.0:
+object-inspect@^1.7.0, object-inspect@^1.8.0:
   version "1.8.0"
   resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.8.0.tgz#df807e5ecf53a609cc6bfe93eac3cc7be5b3a9d0"
   integrity sha512-jLdtEOB112fORuypAyl/50VRVIBIdVQOSUUGQHzJ4xBSbit81zRarz7GThkEFZy1RceYrWYcPcBFPQwHyAc1gA==
@@ -5377,7 +5425,7 @@ object-is@^1.0.1, object-is@^1.1.2:
     define-properties "^1.1.3"
     es-abstract "^1.17.5"
 
-object-keys@^1.0.11, object-keys@^1.0.12, object-keys@^1.1.1:
+object-keys@^1.0.12, object-keys@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/object-keys/-/object-keys-1.1.1.tgz#1c47f272df277f3b1daf061677d9c82e2322c60e"
   integrity sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==
@@ -5390,14 +5438,14 @@ object-visit@^1.0.0:
     isobject "^3.0.0"
 
 object.assign@^4.1.0:
-  version "4.1.0"
-  resolved "https://registry.yarnpkg.com/object.assign/-/object.assign-4.1.0.tgz#968bf1100d7956bb3ca086f006f846b3bc4008da"
-  integrity sha512-exHJeq6kBKj58mqGyTQ9DFvrZC/eR6OwxzoM9YRoGBqrXYonaFyGiFMuc9VZrXf7DarreEwMpurG3dd+CNyW5w==
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/object.assign/-/object.assign-4.1.1.tgz#303867a666cdd41936ecdedfb1f8f3e32a478cdd"
+  integrity sha512-VT/cxmx5yaoHSOTSyrCygIDFco+RsibY2NM0a4RdEeY/4KgqezwFtK1yr3U67xYhqJSlASm2pKhLVzPj2lr4bA==
   dependencies:
-    define-properties "^1.1.2"
-    function-bind "^1.1.1"
-    has-symbols "^1.0.0"
-    object-keys "^1.0.11"
+    define-properties "^1.1.3"
+    es-abstract "^1.18.0-next.0"
+    has-symbols "^1.0.1"
+    object-keys "^1.1.1"
 
 object.getownpropertydescriptors@^2.0.3, object.getownpropertydescriptors@^2.1.0:
   version "2.1.0"
@@ -5789,9 +5837,9 @@ posix-character-classes@^0.1.0:
   integrity sha1-AerA/jta9xoqbAL+q7jB/vfgDqs=
 
 postcss-calc@^7.0.1:
-  version "7.0.3"
-  resolved "https://registry.yarnpkg.com/postcss-calc/-/postcss-calc-7.0.3.tgz#d65cca92a3c52bf27ad37a5f732e0587b74f1623"
-  integrity sha512-IB/EAEmZhIMEIhG7Ov4x+l47UaXOS1n2f4FBUk/aKllQhtSCxWhTzn0nJgkqN7fo/jcWySvWTSB6Syk9L+31bA==
+  version "7.0.4"
+  resolved "https://registry.yarnpkg.com/postcss-calc/-/postcss-calc-7.0.4.tgz#5e177ddb417341e6d4a193c5d9fd8ada79094f8b"
+  integrity sha512-0I79VRAd1UTkaHzY9w83P39YGO/M3bG7/tNLrHGEunBolfoGM0hSjrGvjoeaj0JE/zIw5GsI2KZ0UwDJqv5hjw==
   dependencies:
     postcss "^7.0.27"
     postcss-selector-parser "^6.0.2"
@@ -5855,9 +5903,9 @@ postcss-import@12.0.1:
     resolve "^1.1.7"
 
 postcss-load-config@^2.0.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/postcss-load-config/-/postcss-load-config-2.1.0.tgz#c84d692b7bb7b41ddced94ee62e8ab31b417b003"
-  integrity sha512-4pV3JJVPLd5+RueiVVB+gFOAa7GWc25XQcMp86Zexzke69mKf6Nx9LRcQywdz7yZI9n1udOxmLuAwTBypypF8Q==
+  version "2.1.1"
+  resolved "https://registry.yarnpkg.com/postcss-load-config/-/postcss-load-config-2.1.1.tgz#0a684bb8beb05e55baf922f7ab44c3edb17cf78e"
+  integrity sha512-D2ENobdoZsW0+BHy4x1CAkXtbXtYWYRIxL/JbtRBqrRGOPtJ2zoga/bEZWhV/ShWB5saVxJMzbMdSyA/vv4tXw==
   dependencies:
     cosmiconfig "^5.0.0"
     import-cwd "^2.0.0"
@@ -6134,9 +6182,9 @@ postcss@7.0.27:
     supports-color "^6.1.0"
 
 postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.14, postcss@^7.0.26, postcss@^7.0.27, postcss@^7.0.32, postcss@^7.0.5, postcss@^7.0.6:
-  version "7.0.32"
-  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.32.tgz#4310d6ee347053da3433db2be492883d62cec59d"
-  integrity sha512-03eXong5NLnNCD05xscnGKGDZ98CyzoqPSMjOe6SuoQY7Z2hIj0Ld1g/O/UQRuOle2aRtiIRDg9tDcTGAkLfKw==
+  version "7.0.34"
+  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.34.tgz#f2baf57c36010df7de4009940f21532c16d65c20"
+  integrity sha512-H/7V2VeNScX9KE83GDrDZNiGT1m2H+UTnlinIzhjlLX9hfMUn1mHNnGeX81a1c8JSBdBvqk7c2ZOG6ZPn5itGw==
   dependencies:
     chalk "^2.4.2"
     source-map "^0.6.1"
@@ -6295,9 +6343,9 @@ querystring@0.2.0:
   integrity sha1-sgmEkgO7Jd+CDadW50cAWHhSFiA=
 
 querystringify@^2.1.1:
-  version "2.1.1"
-  resolved "https://registry.yarnpkg.com/querystringify/-/querystringify-2.1.1.tgz#60e5a5fd64a7f8bfa4d2ab2ed6fdf4c85bad154e"
-  integrity sha512-w7fLxIRCRT7U8Qu53jQnJyPkYZIaR4n5151KMfcJlO/A9397Wxb1amJvROTK6TOnp7PfoAmg/qXiNHI+08jRfA==
+  version "2.2.0"
+  resolved "https://registry.yarnpkg.com/querystringify/-/querystringify-2.2.0.tgz#3345941b4153cb9d082d8eee4cda2016a9aef7f6"
+  integrity sha512-FIqgj2EUvTa7R50u0rGsyTftzjYmv/a3hO345bZNrqabNqjtgiDMgmo4mkUjd+nzU5oF3dClKqFIPUKybUyqoQ==
 
 randombytes@^2.0.0, randombytes@^2.0.1, randombytes@^2.0.5, randombytes@^2.1.0:
   version "2.1.0"
@@ -6345,16 +6393,14 @@ read-cache@^1.0.0:
     pify "^2.3.0"
 
 read-package-json@^2.0.0:
-  version "2.1.1"
-  resolved "https://registry.yarnpkg.com/read-package-json/-/read-package-json-2.1.1.tgz#16aa66c59e7d4dad6288f179dd9295fd59bb98f1"
-  integrity sha512-dAiqGtVc/q5doFz6096CcnXhpYk0ZN8dEKVkGLU0CsASt8SrgF6SF7OTKAYubfvFhWaqofl+Y8HK19GR8jwW+A==
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/read-package-json/-/read-package-json-2.1.2.tgz#6992b2b66c7177259feb8eaac73c3acd28b9222a"
+  integrity sha512-D1KmuLQr6ZSJS0tW8hf3WGpRlwszJOXZ3E8Yd/DNRaM5d+1wVRZdHlpGBLAuovjr28LbWvjpWkBHMxpRGGjzNA==
   dependencies:
     glob "^7.1.1"
-    json-parse-better-errors "^1.0.1"
+    json-parse-even-better-errors "^2.3.0"
     normalize-package-data "^2.0.0"
     npm-normalize-package-bin "^1.0.0"
-  optionalDependencies:
-    graceful-fs "^4.1.2"
 
 read-package-tree@5.3.1:
   version "5.3.1"
@@ -6464,9 +6510,9 @@ regexp.prototype.flags@^1.2.0, regexp.prototype.flags@^1.3.0:
     es-abstract "^1.17.0-next.1"
 
 regexpu-core@^4.7.0:
-  version "4.7.0"
-  resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-4.7.0.tgz#fcbf458c50431b0bb7b45d6967b8192d91f3d938"
-  integrity sha512-TQ4KXRnIn6tz6tjnrXEkD/sshygKH/j5KzK86X8MkeHyZ8qst/LZ89j3X4/8HEIfHANTFIP/AbXakeRhWIl5YQ==
+  version "4.7.1"
+  resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-4.7.1.tgz#2dea5a9a07233298fbf0db91fa9abc4c6e0f8ad6"
+  integrity sha512-ywH2VUraA44DZQuRKzARmw6S66mr48pQVva4LBeRhcOltJ6hExvWly5ZjFLYo67xbIxb6W1q4bAGtgfEl20zfQ==
   dependencies:
     regenerate "^1.4.0"
     regenerate-unicode-properties "^8.2.0"
@@ -6659,9 +6705,9 @@ rxjs@6.5.4:
     tslib "^1.9.0"
 
 rxjs@^6.5.2, rxjs@^6.5.3:
-  version "6.6.2"
-  resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.6.2.tgz#8096a7ac03f2cc4fe5860ef6e572810d9e01c0d2"
-  integrity sha512-BHdBMVoWC2sL26w//BCu3YzKT4s2jip/WhwsGEDmeKYBhKDZeYezVUnHatYB7L85v5xs0BAQmg6BEYJEKxBabg==
+  version "6.6.3"
+  resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.6.3.tgz#8ca84635c4daa900c0d3967a6ee7ac60271ee552"
+  integrity sha512-trsQc+xYYXZ3urjOiJOuCOa5N3jAZ3eiSpQB5hIT8zGlL2QfnHLJ2r7GMkBGuIausdJN1OneaI6gQlsqNHHmZQ==
   dependencies:
     tslib "^1.9.0"
 
@@ -6720,13 +6766,13 @@ schema-utils@^1.0.0:
     ajv-keywords "^3.1.0"
 
 schema-utils@^2.5.0, schema-utils@^2.6.1, schema-utils@^2.6.4, schema-utils@^2.6.5, schema-utils@^2.6.6, schema-utils@^2.7.0:
-  version "2.7.0"
-  resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-2.7.0.tgz#17151f76d8eae67fbbf77960c33c676ad9f4efc7"
-  integrity sha512-0ilKFI6QQF5nxDZLFn2dMjvc4hjg/Wkg7rHd3jK6/A4a1Hl9VFdQWvgB1UMGoU94pad1P/8N7fMcEnLnSiju8A==
+  version "2.7.1"
+  resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-2.7.1.tgz#1ca4f32d1b24c590c203b8e7a50bf0ea4cd394d7"
+  integrity sha512-SHiNtMOUGWBQJwzISiVYKu82GiV4QYGePp3odlY1tuKO7gPtphAT5R/py0fA6xtbgLL/RvtJZnU9b8s0F1q0Xg==
   dependencies:
-    "@types/json-schema" "^7.0.4"
-    ajv "^6.12.2"
-    ajv-keywords "^3.4.1"
+    "@types/json-schema" "^7.0.5"
+    ajv "^6.12.4"
+    ajv-keywords "^3.5.2"
 
 select-hose@^2.0.0:
   version "2.0.0"
@@ -6734,11 +6780,11 @@ select-hose@^2.0.0:
   integrity sha1-Yl2GWPhlr0Psliv8N2o3NZpJlMo=
 
 selfsigned@^1.10.7:
-  version "1.10.7"
-  resolved "https://registry.yarnpkg.com/selfsigned/-/selfsigned-1.10.7.tgz#da5819fd049d5574f28e88a9bcc6dbc6e6f3906b"
-  integrity sha512-8M3wBCzeWIJnQfl43IKwOmC4H/RAp50S8DF60znzjW5GVqTcSe2vWclt7hmYVPkKPlHWOu5EaWOMZ2Y6W8ZXTA==
+  version "1.10.8"
+  resolved "https://registry.yarnpkg.com/selfsigned/-/selfsigned-1.10.8.tgz#0d17208b7d12c33f8eac85c41835f27fc3d81a30"
+  integrity sha512-2P4PtieJeEwVgTU9QEcwIRDQ/mXJLX8/+I3ur+Pg16nS8oNbrGxEso9NyYWy8NAmXiNl4dlAp5MwoNeCWzON4w==
   dependencies:
-    node-forge "0.9.0"
+    node-forge "^0.10.0"
 
 semver-dsl@^1.0.1:
   version "1.0.1"
@@ -6893,12 +6939,12 @@ shebang-regex@^1.0.0:
   integrity sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=
 
 side-channel@^1.0.2:
-  version "1.0.2"
-  resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.2.tgz#df5d1abadb4e4bf4af1cd8852bf132d2f7876947"
-  integrity sha512-7rL9YlPHg7Ancea1S96Pa8/QWb4BtXL/TZvS6B8XFetGBeuhAsfmUspK6DokBeZ64+Kj9TCNRD/30pVz1BvQNA==
+  version "1.0.3"
+  resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.3.tgz#cdc46b057550bbab63706210838df5d4c19519c3"
+  integrity sha512-A6+ByhlLkksFoUepsGxfj5x1gTSrs+OydsRptUxeNCabQpCFUvcwIczgOigI8vhY/OJCnPnyE9rGiwgvr9cS1g==
   dependencies:
-    es-abstract "^1.17.0-next.1"
-    object-inspect "^1.7.0"
+    es-abstract "^1.18.0-next.0"
+    object-inspect "^1.8.0"
 
 signal-exit@^3.0.0, signal-exit@^3.0.2:
   version "3.0.3"
@@ -7075,9 +7121,9 @@ spdx-expression-parse@^3.0.0:
     spdx-license-ids "^3.0.0"
 
 spdx-license-ids@^3.0.0:
-  version "3.0.5"
-  resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-3.0.5.tgz#3694b5804567a458d3c8045842a6358632f62654"
-  integrity sha512-J+FWzZoynJEXGphVIS+XEh3kFSjZX/1i9gFBaWQcB+/tmpe2qUsSBABpcxqxnAxFdiUFEgAX1bjYGQvIZmoz9Q==
+  version "3.0.6"
+  resolved "https://registry.yarnpkg.com/spdx-license-ids/-/spdx-license-ids-3.0.6.tgz#c80757383c28abf7296744998cbc106ae8b854ce"
+  integrity sha512-+orQK83kyMva3WyPf59k1+Y525csj5JejicWut55zeTWANuN17qSiSLUXWtzHeNWORSvT7GLDJ/E/XiIWoXBTw==
 
 spdy-transport@^3.0.0:
   version "3.0.0"
@@ -7339,9 +7385,9 @@ supports-color@^6.1.0:
     has-flag "^3.0.0"
 
 supports-color@^7.0.0, supports-color@^7.1.0:
-  version "7.1.0"
-  resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-7.1.0.tgz#68e32591df73e25ad1c4b49108a2ec507962bfd1"
-  integrity sha512-oRSIpR8pxT1Wr2FquTNnGet79b3BWljqOuoW/h4oBhxJ/HUbX5nX6JSruTkvXDCFMwDPvsaTTbvMLKZWSy0R5g==
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/supports-color/-/supports-color-7.2.0.tgz#1b7dcdcb32b8138801b3e478ba6a51caa89648da"
+  integrity sha512-qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw==
   dependencies:
     has-flag "^4.0.0"
 
@@ -7393,14 +7439,14 @@ tar@^4.4.10:
     yallist "^3.0.3"
 
 tar@^6.0.1, tar@^6.0.2:
-  version "6.0.2"
-  resolved "https://registry.yarnpkg.com/tar/-/tar-6.0.2.tgz#5df17813468a6264ff14f766886c622b84ae2f39"
-  integrity sha512-Glo3jkRtPcvpDlAs/0+hozav78yoXKFr+c4wgw62NNMO3oo4AaJdCo21Uu7lcwr55h39W2XD1LMERc64wtbItg==
+  version "6.0.5"
+  resolved "https://registry.yarnpkg.com/tar/-/tar-6.0.5.tgz#bde815086e10b39f1dcd298e89d596e1535e200f"
+  integrity sha512-0b4HOimQHj9nXNEAA7zWwMM91Zhhba3pspja6sQbgTpynOJf+bkjBnfybNYzbpLbnwXnbyB4LOREvlyXLkCHSg==
   dependencies:
     chownr "^2.0.0"
     fs-minipass "^2.0.0"
     minipass "^3.0.0"
-    minizlib "^2.1.0"
+    minizlib "^2.1.1"
     mkdirp "^1.0.3"
     yallist "^4.0.0"
 
@@ -7763,9 +7809,9 @@ upath@^1.1.1:
   integrity sha512-aZwGpamFO61g3OlfT7OQCHqhGnW43ieH9WZeP7QxN/G/jS4jfqUkZxoryvJgVPEcrl5NL/ggHsSmLMHuH64Lhg==
 
 uri-js@^4.2.2:
-  version "4.2.2"
-  resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.2.2.tgz#94c540e1ff772956e2299507c010aea6c8838eb0"
-  integrity sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==
+  version "4.4.0"
+  resolved "https://registry.yarnpkg.com/uri-js/-/uri-js-4.4.0.tgz#aa714261de793e8a82347a7bcc9ce74e86f28602"
+  integrity sha512-B0yRTzYdUCCn9n+F4+Gh4yIDtMQcaJsmYBDsTSG8g/OejKBodLQ2IHfN3bM7jUsRXndopT7OIXWdYqc1fjmV6g==
   dependencies:
     punycode "^2.1.0"
 

From d49b038469a0823b5446bf2db8fb2f10ca8b64e9 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 22 Sep 2020 12:56:40 +0200
Subject: [PATCH 144/237] Migrated IDSCP to kotlin, simplified data messages

---
 idscp2/build.gradle.kts                       |   4 -
 .../daps/DefaultDapsDriver.java               | 345 ---------
 .../daps/DefaultDapsDriverConfig.java         | 117 ----
 .../daps/SecurityRequirements.java            |  35 -
 .../CustomX509ExtendedKeyManager.java         | 159 -----
 .../keystores/PreConfiguration.java           | 200 ------
 .../rat/dummy/RatProverDummy.java             |  59 --
 .../rat/dummy/RatVerifierDummy.java           |  59 --
 .../rat/tpm2d/TPM2dHelper.java                |  84 ---
 .../rat/tpm2d/TPM2dMessageFactory.java        | 109 ---
 .../rat/tpm2d/TPM2dProver.java                | 213 ------
 .../rat/tpm2d/TPM2dProverConfig.java          |  51 --
 .../rat/tpm2d/TPM2dSocket.java                |  35 -
 .../rat/tpm2d/TPM2dVerifier.java              | 281 --------
 .../rat/tpm2d/TPM2dVerifierConfig.java        |  80 ---
 .../secure_channel/NativeTLSDriver.java       |  59 --
 .../secure_channel/TLSConstants.java          |  67 --
 .../TLSSessionVerificationHelper.java         | 205 ------
 .../client/InputListenerThread.java           |  61 --
 .../secure_channel/client/TLSClient.java      | 223 ------
 .../secure_channel/server/TLSServer.java      | 157 -----
 .../server/TLSServerThread.java               | 169 -----
 .../drivers/interfaces/RatProverDriver.java   |  40 --
 .../drivers/interfaces/RatVerifierDriver.java |  40 --
 .../interfaces/SecureChannelDriver.java       |  28 -
 .../aisec/ids/idscp2/error/DatException.java  |  11 -
 .../ids/idscp2/error/Idscp2Exception.java     |  16 -
 .../idscp2/example/Idscp2ClientInitiator.java |  91 ---
 .../idscp2/example/Idscp2ServerInitiator.java | 104 ---
 .../ids/idscp2/example/RunTLSClient.java      |  25 -
 .../ids/idscp2/example/RunTLSServer.java      |  25 -
 .../idscp2/idscp_core/Idscp2Connection.java   | 159 -----
 .../idscp_core/Idscp2ConnectionAdapter.java   |  17 -
 .../idscp_core/Idscp2MessageHelper.java       | 112 ---
 .../idscp_core/Idscp2MessageListener.java     |  12 -
 .../configuration/AttestationConfig.java      |  35 -
 .../configuration/Idscp2ClientFactory.java    |  37 -
 .../configuration/Idscp2ServerFactory.java    |  91 ---
 .../configuration/Idscp2Settings.java         | 198 ------
 .../SecureChannelInitListener.java            |  26 -
 .../finite_state_machine/Event.java           |  89 ---
 .../idscp_core/finite_state_machine/FSM.java  | 659 ------------------
 .../InternalControlMessage.java               |  34 -
 .../finite_state_machine/StateClosed.java     | 104 ---
 .../StateEstablished.java                     | 150 ----
 .../StateWaitForDatAndRat.java                | 182 -----
 .../StateWaitForDatAndRatVerifier.java        | 136 ----
 .../StateWaitForHello.java                    | 156 -----
 .../finite_state_machine/StateWaitForRat.java | 213 ------
 .../StateWaitForRatProver.java                | 195 ------
 .../StateWaitForRatVerifier.java              | 175 -----
 .../finite_state_machine/Timer.java           |  50 --
 .../finite_state_machine/Transition.java      |  21 -
 .../idscp_core/idscp_server/Idscp2Server.java |  70 --
 .../ServerConnectionListener.java             |  10 -
 .../rat_registry/RatProverDriverRegistry.java |  98 ---
 .../RatVerifierDriverRegistry.java            |  93 ---
 .../secure_channel/SecureChannel.java         |  74 --
 .../ids/idscp2/Idscp2EndpointListener.kt}     |  13 +-
 .../daps/DefaultDapsDriver.kt                 | 327 +++++++++
 .../daps/DefaultDapsDriverConfig.kt           |  68 ++
 .../daps/SecurityRequirements.kt              |  24 +
 .../keystores/CustomX509ExtendedKeyManager.kt | 138 ++++
 .../keystores/PreConfiguration.kt             | 210 ++++++
 .../rat/dummy/RatProverDummy.kt               |  52 ++
 .../rat/dummy/RatVerifierDummy.kt             |  52 ++
 .../rat/tpm2d/TPM2dHelper.kt                  |  75 ++
 .../rat/tpm2d/TPM2dMessageFactory.kt          |  83 +++
 .../rat/tpm2d/TPM2dProver.kt                  | 202 ++++++
 .../rat/tpm2d/TPM2dProverConfig.kt            |  39 ++
 .../rat/tpm2d/TPM2dSocket.kt                  |  28 +
 .../rat/tpm2d/TPM2dVerifier.kt                | 266 +++++++
 .../rat/tpm2d/TPM2dVerifierConfig.kt          |  60 ++
 .../secure_channel/NativeTLSDriver.kt         |  65 ++
 .../secure_channel/TLSConstants.kt            |  23 +
 .../TLSSessionVerificationHelper.kt           | 178 +++++
 .../client/DataAvailableListener.kt}          |  13 +-
 .../secure_channel/client/InputListener.kt}   |  11 +-
 .../client/InputListenerThread.kt             |  56 ++
 .../secure_channel/client/TLSClient.kt        | 202 ++++++
 .../secure_channel/server/TLSServer.kt        | 138 ++++
 .../secure_channel/server/TLSServerThread.kt  | 164 +++++
 .../idscp2/drivers/interfaces/DapsDriver.kt}  |  11 +-
 .../drivers/interfaces/RatProverDriver.kt     |  35 +
 .../drivers/interfaces/RatVerifierDriver.kt   |  35 +
 .../drivers/interfaces/SecureChannelDriver.kt |  26 +
 .../drivers/interfaces/SecureServer.kt}       |  11 +-
 .../aisec/ids/idscp2/error/DatException.kt    |   6 +
 .../aisec/ids/idscp2/error/Idscp2Exception.kt |  11 +
 .../idscp2/example/Idscp2ClientInitiator.kt   |  80 +++
 .../idscp2/example/Idscp2ServerInitiator.kt   |  88 +++
 .../aisec/ids/idscp2/example/RunTLSClient.kt  |  20 +
 .../aisec/ids/idscp2/example/RunTLSServer.kt  |  20 +
 .../aisec/ids/idscp2/idscp_core/FastLatch.kt} |  40 +-
 .../ids/idscp2/idscp_core/Idscp2Connection.kt | 113 +++
 .../idscp_core/Idscp2ConnectionAdapter.kt     |  15 +
 .../idscp_core/Idscp2ConnectionListener.kt}   |  12 +-
 .../idscp2/idscp_core/Idscp2MessageHelper.kt  |  87 +++
 .../idscp_core/Idscp2MessageListener.kt       |  11 +
 .../configuration/AttestationConfig.kt        |  29 +
 .../configuration/Idscp2ClientFactory.kt      |  28 +
 .../configuration/Idscp2ServerFactory.kt      |  78 +++
 .../configuration/Idscp2Settings.kt           | 140 ++++
 .../SecureChannelInitListener.kt              |  23 +
 .../aisec/ids/idscp2/idscp_core/fsm/Event.kt  |  66 ++
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 592 ++++++++++++++++
 .../ids/idscp2/idscp_core/fsm/FsmListener.kt} |  17 +-
 .../idscp_core/fsm/InternalControlMessage.kt  |  13 +
 .../aisec/ids/idscp2/idscp_core/fsm/State.kt} |  37 +-
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  |  88 +++
 .../idscp2/idscp_core/fsm/StateEstablished.kt | 124 ++++
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   | 153 ++++
 .../fsm/StateWaitForDatAndRatVerifier.kt      | 118 ++++
 .../idscp_core/fsm/StateWaitForHello.kt       | 114 +++
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  | 168 +++++
 .../idscp_core/fsm/StateWaitForRatProver.kt   | 157 +++++
 .../idscp_core/fsm/StateWaitForRatVerifier.kt | 143 ++++
 .../aisec/ids/idscp2/idscp_core/fsm/Timer.kt  |  40 ++
 .../ids/idscp2/idscp_core/fsm/TimerThread.kt} |  48 +-
 .../ids/idscp2/idscp_core/fsm/Transition.kt   |  15 +
 .../rat_registry/RatProverDriverRegistry.kt   |  69 ++
 .../rat_registry/RatVerifierDriverRegistry.kt |  69 ++
 .../secure_channel/SecureChannel.kt           |  65 ++
 .../secure_channel/SecureChannelEndpoint.kt}  |  15 +-
 .../secure_channel/SecureChannelListener.kt}  |  13 +-
 .../idscp2/idscp_core/server/Idscp2Server.kt  |  60 ++
 .../server/ServerConnectionListener.kt        |   8 +
 idscp2/src/main/proto/idscpv2.proto           |   8 -
 128 files changed, 5468 insertions(+), 6486 deletions(-)
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/DatException.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/ServerConnectionListener.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
 delete mode 100644 idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java => kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt} (64%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java => kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.kt} (75%)
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java => kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.kt} (73%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java => kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt} (71%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java => kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.kt} (63%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/DatException.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.java => kotlin/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.kt} (56%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java => kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt} (53%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java => kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt} (66%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java => kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt} (52%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Timer.kt
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java => kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt} (52%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java => kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.kt} (74%)
 rename idscp2/src/main/{java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java => kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.kt} (65%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt

diff --git a/idscp2/build.gradle.kts b/idscp2/build.gradle.kts
index ad98fbd39..39c214552 100644
--- a/idscp2/build.gradle.kts
+++ b/idscp2/build.gradle.kts
@@ -29,13 +29,9 @@ configure<IdeaModel> {
 }
 
 dependencies {
-    providedByBundle(project(":ids-api")) { isTransitive = false }
-
     providedByBundle("com.github.microsoft", "TSS.Java", libraryVersions["tssJava"])
 
     providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
-    
-    publishCompile("org.checkerframework", "checker-qual", libraryVersions["checkerQual"])
 
     implementation("io.jsonwebtoken", "jjwt-impl", libraryVersions["jsonwebtoken"])
     implementation("io.jsonwebtoken", "jjwt-jackson", libraryVersions["jsonwebtoken"])
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
deleted file mode 100644
index 439075f3e..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.java
+++ /dev/null
@@ -1,345 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps;
-
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.error.DatException;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
-import okhttp3.*;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.jose4j.http.Get;
-import org.jose4j.jwa.AlgorithmConstraints;
-import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
-import org.jose4j.jwk.HttpsJwks;
-import org.jose4j.jws.AlgorithmIdentifiers;
-import org.jose4j.jwt.JwtClaims;
-import org.jose4j.jwt.NumericDate;
-import org.jose4j.jwt.consumer.JwtConsumer;
-import org.jose4j.jwt.consumer.JwtConsumerBuilder;
-import org.jose4j.keys.resolvers.HttpsJwksVerificationKeyResolver;
-import org.json.JSONObject;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLSocketFactory;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509ExtendedTrustManager;
-import java.io.IOException;
-import java.nio.charset.StandardCharsets;
-import java.security.Key;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.X509Certificate;
-import java.time.Instant;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.concurrent.TimeUnit;
-
-/**
- * Default DAPS Driver Implementation for requesting valid dynamicAttributeToken and verifying DAT
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- * @author Gerd Brost (gerd.brost@aisec.fraunhofer.de)
- */
-public class DefaultDapsDriver implements DapsDriver {
-    private static final Logger LOG = LoggerFactory.getLogger(DefaultDapsDriver.class);
-
-    private final SSLSocketFactory sslSocketFactory; //ssl socket factory can be reused
-    private final X509ExtendedTrustManager trustManager; //trust manager can be reused
-    private final Key privateKey; //private key can be reused
-    private final String dapsUrl;
-    private final String TARGET_AUDIENCE = "idsc:IDS_CONNECTORS_ALL";
-    private final X509Certificate cert;
-
-    public DefaultDapsDriver(DefaultDapsDriverConfig config) {
-        this.dapsUrl = config.getDapsUrl();
-
-        //create ssl socket factory for secure
-        privateKey = PreConfiguration.getKey(
-                config.getKeyStorePath(),
-                config.getKeyStorePassword(),
-                config.getKeyAlias(),
-                config.getKeyPassword()
-        );
-
-        cert = PreConfiguration.getCertificate(
-            config.getKeyStorePath(),
-            config.getKeyStorePassword(),
-            config.getKeyAlias());
-
-        TrustManager[] trustManagers = PreConfiguration.getX509ExtTrustManager(
-                config.getTrustStorePath(),
-                config.getTrustStorePassword()
-        );
-
-        this.trustManager = (X509ExtendedTrustManager) trustManagers[0];
-
-        try {
-            SSLContext sslContext = SSLContext.getInstance("TLS");
-            sslContext.init(null, trustManagers, null);
-            sslSocketFactory = sslContext.getSocketFactory();
-        } catch (NoSuchAlgorithmException | KeyManagementException e) {
-            LOG.error("Cannot init DefaultDapsDriver: {}", e.toString());
-            throw new RuntimeException(e);
-        }
-    }
-
-    /**
-     * Receive the signed and valid dynamic attribute token from the DAPS
-     */
-    @Override
-    public byte[] getToken() {
-        String token;
-
-        LOG.info("Retrieving Dynamic Attribute Token from Daps ...");
-
-        //Create connectorUUID
-        // Get AKI
-        //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
-        String aki_oid = Extension.authorityKeyIdentifier.getId();
-        byte[] rawAuthorityKeyIdentifier = cert.getExtensionValue(aki_oid);
-        ASN1OctetString akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIdentifier);
-        AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(akiOc.getOctets());
-        byte[] authorityKeyIdentifier = aki.getKeyIdentifier();
-
-        //GET SKI
-        String ski_oid = Extension.subjectKeyIdentifier.getId();
-        byte[] rawSubjectKeyIdentifier = cert.getExtensionValue(ski_oid);
-        ASN1OctetString ski0c = ASN1OctetString.getInstance(rawSubjectKeyIdentifier);
-        SubjectKeyIdentifier ski = SubjectKeyIdentifier.getInstance(ski0c.getOctets());
-        byte[] subjectKeyIdentifier = ski.getKeyIdentifier();
-
-        String aki_result = encodeHexString(authorityKeyIdentifier, true).toUpperCase();
-        String ski_result = encodeHexString(subjectKeyIdentifier, true).toUpperCase();
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("AKI: " + aki_result);
-            LOG.debug("SKI: " + ski_result);
-        }
-
-        String connectorUUID = ski_result + "keyid:" + aki_result.substring(0, aki_result.length() - 1);
-
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("ConnectorUUID: " + connectorUUID);
-            LOG.debug("Retrieving Dynamic Attribute Token...");
-        }
-
-        //create signed JWT
-        String jwt =
-                Jwts.builder()
-                        .setIssuer(connectorUUID)
-                        .setSubject(connectorUUID)
-                        .claim("@context", "https://w3id.org/idsa/contexts/context.jsonld")
-                        .claim("@type", "ids:DatRequestToken")
-                        .setExpiration(Date.from(Instant.now().plusSeconds(86400)))
-                        .setIssuedAt(Date.from(Instant.now()))
-                        .setNotBefore(Date.from(Instant.now()))
-                        .setAudience(TARGET_AUDIENCE)
-                        .signWith(privateKey, SignatureAlgorithm.RS256)
-                        .compact();
-
-        //build http client and request for DAPS
-        RequestBody formBody =
-                new FormBody.Builder()
-                        .add("grant_type", "client_credentials")
-                        .add(
-                                "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
-                        .add("client_assertion", jwt)
-                        .add("scope", "idsc:IDS_CONNECTOR_ATTRIBUTES_ALL")
-                        .build();
-
-        OkHttpClient client =
-                new OkHttpClient.Builder()
-                        .sslSocketFactory(sslSocketFactory, trustManager)
-                        .connectTimeout(15, TimeUnit.SECONDS)
-                        .writeTimeout(15, TimeUnit.SECONDS)
-                        .readTimeout(15, TimeUnit.SECONDS)
-                        .build();
-
-        Request request =
-                new Request.Builder()
-                        .url(dapsUrl.concat("/v2/token"))
-                        .post(formBody)
-                        .build();
-
-        try {
-            //get http response from DAPS
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("Acquire DAT from {}", dapsUrl);
-            }
-            Response response = client.newCall(request).execute();
-
-            //check for valid response
-            if (!response.isSuccessful()) {
-                throw new DatException("Received non-200 http response: " + response.code());
-            }
-
-            if (response.body() == null) {
-                throw new DatException("Received empty DAPS response");
-            }
-
-            JSONObject json = new JSONObject(response.body().string());
-            if (json.has("access_token")) {
-                token = json.getString("access_token");
-                if (LOG.isDebugEnabled()) {
-                    LOG.debug("Received DAT from DAPS: {}", token);
-                }
-            } else if (json.has("error")) {
-                throw new DatException("DAPS reported error: " + json.getString("error"));
-            } else {
-                throw new DatException("DAPS response does not contain \"access_token\" or \"error\" field.");
-            }
-
-            verifyToken(token.getBytes(StandardCharsets.UTF_8), null);
-            return token.getBytes(StandardCharsets.UTF_8);
-        } catch (IOException e) {
-            throw new DatException("Error whilst retrieving DAT", e);
-        }
-    }
-
-    /**
-     * Verify a given dynamic attribute token
-     *
-     * If the security requirements is not null and an instance of the SecurityRequirements class
-     * the method will also check the provided security attributes of the connector that belongs
-     * to the provided DAT
-     *
-     * @return The number of seconds this DAT is valid
-     */
-    @Override
-    public long verifyToken(byte[] dat, Object securityRequirements) {
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("Verifying dynamic attribute token...");
-        }
-
-        // Get JsonWebKey JWK from JsonWebKeyStore JWKS using DAPS JWKS endpoint
-        HttpsJwks httpsJwks = new HttpsJwks(dapsUrl.concat("/.well-known/jwks.json"));
-        Get getInstance = new Get();
-        getInstance.setSslSocketFactory(sslSocketFactory);
-        httpsJwks.setSimpleHttpGet(getInstance);
-
-        // create new jwks key resolver, selects jwk based on key ID in jwt header
-        HttpsJwksVerificationKeyResolver jwksKeyResolver
-                = new HttpsJwksVerificationKeyResolver(httpsJwks);
-
-        //create validation requirements
-        JwtConsumer jwtConsumer =
-                new JwtConsumerBuilder()
-                        .setRequireExpirationTime()         // has expiration time
-                        .setAllowedClockSkewInSeconds(30)   // leeway in validation time
-                        .setRequireSubject()                // has subject
-                        .setExpectedAudience(true, "IDS_Connector", TARGET_AUDIENCE)
-                        .setExpectedIssuer(dapsUrl)         // e.g. https://daps.aisec.fraunhofer.de
-                        .setVerificationKeyResolver(jwksKeyResolver) //get decryption key from jwks
-                        .setJweAlgorithmConstraints(
-                                new AlgorithmConstraints(
-                                        ConstraintType.WHITELIST,
-                                        AlgorithmIdentifiers.RSA_USING_SHA256
-                                )
-                        )
-                        .build();
-
-        long validityTime;
-        JwtClaims claims;
-
-        try {
-            claims = jwtConsumer.processToClaims(new String(dat, StandardCharsets.UTF_8));
-            NumericDate expTime = claims.getExpirationTime();
-            validityTime = expTime.getValue() - NumericDate.now().getValue();
-        } catch (Exception e) {
-            throw new DatException("Error during claims processing", e);
-        }
-
-        //check security requirements
-        if (securityRequirements != null) {
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("Validate security attributes");
-            }
-
-            if (!(securityRequirements instanceof SecurityRequirements)) {
-                throw new DatException("Invalid security requirements format. Expected " +
-                        SecurityRequirements.class.getName());
-            }
-            SecurityRequirements secRequirements = (SecurityRequirements) securityRequirements;
-            final var securityLevel =
-                    parseSecurityRequirements(claims.toJson()).getRequiredSecurityLevel();
-
-            if (securityLevel == null) {
-                throw new DatException("No security profile provided");
-            }
-
-            switch (secRequirements.getRequiredSecurityLevel()) {
-                case "idsc:BASE_CONNECTOR_SECURITY_PROFILE":
-                    if (securityLevel.equals("idsc:BASE_CONNECTOR_SECURITY_PROFILE")) {
-                        break;
-                    }
-                case "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE":
-                    if (securityLevel.equals("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")) {
-                        break;
-                    }
-                case "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE":
-                    if (securityLevel.equals("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")) {
-                        break;
-                    }
-                default:
-                    throw new DatException(
-                            "Client does not support any valid trust profile: Required: "
-                                    + secRequirements.getRequiredSecurityLevel()
-                                    + " given: "
-                                    + securityLevel);
-            }
-        }
-
-        LOG.debug("DAT is valid");
-        return validityTime;
-    }
-
-    @NonNull
-    private SecurityRequirements parseSecurityRequirements(String dat) {
-        JSONObject asJson = new JSONObject(dat);
-
-        if (!asJson.has("securityProfile")) {
-            throw new DatException("DAT does not contain securityProfile");
-        }
-
-        return new SecurityRequirements.Builder()
-                .setRequiredSecurityLevel(asJson.getString("securityProfile"))
-                .build();
-    }
-
-    /**
-     * Convert byte to hexadecimal chars without any dependencies to libraries.
-     * @param num Byte to get hexadecimal representation for
-     * @return The hexadecimal representation of the given byte value
-     */
-    private char[] byteToHex(byte num) {
-        char[] hexDigits = new char[2];
-        hexDigits[0] = Character.forDigit((num >> 4) & 0xF, 16);
-        hexDigits[1] = Character.forDigit((num & 0xF), 16);
-        return hexDigits;
-    }
-
-    /**
-     * Lookup table for encodeHexString()
-     */
-    private final HashMap<Byte, char[]> hexLookup = new HashMap<>();
-    /**
-     * Encode a byte array to a hex string
-     * @param byteArray Byte array to get hexadecimal representation for
-     * @return Hexadecimal representation of the given bytes
-     */
-    private String encodeHexString(byte[] byteArray, @SuppressWarnings("SameParameterValue") boolean beautify) {
-        StringBuilder sb = new StringBuilder();
-        for (byte b : byteArray) {
-            sb.append(hexLookup.computeIfAbsent(b, this::byteToHex));
-            if (beautify) {
-                sb.append(':');
-            }
-        }
-        return sb.toString();
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
deleted file mode 100644
index 988faae39..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.java
+++ /dev/null
@@ -1,117 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps;
-
-import org.checkerframework.checker.nullness.qual.NonNull;
-
-import java.nio.file.Path;
-import java.nio.file.Paths;
-
-/**
- * A Configuration class for the DefaultDapsDriver
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class DefaultDapsDriverConfig {
-
-    @NonNull
-    private String dapsUrl = "https://daps.aisec.fraunhofer.de";
-    @NonNull
-    private Path keyStorePath = Paths.get("DUMMY-FILENAME.p12");
-    @NonNull
-    private char[] keyStorePassword = "password".toCharArray();
-    @NonNull
-    private String keyAlias = "1";
-    @NonNull
-    private char[] keyPassword = "password".toCharArray();
-    @NonNull
-    private Path trustStorePath = Paths.get("DUMMY-FILENAME.p12");
-    @NonNull
-    private char[] trustStorePassword = "password".toCharArray();
-
-    public static class Builder {
-        @NonNull
-        private final DefaultDapsDriverConfig config = new DefaultDapsDriverConfig();
-
-        @NonNull
-        public Builder setDapsUrl(String dapsUrl) {
-            this.config.dapsUrl = dapsUrl;
-            return this;
-        }
-
-        @NonNull
-        public Builder setKeyStorePath(Path path) {
-            this.config.keyStorePath = path;
-            return this;
-        }
-
-        @NonNull
-        public Builder setKeyStorePassword(char[] password) {
-            this.config.keyStorePassword = password;
-            return this;
-        }
-
-        @NonNull
-        public Builder setKeyAlias(String alias) {
-            this.config.keyAlias = alias;
-            return this;
-        }
-
-        @NonNull
-        public Builder setKeyPassword(char[] password) {
-            this.config.keyPassword = password;
-            return this;
-        }
-
-        @NonNull
-        public Builder setTrustStorePath(Path path) {
-            this.config.trustStorePath = path;
-            return this;
-        }
-
-        @NonNull
-        public Builder setTrustStorePassword(char[] password) {
-            this.config.trustStorePassword = password;
-            return this;
-        }
-
-        @NonNull
-        public DefaultDapsDriverConfig build() {
-            return config;
-        }
-    }
-
-    @NonNull
-    public String getDapsUrl() {
-        return dapsUrl;
-    }
-
-    @NonNull
-    public Path getKeyStorePath() {
-        return keyStorePath;
-    }
-
-    @NonNull
-    public char[] getKeyStorePassword() {
-        return keyStorePassword;
-    }
-
-    @NonNull
-    public String getKeyAlias() {
-        return keyAlias;
-    }
-
-    @NonNull
-    public char[] getKeyPassword() {
-        return keyPassword;
-    }
-
-    @NonNull
-    public Path getTrustStorePath() {
-        return trustStorePath;
-    }
-
-    @NonNull
-    public char[] getTrustStorePassword() {
-        return trustStorePassword;
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
deleted file mode 100644
index 1cbe92d1f..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps;
-
-
-import org.checkerframework.checker.nullness.qual.NonNull;
-
-/**
- * A Security-Requirements class using Builder pattern to store the connectors expected
- * security attributes e.g. Audit Logging
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class SecurityRequirements {
-
-    private String securityLevel;
-
-    public static class Builder {
-        @NonNull
-        private final SecurityRequirements requirements = new SecurityRequirements();
-
-        @NonNull
-        public Builder setRequiredSecurityLevel(String requiredSecurityLevel) {
-            this.requirements.securityLevel = requiredSecurityLevel;
-            return this;
-        }
-
-        @NonNull
-        public SecurityRequirements build() {
-            return requirements;
-        }
-    }
-
-    public String getRequiredSecurityLevel() {
-        return securityLevel;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
deleted file mode 100644
index 92291cb56..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.java
+++ /dev/null
@@ -1,159 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.net.ssl.SSLEngine;
-import javax.net.ssl.X509ExtendedKeyManager;
-import java.net.Socket;
-import java.security.Principal;
-import java.security.PrivateKey;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.HashMap;
-
-/**
- * A custom X590ExtendedKeyManager, that allows to choose a TrustStore entry by a given certificate alias and
- * delegates all other function calls to given default X509ExtendedKeyManager
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class CustomX509ExtendedKeyManager extends X509ExtendedKeyManager {
-    private static final Logger LOG = LoggerFactory.getLogger(CustomX509ExtendedKeyManager.class);
-
-    private final String certAlias;
-    private final String keyType;
-    private final X509ExtendedKeyManager delegate;
-
-    // server and client aliases are cached in a private context (in entryCacheMap) by the X509ExtendedKeyManager
-    // implementation. Therefore, getServerAliases() / getClientAliases() returns only uncached aliases since the
-    // update on java 11. As we have to check in chooseClientAliases() and chooseServerAlias() if the alias exists in
-    // the keystore and we cannot access the cached aliases without an overwritten X509KeyManagerImpl instance, we will
-    // also cache the aliases and its properties in the following HashMap.
-    private final HashMap<String, CachedAliasValue> cachedAliases = new HashMap<>();
-
-    CustomX509ExtendedKeyManager(String alias, String keyType, final X509ExtendedKeyManager delegate) {
-        super();
-        this.certAlias = alias;
-        this.keyType = keyType;
-        this.delegate = delegate;
-    }
-
-    @Override
-    public String[] getClientAliases(String keyType, Principal[] issuers) {
-        String[] clientAliases = delegate.getClientAliases(keyType, issuers);
-        for (String alias : clientAliases)
-            cachedAliases.putIfAbsent(alias, new CachedAliasValue(keyType, null)); //toDo get issuer
-        return clientAliases;
-    }
-
-    @Override
-    /* returns an existing certAlias that matches one of the given KeyTypes, or null;
-       called only by client in TLS handshake */
-    public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket socket) {
-        if (Arrays.asList(keyTypes).contains(this.keyType)) {
-            if ((cachedAliases.containsKey(this.certAlias) &&
-                    cachedAliases.get(this.certAlias).match(keyType, issuers))
-                    || Arrays.asList(getClientAliases(keyType, issuers)).contains(this.certAlias)) {
-                LOG.debug("CertificateAlias is {}", this.certAlias);
-                return this.certAlias;
-            } else {
-                LOG.warn("certAlias '{}' was not found in keystore", this.certAlias);
-            }
-        } else if (LOG.isTraceEnabled()) {
-            LOG.trace("Different keyType '{}' in chooseClientAlias() in CustomX509ExtendedKeyManager, expected '{}'",
-                    keyType, this.keyType);
-        }
-        return null;
-    }
-
-    @Override
-    public String[] getServerAliases(String keyType, Principal[] issuers) {
-        String[] serverAliases = delegate.getServerAliases(keyType, issuers);
-        for (String alias : serverAliases)
-            cachedAliases.putIfAbsent(alias, new CachedAliasValue(keyType, null)); //toDo get issuer
-        return serverAliases;
-    }
-
-    @Override
-    /* returns an existing certAlias that matches the given KeyType, or null;
-       called only by server in TLS handshake*/
-    public String chooseServerAlias(String keyType, Principal[] issuers, Socket socket) {
-        if (keyType.equals(this.keyType)) {
-            if ((cachedAliases.containsKey(certAlias) && cachedAliases.get(this.certAlias).match(keyType, issuers))
-                    || Arrays.asList(getServerAliases(keyType, issuers)).contains(this.certAlias)) {
-                LOG.debug("CertificateAlias is {}", this.certAlias);
-                return this.certAlias;
-            } else {
-                LOG.warn("certAlias '{}' was not found in keystore", this.certAlias);
-            }
-        } else if (LOG.isTraceEnabled()) {
-            LOG.trace("Different keyType '{}' in chooseServerAlias() in CustomX509ExtendedKeyManager, expected '{}'",
-                    keyType, this.keyType);
-        }
-        return null;
-    }
-
-    @Override
-    /* returns the certificate chain of a given certificateAlias;
-       called by client and server in TLS Handshake after alias was chosen */
-    public X509Certificate[] getCertificateChain(String certAlias) {
-        if (certAlias.equals(this.certAlias)) {
-            return delegate.getCertificateChain(certAlias);
-        } else {
-            LOG.warn("Different certAlias '{}' in getCertificateChain() in class X509ExtendedKeyManager, " +
-                    "expected: '{}'", certAlias, this.certAlias);
-            return null;
-        }
-    }
-
-    @Override
-    /* returns a privateKey of a given certificateAlias;
-     *  called by client and server in TLS Handshake after alias was chosen */
-    public PrivateKey getPrivateKey(String certAlias) {
-        if (certAlias.equals(this.certAlias)) {
-            return delegate.getPrivateKey(certAlias);
-        } else {
-            LOG.warn("Different certAlias '{}' in getPrivateKey() in class X509ExtendedKeyManager, expected '{}'",
-                    certAlias, this.certAlias);
-            return null;
-        }
-    }
-
-    @Override
-    public String chooseEngineClientAlias(String[] keyType, Principal[] issuers, SSLEngine sslEngine) {
-        return delegate.chooseEngineClientAlias(keyType, issuers, sslEngine);
-    }
-
-    @Override
-    public String chooseEngineServerAlias(String keyType, Principal[] issuers, SSLEngine sslEngine) {
-        return delegate.chooseEngineServerAlias(keyType, issuers, sslEngine);
-    }
-
-
-    private static class CachedAliasValue {
-        private final String keyType; //key algorithm type name
-        private final Principal issuer; //certificate issuer
-
-        CachedAliasValue(String keyType, Principal issuer) {
-            this.keyType = keyType;
-            this.issuer = issuer;
-        }
-
-        /*
-         * This method is called for a given certificate alias and checks if the corresponding
-         * cached alias entry (contains keytype for certAlias and issuer of thee certificate)
-         * matches the requested conditions in thee TLS handshake.
-         *
-         * It must enforce checking if the certAlias belongs to a valid key algorithm type name,
-         * e.g. 'RSA' or 'EC' and it must check if the certificate issuer is one of the accepted
-         * issuer from the given principals list.
-         *
-         * returns true, if the keyAlias fulfills the requirements
-         */
-        boolean match(String keyType, Principal[] issuers) {
-            return this.keyType.equals(keyType) && (issuers == null
-                    || Arrays.asList(issuers).contains(issuer));
-        }
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
deleted file mode 100644
index 3748f999c..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.java
+++ /dev/null
@@ -1,200 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.net.ssl.*;
-import java.io.IOException;
-import java.io.InputStream;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.security.*;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-
-/**
- * A class for creating pre-configured TrustManagers and KeyManagers for TLS Server and TLS Client
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class PreConfiguration {
-    private static final Logger LOG = LoggerFactory.getLogger(PreConfiguration.class);
-
-    public static KeyStore loadKeyStore(Path keyStorePath, char[] keyStorePassword)
-            throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
-        final KeyStore ks;
-        final var pathString = keyStorePath.toString();
-        if (pathString.endsWith(".jks")) {
-            ks = KeyStore.getInstance("JKS");
-        } else if (pathString.endsWith(".p12")) {
-            ks = KeyStore.getInstance("PKCS12");
-        } else {
-            throw new KeyStoreException("Unknown file extension \"" + pathString.substring(pathString.lastIndexOf('.')) +
-                    "\", " + "only JKS (.jks) and PKCS12 (.p12) are supported.");
-        }
-        try (InputStream keyStoreInputStream = Files.newInputStream(keyStorePath)) {
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("Loading key store: " + pathString);
-            }
-            ks.load(keyStoreInputStream, keyStorePassword);
-        }
-        return ks;
-    }
-
-    /*
-     * Get a secure X509ExtendedTrustManager for the SslContext
-     *
-     * throws IllegalStateException if number of available X509TrustManager is not one
-     * throws RuntimeException of creating TrustManager fails
-     */
-    public static TrustManager[] getX509ExtTrustManager(
-            Path trustStorePath,
-            char[] trustStorePassword
-    ) {
-        try {
-            /* create TrustManager */
-            final TrustManager[] myTrustManager;
-            final KeyStore trustStore = loadKeyStore(trustStorePath, trustStorePassword);
-            final TrustManagerFactory trustManagerFactory =
-                    TrustManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
-
-            trustManagerFactory.init(trustStore);
-            myTrustManager = trustManagerFactory.getTrustManagers();
-
-            /* set up TrustManager config */
-            //allow only X509 Authentication
-            if (myTrustManager.length == 1 && myTrustManager[0] instanceof X509ExtendedTrustManager) {
-                //toDo algorithm constraints
-                return myTrustManager;
-            } else {
-                throw new IllegalStateException("Unexpected default trust managers:" + Arrays.toString(myTrustManager));
-            }
-        } catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    /*
-     * Get a secure X509ExtendedKeyManager for the SslContext
-     *
-     * throws IllegalStateException if number of available X509KeyManager is not one
-     * throws RuntimeException of creating KeyManager fails
-     */
-    public static KeyManager[] getX509ExtKeyManager(
-            char[] keyPassword,
-            Path keyStorePath,
-            char[] keyStorePassword,
-            String certAlias,
-            String keyType
-    ) {
-        try {
-            /* create KeyManager for remote authentication */
-            final KeyManager[] myKeyManager;
-            KeyStore keystore = loadKeyStore(keyStorePath, keyStorePassword);
-            final KeyManagerFactory keyManagerFactory =
-                    KeyManagerFactory.getInstance("PKIX"); //PKIX from SunJSSE
-            keyManagerFactory.init(keystore, keyPassword);
-            myKeyManager = keyManagerFactory.getKeyManagers();
-
-            /* set up keyManager config */
-            //allow only X509 Authentication
-            if (myKeyManager.length == 1 && myKeyManager[0] instanceof X509ExtendedKeyManager) {
-                //select certificate alias
-                myKeyManager[0] =
-                        new CustomX509ExtendedKeyManager(certAlias, keyType, (X509ExtendedKeyManager) myKeyManager[0]);
-                return myKeyManager;
-            } else {
-                throw new IllegalStateException(
-                        "Unexpected default key managers:" + Arrays.toString(myKeyManager));
-            }
-
-        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException
-                | CertificateException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    /*
-     * Get a private key from a JKS Keystore
-     *
-     * throws RuntimeException if key is not available or key access was not permitted
-     */
-    public static Key getKey(
-            Path keyStorePath,
-            char[] keyStorePassword,
-            String keyAlias,
-            char[] keyPassword
-    ) {
-        try {
-            KeyStore keyStore = loadKeyStore(keyStorePath, keyStorePassword);
-
-            // get private key
-            Key key = keyStore.getKey(keyAlias, keyPassword);
-            if (key == null) {
-                throw new RuntimeException("No key was found in keystore for given alias");
-            } else {
-                return key;
-            }
-
-        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException
-                | UnrecoverableKeyException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    /*
-     * Get the certificate from the key store
-     *
-     * throws RuntimeException if key is not available or key access was not permitted
-     */
-    public static X509Certificate getCertificate(
-        Path keyStorePath,
-        char[] keyStorePassword,
-        String keyAlias
-    ) {
-        try {
-            KeyStore keystore = loadKeyStore(keyStorePath, keyStorePassword);
-
-            // get private key
-            X509Certificate cert = (X509Certificate) keystore.getCertificate(keyAlias);
-            // Probe key alias
-            keystore.getKey(keyAlias, keyStorePassword);
-            if (cert == null) {
-                throw new RuntimeException("No cert was found in keystore for given alias");
-            } else {
-                return cert;
-            }
-        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException
-            | UnrecoverableKeyException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    /*
-     * This method can be used for filtering certificates in the trust store
-     * to avoid expired certificates
-     */
-//    private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore, Date validityUntilDate)
-//            throws KeyStoreException, InvalidAlgorithmParameterException {
-//        PKIXParameters params = new PKIXParameters(keyStore);
-//
-//        // Obtain CA root certificates
-//        Set<TrustAnchor> myTrustAnchors = params.getTrustAnchors();
-//
-//        // Create new set of CA certificates that are still valid for specified date
-//        Set<TrustAnchor> validTrustAnchors =
-//                myTrustAnchors.stream().filter(
-//                        ta -> {
-//                            try {
-//                                ta.getTrustedCert().checkValidity(validityUntilDate);
-//                            } catch (CertificateException e) {
-//                                return false;
-//                            }
-//                            return true;
-//                        }).collect(Collectors.toSet());
-//
-//        // Create PKIXBuilderParameters parameters
-//        return new PKIXBuilderParameters(validTrustAnchors, new X509CertSelector());
-//    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
deleted file mode 100644
index 2454756fb..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.concurrent.BlockingQueue;
-import java.util.concurrent.LinkedBlockingQueue;
-
-/**
- * A RatProver dummy that exchanges rat messages with a remote RatVerifier
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class RatProverDummy extends RatProverDriver {
-    private static final Logger LOG = LoggerFactory.getLogger(RatProverDummy.class);
-
-    private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
-
-    public RatProverDummy() {
-        super();
-    }
-
-    @Override
-    public void delegate(byte[] message) {
-        queue.add(message);
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("Delegated to prover");
-        }
-    }
-
-    @Override
-    public void run() {
-        int countDown = 2;
-        while (running) {
-            try {
-                sleep(1000);
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
-                        "test".getBytes());
-                if (LOG.isDebugEnabled()) {
-                    LOG.debug("Prover waits");
-                }
-                byte[] m = queue.take();
-                if (LOG.isDebugEnabled()) {
-                    LOG.debug("Prover receives, send something");
-                }
-                if (--countDown == 0)
-                    break;
-            } catch (InterruptedException e) {
-                if (this.running) {
-                    fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-                }
-                return;
-            }
-        }
-        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
deleted file mode 100644
index f05c165e6..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.concurrent.BlockingQueue;
-import java.util.concurrent.LinkedBlockingQueue;
-
-/**
- * A RatVerifier dummy that exchanges messages with a remote RatProver dummy
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class RatVerifierDummy extends RatVerifierDriver {
-    private static final Logger LOG = LoggerFactory.getLogger(RatVerifierDummy.class);
-
-    private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
-
-    public RatVerifierDummy() {
-        super();
-    }
-
-    @Override
-    public void delegate(byte[] message) {
-        queue.add(message);
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("Delegated to Verifier");
-        }
-    }
-
-    @Override
-    public void run() {
-        int countDown = 2;
-        while (running) {
-            try {
-                sleep(1000);
-                if (LOG.isDebugEnabled()) {
-                    LOG.debug("Verifier waits");
-                }
-                byte[] m = queue.take();
-                if (LOG.isDebugEnabled()) {
-                    LOG.debug("Verifier receives, send something");
-                }
-                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG,
-                        "test".getBytes());
-                if (--countDown == 0)
-                    break;
-            } catch (InterruptedException e) {
-                if (this.running) {
-                    fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-                }
-                return;
-            }
-        }
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java
deleted file mode 100644
index 268dc1093..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.java
+++ /dev/null
@@ -1,84 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
-
-import org.checkerframework.checker.nullness.qual.Nullable;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.security.MessageDigest;
-import java.security.SecureRandom;
-import java.security.cert.Certificate;
-
-public class TPM2dHelper {
-    private static final Logger LOG = LoggerFactory.getLogger(TPM2dHelper.class);
-    private static final SecureRandom sr = new SecureRandom();
-
-    private TPM2dHelper() {
-    }
-
-    /**
-     * Generate a crypto-secure random hex String of length numChars
-     *
-     * @param numBytes Desired String length
-     * @return The generated crypto-secure random hex String
-     */
-    static byte[] generateNonce(int numBytes) {
-        byte[] randBytes = new byte[numBytes];
-        sr.nextBytes(randBytes);
-        return randBytes;
-    }
-
-    /**
-     * Calculate SHA-1 hash of (nonce|certificate).
-     *
-     * @param nonce       The plain, initial nonce
-     * @param certificate The certificate to hash-combine with the nonce
-     * @return The new nonce, updated with the given certificate using SHA-1
-     */
-    static byte[] calculateHash(byte[] nonce, @Nullable Certificate certificate) {
-        try {
-            MessageDigest digest = MessageDigest.getInstance("SHA-1");
-            digest.update(nonce);
-            if (certificate != null) {
-                digest.update(certificate.getEncoded());
-            } else {
-                if (LOG.isWarnEnabled()) {
-                    LOG.warn(
-                            "No client certificate available. Cannot bind nonce to public key to prevent masquerading attack. TLS misconfiguration!");
-                }
-            }
-            return digest.digest();
-        } catch (Exception e1) {
-            LOG.error("Could not create hash of own nonce and local certificate", e1);
-            return nonce;
-        }
-    }
-
-    static class ByteArrayUtil {
-
-        private static final String[] lookup = new String[256];
-
-        static {
-            for (int i = 0; i < lookup.length; ++i) {
-                if (i < 16) {
-                    lookup[i] = "0" + Integer.toHexString(i);
-                } else {
-                    lookup[i] = Integer.toHexString(i);
-                }
-            }
-        }
-
-        static String toPrintableHexString(byte[] bytes) {
-            StringBuilder s = new StringBuilder();
-            for (int i = 0; i < bytes.length; ++i) {
-                if (i > 0 && i % 16 == 0) {
-                    s.append('\n');
-                } else {
-                    s.append(' ');
-                }
-                s.append(lookup[bytes[i] & 0xff]);
-            }
-            return s.toString();
-        }
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java
deleted file mode 100644
index e01bf145f..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.java
+++ /dev/null
@@ -1,109 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
-
-
-import com.google.protobuf.ByteString;
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.*;
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.RemoteToTpm2d.Code;
-
-import java.util.List;
-
-/**
- * A message factory for creating TPM2d RAT messages
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class TPM2dMessageFactory {
-
-    static Tpm2dMessageWrapper getAttestationChallengeMessage(
-            byte[] nonce,
-            IdsAttestationType aType,
-            int pcrIndices
-    ) {
-        return Tpm2dMessageWrapper.newBuilder().setRatChallenge(
-                Tpm2dRatChallenge.newBuilder()
-                        .setAtype(aType)
-                        .setNonce(ByteString.copyFrom(nonce))
-                        .setPcrIndices(pcrIndices)
-                        .build()
-        ).build();
-    }
-
-    static Tpm2dMessageWrapper getAttestationResponseMessage(
-            IdsAttestationType aType,
-            String hash_alg,
-            ByteString quoted,
-            ByteString signature,
-            List<Pcr> pcrValues,
-            ByteString certificate
-    ) {
-        return Tpm2dMessageWrapper.newBuilder().setRatResponse(
-                Tpm2dRatResponse.newBuilder()
-                        .setAtype(aType)
-                        .setHashAlg(hash_alg)
-                        .setQuoted(quoted)
-                        .setSignature(signature)
-                        .addAllPcrValues(pcrValues)
-                        .setCertificate(certificate)
-                        .build()
-        ).build();
-    }
-
-    static Tpm2dMessageWrapper getAttestationResponseMessage(
-            Tpm2dToRemote response
-    ) {
-        return Tpm2dMessageWrapper.newBuilder().setRatResponse(
-                Tpm2dRatResponse.newBuilder()
-                        .setAtype(response.getAtype())
-                        .setHashAlg(response.getHalg().name())
-                        .setQuoted(response.getQuoted())
-                        .setSignature(response.getSignature())
-                        .addAllPcrValues(response.getPcrValuesList())
-                        .setCertificate(response.getCertificate())
-                        .build()
-        ).build();
-    }
-
-    static Tpm2dMessageWrapper getAttestationResultMessage(
-            //IdsAttestationType aType,
-            boolean result
-    ) {
-        return Tpm2dMessageWrapper.newBuilder().setRatResult(
-                Tpm2dRatResult.newBuilder()
-                        //.setAtype(aType)
-                        .setResult(result)
-                        .build()
-        ).build();
-    }
-
-  /*static Tpm2dMessageWrapper getAttestationRepositoryRequestMessage(
-      IdsAttestationType aType,
-      List<Pcr> pcrValues
-  ) {
-    return Tpm2dMessageWrapper.newBuilder().setRepositoryRequest(
-        Tpm2dRepositoryRequest.newBuilder()
-            .setAtype(aType)
-            .addAllPcrValues(pcrValues)
-            .build()
-    ).build();
-  }
-
-  static Tpm2dMessageWrapper getAttestationRepositoryResponseMessage() {
-    return Tpm2dMessageWrapper.newBuilder().setRepositoryResponse(
-        Tpm2dRepositoryResponse.newBuilder()
-            .build()
-    ).build();
-  }*/
-
-    static RemoteToTpm2d getRemoteToTPM2dMessage(
-            IdsAttestationType aType,
-            byte[] hash,
-            int pcrIndices
-    ) {
-        return RemoteToTpm2d.newBuilder()
-                .setAtype(aType)
-                .setQualifyingData(ByteString.copyFrom(hash))
-                .setCode(Code.ATTESTATION_REQ)
-                .setPcrs(pcrIndices)
-                .build();
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java
deleted file mode 100644
index 2603c425a..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.java
+++ /dev/null
@@ -1,213 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
-
-import com.google.protobuf.InvalidProtocolBufferException;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.*;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.util.concurrent.BlockingQueue;
-import java.util.concurrent.LinkedBlockingQueue;
-
-/**
- * A TPM2d RatProver Driver implementation that proves its identity to a remote peer using TPM2d
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class TPM2dProver extends RatProverDriver {
-    private static final Logger LOG = LoggerFactory.getLogger(TPM2dProver.class);
-
-    /*
-     * ******************* Protocol *******************
-     *
-     * Verifier: (Challenger)
-     * -------------------------
-     * Generate NonceV
-     * create RatChallenge (NonceV, aType, pcr_mask)
-     * -------------------------
-     *
-     * Prover: (Responder)
-     * -------------------------
-     * get RatChallenge (NonceV, aType, pcr_mask)
-     * hash = calculateHash(nonceV, certV)
-     * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
-     * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
-     * create AttestationResponse from tpm response
-     * -------------------------
-     *
-     * Verifier: (Responder)
-     * -------------------------
-     * get AttestationResponse
-     * hash = calculateHash(nonceV, certV)
-     * check signature(response, hash)
-     * check repo(aType, response, ttpUri)
-     * create RatResult
-     * -------------------------
-     *
-     * Prover: (Requester)
-     * -------------------------
-     * get AttestationResult
-     * -------------------------
-     *
-     */
-
-    private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
-    private TPM2dProverConfig config = new TPM2dProverConfig.Builder().build();
-
-    public TPM2dProver() {
-        super();
-    }
-
-    @Override
-    public void setConfig(Object config) {
-        if (config instanceof TPM2dProverConfig) {
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("Set rat prover config");
-            }
-            this.config = (TPM2dProverConfig) config;
-        } else {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("Invalid prover config");
-            }
-        }
-    }
-
-    @Override
-    public void delegate(byte[] message) {
-        queue.add(message);
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("Delegated to prover");
-        }
-    }
-
-    @Override
-    public void run() {
-        //TPM2d Challenge-Response Protocol
-
-        // wait for RatChallenge from Verifier
-        byte[] msg;
-        try {
-            msg = queue.take();
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("Prover receives new message");
-            }
-        } catch (InterruptedException e) {
-            if (this.running) {
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-            }
-            return;
-        }
-
-        // parse body to expected tpm2d message wrapper
-        Tpm2dMessageWrapper tpm2dMessageWrapper;
-        try {
-            tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
-        } catch (InvalidProtocolBufferException e) {
-            LOG.error("Cannot parse IdscpRatVerifier body", e);
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-            return;
-        }
-
-        // check if wrapper contains expected rat challenge
-        if (!tpm2dMessageWrapper.hasRatChallenge()) {
-            //unexpected message
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatChallenge");
-            }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-            return;
-        }
-
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("Get rat challenge from rat verifier");
-        }
-        Tpm2dRatChallenge challenge = tpm2dMessageWrapper.getRatChallenge();
-
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("Requesting attestation from TPM ...");
-        }
-
-        // hash
-        byte[] hash = TPM2dHelper.calculateHash(challenge.getNonce().toByteArray(),
-                config.getRemoteCertificate());
-
-        // generate RemoteToTPM2dRequest
-        RemoteToTpm2d tpmRequest = TPM2dMessageFactory.getRemoteToTPM2dMessage(
-                challenge.getAtype(),
-                hash,
-                challenge.hasPcrIndices() ? challenge.getPcrIndices() : 0
-        );
-
-        // get TPM response
-        Tpm2dToRemote tpmResponse;
-        try {
-            TPM2dSocket tpmSocket = new TPM2dSocket(config.getTpm2dHost());
-            tpmResponse = tpmSocket.requestAttestation(tpmRequest);
-        } catch (IOException e) {
-            LOG.error("Cannot access TPM", e);
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-            return;
-        }
-
-        // create Tpm2dResponse
-        byte[] response = TPM2dMessageFactory.getAttestationResponseMessage(tpmResponse)
-                .toByteArray();
-
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("Send rat response to verifier");
-        }
-        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG, response);
-
-        // wait for result
-        try {
-            msg = queue.take();
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("Prover receives new message");
-            }
-        } catch (InterruptedException e) {
-            if (this.running) {
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-            }
-            return;
-        }
-
-        // parse body to expected tpm2d message wrapper
-        try {
-            tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
-        } catch (InvalidProtocolBufferException e) {
-            LOG.error("Cannot parse IdscpRatVerifier body", e);
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-            return;
-        }
-
-        // check if wrapper contains expected rat result
-        if (!tpm2dMessageWrapper.hasRatResult()) {
-            //unexpected message
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResult");
-            }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-            return;
-        }
-
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("Get rat challenge from rat verifier");
-        }
-        Tpm2dRatResult result = tpm2dMessageWrapper.getRatResult();
-
-        // notify fsm
-        if (result.getResult()) {
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("Attestation succeed");
-            }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, null);
-        } else {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("Attestation failed");
-            }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, null);
-        }
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java
deleted file mode 100644
index 99f31acd7..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.java
+++ /dev/null
@@ -1,51 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
-
-import org.checkerframework.checker.nullness.qual.NonNull;
-
-import java.security.cert.Certificate;
-
-/**
- * A configuration class for TPM2d RatPriver driver
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class TPM2dProverConfig {
-
-    private Certificate remoteCertificate;
-    @NonNull
-    private String tpm2dHost;
-
-    private TPM2dProverConfig() {
-        tpm2dHost = System.getenv("TPM_HOST") != null ?
-                System.getenv("TPM_HOST") : "localhost";
-    }
-
-    public static class Builder {
-        private static final TPM2dProverConfig config = new TPM2dProverConfig();
-
-        @NonNull
-        public Builder setRemoteCertificate(Certificate remoteCert) {
-            config.remoteCertificate = remoteCert;
-            return this;
-        }
-
-        @NonNull
-        public Builder setTpmHost(String host) {
-            config.tpm2dHost = host;
-            return this;
-        }
-
-        public TPM2dProverConfig build() {
-            return config;
-        }
-    }
-
-    public Certificate getRemoteCertificate() {
-        return remoteCertificate;
-    }
-
-    @NonNull
-    public String getTpm2dHost() {
-        return tpm2dHost;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java
deleted file mode 100644
index 56c32cd37..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
-
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.RemoteToTpm2d;
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dToRemote;
-
-import java.io.DataInputStream;
-import java.io.DataOutputStream;
-import java.io.IOException;
-import java.net.Socket;
-
-/**
- * A TPM2d Socket for communication with the Trusted Platform Module
- */
-public class TPM2dSocket extends Socket {
-
-    private final DataInputStream is;
-    private final DataOutputStream os;
-
-    public TPM2dSocket(String host) throws IOException {
-        super(host, 9505);
-        is = new DataInputStream(this.getInputStream());
-        os = new DataOutputStream(this.getOutputStream());
-    }
-
-    public Tpm2dToRemote requestAttestation(RemoteToTpm2d request) throws IOException {
-        // Write attestation request message
-        byte[] requestBytes = request.toByteArray();
-        os.writeInt(requestBytes.length);
-        os.write(requestBytes);
-        // Read attestation result message
-        byte[] resultBytes = new byte[is.readInt()];
-        is.readFully(resultBytes);
-        return Tpm2dToRemote.parseFrom(resultBytes);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java
deleted file mode 100644
index 03f470053..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.java
+++ /dev/null
@@ -1,281 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
-
-import com.google.protobuf.InvalidProtocolBufferException;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.InternalControlMessage;
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dMessageWrapper;
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dRatResponse;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import tss.tpm.*;
-
-import java.io.BufferedReader;
-import java.io.ByteArrayInputStream;
-import java.nio.charset.StandardCharsets;
-import java.nio.file.FileSystems;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.security.Signature;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.Base64;
-import java.util.concurrent.BlockingQueue;
-import java.util.concurrent.LinkedBlockingQueue;
-
-/**
- * A TPM2d RatVerifier driver that verifies the remote peer's identity using TPM2d
- */
-public class TPM2dVerifier extends RatVerifierDriver {
-    private static final Logger LOG = LoggerFactory.getLogger(TPM2dVerifier.class);
-
-    /*
-     * ******************* Protocol *******************
-     *
-     * Verifier: (Challenger)
-     * -------------------------
-     * Generate NonceV
-     * create RatChallenge (NonceV, aType, pcr_mask)
-     * -------------------------
-     *
-     * Prover: (Responder)
-     * -------------------------
-     * get RatChallenge (NonceV, aType, pcr_mask)
-     * hash = calculateHash(nonceV, certV)
-     * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
-     * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
-     * create AttestationResponse from tpm response
-     * -------------------------
-     *
-     * Verifier: (Responder)
-     * -------------------------
-     * get AttestationResponse
-     * hash = calculateHash(nonceV, certV)
-     * check signature(response, hash)
-     * check repo(aType, response, ttpUri)
-     * create RatResult
-     * -------------------------
-     *
-     * Prover: (Requester)
-     * -------------------------
-     * get AttestationResult
-     * -------------------------
-     *
-     */
-
-    private final BlockingQueue<byte[]> queue = new LinkedBlockingQueue<>();
-    private TPM2dVerifierConfig config = new TPM2dVerifierConfig.Builder().build();
-
-    public TPM2dVerifier() {
-        super();
-    }
-
-    @Override
-    public void setConfig(Object config) {
-        if (config instanceof TPM2dVerifierConfig) {
-            LOG.debug("Set rat verifier config");
-            this.config = (TPM2dVerifierConfig) config;
-        } else {
-            LOG.warn("Invalid config");
-        }
-    }
-
-    @Override
-    public void delegate(byte[] message) {
-        queue.add(message);
-        LOG.debug("Delegated to Verifier");
-    }
-
-    @Override
-    public void run() {
-        //TPM2d Challenge-Response Protocol
-
-        // create rat challenge with fresh nonce
-        LOG.debug("Generate and send rat challenge for rat prover");
-        byte[] nonce = TPM2dHelper.generateNonce(20);
-
-        // send challenge as RAT Verifier Message
-        byte[] ratChallenge = TPM2dMessageFactory.getAttestationChallengeMessage(
-                nonce, config.getExpectedAType(), config.getExpectedAttestationMask()).toByteArray();
-
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratChallenge);
-
-        // wait for attestation response
-        byte[] msg;
-        try {
-            msg = queue.take();
-            LOG.debug("Verifier receives new message");
-        } catch (InterruptedException e) {
-            if (this.running) {
-                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-            }
-            return;
-        }
-
-        // parse body to expected tpm2d message wrapper
-        Tpm2dMessageWrapper tpm2dMessageWrapper;
-        try {
-            tpm2dMessageWrapper = Tpm2dMessageWrapper.parseFrom(msg);
-        } catch (InvalidProtocolBufferException e) {
-            LOG.error("Cannot parse IdscpRatProver body", e);
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-            return;
-        }
-
-        // check if wrapper contains expected rat response
-        if (!tpm2dMessageWrapper.hasRatResponse()) {
-            //unexpected message
-            LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResponse");
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-            return;
-        }
-
-        LOG.debug("Get rat response from remote prover");
-        //validate rat response
-        Tpm2dRatResponse resp = tpm2dMessageWrapper.getRatResponse();
-
-        LOG.debug("Validate rat response: signature and rat repository checks");
-
-        // validate signature
-        boolean result = true;
-        byte[] hash = TPM2dHelper.calculateHash(nonce, config.getLocalCertificate());
-
-        if (!checkSignature(resp, hash)) {
-            result = false;
-            LOG.warn("Invalid rat signature");
-        }
-
-        // toDo check rat repo!!!!!!!!! --> Problems with current Rat Repo Protobuf format
-
-        // create and send rat result
-        LOG.debug("Send rat result to remote prover");
-        byte[] ratResult = TPM2dMessageFactory.getAttestationResultMessage(result).toByteArray();
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratResult);
-
-        // notify fsm about result
-        if (result) {
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, null);
-        } else {
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, null);
-        }
-    }
-
-    private boolean checkSignature(@NonNull Tpm2dRatResponse response, byte[] hash) {
-        byte[] byteSignature = response.getSignature().toByteArray();
-        byte[] byteCert = response.getCertificate().toByteArray();
-        byte[] byteQuoted = response.getQuoted().toByteArray();
-
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("signature: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature));
-            LOG.debug("cert: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteCert));
-            LOG.debug("quoted: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted));
-        }
-
-        if (byteSignature.length == 0 || byteCert.length == 0 || byteQuoted.length == 0) {
-            LOG.warn("Some required part (signature, cert or quoted) is empty!");
-            return false;
-        }
-
-        try {
-            CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
-
-            // Load trust anchor certificate
-            final X509Certificate rootCertificate;
-            Path rootCertPath = FileSystems.getDefault().getPath("etc", "rootca-cert.pem");
-            try (BufferedReader reader =
-                         Files.newBufferedReader(rootCertPath, StandardCharsets.US_ASCII)) {
-                StringBuilder builder = new StringBuilder();
-                for (String line = reader.readLine(); line != null; line = reader.readLine()) {
-                    if (!line.startsWith("-")) {
-                        builder.append(line.trim());
-                    }
-                }
-                byte[] rootCertBytes = Base64.getDecoder().decode(builder.toString());
-                rootCertificate =
-                        (X509Certificate)
-                                certFactory.generateCertificate(new ByteArrayInputStream(rootCertBytes));
-            } catch (Exception e) {
-                LOG.error("Error parsing root certificate", e);
-                return false;
-            }
-
-            // Create X509Certificate instance from certBytes
-            final X509Certificate certificate =
-                    (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(byteCert));
-            // Verify the TPM certificate
-            try {
-                certificate.verify(rootCertificate.getPublicKey());
-            } catch (Exception e) {
-                LOG.error("TPM certificate is invalid", e);
-                return false;
-            }
-
-            // Construct a new TPMT_SIGNATURE instance from byteSignature bytes
-            final TPMT_SIGNATURE tpmtSignature;
-            try {
-                tpmtSignature = TPMT_SIGNATURE.fromTpm(byteSignature);
-            } catch (Exception ex) {
-                LOG.warn(
-                        "Could not create a TPMT_SIGNATURE from bytes:\n"
-                                + TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature),
-                        ex);
-                return false;
-            }
-
-            // Construct a new TPMS_ATTEST instance from byteQuoted bytes
-            final TPMS_ATTEST tpmsAttest;
-            try {
-                tpmsAttest = TPMS_ATTEST.fromTpm(byteQuoted);
-            } catch (Exception ex) {
-                LOG.warn(
-                        "Could not create a TPMS_ATTEST from bytes:\n"
-                                + TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted),
-                        ex);
-                return false;
-            }
-
-            // check hash value (extra data) against expected hash
-            byte[] extraBytes = tpmsAttest.extraData;
-            if (!Arrays.equals(extraBytes, hash)) {
-                if (LOG.isWarnEnabled()) {
-                    LOG.warn(
-                            "The hash (extra data) in TPMS_ATTEST structure is invalid!"
-                                    + "\nextra data: {}\nhash: {}",
-                            TPM2dHelper.ByteArrayUtil.toPrintableHexString(extraBytes),
-                            TPM2dHelper.ByteArrayUtil.toPrintableHexString(hash));
-                }
-                return false;
-            }
-
-            // Check signature of attestation
-            final int tpmSigAlg = tpmtSignature.GetUnionSelector_signature();
-            final int tpmSigHashAlg;
-            final byte[] tpmSig;
-            if (tpmSigAlg == TPM_ALG_ID.RSAPSS.toInt()) {
-                tpmSigHashAlg = ((TPMS_SIGNATURE_RSAPSS) tpmtSignature.signature).hash.toInt();
-                tpmSig = ((TPMS_SIGNATURE_RSAPSS) tpmtSignature.signature).sig;
-            } else if (tpmSigAlg == TPM_ALG_ID.RSASSA.toInt()) {
-                tpmSigHashAlg = ((TPMS_SIGNATURE_RSASSA) tpmtSignature.signature).hash.toInt();
-                tpmSig = ((TPMS_SIGNATURE_RSASSA) tpmtSignature.signature).sig;
-            } else {
-                throw new Exception(
-                        "Unknown or unimplemented signature scheme: " + tpmtSignature.signature.getClass());
-            }
-            if (tpmSigHashAlg != TPM_ALG_ID.SHA256.toInt()) {
-                throw new Exception("Only SHA256withRSA TPM signature hash algorithm is allowed!");
-            }
-            Signature sig = Signature.getInstance("SHA256withRSA");
-            sig.initVerify(certificate.getPublicKey());
-            sig.update(byteQuoted);
-            boolean result = sig.verify(tpmSig);
-            if (!result && LOG.isWarnEnabled()) {
-                LOG.warn("Attestation signature invalid!");
-            }
-            return result;
-        } catch (Exception ex) {
-            LOG.warn("Error during attestation validation", ex);
-            return false;
-        }
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java
deleted file mode 100644
index db9d0ad1d..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.java
+++ /dev/null
@@ -1,80 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d;
-
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.IdsAttestationType;
-import org.checkerframework.checker.nullness.qual.NonNull;
-
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.security.cert.Certificate;
-
-/**
- * A configuration class for TPM2d RatVerifier Driver
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class TPM2dVerifierConfig {
-
-    private Certificate localCertificate;
-    @NonNull
-    private URI ttpUri;
-    @NonNull
-    private IdsAttestationType expectedAType = IdsAttestationType.BASIC;
-    private int expectedAttestationMask = 0;
-
-    private TPM2dVerifierConfig() {
-        try {
-            ttpUri = new URI("https://invalid-ttp-uri/rat-verify");
-        } catch (URISyntaxException e) {
-            throw new RuntimeException(e);
-        }
-    }
-
-    public static class Builder {
-        private static final TPM2dVerifierConfig config = new TPM2dVerifierConfig();
-
-        @NonNull
-        public Builder setTtpUri(URI ttpUri) {
-            config.ttpUri = ttpUri;
-            return this;
-        }
-
-        @NonNull
-        public Builder setLocalCertificate(Certificate localCert) {
-            config.localCertificate = localCert;
-            return this;
-        }
-
-        @NonNull
-        public Builder setExpectedAttestationType(IdsAttestationType aType) {
-            config.expectedAType = aType;
-            return this;
-        }
-
-        public Builder setExpectedAttestationMask(int mask) {
-            config.expectedAttestationMask = mask;
-            return this;
-        }
-
-        public TPM2dVerifierConfig build() {
-            return config;
-        }
-    }
-
-    @NonNull
-    public URI getTtpUri() {
-        return ttpUri;
-    }
-
-    @NonNull
-    public IdsAttestationType getExpectedAType() {
-        return expectedAType;
-    }
-
-    public Certificate getLocalCertificate() {
-        return localCertificate;
-    }
-
-    public int getExpectedAttestationMask() {
-        return expectedAttestationMask;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
deleted file mode 100644
index 98582b0ba..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.java
+++ /dev/null
@@ -1,59 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel;
-
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client.TLSClient;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server.TLSServer;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.util.concurrent.CompletableFuture;
-
-/**
- * An implementation of SecureChannelDriver interface on TLSv1.3
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class NativeTLSDriver implements SecureChannelDriver {
-    private static final Logger LOG = LoggerFactory.getLogger(NativeTLSDriver.class);
-
-    /**
-     * Performs an asynchronous client connect to a TLS server.
-     */
-    @Override
-    public void connect(Idscp2Settings settings,
-                        DapsDriver dapsDriver,
-                        CompletableFuture<Idscp2Connection> connectionFuture) {
-        try {
-            TLSClient tlsClient = new TLSClient(settings, dapsDriver, connectionFuture);
-            tlsClient.connect(settings.getHost(), settings.getServerPort());
-        } catch (IOException | NoSuchAlgorithmException | KeyManagementException e) {
-            connectionFuture.completeExceptionally(new Idscp2Exception("Call to connect() has failed", e));
-        }
-    }
-
-    /**
-     * Creates and starts a new TLS Server instance.
-     *
-     * @return The SecureServer instance
-     * @throws Idscp2Exception If any error occurred during server creation/start
-     */
-    @Override
-    public SecureServer listen(Idscp2Settings settings, SecureChannelInitListener channelInitListener,
-                               CompletableFuture<ServerConnectionListener> serverListenerPromise) {
-        try {
-            return new TLSServer(settings, channelInitListener, serverListenerPromise);
-        } catch (IOException | NoSuchAlgorithmException | KeyManagementException e) {
-            throw new Idscp2Exception("Error while trying to to start SecureServer", e);
-        }
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.java
deleted file mode 100644
index 0e2e66c85..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.java
+++ /dev/null
@@ -1,67 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel;
-
-/**
- * TLS Constants
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public final class TLSConstants {
-
-    // Used TLS version
-    public static final String TLS_INSTANCE = "TLSv1.3";
-
-    // Enabled encryption protocols
-    public static final String[] TLS_ENABLED_PROTOCOLS = { TLS_INSTANCE };
-
-    // Acceptable TLS ciphers
-    public static final String[] TLS_ENABLED_CIPHERS = {
-//            "TLS_AES_128_GCM_SHA256",
-            "TLS_AES_256_GCM_SHA384",
-            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
-//            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
-//            "TLS_RSA_WITH_AES_256_GCM_SHA384",
-//            "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-//            "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384",
-//            "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384",
-//            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-//            "TLS_RSA_WITH_AES_128_GCM_SHA256",
-//            "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
-//            "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
-//            "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256",
-//            "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256",
-//            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
-//            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
-//            "TLS_RSA_WITH_AES_256_CBC_SHA256",
-//            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
-//            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
-//            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256",
-//            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256",
-//            "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
-//            "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
-//            "TLS_RSA_WITH_AES_256_CBC_SHA",
-//            "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
-//            "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
-//            "TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
-//            "TLS_DHE_DSS_WITH_AES_256_CBC_SHA",
-//            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
-//            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
-//            "TLS_RSA_WITH_AES_128_CBC_SHA256",
-//            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
-//            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
-//            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256",
-//            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256",
-//            "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
-//            "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
-//            "TLS_RSA_WITH_AES_128_CBC_SHA",
-//            "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
-//            "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
-//            "TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
-//            "TLS_DHE_DSS_WITH_AES_128_CBC_SHA",
-//            "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"
-    };
-
-    private TLSConstants() {
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java
deleted file mode 100644
index 78679508d..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.java
+++ /dev/null
@@ -1,205 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLSession;
-import java.security.cert.*;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Date;
-import java.util.List;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-/**
- * A class for verifying an established TLS Session on application layer
- * (application level security)
- *
- * @author Leon Beckmann (leon.beckmannn@aisec.fraunhofer.de)
- */
-public class TLSSessionVerificationHelper {
-    private static final Logger LOG = LoggerFactory.getLogger(TLSSessionVerificationHelper.class);
-
-    private static final String ipv4Pattern =
-            "(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])";
-    private static final String ipv6Pattern = "([0-9a-f]{1,4}:){7}([0-9a-f]){1,4}";
-
-    /*
-     * Checks if the ssl session is valid and the remote host can be trusted
-     *
-     * Due to the fact, that hostname verification is not specified in the secure socket layer,
-     * we have to check if the connected hostname matches to the subject of the peer certificate to
-     * avoid Man-In-The-Middle Attacks. This is required for every raw tls!
-     *
-     * Further we check the peer certificate validity to avoid the case that some of the certificates
-     * in our local trust_store are not valid anymore and allow a peer connector to connect with an
-     * expired certificate
-     *
-     * Throws SSlPeerUnverifiedException if peer certificate is not secure for this peer
-     */
-    public static void verifyTlsSession(SSLSession sslSession) throws SSLPeerUnverifiedException {
-
-        String host = sslSession.getPeerHost();
-
-        LOG.debug("Connected to {}:{}", host, sslSession.getPeerPort());
-        try {
-
-            //get certificate
-            Certificate[] certificates = sslSession.getPeerCertificates();
-            if (certificates.length != 1) {
-                throw new SSLPeerUnverifiedException("Unexpected number of certificates");
-            }
-            X509Certificate peerCert = (X509Certificate) certificates[0];
-
-            /*
-             * According to RFC6125, hostname verification should be done against the certificate's
-             * subject alternative name's (SANs) dNSName field or the SANs IPAddress. In some legacy
-             * implementations, the check is done against the certificate's commonName, but this is
-             * deprecated for quite a while and is therefore not supported anymore in te IDSCP2 protocol.
-             */
-            Collection<List<?>> sans = peerCert.getSubjectAlternativeNames();
-            if (sans == null) {
-                throw new SSLPeerUnverifiedException("No Subject alternative names for hostname "
-                        + "verification provided");
-            }
-
-            ArrayList<String> acceptedDnsNames = new ArrayList<>();
-            ArrayList<String> acceptedIpAddresses = new ArrayList<>();
-
-            for (List<?> subjectAltName : sans) {
-                if (subjectAltName.size() != 2) {
-                    continue;
-                }
-                Object value = subjectAltName.get(1);
-                switch ((Integer) subjectAltName.get(0)) {
-                    case 2: //DNS_NAME
-                        if (value instanceof String) {
-                            acceptedDnsNames.add((String) value);
-                        } else if (value instanceof byte[]) {
-                            acceptedDnsNames.add(new String((byte[]) value));
-                        }
-                        break;
-                    case 7: //IP_ADDRESS
-                        if (value instanceof String) {
-                            acceptedIpAddresses.add((String) value);
-                        } else if (value instanceof byte[]) {
-                            acceptedIpAddresses.add(new String((byte[]) value));
-                        }
-                        break;
-                    case 0: //OTHER_NAME - Not Supported
-                    case 1: //RFC_822_Name - Not Supported
-                    case 3: //X400_ADDRESS - Not Supported
-                    case 4: //DIRECTORY_NAME - Not Supported
-                    case 5: //EDI_PARTY_NAME - Not supported
-                    case 6: //URI - Not Supported
-                    case 8: //REGISTERED_ID - Not Supported
-                    default: //unspecified General Name - should never happen
-                        break;
-                }
-            }
-
-            //toDo localhost is matched manually to 127.0.0.1 for testing..
-            // automatic dns resolving via DNS service is not an option since we cannot trust the DNS
-            if (acceptedDnsNames.contains("localhost")) {
-                acceptedIpAddresses.add("127.0.0.1");
-            }
-
-
-            if (isIpAddress(host)) {
-                //FIXME The server should provide a possibility to validate clients dnsNames against SANs in
-                // Client certificate to avoid MITMs. This is an open issue
-                //check ip addresses RFC 2818 (Section 3.1)
-                if (!acceptedIpAddresses.contains(host)) {
-                    throw new SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
-                            + "not belong to peer host");
-                }
-            } else {
-                //check hostname
-                String[] hostLabels = host.split("\\.");
-                boolean found = false;
-
-                for (String entry : acceptedDnsNames) {
-                    if (checkHostname(entry.split("\\.", -1), hostLabels)) {
-                        found = true;
-                        break;
-                    }
-                }
-
-                if (!found) {
-                    throw new SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
-                            + "not belong to peer host");
-                }
-            }
-
-
-            //check certificate validity for now and at least one day
-            Date oneDay = new Date();
-            oneDay.setTime(oneDay.getTime() + 86400000);
-
-            peerCert.checkValidity();
-            peerCert.checkValidity(oneDay);
-
-        } catch (CertificateParsingException | CertificateNotYetValidException |
-                CertificateExpiredException e) {
-            throw new SSLPeerUnverifiedException("TLS Session Verification failed " + e);
-        }
-    }
-
-
-    /*
-     * check if host is an IP Address
-     */
-    private static boolean isIpAddress(String host) {
-
-        Matcher ip4 = Pattern.compile(ipv4Pattern, Pattern.CASE_INSENSITIVE).matcher(host);
-        if (ip4.matches()) {
-            return true;
-        }
-
-        Matcher ip6 = Pattern.compile(ipv6Pattern, Pattern.CASE_INSENSITIVE).matcher(host);
-        return ip6.matches();
-    }
-
-    /*
-     * match dNS Name
-     */
-    private static boolean checkHostname(String[] dnsNameLabels, String[] hostNameLabels) {
-
-        /*
-         * support wildcard matching of DNS names as described in RFC6125 Section 6.4.3
-         *
-         * Rules:
-         * 1. The client SHOULD NOT attempt to match a presented identifier in which the wildcard
-         * character comprises a label other than the left-most label
-         * (e.g., do not match bar.*.example.net).
-         *
-         * 2. If the wildcard character is the only character of the left-most label in the
-         * presented identifier, the client SHOULD NOT compare against anything but the left-most
-         * label of the reference identifier (e.g., *.example.com would match foo.example.com but
-         * not bar.foo.example.com or example.com).
-         *
-         * 3. The client MAY match a presented identifier in which the wildcard character is not the
-         * only character of the label (e.g., baz*.example.net and *baz.example.net and
-         * b*z.example.net would be taken to match baz1.example.net and foobaz.example.net and
-         * buzz.example.net, respectively).  However, the client SHOULD NOT attempt to match a
-         * presented identifier where the wildcard character is embedded within an A-label or
-         * U-label of an internationalized domain name.
-         */
-        if (dnsNameLabels.length == hostNameLabels.length) { //include rule 2
-            //all labels without the first one must match completely (rule 1)
-            for (int i = 1; i < dnsNameLabels.length; i++) {
-                if (!dnsNameLabels[i].equals(hostNameLabels[i])) {
-                    return false;
-                }
-            }
-
-            //first label could include wildcard character '*' (rule 1+3)
-            return hostNameLabels[0].matches(dnsNameLabels[0].replace("*", ".*"));
-        }
-
-        return false;
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
deleted file mode 100644
index bd7572a80..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.java
+++ /dev/null
@@ -1,61 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
-
-import java.io.DataInputStream;
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.SocketTimeoutException;
-
-/**
- * A simple Listener thread that listens to an input stream and notifies a listeners
- * when new data has been received
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class InputListenerThread extends Thread implements InputListener {
-
-    private final DataInputStream in;
-    private DataAvailableListener listener = null; //no race conditions, could be empty list
-    private volatile boolean running = true;
-
-    public InputListenerThread(InputStream in) {
-        this.in = new DataInputStream(in);
-    }
-
-    /*
-     * Run the input listener thread that reads from wire and provides data to upper layer
-     */
-    public void run() {
-        byte[] buf;
-        while (running) {
-            try {
-                //first read the length
-                int len = in.readInt();
-                buf = new byte[len];
-                //then read the data
-                in.readFully(buf, 0, len);
-                //provide to listener
-                this.listener.onMessage(buf);
-            } catch (SocketTimeoutException ignore) {
-                //timeout to catch safeStop() call
-            } catch (EOFException e) {
-                listener.onClose();
-                running = false;
-            } catch (IOException e) {
-                listener.onError(e);
-                running = false;
-            }
-        }
-    }
-
-    @Override
-    public void register(DataAvailableListener listener) {
-        this.listener = listener;
-    }
-
-
-    @Override
-    public void safeStop() {
-        this.running = false;
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
deleted file mode 100644
index 0f48af800..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.java
+++ /dev/null
@@ -1,223 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
-
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.net.ssl.*;
-import java.io.DataOutputStream;
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.net.Socket;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.util.concurrent.CompletableFuture;
-
-/**
- * A TLS Client that notifies an Idscp2ServerFactory when a secure channel was created and the
- * TLS handshake is done. The client is notified from an InputListenerThread when new data are
- * available and transfer it to the SecureChannelListener
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-
-public class TLSClient implements HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
-    private static final Logger LOG = LoggerFactory.getLogger(TLSClient.class);
-
-    private final Socket clientSocket;
-    private DataOutputStream out;
-    private InputListenerThread inputListenerThread;
-    private final CompletableFuture<SecureChannelListener> listenerPromise = new CompletableFuture<>();
-    private final Idscp2Settings clientSettings;
-    private final DapsDriver dapsDriver;
-    private final CompletableFuture<Idscp2Connection> connectionFuture;
-
-    public TLSClient(Idscp2Settings clientSettings,
-                     DapsDriver dapsDriver,
-                     CompletableFuture<Idscp2Connection> connectionFuture)
-            throws IOException, KeyManagementException, NoSuchAlgorithmException {
-        this.clientSettings = clientSettings;
-        this.dapsDriver = dapsDriver;
-        this.connectionFuture = connectionFuture;
-
-        // init TLS Client
-
-        // get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
-        // hostVerification and algorithm constraints
-        TrustManager[] myTrustManager = PreConfiguration.getX509ExtTrustManager(
-                clientSettings.getTrustStorePath(),
-                clientSettings.getTrustStorePassword()
-        );
-
-        // get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
-        // connection specific key selection via key alias
-        KeyManager[] myKeyManager = PreConfiguration.getX509ExtKeyManager(
-                clientSettings.getKeyPassword(),
-                clientSettings.getKeyStorePath(),
-                clientSettings.getKeyStorePassword(),
-                clientSettings.getCertificateAlias(),
-                clientSettings.getKeyStoreKeyType()
-        );
-
-        SSLContext sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE);
-        sslContext.init(myKeyManager, myTrustManager, null);
-
-        SSLSocketFactory socketFactory = sslContext.getSocketFactory();
-
-        // create server socket
-        clientSocket = socketFactory.createSocket();
-
-        SSLSocket sslSocket = (SSLSocket) clientSocket;
-
-        // set TLS constraints
-        SSLParameters sslParameters = sslSocket.getSSLParameters();
-        sslParameters.setUseCipherSuitesOrder(false);  // use server priority order
-        sslParameters.setNeedClientAuth(true);
-        sslParameters.setProtocols(TLSConstants.TLS_ENABLED_PROTOCOLS);  // only TLSv1.3
-        sslParameters.setCipherSuites(TLSConstants.TLS_ENABLED_CIPHERS);  // only allow strong cipher
-//        sslParameters.setEndpointIdentificationAlgorithm("HTTPS");  // is done in application layer
-        sslSocket.setSSLParameters(sslParameters);
-        LOG.debug("TLS Client was initialized successfully");
-    }
-
-
-    /**
-     * Connect to TLS server and start TLS Handshake
-     */
-    public void connect(String hostname, int port) {
-        SSLSocket sslSocket = (SSLSocket) clientSocket;
-        if (sslSocket == null || sslSocket.isClosed()) {
-            throw new Idscp2Exception("Client socket is not available");
-        }
-
-        try {
-            sslSocket.connect(new InetSocketAddress(hostname, port));
-            LOG.debug("Client is connected to server {}:{}", hostname, port);
-
-            //set clientSocket timeout to allow safeStop()
-            clientSocket.setSoTimeout(5000);
-
-            out = new DataOutputStream(clientSocket.getOutputStream());
-
-            // Add inputListener but start it not before handshake is complete
-            inputListenerThread = new InputListenerThread(clientSocket.getInputStream());
-            inputListenerThread.register(this);
-
-            sslSocket.addHandshakeCompletedListener(this);
-            LOG.debug("Start TLS Handshake");
-            sslSocket.startHandshake();
-        } catch (SSLHandshakeException | SSLProtocolException e) {
-            // FIXME: Any such disconnect makes the server maintain a broken connection
-            disconnect();
-            throw new Idscp2Exception("TLS Handshake failed", e);
-        } catch (IOException e) {
-            // FIXME: Any such disconnect makes the server maintain a broken connection
-            disconnect();
-            throw new Idscp2Exception("Connecting TLS client to server failed", e);
-        }
-    }
-
-    private void disconnect() {
-        LOG.debug("Disconnecting from TLS server...");
-        //close listener
-        if (inputListenerThread != null && inputListenerThread.isAlive()) {
-            inputListenerThread.safeStop();
-        }
-
-        if (clientSocket != null && !clientSocket.isClosed()) {
-            try {
-                clientSocket.close();
-            } catch (IOException e) {
-                onError(e);
-            }
-        }
-    }
-
-    @Override
-    public void onClose() {
-        listenerPromise.thenAccept(SecureChannelListener::onClose);
-    }
-
-    @Override
-    public void onError(Throwable t) {
-        listenerPromise.thenAccept(listener -> listener.onError(t));
-    }
-
-    @Override
-    public void close() {
-        disconnect();
-    }
-
-    @Override
-    public boolean send(byte[] data) {
-        if (!isConnected()) {
-            LOG.error("Client cannot send data because socket is not connected");
-            return false;
-        } else {
-            try {
-                out.writeInt(data.length);
-                out.write(data);
-                out.flush();
-                LOG.debug("Send message");
-                return true;
-            } catch (IOException e) {
-                LOG.error("Client cannot send data");
-                return false;
-            }
-        }
-    }
-
-    public boolean isConnected() {
-        return clientSocket != null && clientSocket.isConnected();
-    }
-
-    @Override
-    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
-        //start receiving listener after TLS Handshake was successful
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("TLS Handshake was successful");
-        }
-
-        if (!this.connectionFuture.isCancelled()) {
-            // TODO: When server behavior fixed, disconnect and return here instantly
-//            disconnect();
-//            return;
-        }
-
-        // verify tls session on application layer: hostname verification, certificate validity
-        try {
-            TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
-            LOG.debug("TLS session is valid");
-            // Create secure channel, register secure channel as message listener and notify IDSCP2 Configuration.
-            SecureChannel secureChannel = new SecureChannel(this);
-            // Try to complete, won't do anything if promise has been cancelled
-            this.listenerPromise.complete(secureChannel);
-            final var connection = new Idscp2Connection(secureChannel, clientSettings, dapsDriver);
-            inputListenerThread.start();
-            // Try to complete, won't do anything if promise has been cancelled
-            this.connectionFuture.complete(connection);
-            if (this.connectionFuture.isCancelled()) {
-                connection.close();
-            }
-        } catch (SSLPeerUnverifiedException e) {
-            // FIXME: Any such disconnect makes the server maintain a broken connection
-            disconnect();
-            connectionFuture.completeExceptionally(
-                    new Idscp2Exception("TLS session is not valid. Close TLS connection", e));
-        }
-    }
-
-    @Override
-    public void onMessage(byte[] data) {
-        listenerPromise.thenAccept(listener -> listener.onMessage(data));
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
deleted file mode 100644
index d2e48e7a4..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.java
+++ /dev/null
@@ -1,157 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
-
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.net.ssl.*;
-import java.io.IOException;
-import java.net.ServerSocket;
-import java.net.SocketException;
-import java.net.SocketTimeoutException;
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.util.concurrent.CompletableFuture;
-
-/**
- * A TLS Server that listens on a given port from the Idscp2Settings and create new
- * TLSServerThreads for incoming connections
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class TLSServer implements Runnable, SecureServer {
-    private static final Logger LOG = LoggerFactory.getLogger(TLSServer.class);
-
-    private volatile boolean isRunning = false;
-    private final ServerSocket serverSocket;
-    private final SecureChannelInitListener secureChannelInitListener;
-    private final CompletableFuture<ServerConnectionListener> serverListenerPromise;
-    private final Thread serverThread;
-
-    public TLSServer(Idscp2Settings serverSettings, SecureChannelInitListener secureChannelInitListener,
-                     CompletableFuture<ServerConnectionListener> serverListenerPromise)
-            throws IOException, NoSuchAlgorithmException, KeyManagementException {
-        this.secureChannelInitListener = secureChannelInitListener;
-        this.serverListenerPromise = serverListenerPromise;
-
-        /* init server for TCP/TLS communication */
-
-        // Get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager,
-        // which enables host verification and algorithm constraints
-        LOG.debug("Creating trust manager for TLS server...");
-        TrustManager[] myTrustManager = PreConfiguration.getX509ExtTrustManager(
-                serverSettings.getTrustStorePath(),
-                serverSettings.getTrustStorePassword()
-        );
-
-        // Get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager,
-        // which enables connection specific key selection via key alias
-        LOG.debug("Creating key manager for TLS server...");
-        KeyManager[] myKeyManager = PreConfiguration.getX509ExtKeyManager(
-                serverSettings.getKeyPassword(),
-                serverSettings.getKeyStorePath(),
-                serverSettings.getKeyStorePassword(),
-                serverSettings.getCertificateAlias(),
-                serverSettings.getKeyStoreKeyType()
-        );
-
-        LOG.debug("Setting TLS security attributes and creating TLS server socket...");
-        // Create TLS context based on keyManager and trustManager
-        SSLContext sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE);
-        sslContext.init(myKeyManager, myTrustManager, null);
-        SSLServerSocketFactory socketFactory = sslContext.getServerSocketFactory();
-
-        serverSocket = socketFactory.createServerSocket(serverSettings.getServerPort());
-        // Set timeout for serverSocket.accept()
-        serverSocket.setSoTimeout(5000);
-
-        SSLServerSocket sslServerSocket = (SSLServerSocket) serverSocket;
-
-        // Set TLS constraints
-        SSLParameters sslParameters = sslServerSocket.getSSLParameters();
-        sslParameters.setUseCipherSuitesOrder(true); //server determines priority-order of algorithms in CipherSuite
-        sslParameters.setNeedClientAuth(true); //client must authenticate
-        sslParameters.setProtocols(TLSConstants.TLS_ENABLED_PROTOCOLS); //only TLSv1.3
-        sslParameters.setCipherSuites(TLSConstants.TLS_ENABLED_CIPHERS); //only allow strong cipher suite
-        sslServerSocket.setSSLParameters(sslParameters);
-
-        LOG.debug("Starting TLS server...");
-        serverThread = new Thread(this, "TLS Server Thread "
-                + serverSettings.getHost() + ":" + serverSettings.getServerPort());
-        serverThread.start();
-    }
-
-    @Override
-    public void run() {
-        final ServerSocket serverSocket;
-        if ((serverSocket = this.serverSocket) == null || serverSocket.isClosed()) {
-            LOG.error("ServerSocket is not available, server thread is stopping now.");
-            return;
-        }
-
-        isRunning = true;
-        LOG.debug("TLS server started, entering accept() loop...");
-        while (isRunning) {
-            try {
-                final var sslSocket = (SSLSocket) serverSocket.accept();
-                try {
-                    // Start new server thread
-                    LOG.debug("New TLS client has connected. Creating new server thread...");
-                    final var serverThread = new TLSServerThread(sslSocket, secureChannelInitListener, serverListenerPromise);
-                    sslSocket.addHandshakeCompletedListener(serverThread);
-                    serverThread.start();
-                } catch (Exception serverThreadException) {
-                    LOG.error("Error whilst creating/starting TLSServerThread", serverThreadException);
-                }
-            } catch (SocketTimeoutException e) {
-                //timeout on serverSocket blocking functions was reached
-                //in this way we can catch safeStop() function, that makes isRunning false
-                //without closing the serverSocket, so we can stop and restart the server
-                //alternative: close serverSocket. But then we cannot reuse it
-            } catch (SocketException e) {
-                LOG.debug("Server socket has been closed.");
-                isRunning = false;
-            } catch (IOException e) {
-                LOG.error("Error during TLS server socket accept, notifying error handlers...");
-                secureChannelInitListener.onError(e);
-                isRunning = false;
-            }
-        }
-
-        if (!serverSocket.isClosed()) {
-            try {
-                serverSocket.close();
-            } catch (IOException e) {
-                LOG.warn("Could not close TLS server socket", e);
-            }
-        }
-    }
-
-    @Override
-    public void safeStop() {
-        LOG.debug("Stopping tls server");
-        isRunning = false;
-//        try {
-//            serverSocket.close();
-//        } catch (IOException e) {
-//            LOG.warn("Trying to close server socket failed!", e);
-//        }
-        try {
-            this.serverThread.join();
-        } catch (InterruptedException e) {
-            LOG.warn("InterruptedException whilst waiting for server stop", e);
-            Thread.currentThread().interrupt();
-        }
-    }
-
-    @Override
-    public boolean isRunning() {
-        return isRunning;
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
deleted file mode 100644
index 480410f61..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.java
+++ /dev/null
@@ -1,169 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server;
-
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.net.ssl.HandshakeCompletedEvent;
-import javax.net.ssl.HandshakeCompletedListener;
-import javax.net.ssl.SSLPeerUnverifiedException;
-import javax.net.ssl.SSLSocket;
-import java.io.*;
-import java.net.SocketTimeoutException;
-import java.util.concurrent.CompletableFuture;
-
-/**
- * A TLSServerThread that notifies an IDSCP2Config when a secure channel was created and the
- * TLS handshake is done
- * <p>
- * When new data are available the serverThread transfers it to the SecureChannelListener
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class TLSServerThread extends Thread implements HandshakeCompletedListener, SecureChannelEndpoint, Closeable {
-    private static final Logger LOG = LoggerFactory.getLogger(TLSServerThread.class);
-
-    private volatile boolean running = true;
-    private final DataInputStream in;
-    private final DataOutputStream out;
-    private final SSLSocket sslSocket;
-    private final SecureChannelInitListener configCallback;
-    private final CompletableFuture<ServerConnectionListener> serverListenerPromise;
-    private final CompletableFuture<SecureChannelListener> channelListenerPromise = new CompletableFuture<>();
-    private final FastLatch tlsVerificationLatch = new FastLatch();
-
-    TLSServerThread(SSLSocket sslSocket, SecureChannelInitListener configCallback,
-                    CompletableFuture<ServerConnectionListener> serverListenerPromise) throws IOException {
-        this.sslSocket = sslSocket;
-        this.configCallback = configCallback;
-        this.serverListenerPromise = serverListenerPromise;
-        // Set timeout for blocking read
-        sslSocket.setSoTimeout(5000);
-        in = new DataInputStream(sslSocket.getInputStream());
-        out = new DataOutputStream(sslSocket.getOutputStream());
-    }
-
-    @Override
-    public void run() {
-        // first run the tls handshake to enforce catching every error occurred during the handshake
-        // before reading from buffer. Else if there exists any non-catched exception during handshake
-        // the thread would wait forever in onError() until handshakeCompleteListener is called
-        try {
-            sslSocket.startHandshake();
-            // Wait for TLS session verification
-            tlsVerificationLatch.await();
-        } catch (Exception e) {
-            LOG.error("Exception occurred during SSL handshake. Quiting server thread...", e);
-            onError(e);
-            running = false;
-        }
-
-        //wait for new data while running
-        byte[] buf;
-        while (running) {
-            try {
-                int len = in.readInt();
-                buf = new byte[len];
-                in.readFully(buf, 0, len);
-                onMessage(buf);
-            } catch (SocketTimeoutException ignore) {
-                // Timeout catches safeStop() call and allows to send server_goodbye
-            } catch (EOFException e) {
-                onClose();
-                running = false;
-            } catch (IOException e) {
-                onError(e);
-                running = false;
-            }
-        }
-        closeSockets();
-    }
-
-    private void closeSockets() {
-        try {
-            out.close();
-            in.close();
-            sslSocket.close();
-        } catch (IOException ignore) {
-        }
-    }
-
-    @Override
-    public boolean send(byte[] data) {
-        if (!isConnected()) {
-            LOG.error("Server cannot send data because socket is not connected");
-            closeSockets();
-            return false;
-        } else {
-            try {
-                out.writeInt(data.length);
-                out.write(data);
-                out.flush();
-                LOG.trace("Sent message: " + new String(data));
-                return true;
-            } catch (IOException e) {
-                LOG.error("Server could not send data.");
-                closeSockets();
-                return false;
-            }
-        }
-    }
-
-    private void onClose() {
-        channelListenerPromise.thenAccept(SecureChannelListener::onClose);
-    }
-
-    private void onError(Throwable t) {
-        channelListenerPromise.thenAccept(secureChannelListener -> secureChannelListener.onError(t));
-    }
-
-    @Override
-    public void close() {
-        safeStop();
-    }
-
-    @Override
-    public void onMessage(byte[] data) {
-        channelListenerPromise.thenAccept(listener -> listener.onMessage(data));
-    }
-
-    private void safeStop() {
-        running = false;
-    }
-
-    public boolean isConnected() {
-        return (sslSocket != null && sslSocket.isConnected());
-    }
-
-    @Override
-    public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("TLS Handshake was successful");
-        }
-
-        // verify tls session on application layer: hostname verification, certificate validity
-        try {
-            TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.getSession());
-            LOG.debug("TLS session is valid");
-        } catch (SSLPeerUnverifiedException e) {
-            if (LOG.isWarnEnabled()) {
-                LOG.warn("TLS session is not valid. Close TLS connection", e);
-            }
-            running = false;  // set running false before tlsVerificationLatch is decremented
-            return;
-        } finally {
-            tlsVerificationLatch.unlock();
-        }
-
-        //provide secure channel to IDSCP2 Config and register secure channel as listener
-        SecureChannel secureChannel = new SecureChannel(this);
-        this.channelListenerPromise.complete(secureChannel);
-        configCallback.onSecureChannel(secureChannel, serverListenerPromise);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
deleted file mode 100644
index 28e834095..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.java
+++ /dev/null
@@ -1,40 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * An abstract RatProverDriver class that creates a rat prover driver thread and proves itself to
- * the peer connector using remote attestation
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public abstract class RatProverDriver extends Thread {
-    private static final Logger LOG = LoggerFactory.getLogger(RatProverDriver.class);
-
-    protected boolean running = true;
-    protected FsmListener fsmListener;
-
-    /*
-     * Delegate an IDSCP2 message to the RatProver driver
-     */
-    public void delegate(byte[] message) {
-    }
-
-    /*
-     * Terminate and cancel the RatProver driver
-     */
-    public void terminate() {
-        running = false;
-        this.interrupt();
-    }
-
-    public void setListener(FsmListener listener) {
-        fsmListener = listener;
-    }
-
-    public void setConfig(Object config) {
-        LOG.warn("Method 'setConfig' for RatProverDriver is not implemented");
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
deleted file mode 100644
index 52d269c9f..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.java
+++ /dev/null
@@ -1,40 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * An abstract RatVerifierDriver class that creates a rat verifier driver thread and verifier the
- * peer connector using remote attestation
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public abstract class RatVerifierDriver extends Thread {
-    private static final Logger LOG = LoggerFactory.getLogger(RatVerifierDriver.class);
-
-    protected boolean running = true;
-    protected FsmListener fsmListener;
-
-    /*
-     * Delegate the IDSCP2 message to the RatVerifier driver
-     */
-    public void delegate(byte[] message) {
-    }
-
-    /*
-     * Terminate and cancel the RatVerifier driver
-     */
-    public void terminate() {
-        running = false;
-        this.interrupt();
-    }
-
-    public void setListener(FsmListener listener) {
-        fsmListener = listener;
-    }
-
-    public void setConfig(Object config) {
-        LOG.warn("Method 'setConfig' for RatVerifierDriver is not implemented");
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
deleted file mode 100644
index d6af0fc05..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.java
+++ /dev/null
@@ -1,28 +0,0 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
-
-import java.util.concurrent.CompletableFuture;
-
-/**
- * An interface for the IDSCP2 SecureChannelDriver class, that implements a connect() function
- * for IDSCP2 clients and a listen() function for IDSCP2 servers to connect the underlying layer
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public interface SecureChannelDriver {
-
-    /*
-     * Asynchronous method to create a secure connection to a secure server
-     */
-    void connect(Idscp2Settings settings, DapsDriver dapsDriver, CompletableFuture<Idscp2Connection> connectionFuture);
-
-    /*
-     * Starting a secure server
-     */
-    SecureServer listen(Idscp2Settings settings, SecureChannelInitListener channelInitListener,
-                        CompletableFuture<ServerConnectionListener> serverListenerPromise);
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/DatException.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/DatException.java
deleted file mode 100644
index 9b5123649..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/DatException.java
+++ /dev/null
@@ -1,11 +0,0 @@
-package de.fhg.aisec.ids.idscp2.error;
-
-public class DatException extends RuntimeException {
-    public DatException(String s) {
-        super(s);
-    }
-
-    public DatException(String s, Exception e) {
-        super(s, e);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java
deleted file mode 100644
index cc3b10850..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.java
+++ /dev/null
@@ -1,16 +0,0 @@
-package de.fhg.aisec.ids.idscp2.error;
-
-/**
- * IDSCP2 Exception
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class Idscp2Exception extends RuntimeException {
-    public Idscp2Exception(String message) {
-        super(message);
-    }
-
-    public Idscp2Exception(String message, Throwable cause) {
-        super(message, cause);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
deleted file mode 100644
index 96416570f..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.java
+++ /dev/null
@@ -1,91 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example;
-
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ClientFactory;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.nio.charset.StandardCharsets;
-import java.util.concurrent.CompletableFuture;
-
-public class Idscp2ClientInitiator {
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ClientInitiator.class);
-
-    private final CompletableFuture<Idscp2Connection> connectionFuture = new CompletableFuture<>();
-
-    public void init(Idscp2Settings settings) {
-        SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
-
-        DefaultDapsDriverConfig config =
-                new DefaultDapsDriverConfig.Builder()
-                        .setKeyStorePath(settings.getKeyStorePath())
-                        .setTrustStorePath(settings.getTrustStorePath())
-                        .setKeyStorePassword(settings.getKeyStorePassword())
-                        .setTrustStorePassword(settings.getTrustStorePassword())
-                        .setKeyAlias(settings.getDapsKeyAlias())
-                        .setKeyPassword(settings.getKeyPassword())
-                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                        .build();
-
-        RatProverDriverRegistry.getInstance().registerDriver(
-                "Dummy", RatProverDummy.class, null);
-        RatVerifierDriverRegistry.getInstance().registerDriver(
-                "Dummy", RatVerifierDummy.class, null);
-
-        RatProverDriverRegistry.getInstance().registerDriver(
-                "TPM2d", TPM2dProver.class,
-                new TPM2dProverConfig.Builder().build()
-        );
-        RatVerifierDriverRegistry.getInstance().registerDriver(
-                "TPM2d", TPM2dVerifier.class,
-                new TPM2dVerifierConfig.Builder().build()
-        );
-
-        final var clientConfig = new Idscp2ClientFactory(
-                new DefaultDapsDriver(config),
-                secureChannelDriver
-        );
-
-        clientConfig.connect(settings, connectionFuture);
-        connectionFuture.thenAccept(connection -> {
-            System.out.println("Client: New connection with id " + connection.getId());
-            connection.addConnectionListener(new Idscp2ConnectionAdapter() {
-                @Override
-                public void onError(Throwable t) {
-                    LOG.error("Client connection error occurred", t);
-                }
-
-                @Override
-                public void onClose(Idscp2Connection connection) {
-                    LOG.info("Client: Connection with id " + connection.getId() + " has been closed");
-                }
-            });
-            connection.addGenericMessageListener(((c, type, data) -> System.out.println(
-                    "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
-            connection.addMessageListener("ping", (c, type, data) -> {
-                System.out.println("Received ping message: " + new String(data, StandardCharsets.UTF_8));
-                CompletableFuture.runAsync(c::close);  // FSM error if run from the same thread
-            });
-            connection.unlockMessaging();
-            connection.send("ping", "PING".getBytes(StandardCharsets.UTF_8));
-            System.out.println("Sent PING...");
-        }).exceptionally(t -> {
-            LOG.error("Client endpoint error occurred", t);
-            return null;
-        });
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
deleted file mode 100644
index d2c057b29..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.java
+++ /dev/null
@@ -1,104 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example;
-
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.nio.charset.StandardCharsets;
-
-public class Idscp2ServerInitiator implements Idscp2EndpointListener {
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerInitiator.class);
-
-    public void init(Idscp2Settings settings) {
-        SecureChannelDriver secureChannelDriver = new NativeTLSDriver();
-
-        DefaultDapsDriverConfig config =
-                new DefaultDapsDriverConfig.Builder()
-                        .setKeyStorePath(settings.getKeyStorePath())
-                        .setTrustStorePath(settings.getTrustStorePath())
-                        .setKeyStorePassword(settings.getKeyStorePassword())
-                        .setTrustStorePassword(settings.getTrustStorePassword())
-                        .setKeyAlias(settings.getDapsKeyAlias())
-                        .setKeyPassword(settings.getKeyPassword())
-                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                        .build();
-
-        DapsDriver dapsDriver = new DefaultDapsDriver(config);
-
-        RatProverDriverRegistry.getInstance().registerDriver(
-                "Dummy", RatProverDummy.class, null);
-        RatVerifierDriverRegistry.getInstance().registerDriver(
-                "Dummy", RatVerifierDummy.class, null);
-
-        RatProverDriverRegistry.getInstance().registerDriver(
-                "TPM2d", TPM2dProver.class,
-                new TPM2dProverConfig.Builder().build()
-        );
-        RatVerifierDriverRegistry.getInstance().registerDriver(
-                "TPM2d", TPM2dVerifier.class,
-                new TPM2dVerifierConfig.Builder().build()
-        );
-
-        Idscp2ServerFactory serverConfig = new Idscp2ServerFactory(
-                this,
-                settings,
-                dapsDriver,
-                secureChannelDriver
-        );
-
-        Idscp2Server idscp2Server = serverConfig.listen(settings);
-
-//        try {
-//            Thread.sleep(40_000); //run server for 2 minutes
-//        } catch (Exception ignored) {
-//        } finally {
-//            idscp2Server.closeConnection();
-//        }
-    }
-
-    @Override
-    public void onConnection(Idscp2Connection connection) {
-        System.out.println("Server: New connection with id " + connection.getId());
-        connection.addConnectionListener(new Idscp2ConnectionAdapter() {
-            @Override
-            public void onError(Throwable t) {
-                LOG.error("Server connection error occurred", t);
-            }
-
-            @Override
-            public void onClose(Idscp2Connection connection) {
-                LOG.info("Server: Connection with id " + connection.getId() + " has been closed");
-            }
-        });
-        connection.addGenericMessageListener(((c, type, data) -> System.out.println(
-                "Received message of type \"" + type + "\":\n" + new String(data, StandardCharsets.UTF_8))));
-        connection.addMessageListener("ping", ((c, type, data) -> {
-            System.out.println("Received ping message:\n" + new String(data, StandardCharsets.UTF_8));
-            System.out.println("Sending PONG...");
-            c.send("ping", "PONG".getBytes(StandardCharsets.UTF_8));
-        }));
-    }
-
-    @Override
-    public void onError(Throwable t) {
-        LOG.error("Server endpoint error occurred", t);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
deleted file mode 100644
index 4bb00e499..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSClient.java
+++ /dev/null
@@ -1,25 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-
-import java.nio.file.Paths;
-import java.util.Objects;
-
-public class RunTLSClient {
-
-    public static void main(String[] args) {
-
-        Idscp2Settings settings = new Idscp2Settings.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient.class.getClassLoader().
-                        getResource("ssl/aisecconnector1-keystore.p12")).getPath()))
-                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient.class.getClassLoader().
-                        getResource("ssl/client-truststore_new.p12")).getPath()))
-                .setCertificateAlias("1.0.1")
-                .setDapsKeyAlias("1")
-                .setRatTimeoutDelay(300)
-                .build();
-
-        Idscp2ClientInitiator initiator = new Idscp2ClientInitiator();
-        initiator.init(settings);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
deleted file mode 100644
index 1d53931d1..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/example/RunTLSServer.java
+++ /dev/null
@@ -1,25 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-
-import java.nio.file.Paths;
-import java.util.Objects;
-
-public class RunTLSServer {
-
-    public static void main(String[] argv) {
-
-        Idscp2Settings settings = new Idscp2Settings.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer.class.getClassLoader().
-                        getResource("ssl/aisecconnector1-keystore.p12")).getPath()))
-                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer.class.getClassLoader().
-                        getResource("ssl/client-truststore_new.p12")).getPath()))
-                .setCertificateAlias("1.0.1")
-                .setDapsKeyAlias("1")
-                .setRatTimeoutDelay(300)
-                .build();
-
-        Idscp2ServerInitiator initiator = new Idscp2ServerInitiator();
-        initiator.init(settings);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
deleted file mode 100644
index e11eec34c..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.java
+++ /dev/null
@@ -1,159 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import org.jetbrains.annotations.Nullable;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.*;
-import java.util.concurrent.CompletableFuture;
-import java.util.stream.Collectors;
-
-/**
- * The IDSCP2 Connection class holds connections between connectors
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
- */
-public class Idscp2Connection {
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2Connection.class);
-
-    private final FSM fsm;
-    private final String connectionId;
-    private final Set<Idscp2ConnectionListener> connectionListeners = Collections.synchronizedSet(new HashSet<>());
-    private final Set<Idscp2MessageListener> genericMessageListeners = Collections.synchronizedSet(new HashSet<>());
-    private final Map<String, Set<Idscp2MessageListener>> messageListeners = new HashMap<>();
-    private final FastLatch messageLatch = new FastLatch();
-
-    public Idscp2Connection(SecureChannel secureChannel,
-                            Idscp2Settings settings,
-                            DapsDriver dapsDriver) {
-        this.connectionId = UUID.randomUUID().toString();
-        fsm = new FSM(
-                this,
-                secureChannel,
-                dapsDriver,
-                settings.getSupportedAttestation().getRatMechanisms(),
-                settings.getExpectedAttestation().getRatMechanisms(),
-                settings.getRatTimeoutDelay());
-        secureChannel.setFsm(fsm);
-        if (LOG.isDebugEnabled()) {
-            LOG.debug("A new IDSCP2 connection with id {} was created, starting handshake...", connectionId);
-        }
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("Stack Trace of Idscp2Connection {} constructor:\n"
-                    + Arrays.stream(Thread.currentThread().getStackTrace())
-                    .skip(1).map(Object::toString).collect(Collectors.joining("\n")), connectionId);
-        }
-        // Schedule IDSCP handshake asynchronously
-        CompletableFuture.runAsync(fsm::startIdscpHandshake);
-    }
-
-    public void unlockMessaging() {
-        messageLatch.unlock();
-    }
-
-    /**
-     * Close the idscp connection
-     */
-    public void close() {
-        LOG.debug("Closing connection {}...", connectionId);
-        fsm.closeConnection();
-        LOG.debug("IDSCP2 connection {} closed", connectionId);
-    }
-
-    /**
-     * Send data to the peer IDSCP2 connector
-     */
-    public void send(String type, byte[] msg) {
-        LOG.debug("Send data of type \"" + type + "\" via connection {}", connectionId);
-        fsm.send(type, msg);
-    }
-
-    public void onMessage(String type, byte[] msg) {
-        // When unlock is called, although not synchronized, this will eventually stop blocking.
-        messageLatch.await();
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("Received new IDSCP Message");
-        }
-        genericMessageListeners.forEach(l -> l.onMessage(this, type, msg));
-        Set<Idscp2MessageListener> listeners = messageListeners.get(type);
-        if (listeners != null) {
-            //noinspection SynchronizationOnLocalVariableOrMethodParameter
-            synchronized (listeners) {
-                listeners.forEach(l -> l.onMessage(this, type, msg));
-            }
-        }
-    }
-
-    public void onError(Throwable t) {
-        connectionListeners.forEach(idscp2ConnectionListener -> idscp2ConnectionListener.onError(t));
-    }
-
-    public void onClose() {
-        LOG.debug("Connection with id {} is closing, notify listeners...", connectionId);
-        connectionListeners.forEach(l -> l.onClose(this));
-    }
-
-    /**
-     * Check if the idscp connection is currently established
-     *
-     * @return Connection established state
-     */
-    @SuppressWarnings("unused")
-    public boolean isConnected() {
-        return fsm.isConnected();
-    }
-
-    public String getId() {
-        return connectionId;
-    }
-
-    public void addConnectionListener(Idscp2ConnectionListener listener) {
-        connectionListeners.add(listener);
-    }
-
-    @SuppressWarnings("unused")
-    public boolean removeConnectionListener(Idscp2ConnectionListener listener) {
-        return connectionListeners.remove(listener);
-    }
-
-    public void addGenericMessageListener(Idscp2MessageListener listener) {
-        genericMessageListeners.add(listener);
-    }
-
-    @SuppressWarnings("UnusedReturnValue")
-    public boolean removeGenericMessageListener(Idscp2MessageListener listener) {
-        return genericMessageListeners.remove(listener);
-    }
-
-    public void addMessageListener(@Nullable String type, Idscp2MessageListener listener) {
-        Set<Idscp2MessageListener> messageTypeListeners
-                = messageListeners.computeIfAbsent(type, k -> new HashSet<>());
-        //noinspection SynchronizationOnLocalVariableOrMethodParameter
-        synchronized (messageTypeListeners) {
-            messageTypeListeners.add(listener);
-        }
-        messageListeners.put(type, messageTypeListeners);
-    }
-
-    @SuppressWarnings("unused")
-    public boolean removeMessageListener(@Nullable String type, Idscp2MessageListener listener) {
-        Set<Idscp2MessageListener> messageTypeListeners = messageListeners.get(type);
-        if (messageTypeListeners == null) {
-            return false;
-        }
-        final boolean ret;
-        //noinspection SynchronizationOnLocalVariableOrMethodParameter
-        synchronized (messageTypeListeners) {
-            ret = messageTypeListeners.remove(listener);
-        }
-        if (messageTypeListeners.isEmpty()) {
-            messageListeners.remove(type);
-        }
-        return ret;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
deleted file mode 100644
index 2f348da8a..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.java
+++ /dev/null
@@ -1,17 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class Idscp2ConnectionAdapter implements Idscp2ConnectionListener {
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ConnectionAdapter.class);
-
-    @Override
-    public void onError(Throwable t) {
-        LOG.error("Error received in Idscp2ConnectionAdapter", t);
-    }
-
-    @Override
-    public void onClose(Idscp2Connection connection) {
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java
deleted file mode 100644
index 658d0f1c1..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.java
+++ /dev/null
@@ -1,112 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core;
-
-import com.google.protobuf.ByteString;
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.*;
-
-import java.util.Arrays;
-
-/**
- * A factory for creating IDSCP2 messages
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class Idscp2MessageHelper {
-
-    public static IdscpMessage createIdscpHelloMessage(byte[] dat, String[] supportedRatSuite, String[] expectedRatSuite) {
-        IdscpDat idscpDat = IdscpDat.newBuilder()
-                .setToken(ByteString.copyFrom(dat))
-                .build();
-
-        IdscpHello idscpHello = IdscpHello.newBuilder()
-                .setVersion(2)
-                .setDynamicAttributeToken(idscpDat)
-                .addAllExpectedRatSuite(Arrays.asList(expectedRatSuite))
-                .addAllSupportedRatSuite(Arrays.asList(supportedRatSuite))
-                .build();
-
-        return IdscpMessage.newBuilder()
-                .setIdscpHello(idscpHello)
-                .build();
-    }
-
-    public static IdscpMessage createIdscpCloseMessage(String closeMsg, IdscpClose.CloseCause causeCode) {
-        IdscpClose idscpClose = IdscpClose.newBuilder()
-                .setCauseCode(causeCode)
-                .setCauseMsg(closeMsg)
-                .build();
-
-        return IdscpMessage.newBuilder()
-                .setIdscpClose(idscpClose)
-                .build();
-    }
-
-    public static IdscpMessage createIdscpDatExpiredMessage() {
-        return IdscpMessage.newBuilder()
-                .setIdscpDatExpired(IdscpDatExpired.newBuilder().build())
-                .build();
-    }
-
-    public static IdscpMessage createIdscpDatMessage(byte[] dat) {
-        IdscpDat idscpDat = IdscpDat.newBuilder()
-                .setToken(ByteString.copyFrom(dat))
-                .build();
-
-        return IdscpMessage.newBuilder()
-                .setIdscpDat(idscpDat)
-                .build();
-    }
-
-    public static IdscpMessage createIdscpReRatMessage(String cause) {
-        IdscpReRat idscpReRat = IdscpReRat.newBuilder()
-                .setCause(cause)
-                .build();
-
-        return IdscpMessage.newBuilder()
-                .setIdscpReRat(idscpReRat)
-                .build();
-    }
-
-    public static IdscpMessage createIdscpDataMessage(String type, Integer typeTag, byte[] data) {
-        IdscpData.Builder idscpData = IdscpData.newBuilder()
-                .setData(ByteString.copyFrom(data));
-        if (type != null) {
-            idscpData.setType(type);
-        }
-        if (typeTag != null) {
-            idscpData.setTypeTag(typeTag);
-        }
-
-        return IdscpMessage.newBuilder()
-                .setIdscpData(idscpData)
-                .build();
-    }
-
-    public static IdscpMessage createIdscpDataMessage(int shortType, byte[] data) {
-        return createIdscpDataMessage(null, shortType, data);
-    }
-
-    public static IdscpMessage createIdscpDataMessage(String type, byte[] data) {
-        return createIdscpDataMessage(type, null, data);
-    }
-
-    public static IdscpMessage createIdscpRatProverMessage(byte[] body) {
-        IdscpRatProver idscpRatProver = IdscpRatProver.newBuilder()
-                .setData(ByteString.copyFrom(body))
-                .build();
-
-        return IdscpMessage.newBuilder()
-                .setIdscpRatProver(idscpRatProver)
-                .build();
-    }
-
-    public static IdscpMessage createIdscpRatVerifierMessage(byte[] body) {
-        IdscpRatVerifier idscpRatVerifier = IdscpRatVerifier.newBuilder()
-                .setData(ByteString.copyFrom(body))
-                .build();
-
-        return IdscpMessage.newBuilder()
-                .setIdscpRatVerifier(idscpRatVerifier)
-                .build();
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java
deleted file mode 100644
index 45853f638..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.java
+++ /dev/null
@@ -1,12 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core;
-
-/**
- * An interface for an IDSCP message listener
- */
-public interface Idscp2MessageListener {
-
-    /*
-     * notify the listener about new data
-     */
-    void onMessage(Idscp2Connection connection, String type, byte[] data);
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
deleted file mode 100644
index 8281b2e05..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.java
+++ /dev/null
@@ -1,35 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
-
-import java.util.Arrays;
-
-/**
- * Attestation configuration class, containing attestation suite for supported / expected
- * attestation types
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class AttestationConfig {
-    public final static String[] DEFAULT_RAT_MECHANISMS = new String[] {"Dummy", "TPM2d"};
-    private final String[] ratMechanisms;
-
-    public AttestationConfig() {
-        this.ratMechanisms = DEFAULT_RAT_MECHANISMS;
-    }
-
-    public String[] getRatMechanisms() {
-        return ratMechanisms;
-    }
-
-    @Override
-    public boolean equals(Object o) {
-        if (this == o) return true;
-        if (o == null || getClass() != o.getClass()) return false;
-        AttestationConfig that = (AttestationConfig) o;
-        return Arrays.equals(ratMechanisms, that.ratMechanisms);
-    }
-
-    @Override
-    public int hashCode() {
-        return Arrays.hashCode(ratMechanisms);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.java
deleted file mode 100644
index fad670b6c..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.java
+++ /dev/null
@@ -1,37 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.concurrent.CompletableFuture;
-
-/**
- * Idscp2ServerFactory class, provides IDSCP2 API to the User (Idscp2EndpointListener)
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class Idscp2ClientFactory {
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ClientFactory.class);
-
-    private final DapsDriver dapsDriver;
-    private final SecureChannelDriver secureChannelDriver;
-
-    public Idscp2ClientFactory(DapsDriver dapsDriver,
-                               SecureChannelDriver secureChannelDriver
-    ) {
-        this.dapsDriver = dapsDriver;
-        this.secureChannelDriver = secureChannelDriver;
-    }
-
-    /**
-     * User API to create a IDSCP2 connection as a client
-     */
-    public void connect(Idscp2Settings settings, CompletableFuture<Idscp2Connection> connectionFuture) {
-        LOG.info("Connect to an IDSCP2 server ({})", settings.getHost());
-        secureChannelDriver.connect(settings, dapsDriver, connectionFuture);
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java
deleted file mode 100644
index c79b37b60..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.java
+++ /dev/null
@@ -1,91 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
-
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver;
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server;
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.concurrent.CompletableFuture;
-
-/**
- * Idscp2ServerFactory class, provides IDSCP2 API to the User (Idscp2EndpointListener)
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class Idscp2ServerFactory implements SecureChannelInitListener {
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2ServerFactory.class);
-
-    private final Idscp2EndpointListener endpointListener;
-    private final Idscp2Settings settings;
-    private final DapsDriver dapsDriver;
-    private final SecureChannelDriver secureChannelDriver;
-
-    public Idscp2ServerFactory(Idscp2EndpointListener endpointListener,
-                               Idscp2Settings settings,
-                               DapsDriver dapsDriver,
-                               SecureChannelDriver secureChannelDriver
-    ) {
-        this.endpointListener = endpointListener;
-        this.settings = settings;
-        this.dapsDriver = dapsDriver;
-        this.secureChannelDriver = secureChannelDriver;
-    }
-
-    /*
-     * User API to create a new IDSCP2 Server that starts a Secure Server that listens to new
-     * secure channels
-     */
-    public Idscp2Server listen(Idscp2Settings settings) throws Idscp2Exception {
-        LOG.info("Starting new IDSCP2 server at port {}", settings.getServerPort());
-
-        final var serverListenerPromise = new CompletableFuture<ServerConnectionListener>();
-        final var secureServer = secureChannelDriver.listen(settings, this, serverListenerPromise);
-        final var server = new Idscp2Server(secureServer);
-        serverListenerPromise.complete(server);
-        return server;
-    }
-
-    /**
-     * A callback implementation to receive a new established secure channel from an Secure client/server.
-     * <p>
-     * If the secure channel is null, no secure channel was established and an error is provided
-     * to the user (or the error is ignored, in server case).
-     * <p>
-     * If the secure channel was established, a new FSM is created for this connection and the
-     * IDSCP2 handshake is started. After a successful handshake, a new Idscp2Connection is
-     * created and provided to the user (and the IDSCP2 server).
-     */
-    @Override
-    public synchronized void onSecureChannel(SecureChannel secureChannel,
-                                             CompletableFuture<ServerConnectionListener> serverListenerPromise) {
-        LOG.trace("A new secure channel for an IDSCP2 connection was established");
-        // Threads calling onMessage() will be blocked until all listeners have been registered, see below
-        Idscp2Connection newConnection = new Idscp2Connection(secureChannel, settings, dapsDriver);
-        // Complete the connection promise for the IDSCP server
-        serverListenerPromise.thenAccept(serverListener -> {
-            serverListener.onConnectionCreated(newConnection);
-            newConnection.addConnectionListener(new Idscp2ConnectionAdapter() {
-                @Override
-                public void onClose(Idscp2Connection connection) {
-                    serverListener.onConnectionClose(connection);
-                }
-            });
-        });
-        endpointListener.onConnection(newConnection);
-        // Listeners have been applied in onConnection() callback above, so we can safely unlock messaging now
-        newConnection.unlockMessaging();
-    }
-
-    @Override
-    public void onError(Throwable t) {
-        endpointListener.onError(t);
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
deleted file mode 100644
index 99f4516d1..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.java
+++ /dev/null
@@ -1,198 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
-
-import org.checkerframework.checker.nullness.qual.NonNull;
-
-import java.nio.file.Path;
-import java.util.Arrays;
-import java.util.Objects;
-
-/**
- * IDSCP2 configuration class, contains information about keyStore and TrustStores,
- * Attestation Types, host, DAPS, ...
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class Idscp2Settings {
-    public static final int DEFAULT_SERVER_PORT = 29292;
-    public static final String DEFAULT_RAT_TIMEOUT_DELAY = "600";
-
-    private int serverPort = DEFAULT_SERVER_PORT;
-    private String host = "localhost";
-    private Path trustStorePath = null;
-    private char[] trustStorePassword = "password".toCharArray();
-    private char[] keyPassword = "password".toCharArray();
-    private Path keyStorePath = null;
-    private char[] keyStorePassword = "password".toCharArray();
-    private String certificateAlias = "1.0.1";
-    private String dapsKeyAlias = "1";
-    private String keyStoreKeyType = "RSA";
-    private AttestationConfig supportedAttestation = new AttestationConfig();
-    private AttestationConfig expectedAttestation = new AttestationConfig();
-    private long ratTimeoutDelay = Integer.parseInt(DEFAULT_RAT_TIMEOUT_DELAY);
-
-    @SuppressWarnings("unused")
-    public static class Builder {
-        @NonNull
-        private final Idscp2Settings settings = new Idscp2Settings();
-
-        @NonNull
-        public Builder setHost(String host) {
-            this.settings.host = host;
-            return this;
-        }
-
-        @NonNull
-        public Builder setServerPort(int serverPort) {
-            this.settings.serverPort = serverPort;
-            return this;
-        }
-
-        public Builder setKeyPassword(char[] pwd) {
-            this.settings.keyPassword = pwd;
-            return this;
-        }
-
-        @NonNull
-        public Builder setTrustStorePath(Path path) {
-            this.settings.trustStorePath = path;
-            return this;
-        }
-
-        @NonNull
-        public Builder setKeyStorePath(Path path) {
-            this.settings.keyStorePath = path;
-            return this;
-        }
-
-        @NonNull
-        public Builder setTrustStorePassword(char[] pwd) {
-            this.settings.trustStorePassword = pwd;
-            return this;
-        }
-
-        @NonNull
-        public Builder setKeyStorePassword(char[] pwd) {
-            this.settings.keyStorePassword = pwd;
-            return this;
-        }
-
-        @NonNull
-        public Builder setCertificateAlias(String alias) {
-            this.settings.certificateAlias = alias;
-            return this;
-        }
-
-        @NonNull
-        public Builder setDapsKeyAlias(String alias) {
-            this.settings.dapsKeyAlias = alias;
-            return this;
-        }
-
-        @NonNull
-        public Builder setKeyStoreKeyType(String keyType) {
-            this.settings.keyStoreKeyType = keyType;
-            return this;
-        }
-
-        @NonNull
-        public Builder setSupportedAttestation(AttestationConfig suite) {
-            this.settings.supportedAttestation = suite;
-            return this;
-        }
-
-        @NonNull
-        public Builder setExpectedAttestation(AttestationConfig suite) {
-            this.settings.expectedAttestation = suite;
-            return this;
-        }
-
-        public Builder setRatTimeoutDelay(long delay) {
-            this.settings.ratTimeoutDelay = delay;
-            return this;
-        }
-
-        @NonNull
-        public Idscp2Settings build() {
-            return this.settings;
-        }
-
-    }
-
-    public int getServerPort() {
-        return serverPort;
-    }
-
-    public String getHost() {
-        return host;
-    }
-
-    public Path getTrustStorePath() {
-        return trustStorePath;
-    }
-
-    public char[] getTrustStorePassword() {
-        return trustStorePassword;
-    }
-
-    public char[] getKeyPassword() {
-        return keyPassword;
-    }
-
-    public Path getKeyStorePath() {
-        return keyStorePath;
-    }
-
-    public char[] getKeyStorePassword() {
-        return keyStorePassword;
-    }
-
-    public String getCertificateAlias() {
-        return certificateAlias;
-    }
-
-    public String getDapsKeyAlias() {
-        return dapsKeyAlias;
-    }
-
-    public String getKeyStoreKeyType() {
-        return keyStoreKeyType;
-    }
-
-    public AttestationConfig getSupportedAttestation() {
-        return supportedAttestation;
-    }
-
-    public AttestationConfig getExpectedAttestation() {
-        return expectedAttestation;
-    }
-
-    public long getRatTimeoutDelay() {
-        return ratTimeoutDelay;
-    }
-
-    @Override
-    public boolean equals(Object o) {
-        if (this == o) return true;
-        if (o == null || getClass() != o.getClass()) return false;
-        Idscp2Settings that = (Idscp2Settings) o;
-        return serverPort == that.serverPort &&
-                ratTimeoutDelay == that.ratTimeoutDelay &&
-                Objects.equals(host, that.host) &&
-                Objects.equals(trustStorePath, that.trustStorePath) &&
-                Arrays.equals(trustStorePassword, that.trustStorePassword) &&
-                Objects.equals(keyStorePath, that.keyStorePath) &&
-                Arrays.equals(keyStorePassword, that.keyStorePassword) &&
-                Objects.equals(certificateAlias, that.certificateAlias) &&
-                Objects.equals(dapsKeyAlias, that.dapsKeyAlias) &&
-                Objects.equals(keyStoreKeyType, that.keyStoreKeyType) &&
-                Objects.equals(supportedAttestation, that.supportedAttestation) &&
-                Objects.equals(expectedAttestation, that.expectedAttestation);
-    }
-
-    @Override
-    public int hashCode() {
-        return Objects.hash(serverPort, host, trustStorePath, trustStorePassword, keyStorePath,
-                keyStorePassword, certificateAlias, dapsKeyAlias, keyStoreKeyType, supportedAttestation,
-                expectedAttestation, ratTimeoutDelay);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java
deleted file mode 100644
index 9c733f7a8..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.java
+++ /dev/null
@@ -1,26 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.ServerConnectionListener;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-
-import java.util.concurrent.CompletableFuture;
-
-/**
- * An callback interface that implements callback functions that notify about new
- * SecureChannels
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public interface SecureChannelInitListener {
-
-    /**
-     * Notify the server about new secureChannel
-     */
-    void onSecureChannel(
-            SecureChannel secureChannel,
-            CompletableFuture<ServerConnectionListener> serverListenerPromise
-    );
-
-    void onError(Throwable t);
-
-}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
deleted file mode 100644
index 15a1a804e..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Event.java
+++ /dev/null
@@ -1,89 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage;
-
-/**
- * An Event class for the Finite State Machine. Triggers a transition and holds
- * either an IdscpMessage or an InternalControlMessage, or both in special cases.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class Event {
-    public enum EventType {
-        IDSCP_MESSAGE,
-        INTERNAL_CONTROL_MESSAGE
-    }
-
-    private final Object key;
-    private final EventType type;
-    private final IdscpMessage idscpMessage;
-    private final InternalControlMessage controlMessage;
-
-    /*
-     * Create an Event with an Internal Control Message
-     */
-    public Event(InternalControlMessage controlMessage) {
-        this.key = controlMessage.getValue();
-        this.type = EventType.INTERNAL_CONTROL_MESSAGE;
-        this.controlMessage = controlMessage;
-        this.idscpMessage = null;
-    }
-
-    /*
-     * Create an Event with an Idscpv2 Message
-     */
-    public Event(IdscpMessage idscpMessage) {
-        this.key = idscpMessage.getMessageCase().getNumber();
-        this.type = EventType.IDSCP_MESSAGE;
-        this.idscpMessage = idscpMessage;
-        this.controlMessage = null;
-    }
-
-    /*
-     * Create a event for outgoing RatProver and RatVerifier messages
-     *
-     * throws an IllegalStateException if this event is requested for other purposes
-     */
-    public Event(InternalControlMessage controlMessage, IdscpMessage idscpMessage) {
-        if (controlMessage.equals(InternalControlMessage.RAT_PROVER_MSG) ||
-                controlMessage.equals(InternalControlMessage.RAT_VERIFIER_MSG)) {
-            this.key = controlMessage.getValue();
-            this.type = EventType.INTERNAL_CONTROL_MESSAGE;
-            this.idscpMessage = idscpMessage;
-            this.controlMessage = controlMessage;
-        } else {
-            throw new IllegalStateException("This constructor must only be used by RAT_PROVER and " +
-                    "RAT_VERIFIER for message passing");
-        }
-    }
-
-    @Override
-    public String toString() {
-        return "Event{" +
-                "key=" + key +
-                ", type=" + type +
-                ", idscpMessage=" + idscpMessage +
-                ", controlMessage=" + controlMessage +
-                '}';
-    }
-
-    //
-    // Getter methods
-    //
-
-    public Object getKey() {
-        return key;
-    }
-
-    public EventType getType() {
-        return type;
-    }
-
-    public IdscpMessage getIdscpMessage() {
-        return idscpMessage;
-    }
-
-    public InternalControlMessage getControlMessage() {
-        return controlMessage;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
deleted file mode 100644
index 8a287983a..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FSM.java
+++ /dev/null
@@ -1,659 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import com.google.protobuf.InvalidProtocolBufferException;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception;
-import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry;
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry;
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel;
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.HashMap;
-import java.util.concurrent.locks.Condition;
-import java.util.concurrent.locks.ReentrantLock;
-
-/**
- * The finite state machine FSM of the IDSCP2 protocol
- * <p>
- * Manages IDSCP2 Handshake, Re-Attestation, DAT-ReRequest and DAT-Re-Validation. Delivers
- * Internal Control Messages and Idscpv2Messages to the target receivers,
- * creates and manages the states and its transitions and implements security restriction to protect
- * the protocol against misuse and faulty, insecure or evil driver implementations.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class FSM implements FsmListener {
-    private static final Logger LOG = LoggerFactory.getLogger(FSM.class);
-
-    /*  -----------   IDSCP2 Protocol States   ---------- */
-    private final HashMap<FSM_STATE, State> states = new HashMap<>();
-
-    enum FSM_STATE {
-        STATE_CLOSED,
-        STATE_WAIT_FOR_HELLO,
-        STATE_WAIT_FOR_RAT,
-        STATE_WAIT_FOR_RAT_VERIFIER,
-        STATE_WAIT_FOR_RAT_PROVER,
-        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER,
-        STATE_WAIT_FOR_DAT_AND_RAT,
-        STATE_ESTABLISHED
-    }
-
-    private State currentState;
-    /*  ----------------   end of states   --------------- */
-
-
-    private final Idscp2Connection connection;
-    private final SecureChannel secureChannel;
-
-    private RatProverDriver ratProverDriver;
-    private RatVerifierDriver ratVerifierDriver;
-
-    /*
-     * RAT Driver Thread ID to identify the driver threads and check if messages are provided by
-     * the current active driver or by any old driver, whose lifetime is already over
-     *
-     * Only one driver can be valid at a time
-     */
-    private String currentRatProverId; //avoid messages from old prover drivers
-    private String currentRatVerifierId; //avoid messages from old verifier drivers
-
-    /*
-     * RAT Mechanisms, calculated during handshake in WAIT_FOR_HELLO_STATE
-     */
-    private String proverMechanism = null; //RAT prover mechanism
-    private String verifierMechanism = null; //RAT Verifier mechanism
-
-    /*
-     * A FIFO-fair synchronization lock for the finite state machine
-     */
-    private final ReentrantLock fsmIsBusy = new ReentrantLock(true);
-
-    /*
-     * A condition to ensure no idscp messages can be provided by the secure channel to the fsm
-     * before the handshake was started
-     */
-    private final Condition onMessageBlock = fsmIsBusy.newCondition();
-
-    /*
-     * A condition for the dscpv2 handshake to wait until the handshake was successful and the
-     * connection is established or the handshake failed and the fsm is locked forever
-     */
-    private final Condition idscpHandshakeLock = fsmIsBusy.newCondition();
-    private boolean handshakeResultAvailable = false;
-    private final FastLatch idscpHandshakeCompletedLatch = new FastLatch();
-
-    /*
-     * Check if FSM is closed forever
-     */
-    private boolean fsmTerminated = false;
-
-    /* ---------------------- Timer ---------------------- */
-    private final Timer datTimer;
-    private final Timer ratTimer;
-    private final Timer handshakeTimer;
-    private final Timer proverHandshakeTimer;
-    private final Timer verifierHandshakeTimer;
-    /*  ----------------   end of Timer   --------------- */
-
-    public FSM(Idscp2Connection connection, SecureChannel secureChannel, DapsDriver dapsDriver,
-               String[] localSupportedRatSuite, String[] localExpectedRatSuite, long ratTimeout) {
-
-
-        /* ------------- Timeout Handler Routines ------------*/
-        Runnable handshakeTimeoutHandler = () -> {
-            LOG.debug("HANDSHAKE_TIMER_EXPIRED");
-            onControlMessage(InternalControlMessage.TIMEOUT);
-        };
-
-        Runnable datTimeoutHandler = () -> {
-            LOG.debug("DAT_TIMER_EXPIRED");
-            onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED);
-        };
-
-        Runnable ratTimeoutHandler = () -> {
-            LOG.debug("RAT_TIMER_EXPIRED");
-            onControlMessage(InternalControlMessage.REPEAT_RAT);
-        };
-
-        Runnable proverTimeoutHandler = () -> {
-            LOG.debug("RAT_PROVER_HANDSHAKE_TIMER_EXPIRED");
-            onControlMessage(InternalControlMessage.REPEAT_RAT);
-        };
-
-        Runnable verifierTimeoutHandler = () -> {
-            LOG.debug("RAT_VERIFIER_HANDSHAKE_TIMER_EXPIRED");
-            onControlMessage(InternalControlMessage.REPEAT_RAT);
-        };
-
-        this.handshakeTimer = new Timer(fsmIsBusy, handshakeTimeoutHandler);
-        this.datTimer = new Timer(fsmIsBusy, datTimeoutHandler);
-        this.ratTimer = new Timer(fsmIsBusy, ratTimeoutHandler);
-        this.proverHandshakeTimer = new Timer(fsmIsBusy, proverTimeoutHandler);
-        this.verifierHandshakeTimer = new Timer(fsmIsBusy, verifierTimeoutHandler);
-        /* ------------- end timeout routines ------------- */
-
-        /* ------------- FSM STATE Initialization -------------*/
-        states.put(FSM_STATE.STATE_CLOSED, new StateClosed(this, dapsDriver, onMessageBlock,
-                localSupportedRatSuite, localExpectedRatSuite));
-
-        states.put(FSM_STATE.STATE_WAIT_FOR_HELLO, new StateWaitForHello(this,
-                handshakeTimer, datTimer, dapsDriver, localSupportedRatSuite, localExpectedRatSuite
-        ));
-
-        states.put(FSM_STATE.STATE_WAIT_FOR_RAT, new StateWaitForRat(this, handshakeTimer,
-                verifierHandshakeTimer, proverHandshakeTimer, ratTimer, ratTimeout, dapsDriver));
-
-        states.put(FSM_STATE.STATE_WAIT_FOR_RAT_PROVER, new StateWaitForRatProver(this,
-                ratTimer, handshakeTimer, proverHandshakeTimer, dapsDriver));
-
-        states.put(FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER, new StateWaitForRatVerifier(this,
-                dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, ratTimeout));
-
-        states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT, new StateWaitForDatAndRat(this,
-                handshakeTimer, proverHandshakeTimer, datTimer, dapsDriver));
-
-        states.put(FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER,
-                new StateWaitForDatAndRatVerifier(this, handshakeTimer, datTimer, dapsDriver));
-
-        states.put(FSM_STATE.STATE_ESTABLISHED, new StateEstablished(this, dapsDriver,
-                ratTimer, handshakeTimer));
-
-
-        // Set initial state
-        currentState = states.get(FSM_STATE.STATE_CLOSED);
-
-        this.connection = connection;
-        this.secureChannel = secureChannel;
-    }
-
-    private void checkForFsmCircles() {
-        // check if current thread holds already the fsm lock, then we have a circle
-        // this runs into an issue: onControlMessage must be called only from other threads!
-        // if the current thread currently stuck within a fsm transition it will trigger another
-        // transition on the old state and undefined behaviour occurred
-        //
-        // The IDSCP2 core and default driver will not run into this issue. It's a protection for
-        // avoiding incorrect usage of the IDSCP2 library from further driver implementations
-        //
-        // Example:
-        // Thread A stuck within a transition t1 that calls a function that calls
-        // onControlMessage(InternalError). Then the error is handled in the current
-        // state and the fsm will switch into state STATE_CLOSED and close all resources.
-        //
-        // Afterwards, the thread will continue the old transition t1 that might use some of the
-        // closed resources and switch in a non-closed STATE, e.g. STATE_ESTABLISHED.
-        // So our fsm would be broken and the behaviour is undefined and could leak security
-        // vulnerabilities
-        //
-        if (fsmIsBusy.isHeldByCurrentThread()) {
-            final var e = new RuntimeException("The current thread holds the fsm lock already. "
-                    + "A circle might occur that could lead to undefined behaviour within the fsm");
-            // Log exception before throwing, since some threads swallow the exception without any notification
-            LOG.error(e.getMessage(), e);
-            throw e;
-        }
-    }
-
-    /*
-     * Get a new IDSCP2 Message from the secure channel and provide it as an event to the fsm
-     *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
-     * driver implementations
-     */
-    @Override
-    public void onMessage(byte[] data) {
-
-        //check for incorrect usage
-        checkForFsmCircles();
-
-        //parse message and create new IDSCP Message event, then pass it to current state and
-        // update new state
-        IdscpMessage message;
-        try {
-            message = IdscpMessage.parseFrom(data);
-        } catch (InvalidProtocolBufferException e) {
-            LOG.warn("Cannot parse raw data into IdscpMessage {}", data);
-            return;
-        }
-
-        Event event = new Event(message);
-        //must wait when fsm is in state STATE_CLOSED --> wait() will be notified when fsm is
-        // leaving STATE_CLOSED
-        fsmIsBusy.lock();
-        try {
-            while (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))) {
-
-                if (fsmTerminated) {
-                    return;
-                }
-
-                try {
-                    onMessageBlock.await();
-                } catch (InterruptedException e) {
-                    Thread.currentThread().interrupt();
-                }
-            }
-            feedEvent(event);
-        } finally {
-            fsmIsBusy.unlock();
-        }
-    }
-
-    /*
-     * An internal control message (ICM) occurred, provide it to the fsm as an event
-     */
-    private void onControlMessage(InternalControlMessage controlMessage) {
-        //create Internal Control Message Event and pass it to current state and update new state
-        Event e = new Event(controlMessage);
-
-        fsmIsBusy.lock();
-        try {
-            feedEvent(e);
-        } finally {
-            fsmIsBusy.unlock();
-        }
-    }
-
-    /*
-     * API for RatProver to provide Prover Messages to the fsm
-     *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
-     * driver implementations
-     *
-     * Afterwards the event for the fsm is created and the fsm lock is requested
-     *
-     * When the RatProverThread does not match the active prover tread id, the event will be
-     * ignored, else the event is provided to the fsm
-     */
-    @Override
-    public void onRatProverMessage(InternalControlMessage controlMessage, byte[] ratMessage) {
-
-        //check for incorrect usage
-        checkForFsmCircles();
-
-        //only allow rat prover messages from current thread
-        Event e;
-        if (ratMessage == null) {
-            e = new Event(controlMessage);
-        } else {
-            IdscpMessage idscpMessage = Idscp2MessageHelper.createIdscpRatProverMessage(ratMessage);
-            e = new Event(controlMessage, idscpMessage);
-        }
-
-        fsmIsBusy.lock();
-        try {
-            if (Long.toString(Thread.currentThread().getId()).equals(currentRatProverId)) {
-                feedEvent(e);
-            } else {
-                LOG.warn("An old or unknown identity calls onRatProverMessage()");
-            }
-        } finally {
-            fsmIsBusy.unlock();
-        }
-    }
-
-    /*
-     * API for RatVerifier to provide Verifier Messages to the fsm
-     *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
-     * driver implementations
-     *
-     * Afterwards the event for the fsm is created and the fsm lock is requested
-     *
-     * When the RatVerifierDriver does not match the active verifier tread id, the event will be
-     * ignored, else the event is provided to the fsm
-     */
-    @Override
-    public void onRatVerifierMessage(InternalControlMessage controlMessage, byte[] ratMessage) {
-
-        //check for incorrect usage
-        checkForFsmCircles();
-
-        //only allow rat verifier messages from current thread
-        Event e;
-        if (ratMessage == null) {
-            e = new Event(controlMessage);
-        } else {
-            IdscpMessage idscpMessage = Idscp2MessageHelper.createIdscpRatVerifierMessage(ratMessage);
-            e = new Event(controlMessage, idscpMessage);
-        }
-
-        fsmIsBusy.lock();
-        try {
-            if (Long.toString(Thread.currentThread().getId()).equals(currentRatVerifierId)) {
-                feedEvent(e);
-            } else {
-                LOG.warn("An old or unknown identity calls onRatVerifierMessage()");
-            }
-        } finally {
-            fsmIsBusy.unlock();
-        }
-    }
-
-    /*
-     * Feed the event to the current state and execute the runEntry method if the state has changed
-     */
-    private void feedEvent(Event event) {
-        State prevState = currentState;
-        currentState = currentState.feedEvent(event);
-
-        if (!prevState.equals(currentState)) {
-            currentState.runEntryCode(this);
-        }
-    }
-
-    /*
-     * API to terminate the idscp connection by the user
-     *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
-     * driver implementations
-     */
-    public void closeConnection() {
-        //check for incorrect usage
-        checkForFsmCircles();
-
-        LOG.debug("Sending stop message to connection peer...");
-        onControlMessage(InternalControlMessage.IDSCP_STOP);
-    }
-
-    /*
-     * API for the user to start the IDSCP2 handshake
-     *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
-     * driver implementations
-     */
-    public void startIdscpHandshake() throws Idscp2Exception {
-        //check for incorrect usage
-        checkForFsmCircles();
-
-        fsmIsBusy.lock();
-        try {
-            if (currentState.equals(states.get(FSM_STATE.STATE_CLOSED))) {
-                if (fsmTerminated) {
-                    throw new Idscp2Exception("FSM is in a final closed state forever");
-                }
-
-                // trigger handshake init
-                onControlMessage(InternalControlMessage.START_IDSCP_HANDSHAKE);
-
-                // wait until handshake was successful or failed
-                while (!handshakeResultAvailable) {
-                    idscpHandshakeLock.await();
-                }
-
-                if (!isConnected() && !fsmTerminated) {
-                    //handshake failed, throw exception
-                    throw new Idscp2Exception("Handshake failed");
-                }
-
-            } else {
-                throw new Idscp2Exception("Handshake has already been started");
-            }
-        } catch (InterruptedException e) {
-            throw new Idscp2Exception("Handshake failed because thread was interrupted");
-        } finally {
-            fsmIsBusy.unlock();
-        }
-    }
-
-    /*
-     * Send idscp data from the fsm via the secure channel to the peer
-     */
-    boolean sendFromFSM(IdscpMessage msg) {
-        //send messages from fsm
-        return secureChannel.send(msg.toByteArray());
-    }
-
-    /*
-     * Provide an Internal Control Message to the FSM
-     *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
-     * driver implementations
-     */
-    @Override
-    public void onError(Throwable t) {
-        // Broadcast the error to the respective listeners
-        connection.onError(t);
-
-        // Check for incorrect usage
-        checkForFsmCircles();
-
-        onControlMessage(InternalControlMessage.ERROR);
-    }
-
-    /*
-     * Provide an Internal Control Message to the FSM, caused by a secure channel closure
-     *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
-     * driver implementations
-     */
-    @Override
-    public void onClose() {
-        // Check for incorrect usage
-        checkForFsmCircles();
-
-        onControlMessage(InternalControlMessage.IDSCP_STOP);
-    }
-
-    /*
-     * Send idscp message from the User via the secure channel
-     */
-    public void send(String type, byte[] msg) {
-        // Send messages from user only when idscp connection is established
-        idscpHandshakeCompletedLatch.await();
-        fsmIsBusy.lock();
-        try {
-            if (isConnected()) {
-                IdscpMessage idscpMessage = Idscp2MessageHelper.createIdscpDataMessage(type, msg);
-                if (!secureChannel.send(idscpMessage.toByteArray())) {
-                    LOG.error("Cannot send IDSCP_DATA via secure channel");
-                    onControlMessage(InternalControlMessage.ERROR);
-                }
-            } else {
-                LOG.error("Cannot send IDSCP_DATA because connection is not established");
-            }
-        } finally {
-            fsmIsBusy.unlock();
-        }
-    }
-
-    /*
-     * Check if FSM is in STATE ESTABLISHED
-     */
-    public boolean isConnected() {
-        return currentState.equals(states.get(FSM_STATE.STATE_ESTABLISHED));
-    }
-
-    /*
-     * Notify handshake lock about result
-     */
-    void notifyHandshakeCompleteLock() {
-        fsmIsBusy.lock();
-        try {
-            handshakeResultAvailable = true;
-            idscpHandshakeLock.signal();
-            idscpHandshakeCompletedLatch.unlock();
-        } finally {
-            fsmIsBusy.unlock();
-        }
-    }
-
-    /*
-     * Calculate the RatProver mechanism
-     *
-     * Return the String of the cipher or null if no match was found
-     */
-    String getRatProverMechanism(String[] localSupportedProver, Object[] remoteExpectedVerifier) {
-        //toDo implement logic
-        return localSupportedProver[0];
-    }
-
-    /*
-     * Calculate the RatVerifier mechanism
-     *
-     * Return the String of the cipher or null if no match was found
-     */
-    String getRatVerifierMechanism(String[] localExpectedVerifier, Object[] remoteSupportedProver) {
-        //toDo implement logic
-        return localExpectedVerifier[0];
-    }
-
-    /*
-     * Stop current RatVerifier if active and start the RatVerifier from the
-     * RatVerifierDriver Registry that matches the verifier mechanism
-     *
-     * return false if no match was found
-     */
-    @SuppressWarnings("BooleanMethodIsAlwaysInverted")
-    boolean restartRatVerifierDriver() {
-        //assume verifier mechanism is set
-        stopRatVerifierDriver();
-        ratVerifierDriver = RatVerifierDriverRegistry.startRatVerifierDriver(verifierMechanism, this);
-        if (ratVerifierDriver == null) {
-            LOG.error("Cannot create instance of RAT_VERIFIER_DRIVER");
-            currentRatVerifierId = "";
-            return false;
-        } else {
-            //safe the thread ID
-            currentRatVerifierId = Long.toString(ratVerifierDriver.getId());
-            LOG.debug("Start verifier_handshake timeout");
-            this.verifierHandshakeTimer.resetTimeout(5);
-            return true;
-        }
-    }
-
-    /*
-     * Terminate the RatVerifierDriver
-     */
-    void stopRatVerifierDriver() {
-        verifierHandshakeTimer.cancelTimeout();
-        if (ratVerifierDriver != null && ratVerifierDriver.isAlive()) {
-            ratVerifierDriver.interrupt();
-            ratVerifierDriver.terminate();
-        }
-    }
-
-    /*
-     * Stop current RatProver if active and start the RatProver from the
-     * RatProverDriver Registry that matches the prover mechanism
-     *
-     * return false if no match was found
-     */
-    @SuppressWarnings("BooleanMethodIsAlwaysInverted")
-    boolean restartRatProverDriver() {
-        //assume prover mechanism is set
-        stopRatProverDriver();
-        ratProverDriver = RatProverDriverRegistry.startRatProverDriver(proverMechanism, this);
-        if (ratProverDriver == null) {
-            LOG.error("Cannot create instance of RAT_PROVER_DRIVER");
-            currentRatProverId = "";
-            return false;
-        } else {
-            //safe the thread ID
-            currentRatProverId = Long.toString(ratProverDriver.getId());
-            LOG.debug("Start prover_handshake timeout");
-            this.proverHandshakeTimer.resetTimeout(5);
-            return true;
-        }
-    }
-
-    /*
-     * Terminate the RatProverDriver
-     */
-    void stopRatProverDriver() {
-        proverHandshakeTimer.cancelTimeout();
-        if (ratProverDriver != null && ratProverDriver.isAlive()) {
-            ratProverDriver.interrupt();
-            ratProverDriver.terminate();
-        }
-    }
-
-    /*
-     * Lock the fsm forever, terminate the timers and drivers, close the secure channel
-     * and notify handshake lock if necessary
-     */
-    void shutdownFsm() {
-        LOG.debug("Shutting down FSM of connection {}...", connection.getId());
-
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("Running close handlers of connection {}...", connection.getId());
-        }
-        connection.onClose();
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("Closing secure channel of connection {}...", connection.getId());
-        }
-        secureChannel.close();
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("Clearing timeouts...");
-        }
-        datTimer.cancelTimeout();
-        ratTimer.cancelTimeout();
-        handshakeTimer.cancelTimeout();
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("Stopping RAT components...");
-        }
-        // Cancels proverHandshakeTimer
-        this.stopRatProverDriver();
-        // Cancels verifierHandshakeTimer
-        this.stopRatVerifierDriver();
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("Mark FSM as terminated...");
-        }
-        fsmTerminated = true;
-
-        // Notify upper layer via handshake or closeListener
-        if (!handshakeResultAvailable) {
-            if (LOG.isTraceEnabled()) {
-                LOG.trace("Notify handshake lock...");
-            }
-            notifyHandshakeCompleteLock();
-        }
-    }
-
-    /*
-     * Provide IDSCP2 message to the message listener
-     */
-    void notifyIdscpMsgListener(String type, byte[] data) {
-        this.connection.onMessage(type, data);
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("Idscp data of type \"{}\" has been passed to connection listener", type);
-        }
-    }
-
-    //
-    // Getter
-    //
-
-    RatVerifierDriver getRatVerifierDriver() {
-        return ratVerifierDriver;
-    }
-
-    RatProverDriver getRatProverDriver() {
-        return ratProverDriver;
-    }
-
-    State getState(FSM_STATE state) {
-        return states.get(state);
-    }
-
-    public boolean isNotClosed() {
-        return currentState.equals(getState(FSM_STATE.STATE_CLOSED));
-    }
-
-    //
-    // Setter
-    //
-
-    void setRatMechanisms(String proverMechanism, String verifierMechanism) {
-        this.proverMechanism = proverMechanism;
-        this.verifierMechanism = verifierMechanism;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
deleted file mode 100644
index 671ed27e0..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/InternalControlMessage.java
+++ /dev/null
@@ -1,34 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-/**
- * An enum that wraps the internal control messages of the IDSCP2 protocol to trigger transitions
- * by non-IDSCP2-message-events
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public enum InternalControlMessage {
-    START_IDSCP_HANDSHAKE("ICM_START"),
-    IDSCP_STOP("ICM_STOP"),
-    DAT_TIMER_EXPIRED("ICM_DAT_TIMER_EXPIRED"),
-    RAT_TIMER_EXPIRED("ICM_RAT_TIMER_EXPIRED"),
-    REPEAT_RAT("ICM_REPEAT_RAT"),
-    RAT_VERIFIER_OK("ICM_RAT_V_OK"),
-    RAT_VERIFIER_FAILED("ICM_RAT_V_FAILED"),
-    RAT_PROVER_OK("ICM_RAT_P_OK"),
-    RAT_PROVER_FAILED("ICM_RAT_P_FAILED"),
-    RAT_PROVER_MSG("ICM_RAT_PROVER_MSG"),
-    RAT_VERIFIER_MSG("ICM_RAT_VERIFIER_MSG"),
-    ERROR("ICM_ERROR"),
-    TIMEOUT("ICM_TIMEOUT");
-
-    //set unique values that are different from IdscpMessage.MessageCase ot identify event.key
-    private final String id;
-
-    InternalControlMessage(String id) {
-        this.id = id;
-    }
-
-    public String getValue() {
-        return id;
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
deleted file mode 100644
index f445fbab6..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateClosed.java
+++ /dev/null
@@ -1,104 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.Arrays;
-import java.util.concurrent.locks.Condition;
-import java.util.stream.Collectors;
-
-/**
- * The Closed State of the FSM of the IDSCP2 protocol.
- * The FSM is in the Closed state either before any transition was triggered (in this case, the
- * Closed State is the FSM Start state) or after the connection was closed (in this case, the
- * Closed State is the FSM final state without any outgoing transitions)
- * <p>
- * When the FSM go from any State into the Closed State again, the FSM is locked forever and all
- * involved actors like RatDrivers and Timers will be terminated
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class StateClosed extends State {
-    private static final Logger LOG = LoggerFactory.getLogger(StateClosed.class);
-
-    public StateClosed(FSM fsm,
-                       DapsDriver dapsDriver,
-                       Condition onMessageLock,
-                       String[] localSupportedRatSuite,
-                       String[] localExpectedRatSuite) {
-
-
-        /*---------------------------------------------------
-         * STATE_CLOSED - Transition Description
-         * ---------------------------------------------------
-         * onICM: start_handshake --> {send IDSCP_HELLO, set handshake_timeout} --> STATE_WAIT_FOR_HELLO
-         * ALL_OTHER_MESSAGES ---> STATE_CLOSED
-         * --------------------------------------------------- */
-        this.addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.getValue(), new Transition(
-                event -> {
-
-                    LOG.debug("Get DAT Token vom DAT_DRIVER");
-                    byte[] dat = dapsDriver.getToken();
-
-                    LOG.debug("Send IDSCP_HELLO");
-                    IDSCP2.IdscpMessage idscpHello = Idscp2MessageHelper.
-                            createIdscpHelloMessage(dat, localSupportedRatSuite, localExpectedRatSuite);
-
-                    if (!fsm.sendFromFSM(idscpHello)) {
-                        LOG.error("Cannot send IdscpHello. Close connection");
-                        runEntryCode(fsm);
-                        onMessageLock.signalAll();
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    runExitCode(onMessageLock);
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_HELLO);
-                }
-        ));
-
-        // This origins from onClose(), so just ignore it
-        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    if (LOG.isTraceEnabled()) {
-                        LOG.trace("Received STOP in STATE_CLOSED, ignored.");
-                    }
-                    return this;
-                }
-        ));
-
-        this.setNoTransitionHandler(
-                event -> {
-                    if (LOG.isDebugEnabled()) {
-                        LOG.debug("No transition available for given event {}, stack trace for analysis:\n{}",
-                                event,
-                                Arrays.stream(Thread.currentThread().getStackTrace())
-                                        .skip(1)
-                                        .map(Object::toString)
-                                        .collect(Collectors.joining("\n")));
-                        LOG.debug("Stay in state STATE_CLOSED");
-                    }
-                    return this;
-                }
-        );
-
-    }
-
-    private void runExitCode(Condition onMessageLock) {
-        //State Closed exit code
-        onMessageLock.signalAll(); //enables fsm.onMessage()
-    }
-
-    @Override
-    void runEntryCode(FSM fsm) {
-        //State Closed entry code
-        LOG.debug("Switched to state STATE_CLOSED");
-        fsm.shutdownFsm();
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
deleted file mode 100644
index b7e09f9a9..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateEstablished.java
+++ /dev/null
@@ -1,150 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * The Established State of the FSM of the IDSCP2 protocol.
- * Allows message exchange over the IDSCP2 protocol between two connectors
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class StateEstablished extends State {
-    private static final Logger LOG = LoggerFactory.getLogger(StateEstablished.class);
-
-    public StateEstablished(FSM fsm,
-                            DapsDriver dapsDriver,
-                            Timer ratTimer,
-                            Timer handshakeTimer) {
-
-
-        /*---------------------------------------------------
-         * STATE_ESTABLISHED - Transition Description
-         * ---------------------------------------------------
-         * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
-         * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * //onICM: send_data ---> {send IDS_DATA} ---> STATE_ESTABLISHED
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_ESTABLISHED
-         * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
-         * --------------------------------------------------- */
-        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Error occurred, close idscp connection");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER");
-                    ratTimer.cancelTimeout();
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                        LOG.error("Cannot send ReRat message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    if (!fsm.restartRatVerifierDriver()) {
-                        LOG.error("Cannot run Rat verifier, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
-                event -> {
-                    ratTimer.cancelTimeout();
-                    LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED");
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                        LOG.error("Cannot send DatExpired message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    LOG.debug("Set handshake timeout");
-                    handshakeTimer.resetTimeout(5);
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER");
-
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("DAT expired. Send new DAT and repeat RAT");
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                        LOG.error("Cannot send Dat message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATA_FIELD_NUMBER, new Transition(
-                event -> {
-                    IDSCP2.IdscpData data = event.getIdscpMessage().getIdscpData();
-                    fsm.notifyIdscpMsgListener(data.getType(), data.getData().toByteArray());
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Receive IDSCP_CLOSED");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_ESTABLISHED");
-                    return this;
-                }
-        );
-    }
-
-    @Override
-    void runEntryCode(FSM fsm) {
-        LOG.debug("Switched to state STATE_ESTABLISHED");
-        fsm.notifyHandshakeCompleteLock();
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
deleted file mode 100644
index afd823d77..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRat.java
+++ /dev/null
@@ -1,182 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * The Wait_For_Dat_And_Rat State of the FSM of the IDSCP2 protocol.
- * Waits for a new valid dynamic attribute token from the peer as well as for the RatProver and
- * RatVerifier to decide whether the connection will be established or not
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class StateWaitForDatAndRat extends State {
-    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForDatAndRat.class);
-
-    public StateWaitForDatAndRat(FSM fsm,
-                                 Timer handshakeTimer,
-                                 Timer proverHandshakeTimer,
-                                 Timer datTimer,
-                                 DapsDriver dapsDriver
-    ) {
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_DAT_AND_RAT - Transition Description
-         * ---------------------------------------------------
-         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), timeouts.stop()} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT(success) ---> {verify dat, start dat_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_DAT(failed) ---> {verify dat, send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
-         * --------------------------------------------------- */
-        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("An internal control error occurred");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                            IDSCP2.IdscpClose.CloseCause.TIMEOUT));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received RAT_PROVER OK");
-                    proverHandshakeTimer.cancelTimeout();
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
-                event -> {
-                    LOG.error("RAT_PROVER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
-                            IDSCP2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_RAT_PROVER");
-                    if (!fsm.sendFromFSM(event.getIdscpMessage())) {
-                        LOG.error("Cannot send rat prover message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    handshakeTimer.cancelTimeout();
-                    LOG.debug("Verify received DAT");
-                    //check if Dat is available and verify dat
-                    byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
-                    long datValidityPeriod;
-                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))) {
-                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                                "No valid DAT", IDSCP2.IdscpClose.CloseCause.NO_VALID_DAT));
-                        return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                    }
-
-                    LOG.debug("Remote DAT is valid. Set dat timeout");
-                    datTimer.resetTimeout(datValidityPeriod);
-                    //start RAT Verifier
-                    if (!fsm.restartRatVerifierDriver()) {
-                        LOG.error("Cannot run Rat verifier, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                        LOG.error("Cannot send Dat message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    assert event.getIdscpMessage().hasIdscpRatVerifier();
-                    fsm.getRatProverDriver().delegate(event.getIdscpMessage().getIdscpRatVerifier()
-                            .getData().toByteArray());
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-                    return this;
-                }
-        ));
-
-        this.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    return this;
-                }
-        );
-    }
-
-    @Override
-    void runEntryCode(FSM fsm) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT");
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
deleted file mode 100644
index afaa67b9b..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForDatAndRatVerifier.java
+++ /dev/null
@@ -1,136 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * The Wait_For_Dat_And_Rat_Verifier State of the FSM of the IDSCP2 protocol.
- * Wait for a new dynamic attribute token from the peer, since the old one is not valid anymore
- * and waits for the RatVerifier after successful verification of the Dat to decide if the IDSCP2
- * connection will be established
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class StateWaitForDatAndRatVerifier extends State {
-    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForDatAndRatVerifier.class);
-
-    public StateWaitForDatAndRatVerifier(FSM fsm,
-                                         Timer handshakeTimer,
-                                         Timer datTimer,
-                                         DapsDriver dapsDriver) {
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER - Transition Description
-         * ---------------------------------------------------
-         * onICM: stop ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: error ---> {} ---> STATE_CLOSED
-         * onICM: timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT(success) --> {verify DAT, set det_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFEIER
-         * onMessage: IDSCP_DAT(failed) --> {verify DAT, send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_RE_RAT ---> {start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * --------------------------------------------------- */
-        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("An internal control error occurred");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                            IDSCP2.IdscpClose.CloseCause.TIMEOUT));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPDAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    handshakeTimer.cancelTimeout();
-                    LOG.debug("Verify received DAT");
-                    //check if Dat is available and verify dat
-                    byte[] dat = event.getIdscpMessage().getIdscpDat().getToken().toByteArray();
-                    long datValidityPeriod;
-                    if (0 > (datValidityPeriod = dapsDriver.verifyToken(dat, null))) {
-                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT", IDSCP2.IdscpClose.CloseCause.NO_VALID_DAT));
-                        return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                    }
-                    LOG.debug("Remote DAT is valid. Set dat timeout");
-                    datTimer.resetTimeout(datValidityPeriod);
-                    //start RAT Verifier
-                    if (!fsm.restartRatVerifierDriver()) {
-                        LOG.error("Cannot run Rat verifier, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                        LOG.error("Cannot send DAT message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
-                }
-        ));
-
-        this.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    return this;
-                }
-        );
-    }
-
-    @Override
-    void runEntryCode(FSM fsm) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER");
-        LOG.debug("Set handshake timeout");
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
deleted file mode 100644
index d4f3edb9a..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForHello.java
+++ /dev/null
@@ -1,156 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * The Wait_For_Hello State of the FSM of the IDSCP2 protocol.
- * Waits for the Idscpv2 Hellp Message that contains the protocol version, the supported and
- * expected remote attestation cipher suites and the dynamic attribute token (DAT) of the peer.
- * <p>
- * Goes into the WAIT_FOR_RAT State when valid Rat mechanisms were found and the DAT is valid
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class StateWaitForHello extends State {
-    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForHello.class);
-
-    private final Timer handshakeTimer;
-
-    public StateWaitForHello(FSM fsm,
-                             Timer handshakeTimer,
-                             Timer datTimer,
-                             DapsDriver dapsDriver,
-                             String[] localSupportedRatSuite,
-                             String[] localExpectedRatSuite) {
-
-        this.handshakeTimer = handshakeTimer;
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_HELLO - Transition Description
-         * ---------------------------------------------------
-         * onICM: error --> {} ---> STATE_CLOSED
-         * onICM: stop --> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: timeout --> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_CLOSE---> {} ---> STATE_CLOSED
-         * onMessage: IDSCP_HELLO (no rat match) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_HELLO (invalid DAT) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_HELLO (SUCCESS) ---> {verify DAT, match RAT, set DAT Timeout, start RAT P&V,
-         *                                        set handshake_timeout} ---> STATE_WAIT_FOR_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_HELLO
-         * --------------------------------------------------- */
-        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("An internal control error occurred");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received stop signal from user. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake Timeout",
-                            IDSCP2.IdscpClose.CloseCause.TIMEOUT));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPHELLO_FIELD_NUMBER, new Transition(
-                event -> {
-                    handshakeTimer.cancelTimeout();
-
-                    LOG.debug("Received IDSCP_HELLO");
-                    IDSCP2.IdscpHello idscpHello = event.getIdscpMessage().getIdscpHello();
-
-                    LOG.debug("Calculate Rat mechanisms");
-                    String proverMechanism = fsm.getRatProverMechanism(localSupportedRatSuite,
-                            idscpHello.getExpectedRatSuiteList().toArray());
-                    if (proverMechanism == null) {
-                        LOG.debug("Cannot find a match for RAT proverr. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                                "No match for RAT Prover mechanism",
-                                IDSCP2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_PROVER));
-                        return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                    }
-
-                    String verifierMechanism = fsm.getRatVerifierMechanism(localExpectedRatSuite,
-                            idscpHello.getSupportedRatSuiteList().toArray());
-                    if (verifierMechanism == null) {
-                        LOG.debug("Cannot find a match for RAT verifier. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                                "No match for RAT Verifier mechanism",
-                                IDSCP2.IdscpClose.CloseCause.NO_RAT_MECHANISM_MATCH_VERIFIER));
-                        return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                    }
-
-                    LOG.debug("Verify received DAT");
-                    //check if Dat is available and verify dat
-                    long datValidityPeriod;
-                    if (!idscpHello.hasDynamicAttributeToken() || 0 > (datValidityPeriod = dapsDriver
-                            .verifyToken(idscpHello.getDynamicAttributeToken().getToken().toByteArray(), null))) {
-                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE");
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT",
-                                IDSCP2.IdscpClose.CloseCause.NO_VALID_DAT));
-                        return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                    }
-
-                    LOG.debug("Remote DAT is valid. Set dat timeout to its validity period");
-                    datTimer.resetTimeout(datValidityPeriod);
-
-                    fsm.setRatMechanisms(proverMechanism, verifierMechanism);
-
-                    LOG.debug("Start RAT Prover and Verifier");
-
-                    if (!fsm.restartRatVerifierDriver()) {
-                        LOG.error("Cannot run Rat verifier, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
-                }
-        ));
-
-        this.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_HELLO");
-                    return this;
-                }
-        );
-    }
-
-
-    @Override
-    void runEntryCode(FSM fsm) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_HELLO");
-        LOG.debug("Set handshake timeout to 5 seconds");
-        handshakeTimer.resetTimeout(5);
-    }
-
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
deleted file mode 100644
index 14f59d985..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRat.java
+++ /dev/null
@@ -1,213 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * The Wait_For_Rat State of the FSM of the IDSCP2 protocol.
- * Waits for the RatProver and RatVerifier Result to decide whether the connection will be
- * established
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class StateWaitForRat extends State {
-    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForRat.class);
-
-    public StateWaitForRat(FSM fsm,
-                           Timer handshakeTimer,
-                           Timer verifierHandshakeTimer,
-                           Timer proverHandshakeTimer,
-                           Timer ratTimer,
-                           long ratTimerDelay,
-                           DapsDriver dapsDriver) {
-
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_RAT - Transition Description
-         * ---------------------------------------------------
-         * onICM: error ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
-         * onICM: stop ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> IDSCP_CLOSED
-         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onICM: rat_prover_failed ---> {ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_verifier_failed ---> {ratP.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onICM: dat_timeout ---> {send DAT_EXPIRED, ratV.cancel()} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onICM: handshake_timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_RAT_PROVER ---> {delegate to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send DAT, ratP.restart()} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
-         * --------------------------------------------------- */
-        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("An internal control error occurred");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received RAT_PROVER OK");
-                    proverHandshakeTimer.cancelTimeout();
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_VERIFIER);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received RAT_VERIFIER OK");
-                    verifierHandshakeTimer.cancelTimeout();
-                    ratTimer.resetTimeout(ratTimerDelay);
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT_PROVER);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
-                event -> {
-                    LOG.error("RAT_PROVER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
-                            IDSCP2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
-                event -> {
-                    LOG.error("RAT_VERIFIER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
-                            IDSCP2.IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_RAT_PROVER");
-
-                    if (!fsm.sendFromFSM(event.getIdscpMessage())) {
-                        LOG.error("Cannot send rat prover message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return this;
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_RAT_VERIFIER");
-
-                    if (!fsm.sendFromFSM(event.getIdscpMessage())) {
-                        LOG.error("Cannot send rat verifier message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return this;
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
-                event -> {
-                    LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER");
-                    fsm.stopRatVerifierDriver();
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                        LOG.error("Cannot send DatExpired message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    LOG.debug("Start Handshake Timer");
-                    handshakeTimer.resetTimeout(5);
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                            IDSCP2.IdscpClose.CloseCause.TIMEOUT));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    assert event.getIdscpMessage().hasIdscpRatVerifier();
-                    fsm.getRatProverDriver().delegate(event.getIdscpMessage().getIdscpRatVerifier()
-                            .getData().toByteArray());
-
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
-                    assert event.getIdscpMessage().hasIdscpRatProver();
-                    fsm.getRatVerifierDriver().delegate(event.getIdscpMessage().getIdscpRatProver()
-                            .getData().toByteArray());
-
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                        LOG.error("Cannot send DAT message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT");
-                    return this;
-                }
-        );
-    }
-
-    @Override
-    void runEntryCode(FSM fsm) {
-        LOG.debug("Switch to state STATE_WAIT_FOR_RAT");
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
deleted file mode 100644
index dc5f144d5..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatProver.java
+++ /dev/null
@@ -1,195 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * The Wait_For_Rat_Prover State of the FSM of the IDSCP2 protocol.
- * Waits only for the RatProver Result to decide whether the connection will be established
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class StateWaitForRatProver extends State {
-    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForRatProver.class);
-
-    public StateWaitForRatProver(FSM fsm,
-                                 Timer ratTimer,
-                                 Timer handshakeTimer,
-                                 Timer proverHandshakeTimer,
-                                 DapsDriver dapsDriver) {
-
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_RAT_PROVER - Transition Description
-         * ---------------------------------------------------
-         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER, timeouts.terminate()} ---> STATE_CLOSED
-         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onICM: rat_prover_ok ---> {} ---> STATE_ESTABLISHED
-         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE, terminate ratP, cancel timeouts} ---> STATE_CLOSED
-         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onICM: repeat_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_PROVER
-         * --------------------------------------------------- */
-        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("An internal control error occurred");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                            IDSCP2.IdscpClose.CloseCause.TIMEOUT));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
-                event -> {
-                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED");
-                    ratTimer.cancelTimeout();
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                        LOG.error("Cannot send DatExpired message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    LOG.debug("Start Handshake Timer");
-                    handshakeTimer.resetTimeout(5);
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_PROVER_OK.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received RAT_PROVER OK");
-                    proverHandshakeTimer.cancelTimeout();
-                    return fsm.getState(FSM.FSM_STATE.STATE_ESTABLISHED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_PROVER_FAILED.getValue(), new Transition(
-                event -> {
-                    LOG.error("RAT_PROVER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
-                            IDSCP2.IdscpClose.CloseCause.RAT_PROVER_FAILED));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_PROVER_MSG.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_RAT_PROVER");
-
-                    if (!fsm.sendFromFSM(event.getIdscpMessage())) {
-                        LOG.error("Cannot send rat prover message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return this;
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.REPEAT_RAT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER");
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                        LOG.error("Cannot send ReRat message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    ratTimer.cancelTimeout();
-
-                    if (!fsm.restartRatVerifierDriver()) {
-                        LOG.error("Cannot run Rat verifier, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER");
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                        LOG.error("Cannot send DAT message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER");
-                    assert event.getIdscpMessage().hasIdscpRatVerifier();
-                    fsm.getRatProverDriver().delegate(event.getIdscpMessage().getIdscpRatVerifier()
-                            .getData().toByteArray());
-
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER");
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-                    return this;
-                }
-        ));
-
-        this.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER");
-                    return this;
-                }
-        );
-    }
-
-    @Override
-    void runEntryCode(FSM fsm) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_RAT_PROVER");
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
deleted file mode 100644
index e0a3d5460..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/StateWaitForRatVerifier.java
+++ /dev/null
@@ -1,175 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FSM.FSM_STATE;
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * The Wait_For_Rat_Verifier State of the FSM of the IDSCP2 protocol.
- * Waits only for the RatVerifier Result to decide whether the connection will be established
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class StateWaitForRatVerifier extends State {
-    private static final Logger LOG = LoggerFactory.getLogger(StateWaitForRatVerifier.class);
-
-    public StateWaitForRatVerifier(FSM fsm,
-                                   DapsDriver dapsDriver,
-                                   Timer ratTimer,
-                                   Timer handshakeTimer,
-                                   Timer verifierHandshakeTimer,
-                                   long ratTimeoutDelay) {
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_RAT_VERIFIER - Transition Description
-         * ---------------------------------------------------
-         * onICM: error ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onICM: close ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED, cancel ratV} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_ESTABLISHED
-         * onICM: rat_verifier_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onMessage: IDSCP_RAT_PROVER ---> {delegat to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onMessage: IDSCP_RE_RAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * --------------------------------------------------- */
-        this.addTransition(InternalControlMessage.IDSCP_STOP.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            IDSCP2.IdscpClose.CloseCause.USER_SHUTDOWN));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.ERROR.getValue(), new Transition(
-                event -> {
-                    LOG.debug("An internal control error occurred");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.TIMEOUT.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", IDSCP2.IdscpClose.CloseCause.TIMEOUT));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.getValue(), new Transition(
-                event -> {
-                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER");
-                    fsm.stopRatVerifierDriver();
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                        LOG.error("Cannot send DatExpired message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    LOG.debug("Start Handshake Timer");
-                    handshakeTimer.resetTimeout(5);
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_VERIFIER_OK.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Received RAT_VERIFIER OK");
-                    verifierHandshakeTimer.cancelTimeout();
-                    LOG.debug("Start RAT Timer");
-                    ratTimer.resetTimeout(ratTimeoutDelay);
-                    return fsm.getState(FSM.FSM_STATE.STATE_ESTABLISHED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.getValue(), new Transition(
-                event -> {
-                    LOG.error("RAT_VERIFIER failed");
-                    LOG.debug("Send IDSC_CLOSE");
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
-                            IDSCP2.IdscpClose.CloseCause.RAT_VERIFIER_FAILED));
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(InternalControlMessage.RAT_VERIFIER_MSG.getValue(), new Transition(
-                event -> {
-                    LOG.debug("Send IDSCP_RAT_VERIFIER");
-
-                    if (!fsm.sendFromFSM(event.getIdscpMessage())) {
-                        LOG.error("Cannot send rat verifier message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_CLOSE");
-                    return fsm.getState(FSM.FSM_STATE.STATE_CLOSED);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER");
-
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.getToken()))) {
-                        LOG.error("Cannot send DAT message");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER");
-                    assert event.getIdscpMessage().hasIdscpRatProver();
-                    fsm.getRatVerifierDriver().delegate(event.getIdscpMessage().getIdscpRatProver()
-                            .getData().toByteArray());
-                    return this;
-                }
-        ));
-
-        this.addTransition(IDSCP2.IdscpMessage.IDSCPRERAT_FIELD_NUMBER, new Transition(
-                event -> {
-                    LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER");
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection");
-                        return fsm.getState(FSM_STATE.STATE_CLOSED);
-                    }
-                    return fsm.getState(FSM.FSM_STATE.STATE_WAIT_FOR_RAT);
-                }
-        ));
-
-        this.setNoTransitionHandler(
-                event -> {
-                    LOG.debug("No transition available for given event " + event.toString());
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER");
-                    return this;
-                }
-        );
-    }
-
-    @Override
-    void runEntryCode(FSM fsm) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_RAT_VERIFIER");
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
deleted file mode 100644
index 44a78b5ad..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Timer.java
+++ /dev/null
@@ -1,50 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import java.util.concurrent.locks.ReentrantLock;
-
-/**
- * A Timer class that provides an API to the FSN to start and cancel timeout threads
- * The timer ensures that no canceled timer is able to trigger a timeout transitions
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class Timer {
-
-    private TimerThread thread = null;
-    private final ReentrantLock fsmIsBusy;
-    private final ReentrantLock mutex = new ReentrantLock(true);
-    private final Runnable timeoutHandler;
-
-    Timer(ReentrantLock fsmIsBusy, Runnable timeoutHandler) {
-        this.fsmIsBusy = fsmIsBusy;
-        this.timeoutHandler = timeoutHandler;
-    }
-
-    void resetTimeout(long delay) {
-        cancelTimeout();
-        start(delay);
-    }
-
-    /*
-     * Start a timer thread that triggers the timeout handler routine after a given timout delay
-     */
-    public void start(long delay) {
-        mutex.lock();
-        thread = new TimerThread(delay, timeoutHandler, fsmIsBusy);
-        thread.start();
-        mutex.unlock();
-    }
-
-    /*
-     * Cancel the current timer thread
-     */
-    void cancelTimeout() {
-        mutex.lock();
-        if (thread != null) {
-            thread.safeStop();
-            thread = null;
-        }
-        mutex.unlock();
-    }
-}
-
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
deleted file mode 100644
index 95ed0ba81..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/Transition.java
+++ /dev/null
@@ -1,21 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
-
-import java.util.function.Function;
-
-/**
- * Transition class for State machine, provides a doTransition method
- * that returns the next state for a given event
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Transition {
-    private final Function<Event, State> eventHandler;
-
-    Transition(Function<Event, State> eventHandler) {
-        this.eventHandler = eventHandler;
-    }
-
-    State doTransition(Event e) {
-        return eventHandler.apply(e);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java
deleted file mode 100644
index 5f54eae88..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/Idscp2Server.java
+++ /dev/null
@@ -1,70 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.idscp_server;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer;
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;
-
-/**
- * An IDSCP2 Server that has the control about the underlying secure server and caches all active
- * connections that belong to the secure server
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class Idscp2Server implements ServerConnectionListener {
-    private static final Logger LOG = LoggerFactory.getLogger(Idscp2Server.class);
-
-    private final SecureServer secureServer;
-    private final Set<Idscp2Connection> connections = Collections.synchronizedSet(new HashSet<>());
-
-    public Idscp2Server(SecureServer secureServer) {
-        this.secureServer = secureServer;
-    }
-
-    /*
-     * Terminate the IDSCP2 server, the secure server and close all connections
-     */
-    public void terminate() {
-        LOG.info("Terminating IDSCP2 server {}", this.toString());
-        terminateAllSessions();
-        secureServer.safeStop();
-    }
-
-    /*
-     * Close all open IDSCP2 connections of this server
-     */
-    public void terminateAllSessions() {
-        for (Idscp2Connection connection : connections) {
-            connection.close();
-            LOG.debug("Idscp connection with id {} has been closed", connection.getId());
-            connections.remove(connection);
-        }
-    }
-
-    public void onConnectionCreated(Idscp2Connection connection) {
-        connections.add(connection);
-    }
-
-    public void onConnectionClose(Idscp2Connection connection) {
-        connections.remove(connection);
-    }
-
-    /*
-     * Check if the server is running
-     */
-    public boolean isRunning() {
-        return secureServer.isRunning();
-    }
-
-    /*
-     * return a list of all open IDSCP2 connections of this server
-     */
-    public Set<Idscp2Connection> getAllConnections() {
-        return Collections.unmodifiableSet(connections);
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/ServerConnectionListener.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/ServerConnectionListener.java
deleted file mode 100644
index 548a7f051..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/idscp_server/ServerConnectionListener.java
+++ /dev/null
@@ -1,10 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.idscp_server;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
-
-public interface ServerConnectionListener {
-
-    void onConnectionCreated(Idscp2Connection connection);
-
-    void onConnectionClose(Idscp2Connection connection);
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
deleted file mode 100644
index a9c052dfa..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.java
+++ /dev/null
@@ -1,98 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry;
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-
-import java.lang.reflect.InvocationTargetException;
-import java.util.concurrent.ConcurrentHashMap;
-
-/**
- * A Rat Prover Driver Registry
- * The User can register Driver implementation instances and its configurations to the registry
- * <p>
- * The Idscpv2 protocol will select during the idscp handshake a Rat Prover mechanism and will
- * check for this RatProver in this registry
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class RatProverDriverRegistry {
-    private static RatProverDriverRegistry instance;
-    private static final ConcurrentHashMap<String, DriverWrapper> drivers = new ConcurrentHashMap<>();
-
-    private RatProverDriverRegistry() {
-    }
-
-    public static RatProverDriverRegistry getInstance() {
-        if (instance == null) {
-            instance = new RatProverDriverRegistry();
-        }
-
-        return instance;
-    }
-
-    /*
-     * To start a Rat Prover from the finite state machine
-     *
-     * First we check if the registry contains the RatProver instance, then we create a new
-     * RatProverDriver from the driver wrapper that holds the corresponding RatProverDriver class.
-     *
-     * The finite state machine is registered as the communication partner for the RatProver.
-     * The RatProver will be initialized with a configuration, if present. Then it is started.
-     */
-    public static RatProverDriver startRatProverDriver(String instance, FsmListener listener) {
-        DriverWrapper driverWrapper = drivers.get(instance);
-        if (driverWrapper == null) {
-            return null;
-        }
-
-        try {
-            RatProverDriver driver = driverWrapper.driverClass.getDeclaredConstructor().newInstance();
-            driver.setListener(listener);
-            if (driverWrapper.driverConfig != null) {
-                driver.setConfig(driverWrapper.driverConfig);
-            }
-            driver.start();
-            return driver;
-
-        } catch (NoSuchMethodException | InstantiationException | IllegalAccessException |
-                InvocationTargetException e) {
-            return null;
-        }
-    }
-
-
-    /*
-     * Register Rat Prover driver and an optional configuration in the registry
-     */
-    public void registerDriver(
-            String instance,
-            Class<? extends RatProverDriver> driverClass,
-            Object driverConfig
-    ) {
-        drivers.put(instance, new DriverWrapper(driverClass, driverConfig));
-    }
-
-    /*
-     * Unregister the driver from the registry
-     */
-    public void unregisterDriver(String instance) {
-        drivers.remove(instance);
-    }
-
-    /*
-     * An inner static wrapper class, that wraps driver config and driver class
-     */
-    private static class DriverWrapper {
-        private final Class<? extends RatProverDriver> driverClass;
-        private final Object driverConfig;
-
-        private DriverWrapper(
-                Class<? extends RatProverDriver> driverClass,
-                Object driverConfig
-        ) {
-            this.driverClass = driverClass;
-            this.driverConfig = driverConfig;
-        }
-    }
-
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
deleted file mode 100644
index 1522bf175..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.java
+++ /dev/null
@@ -1,93 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry;
-
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver;
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-
-import java.util.concurrent.ConcurrentHashMap;
-
-/**
- * A Rat Verifier Driver Registry
- * The User can register Driver implementation instances and its configurations to the registry
- * <p>
- * The Idscpv2 protocol will select during the idscp handshake a Rat Verifier mechanism and will
- * check for this RatVerifier in this registry
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class RatVerifierDriverRegistry {
-    private static RatVerifierDriverRegistry instance;
-    private static final ConcurrentHashMap<String, DriverWrapper> drivers
-            = new ConcurrentHashMap<>();
-
-    private RatVerifierDriverRegistry() {
-    }
-
-    public static RatVerifierDriverRegistry getInstance() {
-        if (instance == null) {
-            instance = new RatVerifierDriverRegistry();
-        }
-        return instance;
-    }
-
-    /*
-     * To start a Rat Verifier from the finite state machine
-     *
-     * First we check if the registry contains the RatVerifier instance, then we create a new
-     * RatVerifierDriver from the driver wrapper that holds the corresponding
-     * RatVerifierDriver class.
-     *
-     * The finite state machine is registered as the communication partner for the RatVerifier.
-     * The RatVerifier will be initialized with a configuration, if present. Then it is started.
-     */
-    public static RatVerifierDriver startRatVerifierDriver(String mechanism, FsmListener listener) {
-        DriverWrapper driverWrapper = drivers.get(mechanism);
-
-        try {
-            RatVerifierDriver driver = driverWrapper.driverClass.getDeclaredConstructor().newInstance();
-            driver.setListener(listener);
-            if (driverWrapper.driverConfig != null) {
-                driver.setConfig(driverWrapper.driverConfig);
-            }
-            driver.start();
-            return driver;
-
-        } catch (Exception e) {
-            return null;
-        }
-    }
-
-    /*
-     * Register Rat Verifier driver and an optional configuration in the registry
-     */
-    public void registerDriver(
-            String mechanism,
-            Class<? extends RatVerifierDriver> driverClass,
-            Object driverConfig
-    ) {
-        drivers.put(mechanism, new DriverWrapper(driverClass, driverConfig));
-    }
-
-    /*
-     * Unregister the driver from the registry
-     */
-    public void unregisterDriver(String instance) {
-        drivers.remove(instance);
-    }
-
-    /*
-     * An inner static wrapper class, that wraps driver config and driver class
-     */
-    private static class DriverWrapper {
-        private final Class<? extends RatVerifierDriver> driverClass;
-        private final Object driverConfig;
-
-        private DriverWrapper(
-                Class<? extends RatVerifierDriver> driver,
-                Object driverConfig
-        ) {
-            this.driverClass = driver;
-            this.driverConfig = driverConfig;
-        }
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java b/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
deleted file mode 100644
index 16ddd2590..000000000
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.java
+++ /dev/null
@@ -1,74 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
-
-import de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine.FsmListener;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.concurrent.CompletableFuture;
-
-/**
- * A secureChannel which is the secure underlying basis of the IDSCP2 protocol,
- * that implements a secureChannelListener
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-public class SecureChannel implements SecureChannelListener {
-    private static final Logger LOG = LoggerFactory.getLogger(SecureChannel.class);
-
-    private final SecureChannelEndpoint endpoint;
-    private final CompletableFuture<FsmListener> fsmPromise = new CompletableFuture<>();
-
-    public SecureChannel(SecureChannelEndpoint secureChannelEndpoint) {
-        this.endpoint = secureChannelEndpoint;
-    }
-
-    /*
-     * close the secure channel forever
-     */
-    public void close() {
-        endpoint.close();
-    }
-
-    /*
-     * Send data via the secure channel endpoint to the peer connector
-     *
-     * return true if the data has been sent successfully, else false
-     */
-    public boolean send(byte[] msg) {
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("Send message via secure channel");
-        }
-        return endpoint.send(msg);
-    }
-
-    @Override
-    public void onMessage(byte[] data) {
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("New raw data has been received via the secure channel");
-        }
-        fsmPromise.thenAccept(fsmListener -> fsmListener.onMessage(data));
-    }
-
-    @Override
-    public void onError(Throwable t) {
-        // Tell fsm an error occurred in secure channel
-        fsmPromise.thenAccept(fsmListener -> fsmListener.onError(t));
-    }
-
-    @Override
-    public void onClose() {
-        // Tell fsm secure channel received EOF
-        fsmPromise.thenAccept(FsmListener::onClose);
-    }
-
-    public boolean isConnected() {
-        return endpoint.isConnected();
-    }
-
-    /*
-     * set the corresponding finite state machine
-     */
-    public void setFsm(FsmListener fsm) {
-        fsmPromise.complete(fsm);
-    }
-}
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt
similarity index 64%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt
index 08c8f9077..71bef0ca0 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt
@@ -1,6 +1,6 @@
-package de.fhg.aisec.ids.idscp2;
+package de.fhg.aisec.ids.idscp2
 
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection;
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 
 /**
  * An interface for the Idscp2EndpointListener class, that implements callback functions that notifies
@@ -8,15 +8,14 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public interface Idscp2EndpointListener {
-
+interface Idscp2EndpointListener {
     /*
      * Called when a new connection is established
      */
-    void onConnection(Idscp2Connection connection);
+    fun onConnection(connection: Idscp2Connection)
 
     /*
      * Called when an error occurred in the underlying IDSCP2 protocol
      */
-    void onError(Throwable t);
-}
+    fun onError(t: Throwable)
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt
new file mode 100644
index 000000000..af4c3e159
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt
@@ -0,0 +1,327 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.error.DatException
+import io.jsonwebtoken.Jwts
+import io.jsonwebtoken.SignatureAlgorithm
+import okhttp3.FormBody
+import okhttp3.OkHttpClient
+import okhttp3.Request
+import okhttp3.RequestBody
+import org.bouncycastle.asn1.ASN1OctetString
+import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier
+import org.bouncycastle.asn1.x509.Extension
+import org.bouncycastle.asn1.x509.SubjectKeyIdentifier
+import org.jose4j.http.Get
+import org.jose4j.jwa.AlgorithmConstraints
+import org.jose4j.jwk.HttpsJwks
+import org.jose4j.jws.AlgorithmIdentifiers
+import org.jose4j.jwt.JwtClaims
+import org.jose4j.jwt.NumericDate
+import org.jose4j.jwt.consumer.JwtConsumerBuilder
+import org.jose4j.keys.resolvers.HttpsJwksVerificationKeyResolver
+import org.json.JSONObject
+import org.slf4j.LoggerFactory
+import java.io.IOException
+import java.nio.charset.StandardCharsets
+import java.security.Key
+import java.security.KeyManagementException
+import java.security.NoSuchAlgorithmException
+import java.security.cert.X509Certificate
+import java.time.Instant
+import java.util.*
+import java.util.concurrent.TimeUnit
+import javax.net.ssl.SSLContext
+import javax.net.ssl.SSLSocketFactory
+import javax.net.ssl.X509ExtendedTrustManager
+
+/**
+ * Default DAPS Driver Implementation for requesting valid dynamicAttributeToken and verifying DAT
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ * @author Gerd Brost (gerd.brost@aisec.fraunhofer.de)
+ */
+class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
+    private var sslSocketFactory: SSLSocketFactory
+    private val trustManager: X509ExtendedTrustManager
+    private val privateKey: Key = PreConfiguration.getKey(
+                    config.keyStorePath,
+                    config.keyStorePassword,
+                    config.keyAlias,
+                    config.keyPassword
+            )
+    private val dapsUrl: String = config.dapsUrl
+    private val cert: X509Certificate?//get http response from DAPS
+
+    init {
+        //create ssl socket factory for secure
+        cert = PreConfiguration.getCertificate(
+                config.keyStorePath,
+                config.keyStorePassword,
+                config.keyAlias)
+        val trustManagers = PreConfiguration.getX509ExtTrustManager(
+                config.trustStorePath,
+                config.trustStorePassword
+        )
+        trustManager = trustManagers[0] as X509ExtendedTrustManager
+        sslSocketFactory = try {
+            val sslContext = SSLContext.getInstance("TLS")
+            sslContext.init(null, trustManagers, null)
+            sslContext.socketFactory
+        } catch (e: NoSuchAlgorithmException) {
+            LOG.error("Cannot init DefaultDapsDriver: {}", e.toString())
+            throw RuntimeException(e)
+        } catch (e: KeyManagementException) {
+            LOG.error("Cannot init DefaultDapsDriver: {}", e.toString())
+            throw RuntimeException(e)
+        }
+    }
+
+    /**
+     * Receive the signed and valid dynamic attribute token from the DAPS
+     */
+    override val token: ByteArray
+        get() {
+            val token: String
+            LOG.info("Retrieving Dynamic Attribute Token from Daps ...")
+
+            //Create connectorUUID
+            // Get AKI
+            //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
+            val akiOid = Extension.authorityKeyIdentifier.id
+            val rawAuthorityKeyIdentifier = cert!!.getExtensionValue(akiOid)
+            val akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIdentifier)
+            val aki = AuthorityKeyIdentifier.getInstance(akiOc.octets)
+            val authorityKeyIdentifier = aki.keyIdentifier
+
+            //GET SKI
+            val skiOid = Extension.subjectKeyIdentifier.id
+            val rawSubjectKeyIdentifier = cert.getExtensionValue(skiOid)
+            val ski0c = ASN1OctetString.getInstance(rawSubjectKeyIdentifier)
+            val ski = SubjectKeyIdentifier.getInstance(ski0c.octets)
+            val subjectKeyIdentifier = ski.keyIdentifier
+            val akiResult = encodeHexString(authorityKeyIdentifier, true).toUpperCase()
+            val skiResult = encodeHexString(subjectKeyIdentifier, true).toUpperCase()
+            if (LOG.isDebugEnabled) {
+                LOG.debug("AKI: $akiResult")
+                LOG.debug("SKI: $skiResult")
+            }
+            val connectorUUID = skiResult + "keyid:" + akiResult.substring(0, akiResult.length - 1)
+            if (LOG.isDebugEnabled) {
+                LOG.debug("ConnectorUUID: $connectorUUID")
+                LOG.debug("Retrieving Dynamic Attribute Token...")
+            }
+
+            //create signed JWT
+            val jwt = Jwts.builder()
+                    .setIssuer(connectorUUID)
+                    .setSubject(connectorUUID)
+                    .claim("@context", "https://w3id.org/idsa/contexts/context.jsonld")
+                    .claim("@type", "ids:DatRequestToken")
+                    .setExpiration(Date.from(Instant.now().plusSeconds(86400)))
+                    .setIssuedAt(Date.from(Instant.now()))
+                    .setNotBefore(Date.from(Instant.now()))
+                    .setAudience(TARGET_AUDIENCE)
+                    .signWith(privateKey, SignatureAlgorithm.RS256)
+                    .compact()
+
+            //build http client and request for DAPS
+            val formBody: RequestBody = FormBody.Builder()
+                    .add("grant_type", "client_credentials")
+                    .add(
+                            "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
+                    .add("client_assertion", jwt)
+                    .add("scope", "idsc:IDS_CONNECTOR_ATTRIBUTES_ALL")
+                    .build()
+            val client = OkHttpClient.Builder()
+                    .sslSocketFactory(sslSocketFactory, trustManager)
+                    .connectTimeout(15, TimeUnit.SECONDS)
+                    .writeTimeout(15, TimeUnit.SECONDS)
+                    .readTimeout(15, TimeUnit.SECONDS)
+                    .build()
+            val request = Request.Builder()
+                    .url("$dapsUrl/v2/token")
+                    .post(formBody)
+                    .build()
+            return try {
+                //get http response from DAPS
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Acquire DAT from {}", dapsUrl)
+                }
+                val response = client.newCall(request).execute()
+
+                //check for valid response
+                if (!response.isSuccessful) {
+                    throw DatException("Received non-200 http response: " + response.code())
+                }
+                if (response.body() == null) {
+                    throw DatException("Received empty DAPS response")
+                }
+                val json = JSONObject(response.body()!!.string())
+                if (json.has("access_token")) {
+                    token = json.getString("access_token")
+                    if (LOG.isDebugEnabled) {
+                        LOG.debug("Received DAT from DAPS: {}", token)
+                    }
+                } else if (json.has("error")) {
+                    throw DatException("DAPS reported error: " + json.getString("error"))
+                } else {
+                    throw DatException("DAPS response does not contain \"access_token\" or \"error\" field.")
+                }
+                verifyToken(token.toByteArray(StandardCharsets.UTF_8), null)
+                token.toByteArray(StandardCharsets.UTF_8)
+            } catch (e: IOException) {
+                throw DatException("Error whilst retrieving DAT", e)
+            }
+        }
+
+    /**
+     * Verify a given dynamic attribute token
+     *
+     * If the security requirements is not null and an instance of the SecurityRequirements class
+     * the method will also check the provided security attributes of the connector that belongs
+     * to the provided DAT
+     *
+     * @return The number of seconds this DAT is valid
+     */
+    override fun verifyToken(dat: ByteArray?, securityRequirements: Any?): Long {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Verifying dynamic attribute token...")
+        }
+
+        // Get JsonWebKey JWK from JsonWebKeyStore JWKS using DAPS JWKS endpoint
+        val httpsJwks = HttpsJwks("$dapsUrl/.well-known/jwks.json")
+        val getInstance = Get()
+        getInstance.setSslSocketFactory(sslSocketFactory)
+        httpsJwks.setSimpleHttpGet(getInstance)
+
+        // create new jwks key resolver, selects jwk based on key ID in jwt header
+        val jwksKeyResolver = HttpsJwksVerificationKeyResolver(httpsJwks)
+
+        //create validation requirements
+        val jwtConsumer = JwtConsumerBuilder()
+                .setRequireExpirationTime() // has expiration time
+                .setAllowedClockSkewInSeconds(30) // leeway in validation time
+                .setRequireSubject() // has subject
+                .setExpectedAudience(true, "IDS_Connector", TARGET_AUDIENCE)
+                .setExpectedIssuer(dapsUrl) // e.g. https://daps.aisec.fraunhofer.de
+                .setVerificationKeyResolver(jwksKeyResolver) //get decryption key from jwks
+                .setJweAlgorithmConstraints(
+                        AlgorithmConstraints(
+                                AlgorithmConstraints.ConstraintType.WHITELIST,
+                                AlgorithmIdentifiers.RSA_USING_SHA256
+                        )
+                )
+                .build()
+        val validityTime: Long
+        val claims: JwtClaims
+        try {
+            claims = jwtConsumer.processToClaims(String(dat!!, StandardCharsets.UTF_8))
+            val expTime = claims.expirationTime
+            validityTime = expTime.value - NumericDate.now().value
+        } catch (e: Exception) {
+            throw DatException("Error during claims processing", e)
+        }
+
+        //check security requirements
+        if (securityRequirements != null) {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Validate security attributes")
+            }
+            if (securityRequirements !is SecurityRequirements) {
+                throw DatException("Invalid security requirements format. Expected " +
+                        SecurityRequirements::class.java.name)
+            }
+            val securityLevel = parseSecurityRequirements(claims.toJson()).requiredSecurityLevel
+                    ?: throw DatException("No security profile provided")
+            when (securityRequirements.requiredSecurityLevel) {
+                "idsc:BASE_CONNECTOR_SECURITY_PROFILE" -> {
+                    if (securityLevel != "idsc:BASE_CONNECTOR_SECURITY_PROFILE"
+                            && securityLevel != "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE"
+                            && securityLevel != "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE") {
+                        throw DatException(
+                                "Client does not support any valid trust profile: Required: "
+                                        + securityRequirements.requiredSecurityLevel
+                                        + " given: "
+                                        + securityLevel)
+                    }
+                }
+                "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE" -> {
+                    if (securityLevel != "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE"
+                            && securityLevel != "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE") {
+                        throw DatException(
+                                "Client does not support any valid trust profile: Required: "
+                                        + securityRequirements.requiredSecurityLevel
+                                        + " given: "
+                                        + securityLevel)
+                    }
+                }
+                "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE" -> {
+                    if (securityLevel != "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE") {
+                        throw DatException(
+                                "Client does not support any valid trust profile: Required: "
+                                        + securityRequirements.requiredSecurityLevel
+                                        + " given: "
+                                        + securityLevel)
+                    }
+                }
+                else -> throw DatException(
+                        "Client does not support any valid trust profile: Required: "
+                                + securityRequirements.requiredSecurityLevel
+                                + " given: "
+                                + securityLevel)
+            }
+        }
+        LOG.debug("DAT is valid")
+        return validityTime
+    }
+
+    private fun parseSecurityRequirements(dat: String): SecurityRequirements {
+        val asJson = JSONObject(dat)
+        if (!asJson.has("securityProfile")) {
+            throw DatException("DAT does not contain securityProfile")
+        }
+        return SecurityRequirements.Builder()
+                .setRequiredSecurityLevel(asJson.getString("securityProfile"))
+                .build()
+    }
+
+    /**
+     * Convert byte to hexadecimal chars without any dependencies to libraries.
+     * @param num Byte to get hexadecimal representation for
+     * @return The hexadecimal representation of the given byte value
+     */
+    private fun byteToHex(num: Int): CharArray {
+        val hexDigits = CharArray(2)
+        hexDigits[0] = Character.forDigit(num shr 4 and 0xF, 16)
+        hexDigits[1] = Character.forDigit(num and 0xF, 16)
+        return hexDigits
+    }
+
+    /**
+     * Lookup table for encodeHexString()
+     */
+    private val hexLookup = HashMap<Byte, CharArray>()
+
+    /**
+     * Encode a byte array to a hex string
+     * @param byteArray Byte array to get hexadecimal representation for
+     * @return Hexadecimal representation of the given bytes
+     */
+    private fun encodeHexString(byteArray: ByteArray, beautify: Boolean): String {
+        val sb = StringBuilder()
+        for (b in byteArray) {
+            sb.append(hexLookup.computeIfAbsent(b) { num: Byte -> byteToHex(num.toInt()) })
+            if (beautify) {
+                sb.append(':')
+            }
+        }
+        return sb.toString()
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(DefaultDapsDriver::class.java)
+        private const val TARGET_AUDIENCE = "idsc:IDS_CONNECTORS_ALL"
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.kt
new file mode 100644
index 000000000..b7344ec04
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.kt
@@ -0,0 +1,68 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps
+
+import java.nio.file.Path
+import java.nio.file.Paths
+
+/**
+ * A Configuration class for the DefaultDapsDriver
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class DefaultDapsDriverConfig {
+    var dapsUrl = "https://daps.aisec.fraunhofer.de"
+        private set
+    var keyStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
+        private set
+    var keyStorePassword: CharArray = "password".toCharArray()
+        private set
+    var keyAlias = "1"
+        private set
+    var keyPassword: CharArray = "password".toCharArray()
+        private set
+    var trustStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
+        private set
+    var trustStorePassword: CharArray = "password".toCharArray()
+        private set
+
+    class Builder {
+        private val config = DefaultDapsDriverConfig()
+        fun setDapsUrl(dapsUrl: String): Builder {
+            config.dapsUrl = dapsUrl
+            return this
+        }
+
+        fun setKeyStorePath(path: Path): Builder {
+            config.keyStorePath = path
+            return this
+        }
+
+        fun setKeyStorePassword(password: CharArray): Builder {
+            config.keyStorePassword = password
+            return this
+        }
+
+        fun setKeyAlias(alias: String): Builder {
+            config.keyAlias = alias
+            return this
+        }
+
+        fun setKeyPassword(password: CharArray): Builder {
+            config.keyPassword = password
+            return this
+        }
+
+        fun setTrustStorePath(path: Path): Builder {
+            config.trustStorePath = path
+            return this
+        }
+
+        fun setTrustStorePassword(password: CharArray): Builder {
+            config.trustStorePassword = password
+            return this
+        }
+
+        fun build(): DefaultDapsDriverConfig {
+            return config
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.kt
new file mode 100644
index 000000000..9eb3e7307
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.kt
@@ -0,0 +1,24 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps
+
+/**
+ * A Security-Requirements class using Builder pattern to store the connectors expected
+ * security attributes e.g. Audit Logging
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class SecurityRequirements {
+    var requiredSecurityLevel: String? = null
+        private set
+
+    class Builder {
+        private val requirements = SecurityRequirements()
+        fun setRequiredSecurityLevel(requiredSecurityLevel: String?): Builder {
+            requirements.requiredSecurityLevel = requiredSecurityLevel
+            return this
+        }
+
+        fun build(): SecurityRequirements {
+            return requirements
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
new file mode 100644
index 000000000..573104e05
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
@@ -0,0 +1,138 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores
+
+import org.slf4j.LoggerFactory
+import java.net.Socket
+import java.security.Principal
+import java.security.PrivateKey
+import java.security.cert.X509Certificate
+import java.util.*
+import javax.net.ssl.SSLEngine
+import javax.net.ssl.X509ExtendedKeyManager
+
+/**
+ * A custom X590ExtendedKeyManager, that allows to choose a TrustStore entry by a given certificate alias and
+ * delegates all other function calls to given default X509ExtendedKeyManager
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class CustomX509ExtendedKeyManager internal constructor(
+        private val certAlias: String,
+        private val keyType: String,
+        private val delegate: X509ExtendedKeyManager) : X509ExtendedKeyManager() {
+    // server and client aliases are cached in a private context (in entryCacheMap) by the X509ExtendedKeyManager
+    // implementation. Therefore, getServerAliases() / getClientAliases() returns only uncached aliases since the
+    // update on java 11. As we have to check in chooseClientAliases() and chooseServerAlias() if the alias exists in
+    // the keystore and we cannot access the cached aliases without an overwritten X509KeyManagerImpl instance, we will
+    // also cache the aliases and its properties in the following HashMap.
+    private val cachedAliases = HashMap<String, CachedAliasValue?>()
+    override fun getClientAliases(keyType: String, issuers: Array<Principal>): Array<String> {
+        val clientAliases = delegate.getClientAliases(keyType, issuers)
+        for (alias in clientAliases) cachedAliases.putIfAbsent(alias, CachedAliasValue(keyType, null)) //toDo get issuer
+        return clientAliases
+    }
+
+    /** returns an existing certAlias that matches one of the given KeyTypes, or null;
+    called only by client in TLS handshake */
+    override fun chooseClientAlias(keyTypes: Array<String>, issuers: Array<Principal>, socket: Socket): String? {
+        if (listOf(*keyTypes).contains(keyType)) {
+            if (cachedAliases.containsKey(certAlias) &&
+                    cachedAliases[certAlias]!!.match(keyType, issuers)
+                    || listOf(*getClientAliases(keyType, issuers)).contains(certAlias)) {
+                LOG.debug("CertificateAlias is {}", certAlias)
+                return certAlias
+            } else {
+                LOG.warn("certAlias '{}' was not found in keystore", certAlias)
+            }
+        } else if (LOG.isTraceEnabled) {
+            LOG.trace("Different keyType '{}' in chooseClientAlias() in CustomX509ExtendedKeyManager, expected '{}'",
+                    keyType, keyType)
+        }
+        return null
+    }
+
+    override fun getServerAliases(keyType: String, issuers: Array<Principal>): Array<String> {
+        val serverAliases = delegate.getServerAliases(keyType, issuers)
+        for (alias in serverAliases) cachedAliases.putIfAbsent(alias, CachedAliasValue(keyType, null)) //toDo get issuer
+        return serverAliases
+    }
+
+    /**
+     * returns an existing certAlias that matches the given KeyType, or null;
+     * called only by server in TLS handshake
+     */
+    override fun chooseServerAlias(keyType: String, issuers: Array<Principal>, socket: Socket): String? {
+        if (keyType == this.keyType) {
+            if (cachedAliases.containsKey(certAlias) && cachedAliases[certAlias]!!.match(keyType, issuers)
+                    || listOf(*getServerAliases(keyType, issuers)).contains(certAlias)) {
+                LOG.debug("CertificateAlias is {}", certAlias)
+                return certAlias
+            } else {
+                LOG.warn("certAlias '{}' was not found in keystore", certAlias)
+            }
+        } else if (LOG.isTraceEnabled) {
+            LOG.trace("Different keyType '{}' in chooseServerAlias() in CustomX509ExtendedKeyManager, expected '{}'",
+                    keyType, this.keyType)
+        }
+        return null
+    }
+
+    /** returns the certificate chain of a given certificateAlias;
+     * called by client and server in TLS Handshake after alias was chosen
+     */
+    override fun getCertificateChain(certAlias: String): Array<X509Certificate>? {
+        return if (certAlias == this.certAlias) {
+            delegate.getCertificateChain(certAlias)
+        } else {
+            LOG.warn("Different certAlias '{}' in getCertificateChain() in class X509ExtendedKeyManager, " +
+                    "expected: '{}'", certAlias, this.certAlias)
+            null
+        }
+    }
+
+    /** returns a privateKey of a given certificateAlias;
+     *  called by client and server in TLS Handshake after alias was chosen */
+    override fun getPrivateKey(certAlias: String): PrivateKey? {
+        return if (certAlias == this.certAlias) {
+            delegate.getPrivateKey(certAlias)
+        } else {
+            LOG.warn("Different certAlias '{}' in getPrivateKey() in class X509ExtendedKeyManager, expected '{}'",
+                    certAlias, this.certAlias)
+            null
+        }
+    }
+
+    override fun chooseEngineClientAlias(keyType: Array<String>, issuers: Array<Principal>, sslEngine: SSLEngine): String {
+        return delegate.chooseEngineClientAlias(keyType, issuers, sslEngine)
+    }
+
+    override fun chooseEngineServerAlias(keyType: String, issuers: Array<Principal>, sslEngine: SSLEngine): String {
+        return delegate.chooseEngineServerAlias(keyType, issuers, sslEngine)
+    }
+
+    /**
+     * @param keyType Name of the algorithm associated with the key
+     * @param issuer The certificate issuer
+     */
+    private class CachedAliasValue(
+            private val keyType: String,
+            private val issuer: Principal?) {
+        /**
+         * This method is called for a given certificate alias and checks if the corresponding
+         * cached alias entry (contains keytype for certAlias and issuer of thee certificate)
+         * matches the requested conditions in thee TLS handshake.
+         *
+         * It must enforce checking if the certAlias belongs to a valid key algorithm type name,
+         * e.g. 'RSA' or 'EC' and it must check if the certificate issuer is one of the accepted
+         * issuer from the given principals list.
+         *
+         * returns true, if the keyAlias fulfills the requirements
+         */
+        fun match(keyType: String, issuers: Array<Principal>?) =
+                this.keyType == keyType && (issuers == null || listOf(*issuers).contains(issuer))
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(CustomX509ExtendedKeyManager::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.kt
new file mode 100644
index 000000000..bb57fed0e
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.kt
@@ -0,0 +1,210 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores
+
+import org.slf4j.LoggerFactory
+import java.io.IOException
+import java.nio.file.Files
+import java.nio.file.Path
+import java.security.*
+import java.security.cert.CertificateException
+import java.security.cert.X509Certificate
+import javax.net.ssl.*
+
+/**
+ * A class for creating pre-configured TrustManagers and KeyManagers for TLS Server and TLS Client
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+object PreConfiguration {
+    private val LOG = LoggerFactory.getLogger(PreConfiguration::class.java)
+    @Throws(KeyStoreException::class, IOException::class, CertificateException::class, NoSuchAlgorithmException::class)
+    fun loadKeyStore(keyStorePath: Path, keyStorePassword: CharArray): KeyStore {
+        val ks: KeyStore
+        val pathString = keyStorePath.toString()
+        ks = when {
+            pathString.endsWith(".jks") -> {
+                KeyStore.getInstance("JKS")
+            }
+            pathString.endsWith(".p12") -> {
+                KeyStore.getInstance("PKCS12")
+            }
+            else -> {
+                throw KeyStoreException("Unknown file extension \"" +
+                        pathString.substring(pathString.lastIndexOf('.')) +
+                        "\", only JKS (.jks) and PKCS12 (.p12) are supported.")
+            }
+        }
+        Files.newInputStream(keyStorePath).use { keyStoreInputStream ->
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Loading key store: $pathString")
+            }
+            ks.load(keyStoreInputStream, keyStorePassword)
+        }
+        return ks
+    }
+
+    /*
+     * Get a secure X509ExtendedTrustManager for the SslContext
+     *
+     * throws IllegalStateException if number of available X509TrustManager is not one
+     * throws RuntimeException of creating TrustManager fails
+     */
+    fun getX509ExtTrustManager(
+            trustStorePath: Path,
+            trustStorePassword: CharArray
+    ): Array<TrustManager> {
+        return try {
+            /* create TrustManager */
+            val myTrustManager: Array<TrustManager>
+            val trustStore = loadKeyStore(trustStorePath, trustStorePassword)
+            val trustManagerFactory = TrustManagerFactory.getInstance("PKIX") //PKIX from SunJSSE
+            trustManagerFactory.init(trustStore)
+            myTrustManager = trustManagerFactory.trustManagers
+
+            /* set up TrustManager config */
+            //allow only X509 Authentication
+            if (myTrustManager.size == 1 && myTrustManager[0] is X509ExtendedTrustManager) {
+                //toDo algorithm constraints
+                myTrustManager
+            } else {
+                throw IllegalStateException("Unexpected default trust managers:" + myTrustManager.contentToString())
+            }
+        } catch (e: KeyStoreException) {
+            throw RuntimeException(e)
+        } catch (e: IOException) {
+            throw RuntimeException(e)
+        } catch (e: NoSuchAlgorithmException) {
+            throw RuntimeException(e)
+        } catch (e: CertificateException) {
+            throw RuntimeException(e)
+        }
+    }
+
+    /*
+     * Get a secure X509ExtendedKeyManager for the SslContext
+     *
+     * throws IllegalStateException if number of available X509KeyManager is not one
+     * throws RuntimeException of creating KeyManager fails
+     */
+    fun getX509ExtKeyManager(
+            keyPassword: CharArray,
+            keyStorePath: Path,
+            keyStorePassword: CharArray,
+            certAlias: String,
+            keyType: String
+    ): Array<KeyManager> {
+        return try {
+            /* create KeyManager for remote authentication */
+            val myKeyManager: Array<KeyManager>
+            val keystore = loadKeyStore(keyStorePath, keyStorePassword)
+            val keyManagerFactory = KeyManagerFactory.getInstance("PKIX") //PKIX from SunJSSE
+            keyManagerFactory.init(keystore, keyPassword)
+            myKeyManager = keyManagerFactory.keyManagers
+
+            /* set up keyManager config */
+            //allow only X509 Authentication
+            if (myKeyManager.size == 1 && myKeyManager[0] is X509ExtendedKeyManager) {
+                //select certificate alias
+                myKeyManager[0] = CustomX509ExtendedKeyManager(certAlias, keyType, myKeyManager[0] as X509ExtendedKeyManager)
+                myKeyManager
+            } else {
+                throw IllegalStateException(
+                        "Unexpected default key managers:" + myKeyManager.contentToString())
+            }
+        } catch (e: IOException) {
+            throw RuntimeException(e)
+        } catch (e: KeyStoreException) {
+            throw RuntimeException(e)
+        } catch (e: NoSuchAlgorithmException) {
+            throw RuntimeException(e)
+        } catch (e: UnrecoverableKeyException) {
+            throw RuntimeException(e)
+        } catch (e: CertificateException) {
+            throw RuntimeException(e)
+        }
+    }
+
+    /*
+     * Get a private key from a JKS Keystore
+     *
+     * throws RuntimeException if key is not available or key access was not permitted
+     */
+    fun getKey(
+            keyStorePath: Path,
+            keyStorePassword: CharArray,
+            keyAlias: String,
+            keyPassword: CharArray
+    ): Key {
+        return try {
+            val keyStore = loadKeyStore(keyStorePath, keyStorePassword)
+
+            // get private key
+            val key = keyStore.getKey(keyAlias, keyPassword)
+            key ?: throw RuntimeException("No key was found in keystore for given alias")
+        } catch (e: IOException) {
+            throw RuntimeException(e)
+        } catch (e: KeyStoreException) {
+            throw RuntimeException(e)
+        } catch (e: NoSuchAlgorithmException) {
+            throw RuntimeException(e)
+        } catch (e: CertificateException) {
+            throw RuntimeException(e)
+        } catch (e: UnrecoverableKeyException) {
+            throw RuntimeException(e)
+        }
+    }
+
+    /*
+     * Get the certificate from the key store
+     *
+     * throws RuntimeException if key is not available or key access was not permitted
+     */
+    fun getCertificate(
+            keyStorePath: Path,
+            keyStorePassword: CharArray,
+            keyAlias: String
+    ): X509Certificate {
+        return try {
+            val keystore = loadKeyStore(keyStorePath, keyStorePassword)
+            // get private key
+            val cert = keystore.getCertificate(keyAlias) as X509Certificate
+            // Probe key alias
+            keystore.getKey(keyAlias, keyStorePassword)
+            cert
+        } catch (e: IOException) {
+            throw RuntimeException(e)
+        } catch (e: KeyStoreException) {
+            throw RuntimeException(e)
+        } catch (e: NoSuchAlgorithmException) {
+            throw RuntimeException(e)
+        } catch (e: CertificateException) {
+            throw RuntimeException(e)
+        } catch (e: UnrecoverableKeyException) {
+            throw RuntimeException(e)
+        }
+    } /*
+     * This method can be used for filtering certificates in the trust store
+     * to avoid expired certificates
+     */
+    //    private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore, Date validityUntilDate)
+    //            throws KeyStoreException, InvalidAlgorithmParameterException {
+    //        PKIXParameters params = new PKIXParameters(keyStore);
+    //
+    //        // Obtain CA root certificates
+    //        Set<TrustAnchor> myTrustAnchors = params.getTrustAnchors();
+    //
+    //        // Create new set of CA certificates that are still valid for specified date
+    //        Set<TrustAnchor> validTrustAnchors =
+    //                myTrustAnchors.stream().filter(
+    //                        ta -> {
+    //                            try {
+    //                                ta.getTrustedCert().checkValidity(validityUntilDate);
+    //                            } catch (CertificateException e) {
+    //                                return false;
+    //                            }
+    //                            return true;
+    //                        }).collect(Collectors.toSet());
+    //
+    //        // Create PKIXBuilderParameters parameters
+    //        return new PKIXBuilderParameters(validTrustAnchors, new X509CertSelector());
+    //    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
new file mode 100644
index 000000000..87e329fbc
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
@@ -0,0 +1,52 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import org.slf4j.LoggerFactory
+import java.util.concurrent.BlockingQueue
+import java.util.concurrent.LinkedBlockingQueue
+
+/**
+ * A RatProver dummy that exchanges rat messages with a remote RatVerifier
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class RatProverDummy(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
+    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
+    override fun delegate(message: ByteArray) {
+        queue.add(message)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Delegated to prover")
+        }
+    }
+
+    override fun run() {
+        var countDown = 2
+        while (running) {
+            try {
+                sleep(1000)
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
+                        "test".toByteArray())
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Prover waits")
+                }
+                queue.take()
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Prover receives, send something")
+                }
+                if (--countDown == 0) break
+            } catch (e: InterruptedException) {
+                if (running) {
+                    fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+                }
+                return
+            }
+        }
+        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, ByteArray(0))
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(RatProverDummy::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
new file mode 100644
index 000000000..303a6ec4c
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
@@ -0,0 +1,52 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import org.slf4j.LoggerFactory
+import java.util.concurrent.BlockingQueue
+import java.util.concurrent.LinkedBlockingQueue
+
+/**
+ * A RatVerifier dummy that exchanges messages with a remote RatProver dummy
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class RatVerifierDummy(fsmListener: FsmListener) : RatVerifierDriver(fsmListener) {
+    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
+    override fun delegate(message: ByteArray) {
+        queue.add(message)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Delegated to Verifier")
+        }
+    }
+
+    override fun run() {
+        var countDown = 2
+        while (running) {
+            try {
+                sleep(1000)
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Verifier waits")
+                }
+                queue.take()
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Verifier receives, send something")
+                }
+                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG,
+                        "test".toByteArray())
+                if (--countDown == 0) break
+            } catch (e: InterruptedException) {
+                if (running) {
+                    fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, ByteArray(0))
+                }
+                return
+            }
+        }
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, ByteArray(0))
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(RatVerifierDummy::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.kt
new file mode 100644
index 000000000..ce4ae0de5
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.kt
@@ -0,0 +1,75 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+
+import org.slf4j.LoggerFactory
+import java.security.MessageDigest
+import java.security.SecureRandom
+import java.security.cert.Certificate
+
+object TPM2dHelper {
+    private val LOG = LoggerFactory.getLogger(TPM2dHelper::class.java)
+    private val sr = SecureRandom()
+
+    /**
+     * Generate a crypto-secure random hex String of length numChars
+     *
+     * @param numBytes Desired String length
+     * @return The generated crypto-secure random hex String
+     */
+    fun generateNonce(numBytes: Int): ByteArray {
+        val randBytes = ByteArray(numBytes)
+        sr.nextBytes(randBytes)
+        return randBytes
+    }
+
+    /**
+     * Calculate SHA-1 hash of (nonce|certificate).
+     *
+     * @param nonce       The plain, initial nonce
+     * @param certificate The certificate to hash-combine with the nonce
+     * @return The new nonce, updated with the given certificate using SHA-1
+     */
+    fun calculateHash(nonce: ByteArray, certificate: Certificate?): ByteArray {
+        return try {
+            val digest = MessageDigest.getInstance("SHA-1")
+            digest.update(nonce)
+            if (certificate != null) {
+                digest.update(certificate.encoded)
+            } else {
+                if (LOG.isWarnEnabled) {
+                    LOG.warn(
+                            "No client certificate available. Cannot bind nonce to public key to prevent masquerading attack. TLS misconfiguration!")
+                }
+            }
+            digest.digest()
+        } catch (e1: Exception) {
+            LOG.error("Could not create hash of own nonce and local certificate", e1)
+            nonce
+        }
+    }
+
+    internal object ByteArrayUtil {
+        private val lookup = arrayOfNulls<String>(256)
+        fun toPrintableHexString(bytes: ByteArray): String {
+            val s = StringBuilder()
+            for (i in bytes.indices) {
+                if (i > 0 && i % 16 == 0) {
+                    s.append('\n')
+                } else {
+                    s.append(' ')
+                }
+                s.append(lookup[bytes[i].toInt() and 0xff])
+            }
+            return s.toString()
+        }
+
+        init {
+            for (i in lookup.indices) {
+                if (i < 16) {
+                    lookup[i] = "0" + Integer.toHexString(i)
+                } else {
+                    lookup[i] = Integer.toHexString(i)
+                }
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.kt
new file mode 100644
index 000000000..f130cc813
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.kt
@@ -0,0 +1,83 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+
+import com.google.protobuf.ByteString
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.*
+
+/**
+ * A message factory for creating TPM2d RAT messages
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+object TPM2dMessageFactory {
+    fun getAttestationChallengeMessage(
+            nonce: ByteArray,
+            aType: IdsAttestationType,
+            pcrIndices: Int
+    ): Tpm2dMessageWrapper {
+        return Tpm2dMessageWrapper.newBuilder().setRatChallenge(
+                Tpm2dRatChallenge.newBuilder()
+                        .setAtype(aType)
+                        .setNonce(ByteString.copyFrom(nonce))
+                        .setPcrIndices(pcrIndices)
+                        .build()
+        ).build()
+    }
+
+    fun getAttestationResponseMessage(
+            aType: IdsAttestationType,
+            hash_alg: String,
+            quoted: ByteString,
+            signature: ByteString,
+            pcrValues: List<Pcr>,
+            certificate: ByteString
+    ): Tpm2dMessageWrapper {
+        return Tpm2dMessageWrapper.newBuilder().setRatResponse(
+                Tpm2dRatResponse.newBuilder()
+                        .setAtype(aType)
+                        .setHashAlg(hash_alg)
+                        .setQuoted(quoted)
+                        .setSignature(signature)
+                        .addAllPcrValues(pcrValues)
+                        .setCertificate(certificate)
+                        .build()
+        ).build()
+    }
+
+    fun getAttestationResponseMessage(
+            response: Tpm2dToRemote
+    ): Tpm2dMessageWrapper {
+        return Tpm2dMessageWrapper.newBuilder().setRatResponse(
+                Tpm2dRatResponse.newBuilder()
+                        .setAtype(response.atype)
+                        .setHashAlg(response.halg.name)
+                        .setQuoted(response.quoted)
+                        .setSignature(response.signature)
+                        .addAllPcrValues(response.pcrValuesList)
+                        .setCertificate(response.certificate)
+                        .build()
+        ).build()
+    }
+
+    fun getAttestationResultMessage( //IdsAttestationType aType,
+            result: Boolean
+    ): Tpm2dMessageWrapper {
+        return Tpm2dMessageWrapper.newBuilder().setRatResult(
+                Tpm2dRatResult.newBuilder() //.setAtype(aType)
+                        .setResult(result)
+                        .build()
+        ).build()
+    }
+
+    fun getRemoteToTPM2dMessage(
+            aType: IdsAttestationType,
+            hash: ByteArray,
+            pcrIndices: Int
+    ): RemoteToTpm2d {
+        return RemoteToTpm2d.newBuilder()
+                .setAtype(aType)
+                .setQualifyingData(ByteString.copyFrom(hash))
+                .setCode(RemoteToTpm2d.Code.ATTESTATION_REQ)
+                .setPcrs(pcrIndices)
+                .build()
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
new file mode 100644
index 000000000..a7c7af270
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
@@ -0,0 +1,202 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+
+import com.google.protobuf.InvalidProtocolBufferException
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dMessageWrapper
+import org.slf4j.LoggerFactory
+import java.io.IOException
+import java.util.concurrent.BlockingQueue
+import java.util.concurrent.LinkedBlockingQueue
+
+/**
+ * A TPM2d RatProver Driver implementation that proves its identity to a remote peer using TPM2d
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
+    /*
+     * ******************* Protocol *******************
+     *
+     * Verifier: (Challenger)
+     * -------------------------
+     * Generate NonceV
+     * create RatChallenge (NonceV, aType, pcr_mask)
+     * -------------------------
+     *
+     * Prover: (Responder)
+     * -------------------------
+     * get RatChallenge (NonceV, aType, pcr_mask)
+     * hash = calculateHash(nonceV, certV)
+     * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
+     * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
+     * create AttestationResponse from tpm response
+     * -------------------------
+     *
+     * Verifier: (Responder)
+     * -------------------------
+     * get AttestationResponse
+     * hash = calculateHash(nonceV, certV)
+     * check signature(response, hash)
+     * check repo(aType, response, ttpUri)
+     * create RatResult
+     * -------------------------
+     *
+     * Prover: (Requester)
+     * -------------------------
+     * get AttestationResult
+     * -------------------------
+     *
+     */
+    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
+    private var config = TPM2dProverConfig.Builder().build()
+    override fun setConfig(config: Any) {
+        if (config is TPM2dProverConfig) {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Set rat prover config")
+            }
+            this.config = config
+        } else {
+            if (LOG.isWarnEnabled) {
+                LOG.warn("Invalid prover config")
+            }
+        }
+    }
+
+    override fun delegate(message: ByteArray) {
+        queue.add(message)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Delegated to prover")
+        }
+    }
+
+    override fun run() {
+        //TPM2d Challenge-Response Protocol
+
+        // wait for RatChallenge from Verifier
+        var msg: ByteArray?
+        try {
+            msg = queue.take()
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Prover receives new message")
+            }
+        } catch (e: InterruptedException) {
+            if (running) {
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            }
+            return
+        }
+
+        // parse body to expected tpm2d message wrapper
+        var tpm2dMessageWrapper: Tpm2dMessageWrapper
+        tpm2dMessageWrapper = try {
+            Tpm2dMessageWrapper.parseFrom(msg)
+        } catch (e: InvalidProtocolBufferException) {
+            LOG.error("Cannot parse IdscpRatVerifier body", e)
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            return
+        }
+
+        // check if wrapper contains expected rat challenge
+        if (!tpm2dMessageWrapper.hasRatChallenge()) {
+            //unexpected message
+            if (LOG.isWarnEnabled) {
+                LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatChallenge")
+            }
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            return
+        }
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Get rat challenge from rat verifier")
+        }
+        val challenge = tpm2dMessageWrapper.ratChallenge
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Requesting attestation from TPM ...")
+        }
+
+        // hash
+        val hash = TPM2dHelper.calculateHash(challenge.nonce.toByteArray(),
+                config.remoteCertificate)
+
+        // generate RemoteToTPM2dRequest
+        val tpmRequest = TPM2dMessageFactory.getRemoteToTPM2dMessage(
+                challenge.atype,
+                hash,
+                if (challenge.hasPcrIndices()) challenge.pcrIndices else 0
+        )
+
+        // get TPM response
+        val tpmResponse: Tpm2dAttestation.Tpm2dToRemote
+        tpmResponse = try {
+            val tpmSocket = TPM2dSocket(config.tpm2dHost)
+            tpmSocket.requestAttestation(tpmRequest)
+        } catch (e: IOException) {
+            LOG.error("Cannot access TPM", e)
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            return
+        }
+
+        // create Tpm2dResponse
+        val response = TPM2dMessageFactory.getAttestationResponseMessage(tpmResponse)
+                .toByteArray()
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Send rat response to verifier")
+        }
+        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG, response)
+
+        // wait for result
+        try {
+            msg = queue.take()
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Prover receives new message")
+            }
+        } catch (e: InterruptedException) {
+            if (running) {
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            }
+            return
+        }
+
+        // parse body to expected tpm2d message wrapper
+        tpm2dMessageWrapper = try {
+            Tpm2dMessageWrapper.parseFrom(msg)
+        } catch (e: InvalidProtocolBufferException) {
+            LOG.error("Cannot parse IdscpRatVerifier body", e)
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            return
+        }
+
+        // check if wrapper contains expected rat result
+        if (!tpm2dMessageWrapper.hasRatResult()) {
+            //unexpected message
+            if (LOG.isWarnEnabled) {
+                LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResult")
+            }
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            return
+        }
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Get rat challenge from rat verifier")
+        }
+        val result = tpm2dMessageWrapper.ratResult
+
+        // notify fsm
+        if (result.result) {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Attestation succeed")
+            }
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, ByteArray(0))
+        } else {
+            if (LOG.isWarnEnabled) {
+                LOG.warn("Attestation failed")
+            }
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(TPM2dProver::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.kt
new file mode 100644
index 000000000..d7c273871
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.kt
@@ -0,0 +1,39 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+
+import java.security.cert.Certificate
+
+/**
+ * A configuration class for TPM2d RatPriver driver
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class TPM2dProverConfig private constructor() {
+    var remoteCertificate: Certificate? = null
+        private set
+    var tpm2dHost: String
+        private set
+
+    class Builder {
+        fun setRemoteCertificate(remoteCert: Certificate?): Builder {
+            config.remoteCertificate = remoteCert
+            return this
+        }
+
+        fun setTpmHost(host: String): Builder {
+            config.tpm2dHost = host
+            return this
+        }
+
+        fun build(): TPM2dProverConfig {
+            return config
+        }
+
+        companion object {
+            private val config = TPM2dProverConfig()
+        }
+    }
+
+    init {
+        tpm2dHost = if (System.getenv("TPM_HOST") != null) System.getenv("TPM_HOST") else "localhost"
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.kt
new file mode 100644
index 000000000..705155cd4
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.kt
@@ -0,0 +1,28 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation
+import java.io.DataInputStream
+import java.io.DataOutputStream
+import java.io.IOException
+import java.net.Socket
+
+/**
+ * A TPM2d Socket for communication with the Trusted Platform Module
+ */
+class TPM2dSocket(host: String?) : Socket(host, 9505) {
+    private val `is`: DataInputStream = DataInputStream(this.inputStream)
+    private val os: DataOutputStream = DataOutputStream(this.outputStream)
+
+    @Throws(IOException::class)
+    fun requestAttestation(request: Tpm2dAttestation.RemoteToTpm2d?): Tpm2dAttestation.Tpm2dToRemote {
+        // Write attestation request message
+        val requestBytes = request!!.toByteArray()
+        os.writeInt(requestBytes.size)
+        os.write(requestBytes)
+        // Read attestation result message
+        val resultBytes = ByteArray(`is`.readInt())
+        `is`.readFully(resultBytes)
+        return Tpm2dAttestation.Tpm2dToRemote.parseFrom(resultBytes)
+    }
+
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
new file mode 100644
index 000000000..42ba4bf39
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
@@ -0,0 +1,266 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+
+import com.google.protobuf.InvalidProtocolBufferException
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dMessageWrapper
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dRatResponse
+import org.slf4j.LoggerFactory
+import tss.tpm.*
+import java.io.ByteArrayInputStream
+import java.nio.charset.StandardCharsets
+import java.nio.file.FileSystems
+import java.nio.file.Files
+import java.security.Signature
+import java.security.cert.CertificateFactory
+import java.security.cert.X509Certificate
+import java.util.*
+import java.util.concurrent.BlockingQueue
+import java.util.concurrent.LinkedBlockingQueue
+
+/**
+ * A TPM2d RatVerifier driver that verifies the remote peer's identity using TPM2d
+ */
+class TPM2dVerifier(fsmListener: FsmListener) : RatVerifierDriver(fsmListener) {
+    /*
+     * ******************* Protocol *******************
+     *
+     * Verifier: (Challenger)
+     * -------------------------
+     * Generate NonceV
+     * create RatChallenge (NonceV, aType, pcr_mask)
+     * -------------------------
+     *
+     * Prover: (Responder)
+     * -------------------------
+     * get RatChallenge (NonceV, aType, pcr_mask)
+     * hash = calculateHash(nonceV, certV)
+     * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
+     * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
+     * create AttestationResponse from tpm response
+     * -------------------------
+     *
+     * Verifier: (Responder)
+     * -------------------------
+     * get AttestationResponse
+     * hash = calculateHash(nonceV, certV)
+     * check signature(response, hash)
+     * check repo(aType, response, ttpUri)
+     * create RatResult
+     * -------------------------
+     *
+     * Prover: (Requester)
+     * -------------------------
+     * get AttestationResult
+     * -------------------------
+     *
+     */
+    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
+    private var config = TPM2dVerifierConfig.Builder().build()
+    override fun setConfig(config: Any) {
+        if (config is TPM2dVerifierConfig) {
+            LOG.debug("Set rat verifier config")
+            this.config = config
+        } else {
+            LOG.warn("Invalid config")
+        }
+    }
+
+    override fun delegate(message: ByteArray) {
+        queue.add(message)
+        LOG.debug("Delegated to Verifier")
+    }
+
+    override fun run() {
+        //TPM2d Challenge-Response Protocol
+
+        // create rat challenge with fresh nonce
+        LOG.debug("Generate and send rat challenge for rat prover")
+        val nonce = TPM2dHelper.generateNonce(20)
+
+        // send challenge as RAT Verifier Message
+        val ratChallenge = TPM2dMessageFactory.getAttestationChallengeMessage(
+                nonce, config.expectedAType, config.expectedAttestationMask).toByteArray()
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratChallenge)
+
+        // wait for attestation response
+        val msg: ByteArray
+        try {
+            msg = queue.take()
+            LOG.debug("Verifier receives new message")
+        } catch (e: InterruptedException) {
+            if (running) {
+                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, ByteArray(0))
+            }
+            return
+        }
+
+        // parse body to expected tpm2d message wrapper
+        val tpm2dMessageWrapper: Tpm2dMessageWrapper
+        tpm2dMessageWrapper = try {
+            Tpm2dMessageWrapper.parseFrom(msg)
+        } catch (e: InvalidProtocolBufferException) {
+            LOG.error("Cannot parse IdscpRatProver body", e)
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, ByteArray(0))
+            return
+        }
+
+        // check if wrapper contains expected rat response
+        if (!tpm2dMessageWrapper.hasRatResponse()) {
+            //unexpected message
+            LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResponse")
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, ByteArray(0))
+            return
+        }
+        LOG.debug("Get rat response from remote prover")
+        //validate rat response
+        val resp = tpm2dMessageWrapper.ratResponse
+        LOG.debug("Validate rat response: signature and rat repository checks")
+
+        // validate signature
+        var result = true
+        val hash = TPM2dHelper.calculateHash(nonce, config.localCertificate)
+        if (!checkSignature(resp, hash)) {
+            result = false
+            LOG.warn("Invalid rat signature")
+        }
+
+        // toDo check rat repo!!!!!!!!! --> Problems with current Rat Repo Protobuf format
+
+        // create and send rat result
+        LOG.debug("Send rat result to remote prover")
+        val ratResult = TPM2dMessageFactory.getAttestationResultMessage(result).toByteArray()
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratResult)
+
+        // notify fsm about result
+        if (result) {
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, ByteArray(0))
+        } else {
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, ByteArray(0))
+        }
+    }
+
+    private fun checkSignature(response: Tpm2dRatResponse, hash: ByteArray): Boolean {
+        val byteSignature = response.signature.toByteArray()
+        val byteCert = response.certificate.toByteArray()
+        val byteQuoted = response.quoted.toByteArray()
+        if (LOG.isDebugEnabled) {
+            LOG.debug("signature: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature))
+            LOG.debug("cert: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteCert))
+            LOG.debug("quoted: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted))
+        }
+        if (byteSignature.isEmpty() || byteCert.isEmpty() || byteQuoted.isEmpty()) {
+            LOG.warn("Some required part (signature, cert or quoted) is empty!")
+            return false
+        }
+        return try {
+            val certFactory = CertificateFactory.getInstance("X.509")
+
+            // Load trust anchor certificate
+            var rootCertificate: X509Certificate
+            val rootCertPath = FileSystems.getDefault().getPath("etc", "rootca-cert.pem")
+            try {
+                Files.newBufferedReader(rootCertPath, StandardCharsets.US_ASCII).use { reader ->
+                    val builder = StringBuilder()
+                    var line = reader.readLine()
+                    while (line != null) {
+                        if (!line.startsWith("-")) {
+                            builder.append(line.trim { it <= ' ' })
+                        }
+                        line = reader.readLine()
+                    }
+                    val rootCertBytes = Base64.getDecoder().decode(builder.toString())
+                    rootCertificate = certFactory.generateCertificate(ByteArrayInputStream(rootCertBytes)) as X509Certificate
+                }
+            } catch (e: Exception) {
+                LOG.error("Error parsing root certificate", e)
+                return false
+            }
+
+            // Create X509Certificate instance from certBytes
+            val certificate = certFactory.generateCertificate(ByteArrayInputStream(byteCert)) as X509Certificate
+            // Verify the TPM certificate
+            try {
+                certificate.verify(rootCertificate.publicKey)
+            } catch (e: Exception) {
+                LOG.error("TPM certificate is invalid", e)
+                return false
+            }
+
+            // Construct a new TPMT_SIGNATURE instance from byteSignature bytes
+            val tpmtSignature: TPMT_SIGNATURE
+            tpmtSignature = try {
+                TPMT_SIGNATURE.fromTpm(byteSignature)
+            } catch (ex: Exception) {
+                LOG.warn("""
+                Could not create a TPMT_SIGNATURE from bytes:
+                ${TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature)}
+                """.trimIndent(),
+                        ex)
+                return false
+            }
+
+            // Construct a new TPMS_ATTEST instance from byteQuoted bytes
+            val tpmsAttest: TPMS_ATTEST
+            tpmsAttest = try {
+                TPMS_ATTEST.fromTpm(byteQuoted)
+            } catch (ex: Exception) {
+                LOG.warn("""
+                Could not create a TPMS_ATTEST from bytes:
+                ${TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted)}
+                """.trimIndent(),
+                        ex)
+                return false
+            }
+
+            // check hash value (extra data) against expected hash
+            val extraBytes = tpmsAttest.extraData
+            if (!Arrays.equals(extraBytes, hash)) {
+                if (LOG.isWarnEnabled) {
+                    LOG.warn("""
+                    The hash (extra data) in TPMS_ATTEST structure is invalid!
+                    extra data: {}
+                    hash: {}
+                    """.trimIndent(),
+                            TPM2dHelper.ByteArrayUtil.toPrintableHexString(extraBytes),
+                            TPM2dHelper.ByteArrayUtil.toPrintableHexString(hash))
+                }
+                return false
+            }
+
+            // Check signature of attestation
+            val tpmSigAlg = tpmtSignature.GetUnionSelector_signature()
+            val tpmSigHashAlg: Int
+            val tpmSig: ByteArray
+            if (tpmSigAlg == TPM_ALG_ID.RSAPSS.toInt()) {
+                tpmSigHashAlg = (tpmtSignature.signature as TPMS_SIGNATURE_RSAPSS).hash.toInt()
+                tpmSig = (tpmtSignature.signature as TPMS_SIGNATURE_RSAPSS).sig
+            } else if (tpmSigAlg == TPM_ALG_ID.RSASSA.toInt()) {
+                tpmSigHashAlg = (tpmtSignature.signature as TPMS_SIGNATURE_RSASSA).hash.toInt()
+                tpmSig = (tpmtSignature.signature as TPMS_SIGNATURE_RSASSA).sig
+            } else {
+                throw Exception(
+                        "Unknown or unimplemented signature scheme: " + tpmtSignature.signature.javaClass)
+            }
+            if (tpmSigHashAlg != TPM_ALG_ID.SHA256.toInt()) {
+                throw Exception("Only SHA256withRSA TPM signature hash algorithm is allowed!")
+            }
+            val sig = Signature.getInstance("SHA256withRSA")
+            sig.initVerify(certificate.publicKey)
+            sig.update(byteQuoted)
+            val result = sig.verify(tpmSig)
+            if (!result && LOG.isWarnEnabled) {
+                LOG.warn("Attestation signature invalid!")
+            }
+            result
+        } catch (ex: Exception) {
+            LOG.warn("Error during attestation validation", ex)
+            false
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(TPM2dVerifier::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.kt
new file mode 100644
index 000000000..152293796
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.kt
@@ -0,0 +1,60 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+
+import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation
+import java.net.URI
+import java.net.URISyntaxException
+import java.security.cert.Certificate
+
+/**
+ * A configuration class for TPM2d RatVerifier Driver
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class TPM2dVerifierConfig private constructor() {
+    var localCertificate: Certificate? = null
+        private set
+    var ttpUri: URI? = null
+        private set
+    var expectedAType = Tpm2dAttestation.IdsAttestationType.BASIC
+        private set
+    var expectedAttestationMask = 0
+        private set
+
+    class Builder {
+        fun setTtpUri(ttpUri: URI): Builder {
+            config.ttpUri = ttpUri
+            return this
+        }
+
+        fun setLocalCertificate(localCert: Certificate): Builder {
+            config.localCertificate = localCert
+            return this
+        }
+
+        fun setExpectedAttestationType(aType: Tpm2dAttestation.IdsAttestationType): Builder {
+            config.expectedAType = aType
+            return this
+        }
+
+        fun setExpectedAttestationMask(mask: Int): Builder {
+            config.expectedAttestationMask = mask
+            return this
+        }
+
+        fun build(): TPM2dVerifierConfig {
+            return config
+        }
+
+        companion object {
+            private val config = TPM2dVerifierConfig()
+        }
+    }
+
+    init {
+        ttpUri = try {
+            URI("https://invalid-ttp-uri/rat-verify")
+        } catch (e: URISyntaxException) {
+            throw RuntimeException(e)
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
new file mode 100644
index 000000000..8f2abc16d
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
@@ -0,0 +1,65 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client.TLSClient
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server.TLSServer
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import org.slf4j.LoggerFactory
+import java.io.IOException
+import java.security.KeyManagementException
+import java.security.NoSuchAlgorithmException
+import java.util.concurrent.CompletableFuture
+
+/**
+ * An implementation of SecureChannelDriver interface on TLSv1.3
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class NativeTLSDriver : SecureChannelDriver {
+    /**
+     * Performs an asynchronous client connect to a TLS server.
+     */
+    override fun connect(settings: Idscp2Settings,
+                         dapsDriver: DapsDriver,
+                         connectionFuture: CompletableFuture<Idscp2Connection>) {
+        try {
+            val tlsClient = TLSClient(settings, dapsDriver, connectionFuture)
+            tlsClient.connect(settings.host, settings.serverPort)
+        } catch (e: IOException) {
+            connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
+        } catch (e: NoSuchAlgorithmException) {
+            connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
+        } catch (e: KeyManagementException) {
+            connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
+        }
+    }
+
+    /**
+     * Creates and starts a new TLS Server instance.
+     *
+     * @return The SecureServer instance
+     * @throws Idscp2Exception If any error occurred during server creation/start
+     */
+    override fun listen(settings: Idscp2Settings, channelInitListener: SecureChannelInitListener,
+                        serverListenerPromise: CompletableFuture<ServerConnectionListener>): SecureServer {
+        return try {
+            TLSServer(settings, channelInitListener, serverListenerPromise)
+        } catch (e: IOException) {
+            throw Idscp2Exception("Error while trying to to start SecureServer", e)
+        } catch (e: NoSuchAlgorithmException) {
+            throw Idscp2Exception("Error while trying to to start SecureServer", e)
+        } catch (e: KeyManagementException) {
+            throw Idscp2Exception("Error while trying to to start SecureServer", e)
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(NativeTLSDriver::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.kt
new file mode 100644
index 000000000..15dd355d7
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.kt
@@ -0,0 +1,23 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel
+
+/**
+ * TLS Constants
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+object TLSConstants {
+    // Used TLS version
+    const val TLS_INSTANCE = "TLSv1.3"
+
+    // Enabled encryption protocols
+    val TLS_ENABLED_PROTOCOLS = arrayOf(TLS_INSTANCE)
+
+    // Acceptable TLS ciphers
+    val TLS_ENABLED_CIPHERS = arrayOf( //            "TLS_AES_128_GCM_SHA256",
+            "TLS_AES_256_GCM_SHA384",
+            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",  //            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",  //            "TLS_RSA_WITH_AES_256_GCM_SHA384",
+            //            "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
+            //            "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
+            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384")
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt
new file mode 100644
index 000000000..61f4ff14b
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt
@@ -0,0 +1,178 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel
+
+import org.slf4j.LoggerFactory
+import java.security.cert.CertificateExpiredException
+import java.security.cert.CertificateNotYetValidException
+import java.security.cert.CertificateParsingException
+import java.security.cert.X509Certificate
+import java.util.*
+import java.util.regex.Pattern
+import javax.net.ssl.SSLPeerUnverifiedException
+import javax.net.ssl.SSLSession
+
+/**
+ * A class for verifying an established TLS Session on application layer
+ * (application level security)
+ *
+ * @author Leon Beckmann (leon.beckmannn@aisec.fraunhofer.de)
+ */
+object TLSSessionVerificationHelper {
+    private val LOG = LoggerFactory.getLogger(TLSSessionVerificationHelper::class.java)
+    private const val ipv4Pattern = "(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])"
+    private const val ipv6Pattern = "([0-9a-f]{1,4}:){7}([0-9a-f]){1,4}"
+
+    /*
+     * Checks if the ssl session is valid and the remote host can be trusted
+     *
+     * Due to the fact, that hostname verification is not specified in the secure socket layer,
+     * we have to check if the connected hostname matches to the subject of the peer certificate to
+     * avoid Man-In-The-Middle Attacks. This is required for every raw tls!
+     *
+     * Further we check the peer certificate validity to avoid the case that some of the certificates
+     * in our local trust_store are not valid anymore and allow a peer connector to connect with an
+     * expired certificate
+     *
+     * Throws SSlPeerUnverifiedException if peer certificate is not secure for this peer
+     */
+    @Throws(SSLPeerUnverifiedException::class)
+    fun verifyTlsSession(sslSession: SSLSession) {
+        val host = sslSession.peerHost
+        LOG.debug("Connected to {}:{}", host, sslSession.peerPort)
+        try {
+
+            //get certificate
+            val certificates = sslSession.peerCertificates
+            if (certificates.size != 1) {
+                throw SSLPeerUnverifiedException("Unexpected number of certificates")
+            }
+            val peerCert = certificates[0] as X509Certificate
+
+            /*
+             * According to RFC6125, hostname verification should be done against the certificate's
+             * subject alternative name's (SANs) dNSName field or the SANs IPAddress. In some legacy
+             * implementations, the check is done against the certificate's commonName, but this is
+             * deprecated for quite a while and is therefore not supported anymore in te IDSCP2 protocol.
+             */
+            val sans = peerCert.subjectAlternativeNames
+                    ?: throw SSLPeerUnverifiedException("No Subject alternative names for hostname "
+                            + "verification provided")
+            val acceptedDnsNames = ArrayList<String>()
+            val acceptedIpAddresses = ArrayList<String>()
+            for (subjectAltName in sans) {
+                if (subjectAltName.size != 2) {
+                    continue
+                }
+                val value = subjectAltName[1]!!
+                when (subjectAltName[0] as Int?) {
+                    2 -> if (value is String) {
+                        acceptedDnsNames.add(value)
+                    } else if (value is ByteArray) {
+                        acceptedDnsNames.add(String(value))
+                    }
+                    7 -> if (value is String) {
+                        acceptedIpAddresses.add(value)
+                    } else if (value is ByteArray) {
+                        acceptedIpAddresses.add(String(value))
+                    }
+                    0, 1, 3, 4, 5, 6, 8 -> {
+                    }
+                    else -> {
+                    }
+                }
+            }
+
+            //toDo localhost is matched manually to 127.0.0.1 for testing..
+            // automatic dns resolving via DNS service is not an option since we cannot trust the DNS
+            if (acceptedDnsNames.contains("localhost")) {
+                acceptedIpAddresses.add("127.0.0.1")
+            }
+            if (isIpAddress(host)) {
+                //FIXME The server should provide a possibility to validate clients dnsNames against SANs in
+                // Client certificate to avoid MITMs. This is an open issue
+                //check ip addresses RFC 2818 (Section 3.1)
+                if (!acceptedIpAddresses.contains(host)) {
+                    throw SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
+                            + "not belong to peer host")
+                }
+            } else {
+                //check hostname
+                val hostLabels = host.split("\\.".toRegex()).toTypedArray()
+                var found = false
+                for (entry in acceptedDnsNames) {
+                    if (checkHostname(entry.split("\\.".toRegex()).dropLastWhile { it.isEmpty() }.toTypedArray(), hostLabels)) {
+                        found = true
+                        break
+                    }
+                }
+                if (!found) {
+                    throw SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
+                            + "not belong to peer host")
+                }
+            }
+
+
+            //check certificate validity for now and at least one day
+            val oneDay = Date()
+            oneDay.time = oneDay.time + 86400000
+            peerCert.checkValidity()
+            peerCert.checkValidity(oneDay)
+        } catch (e: CertificateParsingException) {
+            throw SSLPeerUnverifiedException("TLS Session Verification failed $e")
+        } catch (e: CertificateNotYetValidException) {
+            throw SSLPeerUnverifiedException("TLS Session Verification failed $e")
+        } catch (e: CertificateExpiredException) {
+            throw SSLPeerUnverifiedException("TLS Session Verification failed $e")
+        }
+    }
+
+    /*
+     * check if host is an IP Address
+     */
+    private fun isIpAddress(host: String): Boolean {
+        val ip4 = Pattern.compile(ipv4Pattern, Pattern.CASE_INSENSITIVE).matcher(host)
+        if (ip4.matches()) {
+            return true
+        }
+        val ip6 = Pattern.compile(ipv6Pattern, Pattern.CASE_INSENSITIVE).matcher(host)
+        return ip6.matches()
+    }
+
+    /*
+     * match dNS Name
+     */
+    private fun checkHostname(dnsNameLabels: Array<String>, hostNameLabels: Array<String>): Boolean {
+
+        /*
+         * support wildcard matching of DNS names as described in RFC6125 Section 6.4.3
+         *
+         * Rules:
+         * 1. The client SHOULD NOT attempt to match a presented identifier in which the wildcard
+         * character comprises a label other than the left-most label
+         * (e.g., do not match bar.*.example.net).
+         *
+         * 2. If the wildcard character is the only character of the left-most label in the
+         * presented identifier, the client SHOULD NOT compare against anything but the left-most
+         * label of the reference identifier (e.g., *.example.com would match foo.example.com but
+         * not bar.foo.example.com or example.com).
+         *
+         * 3. The client MAY match a presented identifier in which the wildcard character is not the
+         * only character of the label (e.g., baz*.example.net and *baz.example.net and
+         * b*z.example.net would be taken to match baz1.example.net and foobaz.example.net and
+         * buzz.example.net, respectively).  However, the client SHOULD NOT attempt to match a
+         * presented identifier where the wildcard character is embedded within an A-label or
+         * U-label of an internationalized domain name.
+         */
+        if (dnsNameLabels.size == hostNameLabels.size) { //include rule 2
+            //all labels without the first one must match completely (rule 1)
+            for (i in 1 until dnsNameLabels.size) {
+                if (dnsNameLabels[i] != hostNameLabels[i]) {
+                    return false
+                }
+            }
+
+            //first label could include wildcard character '*' (rule 1+3)
+            return hostNameLabels[0].matches(Regex(dnsNameLabels[0].replace("*", ".*")))
+        }
+        return false
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.kt
similarity index 75%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.kt
index c59b4c912..e51a183ab 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client
 
 /**
  * An interface for DataAvailableListeners, that will be notified when new data has been received
@@ -6,20 +6,19 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public interface DataAvailableListener {
-
+interface DataAvailableListener {
     /*
      * Provide incoming data to listener
      */
-    void onMessage(byte[] data);
+    fun onMessage(bytes: ByteArray)
 
     /*
      * Notify listener that an error has occurred
      */
-    void onError(Throwable e);
+    fun onError(e: Throwable)
 
     /*
      * Notify listener that the socket has been closed
      */
-    void onClose();
-}
+    fun onClose()
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.kt
similarity index 73%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.kt
index 09c1338e9..809288af1 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client;
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client
 
 /**
  * An interface for an InputListenerThread, that allows DataAvailableListener registration and
@@ -6,15 +6,14 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public interface InputListener {
-
+interface InputListener {
     /*
      * Register a listener for providing data to
      */
-    void register(DataAvailableListener listener);
+    fun register(listener: DataAvailableListener)
 
     /*
      * Terminate InputListener
      */
-    void safeStop();
-}
+    fun safeStop()
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.kt
new file mode 100644
index 000000000..ec16d66df
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.kt
@@ -0,0 +1,56 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client
+
+import java.io.DataInputStream
+import java.io.EOFException
+import java.io.IOException
+import java.io.InputStream
+import java.net.SocketTimeoutException
+
+/**
+ * A simple Listener thread that listens to an input stream and notifies a listeners
+ * when new data has been received
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class InputListenerThread(`in`: InputStream) : Thread(), InputListener {
+    private val `in`: DataInputStream = DataInputStream(`in`)
+    private var listener: DataAvailableListener? = null //no race conditions, could be empty list
+
+    @Volatile
+    private var running = true
+
+    /*
+     * Run the input listener thread that reads from wire and provides data to upper layer
+     */
+    override fun run() {
+        var buf: ByteArray
+        while (running) {
+            try {
+                //first read the length
+                val len = `in`.readInt()
+                buf = ByteArray(len)
+                //then read the data
+                `in`.readFully(buf, 0, len)
+                //provide to listener
+                listener!!.onMessage(buf)
+            } catch (ignore: SocketTimeoutException) {
+                //timeout to catch safeStop() call
+            } catch (e: EOFException) {
+                listener!!.onClose()
+                running = false
+            } catch (e: IOException) {
+                listener!!.onError(e)
+                running = false
+            }
+        }
+    }
+
+    override fun register(listener: DataAvailableListener) {
+        this.listener = listener
+    }
+
+    override fun safeStop() {
+        running = false
+    }
+
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
new file mode 100644
index 000000000..fbf6ba0ad
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
@@ -0,0 +1,202 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener
+import org.slf4j.LoggerFactory
+import java.io.DataOutputStream
+import java.io.IOException
+import java.net.InetSocketAddress
+import java.net.Socket
+import java.util.concurrent.CompletableFuture
+import javax.net.ssl.*
+
+/**
+ * A TLS Client that notifies an Idscp2ServerFactory when a secure channel was created and the
+ * TLS handshake is done. The client is notified from an InputListenerThread when new data are
+ * available and transfer it to the SecureChannelListener
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class TLSClient(
+        private val clientSettings: Idscp2Settings,
+        private val dapsDriver: DapsDriver,
+        private val connectionFuture: CompletableFuture<Idscp2Connection>
+) : HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
+    private val clientSocket: Socket?
+    private var out: DataOutputStream? = null
+    private var inputListenerThread: InputListenerThread? = null
+    private val listenerPromise = CompletableFuture<SecureChannelListener>()
+
+    /**
+     * Connect to TLS server and start TLS Handshake
+     */
+    fun connect(hostname: String?, port: Int) {
+        val sslSocket = clientSocket as SSLSocket?
+        if (sslSocket == null || sslSocket.isClosed) {
+            throw Idscp2Exception("Client socket is not available")
+        }
+        try {
+            sslSocket.connect(InetSocketAddress(hostname, port))
+            LOG.debug("Client is connected to server {}:{}", hostname, port)
+
+            //set clientSocket timeout to allow safeStop()
+            clientSocket!!.soTimeout = 5000
+            out = DataOutputStream(clientSocket.getOutputStream())
+
+            // Add inputListener but start it not before handshake is complete
+            inputListenerThread = InputListenerThread(clientSocket.getInputStream())
+            inputListenerThread!!.register(this)
+            sslSocket.addHandshakeCompletedListener(this)
+            LOG.debug("Start TLS Handshake")
+            sslSocket.startHandshake()
+        } catch (e: SSLHandshakeException) {
+            // FIXME: Any such disconnect makes the server maintain a broken connection
+            disconnect()
+            throw Idscp2Exception("TLS Handshake failed", e)
+        } catch (e: SSLProtocolException) {
+            disconnect()
+            throw Idscp2Exception("TLS Handshake failed", e)
+        } catch (e: IOException) {
+            // FIXME: Any such disconnect makes the server maintain a broken connection
+            disconnect()
+            throw Idscp2Exception("Connecting TLS client to server failed", e)
+        }
+    }
+
+    private fun disconnect() {
+        LOG.debug("Disconnecting from TLS server...")
+        //close listener
+        if (inputListenerThread != null && inputListenerThread!!.isAlive) {
+            inputListenerThread!!.safeStop()
+        }
+        if (clientSocket != null && !clientSocket.isClosed) {
+            try {
+                clientSocket.close()
+            } catch (e: IOException) {
+                onError(e)
+            }
+        }
+    }
+
+    override fun onClose() {
+        listenerPromise.thenAccept { obj: SecureChannelListener -> obj.onClose() }
+    }
+
+    override fun onError(e: Throwable) {
+        listenerPromise.thenAccept { listener: SecureChannelListener -> listener.onError(e) }
+    }
+
+    override fun close() {
+        disconnect()
+    }
+
+    override fun send(bytes: ByteArray): Boolean {
+        return if (!isConnected) {
+            LOG.error("Client cannot send data because socket is not connected")
+            false
+        } else {
+            try {
+                out!!.writeInt(bytes.size)
+                out!!.write(bytes)
+                out!!.flush()
+                LOG.debug("Send message")
+                true
+            } catch (e: IOException) {
+                LOG.error("Client cannot send data")
+                false
+            }
+        }
+    }
+
+    override val isConnected: Boolean
+        get() = clientSocket != null && clientSocket.isConnected
+
+    override fun handshakeCompleted(handshakeCompletedEvent: HandshakeCompletedEvent) {
+        //start receiving listener after TLS Handshake was successful
+        if (LOG.isDebugEnabled) {
+            LOG.debug("TLS Handshake was successful")
+        }
+        if (!connectionFuture.isCancelled) {
+            // TODO: When server behavior fixed, disconnect and return here instantly
+//            disconnect();
+//            return;
+        }
+
+        // verify tls session on application layer: hostname verification, certificate validity
+        try {
+            TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.session)
+            LOG.debug("TLS session is valid")
+            // Create secure channel, register secure channel as message listener and notify IDSCP2 Configuration.
+            val secureChannel = SecureChannel(this)
+            // Try to complete, won't do anything if promise has been cancelled
+            listenerPromise.complete(secureChannel)
+            val connection = Idscp2Connection(secureChannel, clientSettings, dapsDriver)
+            inputListenerThread!!.start()
+            // Try to complete, won't do anything if promise has been cancelled
+            connectionFuture.complete(connection)
+            if (connectionFuture.isCancelled) {
+                connection.close()
+            }
+        } catch (e: SSLPeerUnverifiedException) {
+            // FIXME: Any such disconnect makes the server maintain a broken connection
+            disconnect()
+            connectionFuture.completeExceptionally(
+                    Idscp2Exception("TLS session is not valid. Close TLS connection", e))
+        }
+    }
+
+    override fun onMessage(bytes: ByteArray) {
+        listenerPromise.thenAccept { listener: SecureChannelListener -> listener.onMessage(bytes) }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(TLSClient::class.java)
+    }
+
+    init {
+
+        // init TLS Client
+
+        // get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
+        // hostVerification and algorithm constraints
+        val myTrustManager = PreConfiguration.getX509ExtTrustManager(
+                clientSettings.trustStorePath,
+                clientSettings.trustStorePassword
+        )
+
+        // get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
+        // connection specific key selection via key alias
+        val myKeyManager = PreConfiguration.getX509ExtKeyManager(
+                clientSettings.keyPassword,
+                clientSettings.keyStorePath,
+                clientSettings.keyStorePassword,
+                clientSettings.certificateAlias,
+                clientSettings.keyStoreKeyType
+        )
+        val sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE)
+        sslContext.init(myKeyManager, myTrustManager, null)
+        val socketFactory = sslContext.socketFactory
+
+        // create server socket
+        clientSocket = socketFactory.createSocket()
+        val sslSocket = clientSocket as SSLSocket?
+
+        // set TLS constraints
+        val sslParameters = sslSocket!!.sslParameters
+        sslParameters.useCipherSuitesOrder = false // use server priority order
+        sslParameters.needClientAuth = true
+        sslParameters.protocols = TLSConstants.TLS_ENABLED_PROTOCOLS // only TLSv1.3
+        sslParameters.cipherSuites = TLSConstants.TLS_ENABLED_CIPHERS // only allow strong cipher
+        //        sslParameters.setEndpointIdentificationAlgorithm("HTTPS");  // is done in application layer
+        sslSocket.sslParameters = sslParameters
+        LOG.debug("TLS Client was initialized successfully")
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
new file mode 100644
index 000000000..bf8eeb5df
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
@@ -0,0 +1,138 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import org.slf4j.LoggerFactory
+import java.io.IOException
+import java.net.ServerSocket
+import java.net.SocketException
+import java.net.SocketTimeoutException
+import java.util.concurrent.CompletableFuture
+import javax.net.ssl.SSLContext
+import javax.net.ssl.SSLServerSocket
+import javax.net.ssl.SSLSocket
+
+/**
+ * A TLS Server that listens on a given port from the Idscp2Settings and create new
+ * TLSServerThreads for incoming connections
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class TLSServer(serverSettings: Idscp2Settings, private val secureChannelInitListener: SecureChannelInitListener,
+                private val serverListenerPromise: CompletableFuture<ServerConnectionListener>) : Runnable, SecureServer {
+    @Volatile
+    override var isRunning = false
+        private set
+    private val serverSocket: ServerSocket
+    private val serverThread: Thread
+    override fun run() {
+        if (serverSocket.isClosed) {
+            LOG.error("ServerSocket has been closed, server thread is stopping now.")
+            return
+        }
+        isRunning = true
+        LOG.debug("TLS server started, entering accept() loop...")
+        while (isRunning) {
+            try {
+                val sslSocket = serverSocket.accept() as SSLSocket
+                try {
+                    // Start new server thread
+                    LOG.debug("New TLS client has connected. Creating new server thread...")
+                    val serverThread = TLSServerThread(sslSocket, secureChannelInitListener, serverListenerPromise)
+                    sslSocket.addHandshakeCompletedListener(serverThread)
+                    serverThread.start()
+                } catch (serverThreadException: Exception) {
+                    LOG.error("Error whilst creating/starting TLSServerThread", serverThreadException)
+                }
+            } catch (e: SocketTimeoutException) {
+                //timeout on serverSocket blocking functions was reached
+                //in this way we can catch safeStop() function, that makes isRunning false
+                //without closing the serverSocket, so we can stop and restart the server
+                //alternative: close serverSocket. But then we cannot reuse it
+            } catch (e: SocketException) {
+                LOG.debug("Server socket has been closed.")
+                isRunning = false
+            } catch (e: IOException) {
+                LOG.error("Error during TLS server socket accept, notifying error handlers...")
+                secureChannelInitListener.onError(e)
+                isRunning = false
+            }
+        }
+        if (!serverSocket.isClosed) {
+            try {
+                serverSocket.close()
+            } catch (e: IOException) {
+                LOG.warn("Could not close TLS server socket", e)
+            }
+        }
+    }
+
+    override fun safeStop() {
+        LOG.debug("Stopping tls server")
+        isRunning = false
+        //        try {
+//            serverSocket.close();
+//        } catch (IOException e) {
+//            LOG.warn("Trying to close server socket failed!", e);
+//        }
+        try {
+            serverThread.join()
+        } catch (e: InterruptedException) {
+            LOG.warn("InterruptedException whilst waiting for server stop", e)
+            Thread.currentThread().interrupt()
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(TLSServer::class.java)
+    }
+
+    init {
+
+        /* init server for TCP/TLS communication */
+
+        // Get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager,
+        // which enables host verification and algorithm constraints
+        LOG.debug("Creating trust manager for TLS server...")
+        val myTrustManager = PreConfiguration.getX509ExtTrustManager(
+                serverSettings.trustStorePath,
+                serverSettings.trustStorePassword
+        )
+
+        // Get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager,
+        // which enables connection specific key selection via key alias
+        LOG.debug("Creating key manager for TLS server...")
+        val myKeyManager = PreConfiguration.getX509ExtKeyManager(
+                serverSettings.keyPassword,
+                serverSettings.keyStorePath,
+                serverSettings.keyStorePassword,
+                serverSettings.certificateAlias,
+                serverSettings.keyStoreKeyType
+        )
+        LOG.debug("Setting TLS security attributes and creating TLS server socket...")
+        // Create TLS context based on keyManager and trustManager
+        val sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE)
+        sslContext.init(myKeyManager, myTrustManager, null)
+        val socketFactory = sslContext.serverSocketFactory
+        serverSocket = socketFactory.createServerSocket(serverSettings.serverPort)
+        // Set timeout for serverSocket.accept()
+        serverSocket.soTimeout = 5000
+        val sslServerSocket = serverSocket as SSLServerSocket
+
+        // Set TLS constraints
+        val sslParameters = sslServerSocket.sslParameters
+        sslParameters.useCipherSuitesOrder = true //server determines priority-order of algorithms in CipherSuite
+        sslParameters.needClientAuth = true //client must authenticate
+        sslParameters.protocols = TLSConstants.TLS_ENABLED_PROTOCOLS //only TLSv1.3
+        sslParameters.cipherSuites = TLSConstants.TLS_ENABLED_CIPHERS //only allow strong cipher suite
+        sslServerSocket.sslParameters = sslParameters
+        LOG.debug("Starting TLS server...")
+        serverThread = Thread(this, "TLS Server Thread "
+                + serverSettings.host + ":" + serverSettings.serverPort)
+        serverThread.start()
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt
new file mode 100644
index 000000000..80359bcc6
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt
@@ -0,0 +1,164 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener
+import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import org.slf4j.LoggerFactory
+import java.io.*
+import java.net.SocketTimeoutException
+import java.util.concurrent.CompletableFuture
+import javax.net.ssl.HandshakeCompletedEvent
+import javax.net.ssl.HandshakeCompletedListener
+import javax.net.ssl.SSLPeerUnverifiedException
+import javax.net.ssl.SSLSocket
+
+/**
+ * A TLSServerThread that notifies an IDSCP2Config when a secure channel was created and the
+ * TLS handshake is done
+ *
+ *
+ * When new data are available the serverThread transfers it to the SecureChannelListener
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class TLSServerThread internal constructor(sslSocket: SSLSocket, configCallback: SecureChannelInitListener,
+                                           serverListenerPromise: CompletableFuture<ServerConnectionListener>) : Thread(), HandshakeCompletedListener, SecureChannelEndpoint, Closeable {
+    @Volatile
+    private var running = true
+    private val `in`: DataInputStream
+    private val out: DataOutputStream
+    private val sslSocket: SSLSocket?
+    private val configCallback: SecureChannelInitListener
+    private val serverListenerPromise: CompletableFuture<ServerConnectionListener>
+    private val channelListenerPromise = CompletableFuture<SecureChannelListener>()
+    private val tlsVerificationLatch = FastLatch()
+    override fun run() {
+        // first run the tls handshake to enforce catching every error occurred during the handshake
+        // before reading from buffer. Else if there exists any non-catched exception during handshake
+        // the thread would wait forever in onError() until handshakeCompleteListener is called
+        try {
+            sslSocket!!.startHandshake()
+            // Wait for TLS session verification
+            tlsVerificationLatch.await()
+        } catch (e: Exception) {
+            LOG.error("Exception occurred during SSL handshake. Quiting server thread...", e)
+            onError(e)
+            running = false
+        }
+
+        //wait for new data while running
+        var buf: ByteArray
+        while (running) {
+            try {
+                val len = `in`.readInt()
+                buf = ByteArray(len)
+                `in`.readFully(buf, 0, len)
+                onMessage(buf)
+            } catch (ignore: SocketTimeoutException) {
+                // Timeout catches safeStop() call and allows to send server_goodbye
+            } catch (e: EOFException) {
+                onClose()
+                running = false
+            } catch (e: IOException) {
+                onError(e)
+                running = false
+            }
+        }
+        closeSockets()
+    }
+
+    private fun closeSockets() {
+        try {
+            out.close()
+            `in`.close()
+            sslSocket!!.close()
+        } catch (ignore: IOException) {
+        }
+    }
+
+    override fun send(bytes: ByteArray): Boolean {
+        return if (!isConnected) {
+            LOG.error("Server cannot send data because socket is not connected")
+            closeSockets()
+            false
+        } else {
+            try {
+                out.writeInt(bytes.size)
+                out.write(bytes)
+                out.flush()
+                LOG.trace("Sent message: " + String(bytes))
+                true
+            } catch (e: IOException) {
+                LOG.error("Server could not send data.")
+                closeSockets()
+                false
+            }
+        }
+    }
+
+    private fun onClose() {
+        channelListenerPromise.thenAccept { obj: SecureChannelListener -> obj.onClose() }
+    }
+
+    private fun onError(t: Throwable) {
+        channelListenerPromise.thenAccept { secureChannelListener: SecureChannelListener -> secureChannelListener.onError(t) }
+    }
+
+    override fun close() {
+        safeStop()
+    }
+
+    override fun onMessage(bytes: ByteArray) {
+        channelListenerPromise.thenAccept { listener: SecureChannelListener -> listener.onMessage(bytes) }
+    }
+
+    private fun safeStop() {
+        running = false
+    }
+
+    override val isConnected: Boolean
+        get() = sslSocket != null && sslSocket.isConnected
+
+    override fun handshakeCompleted(handshakeCompletedEvent: HandshakeCompletedEvent) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("TLS Handshake was successful")
+        }
+
+        // verify tls session on application layer: hostname verification, certificate validity
+        try {
+            TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.session)
+            LOG.debug("TLS session is valid")
+        } catch (e: SSLPeerUnverifiedException) {
+            if (LOG.isWarnEnabled) {
+                LOG.warn("TLS session is not valid. Close TLS connection", e)
+            }
+            running = false // set running false before tlsVerificationLatch is decremented
+            return
+        } finally {
+            tlsVerificationLatch.unlock()
+        }
+
+        //provide secure channel to IDSCP2 Config and register secure channel as listener
+        val secureChannel = SecureChannel(this)
+        channelListenerPromise.complete(secureChannel)
+        configCallback.onSecureChannel(secureChannel, serverListenerPromise)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(TLSServerThread::class.java)
+    }
+
+    init {
+        this.sslSocket = sslSocket
+        this.configCallback = configCallback
+        this.serverListenerPromise = serverListenerPromise
+        // Set timeout for blocking read
+        sslSocket.soTimeout = 5000
+        `in` = DataInputStream(sslSocket.inputStream)
+        out = DataOutputStream(sslSocket.outputStream)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt
similarity index 71%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt
index 7a4d2ecee..1b4cd6477 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt
@@ -1,16 +1,15 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces;
+package de.fhg.aisec.ids.idscp2.drivers.interfaces
 
 /**
  * An interface for the DAPS driver, which is used to verify and request dynamicAttributeTokens
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public interface DapsDriver {
-
+interface DapsDriver {
     /*
      * Receive a token from the DapsDriver
      */
-    byte[] getToken();
+    val token: ByteArray
 
     /*
      * Verify a Daps token
@@ -19,5 +18,5 @@ public interface DapsDriver {
      *
      * Return the number of seconds, the DAT is valid
      */
-    long verifyToken(byte[] dat, Object securityRequirements);
-}
+    fun verifyToken(dat: ByteArray?, securityRequirements: Any?): Long
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt
new file mode 100644
index 000000000..0cee386aa
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt
@@ -0,0 +1,35 @@
+package de.fhg.aisec.ids.idscp2.drivers.interfaces
+
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import org.slf4j.LoggerFactory
+
+/**
+ * An abstract RatProverDriver class that creates a rat prover driver thread and proves itself to
+ * the peer connector using remote attestation
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+abstract class RatProverDriver(protected val fsmListener: FsmListener) : Thread() {
+    protected var running = true
+
+    /*
+     * Delegate an IDSCP2 message to the RatProver driver
+     */
+    open fun delegate(message: ByteArray) {}
+
+    /*
+     * Terminate and cancel the RatProver driver
+     */
+    fun terminate() {
+        running = false
+        interrupt()
+    }
+
+    open fun setConfig(config: Any) {
+        LOG.warn("Method 'setConfig' for RatProverDriver is not implemented")
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(RatProverDriver::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt
new file mode 100644
index 000000000..799114974
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt
@@ -0,0 +1,35 @@
+package de.fhg.aisec.ids.idscp2.drivers.interfaces
+
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import org.slf4j.LoggerFactory
+
+/**
+ * An abstract RatVerifierDriver class that creates a rat verifier driver thread and verifier the
+ * peer connector using remote attestation
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+abstract class RatVerifierDriver(protected val fsmListener: FsmListener) : Thread() {
+    protected var running = true
+
+    /*
+     * Delegate the IDSCP2 message to the RatVerifier driver
+     */
+    open fun delegate(message: ByteArray) {}
+
+    /*
+     * Terminate and cancel the RatVerifier driver
+     */
+    fun terminate() {
+        running = false
+        interrupt()
+    }
+
+    open fun setConfig(config: Any) {
+        LOG.warn("Method 'setConfig' for RatVerifierDriver is not implemented")
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(RatVerifierDriver::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
new file mode 100644
index 000000000..6e7fe63b7
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
@@ -0,0 +1,26 @@
+package de.fhg.aisec.ids.idscp2.drivers.interfaces
+
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import java.util.concurrent.CompletableFuture
+
+/**
+ * An interface for the IDSCP2 SecureChannelDriver class, that implements a connect() function
+ * for IDSCP2 clients and a listen() function for IDSCP2 servers to connect the underlying layer
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+interface SecureChannelDriver {
+    /*
+     * Asynchronous method to create a secure connection to a secure server
+     */
+    fun connect(settings: Idscp2Settings, dapsDriver: DapsDriver, connectionFuture: CompletableFuture<Idscp2Connection>)
+
+    /*
+     * Starting a secure server
+     */
+    fun listen(settings: Idscp2Settings, channelInitListener: SecureChannelInitListener,
+               serverListenerPromise: CompletableFuture<ServerConnectionListener>): SecureServer
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.kt
similarity index 63%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.kt
index af0f3913d..38ba3199d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.kt
@@ -1,19 +1,18 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces;
+package de.fhg.aisec.ids.idscp2.drivers.interfaces
 
 /**
  * An interface for the IDSCP2 Secure Server
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public interface SecureServer {
-
+interface SecureServer {
     /*
      * Terminate the secure server
      */
-    void safeStop();
+    fun safeStop()
 
     /*
      * Check if the secure server is running
      */
-    boolean isRunning();
-}
+    val isRunning: Boolean
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/DatException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/DatException.kt
new file mode 100644
index 000000000..d4087ad10
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/DatException.kt
@@ -0,0 +1,6 @@
+package de.fhg.aisec.ids.idscp2.error
+
+class DatException : RuntimeException {
+    constructor(s: String?) : super(s) {}
+    constructor(s: String?, e: Exception?) : super(s, e) {}
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.kt
new file mode 100644
index 000000000..024d30df5
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.kt
@@ -0,0 +1,11 @@
+package de.fhg.aisec.ids.idscp2.error
+
+/**
+ * IDSCP2 Exception
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Idscp2Exception : RuntimeException {
+    constructor(message: String?) : super(message) {}
+    constructor(message: String?, cause: Throwable?) : super(message, cause) {}
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
new file mode 100644
index 000000000..408c6c3f1
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -0,0 +1,80 @@
+package de.fhg.aisec.ids.idscp2.example
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ClientFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
+import org.slf4j.LoggerFactory
+import java.nio.charset.StandardCharsets
+import java.util.concurrent.CompletableFuture
+
+class Idscp2ClientInitiator {
+    private val connectionFuture = CompletableFuture<Idscp2Connection>()
+    fun init(settings: Idscp2Settings) {
+        val secureChannelDriver: SecureChannelDriver = NativeTLSDriver()
+        val config = DefaultDapsDriverConfig.Builder()
+                .setKeyStorePath(settings.keyStorePath)
+                .setTrustStorePath(settings.trustStorePath)
+                .setKeyStorePassword(settings.keyStorePassword)
+                .setTrustStorePassword(settings.trustStorePassword)
+                .setKeyAlias(settings.dapsKeyAlias)
+                .setKeyPassword(settings.keyPassword)
+                .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                .build()
+        RatProverDriverRegistry.registerDriver(
+                "Dummy", RatProverDummy::class.java, null)
+        RatVerifierDriverRegistry.registerDriver(
+                "Dummy", RatVerifierDummy::class.java, null)
+        RatProverDriverRegistry.registerDriver(
+                "TPM2d", TPM2dProver::class.java,
+                TPM2dProverConfig.Builder().build()
+        )
+        RatVerifierDriverRegistry.registerDriver(
+                "TPM2d", TPM2dVerifier::class.java,
+                TPM2dVerifierConfig.Builder().build()
+        )
+        val clientConfig = Idscp2ClientFactory(
+                DefaultDapsDriver(config),
+                secureChannelDriver
+        )
+        clientConfig.connect(settings, connectionFuture)
+        connectionFuture.thenAccept { connection: Idscp2Connection ->
+            println("Client: New connection with id " + connection.id)
+            connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
+                override fun onError(t: Throwable) {
+                    LOG.error("Client connection error occurred", t)
+                }
+
+                override fun onClose(connection: Idscp2Connection) {
+                    LOG.info("Client: Connection with id " + connection.id + " has been closed")
+                }
+            })
+            connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
+                println("Received ping message: " + String(data, StandardCharsets.UTF_8))
+                CompletableFuture.runAsync { c.close() } // FSM error if run from the same thread
+            }
+            connection.unlockMessaging()
+            connection.send("PING".toByteArray(StandardCharsets.UTF_8))
+            println("Sent PING...")
+        }.exceptionally { t: Throwable? ->
+            LOG.error("Client endpoint error occurred", t)
+            null
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ClientInitiator::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
new file mode 100644
index 000000000..cb55e608e
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -0,0 +1,88 @@
+package de.fhg.aisec.ids.idscp2.example
+
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
+import org.slf4j.LoggerFactory
+import java.nio.charset.StandardCharsets
+
+class Idscp2ServerInitiator : Idscp2EndpointListener {
+    fun init(settings: Idscp2Settings) {
+        val secureChannelDriver: SecureChannelDriver = NativeTLSDriver()
+        val config = DefaultDapsDriverConfig.Builder()
+                .setKeyStorePath(settings.keyStorePath)
+                .setTrustStorePath(settings.trustStorePath)
+                .setKeyStorePassword(settings.keyStorePassword)
+                .setTrustStorePassword(settings.trustStorePassword)
+                .setKeyAlias(settings.dapsKeyAlias)
+                .setKeyPassword(settings.keyPassword)
+                .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                .build()
+        val dapsDriver: DapsDriver = DefaultDapsDriver(config)
+        RatProverDriverRegistry.registerDriver(
+                "Dummy", RatProverDummy::class.java, null)
+        RatVerifierDriverRegistry.registerDriver(
+                "Dummy", RatVerifierDummy::class.java, null)
+        RatProverDriverRegistry.registerDriver(
+                "TPM2d", TPM2dProver::class.java, TPM2dProverConfig.Builder().build()
+        )
+        RatVerifierDriverRegistry.registerDriver(
+                "TPM2d", TPM2dVerifier::class.java, TPM2dVerifierConfig.Builder().build()
+        )
+        val serverConfig = Idscp2ServerFactory(
+                this,
+                settings,
+                dapsDriver,
+                secureChannelDriver
+        )
+        @Suppress("UNUSED_VARIABLE") val idscp2Server = serverConfig.listen(settings)
+
+//        try {
+//            Thread.sleep(40_000); //run server for 2 minutes
+//        } catch (Exception ignored) {
+//        } finally {
+//            idscp2Server.closeConnection();
+//        }
+    }
+
+    override fun onConnection(connection: Idscp2Connection) {
+        println("Server: New connection with id " + connection.id)
+        connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
+            override fun onError(t: Throwable) {
+                LOG.error("Server connection error occurred", t)
+            }
+
+            override fun onClose(connection: Idscp2Connection) {
+                LOG.info("Server: Connection with id " + connection.id + " has been closed")
+            }
+        })
+        connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
+            println("Received ping message: ${String(data, StandardCharsets.UTF_8)}".trimIndent())
+            println("Sending PONG...")
+            c.send("PONG".toByteArray(StandardCharsets.UTF_8))
+        }
+    }
+
+    override fun onError(t: Throwable) {
+        LOG.error("Server endpoint error occurred", t)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ServerInitiator::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
new file mode 100644
index 000000000..7860b8909
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
@@ -0,0 +1,20 @@
+package de.fhg.aisec.ids.idscp2.example
+
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import java.nio.file.Paths
+import java.util.*
+
+object RunTLSClient {
+    @JvmStatic
+    fun main(args: Array<String>) {
+        val settings = Idscp2Settings.Builder()
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
+                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
+                .setCertificateAlias("1.0.1")
+                .setDapsKeyAlias("1")
+                .setRatTimeoutDelay(300)
+                .build()
+        val initiator = Idscp2ClientInitiator()
+        initiator.init(settings)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
new file mode 100644
index 000000000..15d9b0370
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
@@ -0,0 +1,20 @@
+package de.fhg.aisec.ids.idscp2.example
+
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import java.nio.file.Paths
+import java.util.*
+
+object RunTLSServer {
+    @JvmStatic
+    fun main(argv: Array<String>) {
+        val settings = Idscp2Settings.Builder()
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
+                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
+                .setCertificateAlias("1.0.1")
+                .setDapsKeyAlias("1")
+                .setRatTimeoutDelay(300)
+                .build()
+        val initiator = Idscp2ServerInitiator()
+        initiator.init(settings)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.kt
similarity index 56%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.kt
index 13ec26836..4c60f1807 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.kt
@@ -1,36 +1,35 @@
-package de.fhg.aisec.ids.idscp2.idscp_core;
+package de.fhg.aisec.ids.idscp2.idscp_core
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.slf4j.LoggerFactory
 
 /**
  * This latch implementation uses double-checked-locking, a concept that is mostly broken.
- * However, double-checked locking <b>does</b> work for primitives that are atomic w.r.t. the memory model,
+ * However, double-checked locking **does** work for primitives that are atomic w.r.t. the memory model,
  * see https://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html
  * It is assumed that the JVM implementation always handles byte vars atomically,
  * otherwise the correctness of this code may be broken!
  *
  * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
  */
-public class FastLatch {
-    private static final Logger LOG = LoggerFactory.getLogger(FastLatch.class);
-    private byte locked = 1;
+@Suppress("PLATFORM_CLASS_MAPPED_TO_KOTLIN")
+class FastLatch {
+    private var locked: Byte = 1
 
     /**
      * Wait for this latch to be unlocked.
      */
-    public void await() {
+    fun await() {
         // Check locked flag without synchronization, such that method returns immediately
         // without synchronization overhead if unlocked.
-        while (locked != 0) {
-            synchronized (this) {
+        while (locked.toInt() != 0) {
+            synchronized(this) {
                 // Check the locked flag again to prevent eternal waiting if notifyAll() has been called
                 // before this critical section.
-                if (locked != 0) {
+                if (locked.toInt() != 0) {
                     try {
-                        wait();
-                    } catch (InterruptedException ie) {
-                        LOG.warn("Ignored InterruptException, awaiting unlock...", ie);
+                        (this as Object).wait()
+                    } catch (ie: InterruptedException) {
+                        LOG.warn("Ignored InterruptException, awaiting unlock...", ie)
                     }
                 }
             }
@@ -40,11 +39,14 @@ public void await() {
     /**
      * Unlocks this latch instance.
      */
-    public void unlock() {
-        synchronized (this) {
-            locked = 0;
-            notifyAll();
+    fun unlock() {
+        synchronized(this) {
+            locked = 0
+            (this as Object).notifyAll()
         }
     }
 
-}
+    companion object {
+        private val LOG = LoggerFactory.getLogger(FastLatch::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt
new file mode 100644
index 000000000..70858468e
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt
@@ -0,0 +1,113 @@
+package de.fhg.aisec.ids.idscp2.idscp_core
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
+import org.slf4j.LoggerFactory
+import java.util.*
+import java.util.concurrent.CompletableFuture
+import java.util.function.Consumer
+import java.util.stream.Collectors
+
+/**
+ * The IDSCP2 Connection class holds connections between connectors
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
+ */
+class Idscp2Connection(secureChannel: SecureChannel,
+                       settings: Idscp2Settings,
+                       dapsDriver: DapsDriver) {
+    private val fsm: FSM = FSM(
+            this,
+            secureChannel,
+            dapsDriver,
+            settings.supportedAttestation.ratMechanisms,
+            settings.expectedAttestation.ratMechanisms,
+            settings.ratTimeoutDelay)
+    val id: String = UUID.randomUUID().toString()
+    private val connectionListeners = Collections.synchronizedSet(HashSet<Idscp2ConnectionListener>())
+    private val messageListeners = Collections.synchronizedSet(HashSet<Idscp2MessageListener>())
+    private val messageLatch = FastLatch()
+    fun unlockMessaging() {
+        messageLatch.unlock()
+    }
+
+    /**
+     * Close the idscp connection
+     */
+    fun close() {
+        LOG.debug("Closing connection {}...", id)
+        fsm.closeConnection()
+        LOG.debug("IDSCP2 connection {} closed", id)
+    }
+
+    /**
+     * Send data to the peer IDSCP2 connector
+     */
+    fun send(msg: ByteArray) {
+        LOG.debug("Sending data via connection {}...", id)
+        fsm.send(msg)
+    }
+
+    fun onMessage(msg: ByteArray) {
+        // When unlock is called, although not synchronized, this will eventually stop blocking.
+        messageLatch.await()
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Received new IDSCP Message")
+        }
+        messageListeners.forEach(Consumer { l: Idscp2MessageListener -> l.onMessage(this, msg) })
+    }
+
+    fun onError(t: Throwable) {
+        connectionListeners.forEach(Consumer { idscp2ConnectionListener: Idscp2ConnectionListener -> idscp2ConnectionListener.onError(t) })
+    }
+
+    fun onClose() {
+        LOG.debug("Connection with id {} is closing, notify listeners...", id)
+        connectionListeners.forEach(Consumer { l: Idscp2ConnectionListener -> l.onClose(this) })
+    }
+
+    /**
+     * Check if the idscp connection is currently established
+     *
+     * @return Connection established state
+     */
+    val isConnected: Boolean
+        get() = fsm.isConnected
+
+    fun addConnectionListener(listener: Idscp2ConnectionListener) {
+        connectionListeners.add(listener)
+    }
+
+    fun removeConnectionListener(listener: Idscp2ConnectionListener): Boolean {
+        return connectionListeners.remove(listener)
+    }
+
+    fun addMessageListener(listener: Idscp2MessageListener) {
+        messageListeners.add(listener)
+    }
+
+    fun removeMessageListener(listener: Idscp2MessageListener): Boolean {
+        return messageListeners.remove(listener)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2Connection::class.java)
+    }
+
+    init {
+        secureChannel.setFsm(fsm)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("A new IDSCP2 connection with id {} was created, starting handshake...", id)
+        }
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Stack Trace of Idscp2Connection {} constructor:\n"
+                    + Arrays.stream(Thread.currentThread().stackTrace)
+                    .skip(1).map { obj: StackTraceElement -> obj.toString() }.collect(Collectors.joining("\n")), id)
+        }
+        // Schedule IDSCP handshake asynchronously
+        CompletableFuture.runAsync { fsm.startIdscpHandshake() }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt
new file mode 100644
index 000000000..eb0cdff84
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt
@@ -0,0 +1,15 @@
+package de.fhg.aisec.ids.idscp2.idscp_core
+
+import org.slf4j.LoggerFactory
+
+open class Idscp2ConnectionAdapter : Idscp2ConnectionListener {
+    override fun onError(t: Throwable) {
+        LOG.error("Error received in Idscp2ConnectionAdapter", t)
+    }
+
+    override fun onClose(connection: Idscp2Connection) {}
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ConnectionAdapter::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt
similarity index 53%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt
index 83a020c40..f9a4f02cc 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt
@@ -1,12 +1,10 @@
-package de.fhg.aisec.ids.idscp2.idscp_core;
+package de.fhg.aisec.ids.idscp2.idscp_core
 
 /**
  * An IDSCP Connection Listener interface that is implemented by the IDSCP2 Server to notify the
  * server about lifetimes of IDSCP connections. The server caches all active connections.
  */
-public interface Idscp2ConnectionListener {
-
-    void onError(Throwable t);
-
-    void onClose(Idscp2Connection connection);
-}
+interface Idscp2ConnectionListener {
+    fun onError(t: Throwable)
+    fun onClose(connection: Idscp2Connection)
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
new file mode 100644
index 000000000..f6edd99ac
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
@@ -0,0 +1,87 @@
+package de.fhg.aisec.ids.idscp2.idscp_core
+
+import com.google.protobuf.ByteString
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.*
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
+
+/**
+ * A factory for creating IDSCP2 messages
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+object Idscp2MessageHelper {
+    fun createIdscpHelloMessage(dat: ByteArray, supportedRatSuite: Array<String>, expectedRatSuite: Array<String>): IdscpMessage {
+        val idscpDat = IdscpDat.newBuilder()
+                .setToken(ByteString.copyFrom(dat))
+                .build()
+        val idscpHello = IdscpHello.newBuilder()
+                .setVersion(2)
+                .setDynamicAttributeToken(idscpDat)
+                .addAllExpectedRatSuite(listOf(*expectedRatSuite))
+                .addAllSupportedRatSuite(listOf(*supportedRatSuite))
+                .build()
+        return IdscpMessage.newBuilder()
+                .setIdscpHello(idscpHello)
+                .build()
+    }
+
+    fun createIdscpCloseMessage(closeMsg: String?, causeCode: CloseCause?): IdscpMessage {
+        val idscpClose = IdscpClose.newBuilder()
+                .setCauseCode(causeCode)
+                .setCauseMsg(closeMsg)
+                .build()
+        return IdscpMessage.newBuilder()
+                .setIdscpClose(idscpClose)
+                .build()
+    }
+
+    fun createIdscpDatExpiredMessage(): IdscpMessage {
+        return IdscpMessage.newBuilder()
+                .setIdscpDatExpired(IdscpDatExpired.newBuilder().build())
+                .build()
+    }
+
+    fun createIdscpDatMessage(dat: ByteArray?): IdscpMessage {
+        val idscpDat = IdscpDat.newBuilder()
+                .setToken(ByteString.copyFrom(dat))
+                .build()
+        return IdscpMessage.newBuilder()
+                .setIdscpDat(idscpDat)
+                .build()
+    }
+
+    fun createIdscpReRatMessage(cause: String?): IdscpMessage {
+        val idscpReRat = IdscpReRat.newBuilder()
+                .setCause(cause)
+                .build()
+        return IdscpMessage.newBuilder()
+                .setIdscpReRat(idscpReRat)
+                .build()
+    }
+
+    fun createIdscpDataMessage(data: ByteArray?): IdscpMessage {
+        val idscpData = IdscpData.newBuilder()
+                .setData(ByteString.copyFrom(data))
+        return IdscpMessage.newBuilder()
+                .setIdscpData(idscpData)
+                .build()
+    }
+
+    fun createIdscpRatProverMessage(body: ByteArray?): IdscpMessage {
+        val idscpRatProver = IdscpRatProver.newBuilder()
+                .setData(ByteString.copyFrom(body))
+                .build()
+        return IdscpMessage.newBuilder()
+                .setIdscpRatProver(idscpRatProver)
+                .build()
+    }
+
+    fun createIdscpRatVerifierMessage(body: ByteArray?): IdscpMessage {
+        val idscpRatVerifier = IdscpRatVerifier.newBuilder()
+                .setData(ByteString.copyFrom(body))
+                .build()
+        return IdscpMessage.newBuilder()
+                .setIdscpRatVerifier(idscpRatVerifier)
+                .build()
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.kt
new file mode 100644
index 000000000..87c61f0a4
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.kt
@@ -0,0 +1,11 @@
+package de.fhg.aisec.ids.idscp2.idscp_core
+
+/**
+ * An interface for an IDSCP message listener
+ */
+fun interface Idscp2MessageListener {
+    /*
+     * notify the listener about new data
+     */
+    fun onMessage(connection: Idscp2Connection, data: ByteArray)
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
new file mode 100644
index 000000000..21fb7cb55
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
@@ -0,0 +1,29 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration
+
+/**
+ * Attestation configuration class, containing attestation suite for supported / expected
+ * attestation types
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class AttestationConfig {
+    val ratMechanisms: Array<String>
+    override fun equals(other: Any?): Boolean {
+        if (this === other) return true
+        if (other == null || javaClass != other.javaClass) return false
+        val that = other as AttestationConfig
+        return ratMechanisms.contentEquals(that.ratMechanisms)
+    }
+
+    override fun hashCode(): Int {
+        return ratMechanisms.contentHashCode()
+    }
+
+    companion object {
+        val DEFAULT_RAT_MECHANISMS = arrayOf("Dummy", "TPM2d")
+    }
+
+    init {
+        ratMechanisms = DEFAULT_RAT_MECHANISMS
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt
new file mode 100644
index 000000000..de66cab1c
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt
@@ -0,0 +1,28 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import org.slf4j.LoggerFactory
+import java.util.concurrent.CompletableFuture
+
+/**
+ * Idscp2ServerFactory class, provides IDSCP2 API to the User (Idscp2EndpointListener)
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Idscp2ClientFactory(private val dapsDriver: DapsDriver,
+                          private val secureChannelDriver: SecureChannelDriver
+) {
+    /**
+     * User API to create a IDSCP2 connection as a client
+     */
+    fun connect(settings: Idscp2Settings, connectionFuture: CompletableFuture<Idscp2Connection>) {
+        LOG.info("Connect to an IDSCP2 server ({})", settings.host)
+        secureChannelDriver.connect(settings, dapsDriver, connectionFuture)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ClientFactory::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
new file mode 100644
index 000000000..9c571127f
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
@@ -0,0 +1,78 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration
+
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
+import de.fhg.aisec.ids.idscp2.idscp_core.server.Idscp2Server
+import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import org.slf4j.LoggerFactory
+import java.util.concurrent.CompletableFuture
+
+/**
+ * Idscp2ServerFactory class, provides IDSCP2 API to the User (Idscp2EndpointListener)
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Idscp2ServerFactory(private val endpointListener: Idscp2EndpointListener,
+                          private val settings: Idscp2Settings,
+                          private val dapsDriver: DapsDriver,
+                          private val secureChannelDriver: SecureChannelDriver
+) : SecureChannelInitListener {
+    /*
+     * User API to create a new IDSCP2 Server that starts a Secure Server that listens to new
+     * secure channels
+     */
+    @Throws(Idscp2Exception::class)
+    fun listen(settings: Idscp2Settings): Idscp2Server {
+        LOG.info("Starting new IDSCP2 server at port {}", settings.serverPort)
+        val serverListenerPromise = CompletableFuture<ServerConnectionListener>()
+        val secureServer = secureChannelDriver.listen(settings, this, serverListenerPromise)
+        val server = Idscp2Server(secureServer)
+        serverListenerPromise.complete(server)
+        return server
+    }
+
+    /**
+     * A callback implementation to receive a new established secure channel from an Secure client/server.
+     *
+     *
+     * If the secure channel is null, no secure channel was established and an error is provided
+     * to the user (or the error is ignored, in server case).
+     *
+     *
+     * If the secure channel was established, a new FSM is created for this connection and the
+     * IDSCP2 handshake is started. After a successful handshake, a new Idscp2Connection is
+     * created and provided to the user (and the IDSCP2 server).
+     */
+    @Synchronized
+    override fun onSecureChannel(secureChannel: SecureChannel,
+                                 serverListenerPromise: CompletableFuture<ServerConnectionListener>) {
+        LOG.trace("A new secure channel for an IDSCP2 connection was established")
+        // Threads calling onMessage() will be blocked until all listeners have been registered, see below
+        val newConnection = Idscp2Connection(secureChannel, settings, dapsDriver)
+        // Complete the connection promise for the IDSCP server
+        serverListenerPromise.thenAccept { serverListener: ServerConnectionListener ->
+            serverListener.onConnectionCreated(newConnection)
+            newConnection.addConnectionListener(object : Idscp2ConnectionAdapter() {
+                override fun onClose(connection: Idscp2Connection) {
+                    serverListener.onConnectionClose(connection)
+                }
+            })
+        }
+        endpointListener.onConnection(newConnection)
+        // Listeners have been applied in onConnection() callback above, so we can safely unlock messaging now
+        newConnection.unlockMessaging()
+    }
+
+    override fun onError(t: Throwable) {
+        endpointListener.onError(t)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ServerFactory::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt
new file mode 100644
index 000000000..22795ad24
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt
@@ -0,0 +1,140 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration
+
+import java.nio.file.Path
+import java.nio.file.Paths
+import java.util.*
+
+/**
+ * IDSCP2 configuration class, contains information about keyStore and TrustStores,
+ * Attestation Types, host, DAPS, ...
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Idscp2Settings {
+    var serverPort = DEFAULT_SERVER_PORT
+        private set
+    var host = "localhost"
+        private set
+    var trustStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
+        private set
+    var trustStorePassword = "password".toCharArray()
+        private set
+    var keyPassword = "password".toCharArray()
+        private set
+    var keyStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
+        private set
+    var keyStorePassword = "password".toCharArray()
+        private set
+    var certificateAlias = "1.0.1"
+        private set
+    var dapsKeyAlias = "1"
+        private set
+    var keyStoreKeyType = "RSA"
+        private set
+    var supportedAttestation = AttestationConfig()
+        private set
+    var expectedAttestation = AttestationConfig()
+        private set
+    var ratTimeoutDelay = DEFAULT_RAT_TIMEOUT_DELAY.toInt().toLong()
+        private set
+
+    class Builder {
+        private val settings = Idscp2Settings()
+        fun setHost(host: String): Builder {
+            settings.host = host
+            return this
+        }
+
+        fun setServerPort(serverPort: Int): Builder {
+            settings.serverPort = serverPort
+            return this
+        }
+
+        fun setKeyPassword(pwd: CharArray): Builder {
+            settings.keyPassword = pwd
+            return this
+        }
+
+        fun setTrustStorePath(path: Path): Builder {
+            settings.trustStorePath = path
+            return this
+        }
+
+        fun setKeyStorePath(path: Path): Builder {
+            settings.keyStorePath = path
+            return this
+        }
+
+        fun setTrustStorePassword(pwd: CharArray): Builder {
+            settings.trustStorePassword = pwd
+            return this
+        }
+
+        fun setKeyStorePassword(pwd: CharArray): Builder {
+            settings.keyStorePassword = pwd
+            return this
+        }
+
+        fun setCertificateAlias(alias: String): Builder {
+            settings.certificateAlias = alias
+            return this
+        }
+
+        fun setDapsKeyAlias(alias: String): Builder {
+            settings.dapsKeyAlias = alias
+            return this
+        }
+
+        fun setKeyStoreKeyType(keyType: String): Builder {
+            settings.keyStoreKeyType = keyType
+            return this
+        }
+
+        fun setSupportedAttestation(suite: AttestationConfig): Builder {
+            settings.supportedAttestation = suite
+            return this
+        }
+
+        fun setExpectedAttestation(suite: AttestationConfig): Builder {
+            settings.expectedAttestation = suite
+            return this
+        }
+
+        fun setRatTimeoutDelay(delay: Long): Builder {
+            settings.ratTimeoutDelay = delay
+            return this
+        }
+
+        fun build(): Idscp2Settings {
+            return settings
+        }
+    }
+
+    override fun equals(other: Any?): Boolean {
+        if (this === other) return true
+        if (other == null || javaClass != other.javaClass) return false
+        val that = other as Idscp2Settings
+        return serverPort == that.serverPort && ratTimeoutDelay == that.ratTimeoutDelay &&
+                host == that.host &&
+                trustStorePath == that.trustStorePath &&
+                trustStorePassword.contentEquals(that.trustStorePassword) &&
+                keyStorePath == that.keyStorePath &&
+                keyStorePassword.contentEquals(that.keyStorePassword) &&
+                certificateAlias == that.certificateAlias &&
+                dapsKeyAlias == that.dapsKeyAlias &&
+                keyStoreKeyType == that.keyStoreKeyType &&
+                supportedAttestation == that.supportedAttestation &&
+                expectedAttestation == that.expectedAttestation
+    }
+
+    override fun hashCode(): Int {
+        return Objects.hash(serverPort, host, trustStorePath, trustStorePassword, keyStorePath,
+                keyStorePassword, certificateAlias, dapsKeyAlias, keyStoreKeyType, supportedAttestation,
+                expectedAttestation, ratTimeoutDelay)
+    }
+
+    companion object {
+        const val DEFAULT_SERVER_PORT = 29292
+        const val DEFAULT_RAT_TIMEOUT_DELAY = "600"
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt
new file mode 100644
index 000000000..80a4b383c
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt
@@ -0,0 +1,23 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration
+
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
+import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import java.util.concurrent.CompletableFuture
+
+/**
+ * An callback interface that implements callback functions that notify about new
+ * SecureChannels
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+interface SecureChannelInitListener {
+    /**
+     * Notify the server about new secureChannel
+     */
+    fun onSecureChannel(
+            secureChannel: SecureChannel,
+            serverListenerPromise: CompletableFuture<ServerConnectionListener>
+    )
+
+    fun onError(t: Throwable)
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
new file mode 100644
index 000000000..7c671908a
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
@@ -0,0 +1,66 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+
+/**
+ * An Event class for the Finite State Machine. Triggers a transition and holds
+ * either an IdscpMessage or an InternalControlMessage, or both in special cases.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Event {
+    enum class EventType {
+        IDSCP_MESSAGE, INTERNAL_CONTROL_MESSAGE
+    }
+
+    val key: Any?
+    val type: EventType
+    lateinit var idscpMessage: IdscpMessage
+        private set
+    lateinit var controlMessage: InternalControlMessage
+        private set
+
+    /**
+     * Create an event with an Internal Control Message
+     */
+    constructor(controlMessage: InternalControlMessage) {
+        key = controlMessage.value
+        type = EventType.INTERNAL_CONTROL_MESSAGE
+        this.controlMessage = controlMessage
+    }
+
+    /**
+     * Create an event with an Idscpv2 Message
+     */
+    constructor(idscpMessage: IdscpMessage) {
+        key = idscpMessage.messageCase.number
+        type = EventType.IDSCP_MESSAGE
+        this.idscpMessage = idscpMessage
+    }
+
+    /**
+     * Create an event for outgoing RatProver and RatVerifier messages
+     *
+     * throws an IllegalStateException if this event is requested for other purposes
+     */
+    constructor(controlMessage: InternalControlMessage, idscpMessage: IdscpMessage) {
+        if (controlMessage == InternalControlMessage.RAT_PROVER_MSG || controlMessage == InternalControlMessage.RAT_VERIFIER_MSG) {
+            key = controlMessage.value
+            type = EventType.INTERNAL_CONTROL_MESSAGE
+            this.idscpMessage = idscpMessage
+            this.controlMessage = controlMessage
+        } else {
+            throw IllegalStateException("This constructor must only be used by RAT_PROVER and " +
+                    "RAT_VERIFIER for message passing")
+        }
+    }
+
+    override fun toString(): String {
+        return "Event{" +
+                "key=" + key +
+                ", type=" + type +
+                ", idscpMessage=" + idscpMessage +
+                ", controlMessage=" + controlMessage +
+                '}'
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
new file mode 100644
index 000000000..40be7d4c5
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -0,0 +1,592 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import com.google.protobuf.InvalidProtocolBufferException
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import org.slf4j.LoggerFactory
+import java.util.*
+import java.util.concurrent.locks.ReentrantLock
+
+/**
+ * The finite state machine FSM of the IDSCP2 protocol
+ *
+ *
+ * Manages IDSCP2 Handshake, Re-Attestation, DAT-ReRequest and DAT-Re-Validation. Delivers
+ * Internal Control Messages and Idscpv2Messages to the target receivers,
+ * creates and manages the states and its transitions and implements security restriction to protect
+ * the protocol against misuse and faulty, insecure or evil driver implementations.
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver: DapsDriver,
+          localSupportedRatSuite: Array<String>, localExpectedRatSuite: Array<String>, ratTimeout: Long) : FsmListener {
+    /*  -----------   IDSCP2 Protocol States   ---------- */
+    private val states = HashMap<FsmState, State>()
+
+    enum class FsmState {
+        STATE_CLOSED, STATE_WAIT_FOR_HELLO, STATE_WAIT_FOR_RAT, STATE_WAIT_FOR_RAT_VERIFIER, STATE_WAIT_FOR_RAT_PROVER, STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER, STATE_WAIT_FOR_DAT_AND_RAT, STATE_ESTABLISHED
+    }
+
+    private var currentState: State?
+
+    /*  ----------------   end of states   --------------- */
+    private val connection: Idscp2Connection
+    private val secureChannel: SecureChannel
+    var ratProverDriver: RatProverDriver? = null
+        private set
+    var ratVerifierDriver: RatVerifierDriver? = null
+        private set
+
+    /**
+     * RAT Driver Thread ID to identify the driver threads and check if messages are provided by
+     * the current active driver or by any old driver, whose lifetime is already over
+     *
+     * Only one driver can be valid at a time
+     */
+    private var currentRatProverId //avoid messages from old prover drivers
+            : String? = null
+    private var currentRatVerifierId //avoid messages from old verifier drivers
+            : String? = null
+
+    /**
+     * RAT Mechanisms, calculated during handshake in WAIT_FOR_HELLO_STATE
+     */
+    private var proverMechanism: String? = null //RAT prover mechanism
+    private var verifierMechanism: String? = null //RAT Verifier mechanism
+
+    /**
+     * A FIFO-fair synchronization lock for the finite state machine
+     */
+    private val fsmIsBusy = ReentrantLock(true)
+
+    /**
+     * A condition to ensure no idscp messages can be provided by the secure channel to the fsm
+     * before the handshake was started
+     */
+    private val onMessageBlock = fsmIsBusy.newCondition()
+
+    /**
+     * A condition for the dscpv2 handshake to wait until the handshake was successful and the
+     * connection is established or the handshake failed and the fsm is locked forever
+     */
+    private val idscpHandshakeLock = fsmIsBusy.newCondition()
+    private var handshakeResultAvailable = false
+    private val idscpHandshakeCompletedLatch = FastLatch()
+
+    /**
+     * Check if FSM is closed forever
+     */
+    private var fsmTerminated = false
+
+    /* ---------------------- Timer ---------------------- */
+    private val datTimer: Timer
+    private val ratTimer: Timer
+    private val handshakeTimer: Timer
+    private val proverHandshakeTimer: Timer
+    private val verifierHandshakeTimer: Timer
+    private fun checkForFsmCircles() {
+        // check if current thread holds already the fsm lock, then we have a circle
+        // this runs into an issue: onControlMessage must be called only from other threads!
+        // if the current thread currently stuck within a fsm transition it will trigger another
+        // transition on the old state and undefined behaviour occurred
+        //
+        // The IDSCP2 core and default driver will not run into this issue. It's a protection for
+        // avoiding incorrect usage of the IDSCP2 library from further driver implementations
+        //
+        // Example:
+        // Thread A stuck within a transition t1 that calls a function that calls
+        // onControlMessage(InternalError). Then the error is handled in the current
+        // state and the fsm will switch into state STATE_CLOSED and close all resources.
+        //
+        // Afterwards, the thread will continue the old transition t1 that might use some of the
+        // closed resources and switch in a non-closed STATE, e.g. STATE_ESTABLISHED.
+        // So our fsm would be broken and the behaviour is undefined and could leak security
+        // vulnerabilities
+        //
+        if (fsmIsBusy.isHeldByCurrentThread) {
+            val e = RuntimeException("The current thread holds the fsm lock already. "
+                    + "A circle might occur that could lead to undefined behaviour within the fsm")
+            // Log exception before throwing, since some threads swallow the exception without any notification
+            LOG.error(e.message, e)
+            throw e
+        }
+    }
+
+    /**
+     * Get a new IDSCP2 Message from the secure channel and provide it as an event to the fsm
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     */
+    override fun onMessage(data: ByteArray) {
+
+        //check for incorrect usage
+        checkForFsmCircles()
+
+        //parse message and create new IDSCP Message event, then pass it to current state and
+        // update new state
+        val message: IdscpMessage = try {
+            IdscpMessage.parseFrom(data)
+        } catch (e: InvalidProtocolBufferException) {
+            LOG.warn("Cannot parse raw data into IdscpMessage {}", data)
+            return
+        }
+        val event = Event(message)
+        //must wait when fsm is in state STATE_CLOSED --> wait() will be notified when fsm is
+        // leaving STATE_CLOSED
+        fsmIsBusy.lock()
+        try {
+            while (currentState == states[FsmState.STATE_CLOSED]) {
+                if (fsmTerminated) {
+                    return
+                }
+                try {
+                    onMessageBlock.await()
+                } catch (e: InterruptedException) {
+                    Thread.currentThread().interrupt()
+                }
+            }
+            feedEvent(event)
+        } finally {
+            fsmIsBusy.unlock()
+        }
+    }
+
+    /**
+     * An internal control message (ICM) occurred, provide it to the fsm as an event
+     */
+    private fun onControlMessage(controlMessage: InternalControlMessage) {
+        //create Internal Control Message Event and pass it to current state and update new state
+        val e = Event(controlMessage)
+        fsmIsBusy.lock()
+        try {
+            feedEvent(e)
+        } finally {
+            fsmIsBusy.unlock()
+        }
+    }
+
+    /**
+     * API for RatProver to provide Prover Messages to the fsm
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     *
+     * Afterwards the event for the fsm is created and the fsm lock is requested
+     *
+     * When the RatProverThread does not match the active prover tread id, the event will be
+     * ignored, else the event is provided to the fsm
+     */
+    override fun onRatProverMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray) {
+
+        //check for incorrect usage
+        checkForFsmCircles()
+
+        //only allow rat prover messages from current thread
+        val e: Event
+        e = run {
+            val idscpMessage = Idscp2MessageHelper.createIdscpRatProverMessage(ratMessage)
+            Event(controlMessage, idscpMessage)
+        }
+        fsmIsBusy.lock()
+        try {
+            if (Thread.currentThread().id.toString() == currentRatProverId) {
+                feedEvent(e)
+            } else {
+                LOG.warn("An old or unknown identity calls onRatProverMessage()")
+            }
+        } finally {
+            fsmIsBusy.unlock()
+        }
+    }
+
+    /**
+     * API for RatVerifier to provide Verifier Messages to the fsm
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     *
+     * Afterwards the event for the fsm is created and the fsm lock is requested
+     *
+     * When the RatVerifierDriver does not match the active verifier tread id, the event will be
+     * ignored, else the event is provided to the fsm
+     */
+    override fun onRatVerifierMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray) {
+
+        //check for incorrect usage
+        checkForFsmCircles()
+
+        //only allow rat verifier messages from current thread
+        val e: Event
+        e = run {
+            val idscpMessage = Idscp2MessageHelper.createIdscpRatVerifierMessage(ratMessage)
+            Event(controlMessage, idscpMessage)
+        }
+        fsmIsBusy.lock()
+        try {
+            if (Thread.currentThread().id.toString() == currentRatVerifierId) {
+                feedEvent(e)
+            } else {
+                LOG.warn("An old or unknown identity calls onRatVerifierMessage()")
+            }
+        } finally {
+            fsmIsBusy.unlock()
+        }
+    }
+
+    /**
+     * Feed the event to the current state and execute the runEntry method if the state has changed
+     */
+    private fun feedEvent(event: Event) {
+        val prevState = currentState
+        currentState = currentState!!.feedEvent(event)
+        if (prevState != currentState) {
+            currentState!!.runEntryCode(this)
+        }
+    }
+
+    /**
+     * API to terminate the idscp connection by the user
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     */
+    fun closeConnection() {
+        //check for incorrect usage
+        checkForFsmCircles()
+        LOG.debug("Sending stop message to connection peer...")
+        onControlMessage(InternalControlMessage.IDSCP_STOP)
+    }
+
+    /**
+     * API for the user to start the IDSCP2 handshake
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     */
+    @Throws(Idscp2Exception::class)
+    fun startIdscpHandshake() {
+        //check for incorrect usage
+        checkForFsmCircles()
+        fsmIsBusy.lock()
+        try {
+            if (currentState == states[FsmState.STATE_CLOSED]) {
+                if (fsmTerminated) {
+                    throw Idscp2Exception("FSM is in a final closed state forever")
+                }
+
+                // trigger handshake init
+                onControlMessage(InternalControlMessage.START_IDSCP_HANDSHAKE)
+
+                // wait until handshake was successful or failed
+                while (!handshakeResultAvailable) {
+                    idscpHandshakeLock.await()
+                }
+                if (!isConnected && !fsmTerminated) {
+                    //handshake failed, throw exception
+                    throw Idscp2Exception("Handshake failed")
+                }
+            } else {
+                throw Idscp2Exception("Handshake has already been started")
+            }
+        } catch (e: InterruptedException) {
+            throw Idscp2Exception("Handshake failed because thread was interrupted")
+        } finally {
+            fsmIsBusy.unlock()
+        }
+    }
+
+    /**
+     * Send idscp data from the fsm via the secure channel to the peer
+     */
+    fun sendFromFSM(msg: IdscpMessage?): Boolean {
+        //send messages from fsm
+        return secureChannel.send(msg!!.toByteArray())
+    }
+
+    /**
+     * Provide an Internal Control Message to the FSM
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     */
+    override fun onError(t: Throwable) {
+        // Broadcast the error to the respective listeners
+        connection.onError(t)
+
+        // Check for incorrect usage
+        checkForFsmCircles()
+        onControlMessage(InternalControlMessage.ERROR)
+    }
+
+    /**
+     * Provide an Internal Control Message to the FSM, caused by a secure channel closure
+     *
+     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * driver implementations
+     */
+    override fun onClose() {
+        // Check for incorrect usage
+        checkForFsmCircles()
+        onControlMessage(InternalControlMessage.IDSCP_STOP)
+    }
+
+    /**
+     * Send idscp message from the User via the secure channel
+     */
+    fun send(msg: ByteArray?) {
+        // Send messages from user only when idscp connection is established
+        idscpHandshakeCompletedLatch.await()
+        fsmIsBusy.lock()
+        try {
+            if (isConnected) {
+                val idscpMessage = Idscp2MessageHelper.createIdscpDataMessage(msg)
+                if (!secureChannel.send(idscpMessage.toByteArray())) {
+                    LOG.error("Cannot send IDSCP_DATA via secure channel")
+                    onControlMessage(InternalControlMessage.ERROR)
+                }
+            } else {
+                LOG.error("Cannot send IDSCP_DATA because connection is not established")
+            }
+        } finally {
+            fsmIsBusy.unlock()
+        }
+    }
+
+    /**
+     * Check if FSM is in STATE ESTABLISHED
+     */
+    val isConnected: Boolean
+        get() = currentState == states[FsmState.STATE_ESTABLISHED]
+
+    /**
+     * Notify handshake lock about result
+     */
+    fun notifyHandshakeCompleteLock() {
+        fsmIsBusy.lock()
+        try {
+            handshakeResultAvailable = true
+            idscpHandshakeLock.signal()
+            idscpHandshakeCompletedLatch.unlock()
+        } finally {
+            fsmIsBusy.unlock()
+        }
+    }
+
+    /**
+     * Calculate the RatProver mechanism
+     *
+     * @return The String of the cipher or null if no match was found
+     */
+    fun getRatProverMechanism(localSupportedProver: Array<String>, remoteExpectedVerifier: Array<String>): String {
+        //toDo implement logic
+        return localSupportedProver[0]
+    }
+
+    /**
+     * Calculate the RatVerifier mechanism
+     *
+     * @return The String of the cipher or null if no match was found
+     */
+    fun getRatVerifierMechanism(localExpectedVerifier: Array<String>, remoteSupportedProver: Array<String>): String {
+        //toDo implement logic
+        return localExpectedVerifier[0]
+    }
+
+    /**
+     * Stop current RatVerifier if active and start the RatVerifier from the
+     * RatVerifierDriver Registry that matches the verifier mechanism
+     *
+     * @return false if no match was found
+     */
+    fun restartRatVerifierDriver(): Boolean {
+        //assume verifier mechanism is set
+        stopRatVerifierDriver()
+        ratVerifierDriver = RatVerifierDriverRegistry.startRatVerifierDriver(verifierMechanism, this)
+        return if (ratVerifierDriver == null) {
+            LOG.error("Cannot create instance of RAT_VERIFIER_DRIVER")
+            currentRatVerifierId = ""
+            false
+        } else {
+            //safe the thread ID
+            currentRatVerifierId = ratVerifierDriver!!.id.toString()
+            LOG.debug("Start verifier_handshake timeout")
+            verifierHandshakeTimer.resetTimeout(5)
+            true
+        }
+    }
+
+    /**
+     * Terminate the RatVerifierDriver
+     */
+    fun stopRatVerifierDriver() {
+        verifierHandshakeTimer.cancelTimeout()
+        ratVerifierDriver?.let {
+            if (it.isAlive) {
+                it.interrupt()
+                it.terminate()
+            }
+        }
+    }
+
+    /**
+     * Stop current RatProver if active and start the RatProver from the
+     * RatProverDriver Registry that matches the prover mechanism
+     *
+     * @return false if no match was found
+     */
+    fun restartRatProverDriver(): Boolean {
+        //assume prover mechanism is set
+        stopRatProverDriver()
+        ratProverDriver = RatProverDriverRegistry.startRatProverDriver(proverMechanism, this)
+        return if (ratProverDriver == null) {
+            LOG.error("Cannot create instance of RAT_PROVER_DRIVER")
+            currentRatProverId = ""
+            false
+        } else {
+            //safe the thread ID
+            currentRatProverId = ratProverDriver!!.id.toString()
+            LOG.debug("Start prover_handshake timeout")
+            proverHandshakeTimer.resetTimeout(5)
+            true
+        }
+    }
+
+    /**
+     * Terminate the RatProverDriver
+     */
+    fun stopRatProverDriver() {
+        proverHandshakeTimer.cancelTimeout()
+        if (ratProverDriver != null && ratProverDriver!!.isAlive) {
+            ratProverDriver!!.interrupt()
+            ratProverDriver!!.terminate()
+        }
+    }
+
+    /**
+     * Lock the fsm forever, terminate the timers and drivers, close the secure channel
+     * and notify handshake lock if necessary
+     */
+    fun shutdownFsm() {
+        LOG.debug("Shutting down FSM of connection {}...", connection.id)
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Running close handlers of connection {}...", connection.id)
+        }
+        connection.onClose()
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Closing secure channel of connection {}...", connection.id)
+        }
+        secureChannel.close()
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Clearing timeouts...")
+        }
+        datTimer.cancelTimeout()
+        ratTimer.cancelTimeout()
+        handshakeTimer.cancelTimeout()
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Stopping RAT components...")
+        }
+        // Cancels proverHandshakeTimer
+        stopRatProverDriver()
+        // Cancels verifierHandshakeTimer
+        stopRatVerifierDriver()
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Mark FSM as terminated...")
+        }
+        fsmTerminated = true
+
+        // Notify upper layer via handshake or closeListener
+        if (!handshakeResultAvailable) {
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Notify handshake lock...")
+            }
+            notifyHandshakeCompleteLock()
+        }
+    }
+
+    /**
+     * Provide IDSCP2 message to the message listener
+     */
+    fun notifyIdscpMsgListener(data: ByteArray) {
+        connection.onMessage(data)
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Idscp data has been passed to connection listener")
+        }
+    }
+
+    fun getState(state: FsmState?): State? {
+        return states[state]
+    }
+
+    val isNotClosed: Boolean
+        get() = currentState == getState(FsmState.STATE_CLOSED)
+
+    fun setRatMechanisms(proverMechanism: String?, verifierMechanism: String?) {
+        this.proverMechanism = proverMechanism
+        this.verifierMechanism = verifierMechanism
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(FSM::class.java)
+    }
+
+    init {
+        val handshakeTimeoutHandler = Runnable {
+            LOG.debug("HANDSHAKE_TIMER_EXPIRED")
+            onControlMessage(InternalControlMessage.TIMEOUT)
+        }
+        val datTimeoutHandler = Runnable {
+            LOG.debug("DAT_TIMER_EXPIRED")
+            onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED)
+        }
+        val ratTimeoutHandler = Runnable {
+            LOG.debug("RAT_TIMER_EXPIRED")
+            onControlMessage(InternalControlMessage.REPEAT_RAT)
+        }
+        val proverTimeoutHandler = Runnable {
+            LOG.debug("RAT_PROVER_HANDSHAKE_TIMER_EXPIRED")
+            onControlMessage(InternalControlMessage.REPEAT_RAT)
+        }
+        val verifierTimeoutHandler = Runnable {
+            LOG.debug("RAT_VERIFIER_HANDSHAKE_TIMER_EXPIRED")
+            onControlMessage(InternalControlMessage.REPEAT_RAT)
+        }
+        handshakeTimer = Timer(fsmIsBusy, handshakeTimeoutHandler)
+        datTimer = Timer(fsmIsBusy, datTimeoutHandler)
+        ratTimer = Timer(fsmIsBusy, ratTimeoutHandler)
+        proverHandshakeTimer = Timer(fsmIsBusy, proverTimeoutHandler)
+        verifierHandshakeTimer = Timer(fsmIsBusy, verifierTimeoutHandler)
+
+        /* ------------- FSM STATE Initialization -------------*/
+        states[FsmState.STATE_CLOSED] = StateClosed(
+                this, dapsDriver, onMessageBlock, localSupportedRatSuite, localExpectedRatSuite)
+        states[FsmState.STATE_WAIT_FOR_HELLO] = StateWaitForHello(
+                this, handshakeTimer, datTimer, dapsDriver, localSupportedRatSuite, localExpectedRatSuite)
+        states[FsmState.STATE_WAIT_FOR_RAT] = StateWaitForRat(
+                this, handshakeTimer, verifierHandshakeTimer, proverHandshakeTimer, ratTimer, ratTimeout, dapsDriver)
+        states[FsmState.STATE_WAIT_FOR_RAT_PROVER] = StateWaitForRatProver(
+                this, ratTimer, handshakeTimer, proverHandshakeTimer, dapsDriver)
+        states[FsmState.STATE_WAIT_FOR_RAT_VERIFIER] = StateWaitForRatVerifier(
+                this, dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, ratTimeout)
+        states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT] = StateWaitForDatAndRat(
+                this, handshakeTimer, proverHandshakeTimer, datTimer, dapsDriver)
+        states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER] = StateWaitForDatAndRatVerifier(
+                this, handshakeTimer, datTimer, dapsDriver)
+        states[FsmState.STATE_ESTABLISHED] = StateEstablished(
+                this, dapsDriver, ratTimer, handshakeTimer)
+
+        // Set initial state
+        currentState = states[FsmState.STATE_CLOSED]
+        this.connection = connection
+        this.secureChannel = secureChannel
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt
similarity index 66%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt
index 673631110..ff8f6d4b5 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/FsmListener.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
 /**
  * An FSM Listener Interface implemented by the FSM to restrict FSM API to the drivers and the
@@ -6,31 +6,30 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public interface FsmListener {
-
+interface FsmListener {
     /*
      * A method for providing IDSCP2 data from the secure channel to the FSM
      */
-    void onMessage(byte[] data);
+    fun onMessage(data: ByteArray)
 
     /*
      * A method for providing RatProver messages from the RatProverDriver implementation to the FSM
      */
-    void onRatProverMessage(InternalControlMessage controlMessage, byte[] ratMessage);
+    fun onRatProverMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray)
 
     /*
      * A method for providing RatVerifier messages from the RatVerifierDriver implementation to the
      * FSM
      */
-    void onRatVerifierMessage(InternalControlMessage controlMessage, byte[] ratMessage);
+    fun onRatVerifierMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray)
 
     /*
      * A method for providing internal errors to the fsm
      */
-    void onError(Throwable t);
+    fun onError(t: Throwable)
 
     /*
      * A method for notifying the fsm about closure of the secure channel
      */
-    void onClose();
-}
+    fun onClose()
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
new file mode 100644
index 000000000..67dc56344
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
@@ -0,0 +1,13 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+/**
+ * An enum that wraps the internal control messages of the IDSCP2 protocol to trigger transitions
+ * by non-IDSCP2-message-events
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+enum class InternalControlMessage(  //set unique values that are different from IdscpMessage.MessageCase ot identify event.key
+        val value: String) {
+    START_IDSCP_HANDSHAKE("ICM_START"), IDSCP_STOP("ICM_STOP"), DAT_TIMER_EXPIRED("ICM_DAT_TIMER_EXPIRED"), RAT_TIMER_EXPIRED("ICM_RAT_TIMER_EXPIRED"), REPEAT_RAT("ICM_REPEAT_RAT"), RAT_VERIFIER_OK("ICM_RAT_V_OK"), RAT_VERIFIER_FAILED("ICM_RAT_V_FAILED"), RAT_PROVER_OK("ICM_RAT_P_OK"), RAT_PROVER_FAILED("ICM_RAT_P_FAILED"), RAT_PROVER_MSG("ICM_RAT_PROVER_MSG"), RAT_VERIFIER_MSG("ICM_RAT_VERIFIER_MSG"), ERROR("ICM_ERROR"), TIMEOUT("ICM_TIMEOUT");
+
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt
similarity index 52%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt
index 0d301e5e8..f91571581 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/State.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt
@@ -1,7 +1,7 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import java.util.concurrent.ConcurrentHashMap;
-import java.util.function.Function;
+import java.util.concurrent.ConcurrentHashMap
+import java.util.function.Function
 
 /**
  * A State class for the Finite State Machine.
@@ -10,10 +10,9 @@
  *
  * @author Leon Beckmann leon.beckmann@aisec.fraunhofer.de
  */
-public class State {
-
-    private final ConcurrentHashMap<Object, Transition> transitions = new ConcurrentHashMap<>();
-    private Function<Event, State> noTransitionHandler = null;
+open class State {
+    private val transitions = ConcurrentHashMap<Any, Transition>()
+    private var noTransitionHandler: Function<Event, State>? = null
 
     /*
      * A method for triggering aa transition of the current state by a given event
@@ -22,33 +21,31 @@ public class State {
      *
      * Returns the target state of the triggered transition (new current state of the fsm)
      */
-    State feedEvent(Event e) {
-        Transition t = transitions.get(e.getKey());
-        if (t != null) {
-            return t.doTransition(e);
+    fun feedEvent(e: Event): State? {
+        val t = transitions[e.key]
+        return if (t != null) {
+            t.doTransition(e)
         } else {
-            return noTransitionHandler.apply(e);
+            noTransitionHandler!!.apply(e)
         }
     }
 
     /*
      * Add ann outgoing transition to the state
      */
-    void addTransition(Object k, Transition t) {
-        transitions.put(k, t);
+    fun addTransition(k: Any, t: Transition) {
+        transitions[k] = t
     }
 
     /*
      * Set the 'no transition available for this event' handler
      */
-    void setNoTransitionHandler(Function<Event, State> noTransitionHandler) {
-        this.noTransitionHandler = noTransitionHandler;
+    fun setNoTransitionHandler(noTransitionHandler: Function<Event, State>?) {
+        this.noTransitionHandler = noTransitionHandler
     }
 
     /*
      * run a sequence of code when the state is entered
      */
-    void runEntryCode(FSM fsm) {
-    }
-
-}
+    open fun runEntryCode(fsm: FSM) {}
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
new file mode 100644
index 000000000..8b1ff3c12
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
@@ -0,0 +1,88 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import org.slf4j.LoggerFactory
+import java.util.*
+import java.util.concurrent.locks.Condition
+import java.util.function.Function
+import java.util.stream.Collectors
+
+/**
+ * The Closed State of the FSM of the IDSCP2 protocol.
+ * The FSM is in the Closed state either before any transition was triggered (in this case, the
+ * Closed State is the FSM Start state) or after the connection was closed (in this case, the
+ * Closed State is the FSM final state without any outgoing transitions)
+ *
+ *
+ * When the FSM go from any State into the Closed State again, the FSM is locked forever and all
+ * involved actors like RatDrivers and Timers will be terminated
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+internal class StateClosed(fsm: FSM,
+                           dapsDriver: DapsDriver,
+                           onMessageLock: Condition,
+                           localSupportedRatSuite: Array<String>,
+                           localExpectedRatSuite: Array<String>) : State() {
+    private fun runExitCode(onMessageLock: Condition) {
+        //State Closed exit code
+        onMessageLock.signalAll() //enables fsm.onMessage()
+    }
+
+    override fun runEntryCode(fsm: FSM) {
+        //State Closed entry code
+        LOG.debug("Switched to state STATE_CLOSED")
+        fsm.shutdownFsm()
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(StateClosed::class.java)
+    }
+
+    init {
+
+
+        /*---------------------------------------------------
+         * STATE_CLOSED - Transition Description
+         * ---------------------------------------------------
+         * onICM: start_handshake --> {send IDSCP_HELLO, set handshake_timeout} --> STATE_WAIT_FOR_HELLO
+         * ALL_OTHER_MESSAGES ---> STATE_CLOSED
+         * --------------------------------------------------- */
+        addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.value, Transition(Function {
+            LOG.debug("Get DAT Token vom DAT_DRIVER")
+            val dat = dapsDriver.token
+            LOG.debug("Send IDSCP_HELLO")
+            val idscpHello = Idscp2MessageHelper.createIdscpHelloMessage(dat, localSupportedRatSuite, localExpectedRatSuite)
+            if (!fsm.sendFromFSM(idscpHello)) {
+                LOG.error("Cannot send IdscpHello. Close connection")
+                runEntryCode(fsm)
+                onMessageLock.signalAll()
+                return@Function fsm.getState(FsmState.STATE_CLOSED)
+            }
+            runExitCode(onMessageLock)
+            fsm.getState(FsmState.STATE_WAIT_FOR_HELLO)
+        }))
+
+        // This origins from onClose(), so just ignore it
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received STOP in STATE_CLOSED, ignored.")
+            }
+            this
+        })
+        setNoTransitionHandler { event: Event? ->
+            if (LOG.isDebugEnabled) {
+                LOG.debug("No transition available for given event {}, stack trace for analysis:\n{}",
+                        event,
+                        Arrays.stream(Thread.currentThread().stackTrace)
+                                .skip(1)
+                                .map { obj: StackTraceElement -> obj.toString() }
+                                .collect(Collectors.joining("\n")))
+                LOG.debug("Stay in state STATE_CLOSED")
+            }
+            this
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
new file mode 100644
index 000000000..b0be8d657
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -0,0 +1,124 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import org.slf4j.LoggerFactory
+import java.util.function.Function
+
+/**
+ * The Established State of the FSM of the IDSCP2 protocol.
+ * Allows message exchange over the IDSCP2 protocol between two connectors
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class StateEstablished(fsm: FSM,
+                       dapsDriver: DapsDriver,
+                       ratTimer: Timer,
+                       handshakeTimer: Timer) : State() {
+    override fun runEntryCode(fsm: FSM) {
+        LOG.debug("Switched to state STATE_ESTABLISHED")
+        fsm.notifyHandshakeCompleteLock()
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(StateEstablished::class.java)
+    }
+
+    init {
+
+
+        /*---------------------------------------------------
+         * STATE_ESTABLISHED - Transition Description
+         * ---------------------------------------------------
+         * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
+         * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * //onICM: send_data ---> {send IDS_DATA} ---> STATE_ESTABLISHED
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_ESTABLISHED
+         * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
+         * --------------------------------------------------- */
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("Error occurred, close idscp connection")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSCP_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                    CloseCause.USER_SHUTDOWN))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition(
+                Function {
+                    LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
+                    ratTimer.cancelTimeout()
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
+                        LOG.error("Cannot send ReRat message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    if (!fsm.restartRatVerifierDriver()) {
+                        LOG.error("Cannot run Rat verifier, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
+                }
+        ))
+        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
+                Function {
+                    ratTimer.cancelTimeout()
+                    LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
+                        LOG.error("Cannot send DatExpired message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    LOG.debug("Set handshake timeout")
+                    handshakeTimer.resetTimeout(5)
+                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("DAT expired. Send new DAT and repeat RAT")
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                        LOG.error("Cannot send Dat message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition { event: Event ->
+            val data = event.idscpMessage.idscpData
+            fsm.notifyIdscpMsgListener(data.data.toByteArray())
+            this
+        })
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Receive IDSCP_CLOSED")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        setNoTransitionHandler { event: Event? ->
+            LOG.debug("No transition available for given event " + event.toString())
+            LOG.debug("Stay in state STATE_ESTABLISHED")
+            this
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
new file mode 100644
index 000000000..31caa2d5f
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -0,0 +1,153 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import org.slf4j.LoggerFactory
+import java.util.function.Function
+
+/**
+ * The Wait_For_Dat_And_Rat State of the FSM of the IDSCP2 protocol.
+ * Waits for a new valid dynamic attribute token from the peer as well as for the RatProver and
+ * RatVerifier to decide whether the connection will be established or not
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class StateWaitForDatAndRat(fsm: FSM,
+                            handshakeTimer: Timer,
+                            proverHandshakeTimer: Timer,
+                            datTimer: Timer,
+                            dapsDriver: DapsDriver
+) : State() {
+    override fun runEntryCode(fsm: FSM) {
+        LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT")
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(StateWaitForDatAndRat::class.java)
+    }
+
+    init {
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_DAT_AND_RAT - Transition Description
+         * ---------------------------------------------------
+         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), timeouts.stop()} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT(success) ---> {verify dat, start dat_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_DAT(failed) ---> {verify dat, send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
+         * --------------------------------------------------- */
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                    CloseCause.USER_SHUTDOWN))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                    CloseCause.TIMEOUT))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
+            LOG.debug("Received RAT_PROVER OK")
+            proverHandshakeTimer.cancelTimeout()
+            fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
+        })
+        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
+            LOG.error("RAT_PROVER failed")
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
+                    CloseCause.RAT_PROVER_FAILED))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition(
+                Function { event: Event ->
+                    LOG.debug("Send IDSCP_RAT_PROVER")
+                    if (!fsm.sendFromFSM(event.idscpMessage)) {
+                        LOG.error("Cannot send rat prover message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    this
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition(
+                Function { event: Event ->
+                    handshakeTimer.cancelTimeout()
+                    LOG.debug("Verify received DAT")
+                    //check if Dat is available and verify dat
+                    val dat = event.idscpMessage.idscpDat.token.toByteArray()
+                    var datValidityPeriod: Long
+                    if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
+                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
+                                "No valid DAT", CloseCause.NO_VALID_DAT))
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    LOG.debug("Remote DAT is valid. Set dat timeout")
+                    datTimer.resetTimeout(datValidityPeriod)
+                    //start RAT Verifier
+                    if (!fsm.restartRatVerifierDriver()) {
+                        LOG.error("Cannot run Rat verifier, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                        LOG.error("Cannot send Dat message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    this
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
+            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+            assert(event.idscpMessage.hasIdscpRatVerifier())
+            fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                    ?: throw Idscp2Exception("RAT prover driver not available")
+            this
+        })
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    this
+                }
+        ))
+        setNoTransitionHandler { event: Event? ->
+            LOG.debug("No transition available for given event " + event.toString())
+            this
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
new file mode 100644
index 000000000..c6de3ee3b
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -0,0 +1,118 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import org.slf4j.LoggerFactory
+import java.util.function.Function
+
+/**
+ * The Wait_For_Dat_And_Rat_Verifier State of the FSM of the IDSCP2 protocol.
+ * Wait for a new dynamic attribute token from the peer, since the old one is not valid anymore
+ * and waits for the RatVerifier after successful verification of the Dat to decide if the IDSCP2
+ * connection will be established
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class StateWaitForDatAndRatVerifier(fsm: FSM,
+                                    handshakeTimer: Timer,
+                                    datTimer: Timer,
+                                    dapsDriver: DapsDriver) : State() {
+    override fun runEntryCode(fsm: FSM) {
+        LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER")
+        LOG.debug("Set handshake timeout")
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(StateWaitForDatAndRatVerifier::class.java)
+    }
+
+    init {
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER - Transition Description
+         * ---------------------------------------------------
+         * onICM: stop ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: error ---> {} ---> STATE_CLOSED
+         * onICM: timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT(success) --> {verify DAT, set det_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFEIER
+         * onMessage: IDSCP_DAT(failed) --> {verify DAT, send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_RE_RAT ---> {start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * --------------------------------------------------- */
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                    CloseCause.USER_SHUTDOWN))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                    CloseCause.TIMEOUT))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition(
+        Function { event: Event ->
+            handshakeTimer.cancelTimeout()
+            LOG.debug("Verify received DAT")
+            //check if Dat is available and verify dat
+            val dat = event.idscpMessage.idscpDat.token.toByteArray()
+            var datValidityPeriod: Long
+            if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
+                LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT", CloseCause.NO_VALID_DAT))
+                return@Function fsm.getState(FsmState.STATE_CLOSED)
+            }
+            LOG.debug("Remote DAT is valid. Set dat timeout")
+            datTimer.resetTimeout(datValidityPeriod)
+            //start RAT Verifier
+            if (!fsm.restartRatVerifierDriver()) {
+                LOG.error("Cannot run Rat verifier, close idscp connection")
+                return@Function fsm.getState(FsmState.STATE_CLOSED)
+            }
+            fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
+        }
+        ))
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
+        Function {
+            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                LOG.error("Cannot send DAT message")
+                return@Function fsm.getState(FsmState.STATE_CLOSED)
+            }
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Function fsm.getState(FsmState.STATE_CLOSED)
+            }
+            fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
+        }
+        ))
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
+        Function {
+            LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Function fsm.getState(FsmState.STATE_CLOSED)
+            }
+            fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
+        }
+        ))
+        setNoTransitionHandler { event: Event? ->
+            LOG.debug("No transition available for given event " + event.toString())
+            this
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
new file mode 100644
index 000000000..65187e725
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -0,0 +1,114 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import org.slf4j.LoggerFactory
+import java.util.function.Function
+
+/**
+ * The Wait_For_Hello State of the FSM of the IDSCP2 protocol.
+ * Waits for the Idscpv2 Hellp Message that contains the protocol version, the supported and
+ * expected remote attestation cipher suites and the dynamic attribute token (DAT) of the peer.
+ *
+ *
+ * Goes into the WAIT_FOR_RAT State when valid Rat mechanisms were found and the DAT is valid
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class StateWaitForHello(fsm: FSM,
+                        private val handshakeTimer: Timer,
+                        datTimer: Timer,
+                        dapsDriver: DapsDriver,
+                        localSupportedRatSuite: Array<String>,
+                        localExpectedRatSuite: Array<String>) : State() {
+    override fun runEntryCode(fsm: FSM) {
+        LOG.debug("Switched to state STATE_WAIT_FOR_HELLO")
+        LOG.debug("Set handshake timeout to 5 seconds")
+        handshakeTimer.resetTimeout(5)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(StateWaitForHello::class.java)
+    }
+
+    init {
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_HELLO - Transition Description
+         * ---------------------------------------------------
+         * onICM: error --> {} ---> STATE_CLOSED
+         * onICM: stop --> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: timeout --> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_CLOSE---> {} ---> STATE_CLOSED
+         * onMessage: IDSCP_HELLO (no rat match) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_HELLO (invalid DAT) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_HELLO (SUCCESS) ---> {verify DAT, match RAT, set DAT Timeout, start RAT P&V,
+         *                                        set handshake_timeout} ---> STATE_WAIT_FOR_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_HELLO
+         * --------------------------------------------------- */
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Received stop signal from user. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                    CloseCause.USER_SHUTDOWN))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake Timeout",
+                    CloseCause.TIMEOUT))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, Transition(
+                Function { event: Event ->
+                    handshakeTimer.cancelTimeout()
+                    val idscpHello = event.idscpMessage.idscpHello
+                    LOG.debug("Received IDSCP_HELLO")
+                    LOG.debug("Calculate Rat mechanisms")
+                    val proverMechanism = fsm.getRatProverMechanism(localSupportedRatSuite,
+                            idscpHello.expectedRatSuiteList.toTypedArray())
+                    val verifierMechanism = fsm.getRatVerifierMechanism(localExpectedRatSuite,
+                            idscpHello.supportedRatSuiteList.toTypedArray())
+                    LOG.debug("Verify received DAT")
+                    //check if Dat is available and verify dat
+                    var datValidityPeriod: Long = 0
+                    if (!idscpHello.hasDynamicAttributeToken() || 0 > dapsDriver
+                                    .verifyToken(idscpHello.dynamicAttributeToken.token.toByteArray(), null)
+                                    .also { datValidityPeriod = it }) {
+                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT",
+                                CloseCause.NO_VALID_DAT))
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    LOG.debug("Remote DAT is valid. Set dat timeout to its validity period")
+                    datTimer.resetTimeout(datValidityPeriod)
+                    fsm.setRatMechanisms(proverMechanism, verifierMechanism)
+                    LOG.debug("Start RAT Prover and Verifier")
+                    if (!fsm.restartRatVerifierDriver()) {
+                        LOG.error("Cannot run Rat verifier, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
+                }
+        ))
+        setNoTransitionHandler { event: Event? ->
+            LOG.debug("No transition available for given event " + event.toString())
+            LOG.debug("Stay in state STATE_WAIT_FOR_HELLO")
+            this
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
new file mode 100644
index 000000000..34ce1c78f
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -0,0 +1,168 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import org.slf4j.LoggerFactory
+import java.util.function.Function
+
+/**
+ * The Wait_For_Rat State of the FSM of the IDSCP2 protocol.
+ * Waits for the RatProver and RatVerifier Result to decide whether the connection will be
+ * established
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class StateWaitForRat(fsm: FSM,
+                      handshakeTimer: Timer,
+                      verifierHandshakeTimer: Timer,
+                      proverHandshakeTimer: Timer,
+                      ratTimer: Timer,
+                      ratTimerDelay: Long,
+                      dapsDriver: DapsDriver) : State() {
+    override fun runEntryCode(fsm: FSM) {
+        LOG.debug("Switch to state STATE_WAIT_FOR_RAT")
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(StateWaitForRat::class.java)
+    }
+
+    init {
+
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_RAT - Transition Description
+         * ---------------------------------------------------
+         * onICM: error ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
+         * onICM: stop ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> IDSCP_CLOSED
+         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onICM: rat_prover_failed ---> {ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_verifier_failed ---> {ratP.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onICM: dat_timeout ---> {send DAT_EXPIRED, ratV.cancel()} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onICM: handshake_timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_RAT_PROVER ---> {delegate to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send DAT, ratP.restart()} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
+         * --------------------------------------------------- */
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                    CloseCause.USER_SHUTDOWN))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
+            LOG.debug("Received RAT_PROVER OK")
+            proverHandshakeTimer.cancelTimeout()
+            fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
+        })
+        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
+            LOG.debug("Received RAT_VERIFIER OK")
+            verifierHandshakeTimer.cancelTimeout()
+            ratTimer.resetTimeout(ratTimerDelay)
+            fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+        })
+        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
+            LOG.error("RAT_PROVER failed")
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
+                    CloseCause.RAT_PROVER_FAILED))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
+            LOG.error("RAT_VERIFIER failed")
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
+                    CloseCause.RAT_VERIFIER_FAILED))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition(
+                Function { event: Event ->
+                    LOG.debug("Send IDSCP_RAT_PROVER")
+                    if (!fsm.sendFromFSM(event.idscpMessage)) {
+                        LOG.error("Cannot send rat prover message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    this
+                }
+        ))
+        addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition(
+                Function { event: Event ->
+                    LOG.debug("Send IDSCP_RAT_VERIFIER")
+                    if (!fsm.sendFromFSM(event.idscpMessage)) {
+                        LOG.error("Cannot send rat verifier message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    this
+                }
+        ))
+        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
+                Function {
+                    LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER")
+                    fsm.stopRatVerifierDriver()
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
+                        LOG.error("Cannot send DatExpired message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    LOG.debug("Start Handshake Timer")
+                    handshakeTimer.resetTimeout(5)
+                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
+                }
+        ))
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                    CloseCause.TIMEOUT))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
+            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+            assert(event.idscpMessage.hasIdscpRatVerifier())
+            fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                    ?: throw Idscp2Exception("RAT prover driver not available")
+            this
+        })
+        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
+            LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
+            assert(event.idscpMessage.hasIdscpRatProver())
+            fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+                    ?: throw Idscp2Exception("RAT verifier driver not available")
+            this
+        })
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                        LOG.error("Cannot send DAT message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    this
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        setNoTransitionHandler { event: Event? ->
+            LOG.debug("No transition available for given event " + event.toString())
+            LOG.debug("Stay in state STATE_WAIT_FOR_RAT")
+            this
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
new file mode 100644
index 000000000..62dc04c81
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -0,0 +1,157 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import org.slf4j.LoggerFactory
+import java.util.function.Function
+
+/**
+ * The Wait_For_Rat_Prover State of the FSM of the IDSCP2 protocol.
+ * Waits only for the RatProver Result to decide whether the connection will be established
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class StateWaitForRatProver(fsm: FSM,
+                            ratTimer: Timer,
+                            handshakeTimer: Timer,
+                            proverHandshakeTimer: Timer,
+                            dapsDriver: DapsDriver) : State() {
+    override fun runEntryCode(fsm: FSM) {
+        LOG.debug("Switched to state STATE_WAIT_FOR_RAT_PROVER")
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(StateWaitForRatProver::class.java)
+    }
+
+    init {
+
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_RAT_PROVER - Transition Description
+         * ---------------------------------------------------
+         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER, timeouts.terminate()} ---> STATE_CLOSED
+         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onICM: rat_prover_ok ---> {} ---> STATE_ESTABLISHED
+         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE, terminate ratP, cancel timeouts} ---> STATE_CLOSED
+         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onICM: repeat_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_PROVER
+         * --------------------------------------------------- */
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", CloseCause.USER_SHUTDOWN))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                    CloseCause.TIMEOUT))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
+                Function {
+                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED")
+                    ratTimer.cancelTimeout()
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
+                        LOG.error("Cannot send DatExpired message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    LOG.debug("Start Handshake Timer")
+                    handshakeTimer.resetTimeout(5)
+                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
+                }
+        ))
+        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
+            LOG.debug("Received RAT_PROVER OK")
+            proverHandshakeTimer.cancelTimeout()
+            fsm.getState(FsmState.STATE_ESTABLISHED)
+        })
+        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
+            LOG.error("RAT_PROVER failed")
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
+                    CloseCause.RAT_PROVER_FAILED))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition(
+                Function { event: Event ->
+                    LOG.debug("Send IDSCP_RAT_PROVER")
+                    if (!fsm.sendFromFSM(event.idscpMessage)) {
+                        LOG.error("Cannot send rat prover message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    this
+                }
+        ))
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition(
+                Function {
+                    LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER")
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
+                        LOG.error("Cannot send ReRat message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    ratTimer.cancelTimeout()
+                    if (!fsm.restartRatVerifierDriver()) {
+                        LOG.error("Cannot run Rat verifier, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                        LOG.error("Cannot send DAT message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    this
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
+            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+            assert(event.idscpMessage.hasIdscpRatVerifier())
+            fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                    ?: throw Idscp2Exception("RAT prover driver not available")
+            this
+        })
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    this
+                }
+        ))
+        setNoTransitionHandler { event: Event? ->
+            LOG.debug("No transition available for given event " + event.toString())
+            LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER")
+            this
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
new file mode 100644
index 000000000..32c365111
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -0,0 +1,143 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import org.slf4j.LoggerFactory
+import java.util.function.Function
+
+/**
+ * The Wait_For_Rat_Verifier State of the FSM of the IDSCP2 protocol.
+ * Waits only for the RatVerifier Result to decide whether the connection will be established
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class StateWaitForRatVerifier(fsm: FSM,
+                              dapsDriver: DapsDriver,
+                              ratTimer: Timer,
+                              handshakeTimer: Timer,
+                              verifierHandshakeTimer: Timer,
+                              ratTimeoutDelay: Long) : State() {
+    override fun runEntryCode(fsm: FSM) {
+        LOG.debug("Switched to state STATE_WAIT_FOR_RAT_VERIFIER")
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(StateWaitForRatVerifier::class.java)
+    }
+
+    init {
+
+        /*---------------------------------------------------
+         * STATE_WAIT_FOR_RAT_VERIFIER - Transition Description
+         * ---------------------------------------------------
+         * onICM: error ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onICM: close ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED, cancel ratV} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_ESTABLISHED
+         * onICM: rat_verifier_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_CLOSE ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
+         * onMessage: IDSCP_RAT_PROVER ---> {delegat to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onMessage: IDSCP_RE_RAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * --------------------------------------------------- */
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                    CloseCause.USER_SHUTDOWN))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", CloseCause.TIMEOUT))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
+                Function {
+                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER")
+                    fsm.stopRatVerifierDriver()
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
+                        LOG.error("Cannot send DatExpired message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    LOG.debug("Start Handshake Timer")
+                    handshakeTimer.resetTimeout(5)
+                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
+                }
+        ))
+        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
+            LOG.debug("Received RAT_VERIFIER OK")
+            verifierHandshakeTimer.cancelTimeout()
+            LOG.debug("Start RAT Timer")
+            ratTimer.resetTimeout(ratTimeoutDelay)
+            fsm.getState(FsmState.STATE_ESTABLISHED)
+        })
+        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
+            LOG.error("RAT_VERIFIER failed")
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
+                    CloseCause.RAT_VERIFIER_FAILED))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition(
+                Function { event: Event ->
+                    LOG.debug("Send IDSCP_RAT_VERIFIER")
+                    if (!fsm.sendFromFSM(event.idscpMessage)) {
+                        LOG.error("Cannot send rat verifier message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    this
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                        LOG.error("Cannot send DAT message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
+            LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
+            assert(event.idscpMessage.hasIdscpRatProver())
+            fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+                    ?: throw Idscp2Exception("RAT verifier driver not available")
+            this
+        })
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
+                }
+        ))
+        setNoTransitionHandler { event: Event? ->
+            LOG.debug("No transition available for given event " + event.toString())
+            LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER")
+            this
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Timer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Timer.kt
new file mode 100644
index 000000000..788276ddf
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Timer.kt
@@ -0,0 +1,40 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import java.util.concurrent.locks.ReentrantLock
+
+/**
+ * A Timer class that provides an API to the FSN to start and cancel timeout threads
+ * The timer ensures that no canceled timer is able to trigger a timeout transitions
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Timer internal constructor(private val fsmIsBusy: ReentrantLock, private val timeoutHandler: Runnable) {
+    private var thread: TimerThread? = null
+    private val mutex = ReentrantLock(true)
+    fun resetTimeout(delay: Long) {
+        cancelTimeout()
+        start(delay)
+    }
+
+    /*
+     * Start a timer thread that triggers the timeout handler routine after a given timout delay
+     */
+    fun start(delay: Long) {
+        mutex.lock()
+        thread = TimerThread(delay, timeoutHandler, fsmIsBusy)
+        thread!!.start()
+        mutex.unlock()
+    }
+
+    /*
+     * Cancel the current timer thread
+     */
+    fun cancelTimeout() {
+        mutex.lock()
+        if (thread != null) {
+            thread!!.safeStop()
+            thread = null
+        }
+        mutex.unlock()
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt
similarity index 52%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt
index c6cd4ccfa..74d294550 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/finite_state_machine/TimerThread.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt
@@ -1,6 +1,6 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.finite_state_machine;
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import java.util.concurrent.locks.ReentrantLock;
+import java.util.concurrent.locks.ReentrantLock
 
 /**
  * A Timer Thread that triggers timeouts in the fsm
@@ -9,18 +9,12 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public class TimerThread extends Thread {
-
-    private volatile boolean canceled = false;
-    private final long delay; //timeout delay in seconds
-    private final Runnable timeoutHandler; //timeout handler routine
-    private final ReentrantLock fsmIsBusy; //lock for the fsm
-
-    TimerThread(long delay, Runnable timeoutHandler, ReentrantLock fsmIsBusy) {
-        this.delay = delay;
-        this.timeoutHandler = timeoutHandler;
-        this.fsmIsBusy = fsmIsBusy;
-    }
+class TimerThread internal constructor(//timeout delay in seconds
+        private val delay: Long, //timeout handler routine
+        private val timeoutHandler: Runnable, //lock for the fsm
+        private val fsmIsBusy: ReentrantLock) : Thread() {
+    @Volatile
+    private var canceled = false
 
     /*
      * Run the timer thread that sleeps the number of timeout delay in ms
@@ -31,34 +25,32 @@ public class TimerThread extends Thread {
      * If the timout was not canceled so far, the timer thread calls a timeout handler
      * routine, that triggers the timeout transition in the fsm
      */
-    public void run() {
+    override fun run() {
         try {
-            Thread.sleep(delay * 1000);
-        } catch (InterruptedException e) {
+            sleep(delay * 1000)
+        } catch (e: InterruptedException) {
             if (!canceled) {
-                Thread.currentThread().interrupt();
+                currentThread().interrupt()
             }
         }
-
         if (canceled) {
-            return;
+            return
         }
-
-        fsmIsBusy.lock();
+        fsmIsBusy.lock()
         try {
             if (!canceled) {
-                timeoutHandler.run();
+                timeoutHandler.run()
             }
         } finally {
-            fsmIsBusy.unlock();
+            fsmIsBusy.unlock()
         }
     }
 
     /*
      * A method to stop the execution of the timer thread and cancel the timeout
      */
-    public void safeStop() {
-        canceled = true;
-        this.interrupt();
+    fun safeStop() {
+        canceled = true
+        interrupt()
     }
-}
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
new file mode 100644
index 000000000..56fa0d433
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
@@ -0,0 +1,15 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import java.util.function.Function
+
+/**
+ * Transition class for State machine, provides a doTransition method
+ * that returns the next state for a given event
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Transition(private val eventHandler: Function<Event, State?>) {
+    fun doTransition(e: Event): State? {
+        return eventHandler.apply(e)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
new file mode 100644
index 000000000..de0abbdb6
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
@@ -0,0 +1,69 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import java.util.concurrent.ConcurrentHashMap
+
+/**
+ * A Rat Prover Driver Registry
+ * The User can register Driver implementation instances and its configurations to the registry
+ *
+ *
+ * The Idscpv2 protocol will select during the idscp handshake a Rat Prover mechanism and will
+ * check for this RatProver in this registry
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+object RatProverDriverRegistry {
+
+    /**
+     * An inner static wrapper class, that wraps driver config and driver class
+     */
+    private class DriverWrapper(
+            val driverClass: Class<out RatProverDriver>,
+            val driverConfig: Any?
+    )
+
+    private val drivers = ConcurrentHashMap<String, DriverWrapper>()
+
+    /**
+     * Register Rat Prover driver and an optional configuration in the registry
+     */
+    fun registerDriver(
+            instance: String,
+            driverClass: Class<out RatProverDriver>,
+            driverConfig: Any?
+    ) {
+        drivers[instance] = DriverWrapper(driverClass, driverConfig)
+    }
+
+    /**
+     * Unregister the driver from the registry
+     */
+    fun unregisterDriver(instance: String) {
+        drivers.remove(instance)
+    }
+
+    /**
+     * To start a Rat Prover from the finite state machine
+     *
+     * First we check if the registry contains the RatProver instance, then we create a new
+     * RatProverDriver from the driver wrapper that holds the corresponding RatProverDriver class.
+     *
+     * The finite state machine is registered as the communication partner for the RatProver.
+     * The RatProver will be initialized with a configuration, if present. Then it is started.
+     */
+    fun startRatProverDriver(instance: String?, listener: FsmListener?): RatProverDriver? {
+        val driverWrapper = drivers[instance] ?: return null
+        return try {
+            val driver = driverWrapper.driverClass.getDeclaredConstructor().newInstance(listener)
+            if (driverWrapper.driverConfig != null) {
+                driver.setConfig(driverWrapper.driverConfig)
+            }
+            driver.start()
+            driver
+        } catch (e: Exception) {
+            null
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
new file mode 100644
index 000000000..d2c51a967
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
@@ -0,0 +1,69 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import java.util.concurrent.ConcurrentHashMap
+
+/**
+ * A Rat Verifier Driver Registry
+ * The User can register Driver implementation instances and its configurations to the registry
+ *
+ *
+ * The Idscpv2 protocol will select during the idscp handshake a Rat Verifier mechanism and will
+ * check for this RatVerifier in this registry
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+object RatVerifierDriverRegistry {
+
+    /**
+     * An inner static wrapper class, that wraps driver config and driver class
+     */
+    private class DriverWrapper(
+            val driverClass: Class<out RatVerifierDriver>,
+            val driverConfig: Any?
+    )
+    private val drivers = ConcurrentHashMap<String, DriverWrapper>()
+
+    /**
+     * Register Rat Verifier driver and an optional configuration in the registry
+     */
+    fun registerDriver(
+            mechanism: String,
+            driverClass: Class<out RatVerifierDriver>,
+            driverConfig: Any?
+    ) {
+        drivers[mechanism] = DriverWrapper(driverClass, driverConfig)
+    }
+
+    /**
+     * Unregister the driver from the registry
+     */
+    fun unregisterDriver(instance: String) {
+        drivers.remove(instance)
+    }
+
+    /**
+     * To start a Rat Verifier from the finite state machine
+     *
+     * First we check if the registry contains the RatVerifier instance, then we create a new
+     * RatVerifierDriver from the driver wrapper that holds the corresponding
+     * RatVerifierDriver class.
+     *
+     * The finite state machine is registered as the communication partner for the RatVerifier.
+     * The RatVerifier will be initialized with a configuration, if present. Then it is started.
+     */
+    fun startRatVerifierDriver(mechanism: String?, listener: FsmListener): RatVerifierDriver? {
+        val driverWrapper = drivers[mechanism]
+        return try {
+            val driver = driverWrapper!!.driverClass.getDeclaredConstructor().newInstance(listener)
+            if (driverWrapper.driverConfig != null) {
+                driver.setConfig(driverWrapper.driverConfig)
+            }
+            driver.start()
+            driver
+        } catch (e: Exception) {
+            null
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
new file mode 100644
index 000000000..91fb801b0
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
@@ -0,0 +1,65 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel
+
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import org.slf4j.LoggerFactory
+import java.util.concurrent.CompletableFuture
+
+/**
+ * A secureChannel which is the secure underlying basis of the IDSCP2 protocol,
+ * that implements a secureChannelListener
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class SecureChannel(private val endpoint: SecureChannelEndpoint) : SecureChannelListener {
+    private val fsmPromise = CompletableFuture<FsmListener>()
+
+    /*
+     * close the secure channel forever
+     */
+    fun close() {
+        endpoint.close()
+    }
+
+    /*
+     * Send data via the secure channel endpoint to the peer connector
+     *
+     * return true if the data has been sent successfully, else false
+     */
+    fun send(msg: ByteArray): Boolean {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Send message via secure channel")
+        }
+        return endpoint.send(msg)
+    }
+
+    override fun onMessage(data: ByteArray) {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("New raw data has been received via the secure channel")
+        }
+        fsmPromise.thenAccept { fsmListener: FsmListener -> fsmListener.onMessage(data) }
+    }
+
+    override fun onError(t: Throwable) {
+        // Tell fsm an error occurred in secure channel
+        fsmPromise.thenAccept { fsmListener: FsmListener -> fsmListener.onError(t) }
+    }
+
+    override fun onClose() {
+        // Tell fsm secure channel received EOF
+        fsmPromise.thenAccept { obj: FsmListener -> obj.onClose() }
+    }
+
+    val isConnected: Boolean
+        get() = endpoint.isConnected
+
+    /*
+     * set the corresponding finite state machine
+     */
+    fun setFsm(fsm: FsmListener) {
+        fsmPromise.complete(fsm)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(SecureChannel::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.kt
similarity index 74%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.kt
index eadaa39c5..977ca0f9d 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
+package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel
 
 /**
  * An interface for a secureChannelEndpoint e.g. TLS Client and TLS Server Thread
@@ -6,27 +6,26 @@
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-public interface SecureChannelEndpoint {
-
+interface SecureChannelEndpoint {
     /*
      * API to close the secure channel endpoint
      */
-    void close();
+    fun close()
 
     /*
      * API to delegate messages from an input listener to the secure channel endpoint
      */
-    void onMessage(byte[] bytes);
+    fun onMessage(bytes: ByteArray)
 
     /*
      * Send data from the secure channel endpoint to the peer connector
      *
      * return true when data has been sent, else false
      */
-    boolean send(byte[] bytes);
+    fun send(bytes: ByteArray): Boolean
 
     /*
      * check if the endpoint is connected
      */
-    boolean isConnected();
-}
+    val isConnected: Boolean
+}
\ No newline at end of file
diff --git a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.kt
similarity index 65%
rename from idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.kt
index 06efc83e0..b833fac0f 100644
--- a/idscp2/src/main/java/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.java
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.kt
@@ -1,22 +1,21 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel;
+package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel
 
 /**
  * An interface for a secure channel listener, implemented by the secure channel
  */
-public interface SecureChannelListener {
-
+interface SecureChannelListener {
     /*
      * Delegate data from secure channel endpoint to the secure channel
      */
-    void onMessage(byte[] data);
+    fun onMessage(data: ByteArray)
 
     /*
      * Delegate an error from an secure channel endpoint to the secure channel
      */
-    void onError(Throwable t);
+    fun onError(t: Throwable)
 
     /*
      * Notify secure channel that secure channel endpoint has been closed
      */
-    void onClose();
-}
+    fun onClose()
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt
new file mode 100644
index 000000000..751124f93
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt
@@ -0,0 +1,60 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.server
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import org.slf4j.LoggerFactory
+import java.util.*
+
+/**
+ * An IDSCP2 Server that has the control about the underlying secure server and caches all active
+ * connections that belong to the secure server
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Idscp2Server(private val secureServer: SecureServer?) : ServerConnectionListener {
+    private val connections = Collections.synchronizedSet(HashSet<Idscp2Connection>())
+
+    /*
+     * Terminate the IDSCP2 server, the secure server and close all connections
+     */
+    fun terminate() {
+        LOG.info("Terminating IDSCP2 server {}", this.toString())
+        terminateAllSessions()
+        secureServer!!.safeStop()
+    }
+
+    /*
+     * Close all open IDSCP2 connections of this server
+     */
+    fun terminateAllSessions() {
+        for (connection in connections) {
+            connection.close()
+            LOG.debug("Idscp connection with id {} has been closed", connection.id)
+            connections.remove(connection)
+        }
+    }
+
+    override fun onConnectionCreated(connection: Idscp2Connection) {
+        connections.add(connection)
+    }
+
+    override fun onConnectionClose(connection: Idscp2Connection?) {
+        connections.remove(connection)
+    }
+
+    /*
+     * Check if the server is running
+     */
+    val isRunning: Boolean
+        get() = secureServer!!.isRunning
+
+    /*
+     * return a list of all open IDSCP2 connections of this server
+     */
+    val allConnections: Set<Idscp2Connection>
+        get() = Collections.unmodifiableSet(connections)
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2Server::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt
new file mode 100644
index 000000000..d0f7e43db
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt
@@ -0,0 +1,8 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.server
+
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+
+interface ServerConnectionListener {
+    fun onConnectionCreated(connection: Idscp2Connection)
+    fun onConnectionClose(connection: Idscp2Connection?)
+}
\ No newline at end of file
diff --git a/idscp2/src/main/proto/idscpv2.proto b/idscp2/src/main/proto/idscpv2.proto
index 6ef30fd1b..4aabff204 100644
--- a/idscp2/src/main/proto/idscpv2.proto
+++ b/idscp2/src/main/proto/idscpv2.proto
@@ -28,10 +28,6 @@ message IdscpHello {
   repeated string supportedRatSuite = 3;
   // Set of accepted RAT methods (verifier role)
   repeated string expectedRatSuite = 4;
-  // Maximum number of supported message type cache entries
-  int32 maxCacheEntries = 5;
-  // Maximum supported total length of type cache entries in UTF-8
-  int32 maxTotalCacheSize = 6;
 }
 
 message IdscpClose {
@@ -75,8 +71,4 @@ message IdscpRatVerifier {
 message IdscpData {
   // Payload
   bytes data = 1;
-  // Message type (e.g. MIME type) as string
-  string type = 2;
-  // Integer for cached types or type caching
-  int32 typeTag = 3;
 }
\ No newline at end of file

From 4067a5538f2a54f4e646decd55534f2cf72f7cec Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 28 Sep 2020 22:05:05 +0200
Subject: [PATCH 145/237] Implementation of IDSCP2 app layer, IDSCP2 adaptions
 and fixes

---
 build.gradle                                  |   4 +-
 camel-idscp2/build.gradle.kts                 |   2 +-
 .../idscp2/client/Idscp2ClientComponent.kt    |  16 +-
 .../idscp2/client/Idscp2ClientConsumer.kt     |  19 +-
 .../idscp2/client/Idscp2ClientEndpoint.kt     |  24 +--
 .../idscp2/client/Idscp2ClientProducer.kt     |   6 +-
 .../camel/idscp2/server/CamelIdscp2Server.kt  |  22 +-
 .../idscp2/server/Idscp2ServerComponent.kt    |  16 +-
 .../idscp2/server/Idscp2ServerConsumer.kt     |  13 +-
 .../idscp2/server/Idscp2ServerEndpoint.kt     |  12 +-
 idscp2-app-layer/LICENSE.txt                  | 201 ++++++++++++++++++
 idscp2-app-layer/README.md                    |   1 +
 idscp2-app-layer/bnd.bnd                      |   6 +
 idscp2-app-layer/build.gradle.kts             |  35 +++
 .../idscp2/app_layer/AppLayerClientFactory.kt |  18 ++
 .../idscp2/app_layer/AppLayerConnection.kt    |  89 ++++++++
 .../idscp2/app_layer/AppLayerServerFactory.kt |  34 +++
 .../listeners/GenericMessageListener.kt       |   7 +
 .../src/main/proto/idscp2-app.proto           |  16 ++
 .../main/resources/simplelogger.properties    |   1 +
 idscp2/.gitignore                             |   5 -
 idscp2/bnd.bnd                                |   1 -
 idscp2/build.gradle.kts                       |   9 +-
 .../ids/idscp2/Idscp2EndpointListener.kt      |   4 +-
 .../keystores/CustomX509ExtendedKeyManager.kt |  11 +-
 .../rat/dummy/RatProverDummy.kt               |   4 +-
 .../rat/dummy/RatVerifierDummy.kt             |   4 +-
 .../rat/tpm2d/TPM2dProver.kt                  |  18 +-
 .../rat/tpm2d/TPM2dVerifier.kt                |  10 +-
 .../secure_channel/NativeTLSDriver.kt         |  16 +-
 .../secure_channel/client/TLSClient.kt        |   7 +-
 .../secure_channel/server/TLSServer.kt        |   9 +-
 .../secure_channel/server/TLSServerThread.kt  |  24 +--
 .../drivers/interfaces/SecureChannelDriver.kt |  12 +-
 .../idscp2/example/Idscp2ClientInitiator.kt   |  18 +-
 .../idscp2/example/Idscp2ServerInitiator.kt   |  17 +-
 .../ids/idscp2/idscp_core/Idscp2Connection.kt |  95 ++-------
 .../idscp_core/Idscp2ConnectionAdapter.kt     |   2 +-
 .../idscp2/idscp_core/Idscp2ConnectionImpl.kt | 119 +++++++++++
 .../idscp_core/Idscp2ConnectionListener.kt    |   2 +-
 .../configuration/Idscp2ClientFactory.kt      |  10 +-
 .../configuration/Idscp2ServerFactory.kt      |  32 +--
 .../SecureChannelInitListener.kt              |   5 +-
 .../aisec/ids/idscp2/idscp_core/fsm/Event.kt  |   9 +-
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    |  74 +++----
 .../ids/idscp2/idscp_core/fsm/FsmListener.kt  |   2 +
 .../idscp_core/fsm/InternalControlMessage.kt  |  18 +-
 .../rat_registry/RatProverDriverRegistry.kt   |  15 +-
 .../rat_registry/RatVerifierDriverRegistry.kt |  11 +-
 .../idscp2/idscp_core/server/Idscp2Server.kt  |  31 ++-
 .../server/ServerConnectionListener.kt        |   6 +-
 libraryVersions.yaml                          |   2 +-
 settings.gradle                               |   1 +
 53 files changed, 817 insertions(+), 328 deletions(-)
 create mode 100644 idscp2-app-layer/LICENSE.txt
 create mode 100644 idscp2-app-layer/README.md
 create mode 100644 idscp2-app-layer/bnd.bnd
 create mode 100644 idscp2-app-layer/build.gradle.kts
 create mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerClientFactory.kt
 create mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
 create mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerServerFactory.kt
 create mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
 create mode 100644 idscp2-app-layer/src/main/proto/idscp2-app.proto
 create mode 100644 idscp2-app-layer/src/main/resources/simplelogger.properties
 delete mode 100644 idscp2/.gitignore
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt

diff --git a/build.gradle b/build.gradle
index 9812a5ed5..6e0cfc7e1 100644
--- a/build.gradle
+++ b/build.gradle
@@ -14,9 +14,9 @@ plugins {
     id "java"
     id "com.google.protobuf" version "0.8.10"
     id "com.moowork.node" version "1.3.1"
-    id "biz.aQute.bnd" version "4.2.0" apply false
+    id "biz.aQute.bnd" version "5.1.2" apply false
     id "com.github.lburgazzoli.karaf" version "0.5.1"
-    id "org.jetbrains.kotlin.jvm" version "1.3.71"
+    id "org.jetbrains.kotlin.jvm" version "1.4.10"
     id "com.github.jlouns.cpe" version "0.5.0"
     id "com.benjaminsproule.swagger" version "1.0.6"
     id "com.diffplug.gradle.spotless" version "3.13.0"
diff --git a/camel-idscp2/build.gradle.kts b/camel-idscp2/build.gradle.kts
index aa84e4e55..018fe7b07 100644
--- a/camel-idscp2/build.gradle.kts
+++ b/camel-idscp2/build.gradle.kts
@@ -5,7 +5,7 @@ dependencies {
             rootProject.ext.get("libraryVersions") as Map<String, String>
     
     providedByBundle(project(":ids-api")) { isTransitive = false }
-    providedByBundle(project(":idscp2")) { isTransitive = false }
+    providedByBundle(project(":idscp2-app-layer"))
 
     // Bill of Materials (BOM) for Camel
     bom("org.apache.camel", "camel-parent", libraryVersions["camel"])
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
index 5ff106b07..0dc502dae 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
@@ -32,16 +32,16 @@ import org.apache.camel.support.DefaultComponent
 class Idscp2ClientComponent : DefaultComponent() {
 
     init {
-        RatProverDriverRegistry.getInstance().registerDriver(
-                "Dummy", RatProverDummy::class.java, null)
-        RatVerifierDriverRegistry.getInstance().registerDriver(
-                "Dummy", RatVerifierDummy::class.java, null)
-        RatProverDriverRegistry.getInstance().registerDriver(
-                "TPM2d", TPM2dProver::class.java,
+        RatProverDriverRegistry.registerDriver(
+                "Dummy", ::RatProverDummy, null)
+        RatVerifierDriverRegistry.registerDriver(
+                "Dummy", ::RatVerifierDummy, null)
+        RatProverDriverRegistry.registerDriver(
+                "TPM2d", ::TPM2dProver,
                 TPM2dProverConfig.Builder().build()
         )
-        RatVerifierDriverRegistry.getInstance().registerDriver(
-                "TPM2d", TPM2dVerifier::class.java,
+        RatVerifierDriverRegistry.registerDriver(
+                "TPM2d", ::TPM2dVerifier,
                 TPM2dVerifierConfig.Builder().build()
         )
     }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index 2ba59579d..f6bef2890 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -16,9 +16,9 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.client
 
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
+import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener
 import org.apache.camel.Processor
 import org.apache.camel.support.DefaultConsumer
 import org.slf4j.LoggerFactory
@@ -28,8 +28,8 @@ import java.util.concurrent.CompletableFuture
  * The IDSCP2 server consumer.
  */
 class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor: Processor) :
-        DefaultConsumer(endpoint, processor), Idscp2MessageListener {
-    private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
+        DefaultConsumer(endpoint, processor), GenericMessageListener {
+    private lateinit var connectionFuture: CompletableFuture<AppLayerConnection>
 
     override fun doStart() {
         super.doStart()
@@ -38,10 +38,10 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
             it.addGenericMessageListener(this)
             // Handle connection errors and closing
             it.addConnectionListener(object : Idscp2ConnectionListener {
-                override fun onError(t: Throwable?) {
+                override fun onError(t: Throwable) {
                     LOG.error("Error in Idscp2ClientConsumer connection", t)
                 }
-                override fun onClose(connection: Idscp2Connection) {
+                override fun onClose() {
                     stop()
                 }
             })
@@ -55,7 +55,10 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
         endpoint.releaseConnection(connectionFuture)
     }
 
-    override fun onMessage(connection: Idscp2Connection, type: String, data: ByteArray) {
+    override fun onMessage(connection: AppLayerConnection, type: String, data: ByteArray) {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Idscp2ClientConsumer received GenericMessage of type {}", type)
+        }
         val exchange = endpoint.createExchange()
         try {
             createUoW(exchange)
@@ -68,7 +71,7 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
             val response = exchange.message
             val responseType = response.getHeader("idscp2.type", String::class.java)
             if (response.body != null && responseType != null) {
-                connection.send(responseType, response.getBody(ByteArray::class.java))
+                connection.sendGenericMessage(responseType, response.getBody(ByteArray::class.java))
             }
         } finally {
             doneUoW(exchange)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 831b2ff3b..c220f217d 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -19,11 +19,11 @@ package de.fhg.aisec.ids.camel.idscp2.client
 import de.fhg.aisec.ids.api.settings.Settings
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerClientFactory
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ClientFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import org.apache.camel.Processor
 import org.apache.camel.Producer
@@ -70,14 +70,12 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
     )
     var connectionShareId: String? = null
 
-    private fun makeConnectionInternal(): CompletableFuture<Idscp2Connection> {
-        val connectionFuture = CompletableFuture<Idscp2Connection>()
-        Idscp2ClientFactory(DefaultDapsDriver(dapsDriverConfig), NativeTLSDriver())
-                .connect(clientSettings, connectionFuture)
-        return connectionFuture
+    private fun makeConnectionInternal(): CompletableFuture<AppLayerConnection> {
+        return AppLayerClientFactory(DefaultDapsDriver(dapsDriverConfig), NativeTLSDriver())
+                .connect(clientSettings)
     }
 
-    fun makeConnection(): CompletableFuture<Idscp2Connection> {
+    fun makeConnection(): CompletableFuture<AppLayerConnection> {
         connectionShareId?.let {
             return sharedConnections.computeIfAbsent(it) {
                 makeConnectionInternal()
@@ -85,7 +83,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         } ?: return makeConnectionInternal()
     }
 
-    fun releaseConnection(connectionFuture: CompletableFuture<Idscp2Connection>) {
+    fun releaseConnection(connectionFuture: CompletableFuture<AppLayerConnection>) {
         connectionShareId?.let { sharedConnections.release(it) } ?: releaseConnectionInternal(connectionFuture)
     }
 
@@ -142,13 +140,13 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
     companion object {
         private val LOG = LoggerFactory.getLogger(Idscp2ClientEndpoint::class.java)
         private val URI_REGEX = Pattern.compile("(.*?)(?::(\\d+))?/?$")
-        private val sharedConnections = RefCountingHashMap<String, CompletableFuture<Idscp2Connection>> { connection ->
-            releaseConnectionInternal(connection)
+        private val sharedConnections = RefCountingHashMap<String, CompletableFuture<AppLayerConnection>> {
+            releaseConnectionInternal(it)
         }
-        private fun releaseConnectionInternal(connectionFuture: CompletableFuture<Idscp2Connection>) {
+        private fun releaseConnectionInternal(connectionFuture: CompletableFuture<AppLayerConnection>) {
             if (connectionFuture.isDone) {
                 connectionFuture.get().close()
-            } else if (!(connectionFuture.isCancelled || connectionFuture.isCompletedExceptionally)) {
+            } else if (!connectionFuture.isCompletedExceptionally) {
                 connectionFuture.cancel(true)
             }
         }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
index 44a07a81d..d4c665e8c 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -16,7 +16,7 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.client
 
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import org.apache.camel.Exchange
 import org.apache.camel.support.DefaultProducer
 import org.slf4j.LoggerFactory
@@ -27,13 +27,13 @@ import java.util.concurrent.CompletableFuture
  * Sends each message to all clients connected to this server endpoint.
  */
 class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : DefaultProducer(endpoint) {
-    private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
+    private lateinit var connectionFuture: CompletableFuture<AppLayerConnection>
 
     override fun process(exchange: Exchange) {
         val message = exchange.getIn()
         val type = message.getHeader("idscp2.type", String::class.java)
         val body = message.getBody(ByteArray::class.java)
-        connectionFuture.get().send(type, body)
+        connectionFuture.get().sendGenericMessage(type, body)
     }
 
     override fun doStart() {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index 7ca73fc89..c230ce7e4 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -18,18 +18,18 @@ package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerServerFactory
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
-import de.fhg.aisec.ids.idscp2.idscp_core.idscp_server.Idscp2Server
+import de.fhg.aisec.ids.idscp2.idscp_core.server.Idscp2Server
 import java.util.*
 
-class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener {
-    private val server: Idscp2Server
-    val listeners: MutableSet<Idscp2EndpointListener> = Collections.synchronizedSet(HashSet())
+class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener<AppLayerConnection> {
+    private val server: Idscp2Server<AppLayerConnection>
+    val listeners: MutableSet<Idscp2EndpointListener<AppLayerConnection>> = Collections.synchronizedSet(HashSet())
 
     init {
         val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
@@ -41,16 +41,16 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
                 .setKeyStorePassword(serverSettings.keyStorePassword)
                 .setTrustStorePassword(serverSettings.trustStorePassword)
                 .build()
-        val serverConfiguration = Idscp2ServerFactory(
+        val serverFactory = AppLayerServerFactory(
                 this,
                 serverSettings,
                 DefaultDapsDriver(dapsDriverConfig),
-                NativeTLSDriver()
+                NativeTLSDriver<AppLayerConnection>()
         )
-        server = serverConfiguration.listen(serverSettings)
+        server = serverFactory.listen(serverSettings)
     }
 
-    override fun onConnection(connection: Idscp2Connection) {
+    override fun onConnection(connection: AppLayerConnection) {
         listeners.forEach { it.onConnection(connection) }
     }
 
@@ -58,7 +58,7 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
         listeners.forEach { it.onError(t) }
     }
 
-    val allConnections: Set<Idscp2Connection> = server.allConnections
+    val allConnections: Collection<AppLayerConnection> = server.allConnections
 
     fun terminate() {
         server.terminate()
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
index 94f429453..79d21a847 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
@@ -37,16 +37,16 @@ class Idscp2ServerComponent : DefaultComponent() {
     }
 
     init {
-        RatProverDriverRegistry.getInstance().registerDriver(
-                "Dummy", RatProverDummy::class.java, null)
-        RatVerifierDriverRegistry.getInstance().registerDriver(
-                "Dummy", RatVerifierDummy::class.java, null)
-        RatProverDriverRegistry.getInstance().registerDriver(
-                "TPM2d", TPM2dProver::class.java,
+        RatProverDriverRegistry.registerDriver(
+                "Dummy", ::RatProverDummy, null)
+        RatVerifierDriverRegistry.registerDriver(
+                "Dummy", ::RatVerifierDummy, null)
+        RatProverDriverRegistry.registerDriver(
+                "TPM2d", ::TPM2dProver,
                 TPM2dProverConfig.Builder().build()
         )
-        RatVerifierDriverRegistry.getInstance().registerDriver(
-                "TPM2d", TPM2dVerifier::class.java,
+        RatVerifierDriverRegistry.registerDriver(
+                "TPM2d", ::TPM2dVerifier,
                 TPM2dVerifierConfig.Builder().build()
         )
     }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
index 04ec67ee5..d0de34081 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
@@ -16,8 +16,8 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.server
 
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
+import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
 import org.apache.camel.Processor
 import org.apache.camel.support.DefaultConsumer
 import org.slf4j.LoggerFactory
@@ -26,7 +26,7 @@ import org.slf4j.LoggerFactory
  * The IDSCP2 server consumer.
  */
 class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor: Processor) :
-        DefaultConsumer(endpoint, processor), Idscp2MessageListener {
+        DefaultConsumer(endpoint, processor), GenericMessageListener {
     override fun doStart() {
         super.doStart()
         endpoint.addConsumer(this)
@@ -37,7 +37,10 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
         super.doStop()
     }
 
-    override fun onMessage(connection: Idscp2Connection, type: String, data: ByteArray) {
+    override fun onMessage(connection: AppLayerConnection, type: String, data: ByteArray) {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Idscp2ServerConsumer received GenericMessage of type {}", type)
+        }
         val exchange = endpoint.createExchange()
         try {
             createUoW(exchange)
@@ -50,7 +53,7 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
             val response = exchange.message
             val responseType = response.getHeader("idscp2.type", String::class.java)
             if (response.body != null && responseType != null) {
-                connection.send(responseType, response.getBody(ByteArray::class.java))
+                connection.sendGenericMessage(responseType, response.getBody(ByteArray::class.java))
             }
         } catch (e: Exception) {
             LOG.error("Error in Idscp2ServerConsumer.onMessage()", e)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index d609826f8..2562bef3a 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -17,7 +17,7 @@
 package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import org.apache.camel.Processor
@@ -38,7 +38,7 @@ import java.util.regex.Pattern
         label = "ids"
 )
 class Idscp2ServerEndpoint(uri: String?, private val remaining: String, component: Idscp2ServerComponent?) :
-        DefaultEndpoint(uri, component), Idscp2EndpointListener {
+        DefaultEndpoint(uri, component), Idscp2EndpointListener<AppLayerConnection> {
     private lateinit var serverSettings: Idscp2Settings
     private var server: CamelIdscp2Server? = null
     private val consumers: MutableSet<Idscp2ServerConsumer> = HashSet()
@@ -75,7 +75,7 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
 
     @Synchronized
     fun sendMessage(type: String, body: ByteArray) {
-        server?.let { server -> server.allConnections.forEach { it.send(type, body) } }
+        server?.let { server -> server.allConnections.forEach { it.sendGenericMessage(type, body) } }
     }
 
     @Synchronized
@@ -89,15 +89,15 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
     }
 
     @Synchronized
-    override fun onConnection(connection: Idscp2Connection) {
+    override fun onConnection(connection: AppLayerConnection) {
         LOG.debug("New IDSCP2 connection on $endpointUri, register consumer listeners")
         consumers.forEach { connection.addGenericMessageListener(it) }
         // Handle connection errors and closing
         connection.addConnectionListener(object : Idscp2ConnectionListener {
-            override fun onError(t: Throwable?) {
+            override fun onError(t: Throwable) {
                 LOG.error("Error in Idscp2ServerEndpoint-managed connection", t)
             }
-            override fun onClose(connection: Idscp2Connection) {
+            override fun onClose() {
                 consumers.forEach { connection.removeGenericMessageListener(it) }
             }
         })
diff --git a/idscp2-app-layer/LICENSE.txt b/idscp2-app-layer/LICENSE.txt
new file mode 100644
index 000000000..261eeb9e9
--- /dev/null
+++ b/idscp2-app-layer/LICENSE.txt
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/idscp2-app-layer/README.md b/idscp2-app-layer/README.md
new file mode 100644
index 000000000..9874e883f
--- /dev/null
+++ b/idscp2-app-layer/README.md
@@ -0,0 +1 @@
+The _idscp2_ implements the second version of the IDS Communication Protocol
diff --git a/idscp2-app-layer/bnd.bnd b/idscp2-app-layer/bnd.bnd
new file mode 100644
index 000000000..3cfdb47aa
--- /dev/null
+++ b/idscp2-app-layer/bnd.bnd
@@ -0,0 +1,6 @@
+Bundle-Name: IDS :: IDS Communication Protocol
+Bundle-Description: IDS Communication Protocol
+Export-Package: \
+  de.fhg.aisec.ids.idscp2.app_layer*
+Import-Package: \
+  *
\ No newline at end of file
diff --git a/idscp2-app-layer/build.gradle.kts b/idscp2-app-layer/build.gradle.kts
new file mode 100644
index 000000000..8691ce2bd
--- /dev/null
+++ b/idscp2-app-layer/build.gradle.kts
@@ -0,0 +1,35 @@
+import com.google.protobuf.gradle.protobuf
+import org.gradle.plugins.ide.idea.model.IdeaModel
+
+@Suppress("UNCHECKED_CAST") val libraryVersions =
+        rootProject.ext.get("libraryVersions") as Map<String, String>
+
+version = libraryVersions["idscp2"] ?: error("IDSCP2 version not specified")
+
+apply(plugin = "com.google.protobuf")
+apply(plugin = "idea")
+
+val generatedProtoBaseDir = "${projectDir}/generated"
+
+protobuf {
+    generatedFilesBaseDir = generatedProtoBaseDir
+}
+
+tasks.named("clean") {
+    doLast {
+        delete(generatedProtoBaseDir)
+    }
+}
+
+configure<IdeaModel> {
+    module {
+        // mark as generated sources for IDEA
+        generatedSourceDirs.add(File("${generatedProtoBaseDir}/main/java"))
+    }
+}
+
+dependencies {
+    providedByBundle(project(":idscp2")) { isTransitive = false }
+
+    providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
+}
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerClientFactory.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerClientFactory.kt
new file mode 100644
index 000000000..f4e799732
--- /dev/null
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerClientFactory.kt
@@ -0,0 +1,18 @@
+package de.fhg.aisec.ids.idscp2.app_layer
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import java.util.concurrent.CompletableFuture
+
+class AppLayerClientFactory(private val dapsDriver: DapsDriver,
+                            private val secureChannelDriver: SecureChannelDriver<AppLayerConnection>) {
+    /**
+     * User API to create a IDSCP2 connection as a client
+     */
+    fun connect(settings: Idscp2Settings): CompletableFuture<AppLayerConnection> {
+        val connectionFuture = CompletableFuture<AppLayerConnection>()
+        secureChannelDriver.connect(::AppLayerConnection, settings, dapsDriver, connectionFuture)
+        return connectionFuture
+    }
+}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
new file mode 100644
index 000000000..fe4c81bd1
--- /dev/null
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
@@ -0,0 +1,89 @@
+package de.fhg.aisec.ids.idscp2.app_layer
+
+import com.google.protobuf.ByteString
+import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
+import de.fhg.aisec.ids.idscp2.app_layer.messages.AppLayer
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
+import org.slf4j.LoggerFactory
+import java.util.*
+
+class AppLayerConnection private constructor(private val idscp2Connection: Idscp2Connection):
+        Idscp2Connection by idscp2Connection {
+    private var idscp2MessageListener: Idscp2MessageListener? = null
+    private val genericMessageListeners: MutableSet<GenericMessageListener> = Collections.synchronizedSet(HashSet())
+
+    constructor(secureChannel: SecureChannel, settings: Idscp2Settings, dapsDriver: DapsDriver):
+        this(Idscp2ConnectionImpl(secureChannel, settings, dapsDriver))
+
+    private fun assureMessageListener() {
+        if (idscp2MessageListener == null) {
+            val listener = Idscp2MessageListener { _, data ->
+                try {
+                    val appLayerMessage = AppLayer.AppLayerMessage.parseFrom(data)
+                    if (LOG.isTraceEnabled) {
+                        LOG.trace("Received AppLayerMessage ${appLayerMessage.messageCase}")
+                    }
+                    when (appLayerMessage.messageCase) {
+                        AppLayer.AppLayerMessage.MessageCase.GENERICMESSAGE -> {
+                            genericMessageListeners.forEach {
+                                val genericMessage = appLayerMessage.genericMessage
+                                it.onMessage(this, genericMessage.type, genericMessage.payload.toByteArray())
+                            }
+                        }
+                        else -> LOG.warn("Unknown app layer message type encountered.")
+                    }
+                } catch (e: Exception) {
+                    LOG.error("Error processing AppLayerMessage", e)
+                }
+            }
+            idscp2Connection.addMessageListener(listener)
+            idscp2MessageListener = listener
+        }
+    }
+
+    fun sendGenericMessage(type: String, payload: ByteArray) {
+        val message = AppLayer.AppLayerMessage.newBuilder()
+                .setGenericMessage(AppLayer.GenericMessage.newBuilder()
+                        .setType(type)
+                        .setPayload(ByteString.copyFrom(payload)))
+                .build()
+        idscp2Connection.send(message.toByteArray())
+    }
+
+    fun addGenericMessageListener(listener: GenericMessageListener) {
+        assureMessageListener()
+        genericMessageListeners += listener
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Added GenericMessageListener $listener for connection {}", idscp2Connection.id)
+        }
+    }
+
+    fun removeGenericMessageListener(listener: GenericMessageListener): Boolean {
+        val ret = genericMessageListeners.remove(listener)
+        if (genericMessageListeners.isEmpty()) {
+            idscp2MessageListener?.let { idscp2Connection.removeMessageListener(it) }
+            idscp2MessageListener = null
+        }
+        return ret
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(AppLayerConnection::class.java)
+        private val appLayerConnections = Collections.synchronizedMap(
+                WeakHashMap<Idscp2Connection, AppLayerConnection>())
+
+        fun from(idscp2Connection: Idscp2Connection): AppLayerConnection {
+            return if (idscp2Connection is AppLayerConnection) {
+                idscp2Connection
+            } else {
+                appLayerConnections.computeIfAbsent(idscp2Connection) { AppLayerConnection(it) }
+            }
+        }
+    }
+
+}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerServerFactory.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerServerFactory.kt
new file mode 100644
index 000000000..df0e56ed9
--- /dev/null
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerServerFactory.kt
@@ -0,0 +1,34 @@
+package de.fhg.aisec.ids.idscp2.app_layer
+
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
+import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.server.Idscp2Server
+import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import java.util.concurrent.CompletableFuture
+
+class AppLayerServerFactory(
+        endpointListener: Idscp2EndpointListener<AppLayerConnection>,
+        settings: Idscp2Settings,
+        dapsDriver: DapsDriver,
+        private val secureChannelDriver: SecureChannelDriver<AppLayerConnection>
+) {
+    private val idscp2ServerFactory = Idscp2ServerFactory(
+            ::AppLayerConnection, endpointListener, settings, dapsDriver, secureChannelDriver)
+
+    /**
+     * User API to create a new IDSCP2 Server that starts a Secure Server that listens to new
+     * secure channels
+     */
+    @Throws(Idscp2Exception::class)
+    fun listen(settings: Idscp2Settings): Idscp2Server<AppLayerConnection> {
+        val serverListenerPromise = CompletableFuture<ServerConnectionListener<AppLayerConnection>>()
+        val secureServer = secureChannelDriver.listen(settings, idscp2ServerFactory, serverListenerPromise)
+        val server = Idscp2Server<AppLayerConnection>(secureServer)
+        serverListenerPromise.complete(server)
+        return server
+    }
+}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
new file mode 100644
index 000000000..e53a766fc
--- /dev/null
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
@@ -0,0 +1,7 @@
+package de.fhg.aisec.ids.idscp2.app_layer.listeners
+
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
+
+fun interface GenericMessageListener {
+    fun onMessage(connection: AppLayerConnection, type: String, data: ByteArray)
+}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/proto/idscp2-app.proto b/idscp2-app-layer/src/main/proto/idscp2-app.proto
new file mode 100644
index 000000000..eb872a6c0
--- /dev/null
+++ b/idscp2-app-layer/src/main/proto/idscp2-app.proto
@@ -0,0 +1,16 @@
+syntax = "proto3";
+option java_package = "de.fhg.aisec.ids.idscp2.app_layer.messages";
+option java_outer_classname = "AppLayer";
+
+message AppLayerMessage {
+  oneof message {
+    GenericMessage genericMessage = 1;
+  }
+}
+
+message GenericMessage {
+  // Arbitrary header string
+  string type = 1;
+  // The actual, generic message payload
+  bytes payload = 2;
+}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/resources/simplelogger.properties b/idscp2-app-layer/src/main/resources/simplelogger.properties
new file mode 100644
index 000000000..eafa2b0f4
--- /dev/null
+++ b/idscp2-app-layer/src/main/resources/simplelogger.properties
@@ -0,0 +1 @@
+org.slf4j.simpleLogger.defaultLogLevel=debug
\ No newline at end of file
diff --git a/idscp2/.gitignore b/idscp2/.gitignore
deleted file mode 100644
index 74007849d..000000000
--- a/idscp2/.gitignore
+++ /dev/null
@@ -1,5 +0,0 @@
-/target/
-/bin/
-/generated/
-/.classpath
-/build.properties
diff --git a/idscp2/bnd.bnd b/idscp2/bnd.bnd
index cf8d3ba32..8793bfd14 100644
--- a/idscp2/bnd.bnd
+++ b/idscp2/bnd.bnd
@@ -3,5 +3,4 @@ Bundle-Description: IDS Communication Protocol
 Export-Package: \
   de.fhg.aisec.ids.idscp2*
 Import-Package: \
-  !org.checkerframework.checker*,\
   *
\ No newline at end of file
diff --git a/idscp2/build.gradle.kts b/idscp2/build.gradle.kts
index 39c214552..86c910d37 100644
--- a/idscp2/build.gradle.kts
+++ b/idscp2/build.gradle.kts
@@ -29,13 +29,16 @@ configure<IdeaModel> {
 }
 
 dependencies {
+    // For standalone running of examples
+    implementation("org.jetbrains.kotlin", "kotlin-stdlib-jdk8", libraryVersions["kotlin"])
+
     providedByBundle("com.github.microsoft", "TSS.Java", libraryVersions["tssJava"])
 
     providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
 
-    implementation("io.jsonwebtoken", "jjwt-impl", libraryVersions["jsonwebtoken"])
-    implementation("io.jsonwebtoken", "jjwt-jackson", libraryVersions["jsonwebtoken"])
-    implementation("io.jsonwebtoken", "jjwt-api", libraryVersions["jsonwebtoken"])
+    providedByBundle("io.jsonwebtoken", "jjwt-impl", libraryVersions["jsonwebtoken"])
+    providedByBundle("io.jsonwebtoken", "jjwt-jackson", libraryVersions["jsonwebtoken"])
+    providedByBundle("io.jsonwebtoken", "jjwt-api", libraryVersions["jsonwebtoken"])
     providedByBundle("org.json", "json", libraryVersions["orgJson"])
     providedByBundle("org.bitbucket.b_c", "jose4j", libraryVersions["jose4j"])
     providedByBundle("com.squareup.okhttp3", "okhttp", libraryVersions["okhttp"])
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt
index 71bef0ca0..eef38914d 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt
@@ -8,11 +8,11 @@ import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-interface Idscp2EndpointListener {
+interface Idscp2EndpointListener<T: Idscp2Connection> {
     /*
      * Called when a new connection is established
      */
-    fun onConnection(connection: Idscp2Connection)
+    fun onConnection(connection: T)
 
     /*
      * Called when an error occurred in the underlying IDSCP2 protocol
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
index 573104e05..e8efefb1f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
@@ -25,7 +25,8 @@ class CustomX509ExtendedKeyManager internal constructor(
     // the keystore and we cannot access the cached aliases without an overwritten X509KeyManagerImpl instance, we will
     // also cache the aliases and its properties in the following HashMap.
     private val cachedAliases = HashMap<String, CachedAliasValue?>()
-    override fun getClientAliases(keyType: String, issuers: Array<Principal>): Array<String> {
+
+    override fun getClientAliases(keyType: String, issuers: Array<Principal>?): Array<String> {
         val clientAliases = delegate.getClientAliases(keyType, issuers)
         for (alias in clientAliases) cachedAliases.putIfAbsent(alias, CachedAliasValue(keyType, null)) //toDo get issuer
         return clientAliases
@@ -33,7 +34,7 @@ class CustomX509ExtendedKeyManager internal constructor(
 
     /** returns an existing certAlias that matches one of the given KeyTypes, or null;
     called only by client in TLS handshake */
-    override fun chooseClientAlias(keyTypes: Array<String>, issuers: Array<Principal>, socket: Socket): String? {
+    override fun chooseClientAlias(keyTypes: Array<String>, issuers: Array<Principal>?, socket: Socket): String? {
         if (listOf(*keyTypes).contains(keyType)) {
             if (cachedAliases.containsKey(certAlias) &&
                     cachedAliases[certAlias]!!.match(keyType, issuers)
@@ -50,7 +51,7 @@ class CustomX509ExtendedKeyManager internal constructor(
         return null
     }
 
-    override fun getServerAliases(keyType: String, issuers: Array<Principal>): Array<String> {
+    override fun getServerAliases(keyType: String, issuers: Array<Principal>?): Array<String> {
         val serverAliases = delegate.getServerAliases(keyType, issuers)
         for (alias in serverAliases) cachedAliases.putIfAbsent(alias, CachedAliasValue(keyType, null)) //toDo get issuer
         return serverAliases
@@ -60,10 +61,10 @@ class CustomX509ExtendedKeyManager internal constructor(
      * returns an existing certAlias that matches the given KeyType, or null;
      * called only by server in TLS handshake
      */
-    override fun chooseServerAlias(keyType: String, issuers: Array<Principal>, socket: Socket): String? {
+    override fun chooseServerAlias(keyType: String, issuers: Array<Principal>?, socket: Socket): String? {
         if (keyType == this.keyType) {
             if (cachedAliases.containsKey(certAlias) && cachedAliases[certAlias]!!.match(keyType, issuers)
-                    || listOf(*getServerAliases(keyType, issuers)).contains(certAlias)) {
+                    || listOf(*getServerAliases(keyType, issuers ?: emptyArray())).contains(certAlias)) {
                 LOG.debug("CertificateAlias is {}", certAlias)
                 return certAlias
             } else {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
index 87e329fbc..a6ef14fa2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
@@ -38,12 +38,12 @@ class RatProverDummy(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
                 if (--countDown == 0) break
             } catch (e: InterruptedException) {
                 if (running) {
-                    fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+                    fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
                 }
                 return
             }
         }
-        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, ByteArray(0))
+        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK)
     }
 
     companion object {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
index 303a6ec4c..62aa4232d 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
@@ -38,12 +38,12 @@ class RatVerifierDummy(fsmListener: FsmListener) : RatVerifierDriver(fsmListener
                 if (--countDown == 0) break
             } catch (e: InterruptedException) {
                 if (running) {
-                    fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, ByteArray(0))
+                    fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
                 }
                 return
             }
         }
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, ByteArray(0))
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK)
     }
 
     companion object {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
index a7c7af270..5440adf32 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
@@ -84,7 +84,7 @@ class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
             }
         } catch (e: InterruptedException) {
             if (running) {
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
             }
             return
         }
@@ -95,7 +95,7 @@ class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
             Tpm2dMessageWrapper.parseFrom(msg)
         } catch (e: InvalidProtocolBufferException) {
             LOG.error("Cannot parse IdscpRatVerifier body", e)
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
             return
         }
 
@@ -105,7 +105,7 @@ class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
             if (LOG.isWarnEnabled) {
                 LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatChallenge")
             }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
             return
         }
         if (LOG.isDebugEnabled) {
@@ -134,7 +134,7 @@ class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
             tpmSocket.requestAttestation(tpmRequest)
         } catch (e: IOException) {
             LOG.error("Cannot access TPM", e)
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
             return
         }
 
@@ -154,7 +154,7 @@ class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
             }
         } catch (e: InterruptedException) {
             if (running) {
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
             }
             return
         }
@@ -164,7 +164,7 @@ class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
             Tpm2dMessageWrapper.parseFrom(msg)
         } catch (e: InvalidProtocolBufferException) {
             LOG.error("Cannot parse IdscpRatVerifier body", e)
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
             return
         }
 
@@ -174,7 +174,7 @@ class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
             if (LOG.isWarnEnabled) {
                 LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResult")
             }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
             return
         }
         if (LOG.isDebugEnabled) {
@@ -187,12 +187,12 @@ class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
             if (LOG.isDebugEnabled) {
                 LOG.debug("Attestation succeed")
             }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK, ByteArray(0))
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK)
         } else {
             if (LOG.isWarnEnabled) {
                 LOG.warn("Attestation failed")
             }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED, ByteArray(0))
+            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
         }
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
index 42ba4bf39..40d26b74c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
@@ -91,7 +91,7 @@ class TPM2dVerifier(fsmListener: FsmListener) : RatVerifierDriver(fsmListener) {
             LOG.debug("Verifier receives new message")
         } catch (e: InterruptedException) {
             if (running) {
-                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, ByteArray(0))
+                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
             }
             return
         }
@@ -102,7 +102,7 @@ class TPM2dVerifier(fsmListener: FsmListener) : RatVerifierDriver(fsmListener) {
             Tpm2dMessageWrapper.parseFrom(msg)
         } catch (e: InvalidProtocolBufferException) {
             LOG.error("Cannot parse IdscpRatProver body", e)
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, ByteArray(0))
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
             return
         }
 
@@ -110,7 +110,7 @@ class TPM2dVerifier(fsmListener: FsmListener) : RatVerifierDriver(fsmListener) {
         if (!tpm2dMessageWrapper.hasRatResponse()) {
             //unexpected message
             LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResponse")
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, ByteArray(0))
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
             return
         }
         LOG.debug("Get rat response from remote prover")
@@ -135,9 +135,9 @@ class TPM2dVerifier(fsmListener: FsmListener) : RatVerifierDriver(fsmListener) {
 
         // notify fsm about result
         if (result) {
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK, ByteArray(0))
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK)
         } else {
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED, ByteArray(0))
+            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
         }
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
index 8f2abc16d..a07729203 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
@@ -9,6 +9,7 @@ import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
 import org.slf4j.LoggerFactory
 import java.io.IOException
@@ -21,15 +22,16 @@ import java.util.concurrent.CompletableFuture
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class NativeTLSDriver : SecureChannelDriver {
+class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC> {
     /**
      * Performs an asynchronous client connect to a TLS server.
      */
-    override fun connect(settings: Idscp2Settings,
+    override fun connect(connectionFactory: (SecureChannel, Idscp2Settings, DapsDriver) -> CC,
+                         settings: Idscp2Settings,
                          dapsDriver: DapsDriver,
-                         connectionFuture: CompletableFuture<Idscp2Connection>) {
+                         connectionFuture: CompletableFuture<CC>) {
         try {
-            val tlsClient = TLSClient(settings, dapsDriver, connectionFuture)
+            val tlsClient = TLSClient(connectionFactory, settings, dapsDriver, connectionFuture)
             tlsClient.connect(settings.host, settings.serverPort)
         } catch (e: IOException) {
             connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
@@ -46,10 +48,10 @@ class NativeTLSDriver : SecureChannelDriver {
      * @return The SecureServer instance
      * @throws Idscp2Exception If any error occurred during server creation/start
      */
-    override fun listen(settings: Idscp2Settings, channelInitListener: SecureChannelInitListener,
-                        serverListenerPromise: CompletableFuture<ServerConnectionListener>): SecureServer {
+    override fun listen(settings: Idscp2Settings, channelInitListener: SecureChannelInitListener<CC>,
+                        serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>): SecureServer {
         return try {
-            TLSServer(settings, channelInitListener, serverListenerPromise)
+            TLSServer<CC>(settings, channelInitListener, serverListenerPromise)
         } catch (e: IOException) {
             throw Idscp2Exception("Error while trying to to start SecureServer", e)
         } catch (e: NoSuchAlgorithmException) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
index fbf6ba0ad..ad366d492 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
@@ -25,10 +25,11 @@ import javax.net.ssl.*
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class TLSClient(
+class TLSClient<CC: Idscp2Connection>(
+        private val connectionFactory: (SecureChannel, Idscp2Settings, DapsDriver) -> CC,
         private val clientSettings: Idscp2Settings,
         private val dapsDriver: DapsDriver,
-        private val connectionFuture: CompletableFuture<Idscp2Connection>
+        private val connectionFuture: CompletableFuture<CC>
 ) : HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
     private val clientSocket: Socket?
     private var out: DataOutputStream? = null
@@ -138,7 +139,7 @@ class TLSClient(
             val secureChannel = SecureChannel(this)
             // Try to complete, won't do anything if promise has been cancelled
             listenerPromise.complete(secureChannel)
-            val connection = Idscp2Connection(secureChannel, clientSettings, dapsDriver)
+            val connection = connectionFactory(secureChannel, clientSettings, dapsDriver)
             inputListenerThread!!.start()
             // Try to complete, won't do anything if promise has been cancelled
             connectionFuture.complete(connection)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
index bf8eeb5df..4cc5f95b4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
@@ -3,6 +3,7 @@ package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.serve
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
@@ -22,8 +23,10 @@ import javax.net.ssl.SSLSocket
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class TLSServer(serverSettings: Idscp2Settings, private val secureChannelInitListener: SecureChannelInitListener,
-                private val serverListenerPromise: CompletableFuture<ServerConnectionListener>) : Runnable, SecureServer {
+class TLSServer<CC: Idscp2Connection>(serverSettings: Idscp2Settings,
+                private val secureChannelInitListener: SecureChannelInitListener<CC>,
+                private val serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>):
+        Runnable, SecureServer {
     @Volatile
     override var isRunning = false
         private set
@@ -42,7 +45,7 @@ class TLSServer(serverSettings: Idscp2Settings, private val secureChannelInitLis
                 try {
                     // Start new server thread
                     LOG.debug("New TLS client has connected. Creating new server thread...")
-                    val serverThread = TLSServerThread(sslSocket, secureChannelInitListener, serverListenerPromise)
+                    val serverThread = TLSServerThread<CC>(sslSocket, secureChannelInitListener, serverListenerPromise)
                     sslSocket.addHandshakeCompletedListener(serverThread)
                     serverThread.start()
                 } catch (serverThreadException: Exception) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt
index 80359bcc6..6b090a3f1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt
@@ -2,6 +2,7 @@ package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.serve
 
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint
@@ -25,15 +26,16 @@ import javax.net.ssl.SSLSocket
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class TLSServerThread internal constructor(sslSocket: SSLSocket, configCallback: SecureChannelInitListener,
-                                           serverListenerPromise: CompletableFuture<ServerConnectionListener>) : Thread(), HandshakeCompletedListener, SecureChannelEndpoint, Closeable {
+class TLSServerThread<CC : Idscp2Connection> internal constructor(
+        private val sslSocket: SSLSocket,
+        private val configCallback: SecureChannelInitListener<CC>,
+        private val serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>) :
+        Thread(), HandshakeCompletedListener, SecureChannelEndpoint, Closeable
+{
     @Volatile
     private var running = true
     private val `in`: DataInputStream
     private val out: DataOutputStream
-    private val sslSocket: SSLSocket?
-    private val configCallback: SecureChannelInitListener
-    private val serverListenerPromise: CompletableFuture<ServerConnectionListener>
     private val channelListenerPromise = CompletableFuture<SecureChannelListener>()
     private val tlsVerificationLatch = FastLatch()
     override fun run() {
@@ -41,7 +43,7 @@ class TLSServerThread internal constructor(sslSocket: SSLSocket, configCallback:
         // before reading from buffer. Else if there exists any non-catched exception during handshake
         // the thread would wait forever in onError() until handshakeCompleteListener is called
         try {
-            sslSocket!!.startHandshake()
+            sslSocket.startHandshake()
             // Wait for TLS session verification
             tlsVerificationLatch.await()
         } catch (e: Exception) {
@@ -75,7 +77,7 @@ class TLSServerThread internal constructor(sslSocket: SSLSocket, configCallback:
         try {
             out.close()
             `in`.close()
-            sslSocket!!.close()
+            sslSocket.close()
         } catch (ignore: IOException) {
         }
     }
@@ -90,10 +92,9 @@ class TLSServerThread internal constructor(sslSocket: SSLSocket, configCallback:
                 out.writeInt(bytes.size)
                 out.write(bytes)
                 out.flush()
-                LOG.trace("Sent message: " + String(bytes))
                 true
             } catch (e: IOException) {
-                LOG.error("Server could not send data.")
+                LOG.error("Server could not send data", e)
                 closeSockets()
                 false
             }
@@ -121,7 +122,7 @@ class TLSServerThread internal constructor(sslSocket: SSLSocket, configCallback:
     }
 
     override val isConnected: Boolean
-        get() = sslSocket != null && sslSocket.isConnected
+        get() = sslSocket.isConnected
 
     override fun handshakeCompleted(handshakeCompletedEvent: HandshakeCompletedEvent) {
         if (LOG.isDebugEnabled) {
@@ -153,9 +154,6 @@ class TLSServerThread internal constructor(sslSocket: SSLSocket, configCallback:
     }
 
     init {
-        this.sslSocket = sslSocket
-        this.configCallback = configCallback
-        this.serverListenerPromise = serverListenerPromise
         // Set timeout for blocking read
         sslSocket.soTimeout = 5000
         `in` = DataInputStream(sslSocket.inputStream)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
index 6e7fe63b7..32bfa695c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
@@ -3,6 +3,7 @@ package de.fhg.aisec.ids.idscp2.drivers.interfaces
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
 import java.util.concurrent.CompletableFuture
 
@@ -12,15 +13,18 @@ import java.util.concurrent.CompletableFuture
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-interface SecureChannelDriver {
+interface SecureChannelDriver<CC: Idscp2Connection> {
     /*
      * Asynchronous method to create a secure connection to a secure server
      */
-    fun connect(settings: Idscp2Settings, dapsDriver: DapsDriver, connectionFuture: CompletableFuture<Idscp2Connection>)
+    fun connect(connectionFactory: (SecureChannel, Idscp2Settings, DapsDriver) -> CC,
+                settings: Idscp2Settings,
+                dapsDriver: DapsDriver,
+                connectionFuture: CompletableFuture<CC>)
 
     /*
      * Starting a secure server
      */
-    fun listen(settings: Idscp2Settings, channelInitListener: SecureChannelInitListener,
-               serverListenerPromise: CompletableFuture<ServerConnectionListener>): SecureServer
+    fun listen(settings: Idscp2Settings, channelInitListener: SecureChannelInitListener<CC>,
+               serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>): SecureServer
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index 408c6c3f1..5894bf01d 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -9,7 +9,6 @@ import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ClientFactory
@@ -21,9 +20,10 @@ import java.nio.charset.StandardCharsets
 import java.util.concurrent.CompletableFuture
 
 class Idscp2ClientInitiator {
-    private val connectionFuture = CompletableFuture<Idscp2Connection>()
+    private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
+
     fun init(settings: Idscp2Settings) {
-        val secureChannelDriver: SecureChannelDriver = NativeTLSDriver()
+        val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
         val config = DefaultDapsDriverConfig.Builder()
                 .setKeyStorePath(settings.keyStorePath)
                 .setTrustStorePath(settings.trustStorePath)
@@ -34,22 +34,22 @@ class Idscp2ClientInitiator {
                 .setDapsUrl("https://daps.aisec.fraunhofer.de")
                 .build()
         RatProverDriverRegistry.registerDriver(
-                "Dummy", RatProverDummy::class.java, null)
+                "Dummy", ::RatProverDummy, null)
         RatVerifierDriverRegistry.registerDriver(
-                "Dummy", RatVerifierDummy::class.java, null)
+                "Dummy", ::RatVerifierDummy, null)
         RatProverDriverRegistry.registerDriver(
-                "TPM2d", TPM2dProver::class.java,
+                "TPM2d", ::TPM2dProver,
                 TPM2dProverConfig.Builder().build()
         )
         RatVerifierDriverRegistry.registerDriver(
-                "TPM2d", TPM2dVerifier::class.java,
+                "TPM2d", ::TPM2dVerifier,
                 TPM2dVerifierConfig.Builder().build()
         )
         val clientConfig = Idscp2ClientFactory(
                 DefaultDapsDriver(config),
                 secureChannelDriver
         )
-        clientConfig.connect(settings, connectionFuture)
+        connectionFuture = clientConfig.connect(settings)
         connectionFuture.thenAccept { connection: Idscp2Connection ->
             println("Client: New connection with id " + connection.id)
             connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
@@ -57,7 +57,7 @@ class Idscp2ClientInitiator {
                     LOG.error("Client connection error occurred", t)
                 }
 
-                override fun onClose(connection: Idscp2Connection) {
+                override fun onClose() {
                     LOG.info("Client: Connection with id " + connection.id + " has been closed")
                 }
             })
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index cb55e608e..7dbd62ef8 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -11,9 +11,9 @@ import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifi
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
@@ -21,9 +21,9 @@ import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
 import java.nio.charset.StandardCharsets
 
-class Idscp2ServerInitiator : Idscp2EndpointListener {
+class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
     fun init(settings: Idscp2Settings) {
-        val secureChannelDriver: SecureChannelDriver = NativeTLSDriver()
+        val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
         val config = DefaultDapsDriverConfig.Builder()
                 .setKeyStorePath(settings.keyStorePath)
                 .setTrustStorePath(settings.trustStorePath)
@@ -35,16 +35,17 @@ class Idscp2ServerInitiator : Idscp2EndpointListener {
                 .build()
         val dapsDriver: DapsDriver = DefaultDapsDriver(config)
         RatProverDriverRegistry.registerDriver(
-                "Dummy", RatProverDummy::class.java, null)
+                "Dummy", ::RatProverDummy, null)
         RatVerifierDriverRegistry.registerDriver(
-                "Dummy", RatVerifierDummy::class.java, null)
+                "Dummy", ::RatVerifierDummy, null)
         RatProverDriverRegistry.registerDriver(
-                "TPM2d", TPM2dProver::class.java, TPM2dProverConfig.Builder().build()
+                "TPM2d", ::TPM2dProver, TPM2dProverConfig.Builder().build()
         )
         RatVerifierDriverRegistry.registerDriver(
-                "TPM2d", TPM2dVerifier::class.java, TPM2dVerifierConfig.Builder().build()
+                "TPM2d", ::TPM2dVerifier, TPM2dVerifierConfig.Builder().build()
         )
         val serverConfig = Idscp2ServerFactory(
+                ::Idscp2ConnectionImpl,
                 this,
                 settings,
                 dapsDriver,
@@ -67,7 +68,7 @@ class Idscp2ServerInitiator : Idscp2EndpointListener {
                 LOG.error("Server connection error occurred", t)
             }
 
-            override fun onClose(connection: Idscp2Connection) {
+            override fun onClose() {
                 LOG.info("Server: Connection with id " + connection.id + " has been closed")
             }
         })
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt
index 70858468e..4b0c78f42 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt
@@ -1,73 +1,31 @@
 package de.fhg.aisec.ids.idscp2.idscp_core
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import org.slf4j.LoggerFactory
-import java.util.*
-import java.util.concurrent.CompletableFuture
-import java.util.function.Consumer
-import java.util.stream.Collectors
-
 /**
  * The IDSCP2 Connection class holds connections between connectors
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
  */
-class Idscp2Connection(secureChannel: SecureChannel,
-                       settings: Idscp2Settings,
-                       dapsDriver: DapsDriver) {
-    private val fsm: FSM = FSM(
-            this,
-            secureChannel,
-            dapsDriver,
-            settings.supportedAttestation.ratMechanisms,
-            settings.expectedAttestation.ratMechanisms,
-            settings.ratTimeoutDelay)
-    val id: String = UUID.randomUUID().toString()
-    private val connectionListeners = Collections.synchronizedSet(HashSet<Idscp2ConnectionListener>())
-    private val messageListeners = Collections.synchronizedSet(HashSet<Idscp2MessageListener>())
-    private val messageLatch = FastLatch()
-    fun unlockMessaging() {
-        messageLatch.unlock()
-    }
+interface Idscp2Connection {
+    val id: String
+
+    fun unlockMessaging()
 
     /**
      * Close the idscp connection
      */
-    fun close() {
-        LOG.debug("Closing connection {}...", id)
-        fsm.closeConnection()
-        LOG.debug("IDSCP2 connection {} closed", id)
-    }
+    fun close()
 
     /**
      * Send data to the peer IDSCP2 connector
      */
-    fun send(msg: ByteArray) {
-        LOG.debug("Sending data via connection {}...", id)
-        fsm.send(msg)
-    }
+    fun send(msg: ByteArray)
 
-    fun onMessage(msg: ByteArray) {
-        // When unlock is called, although not synchronized, this will eventually stop blocking.
-        messageLatch.await()
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Received new IDSCP Message")
-        }
-        messageListeners.forEach(Consumer { l: Idscp2MessageListener -> l.onMessage(this, msg) })
-    }
+    fun onMessage(msg: ByteArray)
 
-    fun onError(t: Throwable) {
-        connectionListeners.forEach(Consumer { idscp2ConnectionListener: Idscp2ConnectionListener -> idscp2ConnectionListener.onError(t) })
-    }
+    fun onError(t: Throwable)
 
-    fun onClose() {
-        LOG.debug("Connection with id {} is closing, notify listeners...", id)
-        connectionListeners.forEach(Consumer { l: Idscp2ConnectionListener -> l.onClose(this) })
-    }
+    fun onClose()
 
     /**
      * Check if the idscp connection is currently established
@@ -75,39 +33,12 @@ class Idscp2Connection(secureChannel: SecureChannel,
      * @return Connection established state
      */
     val isConnected: Boolean
-        get() = fsm.isConnected
-
-    fun addConnectionListener(listener: Idscp2ConnectionListener) {
-        connectionListeners.add(listener)
-    }
-
-    fun removeConnectionListener(listener: Idscp2ConnectionListener): Boolean {
-        return connectionListeners.remove(listener)
-    }
 
-    fun addMessageListener(listener: Idscp2MessageListener) {
-        messageListeners.add(listener)
-    }
+    fun addConnectionListener(listener: Idscp2ConnectionListener)
 
-    fun removeMessageListener(listener: Idscp2MessageListener): Boolean {
-        return messageListeners.remove(listener)
-    }
+    fun removeConnectionListener(listener: Idscp2ConnectionListener): Boolean
 
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2Connection::class.java)
-    }
+    fun addMessageListener(listener: Idscp2MessageListener)
 
-    init {
-        secureChannel.setFsm(fsm)
-        if (LOG.isDebugEnabled) {
-            LOG.debug("A new IDSCP2 connection with id {} was created, starting handshake...", id)
-        }
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Stack Trace of Idscp2Connection {} constructor:\n"
-                    + Arrays.stream(Thread.currentThread().stackTrace)
-                    .skip(1).map { obj: StackTraceElement -> obj.toString() }.collect(Collectors.joining("\n")), id)
-        }
-        // Schedule IDSCP handshake asynchronously
-        CompletableFuture.runAsync { fsm.startIdscpHandshake() }
-    }
+    fun removeMessageListener(listener: Idscp2MessageListener): Boolean
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt
index eb0cdff84..9ade915be 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt
@@ -7,7 +7,7 @@ open class Idscp2ConnectionAdapter : Idscp2ConnectionListener {
         LOG.error("Error received in Idscp2ConnectionAdapter", t)
     }
 
-    override fun onClose(connection: Idscp2Connection) {}
+    override fun onClose() {}
 
     companion object {
         private val LOG = LoggerFactory.getLogger(Idscp2ConnectionAdapter::class.java)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
new file mode 100644
index 000000000..ccc809826
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
@@ -0,0 +1,119 @@
+package de.fhg.aisec.ids.idscp2.idscp_core
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
+import org.slf4j.LoggerFactory
+import java.util.*
+import java.util.concurrent.CompletableFuture
+import java.util.function.Consumer
+import java.util.stream.Collectors
+
+/**
+ * The IDSCP2 Connection class holds connections between connectors
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
+ */
+class Idscp2ConnectionImpl(secureChannel: SecureChannel,
+                           settings: Idscp2Settings,
+                           dapsDriver: DapsDriver): Idscp2Connection {
+    private val fsm: FSM = FSM(
+            this,
+            secureChannel,
+            dapsDriver,
+            settings.supportedAttestation.ratMechanisms,
+            settings.expectedAttestation.ratMechanisms,
+            settings.ratTimeoutDelay)
+    override val id: String = UUID.randomUUID().toString()
+    private val connectionListeners = Collections.synchronizedSet(HashSet<Idscp2ConnectionListener>())
+    private val messageListeners = Collections.synchronizedSet(HashSet<Idscp2MessageListener>())
+    private val messageLatch = FastLatch()
+    override fun unlockMessaging() {
+        messageLatch.unlock()
+    }
+
+    /**
+     * Close the idscp connection
+     */
+    override fun close() {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Closing connection {}...", id)
+        }
+        fsm.closeConnection()
+        if (LOG.isDebugEnabled) {
+            LOG.debug("IDSCP2 connection {} closed", id)
+        }
+    }
+
+    /**
+     * Send data to the peer IDSCP2 connector
+     */
+    override fun send(msg: ByteArray) {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Sending data via connection {}...", id)
+        }
+        fsm.send(msg)
+    }
+
+    override fun onMessage(msg: ByteArray) {
+        // When unlock is called, although not synchronized, this will eventually stop blocking.
+        messageLatch.await()
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Received new IDSCP Message")
+        }
+        messageListeners.forEach(Consumer { l: Idscp2MessageListener -> l.onMessage(this, msg) })
+    }
+
+    override fun onError(t: Throwable) {
+        connectionListeners.forEach(Consumer { idscp2ConnectionListener: Idscp2ConnectionListener -> idscp2ConnectionListener.onError(t) })
+    }
+
+    override fun onClose() {
+        LOG.debug("Connection with id {} is closing, notify listeners...", id)
+        connectionListeners.forEach(Consumer { l: Idscp2ConnectionListener -> l.onClose() })
+    }
+
+    /**
+     * Check if the idscp connection is currently established
+     *
+     * @return Connection established state
+     */
+    override val isConnected: Boolean
+        get() = fsm.isConnected
+
+    override fun addConnectionListener(listener: Idscp2ConnectionListener) {
+        connectionListeners.add(listener)
+    }
+
+    override fun removeConnectionListener(listener: Idscp2ConnectionListener): Boolean {
+        return connectionListeners.remove(listener)
+    }
+
+    override fun addMessageListener(listener: Idscp2MessageListener) {
+        messageListeners.add(listener)
+    }
+
+    override fun removeMessageListener(listener: Idscp2MessageListener): Boolean {
+        return messageListeners.remove(listener)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(Idscp2ConnectionImpl::class.java)
+    }
+
+    init {
+        secureChannel.setFsm(fsm)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("A new IDSCP2 connection with id {} was created, starting handshake...", id)
+        }
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Stack Trace of Idscp2Connection {} constructor:\n"
+                    + Arrays.stream(Thread.currentThread().stackTrace)
+                    .skip(1).map { obj: StackTraceElement -> obj.toString() }.collect(Collectors.joining("\n")), id)
+        }
+        // Schedule IDSCP handshake asynchronously
+        CompletableFuture.runAsync { fsm.startIdscpHandshake() }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt
index f9a4f02cc..0369292fa 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt
@@ -6,5 +6,5 @@ package de.fhg.aisec.ids.idscp2.idscp_core
  */
 interface Idscp2ConnectionListener {
     fun onError(t: Throwable)
-    fun onClose(connection: Idscp2Connection)
+    fun onClose()
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt
index de66cab1c..f4b4df11f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt
@@ -3,6 +3,7 @@ package de.fhg.aisec.ids.idscp2.idscp_core.configuration
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
 import org.slf4j.LoggerFactory
 import java.util.concurrent.CompletableFuture
 
@@ -12,14 +13,15 @@ import java.util.concurrent.CompletableFuture
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class Idscp2ClientFactory(private val dapsDriver: DapsDriver,
-                          private val secureChannelDriver: SecureChannelDriver
-) {
+                          private val secureChannelDriver: SecureChannelDriver<Idscp2Connection>) {
     /**
      * User API to create a IDSCP2 connection as a client
      */
-    fun connect(settings: Idscp2Settings, connectionFuture: CompletableFuture<Idscp2Connection>) {
+    fun connect(settings: Idscp2Settings): CompletableFuture<Idscp2Connection> {
+        val connectionFuture = CompletableFuture<Idscp2Connection>()
         LOG.info("Connect to an IDSCP2 server ({})", settings.host)
-        secureChannelDriver.connect(settings, dapsDriver, connectionFuture)
+        secureChannelDriver.connect(::Idscp2ConnectionImpl, settings, dapsDriver, connectionFuture)
+        return connectionFuture
     }
 
     companion object {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
index 9c571127f..4ccd7cb32 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
@@ -17,21 +17,23 @@ import java.util.concurrent.CompletableFuture
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class Idscp2ServerFactory(private val endpointListener: Idscp2EndpointListener,
-                          private val settings: Idscp2Settings,
-                          private val dapsDriver: DapsDriver,
-                          private val secureChannelDriver: SecureChannelDriver
-) : SecureChannelInitListener {
-    /*
+class Idscp2ServerFactory<CC: Idscp2Connection>(
+        private val connectionFactory: (SecureChannel, Idscp2Settings, DapsDriver) -> CC,
+        private val endpointListener: Idscp2EndpointListener<CC>,
+        private val settings: Idscp2Settings,
+        private val dapsDriver: DapsDriver,
+        private val secureChannelDriver: SecureChannelDriver<CC>
+) : SecureChannelInitListener<CC> {
+    /**
      * User API to create a new IDSCP2 Server that starts a Secure Server that listens to new
      * secure channels
      */
     @Throws(Idscp2Exception::class)
-    fun listen(settings: Idscp2Settings): Idscp2Server {
+    fun listen(settings: Idscp2Settings): Idscp2Server<CC> {
         LOG.info("Starting new IDSCP2 server at port {}", settings.serverPort)
-        val serverListenerPromise = CompletableFuture<ServerConnectionListener>()
+        val serverListenerPromise = CompletableFuture<ServerConnectionListener<CC>>()
         val secureServer = secureChannelDriver.listen(settings, this, serverListenerPromise)
-        val server = Idscp2Server(secureServer)
+        val server = Idscp2Server<CC>(secureServer)
         serverListenerPromise.complete(server)
         return server
     }
@@ -39,27 +41,25 @@ class Idscp2ServerFactory(private val endpointListener: Idscp2EndpointListener,
     /**
      * A callback implementation to receive a new established secure channel from an Secure client/server.
      *
-     *
      * If the secure channel is null, no secure channel was established and an error is provided
      * to the user (or the error is ignored, in server case).
      *
-     *
      * If the secure channel was established, a new FSM is created for this connection and the
      * IDSCP2 handshake is started. After a successful handshake, a new Idscp2Connection is
      * created and provided to the user (and the IDSCP2 server).
      */
     @Synchronized
     override fun onSecureChannel(secureChannel: SecureChannel,
-                                 serverListenerPromise: CompletableFuture<ServerConnectionListener>) {
+                                 serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>) {
         LOG.trace("A new secure channel for an IDSCP2 connection was established")
         // Threads calling onMessage() will be blocked until all listeners have been registered, see below
-        val newConnection = Idscp2Connection(secureChannel, settings, dapsDriver)
+        val newConnection = connectionFactory(secureChannel, settings, dapsDriver)
         // Complete the connection promise for the IDSCP server
-        serverListenerPromise.thenAccept { serverListener: ServerConnectionListener ->
+        serverListenerPromise.thenAccept { serverListener: ServerConnectionListener<CC> ->
             serverListener.onConnectionCreated(newConnection)
             newConnection.addConnectionListener(object : Idscp2ConnectionAdapter() {
-                override fun onClose(connection: Idscp2Connection) {
-                    serverListener.onConnectionClose(connection)
+                override fun onClose() {
+                    serverListener.onConnectionClose(newConnection)
                 }
             })
         }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt
index 80a4b383c..c4fbd35a2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt
@@ -1,5 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration
 
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
 import java.util.concurrent.CompletableFuture
@@ -10,13 +11,13 @@ import java.util.concurrent.CompletableFuture
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-interface SecureChannelInitListener {
+interface SecureChannelInitListener<CC: Idscp2Connection> {
     /**
      * Notify the server about new secureChannel
      */
     fun onSecureChannel(
             secureChannel: SecureChannel,
-            serverListenerPromise: CompletableFuture<ServerConnectionListener>
+            serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>
     )
 
     fun onError(t: Throwable)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
index 7c671908a..e19afc5e8 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
@@ -44,14 +44,15 @@ class Event {
      * throws an IllegalStateException if this event is requested for other purposes
      */
     constructor(controlMessage: InternalControlMessage, idscpMessage: IdscpMessage) {
-        if (controlMessage == InternalControlMessage.RAT_PROVER_MSG || controlMessage == InternalControlMessage.RAT_VERIFIER_MSG) {
+        if (controlMessage == InternalControlMessage.RAT_PROVER_MSG
+                || controlMessage == InternalControlMessage.RAT_VERIFIER_MSG) {
             key = controlMessage.value
             type = EventType.INTERNAL_CONTROL_MESSAGE
             this.idscpMessage = idscpMessage
             this.controlMessage = controlMessage
         } else {
             throw IllegalStateException("This constructor must only be used by RAT_PROVER and " +
-                    "RAT_VERIFIER for message passing")
+                    "RAT_VERIFIER for message passing, encountered $controlMessage")
         }
     }
 
@@ -59,8 +60,8 @@ class Event {
         return "Event{" +
                 "key=" + key +
                 ", type=" + type +
-                ", idscpMessage=" + idscpMessage +
-                ", controlMessage=" + controlMessage +
+                ", idscpMessage=" + if(::idscpMessage.isInitialized) idscpMessage else null +
+                ", controlMessage=" + if(::controlMessage.isInitialized) controlMessage else null +
                 '}'
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 40be7d4c5..6cc9e75c1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -93,7 +93,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     private val handshakeTimer: Timer
     private val proverHandshakeTimer: Timer
     private val verifierHandshakeTimer: Timer
-    private fun checkForFsmCircles() {
+    private fun checkForFsmCycles() {
         // check if current thread holds already the fsm lock, then we have a circle
         // this runs into an issue: onControlMessage must be called only from other threads!
         // if the current thread currently stuck within a fsm transition it will trigger another
@@ -124,13 +124,13 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     /**
      * Get a new IDSCP2 Message from the secure channel and provide it as an event to the fsm
      *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
      * driver implementations
      */
     override fun onMessage(data: ByteArray) {
 
         //check for incorrect usage
-        checkForFsmCircles()
+        checkForFsmCycles()
 
         //parse message and create new IDSCP Message event, then pass it to current state and
         // update new state
@@ -175,68 +175,70 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         }
     }
 
+    override fun onRatProverMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray) {
+        processRatProverEvent(Event(controlMessage, Idscp2MessageHelper.createIdscpRatProverMessage(ratMessage)))
+    }
+
+    override fun onRatProverMessage(controlMessage: InternalControlMessage) {
+        processRatProverEvent(Event(controlMessage))
+    }
+
     /**
      * API for RatProver to provide Prover Messages to the fsm
      *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
      * driver implementations
      *
-     * Afterwards the event for the fsm is created and the fsm lock is requested
+     * Afterwards the fsm lock is requested
      *
      * When the RatProverThread does not match the active prover tread id, the event will be
      * ignored, else the event is provided to the fsm
      */
-    override fun onRatProverMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray) {
-
+    private fun processRatProverEvent(e: Event) {
         //check for incorrect usage
-        checkForFsmCircles()
+        checkForFsmCycles()
 
-        //only allow rat prover messages from current thread
-        val e: Event
-        e = run {
-            val idscpMessage = Idscp2MessageHelper.createIdscpRatProverMessage(ratMessage)
-            Event(controlMessage, idscpMessage)
-        }
         fsmIsBusy.lock()
         try {
             if (Thread.currentThread().id.toString() == currentRatProverId) {
                 feedEvent(e)
             } else {
-                LOG.warn("An old or unknown identity calls onRatProverMessage()")
+                LOG.error("An old or unknown Thread (${Thread.currentThread().id}) calls onRatProverMessage()")
             }
         } finally {
             fsmIsBusy.unlock()
         }
     }
 
+    override fun onRatVerifierMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray) {
+        processRatVerifierEvent(Event(controlMessage, Idscp2MessageHelper.createIdscpRatVerifierMessage(ratMessage)))
+    }
+
+    override fun onRatVerifierMessage(controlMessage: InternalControlMessage) {
+        processRatVerifierEvent(Event(controlMessage))
+    }
+
     /**
      * API for RatVerifier to provide Verifier Messages to the fsm
      *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
      * driver implementations
      *
-     * Afterwards the event for the fsm is created and the fsm lock is requested
+     * Afterwards the fsm lock is requested
      *
-     * When the RatVerifierDriver does not match the active verifier tread id, the event will be
+     * When the RatVerifierDriver does not match the active verifier thread id, the event will be
      * ignored, else the event is provided to the fsm
      */
-    override fun onRatVerifierMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray) {
-
+    private fun processRatVerifierEvent(e: Event) {
         //check for incorrect usage
-        checkForFsmCircles()
+        checkForFsmCycles()
 
-        //only allow rat verifier messages from current thread
-        val e: Event
-        e = run {
-            val idscpMessage = Idscp2MessageHelper.createIdscpRatVerifierMessage(ratMessage)
-            Event(controlMessage, idscpMessage)
-        }
         fsmIsBusy.lock()
         try {
             if (Thread.currentThread().id.toString() == currentRatVerifierId) {
                 feedEvent(e)
             } else {
-                LOG.warn("An old or unknown identity calls onRatVerifierMessage()")
+                LOG.error("An old or unknown Thread (${Thread.currentThread().id}) calls onRatVerifierMessage()")
             }
         } finally {
             fsmIsBusy.unlock()
@@ -257,12 +259,12 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     /**
      * API to terminate the idscp connection by the user
      *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
      * driver implementations
      */
     fun closeConnection() {
         //check for incorrect usage
-        checkForFsmCircles()
+        checkForFsmCycles()
         LOG.debug("Sending stop message to connection peer...")
         onControlMessage(InternalControlMessage.IDSCP_STOP)
     }
@@ -270,13 +272,13 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     /**
      * API for the user to start the IDSCP2 handshake
      *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
      * driver implementations
      */
     @Throws(Idscp2Exception::class)
     fun startIdscpHandshake() {
         //check for incorrect usage
-        checkForFsmCircles()
+        checkForFsmCycles()
         fsmIsBusy.lock()
         try {
             if (currentState == states[FsmState.STATE_CLOSED]) {
@@ -316,7 +318,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     /**
      * Provide an Internal Control Message to the FSM
      *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
      * driver implementations
      */
     override fun onError(t: Throwable) {
@@ -324,19 +326,19 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         connection.onError(t)
 
         // Check for incorrect usage
-        checkForFsmCircles()
+        checkForFsmCycles()
         onControlMessage(InternalControlMessage.ERROR)
     }
 
     /**
      * Provide an Internal Control Message to the FSM, caused by a secure channel closure
      *
-     * The checkForFsmCircles method first checks for risky thread circles that occur by incorrect
+     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
      * driver implementations
      */
     override fun onClose() {
         // Check for incorrect usage
-        checkForFsmCircles()
+        checkForFsmCycles()
         onControlMessage(InternalControlMessage.IDSCP_STOP)
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt
index ff8f6d4b5..1b6e95f62 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt
@@ -15,12 +15,14 @@ interface FsmListener {
     /*
      * A method for providing RatProver messages from the RatProverDriver implementation to the FSM
      */
+    fun onRatProverMessage(controlMessage: InternalControlMessage)
     fun onRatProverMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray)
 
     /*
      * A method for providing RatVerifier messages from the RatVerifierDriver implementation to the
      * FSM
      */
+    fun onRatVerifierMessage(controlMessage: InternalControlMessage)
     fun onRatVerifierMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray)
 
     /*
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
index 67dc56344..64018cef1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
@@ -6,8 +6,20 @@ package de.fhg.aisec.ids.idscp2.idscp_core.fsm
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-enum class InternalControlMessage(  //set unique values that are different from IdscpMessage.MessageCase ot identify event.key
+enum class InternalControlMessage(
         val value: String) {
-    START_IDSCP_HANDSHAKE("ICM_START"), IDSCP_STOP("ICM_STOP"), DAT_TIMER_EXPIRED("ICM_DAT_TIMER_EXPIRED"), RAT_TIMER_EXPIRED("ICM_RAT_TIMER_EXPIRED"), REPEAT_RAT("ICM_REPEAT_RAT"), RAT_VERIFIER_OK("ICM_RAT_V_OK"), RAT_VERIFIER_FAILED("ICM_RAT_V_FAILED"), RAT_PROVER_OK("ICM_RAT_P_OK"), RAT_PROVER_FAILED("ICM_RAT_P_FAILED"), RAT_PROVER_MSG("ICM_RAT_PROVER_MSG"), RAT_VERIFIER_MSG("ICM_RAT_VERIFIER_MSG"), ERROR("ICM_ERROR"), TIMEOUT("ICM_TIMEOUT");
-
+    // Using unique values that are different from IdscpMessage.MessageCase to identify event.key
+    START_IDSCP_HANDSHAKE("ICM_START"),
+    IDSCP_STOP("ICM_STOP"),
+    DAT_TIMER_EXPIRED("ICM_DAT_TIMER_EXPIRED"),
+    RAT_TIMER_EXPIRED("ICM_RAT_TIMER_EXPIRED"),
+    REPEAT_RAT("ICM_REPEAT_RAT"),
+    RAT_VERIFIER_OK("ICM_RAT_V_OK"),
+    RAT_VERIFIER_FAILED("ICM_RAT_V_FAILED"),
+    RAT_PROVER_OK("ICM_RAT_P_OK"),
+    RAT_PROVER_FAILED("ICM_RAT_P_FAILED"),
+    RAT_PROVER_MSG("ICM_RAT_PROVER_MSG"),
+    RAT_VERIFIER_MSG("ICM_RAT_VERIFIER_MSG"),
+    ERROR("ICM_ERROR"),
+    TIMEOUT("ICM_TIMEOUT");
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
index de0abbdb6..19ee13039 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
@@ -2,6 +2,7 @@ package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import org.slf4j.LoggerFactory
 import java.util.concurrent.ConcurrentHashMap
 
 /**
@@ -15,12 +16,13 @@ import java.util.concurrent.ConcurrentHashMap
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 object RatProverDriverRegistry {
+    private val LOG by lazy { LoggerFactory.getLogger(RatProverDriverRegistry::class.java) }
 
     /**
      * An inner static wrapper class, that wraps driver config and driver class
      */
     private class DriverWrapper(
-            val driverClass: Class<out RatProverDriver>,
+            val driverFactory: (FsmListener) -> RatProverDriver,
             val driverConfig: Any?
     )
 
@@ -31,10 +33,10 @@ object RatProverDriverRegistry {
      */
     fun registerDriver(
             instance: String,
-            driverClass: Class<out RatProverDriver>,
+            driverFactory: (FsmListener) -> RatProverDriver,
             driverConfig: Any?
     ) {
-        drivers[instance] = DriverWrapper(driverClass, driverConfig)
+        drivers[instance] = DriverWrapper(driverFactory, driverConfig)
     }
 
     /**
@@ -53,16 +55,17 @@ object RatProverDriverRegistry {
      * The finite state machine is registered as the communication partner for the RatProver.
      * The RatProver will be initialized with a configuration, if present. Then it is started.
      */
-    fun startRatProverDriver(instance: String?, listener: FsmListener?): RatProverDriver? {
-        val driverWrapper = drivers[instance] ?: return null
+    fun startRatProverDriver(instance: String?, listener: FsmListener): RatProverDriver? {
+        val driverWrapper = drivers[instance]
         return try {
-            val driver = driverWrapper.driverClass.getDeclaredConstructor().newInstance(listener)
+            val driver = driverWrapper!!.driverFactory(listener)
             if (driverWrapper.driverConfig != null) {
                 driver.setConfig(driverWrapper.driverConfig)
             }
             driver.start()
             driver
         } catch (e: Exception) {
+            LOG.error("Error during RAT prover start", e)
             null
         }
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
index d2c51a967..c0c259270 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
@@ -2,6 +2,7 @@ package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import org.slf4j.LoggerFactory
 import java.util.concurrent.ConcurrentHashMap
 
 /**
@@ -15,12 +16,13 @@ import java.util.concurrent.ConcurrentHashMap
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 object RatVerifierDriverRegistry {
+    private val LOG by lazy { LoggerFactory.getLogger(RatVerifierDriverRegistry::class.java) }
 
     /**
      * An inner static wrapper class, that wraps driver config and driver class
      */
     private class DriverWrapper(
-            val driverClass: Class<out RatVerifierDriver>,
+            val driverFactory: (FsmListener) -> RatVerifierDriver,
             val driverConfig: Any?
     )
     private val drivers = ConcurrentHashMap<String, DriverWrapper>()
@@ -30,10 +32,10 @@ object RatVerifierDriverRegistry {
      */
     fun registerDriver(
             mechanism: String,
-            driverClass: Class<out RatVerifierDriver>,
+            driverFactory: (FsmListener) -> RatVerifierDriver,
             driverConfig: Any?
     ) {
-        drivers[mechanism] = DriverWrapper(driverClass, driverConfig)
+        drivers[mechanism] = DriverWrapper(driverFactory, driverConfig)
     }
 
     /**
@@ -56,13 +58,14 @@ object RatVerifierDriverRegistry {
     fun startRatVerifierDriver(mechanism: String?, listener: FsmListener): RatVerifierDriver? {
         val driverWrapper = drivers[mechanism]
         return try {
-            val driver = driverWrapper!!.driverClass.getDeclaredConstructor().newInstance(listener)
+            val driver = driverWrapper!!.driverFactory(listener)
             if (driverWrapper.driverConfig != null) {
                 driver.setConfig(driverWrapper.driverConfig)
             }
             driver.start()
             driver
         } catch (e: Exception) {
+            LOG.error("Error during RAT verifier start", e)
             null
         }
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt
index 751124f93..4c36bc311 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt
@@ -11,47 +11,40 @@ import java.util.*
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class Idscp2Server(private val secureServer: SecureServer?) : ServerConnectionListener {
-    private val connections = Collections.synchronizedSet(HashSet<Idscp2Connection>())
+class Idscp2Server<CC: Idscp2Connection>(private val secureServer: SecureServer): ServerConnectionListener<CC> {
+    private val connections = Collections.synchronizedSet(HashSet<CC>())
 
-    /*
+    /**
      * Terminate the IDSCP2 server, the secure server and close all connections
      */
     fun terminate() {
         LOG.info("Terminating IDSCP2 server {}", this.toString())
-        terminateAllSessions()
-        secureServer!!.safeStop()
-    }
-
-    /*
-     * Close all open IDSCP2 connections of this server
-     */
-    fun terminateAllSessions() {
         for (connection in connections) {
             connection.close()
             LOG.debug("Idscp connection with id {} has been closed", connection.id)
             connections.remove(connection)
         }
+        secureServer.safeStop()
     }
 
-    override fun onConnectionCreated(connection: Idscp2Connection) {
+    override fun onConnectionCreated(connection: CC) {
         connections.add(connection)
     }
 
-    override fun onConnectionClose(connection: Idscp2Connection?) {
+    override fun onConnectionClose(connection: CC) {
         connections.remove(connection)
     }
 
-    /*
-     * Check if the server is running
+    /**
+     * If the server is running
      */
     val isRunning: Boolean
-        get() = secureServer!!.isRunning
+        get() = secureServer.isRunning
 
-    /*
-     * return a list of all open IDSCP2 connections of this server
+    /**
+     * List of all open IDSCP2 connections of this server
      */
-    val allConnections: Set<Idscp2Connection>
+    val allConnections: Set<CC>
         get() = Collections.unmodifiableSet(connections)
 
     companion object {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt
index d0f7e43db..ae888b08c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt
@@ -2,7 +2,7 @@ package de.fhg.aisec.ids.idscp2.idscp_core.server
 
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 
-interface ServerConnectionListener {
-    fun onConnectionCreated(connection: Idscp2Connection)
-    fun onConnectionClose(connection: Idscp2Connection?)
+interface ServerConnectionListener<CC: Idscp2Connection> {
+    fun onConnectionCreated(connection: CC)
+    fun onConnectionClose(connection: CC)
 }
\ No newline at end of file
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index 566e781b8..f6ff98f04 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -4,7 +4,7 @@ idscp: "1.1.0"
 idscp2: "1.0.0"
 
 # basically, the first requirement, all other libraries depend on this version
-karaf: "4.2.8"
+karaf: "4.2.9"
 # Jetty version should fit bundled version in karaf
 jetty: "9.4.22.v20191022"
 
diff --git a/settings.gradle b/settings.gradle
index 5e0df3d66..2da46cc74 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -19,6 +19,7 @@ include ':ids-settings'
 include ':ids-token-manager'
 include ':ids-webconsole'
 include ':idscp2'
+include ':idscp2-app-layer'
 include ':javax-xml-bind-patch'
 include ':jnr-unixsocket-wrapper'
 include ':jsonwebtoken-wrapper'

From 4d03384899c64a03c9607227b9612ffb12eec295 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 29 Sep 2020 11:25:04 +0200
Subject: [PATCH 146/237] Added (inactive) IDSCP2 trace logging

---
 .../src/main/resources/etc/org.ops4j.pax.logging.cfg          | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/karaf-assembly/src/main/resources/etc/org.ops4j.pax.logging.cfg b/karaf-assembly/src/main/resources/etc/org.ops4j.pax.logging.cfg
index 0964e6264..b27ab52ff 100644
--- a/karaf-assembly/src/main/resources/etc/org.ops4j.pax.logging.cfg
+++ b/karaf-assembly/src/main/resources/etc/org.ops4j.pax.logging.cfg
@@ -36,6 +36,10 @@ log4j2.rootLogger.appenderRef.Console.filter.threshold.level = OFF
 log4j2.logger.ids.name = de.fhg.aisec.ids
 log4j2.logger.ids.level = DEBUG
 
+# IDSCP2 logger
+;log4j2.logger.idscp2.name = de.fhg.aisec.ids.idscp2
+;log4j2.logger.idscp2.level = TRACE
+
 # Felix logger
 #log4j2.logger.felix.name = org.apache.felix
 #log4j2.logger.felix.level = DEBUG

From b6cd5bfa8d6fb1adb14ee15358d0f27220ddd3ab Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 30 Sep 2020 15:33:54 +0200
Subject: [PATCH 147/237] Protocol cleanups

---
 .../idscp2/client/Idscp2ClientConsumer.kt     |  8 ++---
 .../idscp2/client/Idscp2ClientEndpoint.kt     | 14 ++++----
 .../camel/idscp2/server/CamelIdscp2Server.kt  |  7 ++--
 .../idscp2/server/Idscp2ServerConsumer.kt     |  8 ++---
 .../idscp2/app_layer/AppLayerClientFactory.kt | 18 ----------
 .../idscp2/app_layer/AppLayerConnection.kt    |  8 ++---
 .../idscp2/app_layer/AppLayerServerFactory.kt | 34 -------------------
 .../listeners/GenericMessageListener.kt       |  2 +-
 .../src/main/proto/idscp2-app.proto           |  2 +-
 .../secure_channel/NativeTLSDriver.kt         |  7 ++--
 .../drivers/interfaces/SecureChannelDriver.kt |  5 ++-
 .../idscp2/example/Idscp2ClientInitiator.kt   | 12 +++----
 .../configuration/Idscp2ClientFactory.kt      | 30 ----------------
 13 files changed, 36 insertions(+), 119 deletions(-)
 delete mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerClientFactory.kt
 delete mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerServerFactory.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index f6bef2890..992ae13c4 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -55,16 +55,16 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
         endpoint.releaseConnection(connectionFuture)
     }
 
-    override fun onMessage(connection: AppLayerConnection, type: String, data: ByteArray) {
+    override fun onMessage(connection: AppLayerConnection, header: String, payload: ByteArray) {
         if (LOG.isTraceEnabled) {
-            LOG.trace("Idscp2ClientConsumer received GenericMessage of type {}", type)
+            LOG.trace("Idscp2ClientConsumer received GenericMessage with header:\n{}", header)
         }
         val exchange = endpoint.createExchange()
         try {
             createUoW(exchange)
             // Set relevant information
-            exchange.getIn().setHeader("idscp2.type", type)
-            exchange.getIn().setBody(data, ByteArray::class.java)
+            exchange.getIn().setHeader("idscp2.type", header)
+            exchange.getIn().setBody(payload, ByteArray::class.java)
             // Do processing
             processor.process(exchange)
             // Handle response
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index c220f217d..4fb1d8333 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -19,11 +19,12 @@ package de.fhg.aisec.ids.camel.idscp2.client
 import de.fhg.aisec.ids.api.settings.Settings
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerClientFactory
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import org.apache.camel.Processor
 import org.apache.camel.Producer
@@ -44,7 +45,8 @@ import java.util.regex.Pattern
 )
 class Idscp2ClientEndpoint(uri: String?, private val remaining: String, component: Idscp2ClientComponent?) :
         DefaultEndpoint(uri, component) {
-    private lateinit var dapsDriverConfig: DefaultDapsDriverConfig
+    private lateinit var secureChannelDriver: SecureChannelDriver<AppLayerConnection>
+    private lateinit var dapsDriver: DapsDriver
     private lateinit var clientSettings: Idscp2Settings
 
     @UriParam(
@@ -71,8 +73,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
     var connectionShareId: String? = null
 
     private fun makeConnectionInternal(): CompletableFuture<AppLayerConnection> {
-        return AppLayerClientFactory(DefaultDapsDriver(dapsDriverConfig), NativeTLSDriver())
-                .connect(clientSettings)
+        return secureChannelDriver.connect(::AppLayerConnection, clientSettings, dapsDriver)
     }
 
     fun makeConnection(): CompletableFuture<AppLayerConnection> {
@@ -121,8 +122,9 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
                             ?: "password".toCharArray())
                     .setCertificateAlias(it.certAlias ?: "1.0.1")
         }
+        secureChannelDriver = NativeTLSDriver()
         clientSettings = clientSettingsBuilder.build()
-        dapsDriverConfig = DefaultDapsDriverConfig.Builder()
+        dapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
                 .setDapsUrl(settings.connectorConfig.dapsUrl)
                 .setKeyAlias(clientSettings.dapsKeyAlias)
                 .setKeyPassword(clientSettings.keyPassword)
@@ -130,7 +132,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
                 .setTrustStorePath(clientSettings.trustStorePath)
                 .setKeyStorePassword(clientSettings.keyStorePassword)
                 .setTrustStorePassword(clientSettings.trustStorePassword)
-                .build()
+                .build())
     }
 
     public override fun doStop() {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index c230ce7e4..8e1ae596a 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -19,10 +19,10 @@ package de.fhg.aisec.ids.camel.idscp2.server
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerServerFactory
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import de.fhg.aisec.ids.idscp2.idscp_core.server.Idscp2Server
 import java.util.*
@@ -41,11 +41,12 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
                 .setKeyStorePassword(serverSettings.keyStorePassword)
                 .setTrustStorePassword(serverSettings.trustStorePassword)
                 .build()
-        val serverFactory = AppLayerServerFactory(
+        val serverFactory = Idscp2ServerFactory(
+                ::AppLayerConnection,
                 this,
                 serverSettings,
                 DefaultDapsDriver(dapsDriverConfig),
-                NativeTLSDriver<AppLayerConnection>()
+                NativeTLSDriver()
         )
         server = serverFactory.listen(serverSettings)
     }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
index d0de34081..2b840ddd8 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
@@ -37,16 +37,16 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
         super.doStop()
     }
 
-    override fun onMessage(connection: AppLayerConnection, type: String, data: ByteArray) {
+    override fun onMessage(connection: AppLayerConnection, header: String, payload: ByteArray) {
         if (LOG.isTraceEnabled) {
-            LOG.trace("Idscp2ServerConsumer received GenericMessage of type {}", type)
+            LOG.trace("Idscp2ServerConsumer received GenericMessage with header:\n{}", header)
         }
         val exchange = endpoint.createExchange()
         try {
             createUoW(exchange)
             // Set relevant information
-            exchange.getIn().setHeader("idscp2.type", type)
-            exchange.getIn().setBody(data, ByteArray::class.java)
+            exchange.getIn().setHeader("idscp2.type", header)
+            exchange.getIn().setBody(payload, ByteArray::class.java)
             // Do processing
             processor.process(exchange)
             // Handle response
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerClientFactory.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerClientFactory.kt
deleted file mode 100644
index f4e799732..000000000
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerClientFactory.kt
+++ /dev/null
@@ -1,18 +0,0 @@
-package de.fhg.aisec.ids.idscp2.app_layer
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
-import java.util.concurrent.CompletableFuture
-
-class AppLayerClientFactory(private val dapsDriver: DapsDriver,
-                            private val secureChannelDriver: SecureChannelDriver<AppLayerConnection>) {
-    /**
-     * User API to create a IDSCP2 connection as a client
-     */
-    fun connect(settings: Idscp2Settings): CompletableFuture<AppLayerConnection> {
-        val connectionFuture = CompletableFuture<AppLayerConnection>()
-        secureChannelDriver.connect(::AppLayerConnection, settings, dapsDriver, connectionFuture)
-        return connectionFuture
-    }
-}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
index fe4c81bd1..57628bfd5 100644
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
@@ -32,10 +32,10 @@ class AppLayerConnection private constructor(private val idscp2Connection: Idscp
                         AppLayer.AppLayerMessage.MessageCase.GENERICMESSAGE -> {
                             genericMessageListeners.forEach {
                                 val genericMessage = appLayerMessage.genericMessage
-                                it.onMessage(this, genericMessage.type, genericMessage.payload.toByteArray())
+                                it.onMessage(this, genericMessage.header, genericMessage.payload.toByteArray())
                             }
                         }
-                        else -> LOG.warn("Unknown app layer message type encountered.")
+                        else -> LOG.warn("Unknown app layer message header encountered.")
                     }
                 } catch (e: Exception) {
                     LOG.error("Error processing AppLayerMessage", e)
@@ -46,10 +46,10 @@ class AppLayerConnection private constructor(private val idscp2Connection: Idscp
         }
     }
 
-    fun sendGenericMessage(type: String, payload: ByteArray) {
+    fun sendGenericMessage(header: String, payload: ByteArray) {
         val message = AppLayer.AppLayerMessage.newBuilder()
                 .setGenericMessage(AppLayer.GenericMessage.newBuilder()
-                        .setType(type)
+                        .setHeader(header)
                         .setPayload(ByteString.copyFrom(payload)))
                 .build()
         idscp2Connection.send(message.toByteArray())
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerServerFactory.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerServerFactory.kt
deleted file mode 100644
index df0e56ed9..000000000
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerServerFactory.kt
+++ /dev/null
@@ -1,34 +0,0 @@
-package de.fhg.aisec.ids.idscp2.app_layer
-
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
-import de.fhg.aisec.ids.idscp2.idscp_core.server.Idscp2Server
-import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
-import java.util.concurrent.CompletableFuture
-
-class AppLayerServerFactory(
-        endpointListener: Idscp2EndpointListener<AppLayerConnection>,
-        settings: Idscp2Settings,
-        dapsDriver: DapsDriver,
-        private val secureChannelDriver: SecureChannelDriver<AppLayerConnection>
-) {
-    private val idscp2ServerFactory = Idscp2ServerFactory(
-            ::AppLayerConnection, endpointListener, settings, dapsDriver, secureChannelDriver)
-
-    /**
-     * User API to create a new IDSCP2 Server that starts a Secure Server that listens to new
-     * secure channels
-     */
-    @Throws(Idscp2Exception::class)
-    fun listen(settings: Idscp2Settings): Idscp2Server<AppLayerConnection> {
-        val serverListenerPromise = CompletableFuture<ServerConnectionListener<AppLayerConnection>>()
-        val secureServer = secureChannelDriver.listen(settings, idscp2ServerFactory, serverListenerPromise)
-        val server = Idscp2Server<AppLayerConnection>(secureServer)
-        serverListenerPromise.complete(server)
-        return server
-    }
-}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
index e53a766fc..9f8f99514 100644
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
@@ -3,5 +3,5 @@ package de.fhg.aisec.ids.idscp2.app_layer.listeners
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 
 fun interface GenericMessageListener {
-    fun onMessage(connection: AppLayerConnection, type: String, data: ByteArray)
+    fun onMessage(connection: AppLayerConnection, header: String, payload: ByteArray)
 }
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/proto/idscp2-app.proto b/idscp2-app-layer/src/main/proto/idscp2-app.proto
index eb872a6c0..dba4ce1c0 100644
--- a/idscp2-app-layer/src/main/proto/idscp2-app.proto
+++ b/idscp2-app-layer/src/main/proto/idscp2-app.proto
@@ -10,7 +10,7 @@ message AppLayerMessage {
 
 message GenericMessage {
   // Arbitrary header string
-  string type = 1;
+  string header = 1;
   // The actual, generic message payload
   bytes payload = 2;
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
index a07729203..d65839cec 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
@@ -28,8 +28,8 @@ class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC> {
      */
     override fun connect(connectionFactory: (SecureChannel, Idscp2Settings, DapsDriver) -> CC,
                          settings: Idscp2Settings,
-                         dapsDriver: DapsDriver,
-                         connectionFuture: CompletableFuture<CC>) {
+                         dapsDriver: DapsDriver): CompletableFuture<CC> {
+        val connectionFuture = CompletableFuture<CC>()
         try {
             val tlsClient = TLSClient(connectionFactory, settings, dapsDriver, connectionFuture)
             tlsClient.connect(settings.host, settings.serverPort)
@@ -40,6 +40,7 @@ class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC> {
         } catch (e: KeyManagementException) {
             connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
         }
+        return connectionFuture
     }
 
     /**
@@ -51,7 +52,7 @@ class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC> {
     override fun listen(settings: Idscp2Settings, channelInitListener: SecureChannelInitListener<CC>,
                         serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>): SecureServer {
         return try {
-            TLSServer<CC>(settings, channelInitListener, serverListenerPromise)
+            TLSServer(settings, channelInitListener, serverListenerPromise)
         } catch (e: IOException) {
             throw Idscp2Exception("Error while trying to to start SecureServer", e)
         } catch (e: NoSuchAlgorithmException) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
index 32bfa695c..4aeed139e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
@@ -13,14 +13,13 @@ import java.util.concurrent.CompletableFuture
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-interface SecureChannelDriver<CC: Idscp2Connection> {
+interface SecureChannelDriver<CC : Idscp2Connection> {
     /*
      * Asynchronous method to create a secure connection to a secure server
      */
     fun connect(connectionFactory: (SecureChannel, Idscp2Settings, DapsDriver) -> CC,
                 settings: Idscp2Settings,
-                dapsDriver: DapsDriver,
-                connectionFuture: CompletableFuture<CC>)
+                dapsDriver: DapsDriver): CompletableFuture<CC>
 
     /*
      * Starting a secure server
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index 5894bf01d..87b803e9d 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -11,7 +11,7 @@ import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifi
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ClientFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
@@ -24,7 +24,7 @@ class Idscp2ClientInitiator {
 
     fun init(settings: Idscp2Settings) {
         val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
-        val config = DefaultDapsDriverConfig.Builder()
+        val dapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
                 .setKeyStorePath(settings.keyStorePath)
                 .setTrustStorePath(settings.trustStorePath)
                 .setKeyStorePassword(settings.keyStorePassword)
@@ -32,7 +32,7 @@ class Idscp2ClientInitiator {
                 .setKeyAlias(settings.dapsKeyAlias)
                 .setKeyPassword(settings.keyPassword)
                 .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                .build()
+                .build())
         RatProverDriverRegistry.registerDriver(
                 "Dummy", ::RatProverDummy, null)
         RatVerifierDriverRegistry.registerDriver(
@@ -45,11 +45,7 @@ class Idscp2ClientInitiator {
                 "TPM2d", ::TPM2dVerifier,
                 TPM2dVerifierConfig.Builder().build()
         )
-        val clientConfig = Idscp2ClientFactory(
-                DefaultDapsDriver(config),
-                secureChannelDriver
-        )
-        connectionFuture = clientConfig.connect(settings)
+        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, settings, dapsDriver)
         connectionFuture.thenAccept { connection: Idscp2Connection ->
             println("Client: New connection with id " + connection.id)
             connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt
deleted file mode 100644
index f4b4df11f..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ClientFactory.kt
+++ /dev/null
@@ -1,30 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration
-
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
-import org.slf4j.LoggerFactory
-import java.util.concurrent.CompletableFuture
-
-/**
- * Idscp2ServerFactory class, provides IDSCP2 API to the User (Idscp2EndpointListener)
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Idscp2ClientFactory(private val dapsDriver: DapsDriver,
-                          private val secureChannelDriver: SecureChannelDriver<Idscp2Connection>) {
-    /**
-     * User API to create a IDSCP2 connection as a client
-     */
-    fun connect(settings: Idscp2Settings): CompletableFuture<Idscp2Connection> {
-        val connectionFuture = CompletableFuture<Idscp2Connection>()
-        LOG.info("Connect to an IDSCP2 server ({})", settings.host)
-        secureChannelDriver.connect(::Idscp2ConnectionImpl, settings, dapsDriver, connectionFuture)
-        return connectionFuture
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ClientFactory::class.java)
-    }
-}
\ No newline at end of file

From 5769984f9f3dd778e4d646d5991105c54cc45d1f Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 2 Oct 2020 12:36:04 +0200
Subject: [PATCH 148/237] Changed idscp2.type to idscp2-header for consistency

---
 .../aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt | 4 ++--
 .../aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt | 2 +-
 .../aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt | 4 ++--
 .../aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt | 2 +-
 .../route-examples/example-idscp2-client-broadcast.xml    | 4 ++--
 examples/route-examples/example-idscp2-client.xml         | 8 ++++----
 .../route-examples/example-idscp2-server-broadcast.xml    | 4 ++--
 examples/route-examples/example-idscp2-server.xml         | 6 +++---
 8 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index 992ae13c4..0f9fce53d 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -63,13 +63,13 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
         try {
             createUoW(exchange)
             // Set relevant information
-            exchange.getIn().setHeader("idscp2.type", header)
+            exchange.getIn().setHeader("idscp2-header", header)
             exchange.getIn().setBody(payload, ByteArray::class.java)
             // Do processing
             processor.process(exchange)
             // Handle response
             val response = exchange.message
-            val responseType = response.getHeader("idscp2.type", String::class.java)
+            val responseType = response.getHeader("idscp2-header", String::class.java)
             if (response.body != null && responseType != null) {
                 connection.sendGenericMessage(responseType, response.getBody(ByteArray::class.java))
             }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
index d4c665e8c..df4baeccc 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -31,7 +31,7 @@ class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : Default
 
     override fun process(exchange: Exchange) {
         val message = exchange.getIn()
-        val type = message.getHeader("idscp2.type", String::class.java)
+        val type = message.getHeader("idscp2-header", String::class.java)
         val body = message.getBody(ByteArray::class.java)
         connectionFuture.get().sendGenericMessage(type, body)
     }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
index 2b840ddd8..af4fe0447 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
@@ -45,13 +45,13 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
         try {
             createUoW(exchange)
             // Set relevant information
-            exchange.getIn().setHeader("idscp2.type", header)
+            exchange.getIn().setHeader("idscp2-header", header)
             exchange.getIn().setBody(payload, ByteArray::class.java)
             // Do processing
             processor.process(exchange)
             // Handle response
             val response = exchange.message
-            val responseType = response.getHeader("idscp2.type", String::class.java)
+            val responseType = response.getHeader("idscp2-header", String::class.java)
             if (response.body != null && responseType != null) {
                 connection.sendGenericMessage(responseType, response.getBody(ByteArray::class.java))
             }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
index f48147343..5e7fa02a3 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
@@ -27,7 +27,7 @@ class Idscp2ServerProducer(private val endpoint: Idscp2ServerEndpoint) : Default
 
     override fun process(exchange: Exchange) {
         val message = exchange.getIn()
-        val type = message.getHeader("idscp2.type", String::class.java)
+        val type = message.getHeader("idscp2-header", String::class.java)
         val body = message.getBody(ByteArray::class.java)
         endpoint.sendMessage(type, body)
     }
diff --git a/examples/route-examples/example-idscp2-client-broadcast.xml b/examples/route-examples/example-idscp2-client-broadcast.xml
index 870753e6e..20263637c 100644
--- a/examples/route-examples/example-idscp2-client-broadcast.xml
+++ b/examples/route-examples/example-idscp2-client-broadcast.xml
@@ -18,9 +18,9 @@
 
         <route id="idscp2ReceiverClient">
             <from uri="idscp2client://localhost:29292?sslContextParameters=#clientSslContext"/>
-            <log message="Client received: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <log message="Client received: ${body} (Header: ${headers[idscp2-header]})"/>
             <!-- Prevents the client consumer from sending the message back to the server -->
-            <removeHeader headerName="idscp2.type"/>
+            <removeHeader headerName="idscp2-header"/>
         </route>
 
     </camelContext>
diff --git a/examples/route-examples/example-idscp2-client.xml b/examples/route-examples/example-idscp2-client.xml
index e16eed49a..637511eda 100644
--- a/examples/route-examples/example-idscp2-client.xml
+++ b/examples/route-examples/example-idscp2-client.xml
@@ -21,18 +21,18 @@
             <setBody>
                 <simple>PING</simple>
             </setBody>
-            <setHeader name="idscp2.type">
+            <setHeader name="idscp2-header">
                 <simple>ping</simple>
             </setHeader>
-            <log message="Client sends: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <log message="Client sends: ${body} (Header: ${headers[idscp2-header]})"/>
             <to uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#clientSslContext"/>
         </route>
 
         <route id="idscp2ReceiverClient">
             <from uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#clientSslContext"/>
-            <log message="Client received: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <log message="Client received: ${body} (Header: ${headers[idscp2-header]})"/>
             <!-- Prevents the client consumer from sending the message back to the server -->
-            <removeHeader headerName="idscp2.type"/>
+            <removeHeader headerName="idscp2-header"/>
         </route>
 
     </camelContext>
diff --git a/examples/route-examples/example-idscp2-server-broadcast.xml b/examples/route-examples/example-idscp2-server-broadcast.xml
index 48bb1321b..7a57ca681 100644
--- a/examples/route-examples/example-idscp2-server-broadcast.xml
+++ b/examples/route-examples/example-idscp2-server-broadcast.xml
@@ -21,10 +21,10 @@
             <setBody>
                 <simple>BROADCAST</simple>
             </setBody>
-            <setHeader name="idscp2.type">
+            <setHeader name="idscp2-header">
                 <simple>broadcast</simple>
             </setHeader>
-            <log message="Server broadcast to connected clients: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <log message="Server broadcast to connected clients: ${body} (Header: ${headers[idscp2-header]})"/>
             <to uri="idscp2server://0.0.0.0:29292?sslContextParameters=#serverSslContext"/>
         </route>
 
diff --git a/examples/route-examples/example-idscp2-server.xml b/examples/route-examples/example-idscp2-server.xml
index c7b1d330a..eca646e31 100644
--- a/examples/route-examples/example-idscp2-server.xml
+++ b/examples/route-examples/example-idscp2-server.xml
@@ -18,14 +18,14 @@
 
         <route id="idscp2Server">
             <from uri="idscp2server://0.0.0.0:29292?sslContextParameters=#serverSslContext"/>
-            <log message="Server received: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <log message="Server received: ${body} (Header: ${headers[idscp2-header]})"/>
             <setBody>
                 <simple>PONG</simple>
             </setBody>
-            <setHeader name="idscp2.type">
+            <setHeader name="idscp2-header">
                 <simple>pong</simple>
             </setHeader>
-            <log message="Server response: ${body} (idscp2.type: ${headers[idscp2.type]})"/>
+            <log message="Server response: ${body} (Header: ${headers[idscp2-header]})"/>
         </route>
 
     </camelContext>

From ef5f8bbd384473d77c74ae5d2721264d30a3375c Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 5 Oct 2020 13:28:03 +0200
Subject: [PATCH 149/237] IDSCP2 fixes

---
 camel-idscp2/build.gradle.kts                 |  3 --
 .../camel/idscp2/server/CamelIdscp2Server.kt  |  2 +-
 idscp2-app-layer/build.gradle.kts             |  4 ++
 .../keystores/CustomX509ExtendedKeyManager.kt | 19 +++++---
 .../TLSSessionVerificationHelper.kt           | 47 +++++++++++--------
 .../idscp2/example/Idscp2ServerInitiator.kt   |  2 +-
 .../aisec/ids/idscp2/example/RunTLSClient.kt  |  2 +-
 .../idscp2/idscp_core/Idscp2ConnectionImpl.kt | 11 ++---
 .../configuration/Idscp2ServerFactory.kt      |  2 +-
 .../configuration/Idscp2Settings.kt           | 11 +++++
 10 files changed, 64 insertions(+), 39 deletions(-)

diff --git a/camel-idscp2/build.gradle.kts b/camel-idscp2/build.gradle.kts
index 018fe7b07..593841dd1 100644
--- a/camel-idscp2/build.gradle.kts
+++ b/camel-idscp2/build.gradle.kts
@@ -12,9 +12,6 @@ dependencies {
 
     providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
 
-    compileOnly("org.checkerframework", "checker-qual", libraryVersions["checkerQual"])
-
-    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
     osgiCore("org.osgi", "org.osgi.core", libraryVersions["osgi"])
 
     providedByFeature("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index 8e1ae596a..101924c54 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -48,7 +48,7 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
                 DefaultDapsDriver(dapsDriverConfig),
                 NativeTLSDriver()
         )
-        server = serverFactory.listen(serverSettings)
+        server = serverFactory.listen()
     }
 
     override fun onConnection(connection: AppLayerConnection) {
diff --git a/idscp2-app-layer/build.gradle.kts b/idscp2-app-layer/build.gradle.kts
index 8691ce2bd..fd361caac 100644
--- a/idscp2-app-layer/build.gradle.kts
+++ b/idscp2-app-layer/build.gradle.kts
@@ -32,4 +32,8 @@ dependencies {
     providedByBundle(project(":idscp2")) { isTransitive = false }
 
     providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
+
+    // Supplied by ids-infomodel-manager
+    compileOnly("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
+    compileOnly("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodelSerializer"])
 }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
index e8efefb1f..b09f83337 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
@@ -28,7 +28,10 @@ class CustomX509ExtendedKeyManager internal constructor(
 
     override fun getClientAliases(keyType: String, issuers: Array<Principal>?): Array<String> {
         val clientAliases = delegate.getClientAliases(keyType, issuers)
-        for (alias in clientAliases) cachedAliases.putIfAbsent(alias, CachedAliasValue(keyType, null)) //toDo get issuer
+        for (alias in clientAliases) {
+            // TODO get issuer
+            cachedAliases.putIfAbsent(alias, CachedAliasValue(keyType, null))
+        }
         return clientAliases
     }
 
@@ -36,8 +39,7 @@ class CustomX509ExtendedKeyManager internal constructor(
     called only by client in TLS handshake */
     override fun chooseClientAlias(keyTypes: Array<String>, issuers: Array<Principal>?, socket: Socket): String? {
         if (listOf(*keyTypes).contains(keyType)) {
-            if (cachedAliases.containsKey(certAlias) &&
-                    cachedAliases[certAlias]!!.match(keyType, issuers)
+            if (cachedAliases[certAlias]?.match(keyType, issuers) == true
                     || listOf(*getClientAliases(keyType, issuers)).contains(certAlias)) {
                 LOG.debug("CertificateAlias is {}", certAlias)
                 return certAlias
@@ -46,14 +48,17 @@ class CustomX509ExtendedKeyManager internal constructor(
             }
         } else if (LOG.isTraceEnabled) {
             LOG.trace("Different keyType '{}' in chooseClientAlias() in CustomX509ExtendedKeyManager, expected '{}'",
-                    keyType, keyType)
+                    keyType, this.keyType)
         }
         return null
     }
 
     override fun getServerAliases(keyType: String, issuers: Array<Principal>?): Array<String> {
         val serverAliases = delegate.getServerAliases(keyType, issuers)
-        for (alias in serverAliases) cachedAliases.putIfAbsent(alias, CachedAliasValue(keyType, null)) //toDo get issuer
+        for (alias in serverAliases) {
+            // TODO get issuer
+            cachedAliases.putIfAbsent(alias, CachedAliasValue(keyType, null))
+        }
         return serverAliases
     }
 
@@ -63,8 +68,8 @@ class CustomX509ExtendedKeyManager internal constructor(
      */
     override fun chooseServerAlias(keyType: String, issuers: Array<Principal>?, socket: Socket): String? {
         if (keyType == this.keyType) {
-            if (cachedAliases.containsKey(certAlias) && cachedAliases[certAlias]!!.match(keyType, issuers)
-                    || listOf(*getServerAliases(keyType, issuers ?: emptyArray())).contains(certAlias)) {
+            if (cachedAliases[certAlias]?.match(keyType, issuers) == true
+                    || listOf(*getServerAliases(keyType, issuers)).contains(certAlias)) {
                 LOG.debug("CertificateAlias is {}", certAlias)
                 return certAlias
             } else {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt
index 61f4ff14b..fd099e1f0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt
@@ -1,6 +1,7 @@
 package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel
 
 import org.slf4j.LoggerFactory
+import java.net.InetAddress
 import java.security.cert.CertificateExpiredException
 import java.security.cert.CertificateNotYetValidException
 import java.security.cert.CertificateParsingException
@@ -49,9 +50,9 @@ object TLSSessionVerificationHelper {
 
             /*
              * According to RFC6125, hostname verification should be done against the certificate's
-             * subject alternative name's (SANs) dNSName field or the SANs IPAddress. In some legacy
+             * subject alternative name's (SANs) DNSName field or the SANs IPAddress. In some legacy
              * implementations, the check is done against the certificate's commonName, but this is
-             * deprecated for quite a while and is therefore not supported anymore in te IDSCP2 protocol.
+             * deprecated for quite a while and is therefore not supported anymore in the IDSCP2 protocol.
              */
             val sans = peerCert.subjectAlternativeNames
                     ?: throw SSLPeerUnverifiedException("No Subject alternative names for hostname "
@@ -62,7 +63,7 @@ object TLSSessionVerificationHelper {
                 if (subjectAltName.size != 2) {
                     continue
                 }
-                val value = subjectAltName[1]!!
+                val value = subjectAltName[1]
                 when (subjectAltName[0] as Int?) {
                     2 -> if (value is String) {
                         acceptedDnsNames.add(value)
@@ -74,32 +75,40 @@ object TLSSessionVerificationHelper {
                     } else if (value is ByteArray) {
                         acceptedIpAddresses.add(String(value))
                     }
-                    0, 1, 3, 4, 5, 6, 8 -> {
-                    }
                     else -> {
+                        if (LOG.isDebugEnabled) {
+                            LOG.debug("Unhandled SAN type \"{}\" with value \"{}\"", subjectAltName[0], value)
+                        }
                     }
                 }
             }
 
-            //toDo localhost is matched manually to 127.0.0.1 for testing..
-            // automatic dns resolving via DNS service is not an option since we cannot trust the DNS
-            if (acceptedDnsNames.contains("localhost")) {
-                acceptedIpAddresses.add("127.0.0.1")
-            }
             if (isIpAddress(host)) {
-                //FIXME The server should provide a possibility to validate clients dnsNames against SANs in
-                // Client certificate to avoid MITMs. This is an open issue
-                //check ip addresses RFC 2818 (Section 3.1)
+                // First, check IP addresses directly given by type-7-SANs
                 if (!acceptedIpAddresses.contains(host)) {
-                    throw SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
-                            + "not belong to peer host")
+                    // Check IP addresses using DNS resolving
+                    // This check is *weak* and should be accompanied by DAT fingerprint checking later on
+                    val resolvedIps = acceptedDnsNames.flatMap {
+                        try {
+                            InetAddress.getAllByName(it).toList()
+                        } catch (e: Throwable) {
+                            emptyList()
+                        }
+                    }.map { it.hostAddress }
+                    if (LOG.isDebugEnabled) {
+                        LOG.debug("Resolved IPs: {}", resolvedIps.toSet().joinToString())
+                    }
+                    if (!resolvedIps.contains(host)) {
+                        throw SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
+                                + "not belong to peer host")
+                    }
                 }
             } else {
-                //check hostname
-                val hostLabels = host.split("\\.".toRegex()).toTypedArray()
+                // Check hostname
+                val hostLabels = host.split(".")
                 var found = false
                 for (entry in acceptedDnsNames) {
-                    if (checkHostname(entry.split("\\.".toRegex()).dropLastWhile { it.isEmpty() }.toTypedArray(), hostLabels)) {
+                    if (checkHostname(entry.trimEnd('.').split("."), hostLabels)) {
                         found = true
                         break
                     }
@@ -140,7 +149,7 @@ object TLSSessionVerificationHelper {
     /*
      * match dNS Name
      */
-    private fun checkHostname(dnsNameLabels: Array<String>, hostNameLabels: Array<String>): Boolean {
+    private fun checkHostname(dnsNameLabels: List<String>, hostNameLabels: List<String>): Boolean {
 
         /*
          * support wildcard matching of DNS names as described in RFC6125 Section 6.4.3
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index 7dbd62ef8..645ab9c80 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -51,7 +51,7 @@ class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
                 dapsDriver,
                 secureChannelDriver
         )
-        @Suppress("UNUSED_VARIABLE") val idscp2Server = serverConfig.listen(settings)
+        @Suppress("UNUSED_VARIABLE") val idscp2Server = serverConfig.listen()
 
 //        try {
 //            Thread.sleep(40_000); //run server for 2 minutes
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
index 7860b8909..0d569e721 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
@@ -8,7 +8,7 @@ object RunTLSClient {
     @JvmStatic
     fun main(args: Array<String>) {
         val settings = Idscp2Settings.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector2-keystore.p12")).path))
                 .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
                 .setCertificateAlias("1.0.1")
                 .setDapsKeyAlias("1")
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
index ccc809826..fbae5e457 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
@@ -8,7 +8,6 @@ import org.slf4j.LoggerFactory
 import java.util.*
 import java.util.concurrent.CompletableFuture
 import java.util.function.Consumer
-import java.util.stream.Collectors
 
 /**
  * The IDSCP2 Connection class holds connections between connectors
@@ -108,11 +107,11 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
         if (LOG.isDebugEnabled) {
             LOG.debug("A new IDSCP2 connection with id {} was created, starting handshake...", id)
         }
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Stack Trace of Idscp2Connection {} constructor:\n"
-                    + Arrays.stream(Thread.currentThread().stackTrace)
-                    .skip(1).map { obj: StackTraceElement -> obj.toString() }.collect(Collectors.joining("\n")), id)
-        }
+//        if (LOG.isTraceEnabled) {
+//            LOG.trace("Stack Trace of Idscp2Connection {} constructor:\n"
+//                    + Arrays.stream(Thread.currentThread().stackTrace)
+//                    .skip(1).map { obj: StackTraceElement -> obj.toString() }.collect(Collectors.joining("\n")), id)
+//        }
         // Schedule IDSCP handshake asynchronously
         CompletableFuture.runAsync { fsm.startIdscpHandshake() }
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
index 4ccd7cb32..de518b033 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
@@ -29,7 +29,7 @@ class Idscp2ServerFactory<CC: Idscp2Connection>(
      * secure channels
      */
     @Throws(Idscp2Exception::class)
-    fun listen(settings: Idscp2Settings): Idscp2Server<CC> {
+    fun listen(): Idscp2Server<CC> {
         LOG.info("Starting new IDSCP2 server at port {}", settings.serverPort)
         val serverListenerPromise = CompletableFuture<ServerConnectionListener<CC>>()
         val secureServer = secureChannelDriver.listen(settings, this, serverListenerPromise)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt
index 22795ad24..d6dcf934b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt
@@ -133,6 +133,17 @@ class Idscp2Settings {
                 expectedAttestation, ratTimeoutDelay)
     }
 
+    override fun toString(): String {
+        return "Idscp2Settings(serverPort=$serverPort, host='$host', trustStorePath=$trustStorePath, " +
+                "trustStorePassword=${trustStorePassword.contentToString()}, " +
+                "keyPassword=${keyPassword.contentToString()}, keyStorePath=$keyStorePath, " +
+                "keyStorePassword=${keyStorePassword.contentToString()}, certificateAlias='$certificateAlias', " +
+                "dapsKeyAlias='$dapsKeyAlias', keyStoreKeyType='$keyStoreKeyType', " +
+                "supportedAttestation=$supportedAttestation, expectedAttestation=$expectedAttestation, " +
+                "ratTimeoutDelay=$ratTimeoutDelay)"
+    }
+
+
     companion object {
         const val DEFAULT_SERVER_PORT = 29292
         const val DEFAULT_RAT_TIMEOUT_DELAY = "600"

From 7c46f93cc418b52d5a5fbd20ee0b57af8cfabf40 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 5 Oct 2020 15:01:42 +0200
Subject: [PATCH 150/237] IDSCP2 example

---
 examples/example-idscp2/.env                  |   2 +
 examples/example-idscp2/README.md             |   6 +
 .../docker-compose-consumer.yaml              |  43 +++++
 .../docker-compose-provider.yaml              |  41 +++++
 .../example-idscp2-client-broadcast.xml       |  28 ++++
 .../example-idscp2/example-idscp2-client.xml  |  40 +++++
 .../example-idscp2-server-broadcast.xml       |  33 ++++
 .../example-idscp2/example-idscp2-server.xml  |  33 ++++
 examples/example-idscp2/system.properties     | 154 ++++++++++++++++++
 examples/templates/example-idscp2/.env        |   2 +
 10 files changed, 382 insertions(+)
 create mode 100644 examples/example-idscp2/.env
 create mode 100644 examples/example-idscp2/README.md
 create mode 100644 examples/example-idscp2/docker-compose-consumer.yaml
 create mode 100644 examples/example-idscp2/docker-compose-provider.yaml
 create mode 100644 examples/example-idscp2/example-idscp2-client-broadcast.xml
 create mode 100644 examples/example-idscp2/example-idscp2-client.xml
 create mode 100644 examples/example-idscp2/example-idscp2-server-broadcast.xml
 create mode 100644 examples/example-idscp2/example-idscp2-server.xml
 create mode 100644 examples/example-idscp2/system.properties
 create mode 100644 examples/templates/example-idscp2/.env

diff --git a/examples/example-idscp2/.env b/examples/example-idscp2/.env
new file mode 100644
index 000000000..a424a7d41
--- /dev/null
+++ b/examples/example-idscp2/.env
@@ -0,0 +1,2 @@
+# This defines the tag used for docker-compose example YAML files in the current directory
+EXAMPLE_TAG=develop
\ No newline at end of file
diff --git a/examples/example-idscp2/README.md b/examples/example-idscp2/README.md
new file mode 100644
index 000000000..ce4704476
--- /dev/null
+++ b/examples/example-idscp2/README.md
@@ -0,0 +1,6 @@
+This example demonstrates the conversion of MQTT messages (using Eclipse Paho)
+and publishing via a web interface using the Trusted Connector.
+
+Documentation is located at https://industrial-data-space.github.io/trusted-connector-documentation/docs/rest/
+
+(c) Fraunhofer AISEC 2018
\ No newline at end of file
diff --git a/examples/example-idscp2/docker-compose-consumer.yaml b/examples/example-idscp2/docker-compose-consumer.yaml
new file mode 100644
index 000000000..c7dcf7032
--- /dev/null
+++ b/examples/example-idscp2/docker-compose-consumer.yaml
@@ -0,0 +1,43 @@
+version: '3'
+services:
+
+  # TPM simulator
+  ids-tpmsim-consumer:
+    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
+    volumes:
+      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
+      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
+    networks:
+      - consumer-internal
+
+  # The core platform, mounts docker control socket and route definition into the image
+  consumer-core:
+    image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
+    tty: true
+    stdin_open: true
+    volumes:
+      - ../log/:/root/log/
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ./system.properties:/root/etc/system.properties
+      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
+      - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
+      - ../cert-stores/truststore.p12:/root/etc/truststore.p12
+      - ./example-idscp2-server.xml:/root/deploy/example-idscp2-server.xml
+    environment:
+      - TPM_HOST=ids-tpmsim-consumer
+    # Enable this port mappings for debugging or UI access from localhost
+#    ports:
+#      - "5005:5005"
+#      - "8181:8181"
+#      - "8443:8443"
+    # Enable this port mapping (along with "ports:" above) to allow access to IDSCP from outside the ids-wide network
+#      - "9292:9292"
+    networks:
+      - ids-wide
+      - consumer-internal
+
+networks:
+  ids-wide:
+    driver: bridge
+  consumer-internal:
+    driver: bridge
diff --git a/examples/example-idscp2/docker-compose-provider.yaml b/examples/example-idscp2/docker-compose-provider.yaml
new file mode 100644
index 000000000..942890599
--- /dev/null
+++ b/examples/example-idscp2/docker-compose-provider.yaml
@@ -0,0 +1,41 @@
+version: '3'
+services:
+
+  # TPM simulator
+  ids-tpmsim-provider:
+    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
+    volumes:
+      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
+      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
+    networks:
+      - provider-internal
+
+  # The core platform, mounts docker control socket and route definition into the image
+  provider-core:
+    image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
+    tty: true
+    stdin_open: true
+    volumes:
+      - ../log/:/root/log/
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ./system.properties:/root/etc/system.properties
+      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
+      - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
+      - ../cert-stores/truststore.p12:/root/etc/truststore.p12
+      - ./example-idscp2-client.xml:/root/deploy/example-idscp2-client.xml
+    environment:
+      - TPM_HOST=ids-tpmsim-provider
+    # Enable this lines for debugging or UI access from localhost
+#    ports:
+#      - "5005:5005"
+#      - "8181:8181"
+#      - "8443:8443"
+    networks:
+      - ids-wide
+      - provider-internal
+
+networks:
+  ids-wide:
+    driver: bridge
+  provider-internal:
+    driver: bridge
diff --git a/examples/example-idscp2/example-idscp2-client-broadcast.xml b/examples/example-idscp2/example-idscp2-client-broadcast.xml
new file mode 100644
index 000000000..20263637c
--- /dev/null
+++ b/examples/example-idscp2/example-idscp2-client-broadcast.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+    <camel:sslContextParameters id="clientSslContext" certAlias="1.0.1">
+        <camel:keyManagers keyPassword="password">
+            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.p12" password="password"/>
+        </camel:keyManagers>
+        <camel:trustManagers>
+            <camel:keyStore resource="etc/idscp2/client-truststore_new.p12" password="password"/>
+        </camel:trustManagers>
+    </camel:sslContextParameters>
+
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+        <route id="idscp2ReceiverClient">
+            <from uri="idscp2client://localhost:29292?sslContextParameters=#clientSslContext"/>
+            <log message="Client received: ${body} (Header: ${headers[idscp2-header]})"/>
+            <!-- Prevents the client consumer from sending the message back to the server -->
+            <removeHeader headerName="idscp2-header"/>
+        </route>
+
+    </camelContext>
+
+</blueprint>
diff --git a/examples/example-idscp2/example-idscp2-client.xml b/examples/example-idscp2/example-idscp2-client.xml
new file mode 100644
index 000000000..d4d21adf0
--- /dev/null
+++ b/examples/example-idscp2/example-idscp2-client.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+    <camel:sslContextParameters id="clientSslContext" certAlias="1.0.1">
+        <camel:keyManagers keyPassword="password">
+            <camel:keyStore resource="etc/provider-keystore.p12" password="password"/>
+        </camel:keyManagers>
+        <camel:trustManagers>
+            <camel:keyStore resource="etc/truststore.p12" password="password"/>
+        </camel:trustManagers>
+    </camel:sslContextParameters>
+
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+        <route id="idscp2SenderClient">
+            <from uri="timer://tenSecondsTimer?fixedRate=true&amp;period=10000"/>
+            <setBody>
+                <simple>PING</simple>
+            </setBody>
+            <setHeader name="idscp2-header">
+                <simple>ping</simple>
+            </setHeader>
+            <log message="Client sends: ${body} (Header: ${headers[idscp2-header]})"/>
+            <to uri="idscp2client://consumer-core:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#clientSslContext"/>
+        </route>
+
+        <route id="idscp2ReceiverClient">
+            <from uri="idscp2client://consumer-core:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#clientSslContext"/>
+            <log message="Client received: ${body} (Header: ${headers[idscp2-header]})"/>
+            <!-- Prevents the client consumer from sending the message back to the server -->
+            <removeHeader headerName="idscp2-header"/>
+        </route>
+
+    </camelContext>
+
+</blueprint>
diff --git a/examples/example-idscp2/example-idscp2-server-broadcast.xml b/examples/example-idscp2/example-idscp2-server-broadcast.xml
new file mode 100644
index 000000000..7a57ca681
--- /dev/null
+++ b/examples/example-idscp2/example-idscp2-server-broadcast.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+    <camel:sslContextParameters id="serverSslContext" certAlias="1.0.1">
+        <camel:keyManagers keyPassword="password">
+            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.p12" password="password"/>
+        </camel:keyManagers>
+        <camel:trustManagers>
+            <camel:keyStore resource="etc/idscp2/client-truststore_new.p12" password="password"/>
+        </camel:trustManagers>
+    </camel:sslContextParameters>
+
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+        <route id="idscp2Server">
+            <from uri="timer://tenSecondsTimer?fixedRate=true&amp;period=10000"/>
+            <setBody>
+                <simple>BROADCAST</simple>
+            </setBody>
+            <setHeader name="idscp2-header">
+                <simple>broadcast</simple>
+            </setHeader>
+            <log message="Server broadcast to connected clients: ${body} (Header: ${headers[idscp2-header]})"/>
+            <to uri="idscp2server://0.0.0.0:29292?sslContextParameters=#serverSslContext"/>
+        </route>
+
+    </camelContext>
+
+</blueprint>
diff --git a/examples/example-idscp2/example-idscp2-server.xml b/examples/example-idscp2/example-idscp2-server.xml
new file mode 100644
index 000000000..9114d41d2
--- /dev/null
+++ b/examples/example-idscp2/example-idscp2-server.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+    <camel:sslContextParameters id="serverSslContext" certAlias="1.0.1">
+        <camel:keyManagers keyPassword="password">
+            <camel:keyStore resource="etc/consumer-keystore.p12" password="password"/>
+        </camel:keyManagers>
+        <camel:trustManagers>
+            <camel:keyStore resource="etc/truststore.p12" password="password"/>
+        </camel:trustManagers>
+    </camel:sslContextParameters>
+
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+        <route id="idscp2Server">
+            <from uri="idscp2server://0.0.0.0:29292?sslContextParameters=#serverSslContext"/>
+            <log message="Server received: ${body} (Header: ${headers[idscp2-header]})"/>
+            <setBody>
+                <simple>PONG</simple>
+            </setBody>
+            <setHeader name="idscp2-header">
+                <simple>pong</simple>
+            </setHeader>
+            <log message="Server response: ${body} (Header: ${headers[idscp2-header]})"/>
+        </route>
+
+    </camelContext>
+
+</blueprint>
diff --git a/examples/example-idscp2/system.properties b/examples/example-idscp2/system.properties
new file mode 100644
index 000000000..f9e88f63b
--- /dev/null
+++ b/examples/example-idscp2/system.properties
@@ -0,0 +1,154 @@
+################################################################################
+#
+#    Licensed to the Apache Software Foundation (ASF) under one or more
+#    contributor license agreements.  See the NOTICE file distributed with
+#    this work for additional information regarding copyright ownership.
+#    The ASF licenses this file to You under the Apache License, Version 2.0
+#    (the "License"); you may not use this file except in compliance with
+#    the License.  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+#
+################################################################################
+
+#
+# The properties defined in this file will be made available through system
+# properties at the very beginning of the Karaf's boot process.
+#
+
+
+# Log level when the pax-logging service is not available
+# This level will only be used while the pax-logging service bundle
+# is not fully available.
+# To change log levels, please refer to the org.ops4j.pax.logging.cfg file
+# instead.
+org.ops4j.pax.logging.DefaultServiceLog.level = ERROR
+
+#
+# Name of this Karaf instance.
+#
+karaf.name = root
+
+#
+# Default repository where bundles will be loaded from before using
+# other Maven repositories.  For the full Maven configuration, see
+# the org.ops4j.pax.url.mvn.cfg file.
+#
+karaf.default.repository = system
+
+#
+# Location of a shell script that will be run when starting a shell
+# session.  This script can be used to create aliases and define
+# additional commands.
+#
+karaf.shell.init.script = shell.init.script
+
+#
+# Sets the maximum size of the shell command history. If not set,
+# defaults to 500 entries. Setting to 0 will disable history.
+#
+# karaf.shell.history.maxSize = 0
+
+#
+# Deletes the entire karaf.data directory at every start
+#
+karaf.clean.all = false
+
+#
+# Deletes the karaf.data/cache directory at every start
+#
+karaf.clean.cache = true
+
+#
+# User name for the Karaf local console
+#
+karaf.local.user = karaf
+
+#
+# Roles to use when for the default user in the local Karaf console.
+#
+# The syntax is the following:
+#   [classname:]principal
+# where classname is the class name of the principal object
+# (defaults to org.apache.karaf.jaas.modules.RolePrincipal)
+# and principal is the name of the principal of that class
+# (defaults to instance).
+#
+karaf.local.roles = admin,manager,viewer,systembundles
+
+#
+# Set this empty property to avoid errors when validating xml documents.
+#
+xml.catalog.files =
+
+#
+# Suppress the bell in the console when hitting backspace too many times
+# for example
+#
+jline.nobell = true
+
+#
+# ServiceMix specs options
+#
+org.apache.servicemix.specs.debug = false
+org.apache.servicemix.specs.timeout = 0
+
+#
+# Settings for the OSGi 4.3 Weaving
+# By default, we will not weave any classes. Change this setting to include classes
+# that you application needs to have woven.
+#
+org.apache.aries.proxy.weaving.enabled = none
+# Classes not to weave - Aries default + Xerces which is known to have issues.
+org.apache.aries.proxy.weaving.disabled = org.objectweb.asm.*,org.slf4j.*,org.apache.log4j.*,javax.*,org.apache.xerces.*
+
+#
+# By default, only Karaf shell commands are secured, but additional services can be
+# secured by expanding this filter
+#
+karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
+
+#
+# By default, if there's no ACL policy for a certain karaf command, this command is allowed to access
+# without the RBAC. We can change this behavior by enable the following property, which means
+# if a karaf command has no corresponding ACL then access it must have one of the karaf.secured.command.compulsory.roles
+#
+#karaf.secured.command.compulsory.roles=admin
+
+#
+# Security properties
+#
+# To enable OSGi security, uncomment the properties below,
+# install the framework-security feature and restart.
+#
+#java.security.policy=${karaf.etc}/all.policy
+#org.osgi.framework.security=osgi
+#org.osgi.framework.trust.repositories=${karaf.etc}/trustStore.ks
+
+#
+# HA/Lock configuration
+#
+# Karaf uses a lock mechanism to know which instance is the master (HA)
+# The lock can be on the filesystem (default) or on a database.
+#
+# See http://karaf.apache.org/manual/latest/users-guide/failover.html for details.
+#
+# Even using a single instance, Karaf creates the lock file
+# You can specify the location of the lock file using the
+# karaf.lock.dir=/path/to/the/directory/containing/the/lock
+#
+# By default, the slave instances start but are passive.
+# If you want to prevent the slave instances startup, you can use
+# the karaf.lock.slave.block property (false by default):
+# karaf.lock.slave.block=true
+
+javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
+javax.net.ssl.keyStorePassword=password
+javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
+javax.net.ssl.trustStorePassword=password
\ No newline at end of file
diff --git a/examples/templates/example-idscp2/.env b/examples/templates/example-idscp2/.env
new file mode 100644
index 000000000..0dc8eb9ee
--- /dev/null
+++ b/examples/templates/example-idscp2/.env
@@ -0,0 +1,2 @@
+# This defines the tag used for docker-compose example YAML files in the current directory
+EXAMPLE_TAG=${exampleTag}
\ No newline at end of file

From f336a54efd720bebb31f33becb86c8c92127a890 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 5 Oct 2020 22:02:22 +0200
Subject: [PATCH 151/237] Dependency fix

---
 camel-ids/build.gradle        | 1 -
 camel-idscp2/build.gradle.kts | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/camel-ids/build.gradle b/camel-ids/build.gradle
index 50b935622..49d4a4158 100644
--- a/camel-ids/build.gradle
+++ b/camel-ids/build.gradle
@@ -20,7 +20,6 @@ dependencies {
     compileOnly group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
 
     osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-    osgiCore group: 'org.osgi', name: 'org.osgi.core', version: libraryVersions.osgi
 
     providedByFeature group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
 
diff --git a/camel-idscp2/build.gradle.kts b/camel-idscp2/build.gradle.kts
index 593841dd1..8b447239a 100644
--- a/camel-idscp2/build.gradle.kts
+++ b/camel-idscp2/build.gradle.kts
@@ -12,7 +12,7 @@ dependencies {
 
     providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
 
-    osgiCore("org.osgi", "org.osgi.core", libraryVersions["osgi"])
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
 
     providedByFeature("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
 

From a90f87c6bcec5b465d38f638d0bb156aae3a88fe Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 6 Oct 2020 20:56:24 +0200
Subject: [PATCH 152/237] Update gradle(w) and protobuf

---
 gradle/wrapper/gradle-wrapper.jar        | Bin 55190 -> 59203 bytes
 gradle/wrapper/gradle-wrapper.properties |   4 +-
 gradlew                                  |  53 ++++++++++++++---------
 gradlew.bat                              |  43 ++++++++++--------
 libraryVersions.yaml                     |   2 +-
 5 files changed, 59 insertions(+), 43 deletions(-)

diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar
index 87b738cbd051603d91cc39de6cb000dd98fe6b02..e708b1c023ec8b20f512888fe07c5bd3ff77bb8f 100644
GIT binary patch
delta 26193
zcmZ6yQ+S|Vu&o>0wrv|7+qP{xU&pp>+fK)}ZKK1EI!T}Z?6uCtKF>3+>b7Q$8a3;k
z=?&n+bKs5iponRd%jI35ARxHlARx>siR4%*il7((1uK)8y@{J!oa(gW@(&Eb<xUUQ
z^3Z1qpVS{lGB$RDT#=9(Nk5nvR6T+=<Zno`rf{W>VLvhOxk#E0z~5*_n$Tfk4BT1W
zh~4H^yI$w!jrIW$@8~{|r_Pqh9?;*1{Rs-h$o?FVSot<3yKX_cH33Wqgy&Ugow#--
zd$AFKpvAm7vspRndDP5Y*{X$rg0EvCe9(Ow>lBeyGY!V@xQpXomHjCWwMA-rDRPSv
zY@gq7;|J=t%N|R7799odG(V`K@OXpjH2q11r=-sp<?^cLD5gp;r3|dvF1@zyXxLXZ
zjW3O8(r|cd)xV|CV7lKosH(-`?DeTmD$SdKYxERzACa{x*ARg}4=f|(_F?x;G>t+w
zmn<n}DF~^80$YGm`JX02Q|KPBTY7FL<$op54tJuIxdU7K3TcRoXpD_squut0AzU^B
zm~XmlExhb&FE<xgE#&C;5lc-VUR_(=_K4O)$H39!Ti2O453%I>g+yzxXW&2lk&G)N
z-h)16N@V9eFCNeZrbSiuE44@1#kS@h5wqX)wgpxfDiThLBx=5wyP_q&uT8OO)g!i}
z`ony65!)LBh`yjIhNFW{%5vZka3CNsFd!fxA|N)P3^l}%ARrX~g&6-g&ji4>8oCzF
zKSH<7MutdMx~SkLQ5g_)<~Gen%{ZC`NJdbH)-9$<(ppE)OUsf4+q=3xf!CmpZ`c>g
z4Ys!B49{{P<@lMuM@Gi9cVK3-W&h8s0rx+luP@f0C2um4An0s{!;rApVwtHdlxBE$
zQ}-fiEaWDdk_Z{*`eS}<XNdsjcyBBUmbw0*hD$H8sG@Rxn6tqUG@2?KStqF(0XL=p
zMwFpHg$TTf%EnYo2?-LDiOg6aC`ov6s0Eb86h~JcYpZKk25xYLyPB6G`y1LMJ;Haa
z#sR{%#_mZ=+7emEd7DHCjmhei-5BQV+NfXLg;%;qbCNn^PbSlr?jUe*+0)+MJaqfa
zJMB7!)Hh?@o#nx?efYv7R>)9~03LOH#dsT^&c)G^Img%Th&3)4?O4Wq0Y&WfVC|VC
zaAQwCL*mCoU593J>8NRWao@R|t#I*_etEAkj;Pnx3Px?Zvdq$zVwkChuPxdoUTJ_f
z91pe6B-4rYiTj&D4-yF14*5BofspUDM3g|`#ZB$#P?p~-U9+h+Tp`mR<C^wMu%xcj
z6wTe0t10`OKHf3Q0=A=)Pp(@>xh*=&=&T*z2q>oXsGC%dWpshF`TNHT@_F>BTVa9G
zFHYaGE;{c#SSHF=YdV#s&=@2HPVty<YDkmE4Rd)>?i1KRKnHMZOfiniPe%}^B8HFW
z*b<D~=`kA2Vw4K<Vy-Ro^cN;8`n6H9j>JMvi!j9I(^KSPI$-KTx8V>{A<!OM&Uq=z
zK=66t7;2^8w1W_*s!9rj`Qd&?n}O7ztzq~FD`D;o2TU=wc}-oHs}tHyfzzTDAF%r?
z*3sz(t8S}mKmtYwa*#%cc2}joOYGqqXT|++{e#AY`gM35G3p4QCwh?khe5%24?oLq
zFeB^_B7=$V$%hx{=~$kH8UUNec5TGd8=E{yT?)B$gC*-`C93?q)v<>^SDH?XXHk2r
zl3KMvKg}3t6q5GEn_a9c#&WLtG*Z+HlGMW<(x+DV$pO_9MbEmMd(|gjX$n1RcRRtv
zDT~=Ns?nTUr{?a8bL%J`yhpBI_HJ=#J82CYL&{%*ODAh3aQ7C!&9@kuw2vTv^C5Jv
zw{IBtth8_1lePLj%=eb2<|{r*Tr*eZc-3zAmND82-Y2(LCRJAYureb+>#gbkwS;}t
z*dnlaO#wXPiqx378QPITyhU~VJF;i9bY&O>9`a<{Z=?tck-b5V=Ao(5iSinj^|JG0
z^Mei%8;vfT5yjl03`{X#`7o70WDu59Odv`qB&Kd4C_bQnCkPF-Z;JgZ^g{2~-?;k+
z9+d0E@fT(gQ5tY0OC?v8n)9lJ>xx!1rO|MAC<Odw{=saQeAD?Bf8WQ`4VeX5lk}#P
zlJgpQYqdx3nhjbf`d~?21kA5i{$qZw7mNP@#8O3mzVsBTU6i^pi|j@qJr@-O^2CzI
zBS<u;esa5@P)7HOF7A^fqVAMp|6t^C;TQMJ^piVgfy5i2i(i<PYM)y~E;c(+pq#?z
zQ3QH(PL36F3q$)f<kH6ZWqMhQ#T##7KPX4?kHSL}LnFmK6}vKV_sR>zpKq&HkF1K{
zFMRybn|7SN@1S0)$Tgnp%zhGmU0>jDj(qPx9cd6`;(p;9lq7up`hoX{FkphHyA0DN
z5*0_8Cr`bKX4N+FM+NK)D;S+<e98_<w+l6t6|I2lITTznaXAPwIu57+#0$hY49}$b
zPCt**CAj&~otIkJKadnVs0YL{a55Qw2oR7B=>PQe|0pN`4GS%9VQJ!F@1AmvLj;s*
z?5g2wVEo&)=YpSxQkAAjZU5QM2_ajp*;-oX5M*sllctPP$Cq)!W#4miWC{L-|8byZ
z^iiy&Xyktx3$vQ_qG0ub{r0Drov-9Lg!p(omOcL5a7e1+=Q3+nuHS2}-`t&-(97AN
zF!4V4J;ELv>Nxx#>p@srsIrMn3PoV;Fg0q~y9pFFHz~V?YR;q*bQp&<k@G$|ipDTL
zH!J8PbHYSD`Uz?bL7#<X4#lO{Rp$+X&}W{xVp@oqm#pvPDGc(k;%O?=q>>(1D%FPs
zC*IM^c|*^YFd>8K!*CNjO?IyyVo0Oj58J=V+HZAg4EGQ_44<Wu;IN?8fFIzQbr$M^
z4;l}?$ufmO_Mtr5O6@RkDdH2R|CABBPAuoW!|Y-o4bT%>PdzlAt7maXilOhlg5a01
zY;<L+6GLiHhv3cKid!%G7b#gLlWN;8IuK%OVIALNp<-$+bJp-Ek?$#y*w2wP9UDKD
zi(p7M34#!ZoP%2|F<(|FVhD7e8pqS|PZ`%kXP}mZD)(}YVcX(TQ)qehVfHe>8K$cR
z`?@05v}ykdXcpLFzwCu_^1Ix5oA^_#4P!q~iRGZaX}VfO>ocM-TIR_OVK|WIk=>*a
zeNESLpfO2pCzrnXhvy4zVJJ|)bs@SBYiq&LgqV+kKtj0biu*n~3>Ls(AQ(f9*~_s)
zl-KPHr3GJJdZbJ9z~4gno4QuCR6$+sXgnW-SR$UwdY>J(?y@<A-)VoK5I*zof{(H<
zid)D}1EY$sFM)LrL08qYGGM$T%&@xcHyc3>VzOw-!z29BZMAa@*>cOMvu0j;NRm&a
zA?dwChkQuKL|!${FHs;*>8zcvo{*&C&2uo)%+*>dx4mwK>fGN+2G`s+E+?FoDMB>o
zeEk&R)YUb-)hB0btx0ZnL88NiU<4a4`*dXC&pJay_*!BvzV5L3egZfJ^3pQHC8zFj
z6=tLQ9h+!XzlAle1MVUJR85LGy?b&&${lv)c!u?eR_HV5VGs~FMZC*XTEE>nWMNC4
zB-UE7S$o)*022^2SpSi8XR351W?e8S@6i^nRhZK21FxbQo=r|Xn3;a2gqkA9jC)ti
z1U4zFR*N)5@{VZmvX8drmAd;H`V9VYPp)`CJ<24J3+oWFOOh|D+JrBTtRrT-UNiS+
z(J%rlp)E0cuK~b2h31^v%*?vFF%$`yaX*844h@8tiqzpL`V|45>?UdyCevybaaT+l
zdZ{j2LANKlT=)%J%zpa;hj+KHasV#AP+j%_aV7mNFYy(I_e39m$ld%;hB{CR3NVHM
zs?_7ryClg9%EdjJGu<C;Rx@uTeRa|>)cCVf%af}^xD1`=ey;xTSwvKswhL}f-h0rN
zx$a-|8ICEr+~Tj<Xo)^U=F%lrS^VBBS{=8ub`hvp5FOF?6-uC96=pUNnotWr`}KdD
zw#9D68;1Xk`2Z9M2*>|Q4jJ&D%Al!W{4)^8UYCecR(m4n1Xox7yTqZ!IweY}ynJI3
zMz}L%pqst|R9anw=H*@%l{5QYAlsH-?qK4IOT|U_%?X}+&3)yyoEsv22Yx~r!!S#D
zFHjffGZQ^)k^dxFhZ09Hl^#$)1$%|<JRNXgx{K_LF@csO=p0{F0R_y+ew*os!XtZE
z!-A@Ti6Us2RhMTUBVZctqlE~TQe%d9M^@9ib;WUxYA3EQnY&0mhvph4Bc|QKOZIft
zTTWtgKG)q&=62OvmuDv`>>4LpawxEh+VJLRz_6n%#;LPdOiZ?-?QopPOR@$pf0U=M
zotnQ+LX;pV(2mBcz5(Tq6mtI6^{nnb0ZCeqdc2jimiO)`7S5L5d*s~AL(wwRx^y_)
zh#GRJ6CxyPN*6Zaw(!3)H6nkpJ5EKdx44c~YYcFRRlLrSK}q>QJLrKU+@6Erj&$a;
zqseNY2DlS-f#nv2LUG7?M@oSa$z=|r!z!Vove26#Jt4%MY5?-5EAFbS6yguDs?gCE
z(vc>HKlF#duyAd`Ef7JyP%dBGd}$B5LM>{YZJ8-rOT-4~#18)T(~5~b<g!U!XMLGE
zFEWgza`RHk-G|*GIO%Tg>G7eBFL@D*sXp~E2b)#Kj-6#_;rKFTcZ5;~q>XBa%9qtn
zh|*NK&npj)_X0e@`Q)Duq;*G(ix)9}{FJ(tBr%|Zl{%`3vm<3;ZTao!@JCy!w$Hd$
zeTsHc-QO?{AjJ$$xyVeeiaa(mIS{g>H~RWDd^7NrcuhG+n6;;IOM;Pnv9AXK%*F>l
zh;aH=_~cR-sWJe&{k3#sLEJ9Q;xpFrzQ!1IA($)K6A(HHJ78{YNzs2fS9t(^@rq2;
z%#zYDCmxz&BIxr`?~%}btlSLY*nUOqSIu}@IIZ6m+uae;rw{n@(ccR5i+I!DYr1e1
za(MOzHzGaa-+2Qi4lE{yhB?MQdUJSqM$cf$?F?6pb~QsYC}kb`SX9W4V`o%%*{zQJ
z64`;gk{^o`6(Of^2y<*)?pbt(p*cCs&QLrs354H|(M+Bl84yFLM>{4$a^t<&uOd2(
zDhK}WqM`tq3_L~#0nsJ_0U`b0qJjbbXWp&Th4scC_XtdYXp(dG5kaH82(=)@Kwe1p
zNKUs;DyER`6;Dj1)k)SGNDhTGJscIq$m5B>ort=n@wBIQ$t`!x`S0)~<-(*&Y|AE0
z)a`OzqP|LRKT9XHDk!b@B{%*<z#{n}+Pd8E5xSYh?X>6j6c1Qx`5psOT1Mo>jGwg;
zn#*@S7dQbm1brRiPk)Qw!Na~6#2i1!S>M_ZKFrd-N5lZxeU;03j1M<tjU^-R3+Brn
zq7SgIH0y8O#;-W*?=`WWOFy`;JW=4Ti0=a$nX%~3?_&Bn!Stg*{Ar%<D<;CQ6wtWX
zA9-?E{OqybL!AY@F95mc0-_J*52wXXC0_M^Kgx)GFQhn1SgK}-wniu|D85%vG@NOB
z1fC_B)HZKT!Zf50Tt#TLHcFhsBH9-_)YtA$WEa(|^cnLxMOEvD3^QkA#9OpE<iype
zv&)KgsPGDgrZEkR9%Yel&vorXwW@lz#HfAZrUKKPRDJ3S_W*>7M?Pf4N8dDV?~ChR
zl~dm^ZdlcjsW>`r+GpIb96^EutTZQ7HZJ;Ji9<b&z3NA<w2qoyvD3VvF#}P*nkfgm
z{qjf0wAV`io++=&UM&WDtxmDS0C`;&BJSGw%zSw~nR3p*v8aNWEw5SV51Ca`9}I3Q
zY{`@L)=OLi6Tk`N<<7}os-We_t+jTC0!j_EAJXeH(Je3M$|f<~%gfKYYof2(J+$TH
z5=PSP=rO77OgjD<@1?clmqa2tTski{jaKB}`}>;!9fm+SDzseGRa8}V!>`vLfEA5<
z^)ZQgMs(z0cl=&{{#-n$H4i7s&F>pR0-jaEn=80*K7h4_Idl}?F4O-j&+iq}!q|0u
zW>KXn0n?zIbBoRPGAVPB&EzsF)TGUQQbxPlc&8)*U!LeW9DyE}^H`oU%IDjfiRxVP
zcZm6`!=m@f-tdayub+@lecT1jHj$I7CX&YH9$FlZ&!uBZ_-j7{`7B}n<(LR^mFlUm
zdPXw&F#ypd4Z0KNnbu6!n+YwuuibHJChS6JgbF%iJ2%OW%yroEX{36{1($2+bB-&K
zC0J1^1xfhaH|c}lg(Z}>?KcTy2vs7B<ftZisx^t2v^cEEo*cg~s_FD&AT9*3xzJ3}
zV(gmvLR_{Rk9-l}Rb_^^_-%P~;$R9C<6<LMXaL?lq|t{J?_Z>`wT%jT2_Co)Dt-(~
z$*7abZzyD0vyDjXl<Fkb_lP&T=}w;5aI}u0VJeM@MbG7%mx;JSW*gv(F2nMhyvKuD
z(X46)jv;-t{7KEIP-4X6?lKs*=_i&U51%rWRS7sDn)dPky0<X)8ty^Ekm(52-x7x+
z+<+OC@>Msm7MuDfEld>A6c;^VEn_#?$SSettv}`*0^ICen24YL)KM7sp>Adr36Z)i
zLZ)C~O4l-Gf7j-`wbz!yKgf7>5oT>A5&2stuDEVk(Mb*S$E|S5S*`6RXM&8_DcsVv
zCK2jHYi|Stkg<Y#WEa~1=;n1}#=zB6`T+XxM9H!Ik2t$*H48e~9in9Z8M!|ux-)G-
zkq_17JK_d&sn@U)G!NU$&X3UWS0O?bGqF668BwUGgKS&^RA7lj@Y#+~UEI~pp^ygF
z<`hq@9oe&jj$GNZly>aGR5<bzvzmv(X*7R`V?}|9#!DtFKrRXtEka+4#1R#zN&?7g
z(Nzwh7<#WvRwNXz9g@VwPj~^b`9C1W?D<ipVNTF;v^u4Z4ZEXFvCt<samxopea{PO
zMKubBq&R+`Cys#&R6d{(uU_c*%9hAICy#kOvfQ)lwceun#!3g;fb&0+G6J#_!c^JE
zc>AN&9NqFZaeIZ_hgv4iEeNG!)WAE2;tZty`kUh#rx0T{i<$L(<XDM7xwHDQ-&^b$
ztI6v*?wPtcWV23HsDn60yq&#ku#F0mx3Ak}T#G=>pl}iOmk&Jn&`s#jtF66@s#y-I
zrs`Ym7<%r)TW;h`wil?x%EZp6y^@4kv#)JSw#ajW_F1RVu}r@b$DP>2UqH&8hkfa)
zgPn~tP`HoQzMD8L-$()v073u!X)Q$4`&f7(NRb`EPA>$p&-63+XPOTAUl+O`CVMBv
zUrQ*z96r#y(>OjwsSPUDv!=|yZT$0zP51zJCqSw3{3pOd>*?-nTsY6nx@rVd9r#ph
z^8SY>H;-e8C;6+TlQz|S9$*y4dPkmczn4<R(|mT9y@&V=U<Hq)OQ$SxE)z~u!+|T5
z4C7ml-aG%%$!``a$-Jx)Cp<&E_@)wwK!lZp^uwHCfeBRic>KLYdPZkMB5YQKCyx1k
zJU4XSsE4Vem=3%L+>&Z1KHvXd;|(^h;3Q!f2m$|_<7NAaA#5;^0T^^w!jQ4QL;le}
z*zsm?=EF;Xc)4tMRH8y4kh-rGShhn)F}9Mo8($sHHs?z!aFY1UepV8{ZGt?)QusJ7
zzf~$ngGIL`3tXTAjsF%C+r97MR_g|>aA)^c*OI<*yVs|9XU79XL4qJI26Uk7Ijv3x
zoINaggyd9a%t_q%0Ph8Ql54a^ty-n_TBVQcb?WVteFYzbIN`|xuv|=$?1TOt2d7n0
zl5X7BBE4qHiyuUa#im|F_P^ddNQq;Qd~V)7b~RAGgIK3?C-mhqFa+JRkpBJJtsb?Y
z62_+%!ETHm0%1<yN_k{3T2N4(y7@luUGPZ`za<EX)ZS|=1b!+_RbtqBz>mb%*fmFd
z-(YSD22!E5B|nk@2o@GOO91cOjR9JiitxXy-!;sEW|(do8;%0P&eP`;44pK7O*MhX
zdl<j}w#08~pY&^eGL~UY6Z*`F1aJEUC~uKcUMCUs!5Pv{<dyk2()Q}c_)(0IwR^rO
zfCR#cwo~ro15;NC9Wf>fBHfc!vIi~q{+{~Yhf~U<eqJ27xq`e;%<lnU5w7VBbfV#b
zu$tN$H>R<D+}}7|@U)vx;7)FybepVDHbdnSZol&*kYG10&^1>iRcY@<lzq3nhRK4r
z?_Co(4>Pkc?o3SCkQQg}E+y{>J{{cN^5EY^KdbZj0eL(u#c~39>G3r3`=a|y(g9VG
ze}!4C?0rHYoy*G-LX{VUGPp;XC>s6yOH$*fi2M)v$zDQ~Z-5?Et!K&4XKhzSA@f~#
z2D4gmA=DNBUoxh8<y>%ui`)gXJ{mzO;`Ka7Yro`3THr#>S{ih`Fm&Af_p<$IpA2`>
zcde1;fXK1=Y%7#s1`@e0{)Ze>eOIs%ZAx25fAtKS2&3m==&$*)WJQuNTkc$bqb}pE
z-|}i=Zhj)B^u#$9ue!%(%F|I3Z>Ea=V?a$?fMBd}<H*9_k9hd|ICeMw_TBpc%@SB>
ze1q9wcHuXQpXD!fBk-UaRsr3cun@5r2vH(J2asdupCZQXtO!W>%S8LAv!xe0kfu2n
zjW5_uuq+)vtGwrR=+l{QqF2kBE78!W(J}GR<%hyOSa^#KW2A9#7?v-EpG}|G-ghyn
z=?rspMd0U@OLxiB;Y?ZmX`qtu$BtOjBlV)!Sme@`-#+XmY|ZzS&1tu!IJe(QY_SR1
z0UV=l1SuTQ1Woeb)q8dM)^=&@D0MIY=odw=R}Ix1`s7uYSGi_ZR9?Ypz~{)8DQKuF
z;;$|^>WXy8;kVBCj)zk}goNWAo+T`+Eu^`)Rq5;Orj}=OtP(k(_`S?Ia*=lu&i(!Y
z6ky!UGfX<vXXlq&l{VXcKm?%C3sa`C0(qkUHfx)gT29gn-1WL5^rrC|7K%9-9X*tm
zlMijG@xzbG)LLuD&lOV|R#z7;+!PjF-vT9Sj@*2-K2kaA9=mM0hZZ>JmharkF3Z=N
zw|spi95hC)Z#|XX<D(x5)B4#8vdeQKIx;c@l*TZ1Gs^!Ilv6S<LfwsVtST*+118L+
z+=ewZ+Nyzu`zk70v;}D%X)#qcy`Ne0$>Fr~?^gLGr^%K#mG*CRRdI!@8olzM+?;<`
zmMBkcY<*15Y~<5?on)3RjW#`011xN|mi+U4bC%t&;oTcGP~j?Uw(l_<UVlq3D>ls=
z>}ftPt(>WqU$ooRt&WD#h(<Pi09%ya{n2~H9Tr=Cqe5@*4u+%!S>kUpTahm$0)a5J
z-Z=WZ(i=h)mcpDWFgE-@IdH`}B3S$|R`_jjI00_L3YJ|7a(6Hf0Ikg*&c>H}i8a<*
z^1^4vKTOgld+Y*{4;&xunXo&fUk)n(nZ7>(A~0v{k}!HW8=|4a&j(!xARx)<P>$|c
zhPVR@j{Nk&@@WnWOc#pdglpYbnqRa^G=aT%gEf}qea<hNFFp@?p?G-~&@g5a5e_q?
ze0fCtu=&6>-{5y=4?s%BNYdE!7oVS$dS-jq9^$`zdUjKX!{5-+8{58s{P6Lviq5&f
zzQ9h(E0*q;!DLs~tXi-I!aV7pA;bDB7h>Q7WQv&S-Bq<`n10M5tTIoGCSRX*<Ki@6
zoPxj28Ye)eoX9tc>XE}4<bt-ZV3;|7|Ad@H;PN3S^jWQpo|i%z*g+PC$Fa>X-yKG@
z*&4QX9KS>Qd^uW=HyX#d?b+Z|_#4p&jaPATz^QW<Xl!5w`X~SaObxeUZBT*fLl4?D
zUC)zRKmhCkn4pu!i8<O@josq@p03Il63{oV96zKQE8aa^4IYVXLltcJJ_&4^X}Xm$
z6!w1GL;fjr#B*kOw!DH~V2KIG4GqNTCJON*j-bT0rfpnBhW7;jvQ&x_<VD#|0dErI
z2!o&<yvlQzAbU;$9wBJoK{ZI4W8A)XAj&f?ZN~}-LR7genFbsJZ1|RTPi~deCis;<
z=n%_oDk~=a)MM}5O$79>2$6y|u52x5h~<_a*4PTBwZbROhRfpidY0V55XOH=QZt*L
z?wXbvb}pSCneNmv;npvM38FTjLG&fWle~TLgc1+1AD2J@-r>rMbW<j{FZe%NJ&RJ~
z3za`qaLj1ppp~(Zi&;W{{SJms4>HR(3<?E-yVH2qFJvfLzrZ8ofg-lDMn1ZE$NNI_
z{Q}7`l2kgG2+M6?mi~2w1QGd;`Ju5vBd{Y)$*ycfw~Pb%?4bf)VVNjcPXG%c^Iu}0
zyHh6TO(=qau1)+g)Xm$t!dsheMZ2H5^tt|n@9iy6+IAdPkEdkKb|<DxW>+UZ0jQw8
z5ZgwgvjLFKKD^9oT<5j>3@y0WOxmAzkAX#?$$^3yw3s8prBpU|GV=W*PJEt$__E@r
z`S<ZdLriy>tz2}qfA&J!S5F1Wi7fUqy*vAkIja!>mdAZeJkLWFEIi5V(C}TMXN&@V
zj#{qpaJwA^>(sLa%xI%rHzgljPs6aV<xcCqV7c9z%HVZpY5f#G{!G@1%^ZB_A*YE6
zYnTzIsXiYU`Ooy79OUtT+$Vyg33MM+z7~lsd4c$X+&qAk?Y98|T<EkB?SbxRNl$dw
zDh~zX$UjJJM3&c2=KuGxAmwfXuVn+L1`aOEjElPh76b$lD<zJc9q`5&$NYxQYpqx%
zD?-1u7Bc%mtrAKL6=O*XE8|S^1B}f1=V_}nv{#3zQ$jM2pd#gH=~mP-IzOSRVlyU5
zA5Y)w)$^Vh+W4e!PsMT?<mL2hQCA+f)3?@nA1;y4=OI0aW)vh`evv7AewFBG%gMbx
z?@rwTFC8647udYUJs<!%|9T7=*sF{-SL2Opcrz~d>0K4<r@kUPrmLSA!>sn;+ABIp
zuQB63*`WGhyF+hsmojX3a<7Z|dh7vbcsGv!>0JUB#7*nn5*_9p6AkHI6Wmdy%>ep)
z92}15`S_M@$U7q1>&W2ode_xEfne`?Ttb+ss&eG-$>$fH5bzVZdcs(H6oyFkfkhJ2
zUwY62^V&sX)S&ZfJmNGw;q5^Mk~pP+I3uP&`9a3N8m?f>3PXU5SD2nu=9@r>IfA+J
zjjX@)X!<QWxS@I@z5#aTYGZo|%SO1lp(5ZeY3_I4tyH(ytEa~u8jQH&Ma7@;&U^yv
ztEM__SL2X@6+n|ctNBl9pHV^uVvzFWOZ&@SdcCxt9#RF<bhDL_mY-8RU&Bw`<|<P&
z2HX~I_|!1`7x*{b*+AKvsFCEcdiSGDlRsDEN8##Au~!dY-Iys)42xFCW2#_sWaXR-
z9LASlE+v<-WypxQnrad3f(LV+S4|XgkCbopEbRW3D}cFFw<97-!<?DUk6ALOb;cmu
z401~@hnP{sdQD^<D(u_Lq+|@xQ8tAhM#;Ts(p_2HPwmVGD-I$%TTXOX!A<74-P?PV
zN;X?6C3I;=ZN1*2bNwkUv>vzOM-bidc2qIeh#Q>abJC@x<${icn`KprM)xE;qpkSS
z|JucpB7kj2oOa8B-r7Ruh=d?*aqcTYdc@#rq>#Q8xE5LNkn$PR`-Y6+D$~(X5QkUK
z3)eq)aPjpu>WI=wtB;d7loeZdCF`1Is64W#Ofa`qEBek>9wxW(>0(*7!kB?7Gwit4
z(Gg=8?0SZc;x|X>@MS+o^cebx=8&<8x2{&j1suO|vFF`5buf&7R|&Qg33jOwySf?<
zazki_QODaxRqIi;T}qOw`^~gsa_&6m>$vu7N(ae<BS&&Q$+J0Lec`<nOAVtZtr?S-
z9nxH^FNjx&4s$;+e*Ah<W{aS5yT^rVR&?7;uYm3JPt++q+<uD>zO#KJ>Q~BF13Rr)
z0$7K!w7&oXenjB`WX?|*Va<DV#Dt@Ync@erm8uFTTyaF<;d#tY(P8EXdPG(MiD48)
z8=jyFy0^CQ{euoLH-VX}<WnA^^FvSUIpx!|rJ`T-&j&dF9CwNAWy)e9TE>$7e`O34
zLtF`Fb~J02*(;X*%5<(50Y(ZST0aGf0h!-(n8&AzL*F`sMjW4*!1BEp?hbH}9S$7f
zO%LbIz}qGL&=^by4)<O6&EURE4qZOAibzODFeFlKhN!17Rf=FG-m;Xqc|@L9ycKU0
zsBg80CK%C-)NMu6bl>9Dd=%7S6^z|#^5wHVEB6bNV8dB3(#{<tzu^eE>y+03YSOj$
z1(#|0&|-U;@#j?3YNOn0BbCI6-El=66+Lt{i8c(al1Q8EO3eS}T^m!rrCJVdp@Zzq
zAiL<yswf>(E_PK2Ojap$H%gcM8Dvq220xmznRkY$W41^Al2d-gwOQ{Sffi;Tw#nfQ
z!8Ky6Fnp@zRJs|43%>a^AMi-vw|-SlWCSf+Wrc2Sko%DI7J60saN5_Sw>^miD=&7&
zN~fxsIWvtH-=lfmgMF6IcJ9%DsG#x2`>pAVb`On1v26P|ynUXy#+;Z5<mQ4h2X^Lf
zO36L`CC`{zoFHdbh=4}tqu+A)-XusEUZNc+wX`-xDYoZfP}qMmmyErE{bk!2ixkhd
z@Bu?ek6L=4daP6>sh_4inhVcjhBn8vLv@?^c7~MeNp3Oc8s!_1aYTuu4%I2R7#UhE
zeC1~&Ugb+8uBy5n-UPduT4!hS-A&I-y_EFkn`P7d>6W-+E(UwpwHWW~5!9Fl%rhU8
z4rN-lV^xZE9tstUT+<xDwM5QkKL}PlZGowDU1mUiRi@Rj_GLd)#5K{oq060w|5a*X
zd;^-(%bzvv_ehLM14=h+g${2iE)1+E82C&FK8e0aHA8-@bN(8y1-AJKzmj7@-2VKF
z!bAP-I5itVMd;aybFaUf;o%|X2a8G<2s^h#d%`D8<MgiV0xz<F!cKge`Pt;y4FOlR
zDwi>j$FGG_R`{nZSVEdIRh#XZ{{CF~w9=z~HC3Za?3cVIqLV7t-KNDDA(PuVk1EQP
z<CB=+Xsd!9L+rNr;B~DL4yE!4?><;!`;CMg(tjBc_oR_9o}$LsR%*(lK3;qJ$NpY>
zz2Q%SK2J9HPdVIxM|@u?$Ai{=N3RQx8WS(WUmi`K5tJ9V6@4gz0rWS$C?Nt0Z0;Dp
zN_9*dEh%Lz9X_yqMWoXnNtH!zgtATSXNv=2l;<=fNed&L!s?27>;+%8%xsZAJYAB>
z6*7-ODl4v5g<S&LOs{K@0dctUPW3p0v6hsTiMp)OS>{<l+TaaBut@!k%?tF`v=ob$
z;u)tF6aL_*C1)j9ys3y$qbo+R*+KaaYaH$bQxl^F;aI)!CTols*j9>=50{n>@`0v&
zL!{*eD0MShOB38PGu}00NWP}zz23BV?b-8LU7Sutt0p2PG4|hMlDSr~Ovdo_g{v;R
ziPuB~LwSn8jpVxkpS+hQSqS-OwkT{yq&tp9>Jy1O0r@%+1*(LwL13yrR6IKYRG!dJ
z5t>vF=!W<R-0`QCBM3#bTd+Sd<b%!>guGx>zusRaBza|PX_wgeTrm#&$9@d6;7K*6
z3e6;^pCyeEsw#~Bbf^@APG9i1S&_$v!%F-4<gvmE$fhy(*ABF8wpN>drg!~g!lGP{
z?>(t@{R9);;EhaY*k_PBL`Z*fk|?BYWDC)YXsX7k=SOzbM2c@%WY{Tj&s*u?F0^dq
z3*p4AojqtLL^ifH$GHBRj&%G|gRw}kkvKT^mqiZ^JjXwysjH#3$qGU*++|#Yukw`C
z9<vh%n5<sqihYSeaz#wBBIH`sBSZkQO19CUpg*fkrXVU!2$dEE@(WppyP~!{l;;(p
zbguR$23DQ-ZE_E5<N4>02-@ySHLM;e0%y&tyK0oqj2Qj>Fl+q~(%^o>dC+21Pf1y=
z9SBh)|AdSSszzwvjk$C@;k}$FRI3&YX1W~XYVK8jRjUo+ooRFNVsds}z|@6ejWB&H
zo{iQiz*G~Az7=mMsx-NwiJzMk=)7XcHKvoRulV<0mw!j(wZ}Np{EvkTM*{&N`#)<R
zWF{0q+s7Zn3-jN1^Eg8a=#sK1wsnrKy&Ll(UFfi=D60b+327)qY2FP|4rvSf^$kOi
zud+j(RNr-)Z-KT%*@nI7;@ICGc70BZnsriw*TgSs5&=$@+?%@$w5$d5-*aAHdw=_1
z|0>LVofk!b)(#1unSe7mChznn;^*XGaL302Sf!K%NvK1Sp(SkQr9Q5)QXLWZWWSAO
z=$Q}C%616O&ya9od*vm$4d-U_o}94_2TOV^deIt8leMP35r4xTw#k2VqZrON?~xqG
zd80S<b`iWDG0MMb=J(eTsPy&`u=a-JETa5AKJ}XN#@=HzORSSV5Zvk28u}~h4Zsis
zFoz+e{?d}@LNoZpCN|U*{_10VJIu?l!c>RHXo|9Lp+81ZSG7&FRaS8pQn)X}sTvE9
z8-2y&E;K{W@gb+OsLCsHxpuL%Q*$;yjJFmUTh_VCGv#Nao;^Fzmo4P6+GfOj1srPR
zsg<`)HXo#SG|j@XaGO@mRa?jd4EM7ECE3qIQ%*s#tLnCE-zC@}S*5I^><4LN)Jzvs
z7(Ovy+fmt|)3Vmq99k((g!1juobDEhgZk`E82CJ8+jRbGN@Cmc)iyuK&pOT6-u^~0
z?zVb&Q{|S|$`FExDI}z6!__sPe1qpFTF6w-Wr~OJY*`zQKHKz^TI+JLzcOfmL{)Kl
zJ5Oiy@1!;)n?)1Y0(T3g27L-^-p%(?3VBboNm_z;Qv__0l2J9;Z7)Y*yw&7QoN3rq
zqBZ*j|NbhQCiNUnQ@nIM@-fgMU0K1>HcT@Gms;}(PjPmb1ot;MCB9qyB&1@>L5;9_
z{`8ryhVDpDwIcp@l)FzNsW>FSt6C;QVyJ>5H~Ah!hu^|icE~1Z+HKCAyxZ-*5zAut
z$@jUliq9rz#UW27(F(*uio;<$`%+wYGOD&dRM0gct-U1syj0&lJ2Uo2%Wf>5W_007
z6|b14{7?m^KqM>Vwo6K|!bYtzJoo%?99+9;POxSx?M4v7<djyKF+mRik&YqeuBXdw
znq6lM_McY|ZNXTlveO>4^6m#O(70!z!t{^NnSa{CzL$VB8p^=*hcrsN=Y%vG=Y`xK
z;HDHPKG5@4AM9YIJ>-Y$kGX?|$WE@lrFjzy{2_S?@}s*(=Mb6lQ+hBV>zewlDzt$1
zjW@99Kp?Q{K+9Wx@c0dA3*K-1-X~Mcv{^=&HSruG_StDpNGhbh=ZF2Jbr1ciGMMs~
z5-fboEUpih8Ct1H?=VuWFkPjX({Vj%D_dwgUaZIg8`{muX_3W9@u$K6;Md_DT>en$
zz>>|KM}>lvlC_%Xrj~nX-p$Er3nje`^H}UaT1&9x!H1muqW%KVQWi7iX~L(xm}O|~
z#X+Z^p7)e&r;?wMZm3UN#ARz&eSB6w5T2aYZXTDbQsB?2PjNoZX_YZm@$&ei*e4@<
zA-cu+gUfi6DlKU&8_mLNOcm>F1jm)ZN#<ZHTh-!MXJE#4RXf3gzFU<e<eyZlbJ1qE
zYvU=lrTBI^kMIeA)s~~W?4np#MoYtgPD}Za^-MXd#WqLBVc6alp7))DcTZzRk1xH<
zC&nx*;wImWR;r|Cr()Cd8?q@z@oeFpgEPtMkL_Bo&s;V<X;Wn=lBjC371W`R3vH?L
z&k$B78jKkW$`z%3Ewp`&zIMe97llLcqV_k3RQ|PWD-Ubn630vXp%Z=$%-M=Lb8~>O
zzmg?7)MT_mL2tU;A-l)smN&w_S2{1pQ=5j1v$uP~ENtMAB$VcrcK=oTxtT$B+CQ@1
z&$A^a(@Ka)^h5oyrh0OJ9#gzHDSSme!!y-3XWzXi7nHjZG|r9HxX}HbNrSM@H~AmY
zl;6^9=(;b^Zt+UFk(}@*N9)52iLX64_U|w5ZFDiXM=}GaBCMv6LFw6*L_c{ieT5wU
zA*K3qh9dlg5ClEl8!d$LFUsxZkcrz%g_D<O23J2{?nUn6gh2j#|0BnWMUW{H6~MsY
z3rE~w7-#AVZ~UMJ{_prf13dH?N+mq>I7%&k#4`w>l747u8#01iJHoi4xrit81G*c;
zYb5(ZWKaogi(If@57k)E;!!8`<C;iZ2kL1~^f$3o7q=Q)rcu|=Yy_<M<(>@909<{p
z=s$mO)#Hn^uppRy@nfi*eXNEduoB3`4OXj`wMD-$aYLg5Z3?JcABCj9(eM9qE$;{i
zSr|+MQmg_su+tUt)(;V1Ix41MT9z{O4P?P%2=!FO2-SVFcG~_M0Mz^g>CJ1Y!FEQA
zHyFL{&h9x}E5uL`d#9o?MvjkrU*Wk$C8c(0X?SXAh`aoJc5Sh<Ggw;y^*4W38o@*%
zQ;6@Hl<=1Qgk!3YExyu0d-{*03z(>92J=H8jlQpnncsm)Idi-{nvpE5rUGUtD3?&^
zQA!Xp6!|>dyvmL-u7;{H{HUpYJ};Lq#^Xz%+mwJ?UNka<j5PU~_0EgcgS+14UxZ4?
zYUmwjXhqva5%S*v4t$E<aoBzG(8uG@JAT+*YS{e>*xdxQeq!<&L7B=xyjxRPN33hW
zC1xWWsfp0wh{Q7n;w8D<(WFFbCqeLtz;~2<gL<ySNFWIG0pleGIQrT7Q_n!2I9UE8
z!-V?<C0I#S@lUd+@MQhCAs(d6Qs8rv1E{12)?dyem*?gBfymAbS3BVcBJ9@#5S^Rh
z<zh7E0g+@^BE<R=5F2oe;@1~Pa-~Y3bqV1e>_rAf<{}UZ{%l{`lUH=;0FogcB@M+7
zsxE?(;|m`8I}S!ggq%wlmQTGYZHei386lY?Ua%`q$e#*X%Z4LVb0rqa@Ga5|!*P=i
z;_$=Yl*Yv=l4-5&pnFE#buT}@iT`i@WCJ0Y!XNCv9~b{YU7-Ji;v+M`05Xnl?k4v3
zV%8RBcK-vTq@@}tp^IRI@7r`3bnl8X29gx}%jwbS!DXY2;>g5ONief0+&gNAH#dGw
zIM#fVJ9RFI7cY*;F@LIzvA4+S$s%$n%+GA*z4G2|X6*_Cz$cjU5IMNZiG{YJGR?&O
zk8*mxXjgsC#2+%_ctD8CpSON`LoVB3lUDzceYa^FZDs;3fpU209hdF=4Xpn8npQIO
zT4$d=+uK%w3d1rD-_Gbke~nkY9ghyAuz=d7?)!HA-+za!Hf9Xf&!-R@Y$2&?k%^qR
z!mPql!wm6O7u)gvs+-r|tc+fJIw*NNz312HbK3vb>^z?k=mjd*=j5*gx7%q=HYW1#
zoHMT;s1<i@1T8Y}LJ+L0MJ@FrkTeL&gAd;@4|$>EH>@Hp-R^Ky`57IFot`W=QU^7t
z;cG_8#7O-tI?W}7uzG$bL)asLUI^n^6>`FE5#YIhLr~6dsRnqkSuAbXv<m7?H1C49
zlaW$69;HXA=mYE~WEMj|mPRmsUuj!ucNdeRqjxe6i-o(dZ|C%pn{?n%{Yy~EQ6EI;
zQ-Sq;Ae)ee=9re|=b)mY_9{e|-Q?rQ1|3rx@zVLmf1a1+RAgnkYlPLW=)$cXLL6l=
zPYHqX;rhwq5s%UtH320y#AKm@H(vQE9r%u++wUBGkpUo4iBS%e7d7EhY%oY}=8Dci
zu*n}G6<VUrt;loX7ZD4-H_o`>o%X4J)3@#~v?(nVQ@fLH9eXs5+tESnmjDP!C+z7&
zgB%)&-kK9JNw*s^M)Svlxj2@T5hHGyzeuRqzmV-4y+LEZM;2?M?z}vE>A&MAERIsq
zm_4|9w3ud?(4qh4YOqGMZUuapqlR)_{r~Rmi6@wI2?huV6C(%+$^RN?=>LzK(t-6?
zUtJZZZs|4gW{3)9u}6|7p*N8NGfhFEzyYIVKwP<!drXd<LEG<Tg*9lc!)&Xo)3yE2
zHXB?7*Huzj(`{|(>SfqE*wyvyV)q1W1qPNW{5$W@nxyc7dHeeo_II!6b;oV~QTROH
z?>ypP*BuTj<KZu88-V#-PK{(1cS$~}+?gP|Y6)ZVyp<%)Rr>gn=%_#dr<7zqu_<e5
z2JX>bNG;nr@%(;=gz%uHG^@hJC9(Y8zsRW2Mdqhmh&y(MjXqK7r9NtDPnW7M)|6ga
zFXNK8OX3g#+#{MHUMZg;Rl#(b4(aUFgL~{e(mh>VjfJ;IBCt1YSNfC-(vWuEB@zg|
z4$-M8c_segA*xMWN@hrW@O088avV-lcM^wJKwPS!jg%L+WS?9v^Jbr3r3dz@c)3~a
z(lWLU)+;!`UutHRX!~xk)CzIwvsd=u7`M;ZfDLi!AE=bb^%#a{gi$&>6hMv->X??m
zWus}kLsWWe57_RYo+$oKra~*tTXJ(r^mL;c@H@dxv$RMwBS3a0o7nZA<Z0)jrP~Bm
zoP1J6t&}?6Bk_pR=;?G4=$rE^^Jy5ngIA5sDfRh<68PhInxkJpI(@-#h&UCN7|lYM
zpp<(A(O{`}P|NxgHLk&Y3I9lDJ5utxd!}9RirrDy15hE);z*G%^7wOY*Us(O<7^=I
z)Lw_!w%x&L@7V1uH`|UV4;hDzpMj^LLcXW7YOj~%eQsM0>j8U+-Qk6^n2LK4ApdP$
z+_K!7X~{uVJ6EkZZJm&<A(+0n>!7O<XN$rPejAnV&0*5YKI=(tubn}Zq0x=lQv*dd
zrdu-P1JrMaGInufa_rtX#FQr|$<6*rs?=Ftv!qJNiR~;huW>zA28Ljb&yCQdq;A^e
z?`VDC`}TBGQeq6cLnieythuwOI3<rP)#%o2b+-`^qM^|oB;6xSBu@BuFWY*^?sw$Z
z(+G{kK8$lL@Y=hWl3TMhyKEbmeTIq%ljc$_fQ=+^e~+r;XX#>Dd$M}#X+kSHK?}`=
zO2TQqq_tFkr;cKIbix;x<@&AuHc*PNE{a)$vE)<wY&F*M&&tYvCM)IRnuT4S?i`y<
znK}Wd8HU>0$*F5HP0dP^Jdd`wdg%`T;q-y1O~&P9JR`&o<3>izFdsLFd_A^gxhlP9
zfMw(q%D9Geb&<4jX4_!;<dV&AkvPbSe<j$56=IShLS)HaP6xH8!4`c1*1A5%JzEC9
zSAY;KWay?E@!@xBT$(&N)#BO~^c{ZtAP3S7A#7%OTvD~B3|YKmdtAF<POM`XdtAff
zTM1r(&T#^(Lf=X&8DT&d)=suGh|YNeu;g32RPQZw>~84j7z`uPWvp#QwOuRSact(~
zHxk^QLiml7pvftjiW`h{jTnW4!0ll^@a$m~OeJ7@l$~VSU{Lok9<eGP(SSxzJ7-|X
zrrDH27eBFP8ozu1Q8KHDs{)zkGATY~%dYVwmfNpqmTTKyi#(_@M5YqYb6l++xDpb9
zm!`fYlBr%K*DmE<!sWh64I9PI3th*t1EG;wuD^qPv1dKNT8@@TmWcuxIk0wA=1^+n
zVcfp^Ic2|Zi+8KYrm%Gzm6|tNqw5<m6ph<n2h*!UA$))7C_y&QdWJ<$YSYDq8O4{|
z7`23J25UY-fQppUqSC{64RDqKr16w>>fEvUa%_X3ss?0O>_?HpgyOLDgdTWC@F|kX
z{Nyh7W(%uos@?Fml*tO=AWr%{xSW)`x=b&iMd|WYw~(qw^b2c{9t`LMLS`L$`S&2d
z@xJhw6h~hr3m>xTUDB^X3vfH?`fJfsgIL?(bZQMHDe4BnHwj1wlTDfd-U=hOlE!G5
z=4jW<)p0de_M9z2Sq7&b+P^XF+$nT1WA(p(BnuZkP=l_vi+dR<mYeEoA7u~jShy8J
zwfJCU3aGG}EGU=fbyzQwl`F2-F|{y%15`D=dlE|w>6Vj?7}Mf#uZY~_Vb^q<e6+*X
zT`an8AF;02l?V-()aM?+l6}fyo2s`)K2n3haLRo8<efm+WJQk6lWzu6L$j==PQaG*
z1Y*U5jb;pXUVC>Yp}i*VUR0DkWWVx+yKgMf`lZ*iUmj5*w1;n&;o_y=bEBfxf|UCQ
zN`Q7nAl||yUOy6if#xb*O8xpJUAJxpy-mRw_r)jeUc*zxyJQ?7Oim2#-XG<(_TJ*p
zZadNO<FBd73vZs&p<a<_eR$;S86syIjlX+;oNz+nJmD;?sq@cze||vZocS@s{hQ6G
z;z{Hi&NaagxA;NJ;~Nh!I2ZGenA<;al69+?i+GpJyDP@dV&YSp#Ghlt9D<Kdfgies
zWyg)DzG0!$+>QiBh9!HE&9U0oLrYu24nLj^@!Qc4k<1?(H)9-lx3CR!%dYhz>CCh{
zXX~&_^v-+UiSiPhf6amWLoY*8W03WEqRCMVHFZ!2%}Ko*#@#LZB>oz0eK^63xkix7
zwDdsknE^Zh`<|&-P_gY1_>*|$eVc{W>o&2Oda2yik7p4$<l@{h8R)uoi#{HG!1}qJ
zMrHXN))Ol?>s(_qHr$SSolZuwgWlAGg*Co<IS?Io%QP%$7LMJy_6<L@s|kjF+t2cR
zk<vyGsaa0i%_4{t5?%%dCzY(cjdneFddo&>uZ_Z(2OY%Jrtj<9IV?M3OuQ{iIf|~x
z+OCWNe~txonygr@9v+#y2&5<vs~SutF6aHR(Cb#L)ieanagL*V8AG`EB<x51Gt1K7
zUVh|BVQG1d0^1#-jEP{ik2lTsK>>OFY2d4Je)llU2N>-U1%Y2eMnxIhQRK&)ncRb`
zgHl%)N*40F(cQOsjH1!_2+(IRufIn`ayt8{pN|7Lhkrvs0;~Nj#xYzsd-GWHfDt9Q
zl8Vyz2bi+vw1PRM7>Qm}rKsit^9e~!XTE>x6PCX`P%9qh-2=mc`lps;{+O||%vRW`
zE3_)>o@j#9uE;_8JpA88Ozy*kur+)P@8{Tf!WB<XM>vd0`Z!Xf6%X)yzb2S%KAYzn
z?rQ+Pf5|}DAyI|U%KQ2!ejYIWOHAfU7xnVl>bq|aK#}@R`j^^tpV_Q%zE1JyOJ_&G
ztreXsq4K=^wES>~wCSJG2qCa~N&Kvo_ixMy3{ENcGYc!%lrXfJmz`lSHrZwJl6Z_=
zNUMIzH^pX5kKm`9OR}Egne*0~1*LE9@jft;w2EN+%=*AOq{7?Aw2aZAs-6c@dc$O6
zomi1GxZ^0H4Ca;nB7IApks9BRmBkfJb6#vB8+E-Z`eyEF)qU??AGEiYCp$>fwCY1s
zvv&_EhvL3@okqXsS;VzuTTz?q2YJc8MBR$F-jY59>8bS-6`H%J8fgf&Q&Rt#=M(_L
zAV7vpgL>ey?%X*2D14?^=Qk{@HMno<X;*iQRo%S}XKcgfBba#KDvqM?{k*-5yiZS^
z@=*PrV5q7W9^Z~a9PaoLMu}LD^LQ+<YU4#~Kb>vL&kHwCQ-v>A(8p8F)8y%R0?MD1
zBo;$)ZMMs$Soe+8MqZh+jAPj|t_y5veA>_UYumoK>5uaLdCKF)-GsmPJ(y(0n*P{i
zys<-v#V0j(cM>ICv&T<oB+8^XH7rSrE}?1U!n?@24Wwr$pwtOSFP%><nNTvo{^bLE
zg*xd%$<&@2gK+*mG^xm0H!03xk%M+uQhqWPvw3a)>EdeBw$~Ls1r0G?i3-TnPp`B$
zRxBck=XpH(i7~L^4z1umh!eEgtRz|5MoouBMTeJa>yFHNtlZxwu9=D3uMln^sN0{J
zKNjaga6V#rWdA)4t@RqaSN=$s^94t1i@Tz;o3$bJnF-4*olwZy9?s21?8%lzKwpZY
zc@lKhbN1Dm&eJGYR;}1jg9BD(H1sY)*D+lGBwrBd$h{P0$Ma@6$#ws<$_8ZR>gSwY
zJ*_vjPnewj++L(AbAwjtayY4c6W0(Yfh<l}8~ybKlpxEyvv_plZjoJ4Dnf)V!|5<t
z*FMfiQG3;lq@C2pnU6}`5Iq$5<73N)yl;Zr0(-DUW2SSsMdIyaeZVy$Jc;w{v4&1-
z9d+H0I=Ha`dOJqO&6+t4Eh$0t8MHe#lWAOwC?FB;WDfKW(iOBQUu#L|Pj7Vn*b~Bn
z;r~<ESBAy0G;PD;?!E+f*AOJQOK^9G;0_@y9^4k!;O-jS-JKAe;F{n;-aUEGInR^t
z$NTmCn5yo(`kI~D?wP9Tx<{N$@)w7%0Xn*&;C>R?bW5EmauaUURIxO?jIbEa=xA)5
zrlxc7qeYUm^|nc4@6e1Ao$yykN@x*-8@_p}bUmn)(DCP?ZdBqM!9$!YS;}i#&RQRw
z(jW5~!{0^E-Q9$IB+~P7snMnyzdv!?;G~ZzTHH=cwC`$t5MTFWEV&ukiLw=bpbLHs
z;w~&?-o?0Q9A!c%smUpND<kO{lTeS#pB&%{XI@!A)PR}5rt0G0q&YVFCE4NgJ5frq
z%DgAgm5me9EN3g$&9$)u(Z^7SP)n}Q`&NgppVQ^J4)NRX4>iYcO!w?lgLYc-F*c$*
zp`>mI6a?gQ6@$1t3Vr=8xxF>Le$ve~0~R{P9M>zk>p6Fii_@6eL)P^|pLMZ*cq8ZT
zRs@N6m7Nr?AjnqVjL8qbh)4=&>70@lIE_JpCQ5I-HSbWKD9&qFZB*W(g|vq}7n1SG
zxt2G^ExxnzcFez|*w~eP;&!werZX52sJ{5wlS^m*<=#_lSk{d<3k7<rkofwFzW(&H
zSOckYISwwC$i8Wd7e<z>imnI;A!m#?eq}DTrH*>+KD?X?&h@m?QK9Bhz5`T4>^h1F
zsFSSbI3%1+i}u`K76l5-HceoXiRtAR-ifN_vGYWZS~<h2t7Ozu(&7MG<oR`2&d%M7
zEM$~l&9qWoAnt}>?vVHMfMj!f;OPBfh8x`-l6FcwFKm-v^o^~0!Hfa%+63{M_!aGh
zVf9RWH;A5WgE-`#Z(^zBOfj9kH|dER6c@UO>GdG-%;`0~r0&heV$3h1hAh{9t7a2f
zoOe&3L|XVmfI~H4+?6SmQ5wVhtT4nIHVipER(0W4w80uT9+kOMZG^lt_1(_2AFPiN
zQuHmwW)(bUb?yS85C;Al>IeN`%vR0Aa_aG~72-XK3#%&2ycqhdc^?knE}sZ$gZwb_
z4Il6a-7R#8+Q`gI+hlj&D49gZC<-h6H15E%^oHW+v%IHB#+6>sc&or;fd|u2@Kuk2
zqV<Ya7qx+PRi{Q@4LSLBv)4>*-j@Nbm2ZIgh~9-xQQZ~nA86An7{JNxsTptK<hJ-h
zs)M5LX^K|aTuX**D;TcE?%_s8bI{Wr`fPJ<4#qswp@0|oN-d>PoK&blwV++LWv{gP
zysYMJMFRZ`3aTs5<13*|ci-%Yt>~ZzWECwI8=Grr-Jqd#TI-Gm)l6@@5S*xx&Q+Tj
z*llb&#HlwTK9VwRDT{mYIKFI}Q66VYJujH3eh9cv@QN`01Tekj<hm^DuR&13MEk5o
zzIgD&^eHp9hgkGbBXtoD3Ic-uY1@146|Py?zh<bAQ@~b;vI=9cgB;O*{=%W*mMGIg
zE70FfWs76CU(Bvr>g~Jz{b(M<mw6|JMArL))aO+VFJhp}R{9l#)K|B=a*lKb;f^=2
z1AXp*RYn_vBKvQ=ePMp^xqy`Wpml|1Nc7+jAMx)UfS(m%=GCLyJBgas0VEH<4zpMm
z0zQ?}7vR~so6_J~pB3+A4ab^p+bbg26!m!^7}lx*3q7yZBHd1~F+ys!tb-azfExx*
zqQV{0#$nRJ2FvdVNJDu;5Npb<+kDpjskghG2oxnhkW~mF{#uL8`UxVWe+3KMrMTd)
z!(!Zs!`_Ohy#nK?FD2alNY`_y0()R~F#_Ja;q!lly@@6>G4ew0e&Vovmhf&Maas#s
zJ3xw(y}%24W~f+{tQT=7TGW@*JG4>$P`iGArS?GN>xyQblbe(8C@lC3Rj9oCSs5P&
zqqIg!6b1E3ET99k#0SKRa^r&x8(QN)zGL>dV543>^OM+qK2G_7Z$c^uswYEU0y3<r
z1?Yl%Zs2@43?$sP<V|gT0-O_d&-0r6Y#o`|*ngE$ok#BeeDwo3I_MFAeM=Pf?3#M3
z)BW_uBB~VqQv)%-VnK@fc*HQYm`^q>_U_0z)1gLeFJ{8IW-_RpT`x>}pLXi24&E~Q
zej<a2=D03E0zFQvX)$AX|BYJ+0>vG+ObS{gx7NU|e9hyS_8ngTV)?}YTf8MGr1A_;
zR}3^PWz11xIFL#Jm{eO$L~z{;`mrPzkfbAAQLsTT90tG{{^^)rGUMpIm|>hi*F{h$
zA6#71A~Aa%G!LQ~5bYQJF;Lfc5>HASm_iTZ!9i!ajZh+!SRNM(JAYj45ZpT#<c738
zY)iz!D>4FIr@|7_KAVJmk8q$GUYZ@m-4kAw9e2~+llyKYuVa=-*)bRDM{Npg_oSmJ
zf27?tYA>Ct!dV|{1Kay<TL0(+Ho_+o#iAF{DnHV}djwF_?K}QY&nfGoFMwiD&=Mw%
zb_*I7I?mNw>ddiaajlw^n=Nma?4{awL?4(=IAho0=3cPy+o0MOat?UBd^v5Sgw0rF
zeV44FKMFnZbj%rG5W!w8ZH?ukP?Eo(m$r}M!P~qPjSzRl@Chhs5D$dLX*L2g#}He2
ze1epjf!-kS;CHm1<4)#qWECRfz<u9*OVjZ2w{@hZk1(`OH&`pSa8(2M%PugA-%AcG
zn<_5W6>yjsH9D3&oep@QTzTu%rY;Oi<h0S_a)#929&>}~a&^-be)0)hO|ebt<`Ld>
zitFSNYD~Vjo$|D0#vs>|cqu-r>SG-I5hHK!HsuUr+%?IiL)fg`vB^E=kY}z;N-}fA
zK-F6GYwSm*5nHAR2qMMeet7qlh#1IXA?;z61vCzv%Yv$+)Kq^vGIdtr{;As}dc^z0
zIqgKaal}w$EKNU4N!w3j{L7RFc7kwu(#8z3@8d-W3fXz?+%C?hvkjMHfIBq{ys>4b
zncycCgEw!A%S4jZpfWS-XrTlIEEN5N80YqNeFcqo_9g{yE!Mwg<%~Jg)%4<c<z;Xz
zXWb%2iF%9h90VNSGL3(5a#@x?7e7&=*x!K84jOg*2C6@nZ37_7$yL)uLuirC0pJ=1
zVUWtIT%QQ0P)0#?<t6^PCmfkA9?ZaN$vAvbdPe%dPW#nDhiKWAq6ko-F_!NI%p<+C
zhhBdfdFS|eS{j$D<?ZRycRUg3F`WYTtbiaQdrO1yHf>|4_jO77qqKcaUwRz9$#*tI
zLQRXc7-a|I)|28DZU~cIpA?_0pE7$G20=VM?5fG}e6}0v!TdW(ah!f{s(xH#GL<^B
z9a3x64X|6<(&!eO7iJCfnO>mh%aoW7>#>NktbW&C2x{GKREG78c%2~zM<@8@Yw-gb
zn%aBe&}lS318O6+z08?!54U>t^U~Fyu>$5=D$DXv9y@9D()THXBr#x|gbKD=wM{|v
zk4CSMI2grVEd=eziL2wl3ltkUf3LRDE_|mjGo^dc2p{3g64s6;^-yPyfMlTjNzsq`
z1vPo&pnKHO!&sQO%*q;FN480{;XNu<Kc<CdD|fG%fB2P`C1uBS-tv%_qoRo6lIlI3
zHbze09Bt{iNcHM8$uRpR)5^0_=Sv8qoyqJnLsY_2F@GwRK^n%NFH{=#-Mn5yNIBxs
zp`d7g2d3YS<A9Ph4?!dgctU3K#NL92dCN$=9?F>_=CV!cP>LC;iOZbf-E{_z^N=<5
zvl7`7=^XXc9yaneb7Hs2RW^rWTCI`z1-Q)xW6jTsEM4mYT*-D61b3fr&px!Ce{)Uo
z+<*FY`g#N4g#41=B)llVj;z?Lp%0c}yj0#3B`~?Tfd{c=W0}as)l3TD%X<)_Pc6}e
zwe+lJ2-=0;wFC!wY4*}x$Rg#KhNuV<3>MP}#!kr$Z`Cue;a<MU7G^U+WV^V?3u6nr
zGbJ=iaKbf0-(jkF)OZD1CuC%GNJ43dypzG~#}wuG>5>#_W8gNmzmmO^Y!Kt_f(45W
zg^%5AHwmPwTW_Z}_NK}50I(ZXRlcV#Tg$wF?R3}Mdw(^4_4UX0Rqxk<FDF-Dw`avH
zZvy>?$2GpUCNMJia5Tz5`CL}`S22h;+etQSB_`w}A7mS)esJ@#E%hsFvt|rQXtgWd
zlgu9{eida|@M=bmQ8bvA+n|05$vQT=3K3C(2u>AroHpa;zR0kz?kYQyq~0{OtA(q!
z)7V8+v&3U6#A%i~kZ8r|-lxvXtIow!y?nesQqF0UZhjzQS8da@sHT3}aj6~I*z5Bx
zV`P;{cZLIRQApsSN;9^LY7<!h=zt5&Vxmioi#f@V%wO(A-Uk<W-LEvqK8!Y}7ygJ)
z>3axDXreG?y_r1ez!26mH*_1Hl^oEe3pYKGy=|<S{o$mg)5u&{Qq-7dy8;LmqLH5v
zD6(`ctZRFreKK|!+dHyr6J!t}C;R1@tK_)1fF}HwVvI)=AK#t^#8Pf|7cy&BX0g-C
z-(geU`aM+WbK49yJ-=9}>48=tK_AuzjzJ?xZ44#tqgeNr0k8aZ-uevf1sWp^mM|_k
z))_U;gyQh<GqkOK7}S0$IxBHZnwB>>0`yKN`X>?*j+e|JQ6}Cc6_L%O_8{0xZjf=$
zLNJ1P?R0IJ(=SlVd{^bO-uk%d?2H`TLgJ;`;ysa{lBn#+9b7f-g*;K0>7hnD<>ox-
z7n{%EU1QkB@EwaE-S#c#9{W3jw;6uQ{bc5kSa?L$TkklZqn6;VzMPB(r=`zF5UpuO
zDx9KerivulEWiToRG<OyByA`$4(~18mvY3_Le&^0-1}mx)Ow_NKK9k-8;(SA-PpTi
z1b1yJ60P2qM|IV%uG+CaI5?mj*q>#AIM;hg%W%3FX0zN&Fk%R})%rIq9)oar0zj%O
zE+LuWs(4a7Oh*SxZaeUor}lhYDQ#tYr$Ty>ex*5HvA3z{LsA(i*T!lvnQrf^*%s?I
zGm=(7lv71+Wo5OuZck6DJC>Ft0&juuk0x0BHQU=HPRDl+*aXpU8w9)B<~G(qlyWu^
zE+fiet=0@$^A>72P6gK!juHy%9kkzG=DxI7B{+A*dFT1Myg;3<KJ<PQZa*Uki*|WI
zc|!s>K-*$`@`Jh!pYd){tTw87j%=(!!MJ_F>T_*<g9GvF7Nb_I<AT@F@eqzDS1rOi
zIL{wleJ(Bninq$lb6;6Ol#iw=pd9DKgoWUJjoXzO`41?*V|5F41pVG~pQBdveqrk5
zzMiBPTKD%r-3;PGgC@(<AlYtszNm6f@SEq7MW1`ss7yRHbL5u}mmYLU9K58z5Iapj
zgNjP!Pvw<Ly`t9ZtuQ+drS`U)s$irQ8>Sz}@pEOstYU*deJ)TEK}x?s9F*M@+mAhG
zifyCtE7cK96Tg>nDS>y&16y}#j@Gksr=1r%oz~6Uukp;JFFwRuut3ajL!&i=cUWXX
zE+UR6#B-I6bawD+IiF-D|5$EhFn5|4y$T%`L5$~0<7gd~Qo;=NQTZ$vicBgnFRq_<
zP=AWmC-XRatzcQ7JeL208T90tuI#f(F0Lw&#WL4?#4TwVaYdGo2#X{=h$>4lTX3FA
zh7zd>o&K&r-1wLMm6mf!XkR^=k>G>bt0y@%<aY@(YOEbC2x`Tiy@ix5*f<tGo+gWh
zOM^y?Io;)MG4Eoe&sw7cn2CUyiV2Nv%^VHH<f?r<z(XO!0imQ5UQkSxloY+z&{@l{
zG{d1v@B83$!D#RSb@K;?Evm#HX69M<LLwB1Ge2MQwaI^F;pRy)&#ahHvzZNCTeeU7
z0b|=vgr!^%#gwQ8>>uGTbc_nY`o15-5mnl5b8}O$6x6X##WlWZIiI7rMzmxLNrh)n
zFzL9(Z(y|19A{VR9fSI4meOU2Q!Zh3ew;od7+eYNAcQ&Idh?H@2H_UttWX#4t-JP_
z3+l+CBV<=mF4p*k3Br35Q43o@9zG$YcrH|WLGJKD+I@58RAGMf4jdzH9jWqdV}&ri
zAS|qSGybdP%fogFc3_JeC3ZEXGs@Q8v2{5$rL5<|SThx;ha|}kPXS}5P*(*d*=HA*
z_s6@FjePFK;deOZkTA(5ZlNvOP`KufU-5DOobquvCF|PL)eBy;Or+N|i`ql?Y_ty)
z=?hH#vxXZM(!50^3K@h&kQDsEN($yX04k1{jRB%txtN&SS+IDzm^e9ExUe{xxR}^m
zxIrWb$levQKGP9W?Pg=)3InmIU$Y9uLZimB{2&iuwCRH6)Cho`bEv@<)5PE^ZzK?d
zPz{T+GUj<0UM@=m99E6LSW+Y|vZ(CEMw7v@*b2?6q%T}fuU5B2keumb@nu?+^Q1$7
zsa_Ky_Dkm2c&20L8v(8le$UT8@Vd!0sky0UWyICRP$;oY39n2MZ}~#soS{sVz{YUI
zAOLr;+fx(Cw<w0FVi@3K@8wuv^H4!+vTMVVE}@wdOz{ea(bQL!EIMPf8j3o}(SfG@
zBR={I>aGbUO-n0}jwte(EVYrhl^iWNKAI-hSb>FEl?|qX;5qMv2Ab=rOd~Lw#z~}D
z^XD-q=cB?>Las6ub}i3YNg4Q!_96x;N;U#yWSwX}7gY7$T)vJpvoT~XwO1e{ad1^-
zdYws8lcL5FA2w>`%~uaeIdF~P747TYB^PS8_g{v~Y)W)l4OtIeEe%5zfk)<4bgWgV
zv7MO?D>$VI)2fmyHXG|rSkMV6<9m7S_8*aBhEOy16W}Im2P+huJHjI<XhTIqMOgL;
z3p73s4byX#$>hXvW<Wb@y=?$(1!DL$xCmaFz}Ev^-;VDvh^Ndgut&YY_O7zGh1_{5
z$oR`keOn^l2QE|6)a3_-FkX-@;6Cxtre=w#>lW&XzL!O12;Bme)#{qo2`Qb9hPrST
z*+%r#6QF(Xbj8m~hi$_8o|ZX6A0lSVEvLh;E^czQV$o_=c8{o$R8j-N0Wj`onsQzx
zdPJ%Fh>xUxvXYksj?FhK1>ZEOR=@e=!femqh<`4o__12Efo$^j110Dk3@dNTi#x|w
z{pY+$zXO)5V=KQdYpsT|AbB^o>38uSt_{`sD+H(?gP91C&-2fOP7SP!YjqBmnU7Y0
z?RKw7sgKD?S9Y+gpcW%Q59lL=Rp8eo*Q6cf-?-nw3U^;4on2VXw_TuR7e1d`3qToR
z#1~Nv-^{dlLfJe)tzRprHg!IWOU`9WYEE0@7~5f0+991Xhd}AomcZK6NvqR3p{z-W
zRyfR!N<x3a>L%?yq_BZmW`pGu^b1(gqt2kL?B3G6I^pw)^*7~`p{cryXNq|Xuv%oa
z9$?d?aG^VE-smOlwn#4?vF8%1=a+Q}+RJc2@`MZS3Q+222V8bWP@rEfM_{>Maz>hb
zJ?#Zd$TnXg)Ia({!=Ob)D&jms#+f?`6qMlaamF@70vgafc3D-&e2%HyZK<2(FOnr8
z--Iug^$mA@pRsHspI{hHLhubf(*=yTP*PhM!#vjsi0#%(Bud5QoPG}4BK5*0ypeG*
zT~gX*&)S;$a<WqY>$F&?{OM<oksl2Er%#+pW|y#N@|>YH!|`AW6CEl1l)je0av)j6
z1oBXsGN_GKe9%3HgyP$73(XGi+XN1O_n7u5dR{(cpeNBomSdEUZ>R~g<4TgkfM#>K
zk5oBv8c(^V+QezQ$&sf<Th;2DSwmihzAwE_uCqo@?r2)=Yk4UdU(MqdE9|qj5;5(#
zZ7tS1i<8T#!}nMeD;>(3C~g#UsW&-MD~~W(^gvxE%kIU?^sntX>6;bRnwQFKJF386
z^Vo*Hw8U|3v;~w;#gwd=QDKsG+|*YY1U*p4cJG2sru9B_9!yi{>4ER1kD6_Z%F>e*
zW@^#u6OI!V?#0h*6bS>%46x?im-8L1zC1`IG+&@w>shZ_`nb0{dewxKiOmhEtn3~l
z_JR-_n_Q(op7`m<Q1(rdj4-`mTCROV5zNBst03GX-0t{h78j}6w@7a#A%^aGpn!6Q
zmpKp?Xp*_rG8Fd~zj*t{N4Si;#2qd;8as~u$2;{4s2ncld!JUvv(!bLdU?xip%a;&
zH&ICHMjX@_o;9Xg#5`+mRl*Bbmaj73r$>Q!T&WFcI#N^oYr`)e`nkn-$#qb^OSkSh
z`BsWZ>Uhl)vfhU__{oU$tziTkFya%u=s6$2#qGO%54Sx&^+y*-6?lGMEWMXgB~2Ss
z++VY<CV6zNGE!D_c<tls9Qta>7vtP}^yh+8lx=8406nTbpv)F;&4h0Qd2TFG%To^|
ziGY|48+d7mY3GcYv&HMtbv!sqLN8Pa*QTXJRZW%aqExD*7M@(l%0~vAnD;w;b>yOT
z_p2|b;ik(U^yQ_iM4ohr(R5w_!mu_#iKWtRgC`*}@50`$*rwNjF<U{MAWRV_Q{;j5
z7;ppKF1{n{Jh(SAgpX-SaKSnfdKd+|;*e|FswzoNh}we5bku!90e<8z{}3lPg1aiY
zA+;?Ho1HIw&E*BfhBYcjHG7_V-A~sk?S|pPAiL@mc$H-JfskJEom|(pIzuY!TWNEG
zAhsJ!mO|+QEnP<;R~T&N4XPAld04JUmE=A`J*fx-sThO8CZ~mv&dq?YpQ=nj05Ggh
zMUge0NUEPIQo-;ZeHBHtjjbG)LtH>t{7xL7STPkjz$zmbUq&l0t?gSa%-KVT3GY6?
zk{9Ezm^Y2xR{BH0pR6BD8~stvmcAT(Z3(`$F_aAJG*0eCAy@j@LjADIoG_0*g{T&f
zDUs6-KLcmwjF6WzxoyVa&u0CMsG9Hs_dCB;d4{;&Iye`A?0cd*ISpBeNQ(t_j;8~o
z%>qFa+J~Mv5Ejc0-id-aX!&?XNoR?J1h;@d0nPW46%CS=_)M&*BXQ^jT<(^$fh1>b
zVG%MaPU6l4f~pmpKHo52Lig`pd+{B0aDfZ#0XFx$DYxt2Ja4aQK#xDKo1t_sL!x}X
z(d0vW%C|^MG4LkhNbFcpu{j%Jw;x2c%8G$F1EG;Zqa>G^^8tEyi4n#%09s}#;slk*
z5BGD)o1-OzPOwy*rpt_GBxgGrzbw8*ArM~nAigpkzCr#L_{rN_qBr07iO@*cFo3Sc
zpckz0kQfYcu&F+4i&vSXbyV4>$|6l+nV-TUe)LE$a_}tR9-1KyNM;>VYNEDhiJt}O
zZ8PK-_7MZ;$0brsj$Yd|<*!E4%^ERa-q0X2^P`o%6JN%=1lB->(@}B+#L0{TwOrki
zrf?do#n@nA(<6`hp>s4y7gcSV>gwLt^Hww#7*H+DTJW*1CEXIss=3bbau^DJ_bGhI
znjJTnH})i{*Rx3tU8QyU>=$atbXE%5j!8?qMEeNHMQ0LS%o?B<I_!yV{aD__AsJW3
z%2ZYOz`eS84n^pKfa;=gO*}`;@v)ND`{l<rGA=F6)JXD*1KnIu>mjnfUe5V?Xj&+5
zp2fY!_j;UE$*@b7wXe#?Yj!aqmTf{0nknj7+PcDKY4zaN4?%mo%nX%|Eqz>|82V4D
z{2xlk<=>3zkC9HFHj0+giyQKB<#->02~NqGsN2a+J_QrN`Tcs?*LOa#Ff>fIGZ-D?
zG}QIhnH)o|>a%eo|8%QsBT!}J=ww{}(<%K8DXxBaQu_&RYDW2)$LeB}bNJ5%d1TfB
z3*<a&&FR2G<m6n99vA(*O{oejP*|33mI8LgSK_6h5>||=3{|)42Lshgz3ur@BzaHu
zITsDB)x7fbQp<$qG+i}T?<I$C6+^Q1DVNCQ&GJ3v%Pci@YwFiM6rOs?3ZyeY_u;0{
z=-_PS*E&ta!XXEiNYxC>K`L+t2kJEh?{V8>c(B(oTM9~=+t7w`^?&>f0V$yC_Ou5&
zEqaqVpVm%FsKEWYEDCPMZIAZEZI4_-M&A^IJ9nl2+B(Ou^qF|9&SM^HZLxUbk^HUl
z1%=)V*4yk|_bz>0-(K_=+#K0EeGwK-L1gr;n(jiYWgIx&Vx0+a*dDGw&qN6eBKKrL
z5u9!DQdtSwep$ubg8f9J9f<gD07Vx<WKcPA4xD$gK~t+h;5q6_AxNb@ZY#paMN0v|
zm>T9X^pC5xrnw;q>SWFTr0YUOtf0YGE8#M=##f&Svwl}t5r2~SIi8VdlCf%It|-Z|
zxckB8_MXe815a15N?>x^f+<-Q<1F=1f#G1JRO-70qEOSYO`71BHjw{L<WyO^$;YyI
zSq!3~mRJi_`iH<<BaM&Z&nPvtB;^XOX_)n4@e^A|vi)h_XyIr5_bxsJN~EuQczhK1
z)2*4q3ICQaN>N*G&m`0^xyhZu75<@m61JWeI;?*Yp>oTvkmZfRGUxMAkX#oZ@xhP+
zQJGi&Old@MX7k+VpB|ue_jM&#O!aqetUY*$b8<UiaxE-#x~Dsa{0?5mm^^A9)WRoe
zEdIbc>l4J@nL(<!JVj~D@JTx3dy`mcl1dZ`Xj8V){#WV|OC0ao1Bh!e2*RGUDcAcK
zg6n(tqux8QY-VYzZDnaMVW0PZP4=N%d@XTH+QK@0#*)yhEi?n-82(VZNyzw6o;dwF
zb-@Titgy9S&Hjsi@`05%baebW^YJ}@%D|wCMxcAY^%=#s_K}W?_`1IrK?0vhdRMHj
zGp7BvxLZW5AWGTCLmd>K8ssIgL-`?4Yy=MF&=-au#{RX}R~UJjZ0^u{X^tG4Sg<R5
zgwBxi+LYnj{b_R$jb;7)wyS!ixbgr&w()=!E~4S-7IKpRl^aq)<LsnNyvSF&mE~X}
zr9hV`N@%Jc47eOa>)ln%9;F&bX_eQa8XNKZ_-@pZD4_2;QmXG;ee2+^vWfe=*G<F^
zL<ZsZtpe+6oRkMgjt?AwbZxRHg8cgQ7ee^g{po{FGd&>C%a0Z2SH+p5TUi-B<q)br
z#KyDDF3@bP;QqX39dMg(FTxQMXG2XL)Gf3v9Tk>SBmWqsa*5KB;MeDTDd2|<+SGFH
z{i&7cTNnAGDPvndVrTcut5NmIDVzX|)f$-h&T4URD3~!>yL3wvbSkV{$z3Y0*b$z5
zUD)c@&G1_$UnLY6R>-Bzq7{FNOH-h~Lt19a2H3yV<o#~`4Iei;s`In8c?C*@)ZnS%
z%ta}gXIvC^#qHgCIPDagN&n{O_%p3(Kj*NQGN);!jgIk7PBGata<u2y{XO**_rkyL
zer&VE^<FVP_-L5<LJ0Vfd_X&hH%kk7N~QwWEWp>(7w%%=J+a;hy~=9OYKiI^s_)8t
z!aL~_9jT{ihQUC3S{Ba3gSfvqV3t9?|8<9%X#V34o7vg?pRO>tb^=%*G)VOSetV&G
zh!4y@ObE33Z>D}oxBrxa04f-8JQW_~0}aIB(h*FsH#{cle;T6^e>Xxnslgn>1i(Mo
zs{cVj_5}e>NdEx;o4oq39)W-G&HiD8jQ+O~1vq^e6Zi**<{!W?tiOSX;G$7{@cl3`
zpp4?*s-J}TzYkq|gcy)c`MY|Rh#XSI2*_oCs3hQv5o+LnNH?IM82{+qf*As02J4S9
z0@Qhbn`e!Z0slzt`~&~?^=}XcD+c&+6chO0sTYt{?EjX6fO+A+frzO8ornS68o~$u
zvGDz0o4-zFhS=X$2w;gZc7U(eZ<SOI_4nEQ&pRY2D84`J=yiVs-;Se!7ZnJ>Ph*(C
zKVD+|0Y=gP8!Q9}HTx~HX_A7g#~A_1*1y$@aS1^D`@cm5u<FDs;J*<YNKaIM^mgI~
z_P3(>>p#f;R|w~yQV^iv{{IW;fQu%007>rPwFv=0zdIP+nhUHr$q0Do1rdqB`MuN-
z6%#x-NeqDc2zK@cf}bZv0m*(~(J2kU4d{1`z6&b2dx{Yt7z$CTz!=j6z&|2F{~Qiv
zUl2g|2?7!VgQgh)V-XOM9xU<^4ZJyx3H-ym{llg+`gg}{Gm-$@gx_M?3=i->Pq|P~
zLVw@~5`TlxW~BfZ8UKrqAptYYVuG#W|9f<uXa8<YjfecISw_HB?r&9bP6Pm3_*<+@
zA%L`Cf>-8<0no+2tIE=_!Hn~afTz;GRa9`uJU`&10^Boi2oR|TQ!J<e|CoaQI5eL+
zh#4hhMq&rd_k(qt>A}d0jDW3ih)4<k-xG-mc3UI{z)geW7A*lQGhm~BfxoT+@ZT8<
z(&1l$yMIbSK*b!`Xo(73KS8Yc*Oc{7DF}F;`}gwy-xHX!JRHPdfP&(MY)6o}Q+)m}
G?SBA$$wig`

delta 22560
zcmZ6yV|Snp6Rev_CbpeS>||owwr$(IC$^nTY}=UFwr$(k&w1DRviDm38@j8ns_LHt
zOQ`{?rTGD0zG}7t1`Yyp1`Ps2mzZaaktp{A4WKu+F?4p0R?}8TRY&`ZNjEXT12+~3
zj0j{$p$~6bQmbv0>iYGA?uU)YI>IPXl$_bz=z#P!ruQdg_fwI)ZiO#&WA)nN@>k?n
zB%kGT`ltX(Kn3kmI`jL*`tzml)4{d*KYnlr7=FsIy?}rpGGiXnL!#hat%W;G)s$&{
zsz99#4HQv<0YrmQ+mipe(48CPk%@_E6y-@@XB0TNc^&2cklescOq33!9gMrQQ5#vx
zI=+W`ueXPO$d<op-6Rc1PypN%5~sOF2zM`%6e%Wlp=5`^Ty>P;?W&b!I`{osy<~#L
z(A4=+{uS0<7k$!(YC&Jz#EKlFuFFHfC@}ww-=%XT_ZDE=fu5>o=F&gb-oEc-{+CDx
zSv$lyyl4XdGdr8jwIXe*J;o4y*f-p;gaMnJ@cC{wi&%7JT`XPjR#>l2I%)jM%s52u
z`=R_w;mLE|=@ra<Zh<B_stS_>dcQk(aPy&0r+8NaE0xk(exSC5sF?yKZ}1h)9Z<gn
z71j?7=vSA?cAx*kwtQkkeXhle!?bqwwzCL$a7R{u?O^s=RZgrE>ZRu!xv#fgQ4<x5
zFK;l?2#(Tgx~tf@y?Lb2DzzpP)?y55P<2Xas*uZu<y4%hmZCDO*n^5G=LlWKezNUH
z4P5ic@9V+Gc2`ZK9IaJZp{#fj0BFT`MoLQ^6jdD&pQ%jG(v$S_lQf4D+Aq2ybyRqI
zgvYdRWWuydm2Qdnj83-D^tHQ%8!KM0aufzZ9}<gocLT)HbM`Fa?6WY=Jm)nq+I)-m
zoPF~4q<us!J`2SH3&oU$Tf$JrzT+cmZs8ZbnJ;t}ouW~;DUtdIB|EGz0G4q#)<o)S
zr%Bzz3`7}NA1n3gY0D7wFj$Di9*t@k#I>E<F$1Z=mKV9gC*J;@?@nE~_m*?vcEL<>
z_)#~yCN`;+Cd{Maur-nTTQ8Ytc1-W`>h#t8bfU@Z6esXY6dEV?_u9QXrF&60o<=Q?
zmb8v#*HCR1=7in}C}LY<fDA%h*m|OdONRo+?XV)o0j+a5qwh^A-Y2*t(RN5we-C_@
zOLlGfc<^>$$*>9B0AEWXn|*zS*0xTv+hRrp?mXK!wf)VefZ<z@<+VIAL0eR1p|h0{
zPFx#83Ri@{%1XzPzSxAgttj0@h@&F%bYtRi=;yUva=fgh`)NcRFr4kivqhRq(=04S
zC$Jv31aTsE&^(2Cn#d!tZFY+Zib@i<Wc-j)Oi^I&VF7=kzIM^$s6~?Pz%Msb{sx03
z5|F)6g+)xqWCm79kr;&-U1>Ocfg0pAM;PanH;dE9DpG$QXMLg}e4N&ZKt{h<%S<o2
zh~pL=yuW*5H+MA#1m|zA;ygu(?jef>SkSY`TzlIO6#YZ;rk(H;MhujYyG!8qm(zNu
zeEHGmh}8cu%OCBh(`QI4&~MwPm5UnxfzIFSb!WsLg^Y+aOsVvfROlb>TqA7!Ao$+_
zX|zL@s*)Qfe+)kPee^jl<&r*r@8l^x5=s6QXBhHvthiY^pkVnOar7kN^cnW|k?G`b
zx%iVzW%Ez-F>0adQ;L&Gc=6{dLje9ZJ-!4rk69_!<wP8h;51$iI>G8BlAv^V$5>=<
zSD!%gqU89Sr#DZhk$=YuKXf_w^E6p)W?s4sI)Me0SE^Qi?hCFL!^NVoAP*Pyr-p^B
zJreWfY%h-jY6r4cNLmy-7WWOq=`8CL*Zv2P7!7p`KYVyqh6@S;BJ&djgynzRvKtCI
zk$M>mNLJRBM-@clZJ@K!ZPrk?6+I9Z*vNN_)Sq2Qi^D-lw31Lj>7SpGTVoxUW6sig
zi<OxX(GRlNL%b2kzD^2&XAyliG(XyMp5k@4J6gWJ=KrxVYz&E-=DK6FG^7J_k6>p+
z6g-HQGVzoWXu9DR_s8CNa0ox-*4z;9>=+Ij;Qu!mM?0Qj(5eA#eB0jDL9&3`jjA|M
zF+v^N+zK<<MksS8wvxXQlHk4B)NB`~5vp2UWaOYfRHtwl)}j^gdoV)fF}K=-4n<J>
z)=ar{C-`C@{-CL-0hBDHtbGPo<XS=%cO;m}Oyl7``S}A3(I_u)H#Z@=0}l3Uq_2Vu
zm~U!QH%a4$9NDoMYc7v?oO#IRlS7X}#I%%27~;&vBFEKYhn1bbUQbbAyK1BSl`H*`
z$#KNgLmJ7ZrkimErhJeWEe;p_-60cl5niVpo*pmDY~nQ#HvDMNus&y$YS=d+Dk*eE
z-(Rnf{l@}*=uzp*CTw>UX@_5lxy0B65E^$1tY9tTNSAnfy<`%$lL)`8PrrExV`G%B
z847+ysh#*G$nZz*M->ZLR25#&n-nfA_FL?80HGta86PhQk4_P5IIWZK9Zf`r&J`re
zb>{)mP^aTGpU4?5JzmeN6Y()J{0haYyvvsi$~)Lx8;K=oG2>#YpH#)-^I*t3`xwEG
zx9*86u43;-T;313>IW(91uufs-JJ}7QzZaIK^p8Q3<wAm6bJ~2AP8$SPi7AS2*_Xj
z#9U+wAWIY4M`u{`8<@N5E?J!4eQfKlm%GqdvgD4z9}h>B?lu`us7yW>bKB#Ql%HFx
z&^^4=UYC**mVz%L3o2lloGlbs7ogf{d>o5jBma3O;P0fIdq}A;rErB|q4mt)5b9P`
zC2_9LVt<rrf7J2K-0-^5qW1>(C+lwM*V6tn5OC6KUa``Vm$9sJe_s9y&-%`Z`VV`+
zezyhQhcE1xA4S;q;5GOyoS!}`kn8cKzzU!ZAbiyMGhn?W{z}=G4}{vC4)7q*SDDvW
zn#{?3iTt${`%h(3AN!^L?aLKude=VSMcYS|6;Kzo1nl<+175^G68!<TTQ8){TLwR%
z6nOj-UITGk^U`AV!Tm)NW`3JP{w1yWrG5FpD*Bq?Uqj>jCC>U?k@2lO$*yuAV%1%i
zVNaE1mm$>fCMr|*yJ!wcAL;#8Q~BdV>JP0^X|^Q0q$-jw3QG}Jn6**5lCeY;@nX7?
z{TLINJQfPfn3JaAm{ij_wXhm){ZJB6OJxnOX+HM$E5sy_3RkvG^b$9ZynZxETefX7
zX|mXc@z71VIb$xDZN*HYfJhd!f+pT!W2!YvijzvPbXry~n=|f-JSzwjx2da;rWE&r
zb8Fta{CHy~@5@5n9&xpOdL8q!xiu@zBGSu_ma$G=VLn}^kcWF0e)YD|SgHZYZLazE
zEb*OZ@t||8Xh$4ZEp=!u=sLW!+aLNiE!rVRSpE}70%jl)6&2yI>RhfJ)fTmy7sGvx
zzU}FualhI1Trz@@<EpL%?=7{9XjpbI0b200G4roOmP$Ey%H7|fwUVL@KFGvWl-oky
zrItTg+>lo>WJX(lg5v!sIJ9hlFQe&tT+ebkUO|HEW?j&HVm6NB#t(1OE6QUs@ynOE
z%b^7h@dwXD#y6l}iCTH^AR)t-{is`$c`240b-ymW@tjr${_<%IVo(M3@nRO1;^Oo#
z>yd_B<xWb-MK|=YHSWdrm}EHFI>PW?Op3vZv9T0uu{0G;gUN)XXPpQjr)GPqMc$J)
zUNF^|aj^H+IZ+*S+zQPtcQ|L~(_6i%qn0VhdF2mHky-}#A>rktV=6P4j&PPJA^*rN
z^^CJ7XYaWwXVjNzLVM4-lrBR<G;wTvKn!e6BB;N%Myyp+A&;*~a1=<XQY)m(cn7G0
zJA2J<xvUk;<9kQUqcZ~Z`kHB%QWNqxb4C&sM7AL|>?WZ^+-3G-1nv-<X$JeC`u5r<
z@?4~5Blt<OIqoZED<^#(b~L!vgJPvU;Nq~xAv&B*G>qA##ZfC%=Fio_;flIHTG*3D
zE1f`;_;)>4MX#WTGiBydts`G_%z5N2ZC5$(v}4Ss?r~Q0v|#}GE|TLm2~pkIs|#1e
zRXd*IRy7PqbQG%T){-#BT$1srvwU<MrjEy-1@+RkQKGyVG3(jP8aD$~hhR!p%}+W)
zBpIBOvJ7OpTBy{ka^@8VqQa~A0TFBmq(f+0>gJG~8aizJs=43^Wwd|P$dm^Mz^*70
zd9Y-QHx<Q`v77<!oRumoLfF*XQY(Un9b(hoeot7-MV$dM*zMTilWxiBOuH;KgFF`Y
z13788eUgABvK`C&J?Bs-lUO2m&3g4Ux>X8yZKv3amK*xc{yzDAbJ{lbD-waj^Fm?F
zI%YK;S=xT13Ce7xcR~f(P_itinZD2)Ls$mG7<z?>77HLp+erdJ+eswmPDiT`M7sST
zjcmARJq|VHL86AtS8AQ&kklAO*<rW1gx7o`&QCg@>6eCH>CKkV7j)k%9ZBkiN}+{e
zg;L76$|s^06KM&YXCzs_(^>+vlNyNhRq79E0tLg`2-N8W=d^|c!NnD+Y2-y*)k!Se
zt8<MJ12tereO6kNi5@k8rUc>P+2s*09IiOcBEA3&%ojNtCthhKjFf@PZa_|9J&Ad&
zfS4&34w(Ual*BnGl32VEjKr8HY-2@2>$XwsZ4ZG_m`-|7Lowb((4a9{vvh!LbETg%
zPOGaHf@`j>wR%QCjrTB15|%$URs%&@Ejtx9WdI0%Rj65NR<h}A67EkTgElOKIPMJ<
z_?J6Hm!1;p)TYwu=4>cxi{S&2pc(As6hSnCw49Js8}S(k7OI`LY}uyKm#W|12}ci2
z9O2dWc&F0oN}7UY&1>P^%+7p?lyvIri$j-r1fi$agg}sa1&8e7*WgE>RYz4~G5vnu
zRt$9NlK(CnDN18+6WK8?lOR47RXROAC3VG$jAIl22*bnW%DaC=iKo?Os%lG6Y#IbB
zO<GCq=S6QFPnjsCUJzLFVuZ9-vr7uBXuoi<$~GcZuF^z<uU8jpX05GSPq11~h+wgi
zyqy2Gr8(2OtK|`*rBdG2g@koahnFT=K>*Z_o_sbBZ$iR!ucAs`4`UaNWF*k)FfpCo
zB?I7O+DD~VrI*|HB4VdVdET8AOVv|&+okU9L)?X>D$J;mVlA`S3#MzyCYRLxJ-snH
z@dK!axlf|jPdQKl-C0MCzLMusMI+nPfy(o<`_RpgV20nWhO|e;4^8(hu%pse0D#7E
zeC;uggQ3sT4}WN{V^y7UL>>WF=hmA|hS`c#b>>bWb??S?U0P*&#d&zW(A3yS+FcPT
zL)U#}dM%Pw)S|GqHK<)&QB(RA!i;aFp`U=#wr;(qx-}6i&48#`?$tb~q<bGKb351|
zpC>7pcxXD3R6`V6F{XQ$H2rVi83>+L>HjHe$Dp^tY1yH8xIR#->}1H5+ooEroLPLm
zS0#LTM}f3WrN<?T91d-Ieh2>CU_6{O^(AdLVGN4%V5^>*uX1N8^=847uCz=(M9Rf=
zN?FOc!k;1IxvEDf_<OlQwN&Owt{6YKzq}No<7ptNdqnnMnU1E+>DyKc6@Ux+P=+s0
z2c>%DRastkD7!iDEMC>#;uYL4w_2ts+UBy}r+wFLGnCpR=fS9b#U%S(E^*kre)mn8
zjG1ec06=Z1n@y&RT1U8RJ~V3FXC0jkYwQ`_feQa?i6Wd%a<pw54s+5Njw<nU(o~%i
zdPK0*;Sz@#$?+{_ccDk80g`?1rxSWS=CbO$z{!(tRj^T=bXI~MPyBoQ{eK&AOn-rc
zpobaL6~|FVCF03rMiUB2bP=o|mO%!66+7$mk-WesJTsZC@J-DA`nb8(UR)uaq-%)7
zd}NEY7=mfeG}u$?Ozs+@CFw@ApXWbUwG_<vmQo46qB2a@8YtjI2CfgH-iREG_i3qd
zGOP3I>ke^zq7AoMUvM*Ph<c!n^{&Kl;BAT<={Bz27K~`ra{XggLf{vKPU~qpj0IDp
z!FAcJm}y+5=i5uO=f=dT2^Bf3yqZ#aBH}#pRoNA|Lw9N?^53{<i=>N|iqvZC^ANS_
z@Yb7bXgcUA-Y+xMft17-Fb_yklP;|?%q3QHg+#&2vZ3N5&4tPJw9RLPtB%M|?#J%<
zi-Z7K*VX{Sh5EA_;k8KqiSF1W%J=Ir*ouvyKVPdgA&3QTz`W~%d2J={@6eeWyc9&`
zn+VOy3us6tjm0Z#8<=;qx(s^#dAlIrJcpGL1KX9<-gdWdpdP|!%!Yl@qW{WZG5f5X
zm(>thnK0PDxhju1W^~1GF+uW#q2Uja&C_OXwMEDb71lO$d>^l{Qd85ddtRt4U)nxX
zU8JdXEkEO(&MUh`Erqik&%I3|=khL>gx(O4@Xb(zsHrS}CCvb}fX+;&sbI43+db-d
z%t(RL>i@z8e)oUDt!dfi#wT4e>@+{M-`$5~ATD=(<jb{B@4L2NxcaC94Me^S^Dryp
zuf7MZp;z0}Kig6l-e;n~R>BdcT<Uql=<&n|V`g^683$&uV(Q*vn6ui`w|L>C8M1#3
z&vS$$<`WW<9S<}9QFn}}m*0ow2xQo$?T&)HLH}C-V3gdt&TaK*BJ=$6`<qC;Vq_>%
z(i5wcsnr?azAuiokmZ39%j^g*)!o-dkw%YLzXU`9s!4Bb9~|C-V?ICm{c}WET|1+m
zYt@CV_4?&!)pDewe5C49rKz6ksZ@y;Jy5QNi%J`(s&690ODq!gDV{4z+ef3V;VRi{
z`+JxHh-}syKd@<Rk1c_J{-{WVhZ`o*^n+v>=eQ@WlCoft*wBjXma?O8Xu5DdJLIs{
zezP)PgxD(^g}kQEbkumtpRMr~bNdhZ)HSlsD~uayy>f=mkl${%*K%K%N88z&8?H?X
zEkC+;gpd(z`ljcK?uq#%rVw}gIg$UR1ulOA(XtII>+^RwJ`5pinUpkvzViKZl0NK-
zt(-2?cu$Dads{QU*mxGCXzn+ef)o|b1hMriX@vyyE{no0CNLG@&dB*&yaQdHf4B5|
z;y=OhR%0=-47i}(caK@vx^<1+260QxqSVl$R%FP#uNxGo9AV%cjvU+f4Io10SV9p1
za|cqF#=H5Gu^kP0=aW_(_jeA0YPhVhgq166<f&(qne{8g_dY+lCpdMs;5Q}?$&fAe
z86cSka$&4@F4-_AY2WU7($Ip#Me4_jwq9`rdE^dh;F`QN;UW8ZftVLW<ElwSjbTE|
zTxHk5cp`0uAI1Wy^r<4oyfH25VNC<@(1YXj0Xp82u+hS3MOcLUl<+3~Vk+j4z&ABV
zV7ySXC;IdTjY4QFZ}_wiuFqfnIYt9@2;k-9#*FpLmbOaXCUdcC!Yr#uiQC`l+@ed6
zT2QB&{LbVq%s!F;cNVuu3tb4Gv25m@WOsm#x6`H9_ZYw{wV&RRk!I7cX6gW@^yo|`
zsC|{XQ-Am*wEv4WeLyq3O3#;BRh;n)oif!kEWLI0&DZ{!AdkURgmWj$V(t6R`HFJn
z<mDGHq++y1*q(#q7D_O)maV)NLSV9f1-p8-j~HDl|BFS-{tSfq+jrKGkpJuC_dF>V
z9#n&Q5ZJ6?0~MDJp@o@oqezXeu}wEjgX#^>;|It>O)^o6OIo|QhOf4!?^tuee~P0S
z9BL$IF1`*cOx}83=;xnli}k*sx70^?qCRS`U|#;`)o6V~27xK{rUU)Kpl&f$1D$Vu
zS=6&{Q90rl+lF$YQ5g6hBAZ?I{}3}VItU2$|G>%R3MP=H0jYzgj`JN$JHZt7C(<^W
zn2{P5gJ-<VKn4lvHw~pIf@J<aQ{UMY!qgOu-guMFqg1C=_3}Zx-s<7O!a3Qp_jQ+7
z*OAjRz&u`W3i@&NoY->T{oM7v{O>s%k=N-E=TDVVQ4|H$N+bo1f<r7;HgQPFm`6qc
ziXeUOyeYsVJk+JfGaqRV-PeH513CS;=c)HM_0|VG^5;HrrvPoYLT{u)P82Lm3fBQ9
zjR&+IwShi)NNVIRIt=}uA9l^do~mA_mVeOlh(}cbt4CIVRj1w%E?Olj2<ELAw*B4S
zBn+rWWB}w%?u%Ci))sk4i}x)8!&X@?+BM3(I}OkpG!C;B_)P6VxK;BjJSj>Nn^2(^
zRvk^oU@Q_b0$#nVm3+Vb<s(kxqgLZ1Okj6e{Faf?N2izKMiM-yuf&w6Fc&{3zP7Tf
zq>XjOt@2+>)v<>7b8oZpX6PGNM+fOkKuKeRmas@<G|PjQ83)@Osi9#ca-_D_1XsQ&
zN;?pg5pY>$>pPj%+q?uPr<!r-0GMm*hqN<=YSosR$a7#cKS@!-Ea1oQSTcrCRS{#w
zoa%<3KyO~m%Za$;6(Y|Oi?cA(9$DrO<G>G-RU+aXN%V)6!HYkHI4a}f&QFH8d2{Vd
zAXx2UMc;|M(imDAl+KuFx0}Tv)r^^H1^@|Se7Wf;WB4((v$gzqvu#>@W;i;HeO@{W
zq$9<K8dZjODN&YYI>*BqHoU^|4#JVh(N=Yah8IMcp#nujByK4JM*T4#@Lk7yDFnPp
z$jRU{OkL4f^^9i0*!-CB&3|_*eNAejj(g`sV|<}$@GR5vV7c)t{ixRsMJ&xF2LLQ=
z<gu*-jNsg^5npsmsr4WNDGi9%<@Q^|11IQ~7TF+|VLa>{Q-{XgT_1J{4g3*!i7S}_
zHAhlTDfQ#J<-<^CMXfv=>|}pXHv1q=DwlB+5t$a8H*c;sa>c1~JfrKjv?5uP3uM(L
zYs<WO$R<YaJX0UJzNMZGBAS`~X28=ngN{$CCjPf@dt!$)Y=n6O(g;?EKqJn6U05D`
z#mNv6y0~FEM<64*yJ3{CadndVt*4Lw)MO0@`G`+>h99|gQGYX)V2^A8TwMgio-|W;
z<sQuowda%sC0`=cc}kG&x43NC3r=_S9_~wVlzrI?TX#QNdRZI-9pBima^Qu&n_~Z+
z+V2lxIY+oNb$(bGR`0&)hs0p)Eh;pP&cqp77aNM<As6hvif5$5iM%r}$0Q)pAeOoB
z$U9ca2);c%aN`W!L_hJq61Imy(WfuNF`TQvlZvu%!ILjJH8siHCDZdIHB_Ve0r5}u
zmK%9vdp{(Ce+R<)Tka^h4Nw!(oJ!%}lQ-JVG5ru7)W2oN2Gnm6Ka_|5seIrfj=#i4
zh~MZR&C?zV%1<7M$P=3d7kHV)zbxn_1Yu++s^}$SNQk05HCxoB87{(|voMVzEd>#4
z@$iWOi+@=rG8*NrRtBu)GQ=9m2kwu8FqW;YmItlbj}Hu=!<D^8041_m721L1(u647
z`UBM>B}u~oNz?km@;M<vTFhND<$HdsXy`DQ<{In|TIod_{xAZ}aIF2$x_QPWwPzOw
zecaN_=^si)g@W$w1kMctF7ho!ni0+1@Oo_JgPD`@A}X<(&SfdR=;rIAHxhj&)m1bW
zn!!V1-MTh8+4oIDz@x|bn%Oef`&F2oY0J~$d{x&?PvZP>U6Aj+MZG4a4V0{_r!#cq
z=0F&?P@feBd=KVGXfEQ?gs;*Z#L=_BSJ~mh<5R%Cou0UTb+4zmnBnh@Yn8}5(?qxD
z${xE<$G12~-O1CCW)RJms@zjyJIj6QKFi)}Ydidf6z9lupowG~{E<HHwL}h*nUc6#
zQB`KL?V3F}+_a?8tR62bE!FHurv3C`s%v)4<aBPpSAzAiE{r?|V3zyR_4gEAhHr55
z(>_g(z_yA!nT<JRSu<KT{b#}Ycl|BH@^Bxn47+)X_26E?=J5hA#(QABukGkYQ|S*^
zgH-2XZ1d0*AYN#2w3gb2#x=>klC(Y%Xk(CK$o|M9=P0U^eOcM9IFE(7EU?Z^?9-K}
zxY=!VZjPcAgrJo$d5tG8>nc9lGZ$+Gw_%5Qjo5bK7`cIx+T}*K8g3GeK>!PW8EbW~
zk;X@?^P}vNfc@=n6{~YtWey<)!?6m_r<ZF7M$<75U=k4G$kqE^PT|ma1!WiV!Vl2{
z#?R&WC-#$@L;DZYRG_AF@_nG@J<L=`{ZaDGUFNe<OsJ&gPR+pf-WwW*PP3*LN6N~;
z;>lqt7u<<3KOpV+6YOBm?39mMRc!515)GVPrq4M}*l`(63PL#!m)B1oW$VYkk{4<z
z$VeYkpev9dXDxG}k95p@1U*29Y6MJKV<4-0$Ox!g(LQ`$pr~uDGeMEYG5sfFHHwy!
zV5*5So_O=#R-Zq6{%n^qAZt`#U+1z<s>Vv~SL6q?82B|uC4uK#;mb<3!4u3H=w}bp
zQdsK-a}L$W7rutwfY>wa$lIkOEeu8}&YNNgfT<ahG#jIGoz(QN1PmL}#3be$Lz35`
zJ{z!KiK0&JtLYg0tv1ZLY-b$iJs@l}W*;0LLE6-eAiX+R29;`^Fds#Vpgb1bh&Ddp
zio%*@ZU5jnra&^{aJj-eqEueG>|BLsj5)50#(Y)G*Uhyv{A<J^x9&tL@-ms}$2CR-
z7}4$6)8TUl_ZW25&<DRs+T<e67s6{6VuvOvGv>mpuE@7Eu8YyR<{BtKujsq4ic#(P
zCS$acWT}}(ZHpam7j+(R#U<;QHtP$7F=K}vv1~JG?~=0J+BeknwvdGn7uK>8R@1=R
zX+p%<|6|!eZ<jmSJXKCuNf~$|btAn6R=5dz`gYLV;O!&~pIsv?9$3lhj{RscMYgN5
zD^|EQRJOUp*Ogj7y|hw~(4KVbMOA+ryUj@o#al&yj28xg?-|#r)TyX3J^c{-R--0G
zt0b}q|K6+Rs4%)f;gBv&j>;9rJ>C{VdmLGL{VioGvoM3uy)owox3*hU>!q(Li$aH4
zw*pN`Q6<?3JxE@s?@>ZY6EIA9!lCv%-K<l^wj_n57HSSAVz=Qpote6p%q!YjxSpUQ
zmCFJ5rwN9RCyrbns!cV;7vleCFC@aO;v^Otqb3Hk4Z}MK>^>Spf`C9H{inJ9r?&*w
zAQS(tLIGLouK=DYzTegb<NRb$u|Gs=Gg8saWQvLR%u+EVog_`XtX2YfULIxQ=BZi6
z=mZz{Iv66)jT#yQR0)NsDAkIMa`~V9(lD5@nlF4mKG3uKsS7){Ok0~z!|i)-p6hqt
z?rry{Cg9%<@gG?aYiwL$HgVI$#K}S%nN_?<Lx8y$O@pyCP0e5!sXys2htq#I4SBW0
zspuE3Je%k$UMx`{D&yY)D)i^E<k<hF?4?!ZRRr#NH__=(dGdvYj|BWGb$*&{|2N-q
zl%tOxo4&%WXxm2-R(Dj*fJ2E(O0T-<{hxrEvX}M<NL3%<L3ZPlftG`zmZGNX0gpeS
z02)uFfmkmIXw|T*b=9GXi}l9DH9MW~PQ(M_XKOZ7R?^>VB#RU#&4!)F^y;4E<aBE}
zG~W3-ah-~C6I?wjlhPb1nnI1Cy4Z}i{0eDK|Eb3PBPCAtX)Up{po-)BkW3udw=FHj
zv*GhiIQg^8W*dBZIoL+<Dca4cq7W(r;J6g&k$kdm4IZ=t*YmUmHrq~9$*#mQbIZ>E
z9aS2dzB5RyVN8?ZRUuN*Jq9MoJB!xd*K@5gx_9p(XqRA)!US(^j)}IQ-FnQ^laW@Q
zD)(`nZBpAS&%nX!5`{vuBR&*i9;IL*<D?SNZX$C^U6^oe3<@?zP3`av@q#-YV7xo5
z9Vm8nA9Db^#aRDcAIx_gWXtK560u(>F34~7usAP#|JP@Y!%m|R>9!eSsm;D<E-4vG
zclh?_8YaP;O1INZ3|Dd%EMk2oxmE}-FEeZIu`fD!EVYMB@BU9+UO~ZLR8V!*>fYEv
z|8Qe5F(C~$n<JY|ns%2K_c{T10OXEK*+sYiNvW$-<Fxum_DZd?3$vJmx)vwirc%`I
zmbp1?i2w>5)>dJn>P=zD^`1A5+dc-ocCBhZ+iEA_I_rZ$Xh_ydks)HYymnJH%Lm9O
zsQPl^`BJ{6DZF|=;w=fh{4PuX`lXDeht|~d&M=N&K#rA%7#n}0HUDq}05fIbfiMj#
z(th85Zut_t!569NRrNDth`VqwA;1~u$U(0kwl#Mr6~`|aleIG_mGuMX-|P*HU&XHb
zTwg_N=Eey#ZGYm~0d~!Tqx|g5^(`bguyBL(Rk-W=q1ms0qYlIV>sR{xIa-xX=%oj~
z=(`^Cw&0PA2LksjT`mGP;MH5_ZSe^2na_U94iBV$*(bU;dX>@UUB1P^R%$XGB}*jH
z{HWLwieU;p#(d)qbnS7Zp}7BC_<NBN8Ay`MRGsJTrw46guhEK=@>lefKx!moK7qM2
zu$@O*KrZ-R(08p=KKgZ!+IC&$wpt{Ry4j*^f|t5H8<iGXC&xks5Ir9^Y|uQZi0cm>
z&p=^?{V{bo(B_`MqaixYQR<!8iN%}92vhlvtMNLYsymB|XZ%&I#`>F0{{l_(L`)}f
zk-hFl@T3xeEzlhGHYT_f3vYJBqOrj3PPU{-y{~Z<#2S0FEc-pcU=`(V!x=R-CgzWy
z71}8&wB`94_fEqOH189?vI7NH&0L+;S5lZEVtY!XdQ4Ao{qoUVMv`MH2KHauwdYBg
z{IcbmvYSsLmwseLR0T3;!Gimw4a_$0y5K#NC<4oeAiv&RQ`5Eu#TL4oS?xb~zNs~u
zC1~AsKvT3(bfo6g@NAM1+&;FqRlBJOEdDe<=*V{4bX-USNuu<n>48JgZ9xcruXZ6l
zlVQ!xV~`jI|Ef0b(;vON8~vt-m#$xN?imEb{_(CzUutvWh@+xCv6C-P3z6Dqh$`1x
zW8|6e@I*Q=5u}TfV#iJqXYfECa!Rq~rP?OF^*}t-*&gH284&V;ypWuR*QEKBwTko0
z+LI7}hPBWG0=$2DB8yQ{bOkPMI9VW>tAbLRX;zYIKk)d=TXCoj2jP|~8S-o)E_INc
z7*|@I5Y)4vS=I^sQTU=AEHICEIV<sWcmvDGJ{#3PAA<IGQK|_NmyU0;>n*hZg6fj#
z2<M@wfoE0}y?VUxECnGULM~O~SM+4`yYha~=Uit45<E@>*XU`z^qgKfJ>v@A`L1%+
zC5awM=Fl@q_=5$`8r*Jg{0zx-;!>@711~d#z=n?cmIcfPx!itswnWw`sVoFk(QWf%
zFN;d{R%4H0v{tH!Na&`jzeiyJ$-pG8=ed84hY12z#^!H~*uVZrT}Bd7H`kgg=AqH5
zUpdpjPtEo$TG_-*@sV*_PEJWRJ_$KK5w&bGWj!+WtzY6_f|Kqu6iWs<8lj)W;p-v{
zc9_B(6662<pFeIvAO;&aeq|5Gd4Tutx#FSN8!edcBGVRZYTpQ&38tki?YqU~FLXqH
zL5}d(*G$X?c|ZhipmPw*?SUX96lul}<BQ+|#0h{AR6o@GFbrP4&QFqsIZDEd=(&C@
zb-O=r2y-wCDZG2S9zwlY*G5GF{V+q{!CS^KT-)Te9h5jJQ(DhVWLF4Epj7;#Js;GD
z`{^O+Mc|;O3#!aE{0HLz*7HkO3^c&dkGnOk7^Rf?p)&yd_`j`xc$HFGfDR1=#DxX~
z<k$aync@Ez0Z>_7<fmxp9KBfqC4xH-`&l1~4;>anD!~FRp%I0)YkEY6olZ8@Nd(<w
zMW<%nRHaR)wOnpdq^f}OE5dqFYooksO}3(WsXV9o6XP?Y`1^iq!XyC>^p51Y%RSY3
z`i_6R>wW_h5)pY8?`uSM-LsX2q!62GlG0Ml94Hu#H;eL#aaATdrskOv`#3YUb8^m(
zicTHcKZ52_%#gIpo>1O!0h3Q2s<@G~!x^79`5J|hcX#a0B-p`*nRc1~N$)UEK%bON
zY#D)0?>MhA<?2k8+E$h@e(0RS(omGn9EEVF6MWp}(cK4YG9<)4d7xYf#7EK`v}vs9
z0>s88?NqU;?Jq2z^y5cTdRIr()o%M$V!P;eT47zk-P&1biptPo%%Osrb#*9sA7R)j
zJI4kqbbV4>DjnyU?2^o?GWGUdVQSPp0z0!Wi?!^W=B4<=ccbmfG0$jTt?9Q&36G_i
z#djy|tPbd4tnKW~a#;M>s}cz|Wo7@K1A7>r%~H(6leTycx1RJ{)HaX}oCAi)^m}`5
zp4kjMqUbSgWvXavV?)2+()Q<Ulw12{1*?;bmC4<xI(2tzI!=Ak*QYQ?0_?*&G22g3
zyCwJ-5?Ue$Sum+SWXYS@@RkZx1?m0+jxyP28R*I9XG?a~)wVhv#cr?dO-&Uz09#G9
zPDcV&$rX=nrW(OQU)5o>7z>h}?gUFGHA)P&)`~_A_<nmNgP{`yNmZ3slBJO@>6+FS
z&f<q)S0_n%Q_K169hWl_jqaC(I0x43hm10lY-N>P)HwZR#;h7NhVZ0d9uM7oz~ZTM
ztwq4rDeRE3zwKLufI`i~>w`umpa*MBZhx3gxq#>TV}vvHXWtKFs`)l>ed6U*X(yXz
z*k$I`3Sz%3OB3B+mFxq;lU^=WA%b-R10~?g*0X<nD7Y@gv_VoblN`<KWPd|lZFZMd
zV|%&&GW$(8M%fE-4jtJ1Q)^#w5=x{m5|*w2lK3zml`)vX_ix!vtE3<?KhPWtk+FZ*
zMUP{GV;GNkF812a+LV@%$yZb-o5>6a8uJXWa8c%~m%vkh(77zbUzugN%h1Ua*28eq
z)H}QW$}lR|H(T8J_$$!iBb?e3zC}N71atjI^Y=+4WZo7_NC`Szp;FqYw~ehA1uEo?
zI;?ba+ChVmL-^>@L)ulOH~=Q5?#WvV^-B#>>oJXpMtk6-t&G>I|I!i6#g#5dF$CxD
z<ZTLuzt_^x;Z5@qy@ozBOR<fOm17T!AC&s|q^i-0nDD)A)$*F`Un-xnzHPM=zF$?U
z?9}~Vk6tV@bIH{MtnpAitk!Wm!iNL_Wt}bs>gSC5EHieib61EWM8GknHTY2Aq3aLj
zANvq*Lh9aggq?v$^w_QIbAvGYA&2X<PpH|Ni^cEFLj!jAupvx7GX6V_QX}<94;8Ob
ztr#qdarlt~1$>(WZ@;@5bf2-?xA7do=~@N3?9ECaq$_R?e=TBJz*~#)lp`+Q?w|{s
zgcKRKE6zi6VCNSvdI2nGVS_*W9P)b?e#xcuSo@T33k6^47g+nz;0(b5q;`eBEbO|7
zQQ$2@4CQJek-G#+y0GIpWKAmyki#p+_x*E4!`IV?;Ie*^ynzJONVRS5B_&UyHyPSs
zN4E$!ohomrL1|z^`%gKX7f_?XSQ@^hMxe)A^i`mJAw1xQ*#b~O@kzg0t8#DfMzF$J
zE$TVeYam^rvuEMP`b5Yu*b~7uhEm6uAy)IbcDT)q#cCi+(Y+!^krC|?1wP8Kb;&pJ
z5O{4wI+QRNo1%*j!z5Xmhy`JeBnCllV@cyxEk99?gH!|(eD!eZG8}jcOF)|@O~$X5
z$+Rig6a5+NPk<}(P#FEZ8+Y_>6rwFm%WElEF&R^E>_8Q>C)yK1XEs!w=3I-}s`Rxi
zKI<jg;`XREn)DMnjt3LhsRXlT7U#E?3_5L7xx~>bCh~3-*F;hlaVR=YN1@Y2`Glnn
z<9RNzU#BIk@)pV2P*u)vnA53)=J>;VsPOrkS<dh7n!v9PT0TSPk`CE~g+A02H4OHQ
zy7hqWj5Kxfc@?jWY{gT2FZCilFO8z@c|sMhzu5|>C~qlJnDgwaUU39Ur%v54xH$@C
zRFT~!b1kP#$!<vXSI??nKlH2aSbeJcmPdylslVgw6<)=Cz~*jegERQF!!A``#k!%1
z3#Fl2>;N52%?K;eL&E#Xo6Cn;7IAR!k+GJWD(dZ_mI@!p@1L_|&a1gMS=8Hu?iHPp
z*NU%tUu7)MWu2Kds;}k`5Ke;MW30Ee$WW(cX_JkIF3Je@Uc5V5>4cf5kKzw$?0Afw
zl>G2?NKaO~^fHmed19m)$)46ItBckmopewKdO#OyILFFiR#wKcYKT%k@U1#|oTq)5
zbN`uN0;#gq|NPsQiyAe&%Xo!&58js*L1k+kvD}4bv-nQ9Q~uD-B6xkmih73`td@Ol
zZ*o955@P;Eehl$AG!tYp%2`M&wMBNl*gMme_ky)ip`*~&UcASGW*jjS+>_;ib&Ulq
z8o0_zuiMBzwT%_4ojJJ^n%AvQ1+Sg^*)xW+kF-uBTEUJK=#)=P0=J(^rbh>}gdzwB
z!q_5B``j!-LR53antz*iGESW^Ci2_fOYl^5Q)PED_AoSYc7{eZ2TpU7D*7GeQ9Ia@
zGVWF_Lv$tXN3!=o^ize;A4KYnio1TJ7eM?4sooW6tc((CqK8hW=9jWB{lMa{zC*ox
zBDE2#flb()^mpjH{mCa!#7$T=feq4Oa(Q{v6iiGhY6E*bt^SI6gQVc8b!h&gnGF2L
zfKuB&`WShI#hQjx{9*vIAOz|A50E^i!}KwRo2HTLd?Eku$WcqMaoS}41WV;^pmR>?
z#WWe1tSS8{|Jl)*7f+NIkY6srbHbj5)kOK1L^H~3{k=lbUYb;EH@Wl{HyEh6v;F`<
zxjoCR9{ee%$9WNP-rMX@DG&+Wgg|E#Hb2NHZjj;-<=S-PPKH7QTM(iA>gp%FyIuC-
z{S`O{9Pk@f_EW#8_$6*Dy-t4sY%o(%WHD0L_uSO~XrNwTzgaCah+Nagt|bfKGk1*V
z49=@?6mp~G5nE4%jar`vV*vHjoCk(v{+$YyuQ+@08y>Gp@$k$G<Qy?i_Tz!rUP-*P
zBk9O-)PD!RGh(tH+U*B=*1(E(hk6H>Pl&#l1imd<speN?9```}mYYQZ68t4>q{j}l
zN${qoyT6`)+0hJ;#n=7cuv8T|ULuS>awRQ8zv{rTV_&z7H3KZ~!*xb|ir%CD3fg3r
zq$hcNia8qVos}C8tJD93u)1sw9@oL-Y8rSgXWEw>6@g7)-U&BORn!AN`UwR_uUlz@
z_#;$MKslfm5oK!1VT*wW7&?r^U%7|vW}|1Q1b4r6`)4L08H@nyBnR}dUw{WYeKL6&
zz_Hf+3dN33{$yut18>5v+aEwKU9@0kr1K7+IsoCW%e6ZBSU8j&oh=$;*)$bN@S*hA
zkS*Qp(VSm3I)c5&V+mRr%FCD>@v|crJBVS%SfP)B(T0oXHKi&6{P^~KY><)<+?<43
z5ROvz)!2rKdt37&Y2aj9bxWCcve*u)A8>;gcZ$Dtc*up>7iQ`81=}L#xWS4A>A?2K
zqv}_kVo5Yu7?fZ_2U-pNHC*doz+f{7o4H?C)J;~5&`iqb`r?0&_2rT+v<ARo!kCqU
z{VgaapGRK>lJi{viyvUGgodjkfY#4RY1kiN_Q=ELd~M@?#&4l0>OynpDE~^CuYFVg
zBAJD35J)1G%j=aErK2!zxpeJ9tIPW#!gZ=$8@0_#V$dGlUbpHHdomnyp55wQkr7v^
z{nE^$OiDMy!~7hSbgUepbkwpNU1BZv)0f26uz?6~mw?O%NY8S<c;}8yHiQKY3*4)%
zI3vK8GM=3oVSi&^m-2w07GryGv((E*E{f-S$tocBLV$eL)^1sn@<HN~98SV4m~NJE
z3Tsz+>&o*-h3J4KmyC1mRG(XTxV{7+&n6UrDQcG_T5zMI#0T=Y{O}D-qaRSm&=uiy
z5*qf7!CRgLC=k|;P)qE1h7GO`AMhL1cg~FzYWF$2N<-@-y+${am~B{i*M-mcaP(9<
zW0Ud|d=F@;H^oVw(ztyvFMm4aXN4r|;Yd>ihMuwn-`%nWRu4$TizZg*Un8g6_n~Im
z_o=45lKZUAy!*cW@CwTOJRk?3E*jiqsVA5$4apA$EPm>Vsju)p*^QMsj2O!Vqki`D
zPU+#Ss~k9b;gJm%@g}Xy?h_PrLPFeXLSaV=wEgT%nG>M~J8qESQ`hP!deM<mpJ&|}
z5sW<1YDZAnV2P~`^|RH`7U3_<inAd;=#01PtF&YZ_lshu*o<0qtLy}~cKB#I*oB=r
z9vUeEIQO3uOS)6ZS<s(n1|Zf!-%k`DYAgEUt*6_Q$&<bCHd!qFd6)g9w<*X7Lg_Gt
z<hB-{?IhV{%l;%OXL^lj=dED0I_VM|=W$ysS)AQ-IO{qyY{*lnnt0cDSY~{(;T$Q7
zO`a7evU{MNW^@~dM!G+C?I^ZW=`R>DFV+VDVg;K&o2QH78?k3rKvAt&k~1vHUvnw>
zvxKS?#Q(^Z+*`og4o3az7INVeErs>PR9sLog#DSc*di>s>H;xY!hJ$<fRd+d)s=J=
zl(2)N;flEle;8G0+ZcKEgP#+vz`L#w0Y~tSY7?@Fez3aZ_GrMF>NCm@fq4^=tLWea
z=w~SrT1OvKKKT*+R4e2iUhE@SaGO7)!Y9OxR{jwcf>=8m_@Dr4{122-&|DZ<X4is}
zSAZGI41ZgiInxQ|B38jLv8vFKzn3V2aL@v}Z?r0Wcdoa;8B8Tb6nbKH{`azfGpdo>
zk7IqvJ^EZ~4~u{HEQLw)21enNExrmy0ESw1q1~Ck(^G*uD>?-)<P3?`NO2_zi*8<^
zGDO&lG$MtF4>T7Vxs_B-ae00M0d-AnYQ*+Ld;AfoQUm+JgrbaO1a9WVN!t3#0i~^t
zlh*~YX0S2CB&x_%%XJC3w^A(?Q=Jbq+lFAj!9raaCBZ-v_RV&iM>goTCd9uoAS6e}
z(kl_wmzo!}3{Rsj3}IKcutri+UpO{nR(fk7v3{auSSGe(JIemU9!Vzk-qDMg=(xfo
z0!;mBPKaZK3WX8lvaroVg(ZnV%b<nM;h=Bu>X*G`wXt0A{QgDpAh#slEeGOE0_|FD
z|Bq*nhQe(xWtjl(A3L~)U74jIfX-y!Q{;^wjzD&!!4I7ix%vA#U#X0-AUfSN28;<Q
z&6zXKKLqhs#H(*Jg@1e$@+h#S(mtqu`i;Tq|LfVFe~3aaZU`|huz4VaxR4WtTbq~m
zlpW-h_C9I!vO6g<m7NkVtshNkz=N193*a<dJR2e?uiHC<8IZ+#c*ttZ2U6A89+hkp
zeR5`n&7TyqMAEz{Yx9JV;j6659e8Cu3CPTwg56^)>N2O+{&<l3o5=RlXPCt6MyiV(
zeKvMyvPlfD!vE1BGHRHUmd*8$n;Nov%lHKsYqz!_dpu?^W!8D&AJq0|_He<1ucpWq
zIyXz&)8aaS>MCUKN^q<l6JWjq8*x(x-|KY}34&KRz*q|$X~a}KB&xgyFS4_!fONP3
zZ~BDVfHa5+{Jq|v`vm3S40ZLLW;x&n;sl0wulYvi(g8kt&dJQuIBUWM_tI9oj^mZB
z_ot5LM8<3Op`7OTv*{b_TXm?WezCd?2cg`Lo!`HyK(GR{0OLMROyJ{#4g46#sqL+{
zhQ`wKqejIdU8shtQ7O+WpM(Y6*Eb<`o&uRpz4R6?cnO~2=j!rlv<QTKf2zl1&|kWD
z$#v<;&4UV>sayBNY*z}-iw@fkWrDxP_3xw_K*Z1wqx~Ph6^A$?g@oXe#b&N$YS2=2
zgW|aKI7Sk3Kv6obLIGkt4|-ZQ-g3Cu6tDHUQL+(P3iR|7+H@Ysn+u|jgC^Wj!}YFy
z@~x1vhIh>jvm=<<4?~*|o`5mf+QCSN`qa44>=MqI>{<@Q^+V$&!c%!9qn~}{2iUkv
z6S?fCbjp8%skmti`7_;+euN}mI^*Qctn<7wBaJ5Hu%W!ZngTZTcCNAvO;Tod4F>pe
zl@8e^!616gOutYY@hBS;??hTrUZI3L?IL;@^iGT1I2K=J!G^pj*Mu39s0lh;unEi&
z2M2qbFY|X(Ds1m5W3SFS<k&9b<WgUc9C_Ozh3tefq60c8v5)5AbEU!EvCCV=m0)Z@
zR-jTGg;@)7VF1J=#;mQ7yRAHBqEjX>#H20AD#W;U{+~sNamjolVsB6nd}6fUKNt8y
z_V@%J?-7+(t#eaPUD!T@zhI(mg$!>9KH)J4gFB!2KJmGQ&8bZF!6MWkIv`xYAJq59
zGmb-){Y1XOEeFtWsB-2hgZb1-AEA<I&@KvA3k!F3#DJNqKiDQufREU!rf+RK2`e~Z
z)sX@r?J-s(iZ&^;D9OqT#V1WXm7Q2l4=d1!Z>lcrNHtbf4E~g9AtG6(Y2$iz_72r^
zAym4ylyh6D^R;d9jd=T|tm6GGHW+yzol_zJolhluV0^_}On!F?<T8%_=O*P3L5v*D
zerE(v0iVUOM4=>K*Stb)8`BSzm~L+@y)N)-;l;`MMh6b+faW<%OPWRfPE+xWIWz{^
z+jkHn+Haae5o-5<7v$e|oDQ7XOyfki9L$!B83yq~dkm!v{YJ-*bVELJwAB(nX-hQ!
znCjVrlbTCWmyn^KnAFjs;=f;^78;w23r$w!so+CL(wAa~Lak><B~{i>Cg&f3l2tf3
z3Qnu-?irO}pU$&P!E`WXFw@+#>Dx_Z&P_m9I<R#xQw1{5^F=UGMuv|1s4137#f%6c
zHGggPB%X>7d^dQjcYwm!+hHR&{{R6o0813m;s=zprEvw(zNX9?Do)k*%ez*k^Z5oI
z>qXy|l%OIMpqgj)gty5@<79N)`%Ma7YS7?>2;aco3Z$lGgc#MJeAAeZpR%qq`#;`3
z_bLAP+DsILVUl@hFmFj4>%DsH7YN;~Tg3tDzI{Rk6jP#=^)C`+cb|nWr7XSU9agok
zDM0PkhzrG)#jKo(PoC&M2G<YKgUvUCU(*@k3sLucr7DMn(2r{uPnL717Uw}b1SYnU
z8aAaW1c=iaN&qSxX;5?}SpsTaayW(LG87r@>Kf7bayjROY6?n#ye0LcAaPoT_SR%l
z^XoK{pY}@p>t>R!d|R_C;7)e6UzHIS2-K`9v>b3il}J3n(F;Jwg8nRpNE_AxA#~<j
zf`0$5iC@&93YXx%JvNhXb`r`nQ`1amg;)K;CiqSV6)N!Wnt=ixGbNc-^GNiVaPu#q
z$7}Ve5m_fuaDk;*!_GsxjM>q1-s;WIGW0@|KVv*Y8<$Wxl3^J#3P-Fo=NRz{QC_Ue
zo;B1^zcuN@xwmbPn1zQ?2P}Cq7u;Na+oeU3^Y|iNY(eVtfw<jFtQ}Y4R>rm7Wo(Q5
zzXdXUsg*s9|Lk4u|4L-!|AWXpI_Q9<F|Il~udy_aCc$uw5k-?R<{)Dg?J5Q|i@*j%
zC#$0MYOl8A+!DSvswawPVT@QfyeU;&iZ7J{Wm3KHs;)($0@&x2y%D#&8SQGd%sQgi
zb$7}86{oxB^CbWG{SZIM-@$DXJSVy^V_s0yWs)Sjk+@Vt;b5|La7{E-9(+LXC+BLN
zD0T4eh)#^apzLZlS$}av6;#YFDzcB#SLA;BZ$9+ilG}7B7az4kb5$R?qiJym6#cl}
z=7|4N8H7WaBw@SKhCZ4}|A_n52WOT=-r6JVgKlM!|Dg}T8v1YtT<>%Qd>dhH!|uO3
zy@;YSP;qeSYRum!nvK>?F4hCa7_{J8YxQv6#5Ji>Vv@b#k<P}6^U5@l_sY&Rsb<W|
zH21L1r|FR}`SZ(<nO@X2+HDIw@EUE3;I^pX6$d9N4TZ<!Aps<*$7Y1-85*ToTnP=2
zHd`9B*iS`$Ar>BH6GCT(%=R-PCxY`#S+Fn}`+?Fhps2yLi)$sa<7ohueI?G*f7FKk
zr~U}TX)~2Iz`RqLX|l<$TkA}PNbNel6e-#-r@NH($mrE1D4QuDzW<&FUd3z9@xEV&
zVsCQJXkXm2JfX9?B<k*RW2*?ch2jvtx~4}1gOgziRr;&5JT(ei7ZiJHu9Bj8Ef{pO
zwkw$$a5$7!pU4kbeF3x^p6Neq;yjydju}piT&1G&C^nZtigtIK;R{seoQDe2nWbU^
z_~gq>DwA#JSEWp!zGOdl&QeGgS6y6n{DlZRo;0%7beJRje1ym_1EB6>y4^?$Fh7MX
zTcV@;WR0!n87mWTpZ*+*NgKK(u^6AI2VnO5ZKIAmC`JCCF0KMBsxD~bQo<5TFU!&)
zEiEnGAt*`+(hbrLE7Bo#>5>-dloX@|q?BA(8U>LQ5vBf>-|zc={=Ivjotg8_oco-+
z=RSANnHl#jd4wFpigCmD#)8GEk^`n;nLc821zYcIRd=$F2%l$PshAkVK6m|+n==u#
z1o}FwE0oql!*wJ}S9(ONS0i9-`*q<12chBd77yiNpW5gBc^pniOeSigg%=M)xci5#
zr5$ErLEPeZyR@m3lfz#Q+LPa%*#{>EMLi<V4*aQjTLckQygCE3<{OU5%?Oa`D~APz
zEZLvX234;RpA<gVN}IxQD()Y7jC705zV{nok2N>iY%f{X5Bb2g`Fd|Og=b)a@Azy^
zLWliJJ%9Of@3cWF|0mAWob*SW%;u+K9%<cA_FKaxN^MJ{+q|)OkG*y|H$`U!g%|ps
z7|;g^t{WqG>MvhdY8v&?z`R&w3r}c<^*Gl8VyCDC)obfKdpH-Emf~6k>&s_e2-_@8
zw?A3^+1YbC+;h+sg6;QBW{t+%p-OPEW}KKa=91<1y@wCG_9a@6gQ8T)-0|C_v!%xY
z8mQsnE@VD^VB(1nydUPZeV)@v(!F>`W}XIyed`jT&2@-WKn5O8zu)+<l1q;q?*0gA
z_o9p>R+9&(#2BFRTTIWsHuK?I1vcE1+}ZKy`$Q-R*iO!DOMth%R#JszW+om=AF{j@
z7O|<08pK)HLa4uPZ=F|+ANcgbwfM`ao~fkq^!H-S<MujQ+V;9mw<fi?+7;}BI%Cta
z>`Hk=B=-t=XVU0lOa(Q{2jffLa>!$0vxIHp9fMoHEXa!BpXvOW1|pjM?%IU8^XY^g
zW|sQ}TZ9UZM_}ysDYM(<l1fMOkD8k<+}Y<7R=mT6Lpms7TV^CCXSnRG_e{uWe9usP
z*X}e`fz(jW90YWXT#~A81V|)S<h4Z0u<@g}wq4lxvn!Z9q-!ue4KDB>P1J?FccZ9$
zY)8?c81J%4<WidVHahNmmocjF)C2uBwkr){ZwRp%j@mW#E{z`D$&`?~=^FbfMYe%C
zm@M`yR(MU6*-WE4-BzYU6Mx@+&BJ{HUI8jiNl(D=3pACi=Hz#_g)JL&NE!N^VW$DH
zqNB!We`s|WqO;EV&X++pe1yV7&o!WAH%d8Zmbo*KA=oCpxt_Nv)TXfC>D@+t^T*^Y
z1;U>UYi<rnxbKw_DPPvtRgQX%7XU`npC2F-eqJtaVlql^^^QCV9=PmzS>x7jY;sta
zU24u8a+I7&H9U$(K?htLK7Ju$YkT<~@hXbvOj_nrezVUiAoip(b`1X6_gH8Ho4a)}
zc5*h}bkOP&x&cYnOA*yPEIO^I{$7-9Vk6+!`aC$o?}-v$OOE4i<?`G4T_+MPotb*&
zj7GZxOX#^ln)(L`Bl+##x|kB(HT){l!GUus<Vhpz5}EXFy(EW-KlIh9fP7LWA{ZQq
zMUSNW3YOICI`=$UJAxkZt6U2C&C0$kILgnh%!P%}Nk&naV@-s;T2TAw(-Nv)KU|DG
z)JdY352g)jJMl2dqsCjX6cE>!U1bd=t1h&Ypw?_HCu*UY$ZvyInOhpweM!?3>T`2*
z*bZz<Tm6uQ8;LG?a7$%XwZuM*NwH|J1qBGN0`I3u6?v6gPdZm9w}eX`4<+xhRg=$;
zUt*wrG!GJ@wXpFgbm&BEIQnG90OA)|0Ul2{2pb~-R$uKIPJ)*)-e0MOiGi^JNJpq6
zj6|)B@*c>xGd~P{GY)2Ah@?!8A;*_h-CwG!@XY^~w8PZ#d~5}5S|H2He<66F6M$op
zU2l}9Zwh8S7!z~1{v6;wmofMK``FA=jF0JQ<Ifamc~tRUsHmtg(#qW4bv<%jph~)d
z2M>W0i-xme@iEDEGsmF=kHZbO8z089AgGb`;ThWNn!d$(Y{}14p@P#hR)MVLTVJys
zDfQeV8zO{_>y@Bv;;5<1shT-1D?fST7=jLd3q>ni^4PhNA68QVytk<$$wpz(kM)z$
z+nwqfFJ01B%s;0TXRc)$G*F79sV5M0aTq@useS&KyR2wx@2kZ+J3Lx24{l4Bh{zmL
zfqo?n>`Kz)YBIA6ALZ{KUmuU-K*wVKs1t1C>`WxXHW<4_$$kIRclnfTUhgrknnB!Z
z$IptZoco)@)NiE4^e7FhdL_2zCB&Iz>Iy1G-qRevTK4I#@#586rgIpoA|IPC($_Ut
z6;vo|8DQXnW|b7gITQpKa(ehFR3V<<T$6(^3b{%Wn#0N9fUL#}wS1P5Jru{7);GU;
zt3NeJL8^i77XB({72be#X@W7K20iAITXtUC5Xc=r(y;uDeIb)VJuZJwL+YWXMqJ;A
zRL8Oi3vsOk>A+9-cG@0IL@6$_>*NeZ7f{9|2D9kdJ*9XtvC*(qQcOWQsfQ@&A>uF1
z`CisHt|QIwHe6n2zJubias4o{AWn{KE3_UFYq0n={`!sYtMW|$se*Iyo@KF?Zf)J$
zFWz0Iw4T`An^5XJQ}Tn?+*2VCDrn!2{Dt$|>7!lJs0lJ;V)m9#LG1}qJN@Q2S;0y|
zxqh~LJ!~YV_iY(Xz=JCEX)f64^z=-PUW;a}Y53&N{T^k1w%;VVWBYxbdHo@Kr8zqn
z!TY=?y0I)5?DMjyW8Nax{HB<9y4+e7rayCQg66&Sn@K63IpSzKQjTy(+{|i1MTv(W
zqXw5Lk%NS?D7GPa*;^!CwB1__RrKHPFu@xcgXav~M3r@edv*wFLI@_+@!3U8tfTj`
zRyUbktncec;69ILbpFyj-@n;qg;XAN#FXkcjB*b-&XUIS##VT*eMfgQ!Y8blPvH<_
zhnR8kDM##Y$@CJbZQue_KOB7nldx!DVEG2Rf<_h?149z14Wb21S8##z7jy{Sc_s3T
zY03)bnBL~}&^JXy!Z!lC7LrV}Sg<pVTwM%rHL$%MlyjwU6k{ING|7)2Z&I;AGID$>
zx)lG^w7JwFFCoPxW@;Xy!6tZKh>|+p%6@t`M@k%Vak>r0aQ9)bxEXV6Gcl2*i%D54
zJd~B%;4#rEewAAQ3*|7J3v`UAC7_-Wt-^H)Su2S(I#KAym=--0=+^(j?y_LE+0-cr
ztECRF4M3F@aizBEO?@()QmLMH5T05XqA3YdZiKa_FdrqE!Hy}yX@JH38Im~Pa>BGM
zq-ny#Z6om>4m16y(?hMEk9Zypl8(*@H@4;*hU+)QCglx73?}F&dCn27X2Rdh>lY3O
z^A-d&QHGUeFT%BI6t$CTtKv3`WS!`dirJ&}d<2st1(k+gD~V2%nsH-L98?QUjEK`=
zqgV!_G^o0yyv#tA%4wL7t3_)#`OXibrQWV;LkdRYh`YbNJaM&|TFAUZQo}HZJ*tC$
z!inFg>e=>*a%Me_g~THC9p;;+lt%|P*aaLrQ`!%uyDI?yj$4AO{9JVI1hpoM76~yw
zN{V$xBSYc4?=-+W6xm&o&&{$wHxDO>r<Sa4_~VQ0iw#iWtIb+Q`fa^lmhP~8@1xXe
z<DB(lz&h=Nr2A~@b9X3NMTeORoX&KvOvs_t?umcFR;8rqj2kt=X+xz<t+_Po*+kSq
zf3J|d?Og-#MntQ%dqBC2qJhFBl-HNeZYKeg(0d6I^jiOMK>g}CnDNf~p~cikVp4HO
zi`|o^9Nr9cIDUpGZ=_k}tLVw?;v_xIPc$!PR|$-(e$nlIPo^oiqnQ$-z|?^fK}*Z@
zJhD~-BsA~bH+egca7NlBkP!6yo7D`;`r#0lp32|RTa??fyFL5X9_E*Wm*TEAlBrf_
z*}C73Xwda9miV|~OtQCkhrNgH5^s;b`;yi9P}GE^c$ZU7lNubR;QK0rURr0TYoE8$
z`6E)hkW~8&^h7doA^7r^;psk|ly<a~NWAo$XAEu6eh!LgApAoI*nfo!7TT+egcG}V
zZ2Y*5HLhIP0e+pVQb&7KIe-Y?qy7zybp@W#23H6%od+At1gt8DdNZbxHW2jVRZF7!
zWH<tJe-pk^yLfOwEhhmDXo+!AZBK+HnlLW;eub-zOM$gK1Qmp1bW(euMsi8UN^!=;
zpI!U%JC{l45rx$jAV9(BLy7HYc}P|yv#PYRYA$)nYfnuH+#ly5@Q7X#D1NX)wi9iW
zjDD2T?&iSpk8P^Bxok4gUAbeByM3~@M6lRrTI@c@8&ui1JthuZ@#x2!<?M-cngUX}
z`C$XB6Ph-Oc_qF|&G^_1ty_ALCSo!3p)unpuh)AX;R^-v3|?MEOaW!fFrXm__UF-1
ze?RFNh!AH}01pf8^LCM7U`YLaYA_>E`lsIHQ?!>0mcX1N&dp#fGIAwNl{#P2{a|xs
z`g1H1um}`(&{ZShj3XlGYAu4-F>mO!eX3)R5loqEZ-?zbs+*@5-&h%eDExACq`kRP
zy0rJ<n{$%!Y%l%!#^}$Wy`P?)V{NBXGl+AVXIdH&<5-QcsppKLBmjh%5d-mpKmH(T
z*(#DMCk;~raZgSl(hN`OW>YtTZ2wL9cwDoTp70)p*AN)r&^$k0gq(iZtq>p1P)bSK
zZb6?^?Od?gouHx6yWrI?vA!K};$^D#c7_#2=?hl+%QARp|94Uo^XW9!cBU1*8*^}1
zk58N4+$a?lpBz338#CK^2Ph(Q3V7gTRF92hE=jS~*0+~@-8his=N~U7SphqUbhd4K
zFg#t+I(Oy`PWFRgIkym%56Dk$)N%_D$CNWk$0X{jIVyV!;XQ>k*~r~x#zNxHi^t?@
z(&_;m9af6#&&12#yn;*3(M>o-j1K+&5t=W~5rZ`|BC+^w2PjLl{fXE^^{r+zqN=u=
zFGi%m>3;Rjn_6k_(q4oOQc;I>=idId*(X+SC&Msq(LZQ3oX(O7TdX!{n>ttRexURr
zJrjP9C+DZMz`I4#(nYg$i*TE%Y+GkeN1339hfeQ>S}PUo^#$R<{xt4AQw_5Z@XDxt
zQ(9KBQXyvFOkawxE;%DO2ILyEOGS1QI6$;7Vy0V!^2O#KNcaP*{Ux}lVUjN@x)!%n
znmII5OvU9h8$aEa^6e$G@yh~C#U_sH<+`&-7nAniyu0imHZVx{dz;mwxJKJv@ue6@
zBW!nE-w@%w#E#5wKFZ?YDsh?;yO<Iaa>^DKXx+!8&T=J|?<7I!C+={gQj6(UkGqv4
ztQMj)1u`di3o*B?V3IVJj=i)3zabR19d9(ZLgxhNKAjQFF4H%$Z9P5^Z}@oc=^b|0
z`}Gt(9^}eWr5t7XMPzSZAk9T4ym#;B^}VlKTBQ|vD%Vc}r<h%EVn^;ry0iC`#J+wb
zV4hLv_c(?tJ|mSB(H8zy1aH8yJ!Vb7i-~Cst3W`DiF3sp)I{as`_g$nS<mG2c*^-3
zofN7uk;~j7rI9`J(%Ac=JS$Svduy?=cb7|JiTCqk@4B(H{?=7he&zQe@=Xf=$VW=<
zGwutPwXuNHco*lmnYZ1EuDP@q{1;3sWH*ZMQ4gl~CcmRyszo61J$P%XzVPvkg*X^L
z2!YrdXn2AvjP#8PQ*$coOqA;%3^drPQB~Oohj%-T?=enh+wm0Z6PHhx-`U6z_h<eN
zj>gf+HPcObYF@ivWX+Pz_~_B?k%*RRQn~Vj6Up5MSSC%1kX9?8>dq~wV|%97`ZjF)
zXRF-?>b~h7C>xO|5l8j)otrS_C&xDD^M0bQ{ZioR6zVNsNwG^^F={z<7O0`PHr?Rb
zN%ws&o0=yM?H>yVreB)okVoIR+%cG&O+NiyG1AM4dTiatU25aj>__A--lY0Ws0ev>
z%#ad(`UjFl`R&L@^7LJT>P}#425hd-J(K4p^V=sD;RsfDNUynF&u80`k6){)-ZXUL
z<c(M7@SSIJDze6lKIiluYIy?l*iEy}IV~2u8QgZ0w;M%4At`A*%9LB|aVU?ZRpK{$
zmg@4ICA!-j*0&OKlR&G`lC*dwRaIqWS{18DI9N3~%;6@D_@3Ig5>G-F8Mv%UdkCj1
zdE+W{IvU}vb33lkAp6~0g?bWJZhEO%P%~uScwNrXw-#KxbA!r!Tm5}&W%F3m0gIj4
zZ(ASy4dt5OOzT}ktii+j;`;ClEZs|N?kuIgrL0#ql7Wvi{54$cz7sqoHzUR~^o?Vo
zY-=jDB96SD&}&zB5m-THGtMe4Q++c2R<`k#lzRw*{Y`$F<Ghv&hN8m^q#cuF2^knl
zc2s#Qu#4k?W?s1PSe~INNS)VwilOaSIJ%^y{!ko*o@7dlebwSo?Kiwbil^RoVR9;d
z?@y58Tf+*nPv++|9M!0`qwAhO?_lT}!-;=Vx^8rQN^!h{1+&ihDpto<%{=UbxY3w9
zJw+0a*irH`)?8tunxzuW@#@O-xHtWoc!<Cl8ptEqoH6x~#3kn4t7c*3f_PY~;L_O)
z+5NlniGv?e2_+7Zb+QUbpU+vB5a^J2Bj8NripSM!H8h~jQTB30=RmB#m+I)jB`#ZU
znkd^vnEL9{iCjP!BATnJvwIzA;sAT=WXHH7q9naLU%q}6K<~ApcLqHVqO2(S&>Brk
z>h(l1BNX={9$B7Xyj+6Mwzw8CTu`F|PjGQpchJl$v4pLjwI{sY$gCMD9A?RheR=N}
zJ{9Z;tkNISVIXk)8=GZ~vFRDq4;tURaZy@sMvr`)maLojqL6}dL1}3o^9*-LG)RG*
z6tkj~DN?Ti0Xm}}5j6pac3{`<XQfkOSsG?d*2mUSl2T;1&HnW9IP_W-7>&0<h@EoH
zB0{$7n|d*ciHI+I9-%{#F-XxTJqFP7nGx*><AFCgIY+n#KWH{$V*tC8@cJi{)c?Ow
zXxNk}0Gs9mIp6@n+!R2^O$hJ`1%Y3ykB2t;&!;F@3->SZPq{pH_<t49FfbVZL7{((
zg4^)^0&fB_Gkl;{=)Wv-Mg~+yeZ>wlF#wrJ2w*k~1JyF1MKnPAEDQWvmiaZSp3G<v
z_n&J7$md|7Bkn6RigWbvYnf8lbQXE8K>wRK1%+P=+`a}37XAyo1Nx?VMaCiF@c%Ym
zFfc@~;nOv)K$4FMflVYk{MusvHDHm}UmzI(U4a0W^Dxkb-j%4yg7!*OWD6nqN2Ms3
z$mpt3YXKJ+wIu@x7dSz9CVxe&@axMS|7iUgb4wfaB8V(-3q=I#u>tO&BtVBYz_O<x
z09k|pO(+;B&>qcF1K&_uAl|3IN-`YKUz7#)x?GW?LBv<U=|vcb#qCN&v?Kzu_d%1)
zfZY-m{NMEybOiv3|2jtZtmk_L>ReI)odx_Qu>s;3LO^^OLUYYgyr#DY94!9hHqrod
zOAw%883s}dy)yBASr~rpZSk7wX*e2m7tmgZ0Kf_iWEgj)b32;`*jeEO86;k@GOus|
zp_i0bDBD#S$Rzn+apkHw$T{s_R<)Sq3MIG(136^;6_Z~5)4*l__vYAS|7|1yme#~U
z4_{uf((4kSvivI&QBC*9($&-j#@8u9>qTfe6M(<L2a;|A_Iud@{Z$Cyu>k|AcLE6;
z`k<%X0OPpi)!=`b_`iM0_X0mAB>ptOug~%SMxrQ~vL8L;naQzn{s{Te2Q~W5+NS>x
F_djzcFxCJ7

diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 94485e85b..12d38de6a 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,7 +1,5 @@
-#Tue Jun 25 19:31:12 CEST 2019
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.6.1-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.3-all.zip
-org.gradle.jvmargs=-Xmx4096m -XX:MaxPermSize=1024m
\ No newline at end of file
diff --git a/gradlew b/gradlew
index af6708ff2..4f906e0c8 100755
--- a/gradlew
+++ b/gradlew
@@ -1,5 +1,21 @@
 #!/usr/bin/env sh
 
+#
+# Copyright 2015 the original author or authors.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
 ##############################################################################
 ##
 ##  Gradle start up script for UN*X
@@ -28,7 +44,7 @@ APP_NAME="Gradle"
 APP_BASE_NAME=`basename "$0"`
 
 # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m"'
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD="maximum"
@@ -66,6 +82,7 @@ esac
 
 CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
 
+
 # Determine the Java command to use to start the JVM.
 if [ -n "$JAVA_HOME" ] ; then
     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
@@ -109,10 +126,11 @@ if $darwin; then
     GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
 fi
 
-# For Cygwin, switch paths to Windows format before running java
-if $cygwin ; then
+# For Cygwin or MSYS, switch paths to Windows format before running java
+if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then
     APP_HOME=`cygpath --path --mixed "$APP_HOME"`
     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
+
     JAVACMD=`cygpath --unix "$JAVACMD"`
 
     # We build the pattern for arguments to be converted via cygpath
@@ -138,19 +156,19 @@ if $cygwin ; then
         else
             eval `echo args$i`="\"$arg\""
         fi
-        i=$((i+1))
+        i=`expr $i + 1`
     done
     case $i in
-        (0) set -- ;;
-        (1) set -- "$args0" ;;
-        (2) set -- "$args0" "$args1" ;;
-        (3) set -- "$args0" "$args1" "$args2" ;;
-        (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
-        (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
-        (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
-        (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
-        (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
-        (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
+        0) set -- ;;
+        1) set -- "$args0" ;;
+        2) set -- "$args0" "$args1" ;;
+        3) set -- "$args0" "$args1" "$args2" ;;
+        4) set -- "$args0" "$args1" "$args2" "$args3" ;;
+        5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
+        6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
+        7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
+        8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
+        9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
     esac
 fi
 
@@ -159,14 +177,9 @@ save () {
     for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
     echo " "
 }
-APP_ARGS=$(save "$@")
+APP_ARGS=`save "$@"`
 
 # Collect all arguments for the java command, following the shell quoting and substitution rules
 eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
 
-# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong
-if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then
-  cd "$(dirname "$0")"
-fi
-
 exec "$JAVACMD" "$@"
diff --git a/gradlew.bat b/gradlew.bat
index 0f8d5937c..ac1b06f93 100644
--- a/gradlew.bat
+++ b/gradlew.bat
@@ -1,3 +1,19 @@
+@rem
+@rem Copyright 2015 the original author or authors.
+@rem
+@rem Licensed under the Apache License, Version 2.0 (the "License");
+@rem you may not use this file except in compliance with the License.
+@rem You may obtain a copy of the License at
+@rem
+@rem      https://www.apache.org/licenses/LICENSE-2.0
+@rem
+@rem Unless required by applicable law or agreed to in writing, software
+@rem distributed under the License is distributed on an "AS IS" BASIS,
+@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+@rem See the License for the specific language governing permissions and
+@rem limitations under the License.
+@rem
+
 @if "%DEBUG%" == "" @echo off
 @rem ##########################################################################
 @rem
@@ -13,15 +29,18 @@ if "%DIRNAME%" == "" set DIRNAME=.
 set APP_BASE_NAME=%~n0
 set APP_HOME=%DIRNAME%
 
+@rem Resolve any "." and ".." in APP_HOME to make it shorter.
+for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi
+
 @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS="-Xmx64m"
+set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m"
 
 @rem Find java.exe
 if defined JAVA_HOME goto findJavaFromJavaHome
 
 set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto init
+if "%ERRORLEVEL%" == "0" goto execute
 
 echo.
 echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
@@ -35,7 +54,7 @@ goto fail
 set JAVA_HOME=%JAVA_HOME:"=%
 set JAVA_EXE=%JAVA_HOME%/bin/java.exe
 
-if exist "%JAVA_EXE%" goto init
+if exist "%JAVA_EXE%" goto execute
 
 echo.
 echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
@@ -45,28 +64,14 @@ echo location of your Java installation.
 
 goto fail
 
-:init
-@rem Get command-line arguments, handling Windows variants
-
-if not "%OS%" == "Windows_NT" goto win9xME_args
-
-:win9xME_args
-@rem Slurp the command line arguments.
-set CMD_LINE_ARGS=
-set _SKIP=2
-
-:win9xME_args_slurp
-if "x%~1" == "x" goto execute
-
-set CMD_LINE_ARGS=%*
-
 :execute
 @rem Setup the command line
 
 set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
 
+
 @rem Execute Gradle
-"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %*
 
 :end
 @rem End local scope for the variables with windows NT shell
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index f6ff98f04..45bf57619 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -45,7 +45,7 @@ mapdb: "3.0.7"
 # jnrunix and jnrffi must be consistent
 jnrunix: "0.22"
 jnrffi: "2.1.5"
-protobuf: "3.10.0"
+protobuf: "3.13.0"
 httpcore: "4.4.11"
 httpclient: "4.5.7"
 jaxwsApi: "2.3.1"

From 51a581cca3284d26b4a5940b4f6629b51aec9bd8 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 9 Oct 2020 13:22:37 +0200
Subject: [PATCH 153/237] minor code improvements

---
 ids-infomodel-manager/build.gradle.kts        |  1 +
 .../InfoModelService.kt                       | 38 ++++++++-----------
 2 files changed, 17 insertions(+), 22 deletions(-)

diff --git a/ids-infomodel-manager/build.gradle.kts b/ids-infomodel-manager/build.gradle.kts
index aa5a0af3a..2b12185e2 100644
--- a/ids-infomodel-manager/build.gradle.kts
+++ b/ids-infomodel-manager/build.gradle.kts
@@ -11,6 +11,7 @@ apply(plugin = "idea")
 
 buildConfig {
     sourceSets.getByName("main") {
+        useKotlinOutput { topLevelConstants = true }
         packageName("de.fhg.aisec.ids.informationmodelmanager")
         buildConfigField("String", "INFOMODEL_VERSION",
                 "\"${libraryVersions["infomodel"] ?: error("Infomodel version not available")}\"")
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
index c1d8345ea..67749d017 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
@@ -25,19 +25,19 @@ import javax.xml.datatype.DatatypeFactory
 class InfoModelService : InfoModel {
 
     @Reference(cardinality = ReferenceCardinality.MANDATORY)
-    private var settings: Settings? = null
+    private lateinit var settings: Settings
     @Reference(cardinality = ReferenceCardinality.OPTIONAL)
     private var connectionManager: ConnectionManager? = null
 
-    private val connectorProfile: ConnectorProfile?
-        get() = settings?.connectorProfile
+    private val connectorProfile: ConnectorProfile
+        get() = settings.connectorProfile
 
     /**
      * Build ConnectorAvailableMessage for IDS message headers
      */
     fun getConnectorAvailableMessage(): ConnectorUpdateMessage {
         val builder = ConnectorUpdateMessageBuilder()
-        settings?.let { settings ->
+        settings.let { settings ->
             builder._securityToken_(
                     DynamicAttributeTokenBuilder()
                             ._tokenFormat_(TokenFormat.JWT)
@@ -60,7 +60,7 @@ class InfoModelService : InfoModel {
      * Build Connector Entity Names from preferences
      */
     private val connectorEntityNames: List<TypedLiteral>
-        get() = connectorProfile?.connectorEntityNames.also {
+        get() = connectorProfile.connectorEntityNames.also {
             if (it == null) {
                 LOG.warn("Settings or ConnectorProfile not available, or no connector entity names provided")
             }
@@ -89,7 +89,7 @@ class InfoModelService : InfoModel {
      * @return
      */
     private val securityProfile: SecurityProfile?
-        get() = connectorProfile?.securityProfile.also {
+        get() = connectorProfile.securityProfile.also {
             if (it == null) {
                 LOG.warn("Settings, ConnectorProfile not available, or no SecurityProfile provided")
             }
@@ -101,8 +101,8 @@ class InfoModelService : InfoModel {
      * The fields op_url and entityNames cannot be null.
      */
     override fun getConnector(): Connector? {
-        val maintainerUrl = connectorProfile?.maintainerUrl
-        val connectorUrl = connectorProfile?.connectorUrl
+        val maintainerUrl = connectorProfile.maintainerUrl
+        val connectorUrl = connectorProfile.connectorUrl
         val entityNames = connectorEntityNames
 
         if (LOG.isTraceEnabled) {
@@ -144,8 +144,8 @@ class InfoModelService : InfoModel {
         if (profile.securityProfile == null) {
             profile.securityProfile = SecurityProfile.TRUST_SECURITY_PROFILE
         }
-        return if (settings != null) {
-            settings?.connectorProfile = profile
+        return run {
+            settings.connectorProfile = profile
 
             try {
                 connector != null
@@ -153,18 +153,15 @@ class InfoModelService : InfoModel {
                 LOG.error("ConstraintViolationException while building Connector.", ex)
                 false
             }
-        } else {
-            LOG.warn("Couldn't store connector object: Settings not available.")
-            false
         }
     }
 
-    override fun getConnectorAsJsonLd(): String = settings?.connectorJsonLd
+    override fun getConnectorAsJsonLd(): String = settings.connectorJsonLd
             ?: connector?.let { serializer.serialize(it) }
             ?: throw NullPointerException("Connector is not available")
 
     override fun setConnectorByJsonLd(jsonLd: String?) {
-        settings?.let { settings ->
+        settings.let { settings ->
             if (jsonLd != null) {
                 try {
                     serializer.deserialize(jsonLd, TrustedConnector::class.java)
@@ -174,19 +171,16 @@ class InfoModelService : InfoModel {
                 }
             }
             settings.connectorJsonLd = jsonLd
-        } ?: LOG.warn("Couldn't store connector object: Settings not available.")
+        }
     }
 
-    override fun getDynamicAttributeToken(): String = settings?.dynamicAttributeToken
+    override fun getDynamicAttributeToken(): String = settings.dynamicAttributeToken
             ?: throw NullPointerException("DAPS token is not available")
 
     override fun setDynamicAttributeToken(dynamicAttributeToken: String) =
-            if (settings != null) {
-                settings?.dynamicAttributeToken = dynamicAttributeToken
+            run {
+                settings.dynamicAttributeToken = dynamicAttributeToken
                 true
-            } else {
-                LOG.warn("Couldn't store connector object: Settings not available.")
-                false
             }
 
     companion object {

From 821084abfc0eb288012d07206fd9643d1619189f Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 16 Oct 2020 10:00:18 +0200
Subject: [PATCH 154/237] Added support for IDSCP2 messages without
 header/body, bnd file and code cleanups

---
 build.gradle                                  |   2 +-
 camel-idscp2/bnd.bnd                          |  15 +--
 camel-idscp2/build.gradle.kts                 |   3 +
 .../ids/camel/idscp2/Idscp2OsgiComponent.kt   |  32 ++---
 .../idscp2/client/Idscp2ClientConsumer.kt     |   8 +-
 .../idscp2/client/Idscp2ClientEndpoint.kt     |   4 +-
 .../idscp2/client/Idscp2ClientProducer.kt     |   4 +-
 .../ArtifactRequestCreationProcessor.kt       |  37 ++++++
 .../camel/idscp2/server/CamelIdscp2Server.kt  |   2 +-
 .../idscp2/server/Idscp2ServerConsumer.kt     |   8 +-
 .../idscp2/server/Idscp2ServerEndpoint.kt     |   2 +-
 .../idscp2/server/Idscp2ServerProducer.kt     |   4 +-
 camel-multipart-processor/bnd.bnd             |   7 +-
 camel-multipart-processor/build.gradle.kts    |   5 -
 .../multipart/MultiPartInputProcessor.java    |  42 ------
 .../multipart/MultiPartStringParser.java      | 118 -----------------
 .../camel/multipart/MultiPartComponent.kt}    |  42 +++---
 .../camel/multipart/MultiPartConstants.kt}    |  13 +-
 .../multipart/MultiPartInputProcessor.kt      |  40 ++++++
 .../multipart/MultiPartOutputProcessor.kt}    | 115 ++++++++---------
 .../camel/multipart/MultiPartStringParser.kt  |  81 ++++++++++++
 .../aisec/ids/api/infomodel/InfoModel.java    |  74 -----------
 .../fhg/aisec/ids/api/infomodel/InfoModel.kt  |  83 ++++++++++++
 .../InfoModelService.kt                       | 120 ++++++++++--------
 .../idscp2/app_layer/AppLayerConnection.kt    |  23 +++-
 .../listeners/GenericMessageListener.kt       |   2 +-
 idscp2/bnd.bnd                                |   6 +-
 27 files changed, 443 insertions(+), 449 deletions(-)
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
 delete mode 100644 camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.java
 delete mode 100644 camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.java
 rename camel-multipart-processor/src/main/{java/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.java => kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.kt} (59%)
 rename camel-multipart-processor/src/main/{java/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.java => kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.kt} (78%)
 create mode 100644 camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt
 rename camel-multipart-processor/src/main/{java/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.java => kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt} (63%)
 create mode 100644 camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.kt
 delete mode 100644 ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.java
 create mode 100644 ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt

diff --git a/build.gradle b/build.gradle
index 6e0cfc7e1..e432798ab 100644
--- a/build.gradle
+++ b/build.gradle
@@ -124,7 +124,7 @@ subprojects {
 
     tasks.withType(KotlinCompile) {
         kotlinOptions {
-            jvmTarget = "1.8"
+            jvmTarget = "11"
         }
     }
 
diff --git a/camel-idscp2/bnd.bnd b/camel-idscp2/bnd.bnd
index 5ea70404e..2b60f466c 100644
--- a/camel-idscp2/bnd.bnd
+++ b/camel-idscp2/bnd.bnd
@@ -1,11 +1,4 @@
-Bundle-Name: IDS :: Camel IDSCP Support
-Bundle-Description: Camel IDS protocol support
-Export-Package: de.fhg.camel.ids.server,\
-	de.fhg.camel.ids.connectionmanagement,\
-	de.fhg.camel.ids.client
-Import-Package: \
-	!org.checkerframework.checker.*,\
-	*
-DynamicImport-Package: \
-	org.asynchttpclient.netty.*,\
-	com.typesafe.netty.*
+Bundle-Name: IDS :: Camel IDSCP2 Support
+Bundle-Description: Camel IDSCP2 protocol support
+Export-Package: de.fhg.aisec.ids.camel.idscp2*
+Import-Package: *
\ No newline at end of file
diff --git a/camel-idscp2/build.gradle.kts b/camel-idscp2/build.gradle.kts
index 8b447239a..a1df6508b 100644
--- a/camel-idscp2/build.gradle.kts
+++ b/camel-idscp2/build.gradle.kts
@@ -7,6 +7,9 @@ dependencies {
     providedByBundle(project(":ids-api")) { isTransitive = false }
     providedByBundle(project(":idscp2-app-layer"))
 
+    implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
+    implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodelSerializer"])
+
     // Bill of Materials (BOM) for Camel
     bom("org.apache.camel", "camel-parent", libraryVersions["camel"])
 
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt
index 142f0c1ae..b5f5c2269 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt
@@ -23,7 +23,10 @@ import de.fhg.aisec.ids.api.endpointconfig.EndpointConfigManager
 import de.fhg.aisec.ids.api.infomodel.InfoModel
 import de.fhg.aisec.ids.api.settings.Settings
 import de.fhg.aisec.ids.api.tokenm.TokenManager
-import org.osgi.service.component.annotations.*
+import org.osgi.service.component.annotations.Activate
+import org.osgi.service.component.annotations.Component
+import org.osgi.service.component.annotations.Reference
+import org.osgi.service.component.annotations.ReferenceCardinality
 
 @Component
 class Idscp2OsgiComponent {
@@ -44,11 +47,6 @@ class Idscp2OsgiComponent {
         instance = this
     }
 
-    @Deactivate
-    fun deactivate() {
-        instance = null
-    }
-
     fun setSettings(settings: Settings) {
         this.settings = settings
     }
@@ -66,10 +64,10 @@ class Idscp2OsgiComponent {
     }
 
     companion object {
-        private var instance: Idscp2OsgiComponent? = null
+        private lateinit var instance: Idscp2OsgiComponent
 
-        fun setInstance(instance: Idscp2OsgiComponent?) {
-            Companion.instance = instance
+        fun setInstance(instance: Idscp2OsgiComponent) {
+            this.instance = instance
         }
 
         /**
@@ -77,25 +75,17 @@ class Idscp2OsgiComponent {
          * but instance might be null for Unit Tests
          * @return Token-Manager instance
          */
-        fun getSettings(): Settings {
-            return instance!!.settings
-        }
+        val settings get() = instance.settings
 
         /**
          * Is never null due to ReferenceCardinality.MANDATORY,
          * but instance might be null for Unit Tests
          * @return Info-Model-Manager instance
          */
-        fun getInfoModelManager(): InfoModel {
-            return instance!!.infoModelManager
-        }
+        val infoModelManager get() = instance.infoModelManager
 
-        fun getTokenManager(): TokenManager? {
-            return instance?.tokenManager
-        }
+        val tokenManager get() = instance.tokenManager
 
-        fun getEndpointConfigManager(): EndpointConfigManager? {
-            return instance?.endpointConfigManager
-        }
+        val endpointConfigManager get() = instance.endpointConfigManager
     }
 }
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index 0f9fce53d..d4e1d2aa6 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -55,7 +55,7 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
         endpoint.releaseConnection(connectionFuture)
     }
 
-    override fun onMessage(connection: AppLayerConnection, header: String, payload: ByteArray) {
+    override fun onMessage(connection: AppLayerConnection, header: String?, payload: ByteArray?) {
         if (LOG.isTraceEnabled) {
             LOG.trace("Idscp2ClientConsumer received GenericMessage with header:\n{}", header)
         }
@@ -69,9 +69,9 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
             processor.process(exchange)
             // Handle response
             val response = exchange.message
-            val responseType = response.getHeader("idscp2-header", String::class.java)
-            if (response.body != null && responseType != null) {
-                connection.sendGenericMessage(responseType, response.getBody(ByteArray::class.java))
+            val responseHeader = response.getHeader("idscp2-header", String::class.java)
+            if (response.body != null || responseHeader != null) {
+                connection.sendGenericMessage(responseHeader, response.getBody(ByteArray::class.java))
             }
         } finally {
             doneUoW(exchange)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 4fb1d8333..5b55b5805 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -16,7 +16,6 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.client
 
-import de.fhg.aisec.ids.api.settings.Settings
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
@@ -98,7 +97,6 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
 
     public override fun doStart() {
         LOG.debug("Starting IDSCP2 client endpoint $endpointUri")
-        val settings: Settings = Idscp2OsgiComponent.getSettings()
         val remainingMatcher = URI_REGEX.matcher(remaining)
         require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
         val matchResult = remainingMatcher.toMatchResult()
@@ -125,7 +123,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         secureChannelDriver = NativeTLSDriver()
         clientSettings = clientSettingsBuilder.build()
         dapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
-                .setDapsUrl(settings.connectorConfig.dapsUrl)
+                .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
                 .setKeyAlias(clientSettings.dapsKeyAlias)
                 .setKeyPassword(clientSettings.keyPassword)
                 .setKeyStorePath(clientSettings.keyStorePath)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
index df4baeccc..2dd984cca 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -33,7 +33,9 @@ class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : Default
         val message = exchange.getIn()
         val type = message.getHeader("idscp2-header", String::class.java)
         val body = message.getBody(ByteArray::class.java)
-        connectionFuture.get().sendGenericMessage(type, body)
+        if (type != null || body != null) {
+            connectionFuture.get().sendGenericMessage(type, body)
+        }
     }
 
     override fun doStart() {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
new file mode 100644
index 000000000..5de1c4519
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
@@ -0,0 +1,37 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
+import de.fraunhofer.iais.eis.ArtifactRequestMessageBuilder
+import de.fraunhofer.iais.eis.ids.jsonld.Serializer
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+import java.net.URI
+
+class ArtifactRequestCreationProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        val requestMessageBuilder = ArtifactRequestMessageBuilder()
+        Idscp2OsgiComponent.infoModelManager.initMessageBuilder(requestMessageBuilder)
+        val artifactUriProperty = exchange.getProperty(ARTIFACT_URI_PROPERTY)
+        val artifactUri = if (artifactUriProperty is URI) {
+            artifactUriProperty
+        } else {
+            URI.create(artifactUriProperty.toString())
+        }
+        requestMessageBuilder._requestedArtifact_(artifactUri)
+        val requestMessageSerialization = SERIALIZER.serialize(requestMessageBuilder.build())
+        if (LOG.isDebugEnabled) {
+            LOG.debug("ArtifactRequestMessage serialization: {}", requestMessageSerialization)
+        }
+        exchange.`in`.setHeader("idscp2-header", requestMessageSerialization)
+    }
+
+    companion object {
+        const val ARTIFACT_URI_PROPERTY = "artifactUri"
+
+        private val LOG = LoggerFactory.getLogger(ArtifactRequestCreationProcessor::class.java)
+        private val SERIALIZER: Serializer by lazy { Serializer() }
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index 101924c54..174f252ce 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -33,7 +33,7 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
 
     init {
         val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
-                .setDapsUrl(Idscp2OsgiComponent.getSettings().connectorConfig.dapsUrl)
+                .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
                 .setKeyAlias(serverSettings.dapsKeyAlias)
                 .setKeyPassword(serverSettings.keyPassword)
                 .setKeyStorePath(serverSettings.keyStorePath)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
index af4fe0447..5150393e2 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
@@ -37,7 +37,7 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
         super.doStop()
     }
 
-    override fun onMessage(connection: AppLayerConnection, header: String, payload: ByteArray) {
+    override fun onMessage(connection: AppLayerConnection, header: String?, payload: ByteArray?) {
         if (LOG.isTraceEnabled) {
             LOG.trace("Idscp2ServerConsumer received GenericMessage with header:\n{}", header)
         }
@@ -51,9 +51,9 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
             processor.process(exchange)
             // Handle response
             val response = exchange.message
-            val responseType = response.getHeader("idscp2-header", String::class.java)
-            if (response.body != null && responseType != null) {
-                connection.sendGenericMessage(responseType, response.getBody(ByteArray::class.java))
+            val responseHeader = response.getHeader("idscp2-header", String::class.java)
+            if (response.body != null || responseHeader != null) {
+                connection.sendGenericMessage(responseHeader, response.getBody(ByteArray::class.java))
             }
         } catch (e: Exception) {
             LOG.error("Error in Idscp2ServerConsumer.onMessage()", e)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index 2562bef3a..b8bb14d48 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -74,7 +74,7 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
     }
 
     @Synchronized
-    fun sendMessage(type: String, body: ByteArray) {
+    fun sendMessage(type: String?, body: ByteArray?) {
         server?.let { server -> server.allConnections.forEach { it.sendGenericMessage(type, body) } }
     }
 
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
index 5e7fa02a3..53054f811 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
@@ -29,7 +29,9 @@ class Idscp2ServerProducer(private val endpoint: Idscp2ServerEndpoint) : Default
         val message = exchange.getIn()
         val type = message.getHeader("idscp2-header", String::class.java)
         val body = message.getBody(ByteArray::class.java)
-        endpoint.sendMessage(type, body)
+        if (type != null || body != null) {
+            endpoint.sendMessage(type, body)
+        }
     }
 
 }
\ No newline at end of file
diff --git a/camel-multipart-processor/bnd.bnd b/camel-multipart-processor/bnd.bnd
index 4ce378e8c..88bccc6ce 100644
--- a/camel-multipart-processor/bnd.bnd
+++ b/camel-multipart-processor/bnd.bnd
@@ -1,7 +1,4 @@
 Bundle-Name: IDS :: Camel Multipart Processor
 Bundle-Description: Mime/Multipart support for Camel messages
-Export-Package: \
-	de.fhg.aisec.ids.camel.multipart
-Import-Package: \
-	!org.checkerframework.checker*,\
-	*
+Export-Package: de.fhg.aisec.ids.camel.multipart
+Import-Package: *
diff --git a/camel-multipart-processor/build.gradle.kts b/camel-multipart-processor/build.gradle.kts
index b8e816932..f7129e575 100644
--- a/camel-multipart-processor/build.gradle.kts
+++ b/camel-multipart-processor/build.gradle.kts
@@ -3,9 +3,6 @@ dependencies {
             rootProject.ext.get("libraryVersions") as Map<String, String>
 
     providedByBundle(project(":ids-api")) { isTransitive = false }
-
-    implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
-    implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodelSerializer"])
     
     // Bill of Materials (BOM) for Camel
     bom("org.apache.camel", "camel-parent", libraryVersions["camel"])
@@ -13,8 +10,6 @@ dependencies {
     providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
 	providedByFeature("org.apache.camel", "camel-http4", libraryVersions["camelHttp4"])
 
-    compileOnly("org.checkerframework", "checker-qual", libraryVersions["checkerQual"])
-
     providedByBundle("org.apache.httpcomponents", "httpcore-osgi", libraryVersions["httpcore"])
 	providedByBundle("org.apache.httpcomponents", "httpclient-osgi", libraryVersions["httpclient"])
     
diff --git a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.java b/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.java
deleted file mode 100644
index ee2d2241a..000000000
--- a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-multipart-processor
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.multipart;
-
-import java.io.InputStream;
-import org.apache.camel.Exchange;
-import org.apache.camel.Processor;
-
-public class MultiPartInputProcessor implements Processor {
-
-  @Override
-  public void process(Exchange exchange) throws Exception {
-    // Parse Multipart message
-    MultiPartStringParser parser =
-        new MultiPartStringParser(exchange.getIn().getBody(InputStream.class));
-    // Parser JSON Header (should be an InfoModel object)
-    exchange.getIn().setHeader("idsMultipartHeader", parser.getHeader());
-    // Remove current Content-Type header before setting the new one
-    exchange.getIn().removeHeader("Content-Type");
-    // Copy Content-Type from payload part
-    exchange.getIn().setHeader("Content-Type", parser.getPayloadContentType());
-    // Populate body with extracted payload
-    exchange.getIn().setBody(parser.getPayload());
-  }
-}
diff --git a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.java b/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.java
deleted file mode 100644
index acf9c4845..000000000
--- a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-multipart-processor
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.multipart;
-
-import org.apache.commons.fileupload.FileItem;
-import org.apache.commons.fileupload.FileUpload;
-import org.apache.commons.fileupload.FileUploadException;
-import org.apache.commons.fileupload.UploadContext;
-import org.apache.commons.fileupload.disk.DiskFileItemFactory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.nio.charset.StandardCharsets;
-
-import static de.fhg.aisec.ids.camel.multipart.MultiPartConstants.MULTIPART_HEADER;
-import static de.fhg.aisec.ids.camel.multipart.MultiPartConstants.MULTIPART_PAYLOAD;
-
-public class MultiPartStringParser implements UploadContext {
-
-  private static final Logger LOG = LoggerFactory.getLogger(MultiPartStringParser.class);
-  private final InputStream multipartInput;
-  private final String boundary;
-  private String header;
-  private InputStream payload;
-  private String payloadContentType;
-
-  MultiPartStringParser(final InputStream multipartInput) throws FileUploadException, IOException {
-    this.multipartInput = multipartInput;
-    multipartInput.mark(10240);
-    try (BufferedReader reader =
-        new BufferedReader(new InputStreamReader(multipartInput, StandardCharsets.UTF_8))) {
-      String boundaryLine = reader.readLine();
-      if (boundaryLine == null) {
-        throw new IOException("Message body appears to be empty, expected multipart boundary.");
-      }
-      this.boundary = boundaryLine.substring(2).trim();
-      this.multipartInput.reset();
-      for (FileItem i : new FileUpload(new DiskFileItemFactory()).parseRequest(this)) {
-        String fieldName = i.getFieldName();
-        if (LOG.isTraceEnabled()) {
-          LOG.trace("Found multipart field with name \"{}\"", fieldName);
-        }
-        if (MULTIPART_HEADER.equals(fieldName)) {
-          header = i.getString();
-          if (LOG.isDebugEnabled()) {
-            LOG.debug("Found header:\n{}", header);
-          }
-        } else if (MULTIPART_PAYLOAD.equals(fieldName)) {
-          payload = i.getInputStream();
-          payloadContentType = i.getContentType();
-          if (LOG.isDebugEnabled()) {
-            LOG.debug("Found body with Content-Type \"{}\"", payloadContentType);
-          }
-        } else {
-          throw new IOException("Unknown multipart field name detected: " + fieldName);
-        }
-      }
-    }
-  }
-
-  @Override
-  public String getCharacterEncoding() {
-    return StandardCharsets.UTF_8.name();
-  }
-
-  @Override
-  public int getContentLength() {
-    return -1;
-  }
-
-  @Override
-  public String getContentType() {
-    return "multipart/form-data, boundary=" + this.boundary;
-  }
-
-  @Override
-  public InputStream getInputStream() {
-    return multipartInput;
-  }
-
-  @Override
-  public long contentLength() {
-    return -1;
-  }
-
-  public String getHeader() {
-    return header;
-  }
-
-  public InputStream getPayload() {
-    return payload;
-  }
-
-  public String getPayloadContentType() {
-    return payloadContentType;
-  }
-}
diff --git a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.java b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.kt
similarity index 59%
rename from camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.java
rename to camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.kt
index 1f81af92d..76a1c5aa1 100644
--- a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.java
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.kt
@@ -17,38 +17,36 @@
  * limitations under the License.
  * =========================LICENSE_END==================================
  */
-package de.fhg.aisec.ids.camel.multipart;
+package de.fhg.aisec.ids.camel.multipart
 
-import de.fhg.aisec.ids.api.infomodel.InfoModel;
-import org.osgi.service.component.annotations.Activate;
-import org.osgi.service.component.annotations.Component;
-import org.osgi.service.component.annotations.Reference;
-import org.osgi.service.component.annotations.ReferenceCardinality;
+import de.fhg.aisec.ids.api.infomodel.InfoModel
+import org.osgi.service.component.annotations.Activate
+import org.osgi.service.component.annotations.Component
+import org.osgi.service.component.annotations.Reference
+import org.osgi.service.component.annotations.ReferenceCardinality
 
 /**
  * The only purpose of this OSGi component is to connect to the InfoModelManager.
  *
- * <p>This is required for the MultiPartComponent to use a proper IDS self description in the
+ *
+ * This is required for the MultiPartComponent to use a proper IDS self description in the
  * multipart messages.
  *
  * @author Julian Schütte (julian.schuette@aisec.fraunhofer.de)
  */
 @Component(name = "ids-multipart-component")
-public class MultiPartComponent {
-
-  @SuppressWarnings("unused")
-  @Reference(cardinality = ReferenceCardinality.MANDATORY)
-  private InfoModel infoModel;
+class MultiPartComponent {
+    @Reference(cardinality = ReferenceCardinality.MANDATORY)
+    lateinit var infoModelManager: InfoModel
 
-  private static MultiPartComponent instance;
+    @Activate
+    fun activate() {
+        instance = this
+    }
 
-  @Activate
-  @SuppressWarnings("squid:S2696")
-  protected void activate() {
-    instance = this;
-  }
+    companion object {
+        private lateinit var instance: MultiPartComponent
 
-  public static InfoModel getInfoModelManager() {
-    return instance.infoModel;
-  }
-}
+        val infoModelManager get() = instance.infoModelManager
+    }
+}
\ No newline at end of file
diff --git a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.java b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.kt
similarity index 78%
rename from camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.java
rename to camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.kt
index 439bd75a4..42624f778 100644
--- a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.java
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.kt
@@ -17,12 +17,9 @@
  * limitations under the License.
  * =========================LICENSE_END==================================
  */
-package de.fhg.aisec.ids.camel.multipart;
+package de.fhg.aisec.ids.camel.multipart
 
-final class MultiPartConstants {
-
-  private MultiPartConstants() {}
-
-  static final String MULTIPART_HEADER = "header";
-  static final String MULTIPART_PAYLOAD = "payload";
-}
+internal object MultiPartConstants {
+    const val MULTIPART_HEADER = "header"
+    const val MULTIPART_PAYLOAD = "payload"
+}
\ No newline at end of file
diff --git a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt
new file mode 100644
index 000000000..9493a79c7
--- /dev/null
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt
@@ -0,0 +1,40 @@
+/*-
+ * ========================LICENSE_START=================================
+ * camel-multipart-processor
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.camel.multipart
+
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import java.io.InputStream
+
+class MultiPartInputProcessor : Processor {
+    @Throws(Exception::class)
+    override fun process(exchange: Exchange) {
+        // Parse Multipart message
+        val parser = MultiPartStringParser(exchange.getIn().getBody(InputStream::class.java))
+        // Parser JSON Header (should be an InfoModel object)
+        exchange.getIn().setHeader("idsMultipartHeader", parser.header)
+        // Remove current Content-Type header before setting the new one
+        exchange.getIn().removeHeader("Content-Type")
+        // Copy Content-Type from payload part
+        exchange.getIn().setHeader("Content-Type", parser.payloadContentType)
+        // Populate body with extracted payload
+        exchange.getIn().body = parser.payload
+    }
+}
\ No newline at end of file
diff --git a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.java b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
similarity index 63%
rename from camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.java
rename to camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
index 327983e79..aa5177a61 100644
--- a/camel-multipart-processor/src/main/java/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.java
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
@@ -17,20 +17,19 @@
  * limitations under the License.
  * =========================LICENSE_END==================================
  */
-package de.fhg.aisec.ids.camel.multipart;
+package de.fhg.aisec.ids.camel.multipart
 
-import de.fhg.aisec.ids.api.infomodel.InfoModel;
-import org.apache.camel.Exchange;
-import org.apache.camel.Processor;
-import org.apache.http.entity.ContentType;
-import org.apache.http.entity.mime.HttpMultipartMode;
-import org.apache.http.entity.mime.MultipartEntityBuilder;
-import org.apache.http.entity.mime.content.InputStreamBody;
-import org.apache.http.entity.mime.content.StringBody;
-
-import java.io.InputStream;
-import java.nio.charset.StandardCharsets;
-import java.util.UUID;
+import de.fhg.aisec.ids.api.infomodel.InfoModel
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.apache.http.entity.ContentType
+import org.apache.http.entity.mime.HttpMultipartMode
+import org.apache.http.entity.mime.MultipartEntityBuilder
+import org.apache.http.entity.mime.content.InputStreamBody
+import org.apache.http.entity.mime.content.StringBody
+import java.io.InputStream
+import java.nio.charset.StandardCharsets
+import java.util.*
 
 /**
  * The MultiPartOutputProcessor will read the Exchange's header "ids" (if present) and the
@@ -101,54 +100,52 @@
  * @author Julian Schütte (julian.schuette@aisec.fraunhofer.de)
  * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
  */
-public class MultiPartOutputProcessor implements Processor {
-
-  @Override
-  public void process(Exchange exchange) throws Exception {
-    String boundary = UUID.randomUUID().toString();
+class MultiPartOutputProcessor : Processor {
+    @Throws(Exception::class)
+    override fun process(exchange: Exchange) {
+        val boundary = UUID.randomUUID().toString()
+        val multipartEntityBuilder = MultipartEntityBuilder.create()
+        multipartEntityBuilder.setMode(HttpMultipartMode.STRICT)
+        multipartEntityBuilder.setBoundary(boundary)
 
-    MultipartEntityBuilder multipartEntityBuilder = MultipartEntityBuilder.create();
-    multipartEntityBuilder.setMode(HttpMultipartMode.STRICT);
-    multipartEntityBuilder.setBoundary(boundary);
+        // Get the IDS InfoModelManager and retrieve a JSON-LD-serialized self-description that
+        // will be sent as a multipart "header"
+        val infoModel: InfoModel = MultiPartComponent.infoModelManager
+        val rdfHeader = infoModel.connectorAsJsonLd
 
-    // Get the IDS InfoModelManager and retrieve a JSON-LD-serialized self-description that
-    // will be sent as a multipart "header"
-    InfoModel infoModel = MultiPartComponent.getInfoModelManager();
-    String rdfHeader = "";
-    if (infoModel != null) {
-      rdfHeader = infoModel.getConnectorAsJsonLd();
-    }
+        // Use the self-description provided by the InfoModelManager as "header"
+        multipartEntityBuilder.addPart(
+                MultiPartConstants.MULTIPART_HEADER,
+                StringBody(rdfHeader, ContentType.APPLICATION_JSON))
 
-    // Use the self-description provided by the InfoModelManager as "header"
-    multipartEntityBuilder.addPart(
-        MultiPartConstants.MULTIPART_HEADER,
-        new StringBody(rdfHeader, ContentType.APPLICATION_JSON));
+        // Get the Exchange body and turn it into the second part named "payload"
+        val contentTypeString = exchange.getIn().getHeader("Content-Type")
+        if (contentTypeString != null) {
+            val payload = exchange.getIn().getBody(InputStream::class.java)
+            if (payload != null) {
+                multipartEntityBuilder.addPart(
+                        MultiPartConstants.MULTIPART_PAYLOAD,
+                        InputStreamBody(
+                                payload,
+                                ContentType.create(exchange.getIn().getHeader("Content-Type").toString()
+                                        .split(";").toTypedArray()[0])))
+            }
+        } else {
+            val payload = exchange.getIn().getBody(String::class.java)
+            if (payload != null) {
+                multipartEntityBuilder.addPart(
+                        MultiPartConstants.MULTIPART_PAYLOAD,
+                        StringBody(payload, ContentType.create(
+                                ContentType.TEXT_PLAIN.mimeType,
+                                StandardCharsets.UTF_8)))
+            }
+        }
 
-    // Get the Exchange body and turn it into the second part named "payload"
-    final var contentTypeString = exchange.getIn().getHeader("Content-Type");
-    if (contentTypeString != null) {
-      InputStream payload = exchange.getIn().getBody(InputStream.class);
-      if (payload != null) {
-        multipartEntityBuilder.addPart(
-            MultiPartConstants.MULTIPART_PAYLOAD,
-            new InputStreamBody(
-                payload,
-                ContentType.create(exchange.getIn().getHeader("Content-Type").toString().split(";")[0])));
-      }
-    } else {
-      String payload = exchange.getIn().getBody(String.class);
-      if (payload != null) {
-        multipartEntityBuilder.addPart(
-            MultiPartConstants.MULTIPART_PAYLOAD,
-            new StringBody(payload, ContentType.create(ContentType.TEXT_PLAIN.getMimeType(), StandardCharsets.UTF_8)));
-      }
+        // Remove current Content-Type header before setting the new one
+        exchange.getIn().removeHeader("Content-Type")
+        // Set Content-Type for multipart message
+        exchange.getIn().setHeader("Content-Type", "multipart/mixed; boundary=$boundary")
+        // Using InputStream as source for the message body
+        exchange.getIn().body = multipartEntityBuilder.build().content
     }
-
-    // Remove current Content-Type header before setting the new one
-    exchange.getIn().removeHeader("Content-Type");
-    // Set Content-Type for multipart message
-    exchange.getIn().setHeader("Content-Type", "multipart/mixed; boundary=" + boundary);
-    // Using InputStream as source for the message body
-    exchange.getIn().setBody(multipartEntityBuilder.build().getContent());
-  }
-}
+}
\ No newline at end of file
diff --git a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.kt b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.kt
new file mode 100644
index 000000000..e12e61f1a
--- /dev/null
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.kt
@@ -0,0 +1,81 @@
+/*-
+ * ========================LICENSE_START=================================
+ * camel-multipart-processor
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.camel.multipart
+
+import org.apache.commons.fileupload.FileUpload
+import org.apache.commons.fileupload.UploadContext
+import org.apache.commons.fileupload.disk.DiskFileItemFactory
+import org.slf4j.LoggerFactory
+import java.io.BufferedReader
+import java.io.IOException
+import java.io.InputStream
+import java.io.InputStreamReader
+import java.nio.charset.StandardCharsets
+
+class MultiPartStringParser internal constructor(private val multipartInput: InputStream) : UploadContext {
+    private var boundary: String? = null
+    var header: String? = null
+    var payload: InputStream? = null
+    var payloadContentType: String? = null
+
+    override fun getCharacterEncoding(): String = StandardCharsets.UTF_8.name()
+
+    override fun getContentLength() = -1
+
+    override fun getContentType() = "multipart/form-data, boundary=$boundary"
+
+    override fun getInputStream() = multipartInput
+
+    override fun contentLength() = -1L
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(MultiPartStringParser::class.java)
+    }
+
+    init {
+        multipartInput.mark(10240)
+        BufferedReader(InputStreamReader(multipartInput, StandardCharsets.UTF_8)).use { reader ->
+            val boundaryLine = reader.readLine()
+                    ?: throw IOException("Message body appears to be empty, expected multipart boundary.")
+            boundary = boundaryLine.substring(2).trim { it <= ' ' }
+            multipartInput.reset()
+            for (i in FileUpload(DiskFileItemFactory()).parseRequest(this)) {
+                val fieldName = i.fieldName
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("Found multipart field with name \"{}\"", fieldName)
+                }
+                if (MultiPartConstants.MULTIPART_HEADER == fieldName) {
+                    header = i.string
+                    if (LOG.isDebugEnabled) {
+                        LOG.debug("Found header:\n{}", header)
+                    }
+                } else if (MultiPartConstants.MULTIPART_PAYLOAD == fieldName) {
+                    payload = i.inputStream
+                    payloadContentType = i.contentType
+                    if (LOG.isDebugEnabled) {
+                        LOG.debug("Found body with Content-Type \"{}\"", payloadContentType)
+                    }
+                } else {
+                    throw IOException("Unknown multipart field name detected: $fieldName")
+                }
+            }
+        }
+    }
+}
\ No newline at end of file
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.java
deleted file mode 100644
index 7e06bac3b..000000000
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-api
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.api.infomodel;
-
-import de.fraunhofer.iais.eis.Connector;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.nullness.qual.Nullable;
-
-public interface InfoModel {
-
-  /**
-   * Retrieve Connector object based on stored properties
-   *
-   * @return currently stored Connector object
-   */
-  @Nullable
-  Connector getConnector();
-
-  /**
-   * Save/Update Connector object to preferences
-   *
-   * @param profile Basic connector profile from GUI
-   * @return update success
-   */
-  boolean setConnector(@NonNull ConnectorProfile profile);
-
-  /**
-   * Get connector self-description as JSON-LD
-   *
-   * @return Connector self-description as JSON-LD
-   */
-  @NonNull
-  String getConnectorAsJsonLd();
-
-  /**
-   * Set static connector self-description as JSON-LD, or remove if "null" is passed
-   *
-   * @param jsonLd JSON-LD self-description to use for this connector
-   */
-  void setConnectorByJsonLd(@Nullable String jsonLd);
-
-  /**
-   * Get connector Dynamic Attribute Token
-   *
-   * @return DAT
-   */
-  @NonNull
-  String getDynamicAttributeToken();
-
-  /**
-   * Set Dynamic Attribute Token or remove if "null" is passed
-   *
-   * @param dynamicAttributeToken The DAT to use for this connector
-   * @return Whether storing the DAT has been successful
-   */
-  boolean setDynamicAttributeToken(@NonNull String dynamicAttributeToken);
-}
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt
new file mode 100644
index 000000000..2e3cb5cd5
--- /dev/null
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt
@@ -0,0 +1,83 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-api
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.api.infomodel
+
+import de.fraunhofer.iais.eis.Connector
+
+interface InfoModel {
+    /**
+     * Retrieve Connector object based on stored properties
+     *
+     * @return currently stored Connector object
+     */
+    val connector: Connector?
+
+    /**
+     * Save/Update Connector object to preferences
+     *
+     * @param profile Basic connector profile from GUI
+     * @return update success
+     */
+    fun setConnector(profile: ConnectorProfile): Boolean
+
+    /**
+     * Get connector self-description as JSON-LD
+     *
+     * @return Connector self-description as JSON-LD
+     */
+    val connectorAsJsonLd: String
+
+    /**
+     * Set static connector self-description as JSON-LD, or remove if "null" is passed
+     *
+     * @param jsonLd JSON-LD self-description to use for this connector
+     */
+    fun setConnectorByJsonLd(jsonLd: String?)
+
+    /**
+     * Get connector Dynamic Attribute Token
+     *
+     * @return DAT
+     */
+    val dynamicAttributeToken: String
+
+    /**
+     * Set Dynamic Attribute Token or remove if "null" is passed
+     *
+     * @param dynamicAttributeToken The DAT to use for this connector
+     * @return Whether storing the DAT has been successful
+     */
+    fun setDynamicAttributeToken(dynamicAttributeToken: String?)
+
+    /**
+     * Get version of implemented infomodel
+     *
+     * @return Version of infomodel
+     */
+    val modelVersion: String
+
+    /**
+     * Initializes an infomodel *MessageBuilder with required fields,
+     * using reflection
+     *
+     * @return Populated *MessageBuilder
+     */
+    fun <T: Any> initMessageBuilder(builder: T): T
+}
\ No newline at end of file
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
index 67749d017..6b406bca5 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
@@ -16,6 +16,7 @@ import java.net.URI
 import java.net.URISyntaxException
 import java.util.*
 import javax.xml.datatype.DatatypeFactory
+import javax.xml.datatype.XMLGregorianCalendar
 
 
 /**
@@ -32,27 +33,33 @@ class InfoModelService : InfoModel {
     private val connectorProfile: ConnectorProfile
         get() = settings.connectorProfile
 
+    override val modelVersion = BuildConfig.INFOMODEL_VERSION
+
+    override fun <T: Any> initMessageBuilder(builder: T): T {
+        val builderClass = builder::class.java
+        builderClass.getMethod("_securityToken_", DynamicAttributeToken::class.java)
+                .invoke(builder, DynamicAttributeTokenBuilder()
+                        ._tokenFormat_(TokenFormat.JWT)
+                        ._tokenValue_(settings.dynamicAttributeToken)
+                        .build())
+        builderClass.getMethod("_senderAgent_", URI::class.java)
+                .invoke(builder, settings.connectorProfile.maintainerUrl)
+        builderClass.getMethod("_issuerConnector_", URI::class.java)
+                .invoke(builder, settings.connectorProfile.connectorUrl)
+        builderClass.getMethod("_issued_", XMLGregorianCalendar::class.java)
+                .invoke(builder, DatatypeFactory.newInstance().newXMLGregorianCalendar(
+                        GregorianCalendar().apply { timeInMillis = System.currentTimeMillis() }))
+        builderClass.getMethod("_modelVersion_", String::class.java)
+                .invoke(builder, modelVersion)
+        return builder
+    }
+
     /**
      * Build ConnectorAvailableMessage for IDS message headers
      */
     fun getConnectorAvailableMessage(): ConnectorUpdateMessage {
         val builder = ConnectorUpdateMessageBuilder()
-        settings.let { settings ->
-            builder._securityToken_(
-                    DynamicAttributeTokenBuilder()
-                            ._tokenFormat_(TokenFormat.JWT)
-                            ._tokenValue_(settings.dynamicAttributeToken)
-                            .build())
-            settings.connectorProfile.maintainerUrl?.let {
-                builder._senderAgent_(it)
-            }
-            settings.connectorProfile.connectorUrl?.let {
-                builder._issuerConnector_(it)._affectedConnector_(it)
-            }
-        }
-        builder._issued_(DatatypeFactory.newInstance().newXMLGregorianCalendar(
-                GregorianCalendar().apply { timeInMillis = System.currentTimeMillis() }))
-        builder._modelVersion_(BuildConfig.INFOMODEL_VERSION)
+        initMessageBuilder(builder)
         return builder.build()
     }
 
@@ -100,40 +107,41 @@ class InfoModelService : InfoModel {
      * Returns random connector_url if none is stored in preferences.
      * The fields op_url and entityNames cannot be null.
      */
-    override fun getConnector(): Connector? {
-        val maintainerUrl = connectorProfile.maintainerUrl
-        val connectorUrl = connectorProfile.connectorUrl
-        val entityNames = connectorEntityNames
-
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Maintainer URL: {}, Connector URL: {}, Entity Names: {}",
-                    maintainerUrl, connectorUrl, entityNames)
-        }
+    override val connector: Connector?
+        get() {
+            val maintainerUrl = connectorProfile.maintainerUrl
+            val connectorUrl = connectorProfile.connectorUrl
+            val entityNames = connectorEntityNames
+
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Maintainer URL: {}, Connector URL: {}, Entity Names: {}",
+                        maintainerUrl, connectorUrl, entityNames)
+            }
 
-        if (maintainerUrl != null) {
-            try {
-                val trustedConnectorBuilder = if (connectorUrl == null) {
-                    TrustedConnectorBuilder()
-                } else {
-                    TrustedConnectorBuilder(connectorUrl)
+            return if (maintainerUrl != null) {
+                try {
+                    val trustedConnectorBuilder = if (connectorUrl == null) {
+                        TrustedConnectorBuilder()
+                    } else {
+                        TrustedConnectorBuilder(connectorUrl)
+                    }
+                    trustedConnectorBuilder._maintainer_(maintainerUrl)
+                            ._title_(ArrayList(entityNames))
+                            ._securityProfile_(securityProfile)
+                            ._resourceCatalog_(catalog)
+                            ._description_(ArrayList(entityNames)).build()
+                } catch (ex: ConstraintViolationException) {
+                    LOG.error("Caught ConstraintViolationException while building Connector", ex)
+                    null
+                } catch (ex: URISyntaxException) {
+                    LOG.error("Caught URISyntaxException while building Connector", ex)
+                    null
                 }
-                trustedConnectorBuilder._maintainer_(maintainerUrl)
-                return trustedConnectorBuilder._title_(ArrayList(entityNames))
-                        ._securityProfile_(securityProfile)
-                        ._resourceCatalog_(catalog)
-                        ._description_(ArrayList(entityNames)).build()
-            } catch (ex: ConstraintViolationException) {
-                LOG.error("Caught ConstraintViolationException while building Connector", ex)
-                return null
-            } catch (ex: URISyntaxException) {
-                LOG.error("Caught URISyntaxException while building Connector", ex)
-                return null
+            } else {
+                LOG.warn("Connector couldn't be built: Maintainer URL is required!")
+                null
             }
-        } else {
-            LOG.warn("Connector couldn't be built: Maintainer URL is required!")
-            return null
         }
-    }
 
     /**
      * Store or update new Connector description to preferences.
@@ -156,9 +164,10 @@ class InfoModelService : InfoModel {
         }
     }
 
-    override fun getConnectorAsJsonLd(): String = settings.connectorJsonLd
-            ?: connector?.let { serializer.serialize(it) }
-            ?: throw NullPointerException("Connector is not available")
+    override val connectorAsJsonLd: String
+        get() = settings.connectorJsonLd
+                ?: connector?.let { serializer.serialize(it) }
+                ?: throw NullPointerException("Connector is not available")
 
     override fun setConnectorByJsonLd(jsonLd: String?) {
         settings.let { settings ->
@@ -174,14 +183,13 @@ class InfoModelService : InfoModel {
         }
     }
 
-    override fun getDynamicAttributeToken(): String = settings.dynamicAttributeToken
-            ?: throw NullPointerException("DAPS token is not available")
+    override val dynamicAttributeToken: String
+        get() = settings.dynamicAttributeToken
+                ?: throw NullPointerException("DAPS token is not available")
 
-    override fun setDynamicAttributeToken(dynamicAttributeToken: String) =
-            run {
-                settings.dynamicAttributeToken = dynamicAttributeToken
-                true
-            }
+    override fun setDynamicAttributeToken(dynamicAttributeToken: String?) {
+        settings.dynamicAttributeToken = dynamicAttributeToken
+    }
 
     companion object {
         private val LOG = LoggerFactory.getLogger(InfoModelService::class.java)
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
index 57628bfd5..206922170 100644
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
@@ -12,13 +12,13 @@ import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import org.slf4j.LoggerFactory
 import java.util.*
 
-class AppLayerConnection private constructor(private val idscp2Connection: Idscp2Connection):
+class AppLayerConnection private constructor(private val idscp2Connection: Idscp2Connection) :
         Idscp2Connection by idscp2Connection {
     private var idscp2MessageListener: Idscp2MessageListener? = null
     private val genericMessageListeners: MutableSet<GenericMessageListener> = Collections.synchronizedSet(HashSet())
 
-    constructor(secureChannel: SecureChannel, settings: Idscp2Settings, dapsDriver: DapsDriver):
-        this(Idscp2ConnectionImpl(secureChannel, settings, dapsDriver))
+    constructor(secureChannel: SecureChannel, settings: Idscp2Settings, dapsDriver: DapsDriver) :
+            this(Idscp2ConnectionImpl(secureChannel, settings, dapsDriver))
 
     private fun assureMessageListener() {
         if (idscp2MessageListener == null) {
@@ -32,7 +32,9 @@ class AppLayerConnection private constructor(private val idscp2Connection: Idscp
                         AppLayer.AppLayerMessage.MessageCase.GENERICMESSAGE -> {
                             genericMessageListeners.forEach {
                                 val genericMessage = appLayerMessage.genericMessage
-                                it.onMessage(this, genericMessage.header, genericMessage.payload.toByteArray())
+                                it.onMessage(this,
+                                        genericMessage.header,
+                                        genericMessage.payload?.toByteArray())
                             }
                         }
                         else -> LOG.warn("Unknown app layer message header encountered.")
@@ -46,11 +48,18 @@ class AppLayerConnection private constructor(private val idscp2Connection: Idscp
         }
     }
 
-    fun sendGenericMessage(header: String, payload: ByteArray) {
+    fun sendGenericMessage(header: String?, payload: ByteArray?) {
         val message = AppLayer.AppLayerMessage.newBuilder()
                 .setGenericMessage(AppLayer.GenericMessage.newBuilder()
-                        .setHeader(header)
-                        .setPayload(ByteString.copyFrom(payload)))
+                        .also {
+                            if (header != null) {
+                                it.header = header
+                            }
+                            if (payload != null) {
+                                it.payload = ByteString.copyFrom(payload)
+                            }
+                        }
+                        .build())
                 .build()
         idscp2Connection.send(message.toByteArray())
     }
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
index 9f8f99514..1cab320d1 100644
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
@@ -3,5 +3,5 @@ package de.fhg.aisec.ids.idscp2.app_layer.listeners
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 
 fun interface GenericMessageListener {
-    fun onMessage(connection: AppLayerConnection, header: String, payload: ByteArray)
+    fun onMessage(connection: AppLayerConnection, header: String?, payload: ByteArray?)
 }
\ No newline at end of file
diff --git a/idscp2/bnd.bnd b/idscp2/bnd.bnd
index 8793bfd14..8d1e3ec11 100644
--- a/idscp2/bnd.bnd
+++ b/idscp2/bnd.bnd
@@ -1,6 +1,4 @@
 Bundle-Name: IDS :: IDS Communication Protocol
 Bundle-Description: IDS Communication Protocol
-Export-Package: \
-  de.fhg.aisec.ids.idscp2*
-Import-Package: \
-  *
\ No newline at end of file
+Export-Package: de.fhg.aisec.ids.idscp2*
+Import-Package: *
\ No newline at end of file

From 7e8be5a25e161b5301e25032f140004fa2a6681d Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 19 Oct 2020 17:48:25 +0200
Subject: [PATCH 155/237] Fixed BuildConfig issue by reverting from kotlin to
 java

---
 ids-infomodel-manager/build.gradle.kts | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/ids-infomodel-manager/build.gradle.kts b/ids-infomodel-manager/build.gradle.kts
index 2b12185e2..90e73dab7 100644
--- a/ids-infomodel-manager/build.gradle.kts
+++ b/ids-infomodel-manager/build.gradle.kts
@@ -1,7 +1,7 @@
 import org.gradle.plugins.ide.idea.model.IdeaModel
 
 plugins {
-    id("com.github.gmazzo.buildconfig") version "2.0.1"
+    id("com.github.gmazzo.buildconfig") version "2.0.2"
 }
 
 @Suppress("UNCHECKED_CAST") val libraryVersions =
@@ -11,7 +11,6 @@ apply(plugin = "idea")
 
 buildConfig {
     sourceSets.getByName("main") {
-        useKotlinOutput { topLevelConstants = true }
         packageName("de.fhg.aisec.ids.informationmodelmanager")
         buildConfigField("String", "INFOMODEL_VERSION",
                 "\"${libraryVersions["infomodel"] ?: error("Infomodel version not available")}\"")

From d9e1c6048dee8af5fc72c3cb57cb63d47cc0692c Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 23 Oct 2020 12:39:47 +0200
Subject: [PATCH 156/237] Structure improvements in camel-idscp2

---
 .../main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt | 6 ++++++
 .../aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt  | 5 +++--
 .../aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt  | 3 ++-
 .../idscp2/processors/ArtifactRequestCreationProcessor.kt  | 6 +++---
 .../de/fhg/aisec/ids/camel/idscp2/processors/Utils.kt      | 7 +++++++
 .../aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt  | 5 +++--
 .../aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt  | 3 ++-
 7 files changed, 26 insertions(+), 9 deletions(-)
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/Utils.kt

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt
new file mode 100644
index 000000000..f32a197ee
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt
@@ -0,0 +1,6 @@
+package de.fhg.aisec.ids.camel.idscp2
+
+object Constants {
+    const val IDSCP2_HEADER = "idscp2-header"
+    const val IDS_TYPE = "ids-type"
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index d4e1d2aa6..33e357e61 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -16,6 +16,7 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.client
 
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
@@ -63,13 +64,13 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
         try {
             createUoW(exchange)
             // Set relevant information
-            exchange.getIn().setHeader("idscp2-header", header)
+            exchange.getIn().setHeader(IDSCP2_HEADER, header)
             exchange.getIn().setBody(payload, ByteArray::class.java)
             // Do processing
             processor.process(exchange)
             // Handle response
             val response = exchange.message
-            val responseHeader = response.getHeader("idscp2-header", String::class.java)
+            val responseHeader = response.getHeader(IDSCP2_HEADER, String::class.java)
             if (response.body != null || responseHeader != null) {
                 connection.sendGenericMessage(responseHeader, response.getBody(ByteArray::class.java))
             }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
index 2dd984cca..20b1312a5 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -16,6 +16,7 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.client
 
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import org.apache.camel.Exchange
 import org.apache.camel.support.DefaultProducer
@@ -31,7 +32,7 @@ class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : Default
 
     override fun process(exchange: Exchange) {
         val message = exchange.getIn()
-        val type = message.getHeader("idscp2-header", String::class.java)
+        val type = message.getHeader(IDSCP2_HEADER, String::class.java)
         val body = message.getBody(ByteArray::class.java)
         if (type != null || body != null) {
             connectionFuture.get().sendGenericMessage(type, body)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
index 5de1c4519..2dca0dca0 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
@@ -1,8 +1,9 @@
 package de.fhg.aisec.ids.camel.idscp2.processors
 
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
+import de.fhg.aisec.ids.camel.idscp2.processors.Utils.SERIALIZER
 import de.fraunhofer.iais.eis.ArtifactRequestMessageBuilder
-import de.fraunhofer.iais.eis.ids.jsonld.Serializer
 import org.apache.camel.Exchange
 import org.apache.camel.Processor
 import org.slf4j.LoggerFactory
@@ -24,14 +25,13 @@ class ArtifactRequestCreationProcessor : Processor {
         if (LOG.isDebugEnabled) {
             LOG.debug("ArtifactRequestMessage serialization: {}", requestMessageSerialization)
         }
-        exchange.`in`.setHeader("idscp2-header", requestMessageSerialization)
+        exchange.`in`.setHeader(IDSCP2_HEADER, requestMessageSerialization)
     }
 
     companion object {
         const val ARTIFACT_URI_PROPERTY = "artifactUri"
 
         private val LOG = LoggerFactory.getLogger(ArtifactRequestCreationProcessor::class.java)
-        private val SERIALIZER: Serializer by lazy { Serializer() }
     }
 
 }
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/Utils.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/Utils.kt
new file mode 100644
index 000000000..0b4c071bb
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/Utils.kt
@@ -0,0 +1,7 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fraunhofer.iais.eis.ids.jsonld.Serializer
+
+object Utils {
+    val SERIALIZER: Serializer by lazy { Serializer() }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
index 5150393e2..927756e09 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
@@ -16,6 +16,7 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.server
 
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
 import org.apache.camel.Processor
@@ -45,13 +46,13 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
         try {
             createUoW(exchange)
             // Set relevant information
-            exchange.getIn().setHeader("idscp2-header", header)
+            exchange.getIn().setHeader(IDSCP2_HEADER, header)
             exchange.getIn().setBody(payload, ByteArray::class.java)
             // Do processing
             processor.process(exchange)
             // Handle response
             val response = exchange.message
-            val responseHeader = response.getHeader("idscp2-header", String::class.java)
+            val responseHeader = response.getHeader(IDSCP2_HEADER, String::class.java)
             if (response.body != null || responseHeader != null) {
                 connection.sendGenericMessage(responseHeader, response.getBody(ByteArray::class.java))
             }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
index 53054f811..4c50944c9 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
@@ -16,6 +16,7 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.server
 
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
 import org.apache.camel.Exchange
 import org.apache.camel.support.DefaultProducer
 
@@ -27,7 +28,7 @@ class Idscp2ServerProducer(private val endpoint: Idscp2ServerEndpoint) : Default
 
     override fun process(exchange: Exchange) {
         val message = exchange.getIn()
-        val type = message.getHeader("idscp2-header", String::class.java)
+        val type = message.getHeader(IDSCP2_HEADER, String::class.java)
         val body = message.getBody(ByteArray::class.java)
         if (type != null || body != null) {
             endpoint.sendMessage(type, body)

From ae31ea7e2020a1b97762fc1b54d4e6635ac8615d Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 23 Oct 2020 13:56:35 +0200
Subject: [PATCH 157/237] Code improvements in idscp2

---
 .../daps/DefaultDapsDriver.kt                 |  4 +--
 .../rat/dummy/RatProverDummy.kt               |  2 +-
 .../rat/dummy/RatVerifierDummy.kt             |  2 +-
 .../rat/tpm2d/TPM2dProver.kt                  | 16 ++++------
 .../rat/tpm2d/TPM2dVerifier.kt                | 12 +++-----
 .../idscp2/drivers/interfaces/DapsDriver.kt   |  2 +-
 .../drivers/interfaces/RatProverDriver.kt     |  4 +--
 .../drivers/interfaces/RatVerifierDriver.kt   |  4 +--
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    |  4 +--
 .../rat_registry/RatProverDriverRegistry.kt   | 29 +++++++++----------
 .../rat_registry/RatVerifierDriverRegistry.kt | 29 +++++++++----------
 11 files changed, 48 insertions(+), 60 deletions(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt
index af4c3e159..19ddbad9a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt
@@ -185,7 +185,7 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
      *
      * @return The number of seconds this DAT is valid
      */
-    override fun verifyToken(dat: ByteArray?, securityRequirements: Any?): Long {
+    override fun verifyToken(dat: ByteArray, securityRequirements: Any?): Long {
         if (LOG.isDebugEnabled) {
             LOG.debug("Verifying dynamic attribute token...")
         }
@@ -217,7 +217,7 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
         val validityTime: Long
         val claims: JwtClaims
         try {
-            claims = jwtConsumer.processToClaims(String(dat!!, StandardCharsets.UTF_8))
+            claims = jwtConsumer.processToClaims(String(dat, StandardCharsets.UTF_8))
             val expTime = claims.expirationTime
             validityTime = expTime.value - NumericDate.now().value
         } catch (e: Exception) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
index a6ef14fa2..8b4457c20 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
@@ -12,7 +12,7 @@ import java.util.concurrent.LinkedBlockingQueue
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class RatProverDummy(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
+class RatProverDummy(fsmListener: FsmListener) : RatProverDriver<Unit>(fsmListener) {
     private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
     override fun delegate(message: ByteArray) {
         queue.add(message)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
index 62aa4232d..eb4276ad9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
@@ -12,7 +12,7 @@ import java.util.concurrent.LinkedBlockingQueue
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class RatVerifierDummy(fsmListener: FsmListener) : RatVerifierDriver(fsmListener) {
+class RatVerifierDummy(fsmListener: FsmListener) : RatVerifierDriver<Unit>(fsmListener) {
     private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
     override fun delegate(message: ByteArray) {
         queue.add(message)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
index 5440adf32..48f4de8a3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
@@ -16,7 +16,7 @@ import java.util.concurrent.LinkedBlockingQueue
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
+class TPM2dProver(fsmListener: FsmListener) : RatProverDriver<TPM2dProverConfig>(fsmListener) {
     /*
      * ******************* Protocol *******************
      *
@@ -52,17 +52,11 @@ class TPM2dProver(fsmListener: FsmListener) : RatProverDriver(fsmListener) {
      */
     private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
     private var config = TPM2dProverConfig.Builder().build()
-    override fun setConfig(config: Any) {
-        if (config is TPM2dProverConfig) {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Set rat prover config")
-            }
-            this.config = config
-        } else {
-            if (LOG.isWarnEnabled) {
-                LOG.warn("Invalid prover config")
-            }
+    override fun setConfig(config: TPM2dProverConfig) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Set rat prover config")
         }
+        this.config = config
     }
 
     override fun delegate(message: ByteArray) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
index 40d26b74c..f0ab7d1b4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
@@ -22,7 +22,7 @@ import java.util.concurrent.LinkedBlockingQueue
 /**
  * A TPM2d RatVerifier driver that verifies the remote peer's identity using TPM2d
  */
-class TPM2dVerifier(fsmListener: FsmListener) : RatVerifierDriver(fsmListener) {
+class TPM2dVerifier(fsmListener: FsmListener) : RatVerifierDriver<TPM2dVerifierConfig>(fsmListener) {
     /*
      * ******************* Protocol *******************
      *
@@ -58,13 +58,9 @@ class TPM2dVerifier(fsmListener: FsmListener) : RatVerifierDriver(fsmListener) {
      */
     private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
     private var config = TPM2dVerifierConfig.Builder().build()
-    override fun setConfig(config: Any) {
-        if (config is TPM2dVerifierConfig) {
-            LOG.debug("Set rat verifier config")
-            this.config = config
-        } else {
-            LOG.warn("Invalid config")
-        }
+    override fun setConfig(config: TPM2dVerifierConfig) {
+        LOG.debug("Set rat verifier config")
+        this.config = config
     }
 
     override fun delegate(message: ByteArray) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt
index 1b4cd6477..45f5143b1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt
@@ -18,5 +18,5 @@ interface DapsDriver {
      *
      * Return the number of seconds, the DAT is valid
      */
-    fun verifyToken(dat: ByteArray?, securityRequirements: Any?): Long
+    fun verifyToken(dat: ByteArray, securityRequirements: Any?): Long
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt
index 0cee386aa..db7624859 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt
@@ -9,7 +9,7 @@ import org.slf4j.LoggerFactory
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-abstract class RatProverDriver(protected val fsmListener: FsmListener) : Thread() {
+abstract class RatProverDriver<in PC>(protected val fsmListener: FsmListener) : Thread() {
     protected var running = true
 
     /*
@@ -25,7 +25,7 @@ abstract class RatProverDriver(protected val fsmListener: FsmListener) : Thread(
         interrupt()
     }
 
-    open fun setConfig(config: Any) {
+    open fun setConfig(config: PC) {
         LOG.warn("Method 'setConfig' for RatProverDriver is not implemented")
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt
index 799114974..b4f03d2e7 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt
@@ -9,7 +9,7 @@ import org.slf4j.LoggerFactory
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-abstract class RatVerifierDriver(protected val fsmListener: FsmListener) : Thread() {
+abstract class RatVerifierDriver<in VC>(protected val fsmListener: FsmListener) : Thread() {
     protected var running = true
 
     /*
@@ -25,7 +25,7 @@ abstract class RatVerifierDriver(protected val fsmListener: FsmListener) : Threa
         interrupt()
     }
 
-    open fun setConfig(config: Any) {
+    open fun setConfig(config: VC) {
         LOG.warn("Method 'setConfig' for RatVerifierDriver is not implemented")
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 6cc9e75c1..8bea66086 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -41,9 +41,9 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     /*  ----------------   end of states   --------------- */
     private val connection: Idscp2Connection
     private val secureChannel: SecureChannel
-    var ratProverDriver: RatProverDriver? = null
+    var ratProverDriver: RatProverDriver<*>? = null
         private set
-    var ratVerifierDriver: RatVerifierDriver? = null
+    var ratVerifierDriver: RatVerifierDriver<*>? = null
         private set
 
     /**
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
index 19ee13039..c8b157bc8 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
@@ -21,20 +21,24 @@ object RatProverDriverRegistry {
     /**
      * An inner static wrapper class, that wraps driver config and driver class
      */
-    private class DriverWrapper(
-            val driverFactory: (FsmListener) -> RatProverDriver,
-            val driverConfig: Any?
-    )
+    private class DriverWrapper<PC>(
+            val driverFactory: (FsmListener) -> RatProverDriver<PC>,
+            val driverConfig: PC?
+    ) {
+        fun getInstance(listener: FsmListener) = driverFactory.invoke(listener).also {d ->
+            driverConfig?.let { d.setConfig(it) }
+        }
+    }
 
-    private val drivers = ConcurrentHashMap<String, DriverWrapper>()
+    private val drivers = ConcurrentHashMap<String, DriverWrapper<*>>()
 
     /**
      * Register Rat Prover driver and an optional configuration in the registry
      */
-    fun registerDriver(
+    fun <PC> registerDriver(
             instance: String,
-            driverFactory: (FsmListener) -> RatProverDriver,
-            driverConfig: Any?
+            driverFactory: (FsmListener) -> RatProverDriver<PC>,
+            driverConfig: PC?
     ) {
         drivers[instance] = DriverWrapper(driverFactory, driverConfig)
     }
@@ -55,15 +59,10 @@ object RatProverDriverRegistry {
      * The finite state machine is registered as the communication partner for the RatProver.
      * The RatProver will be initialized with a configuration, if present. Then it is started.
      */
-    fun startRatProverDriver(instance: String?, listener: FsmListener): RatProverDriver? {
+    fun startRatProverDriver(instance: String?, listener: FsmListener): RatProverDriver<*>? {
         val driverWrapper = drivers[instance]
         return try {
-            val driver = driverWrapper!!.driverFactory(listener)
-            if (driverWrapper.driverConfig != null) {
-                driver.setConfig(driverWrapper.driverConfig)
-            }
-            driver.start()
-            driver
+            driverWrapper!!.getInstance(listener).also { it.start() }
         } catch (e: Exception) {
             LOG.error("Error during RAT prover start", e)
             null
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
index c0c259270..a57162800 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
@@ -21,19 +21,23 @@ object RatVerifierDriverRegistry {
     /**
      * An inner static wrapper class, that wraps driver config and driver class
      */
-    private class DriverWrapper(
-            val driverFactory: (FsmListener) -> RatVerifierDriver,
-            val driverConfig: Any?
-    )
-    private val drivers = ConcurrentHashMap<String, DriverWrapper>()
+    private class DriverWrapper<VC>(
+            val driverFactory: (FsmListener) -> RatVerifierDriver<VC>,
+            val driverConfig: VC?
+    ) {
+        fun getInstance(listener: FsmListener) = driverFactory.invoke(listener).also {d ->
+            driverConfig?.let { d.setConfig(it) }
+        }
+    }
+    private val drivers = ConcurrentHashMap<String, DriverWrapper<*>>()
 
     /**
      * Register Rat Verifier driver and an optional configuration in the registry
      */
-    fun registerDriver(
+    fun <VC> registerDriver(
             mechanism: String,
-            driverFactory: (FsmListener) -> RatVerifierDriver,
-            driverConfig: Any?
+            driverFactory: (FsmListener) -> RatVerifierDriver<VC>,
+            driverConfig: VC?
     ) {
         drivers[mechanism] = DriverWrapper(driverFactory, driverConfig)
     }
@@ -55,15 +59,10 @@ object RatVerifierDriverRegistry {
      * The finite state machine is registered as the communication partner for the RatVerifier.
      * The RatVerifier will be initialized with a configuration, if present. Then it is started.
      */
-    fun startRatVerifierDriver(mechanism: String?, listener: FsmListener): RatVerifierDriver? {
+    fun startRatVerifierDriver(mechanism: String?, listener: FsmListener): RatVerifierDriver<*>? {
         val driverWrapper = drivers[mechanism]
         return try {
-            val driver = driverWrapper!!.driverFactory(listener)
-            if (driverWrapper.driverConfig != null) {
-                driver.setConfig(driverWrapper.driverConfig)
-            }
-            driver.start()
-            driver
+            driverWrapper!!.getInstance(listener).also { it.start() }
         } catch (e: Exception) {
             LOG.error("Error during RAT verifier start", e)
             null

From 5e8fafedb12e67055d65eae3d9d6a3f7df497534 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 26 Oct 2020 09:21:59 +0100
Subject: [PATCH 158/237] Small MultiPartProcessor refactoring

---
 .../multipart/MultiPartInputProcessor.kt      | 22 ++++----
 .../multipart/MultiPartOutputProcessor.kt     | 56 ++++++++++---------
 2 files changed, 41 insertions(+), 37 deletions(-)

diff --git a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt
index 9493a79c7..b765fc040 100644
--- a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt
@@ -26,15 +26,17 @@ import java.io.InputStream
 class MultiPartInputProcessor : Processor {
     @Throws(Exception::class)
     override fun process(exchange: Exchange) {
-        // Parse Multipart message
-        val parser = MultiPartStringParser(exchange.getIn().getBody(InputStream::class.java))
-        // Parser JSON Header (should be an InfoModel object)
-        exchange.getIn().setHeader("idsMultipartHeader", parser.header)
-        // Remove current Content-Type header before setting the new one
-        exchange.getIn().removeHeader("Content-Type")
-        // Copy Content-Type from payload part
-        exchange.getIn().setHeader("Content-Type", parser.payloadContentType)
-        // Populate body with extracted payload
-        exchange.getIn().body = parser.payload
+        exchange.message.let {
+            // Parse Multipart message
+            val parser = MultiPartStringParser(it.getBody(InputStream::class.java))
+            // Parser JSON Header (should be an InfoModel object)
+            it.setHeader("idsMultipartHeader", parser.header)
+            // Remove current Content-Type header before setting the new one
+            it.removeHeader("Content-Type")
+            // Copy Content-Type from payload part
+            it.setHeader("Content-Type", parser.payloadContentType)
+            // Populate body with extracted payload
+            it.body = parser.payload
+        }
     }
 }
\ No newline at end of file
diff --git a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
index aa5177a61..a4f3e9dbe 100644
--- a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
@@ -118,34 +118,36 @@ class MultiPartOutputProcessor : Processor {
                 MultiPartConstants.MULTIPART_HEADER,
                 StringBody(rdfHeader, ContentType.APPLICATION_JSON))
 
-        // Get the Exchange body and turn it into the second part named "payload"
-        val contentTypeString = exchange.getIn().getHeader("Content-Type")
-        if (contentTypeString != null) {
-            val payload = exchange.getIn().getBody(InputStream::class.java)
-            if (payload != null) {
-                multipartEntityBuilder.addPart(
-                        MultiPartConstants.MULTIPART_PAYLOAD,
-                        InputStreamBody(
-                                payload,
-                                ContentType.create(exchange.getIn().getHeader("Content-Type").toString()
-                                        .split(";").toTypedArray()[0])))
+        exchange.message.let {
+            // Get the Exchange body and turn it into the second part named "payload"
+            val contentTypeString = it.getHeader("Content-Type")
+            if (contentTypeString != null) {
+                val payload = it.getBody(InputStream::class.java)
+                if (payload != null) {
+                    multipartEntityBuilder.addPart(
+                            MultiPartConstants.MULTIPART_PAYLOAD,
+                            InputStreamBody(
+                                    payload,
+                                    ContentType.create(contentTypeString.toString()
+                                            .split(";").toTypedArray()[0])))
+                }
+            } else {
+                val payload = it.getBody(String::class.java)
+                if (payload != null) {
+                    multipartEntityBuilder.addPart(
+                            MultiPartConstants.MULTIPART_PAYLOAD,
+                            StringBody(payload, ContentType.create(
+                                    ContentType.TEXT_PLAIN.mimeType,
+                                    StandardCharsets.UTF_8)))
+                }
             }
-        } else {
-            val payload = exchange.getIn().getBody(String::class.java)
-            if (payload != null) {
-                multipartEntityBuilder.addPart(
-                        MultiPartConstants.MULTIPART_PAYLOAD,
-                        StringBody(payload, ContentType.create(
-                                ContentType.TEXT_PLAIN.mimeType,
-                                StandardCharsets.UTF_8)))
-            }
-        }
 
-        // Remove current Content-Type header before setting the new one
-        exchange.getIn().removeHeader("Content-Type")
-        // Set Content-Type for multipart message
-        exchange.getIn().setHeader("Content-Type", "multipart/mixed; boundary=$boundary")
-        // Using InputStream as source for the message body
-        exchange.getIn().body = multipartEntityBuilder.build().content
+            // Remove current Content-Type header before setting the new one
+            it.removeHeader("Content-Type")
+            // Set Content-Type for multipart message
+            it.setHeader("Content-Type", "multipart/mixed; boundary=$boundary")
+            // Using InputStream as source for the message body
+            it.body = multipartEntityBuilder.build().content
+        }
     }
 }
\ No newline at end of file

From 1b34236efb86ec68e5c9082a06bdafe7ebddd137 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 26 Oct 2020 09:25:41 +0100
Subject: [PATCH 159/237] Let git ignore log directory in examples

---
 examples/.gitignore | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 examples/.gitignore

diff --git a/examples/.gitignore b/examples/.gitignore
new file mode 100644
index 000000000..ba475f688
--- /dev/null
+++ b/examples/.gitignore
@@ -0,0 +1 @@
+/log
\ No newline at end of file

From 516ede029960b5382158444973027965347f0170 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 26 Oct 2020 10:37:11 +0100
Subject: [PATCH 160/237] Fixed IDSCP2 broadcast example

---
 .../example-idscp2/example-idscp2-client-broadcast.xml   | 9 ++++++---
 examples/example-idscp2/example-idscp2-client.xml        | 3 +++
 .../example-idscp2/example-idscp2-server-broadcast.xml   | 4 ++--
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/examples/example-idscp2/example-idscp2-client-broadcast.xml b/examples/example-idscp2/example-idscp2-client-broadcast.xml
index 20263637c..b2f2266c5 100644
--- a/examples/example-idscp2/example-idscp2-client-broadcast.xml
+++ b/examples/example-idscp2/example-idscp2-client-broadcast.xml
@@ -7,20 +7,23 @@
 
     <camel:sslContextParameters id="clientSslContext" certAlias="1.0.1">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.p12" password="password"/>
+            <camel:keyStore resource="etc/provider-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
-            <camel:keyStore resource="etc/idscp2/client-truststore_new.p12" password="password"/>
+            <camel:keyStore resource="etc/truststore.p12" password="password"/>
         </camel:trustManagers>
     </camel:sslContextParameters>
 
     <camelContext xmlns="http://camel.apache.org/schema/blueprint">
 
         <route id="idscp2ReceiverClient">
-            <from uri="idscp2client://localhost:29292?sslContextParameters=#clientSslContext"/>
+            <from uri="idscp2client://consumer-core:29292?sslContextParameters=#clientSslContext"/>
             <log message="Client received: ${body} (Header: ${headers[idscp2-header]})"/>
             <!-- Prevents the client consumer from sending the message back to the server -->
             <removeHeader headerName="idscp2-header"/>
+            <setBody>
+                <simple>null</simple>
+            </setBody>
         </route>
 
     </camelContext>
diff --git a/examples/example-idscp2/example-idscp2-client.xml b/examples/example-idscp2/example-idscp2-client.xml
index d4d21adf0..5065d73f1 100644
--- a/examples/example-idscp2/example-idscp2-client.xml
+++ b/examples/example-idscp2/example-idscp2-client.xml
@@ -33,6 +33,9 @@
             <log message="Client received: ${body} (Header: ${headers[idscp2-header]})"/>
             <!-- Prevents the client consumer from sending the message back to the server -->
             <removeHeader headerName="idscp2-header"/>
+            <setBody>
+                <simple>null</simple>
+            </setBody>
         </route>
 
     </camelContext>
diff --git a/examples/example-idscp2/example-idscp2-server-broadcast.xml b/examples/example-idscp2/example-idscp2-server-broadcast.xml
index 7a57ca681..43600ee43 100644
--- a/examples/example-idscp2/example-idscp2-server-broadcast.xml
+++ b/examples/example-idscp2/example-idscp2-server-broadcast.xml
@@ -7,10 +7,10 @@
 
     <camel:sslContextParameters id="serverSslContext" certAlias="1.0.1">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.p12" password="password"/>
+            <camel:keyStore resource="etc/consumer-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
-            <camel:keyStore resource="etc/idscp2/client-truststore_new.p12" password="password"/>
+            <camel:keyStore resource="etc/truststore.p12" password="password"/>
         </camel:trustManagers>
     </camel:sslContextParameters>
 

From 0e571953861b1470024440f22a1e8db5d15cecfe Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 26 Oct 2020 10:41:31 +0100
Subject: [PATCH 161/237] Added static TC settings database(s) for IDSCP
 example

---
 .../docker-compose-consumer.yaml              |   1 +
 .../docker-compose-provider.yaml              |   1 +
 .../example-idscp/settings-consumer.mapdb     | Bin 0 -> 2097152 bytes
 .../example-idscp/settings-provider.mapdb     | Bin 0 -> 2097152 bytes
 4 files changed, 2 insertions(+)
 create mode 100644 examples/example-idscp/settings-consumer.mapdb
 create mode 100644 examples/example-idscp/settings-provider.mapdb

diff --git a/examples/example-idscp/docker-compose-consumer.yaml b/examples/example-idscp/docker-compose-consumer.yaml
index 23eb965af..b87fc36d6 100644
--- a/examples/example-idscp/docker-compose-consumer.yaml
+++ b/examples/example-idscp/docker-compose-consumer.yaml
@@ -22,6 +22,7 @@ services:
       - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
+      - ./settings-consumer.mapdb:/root/etc/settings.mapdb
       - ./example-consumer-routes.xml:/root/deploy/example-consumer-routes.xml
     environment:
       - TPM_HOST=ids-tpmsim-consumer
diff --git a/examples/example-idscp/docker-compose-provider.yaml b/examples/example-idscp/docker-compose-provider.yaml
index 298f2513d..2f5fe92bd 100644
--- a/examples/example-idscp/docker-compose-provider.yaml
+++ b/examples/example-idscp/docker-compose-provider.yaml
@@ -22,6 +22,7 @@ services:
       - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
+      - ./settings-provider.mapdb:/root/etc/settings.mapdb
       - ./example-provider-routes.xml:/root/deploy/example-provider-routes.xml
     environment:
       - TPM_HOST=ids-tpmsim-provider
diff --git a/examples/example-idscp/settings-consumer.mapdb b/examples/example-idscp/settings-consumer.mapdb
new file mode 100644
index 0000000000000000000000000000000000000000..181f2b46034d4fa9949802a4867e4db338b7441d
GIT binary patch
literal 2097152
zcmeI*U2J37VIOeK&L$b7MZAsUJ|rm6)My?zKnwJt4{g!J1yU5KVLK1)Lxb&R-E5Gq
zll8iA3)I%^>~_cYuCv>XV<&N(iH$aWn9-2b*T`=giIOOZq(qUF$QP9#R}v+DXh=#F
z_2ORYV`g?oJMp#wW()i@&>ZrfbI(2Z$IJgY_s+xo%gaL#|6B^+T>7>D{ro>a+4#)g
z`$wmhmp*Y){@tZ_PTxQB_obn~6>fXx=f8VaGw5gV^Wn>12={vC^7WIw|8Mp`-SNX8
z_pf`uzcDzEE43$f9w*2Dr9XaR$N#XNC*%F(zy1GaydU=bv>ymO`R}FA!RO#Q^gWaV
zazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vHAP3}t9FPNYKn}<OIUon*fE<tm
zazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vHAP3}t9FPNYKn}<OIUon*fE<tm
zazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vHAP3}t9FPNYKn}<OIUon*fE<tm
zazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vHAP1g!4pdi9FT<gsr@t4zdgf!-
zPX8zH;irE5<CB`7xE%WAVE-$h8+v9?4t?UR{M1?b56;S8J#F`QesEe|{`aTl)8*6S
ze*E&#&kpu~D)#iop!{TK=obg&)1P`OGAMuQ^3cZz<<QG#{XKPBUU~VnpHKe7v-j_w
zl|MWyV`t^eS(zDnebCP*I;Zb{{@PO`gZIC%b~e6i;X6MB2oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+0D;E}Tz@N(%1<vR
zW;e6xrFd%S+BX}eT643~YHroGzdbzk_IEo$w_9s&cQ!lSRy+7%SW{Wsscm(yj(+cv
zs)J@XXlH^-t=bv>&iiVswf5<LlQ-U16CCZ=+QCdaD0PF?gWw<-{{CZHWV6dxBY$>b
zgZZF)y8oYkQ1!{q7au>jU;QhNf7;@ti}#=0PN}oA76jFA-ik%XMyKw?CL@pV>;?U`
zpj|7~YsW$RPh0Knkw$61S{`|@@rP^KOd>V^?e~qo9vlYs&egHMeBbtV&}bb7Gp%~P
zwBHFjiDor8%C>{xwQl<$_~Z9CZne6npUfXk-Hb+VMx!^Qv76D+o6)hG(eazniFe<(
zL$|*lys;3TSF*JKC-18}EY%N!M6+IN2Cr|G>Yd>JHFoVA)$-<H(C*Y)&3A_HZ~myi
zxO6_i|Ne<z`~B|un?ZTw<jv(PLxn4su3x!yc;)i!m8bWv{LGz`?N9u#Yu~B%o25pr
zvRUeO+qLpRH`wg9_JZcS!%uu{A7TLa{r~WHUirCu5A7HkzEurIwsy8hO0`Z<83~hR
zq_kffIlmxBW?Ic=Pzj?cd=W<0(9m1oDpeZ6N~_&n56WR$UAk6lcK@K;>P%NE!T$Ni
zH_EM6Jt#Hb=yvx9ZBJUgHP~~u**V>D=<VIoVQHjZYHp9Lg|^M@w+Hp%*EPJpKd8w!
zOZ)pLL78jUAMN1l<#zblv@fiCqZ)pTFRXbdOpcR2r|Y#+Csk?$kM{iLd7F!?-#)Ki
zDRnx%R=fIW58nz?qtiV(&c%HUs1{nC?xVZj9)4^1mp*g#saHSsUtYX+{q3EwVdqD;
zZ+BXaVC0}(f9=1%etrFXW4qKF*{*eW4$23epdEfb-JsbWsk9omYt3pnfI&ds3X`~W
ztFvFK1h>0EW4|5-bLV!W)Cp&o2OCCqJFVt_yZ-KZ&nJgF1%BiDjq|Mo)w647t6e&1
z?zFao_DD6j{?+K$uYY^L-8!sQgZ8a+pOO7&>>ID|pDBIw`a>#%syDBHza8wiI<@eE
z>tEFELznJH`Q`oZ+aLXtfA;SxPjaL;P7WUC>pM?!6d!o(8-EsFqJw}5=d;c8(0O<f
z^cNS`KfDt9-bGCwEQkKbMb(e4i3SIKWFQYWJ6V|g;DcM;Ume|eY@3sA9y6wg*GZ2V
z(?g4;3(x<2#q{-PbRrU&7$1#XC>ee)AFPiaw`ls4i%#l%<#h9+%EvCBzJK8!_t#M0
ziH+Wjjoplm-;7P%j7{E*-MJZ?x;Yy8?nS#jypsC!iyAz#oU-T+?=()Y?T4--i|!9t
zbbnxaJ^703AA2k4FGhlm=~}wBxRj5s)|O`$+oko@!TY`9dU2<^eiTX6dbPs(Q8TgI
zs^#j*ekxn2ZLN-kyB-(UQ_)JJ9trYy`{h`1zdWBC?7ClENbRQUnYDaAmCNKZTdR?&
zbapR4n~zVeZA4RZtI_=0T0T?Uh~8bxMv9Bscy4g$et5`wrMb9YZd7N>vGIej|44Z>
zG3c{ZUC8v(wL6EEg~h{aqrO+%NOTLaseW;7JREBDa4^i(h0J*6{uq)InfbX$ZhmgO
zJU_KloJn*Ndv|xkej~+=oyg#HN(-4tWg$7S+@Bgv#_D^^jj+G|)L{HO%dym9xtXa4
z3z_2wuU8LB&2W3;Xm4=5>cZkqxtZ#fM;9Zjv3$R}kjj?k<0nMnn0Jcvxn3c=Q%fEf
z!`G=sVSP1PoKMDz^ZC7EHa?cxy}OfMFN_zCbK|LOC6=Bqj3;BsSb9CRlbWqWlDnDR
z<m}E)xL>buJRL2r$D@PeR>HAW=JUsi-TiVRw5Y_A6KlClb|aEn$?lDZzL}L=ed=z0
zF0;0lTg>O<`LJ#-nVngzhR)%~dh!vUeolM!crH3Mn~jX8Gr3eQ8(lnW8+tYB$CZ9!
zBGK51R2S|Z5B!VsbG=G`e5bULsu%j>jY?xKT5jwd7908gawAhe8Q*BWHt=2Dot{X~
zZcnUc2W5OBnOmJ$jT9zUj}sHCyWwv(cT%4UUnh?%6X|$jA{DkxM#8qc+Y`y~eKNZj
zZVP{R_a;iQ{CIeIhJ7T$w#l%cO4v^!>?1dkI^GNW3-{R#w`ap+gl&>x|Esw{Svl=@
zuP~7b>r%U6``P3~DjZKHyFIw}4hoGzExj9$rn9S~>FjnaHCqVJKR;HPIq7FSHM`wQ
z?j|CsW@IGT9^2U3-ss*rYVGC@OSReM%toYNTArH8q?=o%a<sd6w3}+**&3^rlhyv%
ze5%zPn`sti8cUNKv(>{&zp&PdrYDa#_cwZ_nc7OW)Z3m)_2!pmj$^HIq>@>mJDxu{
z%%=}aiCAoYes7{ZT1$?V)|#DCJ$EO)Gn>D&bTqv%Gd8_FI^JKcAE#2Qxpsg2R&jp6
z)~n1_W>%M$ck79XU}vh@h&JjQ$<@WN#>z}=Z+m<FaQ{{}RZ4bm6+4rOa;~*LmFPrs
zk$5MbXce|5>zmb1xw?`s_G9s#?Dk4}JeO#cVjFuq2a^Z;-L1u1&>wBJj*en8-AZlm
zPWC7nB#NUm+sU!{!d9m-Rqstt_7g#RDl-;YJ&tc|HOG#RGu6s|YHd2cy4_1J)E1VK
z+r`az@!p+6eY!ST8e8i<`9ysD2qMFgpXh!!T#l}tJ(wFBy7~v<t?@y-*6pvfTU)jI
z1^0)yhp!G_|I6_1x$>iICbyQ2&u-47Q>pk&Hl5jAi_hdTiELqWC6k^@EXN-j;<Yy;
zBPV};G!>hQ{rT|y=OItMeP!s)D?{ISsO?AS<^B7c8!!ITUtW56U^h<QT)uL-@bK1;
z%<JnP%b73Dm*&fd=gU}fHaVJ{jmOg2++e-1Q$3k43%zhY?<KQ^@zh$cR%&MU2kU`s
zKGO{L#wS)cc2+WT`H5^Kb2pWn%9W1qrh~ocXf~Q@udEH$9q04zX+NoKVm!4G8ChHp
zc5ijZwz`Gx{N_Y!VsW}Uy&F&7%S7+Z7WR*p@731kYS~2OXtlgjTwjS#?{t!}U^<qr
zRF@VS-KDAJ$?DyOQsQWK=cw1t_j1R_)6MavrSkmb(N;N{oZBDWo|~@cSL<VA^?vGB
zbF<ak>lOCz#v|GA8E1L49P}0n(SCKa9JGsziEgo<TIr82^k=7*c5}Viv39I8ejFU%
zDI6BtOOffhbR=Ea89!+D?qwD>YWZ%qb$4v3nOV<I=c29IndSCMA-=j>?v|@#<MWei
ztD7sOOmeNac~CB_^tW@}SUEg!Ip3b$96L@fttJ*D<+X*o&CbT;-CTBdp>dR6-bzl7
zuZN4K%>K$|qh8G(m$TLOQEFu^v$j0BJiZ($?6uqFXy(>_vcIr$oY~*ImFR56#;1!x
zel)YaJU)FMu#w^07tU|B=2olGss{B34|LDxvZ2@h@a(3!)s8p2;Vd_JKG_-i*2&}9
zgKn)pvRvzQ-@M;w@DTOQlgeh$9SLW)w+8>F)eV17AHBY(?vbhUe-6g?;7MUE{7goI
z@OSOKQ|#^G*M@(1HFEWTeL(Y*ab?4QL#Zy;!pD}S`q0p8*9Xs%4@%n?%+KElpG58l
z?QShRv3DPw*mS#H>JQHDwZTJ#N1wdDe)8zx(e1adzBc@|pn3JutCy}_e<wS5vKv%y
z%$z?fzZ!Y<JqSaWZohi7G4xYkdimpD``XujJoGnz=ehs%+_Nve@XE8l@!4Ph%J020
z^!I=Jl~;c6OaJ&+e&zWuzVy-y&%g4;m!Ey^#V@_^{Ig$p`MEE@^xI$j!V51y`&%!3
z<<-BUn_oQd=AxaiMXvpX_LnZ*zBU-{SI>s~%fI!)!vlFS?ETpn!r#xm@cfrwe({z6
z{F#@(_=OjL_l2*VHUHU@v-{oWUiuHue)^>^|Hr}k{q4_x_BTHF`QQB9r++m(;m`k@
z-~7yH|MkE4^?&v0p`mN<+`p_g!;fgNxcZCX^NaaGd4Ij}gRlPdE7=FzKk~1x|Mac@
z$Mr^df7~l>Bx~t<*L~mP@B6}eEYT0=tg-N3@xAldZsIs~ynU4Fzh@rX4dT(<>P9sc
z?8STGyp|u#Yq^bjDig1dXX}~WN9M8c-Z7b7JxYy6M%I@%jwfT~*mSAVAB)V7P0uZ~
zM}z(BTCaV)xj45|O14w+mBwOkxjEk2PaVZ${pen;osP$sSE}>1?o_%ND^~6;%#NlT
zxoR_>E9R$rM_Z|4^j4!W-)-KRE!~+}Pmkxjk;B$fy1tcerxR1{vEor_bgY!CB|68Y
zNTm}r?ku(^)|-XS!ok{X{Ah7GJ2N?&iboa~cV@z;43VAbu}F1hqjJ2|E9BF=hxO$k
zJ2@SVjAoj>wVBb;)w})L^u6iwa=NiSIWxcBoh}xZr+WFB?ya5a<9lN>$8#%@jk&d*
zrP2Q6)^crP^JwDMOmTa?Fn6#O4F_J^YG;b^$ymMLOx~Rx-Am5aw-#f?mC;~)?p`j@
z?)2uio0Zr>D?7fGyfa(fSUBFO9n8jyx6-|_W~SEauGXgJCJxr}^PScE_dh?g{E`1|
z8z2D!1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
S5FkK+009C72oU(|68Jynjdq9t

literal 0
HcmV?d00001

diff --git a/examples/example-idscp/settings-provider.mapdb b/examples/example-idscp/settings-provider.mapdb
new file mode 100644
index 0000000000000000000000000000000000000000..6717a43c3b39b5e2bb9379ba5a3f318a9b91ec2a
GIT binary patch
literal 2097152
zcmeI*U2J37VIOeK&L$b7MZAsUJ|rm6)My?zKnwJt4^5H81yU5KVLK1)Lxb&R-E5Gq
zll3}q1Ju^+>~_cYuCv>XV<&N(iH$aWn9-1wL`i<rNR&j4NQo3liF#2f@=Bz{FOk&e
zi+ib$8F@!L@wNeG3;Z<D9P*xX&pr3Y%l|p|&cpocs{<E*u7q!{{M!G1{#Q;mKJ$<M
z*=gmKkDZkN@cuie?;rX5%D~?Xw>|T--#)A9_tXFR;N{PSdp&dY=E>gwH~XLN_`#3+
zx4qxr>7U27+7mmEljHxwpFXkUe^Aep@qYZ@|9>;y4|;yu_XVE(_tNL!b8sE{9?AhZ
zAP3}t9FPNYKn}<OIUon*fE<tmazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vH
zAP3}t9FPNYKn}<OIUon*fE<tmazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vH
zAP3}t9FPNYKn}<OIUon*fE<tmazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vH
zAP3}t9FPNYKn}<OIUon*fE<tmazGBq0XZNC<bWKI15Z2$Dw)&EaA4r+?}V?O`N)ma
z{|S8XsUQCEq~^yi2R`24|Jr8;p6QnZA3G~QaaR75v+`F@+x>&@ot9Vs<7xTy#_4fC
zdUfEZ`};o?dwR8Be!M&I^ZoMaPdpXrmp^fJ;G_L=;N`Rao;oeBy?olw$N%Zs`*+XE
z@1K>ivvTUJ%nrQX@8@IP)Av7n<Ef$k`=47r8{duaogV@O2oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+z+(k&zLiWDCKr;^
z>$%1IiS)pYuQy7y=6bo++^lVVb8z78Z+C-Uuh!h^u6KK_PVoJ(ro3FOZT7AYf9H{^
zy=E`yWP@_8(jENPdul7S&gp(*x873|9JXtnV5$?8dO>C{*b4@~`<NEF+`{$9UtHQ?
zHt3!1|L5;leX{fA$IrJbf5Y)lTby+9-jl1Ay4B?%sC@lSEIKkgF&-O>Ji@aR94!Z(
zTB%+;4my9{>TC@)O6|(V(8G=2U(RKd>Dh0-XY}=8Kd5)FkNov}ws(R?Yd@H3)$65p
zH|QptmEbVf34+&poxR{s-`lv=>YaWve=>198o3>f-j2p@M~81mM{Y+)Z%5<rzGsKt
zQ9F2JE<CSPsr_f~soO8r_kv`zUTX%gZ<gxa;K4O^<7<_T_5GmJt+kr(3_jTWVSjPu
ze1QM`W54$Mz4JHy^47_ltJemK*RI^Wc4hzC)#+<b?_B$-@ssUO{I46|svI>-jaqrV
z)a!L>8+*NAz1P|an(q!i@v(h?0X*>k<KKDZXLc{_7#X}%35GVSTSKK<Hz*H<$ud-G
z*M`n7$f2oLvl*1bXbNA1ku@;z);CJ!MzGZC^j3n6Fs-iKs5N_k)N6Go%jKYbzVVHX
zR;wPAns4-a?S9*nR&Vw9oNjhccN}<oyR=^#s+XEuL(8FUbL;JXefV_^ukZJ3^7T@?
zeG-)UPW{mizPix~Kby{_b#GL{Z}Fuy?}W*5(&uEoR_dlpjo{Iq-#l+~dG*`p)k~#r
z_n_6OJlexI!qn*YPL6YVAAPF1R=4-)u6GCD8vKP%U4QD;PyFGFH*UUN4I6fUaQAMv
z)d+_6I`!B7>+3gH&Np^S2SZ!6UUhF{uN!p2&!-nOdqd?`<8G~42?x**$U9*Ym+o}i
zrE+k$7c|=SFqpe{8>MbIyFA=5wB2nr|J%)X&wD;O+$r!IH*cM9?W>+$JDZ)-UbEWT
z3_3%V;O3X3U%mOwcBi#ps|1}p=RQO2XzXjRx6hQme)ED#zv|7K-|YnLR<{;ja7UMQ
zd*RakFu#28efyJt@h|^F`ALrS*2%%ce0}Fhj^cffed{m6OSB&_;e57!9y%8nL4S35
z{l%5gcP?x4a5?lpE~|cYP1HZ=BLlhE>||l`z4veRV0Cosv29MedCZtDu9F@!rVERu
zOV9s&#q`x^G#-h>M~5SqN`~LdhwG!qEt>x9vXeSrIo-aj^0CXO?_RpcgEiE*V#Bv%
zBe!Ftw`1|!v9a5+@!PS9+ryD>U$)!DmDFEe*5Hxlltp)Vr*V31U$~Aey5DEf{l4k-
z<STA|<gMUnJ`$`>))s5?_Y2WXZDDG@Q(DRN-|wugtW_&3hmmCMpjKQtY$mr`wR}Bw
zl+G1vo0*|-*W<O7bhO;4M}oq=qm9^Fdt)}=-?hCqm)>5iXO|0wbUvHUZe}7Ai@BY`
zbRjXZyc$i<WTJ)T<wACCHF|G37g?LnCG!14ABBgkmz(qLjYeg9BR0Ah_8-|8PWJn3
zRpzn>i?#9n^4$D>rBUBmTTS+gv5BL#<<W4c(f$4~GjrL|@`Ev?;@R1mNPc!^bYpg+
zx;B;UCU@>_hy6y@R;!Wz>6GTOk@8$BzHl@#oQl<V78+rHM-%<=R~KUG{f%a}9?WHr
zAHL4)m73x9#^Fx?c$K;N>P9nturWLz$;1jrmAQ1TG@Cdf3ddYso6R2-bJbevcrARL
zZWLEC(Y4uBY;Cr%vzAMYq_^)?7gvg-#pC>FI#-S@&K5^gu~ckvC0$KVmm{g|>~?Cp
zS`GI*C>~En*H#kI{&CCU*vhko<K%XGBN<whW2yLZKAT&Oq?d9#qoHqhDPNzsSD48z
zFX!hAg+w8&n@Q!S<}0Cd__3aR#HXLrPCb#2PE6+_ql?*mI-iTqpS2CW8ujDyQ8J!v
zR3nwSd&hnMwb_}2^3iCuw3@CLk478i#!PghQQco_6pj`e+4{-&h6}a6Z)STkzBs)V
z&*b`LBA&`;;+aS>o;gm&Guz>BE`L&=4qvB^%kjlTGM*0GrXpe6?X7q!e4onggxkX3
z?VWfjRu~O0&#;eV*ftgRQx5wnhJEDY>EoTSzi^-JaC<I1M%X45_Mgf3%kpWzJH>c5
ztV?f)?Wa@mbU2=DZmWOo?G+ov+TwO1x|quhFXpyl>FHv4{)Lh9)JZ?1>FKS5)OIqG
zZbpWJt&!Eut<~Q6VQV|TU#d+nWLG0crG<&9>|%4Xv=QyiA8w~R<C`P3ja21mWH#Mu
zj!ZR+Q;qv$tJ9VJ@=<ZQ6<r)VUT?1+l%{G+xzfSbMEYR%{?u`-wGk<2S7wf9_x1~m
z`=w+oHaoi$?+n*cBc<hLw^YxMFIJ}u<M$6I=cYy`w}wZLGWFwhI+O1ljow+CZPyOU
zGv%qw{e|s%G9FYXDvfBPzM9I+k2IF1Vmn(~EBoy`y>uznyR+6EOK#*_D-+3XG#^QH
z6UkO_bF98z>26e(3TsEPL^Zdyv^bhiHcGM8o$B7$Uc0wBUki?gTdl*x*i^4v+ZoRt
zrh??!@YGgnWVX23ZA{b;CdZDF!Qw=AB$7E!tZp_(j*qjIayz{|naFG%EY8*D?x(ia
z))Q;H<Hh=9ZLBo1eDLHG@$n;w3`Tye``vIkx_tIvZeZa0ABDHZd!1VEXsOfMtko~M
zKfF75eemXAhj-8AALO$6<y>NVeQGhCPE6$%v+K)=seCq>E3PkP7iW?Si3>x#@n&S`
z<j)T#ViU2y9DMLR<f*r>4ZL}6;A<D!eu!Q^xWBpe;xGT={fh&;b@JxwwX4O8TR$|f
zZ+;|izBFH&FE7rQvD9>GI5nLZ4(G=HdZAi5nJ<e6;e37&&bvpcaJ^D$X50PsK(5(d
zOYMyAF0a<p+1biSZYSGJ<wtjm!}X=YOg)~9CMK4a`~95HyQlr6bE%_LIPXp^XQSiE
z{pGRN{kh%4rRdm7q}bdTE!JxLJF$cP#pGfnzP;bwE6#Oe)BCB+Sn_apy0qEKjqh&E
zPbSBPM>0!G%d1P>d_6uo(QO5-b~U-sitq1jmY33*_I5B_+&M~bZ>_JDa)s_*y|%W$
zF_K7E?u}Mkld;Iw-bjA-UN^Bdwz9HX$aba{DwCy+-d<#DdUQN9Jhe2lF*>_{uh2?Y
z_lH}Hv+>+qE;!!LM8a8gw75O9v$<0|Ow6S-$?14<efD5-a&msSet&Q8-fn9%Q#{(9
z8Y?H36ZdzUo88PrGq!q=yR$buy<baA4Og?rJG<Mxc5i08H(XBKn;uK9P8YXoi*t#1
z{;08j?|3AUoX^cq?2k>3$2)hHGsETMRAFYJyxC5rQuBxRqdPluvy(gF6SBrka(85P
zX)0T5tlXbG57@}y-Am`UT6442XjOvx!w0(ObJ@Uae|&b+-0CEny>OQ6KcDOleB<Qt
z>|U={A6lq&dv88y)PIQj=1FBU=naK4+gtsA)9Qu4r;lELr0$Wa^MCfo_wY$!Eqv}g
z6okLaKRU(U9ei!@``07a|JVC8KN(jp{5O=!LM?o3S*i~VymqtyEP1cAb;<nvweU$~
zJLvRk;fcNb@WduNozhYN>|X0XM0oVc>+2_v4j$cp_xfvtUkRGmue^HY#?5zf{U^IY
z<<`{sv-0baSAPUy;L6=sZ#M>h;tMZ-^ebQa$`1$r?(aPJ2hTnG(hILV`x~GB^)LP2
zD+B-dw_kbX_rCDYf9aQ=|NKiYz3}`ipMUw;=U)863(r6MxtE{&;!D5%`Om%Z^0UA7
z!k1qC8@l=V^KLHN`9|c%k7<A9%H13N;ePpSxWD*YFI*hRi(&82z7YO?=7s0K`0|Ud
z{FhI?{Q1wl_`5HB>8$xrpPb$AKKIgpdiIkqeepl{&+qSl_S3)dna}>_XFmC>;R%2C
z-~HyNKK*b1)vy1XPYw*+c;~@owH|&%{l(Q^4W3`j56cJZjqiQ=Ctt}u-2S0|b@M0h
z{6DTY!u#WcwbfK@vEFmv_xSt1a2`t@g>%+OdOH83^VoLsIDNboNiScR$HHe9K_a@F
zU2QKF5{XEzkln6CCi11>`eLb3J`U%#?MLRZ@ZK?%%S6(v;r-)yth%#z5N~cC?rkhb
z_hX0C3yp*6iNia43#FCmk@{358i{q*ld+ln;X?IZFHzX(B)YpBK|H%VA3l{B-5pNF
z$HyY0Q-#^NW;NRB9?pdGQFs@gT-iB3oS12i1|#dS!u;g&*5qWRG?Q7bq?4twcD>f#
ztc|Wj?zbl6^;&&1F|v0j+KRUi3(4K)Ml`)MA4~@M?fvM{=G;;@v7TP7g!AC>*3RVd
z`u6eI{(fXLy}3|KCRSDo!-?$dy{U<V+SJ<GZnUvjT&~XVN3)}y$no$|yt+9%b+ECW
znC+&z^-Qf2nNRM{miO+|w-Vv=n07e(tsfljMON-q?;O_0tM`&ehX=XzdTo3@IUgO)
z&2R4YI>l&Yy4Xk@jII=lTSw9RJN3%!W^8e0KDJV+EC=y?qp%R)tuOR;H`kUXAKd@^
z)WV1UyKR632oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
Y0t5&UAV7cs0RjXF5FkL{Z%g3+0Kz|a_W%F@

literal 0
HcmV?d00001


From 0d02ed8508819dd4a5cdb31c63436dee99628129 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 26 Oct 2020 10:42:25 +0100
Subject: [PATCH 162/237] Updated examples ZIP

---
 .../trusted-connector-examples_develop.zip    | Bin 34291 -> 53751 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/examples/trusted-connector-examples_develop.zip b/examples/trusted-connector-examples_develop.zip
index 2dcc43638ad70d86bede01bdb99748bda12508f6..513148ab75cdae89246d1418ad702fd4c458dd76 100644
GIT binary patch
delta 18046
zcmeI4cUV)~w&<;(f`X`^R0Ra33)0(05fBiR4xxxN=|~9>Aj?e=5dk3-sZk>$VCbQT
zY(PL-XhLX7q}LE>2>}8R_qp%xb3FUrcg}b3d+&SSJM)kAtxV<^bIrk6V`lu;8d;A$
zLPZ=c$&>`h?qgD{^c>8j52NSX$^pAxPRf-Ed(lr~pDrzf?l0@{i|E}_5<cy)zhh7d
zQ?kieiS@uQsAlK*d&gk)5Hbo4Dl5VMdg+KBi0V^;iwV4qon=PhFQ=Z1h3Z#M-_PPA
z6|&j1+8ZQ4ioevA^>L%AtM}x>4Z}>-NFK4-E}{+StD10B*-C0TF7e>fPM(%T+#^n6
zZ=@=t+tnf7?@?J_P9D>&x%IXYcKPK)XYSV>q*MmS-;_QK9-|(;F9gV4_;sV<7E!wG
zm7u2v$;Idd+sTt@=+j?W<0_<Af<acynKErg=aj@v3j2>J&ajGcG;gN3+|SU3MTawK
zaQIBWJOc222o<z>I<?JuD(kLz%naj)o4<6K=(X36bsyQZPqCRf8S8VE(=QeAE4NYh
z<LtvzB{{(&?{hB3)}9OXyMYSr=o%0UXuVIbyO*msVPw8gq3FYQCWFM(kdzDUzLORc
zP+u(2t}OdmhlZ(94ZO%sJe@TDfbk;K_w3wDU9nUfz~XsJ&Y%X|3l-KHz@xiNyA$o~
zy{B4cwHGE<7qilrsIyo@lzU)w3Z!3mq(U@9lktV*yNXj)U#g)xYQfh{nIwBf%GD}L
zKHNqpW9O4Vvzsq!@`da$>T&91*A3f&oZI3bPSJ98S%wsj6!ktcTEdF?Sar{-9M9Pe
zJ(O6U4)}DWOZ(^EXPU|nJpb{?Ydc(@GkLz2h`~0o287Gc$<J9{1c#fOr&(Tn$MPcl
z+*@YAEQy^}R$1%v2j`f)Mwv(>XVmqiITos6AmW3SS!d^w%v48NGy8t4TY1T2v174f
z%zer^rHxQWeyWG6R0+EQlo{SSX6kZZr>CJQUc0*Kx`o`+fg;84iY$=k*-OV9T*}p^
zPm-eQ3&vUcsSz9dp3(R_nK1dMP3`v&>1T_9>7EgUx)sU$dW<J_t}&QY9yxR<hXMBX
z0yoTE@(L_QngzJ$JtoDBo-=1{e`@PoX9Ie}T5`MO!r0T}OTFiZ#qWCvU3gclTQT-<
z7~pdf&L7AfNsVww3^kmF!8w^9D2jfY-gRWXakJp_HHM>4&+2;%v8Lps1UVGm6}(QA
z=k5sgi7SvgamKId%hgjB$1KM}s(!m{`nhc0ttAtVQ*VW30>!xUg)P_@5s&-I`-OMp
z3~)l8CrIAM9O&0@XTQgUi=7l?){E=EC3sgMGK%TjVhNG+)lt6JLu{ek5#X7Q!DAw=
zoKw#fBUFetD`=UfNsb26&(nTof0W2;V?na&e5maALCn6y$lIh=`<l%!-^ZD$E`;zW
zsN545<imf3rG^6otOH5fWfzXEu)J-GDtlo8eW=U$Ss$6)RW~N~fX`g<YhuadE%#DK
zMWrt{24jYfT#P1(809W^1y`WI#YVW!40u^S=U31sElHT(ls^Bq@{YVu4#S1$@E*rI
z)_wy*b2n5OjOvZGUz+TtEBidl-)dHnJi7UGAvf8w{o^=d0cbW7i~V$_^-&(_6wdP+
z)rAbX$+%veh+5-&G-9}+t<CS0_Qd7gxQ<=-&JhohT1}Q0hW$Zt%8o-&og08O<Y;lP
zdzG5maQ|CR6Q7|Hr<{b>_hff=N#O0hr+tjss>R4G_i0JfJG~u`Ja{Z8>TM-z9KN;S
zIbL10<Ig&U6$IpU!^r%nwPKp;e%UpRs|-0KX=o^U2f`fESXf>tlgJy=7#r)C$lGkr
zoG}WWcHW;Ij)`SK@q@>wcl=MSe={RJo&ELNl37T6vymv@4H;0@!#n}Q4Lj;*@zK{6
zlX?u0f|Y_?s&-g|s*#sa_UH{@-`J4;4(ZGD=2U_GNsEgYO-XiIppC{_;twZHKKt%r
z^nsJ={qCgYa<XZRFgaN^z|YCw-_^^-Pu#)V%P+vw$ydVD-pBC~X~f3EVZ@%#r#l|@
zvX39URLyeo)J@rpw$r^w!sc&-Za(?-{BgHo?CqW2hjo_nT<@3s(GufFP_oK(_)_%J
zGI(nEF1O3%olLc^$2yDd)ADhecat@Z-s|X2$95!$#;{?Yz1MsoxdP<QI=BQ@@PVxi
z`JkA?o5Ey8>bM_^Bw2BKH#XLRrA`X6yS)$HhG(O<w}|v;svIyWwuc?%a+s@=qR4A)
z0uyyCsCC$kWc+AN&}Q*Cb_$D;Q%ca=Yzx`7+nZ_w@4`P~;Jfk(Xg(v|>$%B49e|%c
z|KlHN`#0UwLyFtf*3jR3+SDO4UhP}w)VKRaW?8Zw;M^o&!Oww@Z)R9{WhQTBhKNbS
zfU5|^y+(Zf7I|e>TO=@Hr!>|9P*;c0HJ1g(5W9}v%W2pS^-WF3WOctM%MLCi6`&X`
zyfT|RN3L9N2Ykqznbb98$fde8CaSbDW$l`JU)|0&N0G{n8y$Az^*D^E!=Zn+0spMP
zfAjc%&HvwQ(0@|hzwG}{8tlJ$_&;fXzHf`}F(&p<)zWI1UU7@DgL%V<7!IU72zIY(
zppsTgahNftZ92rgxN2ajs;&`ae>cDn(=dinp`o>3#9PtdWS%bAwDR6nCW{~k>jJ4j
zCYn-|^zFSdnSlxaW}HP@yYYe49-W$>*om}@-yNyBkQ%Xvr|)l|U-W?0_P1yTq@(db
zRjcJWvRVz@*Bg*I;YO@K8*6Y6i+|Cr#d|5I`C;`X|D_o%`px-0*Sb3SKCwWzl$a{{
z22^^dkWnWQii?l?rto+}!jL{wR|y10IPWM}JeKF2F_4_UYK8hHh&vsgwv9)8OCZ|R
z;8%!YE_;txAUAzgInlgvHVFo{2?hs8y98`Kt%zs4+2DJJZjf!e@0=mQ6m0FqeLTht
zK{#bg5SNEEMl3CK$h)OvPrVr{tO9wzRBu??Zu6hmgYECd*zG6KqxFh_Y&tr~^;6J7
z)1V$lyrhkF{YGN5o_gR?-dH2mcSadyUpW5BJg|cft+G{IWK^b8?0X@8yH5g1ZL1G=
z_rC|)ZDj`XiadWw{CNCa-A>548HnUZgGd}%v&I-+4QLpMRe+FhIBipyT&g~mmf{*r
zi{v8Wz*U$FCQWsNQKG=6**?oQi4cn7^k4A~&F%M+5BFV4fnsC|Ld=#>eL1m60$$0X
zm@he@^IV*-yZ0j*?y(`l5@PN96sIkbY&w%UV=%WYlSG!|6{kaTxf<m0ex0`YQSeDW
zJ;Dhxw~HrMesRXOV4Rs3xxPqOn&ZGgF+qs&rPHJMQG_YbaDgBTp;KKQZkmXaZ1?+;
zGN+2;_Sak_)K@3-_BzYWiy9jE%$DijXS;3dF6naza7of}X~kZ6;;=Z25M_~0M|3=p
zoPXvp%wk24ajOe1Clo~ST*NbZM^Z=D;%xJ*PkT`!ob%2Sz#;OPGqwtK^=SLaH#jeP
zRiSso6yOucxRp|fTk+<JTSU9NRDsmoNL7ImE1Kff+k^ACVrbofCm+sTgW5`8O`q3v
zAO_X=c_%jnZ@ztS=>i(Exr2W*urk<ux_Lb#j2WH{{~XaX#z&t5w!I4z%7t;*y=PRM
zJg<u+VF0CGNI*A6u8&~pnb_voHy8!X?gWt1OT`whQGDltEc4y@jCmwW0k~3%))<0=
zlql6w8UnBx!EiOzdIQM8vBE-$x=Sv8-M|}%)#R5MfF=5Auici+*qg3LlZ&&8;O1Km
zoq1$<U0a0g*T6?GoP#mWVF2eKgL5dyIaC$3%@!GIHG~knSc>28?be@45CihWYQ<}T
zmv^Z9ZAH)x)Wd4dla+Hz3)_oUS2FU8B|m{XLFs)<&HZMsn92aQyI&bMCx`BeKItu*
z<7&4TG5<t%7HYCF)C1)|MvXi_7B$wa`{`@G*qnA9SXVSZ!e5}y^4j~gkx;Pwxpcj`
zGfc5jTjR6fo2cX%b~$;bk$wQYL2;Havg&SGN8Dy<zAaaP95l$a1bzDaA)$#PkkbD7
zV>j6Is<IBwo5$STEWy3I)!tRPPqKCPS#I}2NnzjA19=(Ik%h$wH9?oMPQAq4wSIr6
zU@uI?tNE*Ey!j$YTDoI9iG2&n=4FX)7T#eB^64*S&)_ocLz-(I>{9`pL;jSm=-3If
zvOI6~9_|#-#QJRe#C#AcWst5bD*I8tNK3l3siZQgBPDIh<@R}sJ*Fay@4Vm6=Ctee
z&>T1RD(Sv{UuiQd3GP(i)%>rGB>INgliHvRxWP<8>4xtUrAvCP{h)mM*GIBRDqna7
zIjGcTIz!6<?XjyUFAu;|#YxGlwN|*t?JpAJBUVs4-Q}#7ITrt3&Nq5sV#`^6Ev{xP
zDtCF-8H&39oTI5M*U`%!#UAgsRq0HC!q0H6hWdNm;7B)cS<erZsD%`JDcE+mx(2*{
zefK6+0F^S9hgg*qmpon2yg*+A7d+rLkT2}ceVkhZSi7-5TLQX0ral3%sO`t0GK}jo
z3oYn$eXr!zbVoHASj>4B>AaZqE{&}(Gd&%~6YJBi0YW^6UGJM}+jT6c550vhH5kmE
zY4)6$`sVY2TU0+f&1G1N|5GOOSpGB8`DVE_nf!s~60{FI!Y8CC$V~WBCA>YM3{r(}
zp468U)8mQU<N#nY`6cQj<AnK9Wf8e%>hfjYdvnsTg>hRklm&ASM#|Ji!QDj(RV}Z>
zE6AU3=Ey&sIZD8ftq_%5`KA*(H(NHB!HyQTaL|_zpt>2|3Jk>e)goauyTCjNHSyKA
z0H0y?_yR|Ud-+%_YHG2hdL;gXi(#PBSj5_`FadL3V7WV&q0^lyuM~XMsM||CTY`^=
zqrYuNQ>?N+RAC_dlW<-~CepSh5tBl&6C1ZuPPemsok7gZ;&tZC%Qq1s@)!`Wi3cu5
zEE)w|DX)a~>U163@k2RRj0_t%o8@J2F_ku>(a0%m9JC;7nRso}`CLk9h`U5z?5x15
ztx6vtv4WKYyP<VG5%)P;CwFSlaU1?>ePV5uEYt+&1SL9t5F(Z3QDtcGh>7k-|8BM-
zcu7zf#uU<?KQrl7tcbhV)pO>Y21G*nLVH$gRUpVXFK@&O1slyuaG@|Pq-=Ls`4(54
zlf>7UdUWAjI*l_U+QQU#FDI^kiQaDDDgyZA$ex^Bb-RrAg9tCQ`uKch;8L7lLp`1w
zqXONOY#u65?{Zqttl65x-cm|=AvxVYlHI*^OD*%ug+RHoh1}1O-M4$z!Lrg%DCB6r
z(wbp-g1SYq`s#LWskvla*i`Auen!Z5`s`@={<QfJuS5-)LY>TwZGn3wsJ$=b1G+OM
zyVGVnqvtv;d~YbGTfc1Uui2g7rMkPUJ3V2gc(cy>yZPOhtSZayqs^QeG4oMSg^du1
zUnDL#`z9`vOrR2WYUu1UXArQO$CY)Z=|PVP=rIG4wATin+CpYk;SpT)d_1%iQ!g`+
zW0_st&G#7=Sk|W;+k$Q1&fcB{j8xN}XE};+<s##@cA=7&m}VUo+&n#VN9-~|a3tRL
zy08H|)sO+-bQyps5i@K-g<?H9%VzJ|bFtHe{!qj#SN(gk&+@sD*_3ZS_m{`xwS6a4
zG18VN8AMy=ODc^|*5(dsVs7etG7FnOi}iD7q%}^O$PZ<zoi^~kke~<PQD1hAl#(P?
z4EazDfn}m&o43?)4XUW24zCNd>wT2TCP*OSVh^{;cFO42jkRTGXBR})J+Cw1c#)R4
z3EKv~!brxV^R=<c#(C{1{YSD!Bi1$eMb91rc8=XVLwI2mKfSwQw&m=k%%$9|B_3$i
zK3FT9AJ@G+yS==<0Ri3z4U^2?jc{d8`#4SA98;`MoF}z@nA6j+m#(W)Qw8?-*e_v%
zS9Z<3NtKx-tKOg;M*NQ7$gmz@fyRgv7Ng6@=c(<4;VSHGH3EvhQEE%xv<tiMx*@Pw
z=n{o|qkb0aQ5?5tSjeXquHDI-uCzb*5%AuBZ_cu#cs4Qt=nfpJQ{3y{0;LJ0?c+jB
z)R)X9c9qOQ#nHr`&baR?Me#z@h&6)Z`ntRl9xOahS(=DJ(<m|Bfps$z^UJoJVKSlq
zRcSp9=W}H6c2L({ca5dBC=N;Mnr$tw4KC;Vb(DvXCADos+b+MfsisYC&JOp4F3=Lf
zNbYt!eZzp=K0a@6z}QfY+QnqJH|qjSiDLGfhKW1b9JX6@Njk!gKA4Bu8u#l_p*L~B
zfwg=W%tqIMA#{S4*RVTI4qavHQQ4pNR$ouyP=AwdS4->)R<?_=roD0iCYriM5mTX?
zgeTCMDtK@;(xrI_9x4<Xx{{uU+1)Ld+?@jsgj*z4c0zhWXKXj&>Ptgp)y;7Xur|;W
zMpJ*OM5$8SA0h6J&jCw*@I6#X9(*5%*-Y=*D+Knq_SXg`w&&s)(*_OZR{HiI?e@9u
zG(x5r?dT&MzUnC{P5V6N0HxLL3HmIS8qp6f%kkRicHmP;xcbcA?n6@;K`{Z~5i~H)
z3lYwrP@XM~xXjz_Qt6)mO-k*A9f#Js6|^p~qm^r*MvL+-F<5MO<#m^nfe|b*2DwQZ
z7_qo2XIFG4kH6D+T~8F>{suP2?Qa-pmPYAp_Y!I7v*!6!^<gag>s=MOm%KxD3qhe_
zh)Qd6PcEp`XcOBp=~$ayjG6>!M)pvjvP_XX-ZwKl=|jktHDnZW!~ZRxqE~S)SKWe_
z(hXd;NOtl;9Hv3u1zN?MglMb}xdl2Gnl2-`JtbNV&2WB9<*@u9$AAFfN~pZR&bo2p
zXcKtT-}AoMdzN^vB@HjI8fSV}B||0?43<9DyuF)E>wwhO$k&zB1A}nM3%EIksHnX-
zI&DDNm?=+>E0L7jO-Hp)EU!SqoaY>8TW`5~7gqaMaGh4RC6b)=R!1xxhII+HSt|Mx
za$s|Z+_?6KkOc#^KGNw_iq+uo17&%1W<APc%vKR!#3$aWC*L2DZ&pcIaar`!lhMwM
znz5a2q(;L*Ks~@`{okC?{d4O6$^7r1Q~nQ({@48ffRX+;4*8e;|2G=<KU2MReOvv2
zi!-0lG7sXfX8$qtGOYI$*WW^MA75{<tK)wJ#TS2q;(|XxalzlA_@O_C;=1nyF|LBT
z@3h{3mc08lRyWa{zr`@|M}B7u=*pB&@sOgkhX$gF-oMb>L$IpU@#fBuGm86*YhRir
zPV-^*Fz~&>a&ta9<Nh>ZHX*x(h}miV(jpPJJ6^Ka1MIv7L+f{=?3L4s_v6Nb$7xm1
z=APtIf)e)ifbHS<eTPlz)c#5-_4c1IaU<Z*I{%@*eYo>gKl0|6=!SE9wE5`b?6j9^
zs}X!zo_oJ3uB}e&nXAdH_1VXVF55yUZTAo%H21m9JpvWGz6L1tu#mF&r~+x)PyoEO
z9Wxv)7fo9we38sa0VZR<NC5{c*T#+p@7abJX3eF{^^DQB)ElVV-66Cg^h<naO-MRV
zaPVusrEJU|&E4?j>2(fY>UN;#vH#2q{`_zMx+(wMF8`-`|7HLGQ<nbodH$cW|F<w}
zKs?<RZgUswJ!ei9>KDK@5X1(p#%2zfcqO&FFA;~qA24yN1166DHzuxVjwDfv<AJ%v
zcg<$%^Ue{z$bK&Rkg~2QYJ~<h2IL73*s}cH@DGc)lD9Qxr4*R8Fgv`mYqXTYL`-!_
z)1zK>;(iYix#ckzn_xF@LYUi{lf`BP&9$5Aq1_}-h}dB+#2UQp(Qo^}pTKOWdT~13
z3;Fe9HUnPWJCNF%k!#@OvP_Eeo>?1lgsf(ghfB|LACDsp#$cdr6t7;ugYUQ>Nel6H
z;W*l{kS%MvPUE`~CgkGog0g7U7=1l(*3j8YOF$mcm)SSmJ-^jG|G9g9y8H2Nci?g_
zpMSV{YSX%IiV{GHFGCnjN$FH_qRhUpdFA&p@md?=8q7vU)K1l+t?D*g=cnq50L`=&
zbsCv(XLJ86P(9r`LIgU^wO*J@*kF7Y<~wF+qI?B*wDbkI2P3f?<!#D<G%7bENF0#Y
zQLMfC@JiK^#!`1*8y>~i60y2JMGTuDbE}xJUP7CmYy}sFIOJMMUQ39=kuCC#x#|Fo
z_-@nz5$Co|@jD>miHW#|2O{zjr~@K?b~!SzP!H#Z+ynSF$Iv6biu2>dtqy}a{0Uv8
z`8FL}vSNwEJqy8BLFNLqY>ARQDXpBjLj((n--&qhzY%e>nWfwxMBHfp2N7R1kPr2)
z<w!*vom6k(NUc9hP{fXAd4APJ`{!R$v6>s)36PM0(xIzX`8Z{-K+yy<npO~io8KfN
z;wJ8kqeAG~dR_?)a@%_F+U?J=@U3Q-VjBR>X|^1;Paz!;@s~W{zYuZn@dF~xlRz5W
z9&FBTw(ULLR>D`Y?Jxsg2O~{SDofRK5KfWHb3tf>eD3iT#%=?FdJ@G;UJva94i0G^
zh8E+uy>Z0dx6Rosz;{vHfjTAb!4MqQtIB`4pz?r-TU@Q)o0&H+2FeeJ_@Iaeb%?%t
zX-U(;F64J24y7LuadtF>UiUi@Z#o?j`#TZmYdav~@ZEA?mE3ti#O41W;)8LRYjEPj
zCYs02-o3erJH2)`)_dP|=am5t)8G)r4Rr|-sQ<l<p&e6Y(Cbh#-d)v#2Ord<<kDTQ
z4d=BLMjsrl#B750sOI{1aavP}I-$NQz7smoZ+8aZHWgHQ%0PGQDWV^31J6VaDtWeT
z=CSMSG3o5F<}3!4kqeNK3zL!a^HW(P#ezeEu5PArm<Bm2I`w%1eRKh_+I@8}y}9^!
z#EedfA_#;OC)y-9yNUXB;`_Cnw`v<urKU)aEX^d;l+}}|_bKDvxKnXoFK0^*fn^*f
zit<2Q3y*6Ki1<<<gK{Yni+yBY?e5}!9gP|NGCPDDi1N5nml@ObX?AI8eJLh=-1#Q@
zRZP*G@6rgedmhNPRx3kg8J>R@%^Ml*kqqk0&USW!3d;pwtmGTHWO!!G!#uUDtq`?<
zSnFSVkUR3x+f!(#Ww`61sQe|cEac_^CAzL`3GIzGQK_qDy)Gu9zaoY;shUkfJJPYx
zVJ}Dba?VRR2Cmn+u19a0G005iTOb<xna8-gn0M@KVu0KPu+@lGNwR9#PVj8W*HdtL
z!^P$))6~>LW#q;xcFR}r9Ei^(wV&4iXwu_(lbT5tJ5yUrC@NJ6e+r(L*%GJk?|$RL
zn3Z+0_sqF-3v}hd!MI7s)e5O}Y??!1Y)iX|*aZ+?$9!OYM#oLP4xUkL)=ZC&%`5Li
z#%cNo0pq^I@U_WpS6@syjJfR{w_b~1lm}EM$+i<G+`QUdbb(VQaEPO<#@aqOOtq9Z
zRs8*$UuTL>R&$l?I%UViTkuq0IxW=ER~DqhvDP;e641QrCTGwY;ixk5NlQd8&>(sW
zgR1ti=G8aT%UsZUA~hl=&+$&Vd$G^VFRY{==#s;3%Qx6^#d|vgat%rtj-Ki0^yhh}
z(u0JIUb+~-R=c2EUpTNG0~70CT@@QLbXo`O@g{<w>M$IJQN_kINVRzAGHxn&c-t{3
z_?f3*b8UV}w(qdP4G#pXA$+Kr(iBE%CebD>vrUGfAEdh0g6lRPsc@y{Qk%Ee^Me4T
zWkWfPd_Cn%Z1;E7F+)xB_4L)jU0X3#JLVoB?43&B5Y`a_B`cudFW-X_OCNea@(c7X
zR}bqaNOGsRt&5Iye|b|OEt6*BNlFF3qtC$T{(+Fdca^XLW+C<g($Ht?LIqsCGD^`-
zQH1414cI?m(Z8-d*gB&SIiuGW0>~^(wbc3Ll~N4eXW=arY*bXN>{LarI+V7wK<brk
z_3kD6B5m^@ytYMRiw%jY={6aeukl=PZb#0%1^*AdJo<!DtL3lpolG+|UHBBbmNc)4
zi%9q5^3wDUF~gg<*+-jbbQ}VUgw`f65=R&BT@5@%ic5Etw0bTGiE*q0s+9+ai#EU_
z?n|Hui+34B5GY$rFf(`984Xbg7+xSt;KCb&>cV{4GMCcaHy3vAis*R7^^kIf*kkL^
zv-(p(V7FJyW-evt61!X<`Blk2fn*?)l^4c6_{#(9YfV74nWJN)1|B^699-q7{C>@q
zttUhlqM_r>wO<>^2M<M}$I<r$1kCrZeS!=lHyPdW6ffkH#<Z$2gt>O{e!#F5ZHMM@
zCC#wQy9fDUAf{&54Xm8@TGSCno1|EQ1FqC01$|V<*~Y!hrtj?Odk9g|5G+GWhV@XV
z=|NEeyAUzNMgwmsre<|neSfBoC2d?`Cxq59Gig|<&DXoh0&sMt&FZbsG_N~}$-+4e
zyM<euYn}w{4R(x#TB@Ac3FNMn(TSQfcXLv1Uhk|@0_AT{Yj~9>VkOLk);2vvO<${A
zi<ci7;^15jy?LWNRZs0EIj0JS&11;-A!K(tAqLtJ<0d;R{f+Hb{%!(B9wdEscN7A$
zy!BYNhBJnIu>YNj)k6>OJ`j;fQBiy?Nvd2QU{vlbZ_i(i=^C~2@<W<G{w(YQA-%!p
z3z?6uBAW4QR!RdSEUmGd8W6xcq%hfz%p>Op(pEkf<3EFSM5%JcF7p_iXD4s4g&1>j
zWiE}ZjO#j8Rt%`WT<$hBaA}<zVh0OxB&>X@8W;o+tCYn@Dwt#zg9PbBANFjq70IuG
zOD(X^MoO@(1mP-<1Q!>Vv^K6l78WvhMW9Se<KDQ5Vxr!->SGc`S_U~h`($ruVr%z-
z_zij6?wlbO%1-uP6BMY=s+Lht8PAej88k~{TWxw%6E^41pJ<Jh?BTxGZO~R%<(s~`
z<_frl+2_`e-OV-X6b?jeZud`mpz(#W97&AlGTr?~to)`{mgzen#|=u<ItYmx^Qsip
zm?H7{lY5*5B<W9RdzG4nd|2ORqHu@+Q6Y2c%nqt`SQm){HZ^i55<V8^T&N7+vrs5U
z%k8Qop<5?-#X}qycj3)@XgbVRe0dJAU{&)~w<c5O^$^}Ran^J@vJw509qs#)wNoxT
zR9#ZGX}wx4>lKS$2uD|s-ID)U_M5TdC}GO%n6TW~!OOwT<sq(H-QWB0wrV>@L5=>v
zW^P~cF=SzyZM{Efn~OH#{aRzDHR3IrGk7(c!G5}*#NjQc4P9jF0j5RmXg~*x)*gkd
zwh4zr)@odAgVyBL>0EZ(5gb~36Xg2uO?;sf@V$;=6*_G$CuDYkLv4Q-W~jOo<&pzk
z^XpOHY?*`3t;0iRX~Muxx+Ho_t$TNp?kq7%vzi`d<lfOs^RnaOo$I8=uXkeTUCo}V
zT$Ov%G80oW2avsG4i1D(U_uvZJ;2HcF=SScTCl%tSp_BM&+SdY;GrwA81?00B7Hdz
zSeJp*kv*YnxTYK^g}67Ar$+bQoAKUVGJLiKm*=%M8_Qlt><`W(1}G7mt<;9y0m*5A
zUo>i8xoCd_iJ5>1WRVl9<cv{+T0|8}!@7kpE5(Ul6|mcy2=-79&QQb0zV~D4c9^gd
z)6rxp%gjb?YVxx+5Q;UOPvx$*y5(D{ot{I{wP#De*Exv5W8TX*lM@C?51!L05JpuM
z$J_5DJQ7|P?Vh5g!$8rZxpB0ZR%=1dn1Cu+X;f3Y?xunI!SfO!2&1xwN=ONJ(I+96
zR^!zLApgts`1YhxAt#Aqz}`f=7Al{_wK)JwkD@qAmGXe>a=J;~STkLwbnC0xV)p_#
zQCKfeUjg4LRW9$ZoOLlV&7eMTy<b_5%43q|z~;<DxogXOcNpvR+|i%Gka9L`L|(||
z$N-5xkdHuo@qz^AzSj5f_>>@A78^M09PbYJfk2FXvu-!cZPZ>k3)dwMtZLNP)+q$m
zm%}ZVb0Km1NH$9YUa?dbZ&?c4#CF*^EOe|*I65&7Gzb!oTUgAV{x+=uCluY26i!1-
z(Pr??(5j1ZT^yM)Q|)n^lZ4BVD#Ayxl~yy3R0pmUU5V!$8B3z85v{uW4+GsjDZmdn
zZW&zve~XR(Kb3#}c?$hs>iyUH|4ZikFAM+wZvS&zCx3_ICkENhtYiLQ<K^8dp3H3L
z4(#g`Wbf(Y;Uw<r=;z=g4cq5UW4riw-3WJy!)&5|*A2sm^8isM4}O&VKzoW6#x>+$
zljJ<#URb_T;dD^)(|d-(etswEc}J3BHtbpHegiD~y+ImSvW#p%49qj!tJgf$s(if7
zr7hxV#m(akvKJ3=H%@KwhUaq@j=&uCFBuhy-p!2)e4GC&`F-yF1x1n9iC*JPJ+CTG
zT1?|@Hz%m1;y!@BwL_YIvSFHgRibZu+c4G|B6{;JB1TmkoQpgBJ^d~RGiOrMJ20z-
zjF8m&v4*$wzNe~R1uNnwoR1B07&h2TUAcKtuIswvi1V9n2P3zkOYTO+=fpo>DOOP>
zY3bRA%zjnS@*VXuv3iqy;%%zEW5c41Ny8KFH^~~W_~Y9_z=<2l0yS(pv$wB3an7<&
z<csV-%495>`+X(j&LY+HgOF6}sxCJ>zcypAVZbcvNTWU1af!IhElwLr+TtTC+9&v&
zh%mV(44<-=`yq=nEszmAsWJF=n#q!PNZLPTP%tbe&VTWFVl3d!xFY4%!0UAU3Cl&h
zQ`zj{9d4htOMusU5g#M25M6g7m*i3g^O||P8@EA@$lYiQ3KJSJRbJ#4n?IcYG1~QJ
z_WZi_$m#0OquZNfV^$*mdbbItYu%Xf#Og<Dq_*a%w4(+*{(H3n5Vr?vvgh7VKHp!c
zmGk1Ya!*n4ob@}Y5e^T0!$jlKi3z>nnM-P7<mJ9oZ~{o}nR+~?T%({^bN|U*NPFi%
zr}2d}^fZl@{z7jJ{`MQ9(w0}WnMtQM{^WeV-DKWlh$qs{Gdg)|Wp)BGeovHv>BDEN
z@w-+L1};OYRt=}^X;bSYd3{Vv1C?VQQMsf1Ea|0nM)>t~U*ga~4MZ4l_(u^0A<?tL
z>!1iC<?!(zr8<A+oWasOK$ywj*6zT6x$-djAyegHQL~5QC7?ID`XZXC$6kQBn0LsC
z>;xs7QSS3giR742c09imM?^R*7WP2PExYlPmcY}K<9Na^;D9MvZMM%N);<NtMc7(~
zECsKY9CJf!9%t&m7xa=zkR+Yq1}jwCO{eD&#`l2N-Q*8;ruL<G_y&kMBU;3-_+NYX
zg`_qOA=!uF=@s_9QgXZjPrEXnFvse!aw&<OR=CBVc$(Sn!#9Lw%d^Ir@rMKvj{B)&
z;gx`2p=H{qyJ!Z8?k~_66{BfpzZK0j9oITF>TLtjluBexIxny}$oDq>-Zy5mQyNJR
zAHLxA1*%d~!;dFzvx-Sr`-o8@bhI8mSVW%3)9tf2b|j2pmym+bo@y-*-zWHG2P1z8
z8YWAFIA(9yUwm3@tM3g@=+remFF;M$xj*Pu@bTo}hlw(G6P}}Xp9|_!-z^!9>gy~|
zzmJnDqp5?ZdBE-Pyxc3itaXeCCV@}V_Nwm#EP%uoo~}W{*oC5ykNPfiN7E6jRi7a{
z3HjU%49El5gtgsjZGXSs6eP@16<S13^|(Q+hAJb|ntGL9yk%dW;b}MN!q9gEs0&}-
z$IGqDGHo{^tYy<0>z>x|U5{ny_FZUVbM)KisYon-8hLF9ui(0WQ6@nsTl2+dUvZ&2
znLBOfd3ojqpw^?`58lzy59mA`6de4v)@ipjGQdgwZYeo#{1vK`c+J8W8JhU**DTen
zw>&$K2|peuo=`hY8I?Kkup_@a7$E(3(NFSkL#McdhpUs9zxX3xZ+k}vdq01PAWx4J
z6TO51Db@z6`NihLXJU4$fB9Mwp28Y!WAfnDD^^C_B`f!H%4-Uq=8yN4jpzEbMFQ?h
zP`c!aq3b#y*25CZ#TC8|y$?Olq6i#Cczozqno(~6;tA_C4=J0O3&{ptJtw@SX1K_m
zn$PiG93bnZ;ab!Qi9U^%)cNN=zr`Cq6%6_6!d!RvIUh^3!0P%0G+*xi7agvR{%h5@
z-Z&l();{Z1Dt5KyI6w0-?W<W2THjX^Kv%=Afq%2L)qFbHS)zTrzU@<|ud!1aFeOx`
zrHNO~_<XKIe`L#pwO01@^J6zK<*m&G$@c=Wc^Wd=xz;nBFYUly*z*eeH*jpt?4Jc5
zxrGp3sWuHn-1H6m_GbMS|H>zUvNFZ&$gF5_bii-iZ;)Bx$r0x7{K17XK4)pG-x50e
zUYD2kh!`Y4&q>bFCyQ)^kv;ER`3_)mt?%M$ivspN)Z(a<nYC!_>ARPGE7w?^3uH`Y
zwz#hKZfFprPTIv!CzKyA%<}5n<mFDXiZIofx^DtV@BKpF&Dh%r@DBKVCw{!h^6>Mo
ziOD$Wj{_Q}sU`A&xm*au*&Flp{VE@GrcaX{>ix%tJt!3C0KIU>W8$IS%P%gw3>L^J
z)THG#mPT%<-QnK(hobqs=~a!-zI{{|dm%B*a~{lu5;Ke4(lxC@y7_NvUfD7<>8n9e
z=HGSMI~S<HU(EXQib5KV&oYb_#VFv<NgE`9q_}pE{_r)uLb*)717Ab`#n-O=gTD5|
z!&(j^+`uoa2i1vU3|AC}v2Dk1Wt|W?oH8on_98M;!2>toXc~eWwG__3zpp%H)0Pjb
zaBVrf^QfmSQ{LM-@TTS5B~Z9VzA4+rJFnk<Ihn01YY2q%ncFq9G&+u7vT?b3UQ49&
znyo#X*eCI4PwK6Z{BeGlTxAlnMZIoKU2Q!3Fxr!kL)seQape<(1cpeWOv2|}WJ;fA
zMH{`H(f#f4p+>(ioF}LptKr5uM{hBfII&3;C~OSLh*t-6gNN5Meco=>4<oNwIgFYp
zc9i8mx!JD`M0NuT&lyb83yx348@o^QKYKnBW5zxN?l^5Jb~>Z|=1EN<jS<VKGp`Rh
zsJkQ~#=<{p>u`0umw>93=U()PGH>Vjeom1)X7<&N#c0%3rtq}X(T{opmrwroqFM@a
z-B{`ht#nQMPBCA}BR*N^Z-N9wnf5>i8>xY+Adt58NCaT)@U)Kp>fN13S;@+uTC$E%
zxQx(a^7<fs=fQ@{8=b*(@<jZv;}^5b`+FzKr5SId#6Dg+fi$Ww5QA~mJljYD>3oz7
z>Rg{RKCHEPb0J_M_}bIknk9Dr5L_iBp(~cTbzmUY8&SRII@ihw6a7N|EuZm&&hvYq
ziKdb8Hqi@!zmw{Nc83)OX;l}+%l+Szesgbqb?oz%koCEYYJ7R1TB&r<sjb46c`AKJ
z)$|iZWak%PsG!j;>S{jssnJsVeF5~jvg@paQ8z(8NAp~bHg62NLHmQoFP;%MUW1Ui
ztK`0tT8%q>Pac_G+p66qYVq=<tZobdnL~wAj>bpzOmAsAbNr^lQMr($$WwrN^UV5}
z?g$&dC!LRnQ%*O&dL_mj*n4^!a&l8EgpGrdvfaX{mtsj-ju^C!+J+XS2u(c>sd}mW
zmwnn|)a!EUfoGpP@nf6*2coE-lP}oG_opZdyZ0lCJ|ojFq-vZvb9ej6ue}wE61TX)
zEpEnwf}a}$oI$al<5jSgq80nu`2!#B8P6wKC#A2-@R5U5@aGjnj>UG&N3t{lYA$bb
z+mmgDcE@)8zULSUqgVNh-&E)-YprsgYw#_4iFk~*jb=y_xe2}$Z2mP;D<M+gVFC{?
zADj1m)QP1;b@gQ`V;^-a)1>GP>#zOuk*Pimm+u@7j`$9|y>>i%{qn}s+dtxHbtU2A
z^(^noHd{g@OG{b{FY^RLxlm^dAd<<=A+YrP4UI)>;<>c3oZ14-H7-o^<!d`G(!;5h
z$g8meZ__*2;ve4KsCeQh)L3g-bZlGv1f%9?PblNgal@)xu`{U}#K0p@JjEJ2@VLH2
zO6k{2OkGDZI&^gu6fWIGl#2YuFx`e!7h}AQ?U0aFDiB;u?!P`Ta>@o5QUmY<-!XcM
zFfX!_JUvxSncSXTTaQ(K&S+_@_&uY5*-23!U6yC0Vqsj;(U0<b@yx)Id;YvmB=a1o
zb3?=PavjGRw#5^K=kInc!cB$r7{Va&AgboEK&P_2N)+YeL8S8y*bksAKvJ=7eb{~m
zO_!6P6%N)*79U*C>=cEk09C7)JdlNe^z~l4fX!*OC)3XDr+yJUe9qP|K~`#(8F9t+
z)fs6azvH9!UAFtS_h)*RJ@1WkE*@FcE+oKv$Vw3c?>OF_`6S7|(8ogOVo~o^R;^NM
zFT^4}NeE&j9eSsYNvn0$K1>Mx`yO6&_3m#s4!n<Y{LrEMdPk4J@-DCg|Lf@b7a#l)
zU9*jU_dGP!+~V0$ZZ_)Fkq7;!UOjD=FcHzwDO3%DT|wzAf0?SVc}piN2lQ_UM6qYY
zs;<wX=h9tO#*&YNe!b)5-=sb9N~SlzJsEp$k3I&peLD@m$GCd?!EL7$@XPN9j^|(W
zBGRH5_qNeGs&%$0Pm}S2=sSU?!(;m@f}?Mg9$6TM(t{MZWB97%WBpI&GAC;Z2b^*_
zVPtu$@4*)6n&{ntoD-^zgp)4sFUt0D!F1>Nlpo^Mn{KZvEvvD5NiCU3)GptY;OElp
z#Yfy#0IoP0O%41?Hd{V>_R(tNV@59dv{e3hhHjHopJRHr?fhM_MkOmYZv_whPWyAk
zQm`I{iPt+fm6jTT^^2*NOZ`$n@xSkDUFp+$r2OfJ%IkvM)*?oTQi(=}<Tg*WPg)Mx
z0<}T~AAX1#L@pcIw^^RXLu&#meYL#OlyGzeK&u#m?SGvK@Vcv#D2qC(Zk%Fo6~_TB
z%R_9r-fMR&1b=ki6O?17bHow*<(20Yg8M-1Pnv9BXQe#VQPl}@cnZl3x6)uQO~df%
zQ?@?ahB2fkUOS$;7a16r{-%bYj$XMTP)#)n<@S^=_;l(u76YZ7kEQrpi(=WmuX70~
z=npUjo_1CJt}be-H3vL!Qz&+0X1mY?$P2MUXY1~<MHgx|24SuZG|K$gn(yr2MQ<NI
zbm-e(@{G%Ww>6g&RDL^Au5>p@@#Me%d;qL2+>rZ^I_*P;L=MFMXm-*tY&hS+PYaxe
zIsM8CdlbQWSPd2yVRSee)*E4V<h3H~SGkL@Um^v7zj~$Z(A7T_9GnfR{FJ*({s;Bn
z_w^1RIe+N<p%W)g9EfQg`YRIflge+#Kda>Ucb$Lx`W(zSQsl^*8w`llJJRe2o6zQj
z%|^-`IR-vBRfkzcvBJc|nJ@pq3x71bz@M~B!z{wDIRAhRf3y=pKM#^Lx}%|a?~a70
z<IfBE_Z0Bp=KjGZ{%D-RKWjN472;xle53zaU?Sx21P-#tAO9TSkFREj4*kdh{%D@i
zpN0OBjNs>0{INkEI`ktl{n3`69_R=D2G9KY1U~}R&uafV^8M{)4@dm3F8i;yV5|R`
z$^1OQANR%2*X{c3ADaMX7<u{f<v-SYa8~pDXHi&uBtOh8it|WpBJ5d|>Jj$Wu$HLH
TXLt|s9?Cd*=#ci8AM*bL%pxE{

delta 1541
zcmV+g2KxE;qXYAc0<fDef8T4{Fc5yvUvapDwou#YFK7*W2yNI3D+_A|dkczvNknBy
zoaCfo?0?_Mj#H;g)4j;PJKd+dPx@|&<fPFV9A6&y9MV$e=(1i9;0VT}M{u&Nl<<bw
zBMTRMTe2(8jdoRul(CxwrI=#|GZK|vm>H6g4)e6xn|=B{{55zSe|;NH#)B_eT;LLw
zv485!rBMvy8klhAK&`~u0ls(=xd#DJu25)jUU-aPW(Z70yQP6QV2NS1hx-92lRulv
zgLJM!w?U2}Nj3#-K9fRtk$6GbTSuLu(XR|WZ%d1z?Kzg(BWa;FEG>{jgkZTCuCF|U
z(p1_zD7X-$kmt!Le{jL%mUIEc^&u2ElUjPF9~jbrXQY}+#@!wkpbxW5mGfAHE76!U
z9Zkw1*1cb6z<F3(&KFWoj78mXzPXs1K4s=<mXa~P{@sSsrJ$55oi+_8q0wxg^A#+0
zYc9G>Eb+PIC7;v)qtE}1?YYCS`EHQp<U5JsCl_(fS&7B6f14J3v14}7rCV;Fab3F-
zdw$V@*&BZktfqe-%5I?3I=+a~D%@%)u3v*oUP`q|FVHHpKD4ohL%oz_bjk1j^`2N6
zlds>O#-I17wby8DsKrzvKR4;X8uCyIYo(sMT3!WCtNENwVB_Zlh@2+^hscycT0$+1
z^Sz@06_WXhe;l=EN7w!SbrzPW<GeY)InTnf<Gi}M%)%0VP!ya9W%#p_egRQ)VgzDp
zmUtS3FO)K?wn(-g?w{^PO|{IHlLa=qVm4O6*yy@b%I(GNMHZIm9pSgRA5DULo*yu<
z7EXQ)pT^r=XHZDT!-2=z3a4OM#iw0`bDswV-admcHl2Cm9uoHELS9+!2kQHQ`v0D3
z-A!%hO+rC36aZ6_#qN-5v-j@%3s6f32w5ET#H9iN0AmJ|p%omHYcC;_u*(g9l~i4C
z(=Zf$@2|LOk@iB8jWKDm#6txWAW<>2BJoyv$!%xVvAye?Y!%|abDe%H9bJJwr1AYY
zKKIxsEmAbzDL6Sl8APPklo-`u05F2-^#r1+8>`uqL`)Sk4z+}`K)y8<l9I3_YP~=O
zbJC5w^K&F^B9_IvR=xUp^<zALx&CrBn~p!Ktil$p55Kz3*4w5|8$$OR!Pq|NRRnxw
z(j|k2VQEo2h^!fhF!uz$p?zw=9s&uhWB4!z>&vBY7)*=}#tm`?dA=dE`I}Xmb<Ud9
z^FY_)kRLoPchoZ2&YT&?NKV_0N_PmQCxjqmgkSv{YTr1HPzezvNjfHfZy~0ojN~dH
z;fGM++&IG`KM14;7Nkx}!QE|^ppUCeO=PU3&^atcj&;j1)tOfcqz}7Q<jT0259oTq
zX9v^CXZ@m31$oci>n>HanhI)Mu^u>2gQ`QpC$J)}gmj(Dm;s56?6d|(F8|COIKx!@
zew>%Yy~gxX>a3KmJYd~_Z%eT(iaHpJowiF{b)h_*z3IUm%)bQI$$toCKhYZ<A9Wop
z?mU!rw;|?_wcWH=7_46%E9~IVwT8T_<=#J?lQ?7c>Fdq(-2t}_)*icZ`qrXcHxt1c
zhq1F&g}2ROVcY^_@%=OCQoaO|B3~y<X?y1*4@L<hcw)I4qwSu5!;90?3zZ(jUhwkl
z@=T@2UhwVPbCn*$7hINTKM2{s*>2+FePdW`Gx;{1!Y%n_H(-6woUK=Tw!zYx5HYK_
zeM;<#GSPpT{RUl3TFI9JdaCZKbqGhzx;;`MlTPiJN&ksczi6x6x}hS|iUcBzsrJ7p
z+wOyPzX4E72ME3iNNDVK0ssII29u!`9Fy-n5|e!|53_kSb_cTzYi$g(rIC0!30WNU
z#H9iN0ArIT%TF7=NNDVK0ssII1^@sm00000000000000008W#T%U1#%HItFcACm~o
zG67|iJIq!Bb~%$g%ovl*ITMq<%n*|x(F~J-%?<*yJd=>kO9F&NlOT2)llRRt0>wv@
rAa*~KYt9gpZqXV7AW4&o(LDmIPm{^fAPy4%6954Q007*700000BR}43


From f0f97e472f292870bcca8bb6d1680794ff7d070b Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 14 Jan 2020 20:23:15 +0100
Subject: [PATCH 163/237] Fixed LuconEngineTest

---
 .../ids/dataflowcontrol/lucon/LuconEngine.kt  | 30 +++++++++++--------
 .../ids/dataflowcontrol/LuconEngineTest.java  |  8 ++---
 2 files changed, 21 insertions(+), 17 deletions(-)

diff --git a/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt b/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
index 3c6a6835a..a42aa58ec 100644
--- a/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
+++ b/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
@@ -70,18 +70,24 @@ class LuconEngine
 
         // Add some listeners for logging/debugging
         p.addExceptionListener { ex -> LOG.error("Exception in Prolog reasoning: " + ex.msg) }
-        p.addQueryListener { q -> LOG.trace("Prolog query " + q.solveInfo.query.toString()) }
-        p.addLibraryListener(
-                object : LibraryListener {
-                    override fun libraryLoaded(e: LibraryEvent) {
-                        LOG.debug("Prolog library loaded " + e.libraryName)
-                    }
-
-                    override fun libraryUnloaded(e: LibraryEvent) {
-                        LOG.debug("Prolog library unloaded " + e.libraryName)
-                    }
-                })
-        p.addSpyListener { l -> LOG.trace(l.msg + " " + l.source) }
+        if (LOG.isTraceEnabled) {
+            p.addQueryListener { q -> LOG.trace("Prolog query " + q.solveInfo.query.toString()) }
+        }
+        if (LOG.isDebugEnabled) {
+            p.addLibraryListener(
+                    object : LibraryListener {
+                        override fun libraryLoaded(e: LibraryEvent) {
+                            LOG.debug("Prolog library loaded " + e.libraryName)
+                        }
+
+                        override fun libraryUnloaded(e: LibraryEvent) {
+                            LOG.debug("Prolog library unloaded " + e.libraryName)
+                        }
+                    })
+        }
+        if (LOG.isTraceEnabled) {
+            p.addSpyListener { l -> LOG.trace(l.msg + " " + l.source) }
+        }
         p.addWarningListener { warningEvent ->
             val w = warningEvent.msg
             if (WARNING_FILTER.matcher(w).matches()) {
diff --git a/ids-dataflow-control/src/test/java/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.java b/ids-dataflow-control/src/test/java/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.java
index 344a29081..cb86f053b 100644
--- a/ids-dataflow-control/src/test/java/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.java
+++ b/ids-dataflow-control/src/test/java/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.java
@@ -24,10 +24,10 @@
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
 
-import alice.tuprolog.InvalidTheoryException;
-import alice.tuprolog.MalformedGoalException;
-import alice.tuprolog.NoSolutionException;
 import alice.tuprolog.SolveInfo;
+import alice.tuprolog.exceptions.InvalidTheoryException;
+import alice.tuprolog.exceptions.MalformedGoalException;
+import alice.tuprolog.exceptions.NoSolutionException;
 import com.google.common.collect.Sets;
 import de.fhg.aisec.ids.api.policy.*;
 import de.fhg.aisec.ids.api.policy.PolicyDecision.Decision;
@@ -194,8 +194,6 @@ public class LuconEngineTest {
   public void testLoadingTheoryGood() throws InvalidTheoryException {
     LuconEngine e = new LuconEngine(null);
     e.loadPolicy(HANOI_THEORY);
-    String json = e.getTheoryAsJSON();
-    assertTrue(json.startsWith("{\"theory\":\"move(1,X,Y,"));
     String prolog = e.getTheory();
     assertTrue(prolog.trim().startsWith("move(1,X,Y"));
   }

From 8a6aaa391e193e6a2ca3b2a9619c3b2f448bc4ce Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 16 Jan 2020 18:36:30 +0100
Subject: [PATCH 164/237] Rename .java to .kt

---
 .../de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt} | 0
 .../de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt}       | 0
 .../de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt}     | 0
 3 files changed, 0 insertions(+), 0 deletions(-)
 rename ids-dataflow-control/src/main/{java/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.java => kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt} (100%)
 rename ids-dataflow-control/src/main/{java/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.java => kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt} (100%)
 rename ids-dataflow-control/src/main/{java/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.java => kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt} (100%)

diff --git a/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.java b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt
similarity index 100%
rename from ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.java
rename to ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt
diff --git a/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.java b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
similarity index 100%
rename from ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.java
rename to ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
diff --git a/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.java b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt
similarity index 100%
rename from ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.java
rename to ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt

From e9e9bb778a0241e6e2fb06354c715ac20a1ec6bc Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 16 Jan 2020 18:36:30 +0100
Subject: [PATCH 165/237] Updated LuconLibrary with kotlin conversions and
 parsing workaround, fixed tests

---
 .../api/router/RouteVerificationProof.java    |   5 +-
 .../dataflowcontrol/PolicyDecisionPoint.kt    |   0
 .../lucon/CounterExampleImpl.kt               | 128 +++---
 .../ids/dataflowcontrol/lucon/LuconEngine.kt  |   4 +-
 .../ids/dataflowcontrol/lucon/LuconLibrary.kt | 370 +++++++++---------
 .../dataflowcontrol/lucon/TuPrologHelper.kt   |  90 ++---
 .../src/test/resources/policy-example.pl      |   2 +-
 7 files changed, 292 insertions(+), 307 deletions(-)
 rename ids-dataflow-control/src/main/{java => kotlin}/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt (100%)
 rename ids-dataflow-control/src/main/{java => kotlin}/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt (98%)

diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteVerificationProof.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteVerificationProof.java
index 5f4d1ae8b..6ac70b6de 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteVerificationProof.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteVerificationProof.java
@@ -86,9 +86,8 @@ public String getQuery() {
   @Override
   public String toString() {
     StringBuilder sb = new StringBuilder();
-    sb.append("Proof for ").append(this.query).append("\n");
-    sb.append("returns ").append(this.isValid).append("\n");
-    sb.append("Example flows violating policy:\n");
+    sb.append("Proof for ").append(this.query).append(" is ").append(this.isValid ? "VALID" : "INVALID").append("\n")
+        .append("Example flows violating policy:\n");
     for (CounterExample ce : this.counterExamples) {
       sb.append("|-- ").append(ce.toString()).append("\n\n");
     }
diff --git a/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
similarity index 100%
rename from ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
rename to ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt
index e32741915..f21b41a6e 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt
@@ -17,76 +17,72 @@
  * limitations under the License.
  * =========================LICENSE_END==================================
  */
-package de.fhg.aisec.ids.dataflowcontrol.lucon;
+package de.fhg.aisec.ids.dataflowcontrol.lucon
 
-import alice.tuprolog.Struct;
-import alice.tuprolog.Term;
-import de.fhg.aisec.ids.api.router.CounterExample;
-import java.util.Iterator;
-import java.util.LinkedList;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.nullness.qual.Nullable;
+import alice.tuprolog.Struct
+import alice.tuprolog.Term
+import de.fhg.aisec.ids.api.router.CounterExample
+import java.util.*
 
-public class CounterExampleImpl extends CounterExample {
+class CounterExampleImpl(term: Term) : CounterExample() {
 
-  public CounterExampleImpl(@NonNull Term term) {
-    Iterator<? extends Term> traceIterator = ((Struct) term).listIterator();
-    LinkedList<String> steps = new LinkedList<>();
-    // process explanation
-    Iterator<? extends Term> reasonIterator = ((Struct) traceIterator.next()).listIterator();
-    StringBuilder sb =
-        new StringBuilder()
-            .append("Service ")
-            .append(reasonIterator.next().toString())
-            .append(" may receive messages");
-    reasonIterator.next();
-    //        Term explanation = reasonIterator.next();
-    ////        if (explanation.isList()) {
-    //            sb.append(" labeled [");
-    //            appendCSList(sb, explanation);
-    //            sb.append("]");
-    ////        }
-    sb.append(", which is forbidden by rule \"")
-        .append(reasonIterator.next().toString())
-        .append("\".");
-    this.setExplanation(sb.toString());
-    // process steps and prepend them to list (inverse trace to get the right order)
-    traceIterator.forEachRemaining(t -> steps.addFirst(termToStep(t)));
-    this.setSteps(steps);
-  }
-
-  @Nullable
-  public static String termToStep(@Nullable Term t) {
-    if (t == null) {
-      return null;
-    }
-    Struct traceEntry = (Struct) t;
-    StringBuilder sb = new StringBuilder();
-    // node name is the head of the list
-    String node = traceEntry.listHead().toString();
-    sb.append(node);
-    // the label list is the new head of the remaining list (tail)
-    Term labelList = traceEntry.listTail().listHead();
-    if (!labelList.isEmptyList()) {
-      sb.append(" receives message labelled ");
-      appendCSList(sb, labelList);
-      return sb.toString();
-    } else {
-      return sb.append(" receives message without labels").toString();
+    init {
+        val traceIterator = (term as Struct).listIterator()
+        val steps = LinkedList<String?>()
+        // process explanation
+        val reasonIterator = (traceIterator.next() as Struct).listIterator()
+        val sb = StringBuilder()
+                .append("Service ")
+                .append(reasonIterator.next().toString())
+                .append(" may receive messages")
+        reasonIterator.next()
+//        val explanation = reasonIterator.next()
+//        if (explanation.isList) {
+//            sb.append(" labeled [")
+//            appendCSList(sb, explanation)
+//            sb.append("]")
+//        }
+        sb.append(", which is forbidden by rule \"")
+                .append(reasonIterator.next().toString())
+                .append("\".")
+        this.explanation = sb.toString()
+        // process steps and prepend them to list (inverse trace to get the right order)
+        traceIterator.forEachRemaining { t: Term? -> steps.addFirst(termToStep(t)) }
+        this.steps = steps
     }
-  }
 
-  public static void appendCSList(@Nullable StringBuilder sb, @Nullable Term l) {
-    if (sb == null || l == null) {
-      return;
-    }
+    companion object {
+        fun termToStep(t: Term?): String? {
+            if (t == null) {
+                return null
+            }
+            val traceEntry = t as Struct
+            val sb = StringBuilder()
+            // node name is the head of the list
+            val node = traceEntry.listHead().toString()
+            sb.append(node)
+            // the label list is the new head of the remaining list (tail)
+            val labelList = traceEntry.listTail().listHead()
+            return if (!labelList.isEmptyList) {
+                sb.append(" receives message labelled ")
+                appendCSList(sb, labelList)
+                sb.toString()
+            } else {
+                sb.append(" receives message without labels").toString()
+            }
+        }
 
-    if (l.isList() && !l.isEmptyList()) {
-      Iterator<? extends Term> listIterator = ((Struct) l).listIterator();
-      // add first element
-      sb.append(listIterator.next().toString());
-      // add remaining elements
-      listIterator.forEachRemaining(lt -> sb.append(", ").append(lt.toString()));
+        private fun appendCSList(sb: StringBuilder?, l: Term?) {
+            if (sb == null || l == null) {
+                return
+            }
+            if (l.isList && !l.isEmptyList) {
+                val listIterator = (l as Struct).listIterator()
+                // add first element
+                sb.append(listIterator.next().toString())
+                // add remaining elements
+                listIterator.forEachRemaining { lt: Term -> sb.append(", ").append(lt.toString()) }
+            }
+        }
     }
-  }
-}
+}
\ No newline at end of file
diff --git a/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
similarity index 98%
rename from ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
rename to ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
index a42aa58ec..88174eb50 100644
--- a/ids-dataflow-control/src/main/java/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
@@ -19,7 +19,9 @@
  */
 package de.fhg.aisec.ids.dataflowcontrol.lucon
 
-import alice.tuprolog.*
+import alice.tuprolog.Prolog
+import alice.tuprolog.SolveInfo
+import alice.tuprolog.Theory
 import alice.tuprolog.event.LibraryEvent
 import alice.tuprolog.event.LibraryListener
 import de.fhg.aisec.ids.api.router.CounterExample
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
index 711eefdb7..77968a1f4 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
@@ -17,194 +17,198 @@
  * limitations under the License.
  * =========================LICENSE_END==================================
  */
-package de.fhg.aisec.ids.dataflowcontrol.lucon;
-
-import alice.tuprolog.Library;
-import alice.tuprolog.Number;
-import alice.tuprolog.Term;
-import alice.tuprolog.Var;
-import com.google.common.cache.CacheBuilder;
-import com.google.common.cache.CacheLoader;
-import com.google.common.cache.LoadingCache;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.TimeUnit;
-import java.util.regex.Pattern;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+package de.fhg.aisec.ids.dataflowcontrol.lucon
+
+import alice.tuprolog.Library
+import alice.tuprolog.Number
+import alice.tuprolog.Term
+import alice.tuprolog.Var
+import com.google.common.cache.CacheBuilder
+import com.google.common.cache.CacheLoader
+import org.slf4j.LoggerFactory
+import java.util.concurrent.ExecutionException
+import java.util.concurrent.TimeUnit
+import java.util.regex.Pattern
 
 /**
  * Plugins and default theories for tuProlog engine.
  *
  * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
  */
-public class LuconLibrary extends Library {
-  private static final long serialVersionUID = 1L;
-  private static final Logger LOG = LoggerFactory.getLogger(LuconLibrary.class);
-
-  private transient LoadingCache<String, Pattern> regexCache =
-      CacheBuilder.newBuilder()
-          .expireAfterAccess(1, TimeUnit.DAYS)
-          .maximumWeight((long) 1e6)
-          .weigher((k, v) -> ((String) k).length())
-          .build(
-              new CacheLoader<String, Pattern>() {
-                public Pattern load(String key) {
-                  return Pattern.compile(key);
-                }
-              });
-
-  @Override
-  public String getTheory() {
-    return "set_of(In, Out) :-  % get a pairwise different, sorted set from a list\n"
-        + "  quicksort(In, '@<', Sorted),\n"
-        + "  no_duplicates(Sorted, Out).\n"
-        + "\n"
-        + "get_labels(Out) :-  % collect and return asserted labels\n"
-        + "  once(setof(L, label(L), Out) ; Out = []).\n"
-        + "\n"
-        + "assert_labels(L, A) :- assert_labels(L, A, []).\n"
-        + "assert_labels([], A, A).\n"
-        + "assert_labels([L|Tail], Ar, A) :- label(L), assert_labels(Tail, Ar, A), !.\n"
-        + "assert_labels([L|Tail], Ar, A) :- assert(label(L)), assert_labels(Tail, Ar, [L|A]).\n"
-        + "\n"
-        + "retract_labels(L, R) :- retract_labels(L, R, []).\n"
-        + "retract_labels([], R, R).\n"
-        + "retract_labels([L|Tail], Rr, R) :- retract(label(L)), retract_labels(Tail, Rr, [L|R]), !.\n"
-        + "retract_labels([L|Tail], Rr, R) :- retract_labels(Tail, Rr, R).\n"
-        + "\n"
-        + "all_ground([]).\n"
-        + "all_ground([Head|Tail]) :- ground(Head), all_ground(Tail).\n"
-        + "\n"
-        + "cache_put_all_unsafe(KL, []).\n"
-        + "cache_put_all_unsafe(KL, [V|T]) :- cache_put_unsafe(KL, V), cache_put_all_unsafe(KL, T).\n"
-        + "cache_put_unsafe(KL, V) :-\n"
-        + "  %print([\"CACHE PUT: \"|[KL, V]]), nl,\n"
-        + "  assertz(cache_entry(KL, V)).\n"
-        + "\n"
-        + "cache_put_all(KL, VL) :- all_ground(KL), cache_put_all_unsafe(KL, VL).\n"
-        + "cache_put(KL, V) :- cache_put_check(KL, V); true.\n"
-        + "cache_put_check(KL, V) :- all_ground(KL), cache_put_unsafe(KL, V).\n"
-        + "\n"
-        + "cache_get(KL, V) :-\n"
-        + "  cache_entry(KL, V).\n"
-        + "  %-> print([\"CACHE HIT: \", KL, V]), nl\n"
-        + "  %; print([\"CACHE MISS: \", KL]), nl, fail.\n"
-        + "\n"
-        + "cache_clear(KL) :- retractall(cache_entry(KL, _)).\n"
-        + "\n"
-        + "action_service(Action, S) :-  % Finds services S matching endpoints of N  [ O(|Ep_S|) ]\n"
-        + "  has_endpoint(S, Regex),       % a service S exists such that  [ O(|Ep_S|) ]\n"
-        + "  regex_match(Regex, Action).   % the action of A matches the endpoint of S  [ assume O(1) ]\n"
-        + "\n"
-        + "collect_creates_labels([], []).\n"
-        + "collect_creates_labels([S|SCTail], ACout) :-\n"
-        + "  collect_creates_labels(SCTail, ACnew),\n"
-        + "  findall(A, creates_label(S, A), AC),\n"
-        + "  once(bound(ACnew); ACnew = []),\n"
-        + "  append(AC, ACnew, ACout).\n"
-        + "\n"
-        + "collect_removes_labels([], []).\n"
-        + "collect_removes_labels([S|SCTail], RCout) :-\n"
-        + "  collect_removes_labels(SCTail, RCnew),\n"
-        + "  findall(R, removes_label(S, R), RC),\n"
-        + "  once(bound(RCnew); RCnew = []),\n"
-        + "  append(RC, RCnew, RCout).\n"
-        + "\n"
-        + "update_labels(Act, Out, Aout, Rout) :-                                             % Updates labels according to spec. of service S\n"
-        + "  once(setof(S, action_service(Act, S), SC); SC = []),                             % collect all relevant services\n"
-        + "  collect_creates_labels(SC, ACraw), set_of(ACraw, AC), assert_labels(AC, Aout),   % assert new labels added by S\n"
-        + "  collect_removes_labels(SC, RCraw), set_of(RCraw, RC), retract_labels(RC, Rout),  % retract labels removed by S\n"
-        + "  %print([Act, \"=>\", SC, \"added:\", Aout, \"removed:\", Rout]),nl,\n"
-        + "  get_labels(Out).                                                                 % collect and return asserted labels\n"
-        + "\n"
-        + "dominant_rules(Act, Req, DC, S, R) :-  % Find the dominant rule R for action Act (from cache)\n"
-        + "  get_labels(LC),                        % Collect currently asserted labels\n"
-        + "  cache_get([dr, Act, Req, DC, LC], V),  % CACHE GET entry\n"
-        + "  list(V), V = [S, R].                   % unpack result\n"
-        + "\n"
-        + "dominant_rules(Act, Req, DC, S, R) :-  % Find the dominant rule R for action Act  [ O(|Ep_S| x |S -- R|) ]\n"
-        + "  get_labels(LC),                            % Collect currently asserted labels\n"
-        + "  \\+(cache_get([dr, Act, Req, DC, LC], V)),  % CACHE GET entry\n"
-        + "  (setof(DomRule, (\n"
-        + "    action_service(Act, Si),                   % Action Act is matched by a service Si  [ O(|Ep_S|) ]\n"
-        + "    rule(Ri), receives_label(Ri),              % There is a VALID rule Ri\n"
-        + "    has_target(Ri, Si),                        % targeting by service Si  [ O(|S -- R|) ]\n"
-        + "    has_decision(Ri, Req),                     % with a decision that unifies with Require  [ O(1) ]\n"
-        + "    rule_priority(Ri, PR),                     % that has priority PR, then  [ O(1) ]\n"
-        + "    \\+(                                        % there MUST NOT exist  [ O(|Ep_S| x |S -- R|) ]\n"
-        + "      action_service(Act, S2),                   % a service S2  [ O(|Ep_S|) ]\n"
-        + "      rule(R2), Ri \\= R2, receives_label(R2),    % with another VALID rule R2\n"
-        + "      has_target(R2, S2),                        % that is targeting S2  [ O(|S -- R|) ]\n"
-        + "      has_decision(R2, D2), D2 \\= Req,           % which enforces a different decision,  [ O(1) ]\n"
-        + "      rule_priority(R2, PR2),                    % and has priority PR2  [ O(1) ]\n"
-        + "      G =.. [DC, PR2, PR], call(G)               % such that 'DC'(PR, PR2) is fulfilled  [ O(1) ]\n"
-        + "    ), DomRule = [Si, Ri]                      % compose the result\n"
-        + "  ), RL)\n"
-        + "  -> cache_put_all([dr, Act, Req, DC, LC], RL)   % IF successful, CACHE PUT ALL results\n"
-        + "  ; cache_put([dr, Act, Req, DC, LC], none)      % ELSE CACHE PUT 'none'\n"
-        + "  ), !,                                      % don't backtrack into the caching logic\n"
-        + "  dominant_rules(Act, Req, DC, S, R).        % delegate to cache handler\n"
-        + "\n"
-        + "dominant_drop_rules(Act, S, R) :- dominant_rules(Act, drop, '>', S, R).\n"
-        + "dominant_allow_rules(Act, S, R) :- dominant_rules(Act, allow, '>=', S, R).\n"
-        + "\n"
-        + "% Query for a path between two nodes and print the labels along the possible paths like so:\n"
-        + "%\n"
-        + "%   path(stmt_1, stmt_5, Trace).\n"
-        + "%\n"
-        + "path(A,B,T) :-                              % Two nodes are connected if we can walk from A to B,\n"
-        + "  trace_walk(A, B, [], [[A, []]], T).       % starting with empty label list\n"
-        + "\n"
-        + "trace_walk(A, B, L, Log, T) :-              % We have walked from A to B and verify  [ O(|Ep_S| x |S -- R|) ]\n"
-        + "  A = B,                                    %   A is the desired destination with  [ O(1) ]\n"
-        + "  has_action(A, Act),                       %   an action Act and there is  [ O(1) ]\n"
-        + "  dominant_drop_rules(Act, S, R),           %   a dominant drop rule R and service S for Act [ O(|Ep_S| x |S -- R|) ]\n"
-        + "  receives_label(R),                        %     R receives a set of labels with  [ assume O(1) ]\n"
-        + "  get_labels(LC),                           %     get asserted labels  [ O(L_a), assume O(1) ]\n"
-        + "  T = [[S, LC, R]|Log].                     %     [unify the recursion result with Out]  [ O(1) ]\n"
-        + "  %print(\"finished (END): \"), print(A), nl.\n"
-        + "\n"
-        + "trace_walk(A, B, L, Log, T) :-              % We can walk from A to B if  [ O(|Ep_S| x |S -- R|) ]\n"
-        + "  succ(A, X),                               %   A is connected to X and there is  [ O(|succ(A, _)|), assume O(1) ]\n"
-        + "  has_action(A, Act),                       %   an action Action and there is  [ O(1) ]\n"
-        + "  dominant_allow_rules(Act, S, _),          %   a dominant allow rule and service S for Act  [ O(|Ep_S| x |S -- R|) ]\n"
-        + "  update_labels(Act, LN, Aout, Rout),       %   [update the labels for the next step]  [ O(|L|), assume O(1) ],\n"
-        + "  %print([Aout, Rout]), nl,\n"
-        + "  %print(\"transition: \"), print([A, X, S, LN]), nl,\n"
-        + "  (\n"
-        + "    trace_walk(X, B, LN, [[X, LN]|Log], T)  %   we can get from X to B  [ Recursion! ]\n"
-        + "    ; true                                  %   or otherwise, make sure that the cleanup stuff below gets called!\n"
-        + "  ),\n"
-        + "  retract_labels(Aout, _),                  %   retract labels asserted before recursion\n"
-        + "  assert_labels(Rout, _),                   %   assert labels retracted before recursion\n"
-        + "  %print(\"finished: \"), print(A), nl,\n"
-        + "  ground(T).                                %   If T is bound, recursion returned successfully, no result otherwise!\n";
-  }
-
-  private static boolean isComplex(@NonNull Term t) {
-    if (t instanceof Var) {
-      t = t.getTerm();
-    }
-    return (!t.isAtom() || t.isList()) && !(t instanceof Number);
-  }
-
-  @SuppressWarnings("unused")
-  public boolean regex_match_2(Term regex, Term input) {
-    LOG.trace("regex_match/2 called with " + regex + " " + input);
-    // Both regex and input string must be ground
-    if (isComplex(regex) || isComplex(input)) {
-      return false;
+@Suppress("FunctionName", "unused")
+class LuconLibrary : Library() {
+    @Transient
+    private val regexCache = CacheBuilder.newBuilder()
+            .expireAfterAccess(1, TimeUnit.DAYS)
+            .maximumWeight(1e6.toLong())
+            .weigher<String, Pattern> { k, _ -> k.length }
+            .build<String, Pattern>(
+                    object : CacheLoader<String, Pattern>() {
+                        override fun load(key: String): Pattern {
+                            return Pattern.compile(key)
+                        }
+                    })
+
+    override fun getTheory(): String = """
+set_of(In, Out) :-  % get a pairwise different, sorted set from a list
+  quicksort(In, '@<', Sorted),
+  no_duplicates(Sorted, Out).
+
+get_labels(Out) :-  % collect and return asserted labels
+  once(setof(L, label(L), Out) ; Out = []).
+
+assert_labels(L, A) :- assert_labels(L, A, []).
+assert_labels([], A, A).
+assert_labels([L|Tail], Ar, A) :- label(L), assert_labels(Tail, Ar, A), !.
+assert_labels([L|Tail], Ar, A) :- assert(label(L)), assert_labels(Tail, Ar, [L|A]).
+
+retract_labels(L, R) :- retract_labels(L, R, []).
+retract_labels([], R, R).
+retract_labels([L|Tail], Rr, R) :- retract(label(L)), retract_labels(Tail, Rr, [L|R]), !.
+retract_labels([_|Tail], Rr, R) :- retract_labels(Tail, Rr, R).
+
+all_ground([]).
+all_ground([Head|Tail]) :- ground(Head), all_ground(Tail).
+
+cache_put_all_unsafe(_, []).
+cache_put_all_unsafe(KL, [V|T]) :- cache_put_unsafe(KL, V), cache_put_all_unsafe(KL, T).
+cache_put_unsafe(KL, V) :-
+  %print(["CACHE PUT: "|[KL, V]]), nl,
+  assertz(cache_entry(KL, V)).
+
+cache_put_all(KL, VL) :- all_ground(KL), cache_put_all_unsafe(KL, VL).
+cache_put(KL, V) :- cache_put_check(KL, V); true.
+cache_put_check(KL, V) :- all_ground(KL), cache_put_unsafe(KL, V).
+
+cache_get(KL, V) :-
+  cache_entry(KL, V).
+  %-> print(["CACHE HIT: ", KL, V]), nl
+  %; print(["CACHE MISS: ", KL]), nl, fail.
+
+cache_clear(KL) :- retractall(cache_entry(KL, _)).
+
+action_service(Action, S) :-  % Finds services S matching endpoints of N  [ O(|Ep_S|) ]
+  has_endpoint(S, Regex),       % a service S exists such that  [ O(|Ep_S|) ]
+  regex_match(Regex, Action).   % the action of A matches the endpoint of S  [ assume O(1) ]
+
+collect_creates_labels([], []).
+collect_creates_labels([S|SCTail], ACout) :-
+  collect_creates_labels(SCTail, ACnew),
+  findall(A, creates_label(S, A), AC),
+  once(bound(ACnew); ACnew = []),
+  append(AC, ACnew, ACout).
+
+collect_removes_labels([], []).
+collect_removes_labels([S|SCTail], RCout) :-
+  collect_removes_labels(SCTail, RCnew),
+  findall(R, removes_label(S, R), RC),
+  once(bound(RCnew); RCnew = []),
+  append(RC, RCnew, RCout).
+
+update_labels(Act, Out, Aout, Rout) :-                                             % Updates labels according to spec. of service S
+  once(setof(S, action_service(Act, S), SC); SC = []),                             % collect all relevant services
+  collect_creates_labels(SC, ACraw), set_of(ACraw, AC), assert_labels(AC, Aout),   % assert new labels added by S
+  collect_removes_labels(SC, RCraw), set_of(RCraw, RC), retract_labels(RC, Rout),  % retract labels removed by S
+  print([Act, "=>", SC, "added:", Aout, "removed:", Rout]),nl,
+  get_labels(Out).                                                                 % collect and return asserted labels
+
+conflicting_rules(Act, Ri, Req, DC, PR) :-   % Find conflicting rules  [ O(|Ep_S| x |S -- R|) ]
+  action_service(Act, S2),                   % a service S2  [ O(|Ep_S|) ]
+  rule(R2), Ri \= R2, receives_label(R2),    % with another VALID rule R2
+  has_target(R2, S2),                        % that is targeting S2  [ O(|S -- R|) ]
+  has_decision(R2, D2), D2 \= Req,           % which enforces a different decision,  [ O(1) ]
+  rule_priority(R2, PR2),                    % and has priority PR2  [ O(1) ]
+  G =.. [DC, PR2, PR], call(G).              % such that 'DC'(PR, PR2) is fulfilled  [ O(1) ]
+
+dominant_rules(Act, Req, DC, S, R) :-    % Find the dominant rule R for action Act (from cache)
+  get_labels(LC),                        % Collect currently asserted labels
+  cache_get([dr, Act, Req, DC, LC], V),  % CACHE GET entry
+  list(V), V = [S, R].                   % unpack result
+
+dominant_rules(Act, Req, DC, S, R) :-        % Find the dominant rule R for action Act  [ O(|Ep_S| x |S -- R|) ]
+  get_labels(LC),                            % Collect currently asserted labels
+  \+(cache_get([dr, Act, Req, DC, LC], _)),  % CACHE GET entry
+  (setof(DomRule, (
+    action_service(Act, Si),                      % Action Act is matched by a service Si  [ O(|Ep_S|) ]
+    rule(Ri), receives_label(Ri),                 % There is a VALID rule Ri
+    has_target(Ri, Si),                           % targeting by service Si  [ O(|S -- R|) ]
+    has_decision(Ri, Req),                        % with a decision that unifies with Require  [ O(1) ]
+    rule_priority(Ri, PR),                        % that has priority PR, then  [ O(1) ]
+    \+(conflicting_rules(Act, Ri, Req, DC, PR)),  % there MUST NOT exist conflicting rules  [ O(|Ep_S| x |S -- R|) ]
+    DomRule = [Si, Ri]                            % compose the result
+  ), RL)
+  -> cache_put_all([dr, Act, Req, DC, LC], RL)   % IF successful, CACHE PUT ALL results
+  ; cache_put([dr, Act, Req, DC, LC], none)      % ELSE CACHE PUT 'none'
+  ), !,                                      % don't backtrack into the caching logic
+  dominant_rules(Act, Req, DC, S, R).        % delegate to cache handler
+
+dominant_drop_rules(Act, S, R) :- dominant_rules(Act, drop, '>', S, R).
+dominant_allow_rules(Act, S, R) :- dominant_rules(Act, allow, '>=', S, R).
+
+% Query for a path between two nodes and print the labels along the possible paths like so:
+%
+%   path(stmt_1, stmt_5, Trace).
+%
+path(A,B,T) :-                              % Two nodes are connected if we can walk from A to B,
+  trace_walk(A, B, [[A, []]], T).       % starting with empty label list
+
+trace_walk(A, B, Log, T) :-              % We have walked from A to B and verify  [ O(|Ep_S| x |S -- R|) ]
+  A = B,                                    %   A is the desired destination with  [ O(1) ]
+  has_action(A, Act),                       %   an action Act and there is  [ O(1) ]
+  dominant_drop_rules(Act, S, R),           %   a dominant drop rule R and service S for Act [ O(|Ep_S| x |S -- R|) ]
+  receives_label(R),                        %     R receives a set of labels with  [ assume O(1) ]
+  get_labels(LC),                           %     get asserted labels  [ O(L_a), assume O(1) ]
+  T = [[S, LC, R]|Log].                     %     [unify the recursion result with Out]  [ O(1) ]
+  %print("finished (END): "), print(A), nl.
+
+trace_walk(A, B, Log, T) :-              % We can walk from A to B if  [ O(|Ep_S| x |S -- R|) ]
+  succ(A, X),                               %   A is connected to X and there is  [ O(|succ(A, _)|), assume O(1) ]
+  has_action(A, Act),                       %   an action Action and there is  [ O(1) ]
+  dominant_allow_rules(Act, _, _),          %   a dominant allow rule and service S for Act  [ O(|Ep_S| x |S -- R|) ]
+  update_labels(Act, LN, Aout, Rout),       %   [update the labels for the next step]  [ O(|L|), assume O(1) ],
+  %print([Aout, Rout]), nl,
+  %print("transition: "), print([A, X, S, LN]), nl,
+  (
+    trace_walk(X, B, [[X, LN]|Log], T)  %   we can get from X to B  [ Recursion! ]
+    ; true                                  %   or otherwise, make sure that the cleanup stuff below gets called!
+  ),
+  retract_labels(Aout, _),                  %   retract labels asserted before recursion
+  assert_labels(Rout, _),                   %   assert labels retracted before recursion
+  %print("finished: "), print(A), nl,
+  ground(T).                                %   If T is bound, recursion returned successfully, no result otherwise!
+        """.trimIndent()
+
+    fun regex_match_2(regex: Term, input: Term): Boolean {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("regex_match/2 called with $regex $input")
+        }
+        // Both regex and input string must be ground
+        return if (isComplex(regex) || isComplex(input)) {
+            false
+        } else try {
+            val regexString = TuPrologHelper.unquote(regex.term.toString())
+            val inputString = TuPrologHelper.unquote(input.term.toString())
+            val match = regexCache[regexString].matcher(inputString).matches()
+            if (LOG.isTraceEnabled) {
+                LOG.trace("regex_match: $regexString , $inputString: $match")
+            }
+            match
+        } catch (e: ExecutionException) {
+            if (LOG.isWarnEnabled) {
+                LOG.warn(e.message, e)
+            }
+            false
+        }
     }
-    try {
-      String regexString = TuPrologHelper.unquote(regex.getTerm().toString());
-      String inputString = TuPrologHelper.unquote(input.getTerm().toString());
-      boolean match = regexCache.get(regexString).matcher(inputString).matches();
-      LOG.trace("regex_match: " + regexString + " , " + inputString + ": " + match);
-      return match;
-    } catch (ExecutionException e) {
-      LOG.warn(e.getMessage(), e);
-      return false;
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(LuconLibrary::class.java)
+        private fun isComplex(term: Term): Boolean {
+            var t = term
+            if (t is Var) {
+                t = t.getTerm()
+            }
+            return (!t.isAtom || t.isList) && t !is Number
+        }
     }
-  }
-}
+}
\ No newline at end of file
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt
index 9afc2ff82..e70ebcb1a 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt
@@ -17,64 +17,48 @@
  * limitations under the License.
  * =========================LICENSE_END==================================
  */
-package de.fhg.aisec.ids.dataflowcontrol.lucon;
+package de.fhg.aisec.ids.dataflowcontrol.lucon
 
-import alice.tuprolog.Prolog;
-import alice.tuprolog.Struct;
-import alice.tuprolog.Term;
-import java.util.Iterator;
-import java.util.Spliterator;
-import java.util.Spliterators;
-import java.util.stream.Stream;
-import java.util.stream.StreamSupport;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.nullness.qual.Nullable;
+import alice.tuprolog.Struct
+import alice.tuprolog.Term
+import java.util.*
+import java.util.stream.Stream
+import java.util.stream.StreamSupport
 
-public final class TuPrologHelper {
+object TuPrologHelper {
 
-  private static final ThreadLocal<Prolog> threadProlog = ThreadLocal.withInitial(Prolog::new);
-
-  public static Prolog getVm() {
-    return threadProlog.get();
-  }
-
-  @NonNull
-  public static String escape(@Nullable String s) {
-    if (s == null) {
-      return "";
+    fun escape(s: String?): String {
+        if (s == null) {
+            return ""
+        }
+        val sb = StringBuilder()
+        sb.append('\'')
+        val charLength = s.length
+        for (i in 0 until charLength) {
+            val c = s[i]
+            sb.append(if (c == '\'') "''" else c)
+        }
+        sb.append('\'')
+        return sb.toString()
     }
-    StringBuilder sb = new StringBuilder();
-    sb.append('\'');
-    int charLength = s.length();
-    for (int i = 0; i < charLength; i++) {
-      char c = s.charAt(i);
-      sb.append(c == '\'' ? "''" : c);
-    }
-    sb.append('\'');
-    return sb.toString();
-  }
 
-  @NonNull
-  public static Stream<? extends Term> listStream(@Nullable Term list) {
-    if (list == null) {
-      return Stream.empty();
-    }
-    if (!list.isList()) {
-      throw new IllegalArgumentException("Not a tuProlog list");
+    fun listStream(list: Term?): Stream<out Term?> {
+        if (list == null) {
+            return Stream.empty()
+        }
+        require(list.isList) { "Not a tuProlog list" }
+        val listIterator = (list as Struct).listIterator()
+        return StreamSupport.stream(
+                Spliterators.spliteratorUnknownSize(listIterator, Spliterator.ORDERED), false)
     }
-    Iterator<? extends Term> listIterator = ((Struct) list).listIterator();
-    return StreamSupport.stream(
-        Spliterators.spliteratorUnknownSize(listIterator, Spliterator.ORDERED), false);
-  }
 
-  @NonNull
-  static String unquote(@NonNull String s) {
-    if (s.length() > 2 && s.charAt(0) == '\'' && s.charAt(s.length() - 1) == '\'') {
-      return s.substring(1, s.length() - 1);
-    } else if (s.length() == 2 && "''".equals(s)) {
-      return "";
-    } else {
-      return s;
+    fun unquote(s: String): String {
+        return if (s.length > 2 && s[0] == '\'' && s[s.length - 1] == '\'') {
+            s.substring(1, s.length - 1)
+        } else if (s.length == 2 && "''" == s) {
+            ""
+        } else {
+            s
+        }
     }
-  }
-}
+}
\ No newline at end of file
diff --git a/ids-dataflow-control/src/test/resources/policy-example.pl b/ids-dataflow-control/src/test/resources/policy-example.pl
index ecb09bcf4..401823dc6 100644
--- a/ids-dataflow-control/src/test/resources/policy-example.pl
+++ b/ids-dataflow-control/src/test/resources/policy-example.pl
@@ -19,7 +19,7 @@
 %:- discontiguous has_alternativedecision/2.
 %:- discontiguous has_obligation/2.
 %:- discontiguous receives_label/1.
-regex(A,B,C) :- class("java.util.regex.Pattern") <- matches(A,B) returns C.		
+
 %%%%%%%% Rules %%%%%%%%%%%%
 % I am a test rule of prio 3
 rule(testRulePrioThree).

From 4025164dee7de191c44c4fb47f1cb0ad01ef98fc Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 27 Oct 2020 21:25:48 +0100
Subject: [PATCH 166/237] Updated to 2p (formerly tuProlog)

---
 ids-dataflow-control/bnd.bnd                  |  5 ++--
 ids-dataflow-control/build.gradle             | 16 ------------
 ids-dataflow-control/build.gradle.kts         | 25 +++++++++++++++++++
 .../dataflowcontrol/PolicyDecisionPoint.kt    |  7 +++++-
 .../ids/dataflowcontrol/lucon/LuconEngine.kt  | 18 ++++++-------
 libraryVersions.yaml                          |  7 +++++-
 6 files changed, 48 insertions(+), 30 deletions(-)
 delete mode 100644 ids-dataflow-control/build.gradle
 create mode 100644 ids-dataflow-control/build.gradle.kts

diff --git a/ids-dataflow-control/bnd.bnd b/ids-dataflow-control/bnd.bnd
index 8d1b54897..364cacf6a 100644
--- a/ids-dataflow-control/bnd.bnd
+++ b/ids-dataflow-control/bnd.bnd
@@ -1,6 +1,7 @@
 Bundle-Name: IDS :: Dataflow Control Engine
 Export-Package: \
+    alice*;-split-package:=merge-last,\
     de.fhg.aisec.ids.dataflowcontrol*
 Import-Package: \
-    !org.checkerframework.checker*,\
-	*
+    !dalvik*,\
+    *
diff --git a/ids-dataflow-control/build.gradle b/ids-dataflow-control/build.gradle
deleted file mode 100644
index e8469a53c..000000000
--- a/ids-dataflow-control/build.gradle
+++ /dev/null
@@ -1,16 +0,0 @@
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-
-    providedByBundle(group: 'com.google.guava', name: 'guava', version: libraryVersions.guava) {
-        transitive = false  // Avoid pulling in of checker framework and other annotation stuff
-    }
-
-    providedByBundle group: 'it.unibo.alice.tuprolog', name: 'tuprolog', version: libraryVersions.tuprolog
-
-    compileOnly group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
-
-    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-
-    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-}
diff --git a/ids-dataflow-control/build.gradle.kts b/ids-dataflow-control/build.gradle.kts
new file mode 100644
index 000000000..eb7e320d3
--- /dev/null
+++ b/ids-dataflow-control/build.gradle.kts
@@ -0,0 +1,25 @@
+description = "Camel IDS Component"
+
+dependencies {
+    @Suppress("UNCHECKED_CAST") val libraryVersions =
+            rootProject.ext.get("libraryVersions") as Map<String, String>
+
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+
+    providedByBundle("com.google.guava", "guava", libraryVersions["guava"]) {
+        isTransitive = false  // Avoid pulling in of checker framework and other annotation stuff
+    }
+
+//    providedByBundle("it.unibo.alice.tuprolog", "tuprolog", libraryVersions["tuprolog"])
+    implementation("it.unibo.alice.tuprolog", "2p-core", libraryVersions["2p"])
+    implementation("it.unibo.alice.tuprolog", "2p-parser", libraryVersions["2p"])
+//    implementation("it.unibo.alice.tuprolog", "2p-presentation", libraryVersions["2p"])
+    providedByBundle("org.apache.commons", "commons-text", libraryVersions["commonsText"])
+    providedByBundle("com.codepoetics", "protonpack", libraryVersions["protonpack"])
+    providedByBundle("org.antlr", "antlr4-runtime", libraryVersions["antlr4"])
+
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+}
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
index 91c56d119..aac41d022 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
@@ -19,7 +19,12 @@
  */
 package de.fhg.aisec.ids.dataflowcontrol
 
-import alice.tuprolog.*
+import alice.tuprolog.SolveInfo
+import alice.tuprolog.Var
+import alice.tuprolog.exceptions.MalformedGoalException
+import alice.tuprolog.exceptions.NoMoreSolutionException
+import alice.tuprolog.exceptions.NoSolutionException
+import alice.tuprolog.exceptions.PrologException
 import com.google.common.cache.CacheBuilder
 import de.fhg.aisec.ids.api.policy.*
 import de.fhg.aisec.ids.api.policy.PolicyDecision.Decision
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
index 88174eb50..fa9fbb450 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
@@ -23,7 +23,11 @@ import alice.tuprolog.Prolog
 import alice.tuprolog.SolveInfo
 import alice.tuprolog.Theory
 import alice.tuprolog.event.LibraryEvent
-import alice.tuprolog.event.LibraryListener
+import alice.tuprolog.exceptions.InvalidLibraryException
+import alice.tuprolog.exceptions.InvalidTheoryException
+import alice.tuprolog.exceptions.MalformedGoalException
+import alice.tuprolog.exceptions.NoSolutionException
+import alice.tuprolog.interfaces.event.LibraryListener
 import de.fhg.aisec.ids.api.router.CounterExample
 import de.fhg.aisec.ids.api.router.RouteVerificationProof
 import org.slf4j.LoggerFactory
@@ -57,15 +61,9 @@ class LuconEngine
             return t?.toString() ?: ""
         }
 
-    val theoryAsJSON: String
-        get() {
-            val t = p.theory
-            return if (t == null) "" else t.toJSON()
-        }
-
     init {
         try {
-            p.theory = Theory(defaultPolicy)
+            p.theory = Theory.parseWithStandardOperators(defaultPolicy)
         } catch (e: Exception) {
             LOG.error("Error loading default policy", e)
         }
@@ -136,7 +134,7 @@ class LuconEngine
      */
     @Throws(InvalidTheoryException::class)
     fun loadPolicy(theory: String) {
-        val t = Theory(theory)
+        val t = Theory.parseWithStandardOperators(theory)
         LOG.debug("Loading theory:\n$t")
         p.theory = t
     }
@@ -197,7 +195,7 @@ class LuconEngine
         try {
             // Get policy as prolog, add Camel route and init new Prolog engine with combined theory
             val t = p.theory
-            t.append(Theory(routePl))
+            t.append(Theory.parseWithStandardOperators(routePl))
             val newP = Prolog()
             newP.loadLibrary(LuconLibrary())
             newP.theory = t
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index 45bf57619..933b954a1 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -37,7 +37,6 @@ ahc: "2.4.9"
 checkerQual: "2.5.2"
 guava: "27.0-jre"
 kotlin: "1.4.10"
-tuprolog: "3.3.0"
 slf4j: "1.7.30"
 junit4: "4.12"
 mockito: "3.2.0"
@@ -50,6 +49,12 @@ httpcore: "4.4.11"
 httpclient: "4.5.7"
 jaxwsApi: "2.3.1"
 
+# Needed for policy reasoning with 2p (formerly tuProlog)
+2p: "4.1.1"
+commonsText: "1.9"
+protonpack: "1.15"
+antlr4: "4.7.2"
+
 # Needed for ACME module
 acme: "2.3"
 nanohttpd: "2.3.1"

From 0bf654e0d4599bdda55ef57b51f73280b1b07d39 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 27 Oct 2020 21:29:00 +0100
Subject: [PATCH 167/237] Improved InterceptionStrategy integration (eliminates
 CamelContext reloads)

---
 .../aisec/ids/api/router/RouteManager.java    |  4 ++
 .../de/fhg/aisec/ids/rm/CamelInterceptor.java | 16 ++++----
 .../aisec/ids/rm/PolicyEnforcementPoint.java  | 27 ++++---------
 .../fhg/aisec/ids/rm/RouteManagerService.java | 39 ++-----------------
 4 files changed, 24 insertions(+), 62 deletions(-)

diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteManager.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteManager.java
index 570592528..296b50991 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteManager.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteManager.java
@@ -19,6 +19,7 @@
  */
 package de.fhg.aisec.ids.api.router;
 
+import de.fhg.aisec.ids.api.policy.PDP;
 import org.checkerframework.checker.nullness.qual.NonNull;
 import org.checkerframework.checker.nullness.qual.Nullable;
 
@@ -166,4 +167,7 @@ RouteObject saveRoute(@NonNull String routeId, @NonNull String routeRepresentati
    */
   @NonNull
   String getRouteAsProlog(@NonNull String routeId);
+
+  @Nullable
+  PDP getPdp();
 }
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/CamelInterceptor.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/CamelInterceptor.java
index 3729f1374..7b3aec85d 100644
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/CamelInterceptor.java
+++ b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/CamelInterceptor.java
@@ -19,18 +19,20 @@
  */
 package de.fhg.aisec.ids.rm;
 
+import de.fhg.aisec.ids.api.router.RouteManager;
 import org.apache.camel.CamelContext;
 import org.apache.camel.NamedNode;
 import org.apache.camel.Processor;
 import org.apache.camel.spi.InterceptStrategy;
-import org.checkerframework.checker.nullness.qual.NonNull;
+import org.osgi.service.component.annotations.Component;
+import org.osgi.service.component.annotations.Reference;
+import org.osgi.service.component.annotations.ReferenceCardinality;
 
+@Component(immediate = true, name = "ids-camel-interceptor")
 public class CamelInterceptor implements InterceptStrategy {
-  private RouteManagerService rm;
-
-  CamelInterceptor(@NonNull RouteManagerService rm) {
-    this.rm = rm;
-  }
+  @SuppressWarnings("unused")
+  @Reference(cardinality = ReferenceCardinality.MANDATORY)
+  private RouteManager rm;
 
   @Override
   public Processor wrapProcessorInInterceptors(
@@ -38,6 +40,6 @@ public Processor wrapProcessorInInterceptors(
       final NamedNode node,
       final Processor target,
       final Processor nextTarget) {
-    return new PolicyEnforcementPoint(context, node, target, this.rm);
+    return new PolicyEnforcementPoint(node, target, this.rm);
   }
 }
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.java
index 10690ff07..fea4f1a7e 100644
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.java
+++ b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.java
@@ -20,6 +20,7 @@
 package de.fhg.aisec.ids.rm;
 
 import de.fhg.aisec.ids.api.policy.*;
+import de.fhg.aisec.ids.api.router.RouteManager;
 import org.apache.camel.*;
 import org.apache.camel.model.RouteDefinition;
 import org.checkerframework.checker.nullness.qual.NonNull;
@@ -32,17 +33,14 @@
 
 public class PolicyEnforcementPoint implements AsyncProcessor {
   private static final Logger LOG = LoggerFactory.getLogger(PolicyEnforcementPoint.class);
-  private CamelContext ctx;
-  private NamedNode node;
-  private Processor target;
-  private RouteManagerService rm;
+  private final NamedNode node;
+  private final Processor target;
+  private final RouteManager rm;
 
   PolicyEnforcementPoint(
-      @NonNull CamelContext ctx,
-      @NonNull NamedNode node,
-      @NonNull Processor target,
-      @NonNull RouteManagerService rm) {
-    this.ctx = ctx;
+          @NonNull NamedNode node,
+          @NonNull Processor target,
+          @NonNull RouteManager rm) {
     this.node = node;
     this.target = target;
     this.rm = rm;
@@ -62,18 +60,7 @@ private boolean processFlowControl(Exchange exchange) {
       return false;
     }
 
-    if (target == null) {
-      if (LOG.isWarnEnabled()) {
-        LOG.warn("Cannot check data flow policy. The target is null.");
-      }
-      return false;
-    }
-
     // Strict policy: If no PDP is available, block every checked data flow
-    if (rm == null) {
-      LOG.error("RouteManager is not available, aborting...");
-      return false;
-    }
     PDP pdp = rm.getPdp();
     if (pdp == null) {
       LOG.error("PDP is not available, aborting...");
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/RouteManagerService.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/RouteManagerService.java
index 224c4aed6..06fa94e1e 100644
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/RouteManagerService.java
+++ b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/RouteManagerService.java
@@ -19,7 +19,6 @@
  */
 package de.fhg.aisec.ids.rm;
 
-import de.fhg.aisec.ids.api.ReferenceUnbind;
 import de.fhg.aisec.ids.api.policy.PDP;
 import de.fhg.aisec.ids.api.router.*;
 import de.fhg.aisec.ids.rm.util.CamelRouteToDot;
@@ -61,6 +60,7 @@
 public class RouteManagerService implements RouteManager {
   private static final Logger LOG = LoggerFactory.getLogger(RouteManagerService.class);
 
+  @SuppressWarnings("unused")
   @Reference(cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC)
   private volatile PDP pdp;
 
@@ -71,40 +71,9 @@ protected void activate(ComponentContext ctx) {
     this.ctx = ctx;
   }
 
-  @Reference(cardinality = ReferenceCardinality.MULTIPLE, policy = ReferencePolicy.DYNAMIC)
-  public void bindCamelContext(CamelContext cCtx) {
-    try {
-      cCtx.stop();
-    } catch (Exception e) {
-      LOG.error(e.getMessage(), e);
-    }
-    CamelInterceptor interceptor = new CamelInterceptor(this);
-    var routeController = cCtx.getRouteController();
-    var ecc = cCtx.adapt(ExtendedCamelContext.class);
-    ecc.addInterceptStrategy(interceptor);
-    for (Route r : cCtx.getRoutes()) {
-      try {
-        routeController.stopRoute(r.getId());
-        routeController.startRoute(r.getId());
-      } catch (Exception e) {
-        LOG.error(e.getMessage(), e);
-      }
-    }
-    try {
-      cCtx.start();
-    } catch (Exception e) {
-      LOG.error(e.getMessage(), e);
-    }
-  }
-
-  @ReferenceUnbind
-  public void unbindCamelContext(CamelContext cCtx) {
-    if (LOG.isDebugEnabled()) {
-      LOG.debug("Unbound from CamelContext " + cCtx);
-    }
-  }
-
-  PDP getPdp() {
+  @Override
+  @Nullable
+  public PDP getPdp() {
     return pdp;
   }
 

From 26ec8c85959d72abd92ced6a84caadee2d4cbbd1 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 27 Oct 2020 21:38:36 +0100
Subject: [PATCH 168/237] Important IDSCP2 examples fix to prevent loop

---
 .../example-idscp2-client-broadcast.xml       |   2 +-
 .../example-idscp2/example-idscp2-client.xml  |   2 +-
 .../trusted-connector-examples_develop.zip    | Bin 53751 -> 53757 bytes
 3 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/examples/example-idscp2/example-idscp2-client-broadcast.xml b/examples/example-idscp2/example-idscp2-client-broadcast.xml
index b2f2266c5..1924e2d80 100644
--- a/examples/example-idscp2/example-idscp2-client-broadcast.xml
+++ b/examples/example-idscp2/example-idscp2-client-broadcast.xml
@@ -22,7 +22,7 @@
             <!-- Prevents the client consumer from sending the message back to the server -->
             <removeHeader headerName="idscp2-header"/>
             <setBody>
-                <simple>null</simple>
+                <simple>${null}</simple>
             </setBody>
         </route>
 
diff --git a/examples/example-idscp2/example-idscp2-client.xml b/examples/example-idscp2/example-idscp2-client.xml
index 5065d73f1..46217f9da 100644
--- a/examples/example-idscp2/example-idscp2-client.xml
+++ b/examples/example-idscp2/example-idscp2-client.xml
@@ -34,7 +34,7 @@
             <!-- Prevents the client consumer from sending the message back to the server -->
             <removeHeader headerName="idscp2-header"/>
             <setBody>
-                <simple>null</simple>
+                <simple>${null}</simple>
             </setBody>
         </route>
 
diff --git a/examples/trusted-connector-examples_develop.zip b/examples/trusted-connector-examples_develop.zip
index 513148ab75cdae89246d1418ad702fd4c458dd76..583c9400f56d84c65d35c8c8b49a4e179cdd4cd5 100644
GIT binary patch
delta 1363
zcmV-Z1+4n_qXYe;1F*+_f0(cbI3(`l0#VWmRze(hQAI&QLL6LYXsu1`$m6tKt@_`Y
zI*&e5sY`OPXTJI7n@5t&c16xMU{M*J2BT;gFwoLuO0Ux3=Z`PphhR1xB+I;l(kks3
z;Wehg+PO03e7oI723IOFcE!DmcTm0|IwBmf<KrRm4%HdMcH-m5f5YL3|9X5_$Tbuq
zR2rSo60Q(PQ9#~N_**1OL2;f4J;6~)z$jx}TOW)R&KEmiuP?$w@pagvA=+WqWx1)c
z%W)G~Bf{<;PNE5Arfk7<;JcN0M2wi<8|`4{=E9Q2(V&^i(m>`4v|DuUfJw0KQ?3O1
zEr>?M)b_j~dxGajf1$<dz(MD^K-?NjWMy+Y2{{j2IAeiXKvP)>X#h_0(wdFRz=q_<
zgFh-q<A9ZYR(_&{_oVb>I$NRZdv7c9f&VS#O1jo{t@~&5X}lNT)a`X{NIa1>l><Lh
zm7y%h-$8<+5BlCu_;MtFttnV#Rg13o;E>d4tO^>3r26CWe@A*}*Yu}vd#l4Qa^z;k
z3P7Zeq(Lo%I_*_uF}r(Nn(TSc-hBl@<3AYI{)E44Nnw5cvwz=XeiMdlZec@=$lMxO
zt%bGXnJ*7PAAVmR(CA=GA)lBt-iBbQKP(I{*ew)h1GOwxi}*%Wx2<Y)^+X}K&s5R5
zwf3l@%wc->Dx#}A-zU7epNI2ae8T-q+fCu8t3t-)xCqn1KTt~t2<hT%wITul0Kf&4
zp%omH27xet+CUJ!^DDM)RJ8}&KrSuCpf*z5NJ)f3Dpjg_*sLe8ioI*?tbr)XfA4tL
zm>5V%)I;ryJs)r0yqVqMc$H^t0S2X3NzjYB0Rts;D%C6reqMbGKL+DbXLy~JP#CE!
zqj-f$Ft@fC#PM>uj5N+<q|GdLuDA(}7X(Lu9kzLYT*zRBvW2ibcKQ8ow-^69Kbwj<
z<UEuLEms2e00^E#)<C$wh!>pl91uEy4U>RT#euh;X~C^)w!>cDgbT%&#cmAI3e%>_
zL6%L8gONTWZ2rUJ=$I-~wP4h7Y7Je)05Ln!%EHP{xFL(BK{J^qfyg8%J8j$n6JYF@
zOmcL8TM+dKX{~t;b_;jsT=7|jLEjUOxYUNgiu&tON;_?8wE<=Tb!h}70ay_iMlWOv
zCL}*r{;25n16J&!#*di9J5+XPT2rFk^&V#A5?@VaPr0>gpZcx&)ZVQ#b$Fd?5C>#*
zX~E4@rYMU36cnj?;^w<OkQ<|ORvJ2dR_0)TsFnpa1))`nSCwUaBUg}KatjId1@CxX
zd@jI9ohH35J&y%&hzRzpPVd@Q?~!?t!Dw=N@qHNAKkeLjZ*m3s132}-6bZ3zE1Wx9
z@N}huuB>M&dCV<Gre`b%L>gWac+D7+fH+`B_t(VjfxY*MmBCZM-z`Re9zN`-VzpO)
z*$4WwRt;7wEJ@{1(2foIpXeQvO@XK`r0JX+I8BqPkBL^Zlg8u5uy2`?w>#&!wV`e|
zo?Dhn5Fi(a*X92<^5m$Dr=R}YwBCdvn;2LSA~HJ%=DDzSm(1x<tpzpY0%{)Ynu}XT
z!>()yhJ<8cxP@*Y*9)jO+LO50v)8XEK3GThs?4&77oV;6Hq=*CEjAg4o9kuN`3q1>
z2M7vonE06j000&Ulc5zHlZSpHlcvxVvnYg&O9|=XY_%c+006*~z0X%03T~MAnF0U+
z76<?UC;$Ke0000000000008fkFVIy2-h-3S&mfbg&^`ihhLh0GAd?2sGy%VpJJC%6
Vk&}thJ^>t)$k8bVO~?QM002lRjaUEx

delta 1348
zcmV-K1-ttFqXYM&1F*+_e;C674vG7?K-9E?l@NzrR8f$S5C_*8T5A(K@;Gf*X#YD?
z=g~(hbxAJv%s1bB^GK%ieUY;*IMmjpd=w8k1EXxF%{t{jzJHG1^Z9HrUF8*&P8-h%
zZ!qN>@5@Ap-EJ3KT<h4nwFoZJLB*Enh;YD;Pk<zQ)MpI4Nr)d0e}^OS^WlD}Hc-e&
z8}!mBxI&<00eMFeZm}#S#RVb^1V<&DQO2aU-diPoD0aYJUPOT6%dkg7yvMA|a#LlO
z<0i63MBP1_#1qO)+4yV_x-|`m1Tnv}#>3t(q$7)`K{K7DT;&>!Uv_TJ6gdAe*Al}P
z#3N#Ad)|;e!qbB^e{y}`pz}f^?yMuSvN@fEoQEyFb-)~;t(=0CgIA(-cB?aR5&7}p
zkIT`Rv$D@BPLznAl%7oQD)fEtZABsQzolGB*SfBC|7<>u_u`wnz0M6uAab_y5N4_~
zROR>^DA4pl--QWZj^vNC1*@EH(e)l2l3IgRLE}(Ve=`0+fA9R7{`7Tkb;L!E+^$&x
zh}4mk*D|QnK~<KpH-A?)dwOPXzksCi9}Jst!e6zdsJ{Mwe%E7u6-8{}U`ve1{03O9
zg|*^YC=bCLeqRC5=wK_U9+|hnhTy0_EQ&7J9Tav8wJcVP_)1l`t!i}jL?QT3RMEM$
z_UNL_VP>j4C!dPuavm#s!BY_i+OCN>-4ilSk6SPs`~y%+2M9~6Hk%&;006xOlc5zH
zlL>(^f73t^z2{df1|c}u&c_8poCqobmD(z5iiCtXY}eCdReRUkStqGb|2yMd$ElOF
zX~hBiV$a8$H*aQlG+E~vTY^EURTA`~ZoohZok}%Nf*)63!w<n^+!<YGB@{*~%P3x9
z5-hAOhH<=Fts;$c8EG?*ohxoa<0ZinV25oVe-|=bqii9p1}?wf?e^lI=VvpqfSiX?
zq2)@z0RX{s$QlUu7x98qo&!P$uw@c3syOu4GcCAv&34%Hn{c7{yx6TFT4UN&Im)uB
zaWv9Lgw20Ahz3-dss-bYQ)}cRhKSjTRu<NF$_-g84VuX`2}CAA*;(Tbm;hrxXOg4a
ze}bq-NE^*-uv@r0=ZeoO4EmmO#FaJ#R@7e)Qrc-Vs|_#%s7oUt3BZcDFnTFdFd_M|
z@<&ClAFyH{HGaS(-lMWd)0z_PzV|pIm-u2T2g+?+htzM)r}plgspIQhgE%0gOABtM
zGDT7JXP`*c6F1-8f!r9Kv(nJvvoZ%mf3+;A83?UXys9jd8@Yz`l3PfqFL=xI;!^=e
z>NM$f>3JxCLqxD&bb8medXLPD493&bi*KX2{%PmN2a_wv@4%@CrbviQTj9dlg2yWr
zbY(qJ$z$#~GCgNGAky%Xz-z{k1jHeG^XHnl-LrQ-u`+lH_^ZX}_x<}lRjl?ZfBQgx
z)~dm3g(ayR3fi$@|0BH<vMCVNg*01m1E*<H^)c0Ie$sf{7!EB{@_O$aw>H%6##763
z2?FHu_`3YxMjjoN@$}Pwo7Sr^WK#o6LPTa4z&sbW>5@4es<ohoTtLl(U2}2EXxNnv
z!H|$F40q5C<a!D9Mtc$$2lo2KB?n8DS@!IM)n0}AeyWuw<7j)gj5~h;P)i30SlVtN
zmI43(69|)`6&$npgThM*ORF}U9|8aXy_3VwR~%T{ZXlKd000vR001Ze0000000000
z00000?0}Pu&>)j5feMpg&?*7glZ((_0cn%#&{YAslR?o<0gIE5(LMndlg`m821m#M
G0001rlY#00


From 3e0ddda1ccc5b768971a46849476f08bf8cce97d Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 28 Oct 2020 21:46:43 +0100
Subject: [PATCH 169/237] Updated to Angular 10

---
 .../www/{browserslist => .browserslistrc}     |    0
 .../src/main/resources/www/package.json       |   32 +-
 .../main/resources/www/src/app/app.module.ts  |    3 +-
 .../main/resources/www/src/app/app.routing.ts |    3 +-
 .../app/application-http-client.service.ts    |    8 +-
 .../www/src/app/apps/app-card.component.ts    |    4 +-
 .../resources/www/src/app/apps/app.service.ts |    8 +-
 .../main/resources/www/src/app/apps/app.ts    |   10 +-
 .../www/src/app/apps/apps-search.component.ts |   45 +
 .../www/src/app/apps/apps.component.ts        |   43 +-
 .../connection-configuration.component.ts     |    2 +-
 .../connection-configuration.service.ts       |    2 +-
 .../connection-report.component.ts            |   10 +-
 .../connection-report.service.ts              |   16 +-
 .../src/app/connection-report/connections.ts  |   20 -
 .../www/src/app/connection-report/endpoint.ts |    6 +
 .../connection-report/incoming-connection.ts  |    6 +
 .../connection-report/outgoing-connection.ts  |    6 +
 .../src/app/dashboard/dashboard.component.ts  |   10 +-
 .../dataflowpolicies.component.ts             |    4 +-
 .../dataflowpoliciesnew.component.ts          |    2 +-
 .../app/dataflowpolicies/policy.service.ts    |    4 +-
 .../keycerts/certificate-card.component.ts    |    6 +-
 .../www/src/app/keycerts/certificate.ts       |    2 +-
 .../src/app/keycerts/identitynew.component.ts |    2 +-
 .../www/src/app/keycerts/keycert.service.ts   |    8 +-
 .../src/app/keycerts/keycerts.component.ts    |    4 +-
 .../www/src/app/login/login.component.ts      |    2 +-
 .../www/src/app/metric/metric.service.ts      |    8 +-
 .../www/src/app/prettify-json.pipe.ts         |    2 +-
 .../src/main/resources/www/src/app/result.ts  |    4 -
 .../resources/www/src/app/route-result.ts     |    6 +
 .../www/src/app/routes/counter-example.ts     |    4 +
 .../www/src/app/routes/route.service.ts       |   13 +-
 .../routeeditor/routeeditor.component.ts      |    3 +-
 .../www/src/app/routes/routes.component.ts    |    2 +-
 .../www/src/app/routes/validation-info.ts     |    6 +
 .../www/src/app/routes/validation.ts          |    9 -
 .../www/src/app/subscription.component.ts     |   14 -
 .../main/resources/www/src/app/values.pipe.ts |    2 +-
 .../src/main/resources/www/src/tsconfig.json  |    2 +-
 .../src/main/resources/www/tslint.json        |    5 +-
 .../src/main/resources/www/yarn.lock          | 2303 ++++++++++-------
 43 files changed, 1526 insertions(+), 1125 deletions(-)
 rename ids-webconsole/src/main/resources/www/{browserslist => .browserslistrc} (100%)
 create mode 100644 ids-webconsole/src/main/resources/www/src/app/apps/apps-search.component.ts
 delete mode 100644 ids-webconsole/src/main/resources/www/src/app/connection-report/connections.ts
 create mode 100644 ids-webconsole/src/main/resources/www/src/app/connection-report/endpoint.ts
 create mode 100644 ids-webconsole/src/main/resources/www/src/app/connection-report/incoming-connection.ts
 create mode 100644 ids-webconsole/src/main/resources/www/src/app/connection-report/outgoing-connection.ts
 create mode 100644 ids-webconsole/src/main/resources/www/src/app/route-result.ts
 create mode 100644 ids-webconsole/src/main/resources/www/src/app/routes/counter-example.ts
 create mode 100644 ids-webconsole/src/main/resources/www/src/app/routes/validation-info.ts
 delete mode 100644 ids-webconsole/src/main/resources/www/src/app/routes/validation.ts
 delete mode 100644 ids-webconsole/src/main/resources/www/src/app/subscription.component.ts

diff --git a/ids-webconsole/src/main/resources/www/browserslist b/ids-webconsole/src/main/resources/www/.browserslistrc
similarity index 100%
rename from ids-webconsole/src/main/resources/www/browserslist
rename to ids-webconsole/src/main/resources/www/.browserslistrc
diff --git a/ids-webconsole/src/main/resources/www/package.json b/ids-webconsole/src/main/resources/www/package.json
index 5199fcc6e..46a73efb4 100644
--- a/ids-webconsole/src/main/resources/www/package.json
+++ b/ids-webconsole/src/main/resources/www/package.json
@@ -11,14 +11,14 @@
   },
   "private": true,
   "dependencies": {
-    "@angular/animations": "~9.1.0",
-    "@angular/common": "~9.1.0",
-    "@angular/core": "~9.1.0",
-    "@angular/forms": "~9.1.0",
-    "@angular/platform-browser": "~9.1.0",
-    "@angular/platform-browser-dynamic": "~9.1.0",
-    "@angular/platform-server": "~9.1.0",
-    "@angular/router": "~9.1.0",
+    "@angular/animations": "~10.2.0",
+    "@angular/common": "~10.2.0",
+    "@angular/core": "~10.2.0",
+    "@angular/forms": "~10.2.0",
+    "@angular/platform-browser": "~10.2.0",
+    "@angular/platform-browser-dynamic": "~10.2.0",
+    "@angular/platform-server": "~10.2.0",
+    "@angular/router": "~10.2.0",
     "bootstrap": "^4.2.1",
     "core-js": "^3.6.4",
     "deep-equal": "^2.0.1",
@@ -29,21 +29,21 @@
     "rxjs": "^6.5.2",
     "svg-pan-zoom": "^3.6.0",
     "topojson": "^3.0.2",
-    "tslib": "^1.10.0",
+    "tslib": "^2.0.0",
     "viz.js": "^2.1.1",
     "zone.js": "~0.10.2"
   },
   "devDependencies": {
-    "@angular-devkit/build-angular": "~0.901.0",
-    "@angular/cli": "~9.1.0",
-    "@angular/compiler": "~9.1.0",
-    "@angular/compiler-cli": "~9.1.0",
+    "@angular-devkit/build-angular": "~0.1002.0",
+    "@angular/cli": "~10.2.0",
+    "@angular/compiler": "~10.2.0",
+    "@angular/compiler-cli": "~10.2.0",
     "@saritasa/tslint-config-angular": "^2.0.0",
     "@types/node": "^12.11.1",
     "@types/vis": "^4.21.9",
     "codelyzer": "^5.1.2",
-    "tslint": "^5.12.1",
-    "typescript": "3.7.5",
+    "tslint": "~6.1.0",
+    "typescript": "4.0.5",
     "vis": "^4.20.0"
   }
-}
+}
\ No newline at end of file
diff --git a/ids-webconsole/src/main/resources/www/src/app/app.module.ts b/ids-webconsole/src/main/resources/www/src/app/app.module.ts
index bd2f19474..0b106a0b9 100644
--- a/ids-webconsole/src/main/resources/www/src/app/app.module.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/app.module.ts
@@ -13,7 +13,8 @@ import { HTTP_PROVIDER } from './application-http-client.service';
 import { AppCardComponent } from './apps/app-card.component';
 import { AppSearchResultCardComponent } from './apps/app-search-result-card.component';
 import { AppService } from './apps/app.service';
-import { AppsComponent, AppsSearchComponent } from './apps/apps.component';
+import { AppsComponent } from './apps/apps.component';
+import { AppsSearchComponent } from './apps/apps-search.component';
 import { ConfirmComponent } from './confirm/confirm.component';
 import { ConfirmService } from './confirm/confirm.service';
 import { ConnectionConfigurationComponent } from './connection-configuration/connection-configuration.component';
diff --git a/ids-webconsole/src/main/resources/www/src/app/app.routing.ts b/ids-webconsole/src/main/resources/www/src/app/app.routing.ts
index 009379846..c61ccdebc 100644
--- a/ids-webconsole/src/main/resources/www/src/app/app.routing.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/app.routing.ts
@@ -1,7 +1,8 @@
 import { RouterModule, Routes } from '@angular/router';
 
 import { AuthGuard } from './_guards/auth.guard';
-import { AppsComponent, AppsSearchComponent } from './apps/apps.component';
+import { AppsComponent } from './apps/apps.component';
+import { AppsSearchComponent } from './apps/apps-search.component';
 import { ConnectionConfigurationComponent } from './connection-configuration/connection-configuration.component';
 import { ConnectionReportComponent } from './connection-report/connection-report.component';
 import { DashboardComponent } from './dashboard/dashboard.component';
diff --git a/ids-webconsole/src/main/resources/www/src/app/application-http-client.service.ts b/ids-webconsole/src/main/resources/www/src/app/application-http-client.service.ts
index 912feeb82..2d04b6f92 100644
--- a/ids-webconsole/src/main/resources/www/src/app/application-http-client.service.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/application-http-client.service.ts
@@ -7,11 +7,11 @@ import { environment } from '../environments/environment';
 
 export interface RequestOptions {
   headers?: HttpHeaders | {
-    [header: string]: string | Array<string>;
+    [header: string]: string | string[];
   };
   observe?: 'body';
   params?: HttpParams | {
-    [param: string]: string | Array<string>;
+    [param: string]: string | string[];
   };
   reportProgress?: boolean;
   responseType?: 'json' | 'text';
@@ -51,7 +51,7 @@ export interface ApplicationHttpClient {
    * @param params Body of the request
    * @param options Options of the request like headers, body, etc.
    */
-  put<T>(endPoint: string, params: Object, options?: RequestOptions): Observable<T>;
+  put<T>(endPoint: string, params: object, options?: RequestOptions): Observable<T>;
 
   /**
    * DELETE request
@@ -105,7 +105,7 @@ export class ApplicationHttpClientImpl implements ApplicationHttpClient {
    * @param params Body of the request
    * @param options Options of the request like headers, body, etc.
    */
-  public put(endPoint: string, params: Object, options?: any): any {
+  public put(endPoint: string, params: object, options?: any): any {
     return this.http.put(environment.apiURL + endPoint, params, options);
   }
 
diff --git a/ids-webconsole/src/main/resources/www/src/app/apps/app-card.component.ts b/ids-webconsole/src/main/resources/www/src/app/apps/app-card.component.ts
index 4c292faf4..64d80b8f6 100644
--- a/ids-webconsole/src/main/resources/www/src/app/apps/app-card.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/apps/app-card.component.ts
@@ -14,12 +14,12 @@ export class AppCardComponent implements OnInit {
     @Input() public app: App;
     public statusIcon: string;
     public statusColor: string;
-    private portDefs: Array<PortDef>;
+    private portDefs: PortDef[];
 
     constructor(private readonly appService: AppService, private readonly appsComponent: AppsComponent) { }
     // the linter forces to mark 'appsComponent' as readonly which could be misleading; see method 'onDeleteBtnClick' below
 
-    get ports(): Array<PortDef> {
+    get ports(): PortDef[] {
         if (!this.portDefs) {
             this.portDefs = this.app.ports
                 .map(list => list.split(',')
diff --git a/ids-webconsole/src/main/resources/www/src/app/apps/app.service.ts b/ids-webconsole/src/main/resources/www/src/app/apps/app.service.ts
index 1abe7d1f0..f3e10f6c1 100644
--- a/ids-webconsole/src/main/resources/www/src/app/apps/app.service.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/apps/app.service.ts
@@ -15,8 +15,8 @@ export class AppService {
     constructor(private readonly http: HttpClient) {
     }
 
-    public getApps(): Observable<Array<App>> {
-        return this.http.get<Array<App>>(environment.apiURL + '/app/list/');
+    public getApps(): Observable<App[]> {
+        return this.http.get<App[]>(environment.apiURL + '/app/list/');
     }
 
     public stopApp(appId: string): Observable<Result> {
@@ -48,11 +48,11 @@ export class AppService {
         return this.http.get<Cml>(environment.apiURL + '/app/cml_version');
     }
 
-    public searchApps(term: string): Observable<Array<App>> {
+    public searchApps(term: string): Observable<App[]> {
         const headers = new HttpHeaders({ 'Content-Type': 'application/json' });
         const searchTerm = new AppSearchTerm();
         searchTerm.searchTerm = term;
-        const result = this.http.post<Array<App>>(environment.apiURL + '/app/search',
+        const result = this.http.post<App[]>(environment.apiURL + '/app/search',
                 searchTerm, {headers});
 
         return result;
diff --git a/ids-webconsole/src/main/resources/www/src/app/apps/app.ts b/ids-webconsole/src/main/resources/www/src/app/apps/app.ts
index 421dd8070..12438cc02 100644
--- a/ids-webconsole/src/main/resources/www/src/app/apps/app.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/apps/app.ts
@@ -10,8 +10,8 @@ export interface App {
     uptime: string;
     signature: string;
     owner: string;
-    labels: Array<Map<string, any>>;
-    ports: Array<string>;
+    labels: Map<string, any>[];
+    ports: string[];
 
     // Further portainer attributes:
     repository: any;
@@ -21,17 +21,17 @@ export interface App {
     title: string;
     description: string;
     note: string;
-    categories: Array<string>;
+    categories: string[];
     platform: string;
     logo: string;
     registry: string;
     command: string;
     network: string;
-    env: Array<Map<string, any>>;
+    env: Map<string, any>[];
     privileged: boolean;
     interactive: boolean;
     restartPolicy: string;
-    volumes: Array<any>;
+    volumes: any[];
 }
 
 export class AppSearchTerm {
diff --git a/ids-webconsole/src/main/resources/www/src/app/apps/apps-search.component.ts b/ids-webconsole/src/main/resources/www/src/app/apps/apps-search.component.ts
new file mode 100644
index 000000000..3d5c56d24
--- /dev/null
+++ b/ids-webconsole/src/main/resources/www/src/app/apps/apps-search.component.ts
@@ -0,0 +1,45 @@
+import { AfterViewInit, Component, OnInit } from '@angular/core';
+import { FormBuilder, FormGroup, Validators } from '@angular/forms';
+
+import { App } from './app';
+import { AppService } from './app.service';
+
+declare var componentHandler: any;
+
+@Component({
+  templateUrl: './apps-search.component.html',
+  providers: []
+})
+export class AppsSearchComponent implements OnInit, AfterViewInit {
+    public myForm: FormGroup;
+    public submitted: boolean;
+    public saved: boolean;
+    public searchResults: App[] = [];
+
+    constructor(private readonly _fb: FormBuilder, private readonly _appService: AppService) {
+        this.saved = true;
+        this.submitted = false;
+    }
+
+    public ngOnInit(): void {
+        // the short way
+        this.myForm = this._fb.group({
+            apps_search: ['', [Validators.required as any, Validators.minLength(3) as any]]
+        });
+    }
+
+    public ngAfterViewInit(): void {
+        componentHandler.upgradeAllRegistered();
+    }
+
+    public save(model: any, isValid: boolean): void {
+      this.submitted = true;
+      this._appService
+        .searchApps(model.apps_search)
+        .subscribe(res => { this.searchResults = res; });
+    }
+
+    public trackApps(index: number, item: App): string {
+      return item.id;
+    }
+}
diff --git a/ids-webconsole/src/main/resources/www/src/app/apps/apps.component.ts b/ids-webconsole/src/main/resources/www/src/app/apps/apps.component.ts
index 8b4c4b878..d389fe062 100644
--- a/ids-webconsole/src/main/resources/www/src/app/apps/apps.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/apps/apps.component.ts
@@ -1,5 +1,4 @@
-import { AfterViewInit, Component, OnInit } from '@angular/core';
-import { FormBuilder, FormGroup, Validators } from '@angular/forms';
+import { AfterViewInit, Component } from '@angular/core';
 import { Title } from '@angular/platform-browser';
 
 import { App } from './app';
@@ -12,7 +11,7 @@ declare var componentHandler: any;
   providers: []
 })
 export class AppsComponent implements AfterViewInit {
-  public apps: Array<App>;
+  public apps: App[];
 
   constructor(private readonly appService: AppService, private readonly titleService: Title) {
     this.titleService.setTitle('Apps');
@@ -31,41 +30,3 @@ export class AppsComponent implements AfterViewInit {
     return item.id;
   }
 }
-
-@Component({
-  templateUrl: './apps-search.component.html',
-  providers: []
-})
-export class AppsSearchComponent implements OnInit, AfterViewInit {
-    public myForm: FormGroup;
-    public submitted: boolean;
-    public saved: boolean;
-    public searchResults: Array<App> = [];
-
-    constructor(private readonly _fb: FormBuilder, private readonly _appService: AppService) {
-        this.saved = true;
-        this.submitted = false;
-    }
-
-    public ngOnInit(): void {
-        // the short way
-        this.myForm = this._fb.group({
-            apps_search: ['', [Validators.required as any, Validators.minLength(3) as any]]
-        });
-    }
-
-    public ngAfterViewInit(): void {
-        componentHandler.upgradeAllRegistered();
-    }
-
-    public save(model: any, isValid: boolean): void {
-      this.submitted = true;
-      this._appService
-        .searchApps(model.apps_search)
-        .subscribe(res => { this.searchResults = res; });
-    }
-
-    public trackApps(index: number, item: App): string {
-      return item.id;
-    }
-}
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.ts b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.ts
index 3c2a81661..44c8189fc 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.component.ts
@@ -10,7 +10,7 @@ import { ConnectionConfigurationService } from './connection-configuration.servi
   styleUrls: ['./connection-configuration.component.css']
 })
 export class ConnectionConfigurationComponent implements OnInit {
-  public models: Array<Configuration>;
+  public models: Configuration[];
   private _model?: Configuration;
   private _selectedIndex = 0;
 
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.service.ts b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.service.ts
index f63a47645..d1504b34f 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.service.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-configuration/connection-configuration.service.ts
@@ -25,7 +25,7 @@ export class ConnectionConfigurationService {
       .pipe(map(res => new Configuration(connection, res)));
   }
 
-  public getAllConfiguration(): Observable<Array<Configuration>> {
+  public getAllConfiguration(): Observable<Configuration[]> {
     return this.http.get<object>(environment.apiURL + '/config/connectionConfigs')
       .pipe(map(configMap => Object.keys(configMap)
         .map(key => new Configuration(key, configMap[key]))));
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-report/connection-report.component.ts b/ids-webconsole/src/main/resources/www/src/app/connection-report/connection-report.component.ts
index 24b215c31..93515e4e0 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-report/connection-report.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-report/connection-report.component.ts
@@ -3,7 +3,9 @@ import { Title } from '@angular/platform-browser';
 import { delay, retryWhen, take } from 'rxjs/operators';
 
 import { ConnectionReportService } from './connection-report.service';
-import { Endpoint, IncomingConnection, OutgoingConnection } from './connections';
+import { Endpoint } from './endpoint';
+import { IncomingConnection } from './incoming-connection';
+import { OutgoingConnection } from './outgoing-connection';
 
 @Component({
   selector: 'connections',
@@ -12,9 +14,9 @@ import { Endpoint, IncomingConnection, OutgoingConnection } from './connections'
 })
 export class ConnectionReportComponent implements OnInit {
 
-  public incomingConnections: Array<IncomingConnection>;
-  public outgoingConnections: Array<OutgoingConnection>;
-  public endpoints: Array<Endpoint>;
+  public incomingConnections: IncomingConnection[];
+  public outgoingConnections: OutgoingConnection[];
+  public endpoints: Endpoint[];
 
   constructor(private readonly titleService: Title, private readonly connectionService: ConnectionReportService) {
     this.titleService.setTitle('IDS Connections');
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-report/connection-report.service.ts b/ids-webconsole/src/main/resources/www/src/app/connection-report/connection-report.service.ts
index 5d1ac4861..9d8fc3d5a 100644
--- a/ids-webconsole/src/main/resources/www/src/app/connection-report/connection-report.service.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-report/connection-report.service.ts
@@ -4,23 +4,25 @@ import { Observable } from 'rxjs';
 
 import { environment } from '../../environments/environment';
 
-import { Endpoint, IncomingConnection, OutgoingConnection } from './connections';
+import { Endpoint } from './endpoint';
+import { IncomingConnection } from './incoming-connection';
+import { OutgoingConnection } from './outgoing-connection';
 
 @Injectable()
 export class ConnectionReportService {
 
   constructor(private readonly http: HttpClient) { }
 
-  public getEndpoints(): Observable<Array<Endpoint>> {
-    return this.http.get<Array<Endpoint>>(environment.apiURL + '/connections/endpoints');
+  public getEndpoints(): Observable<Endpoint[]> {
+    return this.http.get<Endpoint[]>(environment.apiURL + '/connections/endpoints');
   }
 
-  public getIncomingConnections(): Observable<Array<IncomingConnection>> {
-    return this.http.get<Array<IncomingConnection>>(environment.apiURL + '/connections/incoming');
+  public getIncomingConnections(): Observable<IncomingConnection[]> {
+    return this.http.get<IncomingConnection[]>(environment.apiURL + '/connections/incoming');
   }
 
-  public getOutgoingConnections(): Observable<Array<OutgoingConnection>> {
-    return this.http.get<Array<OutgoingConnection>>(environment.apiURL + '/connections/outgoing');
+  public getOutgoingConnections(): Observable<OutgoingConnection[]> {
+    return this.http.get<OutgoingConnection[]>(environment.apiURL + '/connections/outgoing');
   }
 
 }
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-report/connections.ts b/ids-webconsole/src/main/resources/www/src/app/connection-report/connections.ts
deleted file mode 100644
index a2c29b41b..000000000
--- a/ids-webconsole/src/main/resources/www/src/app/connection-report/connections.ts
+++ /dev/null
@@ -1,20 +0,0 @@
-export class IncomingConnection {
-  public endpointIdentifier: string;
-  public attestationResult: string;
-  public connectionKey: string;
-  public remoteHostName: string;
-}
-
-export class OutgoingConnection {
-  public endpointIdentifier: string;
-  public remoteAuthentication: string;
-  public remoteIdentity: string;
-  public attestationResult: string;
-}
-
-export class Endpoint {
-  public endpointIdentifier: string;
-  public defaultProtocol: string;
-  public port: string;
-  public host: string;
-}
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-report/endpoint.ts b/ids-webconsole/src/main/resources/www/src/app/connection-report/endpoint.ts
new file mode 100644
index 000000000..90fda1680
--- /dev/null
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-report/endpoint.ts
@@ -0,0 +1,6 @@
+export class Endpoint {
+  public endpointIdentifier: string;
+  public defaultProtocol: string;
+  public port: string;
+  public host: string;
+}
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-report/incoming-connection.ts b/ids-webconsole/src/main/resources/www/src/app/connection-report/incoming-connection.ts
new file mode 100644
index 000000000..bec3642da
--- /dev/null
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-report/incoming-connection.ts
@@ -0,0 +1,6 @@
+export class IncomingConnection {
+  public endpointIdentifier: string;
+  public attestationResult: string;
+  public connectionKey: string;
+  public remoteHostName: string;
+}
diff --git a/ids-webconsole/src/main/resources/www/src/app/connection-report/outgoing-connection.ts b/ids-webconsole/src/main/resources/www/src/app/connection-report/outgoing-connection.ts
new file mode 100644
index 000000000..3d6816cc1
--- /dev/null
+++ b/ids-webconsole/src/main/resources/www/src/app/connection-report/outgoing-connection.ts
@@ -0,0 +1,6 @@
+export class OutgoingConnection {
+  public endpointIdentifier: string;
+  public remoteAuthentication: string;
+  public remoteIdentity: string;
+  public attestationResult: string;
+}
diff --git a/ids-webconsole/src/main/resources/www/src/app/dashboard/dashboard.component.ts b/ids-webconsole/src/main/resources/www/src/app/dashboard/dashboard.component.ts
index ec479ed09..fdf5ef54b 100644
--- a/ids-webconsole/src/main/resources/www/src/app/dashboard/dashboard.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/dashboard/dashboard.component.ts
@@ -7,23 +7,21 @@ import { PolicyService } from '../dataflowpolicies/policy.service';
 import { MetricService } from '../metric/metric.service';
 import { RouteComponent } from '../routes/route';
 import { RouteService } from '../routes/route.service';
-import { SubscriptionComponent } from '../subscription.component';
 
 @Component({
   templateUrl: './dashboard.component.html',
   providers: []
 })
-export class DashboardComponent extends SubscriptionComponent implements OnInit {
+export class DashboardComponent implements OnInit {
   @Output() public readonly changeTitle = new EventEmitter();
-  public camelComponents: Array<RouteComponent>;
-  public apps: Array<App>;
+  public camelComponents: RouteComponent[];
+  public apps: App[];
   public cmlVersion: string;
   public policies = 0;
-  public metric: Array<String> = [];
+  public metric: string[] = [];
 
   constructor(private readonly titleService: Title, private readonly appService: AppService, private readonly routeService: RouteService,
               private readonly policyService: PolicyService, private readonly metricService: MetricService) {
-    super();
     this.titleService.setTitle('Overview');
 
     this.appService.getApps()
diff --git a/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/dataflowpolicies.component.ts b/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/dataflowpolicies.component.ts
index 10cadf5b1..26f3db884 100644
--- a/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/dataflowpolicies.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/dataflowpolicies.component.ts
@@ -10,7 +10,7 @@ declare var componentHandler: any;
 })
 export class DataflowPoliciesComponent implements OnInit, AfterViewInit {
   @Output() public readonly changeTitle = new EventEmitter();
-  private _policies?: Array<string>;
+  private _policies?: string[];
   private _isLoaded = false;
 
   constructor(private readonly titleService: Title, private readonly policyService: PolicyService) {
@@ -31,7 +31,7 @@ export class DataflowPoliciesComponent implements OnInit, AfterViewInit {
     componentHandler.upgradeAllRegistered();
   }
 
-  get policies(): Array<string> {
+  get policies(): string[] {
     return this._policies;
   }
 
diff --git a/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/dataflowpoliciesnew.component.ts b/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/dataflowpoliciesnew.component.ts
index 827625432..cf0560753 100644
--- a/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/dataflowpoliciesnew.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/dataflowpoliciesnew.component.ts
@@ -13,7 +13,7 @@ export class NewDataflowPolicyComponent implements OnInit {
     public myForm: FormGroup;
     public data: Policy;
     public policyFileLabel = 'Select lucon file ...';
-    public events: Array<any> = [];
+    public events: any[] = [];
     public multiple: false;
     public fileUpload: AbstractControl;
 
diff --git a/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/policy.service.ts b/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/policy.service.ts
index 299203be5..2bf044a5d 100644
--- a/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/policy.service.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/dataflowpolicies/policy.service.ts
@@ -11,8 +11,8 @@ import { Policy } from './policy.interface';
 export class PolicyService {
     constructor(private readonly http: HttpClient) { }
 
-    public getPolicies(): Observable<Array<string>> {
-        return this.http.get<Array<string>>(environment.apiURL + '/policies/list');
+    public getPolicies(): Observable<string[]> {
+        return this.http.get<string[]>(environment.apiURL + '/policies/list');
     }
 
     // Installs a LUCON policy through the PAP
diff --git a/ids-webconsole/src/main/resources/www/src/app/keycerts/certificate-card.component.ts b/ids-webconsole/src/main/resources/www/src/app/keycerts/certificate-card.component.ts
index 93f04d60d..881f8b913 100644
--- a/ids-webconsole/src/main/resources/www/src/app/keycerts/certificate-card.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/keycerts/certificate-card.component.ts
@@ -13,10 +13,10 @@ declare var componentHandler: any;
 })
 
 export class CertificateCardComponent implements OnInit {
-  @Input() public certificates: Array<Certificate>;
-  @Input() public trusts: Array<Certificate>;
+  @Input() public certificates: Certificate[];
+  @Input() public trusts: Certificate[];
   public result: string;
-  @Input() private readonly onDeleteCallback: Function;
+  @Input() private readonly onDeleteCallback: (alias: string) => void;
 
   constructor(private readonly confirmService: ConfirmService) { }
 
diff --git a/ids-webconsole/src/main/resources/www/src/app/keycerts/certificate.ts b/ids-webconsole/src/main/resources/www/src/app/keycerts/certificate.ts
index 7708169e5..626868e1c 100644
--- a/ids-webconsole/src/main/resources/www/src/app/keycerts/certificate.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/keycerts/certificate.ts
@@ -3,7 +3,7 @@ export class Certificate {
   public file: string;
   public certificate: string;
   public subjectDistinguishedName: string;
-  public subjectAltnames: Array<string>;
+  public subjectAltnames: string[];
   public subjectCN: string;
   public subjectOU: string;
   public subjectO: string;
diff --git a/ids-webconsole/src/main/resources/www/src/app/keycerts/identitynew.component.ts b/ids-webconsole/src/main/resources/www/src/app/keycerts/identitynew.component.ts
index d884851be..0df157a5d 100644
--- a/ids-webconsole/src/main/resources/www/src/app/keycerts/identitynew.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/keycerts/identitynew.component.ts
@@ -13,7 +13,7 @@ export class NewIdentityComponent implements OnInit {
     @Output() public readonly changeTitle = new EventEmitter();
     public myForm: FormGroup;
     public data: Identity;
-    public events: Array<any> = [];
+    public events: any[] = [];
 
     constructor(private readonly _fb: FormBuilder, private readonly titleService: Title, private readonly certService: CertificateService,
                 private readonly router: Router) {
diff --git a/ids-webconsole/src/main/resources/www/src/app/keycerts/keycert.service.ts b/ids-webconsole/src/main/resources/www/src/app/keycerts/keycert.service.ts
index f26ef5265..6c9981334 100644
--- a/ids-webconsole/src/main/resources/www/src/app/keycerts/keycert.service.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/keycerts/keycert.service.ts
@@ -12,12 +12,12 @@ export class CertificateService {
 
   constructor(private readonly http: HttpClient) { }
 
-  public getIdentities(): Observable<Array<Certificate>> {
-    return this.http.get<Array<Certificate>>(environment.apiURL + '/certs/list_identities');
+  public getIdentities(): Observable<Certificate[]> {
+    return this.http.get<Certificate[]>(environment.apiURL + '/certs/list_identities');
   }
 
-  public getCertificates(): Observable<Array<Certificate>> {
-    return this.http.get<Array<Certificate>>(environment.apiURL + '/certs/list_certs');
+  public getCertificates(): Observable<Certificate[]> {
+    return this.http.get<Certificate[]>(environment.apiURL + '/certs/list_certs');
   }
 
   public createIdentity(identity: Identity): Observable<string> {
diff --git a/ids-webconsole/src/main/resources/www/src/app/keycerts/keycerts.component.ts b/ids-webconsole/src/main/resources/www/src/app/keycerts/keycerts.component.ts
index e17f93721..70a179ece 100755
--- a/ids-webconsole/src/main/resources/www/src/app/keycerts/keycerts.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/keycerts/keycerts.component.ts
@@ -10,8 +10,8 @@ import { CertificateService } from './keycert.service';
 })
 export class KeycertsComponent implements OnInit {
     public title = 'Current Certificates';
-    public identities: Array<Certificate>;
-    public certificates: Array<Certificate>;
+    public identities: Certificate[];
+    public certificates: Certificate[];
 
     @Output() public readonly changeTitle = new EventEmitter();
 
diff --git a/ids-webconsole/src/main/resources/www/src/app/login/login.component.ts b/ids-webconsole/src/main/resources/www/src/app/login/login.component.ts
index 9fb112b3b..b0c0cf55c 100644
--- a/ids-webconsole/src/main/resources/www/src/app/login/login.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/login/login.component.ts
@@ -32,7 +32,7 @@ export class LoginComponent {
         if (val.username && val.password) {
             this.authService.login(val.username, val.password)
                 .subscribe(() => {
-                    console.log('User is logged in');
+                    // console.log('User is logged in');
                     this.router.navigateByUrl('/');
                 }, () => {
                     this.errorText = 'Login rejected, wrong username or password?';
diff --git a/ids-webconsole/src/main/resources/www/src/app/metric/metric.service.ts b/ids-webconsole/src/main/resources/www/src/app/metric/metric.service.ts
index 7e8bff8da..c5659f4e3 100644
--- a/ids-webconsole/src/main/resources/www/src/app/metric/metric.service.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/metric/metric.service.ts
@@ -7,7 +7,7 @@ import { environment } from '../../environments/environment';
 
 @Injectable()
 export class MetricService implements OnDestroy {
-    private readonly metricObservable: Observable<Array<String>>;
+    private readonly metricObservable: Observable<string[]>;
     private alive = false;
 
     constructor(private readonly http: HttpClient) {
@@ -23,11 +23,11 @@ export class MetricService implements OnDestroy {
         this.alive = false;
     }
 
-    public getMetric(): Observable<Array<String>> {
-        return this.http.get<Array<String>>(environment.apiURL + '/metric/get');
+    public getMetric(): Observable<string[]> {
+        return this.http.get<string[]>(environment.apiURL + '/metric/get');
     }
 
-    public getMetricObservable(): Observable<Array<String>> {
+    public getMetricObservable(): Observable<string[]> {
         return this.metricObservable;
     }
 }
diff --git a/ids-webconsole/src/main/resources/www/src/app/prettify-json.pipe.ts b/ids-webconsole/src/main/resources/www/src/app/prettify-json.pipe.ts
index df1c9c416..28261eef8 100644
--- a/ids-webconsole/src/main/resources/www/src/app/prettify-json.pipe.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/prettify-json.pipe.ts
@@ -4,7 +4,7 @@ import { Pipe, PipeTransform } from '@angular/core';
   name: 'prettify'
 })
 export class PrettifyPipe implements PipeTransform {
-  public transform(val: any): Object {
+  public transform(val: any): object {
     const obj =  JSON.stringify(val)
         .replace('\n', '<br />')
         .replace(/&/g, '&amp;')
diff --git a/ids-webconsole/src/main/resources/www/src/app/result.ts b/ids-webconsole/src/main/resources/www/src/app/result.ts
index 4e9250db8..892bb560b 100644
--- a/ids-webconsole/src/main/resources/www/src/app/result.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/result.ts
@@ -4,7 +4,3 @@ export class Result {
   public successful: boolean;
   public message: string;
 }
-
-export class RouteResult extends Result {
-  public route?: Route;
-}
diff --git a/ids-webconsole/src/main/resources/www/src/app/route-result.ts b/ids-webconsole/src/main/resources/www/src/app/route-result.ts
new file mode 100644
index 000000000..46e348ffc
--- /dev/null
+++ b/ids-webconsole/src/main/resources/www/src/app/route-result.ts
@@ -0,0 +1,6 @@
+import { Route } from './routes/route';
+import { Result } from './result';
+
+export class RouteResult extends Result {
+  public route?: Route;
+}
diff --git a/ids-webconsole/src/main/resources/www/src/app/routes/counter-example.ts b/ids-webconsole/src/main/resources/www/src/app/routes/counter-example.ts
new file mode 100644
index 000000000..e020d8e83
--- /dev/null
+++ b/ids-webconsole/src/main/resources/www/src/app/routes/counter-example.ts
@@ -0,0 +1,4 @@
+export class CounterExample {
+    public explanation?: string;
+    public steps?: string[];
+}
diff --git a/ids-webconsole/src/main/resources/www/src/app/routes/route.service.ts b/ids-webconsole/src/main/resources/www/src/app/routes/route.service.ts
index 52c43da93..0b682f3fa 100644
--- a/ids-webconsole/src/main/resources/www/src/app/routes/route.service.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/routes/route.service.ts
@@ -3,11 +3,12 @@ import { Injectable } from '@angular/core';
 import { Observable } from 'rxjs';
 
 import { environment } from '../../environments/environment';
-import { Result, RouteResult } from '../result';
+import { Result } from '../result';
+import { RouteResult } from '../route-result';
 
 import { Route, RouteComponent } from './route';
 import { RouteMetrics } from './route-metrics';
-import { ValidationInfo } from './validation';
+import { ValidationInfo } from './validation-info';
 
 @Injectable()
 export class RouteService {
@@ -29,8 +30,8 @@ export class RouteService {
     return this.httpClient.get(environment.apiURL + '/routes/metrics') as Observable<RouteMetrics>;
   }
 
-  public getRoutes(): Observable<Array<Route>> {
-    return this.httpClient.get(environment.apiURL + '/routes/list/') as Observable<Array<Route>>;
+  public getRoutes(): Observable<Route[]> {
+    return this.httpClient.get(environment.apiURL + '/routes/list/') as Observable<Route[]>;
   }
 
   public stopRoute(routeId: string): Observable<Result> {
@@ -61,7 +62,7 @@ export class RouteService {
       routeString, { headers }) as Observable<Result>;
   }
 
-  public listComponents(): Observable<Array<RouteComponent>> {
-    return this.httpClient.get<Array<RouteComponent>>(environment.apiURL + '/routes/components');
+  public listComponents(): Observable<RouteComponent[]> {
+    return this.httpClient.get<RouteComponent[]>(environment.apiURL + '/routes/components');
   }
 }
diff --git a/ids-webconsole/src/main/resources/www/src/app/routes/routeeditor/routeeditor.component.ts b/ids-webconsole/src/main/resources/www/src/app/routes/routeeditor/routeeditor.component.ts
index d7263bfd0..e597d90ae 100644
--- a/ids-webconsole/src/main/resources/www/src/app/routes/routeeditor/routeeditor.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/routes/routeeditor/routeeditor.component.ts
@@ -7,7 +7,8 @@ import { ReplaySubject } from 'rxjs';
 import { Result } from '../../result';
 import { Route } from '../route';
 import { RouteService } from '../route.service';
-import { CounterExample, ValidationInfo } from '../validation';
+import { CounterExample } from '../counter-example';
+import { ValidationInfo } from '../validation-info';
 
 @Component({
   selector: 'routeeditor',
diff --git a/ids-webconsole/src/main/resources/www/src/app/routes/routes.component.ts b/ids-webconsole/src/main/resources/www/src/app/routes/routes.component.ts
index 6d83d9fa9..ffca43da0 100644
--- a/ids-webconsole/src/main/resources/www/src/app/routes/routes.component.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/routes/routes.component.ts
@@ -16,7 +16,7 @@ import { RouteService } from './route.service';
 export class RoutesComponent implements OnInit, OnDestroy {
     public title = 'Current Routes';
     @Output() public readonly changeTitle = new EventEmitter();
-    public routes: Array<Route>;
+    public routes: Route[];
     public selectedRoute: Route;
     public routemetrics: RouteMetrics = new RouteMetrics();
 
diff --git a/ids-webconsole/src/main/resources/www/src/app/routes/validation-info.ts b/ids-webconsole/src/main/resources/www/src/app/routes/validation-info.ts
new file mode 100644
index 000000000..0e359d14a
--- /dev/null
+++ b/ids-webconsole/src/main/resources/www/src/app/routes/validation-info.ts
@@ -0,0 +1,6 @@
+import { CounterExample } from './counter-example';
+
+export class ValidationInfo {
+    public valid = true;
+    public counterExamples?: CounterExample[];
+}
diff --git a/ids-webconsole/src/main/resources/www/src/app/routes/validation.ts b/ids-webconsole/src/main/resources/www/src/app/routes/validation.ts
deleted file mode 100644
index fcd5aa951..000000000
--- a/ids-webconsole/src/main/resources/www/src/app/routes/validation.ts
+++ /dev/null
@@ -1,9 +0,0 @@
-export class CounterExample {
-    public explanation?: string;
-    public steps?: Array<string>;
-}
-
-export class ValidationInfo {
-    public valid = true;
-    public counterExamples?: Array<CounterExample>;
-}
diff --git a/ids-webconsole/src/main/resources/www/src/app/subscription.component.ts b/ids-webconsole/src/main/resources/www/src/app/subscription.component.ts
deleted file mode 100644
index 840df4c6a..000000000
--- a/ids-webconsole/src/main/resources/www/src/app/subscription.component.ts
+++ /dev/null
@@ -1,14 +0,0 @@
-import { OnDestroy } from '@angular/core';
-import { Subscription } from 'rxjs';
-
-export class SubscriptionComponent implements OnDestroy {
-  protected subscriptions: Array<Subscription> = [];
-
-  public ngOnDestroy(): void {
-    // console.log('Unsubscribing...');
-    for (const subscription of this.subscriptions) {
-      subscription.unsubscribe();
-    }
-  }
-
-}
diff --git a/ids-webconsole/src/main/resources/www/src/app/values.pipe.ts b/ids-webconsole/src/main/resources/www/src/app/values.pipe.ts
index ab07081cf..15b3d3c56 100644
--- a/ids-webconsole/src/main/resources/www/src/app/values.pipe.ts
+++ b/ids-webconsole/src/main/resources/www/src/app/values.pipe.ts
@@ -2,7 +2,7 @@ import { Pipe, PipeTransform } from '@angular/core';
 
 @Pipe({ name: 'values' })
 export class ValuesPipe implements PipeTransform {
-  public transform(value: any, args?: Array<any>): any {
+  public transform(value: any, args?: any[]): any {
     return Object.keys(value)
       .map(key => value[key]);
   }
diff --git a/ids-webconsole/src/main/resources/www/src/tsconfig.json b/ids-webconsole/src/main/resources/www/src/tsconfig.json
index 5ac70f941..280dabd9f 100644
--- a/ids-webconsole/src/main/resources/www/src/tsconfig.json
+++ b/ids-webconsole/src/main/resources/www/src/tsconfig.json
@@ -7,7 +7,7 @@
     "experimentalDecorators": true,
     "lib": ["es6", "dom"],
     "mapRoot": "./",
-    "module": "esnext",
+    "module": "es2020",
     "moduleResolution": "node",
     "outDir": "../dist/out-tsc",
     "sourceMap": true,
diff --git a/ids-webconsole/src/main/resources/www/tslint.json b/ids-webconsole/src/main/resources/www/tslint.json
index 4a5cba48e..1b056630f 100644
--- a/ids-webconsole/src/main/resources/www/tslint.json
+++ b/ids-webconsole/src/main/resources/www/tslint.json
@@ -3,13 +3,16 @@
     "node_modules/codelyzer"
   ],
   "extends": [
-    "@saritasa/tslint-config-angular"
+    "tslint:recommended"
   ],
   "rules": {
     "curly": true,
     "comment-format": false,
     "component-selector": false,
     "completed-docs": false,
+    "deprecation": {
+      "severity": "warning"
+    },
     "whitespace": false,
     "trailing-comma": [
       true,
diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index 8e5fd0701..dd054f451 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -2,161 +2,169 @@
 # yarn lockfile v1
 
 
-"@angular-devkit/architect@0.901.12":
-  version "0.901.12"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/architect/-/architect-0.901.12.tgz#e0f78b7282f851d27af6802dc7a261022421b2d5"
-  integrity sha512-gLlsxa+3JPV1m1gRvRMujOs4xKox6I5BkYmOD1zfu+dB6y3LuBAvHfXA6FaTDVOMBrmSlWnE4PmOmB6xd7wxMA==
-  dependencies:
-    "@angular-devkit/core" "9.1.12"
-    rxjs "6.5.4"
-
-"@angular-devkit/build-angular@~0.901.0":
-  version "0.901.12"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/build-angular/-/build-angular-0.901.12.tgz#5b588e530be01502e350ceae17b21b4fc6676650"
-  integrity sha512-enK+u1Lg1a/KWUs3r8Tc7Igduu5ph9fgziV8bjQeVrswrqFb0m0eEhxe/zV8rvE92H3NBZp5Z+uzOYIcg4eirw==
-  dependencies:
-    "@angular-devkit/architect" "0.901.12"
-    "@angular-devkit/build-optimizer" "0.901.12"
-    "@angular-devkit/build-webpack" "0.901.12"
-    "@angular-devkit/core" "9.1.12"
-    "@babel/core" "7.9.0"
-    "@babel/generator" "7.9.3"
-    "@babel/preset-env" "7.9.0"
-    "@babel/template" "7.8.6"
-    "@jsdevtools/coverage-istanbul-loader" "3.0.3"
-    "@ngtools/webpack" "9.1.12"
-    ajv "6.12.3"
-    autoprefixer "9.7.4"
-    babel-loader "8.0.6"
+"@angular-devkit/architect@0.1002.0":
+  version "0.1002.0"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/architect/-/architect-0.1002.0.tgz#470b78aaf79308a23da6a0d3935f2d1f85dcb212"
+  integrity sha512-twM8V03ujBIGVpgV1PBlSDodUdxtUb7WakutfWafAvEHUsgwzfvQz2VtKWvjNZ9AiYjnCuwkQaclqVv0VHNo9w==
+  dependencies:
+    "@angular-devkit/core" "10.2.0"
+    rxjs "6.6.2"
+
+"@angular-devkit/build-angular@~0.1002.0":
+  version "0.1002.0"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/build-angular/-/build-angular-0.1002.0.tgz#b2d1de921b1fd37906e50442d730ca2516d7d747"
+  integrity sha512-cPkdp1GceokGHc79Wg0hACMqqmnJ4W3H9kY4c9qp1Xz18b3vk1aq09JNawOpfUN09S9vBCnn4glg22lRyqmJNA==
+  dependencies:
+    "@angular-devkit/architect" "0.1002.0"
+    "@angular-devkit/build-optimizer" "0.1002.0"
+    "@angular-devkit/build-webpack" "0.1002.0"
+    "@angular-devkit/core" "10.2.0"
+    "@babel/core" "7.11.1"
+    "@babel/generator" "7.11.0"
+    "@babel/plugin-transform-runtime" "7.11.0"
+    "@babel/preset-env" "7.11.0"
+    "@babel/runtime" "7.11.2"
+    "@babel/template" "7.10.4"
+    "@jsdevtools/coverage-istanbul-loader" "3.0.5"
+    "@ngtools/webpack" "10.2.0"
+    autoprefixer "9.8.6"
+    babel-loader "8.1.0"
     browserslist "^4.9.1"
-    cacache "15.0.0"
+    cacache "15.0.5"
     caniuse-lite "^1.0.30001032"
     circular-dependency-plugin "5.2.0"
     copy-webpack-plugin "6.0.3"
     core-js "3.6.4"
-    css-loader "3.5.1"
+    css-loader "4.2.2"
     cssnano "4.1.10"
     file-loader "6.0.0"
     find-cache-dir "3.3.1"
     glob "7.1.6"
-    jest-worker "25.1.0"
+    jest-worker "26.3.0"
     karma-source-map-support "1.4.0"
-    less "3.11.3"
-    less-loader "5.0.0"
-    license-webpack-plugin "2.1.4"
+    less-loader "6.2.0"
+    license-webpack-plugin "2.3.0"
     loader-utils "2.0.0"
-    mini-css-extract-plugin "0.9.0"
+    mini-css-extract-plugin "0.10.0"
     minimatch "3.0.4"
-    open "7.0.3"
-    parse5 "4.0.0"
-    postcss "7.0.27"
+    open "7.2.0"
+    parse5 "6.0.1"
+    parse5-htmlparser2-tree-adapter "6.0.1"
+    pnp-webpack-plugin "1.6.4"
+    postcss "7.0.32"
     postcss-import "12.0.1"
     postcss-loader "3.0.0"
-    raw-loader "4.0.0"
-    regenerator-runtime "0.13.5"
+    raw-loader "4.0.1"
+    regenerator-runtime "0.13.7"
+    resolve-url-loader "3.1.2"
     rimraf "3.0.2"
-    rollup "2.1.0"
-    rxjs "6.5.4"
-    sass "1.26.3"
-    sass-loader "8.0.2"
-    semver "7.1.3"
+    rollup "2.26.5"
+    rxjs "6.6.2"
+    sass "1.26.10"
+    sass-loader "10.0.1"
+    semver "7.3.2"
     source-map "0.7.3"
-    source-map-loader "0.2.4"
-    speed-measure-webpack-plugin "1.3.1"
-    style-loader "1.1.3"
-    stylus "0.54.7"
+    source-map-loader "1.0.2"
+    source-map-support "0.5.19"
+    speed-measure-webpack-plugin "1.3.3"
+    style-loader "1.2.1"
+    stylus "0.54.8"
     stylus-loader "3.0.2"
-    terser "4.6.10"
-    terser-webpack-plugin "3.0.3"
+    terser "5.3.0"
+    terser-webpack-plugin "4.1.0"
     tree-kill "1.2.2"
-    webpack "4.42.0"
+    webpack "4.44.1"
     webpack-dev-middleware "3.7.2"
     webpack-dev-server "3.11.0"
     webpack-merge "4.2.2"
     webpack-sources "1.4.3"
-    webpack-subresource-integrity "1.4.0"
-    worker-plugin "4.0.3"
+    webpack-subresource-integrity "1.4.1"
+    worker-plugin "5.0.0"
 
-"@angular-devkit/build-optimizer@0.901.12":
-  version "0.901.12"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/build-optimizer/-/build-optimizer-0.901.12.tgz#327066ba0d7f2f4fc82960618906e4f916f7bf7c"
-  integrity sha512-XuXA+6y9QkIAwSVZhWmne4r7qugUUWaXobgRefbn9heiRlY8/7XkZmmvbSrxc1fgQfQar52W9fAa19fAIeNvnw==
+"@angular-devkit/build-optimizer@0.1002.0":
+  version "0.1002.0"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/build-optimizer/-/build-optimizer-0.1002.0.tgz#a44300e9a68af32d3efea0ff12355f3e9a10752d"
+  integrity sha512-ACnm9doPMbRtSy1UZN5ir7smeLMx0g0oW7jX3jyPepeQKZ+9U1Bn09t10NLZQH+Z509jWZgvNJH/aOh85P6euw==
   dependencies:
     loader-utils "2.0.0"
     source-map "0.7.3"
-    tslib "1.11.1"
-    typescript "3.6.5"
+    tslib "2.0.1"
+    typescript "4.0.2"
     webpack-sources "1.4.3"
 
-"@angular-devkit/build-webpack@0.901.12":
-  version "0.901.12"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/build-webpack/-/build-webpack-0.901.12.tgz#fcbe22d6c41f3f626342c3bd8f734104d4a65a8c"
-  integrity sha512-zrhZV2LhQ4uFl9at9i2jiedIu932HsaFN4OMMsTFlV+6CZxtEUBI85hhnPa5KQtIYQr2OMQSQf/FyhnBGs0riQ==
+"@angular-devkit/build-webpack@0.1002.0":
+  version "0.1002.0"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/build-webpack/-/build-webpack-0.1002.0.tgz#af96b7f2caf3412119000df36326f48ff995837f"
+  integrity sha512-TLBBQ6ANOLKXOPxpCOnxAtoknwHA7XhsLuueN06w5qqF+QNNbWUMPoieKFGs2TnotfCgbiq6x57IDEZTyT6V0w==
   dependencies:
-    "@angular-devkit/architect" "0.901.12"
-    "@angular-devkit/core" "9.1.12"
-    rxjs "6.5.4"
+    "@angular-devkit/architect" "0.1002.0"
+    "@angular-devkit/core" "10.2.0"
+    rxjs "6.6.2"
 
-"@angular-devkit/core@9.1.12":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/core/-/core-9.1.12.tgz#7cebce51918fe7f3462d8c58c9fbd5a3e2c3b3e7"
-  integrity sha512-D/GnBeSlmdgGn7EhuE32HuPuRAjvUuxi7Q6WywBI8PSsXKAGnrypghBwMATNnOA24//CgbW2533Y9VWHaeXdeA==
+"@angular-devkit/core@10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/core/-/core-10.2.0.tgz#fcde160afc2786d2da0166526f065c6cf98684c0"
+  integrity sha512-XAszFhSF3mZw1VjoOsYGbArr5NJLcStjOvcCGjBPl1UBM2AKpuCQXHxI9XJGYKL3B93Vp5G58d8qkHvamT53OA==
   dependencies:
-    ajv "6.12.3"
+    ajv "6.12.4"
     fast-json-stable-stringify "2.1.0"
     magic-string "0.25.7"
-    rxjs "6.5.4"
+    rxjs "6.6.2"
     source-map "0.7.3"
 
-"@angular-devkit/schematics@9.1.12":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular-devkit/schematics/-/schematics-9.1.12.tgz#bbf457f1b35941fddeeb1ee77336dd04ca60b8ba"
-  integrity sha512-+GYnUzmIy1/QpYitCC8mI7jcrViGHTtOKvvDPEFjU2nggjNEQaMmsHcdIsjrqggEc23ZZyebNAIewT8CMkJyrQ==
-  dependencies:
-    "@angular-devkit/core" "9.1.12"
-    ora "4.0.3"
-    rxjs "6.5.4"
-
-"@angular/animations@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/animations/-/animations-9.1.12.tgz#1c9c1a792be4b52b196cab1e5c88bd319b60716d"
-  integrity sha512-tphpf9QHnOPoL2Jl7KpR+R5aHNW3oifLEmRUTajJYJGvo1uzdUDE82+V9OGOinxJsYseCth9gYJhN24aYTB9NA==
-
-"@angular/cli@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/cli/-/cli-9.1.12.tgz#c6e41c80c387200766fc52a6b42fde869dcc0cef"
-  integrity sha512-B0yOab5WbD84bIRRUKOPAJnpka8Qj+CRt61wJfjsqpd/Rj7pD/3ubmdCNoBH7Xa6UlOb0tdYqRPsqfK7uEL0sw==
-  dependencies:
-    "@angular-devkit/architect" "0.901.12"
-    "@angular-devkit/core" "9.1.12"
-    "@angular-devkit/schematics" "9.1.12"
-    "@schematics/angular" "9.1.12"
-    "@schematics/update" "0.901.12"
+"@angular-devkit/schematics@10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular-devkit/schematics/-/schematics-10.2.0.tgz#a45f316bbaa54cbabc06e2e54b04e1c8d103bc0b"
+  integrity sha512-TQI5NnE6iM3ChF5gZQ9qb+lZgMWa7aLoF5ksOyT3zrmOuICiQYJhA6SsjV95q7J4M55qYymwBib8KTqU/xuQww==
+  dependencies:
+    "@angular-devkit/core" "10.2.0"
+    ora "5.0.0"
+    rxjs "6.6.2"
+
+"@angular/animations@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/animations/-/animations-10.2.0.tgz#7d60e8261cccc9a348699f23bc40b8d5c569baaa"
+  integrity sha512-lKjC2Jm2Al4GCW2zKutdskMWqe5S23gknPvp65ybmR5D1Pz/YgzDOHXmTHqDn5qXJgzpFt/fJgNi805XrAOm4g==
+  dependencies:
+    tslib "^2.0.0"
+
+"@angular/cli@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/cli/-/cli-10.2.0.tgz#b0b465120eb9a39e5efd030bf80c023c630960ed"
+  integrity sha512-YBzwkFBmG6CdUJk8onsPXxHX/ByU5MERBQgYhLC873e2nZlXMUu+Ttq2Wai6apyskGvsXKxZNPOQSFZTGKXzXg==
+  dependencies:
+    "@angular-devkit/architect" "0.1002.0"
+    "@angular-devkit/core" "10.2.0"
+    "@angular-devkit/schematics" "10.2.0"
+    "@schematics/angular" "10.2.0"
+    "@schematics/update" "0.1002.0"
     "@yarnpkg/lockfile" "1.1.0"
     ansi-colors "4.1.1"
     debug "4.1.1"
     ini "1.3.5"
-    inquirer "7.1.0"
+    inquirer "7.3.3"
     npm-package-arg "8.0.1"
-    npm-pick-manifest "6.0.0"
-    open "7.0.3"
+    npm-pick-manifest "6.1.0"
+    open "7.2.0"
     pacote "9.5.12"
     read-package-tree "5.3.1"
     rimraf "3.0.2"
-    semver "7.1.3"
+    semver "7.3.2"
     symbol-observable "1.2.0"
-    universal-analytics "0.4.20"
-    uuid "7.0.2"
+    universal-analytics "0.4.23"
+    uuid "8.3.0"
 
-"@angular/common@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/common/-/common-9.1.12.tgz#731701fae63ae8e2ee2ce00e7d51f458ecd00c7c"
-  integrity sha512-XSIqkbM6VV1yixF9zuzeE5eqN1VsiXS517K2VU0XgCRSAzhVhLOeKsdYjeLf7PdSu/HgW/Tr81H+isi9A9I0YA==
+"@angular/common@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/common/-/common-10.2.0.tgz#f9f50363a1fc5051750fd290ab8ea907ff9003ea"
+  integrity sha512-4q7cb6Z18R1nQ8dN8uj6cckuk4jzY40lF7kpxf/wja0pQBUBtWwExwXsdHTVWGZ/mgQv9a5dTAPQq8/tSmf+hw==
+  dependencies:
+    tslib "^2.0.0"
 
-"@angular/compiler-cli@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/compiler-cli/-/compiler-cli-9.1.12.tgz#37ba1a8b483ab1382414d0a13a35a1fd2020abd1"
-  integrity sha512-bbqJ+fbY+aQejSYuHUjE1qYJCXkZBM5Hru9eN7m/j376u83MQ5jWdC290uYx+ipsXcPTa/YRZ44jpL+5cCzIrg==
+"@angular/compiler-cli@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/compiler-cli/-/compiler-cli-10.2.0.tgz#ab3504df42bd23aa0916d3b78281ce20b2fa1473"
+  integrity sha512-NWTNg15LLL14MgooXV1Xb4w49I4OAfWakcc0J7XQm3B3mRFuue/UfXE9dKMStenTfmtUnNO9c+xjZRhTWYJkfw==
   dependencies:
     canonical-path "1.0.0"
     chokidar "^3.0.0"
@@ -169,80 +177,90 @@
     semver "^6.3.0"
     source-map "^0.6.1"
     sourcemap-codec "^1.4.8"
+    tslib "^2.0.0"
     yargs "15.3.0"
 
-"@angular/compiler@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/compiler/-/compiler-9.1.12.tgz#3066a637bfe09642dd5c4a4dd029e7a771988311"
-  integrity sha512-suefk0OFkaJpUUKnV+phbL4T8fmVGHvzkereY5eqybQlumOez8NPL1PJcygAylh/E6OIAYm8SWookYwM6ZY9dg==
+"@angular/compiler@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/compiler/-/compiler-10.2.0.tgz#1cd4e6b528494514c016be4c83b1dfbeb13681b5"
+  integrity sha512-r+zNEDJmfH7pyQULgs6iQgMv/zH/CokepTuemrVbBKkUjd8F9Q84XdflR2Tx2rukiAAl4B0BuG+v4tSb9pR1WQ==
+  dependencies:
+    tslib "^2.0.0"
 
-"@angular/core@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/core/-/core-9.1.12.tgz#e7e10f72f84f0787551424ad86279436e0b5edbe"
-  integrity sha512-WVA/eh3fzjx0apOzkKot4YRRUsGkHj50zFQWrAOMgivGaj1YVrvhf+m3hpglj5fn/BkLiFDl8RT0wAE8z9X+gQ==
+"@angular/core@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/core/-/core-10.2.0.tgz#a5eac8b37ef5268f90e45e06b1a4d48ab55f31dc"
+  integrity sha512-pj+0cIDHMfeTFFrxbxM1qanSqhnA3ybCYMQm+Fs/WAPlLSvB6s/vVhq6tCdicHzd7/fujGXPcb8Hvtx+km8TqQ==
+  dependencies:
+    tslib "^2.0.0"
 
-"@angular/forms@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/forms/-/forms-9.1.12.tgz#8ae7ac480031e1e4097eeff9b45f5e6d2cce6b7c"
-  integrity sha512-LhjnZlC4WEsEsAJfOZLte+Lks3WBAFVeRv2lzoQNFVr/IMzBNDVfjEaaSqKF1cei3cjY39Df2nYDMJM7HfqbJA==
+"@angular/forms@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/forms/-/forms-10.2.0.tgz#d147709539ab4bd508d948c9809d3b3ec0e3d413"
+  integrity sha512-pRQP5AWyB37rJWtgvZRWA3H+EMcP9M7QybOAfCf7z9CMRhKK+jVvd5yQqyqOYWOEBuS0kUD3HM/vrpZywhK/6g==
+  dependencies:
+    tslib "^2.0.0"
 
-"@angular/platform-browser-dynamic@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/platform-browser-dynamic/-/platform-browser-dynamic-9.1.12.tgz#332935d5ec4b44daaad1beae496dd994e2847a03"
-  integrity sha512-NmwUZaQeMnA6f+vP9Fp9P+qjL72H8dKlxLS76ujlKHVf75pP5oahWS8wfl7KXel1tKW3FQWMMffmKf5/NHRiSw==
+"@angular/platform-browser-dynamic@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/platform-browser-dynamic/-/platform-browser-dynamic-10.2.0.tgz#08ccd67fecc0269b1335e8efb1b7ef6d06a7f389"
+  integrity sha512-S1yBpoJjQcGrvkoHhy+We1lMi/TONzSAUTYz05WexDC6N8eLX4NpbjOUHxtYH5JfXltQ2B32zycyjwyB2t2ulA==
+  dependencies:
+    tslib "^2.0.0"
 
-"@angular/platform-browser@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/platform-browser/-/platform-browser-9.1.12.tgz#f99fc360c40efd013677cc9ef4ead13425084a91"
-  integrity sha512-rPa/hJcLfdId6bYB0b6pFUo3QIgjZlvUlmtKMGdrLNLYR8XQxPa2Y/UdN/5YeZ12htGw6GXrX9U8U7nTbUSpkw==
+"@angular/platform-browser@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/platform-browser/-/platform-browser-10.2.0.tgz#ae1a32506dcce321eb6e8acb151db95fedc6da91"
+  integrity sha512-GqO4MH7sddzvirr6AwxPXIfFFQp1+Xs5BCguSajyqt7i1j7vA0mKvFCvO7tIYmJmepWa0YPs9cXtq8nxDAoqVA==
+  dependencies:
+    tslib "^2.0.0"
 
-"@angular/platform-server@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/platform-server/-/platform-server-9.1.12.tgz#cd7f92f0e44d90cb82b653a841a7cd16727d07ed"
-  integrity sha512-pNczGCl8Cux1jGyW/dvzzru4QsObWCN46Y7s5Giq7waXlHr3gP2vx+tlYzk2LcjDzfgsl53i5fXk2yS6S+90Og==
+"@angular/platform-server@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/platform-server/-/platform-server-10.2.0.tgz#36153c8b5486f7cd484ec09280e2395b0a43ff1a"
+  integrity sha512-eIc7xiGPylQ6uExx+LeTOHFRDtsbRe4sqgbjsfmlQfvxuVbYRzacXctvymjqr1cGzYW+CpB/3eQoz7uX/BGOog==
   dependencies:
     domino "^2.1.2"
+    tslib "^2.0.0"
     xhr2 "^0.2.0"
 
-"@angular/router@~9.1.0":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@angular/router/-/router-9.1.12.tgz#4f7fc170e1e7ef72ca1714dbc7a3888aedc33f2d"
-  integrity sha512-+qCaXa9y0nsRhzjAYBqmGoQ2YkrdXgftZwuFDf6t4qEi30EXa0oS97KrlFq0M5GKdLIDGrbUm9PcdHSTOI+ZhA==
+"@angular/router@~10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@angular/router/-/router-10.2.0.tgz#e8e9d0999846d71283298c7d58f8614d8c8c248d"
+  integrity sha512-iAaJqcFrwduL1YopLrw4ax6kWd2FrqcGjcf0GY2ZUEEcwo5hQVMrKAt7MUJPVHGZf+OzSYJBgP7ApU60oZ43AA==
+  dependencies:
+    tslib "^2.0.0"
 
-"@babel/code-frame@^7.0.0", "@babel/code-frame@^7.10.4", "@babel/code-frame@^7.8.3":
+"@babel/code-frame@^7.0.0", "@babel/code-frame@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/code-frame/-/code-frame-7.10.4.tgz#168da1a36e90da68ae8d49c0f1b48c7c6249213a"
   integrity sha512-vG6SvB6oYEhvgisZNFRmRCUkLz11c7rp+tbNTynGqc6mS1d5ATd/sGyV6W0KZZnXRKMTzZDRgQT3Ou9jhpAfUg==
   dependencies:
     "@babel/highlight" "^7.10.4"
 
-"@babel/compat-data@^7.10.4", "@babel/compat-data@^7.9.0":
-  version "7.11.0"
-  resolved "https://registry.yarnpkg.com/@babel/compat-data/-/compat-data-7.11.0.tgz#e9f73efe09af1355b723a7f39b11bad637d7c99c"
-  integrity sha512-TPSvJfv73ng0pfnEOh17bYMPQbI95+nGWc71Ss4vZdRBHTDqmM9Z8ZV4rYz8Ks7sfzc95n30k6ODIq5UGnXcYQ==
-  dependencies:
-    browserslist "^4.12.0"
-    invariant "^2.2.4"
-    semver "^5.5.0"
+"@babel/compat-data@^7.11.0", "@babel/compat-data@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/compat-data/-/compat-data-7.12.1.tgz#d7386a689aa0ddf06255005b4b991988021101a0"
+  integrity sha512-725AQupWJZ8ba0jbKceeFblZTY90McUBWMwHhkFQ9q1zKPJ95GUktljFcgcsIVwRnTnRKlcYzfiNImg5G9m6ZQ==
 
-"@babel/core@7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.9.0.tgz#ac977b538b77e132ff706f3b8a4dbad09c03c56e"
-  integrity sha512-kWc7L0fw1xwvI0zi8OKVBuxRVefwGOrKSQMvrQ3dW+bIIavBY3/NpXmpjMy7bQnLgwgzWQZ8TlM57YHpHNHz4w==
-  dependencies:
-    "@babel/code-frame" "^7.8.3"
-    "@babel/generator" "^7.9.0"
-    "@babel/helper-module-transforms" "^7.9.0"
-    "@babel/helpers" "^7.9.0"
-    "@babel/parser" "^7.9.0"
-    "@babel/template" "^7.8.6"
-    "@babel/traverse" "^7.9.0"
-    "@babel/types" "^7.9.0"
+"@babel/core@7.11.1":
+  version "7.11.1"
+  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.11.1.tgz#2c55b604e73a40dc21b0e52650b11c65cf276643"
+  integrity sha512-XqF7F6FWQdKGGWAzGELL+aCO1p+lRY5Tj5/tbT3St1G8NaH70jhhDIKknIZaDans0OQBG5wRAldROLHSt44BgQ==
+  dependencies:
+    "@babel/code-frame" "^7.10.4"
+    "@babel/generator" "^7.11.0"
+    "@babel/helper-module-transforms" "^7.11.0"
+    "@babel/helpers" "^7.10.4"
+    "@babel/parser" "^7.11.1"
+    "@babel/template" "^7.10.4"
+    "@babel/traverse" "^7.11.0"
+    "@babel/types" "^7.11.0"
     convert-source-map "^1.7.0"
     debug "^4.1.0"
     gensync "^1.0.0-beta.1"
     json5 "^2.1.2"
-    lodash "^4.17.13"
+    lodash "^4.17.19"
     resolve "^1.3.2"
     semver "^5.4.1"
     source-map "^0.5.0"
@@ -269,17 +287,25 @@
     semver "^5.4.1"
     source-map "^0.5.0"
 
-"@babel/generator@7.9.3":
-  version "7.9.3"
-  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.9.3.tgz#7c8b2956c6f68b3ab732bd16305916fbba521d94"
-  integrity sha512-RpxM252EYsz9qLUIq6F7YJyK1sv0wWDBFuztfDGWaQKzHjqDHysxSiRUpA/X9jmfqo+WzkAVKFaUily5h+gDCQ==
+"@babel/generator@7.11.0":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.11.0.tgz#4b90c78d8c12825024568cbe83ee6c9af193585c"
+  integrity sha512-fEm3Uzw7Mc9Xi//qU20cBKatTfs2aOtKqmvy/Vm7RkJEGFQ4xc9myCfbXxqK//ZS8MR/ciOHw6meGASJuKmDfQ==
+  dependencies:
+    "@babel/types" "^7.11.0"
+    jsesc "^2.5.1"
+    source-map "^0.5.0"
+
+"@babel/generator@^7.11.0", "@babel/generator@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.12.1.tgz#0d70be32bdaa03d7c51c8597dda76e0df1f15468"
+  integrity sha512-DB+6rafIdc9o72Yc3/Ph5h+6hUjeOp66pF0naQBgUFFuPqzQwIlPTm3xZR7YNvduIMtkDIj2t21LSQwnbCrXvg==
   dependencies:
-    "@babel/types" "^7.9.0"
+    "@babel/types" "^7.12.1"
     jsesc "^2.5.1"
-    lodash "^4.17.13"
     source-map "^0.5.0"
 
-"@babel/generator@^7.11.5", "@babel/generator@^7.11.6", "@babel/generator@^7.9.0":
+"@babel/generator@^7.11.5", "@babel/generator@^7.11.6":
   version "7.11.6"
   resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.11.6.tgz#b868900f81b163b4d464ea24545c61cbac4dc620"
   integrity sha512-DWtQ1PV3r+cLbySoHrwn9RWEgKMBLLma4OBQloPRyDYvc5msJM9kvTLo1YnlJd1P/ZuKbdli3ijr5q3FvAF3uA==
@@ -303,17 +329,27 @@
     "@babel/helper-explode-assignable-expression" "^7.10.4"
     "@babel/types" "^7.10.4"
 
-"@babel/helper-compilation-targets@^7.8.7":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-compilation-targets/-/helper-compilation-targets-7.10.4.tgz#804ae8e3f04376607cc791b9d47d540276332bd2"
-  integrity sha512-a3rYhlsGV0UHNDvrtOXBg8/OpfV0OKTkxKPzIplS1zpx7CygDcWWxckxZeDd3gzPzC4kUT0A4nVFDK0wGMh4MQ==
+"@babel/helper-compilation-targets@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-compilation-targets/-/helper-compilation-targets-7.12.1.tgz#310e352888fbdbdd8577be8dfdd2afb9e7adcf50"
+  integrity sha512-jtBEif7jsPwP27GPHs06v4WBV0KrE8a/P7n0N0sSvHn2hwUCYnolP/CLmz51IzAW4NlN+HuoBtb9QcwnRo9F/g==
   dependencies:
-    "@babel/compat-data" "^7.10.4"
+    "@babel/compat-data" "^7.12.1"
+    "@babel/helper-validator-option" "^7.12.1"
     browserslist "^4.12.0"
-    invariant "^2.2.4"
-    levenary "^1.1.1"
     semver "^5.5.0"
 
+"@babel/helper-create-class-features-plugin@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-create-class-features-plugin/-/helper-create-class-features-plugin-7.12.1.tgz#3c45998f431edd4a9214c5f1d3ad1448a6137f6e"
+  integrity sha512-hkL++rWeta/OVOBTRJc9a5Azh5mt5WgZUGAKMD8JM141YsE08K//bp1unBBieO6rUKkIPyUE0USQ30jAy3Sk1w==
+  dependencies:
+    "@babel/helper-function-name" "^7.10.4"
+    "@babel/helper-member-expression-to-functions" "^7.12.1"
+    "@babel/helper-optimise-call-expression" "^7.10.4"
+    "@babel/helper-replace-supers" "^7.12.1"
+    "@babel/helper-split-export-declaration" "^7.10.4"
+
 "@babel/helper-create-regexp-features-plugin@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.10.4.tgz#fdd60d88524659a0b6959c0579925e425714f3b8"
@@ -323,6 +359,15 @@
     "@babel/helper-regex" "^7.10.4"
     regexpu-core "^4.7.0"
 
+"@babel/helper-create-regexp-features-plugin@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.12.1.tgz#18b1302d4677f9dc4740fe8c9ed96680e29d37e8"
+  integrity sha512-rsZ4LGvFTZnzdNZR5HZdmJVuXK8834R5QkF3WvcnBhrlVtF0HSIUC6zbreL9MgjTywhKokn8RIYRiq99+DLAxA==
+  dependencies:
+    "@babel/helper-annotate-as-pure" "^7.10.4"
+    "@babel/helper-regex" "^7.10.4"
+    regexpu-core "^4.7.1"
+
 "@babel/helper-define-map@^7.10.4":
   version "7.10.5"
   resolved "https://registry.yarnpkg.com/@babel/helper-define-map/-/helper-define-map-7.10.5.tgz#b53c10db78a640800152692b13393147acb9bb30"
@@ -369,14 +414,28 @@
   dependencies:
     "@babel/types" "^7.11.0"
 
-"@babel/helper-module-imports@^7.10.4", "@babel/helper-module-imports@^7.8.3":
+"@babel/helper-member-expression-to-functions@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.12.1.tgz#fba0f2fcff3fba00e6ecb664bb5e6e26e2d6165c"
+  integrity sha512-k0CIe3tXUKTRSoEx1LQEPFU9vRQfqHtl+kf8eNnDqb4AUJEy5pz6aIiog+YWtVm2jpggjS1laH68bPsR+KWWPQ==
+  dependencies:
+    "@babel/types" "^7.12.1"
+
+"@babel/helper-module-imports@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/helper-module-imports/-/helper-module-imports-7.10.4.tgz#4c5c54be04bd31670a7382797d75b9fa2e5b5620"
   integrity sha512-nEQJHqYavI217oD9+s5MUBzk6x1IlvoS9WTPfgG43CbMEeStE0v+r+TucWdx8KFGowPGvyOkDT9+7DHedIDnVw==
   dependencies:
     "@babel/types" "^7.10.4"
 
-"@babel/helper-module-transforms@^7.10.4", "@babel/helper-module-transforms@^7.10.5", "@babel/helper-module-transforms@^7.11.0", "@babel/helper-module-transforms@^7.9.0":
+"@babel/helper-module-imports@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-module-imports/-/helper-module-imports-7.12.1.tgz#1644c01591a15a2f084dd6d092d9430eb1d1216c"
+  integrity sha512-ZeC1TlMSvikvJNy1v/wPIazCu3NdOwgYZLIkmIyAsGhqkNpiDoQQRmaCK8YP4Pq3GPTLPV9WXaPCJKvx06JxKA==
+  dependencies:
+    "@babel/types" "^7.12.1"
+
+"@babel/helper-module-transforms@^7.11.0":
   version "7.11.0"
   resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.11.0.tgz#b16f250229e47211abdd84b34b64737c2ab2d359"
   integrity sha512-02EVu8COMuTRO1TAzdMtpBPbe6aQ1w/8fePD2YgQmxZU4gpNWaL9gK3Jp7dxlkUlUCJOTaSeA+Hrm1BRQwqIhg==
@@ -389,6 +448,21 @@
     "@babel/types" "^7.11.0"
     lodash "^4.17.19"
 
+"@babel/helper-module-transforms@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.12.1.tgz#7954fec71f5b32c48e4b303b437c34453fd7247c"
+  integrity sha512-QQzehgFAZ2bbISiCpmVGfiGux8YVFXQ0abBic2Envhej22DVXV9nCFaS5hIQbkyo1AdGb+gNME2TSh3hYJVV/w==
+  dependencies:
+    "@babel/helper-module-imports" "^7.12.1"
+    "@babel/helper-replace-supers" "^7.12.1"
+    "@babel/helper-simple-access" "^7.12.1"
+    "@babel/helper-split-export-declaration" "^7.11.0"
+    "@babel/helper-validator-identifier" "^7.10.4"
+    "@babel/template" "^7.10.4"
+    "@babel/traverse" "^7.12.1"
+    "@babel/types" "^7.12.1"
+    lodash "^4.17.19"
+
 "@babel/helper-optimise-call-expression@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/helper-optimise-call-expression/-/helper-optimise-call-expression-7.10.4.tgz#50dc96413d594f995a77905905b05893cd779673"
@@ -408,15 +482,14 @@
   dependencies:
     lodash "^4.17.19"
 
-"@babel/helper-remap-async-to-generator@^7.10.4":
-  version "7.11.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-remap-async-to-generator/-/helper-remap-async-to-generator-7.11.4.tgz#4474ea9f7438f18575e30b0cac784045b402a12d"
-  integrity sha512-tR5vJ/vBa9wFy3m5LLv2faapJLnDFxNWff2SAYkSE4rLUdbp7CdObYFgI7wK4T/Mj4UzpjPwzR8Pzmr5m7MHGA==
+"@babel/helper-remap-async-to-generator@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-remap-async-to-generator/-/helper-remap-async-to-generator-7.12.1.tgz#8c4dbbf916314f6047dc05e6a2217074238347fd"
+  integrity sha512-9d0KQCRM8clMPcDwo8SevNs+/9a8yWVVmaE80FGJcEP8N1qToREmWEGnBn8BUlJhYRFz6fqxeRL1sl5Ogsed7A==
   dependencies:
     "@babel/helper-annotate-as-pure" "^7.10.4"
     "@babel/helper-wrap-function" "^7.10.4"
-    "@babel/template" "^7.10.4"
-    "@babel/types" "^7.10.4"
+    "@babel/types" "^7.12.1"
 
 "@babel/helper-replace-supers@^7.10.4":
   version "7.10.4"
@@ -428,6 +501,16 @@
     "@babel/traverse" "^7.10.4"
     "@babel/types" "^7.10.4"
 
+"@babel/helper-replace-supers@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.12.1.tgz#f15c9cc897439281891e11d5ce12562ac0cf3fa9"
+  integrity sha512-zJjTvtNJnCFsCXVi5rUInstLd/EIVNmIKA1Q9ynESmMBWPWd+7sdR+G4/wdu+Mppfep0XLyG2m7EBPvjCeFyrw==
+  dependencies:
+    "@babel/helper-member-expression-to-functions" "^7.12.1"
+    "@babel/helper-optimise-call-expression" "^7.10.4"
+    "@babel/traverse" "^7.12.1"
+    "@babel/types" "^7.12.1"
+
 "@babel/helper-simple-access@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/helper-simple-access/-/helper-simple-access-7.10.4.tgz#0f5ccda2945277a2a7a2d3a821e15395edcf3461"
@@ -436,12 +519,19 @@
     "@babel/template" "^7.10.4"
     "@babel/types" "^7.10.4"
 
-"@babel/helper-skip-transparent-expression-wrappers@^7.11.0":
-  version "7.11.0"
-  resolved "https://registry.yarnpkg.com/@babel/helper-skip-transparent-expression-wrappers/-/helper-skip-transparent-expression-wrappers-7.11.0.tgz#eec162f112c2f58d3af0af125e3bb57665146729"
-  integrity sha512-0XIdiQln4Elglgjbwo9wuJpL/K7AGCY26kmEt0+pRP0TAj4jjyNq1MjoRvikrTVqKcx4Gysxt4cXvVFXP/JO2Q==
+"@babel/helper-simple-access@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-simple-access/-/helper-simple-access-7.12.1.tgz#32427e5aa61547d38eb1e6eaf5fd1426fdad9136"
+  integrity sha512-OxBp7pMrjVewSSC8fXDFrHrBcJATOOFssZwv16F3/6Xtc138GHybBfPbm9kfiqQHKhYQrlamWILwlDCeyMFEaA==
   dependencies:
-    "@babel/types" "^7.11.0"
+    "@babel/types" "^7.12.1"
+
+"@babel/helper-skip-transparent-expression-wrappers@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-skip-transparent-expression-wrappers/-/helper-skip-transparent-expression-wrappers-7.12.1.tgz#462dc63a7e435ade8468385c63d2b84cce4b3cbf"
+  integrity sha512-Mf5AUuhG1/OCChOJ/HcADmvcHM42WJockombn8ATJG3OnyiSxBK/Mm5x78BQWvmtXZKHgbjdGL2kin/HOLlZGA==
+  dependencies:
+    "@babel/types" "^7.12.1"
 
 "@babel/helper-split-export-declaration@^7.10.4", "@babel/helper-split-export-declaration@^7.11.0":
   version "7.11.0"
@@ -455,6 +545,11 @@
   resolved "https://registry.yarnpkg.com/@babel/helper-validator-identifier/-/helper-validator-identifier-7.10.4.tgz#a78c7a7251e01f616512d31b10adcf52ada5e0d2"
   integrity sha512-3U9y+43hz7ZM+rzG24Qe2mufW5KhvFg/NhnNph+i9mgCtdTCtMJuI1TMkrIUiK7Ix4PYlRF9I5dhqaLYA/ADXw==
 
+"@babel/helper-validator-option@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-validator-option/-/helper-validator-option-7.12.1.tgz#175567380c3e77d60ff98a54bb015fe78f2178d9"
+  integrity sha512-YpJabsXlJVWP0USHjnC/AQDTLlZERbON577YUVO/wLpqyj6HAtVYnWaQaN0iUN+1/tWn3c+uKKXjRut5115Y2A==
+
 "@babel/helper-wrap-function@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/helper-wrap-function/-/helper-wrap-function-7.10.4.tgz#8a6f701eab0ff39f765b5a1cfef409990e624b87"
@@ -465,7 +560,7 @@
     "@babel/traverse" "^7.10.4"
     "@babel/types" "^7.10.4"
 
-"@babel/helpers@^7.10.4", "@babel/helpers@^7.9.0":
+"@babel/helpers@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.10.4.tgz#2abeb0d721aff7c0a97376b9e1f6f65d7a475044"
   integrity sha512-L2gX/XeUONeEbI78dXSrJzGdz4GQ+ZTA/aazfUsFaWjSe95kiCuOZ5HsXvkiw3iwF+mFHSRUfJU8t6YavocdXA==
@@ -483,79 +578,124 @@
     chalk "^2.0.0"
     js-tokens "^4.0.0"
 
-"@babel/parser@^7.10.4", "@babel/parser@^7.11.5", "@babel/parser@^7.8.6", "@babel/parser@^7.9.0":
+"@babel/parser@^7.10.4", "@babel/parser@^7.11.5":
   version "7.11.5"
   resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.11.5.tgz#c7ff6303df71080ec7a4f5b8c003c58f1cf51037"
   integrity sha512-X9rD8qqm695vgmeaQ4fvz/o3+Wk4ZzQvSHkDBgpYKxpD4qTAUm88ZKtHkVqIOsYFFbIQ6wQYhC6q7pjqVK0E0Q==
 
-"@babel/plugin-proposal-async-generator-functions@^7.8.3":
-  version "7.10.5"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-async-generator-functions/-/plugin-proposal-async-generator-functions-7.10.5.tgz#3491cabf2f7c179ab820606cec27fed15e0e8558"
-  integrity sha512-cNMCVezQbrRGvXJwm9fu/1sJj9bHdGAgKodZdLqOQIpfoH3raqmRPBM17+lh7CzhiKRRBrGtZL9WcjxSoGYUSg==
+"@babel/parser@^7.11.1", "@babel/parser@^7.12.1":
+  version "7.12.3"
+  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.12.3.tgz#a305415ebe7a6c7023b40b5122a0662d928334cd"
+  integrity sha512-kFsOS0IbsuhO5ojF8Hc8z/8vEIOkylVBrjiZUbLTE3XFe0Qi+uu6HjzQixkFaqr0ZPAMZcBVxEwmsnsLPZ2Xsw==
+
+"@babel/plugin-proposal-async-generator-functions@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-async-generator-functions/-/plugin-proposal-async-generator-functions-7.12.1.tgz#dc6c1170e27d8aca99ff65f4925bd06b1c90550e"
+  integrity sha512-d+/o30tJxFxrA1lhzJqiUcEJdI6jKlNregCv5bASeGf2Q4MXmnwH7viDo7nhx1/ohf09oaH8j1GVYG/e3Yqk6A==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
-    "@babel/helper-remap-async-to-generator" "^7.10.4"
+    "@babel/helper-remap-async-to-generator" "^7.12.1"
     "@babel/plugin-syntax-async-generators" "^7.8.0"
 
-"@babel/plugin-proposal-dynamic-import@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-dynamic-import/-/plugin-proposal-dynamic-import-7.10.4.tgz#ba57a26cb98b37741e9d5bca1b8b0ddf8291f17e"
-  integrity sha512-up6oID1LeidOOASNXgv/CFbgBqTuKJ0cJjz6An5tWD+NVBNlp3VNSBxv2ZdU7SYl3NxJC7agAQDApZusV6uFwQ==
+"@babel/plugin-proposal-class-properties@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-class-properties/-/plugin-proposal-class-properties-7.12.1.tgz#a082ff541f2a29a4821065b8add9346c0c16e5de"
+  integrity sha512-cKp3dlQsFsEs5CWKnN7BnSHOd0EOW8EKpEjkoz1pO2E5KzIDNV9Ros1b0CnmbVgAGXJubOYVBOGCT1OmJwOI7w==
+  dependencies:
+    "@babel/helper-create-class-features-plugin" "^7.12.1"
+    "@babel/helper-plugin-utils" "^7.10.4"
+
+"@babel/plugin-proposal-dynamic-import@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-dynamic-import/-/plugin-proposal-dynamic-import-7.12.1.tgz#43eb5c2a3487ecd98c5c8ea8b5fdb69a2749b2dc"
+  integrity sha512-a4rhUSZFuq5W8/OO8H7BL5zspjnc1FLd9hlOxIK/f7qG4a0qsqk8uvF/ywgBA8/OmjsapjpvaEOYItfGG1qIvQ==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-dynamic-import" "^7.8.0"
 
-"@babel/plugin-proposal-json-strings@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-json-strings/-/plugin-proposal-json-strings-7.10.4.tgz#593e59c63528160233bd321b1aebe0820c2341db"
-  integrity sha512-fCL7QF0Jo83uy1K0P2YXrfX11tj3lkpN7l4dMv9Y9VkowkhkQDwFHFd8IiwyK5MZjE8UpbgokkgtcReH88Abaw==
+"@babel/plugin-proposal-export-namespace-from@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-export-namespace-from/-/plugin-proposal-export-namespace-from-7.12.1.tgz#8b9b8f376b2d88f5dd774e4d24a5cc2e3679b6d4"
+  integrity sha512-6CThGf0irEkzujYS5LQcjBx8j/4aQGiVv7J9+2f7pGfxqyKh3WnmVJYW3hdrQjyksErMGBPQrCnHfOtna+WLbw==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/plugin-syntax-export-namespace-from" "^7.8.3"
+
+"@babel/plugin-proposal-json-strings@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-json-strings/-/plugin-proposal-json-strings-7.12.1.tgz#d45423b517714eedd5621a9dfdc03fa9f4eb241c"
+  integrity sha512-GoLDUi6U9ZLzlSda2Df++VSqDJg3CG+dR0+iWsv6XRw1rEq+zwt4DirM9yrxW6XWaTpmai1cWJLMfM8qQJf+yw==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-json-strings" "^7.8.0"
 
-"@babel/plugin-proposal-nullish-coalescing-operator@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-nullish-coalescing-operator/-/plugin-proposal-nullish-coalescing-operator-7.10.4.tgz#02a7e961fc32e6d5b2db0649e01bf80ddee7e04a"
-  integrity sha512-wq5n1M3ZUlHl9sqT2ok1T2/MTt6AXE0e1Lz4WzWBr95LsAZ5qDXe4KnFuauYyEyLiohvXFMdbsOTMyLZs91Zlw==
+"@babel/plugin-proposal-logical-assignment-operators@^7.11.0":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-logical-assignment-operators/-/plugin-proposal-logical-assignment-operators-7.12.1.tgz#f2c490d36e1b3c9659241034a5d2cd50263a2751"
+  integrity sha512-k8ZmVv0JU+4gcUGeCDZOGd0lCIamU/sMtIiX3UWnUc5yzgq6YUGyEolNYD+MLYKfSzgECPcqetVcJP9Afe/aCA==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/plugin-syntax-logical-assignment-operators" "^7.10.4"
+
+"@babel/plugin-proposal-nullish-coalescing-operator@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-nullish-coalescing-operator/-/plugin-proposal-nullish-coalescing-operator-7.12.1.tgz#3ed4fff31c015e7f3f1467f190dbe545cd7b046c"
+  integrity sha512-nZY0ESiaQDI1y96+jk6VxMOaL4LPo/QDHBqL+SF3/vl6dHkTwHlOI8L4ZwuRBHgakRBw5zsVylel7QPbbGuYgg==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-nullish-coalescing-operator" "^7.8.0"
 
-"@babel/plugin-proposal-numeric-separator@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-numeric-separator/-/plugin-proposal-numeric-separator-7.10.4.tgz#ce1590ff0a65ad12970a609d78855e9a4c1aef06"
-  integrity sha512-73/G7QoRoeNkLZFxsoCCvlg4ezE4eM+57PnOqgaPOozd5myfj7p0muD1mRVJvbUWbOzD+q3No2bWbaKy+DJ8DA==
+"@babel/plugin-proposal-numeric-separator@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-numeric-separator/-/plugin-proposal-numeric-separator-7.12.1.tgz#0e2c6774c4ce48be412119b4d693ac777f7685a6"
+  integrity sha512-MR7Ok+Af3OhNTCxYVjJZHS0t97ydnJZt/DbR4WISO39iDnhiD8XHrY12xuSJ90FFEGjir0Fzyyn7g/zY6hxbxA==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-numeric-separator" "^7.10.4"
 
-"@babel/plugin-proposal-object-rest-spread@^7.9.0":
-  version "7.11.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.11.0.tgz#bd81f95a1f746760ea43b6c2d3d62b11790ad0af"
-  integrity sha512-wzch41N4yztwoRw0ak+37wxwJM2oiIiy6huGCoqkvSTA9acYWcPfn9Y4aJqmFFJ70KTJUu29f3DQ43uJ9HXzEA==
+"@babel/plugin-proposal-object-rest-spread@^7.11.0":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-object-rest-spread/-/plugin-proposal-object-rest-spread-7.12.1.tgz#def9bd03cea0f9b72283dac0ec22d289c7691069"
+  integrity sha512-s6SowJIjzlhx8o7lsFx5zmY4At6CTtDvgNQDdPzkBQucle58A6b/TTeEBYtyDgmcXjUTM+vE8YOGHZzzbc/ioA==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-object-rest-spread" "^7.8.0"
-    "@babel/plugin-transform-parameters" "^7.10.4"
+    "@babel/plugin-transform-parameters" "^7.12.1"
 
-"@babel/plugin-proposal-optional-catch-binding@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-optional-catch-binding/-/plugin-proposal-optional-catch-binding-7.10.4.tgz#31c938309d24a78a49d68fdabffaa863758554dd"
-  integrity sha512-LflT6nPh+GK2MnFiKDyLiqSqVHkQnVf7hdoAvyTnnKj9xB3docGRsdPuxp6qqqW19ifK3xgc9U5/FwrSaCNX5g==
+"@babel/plugin-proposal-optional-catch-binding@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-optional-catch-binding/-/plugin-proposal-optional-catch-binding-7.12.1.tgz#ccc2421af64d3aae50b558a71cede929a5ab2942"
+  integrity sha512-hFvIjgprh9mMw5v42sJWLI1lzU5L2sznP805zeT6rySVRA0Y18StRhDqhSxlap0oVgItRsB6WSROp4YnJTJz0g==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/plugin-syntax-optional-catch-binding" "^7.8.0"
 
-"@babel/plugin-proposal-optional-chaining@^7.9.0":
-  version "7.11.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-optional-chaining/-/plugin-proposal-optional-chaining-7.11.0.tgz#de5866d0646f6afdaab8a566382fe3a221755076"
-  integrity sha512-v9fZIu3Y8562RRwhm1BbMRxtqZNFmFA2EG+pT2diuU8PT3H6T/KXoZ54KgYisfOFZHV6PfvAiBIZ9Rcz+/JCxA==
+"@babel/plugin-proposal-optional-chaining@^7.11.0":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-optional-chaining/-/plugin-proposal-optional-chaining-7.12.1.tgz#cce122203fc8a32794296fc377c6dedaf4363797"
+  integrity sha512-c2uRpY6WzaVDzynVY9liyykS+kVU+WRZPMPYpkelXH8KBt1oXoI89kPbZKKG/jDT5UK92FTW2fZkZaJhdiBabw==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
-    "@babel/helper-skip-transparent-expression-wrappers" "^7.11.0"
+    "@babel/helper-skip-transparent-expression-wrappers" "^7.12.1"
     "@babel/plugin-syntax-optional-chaining" "^7.8.0"
 
-"@babel/plugin-proposal-unicode-property-regex@^7.4.4", "@babel/plugin-proposal-unicode-property-regex@^7.8.3":
+"@babel/plugin-proposal-private-methods@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-private-methods/-/plugin-proposal-private-methods-7.12.1.tgz#86814f6e7a21374c980c10d38b4493e703f4a389"
+  integrity sha512-mwZ1phvH7/NHK6Kf8LP7MYDogGV+DKB1mryFOEwx5EBNQrosvIczzZFTUmWaeujd5xT6G1ELYWUz3CutMhjE1w==
+  dependencies:
+    "@babel/helper-create-class-features-plugin" "^7.12.1"
+    "@babel/helper-plugin-utils" "^7.10.4"
+
+"@babel/plugin-proposal-unicode-property-regex@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-unicode-property-regex/-/plugin-proposal-unicode-property-regex-7.12.1.tgz#2a183958d417765b9eae334f47758e5d6a82e072"
+  integrity sha512-MYq+l+PvHuw/rKUz1at/vb6nCnQ2gmJBNaM62z0OgH7B2W1D9pvkpYtlti9bGtizNIU1K3zm4bZF9F91efVY0w==
+  dependencies:
+    "@babel/helper-create-regexp-features-plugin" "^7.12.1"
+    "@babel/helper-plugin-utils" "^7.10.4"
+
+"@babel/plugin-proposal-unicode-property-regex@^7.4.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-unicode-property-regex/-/plugin-proposal-unicode-property-regex-7.10.4.tgz#4483cda53041ce3413b7fe2f00022665ddfaa75d"
   integrity sha512-H+3fOgPnEXFL9zGYtKQe4IDOPKYlZdF1kqFDQRRb8PK4B8af1vAGK04tF5iQAAsui+mHNBQSAtd2/ndEDe9wuA==
@@ -570,6 +710,13 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.8.0"
 
+"@babel/plugin-syntax-class-properties@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-class-properties/-/plugin-syntax-class-properties-7.12.1.tgz#bcb297c5366e79bebadef509549cd93b04f19978"
+  integrity sha512-U40A76x5gTwmESz+qiqssqmeEsKvcSyvtgktrm0uzcARAmM9I1jR221f6Oq+GmHrcD+LvZDag1UTOTe2fL3TeA==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.10.4"
+
 "@babel/plugin-syntax-dynamic-import@^7.8.0":
   version "7.8.3"
   resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-dynamic-import/-/plugin-syntax-dynamic-import-7.8.3.tgz#62bf98b2da3cd21d626154fc96ee5b3cb68eacb3"
@@ -577,6 +724,13 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.8.0"
 
+"@babel/plugin-syntax-export-namespace-from@^7.8.3":
+  version "7.8.3"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-export-namespace-from/-/plugin-syntax-export-namespace-from-7.8.3.tgz#028964a9ba80dbc094c915c487ad7c4e7a66465a"
+  integrity sha512-MXf5laXo6c1IbEbegDmzGPwGNTsHZmEy6QGznu5Sh2UCWvueywb2ee+CCE4zQiZstxU9BMoQO9i6zUFSY0Kj0Q==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.8.3"
+
 "@babel/plugin-syntax-json-strings@^7.8.0":
   version "7.8.3"
   resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-json-strings/-/plugin-syntax-json-strings-7.8.3.tgz#01ca21b668cd8218c9e640cb6dd88c5412b2c96a"
@@ -584,6 +738,13 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.8.0"
 
+"@babel/plugin-syntax-logical-assignment-operators@^7.10.4":
+  version "7.10.4"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-logical-assignment-operators/-/plugin-syntax-logical-assignment-operators-7.10.4.tgz#ca91ef46303530448b906652bac2e9fe9941f699"
+  integrity sha512-d8waShlpFDinQ5MtvGU9xDAOzKH47+FFoney2baFIoMr952hKOLp1HR7VszoZvOsV/4+RRszNY7D17ba0te0ig==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.10.4"
+
 "@babel/plugin-syntax-nullish-coalescing-operator@^7.8.0":
   version "7.8.3"
   resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-nullish-coalescing-operator/-/plugin-syntax-nullish-coalescing-operator-7.8.3.tgz#167ed70368886081f74b5c36c65a88c03b66d1a9"
@@ -591,7 +752,7 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.8.0"
 
-"@babel/plugin-syntax-numeric-separator@^7.10.4", "@babel/plugin-syntax-numeric-separator@^7.8.0":
+"@babel/plugin-syntax-numeric-separator@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-numeric-separator/-/plugin-syntax-numeric-separator-7.10.4.tgz#b9b070b3e33570cd9fd07ba7fa91c0dd37b9af97"
   integrity sha512-9H6YdfkcK/uOnY/K7/aA2xpzaAgkQn37yzWUMRK7OaPOqOpGS1+n0H5hxT9AUw9EsSjPW8SVyMJwYRtWs3X3ug==
@@ -619,72 +780,80 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.8.0"
 
-"@babel/plugin-syntax-top-level-await@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.10.4.tgz#4bbeb8917b54fcf768364e0a81f560e33a3ef57d"
-  integrity sha512-ni1brg4lXEmWyafKr0ccFWkJG0CeMt4WV1oyeBW6EFObF4oOHclbkj5cARxAPQyAQ2UTuplJyK4nfkXIMMFvsQ==
+"@babel/plugin-syntax-top-level-await@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-top-level-await/-/plugin-syntax-top-level-await-7.12.1.tgz#dd6c0b357ac1bb142d98537450a319625d13d2a0"
+  integrity sha512-i7ooMZFS+a/Om0crxZodrTzNEPJHZrlMVGMTEpFAj6rYY/bKCddB0Dk/YxfPuYXOopuhKk/e1jV6h+WUU9XN3A==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-arrow-functions@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-arrow-functions/-/plugin-transform-arrow-functions-7.10.4.tgz#e22960d77e697c74f41c501d44d73dbf8a6a64cd"
-  integrity sha512-9J/oD1jV0ZCBcgnoFWFq1vJd4msoKb/TCpGNFyyLt0zABdcvgK3aYikZ8HjzB14c26bc7E3Q1yugpwGy2aTPNA==
+"@babel/plugin-transform-arrow-functions@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-arrow-functions/-/plugin-transform-arrow-functions-7.12.1.tgz#8083ffc86ac8e777fbe24b5967c4b2521f3cb2b3"
+  integrity sha512-5QB50qyN44fzzz4/qxDPQMBCTHgxg3n0xRBLJUmBlLoU/sFvxVWGZF/ZUfMVDQuJUKXaBhbupxIzIfZ6Fwk/0A==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-async-to-generator@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.10.4.tgz#41a5017e49eb6f3cda9392a51eef29405b245a37"
-  integrity sha512-F6nREOan7J5UXTLsDsZG3DXmZSVofr2tGNwfdrVwkDWHfQckbQXnXSPfD7iO+c/2HGqycwyLST3DnZ16n+cBJQ==
+"@babel/plugin-transform-async-to-generator@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-async-to-generator/-/plugin-transform-async-to-generator-7.12.1.tgz#3849a49cc2a22e9743cbd6b52926d30337229af1"
+  integrity sha512-SDtqoEcarK1DFlRJ1hHRY5HvJUj5kX4qmtpMAm2QnhOlyuMC4TMdCRgW6WXpv93rZeYNeLP22y8Aq2dbcDRM1A==
   dependencies:
-    "@babel/helper-module-imports" "^7.10.4"
+    "@babel/helper-module-imports" "^7.12.1"
     "@babel/helper-plugin-utils" "^7.10.4"
-    "@babel/helper-remap-async-to-generator" "^7.10.4"
+    "@babel/helper-remap-async-to-generator" "^7.12.1"
 
-"@babel/plugin-transform-block-scoped-functions@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoped-functions/-/plugin-transform-block-scoped-functions-7.10.4.tgz#1afa595744f75e43a91af73b0d998ecfe4ebc2e8"
-  integrity sha512-WzXDarQXYYfjaV1szJvN3AD7rZgZzC1JtjJZ8dMHUyiK8mxPRahynp14zzNjU3VkPqPsO38CzxiWO1c9ARZ8JA==
+"@babel/plugin-transform-block-scoped-functions@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoped-functions/-/plugin-transform-block-scoped-functions-7.12.1.tgz#f2a1a365bde2b7112e0a6ded9067fdd7c07905d9"
+  integrity sha512-5OpxfuYnSgPalRpo8EWGPzIYf0lHBWORCkj5M0oLBwHdlux9Ri36QqGW3/LR13RSVOAoUUMzoPI/jpE4ABcHoA==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-block-scoping@^7.8.3":
-  version "7.11.1"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.11.1.tgz#5b7efe98852bef8d652c0b28144cd93a9e4b5215"
-  integrity sha512-00dYeDE0EVEHuuM+26+0w/SCL0BH2Qy7LwHuI4Hi4MH5gkC8/AqMN5uWFJIsoXZrAphiMm1iXzBw6L2T+eA0ew==
+"@babel/plugin-transform-block-scoping@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-block-scoping/-/plugin-transform-block-scoping-7.12.1.tgz#f0ee727874b42a208a48a586b84c3d222c2bbef1"
+  integrity sha512-zJyAC9sZdE60r1nVQHblcfCj29Dh2Y0DOvlMkcqSo0ckqjiCwNiUezUKw+RjOCwGfpLRwnAeQ2XlLpsnGkvv9w==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-classes@^7.9.0":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-classes/-/plugin-transform-classes-7.10.4.tgz#405136af2b3e218bc4a1926228bc917ab1a0adc7"
-  integrity sha512-2oZ9qLjt161dn1ZE0Ms66xBncQH4In8Sqw1YWgBUZuGVJJS5c0OFZXL6dP2MRHrkU/eKhWg8CzFJhRQl50rQxA==
+"@babel/plugin-transform-classes@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-classes/-/plugin-transform-classes-7.12.1.tgz#65e650fcaddd3d88ddce67c0f834a3d436a32db6"
+  integrity sha512-/74xkA7bVdzQTBeSUhLLJgYIcxw/dpEpCdRDiHgPJ3Mv6uC11UhjpOhl72CgqbBCmt1qtssCyB2xnJm1+PFjog==
   dependencies:
     "@babel/helper-annotate-as-pure" "^7.10.4"
     "@babel/helper-define-map" "^7.10.4"
     "@babel/helper-function-name" "^7.10.4"
     "@babel/helper-optimise-call-expression" "^7.10.4"
     "@babel/helper-plugin-utils" "^7.10.4"
-    "@babel/helper-replace-supers" "^7.10.4"
+    "@babel/helper-replace-supers" "^7.12.1"
     "@babel/helper-split-export-declaration" "^7.10.4"
     globals "^11.1.0"
 
-"@babel/plugin-transform-computed-properties@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-computed-properties/-/plugin-transform-computed-properties-7.10.4.tgz#9ded83a816e82ded28d52d4b4ecbdd810cdfc0eb"
-  integrity sha512-JFwVDXcP/hM/TbyzGq3l/XWGut7p46Z3QvqFMXTfk6/09m7xZHJUN9xHfsv7vqqD4YnfI5ueYdSJtXqqBLyjBw==
+"@babel/plugin-transform-computed-properties@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-computed-properties/-/plugin-transform-computed-properties-7.12.1.tgz#d68cf6c9b7f838a8a4144badbe97541ea0904852"
+  integrity sha512-vVUOYpPWB7BkgUWPo4C44mUQHpTZXakEqFjbv8rQMg7TC6S6ZhGZ3otQcRH6u7+adSlE5i0sp63eMC/XGffrzg==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-destructuring@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.10.4.tgz#70ddd2b3d1bea83d01509e9bb25ddb3a74fc85e5"
-  integrity sha512-+WmfvyfsyF603iPa6825mq6Qrb7uLjTOsa3XOFzlYcYDHSS4QmpOWOL0NNBY5qMbvrcf3tq0Cw+v4lxswOBpgA==
+"@babel/plugin-transform-destructuring@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-destructuring/-/plugin-transform-destructuring-7.12.1.tgz#b9a570fe0d0a8d460116413cb4f97e8e08b2f847"
+  integrity sha512-fRMYFKuzi/rSiYb2uRLiUENJOKq4Gnl+6qOv5f8z0TZXg3llUwUhsNNwrwaT/6dUhJTzNpBr+CUvEWBtfNY1cw==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-dotall-regex@^7.4.4", "@babel/plugin-transform-dotall-regex@^7.8.3":
+"@babel/plugin-transform-dotall-regex@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.12.1.tgz#a1d16c14862817b6409c0a678d6f9373ca9cd975"
+  integrity sha512-B2pXeRKoLszfEW7J4Hg9LoFaWEbr/kzo3teWHmtFCszjRNa/b40f9mfeqZsIDLLt/FjwQ6pz/Gdlwy85xNckBA==
+  dependencies:
+    "@babel/helper-create-regexp-features-plugin" "^7.12.1"
+    "@babel/helper-plugin-utils" "^7.10.4"
+
+"@babel/plugin-transform-dotall-regex@^7.4.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.10.4.tgz#469c2062105c1eb6a040eaf4fac4b488078395ee"
   integrity sha512-ZEAVvUTCMlMFAbASYSVQoxIbHm2OkG2MseW6bV2JjIygOjdVv8tuxrCTzj1+Rynh7ODb8GivUy7dzEXzEhuPaA==
@@ -692,110 +861,111 @@
     "@babel/helper-create-regexp-features-plugin" "^7.10.4"
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-duplicate-keys@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-duplicate-keys/-/plugin-transform-duplicate-keys-7.10.4.tgz#697e50c9fee14380fe843d1f306b295617431e47"
-  integrity sha512-GL0/fJnmgMclHiBTTWXNlYjYsA7rDrtsazHG6mglaGSTh0KsrW04qml+Bbz9FL0LcJIRwBWL5ZqlNHKTkU3xAA==
+"@babel/plugin-transform-duplicate-keys@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-duplicate-keys/-/plugin-transform-duplicate-keys-7.12.1.tgz#745661baba295ac06e686822797a69fbaa2ca228"
+  integrity sha512-iRght0T0HztAb/CazveUpUQrZY+aGKKaWXMJ4uf9YJtqxSUe09j3wteztCUDRHs+SRAL7yMuFqUsLoAKKzgXjw==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-exponentiation-operator@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.10.4.tgz#5ae338c57f8cf4001bdb35607ae66b92d665af2e"
-  integrity sha512-S5HgLVgkBcRdyQAHbKj+7KyuWx8C6t5oETmUuwz1pt3WTWJhsUV0WIIXuVvfXMxl/QQyHKlSCNNtaIamG8fysw==
+"@babel/plugin-transform-exponentiation-operator@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-exponentiation-operator/-/plugin-transform-exponentiation-operator-7.12.1.tgz#b0f2ed356ba1be1428ecaf128ff8a24f02830ae0"
+  integrity sha512-7tqwy2bv48q+c1EHbXK0Zx3KXd2RVQp6OC7PbwFNt/dPTAV3Lu5sWtWuAj8owr5wqtWnqHfl2/mJlUmqkChKug==
   dependencies:
     "@babel/helper-builder-binary-assignment-operator-visitor" "^7.10.4"
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-for-of@^7.9.0":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.10.4.tgz#c08892e8819d3a5db29031b115af511dbbfebae9"
-  integrity sha512-ItdQfAzu9AlEqmusA/65TqJ79eRcgGmpPPFvBnGILXZH975G0LNjP1yjHvGgfuCxqrPPueXOPe+FsvxmxKiHHQ==
+"@babel/plugin-transform-for-of@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-for-of/-/plugin-transform-for-of-7.12.1.tgz#07640f28867ed16f9511c99c888291f560921cfa"
+  integrity sha512-Zaeq10naAsuHo7heQvyV0ptj4dlZJwZgNAtBYBnu5nNKJoW62m0zKcIEyVECrUKErkUkg6ajMy4ZfnVZciSBhg==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-function-name@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-function-name/-/plugin-transform-function-name-7.10.4.tgz#6a467880e0fc9638514ba369111811ddbe2644b7"
-  integrity sha512-OcDCq2y5+E0dVD5MagT5X+yTRbcvFjDI2ZVAottGH6tzqjx/LKpgkUepu3hp/u4tZBzxxpNGwLsAvGBvQ2mJzg==
+"@babel/plugin-transform-function-name@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-function-name/-/plugin-transform-function-name-7.12.1.tgz#2ec76258c70fe08c6d7da154003a480620eba667"
+  integrity sha512-JF3UgJUILoFrFMEnOJLJkRHSk6LUSXLmEFsA23aR2O5CSLUxbeUX1IZ1YQ7Sn0aXb601Ncwjx73a+FVqgcljVw==
   dependencies:
     "@babel/helper-function-name" "^7.10.4"
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-literals@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-literals/-/plugin-transform-literals-7.10.4.tgz#9f42ba0841100a135f22712d0e391c462f571f3c"
-  integrity sha512-Xd/dFSTEVuUWnyZiMu76/InZxLTYilOSr1UlHV+p115Z/Le2Fi1KXkJUYz0b42DfndostYlPub3m8ZTQlMaiqQ==
+"@babel/plugin-transform-literals@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-literals/-/plugin-transform-literals-7.12.1.tgz#d73b803a26b37017ddf9d3bb8f4dc58bfb806f57"
+  integrity sha512-+PxVGA+2Ag6uGgL0A5f+9rklOnnMccwEBzwYFL3EUaKuiyVnUipyXncFcfjSkbimLrODoqki1U9XxZzTvfN7IQ==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-member-expression-literals@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-member-expression-literals/-/plugin-transform-member-expression-literals-7.10.4.tgz#b1ec44fcf195afcb8db2c62cd8e551c881baf8b7"
-  integrity sha512-0bFOvPyAoTBhtcJLr9VcwZqKmSjFml1iVxvPL0ReomGU53CX53HsM4h2SzckNdkQcHox1bpAqzxBI1Y09LlBSw==
+"@babel/plugin-transform-member-expression-literals@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-member-expression-literals/-/plugin-transform-member-expression-literals-7.12.1.tgz#496038602daf1514a64d43d8e17cbb2755e0c3ad"
+  integrity sha512-1sxePl6z9ad0gFMB9KqmYofk34flq62aqMt9NqliS/7hPEpURUCMbyHXrMPlo282iY7nAvUB1aQd5mg79UD9Jg==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-modules-amd@^7.9.0":
-  version "7.10.5"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.10.5.tgz#1b9cddaf05d9e88b3aad339cb3e445c4f020a9b1"
-  integrity sha512-elm5uruNio7CTLFItVC/rIzKLfQ17+fX7EVz5W0TMgIHFo1zY0Ozzx+lgwhL4plzl8OzVn6Qasx5DeEFyoNiRw==
+"@babel/plugin-transform-modules-amd@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-amd/-/plugin-transform-modules-amd-7.12.1.tgz#3154300b026185666eebb0c0ed7f8415fefcf6f9"
+  integrity sha512-tDW8hMkzad5oDtzsB70HIQQRBiTKrhfgwC/KkJeGsaNFTdWhKNt/BiE8c5yj19XiGyrxpbkOfH87qkNg1YGlOQ==
   dependencies:
-    "@babel/helper-module-transforms" "^7.10.5"
+    "@babel/helper-module-transforms" "^7.12.1"
     "@babel/helper-plugin-utils" "^7.10.4"
     babel-plugin-dynamic-import-node "^2.3.3"
 
-"@babel/plugin-transform-modules-commonjs@^7.9.0":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.10.4.tgz#66667c3eeda1ebf7896d41f1f16b17105a2fbca0"
-  integrity sha512-Xj7Uq5o80HDLlW64rVfDBhao6OX89HKUmb+9vWYaLXBZOma4gA6tw4Ni1O5qVDoZWUV0fxMYA0aYzOawz0l+1w==
+"@babel/plugin-transform-modules-commonjs@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-commonjs/-/plugin-transform-modules-commonjs-7.12.1.tgz#fa403124542636c786cf9b460a0ffbb48a86e648"
+  integrity sha512-dY789wq6l0uLY8py9c1B48V8mVL5gZh/+PQ5ZPrylPYsnAvnEMjqsUXkuoDVPeVK+0VyGar+D08107LzDQ6pag==
   dependencies:
-    "@babel/helper-module-transforms" "^7.10.4"
+    "@babel/helper-module-transforms" "^7.12.1"
     "@babel/helper-plugin-utils" "^7.10.4"
-    "@babel/helper-simple-access" "^7.10.4"
+    "@babel/helper-simple-access" "^7.12.1"
     babel-plugin-dynamic-import-node "^2.3.3"
 
-"@babel/plugin-transform-modules-systemjs@^7.9.0":
-  version "7.10.5"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.10.5.tgz#6270099c854066681bae9e05f87e1b9cadbe8c85"
-  integrity sha512-f4RLO/OL14/FP1AEbcsWMzpbUz6tssRaeQg11RH1BP/XnPpRoVwgeYViMFacnkaw4k4wjRSjn3ip1Uw9TaXuMw==
+"@babel/plugin-transform-modules-systemjs@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-systemjs/-/plugin-transform-modules-systemjs-7.12.1.tgz#663fea620d593c93f214a464cd399bf6dc683086"
+  integrity sha512-Hn7cVvOavVh8yvW6fLwveFqSnd7rbQN3zJvoPNyNaQSvgfKmDBO9U1YL9+PCXGRlZD9tNdWTy5ACKqMuzyn32Q==
   dependencies:
     "@babel/helper-hoist-variables" "^7.10.4"
-    "@babel/helper-module-transforms" "^7.10.5"
+    "@babel/helper-module-transforms" "^7.12.1"
     "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/helper-validator-identifier" "^7.10.4"
     babel-plugin-dynamic-import-node "^2.3.3"
 
-"@babel/plugin-transform-modules-umd@^7.9.0":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-umd/-/plugin-transform-modules-umd-7.10.4.tgz#9a8481fe81b824654b3a0b65da3df89f3d21839e"
-  integrity sha512-mohW5q3uAEt8T45YT7Qc5ws6mWgJAaL/8BfWD9Dodo1A3RKWli8wTS+WiQ/knF+tXlPirW/1/MqzzGfCExKECA==
+"@babel/plugin-transform-modules-umd@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-modules-umd/-/plugin-transform-modules-umd-7.12.1.tgz#eb5a218d6b1c68f3d6217b8fa2cc82fec6547902"
+  integrity sha512-aEIubCS0KHKM0zUos5fIoQm+AZUMt1ZvMpqz0/H5qAQ7vWylr9+PLYurT+Ic7ID/bKLd4q8hDovaG3Zch2uz5Q==
   dependencies:
-    "@babel/helper-module-transforms" "^7.10.4"
+    "@babel/helper-module-transforms" "^7.12.1"
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-named-capturing-groups-regex@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-named-capturing-groups-regex/-/plugin-transform-named-capturing-groups-regex-7.10.4.tgz#78b4d978810b6f3bcf03f9e318f2fc0ed41aecb6"
-  integrity sha512-V6LuOnD31kTkxQPhKiVYzYC/Jgdq53irJC/xBSmqcNcqFGV+PER4l6rU5SH2Vl7bH9mLDHcc0+l9HUOe4RNGKA==
+"@babel/plugin-transform-named-capturing-groups-regex@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-named-capturing-groups-regex/-/plugin-transform-named-capturing-groups-regex-7.12.1.tgz#b407f5c96be0d9f5f88467497fa82b30ac3e8753"
+  integrity sha512-tB43uQ62RHcoDp9v2Nsf+dSM8sbNodbEicbQNA53zHz8pWUhsgHSJCGpt7daXxRydjb0KnfmB+ChXOv3oADp1Q==
   dependencies:
-    "@babel/helper-create-regexp-features-plugin" "^7.10.4"
+    "@babel/helper-create-regexp-features-plugin" "^7.12.1"
 
-"@babel/plugin-transform-new-target@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-new-target/-/plugin-transform-new-target-7.10.4.tgz#9097d753cb7b024cb7381a3b2e52e9513a9c6888"
-  integrity sha512-YXwWUDAH/J6dlfwqlWsztI2Puz1NtUAubXhOPLQ5gjR/qmQ5U96DY4FQO8At33JN4XPBhrjB8I4eMmLROjjLjw==
+"@babel/plugin-transform-new-target@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-new-target/-/plugin-transform-new-target-7.12.1.tgz#80073f02ee1bb2d365c3416490e085c95759dec0"
+  integrity sha512-+eW/VLcUL5L9IvJH7rT1sT0CzkdUTvPrXC2PXTn/7z7tXLBuKvezYbGdxD5WMRoyvyaujOq2fWoKl869heKjhw==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-object-super@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-object-super/-/plugin-transform-object-super-7.10.4.tgz#d7146c4d139433e7a6526f888c667e314a093894"
-  integrity sha512-5iTw0JkdRdJvr7sY0vHqTpnruUpTea32JHmq/atIWqsnNussbRzjEDyWep8UNztt1B5IusBYg8Irb0bLbiEBCQ==
+"@babel/plugin-transform-object-super@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-object-super/-/plugin-transform-object-super-7.12.1.tgz#4ea08696b8d2e65841d0c7706482b048bed1066e"
+  integrity sha512-AvypiGJH9hsquNUn+RXVcBdeE3KHPZexWRdimhuV59cSoOt5kFBmqlByorAeUlGG2CJWd0U+4ZtNKga/TB0cAw==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
-    "@babel/helper-replace-supers" "^7.10.4"
+    "@babel/helper-replace-supers" "^7.12.1"
 
-"@babel/plugin-transform-parameters@^7.10.4", "@babel/plugin-transform-parameters@^7.8.7":
+"@babel/plugin-transform-parameters@^7.10.4":
   version "7.10.5"
   resolved "https://registry.yarnpkg.com/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.10.5.tgz#59d339d58d0b1950435f4043e74e2510005e2c4a"
   integrity sha512-xPHwUj5RdFV8l1wuYiu5S9fqWGM2DrYc24TMvUiRrPVm+SM3XeqU9BcokQX/kEUe+p2RBwy+yoiR1w/Blq6ubw==
@@ -803,134 +973,165 @@
     "@babel/helper-get-function-arity" "^7.10.4"
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-property-literals@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-property-literals/-/plugin-transform-property-literals-7.10.4.tgz#f6fe54b6590352298785b83edd815d214c42e3c0"
-  integrity sha512-ofsAcKiUxQ8TY4sScgsGeR2vJIsfrzqvFb9GvJ5UdXDzl+MyYCaBj/FGzXuv7qE0aJcjWMILny1epqelnFlz8g==
+"@babel/plugin-transform-parameters@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.12.1.tgz#d2e963b038771650c922eff593799c96d853255d"
+  integrity sha512-xq9C5EQhdPK23ZeCdMxl8bbRnAgHFrw5EOC3KJUsSylZqdkCaFEXxGSBuTSObOpiiHHNyb82es8M1QYgfQGfNg==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-regenerator@^7.8.7":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.10.4.tgz#2015e59d839074e76838de2159db421966fd8b63"
-  integrity sha512-3thAHwtor39A7C04XucbMg17RcZ3Qppfxr22wYzZNcVIkPHfpM9J0SO8zuCV6SZa265kxBJSrfKTvDCYqBFXGw==
+"@babel/plugin-transform-property-literals@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-property-literals/-/plugin-transform-property-literals-7.12.1.tgz#41bc81200d730abb4456ab8b3fbd5537b59adecd"
+  integrity sha512-6MTCR/mZ1MQS+AwZLplX4cEySjCpnIF26ToWo942nqn8hXSm7McaHQNeGx/pt7suI1TWOWMfa/NgBhiqSnX0cQ==
+  dependencies:
+    "@babel/helper-plugin-utils" "^7.10.4"
+
+"@babel/plugin-transform-regenerator@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-regenerator/-/plugin-transform-regenerator-7.12.1.tgz#5f0a28d842f6462281f06a964e88ba8d7ab49753"
+  integrity sha512-gYrHqs5itw6i4PflFX3OdBPMQdPbF4bj2REIUxlMRUFk0/ZOAIpDFuViuxPjUL7YC8UPnf+XG7/utJvqXdPKng==
   dependencies:
     regenerator-transform "^0.14.2"
 
-"@babel/plugin-transform-reserved-words@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-reserved-words/-/plugin-transform-reserved-words-7.10.4.tgz#8f2682bcdcef9ed327e1b0861585d7013f8a54dd"
-  integrity sha512-hGsw1O6Rew1fkFbDImZIEqA8GoidwTAilwCyWqLBM9f+e/u/sQMQu7uX6dyokfOayRuuVfKOW4O7HvaBWM+JlQ==
+"@babel/plugin-transform-reserved-words@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-reserved-words/-/plugin-transform-reserved-words-7.12.1.tgz#6fdfc8cc7edcc42b36a7c12188c6787c873adcd8"
+  integrity sha512-pOnUfhyPKvZpVyBHhSBoX8vfA09b7r00Pmm1sH+29ae2hMTKVmSp4Ztsr8KBKjLjx17H0eJqaRC3bR2iThM54A==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-shorthand-properties@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-shorthand-properties/-/plugin-transform-shorthand-properties-7.10.4.tgz#9fd25ec5cdd555bb7f473e5e6ee1c971eede4dd6"
-  integrity sha512-AC2K/t7o07KeTIxMoHneyX90v3zkm5cjHJEokrPEAGEy3UCp8sLKfnfOIGdZ194fyN4wfX/zZUWT9trJZ0qc+Q==
+"@babel/plugin-transform-runtime@7.11.0":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-runtime/-/plugin-transform-runtime-7.11.0.tgz#e27f78eb36f19448636e05c33c90fd9ad9b8bccf"
+  integrity sha512-LFEsP+t3wkYBlis8w6/kmnd6Kb1dxTd+wGJ8MlxTGzQo//ehtqlVL4S9DNUa53+dtPSQobN2CXx4d81FqC58cw==
+  dependencies:
+    "@babel/helper-module-imports" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    resolve "^1.8.1"
+    semver "^5.5.1"
+
+"@babel/plugin-transform-shorthand-properties@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-shorthand-properties/-/plugin-transform-shorthand-properties-7.12.1.tgz#0bf9cac5550fce0cfdf043420f661d645fdc75e3"
+  integrity sha512-GFZS3c/MhX1OusqB1MZ1ct2xRzX5ppQh2JU1h2Pnfk88HtFTM+TWQqJNfwkmxtPQtb/s1tk87oENfXJlx7rSDw==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-spread@^7.8.3":
-  version "7.11.0"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-spread/-/plugin-transform-spread-7.11.0.tgz#fa84d300f5e4f57752fe41a6d1b3c554f13f17cc"
-  integrity sha512-UwQYGOqIdQJe4aWNyS7noqAnN2VbaczPLiEtln+zPowRNlD+79w3oi2TWfYe0eZgd+gjZCbsydN7lzWysDt+gw==
+"@babel/plugin-transform-spread@^7.11.0":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-spread/-/plugin-transform-spread-7.12.1.tgz#527f9f311be4ec7fdc2b79bb89f7bf884b3e1e1e"
+  integrity sha512-vuLp8CP0BE18zVYjsEBZ5xoCecMK6LBMMxYzJnh01rxQRvhNhH1csMMmBfNo5tGpGO+NhdSNW2mzIvBu3K1fng==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
-    "@babel/helper-skip-transparent-expression-wrappers" "^7.11.0"
+    "@babel/helper-skip-transparent-expression-wrappers" "^7.12.1"
 
-"@babel/plugin-transform-sticky-regex@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-sticky-regex/-/plugin-transform-sticky-regex-7.10.4.tgz#8f3889ee8657581130a29d9cc91d7c73b7c4a28d"
-  integrity sha512-Ddy3QZfIbEV0VYcVtFDCjeE4xwVTJWTmUtorAJkn6u/92Z/nWJNV+mILyqHKrUxXYKA2EoCilgoPePymKL4DvQ==
+"@babel/plugin-transform-sticky-regex@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-sticky-regex/-/plugin-transform-sticky-regex-7.12.1.tgz#5c24cf50de396d30e99afc8d1c700e8bce0f5caf"
+  integrity sha512-CiUgKQ3AGVk7kveIaPEET1jNDhZZEl1RPMWdTBE1799bdz++SwqDHStmxfCtDfBhQgCl38YRiSnrMuUMZIWSUQ==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/helper-regex" "^7.10.4"
 
-"@babel/plugin-transform-template-literals@^7.8.3":
-  version "7.10.5"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-template-literals/-/plugin-transform-template-literals-7.10.5.tgz#78bc5d626a6642db3312d9d0f001f5e7639fde8c"
-  integrity sha512-V/lnPGIb+KT12OQikDvgSuesRX14ck5FfJXt6+tXhdkJ+Vsd0lDCVtF6jcB4rNClYFzaB2jusZ+lNISDk2mMMw==
+"@babel/plugin-transform-template-literals@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-template-literals/-/plugin-transform-template-literals-7.12.1.tgz#b43ece6ed9a79c0c71119f576d299ef09d942843"
+  integrity sha512-b4Zx3KHi+taXB1dVRBhVJtEPi9h1THCeKmae2qP0YdUHIFhVjtpqqNfxeVAa1xeHVhAy4SbHxEwx5cltAu5apw==
   dependencies:
-    "@babel/helper-annotate-as-pure" "^7.10.4"
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-typeof-symbol@^7.8.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-typeof-symbol/-/plugin-transform-typeof-symbol-7.10.4.tgz#9509f1a7eec31c4edbffe137c16cc33ff0bc5bfc"
-  integrity sha512-QqNgYwuuW0y0H+kUE/GWSR45t/ccRhe14Fs/4ZRouNNQsyd4o3PG4OtHiIrepbM2WKUBDAXKCAK/Lk4VhzTaGA==
+"@babel/plugin-transform-typeof-symbol@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-typeof-symbol/-/plugin-transform-typeof-symbol-7.12.1.tgz#9ca6be343d42512fbc2e68236a82ae64bc7af78a"
+  integrity sha512-EPGgpGy+O5Kg5pJFNDKuxt9RdmTgj5sgrus2XVeMp/ZIbOESadgILUbm50SNpghOh3/6yrbsH+NB5+WJTmsA7Q==
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-unicode-regex@^7.8.3":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-unicode-regex/-/plugin-transform-unicode-regex-7.10.4.tgz#e56d71f9282fac6db09c82742055576d5e6d80a8"
-  integrity sha512-wNfsc4s8N2qnIwpO/WP2ZiSyjfpTamT2C9V9FDH/Ljub9zw6P3SjkXcFmc0RQUt96k2fmIvtla2MMjgTwIAC+A==
+"@babel/plugin-transform-unicode-escapes@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-unicode-escapes/-/plugin-transform-unicode-escapes-7.12.1.tgz#5232b9f81ccb07070b7c3c36c67a1b78f1845709"
+  integrity sha512-I8gNHJLIc7GdApm7wkVnStWssPNbSRMPtgHdmH3sRM1zopz09UWPS4x5V4n1yz/MIWTVnJ9sp6IkuXdWM4w+2Q==
   dependencies:
-    "@babel/helper-create-regexp-features-plugin" "^7.10.4"
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/preset-env@7.9.0":
-  version "7.9.0"
-  resolved "https://registry.yarnpkg.com/@babel/preset-env/-/preset-env-7.9.0.tgz#a5fc42480e950ae8f5d9f8f2bbc03f52722df3a8"
-  integrity sha512-712DeRXT6dyKAM/FMbQTV/FvRCms2hPCx+3weRjZ8iQVQWZejWWk1wwG6ViWMyqb/ouBbGOl5b6aCk0+j1NmsQ==
+"@babel/plugin-transform-unicode-regex@^7.10.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-unicode-regex/-/plugin-transform-unicode-regex-7.12.1.tgz#cc9661f61390db5c65e3febaccefd5c6ac3faecb"
+  integrity sha512-SqH4ClNngh/zGwHZOOQMTD+e8FGWexILV+ePMyiDJttAWRh5dhDL8rcl5lSgU3Huiq6Zn6pWTMvdPAb21Dwdyg==
   dependencies:
-    "@babel/compat-data" "^7.9.0"
-    "@babel/helper-compilation-targets" "^7.8.7"
-    "@babel/helper-module-imports" "^7.8.3"
-    "@babel/helper-plugin-utils" "^7.8.3"
-    "@babel/plugin-proposal-async-generator-functions" "^7.8.3"
-    "@babel/plugin-proposal-dynamic-import" "^7.8.3"
-    "@babel/plugin-proposal-json-strings" "^7.8.3"
-    "@babel/plugin-proposal-nullish-coalescing-operator" "^7.8.3"
-    "@babel/plugin-proposal-numeric-separator" "^7.8.3"
-    "@babel/plugin-proposal-object-rest-spread" "^7.9.0"
-    "@babel/plugin-proposal-optional-catch-binding" "^7.8.3"
-    "@babel/plugin-proposal-optional-chaining" "^7.9.0"
-    "@babel/plugin-proposal-unicode-property-regex" "^7.8.3"
+    "@babel/helper-create-regexp-features-plugin" "^7.12.1"
+    "@babel/helper-plugin-utils" "^7.10.4"
+
+"@babel/preset-env@7.11.0":
+  version "7.11.0"
+  resolved "https://registry.yarnpkg.com/@babel/preset-env/-/preset-env-7.11.0.tgz#860ee38f2ce17ad60480c2021ba9689393efb796"
+  integrity sha512-2u1/k7rG/gTh02dylX2kL3S0IJNF+J6bfDSp4DI2Ma8QN6Y9x9pmAax59fsCk6QUQG0yqH47yJWA+u1I1LccAg==
+  dependencies:
+    "@babel/compat-data" "^7.11.0"
+    "@babel/helper-compilation-targets" "^7.10.4"
+    "@babel/helper-module-imports" "^7.10.4"
+    "@babel/helper-plugin-utils" "^7.10.4"
+    "@babel/plugin-proposal-async-generator-functions" "^7.10.4"
+    "@babel/plugin-proposal-class-properties" "^7.10.4"
+    "@babel/plugin-proposal-dynamic-import" "^7.10.4"
+    "@babel/plugin-proposal-export-namespace-from" "^7.10.4"
+    "@babel/plugin-proposal-json-strings" "^7.10.4"
+    "@babel/plugin-proposal-logical-assignment-operators" "^7.11.0"
+    "@babel/plugin-proposal-nullish-coalescing-operator" "^7.10.4"
+    "@babel/plugin-proposal-numeric-separator" "^7.10.4"
+    "@babel/plugin-proposal-object-rest-spread" "^7.11.0"
+    "@babel/plugin-proposal-optional-catch-binding" "^7.10.4"
+    "@babel/plugin-proposal-optional-chaining" "^7.11.0"
+    "@babel/plugin-proposal-private-methods" "^7.10.4"
+    "@babel/plugin-proposal-unicode-property-regex" "^7.10.4"
     "@babel/plugin-syntax-async-generators" "^7.8.0"
+    "@babel/plugin-syntax-class-properties" "^7.10.4"
     "@babel/plugin-syntax-dynamic-import" "^7.8.0"
+    "@babel/plugin-syntax-export-namespace-from" "^7.8.3"
     "@babel/plugin-syntax-json-strings" "^7.8.0"
+    "@babel/plugin-syntax-logical-assignment-operators" "^7.10.4"
     "@babel/plugin-syntax-nullish-coalescing-operator" "^7.8.0"
-    "@babel/plugin-syntax-numeric-separator" "^7.8.0"
+    "@babel/plugin-syntax-numeric-separator" "^7.10.4"
     "@babel/plugin-syntax-object-rest-spread" "^7.8.0"
     "@babel/plugin-syntax-optional-catch-binding" "^7.8.0"
     "@babel/plugin-syntax-optional-chaining" "^7.8.0"
-    "@babel/plugin-syntax-top-level-await" "^7.8.3"
-    "@babel/plugin-transform-arrow-functions" "^7.8.3"
-    "@babel/plugin-transform-async-to-generator" "^7.8.3"
-    "@babel/plugin-transform-block-scoped-functions" "^7.8.3"
-    "@babel/plugin-transform-block-scoping" "^7.8.3"
-    "@babel/plugin-transform-classes" "^7.9.0"
-    "@babel/plugin-transform-computed-properties" "^7.8.3"
-    "@babel/plugin-transform-destructuring" "^7.8.3"
-    "@babel/plugin-transform-dotall-regex" "^7.8.3"
-    "@babel/plugin-transform-duplicate-keys" "^7.8.3"
-    "@babel/plugin-transform-exponentiation-operator" "^7.8.3"
-    "@babel/plugin-transform-for-of" "^7.9.0"
-    "@babel/plugin-transform-function-name" "^7.8.3"
-    "@babel/plugin-transform-literals" "^7.8.3"
-    "@babel/plugin-transform-member-expression-literals" "^7.8.3"
-    "@babel/plugin-transform-modules-amd" "^7.9.0"
-    "@babel/plugin-transform-modules-commonjs" "^7.9.0"
-    "@babel/plugin-transform-modules-systemjs" "^7.9.0"
-    "@babel/plugin-transform-modules-umd" "^7.9.0"
-    "@babel/plugin-transform-named-capturing-groups-regex" "^7.8.3"
-    "@babel/plugin-transform-new-target" "^7.8.3"
-    "@babel/plugin-transform-object-super" "^7.8.3"
-    "@babel/plugin-transform-parameters" "^7.8.7"
-    "@babel/plugin-transform-property-literals" "^7.8.3"
-    "@babel/plugin-transform-regenerator" "^7.8.7"
-    "@babel/plugin-transform-reserved-words" "^7.8.3"
-    "@babel/plugin-transform-shorthand-properties" "^7.8.3"
-    "@babel/plugin-transform-spread" "^7.8.3"
-    "@babel/plugin-transform-sticky-regex" "^7.8.3"
-    "@babel/plugin-transform-template-literals" "^7.8.3"
-    "@babel/plugin-transform-typeof-symbol" "^7.8.4"
-    "@babel/plugin-transform-unicode-regex" "^7.8.3"
+    "@babel/plugin-syntax-top-level-await" "^7.10.4"
+    "@babel/plugin-transform-arrow-functions" "^7.10.4"
+    "@babel/plugin-transform-async-to-generator" "^7.10.4"
+    "@babel/plugin-transform-block-scoped-functions" "^7.10.4"
+    "@babel/plugin-transform-block-scoping" "^7.10.4"
+    "@babel/plugin-transform-classes" "^7.10.4"
+    "@babel/plugin-transform-computed-properties" "^7.10.4"
+    "@babel/plugin-transform-destructuring" "^7.10.4"
+    "@babel/plugin-transform-dotall-regex" "^7.10.4"
+    "@babel/plugin-transform-duplicate-keys" "^7.10.4"
+    "@babel/plugin-transform-exponentiation-operator" "^7.10.4"
+    "@babel/plugin-transform-for-of" "^7.10.4"
+    "@babel/plugin-transform-function-name" "^7.10.4"
+    "@babel/plugin-transform-literals" "^7.10.4"
+    "@babel/plugin-transform-member-expression-literals" "^7.10.4"
+    "@babel/plugin-transform-modules-amd" "^7.10.4"
+    "@babel/plugin-transform-modules-commonjs" "^7.10.4"
+    "@babel/plugin-transform-modules-systemjs" "^7.10.4"
+    "@babel/plugin-transform-modules-umd" "^7.10.4"
+    "@babel/plugin-transform-named-capturing-groups-regex" "^7.10.4"
+    "@babel/plugin-transform-new-target" "^7.10.4"
+    "@babel/plugin-transform-object-super" "^7.10.4"
+    "@babel/plugin-transform-parameters" "^7.10.4"
+    "@babel/plugin-transform-property-literals" "^7.10.4"
+    "@babel/plugin-transform-regenerator" "^7.10.4"
+    "@babel/plugin-transform-reserved-words" "^7.10.4"
+    "@babel/plugin-transform-shorthand-properties" "^7.10.4"
+    "@babel/plugin-transform-spread" "^7.11.0"
+    "@babel/plugin-transform-sticky-regex" "^7.10.4"
+    "@babel/plugin-transform-template-literals" "^7.10.4"
+    "@babel/plugin-transform-typeof-symbol" "^7.10.4"
+    "@babel/plugin-transform-unicode-escapes" "^7.10.4"
+    "@babel/plugin-transform-unicode-regex" "^7.10.4"
     "@babel/preset-modules" "^0.1.3"
-    "@babel/types" "^7.9.0"
-    browserslist "^4.9.1"
+    "@babel/types" "^7.11.0"
+    browserslist "^4.12.0"
     core-js-compat "^3.6.2"
     invariant "^2.2.2"
     levenary "^1.1.1"
@@ -947,23 +1148,14 @@
     "@babel/types" "^7.4.4"
     esutils "^2.0.2"
 
-"@babel/runtime@^7.8.4":
+"@babel/runtime@7.11.2", "@babel/runtime@^7.8.4":
   version "7.11.2"
   resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.11.2.tgz#f549c13c754cc40b87644b9fa9f09a6a95fe0736"
   integrity sha512-TeWkU52so0mPtDcaCTxNBI/IHiz0pZgr8VEFqXFtZWpYD08ZB6FaSwVAS8MKRQAP3bYKiVjwysOJgMFY28o6Tw==
   dependencies:
     regenerator-runtime "^0.13.4"
 
-"@babel/template@7.8.6":
-  version "7.8.6"
-  resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.8.6.tgz#86b22af15f828dfb086474f964dcc3e39c43ce2b"
-  integrity sha512-zbMsPMy/v0PWFZEhQJ66bqjhH+z0JgMoBWuikXybgG3Gkd/3t5oQ1Rw2WQhnSrsOmsKXnZOx15tkC4qON/+JPg==
-  dependencies:
-    "@babel/code-frame" "^7.8.3"
-    "@babel/parser" "^7.8.6"
-    "@babel/types" "^7.8.6"
-
-"@babel/template@^7.10.4", "@babel/template@^7.8.6":
+"@babel/template@7.10.4", "@babel/template@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.10.4.tgz#3251996c4200ebc71d1a8fc405fba940f36ba278"
   integrity sha512-ZCjD27cGJFUB6nmCB1Enki3r+L5kJveX9pq1SvAUKoICy6CZ9yD8xO086YXdYhvNjBdnekm4ZnaP5yC8Cs/1tA==
@@ -972,7 +1164,7 @@
     "@babel/parser" "^7.10.4"
     "@babel/types" "^7.10.4"
 
-"@babel/traverse@^7.10.4", "@babel/traverse@^7.11.5", "@babel/traverse@^7.9.0":
+"@babel/traverse@^7.10.4", "@babel/traverse@^7.11.5":
   version "7.11.5"
   resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.11.5.tgz#be777b93b518eb6d76ee2e1ea1d143daa11e61c3"
   integrity sha512-EjiPXt+r7LiCZXEfRpSJd+jUMnBd4/9OUv7Nx3+0u9+eimMwJmG0Q98lw4/289JCoxSE8OolDMNZaaF/JZ69WQ==
@@ -987,7 +1179,22 @@
     globals "^11.1.0"
     lodash "^4.17.19"
 
-"@babel/types@^7.10.4", "@babel/types@^7.10.5", "@babel/types@^7.11.0", "@babel/types@^7.11.5", "@babel/types@^7.4.4", "@babel/types@^7.8.6", "@babel/types@^7.9.0":
+"@babel/traverse@^7.11.0", "@babel/traverse@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.12.1.tgz#941395e0c5cc86d5d3e75caa095d3924526f0c1e"
+  integrity sha512-MA3WPoRt1ZHo2ZmoGKNqi20YnPt0B1S0GTZEPhhd+hw2KGUzBlHuVunj6K4sNuK+reEvyiPwtp0cpaqLzJDmAw==
+  dependencies:
+    "@babel/code-frame" "^7.10.4"
+    "@babel/generator" "^7.12.1"
+    "@babel/helper-function-name" "^7.10.4"
+    "@babel/helper-split-export-declaration" "^7.11.0"
+    "@babel/parser" "^7.12.1"
+    "@babel/types" "^7.12.1"
+    debug "^4.1.0"
+    globals "^11.1.0"
+    lodash "^4.17.19"
+
+"@babel/types@^7.10.4", "@babel/types@^7.10.5", "@babel/types@^7.11.0", "@babel/types@^7.11.5", "@babel/types@^7.4.4":
   version "7.11.5"
   resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.11.5.tgz#d9de577d01252d77c6800cee039ee64faf75662d"
   integrity sha512-bvM7Qz6eKnJVFIn+1LPtjlBFPVN5jNDc1XmN15vWe7Q3DPBufWWsLiIvUu7xW87uTG6QoggpIDnUgLQvPheU+Q==
@@ -996,30 +1203,38 @@
     lodash "^4.17.19"
     to-fast-properties "^2.0.0"
 
+"@babel/types@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.12.1.tgz#e109d9ab99a8de735be287ee3d6a9947a190c4ae"
+  integrity sha512-BzSY3NJBKM4kyatSOWh3D/JJ2O3CVzBybHWxtgxnggaxEuaSTTDqeiSb/xk9lrkw2Tbqyivw5ZU4rT+EfznQsA==
+  dependencies:
+    "@babel/helper-validator-identifier" "^7.10.4"
+    lodash "^4.17.19"
+    to-fast-properties "^2.0.0"
+
 "@istanbuljs/schema@^0.1.2":
   version "0.1.2"
   resolved "https://registry.yarnpkg.com/@istanbuljs/schema/-/schema-0.1.2.tgz#26520bf09abe4a5644cd5414e37125a8954241dd"
   integrity sha512-tsAQNx32a8CoFhjhijUIhI4kccIAgmGhy8LZMZgGfmXcpMbPRUqn5LWmgRttILi6yeGmBJd2xsPkFMs0PzgPCw==
 
-"@jsdevtools/coverage-istanbul-loader@3.0.3":
-  version "3.0.3"
-  resolved "https://registry.yarnpkg.com/@jsdevtools/coverage-istanbul-loader/-/coverage-istanbul-loader-3.0.3.tgz#102e414b02ae2f0b3c7fd45a705601e1fd4867c5"
-  integrity sha512-TAdNkeGB5Fe4Og+ZkAr1Kvn9by2sfL44IAHFtxlh1BA1XJ5cLpO9iSNki5opWESv3l3vSHsZ9BNKuqFKbEbFaA==
+"@jsdevtools/coverage-istanbul-loader@3.0.5":
+  version "3.0.5"
+  resolved "https://registry.yarnpkg.com/@jsdevtools/coverage-istanbul-loader/-/coverage-istanbul-loader-3.0.5.tgz#2a4bc65d0271df8d4435982db4af35d81754ee26"
+  integrity sha512-EUCPEkaRPvmHjWAAZkWMT7JDzpw7FKB00WTISaiXsbNOd5hCHg77XLA8sLYLFDo1zepYLo2w7GstN8YBqRXZfA==
   dependencies:
     convert-source-map "^1.7.0"
-    istanbul-lib-instrument "^4.0.1"
-    loader-utils "^1.4.0"
+    istanbul-lib-instrument "^4.0.3"
+    loader-utils "^2.0.0"
     merge-source-map "^1.1.0"
-    schema-utils "^2.6.4"
+    schema-utils "^2.7.0"
 
-"@ngtools/webpack@9.1.12":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@ngtools/webpack/-/webpack-9.1.12.tgz#a6e2feb40db442335a1c79af4044d399767b5e81"
-  integrity sha512-lypMXIq5oxBMsoDu/VOa1yUmmXthhxkCJa8LG0ZohfnbwhmZvz3SAW7omBGuVrb5cVIfLCkaRCSnQ1MNc6ULXw==
+"@ngtools/webpack@10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@ngtools/webpack/-/webpack-10.2.0.tgz#42a9aba997a69effedd7cba75d0c69756f1b7fc4"
+  integrity sha512-W4SSFNQhIiC8JRhIn3c4mb1+fsFKiHp+THVMAUNo+wRZEt/rgzsCdnqv0EmQJJojZhnilUIyB/wVYJu2+S/Bxg==
   dependencies:
-    "@angular-devkit/core" "9.1.12"
-    enhanced-resolve "4.1.1"
-    rxjs "6.5.4"
+    "@angular-devkit/core" "10.2.0"
+    enhanced-resolve "4.3.0"
     webpack-sources "1.4.3"
 
 "@nodelib/fs.scandir@2.1.3":
@@ -1055,27 +1270,27 @@
   resolved "https://registry.yarnpkg.com/@saritasa/tslint-config-angular/-/tslint-config-angular-2.0.0.tgz#9e76c98081b1bc54c260e1c27abd5cd4ef8d2525"
   integrity sha512-zs7nOOgxOA3WpNeRLS2Qcuu0BHU/GN/n9Kfbv//w0fzZinxeZKMaLOOnDcSlq4JGgOp6AbVJeCR8l50enwEasQ==
 
-"@schematics/angular@9.1.12":
-  version "9.1.12"
-  resolved "https://registry.yarnpkg.com/@schematics/angular/-/angular-9.1.12.tgz#608e25dbd517d867002781f695336b51f05417a2"
-  integrity sha512-r4+aPAGhstsKFMwW/kOen1ACnzuLpz+vMxEpndXOqqVXLkAMsuAbQUFYjIlMy6fH4zdhpI90EJZ1PbOrAXvKxA==
+"@schematics/angular@10.2.0":
+  version "10.2.0"
+  resolved "https://registry.yarnpkg.com/@schematics/angular/-/angular-10.2.0.tgz#30fb6ab3500592a243b9a19398b7c724ee6b3be7"
+  integrity sha512-rJRTTTL8CMMFb3ebCvAVHKHxuNzRqy/HtbXhJ82l5Xo/jXcm74eV2Q0RBUrNo1yBKWFIR+FIwiXLJaGcC/R9Pw==
   dependencies:
-    "@angular-devkit/core" "9.1.12"
-    "@angular-devkit/schematics" "9.1.12"
+    "@angular-devkit/core" "10.2.0"
+    "@angular-devkit/schematics" "10.2.0"
+    jsonc-parser "2.3.0"
 
-"@schematics/update@0.901.12":
-  version "0.901.12"
-  resolved "https://registry.yarnpkg.com/@schematics/update/-/update-0.901.12.tgz#7e410ac7a163b71e30d8cc56d7959adf9225078c"
-  integrity sha512-SxGVYLTHhBC0rSF0OWSWPuJUB1Jhfqkl3o5bBgCC9//DutWiN6WoCCBTrCxR7F5vR2iiD7WqOe9CuvWYfvV8oQ==
+"@schematics/update@0.1002.0":
+  version "0.1002.0"
+  resolved "https://registry.yarnpkg.com/@schematics/update/-/update-0.1002.0.tgz#ff4c134afe1796960f51308ff4e07218f70a6bbd"
+  integrity sha512-g2bfJSAj3x/YL0GNhnHsDSQmO6DoxSnLxoFLqNN5+ukxK5jq7OZNDwMJGxZ3X6RcSMWKEkIKL/wlq9yhj2T/kw==
   dependencies:
-    "@angular-devkit/core" "9.1.12"
-    "@angular-devkit/schematics" "9.1.12"
+    "@angular-devkit/core" "10.2.0"
+    "@angular-devkit/schematics" "10.2.0"
     "@yarnpkg/lockfile" "1.1.0"
     ini "1.3.5"
     npm-package-arg "^8.0.0"
     pacote "9.5.12"
-    rxjs "6.5.4"
-    semver "7.1.3"
+    semver "7.3.2"
     semver-intersect "1.4.0"
 
 "@types/color-name@^1.1.1":
@@ -1137,150 +1352,149 @@
     "@types/source-list-map" "*"
     source-map "^0.6.1"
 
-"@webassemblyjs/ast@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/ast/-/ast-1.8.5.tgz#51b1c5fe6576a34953bf4b253df9f0d490d9e359"
-  integrity sha512-aJMfngIZ65+t71C3y2nBBg5FFG0Okt9m0XEgWZ7Ywgn1oMAT8cNwx00Uv1cQyHtidq0Xn94R4TAywO+LCQ+ZAQ==
-  dependencies:
-    "@webassemblyjs/helper-module-context" "1.8.5"
-    "@webassemblyjs/helper-wasm-bytecode" "1.8.5"
-    "@webassemblyjs/wast-parser" "1.8.5"
-
-"@webassemblyjs/floating-point-hex-parser@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/floating-point-hex-parser/-/floating-point-hex-parser-1.8.5.tgz#1ba926a2923613edce496fd5b02e8ce8a5f49721"
-  integrity sha512-9p+79WHru1oqBh9ewP9zW95E3XAo+90oth7S5Re3eQnECGq59ly1Ri5tsIipKGpiStHsUYmY3zMLqtk3gTcOtQ==
-
-"@webassemblyjs/helper-api-error@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-api-error/-/helper-api-error-1.8.5.tgz#c49dad22f645227c5edb610bdb9697f1aab721f7"
-  integrity sha512-Za/tnzsvnqdaSPOUXHyKJ2XI7PDX64kWtURyGiJJZKVEdFOsdKUCPTNEVFZq3zJ2R0G5wc2PZ5gvdTRFgm81zA==
-
-"@webassemblyjs/helper-buffer@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-buffer/-/helper-buffer-1.8.5.tgz#fea93e429863dd5e4338555f42292385a653f204"
-  integrity sha512-Ri2R8nOS0U6G49Q86goFIPNgjyl6+oE1abW1pS84BuhP1Qcr5JqMwRFT3Ah3ADDDYGEgGs1iyb1DGX+kAi/c/Q==
-
-"@webassemblyjs/helper-code-frame@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-code-frame/-/helper-code-frame-1.8.5.tgz#9a740ff48e3faa3022b1dff54423df9aa293c25e"
-  integrity sha512-VQAadSubZIhNpH46IR3yWO4kZZjMxN1opDrzePLdVKAZ+DFjkGD/rf4v1jap744uPVU6yjL/smZbRIIJTOUnKQ==
-  dependencies:
-    "@webassemblyjs/wast-printer" "1.8.5"
-
-"@webassemblyjs/helper-fsm@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-fsm/-/helper-fsm-1.8.5.tgz#ba0b7d3b3f7e4733da6059c9332275d860702452"
-  integrity sha512-kRuX/saORcg8se/ft6Q2UbRpZwP4y7YrWsLXPbbmtepKr22i8Z4O3V5QE9DbZK908dh5Xya4Un57SDIKwB9eow==
-
-"@webassemblyjs/helper-module-context@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-module-context/-/helper-module-context-1.8.5.tgz#def4b9927b0101dc8cbbd8d1edb5b7b9c82eb245"
-  integrity sha512-/O1B236mN7UNEU4t9X7Pj38i4VoU8CcMHyy3l2cV/kIF4U5KoHXDVqcDuOs1ltkac90IM4vZdHc52t1x8Yfs3g==
-  dependencies:
-    "@webassemblyjs/ast" "1.8.5"
-    mamacro "^0.0.3"
-
-"@webassemblyjs/helper-wasm-bytecode@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-wasm-bytecode/-/helper-wasm-bytecode-1.8.5.tgz#537a750eddf5c1e932f3744206551c91c1b93e61"
-  integrity sha512-Cu4YMYG3Ddl72CbmpjU/wbP6SACcOPVbHN1dI4VJNJVgFwaKf1ppeFJrwydOG3NDHxVGuCfPlLZNyEdIYlQ6QQ==
-
-"@webassemblyjs/helper-wasm-section@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-wasm-section/-/helper-wasm-section-1.8.5.tgz#74ca6a6bcbe19e50a3b6b462847e69503e6bfcbf"
-  integrity sha512-VV083zwR+VTrIWWtgIUpqfvVdK4ff38loRmrdDBgBT8ADXYsEZ5mPQ4Nde90N3UYatHdYoDIFb7oHzMncI02tA==
-  dependencies:
-    "@webassemblyjs/ast" "1.8.5"
-    "@webassemblyjs/helper-buffer" "1.8.5"
-    "@webassemblyjs/helper-wasm-bytecode" "1.8.5"
-    "@webassemblyjs/wasm-gen" "1.8.5"
-
-"@webassemblyjs/ieee754@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/ieee754/-/ieee754-1.8.5.tgz#712329dbef240f36bf57bd2f7b8fb9bf4154421e"
-  integrity sha512-aaCvQYrvKbY/n6wKHb/ylAJr27GglahUO89CcGXMItrOBqRarUMxWLJgxm9PJNuKULwN5n1csT9bYoMeZOGF3g==
+"@webassemblyjs/ast@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/ast/-/ast-1.9.0.tgz#bd850604b4042459a5a41cd7d338cbed695ed964"
+  integrity sha512-C6wW5L+b7ogSDVqymbkkvuW9kruN//YisMED04xzeBBqjHa2FYnmvOlS6Xj68xWQRgWvI9cIglsjFowH/RJyEA==
+  dependencies:
+    "@webassemblyjs/helper-module-context" "1.9.0"
+    "@webassemblyjs/helper-wasm-bytecode" "1.9.0"
+    "@webassemblyjs/wast-parser" "1.9.0"
+
+"@webassemblyjs/floating-point-hex-parser@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/floating-point-hex-parser/-/floating-point-hex-parser-1.9.0.tgz#3c3d3b271bddfc84deb00f71344438311d52ffb4"
+  integrity sha512-TG5qcFsS8QB4g4MhrxK5TqfdNe7Ey/7YL/xN+36rRjl/BlGE/NcBvJcqsRgCP6Z92mRE+7N50pRIi8SmKUbcQA==
+
+"@webassemblyjs/helper-api-error@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-api-error/-/helper-api-error-1.9.0.tgz#203f676e333b96c9da2eeab3ccef33c45928b6a2"
+  integrity sha512-NcMLjoFMXpsASZFxJ5h2HZRcEhDkvnNFOAKneP5RbKRzaWJN36NC4jqQHKwStIhGXu5mUWlUUk7ygdtrO8lbmw==
+
+"@webassemblyjs/helper-buffer@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-buffer/-/helper-buffer-1.9.0.tgz#a1442d269c5feb23fcbc9ef759dac3547f29de00"
+  integrity sha512-qZol43oqhq6yBPx7YM3m9Bv7WMV9Eevj6kMi6InKOuZxhw+q9hOkvq5e/PpKSiLfyetpaBnogSbNCfBwyB00CA==
+
+"@webassemblyjs/helper-code-frame@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-code-frame/-/helper-code-frame-1.9.0.tgz#647f8892cd2043a82ac0c8c5e75c36f1d9159f27"
+  integrity sha512-ERCYdJBkD9Vu4vtjUYe8LZruWuNIToYq/ME22igL+2vj2dQ2OOujIZr3MEFvfEaqKoVqpsFKAGsRdBSBjrIvZA==
+  dependencies:
+    "@webassemblyjs/wast-printer" "1.9.0"
+
+"@webassemblyjs/helper-fsm@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-fsm/-/helper-fsm-1.9.0.tgz#c05256b71244214671f4b08ec108ad63b70eddb8"
+  integrity sha512-OPRowhGbshCb5PxJ8LocpdX9Kl0uB4XsAjl6jH/dWKlk/mzsANvhwbiULsaiqT5GZGT9qinTICdj6PLuM5gslw==
+
+"@webassemblyjs/helper-module-context@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-module-context/-/helper-module-context-1.9.0.tgz#25d8884b76839871a08a6c6f806c3979ef712f07"
+  integrity sha512-MJCW8iGC08tMk2enck1aPW+BE5Cw8/7ph/VGZxwyvGbJwjktKkDK7vy7gAmMDx88D7mhDTCNKAW5tED+gZ0W8g==
+  dependencies:
+    "@webassemblyjs/ast" "1.9.0"
+
+"@webassemblyjs/helper-wasm-bytecode@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-wasm-bytecode/-/helper-wasm-bytecode-1.9.0.tgz#4fed8beac9b8c14f8c58b70d124d549dd1fe5790"
+  integrity sha512-R7FStIzyNcd7xKxCZH5lE0Bqy+hGTwS3LJjuv1ZVxd9O7eHCedSdrId/hMOd20I+v8wDXEn+bjfKDLzTepoaUw==
+
+"@webassemblyjs/helper-wasm-section@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/helper-wasm-section/-/helper-wasm-section-1.9.0.tgz#5a4138d5a6292ba18b04c5ae49717e4167965346"
+  integrity sha512-XnMB8l3ek4tvrKUUku+IVaXNHz2YsJyOOmz+MMkZvh8h1uSJpSen6vYnw3IoQ7WwEuAhL8Efjms1ZWjqh2agvw==
+  dependencies:
+    "@webassemblyjs/ast" "1.9.0"
+    "@webassemblyjs/helper-buffer" "1.9.0"
+    "@webassemblyjs/helper-wasm-bytecode" "1.9.0"
+    "@webassemblyjs/wasm-gen" "1.9.0"
+
+"@webassemblyjs/ieee754@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/ieee754/-/ieee754-1.9.0.tgz#15c7a0fbaae83fb26143bbacf6d6df1702ad39e4"
+  integrity sha512-dcX8JuYU/gvymzIHc9DgxTzUUTLexWwt8uCTWP3otys596io0L5aW02Gb1RjYpx2+0Jus1h4ZFqjla7umFniTg==
   dependencies:
     "@xtuc/ieee754" "^1.2.0"
 
-"@webassemblyjs/leb128@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/leb128/-/leb128-1.8.5.tgz#044edeb34ea679f3e04cd4fd9824d5e35767ae10"
-  integrity sha512-plYUuUwleLIziknvlP8VpTgO4kqNaH57Y3JnNa6DLpu/sGcP6hbVdfdX5aHAV716pQBKrfuU26BJK29qY37J7A==
+"@webassemblyjs/leb128@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/leb128/-/leb128-1.9.0.tgz#f19ca0b76a6dc55623a09cffa769e838fa1e1c95"
+  integrity sha512-ENVzM5VwV1ojs9jam6vPys97B/S65YQtv/aanqnU7D8aSoHFX8GyhGg0CMfyKNIHBuAVjy3tlzd5QMMINa7wpw==
   dependencies:
     "@xtuc/long" "4.2.2"
 
-"@webassemblyjs/utf8@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/utf8/-/utf8-1.8.5.tgz#a8bf3b5d8ffe986c7c1e373ccbdc2a0915f0cedc"
-  integrity sha512-U7zgftmQriw37tfD934UNInokz6yTmn29inT2cAetAsaU9YeVCveWEwhKL1Mg4yS7q//NGdzy79nlXh3bT8Kjw==
-
-"@webassemblyjs/wasm-edit@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-edit/-/wasm-edit-1.8.5.tgz#962da12aa5acc1c131c81c4232991c82ce56e01a"
-  integrity sha512-A41EMy8MWw5yvqj7MQzkDjU29K7UJq1VrX2vWLzfpRHt3ISftOXqrtojn7nlPsZ9Ijhp5NwuODuycSvfAO/26Q==
-  dependencies:
-    "@webassemblyjs/ast" "1.8.5"
-    "@webassemblyjs/helper-buffer" "1.8.5"
-    "@webassemblyjs/helper-wasm-bytecode" "1.8.5"
-    "@webassemblyjs/helper-wasm-section" "1.8.5"
-    "@webassemblyjs/wasm-gen" "1.8.5"
-    "@webassemblyjs/wasm-opt" "1.8.5"
-    "@webassemblyjs/wasm-parser" "1.8.5"
-    "@webassemblyjs/wast-printer" "1.8.5"
-
-"@webassemblyjs/wasm-gen@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-gen/-/wasm-gen-1.8.5.tgz#54840766c2c1002eb64ed1abe720aded714f98bc"
-  integrity sha512-BCZBT0LURC0CXDzj5FXSc2FPTsxwp3nWcqXQdOZE4U7h7i8FqtFK5Egia6f9raQLpEKT1VL7zr4r3+QX6zArWg==
-  dependencies:
-    "@webassemblyjs/ast" "1.8.5"
-    "@webassemblyjs/helper-wasm-bytecode" "1.8.5"
-    "@webassemblyjs/ieee754" "1.8.5"
-    "@webassemblyjs/leb128" "1.8.5"
-    "@webassemblyjs/utf8" "1.8.5"
-
-"@webassemblyjs/wasm-opt@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-opt/-/wasm-opt-1.8.5.tgz#b24d9f6ba50394af1349f510afa8ffcb8a63d264"
-  integrity sha512-HKo2mO/Uh9A6ojzu7cjslGaHaUU14LdLbGEKqTR7PBKwT6LdPtLLh9fPY33rmr5wcOMrsWDbbdCHq4hQUdd37Q==
-  dependencies:
-    "@webassemblyjs/ast" "1.8.5"
-    "@webassemblyjs/helper-buffer" "1.8.5"
-    "@webassemblyjs/wasm-gen" "1.8.5"
-    "@webassemblyjs/wasm-parser" "1.8.5"
-
-"@webassemblyjs/wasm-parser@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-parser/-/wasm-parser-1.8.5.tgz#21576f0ec88b91427357b8536383668ef7c66b8d"
-  integrity sha512-pi0SYE9T6tfcMkthwcgCpL0cM9nRYr6/6fjgDtL6q/ZqKHdMWvxitRi5JcZ7RI4SNJJYnYNaWy5UUrHQy998lw==
-  dependencies:
-    "@webassemblyjs/ast" "1.8.5"
-    "@webassemblyjs/helper-api-error" "1.8.5"
-    "@webassemblyjs/helper-wasm-bytecode" "1.8.5"
-    "@webassemblyjs/ieee754" "1.8.5"
-    "@webassemblyjs/leb128" "1.8.5"
-    "@webassemblyjs/utf8" "1.8.5"
-
-"@webassemblyjs/wast-parser@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/wast-parser/-/wast-parser-1.8.5.tgz#e10eecd542d0e7bd394f6827c49f3df6d4eefb8c"
-  integrity sha512-daXC1FyKWHF1i11obK086QRlsMsY4+tIOKgBqI1lxAnkp9xe9YMcgOxm9kLe+ttjs5aWV2KKE1TWJCN57/Btsg==
-  dependencies:
-    "@webassemblyjs/ast" "1.8.5"
-    "@webassemblyjs/floating-point-hex-parser" "1.8.5"
-    "@webassemblyjs/helper-api-error" "1.8.5"
-    "@webassemblyjs/helper-code-frame" "1.8.5"
-    "@webassemblyjs/helper-fsm" "1.8.5"
+"@webassemblyjs/utf8@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/utf8/-/utf8-1.9.0.tgz#04d33b636f78e6a6813227e82402f7637b6229ab"
+  integrity sha512-GZbQlWtopBTP0u7cHrEx+73yZKrQoBMpwkGEIqlacljhXCkVM1kMQge/Mf+csMJAjEdSwhOyLAS0AoR3AG5P8w==
+
+"@webassemblyjs/wasm-edit@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-edit/-/wasm-edit-1.9.0.tgz#3fe6d79d3f0f922183aa86002c42dd256cfee9cf"
+  integrity sha512-FgHzBm80uwz5M8WKnMTn6j/sVbqilPdQXTWraSjBwFXSYGirpkSWE2R9Qvz9tNiTKQvoKILpCuTjBKzOIm0nxw==
+  dependencies:
+    "@webassemblyjs/ast" "1.9.0"
+    "@webassemblyjs/helper-buffer" "1.9.0"
+    "@webassemblyjs/helper-wasm-bytecode" "1.9.0"
+    "@webassemblyjs/helper-wasm-section" "1.9.0"
+    "@webassemblyjs/wasm-gen" "1.9.0"
+    "@webassemblyjs/wasm-opt" "1.9.0"
+    "@webassemblyjs/wasm-parser" "1.9.0"
+    "@webassemblyjs/wast-printer" "1.9.0"
+
+"@webassemblyjs/wasm-gen@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-gen/-/wasm-gen-1.9.0.tgz#50bc70ec68ded8e2763b01a1418bf43491a7a49c"
+  integrity sha512-cPE3o44YzOOHvlsb4+E9qSqjc9Qf9Na1OO/BHFy4OI91XDE14MjFN4lTMezzaIWdPqHnsTodGGNP+iRSYfGkjA==
+  dependencies:
+    "@webassemblyjs/ast" "1.9.0"
+    "@webassemblyjs/helper-wasm-bytecode" "1.9.0"
+    "@webassemblyjs/ieee754" "1.9.0"
+    "@webassemblyjs/leb128" "1.9.0"
+    "@webassemblyjs/utf8" "1.9.0"
+
+"@webassemblyjs/wasm-opt@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-opt/-/wasm-opt-1.9.0.tgz#2211181e5b31326443cc8112eb9f0b9028721a61"
+  integrity sha512-Qkjgm6Anhm+OMbIL0iokO7meajkzQD71ioelnfPEj6r4eOFuqm4YC3VBPqXjFyyNwowzbMD+hizmprP/Fwkl2A==
+  dependencies:
+    "@webassemblyjs/ast" "1.9.0"
+    "@webassemblyjs/helper-buffer" "1.9.0"
+    "@webassemblyjs/wasm-gen" "1.9.0"
+    "@webassemblyjs/wasm-parser" "1.9.0"
+
+"@webassemblyjs/wasm-parser@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/wasm-parser/-/wasm-parser-1.9.0.tgz#9d48e44826df4a6598294aa6c87469d642fff65e"
+  integrity sha512-9+wkMowR2AmdSWQzsPEjFU7njh8HTO5MqO8vjwEHuM+AMHioNqSBONRdr0NQQ3dVQrzp0s8lTcYqzUdb7YgELA==
+  dependencies:
+    "@webassemblyjs/ast" "1.9.0"
+    "@webassemblyjs/helper-api-error" "1.9.0"
+    "@webassemblyjs/helper-wasm-bytecode" "1.9.0"
+    "@webassemblyjs/ieee754" "1.9.0"
+    "@webassemblyjs/leb128" "1.9.0"
+    "@webassemblyjs/utf8" "1.9.0"
+
+"@webassemblyjs/wast-parser@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/wast-parser/-/wast-parser-1.9.0.tgz#3031115d79ac5bd261556cecc3fa90a3ef451914"
+  integrity sha512-qsqSAP3QQ3LyZjNC/0jBJ/ToSxfYJ8kYyuiGvtn/8MK89VrNEfwj7BPQzJVHi0jGTRK2dGdJ5PRqhtjzoww+bw==
+  dependencies:
+    "@webassemblyjs/ast" "1.9.0"
+    "@webassemblyjs/floating-point-hex-parser" "1.9.0"
+    "@webassemblyjs/helper-api-error" "1.9.0"
+    "@webassemblyjs/helper-code-frame" "1.9.0"
+    "@webassemblyjs/helper-fsm" "1.9.0"
     "@xtuc/long" "4.2.2"
 
-"@webassemblyjs/wast-printer@1.8.5":
-  version "1.8.5"
-  resolved "https://registry.yarnpkg.com/@webassemblyjs/wast-printer/-/wast-printer-1.8.5.tgz#114bbc481fd10ca0e23b3560fa812748b0bae5bc"
-  integrity sha512-w0U0pD4EhlnvRyeJzBqaVSJAo9w/ce7/WPogeXLzGkO6hzhr4GnQIZ4W4uUt5b9ooAaXPtnXlj0gzsXEOUNYMg==
+"@webassemblyjs/wast-printer@1.9.0":
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/@webassemblyjs/wast-printer/-/wast-printer-1.9.0.tgz#4935d54c85fef637b00ce9f52377451d00d47899"
+  integrity sha512-2J0nE95rHXHyQ24cWjMKJ1tqB/ds8z/cyeOZxJhcb+rW+SQASVjuznUSmdz5GpVJTzU8JkhYut0D3siFDD6wsA==
   dependencies:
-    "@webassemblyjs/ast" "1.8.5"
-    "@webassemblyjs/wast-parser" "1.8.5"
+    "@webassemblyjs/ast" "1.9.0"
+    "@webassemblyjs/wast-parser" "1.9.0"
     "@xtuc/long" "4.2.2"
 
 "@xtuc/ieee754@^1.2.0":
@@ -1306,6 +1520,11 @@ JSONStream@^1.3.4:
     jsonparse "^1.2.0"
     through ">=2.2.7 <3"
 
+abab@^2.0.3:
+  version "2.0.5"
+  resolved "https://registry.yarnpkg.com/abab/-/abab-2.0.5.tgz#c0b678fb32d60fc1219c784d6a826fe385aeb79a"
+  integrity sha512-9IK9EadsbHo6jLWIpxpR6pL0sazTXV6+SQv25ZB+F7Bj9mJNaOc4nCRabwd5M/JwmUa8idz6Eci6eKfJryPs6Q==
+
 accepts@~1.3.4, accepts@~1.3.5, accepts@~1.3.7:
   version "1.3.7"
   resolved "https://registry.yarnpkg.com/accepts/-/accepts-1.3.7.tgz#531bc726517a3b2b41f850021c6cc15eaab507cd"
@@ -1319,10 +1538,18 @@ ace-builds@^1.4.2:
   resolved "https://registry.yarnpkg.com/ace-builds/-/ace-builds-1.4.12.tgz#888efa386e36f4345f40b5233fcc4fe4c588fae7"
   integrity sha512-G+chJctFPiiLGvs3+/Mly3apXTcfgE45dT5yp12BcWZ1kUs+gm0qd3/fv4gsz6fVag4mM0moHVpjHDIgph6Psg==
 
-acorn@^6.2.1:
-  version "6.4.1"
-  resolved "https://registry.yarnpkg.com/acorn/-/acorn-6.4.1.tgz#531e58ba3f51b9dacb9a6646ca4debf5b14ca474"
-  integrity sha512-ZVA9k326Nwrj3Cj9jlh3wGFutC2ZornPNARZwsNYqQYgN0EsV2d53w5RN/co65Ohn4sUAUtb1rSUAOD6XN9idA==
+acorn@^6.4.1:
+  version "6.4.2"
+  resolved "https://registry.yarnpkg.com/acorn/-/acorn-6.4.2.tgz#35866fd710528e92de10cf06016498e47e39e1e6"
+  integrity sha512-XtGIhXwF8YM8bJhGxG5kXgjkEuNGLTkoYqVE+KMR+aspr4KGYmKYg7yUe3KghyQ9yheNwLnjmzh/7+gfDBmHCQ==
+
+adjust-sourcemap-loader@3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/adjust-sourcemap-loader/-/adjust-sourcemap-loader-3.0.0.tgz#5ae12fb5b7b1c585e80bbb5a63ec163a1a45e61e"
+  integrity sha512-YBrGyT2/uVQ/c6Rr+t6ZJXniY03YtHGMJQYal368burRGYKqhx9qGTWqcBU5s1CwYY9E/ri63RYyG1IacMZtqw==
+  dependencies:
+    loader-utils "^2.0.0"
+    regex-parser "^2.2.11"
 
 agent-base@4, agent-base@^4.3.0:
   version "4.3.0"
@@ -1363,10 +1590,10 @@ ajv-keywords@^3.1.0, ajv-keywords@^3.4.1, ajv-keywords@^3.5.2:
   resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.5.2.tgz#31f29da5ab6e00d1c2d329acf7b5929614d5014d"
   integrity sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ==
 
-ajv@6.12.3:
-  version "6.12.3"
-  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.3.tgz#18c5af38a111ddeb4f2697bd78d68abc1cabd706"
-  integrity sha512-4K0cK3L1hsqk9xIb2z9vs/XU+PGJZ9PNpJRDS9YLzmNdX6jmVPfamLvTJr0aDAusnHyCHO6MjzlkAsgtqp9teA==
+ajv@6.12.4:
+  version "6.12.4"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.4.tgz#0614facc4522127fa713445c6bfd3ebd376e2234"
+  integrity sha512-eienB2c9qVQs2KWexhkrdMLVDoIQCz5KSeLxwg9Lzk4DOfBtIK9PQwwufcsn1jjGuf9WZmqPMbGxOzfcuphJCQ==
   dependencies:
     fast-deep-equal "^3.1.1"
     fast-json-stable-stringify "^2.0.0"
@@ -1481,6 +1708,11 @@ aria-query@^3.0.0:
     ast-types-flow "0.0.7"
     commander "^2.11.0"
 
+arity-n@^1.0.4:
+  version "1.0.4"
+  resolved "https://registry.yarnpkg.com/arity-n/-/arity-n-1.0.4.tgz#d9e76b11733e08569c0847ae7b39b2860b30b745"
+  integrity sha1-2edrEXM+CFacCEeuezmyhgswt0U=
+
 arr-diff@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/arr-diff/-/arr-diff-4.0.0.tgz#d6461074febfec71e7e15235761a329a5dc7c520"
@@ -1533,7 +1765,7 @@ array-unique@^0.3.2:
   resolved "https://registry.yarnpkg.com/array-unique/-/array-unique-0.3.2.tgz#a894b75d4bc4f6cd679ef3244a9fd8f46ae2d428"
   integrity sha1-qJS3XUvE9s1nnvMkSp/Y9Gri1Cg=
 
-asap@^2.0.0, asap@~2.0.3:
+asap@^2.0.0:
   version "2.0.6"
   resolved "https://registry.yarnpkg.com/asap/-/asap-2.0.6.tgz#e50347611d7e690943208bbdafebcbc2fb866d46"
   integrity sha1-5QNHYR1+aQlDIIu9r+vLwvuGbUY=
@@ -1588,7 +1820,7 @@ async-limiter@~1.0.0:
   resolved "https://registry.yarnpkg.com/async-limiter/-/async-limiter-1.0.1.tgz#dd379e94f0db8310b08291f9d64c3209766617fd"
   integrity sha512-csOlWGAcRFJaI6m+F2WKdnMKr4HhdhFVBk0H/QbJFMCr+uO2kwohwXQPxw/9OCxp05r5ghVBFSyioixx3gfkNQ==
 
-async@^2.5.0, async@^2.6.2:
+async@^2.6.2:
   version "2.6.3"
   resolved "https://registry.yarnpkg.com/async/-/async-2.6.3.tgz#d72625e2344a3656e3a3ad4fa749fa83299d82ff"
   integrity sha512-zflvls11DCy+dQWzTW2dzuilv8Z5X/pjfmZOWba6TNIVDm+2UDaJmXSOXlasHKfNBs8oo3M0aT50fDEWfKZjXg==
@@ -1605,18 +1837,18 @@ atob@^2.1.2:
   resolved "https://registry.yarnpkg.com/atob/-/atob-2.1.2.tgz#6d9517eb9e030d2436666651e86bd9f6f13533c9"
   integrity sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg==
 
-autoprefixer@9.7.4:
-  version "9.7.4"
-  resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-9.7.4.tgz#f8bf3e06707d047f0641d87aee8cfb174b2a5378"
-  integrity sha512-g0Ya30YrMBAEZk60lp+qfX5YQllG+S5W3GYCFvyHTvhOki0AEQJLPEcIuGRsqVwLi8FvXPVtwTGhfr38hVpm0g==
+autoprefixer@9.8.6:
+  version "9.8.6"
+  resolved "https://registry.yarnpkg.com/autoprefixer/-/autoprefixer-9.8.6.tgz#3b73594ca1bf9266320c5acf1588d74dea74210f"
+  integrity sha512-XrvP4VVHdRBCdX1S3WXVD8+RyG9qeb1D5Sn1DeLiG2xfSpzellk5k54xbUERJ3M5DggQxes39UGOTP8CFrEGbg==
   dependencies:
-    browserslist "^4.8.3"
-    caniuse-lite "^1.0.30001020"
-    chalk "^2.4.2"
+    browserslist "^4.12.0"
+    caniuse-lite "^1.0.30001109"
+    colorette "^1.2.1"
     normalize-range "^0.1.2"
     num2fraction "^1.2.2"
-    postcss "^7.0.26"
-    postcss-value-parser "^4.0.2"
+    postcss "^7.0.32"
+    postcss-value-parser "^4.1.0"
 
 available-typed-arrays@^1.0.0, available-typed-arrays@^1.0.2:
   version "1.0.2"
@@ -1642,15 +1874,16 @@ axobject-query@2.0.2:
   dependencies:
     ast-types-flow "0.0.7"
 
-babel-loader@8.0.6:
-  version "8.0.6"
-  resolved "https://registry.yarnpkg.com/babel-loader/-/babel-loader-8.0.6.tgz#e33bdb6f362b03f4bb141a0c21ab87c501b70dfb"
-  integrity sha512-4BmWKtBOBm13uoUwd08UwjZlaw3O9GWf456R9j+5YykFZ6LUIjIKLc0zEZf+hauxPOJs96C8k6FvYD09vWzhYw==
+babel-loader@8.1.0:
+  version "8.1.0"
+  resolved "https://registry.yarnpkg.com/babel-loader/-/babel-loader-8.1.0.tgz#c611d5112bd5209abe8b9fa84c3e4da25275f1c3"
+  integrity sha512-7q7nC1tYOrqvUrN3LQK4GwSk/TQorZSOlO9C+RZDZpODgyN4ZlCqE5q9cDsyWOliN+aU9B4JX01xK9eJXowJLw==
   dependencies:
-    find-cache-dir "^2.0.0"
-    loader-utils "^1.0.2"
-    mkdirp "^0.5.1"
+    find-cache-dir "^2.1.0"
+    loader-utils "^1.4.0"
+    mkdirp "^0.5.3"
     pify "^4.0.1"
+    schema-utils "^2.6.5"
 
 babel-plugin-dynamic-import-node@^2.3.3:
   version "2.3.3"
@@ -1871,7 +2104,7 @@ browserify-zlib@^0.2.0:
   dependencies:
     pako "~1.0.5"
 
-browserslist@^4.0.0, browserslist@^4.12.0, browserslist@^4.8.3, browserslist@^4.8.5, browserslist@^4.9.1:
+browserslist@^4.0.0, browserslist@^4.12.0, browserslist@^4.8.5, browserslist@^4.9.1:
   version "4.14.3"
   resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.14.3.tgz#381f9e7f13794b2eb17e1761b4f118e8ae665a53"
   integrity sha512-GcZPC5+YqyPO4SFnz48/B0YaCwS47Q9iPChRGi6t7HhflKBcINzFrJvRfC+jp30sRMKxF+d4EHGs27Z0XP1NaQ==
@@ -1930,27 +2163,27 @@ bytes@3.1.0:
   resolved "https://registry.yarnpkg.com/bytes/-/bytes-3.1.0.tgz#f6cf7933a360e0588fa9fde85651cdc7f805d1f6"
   integrity sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg==
 
-cacache@15.0.0:
-  version "15.0.0"
-  resolved "https://registry.yarnpkg.com/cacache/-/cacache-15.0.0.tgz#133b59edbd2a37ea8ef2d54964c6f247e47e5059"
-  integrity sha512-L0JpXHhplbJSiDGzyJJnJCTL7er7NzbBgxzVqLswEb4bO91Zbv17OUMuUeu/q0ZwKn3V+1HM4wb9tO4eVE/K8g==
+cacache@15.0.5, cacache@^15.0.4, cacache@^15.0.5:
+  version "15.0.5"
+  resolved "https://registry.yarnpkg.com/cacache/-/cacache-15.0.5.tgz#69162833da29170d6732334643c60e005f5f17d0"
+  integrity sha512-lloiL22n7sOjEEXdL8NAjTgv9a1u43xICE9/203qonkZUCj5X1UEWIdf2/Y0d6QcCtMzbKQyhrcDbdvlZTs/+A==
   dependencies:
-    chownr "^1.1.2"
+    "@npmcli/move-file" "^1.0.1"
+    chownr "^2.0.0"
     fs-minipass "^2.0.0"
     glob "^7.1.4"
     infer-owner "^1.0.4"
-    lru-cache "^5.1.1"
+    lru-cache "^6.0.0"
     minipass "^3.1.1"
     minipass-collect "^1.0.2"
     minipass-flush "^1.0.5"
     minipass-pipeline "^1.2.2"
     mkdirp "^1.0.3"
-    move-concurrently "^1.0.1"
-    p-map "^3.0.0"
+    p-map "^4.0.0"
     promise-inflight "^1.0.1"
-    rimraf "^2.7.1"
+    rimraf "^3.0.2"
     ssri "^8.0.0"
-    tar "^6.0.1"
+    tar "^6.0.2"
     unique-filename "^1.1.1"
 
 cacache@^12.0.0, cacache@^12.0.2:
@@ -1974,29 +2207,6 @@ cacache@^12.0.0, cacache@^12.0.2:
     unique-filename "^1.1.1"
     y18n "^4.0.0"
 
-cacache@^15.0.4:
-  version "15.0.5"
-  resolved "https://registry.yarnpkg.com/cacache/-/cacache-15.0.5.tgz#69162833da29170d6732334643c60e005f5f17d0"
-  integrity sha512-lloiL22n7sOjEEXdL8NAjTgv9a1u43xICE9/203qonkZUCj5X1UEWIdf2/Y0d6QcCtMzbKQyhrcDbdvlZTs/+A==
-  dependencies:
-    "@npmcli/move-file" "^1.0.1"
-    chownr "^2.0.0"
-    fs-minipass "^2.0.0"
-    glob "^7.1.4"
-    infer-owner "^1.0.4"
-    lru-cache "^6.0.0"
-    minipass "^3.1.1"
-    minipass-collect "^1.0.2"
-    minipass-flush "^1.0.5"
-    minipass-pipeline "^1.2.2"
-    mkdirp "^1.0.3"
-    p-map "^4.0.0"
-    promise-inflight "^1.0.1"
-    rimraf "^3.0.2"
-    ssri "^8.0.0"
-    tar "^6.0.2"
-    unique-filename "^1.1.1"
-
 cache-base@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/cache-base/-/cache-base-1.0.1.tgz#0a7f46416831c8b662ee36fe4e7c59d76f666ab2"
@@ -2031,11 +2241,16 @@ callsites@^2.0.0:
   resolved "https://registry.yarnpkg.com/callsites/-/callsites-2.0.0.tgz#06eb84f00eea413da86affefacbffb36093b3c50"
   integrity sha1-BuuE8A7qQT2oav/vrL/7Ngk7PFA=
 
-camelcase@^5.0.0, camelcase@^5.3.1:
+camelcase@5.3.1, camelcase@^5.0.0:
   version "5.3.1"
   resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-5.3.1.tgz#e3c9b31569e106811df242f715725a1f4c494320"
   integrity sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg==
 
+camelcase@^6.0.0:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/camelcase/-/camelcase-6.1.0.tgz#27dc176173725fb0adf8a48b647f4d7871944d78"
+  integrity sha512-WCMml9ivU60+8rEJgELlFp1gxFcEGxwYleE3bziHEDeqsqAWGHdimB7beBFGjLzVNgPGyDsfgXLQEYMpmIFnVQ==
+
 caniuse-api@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/caniuse-api/-/caniuse-api-3.0.0.tgz#5e4d90e2274961d46291997df599e3ed008ee4c0"
@@ -2046,11 +2261,16 @@ caniuse-api@^3.0.0:
     lodash.memoize "^4.1.2"
     lodash.uniq "^4.5.0"
 
-caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001020, caniuse-lite@^1.0.30001032, caniuse-lite@^1.0.30001131:
+caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001032, caniuse-lite@^1.0.30001131:
   version "1.0.30001133"
   resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001133.tgz#ec564c5495311299eb05245e252d589a84acd95e"
   integrity sha512-s3XAUFaC/ntDb1O3lcw9K8MPeOW7KO3z9+GzAoBxfz1B0VdacXPMKgFUtG4KIsgmnbexmi013s9miVu4h+qMHw==
 
+caniuse-lite@^1.0.30001109:
+  version "1.0.30001151"
+  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001151.tgz#1ddfde5e6fff02aad7940b4edb7d3ac76b0cb00b"
+  integrity sha512-Zh3sHqskX6mHNrqUerh+fkf0N72cMxrmflzje/JyVImfpknscMnkeJrlFGJcqTmaa0iszdYptGpWMJCRQDkBVw==
+
 canonical-path@1.0.0:
   version "1.0.0"
   resolved "https://registry.yarnpkg.com/canonical-path/-/canonical-path-1.0.0.tgz#fcb470c23958def85081856be7a86e904f180d1d"
@@ -2070,10 +2290,10 @@ chalk@^2.0.0, chalk@^2.0.1, chalk@^2.3.0, chalk@^2.4.1, chalk@^2.4.2:
     escape-string-regexp "^1.0.5"
     supports-color "^5.3.0"
 
-chalk@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/chalk/-/chalk-3.0.0.tgz#3f73c2bf526591f574cc492c51e2456349f844e4"
-  integrity sha512-4D3B6Wf41KOYRFdszmDqMCGq5VV/uMAB273JILmO+3jAlh8X4qDtdtgCR3fxtbLEMzSx22QdhnDcJvu2u1fVwg==
+chalk@^4.0.0, chalk@^4.1.0:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/chalk/-/chalk-4.1.0.tgz#4e14870a618d9e2edd97dd8345fd9d9dc315646a"
+  integrity sha512-qwx12AxXe2Q5xQ43Ac//I6v5aXTipYrSESdOgzrN+9XjgEpyjpKuvSGaN4qE93f7TQTlerQQ8S+EQ0EyDoVL1A==
   dependencies:
     ansi-styles "^4.1.0"
     supports-color "^7.1.0"
@@ -2169,15 +2389,15 @@ cli-cursor@^3.1.0:
   dependencies:
     restore-cursor "^3.1.0"
 
-cli-spinners@^2.2.0:
-  version "2.4.0"
-  resolved "https://registry.yarnpkg.com/cli-spinners/-/cli-spinners-2.4.0.tgz#c6256db216b878cfba4720e719cec7cf72685d7f"
-  integrity sha512-sJAofoarcm76ZGpuooaO0eDy8saEy+YoZBLjC4h8srt4jeBnkYeOgqxgsJQTpyt2LjI5PTfLJHSL+41Yu4fEJA==
+cli-spinners@^2.4.0:
+  version "2.5.0"
+  resolved "https://registry.yarnpkg.com/cli-spinners/-/cli-spinners-2.5.0.tgz#12763e47251bf951cb75c201dfa58ff1bcb2d047"
+  integrity sha512-PC+AmIuK04E6aeSs/pUccSujsTzBhu4HzC2dL+CfJB/Jcc2qTRbEwZQDfIUpt2Xl8BodYBEq8w4fc0kU2I9DjQ==
 
-cli-width@^2.0.0:
-  version "2.2.1"
-  resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-2.2.1.tgz#b0433d0b4e9c847ef18868a4ef16fd5fc8271c48"
-  integrity sha512-GRMWDxpOB6Dgk2E5Uo+3eEBvtOOlimMmpbFiKuLFnQzYDavtLFY3K5ona41jgN/WdRZtG7utuVSVTL4HbZHGkw==
+cli-width@^3.0.0:
+  version "3.0.0"
+  resolved "https://registry.yarnpkg.com/cli-width/-/cli-width-3.0.0.tgz#a2f48437a2caa9a22436e794bf071ec9e61cedf6"
+  integrity sha512-FxqpkPPwu1HjuN93Omfm4h8uIanXofW0RxVEW3k5RKx+mJJYSthzNhp32Kzxxy3YAEZ/Dc/EWN1vZRY0+kOhbw==
 
 cliui@^5.0.0:
   version "5.0.0"
@@ -2197,21 +2417,12 @@ cliui@^6.0.0:
     strip-ansi "^6.0.0"
     wrap-ansi "^6.2.0"
 
-clone-deep@^4.0.1:
-  version "4.0.1"
-  resolved "https://registry.yarnpkg.com/clone-deep/-/clone-deep-4.0.1.tgz#c19fd9bdbbf85942b4fd979c84dcf7d5f07c2387"
-  integrity sha512-neHB9xuzh/wk0dIHweyAXv2aPGZIVk3pLMe+/RNzINf17fe0OG96QroktYAUm7SM1PBnzTabaLboqqxDyMU+SQ==
-  dependencies:
-    is-plain-object "^2.0.4"
-    kind-of "^6.0.2"
-    shallow-clone "^3.0.0"
-
 clone@^1.0.2:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/clone/-/clone-1.0.4.tgz#da309cc263df15994c688ca902179ca3c7cd7c7e"
   integrity sha1-2jCcwmPfFZlMaIypAheco8fNfH4=
 
-clone@^2.1.1, clone@^2.1.2:
+clone@^2.1.2:
   version "2.1.2"
   resolved "https://registry.yarnpkg.com/clone/-/clone-2.1.2.tgz#1b7f4b9f591f1e8f83670401600345a02887435f"
   integrity sha1-G39Ln1kfHo+DZwQBYANFoCiHQ18=
@@ -2288,6 +2499,11 @@ color@^3.0.0:
     color-convert "^1.9.1"
     color-string "^1.5.2"
 
+colorette@^1.2.1:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/colorette/-/colorette-1.2.1.tgz#4d0b921325c14faf92633086a536db6e89564b1b"
+  integrity sha512-puCDz0CzydiSYOrnXpz/PKd69zRrribezjtE9yd4zvytoRc8+RY/KJPvtPFKZS3E3wP6neGyMe0vOTlHO5L3Pw==
+
 combined-stream@^1.0.6, combined-stream@~1.0.6:
   version "1.0.8"
   resolved "https://registry.yarnpkg.com/combined-stream/-/combined-stream-1.0.8.tgz#c3d45a8b34fd730631a110a8a2520682b31d5a7f"
@@ -2310,6 +2526,13 @@ component-emitter@^1.2.1:
   resolved "https://registry.yarnpkg.com/component-emitter/-/component-emitter-1.3.0.tgz#16e4070fba8ae29b679f2215853ee181ab2eabc0"
   integrity sha512-Rd3se6QB+sO1TwqZjscQrurpEPIfO0/yYnSin6Q/rD3mOutHvUrCAhJub3r90uNb+SESBuE0QYoB90YdfatsRg==
 
+compose-function@3.0.3:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/compose-function/-/compose-function-3.0.3.tgz#9ed675f13cc54501d30950a486ff6a7ba3ab185f"
+  integrity sha1-ntZ18TzFRQHTCVCkhv9qe6OrGF8=
+  dependencies:
+    arity-n "^1.0.4"
+
 compressible@~2.0.16:
   version "2.0.18"
   resolved "https://registry.yarnpkg.com/compressible/-/compressible-2.0.18.tgz#af53cca6b070d4c3c0750fbd77286a6d7cc46fba"
@@ -2372,13 +2595,18 @@ content-type@~1.0.4:
   resolved "https://registry.yarnpkg.com/content-type/-/content-type-1.0.4.tgz#e138cc75e040c727b1966fe5e5f8c9aee256fe3b"
   integrity sha512-hIP3EEPs8tB9AT1L+NUqtwOAps4mk2Zob89MWXMHjHWg9milF/j4osnnQLXBCBFBk/tvIG/tUc9mOUJiPBhPXA==
 
-convert-source-map@^1.5.1, convert-source-map@^1.7.0:
+convert-source-map@1.7.0, convert-source-map@^1.5.1, convert-source-map@^1.7.0:
   version "1.7.0"
   resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-1.7.0.tgz#17a2cb882d7f77d3490585e2ce6c524424a3a442"
   integrity sha512-4FJkXzKXEDB1snCFZlLP4gpC3JILicCpGbzG9f9G7tGqGCzETQ2hWPrcinA9oU4wtf2biUaEH5065UnMeR33oA==
   dependencies:
     safe-buffer "~5.1.1"
 
+convert-source-map@^0.3.3:
+  version "0.3.5"
+  resolved "https://registry.yarnpkg.com/convert-source-map/-/convert-source-map-0.3.5.tgz#f1d802950af7dd2631a1febe0596550c86ab3190"
+  integrity sha1-8dgClQr33SYxof6+BZZVDIarMZA=
+
 cookie-signature@1.0.6:
   version "1.0.6"
   resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c"
@@ -2528,24 +2756,23 @@ css-declaration-sorter@^4.0.1:
     postcss "^7.0.1"
     timsort "^0.3.0"
 
-css-loader@3.5.1:
-  version "3.5.1"
-  resolved "https://registry.yarnpkg.com/css-loader/-/css-loader-3.5.1.tgz#db2b2336f4169edb68e6a829ad4fd36552647b77"
-  integrity sha512-0G4CbcZzQ9D1Q6ndOfjFuMDo8uLYMu5vc9Abs5ztyHcKvmil6GJrMiNjzzi3tQvUF+mVRuDg7bE6Oc0Prolgig==
+css-loader@4.2.2:
+  version "4.2.2"
+  resolved "https://registry.yarnpkg.com/css-loader/-/css-loader-4.2.2.tgz#b668b3488d566dc22ebcf9425c5f254a05808c89"
+  integrity sha512-omVGsTkZPVwVRpckeUnLshPp12KsmMSLqYxs12+RzM9jRR5Y+Idn/tBffjXRvOE+qW7if24cuceFJqYR5FmGBg==
   dependencies:
-    camelcase "^5.3.1"
+    camelcase "^6.0.0"
     cssesc "^3.0.0"
     icss-utils "^4.1.1"
-    loader-utils "^1.2.3"
-    normalize-path "^3.0.0"
-    postcss "^7.0.27"
+    loader-utils "^2.0.0"
+    postcss "^7.0.32"
     postcss-modules-extract-imports "^2.0.0"
-    postcss-modules-local-by-default "^3.0.2"
+    postcss-modules-local-by-default "^3.0.3"
     postcss-modules-scope "^2.2.0"
     postcss-modules-values "^3.0.0"
-    postcss-value-parser "^4.0.3"
-    schema-utils "^2.6.5"
-    semver "^6.3.0"
+    postcss-value-parser "^4.1.0"
+    schema-utils "^2.7.0"
+    semver "^7.3.2"
 
 css-parse@~2.0.0:
   version "2.0.0"
@@ -2700,6 +2927,14 @@ cyclist@^1.0.1:
   resolved "https://registry.yarnpkg.com/cyclist/-/cyclist-1.0.1.tgz#596e9698fd0c80e12038c2b82d6eb1b35b6224d9"
   integrity sha1-WW6WmP0MgOEgOMK4LW6xs1tiJNk=
 
+d@1, d@^1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/d/-/d-1.0.1.tgz#8698095372d58dbee346ffd0c7093f99f8f9eb5a"
+  integrity sha512-m62ShEObQ39CfralilEQRjH6oAMtNCV1xJyEx5LpRYUVN+EviphDgUc/F3hnYbADmkiNs67Y+3ylmlG7Lnu+FA==
+  dependencies:
+    es5-ext "^0.10.50"
+    type "^1.0.1"
+
 damerau-levenshtein@^1.0.4:
   version "1.0.6"
   resolved "https://registry.yarnpkg.com/damerau-levenshtein/-/damerau-levenshtein-1.0.6.tgz#143c1641cb3d85c60c32329e26899adea8701791"
@@ -2712,6 +2947,15 @@ dashdash@^1.12.0:
   dependencies:
     assert-plus "^1.0.0"
 
+data-urls@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/data-urls/-/data-urls-2.0.0.tgz#156485a72963a970f5d5821aaf642bef2bf2db9b"
+  integrity sha512-X5eWTSXO/BJmpdIKCRuKUgSCgAN0OwliVK3yPKbwIWU1Tdw5BRajxlzMidvh+gwko9AfQ9zIj52pzF91Q3YAvQ==
+  dependencies:
+    abab "^2.0.3"
+    whatwg-mimetype "^2.3.0"
+    whatwg-url "^8.0.0"
+
 debug@2.6.9, debug@^2.2.0, debug@^2.3.3:
   version "2.6.9"
   resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f"
@@ -2733,7 +2977,7 @@ debug@4.1.1:
   dependencies:
     ms "^2.1.1"
 
-debug@^3.0.0, debug@^3.1.0, debug@^3.1.1, debug@^3.2.5:
+debug@^3.1.0, debug@^3.1.1, debug@^3.2.5:
   version "3.2.6"
   resolved "https://registry.yarnpkg.com/debug/-/debug-3.2.6.tgz#e83d17de16d8a7efb7717edbe5fb10135eee629b"
   integrity sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==
@@ -3032,6 +3276,11 @@ emoji-regex@^8.0.0:
   resolved "https://registry.yarnpkg.com/emoji-regex/-/emoji-regex-8.0.0.tgz#e818fd69ce5ccfcb404594f842963bf53164cc37"
   integrity sha512-MSjYzcWNOA0ewAHpz0MxpYFvwg6yjy1NG3xteoqz644VCo/RPgnr1/GGt+ic3iJTzQ8Eu3TdM14SawnVUmGE6A==
 
+emojis-list@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/emojis-list/-/emojis-list-2.1.0.tgz#4daa4d9db00f9819880c79fa457ae5b09a1fd389"
+  integrity sha1-TapNnbAPmBmIDHn6RXrlsJof04k=
+
 emojis-list@^3.0.0:
   version "3.0.0"
   resolved "https://registry.yarnpkg.com/emojis-list/-/emojis-list-3.0.0.tgz#5570662046ad29e2e916e71aae260abdff4f6a78"
@@ -3056,16 +3305,7 @@ end-of-stream@^1.0.0, end-of-stream@^1.1.0:
   dependencies:
     once "^1.4.0"
 
-enhanced-resolve@4.1.1:
-  version "4.1.1"
-  resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-4.1.1.tgz#2937e2b8066cd0fe7ce0990a98f0d71a35189f66"
-  integrity sha512-98p2zE+rL7/g/DzMHMTF4zZlCgeVdJ7yr6xzEpJRYwFYrGi9ANdn5DnJURg6RpBkyk60XYDnWIv51VfIhfNGuA==
-  dependencies:
-    graceful-fs "^4.1.2"
-    memory-fs "^0.5.0"
-    tapable "^1.0.0"
-
-enhanced-resolve@^4.1.0:
+enhanced-resolve@4.3.0, enhanced-resolve@^4.3.0:
   version "4.3.0"
   resolved "https://registry.yarnpkg.com/enhanced-resolve/-/enhanced-resolve-4.3.0.tgz#3b806f3bfafc1ec7de69551ef93cca46c1704126"
   integrity sha512-3e87LvavsdxyoCfGusJnrZ5G8SLPOFeHSNpZI/ATL9a5leXo2k0w6MKnbqhdBad9qTobSfB20Ld7UmgoNbAZkQ==
@@ -3155,6 +3395,24 @@ es-to-primitive@^1.2.1:
     is-date-object "^1.0.1"
     is-symbol "^1.0.2"
 
+es5-ext@^0.10.35, es5-ext@^0.10.50:
+  version "0.10.53"
+  resolved "https://registry.yarnpkg.com/es5-ext/-/es5-ext-0.10.53.tgz#93c5a3acfdbef275220ad72644ad02ee18368de1"
+  integrity sha512-Xs2Stw6NiNHWypzRTY1MtaG/uJlwCk8kH81920ma8mvN8Xq1gsfhZvpkImLQArw8AHnv8MT2I45J3c0R8slE+Q==
+  dependencies:
+    es6-iterator "~2.0.3"
+    es6-symbol "~3.1.3"
+    next-tick "~1.0.0"
+
+es6-iterator@2.0.3, es6-iterator@~2.0.3:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/es6-iterator/-/es6-iterator-2.0.3.tgz#a7de889141a05a94b0854403b2d0a0fbfa98f3b7"
+  integrity sha1-p96IkUGgWpSwhUQDstCg+/qY87c=
+  dependencies:
+    d "1"
+    es5-ext "^0.10.35"
+    es6-symbol "^3.1.1"
+
 es6-promise@^4.0.3:
   version "4.2.8"
   resolved "https://registry.yarnpkg.com/es6-promise/-/es6-promise-4.2.8.tgz#4eb21594c972bc40553d276e510539143db53e0a"
@@ -3167,6 +3425,14 @@ es6-promisify@^5.0.0:
   dependencies:
     es6-promise "^4.0.3"
 
+es6-symbol@^3.1.1, es6-symbol@~3.1.3:
+  version "3.1.3"
+  resolved "https://registry.yarnpkg.com/es6-symbol/-/es6-symbol-3.1.3.tgz#bad5d3c1bcdac28269f4cb331e431c78ac705d18"
+  integrity sha512-NJ6Yn3FuDinBaBRWl/q5X/s4koRHBrgKAu+yGI6JCBeiu3qrcbJhwT2GeR/EXVfylRk8dpQVJoLEFhK+Mu31NA==
+  dependencies:
+    d "^1.0.1"
+    ext "^1.1.2"
+
 escalade@^3.1.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.1.0.tgz#e8e2d7c7a8b76f6ee64c2181d6b8151441602d4e"
@@ -3309,6 +3575,13 @@ express@^4.17.1:
     utils-merge "1.0.1"
     vary "~1.1.2"
 
+ext@^1.1.2:
+  version "1.4.0"
+  resolved "https://registry.yarnpkg.com/ext/-/ext-1.4.0.tgz#89ae7a07158f79d35517882904324077e4379244"
+  integrity sha512-Key5NIsUxdqKg3vIsdw9dSuXpPCQ297y6wBjL30edxwPgt2E44WcWBZey/ZvUc6sERLTxKdyCu4gZFmUbk1Q7A==
+  dependencies:
+    type "^2.0.0"
+
 extend-shallow@^2.0.1:
   version "2.0.1"
   resolved "https://registry.yarnpkg.com/extend-shallow/-/extend-shallow-2.0.1.tgz#51af7d614ad9a9f610ea1bafbb989d6b1c56890f"
@@ -3474,7 +3747,7 @@ find-cache-dir@3.3.1, find-cache-dir@^3.3.1:
     make-dir "^3.0.2"
     pkg-dir "^4.1.0"
 
-find-cache-dir@^2.0.0, find-cache-dir@^2.1.0:
+find-cache-dir@^2.1.0:
   version "2.1.0"
   resolved "https://registry.yarnpkg.com/find-cache-dir/-/find-cache-dir-2.1.0.tgz#8d0f94cd13fe43c6c7c261a0d86115ca918c05f7"
   integrity sha512-Tq6PixE0w/VMFfCgbONnkiQIVol/JJL7nRMi20fqzA4NRs9AfeqMGeRdPi3wIhYkxjeBaWh2rxwapn5Tu3IqOQ==
@@ -3665,7 +3938,7 @@ glob-parent@^5.1.0, glob-parent@^5.1.1, glob-parent@~5.1.0:
   dependencies:
     is-glob "^4.0.1"
 
-glob@7.1.6, glob@^7.0.3, glob@^7.1.1, glob@^7.1.3, glob@^7.1.4:
+glob@7.1.6, glob@^7.0.3, glob@^7.1.1, glob@^7.1.3, glob@^7.1.4, glob@^7.1.6:
   version "7.1.6"
   resolved "https://registry.yarnpkg.com/glob/-/glob-7.1.6.tgz#141f33b81a7c2492e125594307480c46679278a6"
   integrity sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==
@@ -4088,21 +4361,21 @@ ini@1.3.5:
   resolved "https://registry.yarnpkg.com/ini/-/ini-1.3.5.tgz#eee25f56db1c9ec6085e0c22778083f596abf927"
   integrity sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw==
 
-inquirer@7.1.0:
-  version "7.1.0"
-  resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-7.1.0.tgz#1298a01859883e17c7264b82870ae1034f92dd29"
-  integrity sha512-5fJMWEmikSYu0nv/flMc475MhGbB7TSPd/2IpFV4I4rMklboCH2rQjYY5kKiYGHqUF9gvaambupcJFFG9dvReg==
+inquirer@7.3.3:
+  version "7.3.3"
+  resolved "https://registry.yarnpkg.com/inquirer/-/inquirer-7.3.3.tgz#04d176b2af04afc157a83fd7c100e98ee0aad003"
+  integrity sha512-JG3eIAj5V9CwcGvuOmoo6LB9kbAYT8HXffUl6memuszlwDC/qvFAJw49XJ5NROSFNPxp3iQg1GqkFhaY/CR0IA==
   dependencies:
     ansi-escapes "^4.2.1"
-    chalk "^3.0.0"
+    chalk "^4.1.0"
     cli-cursor "^3.1.0"
-    cli-width "^2.0.0"
+    cli-width "^3.0.0"
     external-editor "^3.0.3"
     figures "^3.0.0"
-    lodash "^4.17.15"
+    lodash "^4.17.19"
     mute-stream "0.0.8"
     run-async "^2.4.0"
-    rxjs "^6.5.3"
+    rxjs "^6.6.0"
     string-width "^4.1.0"
     strip-ansi "^6.0.0"
     through "^2.3.6"
@@ -4115,7 +4388,7 @@ internal-ip@^4.3.0:
     default-gateway "^4.2.0"
     ipaddr.js "^1.9.0"
 
-invariant@^2.2.2, invariant@^2.2.4:
+invariant@^2.2.2:
   version "2.2.4"
   resolved "https://registry.yarnpkg.com/invariant/-/invariant-2.2.4.tgz#610f3c92c9359ce1db616e538008d23ff35158e6"
   integrity sha512-phJfQVBuaJM5raOpJjSfkiD6BpbCE4Ns//LaXl6wGYtUBY83nWS6Rf9tXm2e8VaK60JEjYldbPif/A2B1C2gNA==
@@ -4222,6 +4495,13 @@ is-color-stop@^1.0.0:
     rgb-regex "^1.0.1"
     rgba-regex "^1.0.0"
 
+is-core-module@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.0.0.tgz#58531b70aed1db7c0e8d4eb1a0a2d1ddd64bd12d"
+  integrity sha512-jq1AH6C8MuteOoBPwkxHafmByhL9j5q4OaPGdbuD+ZtQJVzH+i6E3BJDQcBA09k57i2Hh2yQbEG8yObZ0jdlWw==
+  dependencies:
+    has "^1.0.3"
+
 is-data-descriptor@^0.1.4:
   version "0.1.4"
   resolved "https://registry.yarnpkg.com/is-data-descriptor/-/is-data-descriptor-0.1.4.tgz#0b5ee648388e2c860282e793f1856fec3f301b56"
@@ -4498,7 +4778,7 @@ istanbul-lib-coverage@^3.0.0:
   resolved "https://registry.yarnpkg.com/istanbul-lib-coverage/-/istanbul-lib-coverage-3.0.0.tgz#f5944a37c70b550b02a78a5c3b2055b280cec8ec"
   integrity sha512-UiUIqxMgRDET6eR+o5HbfRYP1l0hqkWOs7vNxC/mggutCMUIhWMm8gAHb8tHlyfD3/l6rlgNA5cKdDzEAf6hEg==
 
-istanbul-lib-instrument@^4.0.1:
+istanbul-lib-instrument@^4.0.3:
   version "4.0.3"
   resolved "https://registry.yarnpkg.com/istanbul-lib-instrument/-/istanbul-lib-instrument-4.0.3.tgz#873c6fff897450118222774696a3f28902d77c1d"
   integrity sha512-BXgQl9kf4WTCPCCpmFGoJkz/+uhvm7h7PFKUYxh7qarQd3ER33vHG//qaE8eN25l07YqZPpHXU9I09l/RD5aGQ==
@@ -4508,18 +4788,19 @@ istanbul-lib-instrument@^4.0.1:
     istanbul-lib-coverage "^3.0.0"
     semver "^6.3.0"
 
-jest-worker@25.1.0:
-  version "25.1.0"
-  resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-25.1.0.tgz#75d038bad6fdf58eba0d2ec1835856c497e3907a"
-  integrity sha512-ZHhHtlxOWSxCoNOKHGbiLzXnl42ga9CxDr27H36Qn+15pQZd3R/F24jrmjDelw9j/iHUIWMWs08/u2QN50HHOg==
+jest-worker@26.3.0:
+  version "26.3.0"
+  resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-26.3.0.tgz#7c8a97e4f4364b4f05ed8bca8ca0c24de091871f"
+  integrity sha512-Vmpn2F6IASefL+DVBhPzI2J9/GJUsqzomdeN+P+dK8/jKxbh8R3BtFnx3FIta7wYlPU62cpJMJQo4kuOowcMnw==
   dependencies:
+    "@types/node" "*"
     merge-stream "^2.0.0"
     supports-color "^7.0.0"
 
-jest-worker@^26.0.0:
-  version "26.3.0"
-  resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-26.3.0.tgz#7c8a97e4f4364b4f05ed8bca8ca0c24de091871f"
-  integrity sha512-Vmpn2F6IASefL+DVBhPzI2J9/GJUsqzomdeN+P+dK8/jKxbh8R3BtFnx3FIta7wYlPU62cpJMJQo4kuOowcMnw==
+jest-worker@^26.3.0:
+  version "26.6.1"
+  resolved "https://registry.yarnpkg.com/jest-worker/-/jest-worker-26.6.1.tgz#c2ae8cde6802cc14056043f997469ec170d9c32a"
+  integrity sha512-R5IE3qSGz+QynJx8y+ICEkdI2OJ3RJjRQVEyCcFAd3yVhQSEtquziPO29Mlzgn07LOVE8u8jhJ1FqcwegiXWOw==
   dependencies:
     "@types/node" "*"
     merge-stream "^2.0.0"
@@ -4602,6 +4883,11 @@ json5@^2.1.2:
   dependencies:
     minimist "^1.2.5"
 
+jsonc-parser@2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/jsonc-parser/-/jsonc-parser-2.3.0.tgz#7c7fc988ee1486d35734faaaa866fadb00fa91ee"
+  integrity sha512-b0EBt8SWFNnixVdvoR2ZtEGa9ZqLhbJnOjezn+WP+8kspFm+PFYDN8Z4Bc7pRlDjvuVcADSUkroIuTWWn/YiIA==
+
 jsonfile@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/jsonfile/-/jsonfile-4.0.0.tgz#8771aae0799b64076b76640fca058f9c10e33ecb"
@@ -4665,21 +4951,26 @@ kind-of@^6.0.0, kind-of@^6.0.2:
   resolved "https://registry.yarnpkg.com/kind-of/-/kind-of-6.0.3.tgz#07c05034a6c349fa06e24fa35aa76db4580ce4dd"
   integrity sha512-dcS1ul+9tmeD95T+x28/ehLgd9mENa3LsvDTtzm3vyBEO7RPptvAD+t44WVXaUjTBRcrpFeFlC8WCruUR456hw==
 
-less-loader@5.0.0:
-  version "5.0.0"
-  resolved "https://registry.yarnpkg.com/less-loader/-/less-loader-5.0.0.tgz#498dde3a6c6c4f887458ee9ed3f086a12ad1b466"
-  integrity sha512-bquCU89mO/yWLaUq0Clk7qCsKhsF/TZpJUzETRvJa9KSVEL9SO3ovCvdEHISBhrC81OwC8QSVX7E0bzElZj9cg==
-  dependencies:
-    clone "^2.1.1"
-    loader-utils "^1.1.0"
-    pify "^4.0.1"
+klona@^2.0.3:
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/klona/-/klona-2.0.4.tgz#7bb1e3affb0cb8624547ef7e8f6708ea2e39dfc0"
+  integrity sha512-ZRbnvdg/NxqzC7L9Uyqzf4psi1OM4Cuc+sJAkQPjO6XkQIJTNbfK2Rsmbw8fx1p2mkZdp2FZYo2+LwXYY/uwIA==
 
-less@3.11.3:
-  version "3.11.3"
-  resolved "https://registry.yarnpkg.com/less/-/less-3.11.3.tgz#2d853954fcfe0169a8af869620bcaa16563dcc1c"
-  integrity sha512-VkZiTDdtNEzXA3LgjQiC3D7/ejleBPFVvq+aRI9mIj+Zhmif5TvFPM244bT4rzkvOCvJ9q4zAztok1M7Nygagw==
+less-loader@6.2.0:
+  version "6.2.0"
+  resolved "https://registry.yarnpkg.com/less-loader/-/less-loader-6.2.0.tgz#8b26f621c155b342eefc24f5bd6e9dc40c42a719"
+  integrity sha512-Cl5h95/Pz/PWub/tCBgT1oNMFeH1WTD33piG80jn5jr12T4XbxZcjThwNXDQ7AG649WEynuIzO4b0+2Tn9Qolg==
   dependencies:
     clone "^2.1.2"
+    less "^3.11.3"
+    loader-utils "^2.0.0"
+    schema-utils "^2.7.0"
+
+less@^3.11.3:
+  version "3.12.2"
+  resolved "https://registry.yarnpkg.com/less/-/less-3.12.2.tgz#157e6dd32a68869df8859314ad38e70211af3ab4"
+  integrity sha512-+1V2PCMFkL+OIj2/HrtrvZw0BC0sYLMICJfbQjuj/K8CEnlrFX6R5cKKgzzttsZDHyxQNL1jqMREjKN3ja/E3Q==
+  dependencies:
     tslib "^1.10.0"
   optionalDependencies:
     errno "^0.1.1"
@@ -4687,8 +4978,7 @@ less@3.11.3:
     image-size "~0.5.0"
     make-dir "^2.1.0"
     mime "^1.4.1"
-    promise "^7.1.1"
-    request "^2.83.0"
+    native-request "^1.0.5"
     source-map "~0.6.0"
 
 leven@^3.1.0:
@@ -4703,10 +4993,10 @@ levenary@^1.1.1:
   dependencies:
     leven "^3.1.0"
 
-license-webpack-plugin@2.1.4:
-  version "2.1.4"
-  resolved "https://registry.yarnpkg.com/license-webpack-plugin/-/license-webpack-plugin-2.1.4.tgz#c5529a4bb87cc9b4489b486d054ba7cae43a554e"
-  integrity sha512-1Xq72fmPbTg5KofXs+yI5L4QqPFjQ6mZxoeI6D7gfiEDOtaEIk6PGrdLaej90bpDqKNHNxlQ/MW4tMAL6xMPJQ==
+license-webpack-plugin@2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/license-webpack-plugin/-/license-webpack-plugin-2.3.0.tgz#c00f70d5725ba0408de208acb9e66612cc2eceda"
+  integrity sha512-JK/DXrtN6UeYQSgkg5q1+pgJ8aiKPL9tnz9Wzw+Ikkf+8mJxG56x6t8O+OH/tAeF/5NREnelTEMyFtbJNkjH4w==
   dependencies:
     "@types/webpack-sources" "^0.1.5"
     webpack-sources "^1.2.0"
@@ -4716,6 +5006,15 @@ loader-runner@^2.4.0:
   resolved "https://registry.yarnpkg.com/loader-runner/-/loader-runner-2.4.0.tgz#ed47066bfe534d7e84c4c7b9998c2a75607d9357"
   integrity sha512-Jsmr89RcXGIwivFY21FcRrisYZfvLMTWx5kOLc+JTxtpBOG6xML0vzbc6SEQG2FO9/4Fc3wW4LVcB5DmGflaRw==
 
+loader-utils@1.2.3:
+  version "1.2.3"
+  resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-1.2.3.tgz#1ff5dc6911c9f0a062531a4c04b609406108c2c7"
+  integrity sha512-fkpz8ejdnEMG3s37wGL07iSBDg99O9D5yflE9RGNH3hRdx9SOwYfnGYdZOUIZitN8E+E2vkq3MUMYMvPYl5ZZA==
+  dependencies:
+    big.js "^5.2.2"
+    emojis-list "^2.0.0"
+    json5 "^1.0.1"
+
 loader-utils@2.0.0, loader-utils@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/loader-utils/-/loader-utils-2.0.0.tgz#e4cace5b816d425a166b5f097e10cd12b36064b0"
@@ -4759,22 +5058,27 @@ lodash.memoize@^4.1.2:
   resolved "https://registry.yarnpkg.com/lodash.memoize/-/lodash.memoize-4.1.2.tgz#bcc6c49a42a2840ed997f323eada5ecd182e0bfe"
   integrity sha1-vMbEmkKihA7Zl/Mj6tpezRguC/4=
 
+lodash.sortby@^4.7.0:
+  version "4.7.0"
+  resolved "https://registry.yarnpkg.com/lodash.sortby/-/lodash.sortby-4.7.0.tgz#edd14c824e2cc9c1e0b0a1b42bb5210516a42438"
+  integrity sha1-7dFMgk4sycHgsKG0K7UhBRakJDg=
+
 lodash.uniq@^4.5.0:
   version "4.5.0"
   resolved "https://registry.yarnpkg.com/lodash.uniq/-/lodash.uniq-4.5.0.tgz#d0225373aeb652adc1bc82e4945339a842754773"
   integrity sha1-0CJTc662Uq3BvILklFM5qEJ1R3M=
 
-lodash@^4.17.11, lodash@^4.17.13, lodash@^4.17.14, lodash@^4.17.15, lodash@^4.17.19:
+lodash@^4.17.11, lodash@^4.17.14, lodash@^4.17.15, lodash@^4.17.19:
   version "4.17.20"
   resolved "https://registry.yarnpkg.com/lodash/-/lodash-4.17.20.tgz#b44a9b6297bcb698f1c51a3545a2b3b368d59c52"
   integrity sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==
 
-log-symbols@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-3.0.0.tgz#f3a08516a5dea893336a7dee14d18a1cfdab77c4"
-  integrity sha512-dSkNGuI7iG3mfvDzUuYZyvk5dD9ocYCYzNU6CYDE6+Xqd+gwme6Z00NS3dUh8mq/73HaEtT7m6W+yUPtU6BZnQ==
+log-symbols@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/log-symbols/-/log-symbols-4.0.0.tgz#69b3cc46d20f448eccdb75ea1fa733d9e821c920"
+  integrity sha512-FN8JBzLx6CzeMrB0tg6pqlGU1wCrXW+ZXGH481kfsBqer0hToTIiHdjH4Mq8xJUbvATujKCvaREGWpGUionraA==
   dependencies:
-    chalk "^2.4.2"
+    chalk "^4.0.0"
 
 loglevel@^1.6.8:
   version "1.7.0"
@@ -4841,11 +5145,6 @@ make-fetch-happen@^5.0.0:
     socks-proxy-agent "^4.0.0"
     ssri "^6.0.0"
 
-mamacro@^0.0.3:
-  version "0.0.3"
-  resolved "https://registry.yarnpkg.com/mamacro/-/mamacro-0.0.3.tgz#ad2c9576197c9f1abf308d0787865bd975a3f3e4"
-  integrity sha512-qMEwh+UujcQ+kbz3T6V+wAmO2U8veoq2w+3wY8MquqwVA3jChfwY+Tk52GZKDfACEPjuZ7r2oJLejwpt8jtwTA==
-
 map-cache@^0.2.2:
   version "0.2.2"
   resolved "https://registry.yarnpkg.com/map-cache/-/map-cache-0.2.2.tgz#c32abd0bd6525d9b051645bb4f26ac5dc98a0dbf"
@@ -4992,10 +5291,10 @@ mimic-fn@^2.1.0:
   resolved "https://registry.yarnpkg.com/mimic-fn/-/mimic-fn-2.1.0.tgz#7ed2c2ccccaf84d3ffcb7a69b57711fc2083401b"
   integrity sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg==
 
-mini-css-extract-plugin@0.9.0:
-  version "0.9.0"
-  resolved "https://registry.yarnpkg.com/mini-css-extract-plugin/-/mini-css-extract-plugin-0.9.0.tgz#47f2cf07aa165ab35733b1fc97d4c46c0564339e"
-  integrity sha512-lp3GeY7ygcgAmVIcRPBVhIkf8Us7FZjA+ILpal44qLdSu11wmjKQ3d9k15lfD7pO4esu9eUIAW7qiYIBppv40A==
+mini-css-extract-plugin@0.10.0:
+  version "0.10.0"
+  resolved "https://registry.yarnpkg.com/mini-css-extract-plugin/-/mini-css-extract-plugin-0.10.0.tgz#a0e6bfcad22a9c73f6c882a3c7557a98e2d3d27d"
+  integrity sha512-QgKgJBjaJhxVPwrLNqqwNS0AGkuQQ31Hp4xGXEK/P7wehEg6qmNtReHKai3zRXqY60wGVWLYcOMJK2b98aGc3A==
   dependencies:
     loader-utils "^1.1.0"
     normalize-url "1.9.1"
@@ -5099,14 +5398,14 @@ mixin-deep@^1.2.0:
     for-in "^1.0.2"
     is-extendable "^1.0.1"
 
-mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@^0.5.5, mkdirp@~0.5.1, mkdirp@~0.5.x:
+mkdirp@^0.5.0, mkdirp@^0.5.1, mkdirp@^0.5.3, mkdirp@^0.5.5, mkdirp@~0.5.1:
   version "0.5.5"
   resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-0.5.5.tgz#d91cefd62d1436ca0f41620e251288d420099def"
   integrity sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==
   dependencies:
     minimist "^1.2.5"
 
-mkdirp@^1.0.3, mkdirp@^1.0.4:
+mkdirp@^1.0.3, mkdirp@^1.0.4, mkdirp@~1.0.4:
   version "1.0.4"
   resolved "https://registry.yarnpkg.com/mkdirp/-/mkdirp-1.0.4.tgz#3eb5ed62622756d79a5f0e2a221dfebad75c2f7e"
   integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==
@@ -5183,16 +5482,26 @@ nanomatch@^1.2.9:
     snapdragon "^0.8.1"
     to-regex "^3.0.1"
 
+native-request@^1.0.5:
+  version "1.0.8"
+  resolved "https://registry.yarnpkg.com/native-request/-/native-request-1.0.8.tgz#8f66bf606e0f7ea27c0e5995eb2f5d03e33ae6fb"
+  integrity sha512-vU2JojJVelUGp6jRcLwToPoWGxSx23z/0iX+I77J3Ht17rf2INGjrhOoQnjVo60nQd8wVsgzKkPfRXBiVdD2ag==
+
 negotiator@0.6.2:
   version "0.6.2"
   resolved "https://registry.yarnpkg.com/negotiator/-/negotiator-0.6.2.tgz#feacf7ccf525a77ae9634436a64883ffeca346fb"
   integrity sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==
 
-neo-async@^2.5.0, neo-async@^2.6.1:
+neo-async@^2.5.0, neo-async@^2.6.1, neo-async@^2.6.2:
   version "2.6.2"
   resolved "https://registry.yarnpkg.com/neo-async/-/neo-async-2.6.2.tgz#b4aafb93e3aeb2d8174ca53cf163ab7d7308305f"
   integrity sha512-Yd3UES5mWCSqR+qNT93S3UoYUkqAZ9lLg8a7g9rimsWmYGK8cVToA4/sF3RrshdyV3sAGMXVUmpMYOw+dLpOuw==
 
+next-tick@~1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/next-tick/-/next-tick-1.0.0.tgz#ca86d1fe8828169b0120208e3dc8424b9db8342c"
+  integrity sha1-yobR/ogoFpsBICCOPchCS524NCw=
+
 ng2-ace-editor@^0.3.9:
   version "0.3.9"
   resolved "https://registry.yarnpkg.com/ng2-ace-editor/-/ng2-ace-editor-0.3.9.tgz#5ae68712e9ca49591eda31df8fe02eca1c3634e1"
@@ -5343,10 +5652,10 @@ npm-packlist@^1.1.12:
     npm-bundled "^1.0.1"
     npm-normalize-package-bin "^1.0.1"
 
-npm-pick-manifest@6.0.0:
-  version "6.0.0"
-  resolved "https://registry.yarnpkg.com/npm-pick-manifest/-/npm-pick-manifest-6.0.0.tgz#bfde7abe95f2670aed1629a3c18245ccb3cc2eb8"
-  integrity sha512-PdJpXMvjqt4nftNEDpCgjBUF8yI3Q3MyuAmVB9nemnnCg32F4BPL/JFBfdj8DubgHCYUFQhtLWmBPvdsFtjWMg==
+npm-pick-manifest@6.1.0:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/npm-pick-manifest/-/npm-pick-manifest-6.1.0.tgz#2befed87b0fce956790f62d32afb56d7539c022a"
+  integrity sha512-ygs4k6f54ZxJXrzT0x34NybRlLeZ4+6nECAIbr2i0foTnijtS1TJiyzpqtuUAJOps/hO0tNDr8fRV5g+BtRlTw==
   dependencies:
     npm-install-checks "^4.0.0"
     npm-package-arg "^8.0.0"
@@ -5503,10 +5812,10 @@ onetime@^5.1.0:
   dependencies:
     mimic-fn "^2.1.0"
 
-open@7.0.3:
-  version "7.0.3"
-  resolved "https://registry.yarnpkg.com/open/-/open-7.0.3.tgz#db551a1af9c7ab4c7af664139930826138531c48"
-  integrity sha512-sP2ru2v0P290WFfv49Ap8MF6PkzGNnGlAwHweB4WR4mr5d2d0woiCluUeJ218w7/+PmoBy9JmYgD5A4mLcWOFA==
+open@7.2.0:
+  version "7.2.0"
+  resolved "https://registry.yarnpkg.com/open/-/open-7.2.0.tgz#212959bd7b0ce2e8e3676adc76e3cf2f0a2498b4"
+  integrity sha512-4HeyhxCvBTI5uBePsAdi55C5fmqnWZ2e2MlmvWi5KW5tdH5rxoiv/aMtbeVxKZc3eWkT1GymMnLG8XC4Rq4TDQ==
   dependencies:
     is-docker "^2.0.0"
     is-wsl "^2.1.1"
@@ -5518,16 +5827,16 @@ opn@^5.5.0:
   dependencies:
     is-wsl "^1.1.0"
 
-ora@4.0.3:
-  version "4.0.3"
-  resolved "https://registry.yarnpkg.com/ora/-/ora-4.0.3.tgz#752a1b7b4be4825546a7a3d59256fa523b6b6d05"
-  integrity sha512-fnDebVFyz309A73cqCipVL1fBZewq4vwgSHfxh43vVy31mbyoQ8sCH3Oeaog/owYOs/lLlGVPCISQonTneg6Pg==
+ora@5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/ora/-/ora-5.0.0.tgz#4f0b34f2994877b49b452a707245ab1e9f6afccb"
+  integrity sha512-s26qdWqke2kjN/wC4dy+IQPBIMWBJlSU/0JZhk30ZDBLelW25rv66yutUWARMigpGPzcXHb+Nac5pNhN/WsARw==
   dependencies:
-    chalk "^3.0.0"
+    chalk "^4.1.0"
     cli-cursor "^3.1.0"
-    cli-spinners "^2.2.0"
+    cli-spinners "^2.4.0"
     is-interactive "^1.0.0"
-    log-symbols "^3.0.0"
+    log-symbols "^4.0.0"
     mute-stream "0.0.8"
     strip-ansi "^6.0.0"
     wcwidth "^1.0.1"
@@ -5567,14 +5876,14 @@ p-finally@^1.0.0:
   resolved "https://registry.yarnpkg.com/p-finally/-/p-finally-1.0.0.tgz#3fbcfb15b899a44123b34b6dcc18b724336a2cae"
   integrity sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=
 
-p-limit@^2.0.0, p-limit@^2.2.0, p-limit@^2.3.0:
+p-limit@^2.0.0, p-limit@^2.2.0:
   version "2.3.0"
   resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-2.3.0.tgz#3dd33c647a214fdfffd835933eb086da0dc21db1"
   integrity sha512-//88mFWSJx8lxCzwdAABTJL2MyWB12+eIY7MDL2SqLmAkeKU9qxRvWuSyTjm3FUmpBEMuFfckAIqEaVGUDxb6w==
   dependencies:
     p-try "^2.0.0"
 
-p-limit@^3.0.1:
+p-limit@^3.0.1, p-limit@^3.0.2:
   version "3.0.2"
   resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-3.0.2.tgz#1664e010af3cadc681baafd3e2a437be7b0fb5fe"
   integrity sha512-iwqZSOoWIW+Ew4kAGUlN16J4M7OB3ysMLSZtnhmqx7njIHFPlxWBX8xo3lVTyFVq6mI/lL9qt2IsN1sHwaxJkg==
@@ -5600,13 +5909,6 @@ p-map@^2.0.0:
   resolved "https://registry.yarnpkg.com/p-map/-/p-map-2.1.0.tgz#310928feef9c9ecc65b68b17693018a665cea175"
   integrity sha512-y3b8Kpd8OAN444hxfBbFfj1FY/RjtTd8tzYwhUqNYXx0fXx2iX4maP4Qr6qhIKbQXI02wTLAda4fYUbDagTUFw==
 
-p-map@^3.0.0:
-  version "3.0.0"
-  resolved "https://registry.yarnpkg.com/p-map/-/p-map-3.0.0.tgz#d704d9af8a2ba684e2600d9a215983d4141a979d"
-  integrity sha512-d3qXVTF/s+W+CdJ5A29wywV2n8CQQYahlgz2bFiA+4eVNJbHJodPZ+/gXwPGh0bOqA+j8S+6+ckmvLGPk1QpxQ==
-  dependencies:
-    aggregate-error "^3.0.0"
-
 p-map@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/p-map/-/p-map-4.0.0.tgz#bb2f95a5eda2ec168ec9274e06a747c3e2904d2b"
@@ -5695,10 +5997,17 @@ parse-json@^4.0.0:
     error-ex "^1.3.1"
     json-parse-better-errors "^1.0.1"
 
-parse5@4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/parse5/-/parse5-4.0.0.tgz#6d78656e3da8d78b4ec0b906f7c08ef1dfe3f608"
-  integrity sha512-VrZ7eOd3T1Fk4XWNXMgiGBK/z0MG48BWG2uQNU4I72fkQuKUTZpl+u9k+CxEG0twMVzSmXEEz12z5Fnw1jIQFA==
+parse5-htmlparser2-tree-adapter@6.0.1:
+  version "6.0.1"
+  resolved "https://registry.yarnpkg.com/parse5-htmlparser2-tree-adapter/-/parse5-htmlparser2-tree-adapter-6.0.1.tgz#2cdf9ad823321140370d4dbf5d3e92c7c8ddc6e6"
+  integrity sha512-qPuWvbLgvDGilKc5BoicRovlT4MtYT6JfJyBOMDsKoiT+GiuP5qyrPCnR9HcPECIJJmZh5jRndyNThnhhb/vlA==
+  dependencies:
+    parse5 "^6.0.1"
+
+parse5@6.0.1, parse5@^6.0.1:
+  version "6.0.1"
+  resolved "https://registry.yarnpkg.com/parse5/-/parse5-6.0.1.tgz#e1a1c085c569b3dc08321184f19a39cc27f7c30b"
+  integrity sha512-Ofn/CTFzRGTTxwpNEs9PP93gXShHcTq255nzRYSKe8AkVpZY7e1fpmTfOyoIvjP5HG7Z2ZM7VS9PPhQGW2pOpw==
 
 parseurl@~1.3.2, parseurl@~1.3.3:
   version "1.3.3"
@@ -5817,6 +6126,13 @@ pkg-dir@^4.1.0:
   dependencies:
     find-up "^4.0.0"
 
+pnp-webpack-plugin@1.6.4:
+  version "1.6.4"
+  resolved "https://registry.yarnpkg.com/pnp-webpack-plugin/-/pnp-webpack-plugin-1.6.4.tgz#c9711ac4dc48a685dabafc86f8b6dd9f8df84149"
+  integrity sha512-7Wjy+9E3WwLOEL30D+m8TSTF7qJJUJLONBnwQp0518siuMxUQUbgZwssaFX+QKlZkjHZcw/IpZCt/H0srrntSg==
+  dependencies:
+    ts-pnp "^1.1.6"
+
 popper.js@^1.16.1:
   version "1.16.1"
   resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.16.1.tgz#2a223cb3dc7b6213d740e40372be40de43e65b1b"
@@ -5989,7 +6305,7 @@ postcss-modules-extract-imports@^2.0.0:
   dependencies:
     postcss "^7.0.5"
 
-postcss-modules-local-by-default@^3.0.2:
+postcss-modules-local-by-default@^3.0.3:
   version "3.0.3"
   resolved "https://registry.yarnpkg.com/postcss-modules-local-by-default/-/postcss-modules-local-by-default-3.0.3.tgz#bb14e0cc78279d504dbdcbfd7e0ca28993ffbbb0"
   integrity sha512-e3xDq+LotiGesympRlKNgaJ0PCzoUIdpH0dj47iWAui/kyTgh3CiAr1qP54uodmJhl6p9rN6BoNcdEDVJx9RDw==
@@ -6167,21 +6483,30 @@ postcss-value-parser@^3.0.0, postcss-value-parser@^3.2.3:
   resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-3.3.1.tgz#9ff822547e2893213cf1c30efa51ac5fd1ba8281"
   integrity sha512-pISE66AbVkp4fDQ7VHBwRNXzAAKJjw4Vw7nWI/+Q3vuly7SNfgYXvm6i5IgFylHGK5sP/xHAbB7N49OS4gWNyQ==
 
-postcss-value-parser@^4.0.2, postcss-value-parser@^4.0.3, postcss-value-parser@^4.1.0:
+postcss-value-parser@^4.0.2, postcss-value-parser@^4.1.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/postcss-value-parser/-/postcss-value-parser-4.1.0.tgz#443f6a20ced6481a2bda4fa8532a6e55d789a2cb"
   integrity sha512-97DXOFbQJhk71ne5/Mt6cOu6yxsSfM0QGQyl0L25Gca4yGWEGJaig7l7gbCX623VqTBNGLRLaVUCnNkcedlRSQ==
 
-postcss@7.0.27:
-  version "7.0.27"
-  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.27.tgz#cc67cdc6b0daa375105b7c424a85567345fc54d9"
-  integrity sha512-WuQETPMcW9Uf1/22HWUWP9lgsIC+KEHg2kozMflKjbeUtw9ujvFX6QmIfozaErDkmLWS9WEnEdEe6Uo9/BNTdQ==
+postcss@7.0.21:
+  version "7.0.21"
+  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.21.tgz#06bb07824c19c2021c5d056d5b10c35b989f7e17"
+  integrity sha512-uIFtJElxJo29QC753JzhidoAhvp/e/Exezkdhfmt8AymWT6/5B7W1WmponYWkHk2eg6sONyTch0A3nkMPun3SQ==
+  dependencies:
+    chalk "^2.4.2"
+    source-map "^0.6.1"
+    supports-color "^6.1.0"
+
+postcss@7.0.32:
+  version "7.0.32"
+  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.32.tgz#4310d6ee347053da3433db2be492883d62cec59d"
+  integrity sha512-03eXong5NLnNCD05xscnGKGDZ98CyzoqPSMjOe6SuoQY7Z2hIj0Ld1g/O/UQRuOle2aRtiIRDg9tDcTGAkLfKw==
   dependencies:
     chalk "^2.4.2"
     source-map "^0.6.1"
     supports-color "^6.1.0"
 
-postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.14, postcss@^7.0.26, postcss@^7.0.27, postcss@^7.0.32, postcss@^7.0.5, postcss@^7.0.6:
+postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.14, postcss@^7.0.27, postcss@^7.0.32, postcss@^7.0.5, postcss@^7.0.6:
   version "7.0.34"
   resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.34.tgz#f2baf57c36010df7de4009940f21532c16d65c20"
   integrity sha512-H/7V2VeNScX9KE83GDrDZNiGT1m2H+UTnlinIzhjlLX9hfMUn1mHNnGeX81a1c8JSBdBvqk7c2ZOG6ZPn5itGw==
@@ -6218,13 +6543,6 @@ promise-retry@^1.1.1:
     err-code "^1.0.0"
     retry "^0.10.0"
 
-promise@^7.1.1:
-  version "7.3.1"
-  resolved "https://registry.yarnpkg.com/promise/-/promise-7.3.1.tgz#064b72602b18f90f29192b8b1bc418ffd1ebd3bf"
-  integrity sha512-nolQXZ/4L+bP/UGlkfaIujX9BKxGwmQ9OT4mOt5yvy8iK1h3wqTEJCijzGANTCCl9nWjY41juyAn2K3Q1hLLTg==
-  dependencies:
-    asap "~2.0.3"
-
 propagating-hammerjs@^1.4.6:
   version "1.4.7"
   resolved "https://registry.yarnpkg.com/propagating-hammerjs/-/propagating-hammerjs-1.4.7.tgz#671ab1791a7f88b9dccce8fd8b14a9655950e7d6"
@@ -6377,13 +6695,13 @@ raw-body@2.4.0:
     iconv-lite "0.4.24"
     unpipe "1.0.0"
 
-raw-loader@4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/raw-loader/-/raw-loader-4.0.0.tgz#d639c40fb9d72b5c7f8abc1fb2ddb25b29d3d540"
-  integrity sha512-iINUOYvl1cGEmfoaLjnZXt4bKfT2LJnZZib5N/LLyAphC+Dd11vNP9CNVb38j+SAJpFI1uo8j9frmih53ASy7Q==
+raw-loader@4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/raw-loader/-/raw-loader-4.0.1.tgz#14e1f726a359b68437e183d5a5b7d33a3eba6933"
+  integrity sha512-baolhQBSi3iNh1cglJjA0mYzga+wePk7vdEX//1dTFd+v4TsQlQE0jitJSNF1OIP82rdYulH7otaVmdlDaJ64A==
   dependencies:
-    loader-utils "^1.2.3"
-    schema-utils "^2.5.0"
+    loader-utils "^2.0.0"
+    schema-utils "^2.6.5"
 
 read-cache@^1.0.0:
   version "1.0.0"
@@ -6476,12 +6794,7 @@ regenerate@^1.4.0:
   resolved "https://registry.yarnpkg.com/regenerate/-/regenerate-1.4.1.tgz#cad92ad8e6b591773485fbe05a485caf4f457e6f"
   integrity sha512-j2+C8+NtXQgEKWk49MMP5P/u2GhnahTtVkRIHr5R5lVRlbKvmQ+oS+A5aLKWp2ma5VkT8sh6v+v4hbH0YHR66A==
 
-regenerator-runtime@0.13.5:
-  version "0.13.5"
-  resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.5.tgz#d878a1d094b4306d10b9096484b33ebd55e26697"
-  integrity sha512-ZS5w8CpKFinUzOwW3c83oPeVXoNsrLsaCoLtJvAClH135j/R77RuymhiSErhm2lKcwSCIpmvIWSbDkIfAqKQlA==
-
-regenerator-runtime@^0.13.4:
+regenerator-runtime@0.13.7, regenerator-runtime@^0.13.4:
   version "0.13.7"
   resolved "https://registry.yarnpkg.com/regenerator-runtime/-/regenerator-runtime-0.13.7.tgz#cac2dacc8a1ea675feaabaeb8ae833898ae46f55"
   integrity sha512-a54FxoJDIr27pgf7IgeQGxmqUNYrcV338lf/6gH456HZ/PhX+5BcwHXG9ajESmwe6WRO0tAzRUrRmNONWgkrew==
@@ -6501,6 +6814,11 @@ regex-not@^1.0.0, regex-not@^1.0.2:
     extend-shallow "^3.0.2"
     safe-regex "^1.1.0"
 
+regex-parser@^2.2.11:
+  version "2.2.11"
+  resolved "https://registry.yarnpkg.com/regex-parser/-/regex-parser-2.2.11.tgz#3b37ec9049e19479806e878cabe7c1ca83ccfe58"
+  integrity sha512-jbD/FT0+9MBU2XAZluI7w2OBs1RBi6p9M83nkoZayQXXU9e8Robt69FcZc7wU4eJD/YFTjn1JdCk3rbMJajz8Q==
+
 regexp.prototype.flags@^1.2.0, regexp.prototype.flags@^1.3.0:
   version "1.3.0"
   resolved "https://registry.yarnpkg.com/regexp.prototype.flags/-/regexp.prototype.flags-1.3.0.tgz#7aba89b3c13a64509dabcf3ca8d9fbb9bdf5cb75"
@@ -6509,7 +6827,7 @@ regexp.prototype.flags@^1.2.0, regexp.prototype.flags@^1.3.0:
     define-properties "^1.1.3"
     es-abstract "^1.17.0-next.1"
 
-regexpu-core@^4.7.0:
+regexpu-core@^4.7.0, regexpu-core@^4.7.1:
   version "4.7.1"
   resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-4.7.1.tgz#2dea5a9a07233298fbf0db91fa9abc4c6e0f8ad6"
   integrity sha512-ywH2VUraA44DZQuRKzARmw6S66mr48pQVva4LBeRhcOltJ6hExvWly5ZjFLYo67xbIxb6W1q4bAGtgfEl20zfQ==
@@ -6548,7 +6866,7 @@ repeat-string@^1.6.1:
   resolved "https://registry.yarnpkg.com/repeat-string/-/repeat-string-1.6.1.tgz#8dcae470e1c88abc2d600fff4a776286da75e637"
   integrity sha1-jcrkcOHIirwtYA//Sndihtp15jc=
 
-request@^2.83.0, request@^2.88.0:
+request@^2.88.2:
   version "2.88.2"
   resolved "https://registry.yarnpkg.com/request/-/request-2.88.2.tgz#d73c918731cb5a87da047e207234146f664d12b3"
   integrity sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==
@@ -6601,6 +6919,22 @@ resolve-from@^3.0.0:
   resolved "https://registry.yarnpkg.com/resolve-from/-/resolve-from-3.0.0.tgz#b22c7af7d9d6881bc8b6e653335eebcb0a188748"
   integrity sha1-six699nWiBvItuZTM17rywoYh0g=
 
+resolve-url-loader@3.1.2:
+  version "3.1.2"
+  resolved "https://registry.yarnpkg.com/resolve-url-loader/-/resolve-url-loader-3.1.2.tgz#235e2c28e22e3e432ba7a5d4e305c59a58edfc08"
+  integrity sha512-QEb4A76c8Mi7I3xNKXlRKQSlLBwjUV/ULFMP+G7n3/7tJZ8MG5wsZ3ucxP1Jz8Vevn6fnJsxDx9cIls+utGzPQ==
+  dependencies:
+    adjust-sourcemap-loader "3.0.0"
+    camelcase "5.3.1"
+    compose-function "3.0.3"
+    convert-source-map "1.7.0"
+    es6-iterator "2.0.3"
+    loader-utils "1.2.3"
+    postcss "7.0.21"
+    rework "1.0.1"
+    rework-visit "1.0.0"
+    source-map "0.6.1"
+
 resolve-url@^0.2.1:
   version "0.2.1"
   resolved "https://registry.yarnpkg.com/resolve-url/-/resolve-url-0.2.1.tgz#2c637fe77c893afd2a663fe21aa9080068e2052a"
@@ -6613,6 +6947,14 @@ resolve@^1.1.7, resolve@^1.10.0, resolve@^1.3.2:
   dependencies:
     path-parse "^1.0.6"
 
+resolve@^1.8.1:
+  version "1.18.1"
+  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.18.1.tgz#018fcb2c5b207d2a6424aee361c5a266da8f4130"
+  integrity sha512-lDfCPaMKfOJXjy0dPayzPdF1phampNWr3qFCjAu+rw/qbQmr5jWH5xN2hwh9QKfw9E5v4hwV7A+jrCmL8yjjqA==
+  dependencies:
+    is-core-module "^2.0.0"
+    path-parse "^1.0.6"
+
 restore-cursor@^3.1.0:
   version "3.1.0"
   resolved "https://registry.yarnpkg.com/restore-cursor/-/restore-cursor-3.1.0.tgz#39f67c54b3a7a58cea5236d95cf0034239631f7e"
@@ -6641,6 +6983,19 @@ reusify@^1.0.4:
   resolved "https://registry.yarnpkg.com/reusify/-/reusify-1.0.4.tgz#90da382b1e126efc02146e90845a88db12925d76"
   integrity sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==
 
+rework-visit@1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/rework-visit/-/rework-visit-1.0.0.tgz#9945b2803f219e2f7aca00adb8bc9f640f842c9a"
+  integrity sha1-mUWygD8hni96ygCtuLyfZA+ELJo=
+
+rework@1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/rework/-/rework-1.0.1.tgz#30806a841342b54510aa4110850cd48534144aa7"
+  integrity sha1-MIBqhBNCtUUQqkEQhQzUhTQUSqc=
+  dependencies:
+    convert-source-map "^0.3.3"
+    css "^2.0.0"
+
 rgb-regex@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/rgb-regex/-/rgb-regex-1.0.1.tgz#c0e0d6882df0e23be254a475e8edd41915feaeb1"
@@ -6658,7 +7013,7 @@ rimraf@3.0.2, rimraf@^3.0.2:
   dependencies:
     glob "^7.1.3"
 
-rimraf@^2.5.4, rimraf@^2.6.2, rimraf@^2.6.3, rimraf@^2.7.1:
+rimraf@^2.5.4, rimraf@^2.6.2, rimraf@^2.6.3:
   version "2.7.1"
   resolved "https://registry.yarnpkg.com/rimraf/-/rimraf-2.7.1.tgz#35797f13a7fdadc566142c29d4f07ccad483e3ec"
   integrity sha512-uWjbaKIK3T1OSVptzX7Nl6PvQ3qAGtKEtVRjRuazjfL3Bx5eI409VZSqgND+4UNnmzLVdPj9FqFJNPqBZFve4w==
@@ -6673,10 +7028,10 @@ ripemd160@^2.0.0, ripemd160@^2.0.1:
     hash-base "^3.0.0"
     inherits "^2.0.1"
 
-rollup@2.1.0:
-  version "2.1.0"
-  resolved "https://registry.yarnpkg.com/rollup/-/rollup-2.1.0.tgz#552e248e397a06b9c6db878c0564ca4ee06729c9"
-  integrity sha512-gfE1455AEazVVTJoeQtcOq/U6GSxwoj4XPSWVsuWmgIxj7sBQNLDOSA82PbdMe+cP8ql8fR1jogPFe8Wg8g4SQ==
+rollup@2.26.5:
+  version "2.26.5"
+  resolved "https://registry.yarnpkg.com/rollup/-/rollup-2.26.5.tgz#5562ec36fcba3eed65cfd630bd78e037ad0e0307"
+  integrity sha512-rCyFG3ZtQdnn9YwfuAVH0l/Om34BdO5lwCA0W6Hq+bNB21dVEBbCRxhaHOmu1G7OBFDWytbzAC104u7rxHwGjA==
   optionalDependencies:
     fsevents "~2.1.2"
 
@@ -6697,14 +7052,14 @@ run-queue@^1.0.0, run-queue@^1.0.3:
   dependencies:
     aproba "^1.1.1"
 
-rxjs@6.5.4:
-  version "6.5.4"
-  resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.5.4.tgz#e0777fe0d184cec7872df147f303572d414e211c"
-  integrity sha512-naMQXcgEo3csAEGvw/NydRA0fuS2nDZJiw1YUWFKU7aPPAPGZEsD4Iimit96qwCieH6y614MCLYwdkrWx7z/7Q==
+rxjs@6.6.2:
+  version "6.6.2"
+  resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.6.2.tgz#8096a7ac03f2cc4fe5860ef6e572810d9e01c0d2"
+  integrity sha512-BHdBMVoWC2sL26w//BCu3YzKT4s2jip/WhwsGEDmeKYBhKDZeYezVUnHatYB7L85v5xs0BAQmg6BEYJEKxBabg==
   dependencies:
     tslib "^1.9.0"
 
-rxjs@^6.5.2, rxjs@^6.5.3:
+rxjs@^6.5.2, rxjs@^6.6.0:
   version "6.6.3"
   resolved "https://registry.yarnpkg.com/rxjs/-/rxjs-6.6.3.tgz#8ca84635c4daa900c0d3967a6ee7ac60271ee552"
   integrity sha512-trsQc+xYYXZ3urjOiJOuCOa5N3jAZ3eiSpQB5hIT8zGlL2QfnHLJ2r7GMkBGuIausdJN1OneaI6gQlsqNHHmZQ==
@@ -6733,21 +7088,21 @@ safe-regex@^1.1.0:
   resolved "https://registry.yarnpkg.com/safer-buffer/-/safer-buffer-2.1.2.tgz#44fa161b0187b9549dd84bb91802f9bd8385cd6a"
   integrity sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg==
 
-sass-loader@8.0.2:
-  version "8.0.2"
-  resolved "https://registry.yarnpkg.com/sass-loader/-/sass-loader-8.0.2.tgz#debecd8c3ce243c76454f2e8290482150380090d"
-  integrity sha512-7o4dbSK8/Ol2KflEmSco4jTjQoV988bM82P9CZdmo9hR3RLnvNc0ufMNdMrB0caq38JQ/FgF4/7RcbcfKzxoFQ==
+sass-loader@10.0.1:
+  version "10.0.1"
+  resolved "https://registry.yarnpkg.com/sass-loader/-/sass-loader-10.0.1.tgz#10c0364d8034f22fee25ddcc9eded20f99bbe3b4"
+  integrity sha512-b2PSldKVTS3JcFPHSrEXh3BeAfR7XknGiGCAO5aHruR3Pf3kqLP3Gb2ypXLglRrAzgZkloNxLZ7GXEGDX0hBUQ==
   dependencies:
-    clone-deep "^4.0.1"
-    loader-utils "^1.2.3"
-    neo-async "^2.6.1"
-    schema-utils "^2.6.1"
-    semver "^6.3.0"
+    klona "^2.0.3"
+    loader-utils "^2.0.0"
+    neo-async "^2.6.2"
+    schema-utils "^2.7.0"
+    semver "^7.3.2"
 
-sass@1.26.3:
-  version "1.26.3"
-  resolved "https://registry.yarnpkg.com/sass/-/sass-1.26.3.tgz#412df54486143b76b5a65cdf7569e86f44659f46"
-  integrity sha512-5NMHI1+YFYw4sN3yfKjpLuV9B5l7MqQ6FlkTcC4FT+oHbBRUZoSjHrrt/mE0nFXJyY2kQtU9ou9HxvFVjLFuuw==
+sass@1.26.10:
+  version "1.26.10"
+  resolved "https://registry.yarnpkg.com/sass/-/sass-1.26.10.tgz#851d126021cdc93decbf201d1eca2a20ee434760"
+  integrity sha512-bzN0uvmzfsTvjz0qwccN1sPm2HxxpNI/Xa+7PlUEMS+nQvbyuEK7Y0qFqxlPHhiNHb1Ze8WQJtU31olMObkAMw==
   dependencies:
     chokidar ">=2.0.0 <4.0.0"
 
@@ -6765,7 +7120,7 @@ schema-utils@^1.0.0:
     ajv-errors "^1.0.0"
     ajv-keywords "^3.1.0"
 
-schema-utils@^2.5.0, schema-utils@^2.6.1, schema-utils@^2.6.4, schema-utils@^2.6.5, schema-utils@^2.6.6, schema-utils@^2.7.0:
+schema-utils@^2.6.5, schema-utils@^2.6.6, schema-utils@^2.7.0:
   version "2.7.1"
   resolved "https://registry.yarnpkg.com/schema-utils/-/schema-utils-2.7.1.tgz#1ca4f32d1b24c590c203b8e7a50bf0ea4cd394d7"
   integrity sha512-SHiNtMOUGWBQJwzISiVYKu82GiV4QYGePp3odlY1tuKO7gPtphAT5R/py0fA6xtbgLL/RvtJZnU9b8s0F1q0Xg==
@@ -6800,7 +7155,7 @@ semver-intersect@1.4.0:
   dependencies:
     semver "^5.0.0"
 
-"semver@2 || 3 || 4 || 5", semver@^5.0.0, semver@^5.3.0, semver@^5.4.1, semver@^5.5.0, semver@^5.6.0:
+"semver@2 || 3 || 4 || 5", semver@^5.0.0, semver@^5.3.0, semver@^5.4.1, semver@^5.5.0, semver@^5.5.1, semver@^5.6.0:
   version "5.7.1"
   resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7"
   integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==
@@ -6810,21 +7165,16 @@ semver@7.0.0:
   resolved "https://registry.yarnpkg.com/semver/-/semver-7.0.0.tgz#5f3ca35761e47e05b206c6daff2cf814f0316b8e"
   integrity sha512-+GB6zVA9LWh6zovYQLALHwv5rb2PHGlJi3lfiqIHxR0uuwCgefcOJc59v9fv1w8GbStwxuuqqAjI9NMAOOgq1A==
 
-semver@7.1.3:
-  version "7.1.3"
-  resolved "https://registry.yarnpkg.com/semver/-/semver-7.1.3.tgz#e4345ce73071c53f336445cfc19efb1c311df2a6"
-  integrity sha512-ekM0zfiA9SCBlsKa2X1hxyxiI4L3B6EbVJkkdgQXnSEEaHlGdvyodMruTiulSRWMMB4NeIuYNMC9rTKTz97GxA==
+semver@7.3.2, semver@^7.0.0, semver@^7.1.1, semver@^7.3.2:
+  version "7.3.2"
+  resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.2.tgz#604962b052b81ed0786aae84389ffba70ffd3938"
+  integrity sha512-OrOb32TeeambH6UrhtShmF7CRDqhL6/5XpPNp2DuRH6+9QLw/orhp72j87v8Qa1ScDkvrrBNpZcDejAirJmfXQ==
 
 semver@^6.0.0, semver@^6.3.0:
   version "6.3.0"
   resolved "https://registry.yarnpkg.com/semver/-/semver-6.3.0.tgz#ee0a64c8af5e8ceea67687b133761e1becbd1d3d"
   integrity sha512-b39TBaTSfV6yBrapU89p5fKekE2m/NwnDocOVruQFS1/veMgdzuPcnOM34M6CwxW8jH/lxEa5rBoDeUwu5HHTw==
 
-semver@^7.0.0, semver@^7.1.1:
-  version "7.3.2"
-  resolved "https://registry.yarnpkg.com/semver/-/semver-7.3.2.tgz#604962b052b81ed0786aae84389ffba70ffd3938"
-  integrity sha512-OrOb32TeeambH6UrhtShmF7CRDqhL6/5XpPNp2DuRH6+9QLw/orhp72j87v8Qa1ScDkvrrBNpZcDejAirJmfXQ==
-
 send@0.17.1:
   version "0.17.1"
   resolved "https://registry.yarnpkg.com/send/-/send-0.17.1.tgz#c1d8b059f7900f7466dd4938bdc44e11ddb376c8"
@@ -6844,13 +7194,6 @@ send@0.17.1:
     range-parser "~1.2.1"
     statuses "~1.5.0"
 
-serialize-javascript@^3.1.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-3.1.0.tgz#8bf3a9170712664ef2561b44b691eafe399214ea"
-  integrity sha512-JIJT1DGiWmIKhzRsG91aS6Ze4sFUrYbltlkg2onR5OrnNM02Kl/hnY/T4FN2omvyeBbQmMJv+K4cPOpGzOTFBg==
-  dependencies:
-    randombytes "^2.1.0"
-
 serialize-javascript@^4.0.0:
   version "4.0.0"
   resolved "https://registry.yarnpkg.com/serialize-javascript/-/serialize-javascript-4.0.0.tgz#b525e1238489a5ecfc42afacc3fe99e666f4b1aa"
@@ -6919,13 +7262,6 @@ sha.js@^2.4.0, sha.js@^2.4.8:
     inherits "^2.0.1"
     safe-buffer "^5.0.1"
 
-shallow-clone@^3.0.0:
-  version "3.0.1"
-  resolved "https://registry.yarnpkg.com/shallow-clone/-/shallow-clone-3.0.1.tgz#8f2981ad92531f55035b01fb230769a40e02efa3"
-  integrity sha512-/6KqX+GVUdqPuPPd2LxDDxzX6CAbjJehAAOKlNpqqUpAqPM6HeL8f+o3a+JsyGjn2lv0WY8UsTgUJjU9Ok55NA==
-  dependencies:
-    kind-of "^6.0.2"
-
 shebang-command@^1.2.0:
   version "1.2.0"
   resolved "https://registry.yarnpkg.com/shebang-command/-/shebang-command-1.2.0.tgz#44aac65b695b03398968c39f363fee5deafdf1ea"
@@ -7047,13 +7383,16 @@ source-list-map@^2.0.0:
   resolved "https://registry.yarnpkg.com/source-list-map/-/source-list-map-2.0.1.tgz#3993bd873bfc48479cca9ea3a547835c7c154b34"
   integrity sha512-qnQ7gVMxGNxsiL4lEuJwe/To8UnK7fAnmbGEEH8RpLouuKbeEm0lhbQVFIrNSuB+G7tVrAlVsZgETT5nljf+Iw==
 
-source-map-loader@0.2.4:
-  version "0.2.4"
-  resolved "https://registry.yarnpkg.com/source-map-loader/-/source-map-loader-0.2.4.tgz#c18b0dc6e23bf66f6792437557c569a11e072271"
-  integrity sha512-OU6UJUty+i2JDpTItnizPrlpOIBLmQbWMuBg9q5bVtnHACqw1tn9nNwqJLbv0/00JjnJb/Ee5g5WS5vrRv7zIQ==
+source-map-loader@1.0.2:
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/source-map-loader/-/source-map-loader-1.0.2.tgz#b0a6582b2eaa387ede1ecf8061ae0b93c23f9eb0"
+  integrity sha512-oX8d6ndRjN+tVyjj6PlXSyFPhDdVAPsZA30nD3/II8g4uOv8fCz0DMn5sy8KtVbDfKQxOpGwGJnK3xIW3tauDw==
   dependencies:
-    async "^2.5.0"
-    loader-utils "^1.1.0"
+    data-urls "^2.0.0"
+    iconv-lite "^0.6.2"
+    loader-utils "^2.0.0"
+    schema-utils "^2.7.0"
+    source-map "^0.6.1"
 
 source-map-resolve@^0.5.0, source-map-resolve@^0.5.2:
   version "0.5.3"
@@ -7066,7 +7405,7 @@ source-map-resolve@^0.5.0, source-map-resolve@^0.5.2:
     source-map-url "^0.4.0"
     urix "^0.1.0"
 
-source-map-support@^0.5.5, source-map-support@~0.5.12:
+source-map-support@0.5.19, source-map-support@^0.5.5, source-map-support@~0.5.12, source-map-support@~0.5.19:
   version "0.5.19"
   resolved "https://registry.yarnpkg.com/source-map-support/-/source-map-support-0.5.19.tgz#a98b62f86dcaf4f67399648c085291ab9e8fed61"
   integrity sha512-Wonm7zOCIJzBGQdB+thsPar0kYuCIzYvxZwlBa87yi/Mdjv7Tip2cyVbLj5o0cFPN4EVkuTwb3GDDyUx2DGnGw==
@@ -7079,7 +7418,12 @@ source-map-url@^0.4.0:
   resolved "https://registry.yarnpkg.com/source-map-url/-/source-map-url-0.4.0.tgz#3e935d7ddd73631b97659956d55128e87b5084a3"
   integrity sha1-PpNdfd1zYxuXZZlW1VEo6HtQhKM=
 
-source-map@0.7.3, source-map@^0.7.3:
+source-map@0.6.1, source-map@^0.6.0, source-map@^0.6.1, source-map@~0.6.0, source-map@~0.6.1:
+  version "0.6.1"
+  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263"
+  integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==
+
+source-map@0.7.3, source-map@^0.7.3, source-map@~0.7.2:
   version "0.7.3"
   resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.7.3.tgz#5302f8169031735226544092e64981f751750383"
   integrity sha512-CkCj6giN3S+n9qrYiBTX5gystlENnRW5jZeNLHpe6aue+SrHcG5VYwujhW9s4dY31mEGsxBDrHR6oI69fTXsaQ==
@@ -7089,11 +7433,6 @@ source-map@^0.5.0, source-map@^0.5.6, source-map@^0.5.7:
   resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.5.7.tgz#8a039d2d1021d22d1ea14c80d8ea468ba2ef3fcc"
   integrity sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=
 
-source-map@^0.6.0, source-map@^0.6.1, source-map@~0.6.0, source-map@~0.6.1:
-  version "0.6.1"
-  resolved "https://registry.yarnpkg.com/source-map/-/source-map-0.6.1.tgz#74722af32e9614e9c287a8d0bbde48b5e2f1a263"
-  integrity sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==
-
 sourcemap-codec@^1.4.4, sourcemap-codec@^1.4.8:
   version "1.4.8"
   resolved "https://registry.yarnpkg.com/sourcemap-codec/-/sourcemap-codec-1.4.8.tgz#ea804bd94857402e6992d05a38ef1ae35a9ab4c4"
@@ -7148,10 +7487,10 @@ spdy@^4.0.2:
     select-hose "^2.0.0"
     spdy-transport "^3.0.0"
 
-speed-measure-webpack-plugin@1.3.1:
-  version "1.3.1"
-  resolved "https://registry.yarnpkg.com/speed-measure-webpack-plugin/-/speed-measure-webpack-plugin-1.3.1.tgz#69840a5cdc08b4638697dac7db037f595d7f36a0"
-  integrity sha512-qVIkJvbtS9j/UeZumbdfz0vg+QfG/zxonAjzefZrqzkr7xOncLVXkeGbTpzd1gjCBM4PmVNkWlkeTVhgskAGSQ==
+speed-measure-webpack-plugin@1.3.3:
+  version "1.3.3"
+  resolved "https://registry.yarnpkg.com/speed-measure-webpack-plugin/-/speed-measure-webpack-plugin-1.3.3.tgz#6ff894fc83e8a6310dde3af863a0329cd79da4f5"
+  integrity sha512-2ljD4Ch/rz2zG3HsLsnPfp23osuPBS0qPuz9sGpkNXTN1Ic4M+W9xB8l8rS8ob2cO4b1L+WTJw/0AJwWYVgcxQ==
   dependencies:
     chalk "^2.0.1"
 
@@ -7330,13 +7669,13 @@ strip-eof@^1.0.0:
   resolved "https://registry.yarnpkg.com/strip-eof/-/strip-eof-1.0.0.tgz#bb43ff5598a6eb05d89b59fcd129c983313606bf"
   integrity sha1-u0P/VZim6wXYm1n80SnJgzE2Br8=
 
-style-loader@1.1.3:
-  version "1.1.3"
-  resolved "https://registry.yarnpkg.com/style-loader/-/style-loader-1.1.3.tgz#9e826e69c683c4d9bf9db924f85e9abb30d5e200"
-  integrity sha512-rlkH7X/22yuwFYK357fMN/BxYOorfnfq0eD7+vqlemSK4wEcejFF1dg4zxP0euBW8NrYx2WZzZ8PPFevr7D+Kw==
+style-loader@1.2.1:
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/style-loader/-/style-loader-1.2.1.tgz#c5cbbfbf1170d076cfdd86e0109c5bba114baa1a"
+  integrity sha512-ByHSTQvHLkWE9Ir5+lGbVOXhxX10fbprhLvdg96wedFZb4NDekDPxVKv5Fwmio+QcMlkkNfuK+5W1peQ5CUhZg==
   dependencies:
-    loader-utils "^1.2.3"
-    schema-utils "^2.6.4"
+    loader-utils "^2.0.0"
+    schema-utils "^2.6.6"
 
 stylehacks@^4.0.0:
   version "4.0.3"
@@ -7356,18 +7695,18 @@ stylus-loader@3.0.2:
     lodash.clonedeep "^4.5.0"
     when "~3.6.x"
 
-stylus@0.54.7:
-  version "0.54.7"
-  resolved "https://registry.yarnpkg.com/stylus/-/stylus-0.54.7.tgz#c6ce4793965ee538bcebe50f31537bfc04d88cd2"
-  integrity sha512-Yw3WMTzVwevT6ZTrLCYNHAFmanMxdylelL3hkWNgPMeTCpMwpV3nXjpOHuBXtFv7aiO2xRuQS6OoAdgkNcSNug==
+stylus@0.54.8:
+  version "0.54.8"
+  resolved "https://registry.yarnpkg.com/stylus/-/stylus-0.54.8.tgz#3da3e65966bc567a7b044bfe0eece653e099d147"
+  integrity sha512-vr54Or4BZ7pJafo2mpf0ZcwA74rpuYCZbxrHBsH8kbcXOwSfvBFwsRfpGO5OD5fhG5HDCFW737PKaawI7OqEAg==
   dependencies:
     css-parse "~2.0.0"
     debug "~3.1.0"
-    glob "^7.1.3"
-    mkdirp "~0.5.x"
+    glob "^7.1.6"
+    mkdirp "~1.0.4"
     safer-buffer "^2.1.2"
     sax "~1.2.4"
-    semver "^6.0.0"
+    semver "^6.3.0"
     source-map "^0.7.3"
 
 supports-color@^5.3.0:
@@ -7438,7 +7777,7 @@ tar@^4.4.10:
     safe-buffer "^5.1.2"
     yallist "^3.0.3"
 
-tar@^6.0.1, tar@^6.0.2:
+tar@^6.0.2:
   version "6.0.5"
   resolved "https://registry.yarnpkg.com/tar/-/tar-6.0.5.tgz#bde815086e10b39f1dcd298e89d596e1535e200f"
   integrity sha512-0b4HOimQHj9nXNEAA7zWwMM91Zhhba3pspja6sQbgTpynOJf+bkjBnfybNYzbpLbnwXnbyB4LOREvlyXLkCHSg==
@@ -7450,19 +7789,19 @@ tar@^6.0.1, tar@^6.0.2:
     mkdirp "^1.0.3"
     yallist "^4.0.0"
 
-terser-webpack-plugin@3.0.3:
-  version "3.0.3"
-  resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-3.0.3.tgz#23bda2687b197f878a743373b9411d917adc2e45"
-  integrity sha512-bZFnotuIKq5Rqzrs+qIwFzGdKdffV9epG5vDSEbYzvKAhPeR5RbbrQysfPgbIIMhNAQtZD2hGwBfSKUXjXZZZw==
+terser-webpack-plugin@4.1.0:
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/terser-webpack-plugin/-/terser-webpack-plugin-4.1.0.tgz#6e9d6ae4e1a900d88ddce8da6a47507ea61f44bc"
+  integrity sha512-0ZWDPIP8BtEDZdChbufcXUigOYk6dOX/P/X0hWxqDDcVAQLb8Yy/0FAaemSfax3PAA67+DJR778oz8qVbmy4hA==
   dependencies:
-    cacache "^15.0.4"
+    cacache "^15.0.5"
     find-cache-dir "^3.3.1"
-    jest-worker "^26.0.0"
-    p-limit "^2.3.0"
+    jest-worker "^26.3.0"
+    p-limit "^3.0.2"
     schema-utils "^2.6.6"
-    serialize-javascript "^3.1.0"
+    serialize-javascript "^4.0.0"
     source-map "^0.6.1"
-    terser "^4.6.13"
+    terser "^5.0.0"
     webpack-sources "^1.4.3"
 
 terser-webpack-plugin@^1.4.3:
@@ -7480,16 +7819,16 @@ terser-webpack-plugin@^1.4.3:
     webpack-sources "^1.4.0"
     worker-farm "^1.7.0"
 
-terser@4.6.10:
-  version "4.6.10"
-  resolved "https://registry.yarnpkg.com/terser/-/terser-4.6.10.tgz#90f5bd069ff456ddbc9503b18e52f9c493d3b7c2"
-  integrity sha512-qbF/3UOo11Hggsbsqm2hPa6+L4w7bkr+09FNseEe8xrcVD3APGLFqE+Oz1ZKAxjYnFsj80rLOfgAtJ0LNJjtTA==
+terser@5.3.0:
+  version "5.3.0"
+  resolved "https://registry.yarnpkg.com/terser/-/terser-5.3.0.tgz#c481f4afecdcc182d5e2bdd2ff2dc61555161e81"
+  integrity sha512-XTT3D3AwxC54KywJijmY2mxZ8nJiEjBHVYzq8l9OaYuRFWeQNBwvipuzzYEP4e+/AVcd1hqG/CqgsdIRyT45Fg==
   dependencies:
     commander "^2.20.0"
     source-map "~0.6.1"
     source-map-support "~0.5.12"
 
-terser@^4.1.2, terser@^4.6.13:
+terser@^4.1.2:
   version "4.8.0"
   resolved "https://registry.yarnpkg.com/terser/-/terser-4.8.0.tgz#63056343d7c70bb29f3af665865a46fe03a0df17"
   integrity sha512-EAPipTNeWsb/3wLPeup1tVPaXfIaU68xMnVdPafIL1TV05OhASArYyIfFvnvJCNrR2NIOvDVNNTFRa+Re2MWyw==
@@ -7498,6 +7837,15 @@ terser@^4.1.2, terser@^4.6.13:
     source-map "~0.6.1"
     source-map-support "~0.5.12"
 
+terser@^5.0.0:
+  version "5.3.8"
+  resolved "https://registry.yarnpkg.com/terser/-/terser-5.3.8.tgz#991ae8ba21a3d990579b54aa9af11586197a75dd"
+  integrity sha512-zVotuHoIfnYjtlurOouTazciEfL7V38QMAOhGqpXDEg6yT13cF4+fEP9b0rrCEQTn+tT46uxgFsTZzhygk+CzQ==
+  dependencies:
+    commander "^2.20.0"
+    source-map "~0.7.2"
+    source-map-support "~0.5.19"
+
 through2@^2.0.0:
   version "2.0.5"
   resolved "https://registry.yarnpkg.com/through2/-/through2-2.0.5.tgz#01c1e39eb31d07cb7d03a96a70823260b23132cd"
@@ -7628,25 +7976,47 @@ tough-cookie@~2.5.0:
     psl "^1.1.28"
     punycode "^2.1.1"
 
+tr46@^2.0.2:
+  version "2.0.2"
+  resolved "https://registry.yarnpkg.com/tr46/-/tr46-2.0.2.tgz#03273586def1595ae08fedb38d7733cee91d2479"
+  integrity sha512-3n1qG+/5kg+jrbTzwAykB5yRYtQCTqOGKq5U5PE3b0a1/mzo6snDhjGS0zJVJunO0NrT3Dg1MLy5TjWP/UJppg==
+  dependencies:
+    punycode "^2.1.1"
+
 tree-kill@1.2.2:
   version "1.2.2"
   resolved "https://registry.yarnpkg.com/tree-kill/-/tree-kill-1.2.2.tgz#4ca09a9092c88b73a7cdc5e8a01b507b0790a0cc"
   integrity sha512-L0Orpi8qGpRG//Nd+H90vFB+3iHnue1zSSGmNOOCh1GLJ7rUKVwV2HvijphGQS2UmhUZewS9VgvxYIdgr+fG1A==
 
-tslib@1.11.1:
-  version "1.11.1"
-  resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.11.1.tgz#eb15d128827fbee2841549e171f45ed338ac7e35"
-  integrity sha512-aZW88SY8kQbU7gpV19lN24LtXh/yD4ZZg6qieAJDDg+YBsJcSmLGK9QpnUjAKVG/xefmvJGd1WUmfpT/g6AJGA==
+ts-pnp@^1.1.6:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/ts-pnp/-/ts-pnp-1.2.0.tgz#a500ad084b0798f1c3071af391e65912c86bca92"
+  integrity sha512-csd+vJOb/gkzvcCHgTGSChYpy5f1/XKNsmvBGO4JXS+z1v2HobugDz4s1IeFXM3wZB44uczs+eazB5Q/ccdhQw==
 
-tslib@^1.10.0, tslib@^1.8.0, tslib@^1.8.1, tslib@^1.9.0:
+tslib@2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.0.1.tgz#410eb0d113e5b6356490eec749603725b021b43e"
+  integrity sha512-SgIkNheinmEBgx1IUNirK0TUD4X9yjjBRTqqjggWCU3pUEqIk3/Uwl3yRixYKT6WjQuGiwDv4NomL3wqRCj+CQ==
+
+tslib@^1.10.0, tslib@^1.8.1, tslib@^1.9.0:
   version "1.13.0"
   resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.13.0.tgz#c881e13cc7015894ed914862d276436fa9a47043"
   integrity sha512-i/6DQjL8Xf3be4K/E6Wgpekn5Qasl1usyw++dAA35Ue5orEn65VIxOA+YvNNl9HV3qv70T7CNwjODHZrLwvd1Q==
 
-tslint@^5.12.1:
-  version "5.20.1"
-  resolved "https://registry.yarnpkg.com/tslint/-/tslint-5.20.1.tgz#e401e8aeda0152bc44dd07e614034f3f80c67b7d"
-  integrity sha512-EcMxhzCFt8k+/UP5r8waCf/lzmeSyVlqxqMEDQE7rWYiQky8KpIBz1JAoYXfROHrPZ1XXd43q8yQnULOLiBRQg==
+tslib@^1.13.0:
+  version "1.14.1"
+  resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.14.1.tgz#cf2d38bdc34a134bcaf1091c41f6619e2f672d00"
+  integrity sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==
+
+tslib@^2.0.0:
+  version "2.0.3"
+  resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.0.3.tgz#8e0741ac45fc0c226e58a17bfc3e64b9bc6ca61c"
+  integrity sha512-uZtkfKblCEQtZKBF6EBXVZeQNl82yqtDQdv+eck8u7tdPxjLu2/lp5/uPW+um2tpuxINHWy3GhiccY7QgEaVHQ==
+
+tslint@~6.1.0:
+  version "6.1.3"
+  resolved "https://registry.yarnpkg.com/tslint/-/tslint-6.1.3.tgz#5c23b2eccc32487d5523bd3a470e9aa31789d904"
+  integrity sha512-IbR4nkT96EQOvKE2PW/djGz8iGNeJ4rF2mBfiYaR/nvUWYKJhLwimoJKgjIFEIDibBtOevj7BqCRL4oHeWWUCg==
   dependencies:
     "@babel/code-frame" "^7.0.0"
     builtin-modules "^1.1.1"
@@ -7656,10 +8026,10 @@ tslint@^5.12.1:
     glob "^7.1.1"
     js-yaml "^3.13.1"
     minimatch "^3.0.4"
-    mkdirp "^0.5.1"
+    mkdirp "^0.5.3"
     resolve "^1.3.2"
     semver "^5.3.0"
-    tslib "^1.8.0"
+    tslib "^1.13.0"
     tsutils "^2.29.0"
 
 tsutils@^2.29.0:
@@ -7699,20 +8069,30 @@ type-is@~1.6.17, type-is@~1.6.18:
     media-typer "0.3.0"
     mime-types "~2.1.24"
 
+type@^1.0.1:
+  version "1.2.0"
+  resolved "https://registry.yarnpkg.com/type/-/type-1.2.0.tgz#848dd7698dafa3e54a6c479e759c4bc3f18847a0"
+  integrity sha512-+5nt5AAniqsCnu2cEQQdpzCAh33kVx8n0VoFidKpB1dVVLAN/F+bgVOqOJqOnEnrhp222clB5p3vUlD+1QAnfg==
+
+type@^2.0.0:
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/type/-/type-2.1.0.tgz#9bdc22c648cf8cf86dd23d32336a41cfb6475e3f"
+  integrity sha512-G9absDWvhAWCV2gmF1zKud3OyC61nZDwWvBL2DApaVFogI07CprggiQAOOjvp2NRjYWFzPyu7vwtDrQFq8jeSA==
+
 typedarray@^0.0.6:
   version "0.0.6"
   resolved "https://registry.yarnpkg.com/typedarray/-/typedarray-0.0.6.tgz#867ac74e3864187b1d3d47d996a78ec5c8830777"
   integrity sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c=
 
-typescript@3.6.5:
-  version "3.6.5"
-  resolved "https://registry.yarnpkg.com/typescript/-/typescript-3.6.5.tgz#dae20114a7b4ff4bd642db9c8c699f2953e8bbdb"
-  integrity sha512-BEjlc0Z06ORZKbtcxGrIvvwYs5hAnuo6TKdNFL55frVDlB+na3z5bsLhFaIxmT+dPWgBIjMo6aNnTOgHHmHgiQ==
+typescript@4.0.2:
+  version "4.0.2"
+  resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.0.2.tgz#7ea7c88777c723c681e33bf7988be5d008d05ac2"
+  integrity sha512-e4ERvRV2wb+rRZ/IQeb3jm2VxBsirQLpQhdxplZ2MEzGvDkkMmPglecnNDfSUBivMjP93vRbngYYDQqQ/78bcQ==
 
-typescript@3.7.5:
-  version "3.7.5"
-  resolved "https://registry.yarnpkg.com/typescript/-/typescript-3.7.5.tgz#0692e21f65fd4108b9330238aac11dd2e177a1ae"
-  integrity sha512-/P5lkRXkWHNAbcJIiHPfRoKqyd7bsyCma1hZNUGfn20qm64T6ZBlrzprymeu918H+mB/0rIg2gGK/BXkhhYgBw==
+typescript@4.0.5:
+  version "4.0.5"
+  resolved "https://registry.yarnpkg.com/typescript/-/typescript-4.0.5.tgz#ae9dddfd1069f1cb5beb3ef3b2170dd7c1332389"
+  integrity sha512-ywmr/VrTVCmNTJ6iV2LwIrfG1P+lv6luD8sUJs+2eI9NLGigaN+nUQc13iHqisq7bra9lnmUSYqbJvegraBOPQ==
 
 unicode-canonical-property-names-ecmascript@^1.0.4:
   version "1.0.4"
@@ -7771,13 +8151,13 @@ unique-slug@^2.0.0:
   dependencies:
     imurmurhash "^0.1.4"
 
-universal-analytics@0.4.20:
-  version "0.4.20"
-  resolved "https://registry.yarnpkg.com/universal-analytics/-/universal-analytics-0.4.20.tgz#d6b64e5312bf74f7c368e3024a922135dbf24b03"
-  integrity sha512-gE91dtMvNkjO+kWsPstHRtSwHXz0l2axqptGYp5ceg4MsuurloM0PU3pdOfpb5zBXUvyjT4PwhWK2m39uczZuw==
+universal-analytics@0.4.23:
+  version "0.4.23"
+  resolved "https://registry.yarnpkg.com/universal-analytics/-/universal-analytics-0.4.23.tgz#d915e676850c25c4156762471bdd7cf2eaaca8ac"
+  integrity sha512-lgMIH7XBI6OgYn1woDEmxhGdj8yDefMKg7GkWdeATAlQZFrMrNyxSkpDzY57iY0/6fdlzTbBV03OawvvzG+q7A==
   dependencies:
-    debug "^3.0.0"
-    request "^2.88.0"
+    debug "^4.1.1"
+    request "^2.88.2"
     uuid "^3.0.0"
 
 universalify@^0.1.0:
@@ -7882,10 +8262,10 @@ utils-merge@1.0.1:
   resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713"
   integrity sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=
 
-uuid@7.0.2:
-  version "7.0.2"
-  resolved "https://registry.yarnpkg.com/uuid/-/uuid-7.0.2.tgz#7ff5c203467e91f5e0d85cfcbaaf7d2ebbca9be6"
-  integrity sha512-vy9V/+pKG+5ZTYKf+VcphF5Oc6EFiu3W8Nv3P3zIh0EqVI80ZxOzuPfe9EHjkFNvf8+xuTHVeei4Drydlx4zjw==
+uuid@8.3.0:
+  version "8.3.0"
+  resolved "https://registry.yarnpkg.com/uuid/-/uuid-8.3.0.tgz#ab738085ca22dc9a8c92725e459b1d507df5d6ea"
+  integrity sha512-fX6Z5o4m6XsXBdli9g7DtWgAx+osMsRRZFKma1mIUsLCz6vRvv+pz5VNbyu9UEDzpMWulZfvpgb/cmDXVulYFQ==
 
 uuid@^3.0.0, uuid@^3.3.2, uuid@^3.4.0:
   version "3.4.0"
@@ -7954,7 +8334,7 @@ watchpack-chokidar2@^2.0.0:
   dependencies:
     chokidar "^2.1.8"
 
-watchpack@^1.6.0:
+watchpack@^1.7.4:
   version "1.7.4"
   resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-1.7.4.tgz#6e9da53b3c80bb2d6508188f5b200410866cd30b"
   integrity sha512-aWAgTW4MoSJzZPAicljkO1hsi1oKj/RRq/OJQh2PKI2UKL04c2Bs+MBOB+BBABHTXJpf9mCwHN7ANCvYsvY2sg==
@@ -7979,6 +8359,11 @@ wcwidth@^1.0.1:
   dependencies:
     defaults "^1.0.3"
 
+webidl-conversions@^6.1.0:
+  version "6.1.0"
+  resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-6.1.0.tgz#9111b4d7ea80acd40f5270d666621afa78b69514"
+  integrity sha512-qBIvFLGiBpLjfwmYAaHPXsn+ho5xZnGvyGvsarywGNc8VyQJUMHJ8OBKGGrPER0okBeMDaan4mNBlgBROxuI8w==
+
 webpack-dev-middleware@3.7.2, webpack-dev-middleware@^3.7.2:
   version "3.7.2"
   resolved "https://registry.yarnpkg.com/webpack-dev-middleware/-/webpack-dev-middleware-3.7.2.tgz#0019c3db716e3fa5cecbf64f2ab88a74bab331f3"
@@ -8052,40 +8437,40 @@ webpack-sources@1.4.3, webpack-sources@^1.1.0, webpack-sources@^1.2.0, webpack-s
     source-list-map "^2.0.0"
     source-map "~0.6.1"
 
-webpack-subresource-integrity@1.4.0:
-  version "1.4.0"
-  resolved "https://registry.yarnpkg.com/webpack-subresource-integrity/-/webpack-subresource-integrity-1.4.0.tgz#44963a64c9a214ad729158e7f46d52c2525cc88a"
-  integrity sha512-GB1kB/LwAWC3CxwcedGhMkxGpNZxSheCe1q+KJP1bakuieAdX/rGHEcf5zsEzhKXpqsGqokgsDoD9dIkr61VDQ==
+webpack-subresource-integrity@1.4.1:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/webpack-subresource-integrity/-/webpack-subresource-integrity-1.4.1.tgz#e8bf918b444277df46a66cd84542cbcdc5a6272d"
+  integrity sha512-XMLFInbGbB1HV7K4vHWANzc1CN0t/c4bBvnlvGxGwV45yE/S/feAXIm8dJsCkzqWtSKnmaEgTp/meyeThxG4Iw==
   dependencies:
     webpack-sources "^1.3.0"
 
-webpack@4.42.0:
-  version "4.42.0"
-  resolved "https://registry.yarnpkg.com/webpack/-/webpack-4.42.0.tgz#b901635dd6179391d90740a63c93f76f39883eb8"
-  integrity sha512-EzJRHvwQyBiYrYqhyjW9AqM90dE4+s1/XtCfn7uWg6cS72zH+2VPFAlsnW0+W0cDi0XRjNKUMoJtpSi50+Ph6w==
+webpack@4.44.1:
+  version "4.44.1"
+  resolved "https://registry.yarnpkg.com/webpack/-/webpack-4.44.1.tgz#17e69fff9f321b8f117d1fda714edfc0b939cc21"
+  integrity sha512-4UOGAohv/VGUNQJstzEywwNxqX417FnjZgZJpJQegddzPmTvph37eBIRbRTfdySXzVtJXLJfbMN3mMYhM6GdmQ==
   dependencies:
-    "@webassemblyjs/ast" "1.8.5"
-    "@webassemblyjs/helper-module-context" "1.8.5"
-    "@webassemblyjs/wasm-edit" "1.8.5"
-    "@webassemblyjs/wasm-parser" "1.8.5"
-    acorn "^6.2.1"
+    "@webassemblyjs/ast" "1.9.0"
+    "@webassemblyjs/helper-module-context" "1.9.0"
+    "@webassemblyjs/wasm-edit" "1.9.0"
+    "@webassemblyjs/wasm-parser" "1.9.0"
+    acorn "^6.4.1"
     ajv "^6.10.2"
     ajv-keywords "^3.4.1"
     chrome-trace-event "^1.0.2"
-    enhanced-resolve "^4.1.0"
+    enhanced-resolve "^4.3.0"
     eslint-scope "^4.0.3"
     json-parse-better-errors "^1.0.2"
     loader-runner "^2.4.0"
     loader-utils "^1.2.3"
     memory-fs "^0.4.1"
     micromatch "^3.1.10"
-    mkdirp "^0.5.1"
+    mkdirp "^0.5.3"
     neo-async "^2.6.1"
     node-libs-browser "^2.2.1"
     schema-utils "^1.0.0"
     tapable "^1.1.3"
     terser-webpack-plugin "^1.4.3"
-    watchpack "^1.6.0"
+    watchpack "^1.7.4"
     webpack-sources "^1.4.1"
 
 websocket-driver@0.6.5:
@@ -8109,6 +8494,20 @@ websocket-extensions@>=0.1.1:
   resolved "https://registry.yarnpkg.com/websocket-extensions/-/websocket-extensions-0.1.4.tgz#7f8473bc839dfd87608adb95d7eb075211578a42"
   integrity sha512-OqedPIGOfsDlo31UNwYbCFMSaO9m9G/0faIHj5/dZFDMFqPTcx6UwqyOy3COEaEOg/9VsGIpdqn62W5KhoKSpg==
 
+whatwg-mimetype@^2.3.0:
+  version "2.3.0"
+  resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz#3d4b1e0312d2079879f826aff18dbeeca5960fbf"
+  integrity sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==
+
+whatwg-url@^8.0.0:
+  version "8.4.0"
+  resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-8.4.0.tgz#50fb9615b05469591d2b2bd6dfaed2942ed72837"
+  integrity sha512-vwTUFf6V4zhcPkWp/4CQPr1TW9Ml6SF4lVyaIMBdJw5i6qUUJ1QWM4Z6YYVkfka0OUIzVo/0aNtGVGk256IKWw==
+  dependencies:
+    lodash.sortby "^4.7.0"
+    tr46 "^2.0.2"
+    webidl-conversions "^6.1.0"
+
 when@~3.6.x:
   version "3.6.4"
   resolved "https://registry.yarnpkg.com/when/-/when-3.6.4.tgz#473b517ec159e2b85005497a13983f095412e34e"
@@ -8166,10 +8565,10 @@ worker-farm@^1.7.0:
   dependencies:
     errno "~0.1.7"
 
-worker-plugin@4.0.3:
-  version "4.0.3"
-  resolved "https://registry.yarnpkg.com/worker-plugin/-/worker-plugin-4.0.3.tgz#7c42e600d5931ad154d3d5f187a32446df64db0f"
-  integrity sha512-7hFDYWiKcE3yHZvemsoM9lZis/PzurHAEX1ej8PLCu818Rt6QqUAiDdxHPCKZctzmhqzPpcFSgvMCiPbtooqAg==
+worker-plugin@5.0.0:
+  version "5.0.0"
+  resolved "https://registry.yarnpkg.com/worker-plugin/-/worker-plugin-5.0.0.tgz#113b5fe1f4a5d6a957cecd29915bedafd70bb537"
+  integrity sha512-AXMUstURCxDD6yGam2r4E34aJg6kW85IiaeX72hi+I1cxyaMUtrvVY6sbfpGKAj5e7f68Acl62BjQF5aOOx2IQ==
   dependencies:
     loader-utils "^1.1.0"
 

From 19c5cdcef8c4385034060d5e1ea9982a0efc0c02 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 28 Oct 2020 22:01:56 +0100
Subject: [PATCH 170/237] Webconsole packages updated

---
 .../src/main/resources/www/package.json       |   2 +-
 .../src/main/resources/www/yarn.lock          | 599 +++++++-----------
 2 files changed, 242 insertions(+), 359 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/package.json b/ids-webconsole/src/main/resources/www/package.json
index 46a73efb4..0308263a9 100644
--- a/ids-webconsole/src/main/resources/www/package.json
+++ b/ids-webconsole/src/main/resources/www/package.json
@@ -46,4 +46,4 @@
     "typescript": "4.0.5",
     "vis": "^4.20.0"
   }
-}
\ No newline at end of file
+}
diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index dd054f451..5c11cd3ce 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -122,9 +122,9 @@
     rxjs "6.6.2"
 
 "@angular/animations@~10.2.0":
-  version "10.2.0"
-  resolved "https://registry.yarnpkg.com/@angular/animations/-/animations-10.2.0.tgz#7d60e8261cccc9a348699f23bc40b8d5c569baaa"
-  integrity sha512-lKjC2Jm2Al4GCW2zKutdskMWqe5S23gknPvp65ybmR5D1Pz/YgzDOHXmTHqDn5qXJgzpFt/fJgNi805XrAOm4g==
+  version "10.2.1"
+  resolved "https://registry.yarnpkg.com/@angular/animations/-/animations-10.2.1.tgz#6a28e68b05b1e738cbe779a002349cf8539699b8"
+  integrity sha512-WD3WGMLhGdvmBNIf9l+H3NwniQr+yBnTEOyUnsOokXsX3I5LYYPCR+3E/YBRDbbBuf4Y3v3sEkijHT5xZ+jQHw==
   dependencies:
     tslib "^2.0.0"
 
@@ -155,16 +155,16 @@
     uuid "8.3.0"
 
 "@angular/common@~10.2.0":
-  version "10.2.0"
-  resolved "https://registry.yarnpkg.com/@angular/common/-/common-10.2.0.tgz#f9f50363a1fc5051750fd290ab8ea907ff9003ea"
-  integrity sha512-4q7cb6Z18R1nQ8dN8uj6cckuk4jzY40lF7kpxf/wja0pQBUBtWwExwXsdHTVWGZ/mgQv9a5dTAPQq8/tSmf+hw==
+  version "10.2.1"
+  resolved "https://registry.yarnpkg.com/@angular/common/-/common-10.2.1.tgz#3fbba2102fa8f02f60fae2b0c79b4495be60de2a"
+  integrity sha512-aJtgokgWxibd7wGmktHm0uYkR/lOrbcStrn6Qisj/PIJf9xTGXYFB0yusnk103aiuBfCIKq+Wl0ZGc1s81Okaw==
   dependencies:
     tslib "^2.0.0"
 
 "@angular/compiler-cli@~10.2.0":
-  version "10.2.0"
-  resolved "https://registry.yarnpkg.com/@angular/compiler-cli/-/compiler-cli-10.2.0.tgz#ab3504df42bd23aa0916d3b78281ce20b2fa1473"
-  integrity sha512-NWTNg15LLL14MgooXV1Xb4w49I4OAfWakcc0J7XQm3B3mRFuue/UfXE9dKMStenTfmtUnNO9c+xjZRhTWYJkfw==
+  version "10.2.1"
+  resolved "https://registry.yarnpkg.com/@angular/compiler-cli/-/compiler-cli-10.2.1.tgz#4482cdc4814dc75bf197c18f39c401181851ac08"
+  integrity sha512-LSqnJ6K6lZCMrlp47SMysHwyl4NOcOAhnZ1x4aqX85w/rBL5ge1Y57KFZFJ4wYVnboXpQCnPU/uojNuQIQJ8LQ==
   dependencies:
     canonical-path "1.0.0"
     chokidar "^3.0.0"
@@ -181,53 +181,53 @@
     yargs "15.3.0"
 
 "@angular/compiler@~10.2.0":
-  version "10.2.0"
-  resolved "https://registry.yarnpkg.com/@angular/compiler/-/compiler-10.2.0.tgz#1cd4e6b528494514c016be4c83b1dfbeb13681b5"
-  integrity sha512-r+zNEDJmfH7pyQULgs6iQgMv/zH/CokepTuemrVbBKkUjd8F9Q84XdflR2Tx2rukiAAl4B0BuG+v4tSb9pR1WQ==
+  version "10.2.1"
+  resolved "https://registry.yarnpkg.com/@angular/compiler/-/compiler-10.2.1.tgz#6abffc69d2c67aa10289af98142915cb9230a69c"
+  integrity sha512-nJkRSqwQSGeudBWr9JK30Yi2yBvURYTKW4x4GxdW3YiEGBIlKU6aX6q5yi2xHdWO4AEgRs21ZjTs/wp00qnqTg==
   dependencies:
     tslib "^2.0.0"
 
 "@angular/core@~10.2.0":
-  version "10.2.0"
-  resolved "https://registry.yarnpkg.com/@angular/core/-/core-10.2.0.tgz#a5eac8b37ef5268f90e45e06b1a4d48ab55f31dc"
-  integrity sha512-pj+0cIDHMfeTFFrxbxM1qanSqhnA3ybCYMQm+Fs/WAPlLSvB6s/vVhq6tCdicHzd7/fujGXPcb8Hvtx+km8TqQ==
+  version "10.2.1"
+  resolved "https://registry.yarnpkg.com/@angular/core/-/core-10.2.1.tgz#05ad30c43ba925a62074515c9d002c1c5337047c"
+  integrity sha512-zt9G5Ei1nxB6yVJqpiH7K6npaiEUrPWlDCq6vwXeJbmO3tbw2WWiqD55Wkx5hRfysY43swC5j7VveNytHidkkQ==
   dependencies:
     tslib "^2.0.0"
 
 "@angular/forms@~10.2.0":
-  version "10.2.0"
-  resolved "https://registry.yarnpkg.com/@angular/forms/-/forms-10.2.0.tgz#d147709539ab4bd508d948c9809d3b3ec0e3d413"
-  integrity sha512-pRQP5AWyB37rJWtgvZRWA3H+EMcP9M7QybOAfCf7z9CMRhKK+jVvd5yQqyqOYWOEBuS0kUD3HM/vrpZywhK/6g==
+  version "10.2.1"
+  resolved "https://registry.yarnpkg.com/@angular/forms/-/forms-10.2.1.tgz#2b1018ef8c06872355c1d75eeb251ca45b316dd5"
+  integrity sha512-cGJZRb/caqHeNLpl/f4uFUtCxF8hc1Jd1dkDzfxG3Ea3J96qNsApxWCdwI09aI6KyYADSvQKTjZcgdASmTr/cA==
   dependencies:
     tslib "^2.0.0"
 
 "@angular/platform-browser-dynamic@~10.2.0":
-  version "10.2.0"
-  resolved "https://registry.yarnpkg.com/@angular/platform-browser-dynamic/-/platform-browser-dynamic-10.2.0.tgz#08ccd67fecc0269b1335e8efb1b7ef6d06a7f389"
-  integrity sha512-S1yBpoJjQcGrvkoHhy+We1lMi/TONzSAUTYz05WexDC6N8eLX4NpbjOUHxtYH5JfXltQ2B32zycyjwyB2t2ulA==
+  version "10.2.1"
+  resolved "https://registry.yarnpkg.com/@angular/platform-browser-dynamic/-/platform-browser-dynamic-10.2.1.tgz#865610f61b3cb607937f9b0b6c4fdd774dafacdf"
+  integrity sha512-AyN3dchRIHTXrN8lSni7PfZTHuJcQ4Qp3ZCunxal3dmfIqWKHBCvotJX02UXVPqVC/9qvnyZ1Ezvfw5vx8MVEg==
   dependencies:
     tslib "^2.0.0"
 
 "@angular/platform-browser@~10.2.0":
-  version "10.2.0"
-  resolved "https://registry.yarnpkg.com/@angular/platform-browser/-/platform-browser-10.2.0.tgz#ae1a32506dcce321eb6e8acb151db95fedc6da91"
-  integrity sha512-GqO4MH7sddzvirr6AwxPXIfFFQp1+Xs5BCguSajyqt7i1j7vA0mKvFCvO7tIYmJmepWa0YPs9cXtq8nxDAoqVA==
+  version "10.2.1"
+  resolved "https://registry.yarnpkg.com/@angular/platform-browser/-/platform-browser-10.2.1.tgz#9b6fb419773eb2492c98486cb0ed636b89dcf692"
+  integrity sha512-kuxqntIbiyxHIgEopBXoO10HqsFQyzV8Y11+KcnIFN0tte7oOAc6REvUxnvtwKOyFOyYQFv0BhA1QCuddqytGA==
   dependencies:
     tslib "^2.0.0"
 
 "@angular/platform-server@~10.2.0":
-  version "10.2.0"
-  resolved "https://registry.yarnpkg.com/@angular/platform-server/-/platform-server-10.2.0.tgz#36153c8b5486f7cd484ec09280e2395b0a43ff1a"
-  integrity sha512-eIc7xiGPylQ6uExx+LeTOHFRDtsbRe4sqgbjsfmlQfvxuVbYRzacXctvymjqr1cGzYW+CpB/3eQoz7uX/BGOog==
+  version "10.2.1"
+  resolved "https://registry.yarnpkg.com/@angular/platform-server/-/platform-server-10.2.1.tgz#3e3dc460a603469c0cc212d6f32173a4d9ba85c4"
+  integrity sha512-VCpd2KEyGA4zhw8E82jJb19VsKVhPiogRaHNZ7xNiMYxu3JTFIDGMnTsT3nILGAKeDxQUeyU0oyguQfXPz4wag==
   dependencies:
     domino "^2.1.2"
     tslib "^2.0.0"
     xhr2 "^0.2.0"
 
 "@angular/router@~10.2.0":
-  version "10.2.0"
-  resolved "https://registry.yarnpkg.com/@angular/router/-/router-10.2.0.tgz#e8e9d0999846d71283298c7d58f8614d8c8c248d"
-  integrity sha512-iAaJqcFrwduL1YopLrw4ax6kWd2FrqcGjcf0GY2ZUEEcwo5hQVMrKAt7MUJPVHGZf+OzSYJBgP7ApU60oZ43AA==
+  version "10.2.1"
+  resolved "https://registry.yarnpkg.com/@angular/router/-/router-10.2.1.tgz#c3204c2a20aac871c415118908179431319dac91"
+  integrity sha512-w2iS/gq4dcPd4cPGgd7HGEANg5BfE+fg0cI81ah7e79OatDP+Y1atxmNXyF50gCxl8x6WDnUiNu8nfjTebgRAw==
   dependencies:
     tslib "^2.0.0"
 
@@ -266,18 +266,18 @@
     source-map "^0.5.0"
 
 "@babel/core@^7.7.5":
-  version "7.11.6"
-  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.11.6.tgz#3a9455dc7387ff1bac45770650bc13ba04a15651"
-  integrity sha512-Wpcv03AGnmkgm6uS6k8iwhIwTrcP0m17TL1n1sy7qD0qelDu4XNeW0dN0mHfa+Gei211yDaLoEe/VlbXQzM4Bg==
+  version "7.12.3"
+  resolved "https://registry.yarnpkg.com/@babel/core/-/core-7.12.3.tgz#1b436884e1e3bff6fb1328dc02b208759de92ad8"
+  integrity sha512-0qXcZYKZp3/6N2jKYVxZv0aNCsxTSVCiK72DTiTYZAu7sjg73W0/aynWjMbiGd87EQL4WyA8reiJVh92AVla9g==
   dependencies:
     "@babel/code-frame" "^7.10.4"
-    "@babel/generator" "^7.11.6"
-    "@babel/helper-module-transforms" "^7.11.0"
-    "@babel/helpers" "^7.10.4"
-    "@babel/parser" "^7.11.5"
+    "@babel/generator" "^7.12.1"
+    "@babel/helper-module-transforms" "^7.12.1"
+    "@babel/helpers" "^7.12.1"
+    "@babel/parser" "^7.12.3"
     "@babel/template" "^7.10.4"
-    "@babel/traverse" "^7.11.5"
-    "@babel/types" "^7.11.5"
+    "@babel/traverse" "^7.12.1"
+    "@babel/types" "^7.12.1"
     convert-source-map "^1.7.0"
     debug "^4.1.0"
     gensync "^1.0.0-beta.1"
@@ -305,15 +305,6 @@
     jsesc "^2.5.1"
     source-map "^0.5.0"
 
-"@babel/generator@^7.11.5", "@babel/generator@^7.11.6":
-  version "7.11.6"
-  resolved "https://registry.yarnpkg.com/@babel/generator/-/generator-7.11.6.tgz#b868900f81b163b4d464ea24545c61cbac4dc620"
-  integrity sha512-DWtQ1PV3r+cLbySoHrwn9RWEgKMBLLma4OBQloPRyDYvc5msJM9kvTLo1YnlJd1P/ZuKbdli3ijr5q3FvAF3uA==
-  dependencies:
-    "@babel/types" "^7.11.5"
-    jsesc "^2.5.1"
-    source-map "^0.5.0"
-
 "@babel/helper-annotate-as-pure@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/helper-annotate-as-pure/-/helper-annotate-as-pure-7.10.4.tgz#5bf0d495a3f757ac3bda48b5bf3b3ba309c72ba3"
@@ -350,15 +341,6 @@
     "@babel/helper-replace-supers" "^7.12.1"
     "@babel/helper-split-export-declaration" "^7.10.4"
 
-"@babel/helper-create-regexp-features-plugin@^7.10.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.10.4.tgz#fdd60d88524659a0b6959c0579925e425714f3b8"
-  integrity sha512-2/hu58IEPKeoLF45DBwx3XFqsbCXmkdAay4spVr2x0jYgRxrSNp+ePwvSsy9g6YSaNDcKIQVPXk1Ov8S2edk2g==
-  dependencies:
-    "@babel/helper-annotate-as-pure" "^7.10.4"
-    "@babel/helper-regex" "^7.10.4"
-    regexpu-core "^4.7.0"
-
 "@babel/helper-create-regexp-features-plugin@^7.12.1":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/helper-create-regexp-features-plugin/-/helper-create-regexp-features-plugin-7.12.1.tgz#18b1302d4677f9dc4740fe8c9ed96680e29d37e8"
@@ -378,11 +360,11 @@
     lodash "^4.17.19"
 
 "@babel/helper-explode-assignable-expression@^7.10.4":
-  version "7.11.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-explode-assignable-expression/-/helper-explode-assignable-expression-7.11.4.tgz#2d8e3470252cc17aba917ede7803d4a7a276a41b"
-  integrity sha512-ux9hm3zR4WV1Y3xXxXkdG/0gxF9nvI0YVmKVhvK9AfMoaQkemL3sJpXw+Xbz65azo8qJiEz2XVDUpK3KYhH3ZQ==
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helper-explode-assignable-expression/-/helper-explode-assignable-expression-7.12.1.tgz#8006a466695c4ad86a2a5f2fb15b5f2c31ad5633"
+  integrity sha512-dmUwH8XmlrUpVqgtZ737tK88v07l840z9j3OEhCLwKTkjlvKpfqXVIZ0wpK3aeOxspwGrf/5AP5qLx4rO3w5rA==
   dependencies:
-    "@babel/types" "^7.10.4"
+    "@babel/types" "^7.12.1"
 
 "@babel/helper-function-name@^7.10.4":
   version "7.10.4"
@@ -407,13 +389,6 @@
   dependencies:
     "@babel/types" "^7.10.4"
 
-"@babel/helper-member-expression-to-functions@^7.10.4":
-  version "7.11.0"
-  resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.11.0.tgz#ae69c83d84ee82f4b42f96e2a09410935a8f26df"
-  integrity sha512-JbFlKHFntRV5qKw3YC0CvQnDZ4XMwgzzBbld7Ly4Mj4cbFy3KywcR8NtNctRToMWJOVvLINJv525Gd6wwVEx/Q==
-  dependencies:
-    "@babel/types" "^7.11.0"
-
 "@babel/helper-member-expression-to-functions@^7.12.1":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/helper-member-expression-to-functions/-/helper-member-expression-to-functions-7.12.1.tgz#fba0f2fcff3fba00e6ecb664bb5e6e26e2d6165c"
@@ -421,34 +396,14 @@
   dependencies:
     "@babel/types" "^7.12.1"
 
-"@babel/helper-module-imports@^7.10.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-module-imports/-/helper-module-imports-7.10.4.tgz#4c5c54be04bd31670a7382797d75b9fa2e5b5620"
-  integrity sha512-nEQJHqYavI217oD9+s5MUBzk6x1IlvoS9WTPfgG43CbMEeStE0v+r+TucWdx8KFGowPGvyOkDT9+7DHedIDnVw==
-  dependencies:
-    "@babel/types" "^7.10.4"
-
-"@babel/helper-module-imports@^7.12.1":
+"@babel/helper-module-imports@^7.10.4", "@babel/helper-module-imports@^7.12.1":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/helper-module-imports/-/helper-module-imports-7.12.1.tgz#1644c01591a15a2f084dd6d092d9430eb1d1216c"
   integrity sha512-ZeC1TlMSvikvJNy1v/wPIazCu3NdOwgYZLIkmIyAsGhqkNpiDoQQRmaCK8YP4Pq3GPTLPV9WXaPCJKvx06JxKA==
   dependencies:
     "@babel/types" "^7.12.1"
 
-"@babel/helper-module-transforms@^7.11.0":
-  version "7.11.0"
-  resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.11.0.tgz#b16f250229e47211abdd84b34b64737c2ab2d359"
-  integrity sha512-02EVu8COMuTRO1TAzdMtpBPbe6aQ1w/8fePD2YgQmxZU4gpNWaL9gK3Jp7dxlkUlUCJOTaSeA+Hrm1BRQwqIhg==
-  dependencies:
-    "@babel/helper-module-imports" "^7.10.4"
-    "@babel/helper-replace-supers" "^7.10.4"
-    "@babel/helper-simple-access" "^7.10.4"
-    "@babel/helper-split-export-declaration" "^7.11.0"
-    "@babel/template" "^7.10.4"
-    "@babel/types" "^7.11.0"
-    lodash "^4.17.19"
-
-"@babel/helper-module-transforms@^7.12.1":
+"@babel/helper-module-transforms@^7.11.0", "@babel/helper-module-transforms@^7.12.1":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/helper-module-transforms/-/helper-module-transforms-7.12.1.tgz#7954fec71f5b32c48e4b303b437c34453fd7247c"
   integrity sha512-QQzehgFAZ2bbISiCpmVGfiGux8YVFXQ0abBic2Envhej22DVXV9nCFaS5hIQbkyo1AdGb+gNME2TSh3hYJVV/w==
@@ -491,16 +446,6 @@
     "@babel/helper-wrap-function" "^7.10.4"
     "@babel/types" "^7.12.1"
 
-"@babel/helper-replace-supers@^7.10.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.10.4.tgz#d585cd9388ea06e6031e4cd44b6713cbead9e6cf"
-  integrity sha512-sPxZfFXocEymYTdVK1UNmFPBN+Hv5mJkLPsYWwGBxZAxaWfFu+xqp7b6qWD0yjNuNL2VKc6L5M18tOXUP7NU0A==
-  dependencies:
-    "@babel/helper-member-expression-to-functions" "^7.10.4"
-    "@babel/helper-optimise-call-expression" "^7.10.4"
-    "@babel/traverse" "^7.10.4"
-    "@babel/types" "^7.10.4"
-
 "@babel/helper-replace-supers@^7.12.1":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/helper-replace-supers/-/helper-replace-supers-7.12.1.tgz#f15c9cc897439281891e11d5ce12562ac0cf3fa9"
@@ -511,14 +456,6 @@
     "@babel/traverse" "^7.12.1"
     "@babel/types" "^7.12.1"
 
-"@babel/helper-simple-access@^7.10.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-simple-access/-/helper-simple-access-7.10.4.tgz#0f5ccda2945277a2a7a2d3a821e15395edcf3461"
-  integrity sha512-0fMy72ej/VEvF8ULmX6yb5MtHG4uH4Dbd6I/aHDb/JVg0bbivwt9Wg+h3uMvX+QSFtwr5MeItvazbrc4jtRAXw==
-  dependencies:
-    "@babel/template" "^7.10.4"
-    "@babel/types" "^7.10.4"
-
 "@babel/helper-simple-access@^7.12.1":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/helper-simple-access/-/helper-simple-access-7.12.1.tgz#32427e5aa61547d38eb1e6eaf5fd1426fdad9136"
@@ -551,23 +488,23 @@
   integrity sha512-YpJabsXlJVWP0USHjnC/AQDTLlZERbON577YUVO/wLpqyj6HAtVYnWaQaN0iUN+1/tWn3c+uKKXjRut5115Y2A==
 
 "@babel/helper-wrap-function@^7.10.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/helper-wrap-function/-/helper-wrap-function-7.10.4.tgz#8a6f701eab0ff39f765b5a1cfef409990e624b87"
-  integrity sha512-6py45WvEF0MhiLrdxtRjKjufwLL1/ob2qDJgg5JgNdojBAZSAKnAjkyOCNug6n+OBl4VW76XjvgSFTdaMcW0Ug==
+  version "7.12.3"
+  resolved "https://registry.yarnpkg.com/@babel/helper-wrap-function/-/helper-wrap-function-7.12.3.tgz#3332339fc4d1fbbf1c27d7958c27d34708e990d9"
+  integrity sha512-Cvb8IuJDln3rs6tzjW3Y8UeelAOdnpB8xtQ4sme2MSZ9wOxrbThporC0y/EtE16VAtoyEfLM404Xr1e0OOp+ow==
   dependencies:
     "@babel/helper-function-name" "^7.10.4"
     "@babel/template" "^7.10.4"
     "@babel/traverse" "^7.10.4"
     "@babel/types" "^7.10.4"
 
-"@babel/helpers@^7.10.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.10.4.tgz#2abeb0d721aff7c0a97376b9e1f6f65d7a475044"
-  integrity sha512-L2gX/XeUONeEbI78dXSrJzGdz4GQ+ZTA/aazfUsFaWjSe95kiCuOZ5HsXvkiw3iwF+mFHSRUfJU8t6YavocdXA==
+"@babel/helpers@^7.10.4", "@babel/helpers@^7.12.1":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/helpers/-/helpers-7.12.1.tgz#8a8261c1d438ec18cb890434df4ec768734c1e79"
+  integrity sha512-9JoDSBGoWtmbay98efmT2+mySkwjzeFeAL9BuWNoVQpkPFQF8SIIFUfY5os9u8wVzglzoiPRSW7cuJmBDUt43g==
   dependencies:
     "@babel/template" "^7.10.4"
-    "@babel/traverse" "^7.10.4"
-    "@babel/types" "^7.10.4"
+    "@babel/traverse" "^7.12.1"
+    "@babel/types" "^7.12.1"
 
 "@babel/highlight@^7.10.4":
   version "7.10.4"
@@ -578,12 +515,7 @@
     chalk "^2.0.0"
     js-tokens "^4.0.0"
 
-"@babel/parser@^7.10.4", "@babel/parser@^7.11.5":
-  version "7.11.5"
-  resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.11.5.tgz#c7ff6303df71080ec7a4f5b8c003c58f1cf51037"
-  integrity sha512-X9rD8qqm695vgmeaQ4fvz/o3+Wk4ZzQvSHkDBgpYKxpD4qTAUm88ZKtHkVqIOsYFFbIQ6wQYhC6q7pjqVK0E0Q==
-
-"@babel/parser@^7.11.1", "@babel/parser@^7.12.1":
+"@babel/parser@^7.10.4", "@babel/parser@^7.11.1", "@babel/parser@^7.12.1", "@babel/parser@^7.12.3":
   version "7.12.3"
   resolved "https://registry.yarnpkg.com/@babel/parser/-/parser-7.12.3.tgz#a305415ebe7a6c7023b40b5122a0662d928334cd"
   integrity sha512-kFsOS0IbsuhO5ojF8Hc8z/8vEIOkylVBrjiZUbLTE3XFe0Qi+uu6HjzQixkFaqr0ZPAMZcBVxEwmsnsLPZ2Xsw==
@@ -687,7 +619,7 @@
     "@babel/helper-create-class-features-plugin" "^7.12.1"
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-proposal-unicode-property-regex@^7.10.4":
+"@babel/plugin-proposal-unicode-property-regex@^7.10.4", "@babel/plugin-proposal-unicode-property-regex@^7.4.4":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-unicode-property-regex/-/plugin-proposal-unicode-property-regex-7.12.1.tgz#2a183958d417765b9eae334f47758e5d6a82e072"
   integrity sha512-MYq+l+PvHuw/rKUz1at/vb6nCnQ2gmJBNaM62z0OgH7B2W1D9pvkpYtlti9bGtizNIU1K3zm4bZF9F91efVY0w==
@@ -695,14 +627,6 @@
     "@babel/helper-create-regexp-features-plugin" "^7.12.1"
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-proposal-unicode-property-regex@^7.4.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-proposal-unicode-property-regex/-/plugin-proposal-unicode-property-regex-7.10.4.tgz#4483cda53041ce3413b7fe2f00022665ddfaa75d"
-  integrity sha512-H+3fOgPnEXFL9zGYtKQe4IDOPKYlZdF1kqFDQRRb8PK4B8af1vAGK04tF5iQAAsui+mHNBQSAtd2/ndEDe9wuA==
-  dependencies:
-    "@babel/helper-create-regexp-features-plugin" "^7.10.4"
-    "@babel/helper-plugin-utils" "^7.10.4"
-
 "@babel/plugin-syntax-async-generators@^7.8.0":
   version "7.8.4"
   resolved "https://registry.yarnpkg.com/@babel/plugin-syntax-async-generators/-/plugin-syntax-async-generators-7.8.4.tgz#a983fb1aeb2ec3f6ed042a210f640e90e786fe0d"
@@ -845,7 +769,7 @@
   dependencies:
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-dotall-regex@^7.10.4":
+"@babel/plugin-transform-dotall-regex@^7.10.4", "@babel/plugin-transform-dotall-regex@^7.4.4":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.12.1.tgz#a1d16c14862817b6409c0a678d6f9373ca9cd975"
   integrity sha512-B2pXeRKoLszfEW7J4Hg9LoFaWEbr/kzo3teWHmtFCszjRNa/b40f9mfeqZsIDLLt/FjwQ6pz/Gdlwy85xNckBA==
@@ -853,14 +777,6 @@
     "@babel/helper-create-regexp-features-plugin" "^7.12.1"
     "@babel/helper-plugin-utils" "^7.10.4"
 
-"@babel/plugin-transform-dotall-regex@^7.4.4":
-  version "7.10.4"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-dotall-regex/-/plugin-transform-dotall-regex-7.10.4.tgz#469c2062105c1eb6a040eaf4fac4b488078395ee"
-  integrity sha512-ZEAVvUTCMlMFAbASYSVQoxIbHm2OkG2MseW6bV2JjIygOjdVv8tuxrCTzj1+Rynh7ODb8GivUy7dzEXzEhuPaA==
-  dependencies:
-    "@babel/helper-create-regexp-features-plugin" "^7.10.4"
-    "@babel/helper-plugin-utils" "^7.10.4"
-
 "@babel/plugin-transform-duplicate-keys@^7.10.4":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/plugin-transform-duplicate-keys/-/plugin-transform-duplicate-keys-7.12.1.tgz#745661baba295ac06e686822797a69fbaa2ca228"
@@ -965,15 +881,7 @@
     "@babel/helper-plugin-utils" "^7.10.4"
     "@babel/helper-replace-supers" "^7.12.1"
 
-"@babel/plugin-transform-parameters@^7.10.4":
-  version "7.10.5"
-  resolved "https://registry.yarnpkg.com/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.10.5.tgz#59d339d58d0b1950435f4043e74e2510005e2c4a"
-  integrity sha512-xPHwUj5RdFV8l1wuYiu5S9fqWGM2DrYc24TMvUiRrPVm+SM3XeqU9BcokQX/kEUe+p2RBwy+yoiR1w/Blq6ubw==
-  dependencies:
-    "@babel/helper-get-function-arity" "^7.10.4"
-    "@babel/helper-plugin-utils" "^7.10.4"
-
-"@babel/plugin-transform-parameters@^7.12.1":
+"@babel/plugin-transform-parameters@^7.10.4", "@babel/plugin-transform-parameters@^7.12.1":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/plugin-transform-parameters/-/plugin-transform-parameters-7.12.1.tgz#d2e963b038771650c922eff593799c96d853255d"
   integrity sha512-xq9C5EQhdPK23ZeCdMxl8bbRnAgHFrw5EOC3KJUsSylZqdkCaFEXxGSBuTSObOpiiHHNyb82es8M1QYgfQGfNg==
@@ -1148,13 +1056,20 @@
     "@babel/types" "^7.4.4"
     esutils "^2.0.2"
 
-"@babel/runtime@7.11.2", "@babel/runtime@^7.8.4":
+"@babel/runtime@7.11.2":
   version "7.11.2"
   resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.11.2.tgz#f549c13c754cc40b87644b9fa9f09a6a95fe0736"
   integrity sha512-TeWkU52so0mPtDcaCTxNBI/IHiz0pZgr8VEFqXFtZWpYD08ZB6FaSwVAS8MKRQAP3bYKiVjwysOJgMFY28o6Tw==
   dependencies:
     regenerator-runtime "^0.13.4"
 
+"@babel/runtime@^7.8.4":
+  version "7.12.1"
+  resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.12.1.tgz#b4116a6b6711d010b2dad3b7b6e43bf1b9954740"
+  integrity sha512-J5AIf3vPj3UwXaAzb5j1xM4WAQDX3EMgemF8rjCP3SoW09LfRKAXQKt6CoVYl230P6iWdRcBbnLDDdnqWxZSCA==
+  dependencies:
+    regenerator-runtime "^0.13.4"
+
 "@babel/template@7.10.4", "@babel/template@^7.10.4":
   version "7.10.4"
   resolved "https://registry.yarnpkg.com/@babel/template/-/template-7.10.4.tgz#3251996c4200ebc71d1a8fc405fba940f36ba278"
@@ -1164,22 +1079,7 @@
     "@babel/parser" "^7.10.4"
     "@babel/types" "^7.10.4"
 
-"@babel/traverse@^7.10.4", "@babel/traverse@^7.11.5":
-  version "7.11.5"
-  resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.11.5.tgz#be777b93b518eb6d76ee2e1ea1d143daa11e61c3"
-  integrity sha512-EjiPXt+r7LiCZXEfRpSJd+jUMnBd4/9OUv7Nx3+0u9+eimMwJmG0Q98lw4/289JCoxSE8OolDMNZaaF/JZ69WQ==
-  dependencies:
-    "@babel/code-frame" "^7.10.4"
-    "@babel/generator" "^7.11.5"
-    "@babel/helper-function-name" "^7.10.4"
-    "@babel/helper-split-export-declaration" "^7.11.0"
-    "@babel/parser" "^7.11.5"
-    "@babel/types" "^7.11.5"
-    debug "^4.1.0"
-    globals "^11.1.0"
-    lodash "^4.17.19"
-
-"@babel/traverse@^7.11.0", "@babel/traverse@^7.12.1":
+"@babel/traverse@^7.10.4", "@babel/traverse@^7.11.0", "@babel/traverse@^7.12.1":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/traverse/-/traverse-7.12.1.tgz#941395e0c5cc86d5d3e75caa095d3924526f0c1e"
   integrity sha512-MA3WPoRt1ZHo2ZmoGKNqi20YnPt0B1S0GTZEPhhd+hw2KGUzBlHuVunj6K4sNuK+reEvyiPwtp0cpaqLzJDmAw==
@@ -1194,16 +1094,7 @@
     globals "^11.1.0"
     lodash "^4.17.19"
 
-"@babel/types@^7.10.4", "@babel/types@^7.10.5", "@babel/types@^7.11.0", "@babel/types@^7.11.5", "@babel/types@^7.4.4":
-  version "7.11.5"
-  resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.11.5.tgz#d9de577d01252d77c6800cee039ee64faf75662d"
-  integrity sha512-bvM7Qz6eKnJVFIn+1LPtjlBFPVN5jNDc1XmN15vWe7Q3DPBufWWsLiIvUu7xW87uTG6QoggpIDnUgLQvPheU+Q==
-  dependencies:
-    "@babel/helper-validator-identifier" "^7.10.4"
-    lodash "^4.17.19"
-    to-fast-properties "^2.0.0"
-
-"@babel/types@^7.12.1":
+"@babel/types@^7.10.4", "@babel/types@^7.10.5", "@babel/types@^7.11.0", "@babel/types@^7.12.1", "@babel/types@^7.4.4":
   version "7.12.1"
   resolved "https://registry.yarnpkg.com/@babel/types/-/types-7.12.1.tgz#e109d9ab99a8de735be287ee3d6a9947a190c4ae"
   integrity sha512-BzSY3NJBKM4kyatSOWh3D/JJ2O3CVzBybHWxtgxnggaxEuaSTTDqeiSb/xk9lrkw2Tbqyivw5ZU4rT+EfznQsA==
@@ -1293,11 +1184,6 @@
     semver "7.3.2"
     semver-intersect "1.4.0"
 
-"@types/color-name@^1.1.1":
-  version "1.1.1"
-  resolved "https://registry.yarnpkg.com/@types/color-name/-/color-name-1.1.1.tgz#1c1261bbeaa10a8055bbc5d8ab84b7b2afc846a0"
-  integrity sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==
-
 "@types/glob@^7.1.1":
   version "7.1.3"
   resolved "https://registry.yarnpkg.com/@types/glob/-/glob-7.1.3.tgz#e6ba80f36b7daad2c685acd9266382e68985c183"
@@ -1317,14 +1203,14 @@
   integrity sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA==
 
 "@types/node@*":
-  version "14.11.1"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.11.1.tgz#56af902ad157e763f9ba63d671c39cda3193c835"
-  integrity sha512-oTQgnd0hblfLsJ6BvJzzSL+Inogp3lq9fGgqRkMB/ziKMgEUaFl801OncOzUmalfzt14N0oPHMK47ipl+wbTIw==
+  version "14.14.6"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.6.tgz#146d3da57b3c636cc0d1769396ce1cfa8991147f"
+  integrity sha512-6QlRuqsQ/Ox/aJEQWBEJG7A9+u7oSYl3mem/K8IzxXG/kAGbV1YPD9Bg9Zw3vyxC/YP+zONKwy8hGkSt1jxFMw==
 
 "@types/node@^12.11.1":
-  version "12.12.62"
-  resolved "https://registry.yarnpkg.com/@types/node/-/node-12.12.62.tgz#733923d73669188d35950253dd18a21570085d2b"
-  integrity sha512-qAfo81CsD7yQIM9mVyh6B/U47li5g7cfpVQEDMfQeF8pSZVwzbhwU3crc0qG4DmpsebpJPR49AKOExQyJ05Cpg==
+  version "12.19.3"
+  resolved "https://registry.yarnpkg.com/@types/node/-/node-12.19.3.tgz#a6e252973214079155f749e8bef99cc80af182fa"
+  integrity sha512-8Jduo8wvvwDzEVJCOvS/G6sgilOLvvhn1eMmK3TW8/T217O7u1jdrK6ImKLv80tVryaPSVeKu6sjDEiFjd4/eg==
 
 "@types/q@^1.5.1":
   version "1.5.4"
@@ -1337,9 +1223,9 @@
   integrity sha512-K5K+yml8LTo9bWJI/rECfIPrGgxdpeNbj+d53lwN4QjW1MCwlkhUms+gtdzigTeUyBr09+u8BwOIY3MXvHdcsA==
 
 "@types/vis@^4.21.9":
-  version "4.21.20"
-  resolved "https://registry.yarnpkg.com/@types/vis/-/vis-4.21.20.tgz#b2153ac61dd7fda481857025ca1ef1556038ef11"
-  integrity sha512-3bejsXnnszmUq6bX55QkkoqkulWJcJ7Z/RgjsUFT1HsWIa1EGmsX/bl3DCyCXnKcxwciOjYvH4szY9KA1miNXw==
+  version "4.21.21"
+  resolved "https://registry.yarnpkg.com/@types/vis/-/vis-4.21.21.tgz#5c911c0d43603d103938ea128ee83ca72d9a9347"
+  integrity sha512-mDh/6zKCTViWOPeED2DnWFpACY7HkusEzSDfb6lsc7iEklowTeoMAMm/nyQQYOOWfF5ALfMbevrhs9CjdI7SUA==
   dependencies:
     moment ">=2.13.0"
 
@@ -1601,9 +1487,9 @@ ajv@6.12.4:
     uri-js "^4.2.2"
 
 ajv@^6.1.0, ajv@^6.10.2, ajv@^6.12.3, ajv@^6.12.4:
-  version "6.12.5"
-  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.5.tgz#19b0e8bae8f476e5ba666300387775fb1a00a4da"
-  integrity sha512-lRF8RORchjpKG50/WFf8xmg7sgCLFiYNNnqdKflk63whMQcWR5ngGjiSXkL9bjxy6B2npOK2HSMN49jEBMSkag==
+  version "6.12.6"
+  resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4"
+  integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==
   dependencies:
     fast-deep-equal "^3.1.1"
     fast-json-stable-stringify "^2.0.0"
@@ -1660,11 +1546,10 @@ ansi-styles@^3.2.0, ansi-styles@^3.2.1:
     color-convert "^1.9.0"
 
 ansi-styles@^4.0.0, ansi-styles@^4.1.0:
-  version "4.2.1"
-  resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-4.2.1.tgz#90ae75c424d008d2624c5bf29ead3177ebfcf359"
-  integrity sha512-9VGjrMsG1vePxcSweQsN20KY/c4zN0h9fLjqAbwbPfahM3t+NL+M9HC8xeXG2I8pX5NoamTGNuomEUFI7fcUjA==
+  version "4.3.0"
+  resolved "https://registry.yarnpkg.com/ansi-styles/-/ansi-styles-4.3.0.tgz#edd803628ae71c04c85ae7a0906edad34b648937"
+  integrity sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg==
   dependencies:
-    "@types/color-name" "^1.1.1"
     color-convert "^2.0.1"
 
 anymatch@^2.0.0:
@@ -1998,9 +1883,9 @@ boolbase@^1.0.0, boolbase@~1.0.0:
   integrity sha1-aN/1++YMUes3cl6p4+0xDcwed24=
 
 bootstrap@^4.2.1:
-  version "4.5.2"
-  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.5.2.tgz#a85c4eda59155f0d71186b6e6ad9b875813779ab"
-  integrity sha512-vlGn0bcySYl/iV+BGA544JkkZP5LB3jsmkeKLFQakCOwCM3AOk7VkldBz4jrzSe+Z0Ezn99NVXa1o45cQY4R6A==
+  version "4.5.3"
+  resolved "https://registry.yarnpkg.com/bootstrap/-/bootstrap-4.5.3.tgz#c6a72b355aaf323920be800246a6e4ef30997fe6"
+  integrity sha512-o9ppKQioXGqhw8Z7mah6KdTYpNQY//tipnkxppWhPbiSWdD+1raYsnhwEZjkTHYbGee4cVQ0Rx65EhOY/HNLcQ==
 
 brace-expansion@^1.1.7:
   version "1.1.11"
@@ -2105,12 +1990,12 @@ browserify-zlib@^0.2.0:
     pako "~1.0.5"
 
 browserslist@^4.0.0, browserslist@^4.12.0, browserslist@^4.8.5, browserslist@^4.9.1:
-  version "4.14.3"
-  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.14.3.tgz#381f9e7f13794b2eb17e1761b4f118e8ae665a53"
-  integrity sha512-GcZPC5+YqyPO4SFnz48/B0YaCwS47Q9iPChRGi6t7HhflKBcINzFrJvRfC+jp30sRMKxF+d4EHGs27Z0XP1NaQ==
+  version "4.14.5"
+  resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.14.5.tgz#1c751461a102ddc60e40993639b709be7f2c4015"
+  integrity sha512-Z+vsCZIvCBvqLoYkBFTwEYH3v5MCQbsAjp50ERycpOjnPmolg1Gjy4+KaWWpm8QOJt9GHkhdqAl14NpCX73CWA==
   dependencies:
-    caniuse-lite "^1.0.30001131"
-    electron-to-chromium "^1.3.570"
+    caniuse-lite "^1.0.30001135"
+    electron-to-chromium "^1.3.571"
     escalade "^3.1.0"
     node-releases "^1.1.61"
 
@@ -2261,12 +2146,7 @@ caniuse-api@^3.0.0:
     lodash.memoize "^4.1.2"
     lodash.uniq "^4.5.0"
 
-caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001032, caniuse-lite@^1.0.30001131:
-  version "1.0.30001133"
-  resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001133.tgz#ec564c5495311299eb05245e252d589a84acd95e"
-  integrity sha512-s3XAUFaC/ntDb1O3lcw9K8MPeOW7KO3z9+GzAoBxfz1B0VdacXPMKgFUtG4KIsgmnbexmi013s9miVu4h+qMHw==
-
-caniuse-lite@^1.0.30001109:
+caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001032, caniuse-lite@^1.0.30001109, caniuse-lite@^1.0.30001135:
   version "1.0.30001151"
   resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001151.tgz#1ddfde5e6fff02aad7940b4edb7d3ac76b0cb00b"
   integrity sha512-Zh3sHqskX6mHNrqUerh+fkf0N72cMxrmflzje/JyVImfpknscMnkeJrlFGJcqTmaa0iszdYptGpWMJCRQDkBVw==
@@ -2304,9 +2184,9 @@ chardet@^0.7.0:
   integrity sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==
 
 "chokidar@>=2.0.0 <4.0.0", chokidar@^3.0.0, chokidar@^3.4.1:
-  version "3.4.2"
-  resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.4.2.tgz#38dc8e658dec3809741eb3ef7bb0a47fe424232d"
-  integrity sha512-IZHaDeBeI+sZJRX7lGcXsdzgvZqKv6sECqsbErJA4mHWfpRrD8B97kSFN4cQz6nGBGiuFia1MKR4d6c1o8Cv7A==
+  version "3.4.3"
+  resolved "https://registry.yarnpkg.com/chokidar/-/chokidar-3.4.3.tgz#c1df38231448e45ca4ac588e6c79573ba6a57d5b"
+  integrity sha512-DtM3g7juCXQxFVSNPNByEC2+NImtBuxQQvWlHunpJIS5Ocr0lG306cC7FCi7cEA0fzmybPUIl4txBIobk1gGOQ==
   dependencies:
     anymatch "~3.1.1"
     braces "~3.0.2"
@@ -2314,7 +2194,7 @@ chardet@^0.7.0:
     is-binary-path "~2.1.0"
     is-glob "~4.0.1"
     normalize-path "~3.0.0"
-    readdirp "~3.4.0"
+    readdirp "~3.5.0"
   optionalDependencies:
     fsevents "~2.1.2"
 
@@ -2483,21 +2363,21 @@ color-name@^1.0.0, color-name@~1.1.4:
   resolved "https://registry.yarnpkg.com/color-name/-/color-name-1.1.4.tgz#c2a09a87acbde69543de6f63fa3995c826c536a2"
   integrity sha512-dOy+3AuW3a2wNbZHIuMZpTcgjGuLU/uBL/ubcZF9OXbDo8ff4O8yVp5Bf0efS8uEoYo5q4Fx7dY9OgQGXgAsQA==
 
-color-string@^1.5.2:
-  version "1.5.3"
-  resolved "https://registry.yarnpkg.com/color-string/-/color-string-1.5.3.tgz#c9bbc5f01b58b5492f3d6857459cb6590ce204cc"
-  integrity sha512-dC2C5qeWoYkxki5UAXapdjqO672AM4vZuPGRQfO8b5HKuKGBbKWpITyDYN7TOFKvRW7kOgAn3746clDBMDJyQw==
+color-string@^1.5.4:
+  version "1.5.4"
+  resolved "https://registry.yarnpkg.com/color-string/-/color-string-1.5.4.tgz#dd51cd25cfee953d138fe4002372cc3d0e504cb6"
+  integrity sha512-57yF5yt8Xa3czSEW1jfQDE79Idk0+AkN/4KWad6tbdxUmAs3MvjxlWSWD4deYytcRfoZ9nhKyFl1kj5tBvidbw==
   dependencies:
     color-name "^1.0.0"
     simple-swizzle "^0.2.2"
 
 color@^3.0.0:
-  version "3.1.2"
-  resolved "https://registry.yarnpkg.com/color/-/color-3.1.2.tgz#68148e7f85d41ad7649c5fa8c8106f098d229e10"
-  integrity sha512-vXTJhHebByxZn3lDvDJYw4lR5+uB3vuoHsuYA5AKuxRVn5wzzIfQKGLBmgdVRHKTJYeK5rvJcHnrd0Li49CFpg==
+  version "3.1.3"
+  resolved "https://registry.yarnpkg.com/color/-/color-3.1.3.tgz#ca67fb4e7b97d611dcde39eceed422067d91596e"
+  integrity sha512-xgXAcTHa2HeFCGLE9Xs/R82hujGtu9Jd9x4NW3T34+OMs7VoPsjwzRczKHvTAHeJwWFwX5j15+MgAppE8ztObQ==
   dependencies:
     color-convert "^1.9.1"
-    color-string "^1.5.2"
+    color-string "^1.5.4"
 
 colorette@^1.2.1:
   version "1.2.1"
@@ -2812,18 +2692,18 @@ css-tree@1.0.0-alpha.37:
     mdn-data "2.0.4"
     source-map "^0.6.1"
 
-css-tree@1.0.0-alpha.39:
-  version "1.0.0-alpha.39"
-  resolved "https://registry.yarnpkg.com/css-tree/-/css-tree-1.0.0-alpha.39.tgz#2bff3ffe1bb3f776cf7eefd91ee5cba77a149eeb"
-  integrity sha512-7UvkEYgBAHRG9Nt980lYxjsTrCyHFN53ky3wVsDkiMdVqylqRt+Zc+jm5qw7/qyOvN2dHSYtX0e4MbCCExSvnA==
+css-tree@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/css-tree/-/css-tree-1.0.0.tgz#21993fa270d742642a90409a2c0cb3ac0298adf6"
+  integrity sha512-CdVYz/Yuqw0VdKhXPBIgi8DO3NicJVYZNWeX9XcIuSp9ZoFT5IcleVRW07O5rMjdcx1mb+MEJPknTTEW7DdsYw==
   dependencies:
-    mdn-data "2.0.6"
+    mdn-data "2.0.12"
     source-map "^0.6.1"
 
 css-what@^3.2.1:
-  version "3.3.0"
-  resolved "https://registry.yarnpkg.com/css-what/-/css-what-3.3.0.tgz#10fec696a9ece2e591ac772d759aacabac38cd39"
-  integrity sha512-pv9JPyatiPaQ6pf4OvD/dbfm0o5LviWmwxNWzblYf/1u9QZd0ihV+PMwy5jdQWQ3349kZmKEx9WXuSka2dM4cg==
+  version "3.4.2"
+  resolved "https://registry.yarnpkg.com/css-what/-/css-what-3.4.2.tgz#ea7026fcb01777edbde52124e21f327e7ae950e4"
+  integrity sha512-ACUm3L0/jiZTqfzRM3Hi9Q8eZqd6IK37mMWPLz9PJxkLWllYeRf+EHUSHYEtFop2Eqytaq1FizFVh7XfBnXCDQ==
 
 css@^2.0.0:
   version "2.2.4"
@@ -2916,11 +2796,11 @@ cssnano@4.1.10:
     postcss "^7.0.0"
 
 csso@^4.0.2:
-  version "4.0.3"
-  resolved "https://registry.yarnpkg.com/csso/-/csso-4.0.3.tgz#0d9985dc852c7cc2b2cacfbbe1079014d1a8e903"
-  integrity sha512-NL3spysxUkcrOgnpsT4Xdl2aiEiBG6bXswAABQVHcMrfjjBisFOKwLDOmf4wf32aPdcJws1zds2B0Rg+jqMyHQ==
+  version "4.1.0"
+  resolved "https://registry.yarnpkg.com/csso/-/csso-4.1.0.tgz#1d31193efa99b87aa6bad6c0cef155e543d09e8b"
+  integrity sha512-h+6w/W1WqXaJA4tb1dk7r5tVbOm97MsKxzwnvOR04UQ6GILroryjMWu3pmCCtL2mLaEStQ0fZgeGiy99mo7iyg==
   dependencies:
-    css-tree "1.0.0-alpha.39"
+    css-tree "^1.0.0"
 
 cyclist@^1.0.1:
   version "1.0.1"
@@ -3019,21 +2899,21 @@ deep-equal@^1.0.1:
     regexp.prototype.flags "^1.2.0"
 
 deep-equal@^2.0.1:
-  version "2.0.3"
-  resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-2.0.3.tgz#cad1c15277ad78a5c01c49c2dee0f54de8a6a7b0"
-  integrity sha512-Spqdl4H+ky45I9ByyJtXteOm9CaIrPmnIPmOhrkKGNYWeDgCvJ8jNYVCTjChxW4FqGuZnLHADc8EKRMX6+CgvA==
+  version "2.0.4"
+  resolved "https://registry.yarnpkg.com/deep-equal/-/deep-equal-2.0.4.tgz#6b0b407a074666033169df3acaf128e1c6f3eab6"
+  integrity sha512-BUfaXrVoCfgkOQY/b09QdO9L3XNoF2XH0A3aY9IQwQL/ZjLOe8FQgCNVl1wiolhsFo8kFdO9zdPViCPbmaJA5w==
   dependencies:
-    es-abstract "^1.17.5"
+    es-abstract "^1.18.0-next.1"
     es-get-iterator "^1.1.0"
     is-arguments "^1.0.4"
     is-date-object "^1.0.2"
-    is-regex "^1.0.5"
+    is-regex "^1.1.1"
     isarray "^2.0.5"
-    object-is "^1.1.2"
+    object-is "^1.1.3"
     object-keys "^1.1.1"
-    object.assign "^4.1.0"
+    object.assign "^4.1.1"
     regexp.prototype.flags "^1.3.0"
-    side-channel "^1.0.2"
+    side-channel "^1.0.3"
     which-boxed-primitive "^1.0.1"
     which-collection "^1.0.1"
     which-typed-array "^1.1.2"
@@ -3243,10 +3123,10 @@ ee-first@1.1.1:
   resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
   integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=
 
-electron-to-chromium@^1.3.570:
-  version "1.3.570"
-  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.570.tgz#3f5141cc39b4e3892a276b4889980dabf1d29c7f"
-  integrity sha512-Y6OCoVQgFQBP5py6A/06+yWxUZHDlNr/gNDGatjH8AZqXl8X0tE4LfjLJsXGz/JmWJz8a6K7bR1k+QzZ+k//fg==
+electron-to-chromium@^1.3.571:
+  version "1.3.584"
+  resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.584.tgz#506cf7ba5895aafa8241876ab028654b61fd9ceb"
+  integrity sha512-NB3DzrTzJFhWkUp+nl2KtUtoFzrfGXTir2S+BU4tXGyXH9vlluPuFpE3pTKeH7+PY460tHLjKzh6K2+TWwW+Ww==
 
 elliptic@^6.5.3:
   version "6.5.3"
@@ -3315,9 +3195,9 @@ enhanced-resolve@4.3.0, enhanced-resolve@^4.3.0:
     tapable "^1.0.0"
 
 entities@^2.0.0:
-  version "2.0.3"
-  resolved "https://registry.yarnpkg.com/entities/-/entities-2.0.3.tgz#5c487e5742ab93c15abb5da22759b8590ec03b7f"
-  integrity sha512-MyoZ0jgnLvB2X3Lg5HqpFmn1kybDiIfEQmKzTb5apr51Rb+T3KdmMiqa70T+bhGnyv7bQ6WMj2QMHpGMmlrUYQ==
+  version "2.1.0"
+  resolved "https://registry.yarnpkg.com/entities/-/entities-2.1.0.tgz#992d3129cf7df6870b96c57858c249a120f8b8b5"
+  integrity sha512-hCx1oky9PFrJ611mf0ifBLBRW8lUUVRlFolb5gWRfIELabBlbp9xZvrqZLZAs+NxFnbfQoeGd8wDkygjg7U85w==
 
 err-code@^1.0.0:
   version "1.1.2"
@@ -3339,37 +3219,37 @@ error-ex@^1.3.1:
     is-arrayish "^0.2.1"
 
 es-abstract@^1.17.0-next.1, es-abstract@^1.17.2, es-abstract@^1.17.4, es-abstract@^1.17.5:
-  version "1.17.6"
-  resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.17.6.tgz#9142071707857b2cacc7b89ecb670316c3e2d52a"
-  integrity sha512-Fr89bON3WFyUi5EvAeI48QTWX0AyekGgLA8H+c+7fbfCkJwRWRMLd8CQedNEyJuoYYhmtEqY92pgte1FAhBlhw==
+  version "1.17.7"
+  resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.17.7.tgz#a4de61b2f66989fc7421676c1cb9787573ace54c"
+  integrity sha512-VBl/gnfcJ7OercKA9MVaegWsBHFjV492syMudcnQZvt/Dw8ezpcOHYZXa/J96O8vx+g4x65YKhxOwDUh63aS5g==
   dependencies:
     es-to-primitive "^1.2.1"
     function-bind "^1.1.1"
     has "^1.0.3"
     has-symbols "^1.0.1"
-    is-callable "^1.2.0"
-    is-regex "^1.1.0"
-    object-inspect "^1.7.0"
+    is-callable "^1.2.2"
+    is-regex "^1.1.1"
+    object-inspect "^1.8.0"
     object-keys "^1.1.1"
-    object.assign "^4.1.0"
+    object.assign "^4.1.1"
     string.prototype.trimend "^1.0.1"
     string.prototype.trimstart "^1.0.1"
 
-es-abstract@^1.18.0-next.0:
-  version "1.18.0-next.0"
-  resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.18.0-next.0.tgz#b302834927e624d8e5837ed48224291f2c66e6fc"
-  integrity sha512-elZXTZXKn51hUBdJjSZGYRujuzilgXo8vSPQzjGYXLvSlGiCo8VO8ZGV3kjo9a0WNJJ57hENagwbtlRuHuzkcQ==
+es-abstract@^1.18.0-next.0, es-abstract@^1.18.0-next.1:
+  version "1.18.0-next.1"
+  resolved "https://registry.yarnpkg.com/es-abstract/-/es-abstract-1.18.0-next.1.tgz#6e3a0a4bda717e5023ab3b8e90bec36108d22c68"
+  integrity sha512-I4UGspA0wpZXWENrdA0uHbnhte683t3qT/1VFH9aX2dA5PPSf6QW5HHXf5HImaqPmjXaVeVk4RGWnaylmV7uAA==
   dependencies:
     es-to-primitive "^1.2.1"
     function-bind "^1.1.1"
     has "^1.0.3"
     has-symbols "^1.0.1"
-    is-callable "^1.2.0"
+    is-callable "^1.2.2"
     is-negative-zero "^2.0.0"
     is-regex "^1.1.1"
     object-inspect "^1.8.0"
     object-keys "^1.1.1"
-    object.assign "^4.1.0"
+    object.assign "^4.1.1"
     string.prototype.trimend "^1.0.1"
     string.prototype.trimstart "^1.0.1"
 
@@ -3434,9 +3314,9 @@ es6-symbol@^3.1.1, es6-symbol@~3.1.3:
     ext "^1.1.2"
 
 escalade@^3.1.0:
-  version "3.1.0"
-  resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.1.0.tgz#e8e2d7c7a8b76f6ee64c2181d6b8151441602d4e"
-  integrity sha512-mAk+hPSO8fLDkhV7V0dXazH5pDc6MrjBTPyD3VeKzxnVFjH1MIxbCdqGZB9O8+EwWakZs3ZCbDS4IpRt79V1ig==
+  version "3.1.1"
+  resolved "https://registry.yarnpkg.com/escalade/-/escalade-3.1.1.tgz#d8cfdc7000965c5a0174b4a82eaa5c0552742e40"
+  integrity sha512-k0er2gUkLf8O0zKJiAhmkTnJlTvINGv7ygDNPbeIsX/TJjGJZHuh9B2UxbsaEkmlEo9MfhrSzmhIlhRlI2GXnw==
 
 escape-html@~1.0.3:
   version "1.0.3"
@@ -3663,9 +3543,9 @@ fastparse@^1.1.2:
   integrity sha512-483XLLxTVIwWK3QTrMGRqUfUpoOs/0hbQrl2oz4J0pAcm3A3bu84wxTFqGqkJzewCLdME38xJLJAxBABfQT8sQ==
 
 fastq@^1.6.0:
-  version "1.8.0"
-  resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.8.0.tgz#550e1f9f59bbc65fe185cb6a9b4d95357107f481"
-  integrity sha512-SMIZoZdLh/fgofivvIkmknUXyPnvxRE3DhtZ5Me3Mrsk5gyPL42F0xr51TdRXskBxHfMp+07bcYzfsYEsSQA9Q==
+  version "1.9.0"
+  resolved "https://registry.yarnpkg.com/fastq/-/fastq-1.9.0.tgz#e16a72f338eaca48e91b5c23593bcc2ef66b7947"
+  integrity sha512-i7FVWL8HhVY+CTkwFxkN2mk3h+787ixS5S63eb78diVRc1MCssarHq3W5cj0av7YDSwmaV928RNag+U1etRQ7w==
   dependencies:
     reusify "^1.0.4"
 
@@ -3895,9 +3775,9 @@ genfun@^5.0.0:
   integrity sha512-KGDOARWVga7+rnB3z9Sd2Letx515owfk0hSxHGuqjANb1M+x2bGZGqHLiozPsYMdM2OubeMni/Hpwmjq6qIUhA==
 
 gensync@^1.0.0-beta.1:
-  version "1.0.0-beta.1"
-  resolved "https://registry.yarnpkg.com/gensync/-/gensync-1.0.0-beta.1.tgz#58f4361ff987e5ff6e1e7a210827aa371eaac269"
-  integrity sha512-r8EC6NO1sngH/zdD9fiRDLdcgnbayXah+mLgManTaIZJqEC1MZstmnox8KpnI2/fxQwrp5OpCOYWLp4rBl4Jcg==
+  version "1.0.0-beta.2"
+  resolved "https://registry.yarnpkg.com/gensync/-/gensync-1.0.0-beta.2.tgz#32a6ee76c3d7f52d46b2b1ae5d93fea8580a25e0"
+  integrity sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==
 
 get-caller-file@^2.0.1:
   version "2.0.5"
@@ -4095,10 +3975,10 @@ hosted-git-info@^2.1.4, hosted-git-info@^2.7.1:
   resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.8.tgz#7539bd4bc1e0e0a895815a2e0262420b12858488"
   integrity sha512-f/wzC2QaWBs7t9IYqB4T3sR1xviIViXJRJTWBlx2Gf3g0Xi5vI7Yy4koXQ1c9OYDGHN9sBy1DQ2AB8fqZBWhUg==
 
-hosted-git-info@^3.0.2:
-  version "3.0.5"
-  resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-3.0.5.tgz#bea87905ef7317442e8df3087faa3c842397df03"
-  integrity sha512-i4dpK6xj9BIpVOTboXIlKG9+8HMKggcrMX7WA24xZtKwX0TPelq/rbaS5rCKeNX8sJXZJGdSxpnEGtta+wismQ==
+hosted-git-info@^3.0.2, hosted-git-info@^3.0.6:
+  version "3.0.7"
+  resolved "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-3.0.7.tgz#a30727385ea85acfcee94e0aad9e368c792e036c"
+  integrity sha512-fWqc0IcuXs+BmE9orLDyVykAG9GJtGLGuZAAqgcckPgv5xad4AcXGIv8galtQvlwutxSlaMcdw7BUtq2EIvqCQ==
   dependencies:
     lru-cache "^6.0.0"
 
@@ -4257,9 +4137,9 @@ icss-utils@^4.0.0, icss-utils@^4.1.1:
     postcss "^7.0.14"
 
 ieee754@^1.1.4:
-  version "1.1.13"
-  resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.1.13.tgz#ec168558e95aa181fd87d37f55c32bbcb6708b84"
-  integrity sha512-4vf7I2LYV/HaWerSo3XmlMkp5eZ83i+/CDluXi/IGTs/O1sejBNhTtnxzmRZfvOUqj7lZjqHkeTvpgSFDlWZTg==
+  version "1.2.1"
+  resolved "https://registry.yarnpkg.com/ieee754/-/ieee754-1.2.1.tgz#8eb7a10a63fff25d15a57b001586d177d1b0d352"
+  integrity sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==
 
 iferr@^0.1.5:
   version "0.1.5"
@@ -4478,10 +4358,10 @@ is-buffer@^1.1.5:
   resolved "https://registry.yarnpkg.com/is-buffer/-/is-buffer-1.1.6.tgz#efaa2ea9daa0d7ab2ea13a97b2b8ad51fefbe8be"
   integrity sha512-NcdALwpXkTm5Zvvbk7owOUSvVvBKDgKP5/ewfXEznmQFfs4ZRmanOeKBTjRVjka3QFoN6XJ+9F3USqfHqTaU5w==
 
-is-callable@^1.1.4, is-callable@^1.2.0:
-  version "1.2.1"
-  resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.1.tgz#4d1e21a4f437509d25ce55f8184350771421c96d"
-  integrity sha512-wliAfSzx6V+6WfMOmus1xy0XvSgf/dlStkvTfq7F0g4bOIW0PSUbnyse3NhDwdyYS1ozfUtAAySqTws3z9Eqgg==
+is-callable@^1.1.4, is-callable@^1.2.2:
+  version "1.2.2"
+  resolved "https://registry.yarnpkg.com/is-callable/-/is-callable-1.2.2.tgz#c7c6715cd22d4ddb48d3e19970223aceabb080d9"
+  integrity sha512-dnMqspv5nU3LoewK2N/y7KLtxtakvTuaCsU9FU50/QDmdbHNy/4/JuRtMHqRU22o3q+W89YQndQEeCVwK+3qrA==
 
 is-color-stop@^1.0.0:
   version "1.1.0"
@@ -4658,7 +4538,7 @@ is-plain-object@^2.0.3, is-plain-object@^2.0.4:
   dependencies:
     isobject "^3.0.1"
 
-is-regex@^1.0.4, is-regex@^1.0.5, is-regex@^1.1.0, is-regex@^1.1.1:
+is-regex@^1.0.4, is-regex@^1.1.1:
   version "1.1.1"
   resolved "https://registry.yarnpkg.com/is-regex/-/is-regex-1.1.1.tgz#c6f98aacc546f6cec5468a07b7b153ab564a57b9"
   integrity sha512-1+QkEcxiLlB7VEyFtyBg94e08OAsvq7FUBgApTq/w2ymCLyKJgDPsybBENVtA7XCQEgEXxKPonG+mvYRxh/LIg==
@@ -5171,16 +5051,16 @@ md5.js@^1.3.4:
     inherits "^2.0.1"
     safe-buffer "^5.1.2"
 
+mdn-data@2.0.12:
+  version "2.0.12"
+  resolved "https://registry.yarnpkg.com/mdn-data/-/mdn-data-2.0.12.tgz#bbb658d08b38f574bbb88f7b83703defdcc46844"
+  integrity sha512-ULbAlgzVb8IqZ0Hsxm6hHSlQl3Jckst2YEQS7fODu9ilNWy2LvcoSY7TRFIktABP2mdppBioc66va90T+NUs8Q==
+
 mdn-data@2.0.4:
   version "2.0.4"
   resolved "https://registry.yarnpkg.com/mdn-data/-/mdn-data-2.0.4.tgz#699b3c38ac6f1d728091a64650b65d388502fd5b"
   integrity sha512-iV3XNKw06j5Q7mi6h+9vbx23Tv7JkjEVgKHW4pimwyDGWm0OIQntJJ+u1C6mg6mK1EaTv42XQ7w76yuzH7M2cA==
 
-mdn-data@2.0.6:
-  version "2.0.6"
-  resolved "https://registry.yarnpkg.com/mdn-data/-/mdn-data-2.0.6.tgz#852dc60fcaa5daa2e8cf6c9189c440ed3e042978"
-  integrity sha512-rQvjv71olwNHgiTbfPZFkJtjNMciWgswYeciZhtvWLO8bmX3TnhyA62I6sTWOyZssWHJJjY6/KiWwqQsWWsqOA==
-
 media-typer@0.3.0:
   version "0.3.0"
   resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748"
@@ -5264,11 +5144,16 @@ miller-rabin@^4.0.0:
     bn.js "^4.0.0"
     brorand "^1.0.1"
 
-mime-db@1.44.0, "mime-db@>= 1.43.0 < 2":
+mime-db@1.44.0:
   version "1.44.0"
   resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.44.0.tgz#fa11c5eb0aca1334b4233cb4d52f10c5a6272f92"
   integrity sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg==
 
+"mime-db@>= 1.43.0 < 2":
+  version "1.45.0"
+  resolved "https://registry.yarnpkg.com/mime-db/-/mime-db-1.45.0.tgz#cceeda21ccd7c3a745eba2decd55d4b73e7879ea"
+  integrity sha512-CkqLUxUk15hofLoLyljJSrukZi8mAtgd+yE5uO4tqRZsdsAJKv0O+rFMhVDRJgozy+yG6md5KwuXhD4ocIoP+w==
+
 mime-types@^2.1.12, mime-types@~2.1.17, mime-types@~2.1.19, mime-types@~2.1.24:
   version "2.1.27"
   resolved "https://registry.yarnpkg.com/mime-types/-/mime-types-2.1.27.tgz#47949f98e279ea53119f5722e0f34e529bec009f"
@@ -5411,9 +5296,9 @@ mkdirp@^1.0.3, mkdirp@^1.0.4, mkdirp@~1.0.4:
   integrity sha512-vVqVZQyf3WLx2Shd0qJ9xuvqgAyKPLAiqITEtqW0oIUjzo3PePDd6fW9iFz30ef7Ysp/oiWqbhszeGWW2T6Gzw==
 
 moment@>=2.13.0, moment@^2.18.1:
-  version "2.28.0"
-  resolved "https://registry.yarnpkg.com/moment/-/moment-2.28.0.tgz#cdfe73ce01327cee6537b0fafac2e0f21a237d75"
-  integrity sha512-Z5KOjYmnHyd/ukynmFd/WwyXHd7L4J9vTI/nn5Ap9AVUgaAE15VvQ9MOGmJJygEUklupqIrFnor/tjTwRU+tQw==
+  version "2.29.1"
+  resolved "https://registry.yarnpkg.com/moment/-/moment-2.29.1.tgz#b2be769fa31940be9eeea6469c075e35006fa3d3"
+  integrity sha512-kHmoybcPV8Sqy59DwNDY3Jefr64lK/by/da0ViFcuA4DH0vQg5Q6Ze5VimxkfQNSC+Mls/Kx53s7TjP1RhFEDQ==
 
 move-concurrently@^1.0.1:
   version "1.0.1"
@@ -5461,9 +5346,9 @@ mute-stream@0.0.8:
   integrity sha512-nnbWWOkoWyUsTjKrhgD0dcz22mdkSnpYqbEjIm2nhwhuxlSkpywJmBo8h0ZqJdkp73mb90SssHkN4rsRaBAfAA==
 
 nan@^2.12.1:
-  version "2.14.1"
-  resolved "https://registry.yarnpkg.com/nan/-/nan-2.14.1.tgz#d7be34dfa3105b91494c3147089315eff8874b01"
-  integrity sha512-isWHgVjnFjh2x2yuJ/tj3JbwoHu3UC2dX5G/88Cm24yB6YopVgxvBObDY7n5xW6ExmFhJpSEQqFPvq9zaXc8Jw==
+  version "2.14.2"
+  resolved "https://registry.yarnpkg.com/nan/-/nan-2.14.2.tgz#f5376400695168f4cc694ac9393d0c9585eeea19"
+  integrity sha512-M2ufzIiINKCuDfBSAUr1vWQ+vuVcA9kqx8JJUsbQi6yf1uGRyb7HfpdfUr5qLXf3B/t8dPvcjhKMmlfnP47EzQ==
 
 nanomatch@^1.2.9:
   version "1.2.13"
@@ -5559,9 +5444,9 @@ node-libs-browser@^2.2.1:
     vm-browserify "^1.0.1"
 
 node-releases@^1.1.61:
-  version "1.1.61"
-  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.61.tgz#707b0fca9ce4e11783612ba4a2fcba09047af16e"
-  integrity sha512-DD5vebQLg8jLCOzwupn954fbIiZht05DAZs0k2u8NStSe6h9XdsuIQL8hSRKYiU8WUQRznmSDrKGbv3ObOmC7g==
+  version "1.1.64"
+  resolved "https://registry.yarnpkg.com/node-releases/-/node-releases-1.1.64.tgz#71b4ae988e9b1dd7c1ffce58dd9e561752dfebc5"
+  integrity sha512-Iec8O9166/x2HRMJyLLLWkd0sFFLrFNy+Xf+JQfSQsdBJzPcHpNl3JQ9gD4j+aJxmCa25jNsIbM4bmACtSbkSg==
 
 normalize-package-data@^2.0.0, normalize-package-data@^2.4.0:
   version "2.5.0"
@@ -5624,7 +5509,7 @@ npm-normalize-package-bin@^1.0.0, npm-normalize-package-bin@^1.0.1:
   resolved "https://registry.yarnpkg.com/npm-normalize-package-bin/-/npm-normalize-package-bin-1.0.1.tgz#6e79a41f23fd235c0623218228da7d9c23b8f6e2"
   integrity sha512-EPfafl6JL5/rU+ot6P3gRSCpPDW5VmIzX959Ob1+ySFUuuYHWHekXpwdUZcKP5C+DS4GEtdJluwBjnsNDl+fSA==
 
-npm-package-arg@8.0.1, npm-package-arg@^8.0.0:
+npm-package-arg@8.0.1:
   version "8.0.1"
   resolved "https://registry.yarnpkg.com/npm-package-arg/-/npm-package-arg-8.0.1.tgz#9d76f8d7667b2373ffda60bb801a27ef71e3e270"
   integrity sha512-/h5Fm6a/exByzFSTm7jAyHbgOqErl9qSNJDQF32Si/ZzgwT2TERVxRxn3Jurw1wflgyVVAxnFR4fRHPM7y1ClQ==
@@ -5643,6 +5528,15 @@ npm-package-arg@^6.0.0, npm-package-arg@^6.1.0:
     semver "^5.6.0"
     validate-npm-package-name "^3.0.0"
 
+npm-package-arg@^8.0.0:
+  version "8.1.0"
+  resolved "https://registry.yarnpkg.com/npm-package-arg/-/npm-package-arg-8.1.0.tgz#b5f6319418c3246a1c38e1a8fbaa06231bc5308f"
+  integrity sha512-/ep6QDxBkm9HvOhOg0heitSd7JHA1U7y1qhhlRlteYYAi9Pdb/ZV7FW5aHpkrpM8+P+4p/jjR8zCyKPBMBjSig==
+  dependencies:
+    hosted-git-info "^3.0.6"
+    semver "^7.0.0"
+    validate-npm-package-name "^3.0.0"
+
 npm-packlist@^1.1.12:
   version "1.4.8"
   resolved "https://registry.yarnpkg.com/npm-packlist/-/npm-packlist-1.4.8.tgz#56ee6cc135b9f98ad3d51c1c95da22bbb9b2ef3e"
@@ -5721,18 +5615,18 @@ object-copy@^0.1.0:
     define-property "^0.2.5"
     kind-of "^3.0.3"
 
-object-inspect@^1.7.0, object-inspect@^1.8.0:
+object-inspect@^1.8.0:
   version "1.8.0"
   resolved "https://registry.yarnpkg.com/object-inspect/-/object-inspect-1.8.0.tgz#df807e5ecf53a609cc6bfe93eac3cc7be5b3a9d0"
   integrity sha512-jLdtEOB112fORuypAyl/50VRVIBIdVQOSUUGQHzJ4xBSbit81zRarz7GThkEFZy1RceYrWYcPcBFPQwHyAc1gA==
 
-object-is@^1.0.1, object-is@^1.1.2:
-  version "1.1.2"
-  resolved "https://registry.yarnpkg.com/object-is/-/object-is-1.1.2.tgz#c5d2e87ff9e119f78b7a088441519e2eec1573b6"
-  integrity sha512-5lHCz+0uufF6wZ7CRFWJN3hp8Jqblpgve06U5CMQ3f//6iDjPr2PEo9MWCjEssDsa+UZEL4PkFpr+BMop6aKzQ==
+object-is@^1.0.1, object-is@^1.1.3:
+  version "1.1.3"
+  resolved "https://registry.yarnpkg.com/object-is/-/object-is-1.1.3.tgz#2e3b9e65560137455ee3bd62aec4d90a2ea1cc81"
+  integrity sha512-teyqLvFWzLkq5B9ki8FVWA902UER2qkxmdA4nLf+wjOLAWgxzCWZNCxpDq9MvE8MmhWNr+I8w3BN49Vx36Y6Xg==
   dependencies:
     define-properties "^1.1.3"
-    es-abstract "^1.17.5"
+    es-abstract "^1.18.0-next.1"
 
 object-keys@^1.0.12, object-keys@^1.1.1:
   version "1.1.1"
@@ -5746,7 +5640,7 @@ object-visit@^1.0.0:
   dependencies:
     isobject "^3.0.0"
 
-object.assign@^4.1.0:
+object.assign@^4.1.0, object.assign@^4.1.1:
   version "4.1.1"
   resolved "https://registry.yarnpkg.com/object.assign/-/object.assign-4.1.1.tgz#303867a666cdd41936ecdedfb1f8f3e32a478cdd"
   integrity sha512-VT/cxmx5yaoHSOTSyrCygIDFco+RsibY2NM0a4RdEeY/4KgqezwFtK1yr3U67xYhqJSlASm2pKhLVzPj2lr4bA==
@@ -6153,9 +6047,9 @@ posix-character-classes@^0.1.0:
   integrity sha1-AerA/jta9xoqbAL+q7jB/vfgDqs=
 
 postcss-calc@^7.0.1:
-  version "7.0.4"
-  resolved "https://registry.yarnpkg.com/postcss-calc/-/postcss-calc-7.0.4.tgz#5e177ddb417341e6d4a193c5d9fd8ada79094f8b"
-  integrity sha512-0I79VRAd1UTkaHzY9w83P39YGO/M3bG7/tNLrHGEunBolfoGM0hSjrGvjoeaj0JE/zIw5GsI2KZ0UwDJqv5hjw==
+  version "7.0.5"
+  resolved "https://registry.yarnpkg.com/postcss-calc/-/postcss-calc-7.0.5.tgz#f8a6e99f12e619c2ebc23cf6c486fdc15860933e"
+  integrity sha512-1tKHutbGtLtEZF6PT4JSihCHfIVldU72mZ8SdZHIYriIZ9fh9k9aWSppaT8rHsyI3dX+KSR+W+Ix9BMY3AODrg==
   dependencies:
     postcss "^7.0.27"
     postcss-selector-parser "^6.0.2"
@@ -6219,9 +6113,9 @@ postcss-import@12.0.1:
     resolve "^1.1.7"
 
 postcss-load-config@^2.0.0:
-  version "2.1.1"
-  resolved "https://registry.yarnpkg.com/postcss-load-config/-/postcss-load-config-2.1.1.tgz#0a684bb8beb05e55baf922f7ab44c3edb17cf78e"
-  integrity sha512-D2ENobdoZsW0+BHy4x1CAkXtbXtYWYRIxL/JbtRBqrRGOPtJ2zoga/bEZWhV/ShWB5saVxJMzbMdSyA/vv4tXw==
+  version "2.1.2"
+  resolved "https://registry.yarnpkg.com/postcss-load-config/-/postcss-load-config-2.1.2.tgz#c5ea504f2c4aef33c7359a34de3573772ad7502a"
+  integrity sha512-/rDeGV6vMUo3mwJZmeHfEDvwnTKKqQ0S7OHUi/kJvvtx3aWtyWG2/0ZWnzCt2keEclwN6Tf0DST2v9kITdOKYw==
   dependencies:
     cosmiconfig "^5.0.0"
     import-cwd "^2.0.0"
@@ -6451,13 +6345,14 @@ postcss-selector-parser@^3.0.0:
     uniq "^1.0.1"
 
 postcss-selector-parser@^6.0.0, postcss-selector-parser@^6.0.2:
-  version "6.0.2"
-  resolved "https://registry.yarnpkg.com/postcss-selector-parser/-/postcss-selector-parser-6.0.2.tgz#934cf799d016c83411859e09dcecade01286ec5c"
-  integrity sha512-36P2QR59jDTOAiIkqEprfJDsoNrvwFei3eCqKd1Y0tUsBimsq39BLp7RD+JWny3WgB1zGhJX8XVePwm9k4wdBg==
+  version "6.0.4"
+  resolved "https://registry.yarnpkg.com/postcss-selector-parser/-/postcss-selector-parser-6.0.4.tgz#56075a1380a04604c38b063ea7767a129af5c2b3"
+  integrity sha512-gjMeXBempyInaBqpp8gODmwZ52WaYsVOsfr4L4lDQ7n3ncD6mEyySiDtgzCT+NYC0mmeOLvtsF8iaEf0YT6dBw==
   dependencies:
     cssesc "^3.0.0"
     indexes-of "^1.0.1"
     uniq "^1.0.1"
+    util-deprecate "^1.0.2"
 
 postcss-svgo@^4.0.2:
   version "4.0.2"
@@ -6507,9 +6402,9 @@ postcss@7.0.32:
     supports-color "^6.1.0"
 
 postcss@^7.0.0, postcss@^7.0.1, postcss@^7.0.14, postcss@^7.0.27, postcss@^7.0.32, postcss@^7.0.5, postcss@^7.0.6:
-  version "7.0.34"
-  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.34.tgz#f2baf57c36010df7de4009940f21532c16d65c20"
-  integrity sha512-H/7V2VeNScX9KE83GDrDZNiGT1m2H+UTnlinIzhjlLX9hfMUn1mHNnGeX81a1c8JSBdBvqk7c2ZOG6ZPn5itGw==
+  version "7.0.35"
+  resolved "https://registry.yarnpkg.com/postcss/-/postcss-7.0.35.tgz#d2be00b998f7f211d8a276974079f2e92b970e24"
+  integrity sha512-3QT8bBJeX/S5zKTTjTCIjRF3If4avAT6kqxcASlTWEtAFCb9NH0OUxNDfgZSWdP5fJnBYCMEWkIFfWeugjzYMg==
   dependencies:
     chalk "^2.4.2"
     source-map "^0.6.1"
@@ -6544,9 +6439,9 @@ promise-retry@^1.1.1:
     retry "^0.10.0"
 
 propagating-hammerjs@^1.4.6:
-  version "1.4.7"
-  resolved "https://registry.yarnpkg.com/propagating-hammerjs/-/propagating-hammerjs-1.4.7.tgz#671ab1791a7f88b9dccce8fd8b14a9655950e7d6"
-  integrity sha512-oW9Wd+W2Tp5uOz6Fh4mEU7p+FoyU85smLH/mPga83Loh0pHa6AH4ZHGywvwMk3TWP31l7iUsvJyW265p4Ipwrg==
+  version "1.5.0"
+  resolved "https://registry.yarnpkg.com/propagating-hammerjs/-/propagating-hammerjs-1.5.0.tgz#223d58465489b64879fb0cef2c99ba92b294c239"
+  integrity sha512-3PUXWmomwutoZfydC+lJwK1bKCh6sK6jZGB31RUX6+4EXzsbkDZrK4/sVR7gBrvJaEIwpTVyxQUAd29FKkmVdw==
   dependencies:
     hammerjs "^2.0.8"
 
@@ -6770,10 +6665,10 @@ readdirp@^2.2.1:
     micromatch "^3.1.10"
     readable-stream "^2.0.2"
 
-readdirp@~3.4.0:
-  version "3.4.0"
-  resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-3.4.0.tgz#9fdccdf9e9155805449221ac645e8303ab5b9ada"
-  integrity sha512-0xe001vZBnJEK+uKcj8qOhyAKPzIT+gStxWr3LCB0DwcXR5NZJ3IaC+yGnHCYzB/S7ov3m3EEbZI2zeNvX+hGQ==
+readdirp@~3.5.0:
+  version "3.5.0"
+  resolved "https://registry.yarnpkg.com/readdirp/-/readdirp-3.5.0.tgz#9ba74c019b15d365278d2e91bb8c48d7b4d42c9e"
+  integrity sha512-cMhu7c/8rdhkHXWsY+osBhfSy0JikwpHK/5+imo+LpeasTF8ouErHrlYkwT0++njiyuDvc7OFY5T3ukvZ8qmFQ==
   dependencies:
     picomatch "^2.2.1"
 
@@ -6827,7 +6722,7 @@ regexp.prototype.flags@^1.2.0, regexp.prototype.flags@^1.3.0:
     define-properties "^1.1.3"
     es-abstract "^1.17.0-next.1"
 
-regexpu-core@^4.7.0, regexpu-core@^4.7.1:
+regexpu-core@^4.7.1:
   version "4.7.1"
   resolved "https://registry.yarnpkg.com/regexpu-core/-/regexpu-core-4.7.1.tgz#2dea5a9a07233298fbf0db91fa9abc4c6e0f8ad6"
   integrity sha512-ywH2VUraA44DZQuRKzARmw6S66mr48pQVva4LBeRhcOltJ6hExvWly5ZjFLYo67xbIxb6W1q4bAGtgfEl20zfQ==
@@ -6940,14 +6835,7 @@ resolve-url@^0.2.1:
   resolved "https://registry.yarnpkg.com/resolve-url/-/resolve-url-0.2.1.tgz#2c637fe77c893afd2a663fe21aa9080068e2052a"
   integrity sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=
 
-resolve@^1.1.7, resolve@^1.10.0, resolve@^1.3.2:
-  version "1.17.0"
-  resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.17.0.tgz#b25941b54968231cc2d1bb76a79cb7f2c0bf8444"
-  integrity sha512-ic+7JYiV8Vi2yzQGFWOkiZD5Z9z7O2Zhm9XMaTxdJExKasieFCr+yXZ/WmXsckHiKl12ar0y6XiXDx3m4RHn1w==
-  dependencies:
-    path-parse "^1.0.6"
-
-resolve@^1.8.1:
+resolve@^1.1.7, resolve@^1.10.0, resolve@^1.3.2, resolve@^1.8.1:
   version "1.18.1"
   resolved "https://registry.yarnpkg.com/resolve/-/resolve-1.18.1.tgz#018fcb2c5b207d2a6424aee361c5a266da8f4130"
   integrity sha512-lDfCPaMKfOJXjy0dPayzPdF1phampNWr3qFCjAu+rw/qbQmr5jWH5xN2hwh9QKfw9E5v4hwV7A+jrCmL8yjjqA==
@@ -7041,9 +6929,9 @@ run-async@^2.4.0:
   integrity sha512-tvVnVv01b8c1RrA6Ep7JkStj85Guv/YrMcwqYQnwjsAS2cTmmPGBBjAjpCW7RrSodNSoE2/qg9O4bceNvUuDgQ==
 
 run-parallel@^1.1.9:
-  version "1.1.9"
-  resolved "https://registry.yarnpkg.com/run-parallel/-/run-parallel-1.1.9.tgz#c9dd3a7cf9f4b2c4b6244e173a6ed866e61dd679"
-  integrity sha512-DEqnSRTDw/Tc3FXf49zedI638Z9onwUotBMiUFKmrO2sdFKIbXamXGQ3Axd4qgphxKB4kw/qP1w5kTxnfU1B9Q==
+  version "1.1.10"
+  resolved "https://registry.yarnpkg.com/run-parallel/-/run-parallel-1.1.10.tgz#60a51b2ae836636c81377df16cb107351bcd13ef"
+  integrity sha512-zb/1OuZ6flOlH6tQyMPUrE3x3Ulxjlo9WIVXR4yVYi4H9UXQaeIsPbLn2R3O3vQCnDKkAl2qHiuocKKX4Tz/Sw==
 
 run-queue@^1.0.0, run-queue@^1.0.3:
   version "1.0.3"
@@ -7274,7 +7162,7 @@ shebang-regex@^1.0.0:
   resolved "https://registry.yarnpkg.com/shebang-regex/-/shebang-regex-1.0.0.tgz#da42f49740c0b42db2ca9728571cb190c98efea3"
   integrity sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=
 
-side-channel@^1.0.2:
+side-channel@^1.0.3:
   version "1.0.3"
   resolved "https://registry.yarnpkg.com/side-channel/-/side-channel-1.0.3.tgz#cdc46b057550bbab63706210838df5d4c19519c3"
   integrity sha512-A6+ByhlLkksFoUepsGxfj5x1gTSrs+OydsRptUxeNCabQpCFUvcwIczgOigI8vhY/OJCnPnyE9rGiwgvr9cS1g==
@@ -7614,20 +7502,20 @@ string-width@^4.1.0, string-width@^4.2.0:
     strip-ansi "^6.0.0"
 
 string.prototype.trimend@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/string.prototype.trimend/-/string.prototype.trimend-1.0.1.tgz#85812a6b847ac002270f5808146064c995fb6913"
-  integrity sha512-LRPxFUaTtpqYsTeNKaFOw3R4bxIzWOnbQ837QfBylo8jIxtcbK/A/sMV7Q+OAV/vWo+7s25pOE10KYSjaSO06g==
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/string.prototype.trimend/-/string.prototype.trimend-1.0.2.tgz#6ddd9a8796bc714b489a3ae22246a208f37bfa46"
+  integrity sha512-8oAG/hi14Z4nOVP0z6mdiVZ/wqjDtWSLygMigTzAb+7aPEDTleeFf+WrF+alzecxIRkckkJVn+dTlwzJXORATw==
   dependencies:
     define-properties "^1.1.3"
-    es-abstract "^1.17.5"
+    es-abstract "^1.18.0-next.1"
 
 string.prototype.trimstart@^1.0.1:
-  version "1.0.1"
-  resolved "https://registry.yarnpkg.com/string.prototype.trimstart/-/string.prototype.trimstart-1.0.1.tgz#14af6d9f34b053f7cfc89b72f8f2ee14b9039a54"
-  integrity sha512-XxZn+QpvrBI1FOcg6dIpxUPgWCPuNXvMD72aaRaUQv1eD4e/Qy8i/hFTe0BUmD60p/QA6bh1avmuPTfNjqVWRw==
+  version "1.0.2"
+  resolved "https://registry.yarnpkg.com/string.prototype.trimstart/-/string.prototype.trimstart-1.0.2.tgz#22d45da81015309cd0cdd79787e8919fc5c613e7"
+  integrity sha512-7F6CdBTl5zyu30BJFdzSTlSlLPwODC23Od+iLoVH8X6+3fvDPPuBVVj9iaB1GOsSTSIgVfsfm27R2FGrAPznWg==
   dependencies:
     define-properties "^1.1.3"
-    es-abstract "^1.17.5"
+    es-abstract "^1.18.0-next.1"
 
 string_decoder@^1.0.0, string_decoder@^1.1.1:
   version "1.3.0"
@@ -7865,9 +7753,9 @@ thunky@^1.0.2:
   integrity sha512-eHY7nBftgThBqOyHGVN+l8gF0BucP09fMo0oO/Lb0w1OF80dJv+lDVpXG60WMQvkcxAkNybKsrEIE3ZtKGmPrA==
 
 timers-browserify@^2.0.4:
-  version "2.0.11"
-  resolved "https://registry.yarnpkg.com/timers-browserify/-/timers-browserify-2.0.11.tgz#800b1f3eee272e5bc53ee465a04d0e804c31211f"
-  integrity sha512-60aV6sgJ5YEbzUdn9c8kYGIqOubPoUdqQCul3SBAsRCZ40s6Y5cMcrW4dt3/k/EsbLVJNl9n6Vz3fTc+k2GeKQ==
+  version "2.0.12"
+  resolved "https://registry.yarnpkg.com/timers-browserify/-/timers-browserify-2.0.12.tgz#44a45c11fbf407f34f97bccd1577c652361b00ee"
+  integrity sha512-9phl76Cqm6FhSX9Xe1ZUAMLtm1BLkKj2Qd5ApyWkXzsMRaA7dgr81kf4wJmQf/hAvg8EEyJxDo3du/0KlhPiKQ==
   dependencies:
     setimmediate "^1.0.4"
 
@@ -7998,12 +7886,7 @@ tslib@2.0.1:
   resolved "https://registry.yarnpkg.com/tslib/-/tslib-2.0.1.tgz#410eb0d113e5b6356490eec749603725b021b43e"
   integrity sha512-SgIkNheinmEBgx1IUNirK0TUD4X9yjjBRTqqjggWCU3pUEqIk3/Uwl3yRixYKT6WjQuGiwDv4NomL3wqRCj+CQ==
 
-tslib@^1.10.0, tslib@^1.8.1, tslib@^1.9.0:
-  version "1.13.0"
-  resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.13.0.tgz#c881e13cc7015894ed914862d276436fa9a47043"
-  integrity sha512-i/6DQjL8Xf3be4K/E6Wgpekn5Qasl1usyw++dAA35Ue5orEn65VIxOA+YvNNl9HV3qv70T7CNwjODHZrLwvd1Q==
-
-tslib@^1.13.0:
+tslib@^1.10.0, tslib@^1.13.0, tslib@^1.8.1, tslib@^1.9.0:
   version "1.14.1"
   resolved "https://registry.yarnpkg.com/tslib/-/tslib-1.14.1.tgz#cf2d38bdc34a134bcaf1091c41f6619e2f672d00"
   integrity sha512-Xni35NKzjgMrwevysHTCArtLDpPvye8zV/0E4EyYn43P7/7qvQwPh9BGkHewbMulVntbigmcT7rdX3BNo9wRJg==
@@ -8221,7 +8104,7 @@ use@^3.1.0:
   resolved "https://registry.yarnpkg.com/use/-/use-3.1.1.tgz#d50c8cac79a19fbc20f2911f56eb973f4e10070f"
   integrity sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ==
 
-util-deprecate@^1.0.1, util-deprecate@~1.0.1:
+util-deprecate@^1.0.1, util-deprecate@^1.0.2, util-deprecate@~1.0.1:
   version "1.0.2"
   resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
   integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=

From 639ce83561cc6fbfcb6e03b665654bee3ade288f Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 23 Oct 2020 14:55:52 +0200
Subject: [PATCH 171/237] Camel IDS message processors and demo route

---
 .../idscp2/client/Idscp2ClientConsumer.kt     | 15 +++---
 .../idscp2/client/Idscp2ClientProducer.kt     | 11 ++--
 .../ArtifactRequestCreationProcessor.kt       |  2 +-
 .../ContractRequestCreationProcessor.kt       | 52 ++++++++++++++++++
 .../ContractResponseCreationProcessor.kt      | 53 ++++++++++++++++++
 .../processors/IdsHeaderMessageProcessor.kt   | 30 +++++++++++
 .../idscp2/server/Idscp2ServerConsumer.kt     | 15 +++---
 .../idscp2/server/Idscp2ServerProducer.kt     | 11 ++--
 examples/route-examples/demo-route.xml        | 54 +++++++++++++++++++
 9 files changed, 220 insertions(+), 23 deletions(-)
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseCreationProcessor.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsHeaderMessageProcessor.kt
 create mode 100644 examples/route-examples/demo-route.xml

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index 33e357e61..e682cd4bc 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -64,15 +64,18 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
         try {
             createUoW(exchange)
             // Set relevant information
-            exchange.getIn().setHeader(IDSCP2_HEADER, header)
-            exchange.getIn().setBody(payload, ByteArray::class.java)
+            exchange.message.let {
+                it.setHeader(IDSCP2_HEADER, header)
+                it.setBody(payload, ByteArray::class.java)
+            }
             // Do processing
             processor.process(exchange)
             // Handle response
-            val response = exchange.message
-            val responseHeader = response.getHeader(IDSCP2_HEADER, String::class.java)
-            if (response.body != null || responseHeader != null) {
-                connection.sendGenericMessage(responseHeader, response.getBody(ByteArray::class.java))
+            exchange.message.let {
+                val responseHeader = it.getHeader(IDSCP2_HEADER, String::class.java)
+                if (it.body != null || responseHeader != null) {
+                    connection.sendGenericMessage(responseHeader, it.getBody(ByteArray::class.java))
+                }
             }
         } finally {
             doneUoW(exchange)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
index 20b1312a5..3132edbdd 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -31,11 +31,12 @@ class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : Default
     private lateinit var connectionFuture: CompletableFuture<AppLayerConnection>
 
     override fun process(exchange: Exchange) {
-        val message = exchange.getIn()
-        val type = message.getHeader(IDSCP2_HEADER, String::class.java)
-        val body = message.getBody(ByteArray::class.java)
-        if (type != null || body != null) {
-            connectionFuture.get().sendGenericMessage(type, body)
+        exchange.message.let {
+            val type = it.getHeader(IDSCP2_HEADER, String::class.java)
+            val body = it.getBody(ByteArray::class.java)
+            if (type != null || body != null) {
+                connectionFuture.get().sendGenericMessage(type, body)
+            }
         }
     }
 
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
index 2dca0dca0..d64dfa1bb 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
@@ -25,7 +25,7 @@ class ArtifactRequestCreationProcessor : Processor {
         if (LOG.isDebugEnabled) {
             LOG.debug("ArtifactRequestMessage serialization: {}", requestMessageSerialization)
         }
-        exchange.`in`.setHeader(IDSCP2_HEADER, requestMessageSerialization)
+        exchange.message.setHeader(IDSCP2_HEADER, requestMessageSerialization)
     }
 
     companion object {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt
new file mode 100644
index 000000000..79d9f15f7
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt
@@ -0,0 +1,52 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
+import de.fhg.aisec.ids.camel.idscp2.processors.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.*
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+import java.net.URI
+
+class ContractRequestCreationProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        val requestMessageBuilder = ContractRequestBuilder()
+        Idscp2OsgiComponent.infoModelManager.initMessageBuilder(requestMessageBuilder)
+        val artifactUri = exchange.getProperty(ARTIFACT_URI_PROPERTY).let {
+            if (it is URI) {
+                it
+            } else {
+                URI.create(it.toString())
+            }
+        }
+        val requestMessageSerialization = SERIALIZER.serialize(requestMessageBuilder.build())
+        if (LOG.isDebugEnabled) {
+            LOG.debug("ContractRequestMessage serialization: {}", requestMessageSerialization)
+        }
+        exchange.message.setHeader(IDSCP2_HEADER, requestMessageSerialization)
+        val contractOffer = ContractOfferBuilder()
+                ._permission_(ArrayList<Permission>().also { pl ->
+                    pl += PermissionBuilder()
+                            ._target_(artifactUri)
+                            ._constraint_(ArrayList<Constraint>().also { cl ->
+                                cl += ConstraintBuilder()
+                                        ._leftOperand_(LeftOperand.SYSTEM)
+                                        ._operator_(BinaryOperator.SAME_AS)
+                                        ._rightOperandReference_(URI.create(""))
+                                        .build()
+                            })
+                            .build()
+                })
+                .build()
+        exchange.message.body = SERIALIZER.serialize(contractOffer)
+    }
+
+    companion object {
+        const val ARTIFACT_URI_PROPERTY = "artifactUri"
+
+        private val LOG = LoggerFactory.getLogger(ContractRequestCreationProcessor::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseCreationProcessor.kt
new file mode 100644
index 000000000..d56231221
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseCreationProcessor.kt
@@ -0,0 +1,53 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
+import de.fhg.aisec.ids.camel.idscp2.processors.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.*
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+import java.net.URI
+
+class ContractResponseCreationProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        val responseMessageBuilder = ContractResponseMessageBuilder()
+        Idscp2OsgiComponent.infoModelManager.initMessageBuilder(responseMessageBuilder)
+        val requestMessageSerialization = SERIALIZER.serialize(responseMessageBuilder.build())
+        if (LOG.isDebugEnabled) {
+            LOG.debug("ContractRequestMessage serialization: {}", requestMessageSerialization)
+        }
+        exchange.message.setHeader(IDSCP2_HEADER, requestMessageSerialization)
+        // TODO: This property must be obtained from the ContractRequestMessage
+        val artifactUri = exchange.getProperty(ARTIFACT_URI_PROPERTY).let {
+            if (it is URI) {
+                it
+            } else {
+                URI.create(it.toString())
+            }
+        }
+        val contractOffer = ContractOfferBuilder()
+                ._permission_(ArrayList<Permission>().also { pl ->
+                    pl += PermissionBuilder()
+                            ._target_(artifactUri)
+                            ._constraint_(ArrayList<Constraint>().also { cl ->
+                                cl += ConstraintBuilder()
+                                        ._leftOperand_(LeftOperand.SYSTEM)
+                                        ._operator_(BinaryOperator.SAME_AS)
+                                        ._rightOperandReference_(URI.create(""))
+                                        .build()
+                            })
+                            .build()
+                })
+                .build()
+        exchange.message.body = SERIALIZER.serialize(contractOffer)
+    }
+
+    companion object {
+        const val ARTIFACT_URI_PROPERTY = "artifactUri"
+
+        private val LOG = LoggerFactory.getLogger(ContractResponseCreationProcessor::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsHeaderMessageProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsHeaderMessageProcessor.kt
new file mode 100644
index 000000000..132630cd0
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsHeaderMessageProcessor.kt
@@ -0,0 +1,30 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDS_TYPE
+import de.fhg.aisec.ids.camel.idscp2.processors.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.ArtifactRequestMessage
+import de.fraunhofer.iais.eis.Message
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+
+class IdsHeaderMessageProcessor : Processor {
+    override fun process(exchange: Exchange) {
+        val header = exchange.message.getHeader(IDSCP2_HEADER).toString()
+        val headerMessage = SERIALIZER.deserialize(header, Message::class.java)
+        exchange.setProperty(IDSCP2_HEADER, headerMessage)
+        val messageType = when (headerMessage) {
+            is ArtifactRequestMessage -> ArtifactRequestMessage::class.simpleName
+            else -> headerMessage::class.simpleName
+        }
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Detected ids-type: {}", messageType)
+        }
+        exchange.setProperty(IDS_TYPE, messageType)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(ArtifactRequestCreationProcessor::class.java)
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
index 927756e09..42028d08a 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
@@ -46,15 +46,18 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
         try {
             createUoW(exchange)
             // Set relevant information
-            exchange.getIn().setHeader(IDSCP2_HEADER, header)
-            exchange.getIn().setBody(payload, ByteArray::class.java)
+            exchange.message.let {
+                it.setHeader(IDSCP2_HEADER, header)
+                it.setBody(payload, ByteArray::class.java)
+            }
             // Do processing
             processor.process(exchange)
             // Handle response
-            val response = exchange.message
-            val responseHeader = response.getHeader(IDSCP2_HEADER, String::class.java)
-            if (response.body != null || responseHeader != null) {
-                connection.sendGenericMessage(responseHeader, response.getBody(ByteArray::class.java))
+            exchange.message.let {
+                val responseHeader = it.getHeader(IDSCP2_HEADER, String::class.java)
+                if (it.body != null || responseHeader != null) {
+                    connection.sendGenericMessage(responseHeader, it.getBody(ByteArray::class.java))
+                }
             }
         } catch (e: Exception) {
             LOG.error("Error in Idscp2ServerConsumer.onMessage()", e)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
index 4c50944c9..f04de4fca 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
@@ -27,11 +27,12 @@ import org.apache.camel.support.DefaultProducer
 class Idscp2ServerProducer(private val endpoint: Idscp2ServerEndpoint) : DefaultProducer(endpoint) {
 
     override fun process(exchange: Exchange) {
-        val message = exchange.getIn()
-        val type = message.getHeader(IDSCP2_HEADER, String::class.java)
-        val body = message.getBody(ByteArray::class.java)
-        if (type != null || body != null) {
-            endpoint.sendMessage(type, body)
+        exchange.message.let {
+            val type = it.getHeader(IDSCP2_HEADER, String::class.java)
+            val body = it.getBody(ByteArray::class.java)
+            if (type != null || body != null) {
+                endpoint.sendMessage(type, body)
+            }
         }
     }
 
diff --git a/examples/route-examples/demo-route.xml b/examples/route-examples/demo-route.xml
new file mode 100644
index 000000000..88f61636b
--- /dev/null
+++ b/examples/route-examples/demo-route.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+		   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+		   xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+	<camel:sslContextParameters id="sslContext" certAlias="1.0.1">
+		<camel:keyManagers keyPassword="password">
+			<camel:keyStore resource="etc/idscp2/aisecconnector1-keystore.p12" password="password"/>
+		</camel:keyManagers>
+		<camel:trustManagers>
+			<camel:keyStore resource="etc/idscp2/client-truststore_new.p12" password="password"/>
+		</camel:trustManagers>
+	</camel:sslContextParameters>
+
+	<bean id="reqCreator" class="de.fhg.aisec.ids.camel.idscp2.processors.ArtifactRequestCreationProcessor" />
+	<bean id="headerProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.IdsHeaderMessageProcessor" />
+
+	<!-- Routes -->
+	<camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+		<route id="server">
+			<from uri="idscp2server://0.0.0.0:29292?sslContextParameters=#sslContext"/>
+			<process ref="headerProcessor"/>
+			<choice>
+				<when>
+					<simple>${exchangeProperty.ids-type} == 'ArtifactRequestMessage'</simple>
+					<log message="### Handle ArtifactRequestMessage ###"/>
+				</when>
+				<otherwise>
+					<log message="Server received (otherwise branch):\n${body}\n(Header: ${headers[idscp2-header]})"/>
+					<removeHeader headerName="idscp2-header" />
+				</otherwise>
+			</choice>
+		</route>
+
+		<route id="client">
+			<from uri="timer://foo?fixedRate=true&amp;period=10000" />
+			<setProperty name="artifactUri">
+				<constant>https://example.com/testArtifact</constant>
+			</setProperty>
+			<process ref="reqCreator" />
+			<to uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#sslContext"/>
+		</route>
+
+		<route id="clientReceiver">
+			<from uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#sslContext"/>
+			<log message="Server received (otherwise branch):\n${body}\n(Header: ${headers[idscp2-header]})"/>
+		</route>
+
+	</camelContext>
+
+</blueprint>

From c520b0336da2263ff6235058eeb4c40201080eb1 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 2 Nov 2020 14:13:13 +0100
Subject: [PATCH 172/237] Added dedicated YAML files and fixed
 consumer/provider naming for IDSCP2 broadcast example

---
 .../docker-compose-broadcast-client.yaml      | 43 +++++++++++++++++++
 .../docker-compose-broadcast-server.yaml      | 41 ++++++++++++++++++
 .../example-idscp2-client-broadcast.xml       |  4 +-
 .../example-idscp2-server-broadcast.xml       |  2 +-
 4 files changed, 87 insertions(+), 3 deletions(-)
 create mode 100644 examples/example-idscp2/docker-compose-broadcast-client.yaml
 create mode 100644 examples/example-idscp2/docker-compose-broadcast-server.yaml

diff --git a/examples/example-idscp2/docker-compose-broadcast-client.yaml b/examples/example-idscp2/docker-compose-broadcast-client.yaml
new file mode 100644
index 000000000..4480c10e6
--- /dev/null
+++ b/examples/example-idscp2/docker-compose-broadcast-client.yaml
@@ -0,0 +1,43 @@
+version: '3'
+services:
+
+  # TPM simulator
+  ids-tpmsim-consumer:
+    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
+    volumes:
+      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
+      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
+    networks:
+      - consumer-internal
+
+  # The core platform, mounts docker control socket and route definition into the image
+  consumer-core:
+    image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
+    tty: true
+    stdin_open: true
+    volumes:
+      - ../log/:/root/log/
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ./system.properties:/root/etc/system.properties
+      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
+      - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
+      - ../cert-stores/truststore.p12:/root/etc/truststore.p12
+      - ./example-idscp2-client-broadcast.xml:/root/deploy/example-idscp2-client.xml
+    environment:
+      - TPM_HOST=ids-tpmsim-consumer
+    # Enable this port mappings for debugging or UI access from localhost
+#    ports:
+#      - "5005:5005"
+#      - "8181:8181"
+#      - "8443:8443"
+    # Enable this port mapping (along with "ports:" above) to allow access to IDSCP from outside the ids-wide network
+#      - "9292:9292"
+    networks:
+      - ids-wide
+      - consumer-internal
+
+networks:
+  ids-wide:
+    driver: bridge
+  consumer-internal:
+    driver: bridge
diff --git a/examples/example-idscp2/docker-compose-broadcast-server.yaml b/examples/example-idscp2/docker-compose-broadcast-server.yaml
new file mode 100644
index 000000000..ec2e20f15
--- /dev/null
+++ b/examples/example-idscp2/docker-compose-broadcast-server.yaml
@@ -0,0 +1,41 @@
+version: '3'
+services:
+
+  # TPM simulator
+  ids-tpmsim-provider:
+    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
+    volumes:
+      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
+      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
+    networks:
+      - provider-internal
+
+  # The core platform, mounts docker control socket and route definition into the image
+  provider-core:
+    image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
+    tty: true
+    stdin_open: true
+    volumes:
+      - ../log/:/root/log/
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ./system.properties:/root/etc/system.properties
+      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
+      - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
+      - ../cert-stores/truststore.p12:/root/etc/truststore.p12
+      - ./example-idscp2-server-broadcast.xml:/root/deploy/example-idscp2-server.xml
+    environment:
+      - TPM_HOST=ids-tpmsim-provider
+    # Enable this lines for debugging or UI access from localhost
+#    ports:
+#      - "5005:5005"
+#      - "8181:8181"
+#      - "8443:8443"
+    networks:
+      - ids-wide
+      - provider-internal
+
+networks:
+  ids-wide:
+    driver: bridge
+  provider-internal:
+    driver: bridge
diff --git a/examples/example-idscp2/example-idscp2-client-broadcast.xml b/examples/example-idscp2/example-idscp2-client-broadcast.xml
index 1924e2d80..b080f3821 100644
--- a/examples/example-idscp2/example-idscp2-client-broadcast.xml
+++ b/examples/example-idscp2/example-idscp2-client-broadcast.xml
@@ -7,7 +7,7 @@
 
     <camel:sslContextParameters id="clientSslContext" certAlias="1.0.1">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/provider-keystore.p12" password="password"/>
+            <camel:keyStore resource="etc/consumer-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
             <camel:keyStore resource="etc/truststore.p12" password="password"/>
@@ -17,7 +17,7 @@
     <camelContext xmlns="http://camel.apache.org/schema/blueprint">
 
         <route id="idscp2ReceiverClient">
-            <from uri="idscp2client://consumer-core:29292?sslContextParameters=#clientSslContext"/>
+            <from uri="idscp2client://provider-core:29292?sslContextParameters=#clientSslContext"/>
             <log message="Client received: ${body} (Header: ${headers[idscp2-header]})"/>
             <!-- Prevents the client consumer from sending the message back to the server -->
             <removeHeader headerName="idscp2-header"/>
diff --git a/examples/example-idscp2/example-idscp2-server-broadcast.xml b/examples/example-idscp2/example-idscp2-server-broadcast.xml
index 43600ee43..097ddf003 100644
--- a/examples/example-idscp2/example-idscp2-server-broadcast.xml
+++ b/examples/example-idscp2/example-idscp2-server-broadcast.xml
@@ -7,7 +7,7 @@
 
     <camel:sslContextParameters id="serverSslContext" certAlias="1.0.1">
         <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/consumer-keystore.p12" password="password"/>
+            <camel:keyStore resource="etc/provider-keystore.p12" password="password"/>
         </camel:keyManagers>
         <camel:trustManagers>
             <camel:keyStore resource="etc/truststore.p12" password="password"/>

From 8057559837be35f2d289397f0140e95f10107ef1 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 2 Nov 2020 14:14:24 +0100
Subject: [PATCH 173/237] Updated develop example ZIP

---
 .../trusted-connector-examples_develop.zip    | Bin 53757 -> 55348 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/examples/trusted-connector-examples_develop.zip b/examples/trusted-connector-examples_develop.zip
index 583c9400f56d84c65d35c8c8b49a4e179cdd4cd5..4a1a8aaf424f6ce3155bf464b13e5ea5ce467d26 100644
GIT binary patch
delta 2395
zcmZXWdpy(oAIE2!X$Lu&aNLiD$r7raT)If^m)ymep_$BWDz<6*>Eh0Ob#aO)DR<`5
zMa+<x3?q|{Rx3ngMABS->ilue<M;dg_kMid@Av2Zcs-u4_v5pESG=KCyw)^9%mi4Y
zXwh)7Q9&WWL8Lgt;0Qu!WE?6Xh!}CnWB&AOBiZ#rrXU(Rj%^ajpX{)_*c5T;DtwI9
z3bAh0xx)x?#@`Q`rSW^5-R?Uy?_tb4&reU6+*j0BnunpyEmR>TBVkg{!nQ?&vRBT@
zI==LIR;Uxq&WXj?Az!|^RC*MtV|dBFk5-qYT-If{CS{kObZ~x3QR6&+O@%*BW9FM@
zF%=1^h9?6zr*o<v9+fBm`Dk(!^%4oPG|}%X(i~L0n%tJQ_d>p|P<qZ@{HrT4aPab{
zy*@R!sU6s(VMdkt?%j;WqGh}r(o5L@8K8SG#VUYI9<z4{s-GH0ACF~MH#Z#Cr~P`=
z5O*waSsBSk%ebb=mZStPDjt;zb*SDZmnezgWSH!pgBCBfwGTJC#Xn59o>^&jbi(d_
zPe%`Pv(y&@c=_HCNttH7Xu@BeypIw+-q4}O{_hC^A3j)|W4?BKgJhS*BrxCYj%*mc
zPSxt|us`PQ>%>6S(XWzmA?r~@TEB8vkN0~=`5j3MHWePfAS>!r+HojpuA0<p(?gd>
zGj6_#RO6yoezf$;)0>vp#@n%<zEzfw;gDy!%XZ~e^z@s~Jr!;hZLdh7JX6HTNX=Jq
zK|_`T=5%+nee9n5h>aUm(Sq<>Xg1!aWhnC2pC|Ji@ZjM>C8Q^>tIrBgW60g_qoTBI
zg<ll&uAMt#|DhtxD0HW#@S~=ib*+D1a^G0b>fm6)uUA5Ho}ydPC_yb?Zf0gE$XT;d
zpn8n-;tBC$c1#>Ne8z80VXmffxi`}`HL6CV`ZJ{w*NC;B9Y>7&bYbT{U&!kPdI4>j
zp5MOmv3$yo%Mbe23X9cshS;R-?#2_<tOFlgzHES99iWm)@L{{NU=Zjw1Sp29{vW8M
z(Acw~u|Gjg^l*xLZ6wt)<t^Kj6mY6p!@yN?RBJSi*p>$OfzB%G$pNsdh~zut5*-^N
zy{Ws-QzOt<+N<h4x`S$Nv3vE<kJ0%$B^+hPaAUC>tnoQ%9q)$$B%M0+O;}|3Ubyr#
zj;{{lRLn3rlLqrDc^$3cZ99fAeYxMOMMPSsoF|Fa$uS2u@4(X4zK^cW(J@QJ0{Nqx
zFR-6AmUoF+?j>{-1%;c>fKvCpSMZ{1HpTg?L|?poala9@Fgbftt4RuVPjM*gaT4P%
zcmu_-@)U-#YneM>1zrp;xnf0t%u-PP*pi}k=X;cGH2LktbX-a6cZ=aV>052~TDAfy
z$3ZK$A3@(ovup=Tz=k~6J|r2sO|dk<{+)$R?{HLwBN5jirvz4^2mg}baAq<S%nD*U
zL|}Y6B|6%^39#f<s=s&n9i_*c=8wvq-K~ianxwBkKC$l<byo%Vcv`gsq5cR?H@~T~
zdy>Ydbt_N4b@{@T-I27~@v&X9Jfc>;ol#|bN2YY9Xihwm?EdOj!H%%w>oxS{#q2s&
zGl{DAK=p6gmofkXC*3?Q_q5#!zq|6+T^jj=J`vQvGQ?wjT+)h33RZ>>H&+`%EENN3
zYfnXJ<9cAO1OshZ(!0(<2vOLXE4=~+rUrxaNsc(5C{Fx9(?q46QQti`A1vtE?QTl<
zL3KymCXo}!<g!I$HKiI(HOC_$D?`K5|G`to!2Cx4uXhzhBSPsDqHl)D2wj-IPj3D5
zp$41mu66Mru+>j^GR?MNlllo8Afjjk0lm`o!3jwcv{-_v7i2VNEna9d5vE$p=x4j+
z2@CTI9q|TniStBjOCj@~za8&M^_k5G%ghzQ%_l7!=~P`tY3y5kxpCgaH#1w;r6YXN
z_Q0$UHTxhHmEnWS>aJYwpPB41)!dov=Ni)mn4#OPb5%0TZu(8Q0f>GuSE5mBrosE_
zv)RwTgc2B27L*nEwh1$Un4}ic+(}K4{4NwNCLM?R!B#tOE$rXsupSf?&x$NI`t3nz
z-O0`a<xhy7cPn&Zti;kZPF14~JXB_=c_(IK)$(26y7{dYf&6FuSS0Ka25!9Tx%Ca1
z4Y408)MEN7e&14|?WYR$+b@`k(^6l5hS(34H%rEh!YiEUIkHe*KG9IlZ1ItXLBnQ2
z*-)vI`^Q}W-24TTd1^fRjlv&(7p#a*?Ub17CPwU2V=v@4h~NJp_dmbOiN3a{IBqQd
z_=1FdtFTp7vM!(|IGv>CcVH(AG2>dNttw_VE4-M)k~ouG+X|Z!jYqmrY0PG)mtdGO
zAvr(=f(O|v=I~O4JA2)@k3sDqwBEZ6V;SV9Do^eeoZ0Mz^+i{z?<`9;%BZ5=-@|w6
zk&>_Vv1M8uJn+ORc9%`TKvhtRlIG-rk@(SXl<95(VZaf;-6q;}so^ZCv~AU{8gbb$
zg>r0cg$flxT+VU3SFh2I@K@wwh-xhMIB$?XSvTwleIYh>&pjtvXrITaj*~!XABtR$
zdG(3p)l??1O%1an^ejcDw$8Ow>Zz_p>EpR`n5ifH8~q$g?0r<t7a6(39F)by{23|F
zS1uhPE;b7vBUsn6stb4!G+V$bDXQ#=e$tqsu`I!WPHPpX(cWh6W@jVN#QGB6y{Sh_
zhmQ$)`zhfk4YE;e)#JP!fx5RNcTLCXoxQf}@GV5d<G{mQoRL-Hs5jj3Kbe~r<1c*k
z^;0)Arjf$b-yf2^K-$tq?>tw0q=VlWhv$k-XaysASaX@tPka-%jTdjcI;)E1QVyw*
zX_m~>`?6AkWcPVu&-_YIA4fk;-hh&yPkHGkynND_nJ9I$mcJ+FDK<n^eFQ(e`qM-@
zT@hsCEquQIjZf-jnyvIdTO0&30pR_6WdHZC0SxxQRsZqdRvPHvXMqB&Q#Aio_4nfc
zQ3Xi$tAI1l|G3|Bs~Qlr6?$9%68kM6KS>6d{cy3jK>C0dP<CDcfDItQ!Iy!I0ZqW*
z0t~<o$g2J`F$iS*?^i)?sauHw;1B7*?0^T@Gz)m0q77uRWr4Us6|ls0AZO45OfLZX
U2Q_6hL7E_c7zotf_oKsq0n~<eDgXcg

delta 1018
zcmdn8f%)%Z<_#v5lk*ytCim#`ZoXF6z*hh1(yZQ72il$-Z?@NRf7~#&Hmq(@%l9Q;
zQmmpEzOK&K{?zzi_o>&eYo%*{r+?1eBYywN+tNG_n~A1VneBt8F4Q@G-?3>C|F3)g
zKZ;c9*J?(jhIX&}{$RqDj5S<R?Mr?={^(wne*Mex{OZ+*^^2aQ9p!RZ(znD>x7q4#
zXsY4vYVOEcZz|8<t7Ub3Y(M!yt8CJvnfm;W@^$fY7hWWIE6$%`e6KBGrM(W1{taD`
zH0G^3VckF6LbtEYD*5W7xZ`}t#hqKftypv>vFiJx)i(Fl_w1bC{yDDZ&|jb1z7LnL
zb~^TC2gl`u_5t4P94{Z`Y*k`nU^p=OVYmI}`E5eX^`5^98!v2mrROA5b~GzkMdirB
z(zNLABYigKwrOwqKX>KjWxl~LCdEve`O#SZeTB_k5zA_p?o%&X_z&5oFIakVN}SrC
z+kc8b%=1^@`%!8Af-PRwZXczD_Z6+{S)8#quAObVmPwgpW%!jAxBeF8gnn5$d7=D(
ztsJi>+S|YR&VI4}`|a5w>lO$!UV70ot$<Czm9et<L;XSx*14Y*zBD+i&IvrWW7|Cm
z%{lqoj>p|=;XgY4s2tBjw#{m%k7~`95m$cQvEV1a+rti{U^BayKQnu4U3zB3OTSHc
z{H{f{TY2HkQ$l?So?o^U7ONfH6}gV(mo5jp%dPV@?7vz4w>xz|omTI7znrNsSLfiV
zyVoyH{I>CmB=;GnS*N@_EG#5F7jM)$!1m<$T6-OK=X0m@Os!U_yqa=J^YTru*z46h
zmFhq2_qLpz_uk6<?=(B>_b2D>+H=mjgFQ0X^24lEJgJsGdp9i)vWW=ZaO%?5;;uHo
zNSPNR9xXi2qfdWv%vIPe&L{MWqyApUqCXK$p=#c2wN-u5-(6VBQ#UQ&28qz3(*LF3
zURF&zcl_eHOKdLboYC*Z1tcSuW%B)A*EDte$NkHrBb1FaFZ@-G<+Uq(l6I2IL4{E`
z&cEN(;2F<i#motOMry^Zw-V39{f`THdj3tW?;WXEOds7>-<yB_y;ZaFBJoA~d~5WT
zUS8z?E6s0z!P<7a)ydW8*5<xle81&yo$GOKw__g@Yt{CG6VEzT&jW^=?{+Wnm~4Ml
zYV!0e;2bph!3BZIGp<T8J*=Kw(5O4v;-Y{IJejdFFc>i)gWS4FJqnZOx3Nt&zGlJn
zz5&AHnmqlQfDG7tVB-9Sq3d4rq#m`&FM&Gp+a~pBP4>O6#k9X;azLNbWSz?blUHAt
mVwyN{^6~4oOfoYjubnF~S?&f0pB#f6!z@k)2Hz7P2LJ$q)ZJ46


From b38ef9f1e54dc1ed42d9cfa7cfca37b7e65b4e7d Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 3 Nov 2020 20:48:38 +0100
Subject: [PATCH 174/237] Fixed LUCON regex matching line terminator issue

---
 .../ids/dataflowcontrol/lucon/LuconLibrary.kt      | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
index 77968a1f4..2718c07ad 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
@@ -28,7 +28,6 @@ import com.google.common.cache.CacheLoader
 import org.slf4j.LoggerFactory
 import java.util.concurrent.ExecutionException
 import java.util.concurrent.TimeUnit
-import java.util.regex.Pattern
 
 /**
  * Plugins and default theories for tuProlog engine.
@@ -41,13 +40,10 @@ class LuconLibrary : Library() {
     private val regexCache = CacheBuilder.newBuilder()
             .expireAfterAccess(1, TimeUnit.DAYS)
             .maximumWeight(1e6.toLong())
-            .weigher<String, Pattern> { k, _ -> k.length }
-            .build<String, Pattern>(
-                    object : CacheLoader<String, Pattern>() {
-                        override fun load(key: String): Pattern {
-                            return Pattern.compile(key)
-                        }
-                    })
+            .weigher<String, Regex> { k, _ -> k.length }
+            .build(object : CacheLoader<String, Regex>() {
+                override fun load(key: String) = Regex(key, RegexOption.DOT_MATCHES_ALL)
+            })
 
     override fun getTheory(): String = """
 set_of(In, Out) :-  % get a pairwise different, sorted set from a list
@@ -188,7 +184,7 @@ trace_walk(A, B, Log, T) :-              % We can walk from A to B if  [ O(|Ep_S
         } else try {
             val regexString = TuPrologHelper.unquote(regex.term.toString())
             val inputString = TuPrologHelper.unquote(input.term.toString())
-            val match = regexCache[regexString].matcher(inputString).matches()
+            val match = regexCache[regexString].matches(inputString)
             if (LOG.isTraceEnabled) {
                 LOG.trace("regex_match: $regexString , $inputString: $match")
             }

From 07da9595a07535f76254863b9b038b0bab59c144 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 3 Dec 2020 22:03:18 +0100
Subject: [PATCH 175/237] Fixed bug for docker-based TC build on fresh systems,
 updated base image

---
 buildx/docker-buildx.sh |  2 +-
 docker-build/Dockerfile | 10 ++--------
 docker-build/run.sh     |  3 +++
 3 files changed, 6 insertions(+), 9 deletions(-)

diff --git a/buildx/docker-buildx.sh b/buildx/docker-buildx.sh
index fe1ceee71..e896d6bcf 100755
--- a/buildx/docker-buildx.sh
+++ b/buildx/docker-buildx.sh
@@ -34,7 +34,7 @@ eval set -- "$PARSED"
 
 EXAMPLE_TAG_ARG="develop"
 DOCKER_BUILD_TAG_ARG="develop"
-BASE_IMAGE_ARG="adoptopenjdk:11-jdk-hotspot"
+BASE_IMAGE_ARG="adoptopenjdk:11-jdk-hotspot-focal"
 TARGETS="core tpmsim ttpsim example-idscp-consumer-app example-idscp-provider-app"
 FILES=""
 BUILD_CONTAINER=0
diff --git a/docker-build/Dockerfile b/docker-build/Dockerfile
index fcac1a70d..4f392745f 100644
--- a/docker-build/Dockerfile
+++ b/docker-build/Dockerfile
@@ -3,20 +3,14 @@ FROM $JDK_BASE_IMAGE
 
 LABEL AUTHOR="Michael Lux (michael.lux@aisec.fraunhofer.de)"
 
-# Install tools for nodejs/yarn setup
-RUN apt-get update -qq && apt-get install -qq bash sudo wget gnupg
+# Install tools for nodejs/yarn setup and protobuf compiler
+RUN apt-get update -qq && apt-get install -qq bash sudo wget gnupg protobuf-compiler
 # Install nodejs 12.x
 RUN wget -O - https://deb.nodesource.com/setup_12.x | bash - && apt-get install -qq nodejs
 # Install yarn
 RUN wget -O - https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
     && echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list \
     && apt-get update -qq && apt-get -qq install yarn
-# Install newer protobuf compiler from focal (3.0.x doesn't generate required has...() methods)
-# This is an ugly hack, but maintains compatiblity to non-x86 platforms
-RUN sed -e 's/bionic/focal/' /etc/apt/sources.list > /etc/apt/sources.list.d/focal.list \
-    && apt-get update -qq && apt-get install -qq protobuf-compiler \
-    # Perform cleanup
-    && rm /etc/apt/sources.list.d/focal.list && apt-get clean && rm -r /var/lib/apt/lists/*
 
 COPY run.sh .
 RUN chmod +x run.sh
diff --git a/docker-build/run.sh b/docker-build/run.sh
index 5d2a20c7f..1463c20e0 100644
--- a/docker-build/run.sh
+++ b/docker-build/run.sh
@@ -41,6 +41,9 @@ else
   addgroup --gid "$DOCKER_GID" --quiet docker
   # Create a build user with the UID of the /core-platfrom mount
   adduser --uid "$TARGET_UID" --disabled-password --ingroup docker --gecos 'Build User' --quiet build
+  # Fix ownerships for gradle and mvn
+  chown -R "$TARGET_UID:$TARGET_UID" "$GRADLE_DIR" "$M2_DIR"
+  # Create gradle/mvn symlinks in user directory
   ln -s "$GRADLE_DIR" /home/build/.gradle
   ln -s "$M2_DIR" /home/build/.m2
   echo "Build parameters passed: $*"

From e91ee6a8d018d1658ac0a89e716c83a4a85b81f4 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Wed, 7 Oct 2020 13:12:08 +0200
Subject: [PATCH 176/237] Make Idscp2 reliable

---
 .../idscp2/example/Idscp2ClientInitiator.kt   |   7 +-
 .../idscp2/example/Idscp2ServerInitiator.kt   |   7 +-
 .../idscp2/idscp_core/Idscp2MessageHelper.kt  |   6 +
 .../aisec/ids/idscp2/idscp_core/fsm/Event.kt  |   9 +-
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    |  72 ++++++--
 .../idscp_core/fsm/InternalControlMessage.kt  |   4 +-
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  |   1 +
 .../idscp2/idscp_core/fsm/StateEstablished.kt |  27 ++-
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  | 157 ++++++++++++++++++
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   |  12 ++
 .../fsm/StateWaitForDatAndRatVerifier.kt      |  12 ++
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  |  12 ++
 .../idscp_core/fsm/StateWaitForRatProver.kt   |  34 +++-
 .../idscp_core/fsm/StateWaitForRatVerifier.kt |  38 ++++-
 idscp2/src/main/proto/idscpv2.proto           |   4 +
 15 files changed, 358 insertions(+), 44 deletions(-)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index 87b803e9d..66b6ac15b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -59,11 +59,14 @@ class Idscp2ClientInitiator {
             })
             connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
                 println("Received ping message: " + String(data, StandardCharsets.UTF_8))
-                CompletableFuture.runAsync { c.close() } // FSM error if run from the same thread
+                CompletableFuture.runAsync {
+                    println("Close Connection")
+                    c.close()
+                } // FSM error if run from the same thread
             }
             connection.unlockMessaging()
+            println("Send PING ...")
             connection.send("PING".toByteArray(StandardCharsets.UTF_8))
-            println("Sent PING...")
         }.exceptionally { t: Throwable? ->
             LOG.error("Client endpoint error occurred", t)
             null
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index 645ab9c80..50e548e36 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -20,6 +20,7 @@ import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
 import java.nio.charset.StandardCharsets
+import java.util.concurrent.CompletableFuture
 
 class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
     fun init(settings: Idscp2Settings) {
@@ -74,8 +75,10 @@ class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
         })
         connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
             println("Received ping message: ${String(data, StandardCharsets.UTF_8)}".trimIndent())
-            println("Sending PONG...")
-            c.send("PONG".toByteArray(StandardCharsets.UTF_8))
+            CompletableFuture.runAsync {
+                println("Sending PONG...")
+                c.send("PONG".toByteArray(StandardCharsets.UTF_8)) //FSM error if run from the same thread
+            }
         }
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
index f6edd99ac..d6e18f77b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
@@ -84,4 +84,10 @@ object Idscp2MessageHelper {
                 .setIdscpRatVerifier(idscpRatVerifier)
                 .build()
     }
+
+    fun createIdscpAckMessage(): IdscpMessage {
+        return IdscpMessage.newBuilder()
+                .setIdscpAck(IdscpAck.newBuilder().build())
+                .build()
+    }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
index e19afc5e8..171d22ef9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
@@ -39,20 +39,21 @@ class Event {
     }
 
     /**
-     * Create an event for outgoing RatProver and RatVerifier messages
+     * Create an event for outgoing RatProver, RatVerifier, IdscpData messages
      *
      * throws an IllegalStateException if this event is requested for other purposes
      */
     constructor(controlMessage: InternalControlMessage, idscpMessage: IdscpMessage) {
         if (controlMessage == InternalControlMessage.RAT_PROVER_MSG
-                || controlMessage == InternalControlMessage.RAT_VERIFIER_MSG) {
+                || controlMessage == InternalControlMessage.RAT_VERIFIER_MSG
+                || controlMessage == InternalControlMessage.SEND_DATA) {
             key = controlMessage.value
             type = EventType.INTERNAL_CONTROL_MESSAGE
             this.idscpMessage = idscpMessage
             this.controlMessage = controlMessage
         } else {
-            throw IllegalStateException("This constructor must only be used by RAT_PROVER and " +
-                    "RAT_VERIFIER for message passing, encountered $controlMessage")
+            throw IllegalStateException("This constructor must only be used by RAT_PROVER, " +
+                    "RAT_VERIFIER for message passing and for SEND_DATA, encountered $controlMessage")
         }
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 8bea66086..ed7b90d8e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -33,7 +33,15 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     private val states = HashMap<FsmState, State>()
 
     enum class FsmState {
-        STATE_CLOSED, STATE_WAIT_FOR_HELLO, STATE_WAIT_FOR_RAT, STATE_WAIT_FOR_RAT_VERIFIER, STATE_WAIT_FOR_RAT_PROVER, STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER, STATE_WAIT_FOR_DAT_AND_RAT, STATE_ESTABLISHED
+        STATE_CLOSED,
+        STATE_WAIT_FOR_HELLO,
+        STATE_WAIT_FOR_RAT,
+        STATE_WAIT_FOR_RAT_VERIFIER,
+        STATE_WAIT_FOR_RAT_PROVER,
+        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER,
+        STATE_WAIT_FOR_DAT_AND_RAT,
+        STATE_ESTABLISHED,
+        STATE_WAIT_FOR_ACK
     }
 
     private var currentState: State?
@@ -75,7 +83,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     private val onMessageBlock = fsmIsBusy.newCondition()
 
     /**
-     * A condition for the dscpv2 handshake to wait until the handshake was successful and the
+     * A condition for the idscpv2 handshake to wait until the handshake was successful and the
      * connection is established or the handshake failed and the fsm is locked forever
      */
     private val idscpHandshakeLock = fsmIsBusy.newCondition()
@@ -87,12 +95,20 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      */
     private var fsmTerminated = false
 
+    /**
+     * Check if AckFlag is set
+     */
+    private var ackFlag = false
+    private var bufferedIdscpData: IdscpMessage? = null
+
     /* ---------------------- Timer ---------------------- */
     private val datTimer: Timer
     private val ratTimer: Timer
     private val handshakeTimer: Timer
     private val proverHandshakeTimer: Timer
     private val verifierHandshakeTimer: Timer
+    private val ackTimer: Timer
+
     private fun checkForFsmCycles() {
         // check if current thread holds already the fsm lock, then we have a circle
         // this runs into an issue: onControlMessage must be called only from other threads!
@@ -348,17 +364,12 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     fun send(msg: ByteArray?) {
         // Send messages from user only when idscp connection is established
         idscpHandshakeCompletedLatch.await()
+        checkForFsmCycles()
+        val idscpMessage = Idscp2MessageHelper.createIdscpDataMessage(msg)
+        val e = Event(InternalControlMessage.SEND_DATA, idscpMessage)
         fsmIsBusy.lock()
         try {
-            if (isConnected) {
-                val idscpMessage = Idscp2MessageHelper.createIdscpDataMessage(msg)
-                if (!secureChannel.send(idscpMessage.toByteArray())) {
-                    LOG.error("Cannot send IDSCP_DATA via secure channel")
-                    onControlMessage(InternalControlMessage.ERROR)
-                }
-            } else {
-                LOG.error("Cannot send IDSCP_DATA because connection is not established")
-            }
+            feedEvent(e)
         } finally {
             fsmIsBusy.unlock()
         }
@@ -368,7 +379,8 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      * Check if FSM is in STATE ESTABLISHED
      */
     val isConnected: Boolean
-        get() = currentState == states[FsmState.STATE_ESTABLISHED]
+        get() = currentState == states[FsmState.STATE_ESTABLISHED] ||
+                currentState == states[FsmState.STATE_WAIT_FOR_ACK]
 
     /**
      * Notify handshake lock about result
@@ -494,6 +506,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         datTimer.cancelTimeout()
         ratTimer.cancelTimeout()
         handshakeTimer.cancelTimeout()
+        ackTimer.cancelTimeout()
         if (LOG.isTraceEnabled) {
             LOG.trace("Stopping RAT components...")
         }
@@ -537,6 +550,23 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         this.verifierMechanism = verifierMechanism
     }
 
+    val getAckFlag: Boolean
+        get() = ackFlag
+
+    val getBufferedIdscpMessage: IdscpMessage?
+        get() = bufferedIdscpData
+
+    fun setAckFlag(value: Boolean) {
+        this.ackFlag = value;
+        if (!value) {
+            this.bufferedIdscpData = null
+        }
+    }
+
+    fun setBufferedIdscpData(msg: IdscpMessage) {
+        this.bufferedIdscpData = msg
+    }
+
     companion object {
         private val LOG = LoggerFactory.getLogger(FSM::class.java)
     }
@@ -556,17 +586,23 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         }
         val proverTimeoutHandler = Runnable {
             LOG.debug("RAT_PROVER_HANDSHAKE_TIMER_EXPIRED")
-            onControlMessage(InternalControlMessage.REPEAT_RAT)
+            onControlMessage(InternalControlMessage.TIMEOUT)
         }
         val verifierTimeoutHandler = Runnable {
             LOG.debug("RAT_VERIFIER_HANDSHAKE_TIMER_EXPIRED")
-            onControlMessage(InternalControlMessage.REPEAT_RAT)
+            onControlMessage(InternalControlMessage.TIMEOUT)
         }
+        val ackTimeoutHandler = Runnable {
+            LOG.debug("ACK_TIMER_EXPIRED")
+            onControlMessage(InternalControlMessage.ACK_TIMER_EXPIRED)
+        }
+
         handshakeTimer = Timer(fsmIsBusy, handshakeTimeoutHandler)
         datTimer = Timer(fsmIsBusy, datTimeoutHandler)
         ratTimer = Timer(fsmIsBusy, ratTimeoutHandler)
         proverHandshakeTimer = Timer(fsmIsBusy, proverTimeoutHandler)
         verifierHandshakeTimer = Timer(fsmIsBusy, verifierTimeoutHandler)
+        ackTimer = Timer(fsmIsBusy, ackTimeoutHandler)
 
         /* ------------- FSM STATE Initialization -------------*/
         states[FsmState.STATE_CLOSED] = StateClosed(
@@ -576,15 +612,17 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         states[FsmState.STATE_WAIT_FOR_RAT] = StateWaitForRat(
                 this, handshakeTimer, verifierHandshakeTimer, proverHandshakeTimer, ratTimer, ratTimeout, dapsDriver)
         states[FsmState.STATE_WAIT_FOR_RAT_PROVER] = StateWaitForRatProver(
-                this, ratTimer, handshakeTimer, proverHandshakeTimer, dapsDriver)
+                this, ratTimer, handshakeTimer, proverHandshakeTimer, dapsDriver, ackTimer)
         states[FsmState.STATE_WAIT_FOR_RAT_VERIFIER] = StateWaitForRatVerifier(
-                this, dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, ratTimeout)
+                this, dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, ratTimeout, ackTimer)
         states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT] = StateWaitForDatAndRat(
                 this, handshakeTimer, proverHandshakeTimer, datTimer, dapsDriver)
         states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER] = StateWaitForDatAndRatVerifier(
                 this, handshakeTimer, datTimer, dapsDriver)
         states[FsmState.STATE_ESTABLISHED] = StateEstablished(
-                this, dapsDriver, ratTimer, handshakeTimer)
+                this, dapsDriver, ratTimer, handshakeTimer, ackTimer)
+        states[FsmState.STATE_WAIT_FOR_ACK] = StateWaitForAck(
+                this, dapsDriver, ratTimer, handshakeTimer, ackTimer)
 
         // Set initial state
         currentState = states[FsmState.STATE_CLOSED]
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
index 64018cef1..13e7fa76d 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
@@ -14,6 +14,7 @@ enum class InternalControlMessage(
     DAT_TIMER_EXPIRED("ICM_DAT_TIMER_EXPIRED"),
     RAT_TIMER_EXPIRED("ICM_RAT_TIMER_EXPIRED"),
     REPEAT_RAT("ICM_REPEAT_RAT"),
+    SEND_DATA("ICM_SEND_DATA"),
     RAT_VERIFIER_OK("ICM_RAT_V_OK"),
     RAT_VERIFIER_FAILED("ICM_RAT_V_FAILED"),
     RAT_PROVER_OK("ICM_RAT_P_OK"),
@@ -21,5 +22,6 @@ enum class InternalControlMessage(
     RAT_PROVER_MSG("ICM_RAT_PROVER_MSG"),
     RAT_VERIFIER_MSG("ICM_RAT_VERIFIER_MSG"),
     ERROR("ICM_ERROR"),
-    TIMEOUT("ICM_TIMEOUT");
+    TIMEOUT("ICM_TIMEOUT"),
+    ACK_TIMER_EXPIRED("ICM_ACK_TIMER_EXPIRED");
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
index 8b1ff3c12..d9dd86a27 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
@@ -26,6 +26,7 @@ internal class StateClosed(fsm: FSM,
                            onMessageLock: Condition,
                            localSupportedRatSuite: Array<String>,
                            localExpectedRatSuite: Array<String>) : State() {
+
     private fun runExitCode(onMessageLock: Condition) {
         //State Closed exit code
         onMessageLock.signalAll() //enables fsm.onMessage()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
index b0be8d657..b3f74dd86 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -17,7 +17,9 @@ import java.util.function.Function
 class StateEstablished(fsm: FSM,
                        dapsDriver: DapsDriver,
                        ratTimer: Timer,
-                       handshakeTimer: Timer) : State() {
+                       handshakeTimer: Timer,
+                       ackTimer: Timer) : State() {
+
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_ESTABLISHED")
         fsm.notifyHandshakeCompleteLock()
@@ -36,7 +38,7 @@ class StateEstablished(fsm: FSM,
          * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
          * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * //onICM: send_data ---> {send IDS_DATA} ---> STATE_ESTABLISHED
+         * onICM: send_data ---> {send IDS_DATA} ---> STATE_WAIT_FOR_ACK / STATE_CLOSED
          * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
          * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_ESTABLISHED
          * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
@@ -54,6 +56,21 @@ class StateEstablished(fsm: FSM,
                     CloseCause.USER_SHUTDOWN))
             fsm.getState(FsmState.STATE_CLOSED)
         })
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition(
+                Function {
+                    LOG.debug("Send IdscpData")
+                    if (fsm.sendFromFSM(it.idscpMessage)) {
+                        //Set Ack Flag
+                        fsm.setAckFlag(true)
+                        fsm.setBufferedIdscpData(it.idscpMessage)
+                        ackTimer.start(1)
+                        return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
+                    } else {
+                        LOG.warn("Cannot send IdscpData, shutdown FSM")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                }
+        ))
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition(
                 Function {
                     LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
@@ -107,6 +124,12 @@ class StateEstablished(fsm: FSM,
                 }
         ))
         addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition { event: Event ->
+            // send Idscp Ack
+            LOG.debug("Received IdscpData")
+            LOG.debug("Send IdscpAck")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpAckMessage())) {
+                LOG.warn("Cannot send ACK")
+            }
             val data = event.idscpMessage.idscpData
             fsm.notifyIdscpMsgListener(data.data.toByteArray())
             this
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
new file mode 100644
index 000000000..e0c500910
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
@@ -0,0 +1,157 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import org.slf4j.LoggerFactory
+import java.util.function.Function
+
+/**
+ * The Established State of the FSM of the IDSCP2 protocol.
+ * Allows message exchange over the IDSCP2 protocol between two connectors
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class StateWaitForAck(fsm: FSM,
+                       dapsDriver: DapsDriver,
+                       ratTimer: Timer,
+                       handshakeTimer: Timer,
+                       ackTimer: Timer) : State() {
+
+    override fun runEntryCode(fsm: FSM) {
+        LOG.debug("Switched to state STATE_WAIT_FOR_ACK")
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(StateWaitForAck::class.java)
+    }
+
+    init {
+
+
+        /*---------------------------------------------------
+         * STATE_ESTABLISHED - Transition Description
+         * ---------------------------------------------------
+         * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
+         * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onICM: send_data ---> {send IDS_DATA} ---> STATE_WAIT_FOR_ACK
+         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
+         * onICM. ackTimeout --> {send IDSCP_DATA again} --> STATE_WAIT_FOR_ACK
+         * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_WAIT_FOR_ACK
+         * onMessage: IDSCP_ACK ---> {clear ACK flag} ---> STATE_ESTABLISHED
+         * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
+         * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
+         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
+         * --------------------------------------------------- */
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("Error occurred, close idscp connection")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSCP_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                    CloseCause.USER_SHUTDOWN))
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition(
+                Function {
+                    LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
+                    ratTimer.cancelTimeout()
+                    ackTimer.cancelTimeout()
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
+                        LOG.error("Cannot send ReRat message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    if (!fsm.restartRatVerifierDriver()) {
+                        LOG.error("Cannot run Rat verifier, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
+                }
+        ))
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
+            LOG.warn("Cannot send data in STATE_WAIT_FOR_ACK")
+            this
+        })
+        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
+                Function {
+                    ratTimer.cancelTimeout()
+                    ackTimer.cancelTimeout()
+                    LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
+                        LOG.error("Cannot send DatExpired message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    LOG.debug("Set handshake timeout")
+                    handshakeTimer.resetTimeout(5)
+                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
+                }
+        ))
+        addTransition(InternalControlMessage.ACK_TIMER_EXPIRED.value, Transition(
+                Function {
+                    LOG.debug("ACK_timeout occurred. Send buffered IdscpData again")
+                    if (fsm.getBufferedIdscpMessage != null || fsm.sendFromFSM(fsm.getBufferedIdscpMessage)) {
+                        ackTimer.start(1)
+                        return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
+                    } else {
+                        LOG.warn("Cannot send IdscpData, shutdown FSM")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    ackTimer.cancelTimeout()
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
+                Function {
+                    LOG.debug("DAT expired. Send new DAT and repeat RAT")
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                        LOG.error("Cannot send Dat message")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    if (!fsm.restartRatProverDriver()) {
+                        LOG.error("Cannot run Rat prover, close idscp connection")
+                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    }
+                    ackTimer.cancelTimeout()
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+                }
+        ))
+        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition { event: Event ->
+            // send Idscp Ack
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpAckMessage())) {
+                LOG.warn("Cannot send ACK")
+            }
+            val data = event.idscpMessage.idscpData
+            fsm.notifyIdscpMsgListener(data.data.toByteArray())
+            this
+        })
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
+            LOG.debug("Received IdscpAck, cancel AckFlag")
+            ackTimer.cancelTimeout()
+            fsm.setAckFlag(false)
+            fsm.getState(FsmState.STATE_ESTABLISHED)
+        })
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Receive IDSCP_CLOSED")
+            fsm.getState(FsmState.STATE_CLOSED)
+        })
+        setNoTransitionHandler { event: Event? ->
+            LOG.debug("No transition available for given event " + event.toString())
+            LOG.debug("Stay in state STATE_WAIT_FOR_ACK")
+            this
+        }
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index 31caa2d5f..22ff96ab2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -41,6 +41,7 @@ class StateWaitForDatAndRat(fsm: FSM,
          * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
          * onICM: rat_prover_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
+         * onMessage: IDSCP_ACK ---> {cancel Ack flag} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_CLOSE ---> {ratP.stop(), timeouts.stop()} ---> STATE_CLOSED
          * onMessage: IDSCP_DAT(success) ---> {verify dat, start dat_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_DAT(failed) ---> {verify dat, send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
@@ -145,6 +146,17 @@ class StateWaitForDatAndRat(fsm: FSM,
                     this
                 }
         ))
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
+                Function {
+                    if (fsm.getAckFlag) {
+                        LOG.debug("Received IdscpAck, cancel flag in fsm")
+                        fsm.setAckFlag(false)
+                    } else {
+                        LOG.warn("Received unexpected IdscpAck")
+                    }
+                    this
+                }
+        ))
         setNoTransitionHandler { event: Event? ->
             LOG.debug("No transition available for given event " + event.toString())
             this
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index c6de3ee3b..1853bc994 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -37,6 +37,7 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
          * onICM: stop ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: error ---> {} ---> STATE_CLOSED
          * onICM: timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_ACK ---> {cancel Ack flag} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
          * onMessage: IDSCP_DAT(success) --> {verify DAT, set det_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFEIER
          * onMessage: IDSCP_DAT(failed) --> {verify DAT, send IDSCP_CLOSE} ---> STATE_CLOSED
@@ -110,6 +111,17 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
             fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
         }
         ))
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
+                Function {
+                    if (fsm.getAckFlag) {
+                        LOG.debug("Received IdscpAck, cancel flag in fsm")
+                        fsm.setAckFlag(false)
+                    } else {
+                        LOG.warn("Received unexpected IdscpAck")
+                    }
+                    this
+                }
+        ))
         setNoTransitionHandler { event: Event? ->
             LOG.debug("No transition available for given event " + event.toString())
             this
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index 34ce1c78f..c6ee5388b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -47,6 +47,7 @@ class StateWaitForRat(fsm: FSM,
          * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
          * onICM: dat_timeout ---> {send DAT_EXPIRED, ratV.cancel()} ---> STATE_WAIT_FOR_DAT_AND_RAT
          * onICM: handshake_timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
+         * onMessage: IDSCP_ACK ---> {cancel Ack flag} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_RAT_PROVER ---> {delegate to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_DAT_EXPIRED ---> {send DAT, ratP.restart()} ---> STATE_WAIT_FOR_RAT
@@ -127,6 +128,17 @@ class StateWaitForRat(fsm: FSM,
                     CloseCause.TIMEOUT))
             fsm.getState(FsmState.STATE_CLOSED)
         })
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
+                Function {
+                    if (fsm.getAckFlag) {
+                        LOG.debug("Received IdscpAck, cancel flag in fsm")
+                        fsm.setAckFlag(false)
+                    } else {
+                        LOG.warn("Received unexpected IdscpAck")
+                    }
+                    this
+                }
+        ))
         addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
             LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
             assert(event.idscpMessage.hasIdscpRatVerifier())
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index 62dc04c81..2078a1fbb 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -19,7 +19,8 @@ class StateWaitForRatProver(fsm: FSM,
                             ratTimer: Timer,
                             handshakeTimer: Timer,
                             proverHandshakeTimer: Timer,
-                            dapsDriver: DapsDriver) : State() {
+                            dapsDriver: DapsDriver,
+                            ackTimer: Timer) : State() {
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_WAIT_FOR_RAT_PROVER")
     }
@@ -38,10 +39,11 @@ class StateWaitForRatProver(fsm: FSM,
          * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
          * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
          * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onICM: rat_prover_ok ---> {} ---> STATE_ESTABLISHED
+         * onICM: rat_prover_ok ---> {} ---> STATE_ESTABLISHED / STATE_WAIT_FOR_ACK
          * onICM: rat_prover_failed ---> {send IDSCP_CLOSE, terminate ratP, cancel timeouts} ---> STATE_CLOSED
          * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
          * onICM: repeat_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
+         * onMessage: IDSCP_ACK ---> {cancel Ack flag} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
          * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
          * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
@@ -76,11 +78,18 @@ class StateWaitForRatProver(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
                 }
         ))
-        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
-            LOG.debug("Received RAT_PROVER OK")
-            proverHandshakeTimer.cancelTimeout()
-            fsm.getState(FsmState.STATE_ESTABLISHED)
-        })
+        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition (
+                Function {
+                    LOG.debug("Received RAT_PROVER OK")
+                    proverHandshakeTimer.cancelTimeout()
+                    if (fsm.getAckFlag) {
+                        ackTimer.start(1)
+                        return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
+                    } else {
+                        return@Function fsm.getState(FsmState.STATE_ESTABLISHED)
+                    }
+                }
+        ))
         addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
             LOG.error("RAT_PROVER failed")
             LOG.debug("Send IDSC_CLOSE")
@@ -148,6 +157,17 @@ class StateWaitForRatProver(fsm: FSM,
                     this
                 }
         ))
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
+                Function {
+                    if (fsm.getAckFlag) {
+                        LOG.debug("Received IdscpAck, cancel flag in fsm")
+                        fsm.setAckFlag(false)
+                    } else {
+                        LOG.warn("Received unexpected IdscpAck")
+                    }
+                    this
+                }
+        ))
         setNoTransitionHandler { event: Event? ->
             LOG.debug("No transition available for given event " + event.toString())
             LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER")
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index 32c365111..d5895c4e8 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -20,7 +20,8 @@ class StateWaitForRatVerifier(fsm: FSM,
                               ratTimer: Timer,
                               handshakeTimer: Timer,
                               verifierHandshakeTimer: Timer,
-                              ratTimeoutDelay: Long) : State() {
+                              ratTimeoutDelay: Long,
+                              ackTimer: Timer) : State() {
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_WAIT_FOR_RAT_VERIFIER")
     }
@@ -38,9 +39,10 @@ class StateWaitForRatVerifier(fsm: FSM,
          * onICM: close ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
          * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED, cancel ratV} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
          * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_ESTABLISHED
+         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_ESTABLISHED / STATE_WAIT_FOR_ACK
          * onICM: rat_verifier_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
+         * onMessage: IDSCP_ACK ---> {cancel Ack flag} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
          * onMessage: IDSCP_CLOSE ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
          * onMessage: IDSCP_RAT_PROVER ---> {delegat to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
@@ -75,13 +77,20 @@ class StateWaitForRatVerifier(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
                 }
         ))
-        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
-            LOG.debug("Received RAT_VERIFIER OK")
-            verifierHandshakeTimer.cancelTimeout()
-            LOG.debug("Start RAT Timer")
-            ratTimer.resetTimeout(ratTimeoutDelay)
-            fsm.getState(FsmState.STATE_ESTABLISHED)
-        })
+        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition (
+                Function {
+                    LOG.debug("Received RAT_VERIFIER OK")
+                    verifierHandshakeTimer.cancelTimeout()
+                    LOG.debug("Start RAT Timer")
+                    ratTimer.resetTimeout(ratTimeoutDelay)
+                    if (fsm.getAckFlag) {
+                        ackTimer.start(1)
+                        return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
+                    } else {
+                        return@Function fsm.getState(FsmState.STATE_ESTABLISHED)
+                    }
+                }
+        ))
         addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
             LOG.error("RAT_VERIFIER failed")
             LOG.debug("Send IDSC_CLOSE")
@@ -134,6 +143,17 @@ class StateWaitForRatVerifier(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
                 }
         ))
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
+                Function {
+                    if (fsm.getAckFlag) {
+                        LOG.debug("Received IdscpAck, cancel flag in fsm")
+                        fsm.setAckFlag(false)
+                    } else {
+                        LOG.warn("Received unexpected IdscpAck")
+                    }
+                    this
+                }
+        ))
         setNoTransitionHandler { event: Event? ->
             LOG.debug("No transition available for given event " + event.toString())
             LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER")
diff --git a/idscp2/src/main/proto/idscpv2.proto b/idscp2/src/main/proto/idscpv2.proto
index 4aabff204..ef53feefb 100644
--- a/idscp2/src/main/proto/idscpv2.proto
+++ b/idscp2/src/main/proto/idscpv2.proto
@@ -14,6 +14,7 @@ message IdscpMessage {
     IdscpRatProver idscpRatProver = 6;
     IdscpRatVerifier idscpRatVerifier = 7;
     IdscpData idscpData = 8;
+    IdscpAck idscpAck = 9;
   }
 }
 
@@ -71,4 +72,7 @@ message IdscpRatVerifier {
 message IdscpData {
   // Payload
   bytes data = 1;
+}
+
+message IdscpAck {
 }
\ No newline at end of file

From 2307b5437e6d661641ef60966a3feac6d232d2f1 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Sun, 15 Nov 2020 12:05:01 +0100
Subject: [PATCH 177/237] Modify Idscp2Config and AttestationConfig

Conflicts:
	camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
	camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
	idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
	idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
	idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
	idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
---
 .../idscp2/client/Idscp2ClientEndpoint.kt     |  34 ++--
 .../camel/idscp2/server/CamelIdscp2Server.kt  |  18 +-
 .../idscp2/server/Idscp2ServerComponent.kt    |   8 +-
 .../idscp2/server/Idscp2ServerEndpoint.kt     |  26 +--
 .../idscp2/app_layer/AppLayerConnection.kt    |   6 +-
 .../secure_channel/NativeTLSDriver.kt         |  14 +-
 .../secure_channel/client/TLSClient.kt        |  22 +--
 .../secure_channel/server/TLSServer.kt        |  26 +--
 .../drivers/interfaces/SecureChannelDriver.kt |   8 +-
 .../idscp2/example/Idscp2ClientInitiator.kt   |  38 ++--
 .../idscp2/example/Idscp2ServerInitiator.kt   |  50 +++---
 .../aisec/ids/idscp2/example/RunTLSClient.kt  |  19 +-
 .../aisec/ids/idscp2/example/RunTLSServer.kt  |  15 +-
 .../idscp2/idscp_core/Idscp2ConnectionImpl.kt |   9 +-
 .../configuration/AttestationConfig.kt        |  46 ++++-
 .../configuration/Idscp2Configuration.kt      | 167 ++++++++++++++++++
 .../configuration/Idscp2ServerFactory.kt      |  10 +-
 .../configuration/Idscp2Settings.kt           | 151 ----------------
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    |  13 +-
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  |  10 +-
 .../idscp_core/fsm/StateWaitForHello.kt       |   8 +-
 idscp2/src/test/java/RatDriverTest.java       |   3 +-
 22 files changed, 387 insertions(+), 314 deletions(-)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 5b55b5805..89f1a0905 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -24,7 +24,8 @@ import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDrive
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import org.apache.camel.Processor
 import org.apache.camel.Producer
 import org.apache.camel.spi.UriEndpoint
@@ -46,7 +47,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         DefaultEndpoint(uri, component) {
     private lateinit var secureChannelDriver: SecureChannelDriver<AppLayerConnection>
     private lateinit var dapsDriver: DapsDriver
-    private lateinit var clientSettings: Idscp2Settings
+    private lateinit var clientConfiguration: Idscp2Configuration
 
     @UriParam(
             label = "security",
@@ -72,7 +73,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
     var connectionShareId: String? = null
 
     private fun makeConnectionInternal(): CompletableFuture<AppLayerConnection> {
-        return secureChannelDriver.connect(::AppLayerConnection, clientSettings, dapsDriver)
+        return secureChannelDriver.connect(::AppLayerConnection, clientConfiguration, dapsDriver)
     }
 
     fun makeConnection(): CompletableFuture<AppLayerConnection> {
@@ -101,14 +102,19 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
         val matchResult = remainingMatcher.toMatchResult()
         val host = matchResult.group(1)
-        val port = matchResult.group(2)?.toInt() ?: Idscp2Settings.DEFAULT_SERVER_PORT
-        val clientSettingsBuilder = Idscp2Settings.Builder()
+        val port = matchResult.group(2)?.toInt() ?: Idscp2Configuration.DEFAULT_SERVER_PORT
+        val localAttestationConfig = AttestationConfig.Builder()
+                .setSupportedRatSuite(arrayOf("Dummy", "TPM2d"))
+                .setExpectedRatSuite(arrayOf("Dummy", "TPM2d"))
+                .setRatTimeoutDelay(dapsRatTimeoutDelay ?: AttestationConfig.DEFAULT_RAT_TIMEOUT_DELAY.toLong())
+                .build()
+        val clientConfigurationBuilder = Idscp2Configuration.Builder()
                 .setHost(host)
                 .setServerPort(port)
-                .setRatTimeoutDelay(dapsRatTimeoutDelay ?: Idscp2Settings.DEFAULT_RAT_TIMEOUT_DELAY.toLong())
+                .setAttestationConfig(localAttestationConfig)
                 .setDapsKeyAlias(dapsKeyAlias ?: "1")
         sslContextParameters?.let {
-            clientSettingsBuilder
+            clientConfigurationBuilder
                     .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
                             ?: "password".toCharArray())
                     .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
@@ -121,15 +127,15 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
                     .setCertificateAlias(it.certAlias ?: "1.0.1")
         }
         secureChannelDriver = NativeTLSDriver()
-        clientSettings = clientSettingsBuilder.build()
+        clientConfiguration = clientConfigurationBuilder.build()
         dapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
                 .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
-                .setKeyAlias(clientSettings.dapsKeyAlias)
-                .setKeyPassword(clientSettings.keyPassword)
-                .setKeyStorePath(clientSettings.keyStorePath)
-                .setTrustStorePath(clientSettings.trustStorePath)
-                .setKeyStorePassword(clientSettings.keyStorePassword)
-                .setTrustStorePassword(clientSettings.trustStorePassword)
+                .setKeyAlias(clientConfiguration.dapsKeyAlias)
+                .setKeyPassword(clientConfiguration.keyPassword)
+                .setKeyStorePath(clientConfiguration.keyStorePath)
+                .setTrustStorePath(clientConfiguration.trustStorePath)
+                .setKeyStorePassword(clientConfiguration.keyStorePassword)
+                .setTrustStorePassword(clientConfiguration.trustStorePassword)
                 .build())
     }
 
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index 174f252ce..8f8eaf516 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -22,29 +22,29 @@ import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import de.fhg.aisec.ids.idscp2.idscp_core.server.Idscp2Server
 import java.util.*
 
-class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener<AppLayerConnection> {
+class CamelIdscp2Server(serverConfiguration: Idscp2Configuration) : Idscp2EndpointListener<AppLayerConnection> {
     private val server: Idscp2Server<AppLayerConnection>
     val listeners: MutableSet<Idscp2EndpointListener<AppLayerConnection>> = Collections.synchronizedSet(HashSet())
 
     init {
         val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
                 .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
-                .setKeyAlias(serverSettings.dapsKeyAlias)
-                .setKeyPassword(serverSettings.keyPassword)
-                .setKeyStorePath(serverSettings.keyStorePath)
-                .setTrustStorePath(serverSettings.trustStorePath)
-                .setKeyStorePassword(serverSettings.keyStorePassword)
-                .setTrustStorePassword(serverSettings.trustStorePassword)
+                .setKeyAlias(serverConfiguration.dapsKeyAlias)
+                .setKeyPassword(serverConfiguration.keyPassword)
+                .setKeyStorePath(serverConfiguration.keyStorePath)
+                .setTrustStorePath(serverConfiguration.trustStorePath)
+                .setKeyStorePassword(serverConfiguration.keyStorePassword)
+                .setTrustStorePassword(serverConfiguration.trustStorePassword)
                 .build()
         val serverFactory = Idscp2ServerFactory(
                 ::AppLayerConnection,
                 this,
-                serverSettings,
+                serverConfiguration,
                 DefaultDapsDriver(dapsDriverConfig),
                 NativeTLSDriver()
         )
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
index 79d21a847..c17a2a821 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
@@ -23,7 +23,7 @@ import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.apache.camel.Endpoint
@@ -32,7 +32,7 @@ import org.apache.camel.support.DefaultComponent
 
 @Component("idscp2server")
 class Idscp2ServerComponent : DefaultComponent() {
-    private val servers = RefCountingHashMap<Idscp2Settings, CamelIdscp2Server> {
+    private val servers = RefCountingHashMap<Idscp2Configuration, CamelIdscp2Server> {
         it.terminate()
     }
 
@@ -58,10 +58,10 @@ class Idscp2ServerComponent : DefaultComponent() {
     }
 
     @Synchronized
-    fun getServer(serverSettings: Idscp2Settings) = servers.computeIfAbsent(serverSettings) { CamelIdscp2Server(it) }
+    fun getServer(serverConfiguration: Idscp2Configuration) = servers.computeIfAbsent(serverConfiguration) { CamelIdscp2Server(it) }
 
     @Synchronized
-    fun freeServer(serverSettings: Idscp2Settings) = servers.release(serverSettings)
+    fun freeServer(serverConfiguration: Idscp2Configuration) = servers.release(serverConfiguration)
 
     @Synchronized
     override fun doStop() {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index b8bb14d48..9bddce167 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -19,7 +19,8 @@ package de.fhg.aisec.ids.camel.idscp2.server
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import org.apache.camel.Processor
 import org.apache.camel.Producer
 import org.apache.camel.spi.UriEndpoint
@@ -39,7 +40,7 @@ import java.util.regex.Pattern
 )
 class Idscp2ServerEndpoint(uri: String?, private val remaining: String, component: Idscp2ServerComponent?) :
         DefaultEndpoint(uri, component), Idscp2EndpointListener<AppLayerConnection> {
-    private lateinit var serverSettings: Idscp2Settings
+    private lateinit var serverConfiguration: Idscp2Configuration
     private var server: CamelIdscp2Server? = null
     private val consumers: MutableSet<Idscp2ServerConsumer> = HashSet()
 
@@ -59,7 +60,7 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
             description = "The validity time of remote attestation and DAT in seconds",
             defaultValue = "600"
     )
-    var dapsRatTimeoutDelay: Long = Idscp2Settings.DEFAULT_RAT_TIMEOUT_DELAY.toLong()
+    var dapsRatTimeoutDelay: Long = AttestationConfig.DEFAULT_RAT_TIMEOUT_DELAY.toLong()
 
     @Synchronized
     fun addConsumer(consumer: Idscp2ServerConsumer) {
@@ -114,14 +115,19 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
         require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
         val matchResult = remainingMatcher.toMatchResult()
         val host = matchResult.group(1)
-        val port = matchResult.group(2)?.toInt() ?: Idscp2Settings.DEFAULT_SERVER_PORT
-        val clientSettingsBuilder = Idscp2Settings.Builder()
+        val port = matchResult.group(2)?.toInt() ?: Idscp2Configuration.DEFAULT_SERVER_PORT
+        val localAttestationConfig = AttestationConfig.Builder()
+                .setSupportedRatSuite(arrayOf("Dummy", "TPM2d"))
+                .setExpectedRatSuite(arrayOf("Dummy", "TPM2d"))
+                .setRatTimeoutDelay(dapsRatTimeoutDelay)
+                .build()
+        val serverConfigurationBuilder = Idscp2Configuration.Builder()
                 .setHost(host)
                 .setServerPort(port)
-                .setRatTimeoutDelay(dapsRatTimeoutDelay)
+                .setAttestationConfig(localAttestationConfig)
                 .setDapsKeyAlias(dapsKeyAlias)
         sslContextParameters?.let {
-            clientSettingsBuilder
+            serverConfigurationBuilder
                     .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
                             ?: "password".toCharArray())
                     .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
@@ -133,8 +139,8 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
                             ?: "password".toCharArray())
                     .setCertificateAlias(it.certAlias ?: "1.0.1")
         }
-        serverSettings = clientSettingsBuilder.build()
-        (component as Idscp2ServerComponent).getServer(serverSettings).let {
+        serverConfiguration = serverConfigurationBuilder.build()
+        (component as Idscp2ServerComponent).getServer(serverConfiguration).let {
             server = it
             // Add this endpoint to this server's Idscp2EndpointListener set
             it.listeners += this
@@ -146,7 +152,7 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
         LOG.debug("Stopping IDSCP2 server endpoint $endpointUri")
         // Remove this endpoint from the server's Idscp2EndpointListener set
         server?.let { it.listeners -= this }
-        (component as Idscp2ServerComponent).freeServer(serverSettings)
+        (component as Idscp2ServerComponent).freeServer(serverConfiguration)
     }
 
     companion object {
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
index 206922170..6bb8056f4 100644
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
@@ -7,7 +7,7 @@ import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import org.slf4j.LoggerFactory
 import java.util.*
@@ -17,8 +17,8 @@ class AppLayerConnection private constructor(private val idscp2Connection: Idscp
     private var idscp2MessageListener: Idscp2MessageListener? = null
     private val genericMessageListeners: MutableSet<GenericMessageListener> = Collections.synchronizedSet(HashSet())
 
-    constructor(secureChannel: SecureChannel, settings: Idscp2Settings, dapsDriver: DapsDriver) :
-            this(Idscp2ConnectionImpl(secureChannel, settings, dapsDriver))
+    constructor(secureChannel: SecureChannel, configuration: Idscp2Configuration, dapsDriver: DapsDriver):
+        this(Idscp2ConnectionImpl(secureChannel, configuration, dapsDriver))
 
     private fun assureMessageListener() {
         if (idscp2MessageListener == null) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
index d65839cec..215835006 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
@@ -7,7 +7,7 @@ import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
@@ -26,13 +26,13 @@ class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC> {
     /**
      * Performs an asynchronous client connect to a TLS server.
      */
-    override fun connect(connectionFactory: (SecureChannel, Idscp2Settings, DapsDriver) -> CC,
-                         settings: Idscp2Settings,
+    override fun connect(connectionFactory: (SecureChannel, Idscp2Configuration, DapsDriver) -> CC,
+                         configuration: Idscp2Configuration,
                          dapsDriver: DapsDriver): CompletableFuture<CC> {
         val connectionFuture = CompletableFuture<CC>()
         try {
-            val tlsClient = TLSClient(connectionFactory, settings, dapsDriver, connectionFuture)
-            tlsClient.connect(settings.host, settings.serverPort)
+            val tlsClient = TLSClient(connectionFactory, configuration, dapsDriver, connectionFuture)
+            tlsClient.connect(configuration.host, configuration.serverPort)
         } catch (e: IOException) {
             connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
         } catch (e: NoSuchAlgorithmException) {
@@ -49,10 +49,10 @@ class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC> {
      * @return The SecureServer instance
      * @throws Idscp2Exception If any error occurred during server creation/start
      */
-    override fun listen(settings: Idscp2Settings, channelInitListener: SecureChannelInitListener<CC>,
+    override fun listen(configuration: Idscp2Configuration, channelInitListener: SecureChannelInitListener<CC>,
                         serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>): SecureServer {
         return try {
-            TLSServer(settings, channelInitListener, serverListenerPromise)
+            TLSServer(configuration, channelInitListener, serverListenerPromise)
         } catch (e: IOException) {
             throw Idscp2Exception("Error while trying to to start SecureServer", e)
         } catch (e: NoSuchAlgorithmException) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
index ad366d492..df583f8e8 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
@@ -6,7 +6,7 @@ import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSes
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener
@@ -26,8 +26,8 @@ import javax.net.ssl.*
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class TLSClient<CC: Idscp2Connection>(
-        private val connectionFactory: (SecureChannel, Idscp2Settings, DapsDriver) -> CC,
-        private val clientSettings: Idscp2Settings,
+        private val connectionFactory: (SecureChannel, Idscp2Configuration, DapsDriver) -> CC,
+        private val clientConfiguration: Idscp2Configuration,
         private val dapsDriver: DapsDriver,
         private val connectionFuture: CompletableFuture<CC>
 ) : HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
@@ -139,7 +139,7 @@ class TLSClient<CC: Idscp2Connection>(
             val secureChannel = SecureChannel(this)
             // Try to complete, won't do anything if promise has been cancelled
             listenerPromise.complete(secureChannel)
-            val connection = connectionFactory(secureChannel, clientSettings, dapsDriver)
+            val connection = connectionFactory(secureChannel, clientConfiguration, dapsDriver)
             inputListenerThread!!.start()
             // Try to complete, won't do anything if promise has been cancelled
             connectionFuture.complete(connection)
@@ -169,18 +169,18 @@ class TLSClient<CC: Idscp2Connection>(
         // get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
         // hostVerification and algorithm constraints
         val myTrustManager = PreConfiguration.getX509ExtTrustManager(
-                clientSettings.trustStorePath,
-                clientSettings.trustStorePassword
+                clientConfiguration.trustStorePath,
+                clientConfiguration.trustStorePassword
         )
 
         // get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
         // connection specific key selection via key alias
         val myKeyManager = PreConfiguration.getX509ExtKeyManager(
-                clientSettings.keyPassword,
-                clientSettings.keyStorePath,
-                clientSettings.keyStorePassword,
-                clientSettings.certificateAlias,
-                clientSettings.keyStoreKeyType
+                clientConfiguration.keyPassword,
+                clientConfiguration.keyStorePath,
+                clientConfiguration.keyStorePassword,
+                clientConfiguration.certificateAlias,
+                clientConfiguration.keyStoreKeyType
         )
         val sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE)
         sslContext.init(myKeyManager, myTrustManager, null)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
index 4cc5f95b4..8018c4102 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
@@ -4,7 +4,7 @@ import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfigur
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
 import org.slf4j.LoggerFactory
@@ -23,9 +23,9 @@ import javax.net.ssl.SSLSocket
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class TLSServer<CC: Idscp2Connection>(serverSettings: Idscp2Settings,
-                private val secureChannelInitListener: SecureChannelInitListener<CC>,
-                private val serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>):
+class TLSServer<CC: Idscp2Connection>(serverConfiguration: Idscp2Configuration,
+                                      private val secureChannelInitListener: SecureChannelInitListener<CC>,
+                                      private val serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>):
         Runnable, SecureServer {
     @Volatile
     override var isRunning = false
@@ -102,26 +102,26 @@ class TLSServer<CC: Idscp2Connection>(serverSettings: Idscp2Settings,
         // which enables host verification and algorithm constraints
         LOG.debug("Creating trust manager for TLS server...")
         val myTrustManager = PreConfiguration.getX509ExtTrustManager(
-                serverSettings.trustStorePath,
-                serverSettings.trustStorePassword
+                serverConfiguration.trustStorePath,
+                serverConfiguration.trustStorePassword
         )
 
         // Get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager,
         // which enables connection specific key selection via key alias
         LOG.debug("Creating key manager for TLS server...")
         val myKeyManager = PreConfiguration.getX509ExtKeyManager(
-                serverSettings.keyPassword,
-                serverSettings.keyStorePath,
-                serverSettings.keyStorePassword,
-                serverSettings.certificateAlias,
-                serverSettings.keyStoreKeyType
+                serverConfiguration.keyPassword,
+                serverConfiguration.keyStorePath,
+                serverConfiguration.keyStorePassword,
+                serverConfiguration.certificateAlias,
+                serverConfiguration.keyStoreKeyType
         )
         LOG.debug("Setting TLS security attributes and creating TLS server socket...")
         // Create TLS context based on keyManager and trustManager
         val sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE)
         sslContext.init(myKeyManager, myTrustManager, null)
         val socketFactory = sslContext.serverSocketFactory
-        serverSocket = socketFactory.createServerSocket(serverSettings.serverPort)
+        serverSocket = socketFactory.createServerSocket(serverConfiguration.serverPort)
         // Set timeout for serverSocket.accept()
         serverSocket.soTimeout = 5000
         val sslServerSocket = serverSocket as SSLServerSocket
@@ -135,7 +135,7 @@ class TLSServer<CC: Idscp2Connection>(serverSettings: Idscp2Settings,
         sslServerSocket.sslParameters = sslParameters
         LOG.debug("Starting TLS server...")
         serverThread = Thread(this, "TLS Server Thread "
-                + serverSettings.host + ":" + serverSettings.serverPort)
+                + serverConfiguration.host + ":" + serverConfiguration.serverPort)
         serverThread.start()
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
index 4aeed139e..b38c75327 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.drivers.interfaces
 
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
@@ -17,13 +17,13 @@ interface SecureChannelDriver<CC : Idscp2Connection> {
     /*
      * Asynchronous method to create a secure connection to a secure server
      */
-    fun connect(connectionFactory: (SecureChannel, Idscp2Settings, DapsDriver) -> CC,
-                settings: Idscp2Settings,
+    fun connect(connectionFactory: (SecureChannel, Idscp2Configuration, DapsDriver) -> CC,
+                configuration: Idscp2Configuration,
                 dapsDriver: DapsDriver): CompletableFuture<CC>
 
     /*
      * Starting a secure server
      */
-    fun listen(settings: Idscp2Settings, channelInitListener: SecureChannelInitListener<CC>,
+    fun listen(configuration: Idscp2Configuration, channelInitListener: SecureChannelInitListener<CC>,
                serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>): SecureServer
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index 66b6ac15b..fd3b0ad30 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -4,15 +4,11 @@ import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDrive
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
@@ -22,30 +18,30 @@ import java.util.concurrent.CompletableFuture
 class Idscp2ClientInitiator {
     private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
 
-    fun init(settings: Idscp2Settings) {
+    fun init(configuration: Idscp2Configuration) {
+
+        // create secure channel driver
         val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
+
+        // create daps driver
         val dapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
-                .setKeyStorePath(settings.keyStorePath)
-                .setTrustStorePath(settings.trustStorePath)
-                .setKeyStorePassword(settings.keyStorePassword)
-                .setTrustStorePassword(settings.trustStorePassword)
-                .setKeyAlias(settings.dapsKeyAlias)
-                .setKeyPassword(settings.keyPassword)
+                .setKeyStorePath(configuration.keyStorePath)
+                .setTrustStorePath(configuration.trustStorePath)
+                .setKeyStorePassword(configuration.keyStorePassword)
+                .setTrustStorePassword(configuration.trustStorePassword)
+                .setKeyAlias(configuration.dapsKeyAlias)
+                .setKeyPassword(configuration.keyPassword)
                 .setDapsUrl("https://daps.aisec.fraunhofer.de")
                 .build())
+
+        // register rat drivers
         RatProverDriverRegistry.registerDriver(
                 "Dummy", ::RatProverDummy, null)
         RatVerifierDriverRegistry.registerDriver(
                 "Dummy", ::RatVerifierDummy, null)
-        RatProverDriverRegistry.registerDriver(
-                "TPM2d", ::TPM2dProver,
-                TPM2dProverConfig.Builder().build()
-        )
-        RatVerifierDriverRegistry.registerDriver(
-                "TPM2d", ::TPM2dVerifier,
-                TPM2dVerifierConfig.Builder().build()
-        )
-        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, settings, dapsDriver)
+
+        // connect to idscp2 server
+        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration, dapsDriver)
         connectionFuture.thenAccept { connection: Idscp2Connection ->
             println("Client: New connection with id " + connection.id)
             connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index 50e548e36..a7fca7054 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -5,17 +5,13 @@ import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDrive
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
@@ -23,43 +19,41 @@ import java.nio.charset.StandardCharsets
 import java.util.concurrent.CompletableFuture
 
 class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
-    fun init(settings: Idscp2Settings) {
+    fun init(configuration: Idscp2Configuration) {
+
+        // create secure channel driver
         val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
-        val config = DefaultDapsDriverConfig.Builder()
-                .setKeyStorePath(settings.keyStorePath)
-                .setTrustStorePath(settings.trustStorePath)
-                .setKeyStorePassword(settings.keyStorePassword)
-                .setTrustStorePassword(settings.trustStorePassword)
-                .setKeyAlias(settings.dapsKeyAlias)
-                .setKeyPassword(settings.keyPassword)
+
+        // create daps config
+        val dapsConfig = DefaultDapsDriverConfig.Builder()
+                .setKeyStorePath(configuration.keyStorePath)
+                .setTrustStorePath(configuration.trustStorePath)
+                .setKeyStorePassword(configuration.keyStorePassword)
+                .setTrustStorePassword(configuration.trustStorePassword)
+                .setKeyAlias(configuration.dapsKeyAlias)
+                .setKeyPassword(configuration.keyPassword)
                 .setDapsUrl("https://daps.aisec.fraunhofer.de")
                 .build()
-        val dapsDriver: DapsDriver = DefaultDapsDriver(config)
+
+        // create daps
+        val dapsDriver: DapsDriver = DefaultDapsDriver(dapsConfig)
+
+        // register rat drivers
         RatProverDriverRegistry.registerDriver(
                 "Dummy", ::RatProverDummy, null)
         RatVerifierDriverRegistry.registerDriver(
                 "Dummy", ::RatVerifierDummy, null)
-        RatProverDriverRegistry.registerDriver(
-                "TPM2d", ::TPM2dProver, TPM2dProverConfig.Builder().build()
-        )
-        RatVerifierDriverRegistry.registerDriver(
-                "TPM2d", ::TPM2dVerifier, TPM2dVerifierConfig.Builder().build()
-        )
+
+        // create server config
         val serverConfig = Idscp2ServerFactory(
                 ::Idscp2ConnectionImpl,
                 this,
-                settings,
+                configuration,
                 dapsDriver,
                 secureChannelDriver
         )
+        // run idscp2 server
         @Suppress("UNUSED_VARIABLE") val idscp2Server = serverConfig.listen()
-
-//        try {
-//            Thread.sleep(40_000); //run server for 2 minutes
-//        } catch (Exception ignored) {
-//        } finally {
-//            idscp2Server.closeConnection();
-//        }
     }
 
     override fun onConnection(connection: Idscp2Connection) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
index 0d569e721..ae6508e6d 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
@@ -1,19 +1,30 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import java.nio.file.Paths
 import java.util.*
 
 object RunTLSClient {
     @JvmStatic
     fun main(args: Array<String>) {
-        val settings = Idscp2Settings.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector2-keystore.p12")).path))
+        val localAttestationConfig = AttestationConfig.Builder()
+                .setSupportedRatSuite(arrayOf("Dummy"))
+                .setExpectedRatSuite(arrayOf("Dummy"))
+                .setRatTimeoutDelay(300)
+                .build()
+
+
+        val settings = Idscp2Configuration.Builder()
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
                 .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
                 .setCertificateAlias("1.0.1")
                 .setDapsKeyAlias("1")
-                .setRatTimeoutDelay(300)
+                .setAckTimeoutDelay(1)
+                .setHandshakeTimeoutDelay(5)
+                .setAttestationConfig(localAttestationConfig)
                 .build()
+
         val initiator = Idscp2ClientInitiator()
         initiator.init(settings)
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
index 15d9b0370..625a0d46b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
@@ -1,19 +1,28 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import java.nio.file.Paths
 import java.util.*
 
 object RunTLSServer {
     @JvmStatic
     fun main(argv: Array<String>) {
-        val settings = Idscp2Settings.Builder()
+
+        val localAttestationConfig = AttestationConfig.Builder()
+                .setSupportedRatSuite(arrayOf("Dummy"))
+                .setExpectedRatSuite(arrayOf("Dummy"))
+                .setRatTimeoutDelay(300)
+                .build()
+
+        val settings = Idscp2Configuration.Builder()
                 .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
                 .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
                 .setCertificateAlias("1.0.1")
                 .setDapsKeyAlias("1")
-                .setRatTimeoutDelay(300)
+                .setAttestationConfig(localAttestationConfig)
                 .build()
+
         val initiator = Idscp2ServerInitiator()
         initiator.init(settings)
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
index fbae5e457..12f5b1dde 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import org.slf4j.LoggerFactory
@@ -16,15 +16,14 @@ import java.util.function.Consumer
  * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
  */
 class Idscp2ConnectionImpl(secureChannel: SecureChannel,
-                           settings: Idscp2Settings,
+                           configuration: Idscp2Configuration,
                            dapsDriver: DapsDriver): Idscp2Connection {
     private val fsm: FSM = FSM(
             this,
             secureChannel,
             dapsDriver,
-            settings.supportedAttestation.ratMechanisms,
-            settings.expectedAttestation.ratMechanisms,
-            settings.ratTimeoutDelay)
+            configuration.attestationConfig
+    )
     override val id: String = UUID.randomUUID().toString()
     private val connectionListeners = Collections.synchronizedSet(HashSet<Idscp2ConnectionListener>())
     private val messageListeners = Collections.synchronizedSet(HashSet<Idscp2MessageListener>())
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
index 21fb7cb55..b6b91e411 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
@@ -1,5 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.configuration
 
+import java.util.*
+
 /**
  * Attestation configuration class, containing attestation suite for supported / expected
  * attestation types
@@ -7,23 +9,51 @@ package de.fhg.aisec.ids.idscp2.idscp_core.configuration
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class AttestationConfig {
-    val ratMechanisms: Array<String>
+    lateinit var supportedAttestationSuite: Array<String>
+        private set
+    lateinit var expectedAttestationSuite: Array<String>
+        private set
+    var ratTimeoutDelay = DEFAULT_RAT_TIMEOUT_DELAY.toInt().toLong()
+        private set
+
+    class Builder {
+        private val config = AttestationConfig()
+
+        fun setSupportedRatSuite(suite: Array<String>): Builder {
+            config.supportedAttestationSuite = suite
+            return this
+        }
+
+        fun setExpectedRatSuite(suite: Array<String>): Builder {
+            config.expectedAttestationSuite = suite
+            return this
+        }
+
+        fun setRatTimeoutDelay(delay: Long): Builder {
+            config.ratTimeoutDelay = delay
+            return this
+        }
+
+        fun build(): AttestationConfig {
+            return config
+        }
+    }
+
     override fun equals(other: Any?): Boolean {
         if (this === other) return true
         if (other == null || javaClass != other.javaClass) return false
         val that = other as AttestationConfig
-        return ratMechanisms.contentEquals(that.ratMechanisms)
+        return supportedAttestationSuite.contentEquals(that.supportedAttestationSuite) &&
+                expectedAttestationSuite.contentEquals(that.expectedAttestationSuite) &&
+                ratTimeoutDelay == that.ratTimeoutDelay
     }
 
     override fun hashCode(): Int {
-        return ratMechanisms.contentHashCode()
+        return Objects.hash(supportedAttestationSuite.contentHashCode(),
+                expectedAttestationSuite.contentHashCode(), ratTimeoutDelay)
     }
 
     companion object {
-        val DEFAULT_RAT_MECHANISMS = arrayOf("Dummy", "TPM2d")
-    }
-
-    init {
-        ratMechanisms = DEFAULT_RAT_MECHANISMS
+        const val DEFAULT_RAT_TIMEOUT_DELAY = "600"
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt
new file mode 100644
index 000000000..41011be63
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt
@@ -0,0 +1,167 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.configuration
+
+import java.nio.file.Path
+import java.nio.file.Paths
+import java.util.*
+
+/**
+ * IDSCP2 configuration class, contains information about keyStore and TrustStores,
+ * Attestation Types, host, DAPS, ...
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Idscp2Configuration {
+    var serverPort = DEFAULT_SERVER_PORT
+        private set
+    var host = "localhost"
+        private set
+    var trustStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
+        private set
+    var trustStorePassword = "password".toCharArray()
+        private set
+    var keyPassword = "password".toCharArray()
+        private set
+    var keyStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
+        private set
+    var keyStorePassword = "password".toCharArray()
+        private set
+    var certificateAlias = "1.0.1"
+        private set
+    var dapsKeyAlias = "1"
+        private set
+    var keyStoreKeyType = "RSA"
+        private set
+    lateinit var attestationConfig: AttestationConfig
+        private set
+    var handshakeTimeoutDelay = DEFAULT_HANDSHAKE_TIMEOUT_DELAY.toInt().toLong()
+        private set
+    var ackTimeoutDelay = DEFAULT_ACK_TIMEOUT_DELAY.toInt().toLong()
+        private set
+
+    class Builder {
+        private val settings = Idscp2Configuration()
+        fun setHost(host: String): Builder {
+            settings.host = host
+            return this
+        }
+
+        fun setServerPort(serverPort: Int): Builder {
+            settings.serverPort = serverPort
+            return this
+        }
+
+        fun setKeyPassword(pwd: CharArray): Builder {
+            settings.keyPassword = pwd
+            return this
+        }
+
+        fun setTrustStorePath(path: Path): Builder {
+            settings.trustStorePath = path
+            return this
+        }
+
+        fun setKeyStorePath(path: Path): Builder {
+            settings.keyStorePath = path
+            return this
+        }
+
+        fun setTrustStorePassword(pwd: CharArray): Builder {
+            settings.trustStorePassword = pwd
+            return this
+        }
+
+        fun setKeyStorePassword(pwd: CharArray): Builder {
+            settings.keyStorePassword = pwd
+            return this
+        }
+
+        fun setCertificateAlias(alias: String): Builder {
+            settings.certificateAlias = alias
+            return this
+        }
+
+        fun setDapsKeyAlias(alias: String): Builder {
+            settings.dapsKeyAlias = alias
+            return this
+        }
+
+        fun setKeyStoreKeyType(keyType: String): Builder {
+            settings.keyStoreKeyType = keyType
+            return this
+        }
+
+        fun setAttestationConfig(config: AttestationConfig): Builder {
+            settings.attestationConfig = config
+            return this
+        }
+
+        fun setHandshakeTimeoutDelay(delay: Long): Builder {
+            settings.handshakeTimeoutDelay = delay
+            return this
+        }
+
+        fun setAckTimeoutDelay(delay: Long): Builder {
+            settings.ackTimeoutDelay = delay
+            return this
+        }
+
+        fun build(): Idscp2Configuration {
+            return settings
+        }
+    }
+
+    override fun equals(other: Any?): Boolean {
+        if (this === other) return true
+        if (javaClass != other?.javaClass) return false
+
+        other as Idscp2Configuration
+
+        if (serverPort != other.serverPort) return false
+        if (host != other.host) return false
+        if (trustStorePath != other.trustStorePath) return false
+        if (!trustStorePassword.contentEquals(other.trustStorePassword)) return false
+        if (!keyPassword.contentEquals(other.keyPassword)) return false
+        if (keyStorePath != other.keyStorePath) return false
+        if (!keyStorePassword.contentEquals(other.keyStorePassword)) return false
+        if (certificateAlias != other.certificateAlias) return false
+        if (dapsKeyAlias != other.dapsKeyAlias) return false
+        if (keyStoreKeyType != other.keyStoreKeyType) return false
+        if (attestationConfig != other.attestationConfig) return false
+        if (handshakeTimeoutDelay != other.handshakeTimeoutDelay) return false
+        if (ackTimeoutDelay != other.ackTimeoutDelay) return false
+
+        return true
+    }
+
+    override fun hashCode(): Int {
+        var result = serverPort
+        result = 31 * result + host.hashCode()
+        result = 31 * result + trustStorePath.hashCode()
+        result = 31 * result + trustStorePassword.contentHashCode()
+        result = 31 * result + keyPassword.contentHashCode()
+        result = 31 * result + keyStorePath.hashCode()
+        result = 31 * result + keyStorePassword.contentHashCode()
+        result = 31 * result + certificateAlias.hashCode()
+        result = 31 * result + dapsKeyAlias.hashCode()
+        result = 31 * result + keyStoreKeyType.hashCode()
+        result = 31 * result + attestationConfig.hashCode()
+        result = 31 * result + handshakeTimeoutDelay.hashCode()
+        result = 31 * result + ackTimeoutDelay.hashCode()
+        return result
+    }
+
+    override fun toString(): String {
+        return "Idscp2Configuration(serverPort=$serverPort, host='$host', trustStorePath=$trustStorePath, " +
+                "trustStorePassword=${trustStorePassword.contentToString()}, " +
+                "keyStorePath=$keyStorePath, keyStorePassword=${keyStorePassword.contentToString()}, " +
+                "certificateAlias='$certificateAlias', dapsKeyAlias='$dapsKeyAlias', " +
+                "keyStoreKeyType='$keyStoreKeyType', attestationConfig=$attestationConfig, " +
+                "handshakeTimeoutDelay=$handshakeTimeoutDelay, ackTimeoutDelay=$ackTimeoutDelay)"
+    }
+
+    companion object {
+        const val DEFAULT_SERVER_PORT = 29292
+        const val DEFAULT_ACK_TIMEOUT_DELAY = "1"
+        const val DEFAULT_HANDSHAKE_TIMEOUT_DELAY = "5"
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
index de518b033..12b59d03d 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
@@ -18,9 +18,9 @@ import java.util.concurrent.CompletableFuture
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class Idscp2ServerFactory<CC: Idscp2Connection>(
-        private val connectionFactory: (SecureChannel, Idscp2Settings, DapsDriver) -> CC,
+        private val connectionFactory: (SecureChannel, Idscp2Configuration, DapsDriver) -> CC,
         private val endpointListener: Idscp2EndpointListener<CC>,
-        private val settings: Idscp2Settings,
+        private val configuration: Idscp2Configuration,
         private val dapsDriver: DapsDriver,
         private val secureChannelDriver: SecureChannelDriver<CC>
 ) : SecureChannelInitListener<CC> {
@@ -30,9 +30,9 @@ class Idscp2ServerFactory<CC: Idscp2Connection>(
      */
     @Throws(Idscp2Exception::class)
     fun listen(): Idscp2Server<CC> {
-        LOG.info("Starting new IDSCP2 server at port {}", settings.serverPort)
+        LOG.info("Starting new IDSCP2 server at port {}", configuration.serverPort)
         val serverListenerPromise = CompletableFuture<ServerConnectionListener<CC>>()
-        val secureServer = secureChannelDriver.listen(settings, this, serverListenerPromise)
+        val secureServer = secureChannelDriver.listen(configuration, this, serverListenerPromise)
         val server = Idscp2Server<CC>(secureServer)
         serverListenerPromise.complete(server)
         return server
@@ -53,7 +53,7 @@ class Idscp2ServerFactory<CC: Idscp2Connection>(
                                  serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>) {
         LOG.trace("A new secure channel for an IDSCP2 connection was established")
         // Threads calling onMessage() will be blocked until all listeners have been registered, see below
-        val newConnection = connectionFactory(secureChannel, settings, dapsDriver)
+        val newConnection = connectionFactory(secureChannel, configuration, dapsDriver)
         // Complete the connection promise for the IDSCP server
         serverListenerPromise.thenAccept { serverListener: ServerConnectionListener<CC> ->
             serverListener.onConnectionCreated(newConnection)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt
deleted file mode 100644
index d6dcf934b..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Settings.kt
+++ /dev/null
@@ -1,151 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration
-
-import java.nio.file.Path
-import java.nio.file.Paths
-import java.util.*
-
-/**
- * IDSCP2 configuration class, contains information about keyStore and TrustStores,
- * Attestation Types, host, DAPS, ...
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Idscp2Settings {
-    var serverPort = DEFAULT_SERVER_PORT
-        private set
-    var host = "localhost"
-        private set
-    var trustStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
-        private set
-    var trustStorePassword = "password".toCharArray()
-        private set
-    var keyPassword = "password".toCharArray()
-        private set
-    var keyStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
-        private set
-    var keyStorePassword = "password".toCharArray()
-        private set
-    var certificateAlias = "1.0.1"
-        private set
-    var dapsKeyAlias = "1"
-        private set
-    var keyStoreKeyType = "RSA"
-        private set
-    var supportedAttestation = AttestationConfig()
-        private set
-    var expectedAttestation = AttestationConfig()
-        private set
-    var ratTimeoutDelay = DEFAULT_RAT_TIMEOUT_DELAY.toInt().toLong()
-        private set
-
-    class Builder {
-        private val settings = Idscp2Settings()
-        fun setHost(host: String): Builder {
-            settings.host = host
-            return this
-        }
-
-        fun setServerPort(serverPort: Int): Builder {
-            settings.serverPort = serverPort
-            return this
-        }
-
-        fun setKeyPassword(pwd: CharArray): Builder {
-            settings.keyPassword = pwd
-            return this
-        }
-
-        fun setTrustStorePath(path: Path): Builder {
-            settings.trustStorePath = path
-            return this
-        }
-
-        fun setKeyStorePath(path: Path): Builder {
-            settings.keyStorePath = path
-            return this
-        }
-
-        fun setTrustStorePassword(pwd: CharArray): Builder {
-            settings.trustStorePassword = pwd
-            return this
-        }
-
-        fun setKeyStorePassword(pwd: CharArray): Builder {
-            settings.keyStorePassword = pwd
-            return this
-        }
-
-        fun setCertificateAlias(alias: String): Builder {
-            settings.certificateAlias = alias
-            return this
-        }
-
-        fun setDapsKeyAlias(alias: String): Builder {
-            settings.dapsKeyAlias = alias
-            return this
-        }
-
-        fun setKeyStoreKeyType(keyType: String): Builder {
-            settings.keyStoreKeyType = keyType
-            return this
-        }
-
-        fun setSupportedAttestation(suite: AttestationConfig): Builder {
-            settings.supportedAttestation = suite
-            return this
-        }
-
-        fun setExpectedAttestation(suite: AttestationConfig): Builder {
-            settings.expectedAttestation = suite
-            return this
-        }
-
-        fun setRatTimeoutDelay(delay: Long): Builder {
-            settings.ratTimeoutDelay = delay
-            return this
-        }
-
-        fun build(): Idscp2Settings {
-            return settings
-        }
-    }
-
-    override fun equals(other: Any?): Boolean {
-        if (this === other) return true
-        if (other == null || javaClass != other.javaClass) return false
-        val that = other as Idscp2Settings
-        return serverPort == that.serverPort && ratTimeoutDelay == that.ratTimeoutDelay &&
-                host == that.host &&
-                trustStorePath == that.trustStorePath &&
-                trustStorePassword.contentEquals(that.trustStorePassword) &&
-                keyStorePath == that.keyStorePath &&
-                keyStorePassword.contentEquals(that.keyStorePassword) &&
-                certificateAlias == that.certificateAlias &&
-                dapsKeyAlias == that.dapsKeyAlias &&
-                keyStoreKeyType == that.keyStoreKeyType &&
-                supportedAttestation == that.supportedAttestation &&
-                expectedAttestation == that.expectedAttestation
-    }
-
-    override fun hashCode(): Int {
-        return Objects.hash(serverPort, host, trustStorePath, trustStorePassword, keyStorePath,
-                keyStorePassword, certificateAlias, dapsKeyAlias, keyStoreKeyType, supportedAttestation,
-                expectedAttestation, ratTimeoutDelay)
-    }
-
-    override fun toString(): String {
-        return "Idscp2Settings(serverPort=$serverPort, host='$host', trustStorePath=$trustStorePath, " +
-                "trustStorePassword=${trustStorePassword.contentToString()}, " +
-                "keyPassword=${keyPassword.contentToString()}, keyStorePath=$keyStorePath, " +
-                "keyStorePassword=${keyStorePassword.contentToString()}, certificateAlias='$certificateAlias', " +
-                "dapsKeyAlias='$dapsKeyAlias', keyStoreKeyType='$keyStoreKeyType', " +
-                "supportedAttestation=$supportedAttestation, expectedAttestation=$expectedAttestation, " +
-                "ratTimeoutDelay=$ratTimeoutDelay)"
-    }
-
-
-    companion object {
-        const val DEFAULT_SERVER_PORT = 29292
-        const val DEFAULT_RAT_TIMEOUT_DELAY = "600"
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index ed7b90d8e..ad7b47e32 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -8,6 +8,7 @@ import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
@@ -28,7 +29,7 @@ import java.util.concurrent.locks.ReentrantLock
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver: DapsDriver,
-          localSupportedRatSuite: Array<String>, localExpectedRatSuite: Array<String>, ratTimeout: Long) : FsmListener {
+          attestationConfig: AttestationConfig) : FsmListener {
     /*  -----------   IDSCP2 Protocol States   ---------- */
     private val states = HashMap<FsmState, State>()
 
@@ -557,7 +558,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         get() = bufferedIdscpData
 
     fun setAckFlag(value: Boolean) {
-        this.ackFlag = value;
+        this.ackFlag = value
         if (!value) {
             this.bufferedIdscpData = null
         }
@@ -606,15 +607,15 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
 
         /* ------------- FSM STATE Initialization -------------*/
         states[FsmState.STATE_CLOSED] = StateClosed(
-                this, dapsDriver, onMessageBlock, localSupportedRatSuite, localExpectedRatSuite)
+                this, dapsDriver, onMessageBlock, attestationConfig)
         states[FsmState.STATE_WAIT_FOR_HELLO] = StateWaitForHello(
-                this, handshakeTimer, datTimer, dapsDriver, localSupportedRatSuite, localExpectedRatSuite)
+                this, handshakeTimer, datTimer, dapsDriver, attestationConfig)
         states[FsmState.STATE_WAIT_FOR_RAT] = StateWaitForRat(
-                this, handshakeTimer, verifierHandshakeTimer, proverHandshakeTimer, ratTimer, ratTimeout, dapsDriver)
+                this, handshakeTimer, verifierHandshakeTimer, proverHandshakeTimer, ratTimer, attestationConfig.ratTimeoutDelay, dapsDriver)
         states[FsmState.STATE_WAIT_FOR_RAT_PROVER] = StateWaitForRatProver(
                 this, ratTimer, handshakeTimer, proverHandshakeTimer, dapsDriver, ackTimer)
         states[FsmState.STATE_WAIT_FOR_RAT_VERIFIER] = StateWaitForRatVerifier(
-                this, dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, ratTimeout, ackTimer)
+                this, dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, attestationConfig.ratTimeoutDelay, ackTimer)
         states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT] = StateWaitForDatAndRat(
                 this, handshakeTimer, proverHandshakeTimer, datTimer, dapsDriver)
         states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER] = StateWaitForDatAndRatVerifier(
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
index d9dd86a27..8852cb301 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
@@ -2,6 +2,7 @@ package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import org.slf4j.LoggerFactory
 import java.util.*
@@ -24,8 +25,7 @@ import java.util.stream.Collectors
 internal class StateClosed(fsm: FSM,
                            dapsDriver: DapsDriver,
                            onMessageLock: Condition,
-                           localSupportedRatSuite: Array<String>,
-                           localExpectedRatSuite: Array<String>) : State() {
+                           attestationConfig: AttestationConfig) : State() {
 
     private fun runExitCode(onMessageLock: Condition) {
         //State Closed exit code
@@ -55,7 +55,11 @@ internal class StateClosed(fsm: FSM,
             LOG.debug("Get DAT Token vom DAT_DRIVER")
             val dat = dapsDriver.token
             LOG.debug("Send IDSCP_HELLO")
-            val idscpHello = Idscp2MessageHelper.createIdscpHelloMessage(dat, localSupportedRatSuite, localExpectedRatSuite)
+            val idscpHello = Idscp2MessageHelper.createIdscpHelloMessage(
+                    dat,
+                    attestationConfig.supportedAttestationSuite,
+                    attestationConfig.expectedAttestationSuite
+            )
             if (!fsm.sendFromFSM(idscpHello)) {
                 LOG.error("Cannot send IdscpHello. Close connection")
                 runEntryCode(fsm)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index 65187e725..eb54f9e16 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -2,6 +2,7 @@ package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
@@ -22,8 +23,7 @@ class StateWaitForHello(fsm: FSM,
                         private val handshakeTimer: Timer,
                         datTimer: Timer,
                         dapsDriver: DapsDriver,
-                        localSupportedRatSuite: Array<String>,
-                        localExpectedRatSuite: Array<String>) : State() {
+                        attestationConfig: AttestationConfig) : State() {
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_WAIT_FOR_HELLO")
         LOG.debug("Set handshake timeout to 5 seconds")
@@ -75,9 +75,9 @@ class StateWaitForHello(fsm: FSM,
                     val idscpHello = event.idscpMessage.idscpHello
                     LOG.debug("Received IDSCP_HELLO")
                     LOG.debug("Calculate Rat mechanisms")
-                    val proverMechanism = fsm.getRatProverMechanism(localSupportedRatSuite,
+                    val proverMechanism = fsm.getRatProverMechanism(attestationConfig.supportedAttestationSuite,
                             idscpHello.expectedRatSuiteList.toTypedArray())
-                    val verifierMechanism = fsm.getRatVerifierMechanism(localExpectedRatSuite,
+                    val verifierMechanism = fsm.getRatVerifierMechanism(attestationConfig.expectedAttestationSuite,
                             idscpHello.supportedRatSuiteList.toTypedArray())
                     LOG.debug("Verify received DAT")
                     //check if Dat is available and verify dat
diff --git a/idscp2/src/test/java/RatDriverTest.java b/idscp2/src/test/java/RatDriverTest.java
index 4fb42c854..599a6bb89 100644
--- a/idscp2/src/test/java/RatDriverTest.java
+++ b/idscp2/src/test/java/RatDriverTest.java
@@ -1,5 +1,6 @@
 import org.junit.Test;
-import static org.junit.Assert.*;
+
+import static org.junit.Assert.assertTrue;
 
 public class RatDriverTest {
 

From edad6fb8c54a302cc1e83d5522c9944c37bc6796 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Sun, 15 Nov 2020 12:36:50 +0100
Subject: [PATCH 178/237] Add NullDaps

---
 .../default_driver_impl/daps/NullDaps.kt       | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/NullDaps.kt

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/NullDaps.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/NullDaps.kt
new file mode 100644
index 000000000..dfc1e2daa
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/NullDaps.kt
@@ -0,0 +1,18 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+
+/**
+ * NullDaps for testing purpose only
+ */
+class NullDaps : DapsDriver {
+
+    override val token: ByteArray
+        get() =  "This dummy token is generated by 'NullDAPS' driver! Do not depend on it!".toByteArray()
+
+    override fun verifyToken(dat: ByteArray, securityRequirements: Any?): Long {
+        return 100 // DA is always valid for 100 seconds
+    }
+
+
+}
\ No newline at end of file

From 26ee886cbf4f6a926af1dc3ee53c54c3808fef06 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Sun, 15 Nov 2020 13:23:57 +0100
Subject: [PATCH 179/237] Add a static timer for fixed delay, make delay unit
 milliseconds

Conflicts:
	idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt
---
 .../aisec/ids/idscp2/example/RunTLSClient.kt  |  7 ++-
 .../aisec/ids/idscp2/example/RunTLSServer.kt  |  2 +-
 .../idscp2/idscp_core/Idscp2ConnectionImpl.kt |  4 +-
 .../configuration/AttestationConfig.kt        |  4 +-
 .../configuration/Idscp2Configuration.kt      |  9 ++--
 .../fsm/{Timer.kt => DynamicTimer.kt}         |  5 ++-
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 36 +++++++--------
 .../idscp2/idscp_core/fsm/StateEstablished.kt | 10 ++---
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  | 12 ++---
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   |  8 ++--
 .../fsm/StateWaitForDatAndRatVerifier.kt      |  6 +--
 .../idscp_core/fsm/StateWaitForHello.kt       |  8 ++--
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  | 13 +++---
 .../idscp_core/fsm/StateWaitForRatProver.kt   | 12 ++---
 .../idscp_core/fsm/StateWaitForRatVerifier.kt | 15 +++----
 .../ids/idscp2/idscp_core/fsm/StaticTimer.kt  | 44 +++++++++++++++++++
 .../ids/idscp2/idscp_core/fsm/TimerThread.kt  |  6 +--
 17 files changed, 122 insertions(+), 79 deletions(-)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/{Timer.kt => DynamicTimer.kt} (78%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
index ae6508e6d..5de3438a5 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
@@ -11,17 +11,16 @@ object RunTLSClient {
         val localAttestationConfig = AttestationConfig.Builder()
                 .setSupportedRatSuite(arrayOf("Dummy"))
                 .setExpectedRatSuite(arrayOf("Dummy"))
-                .setRatTimeoutDelay(300)
+                .setRatTimeoutDelay(300 * 1000) // 300 seconds
                 .build()
 
-
         val settings = Idscp2Configuration.Builder()
                 .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
                 .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
                 .setCertificateAlias("1.0.1")
                 .setDapsKeyAlias("1")
-                .setAckTimeoutDelay(1)
-                .setHandshakeTimeoutDelay(5)
+                .setAckTimeoutDelay(500) //  500 ms
+                .setHandshakeTimeoutDelay(5 * 1000) // 5 seconds
                 .setAttestationConfig(localAttestationConfig)
                 .build()
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
index 625a0d46b..ccab734b2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
@@ -12,7 +12,7 @@ object RunTLSServer {
         val localAttestationConfig = AttestationConfig.Builder()
                 .setSupportedRatSuite(arrayOf("Dummy"))
                 .setExpectedRatSuite(arrayOf("Dummy"))
-                .setRatTimeoutDelay(300)
+                .setRatTimeoutDelay(300 * 1000) // 300 seconds
                 .build()
 
         val settings = Idscp2Configuration.Builder()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
index 12f5b1dde..6d6941f54 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
@@ -22,7 +22,9 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
             this,
             secureChannel,
             dapsDriver,
-            configuration.attestationConfig
+            configuration.attestationConfig,
+            configuration.ackTimeoutDelay,
+            configuration.handshakeTimeoutDelay
     )
     override val id: String = UUID.randomUUID().toString()
     private val connectionListeners = Collections.synchronizedSet(HashSet<Idscp2ConnectionListener>())
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
index b6b91e411..b9898da92 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
@@ -13,7 +13,7 @@ class AttestationConfig {
         private set
     lateinit var expectedAttestationSuite: Array<String>
         private set
-    var ratTimeoutDelay = DEFAULT_RAT_TIMEOUT_DELAY.toInt().toLong()
+    var ratTimeoutDelay = DEFAULT_RAT_TIMEOUT_DELAY.toInt().toLong() // in ms
         private set
 
     class Builder {
@@ -54,6 +54,6 @@ class AttestationConfig {
     }
 
     companion object {
-        const val DEFAULT_RAT_TIMEOUT_DELAY = "600"
+        const val DEFAULT_RAT_TIMEOUT_DELAY = "600000" // in ms: 600 seconds
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt
index 41011be63..5c789f070 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt
@@ -2,7 +2,6 @@ package de.fhg.aisec.ids.idscp2.idscp_core.configuration
 
 import java.nio.file.Path
 import java.nio.file.Paths
-import java.util.*
 
 /**
  * IDSCP2 configuration class, contains information about keyStore and TrustStores,
@@ -33,9 +32,9 @@ class Idscp2Configuration {
         private set
     lateinit var attestationConfig: AttestationConfig
         private set
-    var handshakeTimeoutDelay = DEFAULT_HANDSHAKE_TIMEOUT_DELAY.toInt().toLong()
+    var handshakeTimeoutDelay = DEFAULT_HANDSHAKE_TIMEOUT_DELAY.toInt().toLong() //in ms
         private set
-    var ackTimeoutDelay = DEFAULT_ACK_TIMEOUT_DELAY.toInt().toLong()
+    var ackTimeoutDelay = DEFAULT_ACK_TIMEOUT_DELAY.toInt().toLong() //in ms
         private set
 
     class Builder {
@@ -161,7 +160,7 @@ class Idscp2Configuration {
 
     companion object {
         const val DEFAULT_SERVER_PORT = 29292
-        const val DEFAULT_ACK_TIMEOUT_DELAY = "1"
-        const val DEFAULT_HANDSHAKE_TIMEOUT_DELAY = "5"
+        const val DEFAULT_ACK_TIMEOUT_DELAY = "200" // (in ms)
+        const val DEFAULT_HANDSHAKE_TIMEOUT_DELAY = "5000" // (in ms)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Timer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt
similarity index 78%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Timer.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt
index 788276ddf..fe24ed341 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Timer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt
@@ -3,12 +3,13 @@ package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 import java.util.concurrent.locks.ReentrantLock
 
 /**
- * A Timer class that provides an API to the FSN to start and cancel timeout threads
+ * A DynamicTimer class that provides an API to the FSM to start and cancel timeout threads
+ * without a fixed timeout delay (in ms)
  * The timer ensures that no canceled timer is able to trigger a timeout transitions
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class Timer internal constructor(private val fsmIsBusy: ReentrantLock, private val timeoutHandler: Runnable) {
+class DynamicTimer internal constructor(private val fsmIsBusy: ReentrantLock, private val timeoutHandler: Runnable) {
     private var thread: TimerThread? = null
     private val mutex = ReentrantLock(true)
     fun resetTimeout(delay: Long) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index ad7b47e32..489eaf111 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -29,7 +29,7 @@ import java.util.concurrent.locks.ReentrantLock
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver: DapsDriver,
-          attestationConfig: AttestationConfig) : FsmListener {
+          attestationConfig: AttestationConfig, ackTimeoutDelay: Long, handshakeTimeoutDelay: Long) : FsmListener {
     /*  -----------   IDSCP2 Protocol States   ---------- */
     private val states = HashMap<FsmState, State>()
 
@@ -102,13 +102,13 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     private var ackFlag = false
     private var bufferedIdscpData: IdscpMessage? = null
 
-    /* ---------------------- Timer ---------------------- */
-    private val datTimer: Timer
-    private val ratTimer: Timer
-    private val handshakeTimer: Timer
-    private val proverHandshakeTimer: Timer
-    private val verifierHandshakeTimer: Timer
-    private val ackTimer: Timer
+    /* ---------------------- Timers ---------------------- */
+    private val datTimer: DynamicTimer
+    private val ratTimer: StaticTimer
+    private val handshakeTimer: StaticTimer
+    private val proverHandshakeTimer: StaticTimer
+    private val verifierHandshakeTimer: StaticTimer
+    private val ackTimer: StaticTimer
 
     private fun checkForFsmCycles() {
         // check if current thread holds already the fsm lock, then we have a circle
@@ -435,7 +435,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
             //safe the thread ID
             currentRatVerifierId = ratVerifierDriver!!.id.toString()
             LOG.debug("Start verifier_handshake timeout")
-            verifierHandshakeTimer.resetTimeout(5)
+            verifierHandshakeTimer.resetTimeout()
             true
         }
     }
@@ -471,7 +471,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
             //safe the thread ID
             currentRatProverId = ratProverDriver!!.id.toString()
             LOG.debug("Start prover_handshake timeout")
-            proverHandshakeTimer.resetTimeout(5)
+            proverHandshakeTimer.resetTimeout()
             true
         }
     }
@@ -598,12 +598,12 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
             onControlMessage(InternalControlMessage.ACK_TIMER_EXPIRED)
         }
 
-        handshakeTimer = Timer(fsmIsBusy, handshakeTimeoutHandler)
-        datTimer = Timer(fsmIsBusy, datTimeoutHandler)
-        ratTimer = Timer(fsmIsBusy, ratTimeoutHandler)
-        proverHandshakeTimer = Timer(fsmIsBusy, proverTimeoutHandler)
-        verifierHandshakeTimer = Timer(fsmIsBusy, verifierTimeoutHandler)
-        ackTimer = Timer(fsmIsBusy, ackTimeoutHandler)
+        datTimer = DynamicTimer(fsmIsBusy, datTimeoutHandler)
+        handshakeTimer = StaticTimer(fsmIsBusy, handshakeTimeoutHandler, handshakeTimeoutDelay)
+        proverHandshakeTimer = StaticTimer(fsmIsBusy, proverTimeoutHandler, handshakeTimeoutDelay)
+        verifierHandshakeTimer = StaticTimer(fsmIsBusy, verifierTimeoutHandler, handshakeTimeoutDelay)
+        ratTimer = StaticTimer(fsmIsBusy, ratTimeoutHandler, attestationConfig.ratTimeoutDelay)
+        ackTimer = StaticTimer(fsmIsBusy, ackTimeoutHandler, ackTimeoutDelay)
 
         /* ------------- FSM STATE Initialization -------------*/
         states[FsmState.STATE_CLOSED] = StateClosed(
@@ -611,11 +611,11 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         states[FsmState.STATE_WAIT_FOR_HELLO] = StateWaitForHello(
                 this, handshakeTimer, datTimer, dapsDriver, attestationConfig)
         states[FsmState.STATE_WAIT_FOR_RAT] = StateWaitForRat(
-                this, handshakeTimer, verifierHandshakeTimer, proverHandshakeTimer, ratTimer, attestationConfig.ratTimeoutDelay, dapsDriver)
+                this, handshakeTimer, verifierHandshakeTimer, proverHandshakeTimer, ratTimer, dapsDriver)
         states[FsmState.STATE_WAIT_FOR_RAT_PROVER] = StateWaitForRatProver(
                 this, ratTimer, handshakeTimer, proverHandshakeTimer, dapsDriver, ackTimer)
         states[FsmState.STATE_WAIT_FOR_RAT_VERIFIER] = StateWaitForRatVerifier(
-                this, dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, attestationConfig.ratTimeoutDelay, ackTimer)
+                this, dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, ackTimer)
         states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT] = StateWaitForDatAndRat(
                 this, handshakeTimer, proverHandshakeTimer, datTimer, dapsDriver)
         states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER] = StateWaitForDatAndRatVerifier(
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
index b3f74dd86..a888c2984 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -16,9 +16,9 @@ import java.util.function.Function
  */
 class StateEstablished(fsm: FSM,
                        dapsDriver: DapsDriver,
-                       ratTimer: Timer,
-                       handshakeTimer: Timer,
-                       ackTimer: Timer) : State() {
+                       ratTimer: StaticTimer,
+                       handshakeTimer: StaticTimer,
+                       ackTimer: StaticTimer) : State() {
 
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_ESTABLISHED")
@@ -63,7 +63,7 @@ class StateEstablished(fsm: FSM,
                         //Set Ack Flag
                         fsm.setAckFlag(true)
                         fsm.setBufferedIdscpData(it.idscpMessage)
-                        ackTimer.start(1)
+                        ackTimer.start()
                         return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
                     } else {
                         LOG.warn("Cannot send IdscpData, shutdown FSM")
@@ -95,7 +95,7 @@ class StateEstablished(fsm: FSM,
                         return@Function fsm.getState(FsmState.STATE_CLOSED)
                     }
                     LOG.debug("Set handshake timeout")
-                    handshakeTimer.resetTimeout(5)
+                    handshakeTimer.resetTimeout()
                     fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
                 }
         ))
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
index e0c500910..6d93a2853 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
@@ -15,10 +15,10 @@ import java.util.function.Function
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class StateWaitForAck(fsm: FSM,
-                       dapsDriver: DapsDriver,
-                       ratTimer: Timer,
-                       handshakeTimer: Timer,
-                       ackTimer: Timer) : State() {
+                      dapsDriver: DapsDriver,
+                      ratTimer: StaticTimer,
+                      handshakeTimer: StaticTimer,
+                      ackTimer: StaticTimer) : State() {
 
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_WAIT_FOR_ACK")
@@ -87,7 +87,7 @@ class StateWaitForAck(fsm: FSM,
                         return@Function fsm.getState(FsmState.STATE_CLOSED)
                     }
                     LOG.debug("Set handshake timeout")
-                    handshakeTimer.resetTimeout(5)
+                    handshakeTimer.resetTimeout()
                     fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
                 }
         ))
@@ -95,7 +95,7 @@ class StateWaitForAck(fsm: FSM,
                 Function {
                     LOG.debug("ACK_timeout occurred. Send buffered IdscpData again")
                     if (fsm.getBufferedIdscpMessage != null || fsm.sendFromFSM(fsm.getBufferedIdscpMessage)) {
-                        ackTimer.start(1)
+                        ackTimer.start()
                         return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
                     } else {
                         LOG.warn("Cannot send IdscpData, shutdown FSM")
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index 22ff96ab2..d6461b4a1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -17,9 +17,9 @@ import java.util.function.Function
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class StateWaitForDatAndRat(fsm: FSM,
-                            handshakeTimer: Timer,
-                            proverHandshakeTimer: Timer,
-                            datTimer: Timer,
+                            handshakeTimer: StaticTimer,
+                            proverHandshakeTimer: StaticTimer,
+                            datTimer: DynamicTimer,
                             dapsDriver: DapsDriver
 ) : State() {
     override fun runEntryCode(fsm: FSM) {
@@ -106,7 +106,7 @@ class StateWaitForDatAndRat(fsm: FSM,
                         return@Function fsm.getState(FsmState.STATE_CLOSED)
                     }
                     LOG.debug("Remote DAT is valid. Set dat timeout")
-                    datTimer.resetTimeout(datValidityPeriod)
+                    datTimer.resetTimeout(datValidityPeriod * 1000)
                     //start RAT Verifier
                     if (!fsm.restartRatVerifierDriver()) {
                         LOG.error("Cannot run Rat verifier, close idscp connection")
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index 1853bc994..3d3b0f54b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -17,8 +17,8 @@ import java.util.function.Function
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class StateWaitForDatAndRatVerifier(fsm: FSM,
-                                    handshakeTimer: Timer,
-                                    datTimer: Timer,
+                                    handshakeTimer: StaticTimer,
+                                    datTimer: DynamicTimer,
                                     dapsDriver: DapsDriver) : State() {
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER")
@@ -78,7 +78,7 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                 return@Function fsm.getState(FsmState.STATE_CLOSED)
             }
             LOG.debug("Remote DAT is valid. Set dat timeout")
-            datTimer.resetTimeout(datValidityPeriod)
+            datTimer.resetTimeout(datValidityPeriod * 1000)
             //start RAT Verifier
             if (!fsm.restartRatVerifierDriver()) {
                 LOG.error("Cannot run Rat verifier, close idscp connection")
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index eb54f9e16..8fdbdaa59 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -20,14 +20,14 @@ import java.util.function.Function
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class StateWaitForHello(fsm: FSM,
-                        private val handshakeTimer: Timer,
-                        datTimer: Timer,
+                        private val handshakeTimer: StaticTimer,
+                        datTimer: DynamicTimer,
                         dapsDriver: DapsDriver,
                         attestationConfig: AttestationConfig) : State() {
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_WAIT_FOR_HELLO")
         LOG.debug("Set handshake timeout to 5 seconds")
-        handshakeTimer.resetTimeout(5)
+        handshakeTimer.resetTimeout()
     }
 
     companion object {
@@ -91,7 +91,7 @@ class StateWaitForHello(fsm: FSM,
                         return@Function fsm.getState(FsmState.STATE_CLOSED)
                     }
                     LOG.debug("Remote DAT is valid. Set dat timeout to its validity period")
-                    datTimer.resetTimeout(datValidityPeriod)
+                    datTimer.resetTimeout(datValidityPeriod * 1000)
                     fsm.setRatMechanisms(proverMechanism, verifierMechanism)
                     LOG.debug("Start RAT Prover and Verifier")
                     if (!fsm.restartRatVerifierDriver()) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index c6ee5388b..e4bbafbb3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -17,11 +17,10 @@ import java.util.function.Function
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class StateWaitForRat(fsm: FSM,
-                      handshakeTimer: Timer,
-                      verifierHandshakeTimer: Timer,
-                      proverHandshakeTimer: Timer,
-                      ratTimer: Timer,
-                      ratTimerDelay: Long,
+                      handshakeTimer: StaticTimer,
+                      verifierHandshakeTimer: StaticTimer,
+                      proverHandshakeTimer: StaticTimer,
+                      ratTimer: StaticTimer,
                       dapsDriver: DapsDriver) : State() {
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switch to state STATE_WAIT_FOR_RAT")
@@ -72,7 +71,7 @@ class StateWaitForRat(fsm: FSM,
         addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
             LOG.debug("Received RAT_VERIFIER OK")
             verifierHandshakeTimer.cancelTimeout()
-            ratTimer.resetTimeout(ratTimerDelay)
+            ratTimer.resetTimeout()
             fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
         })
         addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
@@ -118,7 +117,7 @@ class StateWaitForRat(fsm: FSM,
                         return@Function fsm.getState(FsmState.STATE_CLOSED)
                     }
                     LOG.debug("Start Handshake Timer")
-                    handshakeTimer.resetTimeout(5)
+                    handshakeTimer.resetTimeout()
                     fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
                 }
         ))
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index 2078a1fbb..ea3c6fe71 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -16,11 +16,11 @@ import java.util.function.Function
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class StateWaitForRatProver(fsm: FSM,
-                            ratTimer: Timer,
-                            handshakeTimer: Timer,
-                            proverHandshakeTimer: Timer,
+                            ratTimer: StaticTimer,
+                            handshakeTimer: StaticTimer,
+                            proverHandshakeTimer: StaticTimer,
                             dapsDriver: DapsDriver,
-                            ackTimer: Timer) : State() {
+                            ackTimer: StaticTimer) : State() {
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_WAIT_FOR_RAT_PROVER")
     }
@@ -74,7 +74,7 @@ class StateWaitForRatProver(fsm: FSM,
                         return@Function fsm.getState(FsmState.STATE_CLOSED)
                     }
                     LOG.debug("Start Handshake Timer")
-                    handshakeTimer.resetTimeout(5)
+                    handshakeTimer.resetTimeout()
                     fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
                 }
         ))
@@ -83,7 +83,7 @@ class StateWaitForRatProver(fsm: FSM,
                     LOG.debug("Received RAT_PROVER OK")
                     proverHandshakeTimer.cancelTimeout()
                     if (fsm.getAckFlag) {
-                        ackTimer.start(1)
+                        ackTimer.start()
                         return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
                     } else {
                         return@Function fsm.getState(FsmState.STATE_ESTABLISHED)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index d5895c4e8..b3ccd7f9f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -17,11 +17,10 @@ import java.util.function.Function
  */
 class StateWaitForRatVerifier(fsm: FSM,
                               dapsDriver: DapsDriver,
-                              ratTimer: Timer,
-                              handshakeTimer: Timer,
-                              verifierHandshakeTimer: Timer,
-                              ratTimeoutDelay: Long,
-                              ackTimer: Timer) : State() {
+                              ratTimer: StaticTimer,
+                              handshakeTimer: StaticTimer,
+                              verifierHandshakeTimer: StaticTimer,
+                              ackTimer: StaticTimer) : State() {
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_WAIT_FOR_RAT_VERIFIER")
     }
@@ -73,7 +72,7 @@ class StateWaitForRatVerifier(fsm: FSM,
                         return@Function fsm.getState(FsmState.STATE_CLOSED)
                     }
                     LOG.debug("Start Handshake Timer")
-                    handshakeTimer.resetTimeout(5)
+                    handshakeTimer.resetTimeout()
                     fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
                 }
         ))
@@ -82,9 +81,9 @@ class StateWaitForRatVerifier(fsm: FSM,
                     LOG.debug("Received RAT_VERIFIER OK")
                     verifierHandshakeTimer.cancelTimeout()
                     LOG.debug("Start RAT Timer")
-                    ratTimer.resetTimeout(ratTimeoutDelay)
+                    ratTimer.resetTimeout()
                     if (fsm.getAckFlag) {
-                        ackTimer.start(1)
+                        ackTimer.start()
                         return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
                     } else {
                         return@Function fsm.getState(FsmState.STATE_ESTABLISHED)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt
new file mode 100644
index 000000000..6eab0d1bc
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt
@@ -0,0 +1,44 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+import java.util.concurrent.locks.ReentrantLock
+
+/**
+ * A StaticTimer class that provides an API to the FSM to start and cancel timeout threads
+ * with a fixed timeout delay (in ms)
+ * The timer ensures that no canceled timer is able to trigger a timeout transitions
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class StaticTimer internal constructor(private val fsmIsBusy: ReentrantLock,
+                                       private val timeoutHandler: Runnable,
+                                       private val delay: Long) {
+    private var thread: TimerThread? = null
+    private val mutex = ReentrantLock(true)
+
+    fun resetTimeout() {
+        cancelTimeout()
+        start()
+    }
+
+    /*
+     * Start a timer thread that triggers the timeout handler routine after the static delay
+     */
+    fun start() {
+        mutex.lock()
+        thread = TimerThread(delay, timeoutHandler, fsmIsBusy)
+        thread!!.start()
+        mutex.unlock()
+    }
+
+    /*
+     * Cancel the current timer thread
+     */
+    fun cancelTimeout() {
+        mutex.lock()
+        if (thread != null) {
+            thread!!.safeStop()
+            thread = null
+        }
+        mutex.unlock()
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt
index 74d294550..7f34a4aa0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt
@@ -3,13 +3,13 @@ package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 import java.util.concurrent.locks.ReentrantLock
 
 /**
- * A Timer Thread that triggers timeouts in the fsm
+ * A Timer Thread that triggers timeouts (ms) in the fsm
  * The thread will only trigger the fsm if it has the fsm lock and the timeout
  * was not canceled before
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class TimerThread internal constructor(//timeout delay in seconds
+class TimerThread internal constructor(//timeout delay in milliseconds
         private val delay: Long, //timeout handler routine
         private val timeoutHandler: Runnable, //lock for the fsm
         private val fsmIsBusy: ReentrantLock) : Thread() {
@@ -27,7 +27,7 @@ class TimerThread internal constructor(//timeout delay in seconds
      */
     override fun run() {
         try {
-            sleep(delay * 1000)
+            sleep(delay)
         } catch (e: InterruptedException) {
             if (!canceled) {
                 currentThread().interrupt()

From ef1a9e7f344c2e1befbc900a4aca4fcc5679530e Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Sun, 15 Nov 2020 14:09:34 +0100
Subject: [PATCH 180/237] Add NullRat and RatDriver IDs

---
 .../idscp2/client/Idscp2ClientComponent.kt    |  8 ++--
 .../idscp2/client/Idscp2ClientEndpoint.kt     | 12 +++--
 .../idscp2/server/Idscp2ServerComponent.kt    |  8 ++--
 .../idscp2/server/Idscp2ServerEndpoint.kt     | 12 +++--
 .../rat/dummy/RatProverDummy.kt               |  1 +
 .../rat/dummy/RatVerifierDummy.kt             |  1 +
 .../rat/null/NullRatProver.kt                 | 44 +++++++++++++++++++
 .../rat/null/NullRatVerifier.kt               | 42 ++++++++++++++++++
 .../rat/tpm2d/TPM2dProver.kt                  |  1 +
 .../rat/tpm2d/TPM2dVerifier.kt                |  1 +
 .../idscp2/example/Idscp2ClientInitiator.kt   |  5 ++-
 .../idscp2/example/Idscp2ServerInitiator.kt   |  5 ++-
 .../aisec/ids/idscp2/example/RunTLSClient.kt  |  6 ++-
 .../aisec/ids/idscp2/example/RunTLSServer.kt  |  6 ++-
 14 files changed, 128 insertions(+), 24 deletions(-)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatProver.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatVerifier.kt

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
index 0dc502dae..f16b0f3d6 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
@@ -33,15 +33,15 @@ class Idscp2ClientComponent : DefaultComponent() {
 
     init {
         RatProverDriverRegistry.registerDriver(
-                "Dummy", ::RatProverDummy, null)
+                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
         RatVerifierDriverRegistry.registerDriver(
-                "Dummy", ::RatVerifierDummy, null)
+                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
         RatProverDriverRegistry.registerDriver(
-                "TPM2d", ::TPM2dProver,
+                TPM2dProver.TPM_RAT_PROVER_ID, ::TPM2dProver,
                 TPM2dProverConfig.Builder().build()
         )
         RatVerifierDriverRegistry.registerDriver(
-                "TPM2d", ::TPM2dVerifier,
+                TPM2dVerifier.TPM_RAT_VERIFIER_ID, ::TPM2dVerifier,
                 TPM2dVerifierConfig.Builder().build()
         )
     }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 89f1a0905..eaa9175fa 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -21,6 +21,10 @@ import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
@@ -61,8 +65,8 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
     var dapsKeyAlias: String? = null
     @UriParam(
             label = "security",
-            description = "The validity time of remote attestation and DAT in seconds",
-            defaultValue = "600"
+            description = "The validity time of remote attestation and DAT in milliseconds",
+            defaultValue = "600000"
     )
     var dapsRatTimeoutDelay: Long? = null
     @UriParam(
@@ -104,8 +108,8 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         val host = matchResult.group(1)
         val port = matchResult.group(2)?.toInt() ?: Idscp2Configuration.DEFAULT_SERVER_PORT
         val localAttestationConfig = AttestationConfig.Builder()
-                .setSupportedRatSuite(arrayOf("Dummy", "TPM2d"))
-                .setExpectedRatSuite(arrayOf("Dummy", "TPM2d"))
+                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID, TPM2dProver.TPM_RAT_PROVER_ID))
+                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, TPM2dVerifier.TPM_RAT_VERIFIER_ID))
                 .setRatTimeoutDelay(dapsRatTimeoutDelay ?: AttestationConfig.DEFAULT_RAT_TIMEOUT_DELAY.toLong())
                 .build()
         val clientConfigurationBuilder = Idscp2Configuration.Builder()
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
index c17a2a821..d7e318a07 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
@@ -38,15 +38,15 @@ class Idscp2ServerComponent : DefaultComponent() {
 
     init {
         RatProverDriverRegistry.registerDriver(
-                "Dummy", ::RatProverDummy, null)
+                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
         RatVerifierDriverRegistry.registerDriver(
-                "Dummy", ::RatVerifierDummy, null)
+                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
         RatProverDriverRegistry.registerDriver(
-                "TPM2d", ::TPM2dProver,
+                TPM2dProver.TPM_RAT_PROVER_ID, ::TPM2dProver,
                 TPM2dProverConfig.Builder().build()
         )
         RatVerifierDriverRegistry.registerDriver(
-                "TPM2d", ::TPM2dVerifier,
+                TPM2dVerifier.TPM_RAT_VERIFIER_ID, ::TPM2dVerifier,
                 TPM2dVerifierConfig.Builder().build()
         )
     }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index 9bddce167..05cd45cc7 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -18,6 +18,10 @@ package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
@@ -57,8 +61,8 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
     var dapsKeyAlias: String = "1"
     @UriParam(
             label = "security",
-            description = "The validity time of remote attestation and DAT in seconds",
-            defaultValue = "600"
+            description = "The validity time of remote attestation and DAT in milliseconds",
+            defaultValue = "600000"
     )
     var dapsRatTimeoutDelay: Long = AttestationConfig.DEFAULT_RAT_TIMEOUT_DELAY.toLong()
 
@@ -117,8 +121,8 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
         val host = matchResult.group(1)
         val port = matchResult.group(2)?.toInt() ?: Idscp2Configuration.DEFAULT_SERVER_PORT
         val localAttestationConfig = AttestationConfig.Builder()
-                .setSupportedRatSuite(arrayOf("Dummy", "TPM2d"))
-                .setExpectedRatSuite(arrayOf("Dummy", "TPM2d"))
+                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID, TPM2dProver.TPM_RAT_PROVER_ID))
+                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, TPM2dVerifier.TPM_RAT_VERIFIER_ID))
                 .setRatTimeoutDelay(dapsRatTimeoutDelay)
                 .build()
         val serverConfigurationBuilder = Idscp2Configuration.Builder()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
index 8b4457c20..1df2aedd1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
@@ -47,6 +47,7 @@ class RatProverDummy(fsmListener: FsmListener) : RatProverDriver<Unit>(fsmListen
     }
 
     companion object {
+        val RAT_PROVER_DUMMY_ID = "Dummy"
         private val LOG = LoggerFactory.getLogger(RatProverDummy::class.java)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
index eb4276ad9..744832700 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
@@ -47,6 +47,7 @@ class RatVerifierDummy(fsmListener: FsmListener) : RatVerifierDriver<Unit>(fsmLi
     }
 
     companion object {
+        val RAT_VERIFIER_DUMMY_ID = "Dummy"
         private val LOG = LoggerFactory.getLogger(RatVerifierDummy::class.java)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatProver.kt
new file mode 100644
index 000000000..2765bafd8
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatProver.kt
@@ -0,0 +1,44 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.`null`
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import org.slf4j.LoggerFactory
+import java.util.concurrent.BlockingQueue
+import java.util.concurrent.LinkedBlockingQueue
+
+/**
+ * A RatProver that exchanges rat messages with a remote RatVerifier
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class NullRatProver(fsmListener: FsmListener) : RatProverDriver<Unit>(fsmListener) {
+    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
+
+    override fun delegate(message: ByteArray) {
+        queue.add(message)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Delegated to prover")
+        }
+    }
+
+    override fun run() {
+        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG, "".toByteArray())
+        try {
+            queue.take()
+        } catch (e: InterruptedException) {
+            if (running) {
+                LOG.warn("NullRatProver failed");
+                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
+            }
+            return
+        }
+        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK)
+    }
+
+    companion object {
+        const val NULL_RAT_PROVER_ID = "NullRat"
+        private val LOG = LoggerFactory.getLogger(NullRatProver::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatVerifier.kt
new file mode 100644
index 000000000..a0ce6df6c
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatVerifier.kt
@@ -0,0 +1,42 @@
+package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.`null`
+
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import org.slf4j.LoggerFactory
+import java.util.concurrent.BlockingQueue
+import java.util.concurrent.LinkedBlockingQueue
+
+/**
+ * A RatVerifier that exchanges messages with a remote RatProver dummy
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class NullRatVerifier(fsmListener: FsmListener) : RatVerifierDriver<Unit>(fsmListener) {
+    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
+    override fun delegate(message: ByteArray) {
+        queue.add(message)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Delegated to verifier")
+        }
+    }
+
+    override fun run() {
+        try {
+            queue.take()
+        } catch (e: InterruptedException) {
+            if (running) {
+                LOG.warn("NullRatVerifier failed");
+                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
+            }
+            return
+        }
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, "".toByteArray())
+        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK)
+    }
+
+    companion object {
+        const val NULL_RAT_VERIFIER_ID = "NullRat"
+        private val LOG = LoggerFactory.getLogger(NullRatVerifier::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
index 48f4de8a3..be8915f57 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
@@ -191,6 +191,7 @@ class TPM2dProver(fsmListener: FsmListener) : RatProverDriver<TPM2dProverConfig>
     }
 
     companion object {
+        val TPM_RAT_PROVER_ID = "TPM2d"
         private val LOG = LoggerFactory.getLogger(TPM2dProver::class.java)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
index f0ab7d1b4..c89cd3829 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
@@ -257,6 +257,7 @@ class TPM2dVerifier(fsmListener: FsmListener) : RatVerifierDriver<TPM2dVerifierC
     }
 
     companion object {
+        val TPM_RAT_VERIFIER_ID = "TPM2d"
         private val LOG = LoggerFactory.getLogger(TPM2dVerifier::class.java)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index fd3b0ad30..7de69705c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -36,9 +36,10 @@ class Idscp2ClientInitiator {
 
         // register rat drivers
         RatProverDriverRegistry.registerDriver(
-                "Dummy", ::RatProverDummy, null)
+                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
+
         RatVerifierDriverRegistry.registerDriver(
-                "Dummy", ::RatVerifierDummy, null)
+                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
 
         // connect to idscp2 server
         connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration, dapsDriver)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index a7fca7054..bab1dd231 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -40,9 +40,10 @@ class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
 
         // register rat drivers
         RatProverDriverRegistry.registerDriver(
-                "Dummy", ::RatProverDummy, null)
+                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
+
         RatVerifierDriverRegistry.registerDriver(
-                "Dummy", ::RatVerifierDummy, null)
+                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
 
         // create server config
         val serverConfig = Idscp2ServerFactory(
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
index 5de3438a5..2a3edd0be 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
@@ -1,5 +1,7 @@
 package de.fhg.aisec.ids.idscp2.example
 
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import java.nio.file.Paths
@@ -9,8 +11,8 @@ object RunTLSClient {
     @JvmStatic
     fun main(args: Array<String>) {
         val localAttestationConfig = AttestationConfig.Builder()
-                .setSupportedRatSuite(arrayOf("Dummy"))
-                .setExpectedRatSuite(arrayOf("Dummy"))
+                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
+                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID))
                 .setRatTimeoutDelay(300 * 1000) // 300 seconds
                 .build()
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
index ccab734b2..b7c586963 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
@@ -1,5 +1,7 @@
 package de.fhg.aisec.ids.idscp2.example
 
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
 import java.nio.file.Paths
@@ -10,8 +12,8 @@ object RunTLSServer {
     fun main(argv: Array<String>) {
 
         val localAttestationConfig = AttestationConfig.Builder()
-                .setSupportedRatSuite(arrayOf("Dummy"))
-                .setExpectedRatSuite(arrayOf("Dummy"))
+                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
+                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID))
                 .setRatTimeoutDelay(300 * 1000) // 300 seconds
                 .build()
 

From 533b2699d18bbba55a8f64bd1434722ad69d8155 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Sun, 15 Nov 2020 20:16:13 +0100
Subject: [PATCH 181/237] Implement AlternatingBit protocol for reliability

---
 .../idscp2/idscp_core/Idscp2MessageHelper.kt  | 19 +++++--
 .../idscp2/idscp_core/fsm/AlternatingBit.kt   | 38 ++++++++++++++
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 50 ++++++++++++++++++-
 .../idscp2/idscp_core/fsm/StateEstablished.kt | 31 ++++++------
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  | 28 +++++------
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   |  7 +--
 .../fsm/StateWaitForDatAndRatVerifier.kt      |  7 +--
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  |  7 +--
 .../idscp_core/fsm/StateWaitForRatProver.kt   |  7 +--
 .../idscp_core/fsm/StateWaitForRatVerifier.kt |  7 +--
 idscp2/src/main/proto/idscpv2.proto           |  2 +
 11 files changed, 141 insertions(+), 62 deletions(-)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
index d6e18f77b..a3040feec 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
@@ -1,6 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core
 
 import com.google.protobuf.ByteString
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.AlternatingBit
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.*
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 
@@ -62,6 +63,17 @@ object Idscp2MessageHelper {
     fun createIdscpDataMessage(data: ByteArray?): IdscpMessage {
         val idscpData = IdscpData.newBuilder()
                 .setData(ByteString.copyFrom(data))
+                .build()
+        return IdscpMessage.newBuilder()
+                .setIdscpData(idscpData)
+                .build()
+    }
+
+    fun createIdscpDataMessageWithAltBit(data: ByteArray?, alternatingBit: AlternatingBit): IdscpMessage {
+        val idscpData = IdscpData.newBuilder()
+                .setData(ByteString.copyFrom(data))
+                .setAlternatingBit(alternatingBit.asBoolean())
+                .build()
         return IdscpMessage.newBuilder()
                 .setIdscpData(idscpData)
                 .build()
@@ -85,9 +97,10 @@ object Idscp2MessageHelper {
                 .build()
     }
 
-    fun createIdscpAckMessage(): IdscpMessage {
+    fun createIdscpAckMessage(alternatingBit: Boolean): IdscpMessage {
         return IdscpMessage.newBuilder()
-                .setIdscpAck(IdscpAck.newBuilder().build())
-                .build()
+                .setIdscpAck(
+                        IdscpAck.newBuilder().setAlternatingBit(alternatingBit).build()
+                ).build()
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt
new file mode 100644
index 000000000..273b8d9d6
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt
@@ -0,0 +1,38 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm
+
+/**
+ * Implementation of an alternating bit protocol for reliability
+ * see (https://en.wikipedia.org/wiki/Alternating_bit_protocol)
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+
+class AlternatingBit(value: Boolean = false) {
+    enum class Bit {
+        ZERO, ONE
+    }
+
+    private var bit: Bit
+
+    init {
+        if (value) {
+            this.bit = Bit.ONE
+        } else {
+            this.bit = Bit.ZERO
+        }
+    }
+
+
+    fun alternate() {
+        if (bit == Bit.ZERO) {
+            bit = Bit.ONE
+        } else {
+            bit = Bit.ZERO
+        }
+    }
+
+    fun asBoolean(): Boolean {
+        return this.bit != Bit.ZERO
+    }
+
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 489eaf111..98920ac54 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -13,6 +13,8 @@ import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpAck
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpData
 import org.slf4j.LoggerFactory
 import java.util.*
 import java.util.concurrent.locks.ReentrantLock
@@ -102,6 +104,12 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     private var ackFlag = false
     private var bufferedIdscpData: IdscpMessage? = null
 
+    /**
+     * Alternating Bit
+     */
+    private var expectedAlternatingBit = AlternatingBit()
+    private var nextSendAlternatingBit = AlternatingBit()
+
     /* ---------------------- Timers ---------------------- */
     private val datTimer: DynamicTimer
     private val ratTimer: StaticTimer
@@ -564,6 +572,46 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         }
     }
 
+    /**
+     * Handle IdscpAck
+     * @return true if everything if ack flag was cleared correctly, else false
+     */
+    fun recvAck(ack: IdscpAck): Boolean {
+        if (ackFlag) {
+            LOG.debug("Received IdscpAck with alternating bit {}, cancel flag in fsm", ack.alternatingBit)
+            if (nextSendAlternatingBit.asBoolean() != ack.alternatingBit) {
+                LOG.debug("Received IdscpAck with wrong alternating bit. Ignoring")
+            } else {
+                setAckFlag(false)
+                ackTimer.cancelTimeout()
+                LOG.debug("Alternate nextSend bit from {}", nextSendAlternatingBit.asBoolean())
+                nextSendAlternatingBit.alternate()
+                return true
+            }
+        } else {
+            LOG.warn("Received unexpected IdscpAck")
+        }
+        return false
+    }
+
+    fun recvData(data: IdscpData) {
+        LOG.debug("Received IdscpData with alternating bit {}", data.alternatingBit)
+
+        if (data.alternatingBit != expectedAlternatingBit.asBoolean()) {
+            LOG.debug("Received IdscpData with unexpected alternating bit. Could be an old packet replayed. Ignore it.")
+        } else {
+            LOG.debug("Send IdscpAck with received alternating bit {}", data.alternatingBit)
+            if (!sendFromFSM(Idscp2MessageHelper.createIdscpAckMessage(data.alternatingBit))) {
+                LOG.error("Cannot send ACK")
+            }
+            LOG.debug("Alternate expected bit from {}", expectedAlternatingBit.asBoolean())
+            expectedAlternatingBit.alternate()
+
+            // forward payload data to upper layer
+            notifyIdscpMsgListener(data.data.toByteArray())
+        }
+    }
+
     fun setBufferedIdscpData(msg: IdscpMessage) {
         this.bufferedIdscpData = msg
     }
@@ -621,7 +669,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER] = StateWaitForDatAndRatVerifier(
                 this, handshakeTimer, datTimer, dapsDriver)
         states[FsmState.STATE_ESTABLISHED] = StateEstablished(
-                this, dapsDriver, ratTimer, handshakeTimer, ackTimer)
+                this, dapsDriver, ratTimer, handshakeTimer, ackTimer, nextSendAlternatingBit)
         states[FsmState.STATE_WAIT_FOR_ACK] = StateWaitForAck(
                 this, dapsDriver, ratTimer, handshakeTimer, ackTimer)
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
index a888c2984..8670affb7 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -18,7 +18,8 @@ class StateEstablished(fsm: FSM,
                        dapsDriver: DapsDriver,
                        ratTimer: StaticTimer,
                        handshakeTimer: StaticTimer,
-                       ackTimer: StaticTimer) : State() {
+                       ackTimer: StaticTimer,
+                       alternatingBit: AlternatingBit) : State() {
 
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_ESTABLISHED")
@@ -58,11 +59,16 @@ class StateEstablished(fsm: FSM,
         })
         addTransition(InternalControlMessage.SEND_DATA.value, Transition(
                 Function {
+                    // repack data, include alternating bit
+                    val idscpMessage = Idscp2MessageHelper.createIdscpDataMessageWithAltBit(
+                            it.idscpMessage.idscpData.data.toByteArray(), alternatingBit)
+
+                    // send repacked data
                     LOG.debug("Send IdscpData")
-                    if (fsm.sendFromFSM(it.idscpMessage)) {
+                    if (fsm.sendFromFSM(idscpMessage)) {
                         //Set Ack Flag
                         fsm.setAckFlag(true)
-                        fsm.setBufferedIdscpData(it.idscpMessage)
+                        fsm.setBufferedIdscpData(idscpMessage)
                         ackTimer.start()
                         return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
                     } else {
@@ -123,17 +129,14 @@ class StateEstablished(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
                 }
         ))
-        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition { event: Event ->
-            // send Idscp Ack
-            LOG.debug("Received IdscpData")
-            LOG.debug("Send IdscpAck")
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpAckMessage())) {
-                LOG.warn("Cannot send ACK")
-            }
-            val data = event.idscpMessage.idscpData
-            fsm.notifyIdscpMsgListener(data.data.toByteArray())
-            this
-        })
+
+        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition (
+                Function {
+                    fsm.recvData(it.idscpMessage.idscpData)
+                    this
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
             LOG.debug("Receive IDSCP_CLOSED")
             fsm.getState(FsmState.STATE_CLOSED)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
index 6d93a2853..e1842bded 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
@@ -129,21 +129,21 @@ class StateWaitForAck(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
                 }
         ))
-        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition { event: Event ->
-            // send Idscp Ack
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpAckMessage())) {
-                LOG.warn("Cannot send ACK")
+        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition (
+            Function {
+                fsm.recvData(it.idscpMessage.idscpData)
+                this
             }
-            val data = event.idscpMessage.idscpData
-            fsm.notifyIdscpMsgListener(data.data.toByteArray())
-            this
-        })
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
-            LOG.debug("Received IdscpAck, cancel AckFlag")
-            ackTimer.cancelTimeout()
-            fsm.setAckFlag(false)
-            fsm.getState(FsmState.STATE_ESTABLISHED)
-        })
+        ))
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
+            Function{
+                if (fsm.recvAck(it.idscpMessage.idscpAck)) {
+                    fsm.getState(FsmState.STATE_ESTABLISHED)
+                } else {
+                    this
+                }
+            }
+        ))
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
             LOG.debug("Receive IDSCP_CLOSED")
             fsm.getState(FsmState.STATE_CLOSED)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index d6461b4a1..7d1c3e559 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -148,12 +148,7 @@ class StateWaitForDatAndRat(fsm: FSM,
         ))
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
-                    if (fsm.getAckFlag) {
-                        LOG.debug("Received IdscpAck, cancel flag in fsm")
-                        fsm.setAckFlag(false)
-                    } else {
-                        LOG.warn("Received unexpected IdscpAck")
-                    }
+                    fsm.recvAck(it.idscpMessage.idscpAck)
                     this
                 }
         ))
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index 3d3b0f54b..253ad32b8 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -113,12 +113,7 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
         ))
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
-                    if (fsm.getAckFlag) {
-                        LOG.debug("Received IdscpAck, cancel flag in fsm")
-                        fsm.setAckFlag(false)
-                    } else {
-                        LOG.warn("Received unexpected IdscpAck")
-                    }
+                    fsm.recvAck(it.idscpMessage.idscpAck)
                     this
                 }
         ))
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index e4bbafbb3..3cc4111d9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -129,12 +129,7 @@ class StateWaitForRat(fsm: FSM,
         })
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
-                    if (fsm.getAckFlag) {
-                        LOG.debug("Received IdscpAck, cancel flag in fsm")
-                        fsm.setAckFlag(false)
-                    } else {
-                        LOG.warn("Received unexpected IdscpAck")
-                    }
+                    fsm.recvAck(it.idscpMessage.idscpAck)
                     this
                 }
         ))
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index ea3c6fe71..238710e1c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -159,12 +159,7 @@ class StateWaitForRatProver(fsm: FSM,
         ))
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
-                    if (fsm.getAckFlag) {
-                        LOG.debug("Received IdscpAck, cancel flag in fsm")
-                        fsm.setAckFlag(false)
-                    } else {
-                        LOG.warn("Received unexpected IdscpAck")
-                    }
+                    fsm.recvAck(it.idscpMessage.idscpAck)
                     this
                 }
         ))
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index b3ccd7f9f..ebad758a0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -144,12 +144,7 @@ class StateWaitForRatVerifier(fsm: FSM,
         ))
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
-                    if (fsm.getAckFlag) {
-                        LOG.debug("Received IdscpAck, cancel flag in fsm")
-                        fsm.setAckFlag(false)
-                    } else {
-                        LOG.warn("Received unexpected IdscpAck")
-                    }
+                    fsm.recvAck(it.idscpMessage.idscpAck)
                     this
                 }
         ))
diff --git a/idscp2/src/main/proto/idscpv2.proto b/idscp2/src/main/proto/idscpv2.proto
index ef53feefb..704e3dcff 100644
--- a/idscp2/src/main/proto/idscpv2.proto
+++ b/idscp2/src/main/proto/idscpv2.proto
@@ -72,7 +72,9 @@ message IdscpRatVerifier {
 message IdscpData {
   // Payload
   bytes data = 1;
+  bool alternatingBit = 2;
 }
 
 message IdscpAck {
+  bool alternatingBit = 1;
 }
\ No newline at end of file

From 4a77c66d7e7974182c317e562876406ba7d4aa87 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Tue, 17 Nov 2020 10:54:32 +0100
Subject: [PATCH 182/237] Add idscp2 commandline example

---
 .../idscp2/example/CommandlineTunnelClient.kt | 93 +++++++++++++++++++
 .../idscp2/example/CommandlineTunnelServer.kt | 75 +++++++++++++++
 .../ids/idscp2/example/RunTunnelClient.kt     | 34 +++++++
 .../ids/idscp2/example/RunTunnelServer.kt     | 32 +++++++
 4 files changed, 234 insertions(+)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
new file mode 100644
index 000000000..647608d59
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
@@ -0,0 +1,93 @@
+package de.fhg.aisec.ids.idscp2.example
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.NullDaps
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
+import org.slf4j.LoggerFactory
+import java.util.concurrent.CompletableFuture
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
+import java.nio.charset.StandardCharsets
+import kotlin.concurrent.thread
+
+class CommandlineTunnelClient {
+    private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
+
+    fun init(configuration: Idscp2Configuration) {
+        LOG.info("Setting up IDSCP connection")
+
+        // create secure channel driver
+        val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
+
+        // create daps driver
+        val dapsDriver = NullDaps()
+
+        // register rat drivers
+        RatProverDriverRegistry.registerDriver(
+                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
+
+        RatVerifierDriverRegistry.registerDriver(
+                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
+
+        // connect to idscp2 server
+        LOG.info("connecting to {}:{}", configuration.host, configuration.serverPort)
+        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration, dapsDriver)
+
+        connectionFuture.thenAccept { connection: Idscp2Connection ->
+            println("Client: New connection with id " + connection.id)
+            var runningUserJob = true
+
+            connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
+                override fun onError(t: Throwable) {
+                    LOG.error("Client connection error occurred", t)
+                    runningUserJob = false
+                }
+
+                override fun onClose() {
+                    LOG.info("Client: Connection with id " + connection.id + " has been closed")
+                    runningUserJob = false
+                }
+            })
+
+            connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
+                println("Received message: " + String(data, StandardCharsets.UTF_8))
+            }
+
+            connection.unlockMessaging()
+
+            thread {
+                // wait until connected
+                while (!connection.isConnected) {
+                    Thread.sleep(1000L)
+                }
+
+                while (runningUserJob) {
+                    // read from stdin
+                    println("You can now type in your message")
+                    val data = readLine()
+
+                    if (data.isNullOrBlank()) {
+                        // close connection EOF
+                        connection.close()
+                    } else {
+                        // send data to connection
+                        connection.send(data.toByteArray(StandardCharsets.UTF_8))
+                    }
+                }
+            }
+
+        }.exceptionally { t: Throwable? ->
+            LOG.error("Client endpoint error occurred", t)
+            null
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(CommandlineTunnelClient::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
new file mode 100644
index 000000000..f421a25ba
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
@@ -0,0 +1,75 @@
+package de.fhg.aisec.ids.idscp2.example
+
+import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.NullDaps
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
+import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
+import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
+import org.slf4j.LoggerFactory
+import java.nio.charset.StandardCharsets
+import java.util.concurrent.CompletableFuture
+import kotlin.concurrent.thread
+
+class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
+    fun init(configuration: Idscp2Configuration) {
+        LOG.info("setting up IDSCP listener")
+        // create secure channel driver
+        val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
+
+        // create daps
+        val dapsDriver: DapsDriver = NullDaps()
+
+        // register rat drivers
+        RatProverDriverRegistry.registerDriver(
+                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
+
+        RatVerifierDriverRegistry.registerDriver(
+                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
+
+        // create server config
+        val serverConfig = Idscp2ServerFactory(
+                ::Idscp2ConnectionImpl,
+                this,
+                configuration,
+                dapsDriver,
+                secureChannelDriver
+        )
+
+        @Suppress("UNUSED_VARIABLE") val idscp2Server = serverConfig.listen()
+    }
+
+    override fun onConnection(connection: Idscp2Connection) {
+        println("Server: New connection with id " + connection.id)
+
+        connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
+            override fun onError(t: Throwable) {
+                LOG.error("Server connection error occurred", t)
+            }
+
+            override fun onClose() {
+                LOG.info("Server: Connection with id " + connection.id + " has been closed")
+            }
+        })
+
+        connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
+            println("Received message: ${String(data, StandardCharsets.UTF_8)}".trimIndent())
+        }
+
+    }
+
+    override fun onError(t: Throwable) {
+        LOG.error("Server endpoint error occurred", t)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(CommandlineTunnelServer::class.java)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
new file mode 100644
index 000000000..3e4d5be90
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
@@ -0,0 +1,34 @@
+package de.fhg.aisec.ids.idscp2.example
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import java.nio.file.Paths
+import java.util.*
+
+object RunTunnelClient {
+    @JvmStatic
+    fun main(args: Array<String>) {
+
+        val localAttestationConfig = AttestationConfig.Builder()
+                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
+                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID))
+                .setRatTimeoutDelay(70 * 1000) // 70 seconds
+                .build()
+
+        val config = Idscp2Configuration.Builder()
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector2-keystore.p12")).path))
+                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
+                .setCertificateAlias("1.0.1")
+                .setDapsKeyAlias("1")
+                .setAckTimeoutDelay(500) //  500 ms
+                .setHandshakeTimeoutDelay(5 * 1000) // 5 seconds
+                .setAttestationConfig(localAttestationConfig)
+                .setServerPort(1234)
+                .build()
+
+        val initiator = CommandlineTunnelClient()
+        initiator.init(config)
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
new file mode 100644
index 000000000..27f770783
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
@@ -0,0 +1,32 @@
+package de.fhg.aisec.ids.idscp2.example
+
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import java.nio.file.Paths
+import java.util.*
+
+object RunTunnelServer {
+    @JvmStatic
+    fun main(argv: Array<String>) {
+
+        val localAttestationConfig = AttestationConfig.Builder()
+                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
+                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID))
+                .setRatTimeoutDelay(60 * 1000) // 60 seconds
+                .build()
+
+        val settings = Idscp2Configuration.Builder()
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
+                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
+                .setCertificateAlias("1.0.1")
+                .setDapsKeyAlias("1")
+                .setAttestationConfig(localAttestationConfig)
+                .setServerPort(1234)
+                .build()
+
+        val initiator = CommandlineTunnelServer()
+        initiator.init(settings)
+    }
+}
\ No newline at end of file

From d72310ca6618c95137d4504a8f00f43eff0a9fdd Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Tue, 17 Nov 2020 12:25:42 +0100
Subject: [PATCH 183/237] Remove warnings in fsm package

---
 .../idscp2/idscp_core/fsm/AlternatingBit.kt   |   6 +-
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    |   5 +-
 .../idscp_core/fsm/InternalControlMessage.kt  |   1 -
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  |  77 ++++----
 .../idscp2/idscp_core/fsm/StateEstablished.kt |  49 ++++--
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  |  63 ++++---
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   | 114 +++++++-----
 .../fsm/StateWaitForDatAndRatVerifier.kt      | 147 +++++++++-------
 .../idscp_core/fsm/StateWaitForHello.kt       |  65 ++++---
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  | 165 +++++++++++-------
 .../idscp_core/fsm/StateWaitForRatProver.kt   | 103 +++++++----
 .../idscp_core/fsm/StateWaitForRatVerifier.kt | 102 +++++++----
 12 files changed, 542 insertions(+), 355 deletions(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt
index 273b8d9d6..9485e76b4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt
@@ -24,10 +24,10 @@ class AlternatingBit(value: Boolean = false) {
 
 
     fun alternate() {
-        if (bit == Bit.ZERO) {
-            bit = Bit.ONE
+        bit = if (bit == Bit.ZERO) {
+            Bit.ONE
         } else {
-            bit = Bit.ZERO
+            Bit.ZERO
         }
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 98920ac54..6793af27b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -18,6 +18,7 @@ import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpData
 import org.slf4j.LoggerFactory
 import java.util.*
 import java.util.concurrent.locks.ReentrantLock
+import kotlin.jvm.Throws
 
 /**
  * The finite state machine FSM of the IDSCP2 protocol
@@ -487,7 +488,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     /**
      * Terminate the RatProverDriver
      */
-    fun stopRatProverDriver() {
+    private fun stopRatProverDriver() {
         proverHandshakeTimer.cancelTimeout()
         if (ratProverDriver != null && ratProverDriver!!.isAlive) {
             ratProverDriver!!.interrupt()
@@ -540,7 +541,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     /**
      * Provide IDSCP2 message to the message listener
      */
-    fun notifyIdscpMsgListener(data: ByteArray) {
+    private fun notifyIdscpMsgListener(data: ByteArray) {
         connection.onMessage(data)
         if (LOG.isTraceEnabled) {
             LOG.trace("Idscp data has been passed to connection listener")
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
index 13e7fa76d..3d88dec60 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
@@ -12,7 +12,6 @@ enum class InternalControlMessage(
     START_IDSCP_HANDSHAKE("ICM_START"),
     IDSCP_STOP("ICM_STOP"),
     DAT_TIMER_EXPIRED("ICM_DAT_TIMER_EXPIRED"),
-    RAT_TIMER_EXPIRED("ICM_RAT_TIMER_EXPIRED"),
     REPEAT_RAT("ICM_REPEAT_RAT"),
     SEND_DATA("ICM_SEND_DATA"),
     RAT_VERIFIER_OK("ICM_RAT_V_OK"),
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
index 8852cb301..2a63b2e50 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
@@ -51,43 +51,50 @@ internal class StateClosed(fsm: FSM,
          * onICM: start_handshake --> {send IDSCP_HELLO, set handshake_timeout} --> STATE_WAIT_FOR_HELLO
          * ALL_OTHER_MESSAGES ---> STATE_CLOSED
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.value, Transition(Function {
-            LOG.debug("Get DAT Token vom DAT_DRIVER")
-            val dat = dapsDriver.token
-            LOG.debug("Send IDSCP_HELLO")
-            val idscpHello = Idscp2MessageHelper.createIdscpHelloMessage(
-                    dat,
-                    attestationConfig.supportedAttestationSuite,
-                    attestationConfig.expectedAttestationSuite
-            )
-            if (!fsm.sendFromFSM(idscpHello)) {
-                LOG.error("Cannot send IdscpHello. Close connection")
-                runEntryCode(fsm)
-                onMessageLock.signalAll()
-                return@Function fsm.getState(FsmState.STATE_CLOSED)
+        addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.value, Transition(
+            Function {
+                LOG.debug("Get DAT Token vom DAT_DRIVER")
+                val dat = dapsDriver.token
+                LOG.debug("Send IDSCP_HELLO")
+                val idscpHello = Idscp2MessageHelper.createIdscpHelloMessage(
+                        dat,
+                        attestationConfig.supportedAttestationSuite,
+                        attestationConfig.expectedAttestationSuite
+                )
+                if (!fsm.sendFromFSM(idscpHello)) {
+                    LOG.error("Cannot send IdscpHello. Close connection")
+                    runEntryCode(fsm)
+                    onMessageLock.signalAll()
+                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                }
+                runExitCode(onMessageLock)
+                fsm.getState(FsmState.STATE_WAIT_FOR_HELLO)
             }
-            runExitCode(onMessageLock)
-            fsm.getState(FsmState.STATE_WAIT_FOR_HELLO)
-        }))
+        ))
 
         // This origins from onClose(), so just ignore it
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received STOP in STATE_CLOSED, ignored.")
-            }
-            this
-        })
-        setNoTransitionHandler { event: Event? ->
-            if (LOG.isDebugEnabled) {
-                LOG.debug("No transition available for given event {}, stack trace for analysis:\n{}",
-                        event,
-                        Arrays.stream(Thread.currentThread().stackTrace)
-                                .skip(1)
-                                .map { obj: StackTraceElement -> obj.toString() }
-                                .collect(Collectors.joining("\n")))
-                LOG.debug("Stay in state STATE_CLOSED")
-            }
-            this
-        }
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
+                Function {
+                    if (LOG.isTraceEnabled) {
+                        LOG.trace("Received STOP in STATE_CLOSED, ignored.")
+                    }
+                    this
+                }
+        ))
+
+        setNoTransitionHandler(
+                Function {
+                    if (LOG.isDebugEnabled) {
+                        LOG.debug("No transition available for given event {}, stack trace for analysis:\n{}",
+                                it,
+                                Arrays.stream(Thread.currentThread().stackTrace)
+                                        .skip(1)
+                                        .map { obj: StackTraceElement -> obj.toString() }
+                                        .collect(Collectors.joining("\n")))
+                        LOG.debug("Stay in state STATE_CLOSED")
+                    }
+                    this
+                }
+        )
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
index 8670affb7..257bdceb8 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -47,16 +47,22 @@ class StateEstablished(fsm: FSM,
          * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("Error occurred, close idscp connection")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSCP_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                    CloseCause.USER_SHUTDOWN))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+        addTransition(InternalControlMessage.ERROR.value, Transition (
+                Function {
+                    LOG.debug("Error occurred, close idscp connection")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
+                Function {
+                    LOG.debug("Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            CloseCause.USER_SHUTDOWN))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(InternalControlMessage.SEND_DATA.value, Transition(
                 Function {
                     // repack data, include alternating bit
@@ -137,14 +143,19 @@ class StateEstablished(fsm: FSM,
                 }
         ))
 
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Receive IDSCP_CLOSED")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        setNoTransitionHandler { event: Event? ->
-            LOG.debug("No transition available for given event " + event.toString())
-            LOG.debug("Stay in state STATE_ESTABLISHED")
-            this
-        }
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
+                Function {
+                    LOG.debug("Receive IDSCP_CLOSED")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        setNoTransitionHandler (
+                Function {
+                    LOG.debug("No transition available for given event $it")
+                    LOG.debug("Stay in state STATE_ESTABLISHED")
+                    this
+                }
+        )
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
index e1842bded..bad321dd2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
@@ -47,16 +47,22 @@ class StateWaitForAck(fsm: FSM,
          * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("Error occurred, close idscp connection")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSCP_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                    CloseCause.USER_SHUTDOWN))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+        addTransition(InternalControlMessage.ERROR.value, Transition (
+                Function {
+                    LOG.debug("Error occurred, close idscp connection")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
+                Function {
+                    LOG.debug("Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            CloseCause.USER_SHUTDOWN))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition(
                 Function {
                     LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
@@ -73,10 +79,14 @@ class StateWaitForAck(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
                 }
         ))
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            LOG.warn("Cannot send data in STATE_WAIT_FOR_ACK")
-            this
-        })
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
+                Function {
+                    LOG.warn("Cannot send data in STATE_WAIT_FOR_ACK")
+                    this
+                }
+        ))
+
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
                 Function {
                     ratTimer.cancelTimeout()
@@ -144,14 +154,21 @@ class StateWaitForAck(fsm: FSM,
                 }
             }
         ))
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Receive IDSCP_CLOSED")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        setNoTransitionHandler { event: Event? ->
-            LOG.debug("No transition available for given event " + event.toString())
-            LOG.debug("Stay in state STATE_WAIT_FOR_ACK")
-            this
-        }
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
+                Function {
+                    LOG.debug("Receive IDSCP_CLOSED")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        setNoTransitionHandler (
+                Function {
+                    LOG.debug("No transition available for given event $it")
+                    LOG.debug("Stay in state STATE_WAIT_FOR_ACK")
+                    this
+                }
+        )
+
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index 7d1c3e559..09532243a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -50,34 +50,49 @@ class StateWaitForDatAndRat(fsm: FSM,
          * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSC_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                    CloseCause.USER_SHUTDOWN))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                    CloseCause.TIMEOUT))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
-            LOG.debug("Received RAT_PROVER OK")
-            proverHandshakeTimer.cancelTimeout()
-            fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
-        })
-        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
-            LOG.error("RAT_PROVER failed")
-            LOG.debug("Send IDSC_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
-                    CloseCause.RAT_PROVER_FAILED))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
+                Function {
+                    LOG.debug("Send IDSC_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            CloseCause.USER_SHUTDOWN))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.ERROR.value, Transition (
+                Function {
+                    LOG.debug("An internal control error occurred")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
+                Function {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                            CloseCause.TIMEOUT))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition (
+                Function {
+                    LOG.debug("Received RAT_PROVER OK")
+                    proverHandshakeTimer.cancelTimeout()
+                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
+                }
+        ))
+
+        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition (
+                Function {
+                    LOG.error("RAT_PROVER failed")
+                    LOG.debug("Send IDSC_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
+                            CloseCause.RAT_PROVER_FAILED))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition(
                 Function { event: Event ->
                     LOG.debug("Send IDSCP_RAT_PROVER")
@@ -88,10 +103,14 @@ class StateWaitForDatAndRat(fsm: FSM,
                     this
                 }
         ))
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
+                Function {
+                    LOG.debug("Received IDSCP_CLOSE")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition(
                 Function { event: Event ->
                     handshakeTimer.cancelTimeout()
@@ -115,6 +134,7 @@ class StateWaitForDatAndRat(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
                 }
         ))
+
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
@@ -129,13 +149,17 @@ class StateWaitForDatAndRat(fsm: FSM,
                     this
                 }
         ))
-        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
-            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-            assert(event.idscpMessage.hasIdscpRatVerifier())
-            fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                    ?: throw Idscp2Exception("RAT prover driver not available")
-            this
-        })
+
+        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
+                Function { event: Event ->
+                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+                    assert(event.idscpMessage.hasIdscpRatVerifier())
+                    fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                            ?: throw Idscp2Exception("RAT prover driver not available")
+                    this
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
@@ -146,15 +170,19 @@ class StateWaitForDatAndRat(fsm: FSM,
                     this
                 }
         ))
+
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
                     fsm.recvAck(it.idscpMessage.idscpAck)
                     this
                 }
         ))
-        setNoTransitionHandler { event: Event? ->
-            LOG.debug("No transition available for given event " + event.toString())
-            this
-        }
+
+        setNoTransitionHandler (
+                Function {
+                    LOG.debug("No transition available for given event $it")
+                    this
+                }
+        )
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index 253ad32b8..e92bcb518 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -45,81 +45,100 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
          * onMessage: IDSCP_RE_RAT ---> {start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSC_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                    CloseCause.USER_SHUTDOWN))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                    CloseCause.TIMEOUT))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
+                Function {
+                    LOG.debug("Send IDSC_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            CloseCause.USER_SHUTDOWN))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.ERROR.value, Transition (
+                Function {
+                    LOG.debug("An internal control error occurred")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
+                Function {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                            CloseCause.TIMEOUT))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
+                Function {
+                    LOG.debug("Received IDSCP_CLOSE")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition(
-        Function { event: Event ->
-            handshakeTimer.cancelTimeout()
-            LOG.debug("Verify received DAT")
-            //check if Dat is available and verify dat
-            val dat = event.idscpMessage.idscpDat.token.toByteArray()
-            var datValidityPeriod: Long
-            if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
-                LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
-                fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT", CloseCause.NO_VALID_DAT))
-                return@Function fsm.getState(FsmState.STATE_CLOSED)
-            }
-            LOG.debug("Remote DAT is valid. Set dat timeout")
-            datTimer.resetTimeout(datValidityPeriod * 1000)
-            //start RAT Verifier
-            if (!fsm.restartRatVerifierDriver()) {
-                LOG.error("Cannot run Rat verifier, close idscp connection")
-                return@Function fsm.getState(FsmState.STATE_CLOSED)
+            Function { event: Event ->
+                handshakeTimer.cancelTimeout()
+                LOG.debug("Verify received DAT")
+                //check if Dat is available and verify dat
+                val dat = event.idscpMessage.idscpDat.token.toByteArray()
+                var datValidityPeriod: Long
+                if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
+                    LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT", CloseCause.NO_VALID_DAT))
+                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                }
+                LOG.debug("Remote DAT is valid. Set dat timeout")
+                datTimer.resetTimeout(datValidityPeriod * 1000)
+                //start RAT Verifier
+                if (!fsm.restartRatVerifierDriver()) {
+                    LOG.error("Cannot run Rat verifier, close idscp connection")
+                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                }
+                fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
             }
-            fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
-        }
         ))
+
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
-        Function {
-            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
-                LOG.error("Cannot send DAT message")
-                return@Function fsm.getState(FsmState.STATE_CLOSED)
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Function fsm.getState(FsmState.STATE_CLOSED)
+            Function {
+                LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
+                if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                    LOG.error("Cannot send DAT message")
+                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                }
+                if (!fsm.restartRatProverDriver()) {
+                    LOG.error("Cannot run Rat prover, close idscp connection")
+                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                }
+                fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
             }
-            fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
-        }
         ))
+
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
-        Function {
-            LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
-            if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Function fsm.getState(FsmState.STATE_CLOSED)
+            Function {
+                LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
+                if (!fsm.restartRatProverDriver()) {
+                    LOG.error("Cannot run Rat prover, close idscp connection")
+                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                }
+                fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
             }
-            fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
-        }
         ))
+
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
-                Function {
-                    fsm.recvAck(it.idscpMessage.idscpAck)
+            Function {
+                fsm.recvAck(it.idscpMessage.idscpAck)
+                this
+            }
+        ))
+
+        setNoTransitionHandler (
+                Function { event: Event? ->
+                    LOG.debug("No transition available for given event " + event.toString())
                     this
                 }
-        ))
-        setNoTransitionHandler { event: Event? ->
-            LOG.debug("No transition available for given event " + event.toString())
-            this
-        }
+        )
+
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index 8fdbdaa59..e4fff4b26 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -49,26 +49,38 @@ class StateWaitForHello(fsm: FSM,
          *                                        set handshake_timeout} ---> STATE_WAIT_FOR_RAT
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_HELLO
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Received stop signal from user. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                    CloseCause.USER_SHUTDOWN))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake Timeout",
-                    CloseCause.TIMEOUT))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+        addTransition(InternalControlMessage.ERROR.value, Transition (
+                Function {
+                    LOG.debug("An internal control error occurred")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
+                Function {
+                    LOG.debug("Received stop signal from user. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            CloseCause.USER_SHUTDOWN))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
+                Function {
+                    LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake Timeout",
+                            CloseCause.TIMEOUT))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
+                Function {
+                    LOG.debug("Received IDSCP_CLOSE")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, Transition(
                 Function { event: Event ->
                     handshakeTimer.cancelTimeout()
@@ -105,10 +117,13 @@ class StateWaitForHello(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
                 }
         ))
-        setNoTransitionHandler { event: Event? ->
-            LOG.debug("No transition available for given event " + event.toString())
-            LOG.debug("Stay in state STATE_WAIT_FOR_HELLO")
-            this
-        }
+
+        setNoTransitionHandler (
+                Function {
+                    LOG.debug("No transition available for given event $it")
+                    LOG.debug("Stay in state STATE_WAIT_FOR_HELLO")
+                    this
+                }
+        )
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index 3cc4111d9..3a812a6f5 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -53,41 +53,59 @@ class StateWaitForRat(fsm: FSM,
          * onMessage: IDSCP_CLOSE ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSC_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                    CloseCause.USER_SHUTDOWN))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
-            LOG.debug("Received RAT_PROVER OK")
-            proverHandshakeTimer.cancelTimeout()
-            fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
-        })
-        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
-            LOG.debug("Received RAT_VERIFIER OK")
-            verifierHandshakeTimer.cancelTimeout()
-            ratTimer.resetTimeout()
-            fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
-        })
-        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
-            LOG.error("RAT_PROVER failed")
-            LOG.debug("Send IDSC_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
-                    CloseCause.RAT_PROVER_FAILED))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
-            LOG.error("RAT_VERIFIER failed")
-            LOG.debug("Send IDSC_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
-                    CloseCause.RAT_VERIFIER_FAILED))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+        addTransition(InternalControlMessage.ERROR.value, Transition (
+                Function {
+                    LOG.debug("An internal control error occurred")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
+                Function {
+                    LOG.debug("Send IDSC_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            CloseCause.USER_SHUTDOWN))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition (
+                Function {
+                    LOG.debug("Received RAT_PROVER OK")
+                    proverHandshakeTimer.cancelTimeout()
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
+                }
+        ))
+
+        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition (
+                Function {
+                    LOG.debug("Received RAT_VERIFIER OK")
+                    verifierHandshakeTimer.cancelTimeout()
+                    ratTimer.resetTimeout()
+                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+                }
+        ))
+
+        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition (
+                Function {
+                    LOG.error("RAT_PROVER failed")
+                    LOG.debug("Send IDSC_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
+                            CloseCause.RAT_PROVER_FAILED))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition (
+                Function {
+                    LOG.error("RAT_VERIFIER failed")
+                    LOG.debug("Send IDSC_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
+                            CloseCause.RAT_VERIFIER_FAILED))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition(
                 Function { event: Event ->
                     LOG.debug("Send IDSCP_RAT_PROVER")
@@ -98,6 +116,7 @@ class StateWaitForRat(fsm: FSM,
                     this
                 }
         ))
+
         addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition(
                 Function { event: Event ->
                     LOG.debug("Send IDSCP_RAT_VERIFIER")
@@ -108,6 +127,7 @@ class StateWaitForRat(fsm: FSM,
                     this
                 }
         ))
+
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
                 Function {
                     LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER")
@@ -121,32 +141,43 @@ class StateWaitForRat(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
                 }
         ))
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                    CloseCause.TIMEOUT))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
+                Function {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                            CloseCause.TIMEOUT))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
                     fsm.recvAck(it.idscpMessage.idscpAck)
                     this
                 }
         ))
-        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
-            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-            assert(event.idscpMessage.hasIdscpRatVerifier())
-            fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                    ?: throw Idscp2Exception("RAT prover driver not available")
-            this
-        })
-        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
-            LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
-            assert(event.idscpMessage.hasIdscpRatProver())
-            fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
-                    ?: throw Idscp2Exception("RAT verifier driver not available")
-            this
-        })
+
+        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
+                Function { event: Event ->
+                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+                    assert(event.idscpMessage.hasIdscpRatVerifier())
+                    fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                            ?: throw Idscp2Exception("RAT prover driver not available")
+                    this
+                }
+        ))
+
+        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition (
+                Function { event: Event ->
+                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
+                    assert(event.idscpMessage.hasIdscpRatProver())
+                    fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+                            ?: throw Idscp2Exception("RAT verifier driver not available")
+                    this
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
@@ -161,14 +192,20 @@ class StateWaitForRat(fsm: FSM,
                     this
                 }
         ))
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        setNoTransitionHandler { event: Event? ->
-            LOG.debug("No transition available for given event " + event.toString())
-            LOG.debug("Stay in state STATE_WAIT_FOR_RAT")
-            this
-        }
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
+                Function {
+                    LOG.debug("Received IDSCP_CLOSE")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        setNoTransitionHandler (
+                Function { event: Event? ->
+                    LOG.debug("No transition available for given event " + event.toString())
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT")
+                    this
+                }
+        )
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index 238710e1c..16a57ceec 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -50,21 +50,30 @@ class StateWaitForRatProver(fsm: FSM,
          * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_PROVER
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSC_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", CloseCause.USER_SHUTDOWN))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                    CloseCause.TIMEOUT))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
+                Function {
+                    LOG.debug("Send IDSC_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", CloseCause.USER_SHUTDOWN))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.ERROR.value, Transition (
+                Function {
+                    LOG.debug("An internal control error occurred")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
+                Function {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
+                            CloseCause.TIMEOUT))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
                 Function {
                     LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED")
@@ -78,6 +87,7 @@ class StateWaitForRatProver(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
                 }
         ))
+
         addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition (
                 Function {
                     LOG.debug("Received RAT_PROVER OK")
@@ -90,13 +100,17 @@ class StateWaitForRatProver(fsm: FSM,
                     }
                 }
         ))
-        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
-            LOG.error("RAT_PROVER failed")
-            LOG.debug("Send IDSC_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
-                    CloseCause.RAT_PROVER_FAILED))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+
+        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition (
+                Function {
+                    LOG.error("RAT_PROVER failed")
+                    LOG.debug("Send IDSC_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
+                            CloseCause.RAT_PROVER_FAILED))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition(
                 Function { event: Event ->
                     LOG.debug("Send IDSCP_RAT_PROVER")
@@ -107,6 +121,7 @@ class StateWaitForRatProver(fsm: FSM,
                     this
                 }
         ))
+
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition(
                 Function {
                     LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER")
@@ -122,10 +137,14 @@ class StateWaitForRatProver(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
                 }
         ))
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
+                Function {
+                    LOG.debug("Received IDSCP_CLOSE")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
@@ -140,13 +159,17 @@ class StateWaitForRatProver(fsm: FSM,
                     this
                 }
         ))
-        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
-            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-            assert(event.idscpMessage.hasIdscpRatVerifier())
-            fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                    ?: throw Idscp2Exception("RAT prover driver not available")
-            this
-        })
+
+        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
+                Function { event: Event ->
+                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+                    assert(event.idscpMessage.hasIdscpRatVerifier())
+                    fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                            ?: throw Idscp2Exception("RAT prover driver not available")
+                    this
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
@@ -157,16 +180,20 @@ class StateWaitForRatProver(fsm: FSM,
                     this
                 }
         ))
+
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
                     fsm.recvAck(it.idscpMessage.idscpAck)
                     this
                 }
         ))
-        setNoTransitionHandler { event: Event? ->
-            LOG.debug("No transition available for given event " + event.toString())
-            LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER")
-            this
-        }
+
+        setNoTransitionHandler (
+                Function {
+                    LOG.debug("No transition available for given event $it")
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER")
+                    this
+                }
+        )
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index ebad758a0..d38477d9f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -48,21 +48,30 @@ class StateWaitForRatVerifier(fsm: FSM,
          * onMessage: IDSCP_RE_RAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSC_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                    CloseCause.USER_SHUTDOWN))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", CloseCause.TIMEOUT))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
+                Function {
+                    LOG.debug("Send IDSC_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
+                            CloseCause.USER_SHUTDOWN))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.ERROR.value, Transition (
+                Function {
+                    LOG.debug("An internal control error occurred")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
+                Function {
+                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", CloseCause.TIMEOUT))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
                 Function {
                     LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER")
@@ -76,6 +85,7 @@ class StateWaitForRatVerifier(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
                 }
         ))
+
         addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition (
                 Function {
                     LOG.debug("Received RAT_VERIFIER OK")
@@ -90,13 +100,17 @@ class StateWaitForRatVerifier(fsm: FSM,
                     }
                 }
         ))
-        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
-            LOG.error("RAT_VERIFIER failed")
-            LOG.debug("Send IDSC_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
-                    CloseCause.RAT_VERIFIER_FAILED))
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+
+        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition (
+                Function {
+                    LOG.error("RAT_VERIFIER failed")
+                    LOG.debug("Send IDSC_CLOSE")
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
+                            CloseCause.RAT_VERIFIER_FAILED))
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition(
                 Function { event: Event ->
                     LOG.debug("Send IDSCP_RAT_VERIFIER")
@@ -107,10 +121,14 @@ class StateWaitForRatVerifier(fsm: FSM,
                     this
                 }
         ))
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
-            fsm.getState(FsmState.STATE_CLOSED)
-        })
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
+                Function {
+                    LOG.debug("Received IDSCP_CLOSE")
+                    fsm.getState(FsmState.STATE_CLOSED)
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
@@ -125,13 +143,17 @@ class StateWaitForRatVerifier(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
                 }
         ))
-        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
-            LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
-            assert(event.idscpMessage.hasIdscpRatProver())
-            fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
-                    ?: throw Idscp2Exception("RAT verifier driver not available")
-            this
-        })
+
+        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition (
+                Function { event: Event ->
+                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
+                    assert(event.idscpMessage.hasIdscpRatProver())
+                    fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+                            ?: throw Idscp2Exception("RAT verifier driver not available")
+                    this
+                }
+        ))
+
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
@@ -142,16 +164,20 @@ class StateWaitForRatVerifier(fsm: FSM,
                     fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
                 }
         ))
+
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
                     fsm.recvAck(it.idscpMessage.idscpAck)
                     this
                 }
         ))
-        setNoTransitionHandler { event: Event? ->
-            LOG.debug("No transition available for given event " + event.toString())
-            LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER")
-            this
-        }
+
+        setNoTransitionHandler (
+                Function {
+                    LOG.debug("No transition available for given event $it")
+                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER")
+                    this
+                }
+        )
     }
 }
\ No newline at end of file

From dc438e5f5e87c01bcfaf59489be7a6ad6c14fd47 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Tue, 24 Nov 2020 17:58:26 +0100
Subject: [PATCH 184/237] Restructure idscp package

---
 .../idscp2/client/Idscp2ClientComponent.kt    | 12 +++++-----
 .../idscp2/client/Idscp2ClientConsumer.kt     |  2 +-
 .../idscp2/client/Idscp2ClientEndpoint.kt     | 22 ++++++++---------
 .../camel/idscp2/server/CamelIdscp2Server.kt  | 14 +++++------
 .../idscp2/server/Idscp2ServerComponent.kt    | 14 +++++------
 .../idscp2/server/Idscp2ServerEndpoint.kt     | 16 ++++++-------
 .../ids/tokenmanager/TokenManagerService.java |  6 ++---
 .../idscp2/app_layer/AppLayerConnection.kt    | 10 ++++----
 .../daps/DefaultDapsDriver.kt                 |  6 ++---
 .../daps/DefaultDapsDriverConfig.kt           |  2 +-
 .../daps/NullDaps.kt                          |  4 ++--
 .../daps/SecurityRequirements.kt              |  2 +-
 .../keystores/CustomX509ExtendedKeyManager.kt |  2 +-
 .../keystores/PreConfiguration.kt             |  2 +-
 .../rat/dummy/RatProverDummy.kt               |  4 ++--
 .../rat/dummy/RatVerifierDummy.kt             |  4 ++--
 .../rat/null/NullRatProver.kt                 |  5 ++--
 .../rat/null/NullRatVerifier.kt               |  4 ++--
 .../rat/tpm2d/TPM2dHelper.kt                  |  2 +-
 .../rat/tpm2d/TPM2dMessageFactory.kt          |  2 +-
 .../rat/tpm2d/TPM2dProver.kt                  |  4 ++--
 .../rat/tpm2d/TPM2dProverConfig.kt            |  2 +-
 .../rat/tpm2d/TPM2dSocket.kt                  |  2 +-
 .../rat/tpm2d/TPM2dVerifier.kt                |  4 ++--
 .../rat/tpm2d/TPM2dVerifierConfig.kt          |  2 +-
 .../secure_channel/NativeTLSDriver.kt         | 20 ++++++++--------
 .../secure_channel/TLSConstants.kt            |  2 +-
 .../TLSSessionVerificationHelper.kt           |  2 +-
 .../client/DataAvailableListener.kt           |  2 +-
 .../secure_channel/client/InputListener.kt    |  2 +-
 .../client/InputListenerThread.kt             |  2 +-
 .../secure_channel/client/TLSClient.kt        | 16 ++++++-------
 .../secure_channel/server/TLSServer.kt        | 16 ++++++-------
 .../secure_channel/server/TLSServerThread.kt  | 12 +++++-----
 .../idscp2/example/CommandlineTunnelClient.kt | 16 ++++++-------
 .../idscp2/example/CommandlineTunnelServer.kt | 24 +++++++++----------
 .../idscp2/example/Idscp2ClientInitiator.kt   | 18 +++++++-------
 .../idscp2/example/Idscp2ServerInitiator.kt   | 24 +++++++++----------
 .../aisec/ids/idscp2/example/RunTLSClient.kt  |  8 +++----
 .../aisec/ids/idscp2/example/RunTLSServer.kt  |  8 +++----
 .../ids/idscp2/example/RunTunnelClient.kt     |  8 +++----
 .../ids/idscp2/example/RunTunnelServer.kt     |  8 +++----
 .../api}/Idscp2EndpointListener.kt            |  4 ++--
 .../configuration/AttestationConfig.kt        |  2 +-
 .../configuration/Idscp2Configuration.kt      |  2 +-
 .../configuration/Idscp2ServerFactory.kt      | 16 ++++++-------
 .../SecureChannelInitListener.kt              |  6 ++---
 .../idscp_connection}/Idscp2Connection.kt     |  2 +-
 .../Idscp2ConnectionAdapter.kt                |  2 +-
 .../idscp_connection}/Idscp2ConnectionImpl.kt |  7 +++---
 .../Idscp2ConnectionListener.kt               |  2 +-
 .../Idscp2MessageListener.kt                  |  4 +++-
 .../idscp_server}/Idscp2Server.kt             |  6 ++---
 .../idscp_server/ServerConnectionListener.kt  | 14 +++++++++++
 .../drivers}/DapsDriver.kt                    |  2 +-
 .../drivers}/RatProverDriver.kt               |  2 +-
 .../drivers}/RatVerifierDriver.kt             |  2 +-
 .../drivers}/SecureChannelDriver.kt           | 10 ++++----
 .../SecureChannelEndpoint.kt                  |  2 +-
 .../drivers}/SecureServer.kt                  |  4 ++--
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 12 +++++-----
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  |  6 ++---
 .../idscp2/idscp_core/fsm/StateEstablished.kt |  4 ++--
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  |  4 ++--
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   |  4 ++--
 .../fsm/StateWaitForDatAndRatVerifier.kt      |  4 ++--
 .../idscp_core/fsm/StateWaitForHello.kt       |  6 ++---
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  |  4 ++--
 .../idscp_core/fsm/StateWaitForRatProver.kt   |  4 ++--
 .../idscp_core/fsm/StateWaitForRatVerifier.kt |  4 ++--
 .../{ => messages}/Idscp2MessageHelper.kt     |  2 +-
 .../rat_registry/RatProverDriverRegistry.kt   |  2 +-
 .../rat_registry/RatVerifierDriverRegistry.kt |  2 +-
 .../secure_channel/SecureChannel.kt           |  1 +
 .../server/ServerConnectionListener.kt        |  8 -------
 idscp2/src/test/java/DapsDriverTest.java      |  8 +++----
 76 files changed, 254 insertions(+), 247 deletions(-)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/daps/DefaultDapsDriver.kt (98%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/daps/DefaultDapsDriverConfig.kt (96%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/daps/NullDaps.kt (74%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/daps/SecurityRequirements.kt (90%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/keystores/CustomX509ExtendedKeyManager.kt (98%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/keystores/PreConfiguration.kt (99%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/dummy/RatProverDummy.kt (92%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/dummy/RatVerifierDummy.kt (93%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/null/NullRatProver.kt (86%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/null/NullRatVerifier.kt (91%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/tpm2d/TPM2dHelper.kt (97%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/tpm2d/TPM2dMessageFactory.kt (97%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/tpm2d/TPM2dProver.kt (98%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/tpm2d/TPM2dProverConfig.kt (92%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/tpm2d/TPM2dSocket.kt (93%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/tpm2d/TPM2dVerifier.kt (98%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/rat/tpm2d/TPM2dVerifierConfig.kt (95%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/secure_channel/NativeTLSDriver.kt (77%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/secure_channel/TLSConstants.kt (91%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/secure_channel/TLSSessionVerificationHelper.kt (99%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/secure_channel/client/DataAvailableListener.kt (85%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/secure_channel/client/InputListener.kt (82%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/secure_channel/client/InputListenerThread.kt (95%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/secure_channel/client/TLSClient.kt (92%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/secure_channel/server/TLSServer.kt (90%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/default_driver_impl => default_drivers}/secure_channel/server/TLSServerThread.kt (91%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{ => idscp_core/api}/Idscp2EndpointListener.kt (80%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{ => api}/configuration/AttestationConfig.kt (96%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{ => api}/configuration/Idscp2Configuration.kt (98%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{ => api}/configuration/Idscp2ServerFactory.kt (84%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{ => api}/configuration/SecureChannelInitListener.kt (72%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{ => api/idscp_connection}/Idscp2Connection.kt (93%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{ => api/idscp_connection}/Idscp2ConnectionAdapter.kt (84%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{ => api/idscp_connection}/Idscp2ConnectionImpl.kt (94%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{ => api/idscp_connection}/Idscp2ConnectionListener.kt (81%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{ => api/idscp_connection}/Idscp2MessageListener.kt (59%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{server => api/idscp_server}/Idscp2Server.kt (87%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/ServerConnectionListener.kt
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/interfaces => idscp_core/drivers}/DapsDriver.kt (91%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/interfaces => idscp_core/drivers}/RatProverDriver.kt (94%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/interfaces => idscp_core/drivers}/RatVerifierDriver.kt (94%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/interfaces => idscp_core/drivers}/SecureChannelDriver.kt (72%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{secure_channel => drivers}/SecureChannelEndpoint.kt (92%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{drivers/interfaces => idscp_core/drivers}/SecureServer.kt (66%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/{ => messages}/Idscp2MessageHelper.kt (98%)
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
index f16b0f3d6..7ab1f18b0 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
@@ -16,12 +16,12 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.client
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProverConfig
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifierConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.apache.camel.Endpoint
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index e682cd4bc..f9fea44ac 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -19,7 +19,7 @@ package de.fhg.aisec.ids.camel.idscp2.client
 import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionListener
 import org.apache.camel.Processor
 import org.apache.camel.support.DefaultConsumer
 import org.slf4j.LoggerFactory
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index eaa9175fa..3439319b3 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -19,17 +19,17 @@ package de.fhg.aisec.ids.camel.idscp2.client
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import org.apache.camel.Processor
 import org.apache.camel.Producer
 import org.apache.camel.spi.UriEndpoint
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index 8f8eaf516..d610a1a09 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -17,14 +17,14 @@
 package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
-import de.fhg.aisec.ids.idscp2.idscp_core.server.Idscp2Server
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2ServerFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2Server
 import java.util.*
 
 class CamelIdscp2Server(serverConfiguration: Idscp2Configuration) : Idscp2EndpointListener<AppLayerConnection> {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
index d7e318a07..aa2ecb5be 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
@@ -17,13 +17,13 @@
 package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProverConfig
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifierConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProverConfig
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifierConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.apache.camel.Endpoint
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index 05cd45cc7..0a4381025 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -16,15 +16,15 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.server
 
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import org.apache.camel.Processor
 import org.apache.camel.Producer
 import org.apache.camel.spi.UriEndpoint
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index 4dcbf4e74..451ba0e16 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -23,9 +23,9 @@
 import de.fhg.aisec.ids.api.settings.ConnectorConfig;
 import de.fhg.aisec.ids.api.settings.Settings;
 import de.fhg.aisec.ids.api.tokenm.TokenManager;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.SecurityRequirements;
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver;
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig;
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.SecurityRequirements;
 import org.osgi.service.component.annotations.Activate;
 import org.osgi.service.component.annotations.Component;
 import org.osgi.service.component.annotations.Reference;
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
index 6bb8056f4..29faa7a7d 100644
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
@@ -3,11 +3,11 @@ package de.fhg.aisec.ids.idscp2.app_layer
 import com.google.protobuf.ByteString
 import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
 import de.fhg.aisec.ids.idscp2.app_layer.messages.AppLayer
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2MessageListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import org.slf4j.LoggerFactory
 import java.util.*
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
similarity index 98%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
index 19ddbad9a..205285e58 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
@@ -1,7 +1,7 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps
+package de.fhg.aisec.ids.idscp2.default_drivers.daps
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.error.DatException
 import io.jsonwebtoken.Jwts
 import io.jsonwebtoken.SignatureAlgorithm
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt
similarity index 96%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt
index b7344ec04..d6e0af69b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/DefaultDapsDriverConfig.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps
+package de.fhg.aisec.ids.idscp2.default_drivers.daps
 
 import java.nio.file.Path
 import java.nio.file.Paths
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/NullDaps.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
similarity index 74%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/NullDaps.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
index dfc1e2daa..272046bd6 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/NullDaps.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
@@ -1,6 +1,6 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps
+package de.fhg.aisec.ids.idscp2.default_drivers.daps
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 
 /**
  * NullDaps for testing purpose only
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/SecurityRequirements.kt
similarity index 90%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/SecurityRequirements.kt
index 9eb3e7307..95dc5579d 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/daps/SecurityRequirements.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/SecurityRequirements.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps
+package de.fhg.aisec.ids.idscp2.default_drivers.daps
 
 /**
  * A Security-Requirements class using Builder pattern to store the connectors expected
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt
similarity index 98%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt
index b09f83337..41819bdb7 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/CustomX509ExtendedKeyManager.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores
+package de.fhg.aisec.ids.idscp2.default_drivers.keystores
 
 import org.slf4j.LoggerFactory
 import java.net.Socket
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
similarity index 99%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
index bb57fed0e..d4e9db3d0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/keystores/PreConfiguration.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores
+package de.fhg.aisec.ids.idscp2.default_drivers.keystores
 
 import org.slf4j.LoggerFactory
 import java.io.IOException
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
similarity index 92%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
index 1df2aedd1..23a9f504f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatProverDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
@@ -1,6 +1,6 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
 import org.slf4j.LoggerFactory
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
similarity index 93%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
index 744832700..0ad95d2d4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/dummy/RatVerifierDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
@@ -1,6 +1,6 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
 import org.slf4j.LoggerFactory
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
similarity index 86%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatProver.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
index 2765bafd8..9e3aa3075 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
@@ -1,7 +1,6 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.`null`
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.`null`
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
 import org.slf4j.LoggerFactory
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
similarity index 91%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatVerifier.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
index a0ce6df6c..54224c531 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/null/NullRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
@@ -1,6 +1,6 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.`null`
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.`null`
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
 import org.slf4j.LoggerFactory
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dHelper.kt
similarity index 97%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dHelper.kt
index ce4ae0de5..7b69887b9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dHelper.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dHelper.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
 
 import org.slf4j.LoggerFactory
 import java.security.MessageDigest
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dMessageFactory.kt
similarity index 97%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dMessageFactory.kt
index f130cc813..1a4ec1b8a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dMessageFactory.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dMessageFactory.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
 
 import com.google.protobuf.ByteString
 import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.*
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
similarity index 98%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
index be8915f57..7beaa45e0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
@@ -1,7 +1,7 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
 
 import com.google.protobuf.InvalidProtocolBufferException
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
 import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProverConfig.kt
similarity index 92%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProverConfig.kt
index d7c273871..097bfc70e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dProverConfig.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProverConfig.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
 
 import java.security.cert.Certificate
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt
similarity index 93%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt
index 705155cd4..6860bba87 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dSocket.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
 
 import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation
 import java.io.DataInputStream
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
similarity index 98%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
index c89cd3829..79354bb01 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
@@ -1,7 +1,7 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
 
 import com.google.protobuf.InvalidProtocolBufferException
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
 import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dMessageWrapper
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifierConfig.kt
similarity index 95%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifierConfig.kt
index 152293796..e65730e54 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/rat/tpm2d/TPM2dVerifierConfig.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifierConfig.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.tpm2d
+package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
 
 import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation
 import java.net.URI
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
similarity index 77%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
index 215835006..88675d855 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/NativeTLSDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
@@ -1,16 +1,16 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client.TLSClient
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server.TLSServer
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client.TLSClient
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server.TLSServer
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import org.slf4j.LoggerFactory
 import java.io.IOException
 import java.security.KeyManagementException
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSConstants.kt
similarity index 91%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSConstants.kt
index 15dd355d7..92835780b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSConstants.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSConstants.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel
 
 /**
  * TLS Constants
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSSessionVerificationHelper.kt
similarity index 99%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSSessionVerificationHelper.kt
index fd099e1f0..ce246fc9b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/TLSSessionVerificationHelper.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSSessionVerificationHelper.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel
 
 import org.slf4j.LoggerFactory
 import java.net.InetAddress
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/DataAvailableListener.kt
similarity index 85%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/DataAvailableListener.kt
index e51a183ab..d5fad12b3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/DataAvailableListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/DataAvailableListener.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client
 
 /**
  * An interface for DataAvailableListeners, that will be notified when new data has been received
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListener.kt
similarity index 82%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListener.kt
index 809288af1..3cc6cf419 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListener.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client
 
 /**
  * An interface for an InputListenerThread, that allows DataAvailableListener registration and
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListenerThread.kt
similarity index 95%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListenerThread.kt
index ec16d66df..bc86d2844 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/InputListenerThread.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListenerThread.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client
 
 import java.io.DataInputStream
 import java.io.EOFException
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
similarity index 92%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
index df583f8e8..4564035e4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
@@ -1,14 +1,14 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.client
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSConstants
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSSessionVerificationHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener
 import org.slf4j.LoggerFactory
 import java.io.DataOutputStream
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
similarity index 90%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
index 8018c4102..042d64c9c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
@@ -1,12 +1,12 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.keystores.PreConfiguration
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSConstants
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
-import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSConstants
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import org.slf4j.LoggerFactory
 import java.io.IOException
 import java.net.ServerSocket
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
similarity index 91%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
index 6b090a3f1..e4f0d1862 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/default_driver_impl/secure_channel/server/TLSServerThread.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
@@ -1,13 +1,13 @@
-package de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.server
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.TLSSessionVerificationHelper
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSSessionVerificationHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelEndpoint
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener
-import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import org.slf4j.LoggerFactory
 import java.io.*
 import java.net.SocketTimeoutException
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
index 647608d59..a1301206e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
@@ -1,15 +1,15 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.NullDaps
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
 import org.slf4j.LoggerFactory
 import java.util.concurrent.CompletableFuture
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import java.nio.charset.StandardCharsets
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
index f421a25ba..42e10c911 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
@@ -1,22 +1,20 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.NullDaps
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2ServerFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
 import java.nio.charset.StandardCharsets
-import java.util.concurrent.CompletableFuture
-import kotlin.concurrent.thread
 
 class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
     fun init(configuration: Idscp2Configuration) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index 7de69705c..19a52f226 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -1,14 +1,14 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index bab1dd231..def697842 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -1,17 +1,17 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2ServerFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2ServerFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
index 2a3edd0be..a2ed42539 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
@@ -1,9 +1,9 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import java.nio.file.Paths
 import java.util.*
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
index b7c586963..de859fcf8 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
@@ -1,9 +1,9 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import java.nio.file.Paths
 import java.util.*
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
index 3e4d5be90..a6f79e5fd 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
@@ -1,9 +1,9 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import java.nio.file.Paths
 import java.util.*
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
index 27f770783..13e197144 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
@@ -1,9 +1,9 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import java.nio.file.Paths
 import java.util.*
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/Idscp2EndpointListener.kt
similarity index 80%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/Idscp2EndpointListener.kt
index eef38914d..fb7be99cb 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/Idscp2EndpointListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/Idscp2EndpointListener.kt
@@ -1,6 +1,6 @@
-package de.fhg.aisec.ids.idscp2
+package de.fhg.aisec.ids.idscp2.idscp_core.api
 
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 
 /**
  * An interface for the Idscp2EndpointListener class, that implements callback functions that notifies
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt
similarity index 96%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt
index b9898da92..dc1ffc8c9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/AttestationConfig.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration
+package de.fhg.aisec.ids.idscp2.idscp_core.api.configuration
 
 import java.util.*
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
similarity index 98%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
index 5c789f070..390dbd524 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2Configuration.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration
+package de.fhg.aisec.ids.idscp2.idscp_core.api.configuration
 
 import java.nio.file.Path
 import java.nio.file.Paths
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2ServerFactory.kt
similarity index 84%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2ServerFactory.kt
index 12b59d03d..297601989 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/Idscp2ServerFactory.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2ServerFactory.kt
@@ -1,14 +1,14 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration
+package de.fhg.aisec.ids.idscp2.idscp_core.api.configuration
 
-import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureChannelDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionAdapter
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.server.Idscp2Server
-import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2Server
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.CompletableFuture
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/SecureChannelInitListener.kt
similarity index 72%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/SecureChannelInitListener.kt
index c4fbd35a2..78c60b1be 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/configuration/SecureChannelInitListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/SecureChannelInitListener.kt
@@ -1,8 +1,8 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.configuration
+package de.fhg.aisec.ids.idscp2.idscp_core.api.configuration
 
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import java.util.concurrent.CompletableFuture
 
 /**
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
similarity index 93%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
index 4b0c78f42..d3ceae0de 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2Connection.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.idscp_core
+package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
 
 /**
  * The IDSCP2 Connection class holds connections between connectors
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionAdapter.kt
similarity index 84%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionAdapter.kt
index 9ade915be..80109b2c4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionAdapter.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionAdapter.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.idscp_core
+package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
 
 import org.slf4j.LoggerFactory
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
similarity index 94%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
index 6d6941f54..8118758bc 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
@@ -1,7 +1,8 @@
-package de.fhg.aisec.ids.idscp2.idscp_core
+package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import org.slf4j.LoggerFactory
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionListener.kt
similarity index 81%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionListener.kt
index 0369292fa..6cdeb72cc 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionListener.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.idscp_core
+package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
 
 /**
  * An IDSCP Connection Listener interface that is implemented by the IDSCP2 Server to notify the
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt
similarity index 59%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt
index 87c61f0a4..7088a357f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt
@@ -1,4 +1,6 @@
-package de.fhg.aisec.ids.idscp2.idscp_core
+package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
+
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 
 /**
  * An interface for an IDSCP message listener
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt
similarity index 87%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt
index 4c36bc311..199df50a1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/Idscp2Server.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt
@@ -1,7 +1,7 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.server
+package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.SecureServer
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import org.slf4j.LoggerFactory
 import java.util.*
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/ServerConnectionListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/ServerConnectionListener.kt
new file mode 100644
index 000000000..acd2af1dd
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/ServerConnectionListener.kt
@@ -0,0 +1,14 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server
+
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+
+/**
+ * A ServerConnectionListener interface for the Idscp2Server to get notification about
+ * Idscp2Connection lifetimes in an isolated way
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+interface ServerConnectionListener<CC: Idscp2Connection> {
+    fun onConnectionCreated(connection: CC)
+    fun onConnectionClose(connection: CC)
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt
similarity index 91%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt
index 45f5143b1..c452f41ed 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/DapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces
+package de.fhg.aisec.ids.idscp2.idscp_core.drivers
 
 /**
  * An interface for the DAPS driver, which is used to verify and request dynamicAttributeTokens
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt
similarity index 94%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt
index db7624859..c52299efe 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatProverDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces
+package de.fhg.aisec.ids.idscp2.idscp_core.drivers
 
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import org.slf4j.LoggerFactory
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt
similarity index 94%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt
index b4f03d2e7..db80ab9b4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/RatVerifierDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces
+package de.fhg.aisec.ids.idscp2.idscp_core.drivers
 
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import org.slf4j.LoggerFactory
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
similarity index 72%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
index b38c75327..20d54bfcd 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureChannelDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
@@ -1,10 +1,10 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces
+package de.fhg.aisec.ids.idscp2.idscp_core.drivers
 
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.server.ServerConnectionListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import java.util.concurrent.CompletableFuture
 
 /**
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
similarity index 92%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
index 977ca0f9d..fd9faad0c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelEndpoint.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel
+package de.fhg.aisec.ids.idscp2.idscp_core.drivers
 
 /**
  * An interface for a secureChannelEndpoint e.g. TLS Client and TLS Server Thread
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureServer.kt
similarity index 66%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureServer.kt
index 38ba3199d..bf31db705 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/drivers/interfaces/SecureServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureServer.kt
@@ -1,7 +1,7 @@
-package de.fhg.aisec.ids.idscp2.drivers.interfaces
+package de.fhg.aisec.ids.idscp2.idscp_core.drivers
 
 /**
- * An interface for the IDSCP2 Secure Server
+ * An interface for the IDSCP2 Secure Server which is used by the Idscp2Server
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 6793af27b..1046350be 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -1,14 +1,14 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
 import com.google.protobuf.InvalidProtocolBufferException
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
index 2a63b2e50..cbdf5bae1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import org.slf4j.LoggerFactory
 import java.util.*
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
index 257bdceb8..051a6230b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
index bad321dd2..67ecd8593 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index 09532243a..423bdcc6c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index e92bcb518..711720c40 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index e4fff4b26..0b43cd93f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.idscp_core.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index 3a812a6f5..52fbe8c13 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index 16a57ceec..d81f3d768 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index d38477d9f..fa1931b3a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageHelper
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/messages/Idscp2MessageHelper.kt
similarity index 98%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/messages/Idscp2MessageHelper.kt
index a3040feec..2818ec100 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2MessageHelper.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/messages/Idscp2MessageHelper.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.idscp_core
+package de.fhg.aisec.ids.idscp2.idscp_core.messages
 
 import com.google.protobuf.ByteString
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.AlternatingBit
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
index c8b157bc8..9cae4e211 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
@@ -1,6 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatProverDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.ConcurrentHashMap
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
index a57162800..5fe7591eb 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
@@ -1,6 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry
 
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.RatVerifierDriver
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.ConcurrentHashMap
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
index 91fb801b0..8a81a904d 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
@@ -1,5 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel
 
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.CompletableFuture
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt
deleted file mode 100644
index ae888b08c..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/server/ServerConnectionListener.kt
+++ /dev/null
@@ -1,8 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.server
-
-import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
-
-interface ServerConnectionListener<CC: Idscp2Connection> {
-    fun onConnectionCreated(connection: CC)
-    fun onConnectionClose(connection: CC)
-}
\ No newline at end of file
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index a0e8b0616..8474b398c 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -1,7 +1,7 @@
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.SecurityRequirements;
-import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver;
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver;
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig;
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.SecurityRequirements;
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver;
 import org.junit.Ignore;
 import org.junit.Test;
 

From 4831658d082d78abe88dad9944df29eb7ce14e73 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Tue, 24 Nov 2020 21:43:13 +0100
Subject: [PATCH 185/237] Integrate DapsDriver into Idscp2Configuration

---
 .../idscp2/client/Idscp2ClientEndpoint.kt     | 38 ++++++++++++-------
 .../camel/idscp2/server/CamelIdscp2Server.kt  | 16 +-------
 .../idscp2/server/Idscp2ServerEndpoint.kt     | 25 +++++++++++-
 .../idscp2/app_layer/AppLayerConnection.kt    |  5 +--
 .../secure_channel/NativeTLSDriver.kt         |  9 ++---
 .../secure_channel/client/TLSClient.kt        |  5 +--
 .../secure_channel/server/TLSServer.kt        |  2 +-
 .../secure_channel/server/TLSServerThread.kt  |  2 +-
 .../idscp2/example/CommandlineTunnelClient.kt |  5 +--
 .../idscp2/example/CommandlineTunnelServer.kt |  6 +--
 .../idscp2/example/Idscp2ClientInitiator.kt   | 13 +------
 .../idscp2/example/Idscp2ServerInitiator.kt   | 17 +--------
 .../aisec/ids/idscp2/example/RunTLSClient.kt  | 22 +++++++++--
 .../aisec/ids/idscp2/example/RunTLSServer.kt  | 22 +++++++++--
 .../ids/idscp2/example/RunTunnelClient.kt     |  6 ++-
 .../ids/idscp2/example/RunTunnelServer.kt     |  6 ++-
 .../api/configuration/AttestationConfig.kt    |  2 +-
 .../api/configuration/Idscp2Configuration.kt  | 24 ++++++------
 .../idscp_connection/Idscp2ConnectionImpl.kt  |  5 +--
 .../Idscp2ServerFactory.kt                    | 10 ++---
 .../SecureChannelInitListener.kt              |  3 +-
 .../idscp_core/drivers/SecureChannelDriver.kt |  7 ++--
 22 files changed, 136 insertions(+), 114 deletions(-)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/{configuration => idscp_server}/Idscp2ServerFactory.kt (91%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/{configuration => idscp_server}/SecureChannelInitListener.kt (82%)

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 3439319b3..bea7a5aec 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -26,7 +26,6 @@ import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
@@ -50,7 +49,6 @@ import java.util.regex.Pattern
 class Idscp2ClientEndpoint(uri: String?, private val remaining: String, component: Idscp2ClientComponent?) :
         DefaultEndpoint(uri, component) {
     private lateinit var secureChannelDriver: SecureChannelDriver<AppLayerConnection>
-    private lateinit var dapsDriver: DapsDriver
     private lateinit var clientConfiguration: Idscp2Configuration
 
     @UriParam(
@@ -77,7 +75,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
     var connectionShareId: String? = null
 
     private fun makeConnectionInternal(): CompletableFuture<AppLayerConnection> {
-        return secureChannelDriver.connect(::AppLayerConnection, clientConfiguration, dapsDriver)
+        return secureChannelDriver.connect(::AppLayerConnection, clientConfiguration)
     }
 
     fun makeConnection(): CompletableFuture<AppLayerConnection> {
@@ -107,16 +105,25 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         val matchResult = remainingMatcher.toMatchResult()
         val host = matchResult.group(1)
         val port = matchResult.group(2)?.toInt() ?: Idscp2Configuration.DEFAULT_SERVER_PORT
+
+        // create attestation config
         val localAttestationConfig = AttestationConfig.Builder()
                 .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID, TPM2dProver.TPM_RAT_PROVER_ID))
                 .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, TPM2dVerifier.TPM_RAT_VERIFIER_ID))
                 .setRatTimeoutDelay(dapsRatTimeoutDelay ?: AttestationConfig.DEFAULT_RAT_TIMEOUT_DELAY.toLong())
                 .build()
+
+        // create daps config builder
+        val dapsDriverConfigBuilder = DefaultDapsDriverConfig.Builder()
+                .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
+                .setKeyAlias(dapsKeyAlias ?: "1")
+
+        // create idscp configuration
         val clientConfigurationBuilder = Idscp2Configuration.Builder()
                 .setHost(host)
                 .setServerPort(port)
                 .setAttestationConfig(localAttestationConfig)
-                .setDapsKeyAlias(dapsKeyAlias ?: "1")
+
         sslContextParameters?.let {
             clientConfigurationBuilder
                     .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
@@ -129,18 +136,21 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
                     .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
                             ?: "password".toCharArray())
                     .setCertificateAlias(it.certAlias ?: "1.0.1")
+
+            dapsDriverConfigBuilder
+                    .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
+                            ?: "password".toCharArray())
+                    .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
+                    .setKeyStorePassword(it.keyManagers?.keyStore?.password?.toCharArray()
+                            ?: "password".toCharArray())
+                    .setTrustStorePath(Paths.get(it.trustManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
+                    .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
+                            ?: "password".toCharArray())
         }
-        secureChannelDriver = NativeTLSDriver()
+
+        clientConfigurationBuilder.setDapsDriver(DefaultDapsDriver(dapsDriverConfigBuilder.build()))
         clientConfiguration = clientConfigurationBuilder.build()
-        dapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
-                .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
-                .setKeyAlias(clientConfiguration.dapsKeyAlias)
-                .setKeyPassword(clientConfiguration.keyPassword)
-                .setKeyStorePath(clientConfiguration.keyStorePath)
-                .setTrustStorePath(clientConfiguration.trustStorePath)
-                .setKeyStorePassword(clientConfiguration.keyStorePassword)
-                .setTrustStorePassword(clientConfiguration.trustStorePassword)
-                .build())
+        secureChannelDriver = NativeTLSDriver()
     }
 
     public override fun doStop() {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index d610a1a09..525613dcd 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -16,14 +16,11 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.server
 
-import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2ServerFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2ServerFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2Server
 import java.util.*
 
@@ -32,20 +29,11 @@ class CamelIdscp2Server(serverConfiguration: Idscp2Configuration) : Idscp2Endpoi
     val listeners: MutableSet<Idscp2EndpointListener<AppLayerConnection>> = Collections.synchronizedSet(HashSet())
 
     init {
-        val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
-                .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
-                .setKeyAlias(serverConfiguration.dapsKeyAlias)
-                .setKeyPassword(serverConfiguration.keyPassword)
-                .setKeyStorePath(serverConfiguration.keyStorePath)
-                .setTrustStorePath(serverConfiguration.trustStorePath)
-                .setKeyStorePassword(serverConfiguration.keyStorePassword)
-                .setTrustStorePassword(serverConfiguration.trustStorePassword)
-                .build()
+
         val serverFactory = Idscp2ServerFactory(
                 ::AppLayerConnection,
                 this,
                 serverConfiguration,
-                DefaultDapsDriver(dapsDriverConfig),
                 NativeTLSDriver()
         )
         server = serverFactory.listen()
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index 0a4381025..9e54d0176 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -16,8 +16,11 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.server
 
+import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
@@ -120,16 +123,25 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
         val matchResult = remainingMatcher.toMatchResult()
         val host = matchResult.group(1)
         val port = matchResult.group(2)?.toInt() ?: Idscp2Configuration.DEFAULT_SERVER_PORT
+
+        // create attestation config
         val localAttestationConfig = AttestationConfig.Builder()
                 .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID, TPM2dProver.TPM_RAT_PROVER_ID))
                 .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, TPM2dVerifier.TPM_RAT_VERIFIER_ID))
                 .setRatTimeoutDelay(dapsRatTimeoutDelay)
                 .build()
+
+        // create daps config
+        val dapsDriverConfigBuilder = DefaultDapsDriverConfig.Builder()
+                .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
+                .setKeyAlias(dapsKeyAlias)
+
+        // create idscp config
         val serverConfigurationBuilder = Idscp2Configuration.Builder()
                 .setHost(host)
                 .setServerPort(port)
                 .setAttestationConfig(localAttestationConfig)
-                .setDapsKeyAlias(dapsKeyAlias)
+
         sslContextParameters?.let {
             serverConfigurationBuilder
                     .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
@@ -142,7 +154,18 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
                     .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
                             ?: "password".toCharArray())
                     .setCertificateAlias(it.certAlias ?: "1.0.1")
+
+            dapsDriverConfigBuilder
+                    .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
+                        ?: "password".toCharArray())
+                    .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
+                    .setKeyStorePassword(it.keyManagers?.keyStore?.password?.toCharArray()
+                            ?: "password".toCharArray())
+                    .setTrustStorePath(Paths.get(it.trustManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
+                    .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
+                            ?: "password".toCharArray())
         }
+        serverConfigurationBuilder.setDapsDriver(DefaultDapsDriver(dapsDriverConfigBuilder.build()))
         serverConfiguration = serverConfigurationBuilder.build()
         (component as Idscp2ServerComponent).getServer(serverConfiguration).let {
             server = it
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
index 29faa7a7d..101254e5b 100644
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
@@ -3,7 +3,6 @@ package de.fhg.aisec.ids.idscp2.app_layer
 import com.google.protobuf.ByteString
 import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
 import de.fhg.aisec.ids.idscp2.app_layer.messages.AppLayer
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2MessageListener
@@ -17,8 +16,8 @@ class AppLayerConnection private constructor(private val idscp2Connection: Idscp
     private var idscp2MessageListener: Idscp2MessageListener? = null
     private val genericMessageListeners: MutableSet<GenericMessageListener> = Collections.synchronizedSet(HashSet())
 
-    constructor(secureChannel: SecureChannel, configuration: Idscp2Configuration, dapsDriver: DapsDriver):
-        this(Idscp2ConnectionImpl(secureChannel, configuration, dapsDriver))
+    constructor(secureChannel: SecureChannel, configuration: Idscp2Configuration):
+        this(Idscp2ConnectionImpl(secureChannel, configuration))
 
     private fun assureMessageListener() {
         if (idscp2MessageListener == null) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
index 88675d855..9e7597570 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
@@ -8,7 +8,7 @@ import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import org.slf4j.LoggerFactory
@@ -26,12 +26,11 @@ class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC> {
     /**
      * Performs an asynchronous client connect to a TLS server.
      */
-    override fun connect(connectionFactory: (SecureChannel, Idscp2Configuration, DapsDriver) -> CC,
-                         configuration: Idscp2Configuration,
-                         dapsDriver: DapsDriver): CompletableFuture<CC> {
+    override fun connect(connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
+                         configuration: Idscp2Configuration): CompletableFuture<CC> {
         val connectionFuture = CompletableFuture<CC>()
         try {
-            val tlsClient = TLSClient(connectionFactory, configuration, dapsDriver, connectionFuture)
+            val tlsClient = TLSClient(connectionFactory, configuration, connectionFuture)
             tlsClient.connect(configuration.host, configuration.serverPort)
         } catch (e: IOException) {
             connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
index 4564035e4..08e1d1839 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
@@ -26,9 +26,8 @@ import javax.net.ssl.*
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class TLSClient<CC: Idscp2Connection>(
-        private val connectionFactory: (SecureChannel, Idscp2Configuration, DapsDriver) -> CC,
+        private val connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
         private val clientConfiguration: Idscp2Configuration,
-        private val dapsDriver: DapsDriver,
         private val connectionFuture: CompletableFuture<CC>
 ) : HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
     private val clientSocket: Socket?
@@ -139,7 +138,7 @@ class TLSClient<CC: Idscp2Connection>(
             val secureChannel = SecureChannel(this)
             // Try to complete, won't do anything if promise has been cancelled
             listenerPromise.complete(secureChannel)
-            val connection = connectionFactory(secureChannel, clientConfiguration, dapsDriver)
+            val connection = connectionFactory(secureChannel, clientConfiguration)
             inputListenerThread!!.start()
             // Try to complete, won't do anything if promise has been cancelled
             connectionFuture.complete(connection)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
index 042d64c9c..a79ce6a58 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
@@ -5,7 +5,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSConstants
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import org.slf4j.LoggerFactory
 import java.io.IOException
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
index e4f0d1862..c0302ca2f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
@@ -3,7 +3,7 @@ package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSSessionVerificationHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
index a1301206e..224c04cb6 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
@@ -24,9 +24,6 @@ class CommandlineTunnelClient {
         // create secure channel driver
         val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
 
-        // create daps driver
-        val dapsDriver = NullDaps()
-
         // register rat drivers
         RatProverDriverRegistry.registerDriver(
                 RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
@@ -36,7 +33,7 @@ class CommandlineTunnelClient {
 
         // connect to idscp2 server
         LOG.info("connecting to {}:{}", configuration.host, configuration.serverPort)
-        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration, dapsDriver)
+        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration)
 
         connectionFuture.thenAccept { connection: Idscp2Connection ->
             println("Client: New connection with id " + connection.id)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
index 42e10c911..e46238fe4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
@@ -10,7 +10,7 @@ import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2ServerFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2ServerFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
@@ -22,9 +22,6 @@ class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
         // create secure channel driver
         val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
 
-        // create daps
-        val dapsDriver: DapsDriver = NullDaps()
-
         // register rat drivers
         RatProverDriverRegistry.registerDriver(
                 RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
@@ -37,7 +34,6 @@ class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
                 ::Idscp2ConnectionImpl,
                 this,
                 configuration,
-                dapsDriver,
                 secureChannelDriver
         )
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index 19a52f226..f51b0216a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -23,17 +23,6 @@ class Idscp2ClientInitiator {
         // create secure channel driver
         val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
 
-        // create daps driver
-        val dapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
-                .setKeyStorePath(configuration.keyStorePath)
-                .setTrustStorePath(configuration.trustStorePath)
-                .setKeyStorePassword(configuration.keyStorePassword)
-                .setTrustStorePassword(configuration.trustStorePassword)
-                .setKeyAlias(configuration.dapsKeyAlias)
-                .setKeyPassword(configuration.keyPassword)
-                .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                .build())
-
         // register rat drivers
         RatProverDriverRegistry.registerDriver(
                 RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
@@ -42,7 +31,7 @@ class Idscp2ClientInitiator {
                 RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
 
         // connect to idscp2 server
-        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration, dapsDriver)
+        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration)
         connectionFuture.thenAccept { connection: Idscp2Connection ->
             println("Client: New connection with id " + connection.id)
             connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index def697842..ef17979c2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -11,7 +11,7 @@ import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2ServerFactory
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2ServerFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
@@ -24,20 +24,6 @@ class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
         // create secure channel driver
         val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
 
-        // create daps config
-        val dapsConfig = DefaultDapsDriverConfig.Builder()
-                .setKeyStorePath(configuration.keyStorePath)
-                .setTrustStorePath(configuration.trustStorePath)
-                .setKeyStorePassword(configuration.keyStorePassword)
-                .setTrustStorePassword(configuration.trustStorePassword)
-                .setKeyAlias(configuration.dapsKeyAlias)
-                .setKeyPassword(configuration.keyPassword)
-                .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                .build()
-
-        // create daps
-        val dapsDriver: DapsDriver = DefaultDapsDriver(dapsConfig)
-
         // register rat drivers
         RatProverDriverRegistry.registerDriver(
                 RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
@@ -50,7 +36,6 @@ class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
                 ::Idscp2ConnectionImpl,
                 this,
                 configuration,
-                dapsDriver,
                 secureChannelDriver
         )
         // run idscp2 server
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
index a2ed42539..b433ef2b1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
@@ -1,5 +1,7 @@
 package de.fhg.aisec.ids.idscp2.example
 
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
@@ -10,20 +12,34 @@ import java.util.*
 object RunTLSClient {
     @JvmStatic
     fun main(args: Array<String>) {
+
+        val keyStorePath = Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader
+                .getResource("ssl/aisecconnector1-keystore.p12")).path)
+
+        val trustStorePath = Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader
+                .getResource("ssl/client-truststore_new.p12")).path)
+
         val localAttestationConfig = AttestationConfig.Builder()
                 .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
                 .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID))
                 .setRatTimeoutDelay(300 * 1000) // 300 seconds
                 .build()
 
+        // create daps driver
+        val dapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
+                .setKeyStorePath(keyStorePath)
+                .setTrustStorePath(trustStorePath)
+                .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                .build())
+
         val settings = Idscp2Configuration.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
-                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
+                .setKeyStorePath(keyStorePath)
+                .setTrustStorePath(trustStorePath)
                 .setCertificateAlias("1.0.1")
-                .setDapsKeyAlias("1")
                 .setAckTimeoutDelay(500) //  500 ms
                 .setHandshakeTimeoutDelay(5 * 1000) // 5 seconds
                 .setAttestationConfig(localAttestationConfig)
+                .setDapsDriver(dapsDriver)
                 .build()
 
         val initiator = Idscp2ClientInitiator()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
index de859fcf8..e1d348ac0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
@@ -1,9 +1,12 @@
 package de.fhg.aisec.ids.idscp2.example
 
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import java.nio.file.Paths
 import java.util.*
 
@@ -11,18 +14,31 @@ object RunTLSServer {
     @JvmStatic
     fun main(argv: Array<String>) {
 
+        val keyStorePath = Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader
+                .getResource("ssl/aisecconnector1-keystore.p12")).path)
+
+        val trustStorePath = Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader
+                .getResource("ssl/client-truststore_new.p12")).path)
+
         val localAttestationConfig = AttestationConfig.Builder()
                 .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
                 .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID))
                 .setRatTimeoutDelay(300 * 1000) // 300 seconds
                 .build()
 
+        // create daps config
+        val dapsDriver: DapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
+                .setKeyStorePath(keyStorePath)
+                .setTrustStorePath(trustStorePath)
+                .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                .build())
+
         val settings = Idscp2Configuration.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
-                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
+                .setKeyStorePath(keyStorePath)
+                .setTrustStorePath(trustStorePath)
                 .setCertificateAlias("1.0.1")
-                .setDapsKeyAlias("1")
                 .setAttestationConfig(localAttestationConfig)
+                .setDapsDriver(dapsDriver)
                 .build()
 
         val initiator = Idscp2ServerInitiator()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
index a6f79e5fd..2e9d971f3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
@@ -1,5 +1,6 @@
 package de.fhg.aisec.ids.idscp2.example
 
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
@@ -17,15 +18,18 @@ object RunTunnelClient {
                 .setRatTimeoutDelay(70 * 1000) // 70 seconds
                 .build()
 
+        // create daps driver
+        val dapsDriver = NullDaps()
+
         val config = Idscp2Configuration.Builder()
                 .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector2-keystore.p12")).path))
                 .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
                 .setCertificateAlias("1.0.1")
-                .setDapsKeyAlias("1")
                 .setAckTimeoutDelay(500) //  500 ms
                 .setHandshakeTimeoutDelay(5 * 1000) // 5 seconds
                 .setAttestationConfig(localAttestationConfig)
                 .setServerPort(1234)
+                .setDapsDriver(dapsDriver)
                 .build()
 
         val initiator = CommandlineTunnelClient()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
index 13e197144..4de4b0c1c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
@@ -1,9 +1,11 @@
 package de.fhg.aisec.ids.idscp2.example
 
+import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import java.nio.file.Paths
 import java.util.*
 
@@ -17,13 +19,15 @@ object RunTunnelServer {
                 .setRatTimeoutDelay(60 * 1000) // 60 seconds
                 .build()
 
+        val dapsDriver: DapsDriver = NullDaps()
+
         val settings = Idscp2Configuration.Builder()
                 .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
                 .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
                 .setCertificateAlias("1.0.1")
-                .setDapsKeyAlias("1")
                 .setAttestationConfig(localAttestationConfig)
                 .setServerPort(1234)
+                .setDapsDriver(dapsDriver)
                 .build()
 
         val initiator = CommandlineTunnelServer()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt
index dc1ffc8c9..0aced58cd 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt
@@ -54,6 +54,6 @@ class AttestationConfig {
     }
 
     companion object {
-        const val DEFAULT_RAT_TIMEOUT_DELAY = "600000" // in ms: 600 seconds
+        const val DEFAULT_RAT_TIMEOUT_DELAY = "3600000" // in ms: 1 hour
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
index 390dbd524..8bbb285ee 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
@@ -1,5 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.api.configuration
 
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import java.nio.file.Path
 import java.nio.file.Paths
 
@@ -26,12 +27,12 @@ class Idscp2Configuration {
         private set
     var certificateAlias = "1.0.1"
         private set
-    var dapsKeyAlias = "1"
-        private set
     var keyStoreKeyType = "RSA"
         private set
     lateinit var attestationConfig: AttestationConfig
         private set
+    lateinit var dapsDriver: DapsDriver
+        private set
     var handshakeTimeoutDelay = DEFAULT_HANDSHAKE_TIMEOUT_DELAY.toInt().toLong() //in ms
         private set
     var ackTimeoutDelay = DEFAULT_ACK_TIMEOUT_DELAY.toInt().toLong() //in ms
@@ -79,11 +80,6 @@ class Idscp2Configuration {
             return this
         }
 
-        fun setDapsKeyAlias(alias: String): Builder {
-            settings.dapsKeyAlias = alias
-            return this
-        }
-
         fun setKeyStoreKeyType(keyType: String): Builder {
             settings.keyStoreKeyType = keyType
             return this
@@ -94,6 +90,11 @@ class Idscp2Configuration {
             return this
         }
 
+        fun setDapsDriver(dapsDriver: DapsDriver): Builder {
+            settings.dapsDriver = dapsDriver
+            return this
+        }
+
         fun setHandshakeTimeoutDelay(delay: Long): Builder {
             settings.handshakeTimeoutDelay = delay
             return this
@@ -123,9 +124,9 @@ class Idscp2Configuration {
         if (keyStorePath != other.keyStorePath) return false
         if (!keyStorePassword.contentEquals(other.keyStorePassword)) return false
         if (certificateAlias != other.certificateAlias) return false
-        if (dapsKeyAlias != other.dapsKeyAlias) return false
         if (keyStoreKeyType != other.keyStoreKeyType) return false
         if (attestationConfig != other.attestationConfig) return false
+        if (dapsDriver != other.dapsDriver) return false
         if (handshakeTimeoutDelay != other.handshakeTimeoutDelay) return false
         if (ackTimeoutDelay != other.ackTimeoutDelay) return false
 
@@ -141,9 +142,9 @@ class Idscp2Configuration {
         result = 31 * result + keyStorePath.hashCode()
         result = 31 * result + keyStorePassword.contentHashCode()
         result = 31 * result + certificateAlias.hashCode()
-        result = 31 * result + dapsKeyAlias.hashCode()
         result = 31 * result + keyStoreKeyType.hashCode()
         result = 31 * result + attestationConfig.hashCode()
+        result = 31 *  result + dapsDriver.hashCode()
         result = 31 * result + handshakeTimeoutDelay.hashCode()
         result = 31 * result + ackTimeoutDelay.hashCode()
         return result
@@ -153,9 +154,10 @@ class Idscp2Configuration {
         return "Idscp2Configuration(serverPort=$serverPort, host='$host', trustStorePath=$trustStorePath, " +
                 "trustStorePassword=${trustStorePassword.contentToString()}, " +
                 "keyStorePath=$keyStorePath, keyStorePassword=${keyStorePassword.contentToString()}, " +
-                "certificateAlias='$certificateAlias', dapsKeyAlias='$dapsKeyAlias', " +
+                "certificateAlias='$certificateAlias', " +
                 "keyStoreKeyType='$keyStoreKeyType', attestationConfig=$attestationConfig, " +
-                "handshakeTimeoutDelay=$handshakeTimeoutDelay, ackTimeoutDelay=$ackTimeoutDelay)"
+                "dapsDriver=$dapsDriver, handshakeTimeoutDelay=$handshakeTimeoutDelay, " +
+                "ackTimeoutDelay=$ackTimeoutDelay)"
     }
 
     companion object {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
index 8118758bc..132a71c16 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
@@ -17,12 +17,11 @@ import java.util.function.Consumer
  * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
  */
 class Idscp2ConnectionImpl(secureChannel: SecureChannel,
-                           configuration: Idscp2Configuration,
-                           dapsDriver: DapsDriver): Idscp2Connection {
+                           configuration: Idscp2Configuration): Idscp2Connection {
     private val fsm: FSM = FSM(
             this,
             secureChannel,
-            dapsDriver,
+            configuration.dapsDriver,
             configuration.attestationConfig,
             configuration.ackTimeoutDelay,
             configuration.handshakeTimeoutDelay
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2ServerFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
similarity index 91%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2ServerFactory.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
index 297601989..6d7faed17 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2ServerFactory.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
@@ -1,14 +1,13 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.configuration
+package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server
 
 import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2Server
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.CompletableFuture
 
@@ -18,10 +17,9 @@ import java.util.concurrent.CompletableFuture
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class Idscp2ServerFactory<CC: Idscp2Connection>(
-        private val connectionFactory: (SecureChannel, Idscp2Configuration, DapsDriver) -> CC,
+        private val connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
         private val endpointListener: Idscp2EndpointListener<CC>,
         private val configuration: Idscp2Configuration,
-        private val dapsDriver: DapsDriver,
         private val secureChannelDriver: SecureChannelDriver<CC>
 ) : SecureChannelInitListener<CC> {
     /**
@@ -53,7 +51,7 @@ class Idscp2ServerFactory<CC: Idscp2Connection>(
                                  serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>) {
         LOG.trace("A new secure channel for an IDSCP2 connection was established")
         // Threads calling onMessage() will be blocked until all listeners have been registered, see below
-        val newConnection = connectionFactory(secureChannel, configuration, dapsDriver)
+        val newConnection = connectionFactory(secureChannel, configuration)
         // Complete the connection promise for the IDSCP server
         serverListenerPromise.thenAccept { serverListener: ServerConnectionListener<CC> ->
             serverListener.onConnectionCreated(newConnection)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/SecureChannelInitListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/SecureChannelInitListener.kt
similarity index 82%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/SecureChannelInitListener.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/SecureChannelInitListener.kt
index 78c60b1be..9c0cb2cc4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/SecureChannelInitListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/SecureChannelInitListener.kt
@@ -1,8 +1,7 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.configuration
+package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server
 
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import java.util.concurrent.CompletableFuture
 
 /**
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
index 20d54bfcd..9f3901e17 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
@@ -2,7 +2,7 @@ package de.fhg.aisec.ids.idscp2.idscp_core.drivers
 
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import java.util.concurrent.CompletableFuture
@@ -17,9 +17,8 @@ interface SecureChannelDriver<CC : Idscp2Connection> {
     /*
      * Asynchronous method to create a secure connection to a secure server
      */
-    fun connect(connectionFactory: (SecureChannel, Idscp2Configuration, DapsDriver) -> CC,
-                configuration: Idscp2Configuration,
-                dapsDriver: DapsDriver): CompletableFuture<CC>
+    fun connect(connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
+                configuration: Idscp2Configuration): CompletableFuture<CC>
 
     /*
      * Starting a secure server

From a7f00c3c78607fbd4318cc0989480b2cb50e643f Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Tue, 24 Nov 2020 22:04:59 +0100
Subject: [PATCH 186/237] Add repeatRat method to idscp2connection

---
 .../ids/idscp2/example/CommandlineTunnelServer.kt      |  1 +
 .../api/idscp_connection/Idscp2Connection.kt           |  5 +++++
 .../api/idscp_connection/Idscp2ConnectionImpl.kt       |  7 +++++++
 .../de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt      | 10 ++++++++++
 4 files changed, 23 insertions(+)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
index e46238fe4..b44d1db12 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
@@ -15,6 +15,7 @@ import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
 import java.nio.charset.StandardCharsets
+import java.util.concurrent.CompletableFuture
 
 class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
     fun init(configuration: Idscp2Configuration) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
index d3ceae0de..4c4e4fc82 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
@@ -21,6 +21,11 @@ interface Idscp2Connection {
      */
     fun send(msg: ByteArray)
 
+    /**
+     * Repeat remote attestation verification of remote peer
+     */
+    fun repeatRat()
+
     fun onMessage(msg: ByteArray)
 
     fun onError(t: Throwable)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
index 132a71c16..cec7a4856 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
@@ -57,6 +57,13 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
         fsm.send(msg)
     }
 
+    override fun repeatRat() {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Sending data via connection {}...", id)
+        }
+        fsm.repeatRat()
+    }
+
     override fun onMessage(msg: ByteArray) {
         // When unlock is called, although not synchronized, this will eventually stop blocking.
         messageLatch.await()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 1046350be..406c7196a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -385,6 +385,16 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         }
     }
 
+    /**
+     * Repeat RAT Verification if remote peer, triggered by User
+     */
+    fun repeatRat() {
+        // repeat rat only when idscp connection is established
+        idscpHandshakeCompletedLatch.await()
+        checkForFsmCycles()
+        onControlMessage(InternalControlMessage.REPEAT_RAT)
+    }
+
     /**
      * Check if FSM is in STATE ESTABLISHED
      */

From 842ff14f6f406fb2adf78649215d0db98bbd5bf1 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Wed, 25 Nov 2020 13:13:15 +0100
Subject: [PATCH 187/237] Run fire-and-forget notification from FSM to
 User/Drivers within asynchron coroutines to simplify API

---
 idscp2/build.gradle.kts                       |  1 +
 .../idscp2/example/CommandlineTunnelClient.kt |  7 ++-
 .../idscp2/example/CommandlineTunnelServer.kt |  6 +--
 .../idscp2/example/Idscp2ClientInitiator.kt   | 13 +++--
 .../idscp2/example/Idscp2ServerInitiator.kt   | 11 ++---
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 47 +++++++++++++++----
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   | 11 ++++-
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  | 20 ++++++--
 .../idscp_core/fsm/StateWaitForRatProver.kt   | 11 ++++-
 .../idscp_core/fsm/StateWaitForRatVerifier.kt | 11 ++++-
 10 files changed, 98 insertions(+), 40 deletions(-)

diff --git a/idscp2/build.gradle.kts b/idscp2/build.gradle.kts
index 86c910d37..65dc1b772 100644
--- a/idscp2/build.gradle.kts
+++ b/idscp2/build.gradle.kts
@@ -31,6 +31,7 @@ configure<IdeaModel> {
 dependencies {
     // For standalone running of examples
     implementation("org.jetbrains.kotlin", "kotlin-stdlib-jdk8", libraryVersions["kotlin"])
+    implementation("org.jetbrains.kotlinx:kotlinx-coroutines-core:1.4.1")
 
     providedByBundle("com.github.microsoft", "TSS.Java", libraryVersions["tssJava"])
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
index 224c04cb6..89b96b11e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
@@ -1,6 +1,5 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
@@ -36,7 +35,7 @@ class CommandlineTunnelClient {
         connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration)
 
         connectionFuture.thenAccept { connection: Idscp2Connection ->
-            println("Client: New connection with id " + connection.id)
+            LOG.info("Client: New connection with id " + connection.id)
             var runningUserJob = true
 
             connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
@@ -51,8 +50,8 @@ class CommandlineTunnelClient {
                 }
             })
 
-            connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
-                println("Received message: " + String(data, StandardCharsets.UTF_8))
+            connection.addMessageListener { _: Idscp2Connection, data: ByteArray ->
+                LOG.info("Received message: " + String(data, StandardCharsets.UTF_8))
             }
 
             connection.unlockMessaging()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
index b44d1db12..2ecee65ee 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
@@ -42,7 +42,7 @@ class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
     }
 
     override fun onConnection(connection: Idscp2Connection) {
-        println("Server: New connection with id " + connection.id)
+        LOG.info("Server: New connection with id " + connection.id)
 
         connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
             override fun onError(t: Throwable) {
@@ -54,8 +54,8 @@ class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
             }
         })
 
-        connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
-            println("Received message: ${String(data, StandardCharsets.UTF_8)}".trimIndent())
+        connection.addMessageListener { _: Idscp2Connection, data: ByteArray ->
+            LOG.info("Received message: ${String(data, StandardCharsets.UTF_8)}".trimIndent())
         }
 
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index f51b0216a..cc921ae6f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -33,7 +33,7 @@ class Idscp2ClientInitiator {
         // connect to idscp2 server
         connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration)
         connectionFuture.thenAccept { connection: Idscp2Connection ->
-            println("Client: New connection with id " + connection.id)
+            LOG.info("Client: New connection with id " + connection.id)
             connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
                 override fun onError(t: Throwable) {
                     LOG.error("Client connection error occurred", t)
@@ -44,14 +44,13 @@ class Idscp2ClientInitiator {
                 }
             })
             connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
-                println("Received ping message: " + String(data, StandardCharsets.UTF_8))
-                CompletableFuture.runAsync {
-                    println("Close Connection")
-                    c.close()
-                } // FSM error if run from the same thread
+                LOG.info("Received ping message: " + String(data, StandardCharsets.UTF_8))
+
+                LOG.info("Close Connection")
+                c.close()
             }
             connection.unlockMessaging()
-            println("Send PING ...")
+            LOG.info("Send PING ...")
             connection.send("PING".toByteArray(StandardCharsets.UTF_8))
         }.exceptionally { t: Throwable? ->
             LOG.error("Client endpoint error occurred", t)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index ef17979c2..e7d12ad4e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -43,7 +43,7 @@ class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
     }
 
     override fun onConnection(connection: Idscp2Connection) {
-        println("Server: New connection with id " + connection.id)
+        LOG.info("Server: New connection with id " + connection.id)
         connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
             override fun onError(t: Throwable) {
                 LOG.error("Server connection error occurred", t)
@@ -54,11 +54,10 @@ class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
             }
         })
         connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
-            println("Received ping message: ${String(data, StandardCharsets.UTF_8)}".trimIndent())
-            CompletableFuture.runAsync {
-                println("Sending PONG...")
-                c.send("PONG".toByteArray(StandardCharsets.UTF_8)) //FSM error if run from the same thread
-            }
+            LOG.info("Received ping message: ${String(data, StandardCharsets.UTF_8)}".trimIndent())
+
+            LOG.info("Sending PONG...")
+            c.send("PONG".toByteArray(StandardCharsets.UTF_8))
         }
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 406c7196a..12ea1ec43 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -15,6 +15,8 @@ import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpAck
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpData
+import kotlinx.coroutines.GlobalScope
+import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
 import java.util.*
 import java.util.concurrent.locks.ReentrantLock
@@ -349,7 +351,11 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      */
     override fun onError(t: Throwable) {
         // Broadcast the error to the respective listeners
-        connection.onError(t)
+
+        // run in async fire-and-forget coroutine to avoid cycles cause by protocol misuse
+        GlobalScope.launch {
+            connection.onError(t)
+        }
 
         // Check for incorrect usage
         checkForFsmCycles()
@@ -467,7 +473,11 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         ratVerifierDriver?.let {
             if (it.isAlive) {
                 it.interrupt()
-                it.terminate()
+
+                // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                GlobalScope.launch {
+                    it.terminate()
+                }
             }
         }
     }
@@ -502,7 +512,11 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         proverHandshakeTimer.cancelTimeout()
         if (ratProverDriver != null && ratProverDriver!!.isAlive) {
             ratProverDriver!!.interrupt()
-            ratProverDriver!!.terminate()
+
+            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+            GlobalScope.launch {
+                ratProverDriver!!.terminate()
+            }
         }
     }
 
@@ -515,11 +529,20 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         if (LOG.isTraceEnabled) {
             LOG.trace("Running close handlers of connection {}...", connection.id)
         }
-        connection.onClose()
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Closing secure channel of connection {}...", connection.id)
+
+        // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+        GlobalScope.launch {
+            connection.onClose()
         }
-        secureChannel.close()
+
+        // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+        GlobalScope.launch {
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Closing secure channel of connection {}...", connection.id)
+            }
+            secureChannel.close()
+        }
+
         if (LOG.isTraceEnabled) {
             LOG.trace("Clearing timeouts...")
         }
@@ -552,9 +575,13 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      * Provide IDSCP2 message to the message listener
      */
     private fun notifyIdscpMsgListener(data: ByteArray) {
-        connection.onMessage(data)
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Idscp data has been passed to connection listener")
+        // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+        GlobalScope.launch {
+            connection.onMessage(data)
+
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Idscp data has been passed to connection listener")
+            }
         }
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index 423bdcc6c..d6ad6f251 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -6,6 +6,8 @@ import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import kotlinx.coroutines.GlobalScope
+import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
 import java.util.function.Function
 
@@ -154,8 +156,13 @@ class StateWaitForDatAndRat(fsm: FSM,
                 Function { event: Event ->
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
                     assert(event.idscpMessage.hasIdscpRatVerifier())
-                    fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                            ?: throw Idscp2Exception("RAT prover driver not available")
+
+                    // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                    GlobalScope.launch {
+                        fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                                ?: throw Idscp2Exception("RAT prover driver not available")
+                    }
+
                     this
                 }
         ))
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index 52fbe8c13..1e0b20964 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -6,6 +6,8 @@ import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import kotlinx.coroutines.GlobalScope
+import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
 import java.util.function.Function
 
@@ -162,8 +164,13 @@ class StateWaitForRat(fsm: FSM,
                 Function { event: Event ->
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
                     assert(event.idscpMessage.hasIdscpRatVerifier())
-                    fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                            ?: throw Idscp2Exception("RAT prover driver not available")
+
+                    // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                    GlobalScope.launch {
+                        fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                                ?: throw Idscp2Exception("RAT prover driver not available")
+                    }
+
                     this
                 }
         ))
@@ -172,8 +179,13 @@ class StateWaitForRat(fsm: FSM,
                 Function { event: Event ->
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
                     assert(event.idscpMessage.hasIdscpRatProver())
-                    fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
-                            ?: throw Idscp2Exception("RAT verifier driver not available")
+
+                    // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                    GlobalScope.launch {
+                        fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+                                ?: throw Idscp2Exception("RAT verifier driver not available")
+                    }
+
                     this
                 }
         ))
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index d81f3d768..245b9fa29 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -6,6 +6,8 @@ import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import kotlinx.coroutines.GlobalScope
+import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
 import java.util.function.Function
 
@@ -164,8 +166,13 @@ class StateWaitForRatProver(fsm: FSM,
                 Function { event: Event ->
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
                     assert(event.idscpMessage.hasIdscpRatVerifier())
-                    fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                            ?: throw Idscp2Exception("RAT prover driver not available")
+
+                    // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                    GlobalScope.launch {
+                        fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                                ?: throw Idscp2Exception("RAT prover driver not available")
+                    }
+
                     this
                 }
         ))
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index fa1931b3a..191883928 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -6,6 +6,8 @@ import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
+import kotlinx.coroutines.GlobalScope
+import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
 import java.util.function.Function
 
@@ -148,8 +150,13 @@ class StateWaitForRatVerifier(fsm: FSM,
                 Function { event: Event ->
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
                     assert(event.idscpMessage.hasIdscpRatProver())
-                    fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
-                            ?: throw Idscp2Exception("RAT verifier driver not available")
+
+                    // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                    GlobalScope.launch {
+                        fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+                                ?: throw Idscp2Exception("RAT verifier driver not available")
+                    }
+
                     this
                 }
         ))

From bd4b8b620b90b45531ee2934ced311046af99bf3 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Wed, 25 Nov 2020 14:14:09 +0100
Subject: [PATCH 188/237] Isolate FSM access more specific to driver types

---
 .../rat/dummy/RatProverDummy.kt               |  4 +-
 .../rat/dummy/RatVerifierDummy.kt             |  4 +-
 .../default_drivers/rat/null/NullRatProver.kt |  4 +-
 .../rat/null/NullRatVerifier.kt               |  4 +-
 .../default_drivers/rat/tpm2d/TPM2dProver.kt  |  4 +-
 .../rat/tpm2d/TPM2dVerifier.kt                |  4 +-
 .../idscp_connection/Idscp2ConnectionImpl.kt  |  1 -
 .../idscp_core/drivers/RatProverDriver.kt     |  4 +-
 .../idscp_core/drivers/RatVerifierDriver.kt   |  4 +-
 .../drivers/SecureChannelEndpoint.kt          | 19 ++++++++--
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    |  6 ++-
 .../ids/idscp2/idscp_core/fsm/FsmListener.kt  | 37 -------------------
 .../fsm/fsmListeners/RatProverFsmListener.kt  | 18 +++++++++
 .../fsmListeners/RatVerifierFsmListener.kt    | 19 ++++++++++
 .../fsm/fsmListeners/ScFsmListener.kt         | 25 +++++++++++++
 .../rat_registry/RatProverDriverRegistry.kt   | 10 ++---
 .../rat_registry/RatVerifierDriverRegistry.kt | 10 ++---
 .../secure_channel/SecureChannel.kt           | 12 +++---
 18 files changed, 114 insertions(+), 75 deletions(-)
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatProverFsmListener.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatVerifierFsmListener.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/ScFsmListener.kt

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
index 23a9f504f..dffab55e8 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy
 
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.BlockingQueue
 import java.util.concurrent.LinkedBlockingQueue
@@ -12,7 +12,7 @@ import java.util.concurrent.LinkedBlockingQueue
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class RatProverDummy(fsmListener: FsmListener) : RatProverDriver<Unit>(fsmListener) {
+class RatProverDummy(fsmListener: RatProverFsmListener) : RatProverDriver<Unit>(fsmListener) {
     private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
     override fun delegate(message: ByteArray) {
         queue.add(message)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
index 0ad95d2d4..3fcfac877 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy
 
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.BlockingQueue
 import java.util.concurrent.LinkedBlockingQueue
@@ -12,7 +12,7 @@ import java.util.concurrent.LinkedBlockingQueue
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class RatVerifierDummy(fsmListener: FsmListener) : RatVerifierDriver<Unit>(fsmListener) {
+class RatVerifierDummy(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<Unit>(fsmListener) {
     private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
     override fun delegate(message: ByteArray) {
         queue.add(message)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
index 9e3aa3075..247ed3072 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.default_drivers.rat.`null`
 
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.BlockingQueue
 import java.util.concurrent.LinkedBlockingQueue
@@ -12,7 +12,7 @@ import java.util.concurrent.LinkedBlockingQueue
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class NullRatProver(fsmListener: FsmListener) : RatProverDriver<Unit>(fsmListener) {
+class NullRatProver(fsmListener: RatProverFsmListener) : RatProverDriver<Unit>(fsmListener) {
     private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
 
     override fun delegate(message: ByteArray) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
index 54224c531..52348832a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.default_drivers.rat.`null`
 
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.BlockingQueue
 import java.util.concurrent.LinkedBlockingQueue
@@ -12,7 +12,7 @@ import java.util.concurrent.LinkedBlockingQueue
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class NullRatVerifier(fsmListener: FsmListener) : RatVerifierDriver<Unit>(fsmListener) {
+class NullRatVerifier(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<Unit>(fsmListener) {
     private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
     override fun delegate(message: ByteArray) {
         queue.add(message)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
index 7beaa45e0..5dec375b5 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
@@ -2,8 +2,8 @@ package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
 
 import com.google.protobuf.InvalidProtocolBufferException
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
 import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation
 import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dMessageWrapper
 import org.slf4j.LoggerFactory
@@ -16,7 +16,7 @@ import java.util.concurrent.LinkedBlockingQueue
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class TPM2dProver(fsmListener: FsmListener) : RatProverDriver<TPM2dProverConfig>(fsmListener) {
+class TPM2dProver(fsmListener: RatProverFsmListener) : RatProverDriver<TPM2dProverConfig>(fsmListener) {
     /*
      * ******************* Protocol *******************
      *
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
index 79354bb01..6f7497232 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
@@ -2,8 +2,8 @@ package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
 
 import com.google.protobuf.InvalidProtocolBufferException
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
 import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dMessageWrapper
 import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dRatResponse
 import org.slf4j.LoggerFactory
@@ -22,7 +22,7 @@ import java.util.concurrent.LinkedBlockingQueue
 /**
  * A TPM2d RatVerifier driver that verifies the remote peer's identity using TPM2d
  */
-class TPM2dVerifier(fsmListener: FsmListener) : RatVerifierDriver<TPM2dVerifierConfig>(fsmListener) {
+class TPM2dVerifier(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<TPM2dVerifierConfig>(fsmListener) {
     /*
      * ******************* Protocol *******************
      *
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
index cec7a4856..b94097c0a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
@@ -1,7 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
 
 import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt
index c52299efe..14ac636f5 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt
@@ -1,6 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.drivers
 
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
 import org.slf4j.LoggerFactory
 
 /**
@@ -9,7 +9,7 @@ import org.slf4j.LoggerFactory
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-abstract class RatProverDriver<in PC>(protected val fsmListener: FsmListener) : Thread() {
+abstract class RatProverDriver<in PC>(protected val fsmListener: RatProverFsmListener) : Thread() {
     protected var running = true
 
     /*
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt
index db80ab9b4..b09765a7c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt
@@ -1,6 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.drivers
 
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
 import org.slf4j.LoggerFactory
 
 /**
@@ -9,7 +9,7 @@ import org.slf4j.LoggerFactory
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-abstract class RatVerifierDriver<in VC>(protected val fsmListener: FsmListener) : Thread() {
+abstract class RatVerifierDriver<in VC>(protected val fsmListener: RatVerifierFsmListener) : Thread() {
     protected var running = true
 
     /*
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
index fd9faad0c..6233e0371 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
@@ -7,24 +7,35 @@ package de.fhg.aisec.ids.idscp2.idscp_core.drivers
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 interface SecureChannelEndpoint {
-    /*
+
+    /**
      * API to close the secure channel endpoint
      */
     fun close()
 
-    /*
+    /**
      * API to delegate messages from an input listener to the secure channel endpoint
      */
     fun onMessage(bytes: ByteArray)
 
-    /*
+    /**
      * Send data from the secure channel endpoint to the peer connector
      *
+     * ATTENTION: The developer must ensure not to trigger the FSM by another event from the thread
+     * that actually executes the SecureChannelEndpoint.send(bytes) method, but must simply return
+     * true or false, regarding the success of this method. The issue which occurs by using the thread
+     * of the send() method is that the FSM is blocked within a transition until send() returns
+     * and the the following state of the FSM depends on the return value. When this thread would trigger
+     * the FSM again within the current transition then first the new transition would be executed
+     * but than it would be overwritten by the current one. To avoid this case of misuse, the FSM
+     * will throw a Runtime Exception to let the driver developer know, that this is not a good idea.
+     * For more information, see the checkForFsmCycles() method within the FSM
+     *
      * return true when data has been sent, else false
      */
     fun send(bytes: ByteArray): Boolean
 
-    /*
+    /**
      * check if the endpoint is connected
      */
     val isConnected: Boolean
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 12ea1ec43..1571e9a74 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -9,6 +9,9 @@ import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.ScFsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
@@ -34,7 +37,8 @@ import kotlin.jvm.Throws
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver: DapsDriver,
-          attestationConfig: AttestationConfig, ackTimeoutDelay: Long, handshakeTimeoutDelay: Long) : FsmListener {
+          attestationConfig: AttestationConfig, ackTimeoutDelay: Long, handshakeTimeoutDelay: Long)
+    : RatProverFsmListener, RatVerifierFsmListener, ScFsmListener {
     /*  -----------   IDSCP2 Protocol States   ---------- */
     private val states = HashMap<FsmState, State>()
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt
deleted file mode 100644
index 1b6e95f62..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FsmListener.kt
+++ /dev/null
@@ -1,37 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-/**
- * An FSM Listener Interface implemented by the FSM to restrict FSM API to the drivers and the
- * secure channel class of the IDSCP2
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface FsmListener {
-    /*
-     * A method for providing IDSCP2 data from the secure channel to the FSM
-     */
-    fun onMessage(data: ByteArray)
-
-    /*
-     * A method for providing RatProver messages from the RatProverDriver implementation to the FSM
-     */
-    fun onRatProverMessage(controlMessage: InternalControlMessage)
-    fun onRatProverMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray)
-
-    /*
-     * A method for providing RatVerifier messages from the RatVerifierDriver implementation to the
-     * FSM
-     */
-    fun onRatVerifierMessage(controlMessage: InternalControlMessage)
-    fun onRatVerifierMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray)
-
-    /*
-     * A method for providing internal errors to the fsm
-     */
-    fun onError(t: Throwable)
-
-    /*
-     * A method for notifying the fsm about closure of the secure channel
-     */
-    fun onClose()
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatProverFsmListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatProverFsmListener.kt
new file mode 100644
index 000000000..1d3ab5c06
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatProverFsmListener.kt
@@ -0,0 +1,18 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners
+
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+
+/**
+ * An FSM Listener Interface for the RatProver driver implemented by the FSM to restrict FSM API to
+ * the RatProver drivers class of the IDSCP2
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+interface RatProverFsmListener {
+
+    /**
+     * A method for providing RatProver messages from the RatProverDriver implementation to the FSM
+     */
+    fun onRatProverMessage(controlMessage: InternalControlMessage)
+    fun onRatProverMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray)
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatVerifierFsmListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatVerifierFsmListener.kt
new file mode 100644
index 000000000..07d09d022
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatVerifierFsmListener.kt
@@ -0,0 +1,19 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners
+
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
+
+/**
+ * An FSM Listener Interface for the RatVerifier driver implemented by the FSM to restrict FSM API to
+ * the RatVerifier drivers class of the IDSCP2
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+interface RatVerifierFsmListener {
+
+    /**
+     * A method for providing RatVerifier messages from the RatVerifierDriver implementation to the
+     * FSM
+     */
+    fun onRatVerifierMessage(controlMessage: InternalControlMessage)
+    fun onRatVerifierMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray)
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/ScFsmListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/ScFsmListener.kt
new file mode 100644
index 000000000..b3be103ef
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/ScFsmListener.kt
@@ -0,0 +1,25 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners
+
+/**
+ * An FSM Listener Interface for the SecureChannel driver implemented by the FSM to restrict FSM API to
+ * the SecureChannel drivers class of the IDSCP2
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+interface ScFsmListener {
+
+    /**
+     * A method for providing IDSCP2 data from the secure channel to the FSM
+     */
+    fun onMessage(data: ByteArray)
+
+    /**
+     * A method for providing internal SC errors to the fsm
+     */
+    fun onError(t: Throwable)
+
+    /**
+     * A method for notifying the fsm about closure of the secure channel
+     */
+    fun onClose()
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
index 9cae4e211..fcb8361da 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry
 
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.ConcurrentHashMap
 
@@ -22,10 +22,10 @@ object RatProverDriverRegistry {
      * An inner static wrapper class, that wraps driver config and driver class
      */
     private class DriverWrapper<PC>(
-            val driverFactory: (FsmListener) -> RatProverDriver<PC>,
+            val driverFactory: (RatProverFsmListener) -> RatProverDriver<PC>,
             val driverConfig: PC?
     ) {
-        fun getInstance(listener: FsmListener) = driverFactory.invoke(listener).also {d ->
+        fun getInstance(listener: RatProverFsmListener) = driverFactory.invoke(listener).also {d ->
             driverConfig?.let { d.setConfig(it) }
         }
     }
@@ -37,7 +37,7 @@ object RatProverDriverRegistry {
      */
     fun <PC> registerDriver(
             instance: String,
-            driverFactory: (FsmListener) -> RatProverDriver<PC>,
+            driverFactory: (RatProverFsmListener) -> RatProverDriver<PC>,
             driverConfig: PC?
     ) {
         drivers[instance] = DriverWrapper(driverFactory, driverConfig)
@@ -59,7 +59,7 @@ object RatProverDriverRegistry {
      * The finite state machine is registered as the communication partner for the RatProver.
      * The RatProver will be initialized with a configuration, if present. Then it is started.
      */
-    fun startRatProverDriver(instance: String?, listener: FsmListener): RatProverDriver<*>? {
+    fun startRatProverDriver(instance: String?, listener: RatProverFsmListener): RatProverDriver<*>? {
         val driverWrapper = drivers[instance]
         return try {
             driverWrapper!!.getInstance(listener).also { it.start() }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
index 5fe7591eb..4e3fb39b0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry
 
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.ConcurrentHashMap
 
@@ -22,10 +22,10 @@ object RatVerifierDriverRegistry {
      * An inner static wrapper class, that wraps driver config and driver class
      */
     private class DriverWrapper<VC>(
-            val driverFactory: (FsmListener) -> RatVerifierDriver<VC>,
+            val driverFactory: (RatVerifierFsmListener) -> RatVerifierDriver<VC>,
             val driverConfig: VC?
     ) {
-        fun getInstance(listener: FsmListener) = driverFactory.invoke(listener).also {d ->
+        fun getInstance(listener: RatVerifierFsmListener) = driverFactory.invoke(listener).also {d ->
             driverConfig?.let { d.setConfig(it) }
         }
     }
@@ -36,7 +36,7 @@ object RatVerifierDriverRegistry {
      */
     fun <VC> registerDriver(
             mechanism: String,
-            driverFactory: (FsmListener) -> RatVerifierDriver<VC>,
+            driverFactory: (RatVerifierFsmListener) -> RatVerifierDriver<VC>,
             driverConfig: VC?
     ) {
         drivers[mechanism] = DriverWrapper(driverFactory, driverConfig)
@@ -59,7 +59,7 @@ object RatVerifierDriverRegistry {
      * The finite state machine is registered as the communication partner for the RatVerifier.
      * The RatVerifier will be initialized with a configuration, if present. Then it is started.
      */
-    fun startRatVerifierDriver(mechanism: String?, listener: FsmListener): RatVerifierDriver<*>? {
+    fun startRatVerifierDriver(mechanism: String?, listener: RatVerifierFsmListener): RatVerifierDriver<*>? {
         val driverWrapper = drivers[mechanism]
         return try {
             driverWrapper!!.getInstance(listener).also { it.start() }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
index 8a81a904d..2fec1d806 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
@@ -1,7 +1,7 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel
 
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.ScFsmListener
 import org.slf4j.LoggerFactory
 import java.util.concurrent.CompletableFuture
 
@@ -12,7 +12,7 @@ import java.util.concurrent.CompletableFuture
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class SecureChannel(private val endpoint: SecureChannelEndpoint) : SecureChannelListener {
-    private val fsmPromise = CompletableFuture<FsmListener>()
+    private val fsmPromise = CompletableFuture<ScFsmListener>()
 
     /*
      * close the secure channel forever
@@ -37,17 +37,17 @@ class SecureChannel(private val endpoint: SecureChannelEndpoint) : SecureChannel
         if (LOG.isTraceEnabled) {
             LOG.trace("New raw data has been received via the secure channel")
         }
-        fsmPromise.thenAccept { fsmListener: FsmListener -> fsmListener.onMessage(data) }
+        fsmPromise.thenAccept { fsmListener: ScFsmListener -> fsmListener.onMessage(data) }
     }
 
     override fun onError(t: Throwable) {
         // Tell fsm an error occurred in secure channel
-        fsmPromise.thenAccept { fsmListener: FsmListener -> fsmListener.onError(t) }
+        fsmPromise.thenAccept { fsmListener: ScFsmListener -> fsmListener.onError(t) }
     }
 
     override fun onClose() {
         // Tell fsm secure channel received EOF
-        fsmPromise.thenAccept { obj: FsmListener -> obj.onClose() }
+        fsmPromise.thenAccept { obj: ScFsmListener -> obj.onClose() }
     }
 
     val isConnected: Boolean
@@ -56,7 +56,7 @@ class SecureChannel(private val endpoint: SecureChannelEndpoint) : SecureChannel
     /*
      * set the corresponding finite state machine
      */
-    fun setFsm(fsm: FsmListener) {
+    fun setFsm(fsm: ScFsmListener) {
         fsmPromise.complete(fsm)
     }
 

From 128f3690826ad677c3c0cf0d3412b08849ba59e8 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Wed, 25 Nov 2020 17:38:20 +0100
Subject: [PATCH 189/237] Move specific sslConfig out of IdscpConfig and make
 the secureChannelConfig generic

---
 .../idscp2/client/Idscp2ClientEndpoint.kt     |  24 ++--
 .../camel/idscp2/server/CamelIdscp2Server.kt  |   7 +-
 .../idscp2/server/Idscp2ServerComponent.kt    |   4 +-
 .../idscp2/server/Idscp2ServerEndpoint.kt     |  23 ++--
 .../secure_channel/NativeTLSDriver.kt         |  16 ++-
 .../secure_channel/NativeTlsConfiguration.kt  | 126 ++++++++++++++++++
 .../secure_channel/client/TLSClient.kt        |  17 +--
 .../secure_channel/server/TLSServer.kt        |  21 +--
 .../idscp2/example/CommandlineTunnelClient.kt |   7 +-
 .../idscp2/example/CommandlineTunnelServer.kt |   6 +-
 .../idscp2/example/Idscp2ClientInitiator.kt   |   5 +-
 .../idscp2/example/Idscp2ServerInitiator.kt   |  10 +-
 .../aisec/ids/idscp2/example/RunTLSClient.kt  |  14 +-
 .../aisec/ids/idscp2/example/RunTLSServer.kt  |  10 +-
 .../ids/idscp2/example/RunTunnelClient.kt     |  14 +-
 .../ids/idscp2/example/RunTunnelServer.kt     |  10 +-
 .../api/configuration/Idscp2Configuration.kt  |  92 +------------
 .../api/idscp_server/Idscp2ServerFactory.kt   |  10 +-
 .../idscp_core/drivers/SecureChannelDriver.kt |  10 +-
 19 files changed, 256 insertions(+), 170 deletions(-)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTlsConfiguration.kt

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index bea7a5aec..9c487cc18 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -26,6 +26,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
@@ -48,8 +49,9 @@ import java.util.regex.Pattern
 )
 class Idscp2ClientEndpoint(uri: String?, private val remaining: String, component: Idscp2ClientComponent?) :
         DefaultEndpoint(uri, component) {
-    private lateinit var secureChannelDriver: SecureChannelDriver<AppLayerConnection>
+    private lateinit var secureChannelDriver: SecureChannelDriver<AppLayerConnection, NativeTlsConfiguration>
     private lateinit var clientConfiguration: Idscp2Configuration
+    private lateinit var secureChannelConfig: NativeTlsConfiguration
 
     @UriParam(
             label = "security",
@@ -75,7 +77,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
     var connectionShareId: String? = null
 
     private fun makeConnectionInternal(): CompletableFuture<AppLayerConnection> {
-        return secureChannelDriver.connect(::AppLayerConnection, clientConfiguration)
+        return secureChannelDriver.connect(::AppLayerConnection, clientConfiguration, secureChannelConfig)
     }
 
     fun makeConnection(): CompletableFuture<AppLayerConnection> {
@@ -104,7 +106,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
         val matchResult = remainingMatcher.toMatchResult()
         val host = matchResult.group(1)
-        val port = matchResult.group(2)?.toInt() ?: Idscp2Configuration.DEFAULT_SERVER_PORT
+        val port = matchResult.group(2)?.toInt() ?: NativeTlsConfiguration.DEFAULT_SERVER_PORT
 
         // create attestation config
         val localAttestationConfig = AttestationConfig.Builder()
@@ -118,14 +120,13 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
                 .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
                 .setKeyAlias(dapsKeyAlias ?: "1")
 
-        // create idscp configuration
-        val clientConfigurationBuilder = Idscp2Configuration.Builder()
+        // secure channel config
+        val secureChannelConfigBuilder = NativeTlsConfiguration.Builder()
                 .setHost(host)
                 .setServerPort(port)
-                .setAttestationConfig(localAttestationConfig)
 
         sslContextParameters?.let {
-            clientConfigurationBuilder
+            secureChannelConfigBuilder
                     .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
                             ?: "password".toCharArray())
                     .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
@@ -148,9 +149,14 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
                             ?: "password".toCharArray())
         }
 
-        clientConfigurationBuilder.setDapsDriver(DefaultDapsDriver(dapsDriverConfigBuilder.build()))
-        clientConfiguration = clientConfigurationBuilder.build()
+        // create idscp configuration
+        clientConfiguration = Idscp2Configuration.Builder()
+                .setAttestationConfig(localAttestationConfig)
+                .setDapsDriver(DefaultDapsDriver(dapsDriverConfigBuilder.build()))
+                .build()
+
         secureChannelDriver = NativeTLSDriver()
+        secureChannelConfig = secureChannelConfigBuilder.build()
     }
 
     public override fun doStop() {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index 525613dcd..102723a2c 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -19,12 +19,14 @@ package de.fhg.aisec.ids.camel.idscp2.server
 import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2ServerFactory
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2Server
 import java.util.*
 
-class CamelIdscp2Server(serverConfiguration: Idscp2Configuration) : Idscp2EndpointListener<AppLayerConnection> {
+class CamelIdscp2Server(serverConfiguration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration)
+    : Idscp2EndpointListener<AppLayerConnection> {
     private val server: Idscp2Server<AppLayerConnection>
     val listeners: MutableSet<Idscp2EndpointListener<AppLayerConnection>> = Collections.synchronizedSet(HashSet())
 
@@ -34,7 +36,8 @@ class CamelIdscp2Server(serverConfiguration: Idscp2Configuration) : Idscp2Endpoi
                 ::AppLayerConnection,
                 this,
                 serverConfiguration,
-                NativeTLSDriver()
+                NativeTLSDriver(),
+                nativeTlsConfiguration
         )
         server = serverFactory.listen()
     }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
index aa2ecb5be..96716e386 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
@@ -23,6 +23,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifierConfig
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
@@ -58,7 +59,8 @@ class Idscp2ServerComponent : DefaultComponent() {
     }
 
     @Synchronized
-    fun getServer(serverConfiguration: Idscp2Configuration) = servers.computeIfAbsent(serverConfiguration) { CamelIdscp2Server(it) }
+    fun getServer(serverConfiguration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) =
+            servers.computeIfAbsent(serverConfiguration) { CamelIdscp2Server(it, nativeTlsConfiguration) }
 
     @Synchronized
     fun freeServer(serverConfiguration: Idscp2Configuration) = servers.release(serverConfiguration)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index 9e54d0176..258b44fbe 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -25,6 +25,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionListener
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
@@ -48,6 +49,7 @@ import java.util.regex.Pattern
 class Idscp2ServerEndpoint(uri: String?, private val remaining: String, component: Idscp2ServerComponent?) :
         DefaultEndpoint(uri, component), Idscp2EndpointListener<AppLayerConnection> {
     private lateinit var serverConfiguration: Idscp2Configuration
+    private lateinit var secureChannelConfig: NativeTlsConfiguration
     private var server: CamelIdscp2Server? = null
     private val consumers: MutableSet<Idscp2ServerConsumer> = HashSet()
 
@@ -122,7 +124,7 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
         require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
         val matchResult = remainingMatcher.toMatchResult()
         val host = matchResult.group(1)
-        val port = matchResult.group(2)?.toInt() ?: Idscp2Configuration.DEFAULT_SERVER_PORT
+        val port = matchResult.group(2)?.toInt() ?: NativeTlsConfiguration.DEFAULT_SERVER_PORT
 
         // create attestation config
         val localAttestationConfig = AttestationConfig.Builder()
@@ -136,14 +138,12 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
                 .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
                 .setKeyAlias(dapsKeyAlias)
 
-        // create idscp config
-        val serverConfigurationBuilder = Idscp2Configuration.Builder()
+        val secureChannelConfigBuilder = NativeTlsConfiguration.Builder()
                 .setHost(host)
                 .setServerPort(port)
-                .setAttestationConfig(localAttestationConfig)
 
         sslContextParameters?.let {
-            serverConfigurationBuilder
+            secureChannelConfigBuilder
                     .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
                             ?: "password".toCharArray())
                     .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
@@ -165,9 +165,16 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
                     .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
                             ?: "password".toCharArray())
         }
-        serverConfigurationBuilder.setDapsDriver(DefaultDapsDriver(dapsDriverConfigBuilder.build()))
-        serverConfiguration = serverConfigurationBuilder.build()
-        (component as Idscp2ServerComponent).getServer(serverConfiguration).let {
+
+        // create idscp config
+        serverConfiguration = Idscp2Configuration.Builder()
+                .setAttestationConfig(localAttestationConfig)
+                .setDapsDriver(DefaultDapsDriver(dapsDriverConfigBuilder.build()))
+                .build()
+
+        secureChannelConfig = secureChannelConfigBuilder.build()
+
+        (component as Idscp2ServerComponent).getServer(serverConfiguration, secureChannelConfig).let {
             server = it
             // Add this endpoint to this server's Idscp2EndpointListener set
             it.listeners += this
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
index 9e7597570..702400ee5 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
@@ -22,16 +22,17 @@ import java.util.concurrent.CompletableFuture
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC> {
+class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC, NativeTlsConfiguration> {
     /**
      * Performs an asynchronous client connect to a TLS server.
      */
     override fun connect(connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
-                         configuration: Idscp2Configuration): CompletableFuture<CC> {
+                         configuration: Idscp2Configuration,
+                         secureChannelConfig: NativeTlsConfiguration): CompletableFuture<CC> {
         val connectionFuture = CompletableFuture<CC>()
         try {
-            val tlsClient = TLSClient(connectionFactory, configuration, connectionFuture)
-            tlsClient.connect(configuration.host, configuration.serverPort)
+            val tlsClient = TLSClient(connectionFactory, configuration, secureChannelConfig, connectionFuture)
+            tlsClient.connect(secureChannelConfig.host, secureChannelConfig.serverPort)
         } catch (e: IOException) {
             connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
         } catch (e: NoSuchAlgorithmException) {
@@ -48,10 +49,11 @@ class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC> {
      * @return The SecureServer instance
      * @throws Idscp2Exception If any error occurred during server creation/start
      */
-    override fun listen(configuration: Idscp2Configuration, channelInitListener: SecureChannelInitListener<CC>,
-                        serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>): SecureServer {
+    override fun listen(channelInitListener: SecureChannelInitListener<CC>,
+                        serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>,
+                        secureChannelConfig: NativeTlsConfiguration): SecureServer {
         return try {
-            TLSServer(configuration, channelInitListener, serverListenerPromise)
+            TLSServer(secureChannelConfig, channelInitListener, serverListenerPromise)
         } catch (e: IOException) {
             throw Idscp2Exception("Error while trying to to start SecureServer", e)
         } catch (e: NoSuchAlgorithmException) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTlsConfiguration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTlsConfiguration.kt
new file mode 100644
index 000000000..bc56c3fc4
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTlsConfiguration.kt
@@ -0,0 +1,126 @@
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel
+
+import java.nio.file.Path
+import java.nio.file.Paths
+
+/**
+ * NativeTLS SecureChannel configuration class, contains information about NativeTLS stuff
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class NativeTlsConfiguration {
+    var serverPort = DEFAULT_SERVER_PORT
+        private set
+    var host = "localhost"
+        private set
+    var trustStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
+        private set
+    var trustStorePassword = "password".toCharArray()
+        private set
+    var keyPassword = "password".toCharArray()
+        private set
+    var keyStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
+        private set
+    var keyStorePassword = "password".toCharArray()
+        private set
+    var certificateAlias = "1.0.1"
+        private set
+    var keyStoreKeyType = "RSA"
+        private set
+
+    class Builder {
+        private val config = NativeTlsConfiguration()
+        fun setHost(host: String): Builder {
+            config.host = host
+            return this
+        }
+
+        fun setServerPort(serverPort: Int): Builder {
+            config.serverPort = serverPort
+            return this
+        }
+
+        fun setKeyPassword(pwd: CharArray): Builder {
+            config.keyPassword = pwd
+            return this
+        }
+
+        fun setTrustStorePath(path: Path): Builder {
+            config.trustStorePath = path
+            return this
+        }
+
+        fun setKeyStorePath(path: Path): Builder {
+            config.keyStorePath = path
+            return this
+        }
+
+        fun setTrustStorePassword(pwd: CharArray): Builder {
+            config.trustStorePassword = pwd
+            return this
+        }
+
+        fun setKeyStorePassword(pwd: CharArray): Builder {
+            config.keyStorePassword = pwd
+            return this
+        }
+
+        fun setCertificateAlias(alias: String): Builder {
+            config.certificateAlias = alias
+            return this
+        }
+
+        fun setKeyStoreKeyType(keyType: String): Builder {
+            config.keyStoreKeyType = keyType
+            return this
+        }
+
+        fun build(): NativeTlsConfiguration {
+            return config
+        }
+    }
+
+    override fun equals(other: Any?): Boolean {
+        if (this === other) return true
+        if (javaClass != other?.javaClass) return false
+
+        other as NativeTlsConfiguration
+
+        if (serverPort != other.serverPort) return false
+        if (host != other.host) return false
+        if (trustStorePath != other.trustStorePath) return false
+        if (!trustStorePassword.contentEquals(other.trustStorePassword)) return false
+        if (!keyPassword.contentEquals(other.keyPassword)) return false
+        if (keyStorePath != other.keyStorePath) return false
+        if (!keyStorePassword.contentEquals(other.keyStorePassword)) return false
+        if (certificateAlias != other.certificateAlias) return false
+        if (keyStoreKeyType != other.keyStoreKeyType) return false
+
+        return true
+    }
+
+    override fun hashCode(): Int {
+        var result = serverPort
+        result = 31 * result + host.hashCode()
+        result = 31 * result + trustStorePath.hashCode()
+        result = 31 * result + trustStorePassword.contentHashCode()
+        result = 31 * result + keyPassword.contentHashCode()
+        result = 31 * result + keyStorePath.hashCode()
+        result = 31 * result + keyStorePassword.contentHashCode()
+        result = 31 * result + certificateAlias.hashCode()
+        result = 31 * result + keyStoreKeyType.hashCode()
+        return result
+    }
+
+    override fun toString(): String {
+        return "Idscp2Configuration(serverPort=$serverPort, host='$host', trustStorePath=$trustStorePath, " +
+                "trustStorePassword=${trustStorePassword.contentToString()}, " +
+                "keyStorePath=$keyStorePath, keyStorePassword=${keyStorePassword.contentToString()}, " +
+                "certificateAlias='$certificateAlias', " +
+                "keyStoreKeyType='$keyStoreKeyType'"
+    }
+
+    companion object {
+        const val DEFAULT_SERVER_PORT = 29292
+    }
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
index 08e1d1839..ecc45702e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
@@ -1,9 +1,9 @@
 package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client
 
 import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSConstants
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSSessionVerificationHelper
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
@@ -28,6 +28,7 @@ import javax.net.ssl.*
 class TLSClient<CC: Idscp2Connection>(
         private val connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
         private val clientConfiguration: Idscp2Configuration,
+        nativeTlsConfiguration: NativeTlsConfiguration,
         private val connectionFuture: CompletableFuture<CC>
 ) : HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
     private val clientSocket: Socket?
@@ -168,18 +169,18 @@ class TLSClient<CC: Idscp2Connection>(
         // get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
         // hostVerification and algorithm constraints
         val myTrustManager = PreConfiguration.getX509ExtTrustManager(
-                clientConfiguration.trustStorePath,
-                clientConfiguration.trustStorePassword
+                nativeTlsConfiguration.trustStorePath,
+                nativeTlsConfiguration.trustStorePassword
         )
 
         // get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
         // connection specific key selection via key alias
         val myKeyManager = PreConfiguration.getX509ExtKeyManager(
-                clientConfiguration.keyPassword,
-                clientConfiguration.keyStorePath,
-                clientConfiguration.keyStorePassword,
-                clientConfiguration.certificateAlias,
-                clientConfiguration.keyStoreKeyType
+                nativeTlsConfiguration.keyPassword,
+                nativeTlsConfiguration.keyStorePath,
+                nativeTlsConfiguration.keyStorePassword,
+                nativeTlsConfiguration.certificateAlias,
+                nativeTlsConfiguration.keyStoreKeyType
         )
         val sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE)
         sslContext.init(myKeyManager, myTrustManager, null)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
index a79ce6a58..6a572bf53 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
@@ -1,6 +1,7 @@
 package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server
 
 import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSConstants
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
@@ -23,7 +24,7 @@ import javax.net.ssl.SSLSocket
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class TLSServer<CC: Idscp2Connection>(serverConfiguration: Idscp2Configuration,
+class TLSServer<CC: Idscp2Connection>(nativeTlsConfiguration: NativeTlsConfiguration,
                                       private val secureChannelInitListener: SecureChannelInitListener<CC>,
                                       private val serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>):
         Runnable, SecureServer {
@@ -102,26 +103,26 @@ class TLSServer<CC: Idscp2Connection>(serverConfiguration: Idscp2Configuration,
         // which enables host verification and algorithm constraints
         LOG.debug("Creating trust manager for TLS server...")
         val myTrustManager = PreConfiguration.getX509ExtTrustManager(
-                serverConfiguration.trustStorePath,
-                serverConfiguration.trustStorePassword
+                nativeTlsConfiguration.trustStorePath,
+                nativeTlsConfiguration.trustStorePassword
         )
 
         // Get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager,
         // which enables connection specific key selection via key alias
         LOG.debug("Creating key manager for TLS server...")
         val myKeyManager = PreConfiguration.getX509ExtKeyManager(
-                serverConfiguration.keyPassword,
-                serverConfiguration.keyStorePath,
-                serverConfiguration.keyStorePassword,
-                serverConfiguration.certificateAlias,
-                serverConfiguration.keyStoreKeyType
+                nativeTlsConfiguration.keyPassword,
+                nativeTlsConfiguration.keyStorePath,
+                nativeTlsConfiguration.keyStorePassword,
+                nativeTlsConfiguration.certificateAlias,
+                nativeTlsConfiguration.keyStoreKeyType
         )
         LOG.debug("Setting TLS security attributes and creating TLS server socket...")
         // Create TLS context based on keyManager and trustManager
         val sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE)
         sslContext.init(myKeyManager, myTrustManager, null)
         val socketFactory = sslContext.serverSocketFactory
-        serverSocket = socketFactory.createServerSocket(serverConfiguration.serverPort)
+        serverSocket = socketFactory.createServerSocket(nativeTlsConfiguration.serverPort)
         // Set timeout for serverSocket.accept()
         serverSocket.soTimeout = 5000
         val sslServerSocket = serverSocket as SSLServerSocket
@@ -135,7 +136,7 @@ class TLSServer<CC: Idscp2Connection>(serverConfiguration: Idscp2Configuration,
         sslServerSocket.sslParameters = sslParameters
         LOG.debug("Starting TLS server...")
         serverThread = Thread(this, "TLS Server Thread "
-                + serverConfiguration.host + ":" + serverConfiguration.serverPort)
+                + nativeTlsConfiguration.host + ":" + nativeTlsConfiguration.serverPort)
         serverThread.start()
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
index 89b96b11e..4b41069e0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
@@ -3,6 +3,7 @@ package de.fhg.aisec.ids.idscp2.example
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
@@ -17,7 +18,7 @@ import kotlin.concurrent.thread
 class CommandlineTunnelClient {
     private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
 
-    fun init(configuration: Idscp2Configuration) {
+    fun init(configuration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) {
         LOG.info("Setting up IDSCP connection")
 
         // create secure channel driver
@@ -31,8 +32,8 @@ class CommandlineTunnelClient {
                 RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
 
         // connect to idscp2 server
-        LOG.info("connecting to {}:{}", configuration.host, configuration.serverPort)
-        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration)
+        LOG.info("connecting to {}:{}", nativeTlsConfiguration.host, nativeTlsConfiguration.serverPort)
+        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration, nativeTlsConfiguration)
 
         connectionFuture.thenAccept { connection: Idscp2Connection ->
             LOG.info("Client: New connection with id " + connection.id)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
index 2ecee65ee..6318e68f7 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
@@ -5,6 +5,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
@@ -18,7 +19,7 @@ import java.nio.charset.StandardCharsets
 import java.util.concurrent.CompletableFuture
 
 class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
-    fun init(configuration: Idscp2Configuration) {
+    fun init(configuration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) {
         LOG.info("setting up IDSCP listener")
         // create secure channel driver
         val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
@@ -35,7 +36,8 @@ class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
                 ::Idscp2ConnectionImpl,
                 this,
                 configuration,
-                secureChannelDriver
+                secureChannelDriver,
+                nativeTlsConfiguration
         )
 
         @Suppress("UNUSED_VARIABLE") val idscp2Server = serverConfig.listen()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index cc921ae6f..1afa3658b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -5,6 +5,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
@@ -18,7 +19,7 @@ import java.util.concurrent.CompletableFuture
 class Idscp2ClientInitiator {
     private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
 
-    fun init(configuration: Idscp2Configuration) {
+    fun init(configuration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) {
 
         // create secure channel driver
         val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
@@ -31,7 +32,7 @@ class Idscp2ClientInitiator {
                 RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
 
         // connect to idscp2 server
-        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration)
+        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration, nativeTlsConfiguration)
         connectionFuture.thenAccept { connection: Idscp2Connection ->
             LOG.info("Client: New connection with id " + connection.id)
             connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index e7d12ad4e..cc8435dbc 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -1,12 +1,10 @@
 package de.fhg.aisec.ids.idscp2.example
 
 import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
@@ -16,10 +14,9 @@ import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
 import java.nio.charset.StandardCharsets
-import java.util.concurrent.CompletableFuture
 
 class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
-    fun init(configuration: Idscp2Configuration) {
+    fun init(configuration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) {
 
         // create secure channel driver
         val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
@@ -36,7 +33,8 @@ class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
                 ::Idscp2ConnectionImpl,
                 this,
                 configuration,
-                secureChannelDriver
+                secureChannelDriver,
+                nativeTlsConfiguration
         )
         // run idscp2 server
         @Suppress("UNUSED_VARIABLE") val idscp2Server = serverConfig.listen()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
index b433ef2b1..10652f6d6 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
@@ -4,6 +4,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import java.nio.file.Paths
@@ -32,17 +33,22 @@ object RunTLSClient {
                 .setDapsUrl("https://daps.aisec.fraunhofer.de")
                 .build())
 
+        // create idscp2 config
         val settings = Idscp2Configuration.Builder()
-                .setKeyStorePath(keyStorePath)
-                .setTrustStorePath(trustStorePath)
-                .setCertificateAlias("1.0.1")
                 .setAckTimeoutDelay(500) //  500 ms
                 .setHandshakeTimeoutDelay(5 * 1000) // 5 seconds
                 .setAttestationConfig(localAttestationConfig)
                 .setDapsDriver(dapsDriver)
                 .build()
 
+        // create secureChannel config
+        val nativeTlsConfiguration = NativeTlsConfiguration.Builder()
+                .setKeyStorePath(keyStorePath)
+                .setTrustStorePath(trustStorePath)
+                .setCertificateAlias("1.0.1")
+                .build()
+
         val initiator = Idscp2ClientInitiator()
-        initiator.init(settings)
+        initiator.init(settings, nativeTlsConfiguration)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
index e1d348ac0..a5b9306f5 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
@@ -4,6 +4,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
@@ -34,14 +35,17 @@ object RunTLSServer {
                 .build())
 
         val settings = Idscp2Configuration.Builder()
+                .setAttestationConfig(localAttestationConfig)
+                .setDapsDriver(dapsDriver)
+                .build()
+
+        val nativeTlsConfiguration = NativeTlsConfiguration.Builder()
                 .setKeyStorePath(keyStorePath)
                 .setTrustStorePath(trustStorePath)
                 .setCertificateAlias("1.0.1")
-                .setAttestationConfig(localAttestationConfig)
-                .setDapsDriver(dapsDriver)
                 .build()
 
         val initiator = Idscp2ServerInitiator()
-        initiator.init(settings)
+        initiator.init(settings, nativeTlsConfiguration)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
index 2e9d971f3..337445bb3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
@@ -3,6 +3,7 @@ package de.fhg.aisec.ids.idscp2.example
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import java.nio.file.Paths
@@ -22,17 +23,20 @@ object RunTunnelClient {
         val dapsDriver = NullDaps()
 
         val config = Idscp2Configuration.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector2-keystore.p12")).path))
-                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
-                .setCertificateAlias("1.0.1")
                 .setAckTimeoutDelay(500) //  500 ms
                 .setHandshakeTimeoutDelay(5 * 1000) // 5 seconds
                 .setAttestationConfig(localAttestationConfig)
-                .setServerPort(1234)
                 .setDapsDriver(dapsDriver)
                 .build()
 
+        val nativeTlsConfiguration = NativeTlsConfiguration.Builder()
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector2-keystore.p12")).path))
+                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
+                .setCertificateAlias("1.0.1")
+                .setServerPort(1234)
+                .build()
+
         val initiator = CommandlineTunnelClient()
-        initiator.init(config)
+        initiator.init(config, nativeTlsConfiguration)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
index 4de4b0c1c..3890fd78c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
@@ -3,6 +3,7 @@ package de.fhg.aisec.ids.idscp2.example
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
@@ -22,15 +23,18 @@ object RunTunnelServer {
         val dapsDriver: DapsDriver = NullDaps()
 
         val settings = Idscp2Configuration.Builder()
+                .setAttestationConfig(localAttestationConfig)
+                .setDapsDriver(dapsDriver)
+                .build()
+
+        val nativeTlsConfiguration = NativeTlsConfiguration.Builder()
                 .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
                 .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
                 .setCertificateAlias("1.0.1")
-                .setAttestationConfig(localAttestationConfig)
                 .setServerPort(1234)
-                .setDapsDriver(dapsDriver)
                 .build()
 
         val initiator = CommandlineTunnelServer()
-        initiator.init(settings)
+        initiator.init(settings, nativeTlsConfiguration)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
index 8bbb285ee..14e273bd1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
@@ -5,30 +5,11 @@ import java.nio.file.Path
 import java.nio.file.Paths
 
 /**
- * IDSCP2 configuration class, contains information about keyStore and TrustStores,
- * Attestation Types, host, DAPS, ...
+ * IDSCP2 configuration class, contains information about Attestation Types, DAPS, Timeouts,
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class Idscp2Configuration {
-    var serverPort = DEFAULT_SERVER_PORT
-        private set
-    var host = "localhost"
-        private set
-    var trustStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
-        private set
-    var trustStorePassword = "password".toCharArray()
-        private set
-    var keyPassword = "password".toCharArray()
-        private set
-    var keyStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
-        private set
-    var keyStorePassword = "password".toCharArray()
-        private set
-    var certificateAlias = "1.0.1"
-        private set
-    var keyStoreKeyType = "RSA"
-        private set
     lateinit var attestationConfig: AttestationConfig
         private set
     lateinit var dapsDriver: DapsDriver
@@ -40,50 +21,6 @@ class Idscp2Configuration {
 
     class Builder {
         private val settings = Idscp2Configuration()
-        fun setHost(host: String): Builder {
-            settings.host = host
-            return this
-        }
-
-        fun setServerPort(serverPort: Int): Builder {
-            settings.serverPort = serverPort
-            return this
-        }
-
-        fun setKeyPassword(pwd: CharArray): Builder {
-            settings.keyPassword = pwd
-            return this
-        }
-
-        fun setTrustStorePath(path: Path): Builder {
-            settings.trustStorePath = path
-            return this
-        }
-
-        fun setKeyStorePath(path: Path): Builder {
-            settings.keyStorePath = path
-            return this
-        }
-
-        fun setTrustStorePassword(pwd: CharArray): Builder {
-            settings.trustStorePassword = pwd
-            return this
-        }
-
-        fun setKeyStorePassword(pwd: CharArray): Builder {
-            settings.keyStorePassword = pwd
-            return this
-        }
-
-        fun setCertificateAlias(alias: String): Builder {
-            settings.certificateAlias = alias
-            return this
-        }
-
-        fun setKeyStoreKeyType(keyType: String): Builder {
-            settings.keyStoreKeyType = keyType
-            return this
-        }
 
         fun setAttestationConfig(config: AttestationConfig): Builder {
             settings.attestationConfig = config
@@ -116,15 +53,6 @@ class Idscp2Configuration {
 
         other as Idscp2Configuration
 
-        if (serverPort != other.serverPort) return false
-        if (host != other.host) return false
-        if (trustStorePath != other.trustStorePath) return false
-        if (!trustStorePassword.contentEquals(other.trustStorePassword)) return false
-        if (!keyPassword.contentEquals(other.keyPassword)) return false
-        if (keyStorePath != other.keyStorePath) return false
-        if (!keyStorePassword.contentEquals(other.keyStorePassword)) return false
-        if (certificateAlias != other.certificateAlias) return false
-        if (keyStoreKeyType != other.keyStoreKeyType) return false
         if (attestationConfig != other.attestationConfig) return false
         if (dapsDriver != other.dapsDriver) return false
         if (handshakeTimeoutDelay != other.handshakeTimeoutDelay) return false
@@ -134,16 +62,7 @@ class Idscp2Configuration {
     }
 
     override fun hashCode(): Int {
-        var result = serverPort
-        result = 31 * result + host.hashCode()
-        result = 31 * result + trustStorePath.hashCode()
-        result = 31 * result + trustStorePassword.contentHashCode()
-        result = 31 * result + keyPassword.contentHashCode()
-        result = 31 * result + keyStorePath.hashCode()
-        result = 31 * result + keyStorePassword.contentHashCode()
-        result = 31 * result + certificateAlias.hashCode()
-        result = 31 * result + keyStoreKeyType.hashCode()
-        result = 31 * result + attestationConfig.hashCode()
+        var result = attestationConfig.hashCode()
         result = 31 *  result + dapsDriver.hashCode()
         result = 31 * result + handshakeTimeoutDelay.hashCode()
         result = 31 * result + ackTimeoutDelay.hashCode()
@@ -151,17 +70,12 @@ class Idscp2Configuration {
     }
 
     override fun toString(): String {
-        return "Idscp2Configuration(serverPort=$serverPort, host='$host', trustStorePath=$trustStorePath, " +
-                "trustStorePassword=${trustStorePassword.contentToString()}, " +
-                "keyStorePath=$keyStorePath, keyStorePassword=${keyStorePassword.contentToString()}, " +
-                "certificateAlias='$certificateAlias', " +
-                "keyStoreKeyType='$keyStoreKeyType', attestationConfig=$attestationConfig, " +
+        return "Idscp2Configuration(attestationConfig=$attestationConfig, " +
                 "dapsDriver=$dapsDriver, handshakeTimeoutDelay=$handshakeTimeoutDelay, " +
                 "ackTimeoutDelay=$ackTimeoutDelay)"
     }
 
     companion object {
-        const val DEFAULT_SERVER_PORT = 29292
         const val DEFAULT_ACK_TIMEOUT_DELAY = "200" // (in ms)
         const val DEFAULT_HANDSHAKE_TIMEOUT_DELAY = "5000" // (in ms)
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
index 6d7faed17..afec543da 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
@@ -16,21 +16,23 @@ import java.util.concurrent.CompletableFuture
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class Idscp2ServerFactory<CC: Idscp2Connection>(
+class Idscp2ServerFactory<CC: Idscp2Connection, SecureChannelConfiguration>(
         private val connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
         private val endpointListener: Idscp2EndpointListener<CC>,
         private val configuration: Idscp2Configuration,
-        private val secureChannelDriver: SecureChannelDriver<CC>
+        private val secureChannelDriver: SecureChannelDriver<CC, SecureChannelConfiguration>,
+        private val secureChannelConfig: SecureChannelConfiguration
 ) : SecureChannelInitListener<CC> {
+
     /**
      * User API to create a new IDSCP2 Server that starts a Secure Server that listens to new
      * secure channels
      */
     @Throws(Idscp2Exception::class)
     fun listen(): Idscp2Server<CC> {
-        LOG.info("Starting new IDSCP2 server at port {}", configuration.serverPort)
+        LOG.info("Starting new IDSCP2 server")
         val serverListenerPromise = CompletableFuture<ServerConnectionListener<CC>>()
-        val secureServer = secureChannelDriver.listen(configuration, this, serverListenerPromise)
+        val secureServer = secureChannelDriver.listen(this, serverListenerPromise, secureChannelConfig)
         val server = Idscp2Server<CC>(secureServer)
         serverListenerPromise.complete(server)
         return server
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
index 9f3901e17..a0234cb74 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
@@ -13,16 +13,18 @@ import java.util.concurrent.CompletableFuture
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-interface SecureChannelDriver<CC : Idscp2Connection> {
+interface SecureChannelDriver<CC : Idscp2Connection, SecureChannelConfiguration> {
     /*
      * Asynchronous method to create a secure connection to a secure server
      */
     fun connect(connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
-                configuration: Idscp2Configuration): CompletableFuture<CC>
+                     configuration: Idscp2Configuration,
+                     secureChannelConfig: SecureChannelConfiguration): CompletableFuture<CC>
 
     /*
      * Starting a secure server
      */
-    fun listen(configuration: Idscp2Configuration, channelInitListener: SecureChannelInitListener<CC>,
-               serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>): SecureServer
+    fun listen(channelInitListener: SecureChannelInitListener<CC>,
+               serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>,
+                secureChannelConfig: SecureChannelConfiguration): SecureServer
 }
\ No newline at end of file

From e57335931557ae2a14329ee95bae5f65bfa71187 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Thu, 26 Nov 2020 23:26:02 +0100
Subject: [PATCH 190/237] Make fsm.feedEvent() return a FSM result

---
 .../idscp2/example/Idscp2ClientInitiator.kt   |  2 -
 .../api/idscp_connection/Idscp2Connection.kt  |  4 ++
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 53 ++++++++++++----
 .../aisec/ids/idscp2/idscp_core/fsm/State.kt  | 19 +++---
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  | 54 +++++++++++++++--
 .../idscp2/idscp_core/fsm/StateEstablished.kt | 34 +++++------
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  | 60 +++++++++++--------
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   | 58 ++++++++++++------
 .../fsm/StateWaitForDatAndRatVerifier.kt      | 47 ++++++++++-----
 .../idscp_core/fsm/StateWaitForHello.kt       | 46 ++++++++++----
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  | 60 ++++++++++++-------
 .../idscp_core/fsm/StateWaitForRatProver.kt   | 51 +++++++++-------
 .../idscp_core/fsm/StateWaitForRatVerifier.kt | 52 ++++++++++------
 .../ids/idscp2/idscp_core/fsm/Transition.kt   |  6 +-
 14 files changed, 365 insertions(+), 181 deletions(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index 1afa3658b..073b049e5 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -1,7 +1,5 @@
 package de.fhg.aisec.ids.idscp2.example
 
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
index 4c4e4fc82..ed61d75da 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
@@ -9,6 +9,10 @@ package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
 interface Idscp2Connection {
     val id: String
 
+    /**
+     * Unlock messaging when a message listener is registered, to avoid race conditions
+     * and messages loss
+     */
     fun unlockMessaging()
 
     /**
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 1571e9a74..d2b34f9ce 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -54,7 +54,25 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         STATE_WAIT_FOR_ACK
     }
 
-    private var currentState: State?
+    /* FSM transition result */
+    enum class FsmResultCode {
+        UNKNOWN_TRANSITION,
+        FSM_LOCKED,
+        FSM_NOT_STARTED,
+        INVALID_DAT,
+        IO_ERROR,
+        RAT_ERROR,
+        RAT_NEGOTIATION_ERROR,
+        WOULD_BLOCK,
+        NOT_CONNECTED,
+        IDSCP_DATA_NOT_CACHED,
+        OK
+    }
+
+    // return type for function, hold the return code and the next state of the transition
+    data class FsmResult(val code: FsmResultCode, val nextState: State)
+
+    private var currentState: State
 
     /*  ----------------   end of states   --------------- */
     private val connection: Idscp2Connection
@@ -103,7 +121,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     /**
      * Check if FSM is closed forever
      */
-    private var fsmTerminated = false
+    private var isLocked = false
 
     /**
      * Check if AckFlag is set
@@ -175,10 +193,11 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         val event = Event(message)
         //must wait when fsm is in state STATE_CLOSED --> wait() will be notified when fsm is
         // leaving STATE_CLOSED
+        // ToDo is that sill correct implemented?
         fsmIsBusy.lock()
         try {
             while (currentState == states[FsmState.STATE_CLOSED]) {
-                if (fsmTerminated) {
+                if (isLocked) {
                     return
                 }
                 try {
@@ -279,13 +298,17 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
 
     /**
      * Feed the event to the current state and execute the runEntry method if the state has changed
+     *
+     * @return FsmResultCode, the result of the success of the triggered transition
      */
-    private fun feedEvent(event: Event) {
+    private fun feedEvent(event: Event) : FsmResultCode {
         val prevState = currentState
-        currentState = currentState!!.feedEvent(event)
+        val result = currentState.feedEvent(event)
+        currentState = result.nextState
         if (prevState != currentState) {
-            currentState!!.runEntryCode(this)
+            currentState.runEntryCode(this)
         }
+        return result.code
     }
 
     /**
@@ -309,12 +332,13 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      */
     @Throws(Idscp2Exception::class)
     fun startIdscpHandshake() {
+        // toDo result
         //check for incorrect usage
         checkForFsmCycles()
         fsmIsBusy.lock()
         try {
             if (currentState == states[FsmState.STATE_CLOSED]) {
-                if (fsmTerminated) {
+                if (isLocked) {
                     throw Idscp2Exception("FSM is in a final closed state forever")
                 }
 
@@ -325,7 +349,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
                 while (!handshakeResultAvailable) {
                     idscpHandshakeLock.await()
                 }
-                if (!isConnected && !fsmTerminated) {
+                if (!isConnected && !isLocked) { //toDo is this correct?
                     //handshake failed, throw exception
                     throw Idscp2Exception("Handshake failed")
                 }
@@ -382,7 +406,8 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      * Send idscp message from the User via the secure channel
      */
     fun send(msg: ByteArray?) {
-        // Send messages from user only when idscp connection is established
+        //toDo result
+        //Send messages from user only when idscp connection is established
         idscpHandshakeCompletedLatch.await()
         checkForFsmCycles()
         val idscpMessage = Idscp2MessageHelper.createIdscpDataMessage(msg)
@@ -399,7 +424,8 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      * Repeat RAT Verification if remote peer, triggered by User
      */
     fun repeatRat() {
-        // repeat rat only when idscp connection is established
+        //toDo result
+        //repeat rat only when idscp connection is established
         idscpHandshakeCompletedLatch.await()
         checkForFsmCycles()
         onControlMessage(InternalControlMessage.REPEAT_RAT)
@@ -564,7 +590,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         if (LOG.isTraceEnabled) {
             LOG.trace("Mark FSM as terminated...")
         }
-        fsmTerminated = true
+        isLocked = true
 
         // Notify upper layer via handshake or closeListener
         if (!handshakeResultAvailable) {
@@ -589,6 +615,9 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         }
     }
 
+    val isFsmLocked: Boolean
+        get() = isLocked
+
     fun getState(state: FsmState?): State? {
         return states[state]
     }
@@ -716,7 +745,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
                 this, dapsDriver, ratTimer, handshakeTimer, ackTimer)
 
         // Set initial state
-        currentState = states[FsmState.STATE_CLOSED]
+        currentState = states[FsmState.STATE_CLOSED]!!
         this.connection = connection
         this.secureChannel = secureChannel
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt
index f91571581..2c00dd89c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt
@@ -12,26 +12,23 @@ import java.util.function.Function
  */
 open class State {
     private val transitions = ConcurrentHashMap<Any, Transition>()
-    private var noTransitionHandler: Function<Event, State>? = null
+    private lateinit var noTransitionHandler: Function<Event, FSM.FsmResult>
 
     /*
-     * A method for triggering aa transition of the current state by a given event
+     * A method for triggering a transition of the current state by a given event
      *
      * If no transition exists for the given event, the noTransitionHandler is triggered
      *
-     * Returns the target state of the triggered transition (new current state of the fsm)
+     * Returns a FSM result that contains the target state of the triggered transition (new current state of the fsm),
+     * as well as the resulting code of the transition
      */
-    fun feedEvent(e: Event): State? {
+    fun feedEvent(e: Event): FSM.FsmResult {
         val t = transitions[e.key]
-        return if (t != null) {
-            t.doTransition(e)
-        } else {
-            noTransitionHandler!!.apply(e)
-        }
+        return t?.doTransition(e) ?: noTransitionHandler.apply(e)
     }
 
     /*
-     * Add ann outgoing transition to the state
+     * Add an outgoing transition to the state
      */
     fun addTransition(k: Any, t: Transition) {
         transitions[k] = t
@@ -40,7 +37,7 @@ open class State {
     /*
      * Set the 'no transition available for this event' handler
      */
-    fun setNoTransitionHandler(noTransitionHandler: Function<Event, State>?) {
+    fun setNoTransitionHandler(noTransitionHandler: Function<Event, FSM.FsmResult>) {
         this.noTransitionHandler = noTransitionHandler
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
index cbdf5bae1..7885a5ac4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
@@ -53,6 +53,14 @@ internal class StateClosed(fsm: FSM,
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.value, Transition(
             Function {
+                if (fsm.isFsmLocked) {
+                    if (LOG.isTraceEnabled) {
+                        LOG.trace("Cannot start handshake, because FSM is locked forever. Ignored.")
+                    }
+                    return@Function FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
+                }
+
+                // FSM not locked, start handshake
                 LOG.debug("Get DAT Token vom DAT_DRIVER")
                 val dat = dapsDriver.token
                 LOG.debug("Send IDSCP_HELLO")
@@ -65,20 +73,56 @@ internal class StateClosed(fsm: FSM,
                     LOG.error("Cannot send IdscpHello. Close connection")
                     runEntryCode(fsm)
                     onMessageLock.signalAll()
-                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, this)
                 }
                 runExitCode(onMessageLock)
-                fsm.getState(FsmState.STATE_WAIT_FOR_HELLO)
+                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_HELLO)!!)
             }
         ))
 
-        // This origins from onClose(), so just ignore it
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
+                Function {
+                    if (LOG.isTraceEnabled) {
+                        LOG.trace("Received RepeatRat in STATE_CLOSED, ignored.")
+                    }
+
+                    // return either FSM_LOCKED or FSM_NOT_STARTED
+                    if (fsm.isFsmLocked) {
+                        FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
+                    } else {
+                        FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
+                    }
+                }
+        ))
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
+                Function {
+                    if (LOG.isTraceEnabled) {
+                        LOG.trace("Received SEND in STATE_CLOSED, ignored.")
+                    }
+
+                    // return either FSM_LOCKED or FSM_NOT_STARTED
+                    if (fsm.isFsmLocked) {
+                        FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
+                    } else {
+                        FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
+                    }
+                }
+        ))
+
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
                 Function {
                     if (LOG.isTraceEnabled) {
                         LOG.trace("Received STOP in STATE_CLOSED, ignored.")
                     }
-                    this
+
+                    // return either FSM_LOCKED or FSM_NOT_STARTED
+                    if (fsm.isFsmLocked) {
+                        FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
+                    } else {
+                        FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
+                    }
                 }
         ))
 
@@ -93,7 +137,7 @@ internal class StateClosed(fsm: FSM,
                                         .collect(Collectors.joining("\n")))
                         LOG.debug("Stay in state STATE_CLOSED")
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
                 }
         )
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
index 051a6230b..85ad06b01 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -50,7 +50,7 @@ class StateEstablished(fsm: FSM,
         addTransition(InternalControlMessage.ERROR.value, Transition (
                 Function {
                     LOG.debug("Error occurred, close idscp connection")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -59,7 +59,7 @@ class StateEstablished(fsm: FSM,
                     LOG.debug("Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
                             CloseCause.USER_SHUTDOWN))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -76,10 +76,10 @@ class StateEstablished(fsm: FSM,
                         fsm.setAckFlag(true)
                         fsm.setBufferedIdscpData(idscpMessage)
                         ackTimer.start()
-                        return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
                     } else {
                         LOG.warn("Cannot send IdscpData, shutdown FSM")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                 }
         ))
@@ -89,13 +89,13 @@ class StateEstablished(fsm: FSM,
                     ratTimer.cancelTimeout()
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
                         LOG.error("Cannot send ReRat message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     if (!fsm.restartRatVerifierDriver()) {
                         LOG.error("Cannot run Rat verifier, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
                 }
         ))
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
@@ -104,11 +104,11 @@ class StateEstablished(fsm: FSM,
                     LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                         LOG.error("Cannot send DatExpired message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     LOG.debug("Set handshake timeout")
                     handshakeTimer.resetTimeout()
-                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
                 }
         ))
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
@@ -116,9 +116,9 @@ class StateEstablished(fsm: FSM,
                     LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
                 }
         ))
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
@@ -126,27 +126,27 @@ class StateEstablished(fsm: FSM,
                     LOG.debug("DAT expired. Send new DAT and repeat RAT")
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
                         LOG.error("Cannot send Dat message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition (
                 Function {
                     fsm.recvData(it.idscpMessage.idscpData)
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
                 Function {
                     LOG.debug("Receive IDSCP_CLOSED")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -154,7 +154,7 @@ class StateEstablished(fsm: FSM,
                 Function {
                     LOG.debug("No transition available for given event $it")
                     LOG.debug("Stay in state STATE_ESTABLISHED")
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
                 }
         )
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
index 67ecd8593..2b68f9442 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
@@ -32,7 +32,7 @@ class StateWaitForAck(fsm: FSM,
 
 
         /*---------------------------------------------------
-         * STATE_ESTABLISHED - Transition Description
+         * STATW_WAIT_FOR_ACK - Transition Description
          * ---------------------------------------------------
          * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
          * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
@@ -50,7 +50,7 @@ class StateWaitForAck(fsm: FSM,
         addTransition(InternalControlMessage.ERROR.value, Transition (
                 Function {
                     LOG.debug("Error occurred, close idscp connection")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -59,7 +59,7 @@ class StateWaitForAck(fsm: FSM,
                     LOG.debug("Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
                             CloseCause.USER_SHUTDOWN))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -70,20 +70,20 @@ class StateWaitForAck(fsm: FSM,
                     ackTimer.cancelTimeout()
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
                         LOG.error("Cannot send ReRat message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     if (!fsm.restartRatVerifierDriver()) {
                         LOG.error("Cannot run Rat verifier, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
                 }
         ))
 
         addTransition(InternalControlMessage.SEND_DATA.value, Transition (
                 Function {
                     LOG.warn("Cannot send data in STATE_WAIT_FOR_ACK")
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.WOULD_BLOCK, this)
                 }
         ))
 
@@ -94,63 +94,73 @@ class StateWaitForAck(fsm: FSM,
                     LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                         LOG.error("Cannot send DatExpired message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     LOG.debug("Set handshake timeout")
                     handshakeTimer.resetTimeout()
-                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
                 }
         ))
+
         addTransition(InternalControlMessage.ACK_TIMER_EXPIRED.value, Transition(
                 Function {
-                    LOG.debug("ACK_timeout occurred. Send buffered IdscpData again")
-                    if (fsm.getBufferedIdscpMessage != null || fsm.sendFromFSM(fsm.getBufferedIdscpMessage)) {
-                        ackTimer.start()
-                        return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
+                    if (fsm.getAckFlag && fsm.getBufferedIdscpMessage != null) {
+                        LOG.debug("ACK_timeout occurred. Send buffered IdscpData again")
+                        if (!fsm.sendFromFSM(fsm.getBufferedIdscpMessage))  {
+                            LOG.warn("Cannot send IdscpData, shutdown FSM")
+                            return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                        } else {
+                            ackTimer.start()
+                            return@Function FSM.FsmResult(FSM.FsmResultCode.OK, this)
+                        }
                     } else {
-                        LOG.warn("Cannot send IdscpData, shutdown FSM")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        LOG.error("No IdscpData message buffered in state WAIT_FOR_ACK. Shutdown")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IDSCP_DATA_NOT_CACHED, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                 }
         ))
+
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     ackTimer.cancelTimeout()
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
                 }
         ))
+
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("DAT expired. Send new DAT and repeat RAT")
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
                         LOG.error("Cannot send Dat message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     ackTimer.cancelTimeout()
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
                 }
         ))
+
         addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition (
             Function {
                 fsm.recvData(it.idscpMessage.idscpData)
-                this
+                FSM.FsmResult(FSM.FsmResultCode.OK, this)
             }
         ))
+
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
             Function{
                 if (fsm.recvAck(it.idscpMessage.idscpAck)) {
-                    fsm.getState(FsmState.STATE_ESTABLISHED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
                 } else {
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
             }
         ))
@@ -158,7 +168,7 @@ class StateWaitForAck(fsm: FSM,
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
                 Function {
                     LOG.debug("Receive IDSCP_CLOSED")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -166,7 +176,7 @@ class StateWaitForAck(fsm: FSM,
                 Function {
                     LOG.debug("No transition available for given event $it")
                     LOG.debug("Stay in state STATE_WAIT_FOR_ACK")
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
                 }
         )
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index d6ad6f251..63a235234 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -57,14 +57,26 @@ class StateWaitForDatAndRat(fsm: FSM,
                     LOG.debug("Send IDSC_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
                             CloseCause.USER_SHUTDOWN))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(InternalControlMessage.ERROR.value, Transition (
                 Function {
                     LOG.debug("An internal control error occurred")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+                }
+        ))
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
+                Function {
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
+                }
+        ))
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
+                Function {
+                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
                 }
         ))
 
@@ -73,7 +85,7 @@ class StateWaitForDatAndRat(fsm: FSM,
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
                             CloseCause.TIMEOUT))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -81,7 +93,7 @@ class StateWaitForDatAndRat(fsm: FSM,
                 Function {
                     LOG.debug("Received RAT_PROVER OK")
                     proverHandshakeTimer.cancelTimeout()
-                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
                 }
         ))
 
@@ -91,7 +103,7 @@ class StateWaitForDatAndRat(fsm: FSM,
                     LOG.debug("Send IDSC_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
                             CloseCause.RAT_PROVER_FAILED))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -100,40 +112,47 @@ class StateWaitForDatAndRat(fsm: FSM,
                     LOG.debug("Send IDSCP_RAT_PROVER")
                     if (!fsm.sendFromFSM(event.idscpMessage)) {
                         LOG.error("Cannot send rat prover message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
                 Function {
                     LOG.debug("Received IDSCP_CLOSE")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition(
                 Function { event: Event ->
+
                     handshakeTimer.cancelTimeout()
                     LOG.debug("Verify received DAT")
+
                     //check if Dat is available and verify dat
+                    // toDo ensure no exception is thrown
+                    // toDo security Requirements
                     val dat = event.idscpMessage.idscpDat.token.toByteArray()
                     var datValidityPeriod: Long
                     if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
                         fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
                                 "No valid DAT", CloseCause.NO_VALID_DAT))
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
+
                     LOG.debug("Remote DAT is valid. Set dat timeout")
                     datTimer.resetTimeout(datValidityPeriod * 1000)
+
                     //start RAT Verifier
                     if (!fsm.restartRatVerifierDriver()) {
                         LOG.error("Cannot run Rat verifier, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
+
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
                 }
         ))
 
@@ -142,18 +161,19 @@ class StateWaitForDatAndRat(fsm: FSM,
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
                         LOG.error("Cannot send Dat message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
                 Function { event: Event ->
+                    // toDo do not throw exception within FSM
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
                     assert(event.idscpMessage.hasIdscpRatVerifier())
 
@@ -163,7 +183,7 @@ class StateWaitForDatAndRat(fsm: FSM,
                                 ?: throw Idscp2Exception("RAT prover driver not available")
                     }
 
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
@@ -172,23 +192,23 @@ class StateWaitForDatAndRat(fsm: FSM,
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
                     fsm.recvAck(it.idscpMessage.idscpAck)
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         setNoTransitionHandler (
                 Function {
                     LOG.debug("No transition available for given event $it")
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
                 }
         )
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index 711720c40..addb2f113 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -50,14 +50,26 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                     LOG.debug("Send IDSC_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
                             CloseCause.USER_SHUTDOWN))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(InternalControlMessage.ERROR.value, Transition (
                 Function {
                     LOG.debug("An internal control error occurred")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+                }
+        ))
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
+                Function {
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
+                }
+        ))
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
+                Function {
+                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
                 }
         ))
 
@@ -66,37 +78,44 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
                             CloseCause.TIMEOUT))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
                 Function {
                     LOG.debug("Received IDSCP_CLOSE")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition(
             Function { event: Event ->
+
                 handshakeTimer.cancelTimeout()
                 LOG.debug("Verify received DAT")
+
                 //check if Dat is available and verify dat
+                //toDo ensure exception free
+                //toDo security requirements
                 val dat = event.idscpMessage.idscpDat.token.toByteArray()
                 var datValidityPeriod: Long
                 if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
                     LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT", CloseCause.NO_VALID_DAT))
-                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
+
                 LOG.debug("Remote DAT is valid. Set dat timeout")
                 datTimer.resetTimeout(datValidityPeriod * 1000)
+
                 //start RAT Verifier
                 if (!fsm.restartRatVerifierDriver()) {
                     LOG.error("Cannot run Rat verifier, close idscp connection")
-                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
-                fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
+
+                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
             }
         ))
 
@@ -105,13 +124,13 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                 LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
                 if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
                     LOG.error("Cannot send DAT message")
-                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
                 if (!fsm.restartRatProverDriver()) {
                     LOG.error("Cannot run Rat prover, close idscp connection")
-                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
-                fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
+                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
             }
         ))
 
@@ -120,23 +139,23 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                 LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
                 if (!fsm.restartRatProverDriver()) {
                     LOG.error("Cannot run Rat prover, close idscp connection")
-                    return@Function fsm.getState(FsmState.STATE_CLOSED)
+                    return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
-                fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
+                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
             }
         ))
 
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
             Function {
                 fsm.recvAck(it.idscpMessage.idscpAck)
-                this
+                FSM.FsmResult(FSM.FsmResultCode.OK, this)
             }
         ))
 
         setNoTransitionHandler (
                 Function { event: Event? ->
                     LOG.debug("No transition available for given event " + event.toString())
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
                 }
         )
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index 0b43cd93f..b6ab08a2c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -52,7 +52,7 @@ class StateWaitForHello(fsm: FSM,
         addTransition(InternalControlMessage.ERROR.value, Transition (
                 Function {
                     LOG.debug("An internal control error occurred")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -61,7 +61,23 @@ class StateWaitForHello(fsm: FSM,
                     LOG.debug("Received stop signal from user. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
                             CloseCause.USER_SHUTDOWN))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+                }
+        ))
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
+                Function {
+                    LOG.debug("Received SEND signal from user, but FSM is not connected yet")
+                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
+                }
+        ))
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
+                Function {
+                    // nothing to to, result should be okay since RAT will be done in the next
+                    // state for the first time
+                    LOG.debug("Received REPEAT_RAT signal from user")
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
@@ -70,27 +86,34 @@ class StateWaitForHello(fsm: FSM,
                     LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake Timeout",
                             CloseCause.TIMEOUT))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
                 Function {
-                    LOG.debug("Received IDSCP_CLOSE")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    LOG.debug("Received IDSCP_CLOSE. Close connection")
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, Transition(
                 Function { event: Event ->
                     handshakeTimer.cancelTimeout()
+
                     val idscpHello = event.idscpMessage.idscpHello
                     LOG.debug("Received IDSCP_HELLO")
+
+                    // toDo compare certificate fingerprints
+                    // toDo check for valid calculation of rat mechanisms, return NegotiationError
                     LOG.debug("Calculate Rat mechanisms")
                     val proverMechanism = fsm.getRatProverMechanism(attestationConfig.supportedAttestationSuite,
                             idscpHello.expectedRatSuiteList.toTypedArray())
                     val verifierMechanism = fsm.getRatVerifierMechanism(attestationConfig.expectedAttestationSuite,
                             idscpHello.supportedRatSuiteList.toTypedArray())
+
+                    // toDo catch exceptions from DatDriver, FSM must be exception free to not cancel transitions
+                    // toDo securityRequirements
                     LOG.debug("Verify received DAT")
                     //check if Dat is available and verify dat
                     var datValidityPeriod: Long = 0
@@ -100,21 +123,24 @@ class StateWaitForHello(fsm: FSM,
                         LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
                         fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT",
                                 CloseCause.NO_VALID_DAT))
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
+
                     LOG.debug("Remote DAT is valid. Set dat timeout to its validity period")
                     datTimer.resetTimeout(datValidityPeriod * 1000)
                     fsm.setRatMechanisms(proverMechanism, verifierMechanism)
+
                     LOG.debug("Start RAT Prover and Verifier")
                     if (!fsm.restartRatVerifierDriver()) {
                         LOG.error("Cannot run Rat verifier, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
+
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
                 }
         ))
 
@@ -122,7 +148,7 @@ class StateWaitForHello(fsm: FSM,
                 Function {
                     LOG.debug("No transition available for given event $it")
                     LOG.debug("Stay in state STATE_WAIT_FOR_HELLO")
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION,this)
                 }
         )
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index 1e0b20964..7ea9ce638 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -58,16 +58,29 @@ class StateWaitForRat(fsm: FSM,
         addTransition(InternalControlMessage.ERROR.value, Transition (
                 Function {
                     LOG.debug("An internal control error occurred")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
                 Function {
-                    LOG.debug("Send IDSC_CLOSE")
+                    LOG.debug("Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
                             CloseCause.USER_SHUTDOWN))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+                }
+        ))
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
+                Function {
+                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
+                }
+        ))
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
+                Function {
+                    // nothing to do, currently attestating
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
@@ -75,7 +88,7 @@ class StateWaitForRat(fsm: FSM,
                 Function {
                     LOG.debug("Received RAT_PROVER OK")
                     proverHandshakeTimer.cancelTimeout()
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
                 }
         ))
 
@@ -84,7 +97,7 @@ class StateWaitForRat(fsm: FSM,
                     LOG.debug("Received RAT_VERIFIER OK")
                     verifierHandshakeTimer.cancelTimeout()
                     ratTimer.resetTimeout()
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
                 }
         ))
 
@@ -94,7 +107,7 @@ class StateWaitForRat(fsm: FSM,
                     LOG.debug("Send IDSC_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
                             CloseCause.RAT_PROVER_FAILED))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -104,7 +117,7 @@ class StateWaitForRat(fsm: FSM,
                     LOG.debug("Send IDSC_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
                             CloseCause.RAT_VERIFIER_FAILED))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -113,9 +126,9 @@ class StateWaitForRat(fsm: FSM,
                     LOG.debug("Send IDSCP_RAT_PROVER")
                     if (!fsm.sendFromFSM(event.idscpMessage)) {
                         LOG.error("Cannot send rat prover message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
@@ -124,9 +137,9 @@ class StateWaitForRat(fsm: FSM,
                     LOG.debug("Send IDSCP_RAT_VERIFIER")
                     if (!fsm.sendFromFSM(event.idscpMessage)) {
                         LOG.error("Cannot send rat verifier message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
@@ -136,11 +149,11 @@ class StateWaitForRat(fsm: FSM,
                     fsm.stopRatVerifierDriver()
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                         LOG.error("Cannot send DatExpired message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     LOG.debug("Start Handshake Timer")
                     handshakeTimer.resetTimeout()
-                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
                 }
         ))
 
@@ -149,19 +162,20 @@ class StateWaitForRat(fsm: FSM,
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
                             CloseCause.TIMEOUT))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
                     fsm.recvAck(it.idscpMessage.idscpAck)
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
                 Function { event: Event ->
+                    //toDo must not throw exception in FSM
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
                     assert(event.idscpMessage.hasIdscpRatVerifier())
 
@@ -171,12 +185,13 @@ class StateWaitForRat(fsm: FSM,
                                 ?: throw Idscp2Exception("RAT prover driver not available")
                     }
 
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition (
                 Function { event: Event ->
+                    // toDo must not throw exception within FSM
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
                     assert(event.idscpMessage.hasIdscpRatProver())
 
@@ -186,7 +201,7 @@ class StateWaitForRat(fsm: FSM,
                                 ?: throw Idscp2Exception("RAT verifier driver not available")
                     }
 
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
@@ -195,20 +210,21 @@ class StateWaitForRat(fsm: FSM,
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
                         LOG.error("Cannot send DAT message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
+
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
                 Function {
                     LOG.debug("Received IDSCP_CLOSE")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -216,7 +232,7 @@ class StateWaitForRat(fsm: FSM,
                 Function { event: Event? ->
                     LOG.debug("No transition available for given event " + event.toString())
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT")
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
                 }
         )
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index 245b9fa29..044434944 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -56,14 +56,20 @@ class StateWaitForRatProver(fsm: FSM,
                 Function {
                     LOG.debug("Send IDSC_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", CloseCause.USER_SHUTDOWN))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(InternalControlMessage.ERROR.value, Transition (
                 Function {
                     LOG.debug("An internal control error occurred")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+                }
+        ))
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
+                Function {
+                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
                 }
         ))
 
@@ -72,7 +78,7 @@ class StateWaitForRatProver(fsm: FSM,
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
                             CloseCause.TIMEOUT))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -82,11 +88,11 @@ class StateWaitForRatProver(fsm: FSM,
                     ratTimer.cancelTimeout()
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                         LOG.error("Cannot send DatExpired message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     LOG.debug("Start Handshake Timer")
                     handshakeTimer.resetTimeout()
-                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
                 }
         ))
 
@@ -96,9 +102,9 @@ class StateWaitForRatProver(fsm: FSM,
                     proverHandshakeTimer.cancelTimeout()
                     if (fsm.getAckFlag) {
                         ackTimer.start()
-                        return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
                     } else {
-                        return@Function fsm.getState(FsmState.STATE_ESTABLISHED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
                     }
                 }
         ))
@@ -109,7 +115,7 @@ class StateWaitForRatProver(fsm: FSM,
                     LOG.debug("Send IDSC_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
                             CloseCause.RAT_PROVER_FAILED))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -118,9 +124,9 @@ class StateWaitForRatProver(fsm: FSM,
                     LOG.debug("Send IDSCP_RAT_PROVER")
                     if (!fsm.sendFromFSM(event.idscpMessage)) {
                         LOG.error("Cannot send rat prover message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
@@ -129,21 +135,21 @@ class StateWaitForRatProver(fsm: FSM,
                     LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER")
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
                         LOG.error("Cannot send ReRat message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     ratTimer.cancelTimeout()
                     if (!fsm.restartRatVerifierDriver()) {
                         LOG.error("Cannot run Rat verifier, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
                 Function {
                     LOG.debug("Received IDSCP_CLOSE")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -152,18 +158,19 @@ class StateWaitForRatProver(fsm: FSM,
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
                         LOG.error("Cannot send DAT message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
                 Function { event: Event ->
+                    // toDo do not throw exception within a transition in the FSM
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
                     assert(event.idscpMessage.hasIdscpRatVerifier())
 
@@ -173,7 +180,7 @@ class StateWaitForRatProver(fsm: FSM,
                                 ?: throw Idscp2Exception("RAT prover driver not available")
                     }
 
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
@@ -182,16 +189,16 @@ class StateWaitForRatProver(fsm: FSM,
                     LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
                     fsm.recvAck(it.idscpMessage.idscpAck)
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
@@ -199,7 +206,7 @@ class StateWaitForRatProver(fsm: FSM,
                 Function {
                     LOG.debug("No transition available for given event $it")
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER")
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
                 }
         )
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index 191883928..a464df3a3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -55,14 +55,27 @@ class StateWaitForRatVerifier(fsm: FSM,
                     LOG.debug("Send IDSC_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
                             CloseCause.USER_SHUTDOWN))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
         addTransition(InternalControlMessage.ERROR.value, Transition (
                 Function {
                     LOG.debug("An internal control error occurred")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+                }
+        ))
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
+                Function {
+                    // already re-attestating
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
+                }
+        ))
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
+                Function {
+                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
                 }
         ))
 
@@ -70,7 +83,7 @@ class StateWaitForRatVerifier(fsm: FSM,
                 Function {
                     LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", CloseCause.TIMEOUT))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -80,11 +93,11 @@ class StateWaitForRatVerifier(fsm: FSM,
                     fsm.stopRatVerifierDriver()
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                         LOG.error("Cannot send DatExpired message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     LOG.debug("Start Handshake Timer")
                     handshakeTimer.resetTimeout()
-                    fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
                 }
         ))
 
@@ -96,9 +109,9 @@ class StateWaitForRatVerifier(fsm: FSM,
                     ratTimer.resetTimeout()
                     if (fsm.getAckFlag) {
                         ackTimer.start()
-                        return@Function fsm.getState(FsmState.STATE_WAIT_FOR_ACK)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
                     } else {
-                        return@Function fsm.getState(FsmState.STATE_ESTABLISHED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
                     }
                 }
         ))
@@ -109,7 +122,7 @@ class StateWaitForRatVerifier(fsm: FSM,
                     LOG.debug("Send IDSC_CLOSE")
                     fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
                             CloseCause.RAT_VERIFIER_FAILED))
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -118,16 +131,16 @@ class StateWaitForRatVerifier(fsm: FSM,
                     LOG.debug("Send IDSCP_RAT_VERIFIER")
                     if (!fsm.sendFromFSM(event.idscpMessage)) {
                         LOG.error("Cannot send rat verifier message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
                 Function {
                     LOG.debug("Received IDSCP_CLOSE")
-                    fsm.getState(FsmState.STATE_CLOSED)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
         ))
 
@@ -136,18 +149,19 @@ class StateWaitForRatVerifier(fsm: FSM,
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
                     if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
                         LOG.error("Cannot send DAT message")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition (
                 Function { event: Event ->
+                    // toDo do not throw exception within the FSM
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
                     assert(event.idscpMessage.hasIdscpRatProver())
 
@@ -157,7 +171,7 @@ class StateWaitForRatVerifier(fsm: FSM,
                                 ?: throw Idscp2Exception("RAT verifier driver not available")
                     }
 
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK,this)
                 }
         ))
 
@@ -166,16 +180,16 @@ class StateWaitForRatVerifier(fsm: FSM,
                     LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
                     if (!fsm.restartRatProverDriver()) {
                         LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function fsm.getState(FsmState.STATE_CLOSED)
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
-                    fsm.getState(FsmState.STATE_WAIT_FOR_RAT)
+                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
                 }
         ))
 
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
                 Function {
                     fsm.recvAck(it.idscpMessage.idscpAck)
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
         ))
 
@@ -183,7 +197,7 @@ class StateWaitForRatVerifier(fsm: FSM,
                 Function {
                     LOG.debug("No transition available for given event $it")
                     LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER")
-                    this
+                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
                 }
         )
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
index 56fa0d433..0648e76a7 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
@@ -4,12 +4,12 @@ import java.util.function.Function
 
 /**
  * Transition class for State machine, provides a doTransition method
- * that returns the next state for a given event
+ * that returns the fsm result containing of the next state for a given event and the result code
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class Transition(private val eventHandler: Function<Event, State?>) {
-    fun doTransition(e: Event): State? {
+class Transition(private val eventHandler: Function<Event, FSM.FsmResult>) {
+    fun doTransition(e: Event): FSM.FsmResult {
         return eventHandler.apply(e)
     }
 }
\ No newline at end of file

From 0e4c76ec86858f69d09af9514581a8884a57ef53 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <>
Date: Fri, 27 Nov 2020 11:21:45 +0100
Subject: [PATCH 191/237] Make inner FSM exception free to avoid cancellation
 of transitions, catch exceptions from drivers, inspect toDo's

---
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 48 ++++++++++++++-----
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  |  4 +-
 .../idscp2/idscp_core/fsm/StateEstablished.kt |  4 +-
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  |  4 +-
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   | 32 +++++++++----
 .../fsm/StateWaitForDatAndRatVerifier.kt      | 18 +++++--
 .../idscp_core/fsm/StateWaitForHello.kt       | 29 +++++++----
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  | 39 ++++++++++-----
 .../idscp_core/fsm/StateWaitForRatProver.kt   | 21 ++++----
 .../idscp_core/fsm/StateWaitForRatVerifier.kt | 21 ++++----
 10 files changed, 149 insertions(+), 71 deletions(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index d2b34f9ce..a48671116 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -21,6 +21,7 @@ import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpData
 import kotlinx.coroutines.GlobalScope
 import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
+import java.nio.charset.StandardCharsets
 import java.util.*
 import java.util.concurrent.locks.ReentrantLock
 import kotlin.jvm.Throws
@@ -59,6 +60,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         UNKNOWN_TRANSITION,
         FSM_LOCKED,
         FSM_NOT_STARTED,
+        MISSING_DAT,
         INVALID_DAT,
         IO_ERROR,
         RAT_ERROR,
@@ -93,6 +95,11 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     private var currentRatVerifierId //avoid messages from old verifier drivers
             : String? = null
 
+    /**
+     * Daps Driver instance
+     */
+    private val dapsDriver = dapsDriver
+
     /**
      * RAT Mechanisms, calculated during handshake in WAIT_FOR_HELLO_STATE
      */
@@ -193,7 +200,6 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         val event = Event(message)
         //must wait when fsm is in state STATE_CLOSED --> wait() will be notified when fsm is
         // leaving STATE_CLOSED
-        // ToDo is that sill correct implemented?
         fsmIsBusy.lock()
         try {
             while (currentState == states[FsmState.STATE_CLOSED]) {
@@ -201,7 +207,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
                     return
                 }
                 try {
-                    onMessageBlock.await()
+                    onMessageBlock.await() // while waiting the fsmIsBusy lock is free for other threads
                 } catch (e: InterruptedException) {
                     Thread.currentThread().interrupt()
                 }
@@ -332,7 +338,6 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      */
     @Throws(Idscp2Exception::class)
     fun startIdscpHandshake() {
-        // toDo result
         //check for incorrect usage
         checkForFsmCycles()
         fsmIsBusy.lock()
@@ -349,7 +354,9 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
                 while (!handshakeResultAvailable) {
                     idscpHandshakeLock.await()
                 }
-                if (!isConnected && !isLocked) { //toDo is this correct?
+
+                // check if not  connected and locked forever, then the handshake has failed
+                if (!isConnected && isLocked) {
                     //handshake failed, throw exception
                     throw Idscp2Exception("Handshake failed")
                 }
@@ -368,7 +375,13 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      */
     fun sendFromFSM(msg: IdscpMessage?): Boolean {
         //send messages from fsm
-        return secureChannel.send(msg!!.toByteArray())
+        return try {
+            secureChannel.send(msg!!.toByteArray())
+        } catch (e: Exception) {
+            // catch secure channel exception within an FSM transition to avoid transition cancellation
+            LOG.error("Exception occurred during sending data via the secure channel: {}", e)
+            false
+        }
     }
 
     /**
@@ -431,6 +444,19 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         onControlMessage(InternalControlMessage.REPEAT_RAT)
     }
 
+    /**
+     * Get Dat
+     */
+    val getDynamicAttributeToken: ByteArray
+        get() {
+            return try {
+                dapsDriver.token
+            } catch (e: Exception) {
+                LOG.error("Exception occurred during requesting DAT from DAPS: {}", e)
+                "INVALID_DAT".toByteArray(StandardCharsets.UTF_8)
+            }
+        }
+
     /**
      * Check if FSM is in STATE ESTABLISHED
      */
@@ -726,23 +752,23 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
 
         /* ------------- FSM STATE Initialization -------------*/
         states[FsmState.STATE_CLOSED] = StateClosed(
-                this, dapsDriver, onMessageBlock, attestationConfig)
+                this, onMessageBlock, attestationConfig)
         states[FsmState.STATE_WAIT_FOR_HELLO] = StateWaitForHello(
                 this, handshakeTimer, datTimer, dapsDriver, attestationConfig)
         states[FsmState.STATE_WAIT_FOR_RAT] = StateWaitForRat(
-                this, handshakeTimer, verifierHandshakeTimer, proverHandshakeTimer, ratTimer, dapsDriver)
+                this, handshakeTimer, verifierHandshakeTimer, proverHandshakeTimer, ratTimer)
         states[FsmState.STATE_WAIT_FOR_RAT_PROVER] = StateWaitForRatProver(
-                this, ratTimer, handshakeTimer, proverHandshakeTimer, dapsDriver, ackTimer)
+                this, ratTimer, handshakeTimer, proverHandshakeTimer, ackTimer)
         states[FsmState.STATE_WAIT_FOR_RAT_VERIFIER] = StateWaitForRatVerifier(
-                this, dapsDriver, ratTimer, handshakeTimer, verifierHandshakeTimer, ackTimer)
+                this, ratTimer, handshakeTimer, verifierHandshakeTimer, ackTimer)
         states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT] = StateWaitForDatAndRat(
                 this, handshakeTimer, proverHandshakeTimer, datTimer, dapsDriver)
         states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER] = StateWaitForDatAndRatVerifier(
                 this, handshakeTimer, datTimer, dapsDriver)
         states[FsmState.STATE_ESTABLISHED] = StateEstablished(
-                this, dapsDriver, ratTimer, handshakeTimer, ackTimer, nextSendAlternatingBit)
+                this, ratTimer, handshakeTimer, ackTimer, nextSendAlternatingBit)
         states[FsmState.STATE_WAIT_FOR_ACK] = StateWaitForAck(
-                this, dapsDriver, ratTimer, handshakeTimer, ackTimer)
+                this, ratTimer, handshakeTimer, ackTimer)
 
         // Set initial state
         currentState = states[FsmState.STATE_CLOSED]!!
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
index 7885a5ac4..cad99ab16 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
@@ -1,6 +1,5 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
@@ -23,7 +22,6 @@ import java.util.stream.Collectors
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 internal class StateClosed(fsm: FSM,
-                           dapsDriver: DapsDriver,
                            onMessageLock: Condition,
                            attestationConfig: AttestationConfig) : State() {
 
@@ -62,7 +60,7 @@ internal class StateClosed(fsm: FSM,
 
                 // FSM not locked, start handshake
                 LOG.debug("Get DAT Token vom DAT_DRIVER")
-                val dat = dapsDriver.token
+                val dat = fsm.getDynamicAttributeToken
                 LOG.debug("Send IDSCP_HELLO")
                 val idscpHello = Idscp2MessageHelper.createIdscpHelloMessage(
                         dat,
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
index 85ad06b01..08af6afa2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -1,6 +1,5 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
@@ -15,7 +14,6 @@ import java.util.function.Function
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class StateEstablished(fsm: FSM,
-                       dapsDriver: DapsDriver,
                        ratTimer: StaticTimer,
                        handshakeTimer: StaticTimer,
                        ackTimer: StaticTimer,
@@ -124,7 +122,7 @@ class StateEstablished(fsm: FSM,
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("DAT expired. Send new DAT and repeat RAT")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                         LOG.error("Cannot send Dat message")
                         return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
index 2b68f9442..2fa811067 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
@@ -1,6 +1,5 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
@@ -15,7 +14,6 @@ import java.util.function.Function
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class StateWaitForAck(fsm: FSM,
-                      dapsDriver: DapsDriver,
                       ratTimer: StaticTimer,
                       handshakeTimer: StaticTimer,
                       ackTimer: StaticTimer) : State() {
@@ -135,7 +133,7 @@ class StateWaitForAck(fsm: FSM,
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("DAT expired. Send new DAT and repeat RAT")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                         LOG.error("Cannot send Dat message")
                         return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index 63a235234..d1834a1b3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -1,7 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
@@ -132,12 +131,19 @@ class StateWaitForDatAndRat(fsm: FSM,
                     LOG.debug("Verify received DAT")
 
                     //check if Dat is available and verify dat
-                    // toDo ensure no exception is thrown
                     // toDo security Requirements
                     val dat = event.idscpMessage.idscpDat.token.toByteArray()
                     var datValidityPeriod: Long
-                    if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
-                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+
+                    try {
+                        if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
+                            LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
+                                    "No valid DAT", CloseCause.NO_VALID_DAT))
+                            return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+                        }
+                    } catch (e: Exception) {
+                        LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE: {}",e)
                         fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
                                 "No valid DAT", CloseCause.NO_VALID_DAT))
                         return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
@@ -159,7 +165,7 @@ class StateWaitForDatAndRat(fsm: FSM,
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                         LOG.error("Cannot send Dat message")
                         return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
@@ -173,14 +179,22 @@ class StateWaitForDatAndRat(fsm: FSM,
 
         addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
                 Function { event: Event ->
-                    // toDo do not throw exception within FSM
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-                    assert(event.idscpMessage.hasIdscpRatVerifier())
+
+                    if(!event.idscpMessage.hasIdscpRatVerifier()) {
+                        // this should never happen
+                        LOG.error("IDSCP_RAT_VERIFIER Message not available")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
+
+                    if (fsm.ratProverDriver == null) {
+                        LOG.error("RatProverDriver not available")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
 
                     // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
                     GlobalScope.launch {
-                        fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                                ?: throw Idscp2Exception("RAT prover driver not available")
+                        fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
                     }
 
                     FSM.FsmResult(FSM.FsmResultCode.OK, this)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index addb2f113..a8efa0d36 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -96,13 +96,21 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                 LOG.debug("Verify received DAT")
 
                 //check if Dat is available and verify dat
-                //toDo ensure exception free
                 //toDo security requirements
                 val dat = event.idscpMessage.idscpDat.token.toByteArray()
                 var datValidityPeriod: Long
-                if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
-                    LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT", CloseCause.NO_VALID_DAT))
+
+                try {
+                    if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
+                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
+                                "No valid DAT", CloseCause.NO_VALID_DAT))
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
+                } catch (e: Exception) {
+                    LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE: {}", e)
+                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
+                            "No valid DAT", CloseCause.NO_VALID_DAT))
                     return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
 
@@ -122,7 +130,7 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
             Function {
                 LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
-                if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                     LOG.error("Cannot send DAT message")
                     return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                 }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index b6ab08a2c..84aa87ae2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -112,17 +112,30 @@ class StateWaitForHello(fsm: FSM,
                     val verifierMechanism = fsm.getRatVerifierMechanism(attestationConfig.expectedAttestationSuite,
                             idscpHello.supportedRatSuiteList.toTypedArray())
 
-                    // toDo catch exceptions from DatDriver, FSM must be exception free to not cancel transitions
                     // toDo securityRequirements
                     LOG.debug("Verify received DAT")
                     //check if Dat is available and verify dat
-                    var datValidityPeriod: Long = 0
-                    if (!idscpHello.hasDynamicAttributeToken() || 0 > dapsDriver
-                                    .verifyToken(idscpHello.dynamicAttributeToken.token.toByteArray(), null)
-                                    .also { datValidityPeriod = it }) {
-                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("No valid DAT",
-                                CloseCause.NO_VALID_DAT))
+                    var datValidityPeriod: Long
+
+                    if (!idscpHello.hasDynamicAttributeToken()) {
+                        LOG.debug("No remote DAT is available. Send IDSCP_CLOSE")
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
+                                "No valid DAT", CloseCause.NO_VALID_DAT))
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.MISSING_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
+
+                    try {
+                        println(idscpHello.dynamicAttributeToken)
+                        if (0 > dapsDriver.verifyToken(idscpHello.dynamicAttributeToken.token.toByteArray(), null).also { datValidityPeriod = it }) {
+                            LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
+                                    "No valid DAT", CloseCause.NO_VALID_DAT))
+                            return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+                        }
+                    } catch (e: Exception) {
+                        LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE {}", e)
+                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
+                                "No valid DAT", CloseCause.NO_VALID_DAT))
                         return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index 7ea9ce638..f20ded39e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -1,7 +1,5 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
@@ -22,8 +20,7 @@ class StateWaitForRat(fsm: FSM,
                       handshakeTimer: StaticTimer,
                       verifierHandshakeTimer: StaticTimer,
                       proverHandshakeTimer: StaticTimer,
-                      ratTimer: StaticTimer,
-                      dapsDriver: DapsDriver) : State() {
+                      ratTimer: StaticTimer) : State() {
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switch to state STATE_WAIT_FOR_RAT")
     }
@@ -175,14 +172,22 @@ class StateWaitForRat(fsm: FSM,
 
         addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
                 Function { event: Event ->
-                    //toDo must not throw exception in FSM
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-                    assert(event.idscpMessage.hasIdscpRatVerifier())
+
+                    if(!event.idscpMessage.hasIdscpRatVerifier()) {
+                        // this should never happen
+                        LOG.error("IDSCP_RAT_Verifier Message not available")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
+
+                    if (fsm.ratProverDriver == null) {
+                        LOG.error("RatProverDriver not available")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
 
                     // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
                     GlobalScope.launch {
-                        fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                                ?: throw Idscp2Exception("RAT prover driver not available")
+                        fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
                     }
 
                     FSM.FsmResult(FSM.FsmResultCode.OK, this)
@@ -191,14 +196,22 @@ class StateWaitForRat(fsm: FSM,
 
         addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition (
                 Function { event: Event ->
-                    // toDo must not throw exception within FSM
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
-                    assert(event.idscpMessage.hasIdscpRatProver())
+
+                    if(!event.idscpMessage.hasIdscpRatProver()) {
+                        // this should never happen
+                        LOG.error("IDSCP_RAT_PROVER Message not available")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
+
+                    if (fsm.ratVerifierDriver == null) {
+                        LOG.error("RatVerifierDriver not available")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
 
                     // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
                     GlobalScope.launch {
-                        fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
-                                ?: throw Idscp2Exception("RAT verifier driver not available")
+                        fsm.ratVerifierDriver!!.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
                     }
 
                     FSM.FsmResult(FSM.FsmResultCode.OK, this)
@@ -208,7 +221,7 @@ class StateWaitForRat(fsm: FSM,
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                         LOG.error("Cannot send DAT message")
                         return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index 044434944..3f707416a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -1,7 +1,5 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
@@ -21,7 +19,6 @@ class StateWaitForRatProver(fsm: FSM,
                             ratTimer: StaticTimer,
                             handshakeTimer: StaticTimer,
                             proverHandshakeTimer: StaticTimer,
-                            dapsDriver: DapsDriver,
                             ackTimer: StaticTimer) : State() {
     override fun runEntryCode(fsm: FSM) {
         LOG.debug("Switched to state STATE_WAIT_FOR_RAT_PROVER")
@@ -156,7 +153,7 @@ class StateWaitForRatProver(fsm: FSM,
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                         LOG.error("Cannot send DAT message")
                         return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
@@ -170,14 +167,22 @@ class StateWaitForRatProver(fsm: FSM,
 
         addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
                 Function { event: Event ->
-                    // toDo do not throw exception within a transition in the FSM
                     LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-                    assert(event.idscpMessage.hasIdscpRatVerifier())
+
+                    if(!event.idscpMessage.hasIdscpRatVerifier()) {
+                        // this should never happen
+                        LOG.error("IDSCP_RAT_VERIFIER Message not available")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
+
+                    if (fsm.ratProverDriver == null) {
+                        LOG.error("RatProverDriver not available")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
 
                     // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
                     GlobalScope.launch {
-                        fsm.ratProverDriver?.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                                ?: throw Idscp2Exception("RAT prover driver not available")
+                        fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
                     }
 
                     FSM.FsmResult(FSM.FsmResultCode.OK, this)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index a464df3a3..e01d5a330 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -1,7 +1,5 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
@@ -18,7 +16,6 @@ import java.util.function.Function
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class StateWaitForRatVerifier(fsm: FSM,
-                              dapsDriver: DapsDriver,
                               ratTimer: StaticTimer,
                               handshakeTimer: StaticTimer,
                               verifierHandshakeTimer: StaticTimer,
@@ -147,7 +144,7 @@ class StateWaitForRatVerifier(fsm: FSM,
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
                 Function {
                     LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(dapsDriver.token))) {
+                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                         LOG.error("Cannot send DAT message")
                         return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                     }
@@ -161,14 +158,22 @@ class StateWaitForRatVerifier(fsm: FSM,
 
         addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition (
                 Function { event: Event ->
-                    // toDo do not throw exception within the FSM
                     LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
-                    assert(event.idscpMessage.hasIdscpRatProver())
+
+                    if(!event.idscpMessage.hasIdscpRatProver()) {
+                        // this should never happen
+                        LOG.error("IDSCP_RAT_PROVER Message not available")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
+
+                    if (fsm.ratVerifierDriver == null) {
+                        LOG.error("RatVerifierDriver not available")
+                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                    }
 
                     // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
                     GlobalScope.launch {
-                        fsm.ratVerifierDriver?.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
-                                ?: throw Idscp2Exception("RAT verifier driver not available")
+                        fsm.ratVerifierDriver!!.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
                     }
 
                     FSM.FsmResult(FSM.FsmResultCode.OK,this)

From e36f848aac13083d3d700c1fd4df0685ee78deb3 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Fri, 4 Dec 2020 12:39:29 +0100
Subject: [PATCH 192/237] Add custom exceptions, replace send by blocking and
 non-blocking sends, handle fsm results in connection

---
 .../idscp2/app_layer/AppLayerConnection.kt    |  2 +-
 .../default_drivers/daps/DefaultDapsDriver.kt |  2 +-
 .../secure_channel/NativeTLSDriver.kt         |  3 +-
 .../secure_channel/client/TLSClient.kt        |  2 +-
 .../idscp2/example/CommandlineTunnelClient.kt |  2 +-
 .../idscp2/example/Idscp2ClientInitiator.kt   |  2 +-
 .../idscp2/example/Idscp2ServerInitiator.kt   |  2 +-
 .../api/idscp_connection/Idscp2Connection.kt  | 19 ++++-
 .../idscp_connection/Idscp2ConnectionImpl.kt  | 64 +++++++++++++--
 .../api/idscp_server/Idscp2ServerFactory.kt   |  3 +-
 .../{ => idscp_core}/error/DatException.kt    |  2 +-
 .../{ => idscp_core}/error/Idscp2Exception.kt |  2 +-
 .../error/Idscp2HandshakeException.kt         | 11 +++
 .../error/Idscp2TimeoutException.kt           |  9 +++
 .../error/Idscp2WouldBlockException.kt        |  9 +++
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 78 +++++++++----------
 .../idscp_core/fsm/StateWaitForHello.kt       |  1 -
 17 files changed, 152 insertions(+), 61 deletions(-)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{ => idscp_core}/error/DatException.kt (74%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/{ => idscp_core}/error/Idscp2Exception.kt (84%)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt

diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
index 101254e5b..e6a56f003 100644
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
@@ -60,7 +60,7 @@ class AppLayerConnection private constructor(private val idscp2Connection: Idscp
                         }
                         .build())
                 .build()
-        idscp2Connection.send(message.toByteArray())
+        idscp2Connection.nonBlockingSend(message.toByteArray())
     }
 
     fun addGenericMessageListener(listener: GenericMessageListener) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
index 205285e58..e08b96db2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
@@ -2,7 +2,7 @@ package de.fhg.aisec.ids.idscp2.default_drivers.daps
 
 import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.error.DatException
+import de.fhg.aisec.ids.idscp2.idscp_core.error.DatException
 import io.jsonwebtoken.Jwts
 import io.jsonwebtoken.SignatureAlgorithm
 import okhttp3.FormBody
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
index 702400ee5..4cf1b294c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
@@ -2,10 +2,9 @@ package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel
 
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client.TLSClient
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server.TLSServer
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
index ecc45702e..6c422b1ec 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
@@ -4,7 +4,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSConstants
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSSessionVerificationHelper
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
index 4b41069e0..5957414ce 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
@@ -73,7 +73,7 @@ class CommandlineTunnelClient {
                         connection.close()
                     } else {
                         // send data to connection
-                        connection.send(data.toByteArray(StandardCharsets.UTF_8))
+                        connection.blockingSend(data.toByteArray(StandardCharsets.UTF_8), 1000 * 2, 100)
                     }
                 }
             }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index 073b049e5..077e63dbd 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -50,7 +50,7 @@ class Idscp2ClientInitiator {
             }
             connection.unlockMessaging()
             LOG.info("Send PING ...")
-            connection.send("PING".toByteArray(StandardCharsets.UTF_8))
+            connection.nonBlockingSend("PING".toByteArray(StandardCharsets.UTF_8))
         }.exceptionally { t: Throwable? ->
             LOG.error("Client endpoint error occurred", t)
             null
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index cc8435dbc..55643fa4c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -55,7 +55,7 @@ class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
             LOG.info("Received ping message: ${String(data, StandardCharsets.UTF_8)}".trimIndent())
 
             LOG.info("Sending PONG...")
-            c.send("PONG".toByteArray(StandardCharsets.UTF_8))
+            c.nonBlockingSend("PONG".toByteArray(StandardCharsets.UTF_8))
         }
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
index ed61d75da..b1b7ae533 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
@@ -1,5 +1,10 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
 
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2TimeoutException
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2WouldBlockException
+import kotlin.jvm.Throws
+
 /**
  * The IDSCP2 Connection class holds connections between connectors
  *
@@ -18,16 +23,26 @@ interface Idscp2Connection {
     /**
      * Close the idscp connection
      */
+    @Throws(Idscp2Exception::class)
     fun close()
 
     /**
-     * Send data to the peer IDSCP2 connector
+     * Send data to the peer IDSCP2 connector without timeout and retry interval when
+     * connection is currently not available
+     */
+    @Throws(Idscp2Exception::class, Idscp2WouldBlockException::class)
+    fun nonBlockingSend(msg: ByteArray)
+
+    /**
+     * Send data to the peer IDSCP2 connector and block until done
      */
-    fun send(msg: ByteArray)
+    @Throws(Idscp2Exception::class, Idscp2TimeoutException::class)
+    fun blockingSend(msg: ByteArray, timeout: Long, retryInterval: Long = 0)
 
     /**
      * Repeat remote attestation verification of remote peer
      */
+    @Throws(Idscp2Exception::class)
     fun repeatRat()
 
     fun onMessage(msg: ByteArray)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
index b94097c0a..c1373f37b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
@@ -1,7 +1,10 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
 
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2TimeoutException
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2WouldBlockException
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import org.slf4j.LoggerFactory
@@ -40,27 +43,74 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
         if (LOG.isDebugEnabled) {
             LOG.debug("Closing connection {}...", id)
         }
-        fsm.closeConnection()
-        if (LOG.isDebugEnabled) {
-            LOG.debug("IDSCP2 connection {} closed", id)
+
+        when (val res = fsm.closeConnection()) {
+            FSM.FsmResultCode.FSM_NOT_STARTED -> throw Idscp2Exception("Handshake not started: " + res.value)
+            else -> if (LOG.isDebugEnabled) {
+                LOG.debug("IDSCP2 connection {} closed", id)
+            }
         }
     }
 
     /**
      * Send data to the peer IDSCP2 connector
      */
-    override fun send(msg: ByteArray) {
+
+    override fun nonBlockingSend(msg: ByteArray) {
         if (LOG.isTraceEnabled) {
             LOG.trace("Sending data via connection {}...", id)
         }
-        fsm.send(msg)
+
+        when (val res = fsm.send(msg)) {
+            FSM.FsmResultCode.OK -> return
+            FSM.FsmResultCode.WOULD_BLOCK -> throw Idscp2WouldBlockException("Idscp2 connection still waiting for ack")
+            FSM.FsmResultCode.IO_ERROR, FSM.FsmResultCode.FSM_LOCKED -> throw Idscp2Exception("Connection aborted: " + res.value)
+            FSM.FsmResultCode.NOT_CONNECTED -> throw Idscp2Exception("Idscp2 connection temporarily not available")
+            else -> throw Idscp2Exception("Idscp2 error occurred while sending data: " + res.value)
+        }
+
     }
 
-    override fun repeatRat() {
+    override fun blockingSend(msg: ByteArray, timeout: Long, retryInterval: Long) {
         if (LOG.isTraceEnabled) {
             LOG.trace("Sending data via connection {}...", id)
         }
-        fsm.repeatRat()
+
+        val start = System.currentTimeMillis()
+
+        while (true) {
+            val now = System.currentTimeMillis()
+            if (now >= start + timeout) {
+                throw Idscp2TimeoutException("Idscp2 connection temporarily not available")
+            }
+
+            when (val res = fsm.send(msg)) {
+                FSM.FsmResultCode.OK -> return
+                FSM.FsmResultCode.WOULD_BLOCK -> {
+                    // wait and repeat, fsm currently in wait_for_ack state
+                    if (retryInterval > 0)
+                        Thread.sleep(retryInterval)
+                    continue;
+                }
+                FSM.FsmResultCode.IO_ERROR, FSM.FsmResultCode.FSM_LOCKED -> throw Idscp2Exception("Connection aborted: " + res.value)
+                FSM.FsmResultCode.NOT_CONNECTED -> throw Idscp2Exception("Idscp2 connection temporarily not available")
+                else -> throw Idscp2Exception("Idscp2 error occurred while sending data: " + res.value)
+            }
+        }
+    }
+
+    override fun repeatRat() {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Repeat Rat for connection {}...", id)
+        }
+
+        // match result
+        when(val res = fsm.repeatRat()) {
+            FSM.FsmResultCode.OK -> return
+            FSM.FsmResultCode.FSM_LOCKED, FSM.FsmResultCode.IO_ERROR -> throw Idscp2Exception("Connection aborted: " + res.value)
+            FSM.FsmResultCode.RAT_ERROR -> throw Idscp2Exception("RAT action failed: " + res.value)
+            else -> throw Idscp2Exception("Error occurred: " + res.value)
+        }
     }
 
     override fun onMessage(msg: ByteArray) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
index afec543da..377944d8f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
@@ -1,9 +1,8 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server
 
 import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/DatException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt
similarity index 74%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/DatException.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt
index d4087ad10..0116f7b1a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/DatException.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.error
+package de.fhg.aisec.ids.idscp2.idscp_core.error
 
 class DatException : RuntimeException {
     constructor(s: String?) : super(s) {}
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt
similarity index 84%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt
index 024d30df5..110794e6a 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/error/Idscp2Exception.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.error
+package de.fhg.aisec.ids.idscp2.idscp_core.error
 
 /**
  * IDSCP2 Exception
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt
new file mode 100644
index 000000000..ce4c320eb
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt
@@ -0,0 +1,11 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.error
+
+/**
+ * IDSCP2 Exception
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Idscp2HandshakeException : RuntimeException {
+    constructor(message: String?) : super(message) {}
+    constructor(message: String?, cause: Throwable?) : super(message, cause) {}
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt
new file mode 100644
index 000000000..f649d4948
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt
@@ -0,0 +1,9 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.error
+
+/**
+ * IDSCP2 Exception
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Idscp2TimeoutException(message: String?) : RuntimeException(message) {
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt
new file mode 100644
index 000000000..668700bc3
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt
@@ -0,0 +1,9 @@
+package de.fhg.aisec.ids.idscp2.idscp_core.error
+
+/**
+ * IDSCP2 Exception
+ *
+ * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
+ */
+class Idscp2WouldBlockException(message: String?) : RuntimeException(message) {
+}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index a48671116..11c4df831 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -4,11 +4,11 @@ import com.google.protobuf.InvalidProtocolBufferException
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2HandshakeException
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.ScFsmListener
@@ -56,19 +56,19 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     }
 
     /* FSM transition result */
-    enum class FsmResultCode {
-        UNKNOWN_TRANSITION,
-        FSM_LOCKED,
-        FSM_NOT_STARTED,
-        MISSING_DAT,
-        INVALID_DAT,
-        IO_ERROR,
-        RAT_ERROR,
-        RAT_NEGOTIATION_ERROR,
-        WOULD_BLOCK,
-        NOT_CONNECTED,
-        IDSCP_DATA_NOT_CACHED,
-        OK
+    enum class FsmResultCode (val value: String) {
+        UNKNOWN_TRANSITION("No transition available for given event in current state."),
+        FSM_LOCKED("FSM is locked forever."),
+        FSM_NOT_STARTED("Handshake was never started."),
+        MISSING_DAT("DAT is missing."),
+        INVALID_DAT("DAT is invalid."),
+        IO_ERROR("Secure channel not available."),
+        RAT_ERROR("RAT error occurred."),
+        RAT_NEGOTIATION_ERROR("Error during negotiation of RAT mechanisms."),
+        WOULD_BLOCK("Operation would block until FSM is in state 'ESTABLISHED'"),
+        NOT_CONNECTED("Protocol is not in a connected state at the moment."),
+        IDSCP_DATA_NOT_CACHED("IdscpData must be buffered in the 'WAIT_FOR_ACK' state."),
+        OK("Action succeed.")
     }
 
     // return type for function, hold the return code and the next state of the transition
@@ -240,6 +240,8 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         processRatProverEvent(Event(controlMessage))
     }
 
+
+
     /**
      * API for RatProver to provide Prover Messages to the fsm
      *
@@ -302,6 +304,17 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         }
     }
 
+    private fun onUpperEvent(event: Event) : FsmResultCode {
+        // check for incorrect usage
+        checkForFsmCycles()
+        fsmIsBusy.lock()
+        try {
+            return feedEvent(event)
+        } finally {
+            fsmIsBusy.unlock()
+        }
+    }
+
     /**
      * Feed the event to the current state and execute the runEntry method if the state has changed
      *
@@ -323,11 +336,10 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
      * driver implementations
      */
-    fun closeConnection() {
+    fun closeConnection() : FsmResultCode {
         //check for incorrect usage
-        checkForFsmCycles()
         LOG.debug("Sending stop message to connection peer...")
-        onControlMessage(InternalControlMessage.IDSCP_STOP)
+        return onUpperEvent(Event(InternalControlMessage.IDSCP_STOP))
     }
 
     /**
@@ -336,7 +348,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
      * driver implementations
      */
-    @Throws(Idscp2Exception::class)
+    @Throws(Idscp2HandshakeException::class)
     fun startIdscpHandshake() {
         //check for incorrect usage
         checkForFsmCycles()
@@ -344,7 +356,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         try {
             if (currentState == states[FsmState.STATE_CLOSED]) {
                 if (isLocked) {
-                    throw Idscp2Exception("FSM is in a final closed state forever")
+                    throw Idscp2HandshakeException("FSM is in a final closed state forever")
                 }
 
                 // trigger handshake init
@@ -358,13 +370,13 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
                 // check if not  connected and locked forever, then the handshake has failed
                 if (!isConnected && isLocked) {
                     //handshake failed, throw exception
-                    throw Idscp2Exception("Handshake failed")
+                    throw Idscp2HandshakeException("Handshake failed")
                 }
             } else {
-                throw Idscp2Exception("Handshake has already been started")
+                throw Idscp2HandshakeException("Handshake has already been started")
             }
         } catch (e: InterruptedException) {
-            throw Idscp2Exception("Handshake failed because thread was interrupted")
+            throw Idscp2HandshakeException("Handshake failed because thread was interrupted")
         } finally {
             fsmIsBusy.unlock()
         }
@@ -410,38 +422,26 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      * driver implementations
      */
     override fun onClose() {
-        // Check for incorrect usage
-        checkForFsmCycles()
-        onControlMessage(InternalControlMessage.IDSCP_STOP)
+        onUpperEvent(Event(InternalControlMessage.IDSCP_STOP))
     }
 
     /**
      * Send idscp message from the User via the secure channel
      */
-    fun send(msg: ByteArray?) {
-        //toDo result
+    fun send(msg: ByteArray?) : FsmResultCode {
         //Send messages from user only when idscp connection is established
         idscpHandshakeCompletedLatch.await()
-        checkForFsmCycles()
         val idscpMessage = Idscp2MessageHelper.createIdscpDataMessage(msg)
-        val e = Event(InternalControlMessage.SEND_DATA, idscpMessage)
-        fsmIsBusy.lock()
-        try {
-            feedEvent(e)
-        } finally {
-            fsmIsBusy.unlock()
-        }
+        return onUpperEvent(Event(InternalControlMessage.SEND_DATA, idscpMessage))
     }
 
     /**
      * Repeat RAT Verification if remote peer, triggered by User
      */
-    fun repeatRat() {
-        //toDo result
+    fun repeatRat() : FsmResultCode {
         //repeat rat only when idscp connection is established
         idscpHandshakeCompletedLatch.await()
-        checkForFsmCycles()
-        onControlMessage(InternalControlMessage.REPEAT_RAT)
+        return onUpperEvent(Event(InternalControlMessage.REPEAT_RAT))
     }
 
     /**
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index 84aa87ae2..7fb9c17e2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -125,7 +125,6 @@ class StateWaitForHello(fsm: FSM,
                     }
 
                     try {
-                        println(idscpHello.dynamicAttributeToken)
                         if (0 > dapsDriver.verifyToken(idscpHello.dynamicAttributeToken.token.toByteArray(), null).also { datValidityPeriod = it }) {
                             LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
                             fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(

From 641dc727cf50b0a31ea4326c0430e13edb36ae60 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 4 Dec 2020 14:11:17 +0100
Subject: [PATCH 193/237] OSGi fixes and code refactoring

---
 idscp2/bnd.bnd                                |   8 +-
 .../rat/dummy/RatProverDummy.kt               |   2 +-
 .../rat/dummy/RatVerifierDummy.kt             |   2 +-
 .../default_drivers/rat/null/NullRatProver.kt |   2 +-
 .../rat/null/NullRatVerifier.kt               |   2 +-
 .../default_drivers/rat/tpm2d/TPM2dProver.kt  |   8 +-
 .../rat/tpm2d/TPM2dVerifier.kt                |  11 +-
 .../secure_channel/server/TLSServer.kt        |   5 +-
 .../idscp_connection/Idscp2ConnectionImpl.kt  |  24 +-
 .../idscp_connection/Idscp2MessageListener.kt |   2 -
 .../idscp2/idscp_core/error/DatException.kt   |   4 +-
 .../idscp_core/error/Idscp2Exception.kt       |   4 +-
 .../error/Idscp2HandshakeException.kt         |   3 +-
 .../error/Idscp2TimeoutException.kt           |   3 +-
 .../error/Idscp2WouldBlockException.kt        |   3 +-
 .../aisec/ids/idscp2/idscp_core/fsm/Event.kt  |   3 +-
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  | 159 ++++----
 .../idscp2/idscp_core/fsm/StateEstablished.kt | 196 +++++----
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  | 240 ++++++-----
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   | 340 ++++++++--------
 .../fsm/StateWaitForDatAndRatVerifier.kt      | 224 +++++------
 .../idscp_core/fsm/StateWaitForHello.kt       | 241 +++++------
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  | 375 +++++++++---------
 .../idscp_core/fsm/StateWaitForRatProver.kt   | 311 +++++++--------
 .../idscp_core/fsm/StateWaitForRatVerifier.kt | 297 +++++++-------
 .../ids/idscp2/idscp_core/fsm/Transition.kt   |   6 +-
 26 files changed, 1175 insertions(+), 1300 deletions(-)

diff --git a/idscp2/bnd.bnd b/idscp2/bnd.bnd
index 8d1e3ec11..343b247ba 100644
--- a/idscp2/bnd.bnd
+++ b/idscp2/bnd.bnd
@@ -1,4 +1,8 @@
 Bundle-Name: IDS :: IDS Communication Protocol
 Bundle-Description: IDS Communication Protocol
-Export-Package: de.fhg.aisec.ids.idscp2*
-Import-Package: *
\ No newline at end of file
+Export-Package:\
+    kotlinx.coroutines*,\
+    de.fhg.aisec.ids.idscp2*
+Import-Package:\
+    !android.os*,\
+    *
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
index dffab55e8..83dbe3bd8 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
@@ -47,7 +47,7 @@ class RatProverDummy(fsmListener: RatProverFsmListener) : RatProverDriver<Unit>(
     }
 
     companion object {
-        val RAT_PROVER_DUMMY_ID = "Dummy"
+        const val RAT_PROVER_DUMMY_ID = "Dummy"
         private val LOG = LoggerFactory.getLogger(RatProverDummy::class.java)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
index 3fcfac877..9ca309df4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
@@ -47,7 +47,7 @@ class RatVerifierDummy(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<
     }
 
     companion object {
-        val RAT_VERIFIER_DUMMY_ID = "Dummy"
+        const val RAT_VERIFIER_DUMMY_ID = "Dummy"
         private val LOG = LoggerFactory.getLogger(RatVerifierDummy::class.java)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
index 247ed3072..ba1cddf3e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
@@ -28,7 +28,7 @@ class NullRatProver(fsmListener: RatProverFsmListener) : RatProverDriver<Unit>(f
             queue.take()
         } catch (e: InterruptedException) {
             if (running) {
-                LOG.warn("NullRatProver failed");
+                LOG.warn("NullRatProver failed")
                 fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
             }
             return
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
index 52348832a..1c216c985 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
@@ -26,7 +26,7 @@ class NullRatVerifier(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<U
             queue.take()
         } catch (e: InterruptedException) {
             if (running) {
-                LOG.warn("NullRatVerifier failed");
+                LOG.warn("NullRatVerifier failed")
                 fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
             }
             return
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
index 5dec375b5..e9856ec44 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
@@ -84,8 +84,7 @@ class TPM2dProver(fsmListener: RatProverFsmListener) : RatProverDriver<TPM2dProv
         }
 
         // parse body to expected tpm2d message wrapper
-        var tpm2dMessageWrapper: Tpm2dMessageWrapper
-        tpm2dMessageWrapper = try {
+        var tpm2dMessageWrapper: Tpm2dMessageWrapper = try {
             Tpm2dMessageWrapper.parseFrom(msg)
         } catch (e: InvalidProtocolBufferException) {
             LOG.error("Cannot parse IdscpRatVerifier body", e)
@@ -122,8 +121,7 @@ class TPM2dProver(fsmListener: RatProverFsmListener) : RatProverDriver<TPM2dProv
         )
 
         // get TPM response
-        val tpmResponse: Tpm2dAttestation.Tpm2dToRemote
-        tpmResponse = try {
+        val tpmResponse: Tpm2dAttestation.Tpm2dToRemote = try {
             val tpmSocket = TPM2dSocket(config.tpm2dHost)
             tpmSocket.requestAttestation(tpmRequest)
         } catch (e: IOException) {
@@ -191,7 +189,7 @@ class TPM2dProver(fsmListener: RatProverFsmListener) : RatProverDriver<TPM2dProv
     }
 
     companion object {
-        val TPM_RAT_PROVER_ID = "TPM2d"
+        const val TPM_RAT_PROVER_ID = "TPM2d"
         private val LOG = LoggerFactory.getLogger(TPM2dProver::class.java)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
index 6f7497232..96495663e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
@@ -93,8 +93,7 @@ class TPM2dVerifier(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<TPM
         }
 
         // parse body to expected tpm2d message wrapper
-        val tpm2dMessageWrapper: Tpm2dMessageWrapper
-        tpm2dMessageWrapper = try {
+        val tpm2dMessageWrapper: Tpm2dMessageWrapper = try {
             Tpm2dMessageWrapper.parseFrom(msg)
         } catch (e: InvalidProtocolBufferException) {
             LOG.error("Cannot parse IdscpRatProver body", e)
@@ -185,8 +184,7 @@ class TPM2dVerifier(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<TPM
             }
 
             // Construct a new TPMT_SIGNATURE instance from byteSignature bytes
-            val tpmtSignature: TPMT_SIGNATURE
-            tpmtSignature = try {
+            val tpmtSignature: TPMT_SIGNATURE = try {
                 TPMT_SIGNATURE.fromTpm(byteSignature)
             } catch (ex: Exception) {
                 LOG.warn("""
@@ -198,8 +196,7 @@ class TPM2dVerifier(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<TPM
             }
 
             // Construct a new TPMS_ATTEST instance from byteQuoted bytes
-            val tpmsAttest: TPMS_ATTEST
-            tpmsAttest = try {
+            val tpmsAttest: TPMS_ATTEST = try {
                 TPMS_ATTEST.fromTpm(byteQuoted)
             } catch (ex: Exception) {
                 LOG.warn("""
@@ -257,7 +254,7 @@ class TPM2dVerifier(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<TPM
     }
 
     companion object {
-        val TPM_RAT_VERIFIER_ID = "TPM2d"
+        const val TPM_RAT_VERIFIER_ID = "TPM2d"
         private val LOG = LoggerFactory.getLogger(TPM2dVerifier::class.java)
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
index 6a572bf53..fc4b1d028 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
@@ -3,11 +3,10 @@ package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server
 import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSConstants
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
 import org.slf4j.LoggerFactory
 import java.io.IOException
 import java.net.ServerSocket
@@ -46,7 +45,7 @@ class TLSServer<CC: Idscp2Connection>(nativeTlsConfiguration: NativeTlsConfigura
                 try {
                     // Start new server thread
                     LOG.debug("New TLS client has connected. Creating new server thread...")
-                    val serverThread = TLSServerThread<CC>(sslSocket, secureChannelInitListener, serverListenerPromise)
+                    val serverThread = TLSServerThread(sslSocket, secureChannelInitListener, serverListenerPromise)
                     sslSocket.addHandshakeCompletedListener(serverThread)
                     serverThread.start()
                 } catch (serverThreadException: Exception) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
index c1373f37b..55a69fee6 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
@@ -1,8 +1,8 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
 
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
 import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2TimeoutException
 import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2WouldBlockException
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM
@@ -10,7 +10,6 @@ import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import org.slf4j.LoggerFactory
 import java.util.*
 import java.util.concurrent.CompletableFuture
-import java.util.function.Consumer
 
 /**
  * The IDSCP2 Connection class holds connections between connectors
@@ -64,7 +63,8 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
         when (val res = fsm.send(msg)) {
             FSM.FsmResultCode.OK -> return
             FSM.FsmResultCode.WOULD_BLOCK -> throw Idscp2WouldBlockException("Idscp2 connection still waiting for ack")
-            FSM.FsmResultCode.IO_ERROR, FSM.FsmResultCode.FSM_LOCKED -> throw Idscp2Exception("Connection aborted: " + res.value)
+            FSM.FsmResultCode.IO_ERROR, FSM.FsmResultCode.FSM_LOCKED ->
+                throw Idscp2Exception("Connection aborted: " + res.value)
             FSM.FsmResultCode.NOT_CONNECTED -> throw Idscp2Exception("Idscp2 connection temporarily not available")
             else -> throw Idscp2Exception("Idscp2 error occurred while sending data: " + res.value)
         }
@@ -90,9 +90,10 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
                     // wait and repeat, fsm currently in wait_for_ack state
                     if (retryInterval > 0)
                         Thread.sleep(retryInterval)
-                    continue;
+                    continue
                 }
-                FSM.FsmResultCode.IO_ERROR, FSM.FsmResultCode.FSM_LOCKED -> throw Idscp2Exception("Connection aborted: " + res.value)
+                FSM.FsmResultCode.IO_ERROR, FSM.FsmResultCode.FSM_LOCKED ->
+                    throw Idscp2Exception("Connection aborted: " + res.value)
                 FSM.FsmResultCode.NOT_CONNECTED -> throw Idscp2Exception("Idscp2 connection temporarily not available")
                 else -> throw Idscp2Exception("Idscp2 error occurred while sending data: " + res.value)
             }
@@ -107,8 +108,10 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
         // match result
         when(val res = fsm.repeatRat()) {
             FSM.FsmResultCode.OK -> return
-            FSM.FsmResultCode.FSM_LOCKED, FSM.FsmResultCode.IO_ERROR -> throw Idscp2Exception("Connection aborted: " + res.value)
-            FSM.FsmResultCode.RAT_ERROR -> throw Idscp2Exception("RAT action failed: " + res.value)
+            FSM.FsmResultCode.FSM_LOCKED, FSM.FsmResultCode.IO_ERROR ->
+                throw Idscp2Exception("Connection aborted: " + res.value)
+            FSM.FsmResultCode.RAT_ERROR ->
+                throw Idscp2Exception("RAT action failed: " + res.value)
             else -> throw Idscp2Exception("Error occurred: " + res.value)
         }
     }
@@ -119,16 +122,17 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
         if (LOG.isTraceEnabled) {
             LOG.trace("Received new IDSCP Message")
         }
-        messageListeners.forEach(Consumer { l: Idscp2MessageListener -> l.onMessage(this, msg) })
+        messageListeners.forEach { l: Idscp2MessageListener -> l.onMessage(this, msg) }
     }
 
     override fun onError(t: Throwable) {
-        connectionListeners.forEach(Consumer { idscp2ConnectionListener: Idscp2ConnectionListener -> idscp2ConnectionListener.onError(t) })
+        connectionListeners.forEach { idscp2ConnectionListener: Idscp2ConnectionListener ->
+            idscp2ConnectionListener.onError(t) }
     }
 
     override fun onClose() {
         LOG.debug("Connection with id {} is closing, notify listeners...", id)
-        connectionListeners.forEach(Consumer { l: Idscp2ConnectionListener -> l.onClose() })
+        connectionListeners.forEach { l: Idscp2ConnectionListener -> l.onClose() }
     }
 
     /**
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt
index 7088a357f..e86a3aba3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt
@@ -1,7 +1,5 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
 
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-
 /**
  * An interface for an IDSCP message listener
  */
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt
index 0116f7b1a..a1e1eca3f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt
@@ -1,6 +1,6 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.error
 
 class DatException : RuntimeException {
-    constructor(s: String?) : super(s) {}
-    constructor(s: String?, e: Exception?) : super(s, e) {}
+    constructor(s: String?) : super(s)
+    constructor(s: String?, e: Exception?) : super(s, e)
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt
index 110794e6a..92c41dfa6 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt
@@ -6,6 +6,6 @@ package de.fhg.aisec.ids.idscp2.idscp_core.error
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class Idscp2Exception : RuntimeException {
-    constructor(message: String?) : super(message) {}
-    constructor(message: String?, cause: Throwable?) : super(message, cause) {}
+    constructor(message: String?) : super(message)
+    constructor(message: String?, cause: Throwable?) : super(message, cause)
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt
index ce4c320eb..aa18130f0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt
@@ -6,6 +6,5 @@ package de.fhg.aisec.ids.idscp2.idscp_core.error
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
 class Idscp2HandshakeException : RuntimeException {
-    constructor(message: String?) : super(message) {}
-    constructor(message: String?, cause: Throwable?) : super(message, cause) {}
+    constructor(message: String?) : super(message)
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt
index f649d4948..35ec76ff6 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt
@@ -5,5 +5,4 @@ package de.fhg.aisec.ids.idscp2.idscp_core.error
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class Idscp2TimeoutException(message: String?) : RuntimeException(message) {
-}
\ No newline at end of file
+class Idscp2TimeoutException(message: String?) : RuntimeException(message)
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt
index 668700bc3..070b26c2e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt
@@ -5,5 +5,4 @@ package de.fhg.aisec.ids.idscp2.idscp_core.error
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class Idscp2WouldBlockException(message: String?) : RuntimeException(message) {
-}
\ No newline at end of file
+class Idscp2WouldBlockException(message: String?) : RuntimeException(message)
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
index 171d22ef9..12903e8d3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
@@ -17,8 +17,7 @@ class Event {
     val type: EventType
     lateinit var idscpMessage: IdscpMessage
         private set
-    lateinit var controlMessage: InternalControlMessage
-        private set
+    private lateinit var controlMessage: InternalControlMessage
 
     /**
      * Create an event with an Internal Control Message
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
index cad99ab16..0d7bb8ced 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
@@ -1,12 +1,11 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import org.slf4j.LoggerFactory
 import java.util.*
 import java.util.concurrent.locks.Condition
-import java.util.function.Function
 import java.util.stream.Collectors
 
 /**
@@ -49,94 +48,84 @@ internal class StateClosed(fsm: FSM,
          * onICM: start_handshake --> {send IDSCP_HELLO, set handshake_timeout} --> STATE_WAIT_FOR_HELLO
          * ALL_OTHER_MESSAGES ---> STATE_CLOSED
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.value, Transition(
-            Function {
-                if (fsm.isFsmLocked) {
-                    if (LOG.isTraceEnabled) {
-                        LOG.trace("Cannot start handshake, because FSM is locked forever. Ignored.")
-                    }
-                    return@Function FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
+        addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.value, Transition {
+            if (fsm.isFsmLocked) {
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("Cannot start handshake, because FSM is locked forever. Ignored.")
                 }
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
+            }
 
-                // FSM not locked, start handshake
-                LOG.debug("Get DAT Token vom DAT_DRIVER")
-                val dat = fsm.getDynamicAttributeToken
-                LOG.debug("Send IDSCP_HELLO")
-                val idscpHello = Idscp2MessageHelper.createIdscpHelloMessage(
-                        dat,
-                        attestationConfig.supportedAttestationSuite,
-                        attestationConfig.expectedAttestationSuite
-                )
-                if (!fsm.sendFromFSM(idscpHello)) {
-                    LOG.error("Cannot send IdscpHello. Close connection")
-                    runEntryCode(fsm)
-                    onMessageLock.signalAll()
-                    return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, this)
-                }
-                runExitCode(onMessageLock)
-                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_HELLO)!!)
+            // FSM not locked, start handshake
+            LOG.debug("Get DAT Token vom DAT_DRIVER")
+            val dat = fsm.getDynamicAttributeToken
+            LOG.debug("Send IDSCP_HELLO")
+            val idscpHello = Idscp2MessageHelper.createIdscpHelloMessage(
+                dat,
+                attestationConfig.supportedAttestationSuite,
+                attestationConfig.expectedAttestationSuite
+            )
+            if (!fsm.sendFromFSM(idscpHello)) {
+                LOG.error("Cannot send IdscpHello. Close connection")
+                runEntryCode(fsm)
+                onMessageLock.signalAll()
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, this)
             }
-        ))
+            runExitCode(onMessageLock)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_HELLO)!!)
+        })
 
 
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
-                Function {
-                    if (LOG.isTraceEnabled) {
-                        LOG.trace("Received RepeatRat in STATE_CLOSED, ignored.")
-                    }
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received RepeatRat in STATE_CLOSED, ignored.")
+            }
 
-                    // return either FSM_LOCKED or FSM_NOT_STARTED
-                    if (fsm.isFsmLocked) {
-                        FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
-                    } else {
-                        FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
-                    }
-                }
-        ))
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
-                Function {
-                    if (LOG.isTraceEnabled) {
-                        LOG.trace("Received SEND in STATE_CLOSED, ignored.")
-                    }
-
-                    // return either FSM_LOCKED or FSM_NOT_STARTED
-                    if (fsm.isFsmLocked) {
-                        FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
-                    } else {
-                        FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
-                    }
-                }
-        ))
-
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
-                Function {
-                    if (LOG.isTraceEnabled) {
-                        LOG.trace("Received STOP in STATE_CLOSED, ignored.")
-                    }
-
-                    // return either FSM_LOCKED or FSM_NOT_STARTED
-                    if (fsm.isFsmLocked) {
-                        FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
-                    } else {
-                        FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
-                    }
-                }
-        ))
-
-        setNoTransitionHandler(
-                Function {
-                    if (LOG.isDebugEnabled) {
-                        LOG.debug("No transition available for given event {}, stack trace for analysis:\n{}",
-                                it,
-                                Arrays.stream(Thread.currentThread().stackTrace)
-                                        .skip(1)
-                                        .map { obj: StackTraceElement -> obj.toString() }
-                                        .collect(Collectors.joining("\n")))
-                        LOG.debug("Stay in state STATE_CLOSED")
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-                }
-        )
+            // return either FSM_LOCKED or FSM_NOT_STARTED
+            if (fsm.isFsmLocked) {
+                FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
+            } else {
+                FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
+            }
+        })
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received SEND in STATE_CLOSED, ignored.")
+            }
+
+            // return either FSM_LOCKED or FSM_NOT_STARTED
+            if (fsm.isFsmLocked) {
+                FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
+            } else {
+                FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
+            }
+        })
+
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received STOP in STATE_CLOSED, ignored.")
+            }
+
+            // return either FSM_LOCKED or FSM_NOT_STARTED
+            if (fsm.isFsmLocked) {
+                FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
+            } else {
+                FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
+            }
+        })
+
+        setNoTransitionHandler {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("No transition available for given event {}, stack trace for analysis:\n{}",
+                    it,
+                    Arrays.stream(Thread.currentThread().stackTrace)
+                        .skip(1)
+                        .map { obj: StackTraceElement -> obj.toString() }
+                        .collect(Collectors.joining("\n")))
+                LOG.debug("Stay in state STATE_CLOSED")
+            }
+            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
+        }
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
index 08af6afa2..411097fa7 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -1,11 +1,10 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
 import org.slf4j.LoggerFactory
-import java.util.function.Function
 
 /**
  * The Established State of the FSM of the IDSCP2 protocol.
@@ -45,115 +44,100 @@ class StateEstablished(fsm: FSM,
          * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition (
-                Function {
-                    LOG.debug("Error occurred, close idscp connection")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("Error occurred, close idscp connection")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
 
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
-                Function {
-                    LOG.debug("Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            CloseCause.USER_SHUTDOWN))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSCP_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "User close",
+                    CloseCause.USER_SHUTDOWN
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
 
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition(
-                Function {
-                    // repack data, include alternating bit
-                    val idscpMessage = Idscp2MessageHelper.createIdscpDataMessageWithAltBit(
-                            it.idscpMessage.idscpData.data.toByteArray(), alternatingBit)
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
+            // repack data, include alternating bit
+            val idscpMessage = Idscp2MessageHelper.createIdscpDataMessageWithAltBit(
+                it.idscpMessage.idscpData.data.toByteArray(), alternatingBit
+            )
 
-                    // send repacked data
-                    LOG.debug("Send IdscpData")
-                    if (fsm.sendFromFSM(idscpMessage)) {
-                        //Set Ack Flag
-                        fsm.setAckFlag(true)
-                        fsm.setBufferedIdscpData(idscpMessage)
-                        ackTimer.start()
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
-                    } else {
-                        LOG.warn("Cannot send IdscpData, shutdown FSM")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                }
-        ))
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition(
-                Function {
-                    LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
-                    ratTimer.cancelTimeout()
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                        LOG.error("Cannot send ReRat message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    if (!fsm.restartRatVerifierDriver()) {
-                        LOG.error("Cannot run Rat verifier, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
-                }
-        ))
-        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
-                Function {
-                    ratTimer.cancelTimeout()
-                    LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                        LOG.error("Cannot send DatExpired message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    LOG.debug("Set handshake timeout")
-                    handshakeTimer.resetTimeout()
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
-                }
-        ))
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
-                }
-        ))
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("DAT expired. Send new DAT and repeat RAT")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                        LOG.error("Cannot send Dat message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
-                }
-        ))
+            // send repacked data
+            LOG.debug("Send IdscpData")
+            if (fsm.sendFromFSM(idscpMessage)) {
+                //Set Ack Flag
+                fsm.setAckFlag(true)
+                fsm.setBufferedIdscpData(idscpMessage)
+                ackTimer.start()
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
+            } else {
+                LOG.warn("Cannot send IdscpData, shutdown FSM")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+        })
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
+            LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
+            ratTimer.cancelTimeout()
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
+                LOG.error("Cannot send ReRat message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            if (!fsm.restartRatVerifierDriver()) {
+                LOG.error("Cannot run Rat verifier, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
+        })
+        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
+            ratTimer.cancelTimeout()
+            LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
+                LOG.error("Cannot send DatExpired message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            LOG.debug("Set handshake timeout")
+            handshakeTimer.resetTimeout()
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
+        })
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
+        })
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
+            LOG.debug("DAT expired. Send new DAT and repeat RAT")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
+                LOG.error("Cannot send Dat message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
+        })
 
-        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition (
-                Function {
-                    fsm.recvData(it.idscpMessage.idscpData)
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
+        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition {
+            fsm.recvData(it.idscpMessage.idscpData)
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
 
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
-                Function {
-                    LOG.debug("Receive IDSCP_CLOSED")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Receive IDSCP_CLOSED")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
 
-        setNoTransitionHandler (
-                Function {
-                    LOG.debug("No transition available for given event $it")
-                    LOG.debug("Stay in state STATE_ESTABLISHED")
-                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-                }
-        )
+        setNoTransitionHandler {
+            LOG.debug("No transition available for given event $it")
+            LOG.debug("Stay in state STATE_ESTABLISHED")
+            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
+        }
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
index 2fa811067..828a88792 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
@@ -1,11 +1,10 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
 import org.slf4j.LoggerFactory
-import java.util.function.Function
 
 /**
  * The Established State of the FSM of the IDSCP2 protocol.
@@ -45,138 +44,121 @@ class StateWaitForAck(fsm: FSM,
          * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition (
-                Function {
-                    LOG.debug("Error occurred, close idscp connection")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
-                Function {
-                    LOG.debug("Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            CloseCause.USER_SHUTDOWN))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition(
-                Function {
-                    LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
-                    ratTimer.cancelTimeout()
-                    ackTimer.cancelTimeout()
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                        LOG.error("Cannot send ReRat message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    if (!fsm.restartRatVerifierDriver()) {
-                        LOG.error("Cannot run Rat verifier, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
-                Function {
-                    LOG.warn("Cannot send data in STATE_WAIT_FOR_ACK")
-                    FSM.FsmResult(FSM.FsmResultCode.WOULD_BLOCK, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
-                Function {
-                    ratTimer.cancelTimeout()
-                    ackTimer.cancelTimeout()
-                    LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                        LOG.error("Cannot send DatExpired message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    LOG.debug("Set handshake timeout")
-                    handshakeTimer.resetTimeout()
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.ACK_TIMER_EXPIRED.value, Transition(
-                Function {
-                    if (fsm.getAckFlag && fsm.getBufferedIdscpMessage != null) {
-                        LOG.debug("ACK_timeout occurred. Send buffered IdscpData again")
-                        if (!fsm.sendFromFSM(fsm.getBufferedIdscpMessage))  {
-                            LOG.warn("Cannot send IdscpData, shutdown FSM")
-                            return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                        } else {
-                            ackTimer.start()
-                            return@Function FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                        }
-                    } else {
-                        LOG.error("No IdscpData message buffered in state WAIT_FOR_ACK. Shutdown")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IDSCP_DATA_NOT_CACHED, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    ackTimer.cancelTimeout()
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("DAT expired. Send new DAT and repeat RAT")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                        LOG.error("Cannot send Dat message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    ackTimer.cancelTimeout()
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition (
-            Function {
-                fsm.recvData(it.idscpMessage.idscpData)
-                FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("Error occurred, close idscp connection")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSCP_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "User close",
+                    CloseCause.USER_SHUTDOWN
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
+            LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
+            ratTimer.cancelTimeout()
+            ackTimer.cancelTimeout()
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
+                LOG.error("Cannot send ReRat message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
             }
-        ))
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
-            Function{
-                if (fsm.recvAck(it.idscpMessage.idscpAck)) {
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
+            if (!fsm.restartRatVerifierDriver()) {
+                LOG.error("Cannot run Rat verifier, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
+        })
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
+            LOG.warn("Cannot send data in STATE_WAIT_FOR_ACK")
+            FSM.FsmResult(FSM.FsmResultCode.WOULD_BLOCK, this)
+        })
+
+        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
+            ratTimer.cancelTimeout()
+            ackTimer.cancelTimeout()
+            LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
+                LOG.error("Cannot send DatExpired message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            LOG.debug("Set handshake timeout")
+            handshakeTimer.resetTimeout()
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
+        })
+
+        addTransition(InternalControlMessage.ACK_TIMER_EXPIRED.value, Transition {
+            if (fsm.getAckFlag && fsm.getBufferedIdscpMessage != null) {
+                LOG.debug("ACK_timeout occurred. Send buffered IdscpData again")
+                if (!fsm.sendFromFSM(fsm.getBufferedIdscpMessage)) {
+                    LOG.warn("Cannot send IdscpData, shutdown FSM")
+                    return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
                 } else {
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
+                    ackTimer.start()
+                    return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, this)
                 }
+            } else {
+                LOG.error("No IdscpData message buffered in state WAIT_FOR_ACK. Shutdown")
+                return@Transition FSM.FsmResult(
+                    FSM.FsmResultCode.IDSCP_DATA_NOT_CACHED,
+                    fsm.getState(FsmState.STATE_CLOSED)!!
+                )
             }
-        ))
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
-                Function {
-                    LOG.debug("Receive IDSCP_CLOSED")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
+        })
 
-        setNoTransitionHandler (
-                Function {
-                    LOG.debug("No transition available for given event $it")
-                    LOG.debug("Stay in state STATE_WAIT_FOR_ACK")
-                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-                }
-        )
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            ackTimer.cancelTimeout()
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
+            LOG.debug("DAT expired. Send new DAT and repeat RAT")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
+                LOG.error("Cannot send Dat message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            ackTimer.cancelTimeout()
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition {
+            fsm.recvData(it.idscpMessage.idscpData)
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
+            if (fsm.recvAck(it.idscpMessage.idscpAck)) {
+                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
+            } else {
+                FSM.FsmResult(FSM.FsmResultCode.OK, this)
+            }
+        })
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Receive IDSCP_CLOSED")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        setNoTransitionHandler {
+            LOG.debug("No transition available for given event $it")
+            LOG.debug("Stay in state STATE_WAIT_FOR_ACK")
+            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
+        }
 
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index d1834a1b3..13e08b3ef 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -1,14 +1,13 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
 import kotlinx.coroutines.GlobalScope
 import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
-import java.util.function.Function
 
 /**
  * The Wait_For_Dat_And_Rat State of the FSM of the IDSCP2 protocol.
@@ -51,179 +50,170 @@ class StateWaitForDatAndRat(fsm: FSM,
          * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
-                Function {
-                    LOG.debug("Send IDSC_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            CloseCause.USER_SHUTDOWN))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.ERROR.value, Transition (
-                Function {
-                    LOG.debug("An internal control error occurred")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
-                Function {
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
-                Function {
-                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
-                Function {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                            CloseCause.TIMEOUT))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition (
-                Function {
-                    LOG.debug("Received RAT_PROVER OK")
-                    proverHandshakeTimer.cancelTimeout()
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition (
-                Function {
-                    LOG.error("RAT_PROVER failed")
-                    LOG.debug("Send IDSC_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
-                            CloseCause.RAT_PROVER_FAILED))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition(
-                Function { event: Event ->
-                    LOG.debug("Send IDSCP_RAT_PROVER")
-                    if (!fsm.sendFromFSM(event.idscpMessage)) {
-                        LOG.error("Cannot send rat prover message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
-                Function {
-                    LOG.debug("Received IDSCP_CLOSE")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition(
-                Function { event: Event ->
-
-                    handshakeTimer.cancelTimeout()
-                    LOG.debug("Verify received DAT")
-
-                    //check if Dat is available and verify dat
-                    // toDo security Requirements
-                    val dat = event.idscpMessage.idscpDat.token.toByteArray()
-                    var datValidityPeriod: Long
-
-                    try {
-                        if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
-                            LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
-                            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                                    "No valid DAT", CloseCause.NO_VALID_DAT))
-                            return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
-                        }
-                    } catch (e: Exception) {
-                        LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE: {}",e)
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                                "No valid DAT", CloseCause.NO_VALID_DAT))
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    LOG.debug("Remote DAT is valid. Set dat timeout")
-                    datTimer.resetTimeout(datValidityPeriod * 1000)
-
-                    //start RAT Verifier
-                    if (!fsm.restartRatVerifierDriver()) {
-                        LOG.error("Cannot run Rat verifier, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                        LOG.error("Cannot send Dat message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
-                Function { event: Event ->
-                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-
-                    if(!event.idscpMessage.hasIdscpRatVerifier()) {
-                        // this should never happen
-                        LOG.error("IDSCP_RAT_VERIFIER Message not available")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    if (fsm.ratProverDriver == null) {
-                        LOG.error("RatProverDriver not available")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                    GlobalScope.launch {
-                        fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                    }
-
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
-                Function {
-                    fsm.recvAck(it.idscpMessage.idscpAck)
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        setNoTransitionHandler (
-                Function {
-                    LOG.debug("No transition available for given event $it")
-                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "User close",
+                    CloseCause.USER_SHUTDOWN
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
+            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
+        })
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "Handshake timeout",
+                    CloseCause.TIMEOUT
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
+            LOG.debug("Received RAT_PROVER OK")
+            proverHandshakeTimer.cancelTimeout()
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
+            LOG.error("RAT_PROVER failed")
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "RAT_PROVER failed",
+                    CloseCause.RAT_PROVER_FAILED
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
+            LOG.debug("Send IDSCP_RAT_PROVER")
+            if (!fsm.sendFromFSM(event.idscpMessage)) {
+                LOG.error("Cannot send rat prover message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition { event: Event ->
+
+            handshakeTimer.cancelTimeout()
+            LOG.debug("Verify received DAT")
+
+            //check if Dat is available and verify dat
+            // toDo security Requirements
+            val dat = event.idscpMessage.idscpDat.token.toByteArray()
+            var datValidityPeriod: Long
+
+            try {
+                if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
+                    LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(
+                        Idscp2MessageHelper.createIdscpCloseMessage(
+                            "No valid DAT", CloseCause.NO_VALID_DAT
+                        )
+                    )
+                    return@Transition FSM.FsmResult(
+                        FSM.FsmResultCode.INVALID_DAT,
+                        fsm.getState(FsmState.STATE_CLOSED)!!
+                    )
                 }
-        )
+            } catch (e: Exception) {
+                LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE: {}", e)
+                fsm.sendFromFSM(
+                    Idscp2MessageHelper.createIdscpCloseMessage(
+                        "No valid DAT", CloseCause.NO_VALID_DAT
+                    )
+                )
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            LOG.debug("Remote DAT is valid. Set dat timeout")
+            datTimer.resetTimeout(datValidityPeriod * 1000)
+
+            //start RAT Verifier
+            if (!fsm.restartRatVerifierDriver()) {
+                LOG.error("Cannot run Rat verifier, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
+                LOG.error("Cannot send Dat message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
+            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+
+            if (!event.idscpMessage.hasIdscpRatVerifier()) {
+                // this should never happen
+                LOG.error("IDSCP_RAT_VERIFIER Message not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            if (fsm.ratProverDriver == null) {
+                LOG.error("RatProverDriver not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+            GlobalScope.launch {
+                fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+            }
+
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
+            fsm.recvAck(it.idscpMessage.idscpAck)
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        setNoTransitionHandler {
+            LOG.debug("No transition available for given event $it")
+            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
+        }
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index a8efa0d36..d45395002 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -1,12 +1,11 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
 import org.slf4j.LoggerFactory
-import java.util.function.Function
 
 /**
  * The Wait_For_Dat_And_Rat_Verifier State of the FSM of the IDSCP2 protocol.
@@ -45,127 +44,122 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
          * onMessage: IDSCP_RE_RAT ---> {start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
-                Function {
-                    LOG.debug("Send IDSC_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            CloseCause.USER_SHUTDOWN))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.ERROR.value, Transition (
-                Function {
-                    LOG.debug("An internal control error occurred")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
-                Function {
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "User close",
+                    CloseCause.USER_SHUTDOWN
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
+            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
+        })
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "Handshake timeout",
+                    CloseCause.TIMEOUT
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition { event: Event ->
+
+            handshakeTimer.cancelTimeout()
+            LOG.debug("Verify received DAT")
+
+            //check if Dat is available and verify dat
+            //toDo security requirements
+            val dat = event.idscpMessage.idscpDat.token.toByteArray()
+            var datValidityPeriod: Long
+
+            try {
+                if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
+                    LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(
+                        Idscp2MessageHelper.createIdscpCloseMessage(
+                            "No valid DAT", CloseCause.NO_VALID_DAT
+                        )
+                    )
+                    return@Transition FSM.FsmResult(
+                        FSM.FsmResultCode.INVALID_DAT,
+                        fsm.getState(FsmState.STATE_CLOSED)!!
+                    )
                 }
-        ))
+            } catch (e: Exception) {
+                LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE: {}", e)
+                fsm.sendFromFSM(
+                    Idscp2MessageHelper.createIdscpCloseMessage(
+                        "No valid DAT", CloseCause.NO_VALID_DAT
+                    )
+                )
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
 
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
-                Function {
-                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
-                Function {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                            CloseCause.TIMEOUT))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
+            LOG.debug("Remote DAT is valid. Set dat timeout")
+            datTimer.resetTimeout(datValidityPeriod * 1000)
 
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
-                Function {
-                    LOG.debug("Received IDSCP_CLOSE")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition(
-            Function { event: Event ->
-
-                handshakeTimer.cancelTimeout()
-                LOG.debug("Verify received DAT")
-
-                //check if Dat is available and verify dat
-                //toDo security requirements
-                val dat = event.idscpMessage.idscpDat.token.toByteArray()
-                var datValidityPeriod: Long
-
-                try {
-                    if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
-                        LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                                "No valid DAT", CloseCause.NO_VALID_DAT))
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                } catch (e: Exception) {
-                    LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE: {}", e)
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                            "No valid DAT", CloseCause.NO_VALID_DAT))
-                    return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-
-                LOG.debug("Remote DAT is valid. Set dat timeout")
-                datTimer.resetTimeout(datValidityPeriod * 1000)
+            //start RAT Verifier
+            if (!fsm.restartRatVerifierDriver()) {
+                LOG.error("Cannot run Rat verifier, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
 
-                //start RAT Verifier
-                if (!fsm.restartRatVerifierDriver()) {
-                    LOG.error("Cannot run Rat verifier, close idscp connection")
-                    return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
+        })
 
-                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
-            }
-        ))
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
-            Function {
-                LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
-                if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                    LOG.error("Cannot send DAT message")
-                    return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-                if (!fsm.restartRatProverDriver()) {
-                    LOG.error("Cannot run Rat prover, close idscp connection")
-                    return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
+                LOG.error("Cannot send DAT message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
             }
-        ))
-
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
-            Function {
-                LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
-                if (!fsm.restartRatProverDriver()) {
-                    LOG.error("Cannot run Rat prover, close idscp connection")
-                    return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
             }
-        ))
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
-            Function {
-                fsm.recvAck(it.idscpMessage.idscpAck)
-                FSM.FsmResult(FSM.FsmResultCode.OK, this)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
             }
-        ))
-
-        setNoTransitionHandler (
-                Function { event: Event? ->
-                    LOG.debug("No transition available for given event " + event.toString())
-                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-                }
-        )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
+            fsm.recvAck(it.idscpMessage.idscpAck)
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        setNoTransitionHandler { event: Event? ->
+            LOG.debug("No transition available for given event " + event.toString())
+            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
+        }
 
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index 7fb9c17e2..f2099d750 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -1,13 +1,12 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
 import org.slf4j.LoggerFactory
-import java.util.function.Function
 
 /**
  * The Wait_For_Hello State of the FSM of the IDSCP2 protocol.
@@ -49,119 +48,129 @@ class StateWaitForHello(fsm: FSM,
          *                                        set handshake_timeout} ---> STATE_WAIT_FOR_RAT
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_HELLO
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition (
-                Function {
-                    LOG.debug("An internal control error occurred")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
-                Function {
-                    LOG.debug("Received stop signal from user. Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            CloseCause.USER_SHUTDOWN))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
-                Function {
-                    LOG.debug("Received SEND signal from user, but FSM is not connected yet")
-                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
-                Function {
-                    // nothing to to, result should be okay since RAT will be done in the next
-                    // state for the first time
-                    LOG.debug("Received REPEAT_RAT signal from user")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
-                Function {
-                    LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake Timeout",
-                            CloseCause.TIMEOUT))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
-                Function {
-                    LOG.debug("Received IDSCP_CLOSE. Close connection")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, Transition(
-                Function { event: Event ->
-                    handshakeTimer.cancelTimeout()
-
-                    val idscpHello = event.idscpMessage.idscpHello
-                    LOG.debug("Received IDSCP_HELLO")
-
-                    // toDo compare certificate fingerprints
-                    // toDo check for valid calculation of rat mechanisms, return NegotiationError
-                    LOG.debug("Calculate Rat mechanisms")
-                    val proverMechanism = fsm.getRatProverMechanism(attestationConfig.supportedAttestationSuite,
-                            idscpHello.expectedRatSuiteList.toTypedArray())
-                    val verifierMechanism = fsm.getRatVerifierMechanism(attestationConfig.expectedAttestationSuite,
-                            idscpHello.supportedRatSuiteList.toTypedArray())
-
-                    // toDo securityRequirements
-                    LOG.debug("Verify received DAT")
-                    //check if Dat is available and verify dat
-                    var datValidityPeriod: Long
-
-                    if (!idscpHello.hasDynamicAttributeToken()) {
-                        LOG.debug("No remote DAT is available. Send IDSCP_CLOSE")
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                                "No valid DAT", CloseCause.NO_VALID_DAT))
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.MISSING_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    try {
-                        if (0 > dapsDriver.verifyToken(idscpHello.dynamicAttributeToken.token.toByteArray(), null).also { datValidityPeriod = it }) {
-                            LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
-                            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                                    "No valid DAT", CloseCause.NO_VALID_DAT))
-                            return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
-                        }
-                    } catch (e: Exception) {
-                        LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE {}", e)
-                        fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage(
-                                "No valid DAT", CloseCause.NO_VALID_DAT))
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    LOG.debug("Remote DAT is valid. Set dat timeout to its validity period")
-                    datTimer.resetTimeout(datValidityPeriod * 1000)
-                    fsm.setRatMechanisms(proverMechanism, verifierMechanism)
-
-                    LOG.debug("Start RAT Prover and Verifier")
-                    if (!fsm.restartRatVerifierDriver()) {
-                        LOG.error("Cannot run Rat verifier, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
-                }
-        ))
-
-        setNoTransitionHandler (
-                Function {
-                    LOG.debug("No transition available for given event $it")
-                    LOG.debug("Stay in state STATE_WAIT_FOR_HELLO")
-                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION,this)
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Received stop signal from user. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "User close",
+                    CloseCause.USER_SHUTDOWN
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
+            LOG.debug("Received SEND signal from user, but FSM is not connected yet")
+            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
+        })
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
+            // nothing to to, result should be okay since RAT will be done in the next
+            // state for the first time
+            LOG.debug("Received REPEAT_RAT signal from user")
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "Handshake Timeout",
+                    CloseCause.TIMEOUT
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE. Close connection")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, Transition { event: Event ->
+            handshakeTimer.cancelTimeout()
+
+            val idscpHello = event.idscpMessage.idscpHello
+            LOG.debug("Received IDSCP_HELLO")
+
+            // toDo compare certificate fingerprints
+            // toDo check for valid calculation of rat mechanisms, return NegotiationError
+            LOG.debug("Calculate Rat mechanisms")
+            val proverMechanism = fsm.getRatProverMechanism(
+                attestationConfig.supportedAttestationSuite,
+                idscpHello.expectedRatSuiteList.toTypedArray()
+            )
+            val verifierMechanism = fsm.getRatVerifierMechanism(
+                attestationConfig.expectedAttestationSuite,
+                idscpHello.supportedRatSuiteList.toTypedArray()
+            )
+
+            // toDo securityRequirements
+            LOG.debug("Verify received DAT")
+            //check if Dat is available and verify dat
+            var datValidityPeriod: Long
+
+            if (!idscpHello.hasDynamicAttributeToken()) {
+                LOG.debug("No remote DAT is available. Send IDSCP_CLOSE")
+                fsm.sendFromFSM(
+                    Idscp2MessageHelper.createIdscpCloseMessage(
+                        "No valid DAT", CloseCause.NO_VALID_DAT
+                    )
+                )
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.MISSING_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            try {
+                if (0 > dapsDriver.verifyToken(idscpHello.dynamicAttributeToken.token.toByteArray(), null)
+                        .also { datValidityPeriod = it }
+                ) {
+                    LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                    fsm.sendFromFSM(
+                        Idscp2MessageHelper.createIdscpCloseMessage(
+                            "No valid DAT", CloseCause.NO_VALID_DAT
+                        )
+                    )
+                    return@Transition FSM.FsmResult(
+                        FSM.FsmResultCode.INVALID_DAT,
+                        fsm.getState(FsmState.STATE_CLOSED)!!
+                    )
                 }
-        )
+            } catch (e: Exception) {
+                LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE {}", e)
+                fsm.sendFromFSM(
+                    Idscp2MessageHelper.createIdscpCloseMessage(
+                        "No valid DAT", CloseCause.NO_VALID_DAT
+                    )
+                )
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            LOG.debug("Remote DAT is valid. Set dat timeout to its validity period")
+            datTimer.resetTimeout(datValidityPeriod * 1000)
+            fsm.setRatMechanisms(proverMechanism, verifierMechanism)
+
+            LOG.debug("Start RAT Prover and Verifier")
+            if (!fsm.restartRatVerifierDriver()) {
+                LOG.error("Cannot run Rat verifier, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
+        })
+
+        setNoTransitionHandler {
+            LOG.debug("No transition available for given event $it")
+            LOG.debug("Stay in state STATE_WAIT_FOR_HELLO")
+            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
+        }
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index f20ded39e..3ba84b637 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -1,13 +1,12 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
 import kotlinx.coroutines.GlobalScope
 import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
-import java.util.function.Function
 
 /**
  * The Wait_For_Rat State of the FSM of the IDSCP2 protocol.
@@ -52,201 +51,181 @@ class StateWaitForRat(fsm: FSM,
          * onMessage: IDSCP_CLOSE ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition (
-                Function {
-                    LOG.debug("An internal control error occurred")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
-                Function {
-                    LOG.debug("Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            CloseCause.USER_SHUTDOWN))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
-                Function {
-                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
-                Function {
-                    // nothing to do, currently attestating
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition (
-                Function {
-                    LOG.debug("Received RAT_PROVER OK")
-                    proverHandshakeTimer.cancelTimeout()
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition (
-                Function {
-                    LOG.debug("Received RAT_VERIFIER OK")
-                    verifierHandshakeTimer.cancelTimeout()
-                    ratTimer.resetTimeout()
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition (
-                Function {
-                    LOG.error("RAT_PROVER failed")
-                    LOG.debug("Send IDSC_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
-                            CloseCause.RAT_PROVER_FAILED))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition (
-                Function {
-                    LOG.error("RAT_VERIFIER failed")
-                    LOG.debug("Send IDSC_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
-                            CloseCause.RAT_VERIFIER_FAILED))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition(
-                Function { event: Event ->
-                    LOG.debug("Send IDSCP_RAT_PROVER")
-                    if (!fsm.sendFromFSM(event.idscpMessage)) {
-                        LOG.error("Cannot send rat prover message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition(
-                Function { event: Event ->
-                    LOG.debug("Send IDSCP_RAT_VERIFIER")
-                    if (!fsm.sendFromFSM(event.idscpMessage)) {
-                        LOG.error("Cannot send rat verifier message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
-                Function {
-                    LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER")
-                    fsm.stopRatVerifierDriver()
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                        LOG.error("Cannot send DatExpired message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    LOG.debug("Start Handshake Timer")
-                    handshakeTimer.resetTimeout()
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
-                Function {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                            CloseCause.TIMEOUT))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
-                Function {
-                    fsm.recvAck(it.idscpMessage.idscpAck)
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
-                Function { event: Event ->
-                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-
-                    if(!event.idscpMessage.hasIdscpRatVerifier()) {
-                        // this should never happen
-                        LOG.error("IDSCP_RAT_Verifier Message not available")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    if (fsm.ratProverDriver == null) {
-                        LOG.error("RatProverDriver not available")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                    GlobalScope.launch {
-                        fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                    }
-
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition (
-                Function { event: Event ->
-                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
-
-                    if(!event.idscpMessage.hasIdscpRatProver()) {
-                        // this should never happen
-                        LOG.error("IDSCP_RAT_PROVER Message not available")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    if (fsm.ratVerifierDriver == null) {
-                        LOG.error("RatVerifierDriver not available")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                    GlobalScope.launch {
-                        fsm.ratVerifierDriver!!.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
-                    }
-
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                        LOG.error("Cannot send DAT message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
-                Function {
-                    LOG.debug("Received IDSCP_CLOSE")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        setNoTransitionHandler (
-                Function { event: Event? ->
-                    LOG.debug("No transition available for given event " + event.toString())
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT")
-                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-                }
-        )
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSCP_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "User close",
+                    CloseCause.USER_SHUTDOWN
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
+            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
+        })
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
+            // nothing to do, currently attestating
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
+            LOG.debug("Received RAT_PROVER OK")
+            proverHandshakeTimer.cancelTimeout()
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
+            LOG.debug("Received RAT_VERIFIER OK")
+            verifierHandshakeTimer.cancelTimeout()
+            ratTimer.resetTimeout()
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
+            LOG.error("RAT_PROVER failed")
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "RAT_PROVER failed",
+                    CloseCause.RAT_PROVER_FAILED
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
+            LOG.error("RAT_VERIFIER failed")
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "RAT_VERIFIER failed",
+                    CloseCause.RAT_VERIFIER_FAILED
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
+            LOG.debug("Send IDSCP_RAT_PROVER")
+            if (!fsm.sendFromFSM(event.idscpMessage)) {
+                LOG.error("Cannot send rat prover message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition { event: Event ->
+            LOG.debug("Send IDSCP_RAT_VERIFIER")
+            if (!fsm.sendFromFSM(event.idscpMessage)) {
+                LOG.error("Cannot send rat verifier message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
+            LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER")
+            fsm.stopRatVerifierDriver()
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
+                LOG.error("Cannot send DatExpired message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            LOG.debug("Start Handshake Timer")
+            handshakeTimer.resetTimeout()
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
+        })
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "Handshake timeout",
+                    CloseCause.TIMEOUT
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
+            fsm.recvAck(it.idscpMessage.idscpAck)
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
+            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+
+            if (!event.idscpMessage.hasIdscpRatVerifier()) {
+                // this should never happen
+                LOG.error("IDSCP_RAT_Verifier Message not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            if (fsm.ratProverDriver == null) {
+                LOG.error("RatProverDriver not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+            GlobalScope.launch {
+                fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+            }
+
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
+            LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
+
+            if (!event.idscpMessage.hasIdscpRatProver()) {
+                // this should never happen
+                LOG.error("IDSCP_RAT_PROVER Message not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            if (fsm.ratVerifierDriver == null) {
+                LOG.error("RatVerifierDriver not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+            GlobalScope.launch {
+                fsm.ratVerifierDriver!!.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+            }
+
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
+                LOG.error("Cannot send DAT message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        setNoTransitionHandler { event: Event? ->
+            LOG.debug("No transition available for given event " + event.toString())
+            LOG.debug("Stay in state STATE_WAIT_FOR_RAT")
+            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
+        }
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index 3f707416a..61fc5734f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -1,13 +1,12 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
 import kotlinx.coroutines.GlobalScope
 import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
-import java.util.function.Function
 
 /**
  * The Wait_For_Rat_Prover State of the FSM of the IDSCP2 protocol.
@@ -49,170 +48,148 @@ class StateWaitForRatProver(fsm: FSM,
          * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_PROVER
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
-                Function {
-                    LOG.debug("Send IDSC_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", CloseCause.USER_SHUTDOWN))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.ERROR.value, Transition (
-                Function {
-                    LOG.debug("An internal control error occurred")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
-                Function {
-                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
-                Function {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout",
-                            CloseCause.TIMEOUT))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
-                Function {
-                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED")
-                    ratTimer.cancelTimeout()
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                        LOG.error("Cannot send DatExpired message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    LOG.debug("Start Handshake Timer")
-                    handshakeTimer.resetTimeout()
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition (
-                Function {
-                    LOG.debug("Received RAT_PROVER OK")
-                    proverHandshakeTimer.cancelTimeout()
-                    if (fsm.getAckFlag) {
-                        ackTimer.start()
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
-                    } else {
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
-                    }
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition (
-                Function {
-                    LOG.error("RAT_PROVER failed")
-                    LOG.debug("Send IDSC_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_PROVER failed",
-                            CloseCause.RAT_PROVER_FAILED))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition(
-                Function { event: Event ->
-                    LOG.debug("Send IDSCP_RAT_PROVER")
-                    if (!fsm.sendFromFSM(event.idscpMessage)) {
-                        LOG.error("Cannot send rat prover message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition(
-                Function {
-                    LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                        LOG.error("Cannot send ReRat message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    ratTimer.cancelTimeout()
-                    if (!fsm.restartRatVerifierDriver()) {
-                        LOG.error("Cannot run Rat verifier, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
-                Function {
-                    LOG.debug("Received IDSCP_CLOSE")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                        LOG.error("Cannot send DAT message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition (
-                Function { event: Event ->
-                    LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-
-                    if(!event.idscpMessage.hasIdscpRatVerifier()) {
-                        // this should never happen
-                        LOG.error("IDSCP_RAT_VERIFIER Message not available")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    if (fsm.ratProverDriver == null) {
-                        LOG.error("RatProverDriver not available")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                    GlobalScope.launch {
-                        fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                    }
-
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
-                Function {
-                    fsm.recvAck(it.idscpMessage.idscpAck)
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        setNoTransitionHandler (
-                Function {
-                    LOG.debug("No transition available for given event $it")
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER")
-                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-                }
-        )
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", CloseCause.USER_SHUTDOWN))
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
+            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
+        })
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "Handshake timeout",
+                    CloseCause.TIMEOUT
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
+            LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED")
+            ratTimer.cancelTimeout()
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
+                LOG.error("Cannot send DatExpired message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            LOG.debug("Start Handshake Timer")
+            handshakeTimer.resetTimeout()
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
+            LOG.debug("Received RAT_PROVER OK")
+            proverHandshakeTimer.cancelTimeout()
+            if (fsm.getAckFlag) {
+                ackTimer.start()
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
+            } else {
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
+            }
+        })
+
+        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
+            LOG.error("RAT_PROVER failed")
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "RAT_PROVER failed",
+                    CloseCause.RAT_PROVER_FAILED
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
+            LOG.debug("Send IDSCP_RAT_PROVER")
+            if (!fsm.sendFromFSM(event.idscpMessage)) {
+                LOG.error("Cannot send rat prover message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
+            LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
+                LOG.error("Cannot send ReRat message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            ratTimer.cancelTimeout()
+            if (!fsm.restartRatVerifierDriver()) {
+                LOG.error("Cannot run Rat verifier, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
+                LOG.error("Cannot send DAT message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
+            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+
+            if (!event.idscpMessage.hasIdscpRatVerifier()) {
+                // this should never happen
+                LOG.error("IDSCP_RAT_VERIFIER Message not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            if (fsm.ratProverDriver == null) {
+                LOG.error("RatProverDriver not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+            GlobalScope.launch {
+                fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+            }
+
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
+            fsm.recvAck(it.idscpMessage.idscpAck)
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        setNoTransitionHandler {
+            LOG.debug("No transition available for given event $it")
+            LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER")
+            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
+        }
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index e01d5a330..f5eee4dec 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -1,13 +1,12 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
 import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
 import kotlinx.coroutines.GlobalScope
 import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
-import java.util.function.Function
 
 /**
  * The Wait_For_Rat_Verifier State of the FSM of the IDSCP2 protocol.
@@ -47,163 +46,141 @@ class StateWaitForRatVerifier(fsm: FSM,
          * onMessage: IDSCP_RE_RAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
          * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition (
-                Function {
-                    LOG.debug("Send IDSC_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close",
-                            CloseCause.USER_SHUTDOWN))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.ERROR.value, Transition (
-                Function {
-                    LOG.debug("An internal control error occurred")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition (
-                Function {
-                    // already re-attestating
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition (
-                Function {
-                    FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-                }
-        ))
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition (
-                Function {
-                    LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", CloseCause.TIMEOUT))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition(
-                Function {
-                    LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER")
-                    fsm.stopRatVerifierDriver()
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                        LOG.error("Cannot send DatExpired message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    LOG.debug("Start Handshake Timer")
-                    handshakeTimer.resetTimeout()
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition (
-                Function {
-                    LOG.debug("Received RAT_VERIFIER OK")
-                    verifierHandshakeTimer.cancelTimeout()
-                    LOG.debug("Start RAT Timer")
-                    ratTimer.resetTimeout()
-                    if (fsm.getAckFlag) {
-                        ackTimer.start()
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
-                    } else {
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
-                    }
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition (
-                Function {
-                    LOG.error("RAT_VERIFIER failed")
-                    LOG.debug("Send IDSC_CLOSE")
-                    fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("RAT_VERIFIER failed",
-                            CloseCause.RAT_VERIFIER_FAILED))
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition(
-                Function { event: Event ->
-                    LOG.debug("Send IDSCP_RAT_VERIFIER")
-                    if (!fsm.sendFromFSM(event.idscpMessage)) {
-                        LOG.error("Cannot send rat verifier message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition (
-                Function {
-                    LOG.debug("Received IDSCP_CLOSE")
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
-                    if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                        LOG.error("Cannot send DAT message")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition (
-                Function { event: Event ->
-                    LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
-
-                    if(!event.idscpMessage.hasIdscpRatProver()) {
-                        // this should never happen
-                        LOG.error("IDSCP_RAT_PROVER Message not available")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    if (fsm.ratVerifierDriver == null) {
-                        LOG.error("RatVerifierDriver not available")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-
-                    // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                    GlobalScope.launch {
-                        fsm.ratVerifierDriver!!.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
-                    }
-
-                    FSM.FsmResult(FSM.FsmResultCode.OK,this)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition(
-                Function {
-                    LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
-                    if (!fsm.restartRatProverDriver()) {
-                        LOG.error("Cannot run Rat prover, close idscp connection")
-                        return@Function FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                    }
-                    FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
-                }
-        ))
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition (
-                Function {
-                    fsm.recvAck(it.idscpMessage.idscpAck)
-                    FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                }
-        ))
-
-        setNoTransitionHandler (
-                Function {
-                    LOG.debug("No transition available for given event $it")
-                    LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER")
-                    FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-                }
-        )
+        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "User close",
+                    CloseCause.USER_SHUTDOWN
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.ERROR.value, Transition {
+            LOG.debug("An internal control error occurred")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
+            // already re-attestating
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
+            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
+        })
+
+        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
+            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", CloseCause.TIMEOUT))
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
+            LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER")
+            fsm.stopRatVerifierDriver()
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
+                LOG.error("Cannot send DatExpired message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            LOG.debug("Start Handshake Timer")
+            handshakeTimer.resetTimeout()
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
+            LOG.debug("Received RAT_VERIFIER OK")
+            verifierHandshakeTimer.cancelTimeout()
+            LOG.debug("Start RAT Timer")
+            ratTimer.resetTimeout()
+            if (fsm.getAckFlag) {
+                ackTimer.start()
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
+            } else {
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
+            }
+        })
+
+        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
+            LOG.error("RAT_VERIFIER failed")
+            LOG.debug("Send IDSC_CLOSE")
+            fsm.sendFromFSM(
+                Idscp2MessageHelper.createIdscpCloseMessage(
+                    "RAT_VERIFIER failed",
+                    CloseCause.RAT_VERIFIER_FAILED
+                )
+            )
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition { event: Event ->
+            LOG.debug("Send IDSCP_RAT_VERIFIER")
+            if (!fsm.sendFromFSM(event.idscpMessage)) {
+                LOG.error("Cannot send rat verifier message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_CLOSE")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
+            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
+                LOG.error("Cannot send DAT message")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
+            LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
+
+            if (!event.idscpMessage.hasIdscpRatProver()) {
+                // this should never happen
+                LOG.error("IDSCP_RAT_PROVER Message not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            if (fsm.ratVerifierDriver == null) {
+                LOG.error("RatVerifierDriver not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+
+            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+            GlobalScope.launch {
+                fsm.ratVerifierDriver!!.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+            }
+
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
+            LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
+            if (!fsm.restartRatProverDriver()) {
+                LOG.error("Cannot run Rat prover, close idscp connection")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
+        })
+
+        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
+            fsm.recvAck(it.idscpMessage.idscpAck)
+            FSM.FsmResult(FSM.FsmResultCode.OK, this)
+        })
+
+        setNoTransitionHandler {
+            LOG.debug("No transition available for given event $it")
+            LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER")
+            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
+        }
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
index 0648e76a7..09dca80e2 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
@@ -1,15 +1,13 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
-import java.util.function.Function
-
 /**
  * Transition class for State machine, provides a doTransition method
  * that returns the fsm result containing of the next state for a given event and the result code
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class Transition(private val eventHandler: Function<Event, FSM.FsmResult>) {
+class Transition(private val eventHandler: (Event) -> FSM.FsmResult) {
     fun doTransition(e: Event): FSM.FsmResult {
-        return eventHandler.apply(e)
+        return eventHandler(e)
     }
 }
\ No newline at end of file

From e7db6b3e8ec744793cbc936440bae28b127793c8 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 7 Dec 2020 13:02:13 +0100
Subject: [PATCH 194/237] Additional minor code improvements

---
 .../secure_channel/client/InputListener.kt    | 19 ---------
 .../client/InputListenerThread.kt             | 21 ++++------
 .../secure_channel/client/TLSClient.kt        | 40 +++++++++----------
 3 files changed, 27 insertions(+), 53 deletions(-)
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListener.kt

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListener.kt
deleted file mode 100644
index 3cc6cf419..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListener.kt
+++ /dev/null
@@ -1,19 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client
-
-/**
- * An interface for an InputListenerThread, that allows DataAvailableListener registration and
- * safe stop
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface InputListener {
-    /*
-     * Register a listener for providing data to
-     */
-    fun register(listener: DataAvailableListener)
-
-    /*
-     * Terminate InputListener
-     */
-    fun safeStop()
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListenerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListenerThread.kt
index bc86d2844..3ed44620c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListenerThread.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListenerThread.kt
@@ -12,9 +12,8 @@ import java.net.SocketTimeoutException
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class InputListenerThread(`in`: InputStream) : Thread(), InputListener {
-    private val `in`: DataInputStream = DataInputStream(`in`)
-    private var listener: DataAvailableListener? = null //no race conditions, could be empty list
+class InputListenerThread(inputStream: InputStream, private var listener: DataAvailableListener) : Thread() {
+    private val dataInputStream: DataInputStream = DataInputStream(inputStream)
 
     @Volatile
     private var running = true
@@ -27,29 +26,25 @@ class InputListenerThread(`in`: InputStream) : Thread(), InputListener {
         while (running) {
             try {
                 //first read the length
-                val len = `in`.readInt()
+                val len = dataInputStream.readInt()
                 buf = ByteArray(len)
                 //then read the data
-                `in`.readFully(buf, 0, len)
+                dataInputStream.readFully(buf, 0, len)
                 //provide to listener
-                listener!!.onMessage(buf)
+                listener.onMessage(buf)
             } catch (ignore: SocketTimeoutException) {
                 //timeout to catch safeStop() call
             } catch (e: EOFException) {
-                listener!!.onClose()
+                listener.onClose()
                 running = false
             } catch (e: IOException) {
-                listener!!.onError(e)
+                listener.onError(e)
                 running = false
             }
         }
     }
 
-    override fun register(listener: DataAvailableListener) {
-        this.listener = listener
-    }
-
-    override fun safeStop() {
+    fun safeStop() {
         running = false
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
index 6c422b1ec..b72cebf66 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
@@ -4,11 +4,11 @@ import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSConstants
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSSessionVerificationHelper
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener
 import org.slf4j.LoggerFactory
 import java.io.DataOutputStream
@@ -31,8 +31,8 @@ class TLSClient<CC: Idscp2Connection>(
         nativeTlsConfiguration: NativeTlsConfiguration,
         private val connectionFuture: CompletableFuture<CC>
 ) : HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
-    private val clientSocket: Socket?
-    private var out: DataOutputStream? = null
+    private val clientSocket: Socket
+    private var dataOutputStream: DataOutputStream? = null
     private var inputListenerThread: InputListenerThread? = null
     private val listenerPromise = CompletableFuture<SecureChannelListener>()
 
@@ -49,12 +49,11 @@ class TLSClient<CC: Idscp2Connection>(
             LOG.debug("Client is connected to server {}:{}", hostname, port)
 
             //set clientSocket timeout to allow safeStop()
-            clientSocket!!.soTimeout = 5000
-            out = DataOutputStream(clientSocket.getOutputStream())
+            clientSocket.soTimeout = 5000
+            dataOutputStream = DataOutputStream(clientSocket.getOutputStream())
 
             // Add inputListener but start it not before handshake is complete
-            inputListenerThread = InputListenerThread(clientSocket.getInputStream())
-            inputListenerThread!!.register(this)
+            inputListenerThread = InputListenerThread(clientSocket.getInputStream(), this)
             sslSocket.addHandshakeCompletedListener(this)
             LOG.debug("Start TLS Handshake")
             sslSocket.startHandshake()
@@ -75,10 +74,8 @@ class TLSClient<CC: Idscp2Connection>(
     private fun disconnect() {
         LOG.debug("Disconnecting from TLS server...")
         //close listener
-        if (inputListenerThread != null && inputListenerThread!!.isAlive) {
-            inputListenerThread!!.safeStop()
-        }
-        if (clientSocket != null && !clientSocket.isClosed) {
+        inputListenerThread?.safeStop()
+        if (!clientSocket.isClosed) {
             try {
                 clientSocket.close()
             } catch (e: IOException) {
@@ -105,20 +102,22 @@ class TLSClient<CC: Idscp2Connection>(
             false
         } else {
             try {
-                out!!.writeInt(bytes.size)
-                out!!.write(bytes)
-                out!!.flush()
+                dataOutputStream?.let {
+                    it.writeInt(bytes.size)
+                    it.write(bytes)
+                    it.flush()
+                } ?: throw IOException("DataOutputStream not available")
                 LOG.debug("Send message")
                 true
             } catch (e: IOException) {
-                LOG.error("Client cannot send data")
+                LOG.error("Client cannot send data", e)
                 false
             }
         }
     }
 
     override val isConnected: Boolean
-        get() = clientSocket != null && clientSocket.isConnected
+        get() = clientSocket.isConnected
 
     override fun handshakeCompleted(handshakeCompletedEvent: HandshakeCompletedEvent) {
         //start receiving listener after TLS Handshake was successful
@@ -163,7 +162,6 @@ class TLSClient<CC: Idscp2Connection>(
     }
 
     init {
-
         // init TLS Client
 
         // get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
@@ -188,10 +186,10 @@ class TLSClient<CC: Idscp2Connection>(
 
         // create server socket
         clientSocket = socketFactory.createSocket()
-        val sslSocket = clientSocket as SSLSocket?
+        val sslSocket = clientSocket as SSLSocket
 
         // set TLS constraints
-        val sslParameters = sslSocket!!.sslParameters
+        val sslParameters = sslSocket.sslParameters
         sslParameters.useCipherSuitesOrder = false // use server priority order
         sslParameters.needClientAuth = true
         sslParameters.protocols = TLSConstants.TLS_ENABLED_PROTOCOLS // only TLSv1.3

From f813353c3d6e49f41be30492ed10bef2589c0465 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 8 Dec 2020 08:06:31 +0100
Subject: [PATCH 195/237] Processors and IDSCP2 improvements by HMzF and ML

---
 build.gradle                                  |  23 +-
 camel-ids/build.gradle                        |   3 -
 camel-idscp2-osgi/LICENSE.txt                 | 201 ++++++
 camel-idscp2-osgi/README.md                   |   1 +
 camel-idscp2-osgi/bnd.bnd                     |   5 +
 camel-idscp2-osgi/build.gradle.kts            |  52 ++
 .../camel/idscp2/osgi/Idscp2OsgiComponent.kt  |  74 ++
 .../org/apache/camel/component/idscp2client   |  17 +
 .../org/apache/camel/component/idscp2server   |  17 +
 camel-idscp2/README.md                        |   3 +-
 camel-idscp2/build.gradle.kts                 |  22 +-
 .../fhg/aisec/ids/camel/idscp2/Constants.kt   |   3 +
 .../ids/camel/idscp2/Idscp2OsgiComponent.kt   |  91 ---
 .../fhg/aisec/ids/camel/idscp2/ProviderDB.kt  |  15 +
 .../ids/camel/idscp2/UsageControlMaps.kt      |  81 +++
 .../de/fhg/aisec/ids/camel/idscp2/Utils.kt    |  48 ++
 .../idscp2/client/Idscp2ClientConsumer.kt     |  36 +-
 .../idscp2/client/Idscp2ClientEndpoint.kt     |  23 +-
 .../idscp2/client/Idscp2ClientProducer.kt     |  51 +-
 .../ArtifactRequestCreationProcessor.kt       |  40 +-
 .../processors/ArtifactRequestProcessor.kt    |  93 +++
 .../processors/ArtifactResponseProcessor.kt   |  34 +
 .../ContractAgreementReceiverProcessor.kt     |  49 ++
 .../ContractRequestCreationProcessor.kt       |  53 +-
 .../processors/ContractRequestProcessor.kt    |  77 ++
 .../ContractResponseCreationProcessor.kt      |  53 --
 .../processors/ContractResponseProcessor.kt   |  93 +++
 .../processors/IdsHeaderMessageProcessor.kt   |  30 -
 .../IdsMessageTypeExtractionProcessor.kt      |  40 ++
 .../camel/idscp2/server/CamelIdscp2Server.kt  |  10 +-
 .../idscp2/server/Idscp2ServerConsumer.kt     |  28 +-
 .../idscp2/server/Idscp2ServerEndpoint.kt     |  59 +-
 .../idscp2/server/Idscp2ServerProducer.kt     |   3 +-
 camel-multipart-processor/build.gradle.kts    |   3 -
 .../example-idscp2/example-idscp2-client.xml  |   8 +-
 examples/route-examples/demo-route.md         |   7 +
 examples/route-examples/demo-route.xml        | 152 +++-
 gradle/wrapper/gradle-wrapper.properties      |   2 +-
 ids-api/build.gradle                          |   2 +
 .../ids/api/cm/ApplicationContainer.java      |  19 +
 .../aisec/ids/api/policy/DecisionRequest.java |  20 +-
 .../java/de/fhg/aisec/ids/api/policy/PDP.java |   5 +-
 .../aisec/ids/api/router/RouteManager.java    |   4 -
 .../fhg/aisec/ids/api/ExtensionFunctions.kt   |  19 +
 .../api/idscp2/Idscp2UsageControlInterface.kt |  24 +
 .../fhg/aisec/ids/cm/impl/docker/DockerCM.kt  |  90 +--
 .../aisec/ids/cm/impl/docker/DockerCmIT.java  | 147 ----
 .../aisec/ids/cm/impl/docker/DockerCmIT.kt    | 127 ++++
 .../dataflowcontrol/PolicyDecisionPoint.kt    |   8 +-
 .../ids/dataflowcontrol/LuconEngineTest.java  | 671 ------------------
 .../ids/dataflowcontrol/LuconEngineTest.kt    | 631 ++++++++++++++++
 ids-infomodel-manager/build.gradle.kts        |   2 +-
 ids-route-manager/build.gradle                |  18 -
 ids-route-manager/build.gradle.kts            |  23 +
 .../de/fhg/aisec/ids/rm/CamelInterceptor.java |  45 --
 .../aisec/ids/rm/PolicyEnforcementPoint.java  | 168 -----
 .../fhg/aisec/ids/rm/RouteManagerService.java | 536 --------------
 .../aisec/ids/rm/util/CamelRouteToDot.java    | 240 -------
 .../fhg/aisec/ids/rm/util/GraphProcessor.java | 119 ----
 .../de/fhg/aisec/ids/rm/util/NodeData.java    | 196 -----
 .../de/fhg/aisec/ids/rm/util/PrologNode.java  | 126 ----
 .../fhg/aisec/ids/rm/util/PrologPrinter.java  | 125 ----
 .../de/fhg/aisec/ids/rm/CamelInterceptor.kt   |  63 ++
 .../aisec/ids/rm/PolicyEnforcementPoint.kt    | 236 ++++++
 .../fhg/aisec/ids/rm/RouteManagerService.kt   | 476 +++++++++++++
 .../fhg/aisec/ids/rm/util/CamelRouteToDot.kt  | 231 ++++++
 .../fhg/aisec/ids/rm/util/GraphProcessor.kt   | 113 +++
 .../de/fhg/aisec/ids/rm/util/NodeData.kt      | 187 +++++
 .../de/fhg/aisec/ids/rm/util/PrologNode.kt    | 118 +++
 .../de/fhg/aisec/ids/rm/util/PrologPrinter.kt | 136 ++++
 .../src/main/resources/log4j2-test.xml        |  39 +
 .../de/fhg/aisec/ids/rm/RouteMetricsTest.java |  74 --
 .../de/fhg/aisec/ids/rm/RouteMetricsTest.kt   |  72 ++
 ids-webconsole/build.gradle                   |   3 -
 idscp2-app-layer/bnd.bnd                      |   4 +-
 idscp2-app-layer/build.gradle.kts             |   6 +-
 .../idscp2/app_layer/AppLayerConnection.kt    | 100 ++-
 .../fhg/aisec/ids/idscp2/app_layer}/Utils.kt  |   2 +-
 .../app_layer/listeners/IdsMessageListener.kt |   8 +
 .../src/main/proto/idscp2-app.proto           |   8 +
 idscp2/bnd.bnd                                |   4 +-
 idscp2/build.gradle.kts                       |   2 +-
 .../idscp2/idscp_core/Idscp2ConnectionImpl.kt |   4 +
 karaf-features-ids/build.gradle               |   2 +-
 libraryVersions.yaml                          |   6 +-
 settings.gradle                               |   1 +
 86 files changed, 3980 insertions(+), 2880 deletions(-)
 create mode 100644 camel-idscp2-osgi/LICENSE.txt
 create mode 100644 camel-idscp2-osgi/README.md
 create mode 100644 camel-idscp2-osgi/bnd.bnd
 create mode 100644 camel-idscp2-osgi/build.gradle.kts
 create mode 100644 camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
 create mode 100644 camel-idscp2-osgi/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
 create mode 100644 camel-idscp2-osgi/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/ProviderDB.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Utils.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestProcessor.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactResponseProcessor.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractAgreementReceiverProcessor.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseCreationProcessor.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsHeaderMessageProcessor.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt
 create mode 100644 examples/route-examples/demo-route.md
 create mode 100644 ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt
 create mode 100644 ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt
 delete mode 100644 ids-container-manager/src/test/java/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.java
 create mode 100644 ids-container-manager/src/test/kotlin/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.kt
 delete mode 100644 ids-dataflow-control/src/test/java/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.java
 create mode 100644 ids-dataflow-control/src/test/kotlin/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.kt
 delete mode 100644 ids-route-manager/build.gradle
 create mode 100644 ids-route-manager/build.gradle.kts
 delete mode 100644 ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/CamelInterceptor.java
 delete mode 100644 ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.java
 delete mode 100644 ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/RouteManagerService.java
 delete mode 100644 ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/CamelRouteToDot.java
 delete mode 100644 ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/GraphProcessor.java
 delete mode 100644 ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/NodeData.java
 delete mode 100644 ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/PrologNode.java
 delete mode 100644 ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/PrologPrinter.java
 create mode 100644 ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/CamelInterceptor.kt
 create mode 100644 ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
 create mode 100644 ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt
 create mode 100644 ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/CamelRouteToDot.kt
 create mode 100644 ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/GraphProcessor.kt
 create mode 100644 ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/NodeData.kt
 create mode 100644 ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologNode.kt
 create mode 100644 ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologPrinter.kt
 create mode 100644 ids-route-manager/src/main/resources/log4j2-test.xml
 delete mode 100644 ids-route-manager/src/test/java/de/fhg/aisec/ids/rm/RouteMetricsTest.java
 create mode 100644 ids-route-manager/src/test/kotlin/de/fhg/aisec/ids/rm/RouteMetricsTest.kt
 rename {camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors => idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer}/Utils.kt (72%)
 create mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/IdsMessageListener.kt

diff --git a/build.gradle b/build.gradle
index e432798ab..e66cc2166 100644
--- a/build.gradle
+++ b/build.gradle
@@ -35,9 +35,6 @@ allprojects {
     version = "3.0.2"
 
     configurations {
-        // just to make bills of materials (bom) easier to see in the dependency tree
-        bom
-
         // Configuration for dependencies that will be provided through features in the OSGi environment
         providedByFeature
 
@@ -102,12 +99,6 @@ subprojects {
 
     // define some Bill of Materials (BOM) for all subprojects
     dependencies {
-        // BOM from Karaf, sets common version for OSGi libraries
-        bom group: "org.apache.karaf", name: "karaf", version: libraryVersions.karaf
-
-        // BOM for pax, for jetty, etc.
-        bom group: "org.ops4j.pax", name: "web", version: libraryVersions.pax
-
         // Logging API
         providedByBundle group: "org.slf4j", name: "slf4j-simple", version: libraryVersions.slf4j
 
@@ -176,7 +167,15 @@ configure(subprojects.findAll { it.name != "examples" }) {
     }
 }
 
-configure(subprojects.findAll { it.name == "ids-api" || it.name == "ids-comm" }) {
+final Map<String, String> descriptions = [
+        "idscp2": "IDSCP2 Protocol Implementation",
+        "idscp2-app-layer": "IDSCP2 Application Layer Implementation",
+        "camel-idscp2": "Camel IDSCP2 Component Implementation"
+]
+
+configure(subprojects.findAll {
+    /*it.name == "ids-api" || it.name == "ids-comm" ||*/ it.name.startsWith("idscp2") || it.name == "camel-idscp2"
+}) {
     apply plugin: "maven-publish"
     apply plugin: "signing"
 
@@ -205,8 +204,8 @@ configure(subprojects.findAll { it.name == "ids-api" || it.name == "ids-comm" })
                 artifact sourcesJar
                 artifact javadocJar
                 pom {
-                    name = "IDSCP Protocol Library"
-                    description = "Contains the WebSocket-based Industrial Data Space Communication Protocol (IDSCP)"
+                    name = project.name
+                    description = descriptions[project.name]
                     url = "https://github.com/industrial-data-space/trusted-connector"
                     licenses {
                         license {
diff --git a/camel-ids/build.gradle b/camel-ids/build.gradle
index 49d4a4158..b6650298c 100644
--- a/camel-ids/build.gradle
+++ b/camel-ids/build.gradle
@@ -4,9 +4,6 @@ dependencies {
     providedByBundle(project(':ids-api')) { transitive = false }
     providedByBundle(project(':ids-comm')) { transitive = false }
 
-    // Bill of Materials (BOM) for Camel
-    bom group: 'org.apache.camel', name: 'camel-parent', version: libraryVersions.camel
-
     providedByFeature group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
     providedByFeature group: 'org.apache.camel', name: 'camel-ahc', version: libraryVersions.camel
 
diff --git a/camel-idscp2-osgi/LICENSE.txt b/camel-idscp2-osgi/LICENSE.txt
new file mode 100644
index 000000000..261eeb9e9
--- /dev/null
+++ b/camel-idscp2-osgi/LICENSE.txt
@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/camel-idscp2-osgi/README.md b/camel-idscp2-osgi/README.md
new file mode 100644
index 000000000..2c92b5fc9
--- /dev/null
+++ b/camel-idscp2-osgi/README.md
@@ -0,0 +1 @@
+The _camel-idscp2_ module adds IDSCP2 support to the integrated Camel deployment. It creates a Camel Component to make IDSCP2 available for building Camel routes. IDSCP2 itself is contained in module _idscp2_.
diff --git a/camel-idscp2-osgi/bnd.bnd b/camel-idscp2-osgi/bnd.bnd
new file mode 100644
index 000000000..dcbf160e3
--- /dev/null
+++ b/camel-idscp2-osgi/bnd.bnd
@@ -0,0 +1,5 @@
+Bundle-Name: IDS :: Camel IDSCP2 Support
+Bundle-SymbolicName: de.fhg.aisec.ids.camel.idscp2.osgi
+Bundle-Description: Camel IDSCP2 protocol support
+Export-Package: de.fhg.aisec.ids.camel.idscp2*
+Import-Package: *
\ No newline at end of file
diff --git a/camel-idscp2-osgi/build.gradle.kts b/camel-idscp2-osgi/build.gradle.kts
new file mode 100644
index 000000000..c697a6155
--- /dev/null
+++ b/camel-idscp2-osgi/build.gradle.kts
@@ -0,0 +1,52 @@
+import org.gradle.plugins.ide.idea.model.IdeaModel
+
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.ext.get("libraryVersions") as Map<String, String>
+
+description = "Camel IDSCP2 Component"
+version = libraryVersions["idscp2"] ?: error("IDSCP2 version not specified")
+
+plugins {
+    id("com.github.gmazzo.buildconfig") version "2.0.2"
+}
+
+apply(plugin = "idea")
+
+buildConfig {
+    sourceSets.getByName("main") {
+        packageName("de.fhg.aisec.ids.informationmodelmanager")
+        buildConfigField("String", "INFOMODEL_VERSION",
+                "\"${libraryVersions["infomodel"] ?: error("Infomodel version not available")}\"")
+    }
+}
+
+configure<IdeaModel> {
+    module {
+        // mark as generated sources for IDEA
+        generatedSourceDirs.add(File("${buildDir}/generated/source/buildConfig/main/main"))
+    }
+}
+
+dependencies {
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+    providedByBundle(project(":idscp2-app-layer")) { isTransitive = false }
+
+    implementation(project(":camel-idscp2")) { isTransitive = false }
+
+    implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
+    implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodel"])
+
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
+
+    providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
+
+    providedByFeature("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
+
+    providedByBundle("com.google.guava", "guava", libraryVersions["guava"]) {
+        isTransitive = false  // Avoid pulling in of checker framework and other annotation stuff
+    }
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.apache.camel", "camel-test", libraryVersions["camel"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+}
diff --git a/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt b/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
new file mode 100644
index 000000000..58d6b9502
--- /dev/null
+++ b/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
@@ -0,0 +1,74 @@
+/*-
+ * ========================LICENSE_START=================================
+ * camel-ids
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.camel.idscp2.osgi
+
+import de.fhg.aisec.ids.api.idscp2.Idscp2UsageControlInterface
+import de.fhg.aisec.ids.api.settings.Settings
+import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
+import de.fhg.aisec.ids.camel.idscp2.Utils
+import de.fhg.aisec.ids.informationmodelmanager.BuildConfig
+import org.apache.camel.Exchange
+import org.osgi.service.component.annotations.Activate
+import org.osgi.service.component.annotations.Component
+import org.osgi.service.component.annotations.Reference
+import org.osgi.service.component.annotations.ReferenceCardinality
+import java.net.URI
+
+@Suppress("unused")
+@Component
+class Idscp2OsgiComponent : Idscp2UsageControlInterface {
+    @Reference(cardinality = ReferenceCardinality.MANDATORY)
+    private lateinit var settings: Settings
+
+    init {
+        Utils.connectorUrlProducer = { settings.connectorProfile.connectorUrl }
+        Utils.maintainerUrlProducer = { settings.connectorProfile.maintainerUrl }
+        Utils.dynamicAttributeTokenProducer = { settings.dynamicAttributeToken }
+        Utils.dapsUrlProducer = { settings.connectorConfig.dapsUrl }
+        Utils.infomodelVersion = BuildConfig.INFOMODEL_VERSION
+    }
+
+    @Activate
+    fun activate() {
+        instance = this
+    }
+
+    fun setSettings(settings: Settings) {
+        this.settings = settings
+    }
+
+    override fun getExchangeContract(exchange: Exchange) =
+            UsageControlMaps.getExchangeContract(exchange)
+
+    override fun isProtected(exchange: Exchange) = UsageControlMaps.isProtected(exchange)
+
+    override fun protectBody(exchange: Exchange, contractUri: URI) =
+            UsageControlMaps.protectBody(exchange, contractUri)
+
+    override fun unprotectBody(exchange: Exchange) = UsageControlMaps.unprotectBody(exchange)
+
+    companion object {
+        private lateinit var instance: Idscp2OsgiComponent
+
+        fun setInstance(instance: Idscp2OsgiComponent) {
+            Companion.instance = instance
+        }
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2-osgi/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client b/camel-idscp2-osgi/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
new file mode 100644
index 000000000..f0e6faab9
--- /dev/null
+++ b/camel-idscp2-osgi/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
@@ -0,0 +1,17 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+class=de.fhg.aisec.ids.camel.idscp2.client.Idscp2ClientComponent
diff --git a/camel-idscp2-osgi/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server b/camel-idscp2-osgi/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server
new file mode 100644
index 000000000..95abf4615
--- /dev/null
+++ b/camel-idscp2-osgi/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server
@@ -0,0 +1,17 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+class=de.fhg.aisec.ids.camel.idscp2.server.Idscp2ServerComponent
diff --git a/camel-idscp2/README.md b/camel-idscp2/README.md
index 2c92b5fc9..a0d7198a1 100644
--- a/camel-idscp2/README.md
+++ b/camel-idscp2/README.md
@@ -1 +1,2 @@
-The _camel-idscp2_ module adds IDSCP2 support to the integrated Camel deployment. It creates a Camel Component to make IDSCP2 available for building Camel routes. IDSCP2 itself is contained in module _idscp2_.
+The _camel-idscp2_ module adds IDSCP2 support to the integrated Camel deployment. It creates a Camel Component to make IDSCP2 available for building Camel routes.
+IDSCP2 itself and the application layer implementation are contained in modules _idscp2_ and _idscp2-app-layer_
diff --git a/camel-idscp2/build.gradle.kts b/camel-idscp2/build.gradle.kts
index a1df6508b..3fc102020 100644
--- a/camel-idscp2/build.gradle.kts
+++ b/camel-idscp2/build.gradle.kts
@@ -1,24 +1,22 @@
-description = "Camel IDS Component"
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.ext.get("libraryVersions") as Map<String, String>
+
+version = libraryVersions["idscp2"] ?: error("IDSCP2 version not specified")
 
 dependencies {
-    @Suppress("UNCHECKED_CAST") val libraryVersions =
-            rootProject.ext.get("libraryVersions") as Map<String, String>
-    
-    providedByBundle(project(":ids-api")) { isTransitive = false }
     providedByBundle(project(":idscp2-app-layer"))
 
-    implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
-    implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodelSerializer"])
-
-    // Bill of Materials (BOM) for Camel
-    bom("org.apache.camel", "camel-parent", libraryVersions["camel"])
+    publishCompile("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
+    publishCompile("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodel"])
 
     providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
 
-    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
-
     providedByFeature("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
 
+    providedByBundle("com.google.guava", "guava", libraryVersions["guava"]) {
+        isTransitive = false  // Avoid pulling in of checker framework and other annotation stuff
+    }
+
     testImplementation("junit", "junit", libraryVersions["junit4"])
     testImplementation("org.apache.camel", "camel-test", libraryVersions["camel"])
     testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt
index f32a197ee..df18e9970 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt
@@ -3,4 +3,7 @@ package de.fhg.aisec.ids.camel.idscp2
 object Constants {
     const val IDSCP2_HEADER = "idscp2-header"
     const val IDS_TYPE = "ids-type"
+    const val CONTAINER_URI_PROPERTY = "containerUri"
+    const val ARTIFACT_URI_PROPERTY = "artifactUri"
+    const val DEFAULT_DAPS_URL = "https://daps.aisec.fraunhofer.de"
 }
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt
deleted file mode 100644
index b5f5c2269..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Idscp2OsgiComponent.kt
+++ /dev/null
@@ -1,91 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.idscp2
-
-import de.fhg.aisec.ids.api.endpointconfig.EndpointConfigManager
-import de.fhg.aisec.ids.api.infomodel.InfoModel
-import de.fhg.aisec.ids.api.settings.Settings
-import de.fhg.aisec.ids.api.tokenm.TokenManager
-import org.osgi.service.component.annotations.Activate
-import org.osgi.service.component.annotations.Component
-import org.osgi.service.component.annotations.Reference
-import org.osgi.service.component.annotations.ReferenceCardinality
-
-@Component
-class Idscp2OsgiComponent {
-    @Reference(cardinality = ReferenceCardinality.MANDATORY)
-    private lateinit var settings: Settings
-
-    @Reference(cardinality = ReferenceCardinality.MANDATORY)
-    private lateinit var infoModelManager: InfoModel
-
-    @Reference(cardinality = ReferenceCardinality.OPTIONAL)
-    private var tokenManager: TokenManager? = null
-
-    @Reference(cardinality = ReferenceCardinality.OPTIONAL)
-    private var endpointConfigManager: EndpointConfigManager? = null
-
-    @Activate
-    fun activate() {
-        instance = this
-    }
-
-    fun setSettings(settings: Settings) {
-        this.settings = settings
-    }
-
-    fun setInfoModelManager(infoModelManager: InfoModel) {
-        this.infoModelManager = infoModelManager
-    }
-
-    fun setTokenManager(tokenManager: TokenManager?) {
-        this.tokenManager = tokenManager
-    }
-
-    fun setEndpointConfigManager(endpointConfigManager: EndpointConfigManager?) {
-        this.endpointConfigManager = endpointConfigManager
-    }
-
-    companion object {
-        private lateinit var instance: Idscp2OsgiComponent
-
-        fun setInstance(instance: Idscp2OsgiComponent) {
-            this.instance = instance
-        }
-
-        /**
-         * Is never null due to ReferenceCardinality.MANDATORY,
-         * but instance might be null for Unit Tests
-         * @return Token-Manager instance
-         */
-        val settings get() = instance.settings
-
-        /**
-         * Is never null due to ReferenceCardinality.MANDATORY,
-         * but instance might be null for Unit Tests
-         * @return Info-Model-Manager instance
-         */
-        val infoModelManager get() = instance.infoModelManager
-
-        val tokenManager get() = instance.tokenManager
-
-        val endpointConfigManager get() = instance.endpointConfigManager
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/ProviderDB.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/ProviderDB.kt
new file mode 100644
index 000000000..bc8d38d36
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/ProviderDB.kt
@@ -0,0 +1,15 @@
+package de.fhg.aisec.ids.camel.idscp2
+
+import de.fraunhofer.iais.eis.ContractAgreement
+import java.net.URI
+import java.util.concurrent.ConcurrentHashMap
+
+object ProviderDB {
+    val availableArtifactURIs: ConcurrentHashMap<URI, String> = ConcurrentHashMap()
+    val artifactUrisMapped2ContractAgreements: ConcurrentHashMap<URI, URI> = ConcurrentHashMap()
+    val contractAgreements: ConcurrentHashMap<URI, ContractAgreement> = ConcurrentHashMap()
+
+    init {
+        availableArtifactURIs[URI.create("https://example.com/some_artifact")] = "AVAILABLE"
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt
new file mode 100644
index 000000000..bd8333976
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt
@@ -0,0 +1,81 @@
+/*-
+ * ========================LICENSE_START=================================
+ * camel-ids
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.camel.idscp2
+
+import com.github.jsonldjava.shaded.com.google.common.collect.MapMaker
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
+import de.fraunhofer.iais.eis.ContractAgreement
+import org.apache.camel.Exchange
+import org.slf4j.LoggerFactory
+import java.net.URI
+
+object UsageControlMaps {
+    private val LOG = LoggerFactory.getLogger(Utils::class.java)
+
+    private val contractMap: MutableMap<URI, ContractAgreement> =
+            MapMaker().makeMap()
+    private val exchangeConnectionMap: MutableMap<Exchange, AppLayerConnection> =
+            MapMaker().weakKeys().makeMap()
+    private val connectionContracts: MutableMap<AppLayerConnection, URI> =
+            MapMaker().weakKeys().makeMap()
+    private val protectedBodies: MutableMap<Exchange, Any> =
+            MapMaker().weakKeys().makeMap()
+
+    fun getExchangeContract(exchange: Exchange): ContractAgreement? {
+        return exchangeConnectionMap[exchange]?.let { connection ->
+            connectionContracts[connection]?.let { uri ->
+                contractMap[uri] ?: throw RuntimeException("Contract $uri is not available!")
+            }
+        }
+    }
+
+    fun protectBody(exchange: Exchange, contractUri: URI) {
+        protectedBodies[exchange] = exchange.message.body
+        exchange.message.body = "### Usage control protected body, contract $contractUri ###"
+    }
+
+    fun isProtected(exchange: Exchange) = protectedBodies.containsKey(exchange)
+
+    fun unprotectBody(exchange: Exchange) {
+        exchange.message.body = protectedBodies[exchange]
+    }
+
+    fun addContractAgreement(contractAgreement: ContractAgreement) {
+        contractMap[contractAgreement.id] = contractAgreement
+    }
+
+    fun setConnectionContract(connection: AppLayerConnection, contractUri: URI?) {
+        if (contractUri != null) {
+            connectionContracts[connection] = contractUri
+            if (LOG.isDebugEnabled) {
+                LOG.debug("UC: Assigned contract $contractUri to connection $connection")
+            }
+        } else {
+            connectionContracts -= connection
+            if (LOG.isDebugEnabled) {
+                LOG.debug("UC: Assigned no contract to connection $connection")
+            }
+        }
+    }
+
+    fun setExchangeConnection(exchange: Exchange, connection: AppLayerConnection) {
+        exchangeConnectionMap[exchange] = connection
+    }
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Utils.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Utils.kt
new file mode 100644
index 000000000..09fa0dd68
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Utils.kt
@@ -0,0 +1,48 @@
+package de.fhg.aisec.ids.camel.idscp2
+
+import de.fraunhofer.iais.eis.DynamicAttributeToken
+import de.fraunhofer.iais.eis.DynamicAttributeTokenBuilder
+import de.fraunhofer.iais.eis.TokenFormat
+import de.fraunhofer.iais.eis.ids.jsonld.Serializer
+import org.slf4j.LoggerFactory
+import java.net.URI
+import java.util.*
+import javax.xml.datatype.DatatypeFactory
+import javax.xml.datatype.XMLGregorianCalendar
+
+object Utils {
+    val SERIALIZER: Serializer by lazy { Serializer() }
+    private val LOG = LoggerFactory.getLogger(Utils::class.java)
+
+    lateinit var dynamicAttributeTokenProducer: () -> String
+    lateinit var maintainerUrlProducer: () -> URI
+    lateinit var connectorUrlProducer: () -> URI
+    lateinit var infomodelVersion: String
+    var dapsUrlProducer: () -> String = { Constants.DEFAULT_DAPS_URL }
+
+    fun createGregorianCalendarTimestamp(timeInput: Long): XMLGregorianCalendar? {
+        return DatatypeFactory.newInstance().newXMLGregorianCalendar(
+                GregorianCalendar().apply { timeInMillis = timeInput })
+    }
+
+    fun <T: Any> initMessageBuilder(builder: T): T {
+        try {
+            builder::class.java.apply {
+                getMethod("_securityToken_", DynamicAttributeToken::class.java)
+                        .invoke(builder, DynamicAttributeTokenBuilder()._tokenFormat_(TokenFormat.JWT)
+                                ._tokenValue_(dynamicAttributeTokenProducer()).build())
+                getMethod("_senderAgent_", URI::class.java).invoke(builder, maintainerUrlProducer())
+                getMethod("_issuerConnector_", URI::class.java).invoke(builder, connectorUrlProducer())
+                getMethod("_issued_", XMLGregorianCalendar::class.java)
+                        .invoke(builder, createGregorianCalendarTimestamp(System.currentTimeMillis()))
+                getMethod("_modelVersion_", String::class.java).invoke(builder, infomodelVersion)
+            }
+        } catch (upa: UninitializedPropertyAccessException) {
+            LOG.error("At least one property of de.fhg.aisec.ids.camel.idscp2.Utils has not been " +
+                    "properly initialized. This is a mandatory requirement for initialization " +
+                    "of IDSCP Messages within the IDSCP2 Camel Adapter!")
+        }
+        return builder
+    }
+}
+
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index e682cd4bc..cca9c6dab 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -17,26 +17,33 @@
 package de.fhg.aisec.ids.camel.idscp2.client
 
 import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
+import de.fhg.aisec.ids.idscp2.app_layer.listeners.IdsMessageListener
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
+import de.fraunhofer.iais.eis.Message
 import org.apache.camel.Processor
 import org.apache.camel.support.DefaultConsumer
 import org.slf4j.LoggerFactory
 import java.util.concurrent.CompletableFuture
 
 /**
- * The IDSCP2 server consumer.
+ * The IDSCP2 client consumer.
  */
 class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor: Processor) :
-        DefaultConsumer(endpoint, processor), GenericMessageListener {
+        DefaultConsumer(endpoint, processor), GenericMessageListener, IdsMessageListener {
     private lateinit var connectionFuture: CompletableFuture<AppLayerConnection>
 
     override fun doStart() {
         super.doStart()
         connectionFuture = endpoint.makeConnection()
         connectionFuture.thenAccept {
-            it.addGenericMessageListener(this)
+            if (endpoint.useIdsMessages) {
+                it.addIdsMessageListener(this)
+            } else {
+                it.addGenericMessageListener(this)
+            }
             // Handle connection errors and closing
             it.addConnectionListener(object : Idscp2ConnectionListener {
                 override fun onError(t: Throwable) {
@@ -56,11 +63,23 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
         endpoint.releaseConnection(connectionFuture)
     }
 
+    override fun onMessage(connection: AppLayerConnection, header: Message?, payload: ByteArray?) {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Idscp2ClientConsumer received IdsMessage with header:\n{}", header)
+        }
+        onMessage(connection, header as Any, payload)
+    }
+
     override fun onMessage(connection: AppLayerConnection, header: String?, payload: ByteArray?) {
         if (LOG.isTraceEnabled) {
             LOG.trace("Idscp2ClientConsumer received GenericMessage with header:\n{}", header)
         }
+        onMessage(connection, header as Any, payload)
+    }
+
+    private fun onMessage(connection: AppLayerConnection, header: Any?, payload: ByteArray?) {
         val exchange = endpoint.createExchange()
+        UsageControlMaps.setExchangeConnection(exchange, connection)
         try {
             createUoW(exchange)
             // Set relevant information
@@ -72,9 +91,14 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
             processor.process(exchange)
             // Handle response
             exchange.message.let {
-                val responseHeader = it.getHeader(IDSCP2_HEADER, String::class.java)
-                if (it.body != null || responseHeader != null) {
-                    connection.sendGenericMessage(responseHeader, it.getBody(ByteArray::class.java))
+                val responseHeader = it.getHeader(IDSCP2_HEADER)
+                val responseBody = it.getBody(ByteArray::class.java)
+                if (responseBody != null || responseHeader != null) {
+                    if (endpoint.useIdsMessages) {
+                        connection.sendIdsMessage(responseHeader?.let { responseHeader as Message }, responseBody)
+                    } else {
+                        connection.sendGenericMessage(responseHeader?.toString(), responseBody)
+                    }
                 }
             }
         } finally {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 5b55b5805..7ba5c0acd 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -16,8 +16,9 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.client
 
-import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
 import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
+import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
+import de.fhg.aisec.ids.camel.idscp2.Utils
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriverConfig
@@ -70,9 +71,25 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
                     "e.g. for using a consumer to receive responses to the requests of another producer"
     )
     var connectionShareId: String? = null
+    @UriParam(
+            label = "client,producer",
+            description = "Makes the client producer block and wait for a reply message from the server"
+    )
+    var awaitResponse: Boolean = false
+    @UriParam(
+            label = "common",
+            description = "Enable IdsMessage headers (Required for Usage Control)",
+            defaultValue = "false"
+    )
+    var useIdsMessages: Boolean = false
 
     private fun makeConnectionInternal(): CompletableFuture<AppLayerConnection> {
-        return secureChannelDriver.connect(::AppLayerConnection, clientSettings, dapsDriver)
+        return secureChannelDriver.connect(::AppLayerConnection, clientSettings, dapsDriver).thenApply { c ->
+            c.addIdsMessageListener { connection, header, _ ->
+                header?.let { UsageControlMaps.setConnectionContract(connection, it.transferContract) }
+            }
+            c
+        }
     }
 
     fun makeConnection(): CompletableFuture<AppLayerConnection> {
@@ -123,7 +140,7 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         secureChannelDriver = NativeTLSDriver()
         clientSettings = clientSettingsBuilder.build()
         dapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
-                .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
+                .setDapsUrl(Utils.dapsUrlProducer())
                 .setKeyAlias(clientSettings.dapsKeyAlias)
                 .setKeyPassword(clientSettings.keyPassword)
                 .setKeyStorePath(clientSettings.keyStorePath)
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
index 3132edbdd..5aa393bf7 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -18,30 +18,67 @@ package de.fhg.aisec.ids.camel.idscp2.client
 
 import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
+import de.fraunhofer.iais.eis.Message
 import org.apache.camel.Exchange
 import org.apache.camel.support.DefaultProducer
 import org.slf4j.LoggerFactory
 import java.util.concurrent.CompletableFuture
+import java.util.concurrent.locks.ReentrantLock
+import kotlin.concurrent.withLock
 
 /**
- * The IDSCP2 server producer.
- * Sends each message to all clients connected to this server endpoint.
+ * The IDSCP2 client producer.
+ * Sends a message to the server connected to this client endpoint.
  */
 class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : DefaultProducer(endpoint) {
     private lateinit var connectionFuture: CompletableFuture<AppLayerConnection>
+    private lateinit var reentrantLock: ReentrantLock
 
     override fun process(exchange: Exchange) {
-        exchange.message.let {
-            val type = it.getHeader(IDSCP2_HEADER, String::class.java)
-            val body = it.getBody(ByteArray::class.java)
-            if (type != null || body != null) {
-                connectionFuture.get().sendGenericMessage(type, body)
+        exchange.message.let { message ->
+            val header = message.getHeader(IDSCP2_HEADER)
+            val body = message.getBody(ByteArray::class.java)
+            if (header != null || body != null) {
+                val connection = connectionFuture.get()
+                if (endpoint.awaitResponse) {
+                    val condition = reentrantLock.newCondition()
+                    val responseHandler = { responseHeader: Any?, responsePayload: ByteArray? ->
+                        message.setHeader(IDSCP2_HEADER, responseHeader)
+                        message.body = responsePayload
+                        reentrantLock.withLock {
+                            condition.signal()
+                        }
+                    }
+                    reentrantLock.withLock {
+                        if (endpoint.useIdsMessages) {
+                            connection.addIdsMessageListener { _, responseHeader, responsePayload ->
+                                responseHandler(responseHeader, responsePayload)
+                            }
+                            connection.sendIdsMessage(header?.let { header as Message }, body)
+                        } else {
+                            connection.addGenericMessageListener { _, responseHeader, responsePayload ->
+                                responseHandler(responseHeader, responsePayload)
+                            }
+                            connection.sendGenericMessage(header?.toString(), body)
+                        }
+                        condition.await()
+                    }
+                } else {
+                    if (endpoint.useIdsMessages) {
+                        connection.sendIdsMessage(header?.let { header as Message }, body)
+                    } else {
+                        connection.sendGenericMessage(header?.toString(), body)
+                    }
+                }
             }
         }
     }
 
     override fun doStart() {
         super.doStart()
+        if (endpoint.awaitResponse) {
+            reentrantLock = ReentrantLock()
+        }
         connectionFuture = endpoint.makeConnection()
         // Unlock messaging immediately after obtaining connection
         connectionFuture.thenAccept { it.unlockMessaging() }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
index d64dfa1bb..7d8afc4dd 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
@@ -1,8 +1,9 @@
 package de.fhg.aisec.ids.camel.idscp2.processors
 
+import de.fhg.aisec.ids.camel.idscp2.Constants.ARTIFACT_URI_PROPERTY
 import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
-import de.fhg.aisec.ids.camel.idscp2.processors.Utils.SERIALIZER
+import de.fhg.aisec.ids.camel.idscp2.Utils
+import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
 import de.fraunhofer.iais.eis.ArtifactRequestMessageBuilder
 import org.apache.camel.Exchange
 import org.apache.camel.Processor
@@ -12,25 +13,32 @@ import java.net.URI
 class ArtifactRequestCreationProcessor : Processor {
 
     override fun process(exchange: Exchange) {
-        val requestMessageBuilder = ArtifactRequestMessageBuilder()
-        Idscp2OsgiComponent.infoModelManager.initMessageBuilder(requestMessageBuilder)
-        val artifactUriProperty = exchange.getProperty(ARTIFACT_URI_PROPERTY)
-        val artifactUri = if (artifactUriProperty is URI) {
-            artifactUriProperty
-        } else {
-            URI.create(artifactUriProperty.toString())
-        }
-        requestMessageBuilder._requestedArtifact_(artifactUri)
-        val requestMessageSerialization = SERIALIZER.serialize(requestMessageBuilder.build())
         if (LOG.isDebugEnabled) {
-            LOG.debug("ArtifactRequestMessage serialization: {}", requestMessageSerialization)
+            LOG.debug("[IN] ${this::class.java.simpleName}")
+        }
+        val requestMessage = ArtifactRequestMessageBuilder().run {
+            Utils.initMessageBuilder(this)
+            exchange.getProperty(ARTIFACT_URI_PROPERTY)?.let {
+                if (it is URI) {
+                    it
+                } else {
+                    URI.create(it.toString())
+                }
+            }?.let {
+                _requestedArtifact_(it)
+            }
+            build()
+        }
+
+        requestMessage.let {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Serialisation header: {}", SERIALIZER.serialize(it))
+            }
+            exchange.message.setHeader(IDSCP2_HEADER, it)
         }
-        exchange.message.setHeader(IDSCP2_HEADER, requestMessageSerialization)
     }
 
     companion object {
-        const val ARTIFACT_URI_PROPERTY = "artifactUri"
-
         private val LOG = LoggerFactory.getLogger(ArtifactRequestCreationProcessor::class.java)
     }
 
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestProcessor.kt
new file mode 100644
index 000000000..3f021cce7
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestProcessor.kt
@@ -0,0 +1,93 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.ProviderDB
+import de.fhg.aisec.ids.camel.idscp2.Utils
+import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.*
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+import java.math.BigDecimal
+import java.math.BigInteger
+
+
+class ArtifactRequestProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("[IN] ${this::class.java.simpleName}")
+        }
+
+        val artifactRequestMessage = exchange.message.getHeader(
+                IDSCP2_HEADER, ArtifactRequestMessage::class.java)
+        val requestedArtifact = artifactRequestMessage.requestedArtifact
+//        val transferContract = artifactRequestMessage.transferContract
+
+        // TODO: If transferContract doesn't match expected contract from database, send rejection!
+        val usedContract = ProviderDB.artifactUrisMapped2ContractAgreements[requestedArtifact]
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Contract for requested Artifact found {}", usedContract)
+        }
+
+        // if artifact is available/authorised create response else create rejection message
+        if (!ProviderDB.availableArtifactURIs.containsKey(requestedArtifact)) {
+            createRejectionMessage(exchange, artifactRequestMessage, RejectionReason.NOT_FOUND)
+        } else if (!ProviderDB.contractAgreements.containsKey(usedContract)) {
+            createRejectionMessage(exchange, artifactRequestMessage, RejectionReason.NOT_AUTHORIZED)
+        } else {
+            // Proceed normally and send ArtifactResponseMessage
+            ArtifactResponseMessageBuilder().run {
+                Utils.initMessageBuilder(this)
+                _correlationMessage_(artifactRequestMessage.id)
+                _transferContract_(usedContract)
+                build().let {
+                    if (LOG.isDebugEnabled) {
+                        LOG.debug("Serialisation header: {}", SERIALIZER.serialize(it))
+                    }
+                    exchange.message.setHeader(IDSCP2_HEADER, it)
+                }
+            }
+
+            // create sample artifact
+            val artifactDate = Utils.createGregorianCalendarTimestamp(System.currentTimeMillis())
+            val artifact = ArtifactBuilder()
+                    ._byteSize_(BigInteger.valueOf(50000))
+                    ._checkSum_("ABCDEFG-CHECKSUM")
+                    ._creationDate_(artifactDate)
+                    ._duration_(BigDecimal(5000))
+                    ._fileName_("testArtifactFilename.dat")
+                    .build()
+
+            SERIALIZER.serialize(artifact).let {
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Serialisation body: {}", it)
+                }
+                exchange.message.body = it
+            }
+        }
+    }
+
+    private fun createRejectionMessage(exchange: Exchange, artifactRequestMessage: ArtifactRequestMessage,
+                                       rejectionReason: RejectionReason) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Constructing RejectionMessage for requested artifact: {}", rejectionReason)
+        }
+        val rejectionMessageBuilder = RejectionMessageBuilder()
+        Utils.initMessageBuilder(rejectionMessageBuilder)
+        rejectionMessageBuilder
+                ._correlationMessage_(artifactRequestMessage.correlationMessage)
+                ._rejectionReason_(rejectionReason)
+        rejectionMessageBuilder.build().let {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Serialisation header: {}", SERIALIZER.serialize(it))
+            }
+            exchange.message.setHeader(IDSCP2_HEADER, it)
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(ArtifactRequestProcessor::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactResponseProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactResponseProcessor.kt
new file mode 100644
index 000000000..6b1fcd8b6
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactResponseProcessor.kt
@@ -0,0 +1,34 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants
+import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.ArtifactResponseMessage
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+
+class ArtifactResponseProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("[IN] ${this::class.java.simpleName}")
+        }
+
+        val artifactResponseMessage = exchange.message.getHeader(
+                Constants.IDSCP2_HEADER, ArtifactResponseMessage::class.java)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Received serialization header: {}", SERIALIZER.serialize(artifactResponseMessage))
+        }
+
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Received serialization body: {}", exchange.message.body)
+        }
+
+        // add behavior here depending on existing artifact or not
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(ArtifactResponseProcessor::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractAgreementReceiverProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractAgreementReceiverProcessor.kt
new file mode 100644
index 000000000..968d9d50f
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractAgreementReceiverProcessor.kt
@@ -0,0 +1,49 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.ProviderDB
+import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
+import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.ContractAgreement
+import de.fraunhofer.iais.eis.ContractAgreementMessage
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+
+class ContractAgreementReceiverProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("[IN] ${this::class.java.simpleName}")
+        }
+
+        val contractAgreementMessage = exchange.message.getHeader(
+                IDSCP2_HEADER, ContractAgreementMessage::class.java)
+
+        val contractAgreement = SERIALIZER.deserialize(
+                exchange.message.getBody(String::class.java),
+                ContractAgreement::class.java)
+
+        UsageControlMaps.addContractAgreement(contractAgreement)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Provider is saving contract ${contractAgreement.id}")
+        }
+
+        ProviderDB.contractAgreements[contractAgreement.id] = contractAgreement
+        for (permission in contractAgreement.permission) {
+            ProviderDB.artifactUrisMapped2ContractAgreements[permission.target] = contractAgreement.id
+        }
+
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Saved Agreement {}", contractAgreement.id)
+        }
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Received ContractAgreementMessage {}", SERIALIZER.serialize(contractAgreementMessage))
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(ContractAgreementReceiverProcessor::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt
index 79d9f15f7..5b767dc1e 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt
@@ -1,9 +1,13 @@
 package de.fhg.aisec.ids.camel.idscp2.processors
 
+import de.fhg.aisec.ids.camel.idscp2.Constants.ARTIFACT_URI_PROPERTY
 import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
-import de.fhg.aisec.ids.camel.idscp2.processors.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.*
+import de.fhg.aisec.ids.camel.idscp2.Utils
+import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.ContractRequestBuilder
+import de.fraunhofer.iais.eis.ContractRequestMessageBuilder
+import de.fraunhofer.iais.eis.Permission
+import de.fraunhofer.iais.eis.PermissionBuilder
 import org.apache.camel.Exchange
 import org.apache.camel.Processor
 import org.slf4j.LoggerFactory
@@ -12,40 +16,45 @@ import java.net.URI
 class ContractRequestCreationProcessor : Processor {
 
     override fun process(exchange: Exchange) {
-        val requestMessageBuilder = ContractRequestBuilder()
-        Idscp2OsgiComponent.infoModelManager.initMessageBuilder(requestMessageBuilder)
-        val artifactUri = exchange.getProperty(ARTIFACT_URI_PROPERTY).let {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("[IN] ${this::class.java.simpleName}")
+        }
+
+        val requestMessageBuilder = ContractRequestMessageBuilder()
+        Utils.initMessageBuilder(requestMessageBuilder)
+        requestMessageBuilder.build().let {
+            if (LOG.isDebugEnabled) LOG.debug("Serialization header: {}",SERIALIZER.serialize(it))
+            exchange.message.setHeader(IDSCP2_HEADER, it)
+        }
+
+        val artifactUri = exchange.getProperty(ARTIFACT_URI_PROPERTY)?.let {
             if (it is URI) {
                 it
             } else {
                 URI.create(it.toString())
             }
         }
-        val requestMessageSerialization = SERIALIZER.serialize(requestMessageBuilder.build())
-        if (LOG.isDebugEnabled) {
-            LOG.debug("ContractRequestMessage serialization: {}", requestMessageSerialization)
-        }
-        exchange.message.setHeader(IDSCP2_HEADER, requestMessageSerialization)
-        val contractOffer = ContractOfferBuilder()
+        // setting creation/start date of contract to now
+        val contractDate = Utils.createGregorianCalendarTimestamp(System.currentTimeMillis())
+        val contractRequest = ContractRequestBuilder()
+                ._contractDate_(contractDate)
+                ._contractStart_(contractDate)
+                // Contract end one year in the future
+                ._contractEnd_(contractDate?.apply { year += 1 })
+                // Request permission for (unrestricted?) usage of an artifact, identified by URI
                 ._permission_(ArrayList<Permission>().also { pl ->
                     pl += PermissionBuilder()
                             ._target_(artifactUri)
-                            ._constraint_(ArrayList<Constraint>().also { cl ->
-                                cl += ConstraintBuilder()
-                                        ._leftOperand_(LeftOperand.SYSTEM)
-                                        ._operator_(BinaryOperator.SAME_AS)
-                                        ._rightOperandReference_(URI.create(""))
-                                        .build()
-                            })
                             .build()
                 })
                 .build()
-        exchange.message.body = SERIALIZER.serialize(contractOffer)
+        SERIALIZER.serialize(contractRequest).let {
+            if (LOG.isDebugEnabled) LOG.debug("Serialization body: {}", it)
+            exchange.message.body = it
+        }
     }
 
     companion object {
-        const val ARTIFACT_URI_PROPERTY = "artifactUri"
-
         private val LOG = LoggerFactory.getLogger(ContractRequestCreationProcessor::class.java)
     }
 
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestProcessor.kt
new file mode 100644
index 000000000..a28f0ca7b
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestProcessor.kt
@@ -0,0 +1,77 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants.CONTAINER_URI_PROPERTY
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.Utils
+import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.*
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+import java.net.URI
+
+/**
+ * This Processor handles a ContractRequestMessage and creates a ContractResponseMessage.
+ */
+class ContractRequestProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("[IN] ${this::class.java.simpleName}")
+        }
+
+        val contractRequest = SERIALIZER.deserialize(
+                exchange.message.getBody(String::class.java),
+                ContractRequest::class.java)
+        val requestedArtifact = contractRequest.permission[0].target
+
+        val contractRequestMessage = exchange.message.getHeader(
+                IDSCP2_HEADER, ContractRequestMessage::class.java)
+
+        val contractResponseMessageBuilder = ContractResponseMessageBuilder()
+        Utils.initMessageBuilder(contractResponseMessageBuilder)
+        contractResponseMessageBuilder._correlationMessage_(contractRequestMessage.id)
+        contractResponseMessageBuilder.build().let {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Serialization header: {}",SERIALIZER.serialize(it))
+            }
+            exchange.message.setHeader(IDSCP2_HEADER, it)
+        }
+
+        // create ContractOffer, allowing use of received data in the given container only
+        val containerUri = exchange.getProperty(CONTAINER_URI_PROPERTY).let {
+            if (it is URI) {
+                it
+            } else {
+                URI.create(it.toString())
+            }
+        }
+        val contractOffer = ContractOfferBuilder()
+                ._permission_(ArrayList<Permission>().also { pl ->
+                    pl += PermissionBuilder()
+                            ._target_(requestedArtifact)
+                            ._constraint_(ArrayList<Constraint>().also { cl ->
+                                cl += ConstraintBuilder()
+                                        ._leftOperand_(LeftOperand.SYSTEM)
+                                        ._operator_(BinaryOperator.SAME_AS)
+                                        ._rightOperandReference_(containerUri)
+                                        .build()
+                            })
+                            .build()
+                })
+                .build()
+
+        SERIALIZER.serialize(contractOffer).let {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("ContractOffer ID: {}", contractOffer.id)
+                LOG.debug("Serialisation body: {}", it)
+            }
+            exchange.message.body = it
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(ContractRequestProcessor::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseCreationProcessor.kt
deleted file mode 100644
index d56231221..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseCreationProcessor.kt
+++ /dev/null
@@ -1,53 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
-import de.fhg.aisec.ids.camel.idscp2.processors.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.*
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-import java.net.URI
-
-class ContractResponseCreationProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        val responseMessageBuilder = ContractResponseMessageBuilder()
-        Idscp2OsgiComponent.infoModelManager.initMessageBuilder(responseMessageBuilder)
-        val requestMessageSerialization = SERIALIZER.serialize(responseMessageBuilder.build())
-        if (LOG.isDebugEnabled) {
-            LOG.debug("ContractRequestMessage serialization: {}", requestMessageSerialization)
-        }
-        exchange.message.setHeader(IDSCP2_HEADER, requestMessageSerialization)
-        // TODO: This property must be obtained from the ContractRequestMessage
-        val artifactUri = exchange.getProperty(ARTIFACT_URI_PROPERTY).let {
-            if (it is URI) {
-                it
-            } else {
-                URI.create(it.toString())
-            }
-        }
-        val contractOffer = ContractOfferBuilder()
-                ._permission_(ArrayList<Permission>().also { pl ->
-                    pl += PermissionBuilder()
-                            ._target_(artifactUri)
-                            ._constraint_(ArrayList<Constraint>().also { cl ->
-                                cl += ConstraintBuilder()
-                                        ._leftOperand_(LeftOperand.SYSTEM)
-                                        ._operator_(BinaryOperator.SAME_AS)
-                                        ._rightOperandReference_(URI.create(""))
-                                        .build()
-                            })
-                            .build()
-                })
-                .build()
-        exchange.message.body = SERIALIZER.serialize(contractOffer)
-    }
-
-    companion object {
-        const val ARTIFACT_URI_PROPERTY = "artifactUri"
-
-        private val LOG = LoggerFactory.getLogger(ContractResponseCreationProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt
new file mode 100644
index 000000000..c83b164e1
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt
@@ -0,0 +1,93 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
+import de.fhg.aisec.ids.camel.idscp2.Utils
+import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.*
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+
+/**
+ * This Processor handles a ContractResponseMessage and creates a ContractAgreementMessage.
+ */
+class ContractResponseProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("[IN] ${this::class.java.simpleName}")
+        }
+
+        val contractResponseMessage = exchange.message.getHeader(
+                IDSCP2_HEADER, ContractResponseMessage::class.java)
+
+        val contractOfferReceived = SERIALIZER.deserialize(
+                exchange.message.getBody(String::class.java),
+                ContractOffer::class.java)
+
+        // if contract is denied send ContractRejectionMsg else send ContractAgreementMsg
+        val contractOfferIsAccepted = true
+        if(!contractOfferIsAccepted){
+            createContractRejectionMessage(exchange, contractResponseMessage)
+        } else {
+            ContractAgreementMessageBuilder().run {
+                Utils.initMessageBuilder(this)
+                _correlationMessage_(contractResponseMessage.id)
+                build().let {
+                    if (LOG.isDebugEnabled) {
+                        LOG.debug("Serialization Header: {}", SERIALIZER.serialize(it))
+                    }
+                    exchange.message.setHeader(IDSCP2_HEADER, it)
+                }
+            }
+
+            val contractAgreement = ContractAgreementBuilder()
+                    ._consumer_(contractOfferReceived.consumer)
+                    ._provider_(contractOfferReceived.provider)
+                    ._contractAnnex_(contractOfferReceived.contractAnnex)
+                    ._contractDate_(contractOfferReceived.contractDate)
+                    ._contractDocument_(contractOfferReceived.contractDocument)
+                    ._contractEnd_(contractOfferReceived.contractEnd)
+                    ._contractStart_(contractOfferReceived.contractStart)
+                    ._obligation_(contractOfferReceived.obligation)
+                    ._prohibition_(contractOfferReceived.prohibition)
+                    ._permission_(contractOfferReceived.permission)
+                    .build()
+
+            UsageControlMaps.addContractAgreement(contractAgreement)
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Consumer saved contract ${contractAgreement.id}")
+            }
+
+            SERIALIZER.serialize(contractAgreement).let {
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("ContractAgreement ID: {}", contractAgreement.id)
+                    LOG.debug("Serialization body: {}", it)
+                }
+                exchange.message.body = it
+            }
+        }
+    }
+
+    private fun createContractRejectionMessage(exchange:Exchange, contractResponseMessage:ContractResponseMessage) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Constructing ContractRejectionMessage")
+        }
+        ContractRejectionMessageBuilder().run {
+            Utils.initMessageBuilder(this)
+            _correlationMessage_(contractResponseMessage.id)
+            build().let {
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Serialization Header: {}", SERIALIZER.serialize(it))
+                }
+                exchange.message.setHeader(IDSCP2_HEADER, it)
+            }
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(ContractResponseProcessor::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsHeaderMessageProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsHeaderMessageProcessor.kt
deleted file mode 100644
index 132630cd0..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsHeaderMessageProcessor.kt
+++ /dev/null
@@ -1,30 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDS_TYPE
-import de.fhg.aisec.ids.camel.idscp2.processors.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.ArtifactRequestMessage
-import de.fraunhofer.iais.eis.Message
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-
-class IdsHeaderMessageProcessor : Processor {
-    override fun process(exchange: Exchange) {
-        val header = exchange.message.getHeader(IDSCP2_HEADER).toString()
-        val headerMessage = SERIALIZER.deserialize(header, Message::class.java)
-        exchange.setProperty(IDSCP2_HEADER, headerMessage)
-        val messageType = when (headerMessage) {
-            is ArtifactRequestMessage -> ArtifactRequestMessage::class.simpleName
-            else -> headerMessage::class.simpleName
-        }
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Detected ids-type: {}", messageType)
-        }
-        exchange.setProperty(IDS_TYPE, messageType)
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ArtifactRequestCreationProcessor::class.java)
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt
new file mode 100644
index 000000000..b7aaa08bf
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt
@@ -0,0 +1,40 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDS_TYPE
+import de.fraunhofer.iais.eis.*
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+
+class IdsMessageTypeExtractionProcessor : Processor {
+    override fun process(exchange: Exchange) {
+        processHeader(exchange)
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(IdsMessageTypeExtractionProcessor::class.java)
+
+        fun processHeader(exchange: Exchange) {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("[IN] ${IdsMessageTypeExtractionProcessor::class.java.simpleName}")
+            }
+            exchange.message.getHeader(IDSCP2_HEADER, Message::class.java)?.let { header ->
+                val messageType = when (header) {
+                    is ArtifactRequestMessage -> ArtifactRequestMessage::class.simpleName
+                    is ArtifactResponseMessage -> ArtifactResponseMessage::class.simpleName
+                    is ContractRequestMessage -> ContractRequestMessage::class.simpleName
+                    is ContractResponseMessage -> ContractResponseMessage::class.simpleName
+                    is ContractAgreementMessage -> ContractAgreementMessage::class.simpleName
+                    is ContractRejectionMessage -> ContractRejectionMessage::class.simpleName
+                    is RejectionMessage -> RejectionMessage::class.simpleName
+                    else -> header::class.simpleName
+                }
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Detected ids-type: {}", messageType)
+                }
+                exchange.setProperty(IDS_TYPE, messageType)
+            }
+        }
+    }
+}
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index 174f252ce..bd2a12872 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -16,7 +16,8 @@
  */
 package de.fhg.aisec.ids.camel.idscp2.server
 
-import de.fhg.aisec.ids.camel.idscp2.Idscp2OsgiComponent
+import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
+import de.fhg.aisec.ids.camel.idscp2.Utils
 import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.drivers.default_driver_impl.daps.DefaultDapsDriver
@@ -33,7 +34,7 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
 
     init {
         val dapsDriverConfig = DefaultDapsDriverConfig.Builder()
-                .setDapsUrl(Idscp2OsgiComponent.settings.connectorConfig.dapsUrl)
+                .setDapsUrl(Utils.dapsUrlProducer())
                 .setKeyAlias(serverSettings.dapsKeyAlias)
                 .setKeyPassword(serverSettings.keyPassword)
                 .setKeyStorePath(serverSettings.keyStorePath)
@@ -52,6 +53,11 @@ class CamelIdscp2Server(serverSettings: Idscp2Settings) : Idscp2EndpointListener
     }
 
     override fun onConnection(connection: AppLayerConnection) {
+        connection.addIdsMessageListener { c, header, _ ->
+            header?.let {
+                UsageControlMaps.setConnectionContract(c, it.transferContract)
+            }
+        }
         listeners.forEach { it.onConnection(connection) }
     }
 
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
index 42028d08a..a57b1a4fc 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
@@ -17,8 +17,11 @@
 package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
+import de.fhg.aisec.ids.idscp2.app_layer.listeners.IdsMessageListener
+import de.fraunhofer.iais.eis.Message
 import org.apache.camel.Processor
 import org.apache.camel.support.DefaultConsumer
 import org.slf4j.LoggerFactory
@@ -27,7 +30,7 @@ import org.slf4j.LoggerFactory
  * The IDSCP2 server consumer.
  */
 class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor: Processor) :
-        DefaultConsumer(endpoint, processor), GenericMessageListener {
+        DefaultConsumer(endpoint, processor), GenericMessageListener, IdsMessageListener {
     override fun doStart() {
         super.doStart()
         endpoint.addConsumer(this)
@@ -38,11 +41,23 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
         super.doStop()
     }
 
+    override fun onMessage(connection: AppLayerConnection, header: Message?, payload: ByteArray?) {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Idscp2ServerConsumer received IdsMessage with header:\n{}", header)
+        }
+        onMessage(connection, header as Any, payload)
+    }
+
     override fun onMessage(connection: AppLayerConnection, header: String?, payload: ByteArray?) {
         if (LOG.isTraceEnabled) {
             LOG.trace("Idscp2ServerConsumer received GenericMessage with header:\n{}", header)
         }
+        onMessage(connection, header as Any, payload)
+    }
+
+    private fun onMessage(connection: AppLayerConnection, header: Any?, payload: ByteArray?) {
         val exchange = endpoint.createExchange()
+        UsageControlMaps.setExchangeConnection(exchange, connection)
         try {
             createUoW(exchange)
             // Set relevant information
@@ -54,9 +69,14 @@ class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor
             processor.process(exchange)
             // Handle response
             exchange.message.let {
-                val responseHeader = it.getHeader(IDSCP2_HEADER, String::class.java)
-                if (it.body != null || responseHeader != null) {
-                    connection.sendGenericMessage(responseHeader, it.getBody(ByteArray::class.java))
+                val responseHeader = it.getHeader(IDSCP2_HEADER)
+                val responseBody = it.getBody(ByteArray::class.java)
+                if (responseBody != null || responseHeader != null) {
+                    if (endpoint.useIdsMessages) {
+                        connection.sendIdsMessage(responseHeader?.let { responseHeader as Message }, responseBody)
+                    } else {
+                        connection.sendGenericMessage(responseHeader?.toString(), responseBody)
+                    }
                 }
             }
         } catch (e: Exception) {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index b8bb14d48..dddbe9b2a 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -20,6 +20,7 @@ import de.fhg.aisec.ids.idscp2.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionListener
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
+import de.fraunhofer.iais.eis.Message
 import org.apache.camel.Processor
 import org.apache.camel.Producer
 import org.apache.camel.spi.UriEndpoint
@@ -60,22 +61,44 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
             defaultValue = "600"
     )
     var dapsRatTimeoutDelay: Long = Idscp2Settings.DEFAULT_RAT_TIMEOUT_DELAY.toLong()
+    @UriParam(
+            label = "common",
+            description = "Enable IdsMessage headers (Required for Usage Control)",
+            defaultValue = "false"
+    )
+    var useIdsMessages: Boolean = false
 
     @Synchronized
     fun addConsumer(consumer: Idscp2ServerConsumer) {
         consumers.add(consumer)
-        server?.let { server -> server.allConnections.forEach { it.addGenericMessageListener(consumer) } }
+        if (useIdsMessages) {
+            server?.allConnections?.forEach { it.addIdsMessageListener(consumer) }
+        } else {
+            server?.allConnections?.forEach { it.addGenericMessageListener(consumer) }
+        }
     }
 
     @Synchronized
     fun removeConsumer(consumer: Idscp2ServerConsumer) {
-        server?.let { server -> server.allConnections.forEach { it.removeGenericMessageListener(consumer) } }
+        if (useIdsMessages) {
+            server?.allConnections?.forEach { it.removeIdsMessageListener(consumer) }
+        } else {
+            server?.allConnections?.forEach { it.removeGenericMessageListener(consumer) }
+        }
         consumers.remove(consumer)
     }
 
     @Synchronized
-    fun sendMessage(type: String?, body: ByteArray?) {
-        server?.let { server -> server.allConnections.forEach { it.sendGenericMessage(type, body) } }
+    fun sendMessage(header: Any?, body: ByteArray?) {
+        server?.let { server ->
+            server.allConnections.forEach {
+                if (useIdsMessages) {
+                    it.sendIdsMessage(header?.let { header as Message }, body)
+                } else {
+                    it.sendGenericMessage(header?.toString(), body)
+                }
+            }
+        }
     }
 
     @Synchronized
@@ -90,15 +113,25 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
 
     @Synchronized
     override fun onConnection(connection: AppLayerConnection) {
-        LOG.debug("New IDSCP2 connection on $endpointUri, register consumer listeners")
-        consumers.forEach { connection.addGenericMessageListener(it) }
+        if (LOG.isDebugEnabled) {
+            LOG.debug("New IDSCP2 connection on $endpointUri, register consumer listeners")
+        }
+        if (useIdsMessages) {
+            consumers.forEach { connection.addIdsMessageListener(it) }
+        } else {
+            consumers.forEach { connection.addGenericMessageListener(it) }
+        }
         // Handle connection errors and closing
         connection.addConnectionListener(object : Idscp2ConnectionListener {
             override fun onError(t: Throwable) {
                 LOG.error("Error in Idscp2ServerEndpoint-managed connection", t)
             }
             override fun onClose() {
-                consumers.forEach { connection.removeGenericMessageListener(it) }
+                if (useIdsMessages) {
+                    consumers.forEach { connection.removeIdsMessageListener(it) }
+                } else {
+                    consumers.forEach { connection.removeGenericMessageListener(it) }
+                }
             }
         })
     }
@@ -109,7 +142,9 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
 
     @Synchronized
     public override fun doStart() {
-        LOG.debug("Starting IDSCP2 server endpoint $endpointUri")
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Starting IDSCP2 server endpoint $endpointUri")
+        }
         val remainingMatcher = URI_REGEX.matcher(remaining)
         require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
         val matchResult = remainingMatcher.toMatchResult()
@@ -143,10 +178,14 @@ class Idscp2ServerEndpoint(uri: String?, private val remaining: String, componen
 
     @Synchronized
     public override fun doStop() {
-        LOG.debug("Stopping IDSCP2 server endpoint $endpointUri")
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Stopping IDSCP2 server endpoint $endpointUri")
+        }
         // Remove this endpoint from the server's Idscp2EndpointListener set
         server?.let { it.listeners -= this }
-        (component as Idscp2ServerComponent).freeServer(serverSettings)
+        if (this::serverSettings.isInitialized) {
+            (component as Idscp2ServerComponent).freeServer(serverSettings)
+        }
     }
 
     companion object {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
index f04de4fca..ecef9d884 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
@@ -28,12 +28,11 @@ class Idscp2ServerProducer(private val endpoint: Idscp2ServerEndpoint) : Default
 
     override fun process(exchange: Exchange) {
         exchange.message.let {
-            val type = it.getHeader(IDSCP2_HEADER, String::class.java)
+            val type = it.getHeader(IDSCP2_HEADER)
             val body = it.getBody(ByteArray::class.java)
             if (type != null || body != null) {
                 endpoint.sendMessage(type, body)
             }
         }
     }
-
 }
\ No newline at end of file
diff --git a/camel-multipart-processor/build.gradle.kts b/camel-multipart-processor/build.gradle.kts
index f7129e575..3229a078d 100644
--- a/camel-multipart-processor/build.gradle.kts
+++ b/camel-multipart-processor/build.gradle.kts
@@ -3,9 +3,6 @@ dependencies {
             rootProject.ext.get("libraryVersions") as Map<String, String>
 
     providedByBundle(project(":ids-api")) { isTransitive = false }
-    
-    // Bill of Materials (BOM) for Camel
-    bom("org.apache.camel", "camel-parent", libraryVersions["camel"])
 
     providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
 	providedByFeature("org.apache.camel", "camel-http4", libraryVersions["camelHttp4"])
diff --git a/examples/example-idscp2/example-idscp2-client.xml b/examples/example-idscp2/example-idscp2-client.xml
index 46217f9da..e005090a5 100644
--- a/examples/example-idscp2/example-idscp2-client.xml
+++ b/examples/example-idscp2/example-idscp2-client.xml
@@ -16,7 +16,7 @@
 
     <camelContext xmlns="http://camel.apache.org/schema/blueprint">
 
-        <route id="idscp2SenderClient">
+        <route id="idscp2Client">
             <from uri="timer://tenSecondsTimer?fixedRate=true&amp;period=10000"/>
             <setBody>
                 <simple>PING</simple>
@@ -25,11 +25,7 @@
                 <simple>ping</simple>
             </setHeader>
             <log message="Client sends: ${body} (Header: ${headers[idscp2-header]})"/>
-            <to uri="idscp2client://consumer-core:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#clientSslContext"/>
-        </route>
-
-        <route id="idscp2ReceiverClient">
-            <from uri="idscp2client://consumer-core:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#clientSslContext"/>
+            <to uri="idscp2client://consumer-core:29292?awaitResponse=true&amp;sslContextParameters=#clientSslContext"/>
             <log message="Client received: ${body} (Header: ${headers[idscp2-header]})"/>
             <!-- Prevents the client consumer from sending the message back to the server -->
             <removeHeader headerName="idscp2-header"/>
diff --git a/examples/route-examples/demo-route.md b/examples/route-examples/demo-route.md
new file mode 100644
index 000000000..99322c5fe
--- /dev/null
+++ b/examples/route-examples/demo-route.md
@@ -0,0 +1,7 @@
+The UC demo requires a running connector that matches the UC config given in the XML route. The `jmalloc/echo-server` may be exchanged with something more appropriate if desired.
+
+The following steps are required:
+
+- First, start UC demo container via `docker run -d -p 8080:8080 --name test jmalloc/echo-server`.
+- The IP address in `<to>`-statement must be adapted for the new container. Display current IP address via `docker inspect --format='{{.NetworkSettings.IPAddress}}' test`.
+- If the UC demo fails, check whether the repo digest needs to be adapted in XML (last part of DockerHub URI). Show recent digest with `docker inspect --format='{{.RepoDigests}}' jmalloc/echo-server`
\ No newline at end of file
diff --git a/examples/route-examples/demo-route.xml b/examples/route-examples/demo-route.xml
index 88f61636b..8f9936732 100644
--- a/examples/route-examples/demo-route.xml
+++ b/examples/route-examples/demo-route.xml
@@ -14,41 +14,161 @@
 		</camel:trustManagers>
 	</camel:sslContextParameters>
 
-	<bean id="reqCreator" class="de.fhg.aisec.ids.camel.idscp2.processors.ArtifactRequestCreationProcessor" />
-	<bean id="headerProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.IdsHeaderMessageProcessor" />
+	<!-- Processors for ArtifactMessages -->
+	<bean id="ArtifactRequestCreationProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ArtifactRequestCreationProcessor" />
+	<bean id="ArtifactRequestProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ArtifactRequestProcessor" />
+	<bean id="ArtifactResponseProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ArtifactResponseProcessor"/>
+	<!-- Processors for ContractMessages -->
+	<bean id="ContractRequestCreationProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ContractRequestCreationProcessor"/>
+	<bean id="ContractRequestProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ContractRequestProcessor"/>
+	<bean id="ContractResponseProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ContractResponseProcessor"/>
+	<bean id="ContractAgreementReceiverProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ContractAgreementReceiverProcessor"/>
+	<!-- Processors for Camel intern stuff -->
+	<bean id="TypeExtractionProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.IdsMessageTypeExtractionProcessor" />
 
 	<!-- Routes -->
 	<camelContext xmlns="http://camel.apache.org/schema/blueprint">
 
 		<route id="server">
-			<from uri="idscp2server://0.0.0.0:29292?sslContextParameters=#sslContext"/>
-			<process ref="headerProcessor"/>
+			<from uri="idscp2server://0.0.0.0:29292?sslContextParameters=#sslContext&amp;useIdsMessages=true"/>
+			<process ref="TypeExtractionProcessor"/>
+			<log message="### SERVER RECEIVER: Detected Message type: ${exchangeProperty.ids-type}"/>
 			<choice>
+				<!-- Message Flow to cover according to
+				https://gitlab.cc-asp.fraunhofer.de/fraunhofer-aisec/industrial-data-space-connector/-/issues/20
+				Consumer -> Provider: Consumer requests contract agreement with ContractRequestMessage
+				Consumer <- Provider: Provider answers with ContractResponseMessage
+				Consumer -> Provider: Consumer sends ContractAgreementMessage
+				Consumer -> Provider: Consumer requests ressource with ArtifactRequestMessage
+				Consumer <- Provider: Provider responds with ArtifactResponseMessage -->
+
+				<!-- ContractRequestMessage -->
+				<when>
+					<simple>${exchangeProperty.ids-type} == 'ContractRequestMessage'</simple>
+					<log message="### Handle ContractRequestMessage ###"/>
+					<setProperty name="containerUri">
+						<constant>https://hub.docker.com/layers/jmalloc/echo-server/latest/images/sha256-c461e7e54d947a8777413aaf9c624b4ad1f1bac5d8272475da859ae82c1abd7d#8080</constant>
+					</setProperty>
+					<process ref="ContractRequestProcessor"/>
+				</when>
+				<!-- ContractAgreementMessage -->
+				<when>
+					<simple>${exchangeProperty.ids-type} == 'ContractAgreementMessage'</simple>
+					<log message="### Handle ContractAgreementMessage ###"/>
+					<!-- Only processing of incoming request must be performed, no reply -->
+					<process ref="ContractAgreementReceiverProcessor"/>
+					<removeHeader headerName="idscp2-header" />
+					<setBody><simple>${null}</simple></setBody>
+				</when>
+				<!-- ArtifactRequestMessage -->
 				<when>
 					<simple>${exchangeProperty.ids-type} == 'ArtifactRequestMessage'</simple>
 					<log message="### Handle ArtifactRequestMessage ###"/>
+					<process ref="ArtifactRequestProcessor" />
 				</when>
+				<!-- all other messages -->
 				<otherwise>
-					<log message="Server received (otherwise branch):\n${body}\n(Header: ${headers[idscp2-header]})"/>
+					<log message="### Server received (otherwise branch):\n${body}\n### Header: ###\n${headers[idscp2-header]}"/>
 					<removeHeader headerName="idscp2-header" />
+					<setBody><simple>${null}</simple></setBody>
 				</otherwise>
 			</choice>
 		</route>
 
-		<route id="client">
-			<from uri="timer://foo?fixedRate=true&amp;period=10000" />
-			<setProperty name="artifactUri">
-				<constant>https://example.com/testArtifact</constant>
-			</setProperty>
-			<process ref="reqCreator" />
-			<to uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#sslContext"/>
+		<!-- Initialise route by switching true-false -->
+		<route>
+			<from uri="timer://foo?fixedRate=true&amp;period=30000" />
+			<when>
+				<simple>true</simple>
+				<setBody><simple>${null}</simple></setBody>
+				<log message="##### STARTING IDSCP2 CONTRACT-GIVEN MESSAGE FLOW #####"/>
+				<setProperty name="artifactUri">
+					<constant>https://example.com/some_artifact</constant>
+				</setProperty>
+				<process ref="ContractRequestCreationProcessor" />
+				<to uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#sslContext&amp;useIdsMessages=true"/>
+				<delay>
+					<constant>5000</constant>
+				</delay>
+			</when>
+
+			<when>
+				<simple>false</simple>
+				<setBody><simple>${null}</simple></setBody>
+				<log message="##### STARTING IDSCP2 CONTRACT-DENIED MESSAGE FLOW #####"/>
+				<setProperty name="artifactUri">
+					<constant>https://example.com/unavailable_artifact</constant>
+				</setProperty>
+				<process ref="ContractRequestCreationProcessor" />
+				<to uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#sslContext&amp;useIdsMessages=true"/>
+				<delay>
+					<constant>5000</constant>
+				</delay>
+			</when>
+
+			<when>
+				<simple>true</simple>
+				<setBody><simple>${null}</simple></setBody>
+				<log message="##### STARTING IDSCP2 ARTIFACT-GIVEN MESSAGE FLOW #####"/>
+				<setProperty name="artifactUri">
+					<constant>https://example.com/some_artifact</constant>
+				</setProperty>
+				<process ref="ArtifactRequestCreationProcessor" />
+				<to uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#sslContext&amp;useIdsMessages=true"/>
+				<delay>
+					<constant>5000</constant>
+				</delay>
+			</when>
+
+			<when>
+				<simple>false</simple>
+				<setBody><simple>${null}</simple></setBody>
+				<log message="##### STARTING IDSCP2 ARTIFACT-DENIED MESSAGE FLOW #####"/>
+				<setProperty name="artifactUri">
+					<constant>https://example.com/unavailable_artifact</constant>
+				</setProperty>
+				<process ref="ArtifactRequestCreationProcessor" />
+				<to uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#sslContext&amp;useIdsMessages=true"/>
+				<delay>
+					<constant>5000</constant>
+				</delay>
+			</when>
 		</route>
 
 		<route id="clientReceiver">
-			<from uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#sslContext"/>
-			<log message="Server received (otherwise branch):\n${body}\n(Header: ${headers[idscp2-header]})"/>
-		</route>
+			<from uri="idscp2client://localhost:29292?connectionShareId=pingPongConnection&amp;sslContextParameters=#sslContext&amp;useIdsMessages=true"/>
+			<process ref="TypeExtractionProcessor"/>
+			<log message="### CLIENT RECEIVER: Detected Message type: ${exchangeProperty.ids-type}"/>
+			<choice>
+				<!-- Message Flow to cover according to
+				https://gitlab.cc-asp.fraunhofer.de/fraunhofer-aisec/industrial-data-space-connector/-/issues/20
+				Consumer <- Provider: Provider answers with ContractResponseMessage
+				Consumer <- Provider: Provider responds with ArtifactResponseMessage -->
 
+				<!-- ContractResponseMessage -->
+				<when>
+					<simple>${exchangeProperty.ids-type} == 'ContractResponseMessage'</simple>
+					<log message="### Handle ContractResponseMessage ###"/>
+					<process ref="ContractResponseProcessor"/>
+				</when>
+				<!-- ArtifactResponseMessage -->
+				<when>
+					<simple>${exchangeProperty.ids-type} == 'ArtifactResponseMessage'</simple>
+					<log message="### Handle ArtifactResponseMessage ###"/>
+					<process ref="ArtifactResponseProcessor"/>
+					<to uri="http://172.17.0.2:8080"/>
+					<log message="Response body\n\n${body}"/>
+					<!-- End of message exchange reached -->
+					<removeHeader headerName="idscp2-header" />
+					<setBody><simple>${null}</simple></setBody>
+				</when>
+				<!-- all other messages -->
+				<otherwise>
+					<log message="### Client received (otherwise branch):\n${body}\n### Header: ###\n${headers[idscp2-header]}"/>
+					<removeHeader headerName="idscp2-header" />
+					<setBody><simple>${null}</simple></setBody>
+				</otherwise>
+			</choice>
+		</route>
 	</camelContext>
-
 </blueprint>
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 12d38de6a..be52383ef 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-6.6.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-6.7-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
diff --git a/ids-api/build.gradle b/ids-api/build.gradle
index e532717a0..b9540dd1f 100644
--- a/ids-api/build.gradle
+++ b/ids-api/build.gradle
@@ -32,6 +32,8 @@ dependencies {
     // Actual implementation must be provided by ids-infomodel-manager
     publishCompile group: 'de.fraunhofer.iais.eis.ids.infomodel', name: 'java', version: libraryVersions.infomodel
 
+    publishCompile group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
+
     testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
     testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
 }
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/cm/ApplicationContainer.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/cm/ApplicationContainer.java
index 00c1fb61d..e17c8eb12 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/cm/ApplicationContainer.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/cm/ApplicationContainer.java
@@ -21,6 +21,7 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 
+import java.net.InetAddress;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
@@ -46,6 +47,8 @@ public class ApplicationContainer {
   private String signature;
   private String owner;
   private String image;
+  private List<String> imageDigests;
+  private List<InetAddress> ipAddresses;
 
   // Portainer attributes:
   private Object repository;
@@ -220,6 +223,22 @@ public void setImage(String image) {
     this.image = image;
   }
 
+  public List<String> getImageDigests() {
+    return imageDigests;
+  }
+
+  public void setImageDigests(List<String> digests) {
+    this.imageDigests = digests;
+  }
+
+  public List<InetAddress> getIpAddresses() {
+    return ipAddresses;
+  }
+
+  public void setIpAddresses(List<InetAddress> ipAddresses) {
+    this.ipAddresses = ipAddresses;
+  }
+
   public String getRegistry() {
     return registry;
   }
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/policy/DecisionRequest.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/policy/DecisionRequest.java
index 89d7dcf20..56b90222e 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/policy/DecisionRequest.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/policy/DecisionRequest.java
@@ -19,11 +19,13 @@
  */
 package de.fhg.aisec.ids.api.policy;
 
-import java.util.Map;
-import java.util.Objects;
 import org.checkerframework.checker.nullness.qual.NonNull;
 import org.checkerframework.checker.nullness.qual.Nullable;
 
+import java.util.Map;
+import java.util.Objects;
+import java.util.Set;
+
 /**
  * Data structure holding a decision request which is sent to the PDP. The PDP is expected to answer
  * with a PolicyDecision object.
@@ -38,7 +40,7 @@ public class DecisionRequest {
   @NonNull private ServiceNode to;
 
   /** Properties of the message (e.g., labels) */
-  @NonNull private Map<String, Object> msgCtx;
+  @NonNull private Set<String> labels;
 
   /** Properties of the environment */
   @Nullable private Map<String, Object> envCtx;
@@ -46,12 +48,12 @@ public class DecisionRequest {
   public DecisionRequest(
       @NonNull ServiceNode from,
       @NonNull ServiceNode to,
-      @NonNull Map<String, Object> msgCtx,
+      @NonNull Set<String> labels,
       @Nullable Map<String, Object> envCtx) {
     super();
     this.from = from;
     this.to = to;
-    this.msgCtx = msgCtx;
+    this.labels = labels;
     this.envCtx = envCtx;
   }
 
@@ -84,8 +86,8 @@ public ServiceNode getTo() {
    * @return Properties of the Exchange
    */
   @NonNull
-  public Map<String, Object> getProperties() {
-    return msgCtx;
+  public Set<String> getLabels() {
+    return labels;
   }
 
   /**
@@ -109,12 +111,12 @@ public boolean equals(Object o) {
     DecisionRequest that = (DecisionRequest) o;
     return Objects.equals(from, that.from)
         && Objects.equals(to, that.to)
-        && Objects.equals(msgCtx, that.msgCtx)
+        && Objects.equals(labels, that.labels)
         && Objects.equals(envCtx, that.envCtx);
   }
 
   @Override
   public int hashCode() {
-    return Objects.hash(from, to, msgCtx, envCtx);
+    return Objects.hash(from, to, labels, envCtx);
   }
 }
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/policy/PDP.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/policy/PDP.java
index 054a5c26b..20d523564 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/policy/PDP.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/policy/PDP.java
@@ -19,6 +19,8 @@
  */
 package de.fhg.aisec.ids.api.policy;
 
+import org.checkerframework.checker.nullness.qual.NonNull;
+
 /**
  * Policy Decision Point (PDP) Interface.
  *
@@ -28,8 +30,6 @@
  * @author Julian Schütte (julian.schuette@aisec.fraunhofer.de)
  */
 public interface PDP {
-  String LABELS_KEY = "luconLabels";
-
   /**
    * Main method for requesting a policy decision.
    *
@@ -39,6 +39,7 @@ public interface PDP {
    * @param req The decision request, wrapping relevant data for policy decision
    * @return The policy decision
    */
+  @NonNull
   PolicyDecision requestDecision(DecisionRequest req);
 
   /** Removes all data from PDP-internal caches. Future decisions will possibly take more time. */
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteManager.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteManager.java
index 296b50991..570592528 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteManager.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/router/RouteManager.java
@@ -19,7 +19,6 @@
  */
 package de.fhg.aisec.ids.api.router;
 
-import de.fhg.aisec.ids.api.policy.PDP;
 import org.checkerframework.checker.nullness.qual.NonNull;
 import org.checkerframework.checker.nullness.qual.Nullable;
 
@@ -167,7 +166,4 @@ RouteObject saveRoute(@NonNull String routeId, @NonNull String routeRepresentati
    */
   @NonNull
   String getRouteAsProlog(@NonNull String routeId);
-
-  @Nullable
-  PDP getPdp();
 }
diff --git a/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt
new file mode 100644
index 000000000..23a79e10a
--- /dev/null
+++ b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt
@@ -0,0 +1,19 @@
+package de.fhg.aisec.ids.api
+
+import java.io.IOException
+import java.util.concurrent.TimeUnit
+
+fun String.runCommand(): String? {
+    return try {
+        val parts = this.split("\\s".toRegex())
+        val proc = ProcessBuilder(*parts.toTypedArray())
+                .redirectOutput(ProcessBuilder.Redirect.PIPE)
+                .redirectError(ProcessBuilder.Redirect.PIPE)
+                .start()
+        proc.waitFor(10, TimeUnit.SECONDS)
+        proc.inputStream.bufferedReader().readText()
+    } catch(e: IOException) {
+        e.printStackTrace()
+        null
+    }
+}
diff --git a/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt
new file mode 100644
index 000000000..0f1db9700
--- /dev/null
+++ b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt
@@ -0,0 +1,24 @@
+package de.fhg.aisec.ids.api.idscp2
+
+import de.fraunhofer.iais.eis.ContractAgreement
+import org.apache.camel.Exchange
+import java.net.URI
+
+/**
+ * This interface has to be parameterized with the type of the connection objects handled,
+ * e.g. AppLayerConnection objects.
+ * This avoids the necessity of library dependencies to the module defining this class.
+ */
+interface Idscp2UsageControlInterface {
+    /**
+     * Provides the (Idscp2)Connection object that is linked with the Apache Camel Consumer
+     * which created the particular Exchange object.
+     */
+    fun getExchangeContract(exchange: Exchange): ContractAgreement?
+
+    fun isProtected(exchange: Exchange): Boolean
+
+    fun protectBody(exchange: Exchange, contractUri: URI)
+
+    fun unprotectBody(exchange: Exchange)
+}
\ No newline at end of file
diff --git a/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt b/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt
index 7cadd5c06..810bc2c5b 100644
--- a/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt
+++ b/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt
@@ -21,23 +21,19 @@ package de.fhg.aisec.ids.cm.impl.docker
 
 import com.amihaiemil.docker.Container
 import com.amihaiemil.docker.Docker
-import com.amihaiemil.docker.Image
+import com.amihaiemil.docker.Images
 import com.amihaiemil.docker.LocalDocker
 import de.fhg.aisec.ids.api.cm.*
 import org.slf4j.LoggerFactory
 import java.io.File
 import java.io.IOException
+import java.net.InetAddress
 import java.time.*
 import java.time.temporal.ChronoUnit
 import java.time.temporal.TemporalUnit
 import java.util.*
 import java.util.stream.Collectors
-import java.util.stream.Stream
-import java.util.stream.StreamSupport
-import javax.json.Json
-import javax.json.JsonArray
-import javax.json.JsonString
-import javax.json.JsonValue
+import javax.json.*
 import kotlin.math.abs
 
 
@@ -136,33 +132,29 @@ class DockerCM : ContainerManager {
         }
     }
 
-    private fun getContainerStream(
+    private fun getContainerSequence(
             all: Boolean = false,
             filters: Map<String, Iterable<String>>? = null,
-            withSize: Boolean = false): Stream<Container> {
+            withSize: Boolean = false): Sequence<Container> {
         val filteredContainers = DOCKER_CLIENT
                 .containers()
                 .filter(filters ?: emptyMap())
                 .withSize(withSize)
-        return StreamSupport.stream(
-                Spliterators.spliteratorUnknownSize(
-                        if (all) filteredContainers.all() else filteredContainers.iterator(),
-                        Spliterator.ORDERED
-                ), false)
+        return if (all) {
+            filteredContainers.all().asSequence()
+        } else {
+            filteredContainers.iterator().asSequence()
+        }
     }
 
-    private fun getImageStream(filters: Map<String, Iterable<String>>?): Stream<Image> {
-        return StreamSupport.stream(
-                Spliterators.spliteratorUnknownSize(
-                        DOCKER_CLIENT
-                                .images()
-                                .filter(filters ?: emptyMap()).iterator(),
-                        Spliterator.ORDERED
-                ), false)
+    private fun getImages(filters: Map<String, Iterable<String>>?): Images {
+        return DOCKER_CLIENT
+                .images()
+                .filter(filters ?: emptyMap())
     }
 
     override fun list(onlyRunning: Boolean): List<ApplicationContainer> {
-        return getContainerStream(true, withSize = true).map { c: Container ->
+        return getContainerSequence(!onlyRunning, withSize = true).map { c: Container ->
             try {
                 val info = c.inspect()
                 val state = info.getJsonObject("State")
@@ -170,11 +162,28 @@ class DockerCM : ContainerManager {
                 val running = state.getBoolean("Running")
                 val startedAt = state.getString("StartedAt")
                 val name = info.getString("Name").substring(1)
-                val ports = info.getJsonObject("NetworkSettings").getJsonObject("Ports")
+                val networkSettings = info.getJsonObject("NetworkSettings")
+                val networks = networkSettings.getJsonObject("Networks")
+                val ports = networkSettings.getJsonObject("Ports")
                 val labels = config.getJsonObject("Labels")
                 val app = ApplicationContainer()
                 app.id = c.containerId()
                 app.image = config.getString("Image")
+                app.imageDigests = getImage(c)?.inspect()?.getJsonArray("RepoDigests")
+                        ?.map { (it as JsonString).string } ?: emptyList()
+                app.ipAddresses = networks.values.mapNotNull {
+                    val ip = (it as JsonObject).getString("IPAddress")
+                    try {
+                        if (ip != null && ip.isNotEmpty()) {
+                            InetAddress.getByName(ip)
+                        } else {
+                            null
+                        }
+                    } catch (x: Exception) {
+                        LOG.warn("Error while resolving ip address \"$ip\"", x)
+                        null
+                    }
+                }.toList()
                 app.size = "${humanReadableByteCount((c["SizeRw"] ?: 0).toString().toLong())} RW (data), " +
                         "${humanReadableByteCount((c["SizeRootFs"] ?: 0).toString().toLong())} RO (layers)"
                 app.created = info.getString("Created")
@@ -207,34 +216,29 @@ class DockerCM : ContainerManager {
                 LOG.error("Container iteration error occurred, skipping container with id " + c.containerId(), e)
                 return@map null
             }
-        }.filter { it != null }.map { it as ApplicationContainer }.collect(Collectors.toList())
+        }.filterNotNull().toList()
     }
 
     private fun getContainer(containerID: String): Container {
-        val filters = HashMap<String, Iterable<String>>()
-        filters["id"] = listOf(containerID)
-        val optionalContainer = getContainerStream(true, filters).findFirst()
-        if (optionalContainer.isEmpty) {
-            throw NoContainerExistsException("The container with ID $containerID has not been found!")
-        } else {
-            return optionalContainer.get()
-        }
+        return getContainerSequence(true, mapOf("id" to listOf(containerID))).firstOrNull()
+                ?: throw NoContainerExistsException("The container with ID $containerID has not been found!")
     }
 
+    private fun getImage(container: Container) =
+            getImages(mapOf("reference" to listOf(container.getString("Image")))).firstOrNull()
+
     override fun wipe(containerID: String) {
         val container = getContainer(containerID)
         try {
             LOG.info("Wiping containerID $containerID")
             container.remove(false, true, false)
-            val filters: MutableMap<String, Iterable<String>> = HashMap()
-            filters["reference"] = listOf(container.getString("Image"))
-            val optionalImage = getImageStream(filters).findFirst()
-            if (optionalImage.isEmpty) {
-                LOG.warn("The image to be deleted (filters: {}) was not found!", filters)
-                return
+            getImage(container)?.let {
+                LOG.info("Wiping image related to containerID $containerID")
+                it.delete()
+            } ?: run {
+                LOG.warn("The image to be deleted (filters: {}) was not found!",
+                        mapOf("reference" to listOf(container.getString("Image"))))
             }
-            LOG.info("Wiping image related to containerID $containerID")
-            optionalImage.get().delete()
         } catch (e: Exception) {
             LOG.error(e.message, e)
         }
@@ -376,9 +380,7 @@ class DockerCM : ContainerManager {
      * @param containerID The ID of the container to query labels from
      */
     override fun getMetadata(containerID: String): Map<String, Any> {
-        val labels = HashMap<String, Any>()
-        getContainer(containerID).inspect().getJsonObject("Config").getJsonObject("Labels")
-        return labels
+        return getContainer(containerID).inspect().getJsonObject("Config").getJsonObject("Labels")
     }
 
     override fun setIpRule(
diff --git a/ids-container-manager/src/test/java/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.java b/ids-container-manager/src/test/java/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.java
deleted file mode 100644
index bfc81a289..000000000
--- a/ids-container-manager/src/test/java/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.java
+++ /dev/null
@@ -1,147 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-container-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.cm.impl.docker;
-
-import de.fhg.aisec.ids.api.cm.ApplicationContainer;
-import de.fhg.aisec.ids.api.cm.ContainerStatus;
-import org.junit.After;
-import org.junit.Test;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Optional;
-
-import static org.junit.Assert.*;
-import static org.junit.Assume.assumeTrue;
-
-public class DockerCmIT {
-  private List<String> wipes = new ArrayList<>();
-
-  @After
-  public void cleanUp() {
-    // Remove containers created during test
-    DockerCM d = new DockerCM();
-    wipes.forEach(d::wipe);
-  }
-
-  @Test
-  public void testList() {
-    assumeTrue(DockerCM.Companion.isSupported());
-
-    DockerCM d = new DockerCM();
-
-    // List running containers
-    List<ApplicationContainer> lRunning = d.list(true);
-    assertNotNull(lRunning);
-
-    // List all containers (also stopped ones)
-    List<ApplicationContainer> lAll = d.list(false);
-    assertNotNull(lAll);
-
-    // we cannot have less running than total containers
-    assertTrue(lAll.size() >= lRunning.size());
-  }
-
-  @Test
-  public void testPull() {
-    assumeTrue(DockerCM.Companion.isSupported());
-
-    DockerCM d = new DockerCM();
-
-    // Pull the smallest possible image. Blocks. (must be online)
-    ApplicationContainer app = new ApplicationContainer();
-    app.setImage("tianon/true");
-    Optional<String> oContainerID = d.pullImage(app);
-
-    // We expect a new container to be created
-    assertTrue(oContainerID.isPresent());
-    assertNotEquals("", oContainerID.get());
-    wipes.add(oContainerID.get());
-
-    // we expect the container to be in list()
-    List<ApplicationContainer> containers = d.list(false);
-    Optional<ApplicationContainer> container =
-        containers.stream().filter(c -> c.getId().equals(oContainerID.get())).findAny();
-    assertTrue(container.isPresent());
-
-    assertEquals(ContainerStatus.CREATED, container.get().getStatus());
-  }
-
-  @Test
-  public void testVersion() {
-    assumeTrue(DockerCM.Companion.isSupported());
-
-    DockerCM d = new DockerCM();
-
-    final var version = d.getVersion();
-    assertFalse(version.isEmpty());
-    final var regex = ".* \\([0-9.]+(?:.+)?\\)";
-    if (!version.matches(regex)) {
-      throw new AssertionError(
-          "Error: Docker version has to match regex '" + regex + "', found '" + version + "'");
-    }
-  }
-
-  @Test
-  public void testStartStop() {
-    assumeTrue(DockerCM.Companion.isSupported());
-
-    DockerCM d = new DockerCM();
-
-    // Pull an image we can actually start. (must be online)
-    ApplicationContainer app = new ApplicationContainer();
-    app.setImage("nginx");
-    Optional<String> oContainerID = d.pullImage(app);
-
-    // We expect a new container to be created
-    assertTrue(oContainerID.isPresent());
-    String containerID = oContainerID.get();
-    wipes.add(containerID);
-    assertNotNull(containerID);
-
-    // we expect the container to be in list()
-    List<ApplicationContainer> containers = d.list(false);
-    Optional<ApplicationContainer> container =
-        containers.stream().filter(c -> c.getId().equals(containerID)).findAny();
-    assertTrue(container.isPresent());
-
-    assertEquals(ContainerStatus.CREATED, container.get().getStatus());
-
-    // Start container
-    d.startContainer(containerID, null);
-
-    // We now expect it in list of running containers
-    containers = d.list(true);
-    Optional<ApplicationContainer> runningContainer =
-        containers.stream().filter(c -> c.getId().equals(containerID)).findAny();
-    assertTrue(runningContainer.isPresent());
-    assertEquals(ContainerStatus.RUNNING, runningContainer.get().getStatus());
-
-    // Stop container
-    d.stopContainer(containerID);
-
-    // We expect it to be still in list of all containers
-    containers = d.list(false);
-    Optional<ApplicationContainer> stoppedContainer =
-        containers.stream().filter(c -> c.getId().equals(containerID)).findAny();
-    assertTrue(stoppedContainer.isPresent());
-    assertEquals(ContainerStatus.EXITED, stoppedContainer.get().getStatus());
-  }
-}
diff --git a/ids-container-manager/src/test/kotlin/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.kt b/ids-container-manager/src/test/kotlin/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.kt
new file mode 100644
index 000000000..4c19d0a6a
--- /dev/null
+++ b/ids-container-manager/src/test/kotlin/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.kt
@@ -0,0 +1,127 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-container-manager
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.cm.impl.docker
+
+import de.fhg.aisec.ids.api.cm.ApplicationContainer
+import de.fhg.aisec.ids.api.cm.ContainerStatus
+import de.fhg.aisec.ids.cm.impl.docker.DockerCM.Companion.isSupported
+import org.junit.After
+import org.junit.Assert
+import org.junit.Assume
+import org.junit.Test
+import java.util.*
+
+class DockerCmIT {
+    private val wipes: MutableSet<String> = HashSet()
+    @After
+    fun cleanUp() {
+        // Remove containers created during test
+        DockerCM().let { d -> wipes.forEach { d.wipe(it) } }
+    }
+
+    @Test
+    fun testList() {
+        Assume.assumeTrue(isSupported)
+        val d = DockerCM()
+
+        // List running containers
+        val lRunning = d.list(true)
+        Assert.assertNotNull(lRunning)
+
+        // List all containers (also stopped ones)
+        val lAll = d.list(false)
+        Assert.assertNotNull(lAll)
+
+        // we cannot have less running than total containers
+        Assert.assertTrue(lAll.size >= lRunning.size)
+    }
+
+    @Test
+    fun testPull() {
+        Assume.assumeTrue(isSupported)
+        val d = DockerCM()
+
+        // Pull the smallest possible image. Blocks. (must be online)
+        val app = ApplicationContainer()
+        app.image = "tianon/true"
+        val oContainerID = d.pullImage(app)
+
+        // We expect a new container to be created
+        Assert.assertTrue(oContainerID.isPresent)
+        Assert.assertNotEquals("", oContainerID.get())
+        wipes.add(oContainerID.get())
+
+        // we expect the container to be in list()
+        val container = d.list(false).firstOrNull { it.id == oContainerID.get() }
+        Assert.assertNotNull(container)
+        Assert.assertEquals(ContainerStatus.CREATED, container?.status)
+    }
+
+    @Test
+    fun testVersion() {
+        Assume.assumeTrue(isSupported)
+        val d = DockerCM()
+        val version = d.version
+        Assert.assertFalse(version.isEmpty())
+        val regex = Regex(".* \\([0-9.]+(?:.+)?\\)")
+        if (!version.matches(regex)) {
+            throw AssertionError(
+                    "Error: Docker version has to match regex '$regex', found '$version'")
+        }
+    }
+
+    @Test
+    fun testStartStop() {
+        Assume.assumeTrue(isSupported)
+        val d = DockerCM()
+
+        // Pull an image we can actually start. (must be online)
+        val app = ApplicationContainer()
+        app.image = "nginx"
+        val oContainerID = d.pullImage(app)
+
+        // We expect a new container to be created
+        Assert.assertTrue(oContainerID.isPresent)
+        val containerID = oContainerID.get()
+        wipes.add(containerID)
+        Assert.assertNotNull(containerID)
+
+        // we expect the container to be in list()
+        val container = d.list(false).firstOrNull { it.id == containerID }
+        Assert.assertNotNull(container)
+        Assert.assertEquals(ContainerStatus.CREATED, container?.status)
+
+        // Start container
+        d.startContainer(containerID, null)
+
+        // We now expect it in list of running containers
+        val runningContainer = d.list(true).firstOrNull { it.id == containerID }
+        Assert.assertNotNull(runningContainer)
+        Assert.assertEquals(ContainerStatus.RUNNING, runningContainer?.status)
+
+        // Stop container
+        d.stopContainer(containerID)
+
+        // We expect it to be still in list of all containers
+        val stoppedContainer = d.list(false).firstOrNull { it.id == containerID }
+        Assert.assertNotNull(stoppedContainer)
+        Assert.assertEquals(ContainerStatus.EXITED, stoppedContainer?.status)
+    }
+}
\ No newline at end of file
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
index aac41d022..bf1e9e826 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
@@ -68,17 +68,15 @@ class PolicyDecisionPoint : PDP, PAP {
      * Creates a query to retrieve policy decision from Prolog knowledge base.
      *
      * @param target The target node of the transformation
-     * @param properties The exchange properties
+     * @param labels The exchange properties
      */
     private fun createDecisionQuery(
-            target: ServiceNode, properties: MutableMap<String, Any>): String {
+            target: ServiceNode, labels: Set<String>): String {
         val sb = StringBuilder()
         sb.append("rule(X), has_target(X, T), ")
         sb.append("has_endpoint(T, EP), ")
         sb.append("regex_match(EP, ").append(escape(target.endpoint)).append("), ")
         // Assert labels for the duration of this query, must be done before receives_label(X)
-        @Suppress("UNCHECKED_CAST")
-        val labels = properties.computeIfAbsent(PDP.LABELS_KEY) { HashSet<String>() } as Set<String>
         labels.forEach { k -> sb.append("assert(label(").append(k).append(")), ") }
         sb.append("receives_label(X), ")
         sb.append("rule_priority(X, P), ")
@@ -228,7 +226,7 @@ class PolicyDecisionPoint : PDP, PAP {
         try {
             // Query Prolog engine for a policy decision
             val startTime = System.nanoTime()
-            val query = this.createDecisionQuery(req.to, req.properties)
+            val query = this.createDecisionQuery(req.to, req.labels)
             if (LOG.isTraceEnabled) {
                 LOG.trace("Decision query: {}", query)
             }
diff --git a/ids-dataflow-control/src/test/java/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.java b/ids-dataflow-control/src/test/java/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.java
deleted file mode 100644
index cb86f053b..000000000
--- a/ids-dataflow-control/src/test/java/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.java
+++ /dev/null
@@ -1,671 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-dataflow-control
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.dataflowcontrol;
-
-import static org.junit.Assert.*;
-import static org.mockito.ArgumentMatchers.anyString;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-
-import alice.tuprolog.SolveInfo;
-import alice.tuprolog.exceptions.InvalidTheoryException;
-import alice.tuprolog.exceptions.MalformedGoalException;
-import alice.tuprolog.exceptions.NoSolutionException;
-import com.google.common.collect.Sets;
-import de.fhg.aisec.ids.api.policy.*;
-import de.fhg.aisec.ids.api.policy.PolicyDecision.Decision;
-import de.fhg.aisec.ids.api.router.RouteManager;
-import de.fhg.aisec.ids.api.router.RouteVerificationProof;
-import de.fhg.aisec.ids.dataflowcontrol.lucon.LuconEngine;
-import java.io.InputStream;
-import java.lang.reflect.Field;
-import java.nio.charset.StandardCharsets;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Scanner;
-import org.junit.Ignore;
-import org.junit.Test;
-
-/**
- * Unit tests for the LUCON policy engine.
- *
- * @author Julian Schuette (julian.schuette@aisec.fraunhofer.de)
- */
-public class LuconEngineTest {
-  // Solving Towers of Hanoi in only two lines. Prolog FTW!
-  private static final String HANOI_THEORY =
-      "move(1,X,Y,_) :- "
-          + "write('Move top disk from '), write(X), write(' to '), write(Y), nl. \n"
-          + "move(N,X,Y,Z) :- N>1, M is N-1, move(M,X,Z,Y), move(1,X,Y,_), move(M,Z,Y,X). ";
-
-  // A random but syntactically correct policy.
-  private static final String EXAMPLE_POLICY =
-      "\n"
-          + "%%%%%%%% Rules %%%%%%%%%%%%\n"
-          + "rule(denyAll).\n"
-          + "rule_priority(denyAll, 0).\n"
-          + "has_decision(denyAll, drop).\n"
-          + "receives_label(denyAll).\n"
-          + "has_target(denyAll, serviceAll).\n"
-          + "\n"
-          + "rule(allowRule).\n"
-          + "rule_priority(allowRule, 1).\n"
-          + "has_decision(allowRule, allow).\n"
-          + "receives_label(allowRule).\n"
-          + "has_target(allowRule, hiveMqttBrokerService).\n"
-          + "has_target(allowRule, anonymizerService).\n"
-          + "has_target(allowRule, loggerService).\n"
-          + "has_target(allowRule, hadoopClustersService).\n"
-          + "has_target(allowRule, testQueueService).\n"
-          + "\n"
-          + "rule(deleteAfterOneMonth).\n"
-          + "rule_priority(deleteAfterOneMonth, 1).\n"
-          + "has_decision(deleteAfterOneMonth, allow).\n"
-          + "receives_label(deleteAfterOneMonth) :- label(private).\n"
-          + "has_target(deleteAfterOneMonth, service78096644).\n"
-          + "has_obligation(deleteAfterOneMonth, obl1709554620).\n"
-          + "% generated service\n"
-          + "service(service78096644).\n"
-          + "has_endpoint(service78096644, \"hdfs.*\").\n"
-          + "% generated obligation\n"
-          + "requires_prerequisite(obl1709554620, delete_after_days(30)).\n"
-          + "has_alternativedecision(obl1709554620, drop).\n"
-          + "\n"
-          + "rule(anotherRule).\n"
-          + "rule_priority(anotherRule, 1).\n"
-          + "has_target(anotherRule, testQueueService).\n"
-          + "receives_label(anotherRule) :- label(private).\n"
-          + "has_decision(anotherRule, drop).\n"
-          + "\n"
-          + "%%%%%%%%%%%% Services %%%%%%%%%%%%\n"
-          + "service(serviceAll).\n"
-          + "has_endpoint(serviceAll,'.*').\n"
-          + "\n"
-          + "service(hiveMqttBrokerService).\n"
-          + "creates_label(hiveMqttBrokerService, labelone).\n"
-          + "creates_label(hiveMqttBrokerService, private).\n"
-          + "removes_label(hiveMqttBrokerService, labeltwo).\n"
-          + "has_endpoint(hiveMqttBrokerService, \"^paho:.*?tcp://broker.hivemq.com:1883.*\").\n"
-          + "has_property(hiveMqttBrokerService, type, public).\n"
-          + "\n"
-          + "service(anonymizerService).\n"
-          + "has_endpoint(anonymizerService, \".*anonymizer.*\").\n"
-          + "has_property(anonymizerService, myProp, anonymize('surname', 'name')).\n"
-          + "\n"
-          + "service(loggerService).\n"
-          + "has_endpoint(loggerService, \"^log.*\").\n"
-          + "\n"
-          + "service(hadoopClustersService).\n"
-          + "has_endpoint(hadoopClustersService, \"^hdfs://.*\").\n"
-          + "has_capability(hadoopClustersService, deletion).\n"
-          + "has_property(hadoopClustersService, anonymizes, anonymize('surname', 'name')).\n"
-          + "\n"
-          + "service(testQueueService).\n"
-          + "has_endpoint(testQueueService, \"^amqp:.*?:test\").";
-
-  // Policy with extended labels, i.e. "purpose(green)"
-  private static final String EXTENDED_LABELS_POLICY =
-      ""
-          + "%%%%%%%% Rules %%%%%%%%%%%%\n"
-          + "rule(denyAll).\n"
-          + "rule_priority(denyAll, 0).\n"
-          + "has_decision(denyAll, drop).\n"
-          + "receives_label(denyAll).\n"
-          + "has_target(denyAll, serviceAll).\n"
-          + "\n"
-          + "rule(demo).\n"
-          + "rule_priority(demo, 1).\n"
-          + "has_target(demo, service473016340).\n"
-          + "service(service473016340).\n"
-          + "has_endpoint(service473016340,\"(ahc|ahc-ws|cxf|cxfbean|cxfrs)://.*\").\n"
-          + "receives_label(demo) :- label(purpose(green)).\n" // Note that Prolog does not support
-          // nested predicates.
-          + "has_decision(demo, allow).\n"
-          + "\n"
-          + "%%%%% Services %%%%%%%%%%%%\n"
-          + "service(serviceAll).\n"
-          + "has_endpoint(serviceAll,'.*').\n"
-          + "creates_label(serviceAll, purpose(green)).\n"
-          + "\n"
-          + "service(sanitizedata).\n"
-          + "has_endpoint(sanitizedata, \"^bean://SanitizerBean.*\").\n"
-          + "creates_label(sanitizedata, public).\n"
-          + "removes_label(sanitizedata, private).\n";
-
-  // Route from LUCON paper with path searching logic
-  private static final String VERIFIABLE_ROUTE =
-      "%\n"
-          + "% (C) Julian Schütte, Fraunhofer AISEC, 2017\n"
-          + "%\n"
-          + "% Demonstration of model checking a message route against a usage control policy\n"
-          + "%\n"
-          + "% Message Route definition\n"
-          + "%\n"
-          + "%       hiveMqttBroker       \n"
-          + "%       /     \\     \n"
-          + "%  logger    anonymizer  \n"
-          + "%       \\     /     \n"
-          + "%       hadoopClusters       \n"
-          + "%         |          \n"
-          + "%       testQueue       \n"
-          + "entrynode(hiveMqttBroker).\n"
-          + "stmt(hiveMqttBroker).\n"
-          + "has_action(hiveMqttBroker, \"paho:something:tcp://broker.hivemq.com:1883/anywhere\").\n"
-          + "stmt(logger).\n"
-          + "has_action(logger, \"log\").\n"
-          + "stmt(anonymizer).\n"
-          + "has_action(anonymizer, \"hello_anonymizer_world\").\n"
-          + "stmt(hadoopClusters).\n"
-          + "has_action(hadoopClusters, \"hdfs://myCluser\").\n"
-          + "stmt(testQueue).\n"
-          + "has_action(testQueue, \"amqp:testQueue:test\").\n"
-          + "\n"
-          + "succ(hiveMqttBroker, logger).\n"
-          + "succ(hiveMqttBroker, anonymizer).\n"
-          + "succ(logger, hadoopClusters).\n"
-          + "succ(anonymizer, hadoopClusters).\n"
-          + "succ(hadoopClusters, testQueue).\n"
-          + "\n";
-
-  /**
-   * Loading a valid Prolog theory should not fail.
-   *
-   * @throws InvalidTheoryException If invalid theory is encountered
-   */
-  @Test
-  public void testLoadingTheoryGood() throws InvalidTheoryException {
-    LuconEngine e = new LuconEngine(null);
-    e.loadPolicy(HANOI_THEORY);
-    String prolog = e.getTheory();
-    assertTrue(prolog.trim().startsWith("move(1,X,Y"));
-  }
-
-  /** Loading an invalid Prolog theory is expected to throw an exception. */
-  @Test
-  public void testLoadingTheoryNotGood() {
-    LuconEngine e = new LuconEngine(System.out);
-    try {
-      e.loadPolicy("This is invalid");
-    } catch (InvalidTheoryException ex) {
-      return; // Expected
-    }
-    fail("Could load invalid theory without exception");
-  }
-
-  /**
-   * Solve a simple Prolog puzzle.
-   *
-   * @throws InvalidTheoryException If invalid theory is encountered
-   */
-  @Test
-  public void testSimplePrologQuery() throws InvalidTheoryException {
-    LuconEngine e = new LuconEngine(System.out);
-    e.loadPolicy(HANOI_THEORY);
-    try {
-      List<SolveInfo> solutions = e.query("move(3,left,right,center). ", true);
-      assertEquals(1, solutions.size());
-      for (SolveInfo solution : solutions) {
-        System.out.println(solution.getSolution().toString());
-        System.out.println(solution.hasOpenAlternatives());
-
-        System.out.println(solution.isSuccess());
-      }
-    } catch (MalformedGoalException | NoSolutionException e1) {
-      e1.printStackTrace();
-      fail(e1.getMessage());
-    }
-  }
-
-  /**
-   * Run some simple queries against an actual policy.
-   *
-   * @throws InvalidTheoryException If invalid theory is encountered
-   */
-  @Test
-  public void testSolve2() throws InvalidTheoryException {
-    LuconEngine e = new LuconEngine(System.out);
-    e.loadPolicy(EXAMPLE_POLICY);
-    try {
-      List<SolveInfo> solutions =
-          e.query("has_endpoint(X,Y),regex_match(Y, \"hdfs://myendpoint\").", true);
-      assertNotNull(solutions);
-      assertEquals(3, solutions.size());
-      for (SolveInfo solution : solutions) {
-        System.out.println(solution.getSolution().toString());
-        System.out.println(solution.hasOpenAlternatives());
-        System.out.println(solution.isSuccess());
-      }
-    } catch (MalformedGoalException | NoSolutionException e1) {
-      e1.printStackTrace();
-      fail(e1.getMessage());
-    }
-  }
-
-  /**
-   * Test if the correct policy decisions are taken for a (very) simple route and an example policy.
-   */
-  @Test
-  public void testPolicyDecision() {
-    PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-    pdp.loadPolicies();
-    pdp.loadPolicy(EXAMPLE_POLICY);
-
-    // Simple message context with nonsense attributes
-    Map<String, Object> attributes = new HashMap<>();
-    attributes.put("some_message_key", "some_message_value");
-    attributes.put(PDP.LABELS_KEY, Sets.newHashSet("private"));
-
-    // Simple source and dest nodes
-    ServiceNode source = new ServiceNode("seda:test_source", null, null);
-    ServiceNode dest = new ServiceNode("hdfs://some_url", null, null);
-
-    PolicyDecision dec = pdp.requestDecision(new DecisionRequest(source, dest, attributes, null));
-    assertEquals(Decision.ALLOW, dec.getDecision());
-
-    //    // Check obligation
-    //    assertEquals(3, dec.getObligations().size());
-    //    Obligation obl = dec.getObligations().get(0);
-    //    assertEquals("delete_after_days(30)", obl.getAction());
-  }
-
-  /**
-   * Test if the correct policy decisions are taken for a (very) simple route and an example policy.
-   */
-  @Test
-  public void testPolicyDecisionWithExtendedLabels() {
-    PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-    pdp.loadPolicies();
-    pdp.loadPolicy(EXTENDED_LABELS_POLICY);
-
-    // Simple message context with nonsense attributes
-    Map<String, Object> attributes = new HashMap<>();
-    attributes.put("some_message_key", "some_message_value");
-    attributes.put(PDP.LABELS_KEY, Sets.newHashSet("purpose(green)"));
-
-    // Simple source and dest nodes
-    ServiceNode source = new ServiceNode("seda:test_source", null, null);
-    ServiceNode dest = new ServiceNode("ahc://some_url", null, null);
-
-    PolicyDecision dec = pdp.requestDecision(new DecisionRequest(source, dest, attributes, null));
-    assertEquals(Decision.ALLOW, dec.getDecision());
-
-    // Check obligation
-    assertEquals(0, dec.getObligations().size());
-  }
-
-  /** List all rules of the currently loaded policy. */
-  @Test
-  public void testListRules() {
-    PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-    pdp.loadPolicies();
-
-    // Without any policy, we expect an empty list of rules
-    List<String> emptyList = pdp.listRules();
-    assertNotNull(emptyList);
-    assertTrue(emptyList.isEmpty());
-
-    // Load a policy
-    pdp.loadPolicy(EXAMPLE_POLICY);
-
-    // We now expect 3 rules
-    List<String> rules = pdp.listRules();
-    assertNotNull(rules);
-    assertEquals(4, rules.size());
-    assertTrue(rules.contains("deleteAfterOneMonth"));
-    assertTrue(rules.contains("anotherRule"));
-  }
-
-  @Test
-  public void testTransformationsMatch() {
-    PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-    pdp.loadPolicies();
-    pdp.loadPolicy(EXAMPLE_POLICY);
-    ServiceNode node = new ServiceNode("paho:tcp://broker.hivemq.com:1883/blablubb", null, null);
-    TransformationDecision trans = pdp.requestTranformations(node);
-
-    assertNotNull(trans);
-    assertNotNull(trans.getLabelsToAdd());
-    assertNotNull(trans.getLabelsToRemove());
-
-    assertEquals(2, trans.getLabelsToAdd().size());
-    assertEquals(1, trans.getLabelsToRemove().size());
-
-    assertTrue(trans.getLabelsToAdd().contains("labelone"));
-    assertTrue(trans.getLabelsToRemove().contains("labeltwo"));
-  }
-
-  @Test
-  public void testTransformationsNomatch() {
-    PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-    pdp.loadPolicies();
-    pdp.loadPolicy(EXAMPLE_POLICY);
-    ServiceNode node = new ServiceNode("someendpointwhichisnotmatchedbypolicy", null, null);
-    TransformationDecision trans = pdp.requestTranformations(node);
-
-    assertNotNull(trans);
-    assertNotNull(trans.getLabelsToAdd());
-    assertNotNull(trans.getLabelsToRemove());
-
-    assertEquals(0, trans.getLabelsToAdd().size());
-    assertEquals(0, trans.getLabelsToRemove().size());
-  }
-
-  /**
-   * Tests the generation of a proof that a route matches a policy.
-   *
-   * @throws Exception If something fails
-   */
-  @Test
-  public void testVerifyRoute() throws Exception {
-    // Create RouteManager returning VERIFIABLE_ROUTE
-    RouteManager rm = mock(RouteManager.class);
-    System.out.println("------ ROUTE ----------");
-    System.out.println(VERIFIABLE_ROUTE);
-    when(rm.getRouteAsProlog(anyString())).thenReturn(VERIFIABLE_ROUTE);
-
-    // Create policy decision point and attach to route manager
-    PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-    pdp.loadPolicies();
-
-    // Manually inject routemanager into PDP
-    Field f1 = pdp.getClass().getDeclaredField("routeManager");
-    f1.setAccessible(true);
-    f1.set(pdp, rm);
-
-    // Load policy
-    pdp.loadPolicy(EXAMPLE_POLICY);
-
-    // Verify VERIFIABLE_ROUTE against EXAMPLE_POLICY
-    RouteVerificationProof proof = pdp.verifyRoute("mockId");
-    System.out.println("------ Proof follows ----------");
-    System.out.println(proof != null ? proof.toString() : null);
-    assertNotNull(proof);
-    assertFalse(proof.isValid());
-    //		assertTrue(proof.toString().contains("Service testQueueService may receive messages labeled
-    // [private], " + "which is forbidden by rule \"anotherRule\"."));
-    System.out.println("##### PROBLEM #####");
-    System.out.println(proof.toString());
-    assertTrue(
-        proof
-            .toString()
-            .contains(
-                "Service testQueueService may receive messages, which is forbidden by rule \"anotherRule\"."));
-    assertNotNull(proof.getCounterExamples());
-  }
-
-  @Test
-  @Ignore("Not a regular unit test; for evaluating runtime performance.")
-  public void testPerformanceEvaluationScaleRules() {
-    for (int i = 10; i <= 5000; i += 10) {
-      // Load n test rules into PDP
-      String theory = generateRules(i);
-      PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-      pdp.loadPolicies();
-      long start = System.nanoTime();
-      pdp.loadPolicy(theory);
-      long stop = System.nanoTime();
-      long loadTime = (stop - start);
-
-      // Simple message context with nonsense attributes
-      Map<String, Object> attributes = new HashMap<>();
-      attributes.put("some_message_key", "some_message_value");
-
-      // Simple source and dest nodes
-      ServiceNode source = new ServiceNode("seda:test_source", null, null);
-      ServiceNode dest = new ServiceNode("hdfs://some_url", null, null);
-
-      start = System.nanoTime();
-      PolicyDecision dec = pdp.requestDecision(new DecisionRequest(source, dest, attributes, null));
-      stop = System.nanoTime();
-      long queryTime = stop - start;
-
-      System.out.println(i + "\t\t" + loadTime + "\t\t" + queryTime);
-      assertEquals(Decision.ALLOW, dec.getDecision());
-    }
-  }
-
-  @Test
-  @Ignore("Not a regular unit test; for evaluating runtime performance.")
-  public void testPerformanceEvaluationScaleLabels() {
-    for (int i = 0; i <= 5000; i += 10) {
-      // Load n test rules into PDP
-      String theory = generateLabels(i);
-      PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-      pdp.loadPolicies();
-      long start = System.nanoTime();
-      pdp.loadPolicy(theory);
-      long stop = System.nanoTime();
-      long loadTime = (stop - start);
-
-      // Simple message context with nonsense attributes
-      Map<String, Object> attributes = new HashMap<>();
-      attributes.put("some_message_key", "some_message_value");
-
-      // Simple source and dest nodes
-      ServiceNode source = new ServiceNode("seda:test_source", null, null);
-      ServiceNode dest = new ServiceNode("hdfs://some_url", null, null);
-
-      start = System.nanoTime();
-      PolicyDecision dec = pdp.requestDecision(new DecisionRequest(source, dest, attributes, null));
-      stop = System.nanoTime();
-      long queryTime = stop - start;
-
-      System.out.println(i + "\t\t" + loadTime + "\t\t" + queryTime);
-      assertEquals(Decision.ALLOW, dec.getDecision());
-    }
-  }
-
-  @Test
-  @Ignore("Not a regular unit test; for evaluating runtime performance.")
-  public void testmemoryEvaluationScaleRules() {
-    for (int i = 10; i <= 5000; i += 10) {
-      // Load n test rules into PDP
-      String theory = generateRules(i);
-      PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-      pdp.loadPolicies();
-      pdp.loadPolicy(theory);
-
-      // Simple message context with nonsense attributes
-      Map<String, Object> attributes = new HashMap<>();
-      attributes.put("some_message_key", "some_message_value");
-
-      // Simple source and dest nodes
-      ServiceNode source = new ServiceNode("seda:test_source", null, null);
-      ServiceNode dest = new ServiceNode("hdfs://some_url", null, null);
-
-      System.gc();
-      System.gc();
-      System.gc(); // Empty level 1- & 2-LRUs.
-      long memoryBefore = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory();
-      PolicyDecision dec = pdp.requestDecision(new DecisionRequest(source, dest, attributes, null));
-      long memoryAfter = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory();
-      System.gc();
-      System.gc();
-      System.gc(); // Empty level 1- & 2-LRUs.
-      long memoryAfterGC = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory();
-
-      System.out.println(
-          i + "\t\t" + (memoryAfter - memoryBefore) + "\t\t" + (memoryAfterGC - memoryBefore));
-      assertEquals(Decision.ALLOW, dec.getDecision());
-    }
-  }
-
-  @Test
-  @Ignore("Not a regular unit test; for evaluating runtime performance.")
-  public void testmemoryEvaluationScaleLabels() {
-    for (int i = 10; i <= 5000; i += 10) {
-      // Load n test rules into PDP
-      String theory = generateLabels(i);
-      PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-      pdp.loadPolicies();
-      pdp.loadPolicy(theory);
-
-      // Simple message context with nonsense attributes
-      Map<String, Object> attributes = new HashMap<>();
-      attributes.put("some_message_key", "some_message_value");
-
-      // Simple source and dest nodes
-      ServiceNode source = new ServiceNode("seda:test_source", null, null);
-      ServiceNode dest = new ServiceNode("hdfs://some_url", null, null);
-
-      System.gc();
-      System.gc();
-      System.gc(); // Empty level 1- & 2-LRUs.
-      long memoryBefore = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory();
-      PolicyDecision dec = pdp.requestDecision(new DecisionRequest(source, dest, attributes, null));
-      long memoryAfter = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory();
-      System.gc();
-      System.gc();
-      System.gc(); // Empty level 1- & 2-LRUs.
-      long memoryAfterGC = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory();
-
-      System.out.println(
-          i + "\t\t" + (memoryAfter - memoryBefore) + "\t\t" + (memoryAfterGC - memoryBefore));
-      assertEquals(Decision.ALLOW, dec.getDecision());
-    }
-  }
-
-  @Test
-  public void testRulePriorities() {
-    PolicyDecisionPoint pdp = new PolicyDecisionPoint();
-    // Load test policy w/ two rules
-    InputStream policy = this.getClass().getClassLoader().getResourceAsStream("policy-example.pl");
-    assertNotNull(policy);
-    pdp.loadPolicy(new Scanner(policy, StandardCharsets.UTF_8.name()).useDelimiter("\\A").next());
-    assertEquals(2, pdp.listRules().size());
-
-    // Test order of specification in rule file
-    String ruleThree = pdp.listRules().get(0);
-    assertEquals("testRulePrioThree", ruleThree);
-    String ruleTwo = pdp.listRules().get(1);
-    assertEquals("testRulePrioTwo", ruleTwo);
-
-    // FALL-THROUGH: Test fall-through decision (no msg label matches)
-    ServiceNode from = new ServiceNode("IAmMatchedByRuleThreeOnly", null, null);
-    ServiceNode to = new ServiceNode("hdfs://IAmMatchedByBothRules", null, null);
-    Map<String, Object> msgCtx = new HashMap<>();
-    Map<String, Object> envCtx = new HashMap<>();
-    DecisionRequest req = new DecisionRequest(from, to, msgCtx, envCtx);
-    PolicyDecision dec = pdp.requestDecision(req);
-    assertNotNull(dec);
-    Decision d = dec.getDecision();
-    assertEquals(Decision.DENY, d);
-    assertEquals("No matching rule", dec.getReason());
-
-    // FALL-THROUGH: presence of a label "public" (w/o any specific value) does not yet trigger
-    // testRulePrioTwo, because label "filtered" is required in addition.
-    from = new ServiceNode("IAmMatchedByRuleThreeOnly", null, null);
-    to = new ServiceNode("hdfs://IAmMatchedByBothRules", null, null);
-    msgCtx = new HashMap<>();
-    msgCtx.put(PDP.LABELS_KEY, Sets.newHashSet("public"));
-    envCtx = new HashMap<>();
-    req = new DecisionRequest(from, to, msgCtx, envCtx);
-    dec = pdp.requestDecision(req);
-    assertNotNull(dec);
-    d = dec.getDecision();
-    assertEquals(Decision.DENY, d);
-    assertEquals("No matching rule", dec.getReason());
-
-    // testRulePrioTwo: now we have labels "public" AND "filtered" set, which makes testRulePrioTwo
-    // match
-    from = new ServiceNode("IAmMatchedByRuleThreeOnly", null, null);
-    to = new ServiceNode("hdfs://IAmMatchedByBothRules", null, null);
-    msgCtx = new HashMap<>();
-    msgCtx.put(PDP.LABELS_KEY, Sets.newHashSet("public", "filtered"));
-    envCtx = new HashMap<>();
-    req = new DecisionRequest(from, to, msgCtx, envCtx);
-    dec = pdp.requestDecision(req);
-    assertNotNull(dec);
-    d = dec.getDecision();
-    assertEquals(Decision.ALLOW, d);
-    assertEquals("testRulePrioTwo", dec.getReason());
-
-    // testRulePrioTwo: "public" AND "filtered" makes testRulePrioTwo match. Additional labels do
-    // not harm
-    from = new ServiceNode("IAmMatchedByRuleThreeOnly", null, null);
-    to = new ServiceNode("hdfs://IAmMatchedByBothRules", null, null);
-    msgCtx = new HashMap<>();
-    msgCtx.put(PDP.LABELS_KEY, Sets.newHashSet("public", "unusedlabel"));
-    envCtx = new HashMap<>();
-    req = new DecisionRequest(from, to, msgCtx, envCtx);
-    dec = pdp.requestDecision(req);
-    assertNotNull(dec);
-    d = dec.getDecision();
-    assertEquals(Decision.DENY, d);
-    assertEquals("No matching rule", dec.getReason());
-
-    // testRulePrioTwo: labels "public", "filtered", "private" will trigger testRulePrioOne and
-    // testRulePrioTwo. Rule with higher prio wins.
-    from = new ServiceNode("IAmMatchedByRuleThreeOnly", null, null);
-    to = new ServiceNode("hdfs://IAmMatchedByBothRules", null, null);
-    msgCtx = new HashMap<>();
-    msgCtx.put(PDP.LABELS_KEY, Sets.newHashSet("public", "unusedlabel", "private"));
-    envCtx = new HashMap<>();
-    req = new DecisionRequest(from, to, msgCtx, envCtx);
-    dec = pdp.requestDecision(req);
-    assertNotNull(dec);
-    d = dec.getDecision();
-    assertEquals(Decision.DENY, d);
-    assertEquals("testRulePrioThree", dec.getReason());
-  }
-
-  /**
-   * Generates n random rules matching a target endpoint (given as regex).
-   *
-   * <p>All rules will take an "allow" decision.
-   *
-   * @param n The number of rules to generate
-   * @return The rules as String
-   */
-  private String generateRules(int n) {
-    StringBuilder sb = new StringBuilder();
-    for (int i = 0; i < n; i++) {
-      String ruleName = "testRule" + i;
-      String targetName = "testTarget" + i;
-      String labelName = "label" + i;
-      sb.append("rule(").append(ruleName).append(").\n");
-      sb.append("has_decision(").append(ruleName).append(", allow).\n");
-      sb.append("has_alternativedecision(").append(ruleName).append(", allow).\n");
-      sb.append("receives_label(").append(ruleName).append(").\n");
-      sb.append("has_target(").append(ruleName).append(", ").append(targetName).append(").\n");
-      sb.append("has_obligation(")
-          .append(ruleName)
-          .append(", testObligation")
-          .append(i)
-          .append(").\n");
-      sb.append("service(").append(targetName).append(").\n");
-      sb.append("has_endpoint(").append(targetName).append(", \".*\").\n");
-      sb.append("creates_label(").append(targetName).append(", ").append(labelName).append(").\n");
-      sb.append("removes_label(").append(targetName).append(", ").append(labelName).append(").\n");
-    }
-    return sb.toString();
-  }
-
-  private String generateLabels(int n) {
-    StringBuilder sb = new StringBuilder();
-    sb.append(generateRules(50));
-    for (int i = 0; i < n; i++) {
-      sb.append("creates_label(testTarget1, labelX").append(i).append(").\n");
-      sb.append("removes_label(testTarget1, labelX").append(i).append(").\n");
-    }
-    return sb.toString();
-  }
-}
diff --git a/ids-dataflow-control/src/test/kotlin/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.kt b/ids-dataflow-control/src/test/kotlin/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.kt
new file mode 100644
index 000000000..3629ab2ec
--- /dev/null
+++ b/ids-dataflow-control/src/test/kotlin/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.kt
@@ -0,0 +1,631 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-dataflow-control
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.dataflowcontrol
+
+import alice.tuprolog.exceptions.InvalidTheoryException
+import alice.tuprolog.exceptions.MalformedGoalException
+import alice.tuprolog.exceptions.NoSolutionException
+import de.fhg.aisec.ids.api.policy.DecisionRequest
+import de.fhg.aisec.ids.api.policy.PolicyDecision
+import de.fhg.aisec.ids.api.policy.ServiceNode
+import de.fhg.aisec.ids.api.router.RouteManager
+import de.fhg.aisec.ids.dataflowcontrol.lucon.LuconEngine
+import org.junit.Assert
+import org.junit.Ignore
+import org.junit.Test
+import org.mockito.ArgumentMatchers
+import org.mockito.Mockito
+import java.nio.charset.StandardCharsets
+import java.util.*
+
+/**
+ * Unit tests for the LUCON policy engine.
+ *
+ * @author Julian Schuette (julian.schuette@aisec.fraunhofer.de)
+ */
+class LuconEngineTest {
+    /**
+     * Loading a valid Prolog theory should not fail.
+     *
+     * @throws InvalidTheoryException If invalid theory is encountered
+     */
+    @Test
+    @Throws(InvalidTheoryException::class)
+    fun testLoadingTheoryGood() {
+        val e = LuconEngine(null)
+        e.loadPolicy(HANOI_THEORY)
+        val prolog = e.theory
+        Assert.assertTrue(prolog.trim { it <= ' ' }.startsWith("move(1,X,Y"))
+    }
+
+    /** Loading an invalid Prolog theory is expected to throw an exception.  */
+    @Test
+    fun testLoadingTheoryNotGood() {
+        val e = LuconEngine(System.out)
+        try {
+            e.loadPolicy("This is invalid")
+        } catch (ex: InvalidTheoryException) {
+            return  // Expected
+        }
+        Assert.fail("Could load invalid theory without exception")
+    }
+
+    /**
+     * Solve a simple Prolog puzzle.
+     *
+     * @throws InvalidTheoryException If invalid theory is encountered
+     */
+    @Test
+    @Throws(InvalidTheoryException::class)
+    fun testSimplePrologQuery() {
+        val e = LuconEngine(System.out)
+        e.loadPolicy(HANOI_THEORY)
+        try {
+            val solutions = e.query("move(3,left,right,center). ", true)
+            Assert.assertEquals(1, solutions.size.toLong())
+            for (solution in solutions) {
+                println(solution.solution.toString())
+                println(solution.hasOpenAlternatives())
+                println(solution.isSuccess)
+            }
+        } catch (e1: MalformedGoalException) {
+            e1.printStackTrace()
+            Assert.fail(e1.message)
+        } catch (e1: NoSolutionException) {
+            e1.printStackTrace()
+            Assert.fail(e1.message)
+        }
+    }
+
+    /**
+     * Run some simple queries against an actual policy.
+     *
+     * @throws InvalidTheoryException If invalid theory is encountered
+     */
+    @Test
+    @Throws(InvalidTheoryException::class)
+    fun testSolve2() {
+        val e = LuconEngine(System.out)
+        e.loadPolicy(EXAMPLE_POLICY)
+        try {
+            val solutions = e.query("has_endpoint(X,Y),regex_match(Y, \"hdfs://myendpoint\").", true)
+            Assert.assertNotNull(solutions)
+            Assert.assertEquals(3, solutions.size.toLong())
+            for (solution in solutions) {
+                println(solution.solution.toString())
+                println(solution.hasOpenAlternatives())
+                println(solution.isSuccess)
+            }
+        } catch (e1: MalformedGoalException) {
+            e1.printStackTrace()
+            Assert.fail(e1.message)
+        } catch (e1: NoSolutionException) {
+            e1.printStackTrace()
+            Assert.fail(e1.message)
+        }
+    }
+
+    /**
+     * Test if the correct policy decisions are taken for a (very) simple route and an example policy.
+     */
+    @Test
+    fun testPolicyDecision() {
+        val pdp = PolicyDecisionPoint()
+        pdp.loadPolicies()
+        pdp.loadPolicy(EXAMPLE_POLICY)
+
+        // Simple source and dest nodes
+        val source = ServiceNode("seda:test_source", null, null)
+        val dest = ServiceNode("hdfs://some_url", null, null)
+        val dec = pdp.requestDecision(DecisionRequest(source, dest, setOf("private"), null))
+        Assert.assertEquals(PolicyDecision.Decision.ALLOW, dec.decision)
+
+        //    // Check obligation
+        //    assertEquals(3, dec.getObligations().size());
+        //    Obligation obl = dec.getObligations().get(0);
+        //    assertEquals("delete_after_days(30)", obl.getAction());
+    }
+
+    /**
+     * Test if the correct policy decisions are taken for a (very) simple route and an example policy.
+     */
+    @Test
+    fun testPolicyDecisionWithExtendedLabels() {
+        val pdp = PolicyDecisionPoint()
+        pdp.loadPolicies()
+        pdp.loadPolicy(EXTENDED_LABELS_POLICY)
+
+        // Simple source and dest nodes
+        val source = ServiceNode("seda:test_source", null, null)
+        val dest = ServiceNode("ahc://some_url", null, null)
+        val dec = pdp.requestDecision(DecisionRequest(source, dest, setOf("purpose(green)"), null))
+        Assert.assertEquals(PolicyDecision.Decision.ALLOW, dec.decision)
+
+        // Check obligation
+        Assert.assertEquals(0, dec.obligations.size.toLong())
+    }
+
+    /** List all rules of the currently loaded policy.  */
+    @Test
+    fun testListRules() {
+        val pdp = PolicyDecisionPoint()
+        pdp.loadPolicies()
+
+        // Without any policy, we expect an empty list of rules
+        val emptyList = pdp.listRules()
+        Assert.assertNotNull(emptyList)
+        Assert.assertTrue(emptyList.isEmpty())
+
+        // Load a policy
+        pdp.loadPolicy(EXAMPLE_POLICY)
+
+        // We now expect 3 rules
+        val rules = pdp.listRules()
+        Assert.assertNotNull(rules)
+        Assert.assertEquals(4, rules.size.toLong())
+        Assert.assertTrue(rules.contains("deleteAfterOneMonth"))
+        Assert.assertTrue(rules.contains("anotherRule"))
+    }
+
+    @Test
+    fun testTransformationsMatch() {
+        val pdp = PolicyDecisionPoint()
+        pdp.loadPolicies()
+        pdp.loadPolicy(EXAMPLE_POLICY)
+        val node = ServiceNode("paho:tcp://broker.hivemq.com:1883/blablubb", null, null)
+        val trans = pdp.requestTranformations(node)
+        Assert.assertNotNull(trans)
+        Assert.assertNotNull(trans.labelsToAdd)
+        Assert.assertNotNull(trans.labelsToRemove)
+        Assert.assertEquals(2, trans.labelsToAdd.size.toLong())
+        Assert.assertEquals(1, trans.labelsToRemove.size.toLong())
+        Assert.assertTrue(trans.labelsToAdd.contains("labelone"))
+        Assert.assertTrue(trans.labelsToRemove.contains("labeltwo"))
+    }
+
+    @Test
+    fun testTransformationsNomatch() {
+        val pdp = PolicyDecisionPoint()
+        pdp.loadPolicies()
+        pdp.loadPolicy(EXAMPLE_POLICY)
+        val node = ServiceNode("someendpointwhichisnotmatchedbypolicy", null, null)
+        val trans = pdp.requestTranformations(node)
+        Assert.assertNotNull(trans)
+        Assert.assertNotNull(trans.labelsToAdd)
+        Assert.assertNotNull(trans.labelsToRemove)
+        Assert.assertEquals(0, trans.labelsToAdd.size.toLong())
+        Assert.assertEquals(0, trans.labelsToRemove.size.toLong())
+    }
+
+    /**
+     * Tests the generation of a proof that a route matches a policy.
+     *
+     * @throws Exception If something fails
+     */
+    @Test
+    @Throws(Exception::class)
+    fun testVerifyRoute() {
+        // Create RouteManager returning VERIFIABLE_ROUTE
+        val rm = Mockito.mock(RouteManager::class.java)
+        println("------ ROUTE ----------")
+        println(VERIFIABLE_ROUTE)
+        Mockito.`when`(rm.getRouteAsProlog(ArgumentMatchers.anyString())).thenReturn(VERIFIABLE_ROUTE)
+
+        // Create policy decision point and attach to route manager
+        val pdp = PolicyDecisionPoint()
+        pdp.loadPolicies()
+
+        // Manually inject routemanager into PDP
+        val f1 = pdp.javaClass.getDeclaredField("routeManager")
+        f1.isAccessible = true
+        f1[pdp] = rm
+
+        // Load policy
+        pdp.loadPolicy(EXAMPLE_POLICY)
+
+        // Verify VERIFIABLE_ROUTE against EXAMPLE_POLICY
+        val proof = pdp.verifyRoute("mockId")
+        println("------ Proof follows ----------")
+        println(proof?.toString())
+        Assert.assertNotNull(proof)
+        Assert.assertFalse(proof!!.isValid)
+        //		assertTrue(proof.toString().contains("Service testQueueService may receive messages labeled
+        // [private], " + "which is forbidden by rule \"anotherRule\"."));
+        println("##### PROBLEM #####")
+        println(proof.toString())
+        Assert.assertTrue(
+                proof
+                        .toString()
+                        .contains(
+                                "Service testQueueService may receive messages, which is forbidden by rule \"anotherRule\"."))
+        Assert.assertNotNull(proof.counterExamples)
+    }
+
+    @Test
+    @Ignore("Not a regular unit test; for evaluating runtime performance.")
+    fun testPerformanceEvaluationScaleRules() {
+        var i = 10
+        while (i <= 5000) {
+
+            // Load n test rules into PDP
+            val theory = generateRules(i)
+            val pdp = PolicyDecisionPoint()
+            pdp.loadPolicies()
+            var start = System.nanoTime()
+            pdp.loadPolicy(theory)
+            var stop = System.nanoTime()
+            val loadTime = stop - start
+
+            // Simple source and dest nodes
+            val source = ServiceNode("seda:test_source", null, null)
+            val dest = ServiceNode("hdfs://some_url", null, null)
+            start = System.nanoTime()
+            val dec = pdp.requestDecision(DecisionRequest(source, dest, emptySet(), null))
+            stop = System.nanoTime()
+            val queryTime = stop - start
+            println(i.toString() + "\t\t" + loadTime + "\t\t" + queryTime)
+            Assert.assertEquals(PolicyDecision.Decision.ALLOW, dec.decision)
+            i += 10
+        }
+    }
+
+    @Test
+    @Ignore("Not a regular unit test; for evaluating runtime performance.")
+    fun testPerformanceEvaluationScaleLabels() {
+        var i = 0
+        while (i <= 5000) {
+
+            // Load n test rules into PDP
+            val theory = generateLabels(i)
+            val pdp = PolicyDecisionPoint()
+            pdp.loadPolicies()
+            var start = System.nanoTime()
+            pdp.loadPolicy(theory)
+            var stop = System.nanoTime()
+            val loadTime = stop - start
+
+            // Simple source and dest nodes
+            val source = ServiceNode("seda:test_source", null, null)
+            val dest = ServiceNode("hdfs://some_url", null, null)
+            start = System.nanoTime()
+            val dec = pdp.requestDecision(DecisionRequest(source, dest, emptySet(), null))
+            stop = System.nanoTime()
+            val queryTime = stop - start
+            println(i.toString() + "\t\t" + loadTime + "\t\t" + queryTime)
+            Assert.assertEquals(PolicyDecision.Decision.ALLOW, dec.decision)
+            i += 10
+        }
+    }
+
+    @Test
+    @Ignore("Not a regular unit test; for evaluating runtime performance.")
+    fun testmemoryEvaluationScaleRules() {
+        var i = 10
+        while (i <= 5000) {
+
+            // Load n test rules into PDP
+            val theory = generateRules(i)
+            val pdp = PolicyDecisionPoint()
+            pdp.loadPolicies()
+            pdp.loadPolicy(theory)
+
+            // Simple source and dest nodes
+            val source = ServiceNode("seda:test_source", null, null)
+            val dest = ServiceNode("hdfs://some_url", null, null)
+            System.gc()
+            System.gc()
+            System.gc() // Empty level 1- & 2-LRUs.
+            val memoryBefore = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
+            val dec = pdp.requestDecision(DecisionRequest(source, dest, emptySet(), null))
+            val memoryAfter = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
+            System.gc()
+            System.gc()
+            System.gc() // Empty level 1- & 2-LRUs.
+            val memoryAfterGC = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
+            println(
+                    i.toString() + "\t\t" + (memoryAfter - memoryBefore) + "\t\t" + (memoryAfterGC - memoryBefore))
+            Assert.assertEquals(PolicyDecision.Decision.ALLOW, dec.decision)
+            i += 10
+        }
+    }
+
+    @Test
+    @Ignore("Not a regular unit test; for evaluating runtime performance.")
+    fun testmemoryEvaluationScaleLabels() {
+        var i = 10
+        while (i <= 5000) {
+
+            // Load n test rules into PDP
+            val theory = generateLabels(i)
+            val pdp = PolicyDecisionPoint()
+            pdp.loadPolicies()
+            pdp.loadPolicy(theory)
+
+            // Simple source and dest nodes
+            val source = ServiceNode("seda:test_source", null, null)
+            val dest = ServiceNode("hdfs://some_url", null, null)
+            System.gc()
+            System.gc()
+            System.gc() // Empty level 1- & 2-LRUs.
+            val memoryBefore = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
+            val dec = pdp.requestDecision(DecisionRequest(source, dest, emptySet(), null))
+            val memoryAfter = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
+            System.gc()
+            System.gc()
+            System.gc() // Empty level 1- & 2-LRUs.
+            val memoryAfterGC = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
+            println(
+                    i.toString() + "\t\t" + (memoryAfter - memoryBefore) + "\t\t" + (memoryAfterGC - memoryBefore))
+            Assert.assertEquals(PolicyDecision.Decision.ALLOW, dec.decision)
+            i += 10
+        }
+    }
+
+    @Test
+    fun testRulePriorities() {
+        val pdp = PolicyDecisionPoint()
+        // Load test policy w/ two rules
+        val policy = this.javaClass.classLoader.getResourceAsStream("policy-example.pl")
+        Assert.assertNotNull(policy)
+        pdp.loadPolicy(Scanner(policy!!, StandardCharsets.UTF_8.name()).useDelimiter("\\A").next())
+        Assert.assertEquals(2, pdp.listRules().size.toLong())
+
+        // Test order of specification in rule file
+        val ruleThree = pdp.listRules()[0]
+        Assert.assertEquals("testRulePrioThree", ruleThree)
+        val ruleTwo = pdp.listRules()[1]
+        Assert.assertEquals("testRulePrioTwo", ruleTwo)
+
+        // FALL-THROUGH: Test fall-through decision (no msg label matches)
+        var from = ServiceNode("IAmMatchedByRuleThreeOnly", null, null)
+        var to = ServiceNode("hdfs://IAmMatchedByBothRules", null, null)
+        var envCtx: Map<String?, Any?> = HashMap()
+        var req = DecisionRequest(from, to, emptySet(), envCtx)
+        var dec = pdp.requestDecision(req)
+        Assert.assertNotNull(dec)
+        var d = dec.decision
+        Assert.assertEquals(PolicyDecision.Decision.DENY, d)
+        Assert.assertEquals("No matching rule", dec.reason)
+
+        // FALL-THROUGH: presence of a label "public" (w/o any specific value) does not yet trigger
+        // testRulePrioTwo, because label "filtered" is required in addition.
+        from = ServiceNode("IAmMatchedByRuleThreeOnly", null, null)
+        to = ServiceNode("hdfs://IAmMatchedByBothRules", null, null)
+        envCtx = HashMap()
+        req = DecisionRequest(from, to, setOf("public"), envCtx)
+        dec = pdp.requestDecision(req)
+        Assert.assertNotNull(dec)
+        d = dec.decision
+        Assert.assertEquals(PolicyDecision.Decision.DENY, d)
+        Assert.assertEquals("No matching rule", dec.reason)
+
+        // testRulePrioTwo: now we have labels "public" AND "filtered" set, which makes testRulePrioTwo
+        // match
+        from = ServiceNode("IAmMatchedByRuleThreeOnly", null, null)
+        to = ServiceNode("hdfs://IAmMatchedByBothRules", null, null)
+        envCtx = HashMap()
+        req = DecisionRequest(from, to, setOf("public", "filtered"), envCtx)
+        dec = pdp.requestDecision(req)
+        Assert.assertNotNull(dec)
+        d = dec.decision
+        Assert.assertEquals(PolicyDecision.Decision.ALLOW, d)
+        Assert.assertEquals("testRulePrioTwo", dec.reason)
+
+        // testRulePrioTwo: "public" AND "filtered" makes testRulePrioTwo match. Additional labels do
+        // not harm
+        from = ServiceNode("IAmMatchedByRuleThreeOnly", null, null)
+        to = ServiceNode("hdfs://IAmMatchedByBothRules", null, null)
+        envCtx = HashMap()
+        req = DecisionRequest(from, to, setOf("public", "unusedlabel"), envCtx)
+        dec = pdp.requestDecision(req)
+        Assert.assertNotNull(dec)
+        d = dec.decision
+        Assert.assertEquals(PolicyDecision.Decision.DENY, d)
+        Assert.assertEquals("No matching rule", dec.reason)
+
+        // testRulePrioTwo: labels "public", "filtered", "private" will trigger testRulePrioOne and
+        // testRulePrioTwo. Rule with higher prio wins.
+        from = ServiceNode("IAmMatchedByRuleThreeOnly", null, null)
+        to = ServiceNode("hdfs://IAmMatchedByBothRules", null, null)
+        envCtx = HashMap()
+        req = DecisionRequest(from, to, setOf("public", "unusedlabel", "private"), envCtx)
+        dec = pdp.requestDecision(req)
+        Assert.assertNotNull(dec)
+        d = dec.decision
+        Assert.assertEquals(PolicyDecision.Decision.DENY, d)
+        Assert.assertEquals("testRulePrioThree", dec.reason)
+    }
+
+    /**
+     * Generates n random rules matching a target endpoint (given as regex).
+     *
+     *
+     * All rules will take an "allow" decision.
+     *
+     * @param n The number of rules to generate
+     * @return The rules as String
+     */
+    private fun generateRules(n: Int): String {
+        val sb = StringBuilder()
+        for (i in 0 until n) {
+            val ruleName = "testRule$i"
+            val targetName = "testTarget$i"
+            val labelName = "label$i"
+            sb.append("rule(").append(ruleName).append(").\n")
+            sb.append("has_decision(").append(ruleName).append(", allow).\n")
+            sb.append("has_alternativedecision(").append(ruleName).append(", allow).\n")
+            sb.append("receives_label(").append(ruleName).append(").\n")
+            sb.append("has_target(").append(ruleName).append(", ").append(targetName).append(").\n")
+            sb.append("has_obligation(")
+                    .append(ruleName)
+                    .append(", testObligation")
+                    .append(i)
+                    .append(").\n")
+            sb.append("service(").append(targetName).append(").\n")
+            sb.append("has_endpoint(").append(targetName).append(", \".*\").\n")
+            sb.append("creates_label(").append(targetName).append(", ").append(labelName).append(").\n")
+            sb.append("removes_label(").append(targetName).append(", ").append(labelName).append(").\n")
+        }
+        return sb.toString()
+    }
+
+    private fun generateLabels(n: Int): String {
+        val sb = StringBuilder()
+        sb.append(generateRules(50))
+        for (i in 0 until n) {
+            sb.append("creates_label(testTarget1, labelX").append(i).append(").\n")
+            sb.append("removes_label(testTarget1, labelX").append(i).append(").\n")
+        }
+        return sb.toString()
+    }
+
+    companion object {
+        // Solving Towers of Hanoi in only two lines. Prolog FTW!
+        private const val HANOI_THEORY = ("move(1,X,Y,_) :- "
+                + "write('Move top disk from '), write(X), write(' to '), write(Y), nl. \n"
+                + "move(N,X,Y,Z) :- N>1, M is N-1, move(M,X,Z,Y), move(1,X,Y,_), move(M,Z,Y,X). ")
+
+        // A random but syntactically correct policy.
+        private const val EXAMPLE_POLICY = ("\n"
+                + "%%%%%%%% Rules %%%%%%%%%%%%\n"
+                + "rule(denyAll).\n"
+                + "rule_priority(denyAll, 0).\n"
+                + "has_decision(denyAll, drop).\n"
+                + "receives_label(denyAll).\n"
+                + "has_target(denyAll, serviceAll).\n"
+                + "\n"
+                + "rule(allowRule).\n"
+                + "rule_priority(allowRule, 1).\n"
+                + "has_decision(allowRule, allow).\n"
+                + "receives_label(allowRule).\n"
+                + "has_target(allowRule, hiveMqttBrokerService).\n"
+                + "has_target(allowRule, anonymizerService).\n"
+                + "has_target(allowRule, loggerService).\n"
+                + "has_target(allowRule, hadoopClustersService).\n"
+                + "has_target(allowRule, testQueueService).\n"
+                + "\n"
+                + "rule(deleteAfterOneMonth).\n"
+                + "rule_priority(deleteAfterOneMonth, 1).\n"
+                + "has_decision(deleteAfterOneMonth, allow).\n"
+                + "receives_label(deleteAfterOneMonth) :- label(private).\n"
+                + "has_target(deleteAfterOneMonth, service78096644).\n"
+                + "has_obligation(deleteAfterOneMonth, obl1709554620).\n"
+                + "% generated service\n"
+                + "service(service78096644).\n"
+                + "has_endpoint(service78096644, \"hdfs.*\").\n"
+                + "% generated obligation\n"
+                + "requires_prerequisite(obl1709554620, delete_after_days(30)).\n"
+                + "has_alternativedecision(obl1709554620, drop).\n"
+                + "\n"
+                + "rule(anotherRule).\n"
+                + "rule_priority(anotherRule, 1).\n"
+                + "has_target(anotherRule, testQueueService).\n"
+                + "receives_label(anotherRule) :- label(private).\n"
+                + "has_decision(anotherRule, drop).\n"
+                + "\n"
+                + "%%%%%%%%%%%% Services %%%%%%%%%%%%\n"
+                + "service(serviceAll).\n"
+                + "has_endpoint(serviceAll,'.*').\n"
+                + "\n"
+                + "service(hiveMqttBrokerService).\n"
+                + "creates_label(hiveMqttBrokerService, labelone).\n"
+                + "creates_label(hiveMqttBrokerService, private).\n"
+                + "removes_label(hiveMqttBrokerService, labeltwo).\n"
+                + "has_endpoint(hiveMqttBrokerService, \"^paho:.*?tcp://broker.hivemq.com:1883.*\").\n"
+                + "has_property(hiveMqttBrokerService, type, public).\n"
+                + "\n"
+                + "service(anonymizerService).\n"
+                + "has_endpoint(anonymizerService, \".*anonymizer.*\").\n"
+                + "has_property(anonymizerService, myProp, anonymize('surname', 'name')).\n"
+                + "\n"
+                + "service(loggerService).\n"
+                + "has_endpoint(loggerService, \"^log.*\").\n"
+                + "\n"
+                + "service(hadoopClustersService).\n"
+                + "has_endpoint(hadoopClustersService, \"^hdfs://.*\").\n"
+                + "has_capability(hadoopClustersService, deletion).\n"
+                + "has_property(hadoopClustersService, anonymizes, anonymize('surname', 'name')).\n"
+                + "\n"
+                + "service(testQueueService).\n"
+                + "has_endpoint(testQueueService, \"^amqp:.*?:test\").")
+
+        // Policy with extended labels, i.e. "purpose(green)"
+        private const val EXTENDED_LABELS_POLICY = (""
+                + "%%%%%%%% Rules %%%%%%%%%%%%\n"
+                + "rule(denyAll).\n"
+                + "rule_priority(denyAll, 0).\n"
+                + "has_decision(denyAll, drop).\n"
+                + "receives_label(denyAll).\n"
+                + "has_target(denyAll, serviceAll).\n"
+                + "\n"
+                + "rule(demo).\n"
+                + "rule_priority(demo, 1).\n"
+                + "has_target(demo, service473016340).\n"
+                + "service(service473016340).\n"
+                + "has_endpoint(service473016340,\"(ahc|ahc-ws|cxf|cxfbean|cxfrs)://.*\").\n"
+                + "receives_label(demo) :- label(purpose(green)).\n" // Note that Prolog does not support
+                // nested predicates.
+                + "has_decision(demo, allow).\n"
+                + "\n"
+                + "%%%%% Services %%%%%%%%%%%%\n"
+                + "service(serviceAll).\n"
+                + "has_endpoint(serviceAll,'.*').\n"
+                + "creates_label(serviceAll, purpose(green)).\n"
+                + "\n"
+                + "service(sanitizedata).\n"
+                + "has_endpoint(sanitizedata, \"^bean://SanitizerBean.*\").\n"
+                + "creates_label(sanitizedata, public).\n"
+                + "removes_label(sanitizedata, private).\n")
+
+        // Route from LUCON paper with path searching logic
+        private const val VERIFIABLE_ROUTE = ("%\n"
+                + "% (C) Julian Schütte, Fraunhofer AISEC, 2017\n"
+                + "%\n"
+                + "% Demonstration of model checking a message route against a usage control policy\n"
+                + "%\n"
+                + "% Message Route definition\n"
+                + "%\n"
+                + "%       hiveMqttBroker       \n"
+                + "%       /     \\     \n"
+                + "%  logger    anonymizer  \n"
+                + "%       \\     /     \n"
+                + "%       hadoopClusters       \n"
+                + "%         |          \n"
+                + "%       testQueue       \n"
+                + "entrynode(hiveMqttBroker).\n"
+                + "stmt(hiveMqttBroker).\n"
+                + "has_action(hiveMqttBroker, \"paho:something:tcp://broker.hivemq.com:1883/anywhere\").\n"
+                + "stmt(logger).\n"
+                + "has_action(logger, \"log\").\n"
+                + "stmt(anonymizer).\n"
+                + "has_action(anonymizer, \"hello_anonymizer_world\").\n"
+                + "stmt(hadoopClusters).\n"
+                + "has_action(hadoopClusters, \"hdfs://myCluser\").\n"
+                + "stmt(testQueue).\n"
+                + "has_action(testQueue, \"amqp:testQueue:test\").\n"
+                + "\n"
+                + "succ(hiveMqttBroker, logger).\n"
+                + "succ(hiveMqttBroker, anonymizer).\n"
+                + "succ(logger, hadoopClusters).\n"
+                + "succ(anonymizer, hadoopClusters).\n"
+                + "succ(hadoopClusters, testQueue).\n"
+                + "\n")
+    }
+}
\ No newline at end of file
diff --git a/ids-infomodel-manager/build.gradle.kts b/ids-infomodel-manager/build.gradle.kts
index 90e73dab7..25a498c9b 100644
--- a/ids-infomodel-manager/build.gradle.kts
+++ b/ids-infomodel-manager/build.gradle.kts
@@ -28,7 +28,7 @@ dependencies {
     infomodelBundle(project(":ids-api")) { isTransitive = false }
 
     implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
-    implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodelSerializer"])
+    implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodel"])
 
     infomodelBundle("commons-cli", "commons-cli", libraryVersions["commonsCli"])
 
diff --git a/ids-route-manager/build.gradle b/ids-route-manager/build.gradle
deleted file mode 100644
index a28cbb7b9..000000000
--- a/ids-route-manager/build.gradle
+++ /dev/null
@@ -1,18 +0,0 @@
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-
-    // Bill of Materials (BOM) for Camel
-    bom group: 'org.apache.camel', name: 'camel-parent', version: libraryVersions.camel
-
-    providedByFeature group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
-    providedByFeature group: 'org.apache.camel', name: 'camel-management', version: libraryVersions.camel
-
-    compileOnly group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
-
-    osgiCore group: 'org.apache.felix', name: 'org.apache.felix.framework', version: libraryVersions.felixFramework
-    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-
-    testImplementation group: 'junit', name: 'junit'
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-    testImplementation group: 'org.apache.camel', name: 'camel-test', version: libraryVersions.camel
-}
diff --git a/ids-route-manager/build.gradle.kts b/ids-route-manager/build.gradle.kts
new file mode 100644
index 000000000..c7a458996
--- /dev/null
+++ b/ids-route-manager/build.gradle.kts
@@ -0,0 +1,23 @@
+dependencies {
+    @Suppress("UNCHECKED_CAST") val libraryVersions =
+            rootProject.ext.get("libraryVersions") as Map<String, String>
+
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+
+    implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
+    implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodel"])
+
+    providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
+    providedByFeature("org.apache.camel", "camel-management", libraryVersions["camel"])
+
+    osgiCore("org.apache.felix", "org.apache.felix.framework", libraryVersions["felixFramework"])
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
+
+    providedByBundle("com.google.guava", "guava", libraryVersions["guava"]) {
+        isTransitive = false  // Avoid pulling in of checker framework and other annotation stuff
+    }
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+    testImplementation("org.apache.camel", "camel-test", libraryVersions["camel"])
+}
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/CamelInterceptor.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/CamelInterceptor.java
deleted file mode 100644
index 7b3aec85d..000000000
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/CamelInterceptor.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-route-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.rm;
-
-import de.fhg.aisec.ids.api.router.RouteManager;
-import org.apache.camel.CamelContext;
-import org.apache.camel.NamedNode;
-import org.apache.camel.Processor;
-import org.apache.camel.spi.InterceptStrategy;
-import org.osgi.service.component.annotations.Component;
-import org.osgi.service.component.annotations.Reference;
-import org.osgi.service.component.annotations.ReferenceCardinality;
-
-@Component(immediate = true, name = "ids-camel-interceptor")
-public class CamelInterceptor implements InterceptStrategy {
-  @SuppressWarnings("unused")
-  @Reference(cardinality = ReferenceCardinality.MANDATORY)
-  private RouteManager rm;
-
-  @Override
-  public Processor wrapProcessorInInterceptors(
-      final CamelContext context,
-      final NamedNode node,
-      final Processor target,
-      final Processor nextTarget) {
-    return new PolicyEnforcementPoint(node, target, this.rm);
-  }
-}
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.java
deleted file mode 100644
index fea4f1a7e..000000000
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.java
+++ /dev/null
@@ -1,168 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-route-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.rm;
-
-import de.fhg.aisec.ids.api.policy.*;
-import de.fhg.aisec.ids.api.router.RouteManager;
-import org.apache.camel.*;
-import org.apache.camel.model.RouteDefinition;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.HashSet;
-import java.util.Set;
-import java.util.concurrent.CompletableFuture;
-
-public class PolicyEnforcementPoint implements AsyncProcessor {
-  private static final Logger LOG = LoggerFactory.getLogger(PolicyEnforcementPoint.class);
-  private final NamedNode node;
-  private final Processor target;
-  private final RouteManager rm;
-
-  PolicyEnforcementPoint(
-          @NonNull NamedNode node,
-          @NonNull Processor target,
-          @NonNull RouteManager rm) {
-    this.node = node;
-    this.target = target;
-    this.rm = rm;
-  }
-
-  /**
-   * The method performs flow control and calls Exchange.setException() when necessary
-   *
-   * @param exchange The exchange object to check
-   * @return Whether target.process() is to be called for this exchange object
-   */
-  private boolean processFlowControl(Exchange exchange) {
-    if (exchange == null) {
-      if (LOG.isWarnEnabled()) {
-        LOG.warn("Cannot check data flow policy. Exchange object is null.");
-      }
-      return false;
-    }
-
-    // Strict policy: If no PDP is available, block every checked data flow
-    PDP pdp = rm.getPdp();
-    if (pdp == null) {
-      LOG.error("PDP is not available, aborting...");
-      return false;
-    }
-
-    String source = (String) exchange.getProperty("lastDestination");
-    if (source == null) {
-      var routeNode = node.getParent();
-      while (!(routeNode instanceof RouteDefinition)) {
-        routeNode = node.getParent();
-      }
-      source = ((RouteDefinition) routeNode).getInput().toString();
-    }
-    String destination = node.toString();
-    exchange.setProperty("lastDestination", destination);
-
-    if (LOG.isTraceEnabled()) {
-      LOG.trace("{} -> {}", source, destination);
-    }
-
-    /*
-     * TODO:
-     * Nodes currently have no properties or capabilities. They should be retrieved from
-     * a) either the prolog knowledge base (a respective query must be created)
-     * b) or from service meta data provided by the ConnectionManagerService(?)
-     */
-    ServiceNode sourceNode = new ServiceNode(source, null, null);
-    ServiceNode destNode = new ServiceNode(destination, null, null);
-
-    // Call PDP to transform labels and decide whether to forward the Exchange
-    applyLabelTransformation(pdp.requestTranformations(sourceNode), exchange);
-    PolicyDecision decision =
-        pdp.requestDecision(
-            new DecisionRequest(sourceNode, destNode, exchange.getProperties(), null));
-
-    switch (decision.getDecision()) {
-      case ALLOW:
-        // forward the Exchange
-        return true;
-      case DENY:
-      default:
-        if (LOG.isWarnEnabled()) {
-          LOG.warn(
-              "Exchange blocked by data flow policy. Source: {}, Target: {}", sourceNode, destNode);
-        }
-        exchange.setException(new Exception("Exchange blocked by data flow policy"));
-        return false;
-    }
-
-    // TODO: Obligation Implementation
-  }
-
-  /**
-   * Removes and adds labels to an exchange object.
-   *
-   * @param requestTransformations The request transformations (label changes) to be performed
-   * @param exchange Exchange processed
-   */
-  @SuppressWarnings("unchecked")
-  private void applyLabelTransformation(
-      TransformationDecision requestTransformations, Exchange exchange) {
-    Set<String> labels =
-        (Set<String>)
-            exchange.getProperties().computeIfAbsent(PDP.LABELS_KEY, k -> new HashSet<String>());
-
-    // Remove labels from exchange
-    labels.removeAll(requestTransformations.getLabelsToRemove());
-
-    // Add labels to exchange
-    labels.addAll(requestTransformations.getLabelsToAdd());
-  }
-
-  @Override
-  public void process(Exchange exchange) throws Exception {
-    if (processFlowControl(exchange)) {
-      target.process(exchange);
-    }
-  }
-
-  @Override
-  public boolean process(Exchange exchange, AsyncCallback callback) {
-    if (processFlowControl(exchange)) {
-      try {
-        target.process(exchange);
-        callback.done(true);
-        return true;
-      } catch (Exception e) {
-        LOG.error(e.getMessage(), e);
-      }
-    }
-    callback.done(false);
-    return false;
-  }
-
-  @Override
-  public CompletableFuture<Exchange> processAsync(Exchange exchange) {
-    try {
-      target.process(exchange);
-      return CompletableFuture.completedFuture(exchange);
-    } catch (Exception x) {
-      return CompletableFuture.failedFuture(x);
-    }
-  }
-}
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/RouteManagerService.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/RouteManagerService.java
deleted file mode 100644
index 06fa94e1e..000000000
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/RouteManagerService.java
+++ /dev/null
@@ -1,536 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-route-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.rm;
-
-import de.fhg.aisec.ids.api.policy.PDP;
-import de.fhg.aisec.ids.api.router.*;
-import de.fhg.aisec.ids.rm.util.CamelRouteToDot;
-import de.fhg.aisec.ids.rm.util.PrologPrinter;
-import org.apache.camel.*;
-import org.apache.camel.impl.DefaultCamelContext;
-import org.apache.camel.management.DefaultManagementAgent;
-import org.apache.camel.model.*;
-import org.apache.camel.spi.ManagementAgent;
-import org.apache.camel.support.dump.RouteStatDump;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.nullness.qual.Nullable;
-import org.osgi.framework.BundleContext;
-import org.osgi.framework.FrameworkUtil;
-import org.osgi.framework.InvalidSyntaxException;
-import org.osgi.framework.ServiceReference;
-import org.osgi.service.component.ComponentContext;
-import org.osgi.service.component.annotations.Component;
-import org.osgi.service.component.annotations.*;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.management.*;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Unmarshaller;
-import java.io.*;
-import java.nio.charset.StandardCharsets;
-import java.util.*;
-import java.util.Map.Entry;
-import java.util.stream.Collectors;
-
-/**
- * Manages Camel routes.
- *
- * @author Julian Schuette (julian.schuette@aisec.fraunhofer.de)
- */
-@Component(immediate = true, name = "ids-routemanager")
-public class RouteManagerService implements RouteManager {
-  private static final Logger LOG = LoggerFactory.getLogger(RouteManagerService.class);
-
-  @SuppressWarnings("unused")
-  @Reference(cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC)
-  private volatile PDP pdp;
-
-  private ComponentContext ctx;
-
-  @Activate
-  protected void activate(ComponentContext ctx) {
-    this.ctx = ctx;
-  }
-
-  @Override
-  @Nullable
-  public PDP getPdp() {
-    return pdp;
-  }
-
-  @Override
-  @NonNull
-  public List<RouteObject> getRoutes() {
-    List<RouteObject> result = new ArrayList<>();
-    List<CamelContext> camelContexts = getCamelContexts();
-
-    // Create response
-    for (CamelContext cCtx : camelContexts) {
-      var mcc = cCtx.adapt(ModelCamelContext.class);
-      for (RouteDefinition rd : mcc.getRouteDefinitions()) {
-        result.add(routeDefinitionToObject(cCtx, rd));
-      }
-    }
-    return result;
-  }
-
-  @Override
-  public RouteObject getRoute(@NonNull String id) {
-    List<CamelContext> camelContexts = getCamelContexts();
-
-    // Create response
-    for (CamelContext cCtx : camelContexts) {
-      var mcc = cCtx.adapt(ModelCamelContext.class);
-      RouteDefinition rd = mcc.getRouteDefinition(id);
-      if (rd != null) {
-        return routeDefinitionToObject(cCtx, rd);
-      }
-    }
-
-    return null;
-  }
-
-  @Override
-  public void startRoute(@Nullable String routeId) throws RouteException {
-    List<CamelContext> camelC = getCamelContexts();
-
-    for (CamelContext cCtx : camelC) {
-      Route rt = cCtx.getRoute(routeId);
-      if (rt != null) {
-        try {
-          cCtx.getRouteController().startRoute(routeId);
-        } catch (Exception e) {
-          throw new RouteException(e);
-        }
-      }
-    }
-  }
-
-  @Override
-  public void stopRoute(@Nullable String routeId) throws RouteException {
-    List<CamelContext> camelC = getCamelContexts();
-
-    for (CamelContext cCtx : camelC) {
-      Route rt = cCtx.getRoute(routeId);
-      if (rt != null) {
-        try {
-          cCtx.getRouteController().stopRoute(routeId);
-        } catch (Exception e) {
-          throw new RouteException(e);
-        }
-      }
-    }
-  }
-
-  @Override
-  @NonNull
-  public List<RouteComponent> listComponents() {
-    List<RouteComponent> componentNames = new ArrayList<>();
-    BundleContext bCtx = FrameworkUtil.getBundle(RouteManagerService.class).getBundleContext();
-    if (bCtx == null) {
-      return componentNames;
-    }
-
-    try {
-      ServiceReference<?>[] services =
-          bCtx.getServiceReferences("org.apache.camel.spi.ComponentResolver", null);
-      for (ServiceReference<?> sr : services) {
-        String bundle = sr.getBundle().getHeaders().get("Bundle-Name");
-        if (bundle == null || "".equals(bundle)) {
-          bundle = sr.getBundle().getSymbolicName();
-        }
-        String description = sr.getBundle().getHeaders().get("Bundle-Description");
-        if (description == null) {
-          description = "";
-        }
-        componentNames.add(new RouteComponent(bundle, description));
-      }
-    } catch (InvalidSyntaxException e) {
-      LOG.error(e.getMessage(), e);
-    }
-    return componentNames;
-  }
-
-  @Override
-  @NonNull
-  public Map<String, Collection<String>> getEndpoints() {
-    List<CamelContext> camelO = getCamelContexts();
-    return camelO
-        .stream()
-        .collect(
-            Collectors.toMap(
-                CamelContext::getName,
-                c ->
-                    c.getEndpoints()
-                        .stream()
-                        .map(Endpoint::getEndpointUri)
-                        .collect(Collectors.toList())));
-  }
-
-  @Override
-  @NonNull
-  public Map<String, String> listEndpoints() {
-    Map<String, String> epURIs = new HashMap<>();
-
-    for (CamelContext cCtx : getCamelContexts()) {
-      for (Entry<? extends ValueHolder<String>, Endpoint> e : cCtx.getEndpointRegistry().entrySet()) {
-        epURIs.put(e.getKey().get(), e.getValue().getEndpointUri());
-      }
-    }
-
-    return epURIs;
-  }
-
-  @Override
-  @NonNull
-  public Map<String, RouteMetrics> getRouteMetrics() {
-    Map<String, RouteMetrics> rdump = new HashMap<>();
-    List<CamelContext> cCtxs = getCamelContexts();
-    for (CamelContext cCtx : cCtxs) {
-      var mcc = cCtx.adapt(ModelCamelContext.class);
-      List<RouteDefinition> rds = mcc.getRouteDefinitions();
-      for (RouteDefinition rd : rds) {
-        RouteStatDump stat;
-        try {
-          stat = this.getRouteStats(cCtx, rd);
-          if (stat != null) {
-            RouteMetrics m = new RouteMetrics();
-            m.setCompleted(stat.getExchangesCompleted());
-            m.setRedeliveries(stat.getRedeliveries());
-            m.setFailed(stat.getExchangesFailed());
-            m.setFailuresHandled(stat.getFailuresHandled());
-            m.setInflight(stat.getExchangesInflight());
-            m.setMaxProcessingTime(stat.getMaxProcessingTime());
-            m.setMinProcessingTime(stat.getMinProcessingTime());
-            m.setMeanProcessingTime(stat.getMeanProcessingTime());
-            rdump.put(rd.getId(), m);
-          }
-        } catch (MalformedObjectNameException
-            | AttributeNotFoundException
-            | InstanceNotFoundException
-            | MBeanException
-            | ReflectionException
-            | JAXBException e) {
-          LOG.error(e.getMessage(), e);
-        }
-      }
-    }
-    return rdump;
-  }
-
-  @Override
-  public void delRoute(@Nullable String routeId) {
-    List<CamelContext> cCtxs = getCamelContexts();
-    for (CamelContext cCtx : cCtxs) {
-      var mcc = cCtx.adapt(ModelCamelContext.class);
-      for (RouteDefinition rd : mcc.getRouteDefinitions()) {
-        if (rd.getId().equals(routeId)) {
-          try {
-            cCtx.removeRoute(rd.getId());
-          } catch (Exception e) {
-            LOG.error(e.getMessage(), e);
-          }
-          return;
-        }
-      }
-    }
-  }
-
-  @NonNull
-  private List<CamelContext> getCamelContexts() {
-    List<CamelContext> camelContexts = new ArrayList<>();
-    try {
-      ServiceReference<?>[] references =
-          this.ctx.getBundleContext().getServiceReferences(CamelContext.class.getName(), null);
-      if (references != null) {
-        Arrays.stream(references)
-            .map(this.ctx.getBundleContext()::getService)
-            .filter(Objects::nonNull)
-            .map(CamelContext.class::cast)
-            .forEach(camelContexts::add);
-      }
-    } catch (Exception e) {
-      LOG.warn("Cannot retrieve the list of Camel contexts.", e);
-    }
-
-    // sort the list
-    camelContexts.sort(Comparator.comparing(CamelContext::getName));
-    return camelContexts;
-  }
-
-  /**
-   * Wraps a RouteDefinition in a RouteObject for use over API.
-   *
-   * @param cCtx Camel Context
-   * @param rd The RouteDefinition to be transformed
-   * @return The resulting RouteObject
-   */
-  private RouteObject routeDefinitionToObject(
-      @NonNull CamelContext cCtx, @NonNull RouteDefinition rd) {
-    return new RouteObject(
-        rd.getId(),
-        rd.getDescriptionText(),
-        routeToDot(rd),
-        rd.getShortName(),
-        cCtx.getName(),
-        cCtx.getUptimeMillis(),
-        cCtx.getRouteController().getRouteStatus(rd.getId()).toString());
-  }
-
-  /**
-   * Creates a visualization of a Camel route in DOT (graphviz) format.
-   *
-   * @param rd The route definition to process
-   * @return The string representation of the Camel route in DOT
-   */
-  @NonNull
-  private String routeToDot(@NonNull RouteDefinition rd) {
-    String result = "";
-    try {
-      CamelRouteToDot viz = new CamelRouteToDot();
-      ByteArrayOutputStream bos = new ByteArrayOutputStream();
-      BufferedWriter writer =
-          new BufferedWriter(new OutputStreamWriter(bos, StandardCharsets.UTF_8));
-      viz.printSingleRoute(writer, rd);
-      writer.flush();
-      result = bos.toString(StandardCharsets.UTF_8);
-    } catch (IOException e) {
-      LOG.error(e.getMessage(), e);
-    }
-    return result;
-  }
-
-  @Override
-  @NonNull
-  public List<String> getRouteInputUris(@NonNull String routeId) {
-    for (CamelContext ctx : getCamelContexts()) {
-      var mcc = ctx.adapt(ModelCamelContext.class);
-      for (RouteDefinition rd : mcc.getRouteDefinitions()) {
-        if (routeId.equals(rd.getId())) {
-          return Collections.singletonList(rd.getInput().getUri());
-        }
-      }
-    }
-    return Collections.emptyList();
-  }
-
-  protected RouteStatDump getRouteStats(CamelContext cCtx, RouteDefinition rd)
-      throws MalformedObjectNameException, JAXBException, AttributeNotFoundException,
-          InstanceNotFoundException, MBeanException, ReflectionException {
-    JAXBContext context = JAXBContext.newInstance(RouteStatDump.class);
-    Unmarshaller unmarshaller = context.createUnmarshaller();
-    ManagementAgent agent = cCtx.getManagementStrategy().getManagementAgent();
-    if (agent != null) {
-      MBeanServer mBeanServer = agent.getMBeanServer();
-      Set<ObjectName> set =
-          mBeanServer.queryNames(
-              new ObjectName(
-                  DefaultManagementAgent.DEFAULT_DOMAIN
-                      + ":type=routes,name=\""
-                      + rd.getId()
-                      + "\",*"),
-              null);
-      for (ObjectName routeMBean : set) {
-        // the route must be part of the camel context
-        String camelId = (String) mBeanServer.getAttribute(routeMBean, "CamelId");
-        if (camelId != null && camelId.equals(cCtx.getName())) {
-          String xml =
-              (String)
-                  mBeanServer.invoke(
-                      routeMBean,
-                      "dumpRouteStatsAsXml",
-                      new Object[] {Boolean.FALSE, Boolean.TRUE},
-                      new String[] {"boolean", "boolean"});
-          return (RouteStatDump) unmarshaller.unmarshal(new StringReader(xml));
-        }
-      }
-    }
-    return null;
-  }
-
-  /**
-   * Retrieves the Prolog representation of a route
-   *
-   * @param routeId The id of the route that is to be exported
-   */
-  @Override
-  @NonNull
-  public String getRouteAsProlog(@NonNull String routeId) {
-    Optional<CamelContext> c =
-        getCamelContexts()
-            .parallelStream()
-            .filter(cCtx -> cCtx.adapt(ModelCamelContext.class).getRouteDefinition(routeId) != null)
-            .findAny();
-
-    if (c.isPresent()) {
-      try {
-        RouteDefinition rd = c.get().adapt(ModelCamelContext.class).getRouteDefinition(routeId);
-        StringWriter writer = new StringWriter();
-        new PrologPrinter().printSingleRoute(writer, rd);
-        writer.flush();
-        return writer.toString();
-      } catch (IOException e) {
-        LOG.error("Error printing route to prolog " + routeId, e);
-      }
-    }
-
-    return "";
-  }
-
-  /**
-   * Retrieves the textual representation of a route
-   *
-   * @param routeId The id of the route that is to be exported
-   */
-  @Override
-  @Nullable
-  public String getRouteAsString(@NonNull String routeId) {
-    for (CamelContext c : getCamelContexts()) {
-      RouteDefinition rd = c.adapt(ModelCamelContext.class).getRouteDefinition(routeId);
-      if (rd == null) {
-        continue;
-      }
-      try {
-        return ModelHelper.dumpModelAsXml(c, rd);
-      } catch (JAXBException e) {
-        LOG.error(e.getMessage(), e);
-      }
-    }
-    return null;
-  }
-
-  /**
-   * Save a route, replacing it with a new representation within the same context
-   *
-   * @param routeId ID of the route to save
-   * @param routeRepresentation The new textual representation of the route (XML etc.)
-   * @throws RouteException If the route does not exist or some Exception was thrown during route
-   *     replacement.
-   */
-  @Override
-  @NonNull
-  public RouteObject saveRoute(@NonNull String routeId, @NonNull String routeRepresentation)
-      throws RouteException {
-    LOG.debug("Save route \"" + routeId + "\": " + routeRepresentation);
-
-    CamelContext cCtx = null;
-    boolean routeStarted = false;
-
-    // Find the state and CamelContext of the route to be saved
-    for (CamelContext c : getCamelContexts()) {
-      Route targetRoute = c.getRoute(routeId);
-      if (targetRoute != null) {
-        cCtx = c;
-        ServiceStatus serviceStatus = cCtx.getRouteController().getRouteStatus(routeId);
-        routeStarted =
-            serviceStatus == ServiceStatus.Started || serviceStatus == ServiceStatus.Starting;
-        break;
-      }
-    }
-    if (cCtx == null) {
-      LOG.error("Could not find route with id \"" + routeId + "\"");
-      throw new RouteException("Could not find route with id \"" + routeId + "\"");
-    }
-
-    // Check for validity of route representation
-    List<RouteDefinition> routes;
-    try (ByteArrayInputStream bis =
-        new ByteArrayInputStream(routeRepresentation.getBytes(StandardCharsets.UTF_8))) {
-      // Load route(s) from XML
-      RoutesDefinition rd = ModelHelper.loadRoutesDefinition(cCtx, bis);
-      routes = rd.getRoutes();
-      Optional<String> id =
-          routes.stream().map(RouteDefinition::getId).filter(rid -> !routeId.equals(rid)).findAny();
-      if (id.isPresent()) {
-        throw new Exception(
-            "The new route representation has a different ID: "
-                + "Expected \""
-                + routeId
-                + "\" but got \""
-                + id.get()
-                + "\"");
-      }
-    } catch (Exception e) {
-      LOG.error(e.getMessage(), e);
-      throw new RouteException(e);
-    }
-
-    // Remove old route from CamelContext
-    try {
-      cCtx.removeRoute(routeId);
-    } catch (Exception e) {
-      LOG.error("Error while removing old route \"" + routeId + "\"", e);
-      throw new RouteException(e);
-    }
-
-    // Add new route and start it if it was started/starting before save
-    try {
-      RouteDefinition routeDefinition = routes.get(0);
-      cCtx.adapt(ModelCamelContext.class).addRouteDefinition(routeDefinition);
-      if (routeStarted) {
-        cCtx.getRouteController().startRoute(routeDefinition.getId());
-      }
-      return routeDefinitionToObject(cCtx, routeDefinition);
-    } catch (Exception e) {
-      LOG.error("Error while adding new route \"" + routeId + "\"", e);
-      throw new RouteException(e);
-    }
-  }
-
-  /**
-   * Create a new route in a fresh context from text
-   *
-   * @param routeRepresentation The textual representation of the route to be inserted
-   * @throws RouteException If a route with that name already exists
-   */
-  @Override
-  public void addRoute(@NonNull String routeRepresentation) throws RouteException {
-    LOG.debug("Adding new route: " + routeRepresentation);
-    List<RouteObject> existingRoutes = this.getRoutes();
-    // @todo: Need to verify that this or the call to CamelContext.start() below actually registers
-    // the route properly
-    CamelContext cCtx = new DefaultCamelContext();
-    try (ByteArrayInputStream bis =
-        new ByteArrayInputStream(routeRepresentation.getBytes(StandardCharsets.UTF_8))) {
-      // Load route(s) from XML
-      RoutesDefinition rd = ModelHelper.loadRoutesDefinition(cCtx, bis);
-      List<RouteDefinition> routes = rd.getRoutes();
-      // Check that intersection of existing and new routes is empty (=we do not allow overwriting
-      // existing route ids)
-      List<String> intersect =
-          routes
-              .stream()
-              .filter(r -> existingRoutes.stream().anyMatch(er -> er.getId().equals(r.getId())))
-              .map(OptionalIdentifiedDefinition::getId)
-              .collect(Collectors.toList());
-      if (!intersect.isEmpty()) {
-        throw new RouteException(
-            "Route id already exists. Will not overwrite it. " + String.join(", ", intersect));
-      }
-      cCtx.adapt(ModelCamelContext.class).addRouteDefinitions(routes);
-      cCtx.start();
-    } catch (Exception e) {
-      LOG.error(e.getMessage(), e);
-      throw new RouteException(e);
-    }
-  }
-}
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/CamelRouteToDot.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/CamelRouteToDot.java
deleted file mode 100644
index 1aed9addf..000000000
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/CamelRouteToDot.java
+++ /dev/null
@@ -1,240 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-route-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.rm.util;
-
-import org.apache.camel.model.*;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.nullness.qual.Nullable;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.io.Writer;
-import java.util.IdentityHashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import static org.apache.camel.util.ObjectHelper.isNotEmpty;
-
-/**
- * Camel route definition to GraphViz converter.
- *
- * <p>The output can be turned into pictures using dot, neato, and others.
- */
-public class CamelRouteToDot {
-  protected final Map<Object, NodeData> nodeMap = new IdentityHashMap<>();
-  private int clusterCounter = 0;
-  private static final String PREFIX = "http://www.eaipatterns.com/img/";
-
-  protected void printRoutes(Writer writer, Map<String, List<RouteDefinition>> map)
-      throws IOException {
-    Set<Map.Entry<String, List<RouteDefinition>>> entries = map.entrySet();
-    for (Map.Entry<String, List<RouteDefinition>> entry : entries) {
-      String group = entry.getKey();
-      printRoutes(writer, group, entry.getValue());
-    }
-  }
-
-  protected void printRoutes(Writer writer, String group, List<RouteDefinition> routes)
-      throws IOException {
-    if (group != null) {
-      writer.write("subgraph cluster_" + (clusterCounter++) + " {\n");
-      writer.write("label = \"" + group + "\";\n");
-      writer.write("color = grey;\n");
-      writer.write("style = \"dashed\";\n");
-    }
-    for (RouteDefinition route : routes) {
-      printRoute(writer, route, route.getInput());
-      writer.write("\n");
-    }
-    if (group != null) {
-      writer.write("}\n\n");
-    }
-  }
-
-  /**
-   * Prints graphviz code of a single RouteDefinition to the provided PrintWriter.
-   *
-   * @param writer
-   * @param route
-   * @throws IOException
-   */
-  public void printSingleRoute(@Nullable Writer writer, @Nullable final RouteDefinition route)
-      throws IOException {
-    if (writer == null || route == null) {
-      return;
-    }
-    writer.write("digraph { rankdir=LR; size=\"4.5,5.5\" \n\n");
-    writer.write(
-        "node [shape=\"box\", style = \"filled\", fillcolor = white, "
-            + "fontname=\"Helvetica-Oblique\"];");
-    printRoute(writer, route, route.getInput());
-
-    writer.write("\n}");
-  }
-
-  protected void printRoute(Writer writer, final RouteDefinition route, FromDefinition input)
-      throws IOException {
-    NodeData nodeData = getNodeData(input);
-
-    printNode(writer, nodeData);
-
-    NodeData from = nodeData;
-    for (ProcessorDefinition<?> output : route.getOutputs()) {
-      from = printNode(writer, from, output);
-    }
-  }
-
-  protected NodeData printNode(Writer writer, NodeData fromData, ProcessorDefinition<?> node)
-      throws IOException {
-    if (node instanceof MulticastDefinition) {
-      // no need for a multicast or interceptor node
-      List<ProcessorDefinition<?>> outputs = node.getOutputs();
-      boolean isPipeline = isPipeline(node);
-      for (ProcessorDefinition<?> output : outputs) {
-        NodeData out = printNode(writer, fromData, output);
-        // if in pipeline then we should move the from node to the next
-        // in the pipeline
-        if (isPipeline) {
-          fromData = out;
-        }
-      }
-      return fromData;
-    }
-    NodeData toData = getNodeData(node);
-
-    printNode(writer, toData);
-
-    if (fromData != null) {
-      writer.write(fromData.id);
-      writer.write(" -> ");
-      writer.write(toData.id);
-      writer.write(" [\n");
-
-      String label = fromData.edgeLabel;
-      if (isNotEmpty(label)) {
-        writer.write("label = \"" + label + "\"\n");
-      }
-      writer.write("];\n");
-    }
-
-    // now lets write any children
-    List<ProcessorDefinition<?>> outputs = toData.outputs;
-    if (outputs != null) {
-      for (ProcessorDefinition<?> output : outputs) {
-        NodeData newData = printNode(writer, toData, output);
-        if (!isMulticastNode(node)) {
-          toData = newData;
-        }
-      }
-    }
-    return toData;
-  }
-
-  protected void printNode(Writer writer, NodeData data) throws IOException {
-    if (!data.nodeWritten) {
-      data.nodeWritten = true;
-
-      writer.write("\n");
-      writer.write(data.id + "\n");
-      writer.write(" [\n");
-      writer.write("label = \"" + data.label + "\"\n");
-      writer.write("tooltip = \"" + data.tooltip + "\"\n");
-
-      String image = data.image;
-      if (image != null) {
-        writer.write("shapefile = \"" + image + "\"\n");
-        writer.write("peripheries=0");
-      }
-      String shape = data.shape;
-      if (shape == null && image != null) {
-        shape = "custom";
-      }
-      if (shape != null) {
-        writer.write("shape = \"" + shape + "\"\n");
-      }
-      writer.write("];\n\n");
-    }
-  }
-
-  public void generateFile(
-      @Nullable PrintWriter writer, @Nullable Map<String, List<RouteDefinition>> map)
-      throws IOException {
-    if (writer == null || map == null) {
-      return;
-    }
-    writer.println("digraph CamelRoutes {");
-    writer.println();
-
-    writer.println(
-        "node [style = \"rounded,filled\", fillcolor = white, color = \"#898989\", "
-            + "fontname=\"Helvetica-Oblique\"];");
-    writer.println();
-    printRoutes(writer, map);
-
-    writer.println("}");
-  }
-
-  protected NodeData getNodeData(@NonNull Object node) {
-    Object key = node;
-    if (node instanceof FromDefinition) {
-      FromDefinition fromType = (FromDefinition) node;
-      key = fromType.getUri();
-    } else if (node instanceof ToDefinition) {
-      ToDefinition toType = (ToDefinition) node;
-      key = toType.getUri();
-    }
-    NodeData answer = null;
-    if (key != null) {
-      answer = nodeMap.get(key);
-    }
-    if (answer == null) {
-      String id = "node" + (nodeMap.size() + 1);
-      answer = new NodeData(id, node, PREFIX);
-      nodeMap.put(key, answer);
-    }
-    return answer;
-  }
-
-  protected boolean isMulticastNode(ProcessorDefinition<?> node) {
-    return node instanceof MulticastDefinition || node instanceof ChoiceDefinition;
-  }
-
-  /** Is the given node a pipeline */
-  protected boolean isPipeline(ProcessorDefinition<?> node) {
-    if (node instanceof MulticastDefinition) {
-      return false;
-    }
-    if (node instanceof PipelineDefinition) {
-      return true;
-    }
-    if (node.getOutputs().size() > 1) {
-      // is pipeline if there is more than 1 output and they are all To
-      // types
-      for (Object type : node.getOutputs()) {
-        if (!(type instanceof ToDefinition)) {
-          return false;
-        }
-      }
-      return true;
-    }
-    return false;
-  }
-}
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/GraphProcessor.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/GraphProcessor.java
deleted file mode 100644
index 17cfb8ef3..000000000
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/GraphProcessor.java
+++ /dev/null
@@ -1,119 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-route-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.rm.util;
-
-import de.fhg.aisec.ids.api.router.graph.Edge;
-import de.fhg.aisec.ids.api.router.graph.GraphData;
-import de.fhg.aisec.ids.api.router.graph.Node;
-import org.apache.camel.model.ChoiceDefinition;
-import org.apache.camel.model.OptionalIdentifiedDefinition;
-import org.apache.camel.model.ProcessorDefinition;
-import org.apache.camel.model.RouteDefinition;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-import java.util.concurrent.atomic.AtomicInteger;
-
-public class GraphProcessor {
-
-  /**
-   * Prints a single Camel route in Prolog representation.
-   *
-   * @param route The route to be transformed
-   */
-  public static GraphData processRoute(RouteDefinition route) {
-    GraphData gd = new GraphData();
-    // Print route entry points
-    processInput(gd, route);
-    return gd;
-  }
-
-  /**
-   * Prints a single node of a Camel route in Prolog representation.
-   *
-   * @param graphData
-   * @param current
-   * @param preds
-   * @return
-   */
-  private static List<ProcessorDefinition<?>> processNode(
-      GraphData graphData,
-      ProcessorDefinition<?> current,
-      List<OptionalIdentifiedDefinition<?>> preds) {
-    for (OptionalIdentifiedDefinition<?> p : preds) {
-      graphData.addEdge(new Edge(p.getId(), current.getId()));
-    }
-    graphData.addNode(
-        new Node(
-            current.getId(),
-            current.getLabel(),
-            (current instanceof ChoiceDefinition) ? Node.NodeType.ChoiceNode : Node.NodeType.Node));
-
-    // predecessor of next recursion is the current node
-    List<ProcessorDefinition<?>> newPreds = new ArrayList<>();
-    newPreds.add(current);
-    for (ProcessorDefinition<?> out : current.getOutputs()) {
-      // if this is a ChoiceDefinition, there is no link between its WhereDefinitions.
-      ArrayList<OptionalIdentifiedDefinition<?>> myPreds = new ArrayList<>();
-      if (current instanceof ChoiceDefinition) {
-        myPreds.add(current);
-      } else {
-        // @TODO: Looks somewhat strange... is this correct?
-        myPreds.addAll(newPreds);
-      }
-
-      // Recursion ...
-      List<ProcessorDefinition<?>> p = processNode(graphData, out, myPreds);
-
-      // Predecessors of a ChoiceDefinition are all last stmts of its Where- and
-      // OtherwiseDefinitions
-      if (current instanceof ChoiceDefinition) {
-        newPreds.addAll(p);
-      } else {
-        newPreds.clear();
-        newPreds.addAll(p);
-      }
-    }
-
-    return newPreds;
-  }
-
-  /**
-   * Prints a single FromDefinition (= a route entry point) in Prolog representation.
-   */
-  private static void processInput(
-      GraphData graphData, RouteDefinition route) {
-    AtomicInteger counter = new AtomicInteger(0);
-    var i = route.getInput();
-    // Make sure every input node has a unique id
-    if (i.getId() == null) {
-      i.setCustomId(true);
-      i.setId("input" + counter);
-    }
-    graphData.addNode(new Node(i.getId(), i.getLabel(), Node.NodeType.EntryNode));
-
-    OptionalIdentifiedDefinition<?> prev = i;
-    for (ProcessorDefinition<?> next : route.getOutputs()) {
-      processNode(graphData, next, Collections.singletonList(prev));
-      prev = next;
-    }
-  }
-}
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/NodeData.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/NodeData.java
deleted file mode 100644
index 8df3a66ec..000000000
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/NodeData.java
+++ /dev/null
@@ -1,196 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-route-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.rm.util;
-
-import static org.apache.camel.util.ObjectHelper.isEmpty;
-import static org.apache.camel.util.ObjectHelper.isNotEmpty;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Locale;
-import org.apache.camel.model.AggregateDefinition;
-import org.apache.camel.model.BeanDefinition;
-import org.apache.camel.model.ChoiceDefinition;
-import org.apache.camel.model.FilterDefinition;
-import org.apache.camel.model.FromDefinition;
-import org.apache.camel.model.OtherwiseDefinition;
-import org.apache.camel.model.ProcessorDefinition;
-import org.apache.camel.model.RecipientListDefinition;
-import org.apache.camel.model.ResequenceDefinition;
-import org.apache.camel.model.RoutingSlipDefinition;
-import org.apache.camel.model.SplitDefinition;
-import org.apache.camel.model.ToDefinition;
-import org.apache.camel.model.TransformDefinition;
-import org.apache.camel.model.WhenDefinition;
-
-/** Represents a node in Graphviz representation of a route. */
-public class NodeData {
-  public String id;
-  public String image;
-  public String label;
-  public String shape;
-  public String edgeLabel;
-  public String tooltip;
-  public String nodeType;
-  public boolean nodeWritten;
-  public String url;
-  public List<ProcessorDefinition<?>> outputs;
-
-  public NodeData(String id, Object node, String imagePrefix) {
-    this.id = id;
-
-    if (node instanceof ProcessorDefinition) {
-      ProcessorDefinition<?> processorType = (ProcessorDefinition<?>) node;
-      this.edgeLabel = processorType.getLabel();
-    }
-    if (node instanceof FromDefinition) {
-      FromDefinition fromType = (FromDefinition) node;
-      this.tooltip = fromType.getLabel();
-      this.label = removeQueryString(this.tooltip);
-      this.url = "http://camel.apache.org/message-endpoint.html";
-    } else if (node instanceof ToDefinition) {
-      ToDefinition toType = (ToDefinition) node;
-      this.tooltip = toType.getLabel();
-      this.label = removeQueryString(this.tooltip);
-      this.edgeLabel = "";
-      this.url = "http://camel.apache.org/message-endpoint.html";
-    } else if (node instanceof FilterDefinition) {
-      this.image = imagePrefix + "MessageFilterIcon.png";
-      this.label = "Filter";
-      this.nodeType = "Message Filter";
-    } else if (node instanceof WhenDefinition) {
-      this.image = imagePrefix + "MessageFilterIcon.png";
-      this.nodeType = "When Filter";
-      this.label = "When";
-      this.url = "http://camel.apache.org/content-based-router.html";
-    } else if (node instanceof OtherwiseDefinition) {
-      this.nodeType = "Otherwise";
-      this.edgeLabel = "";
-      this.url = "http://camel.apache.org/content-based-router.html";
-      this.tooltip = "Otherwise";
-    } else if (node instanceof ChoiceDefinition) {
-      this.image = imagePrefix + "ContentBasedRouterIcon.png";
-      this.nodeType = "Content Based Router";
-      this.label = "Choice";
-      this.edgeLabel = "";
-
-      ChoiceDefinition choice = (ChoiceDefinition) node;
-      List<ProcessorDefinition<?>> outputs = new ArrayList<>(choice.getWhenClauses());
-      if (choice.getOtherwise() != null) {
-        outputs.add(choice.getOtherwise());
-      }
-      this.outputs = outputs;
-    } else if (node instanceof RecipientListDefinition) {
-      this.image = imagePrefix + "RecipientListIcon.png";
-      this.nodeType = "Recipient List";
-    } else if (node instanceof RoutingSlipDefinition) {
-      this.image = imagePrefix + "RoutingTableIcon.png";
-      this.nodeType = "Routing Slip";
-      this.url = "http://camel.apache.org/routing-slip.html";
-    } else if (node instanceof SplitDefinition) {
-      this.image = imagePrefix + "SplitterIcon.png";
-      this.nodeType = "Splitter";
-    } else if (node instanceof AggregateDefinition) {
-      this.image = imagePrefix + "AggregatorIcon.png";
-      this.nodeType = "Aggregator";
-    } else if (node instanceof ResequenceDefinition) {
-      this.image = imagePrefix + "ResequencerIcon.png";
-      this.nodeType = "Resequencer";
-    } else if (node instanceof BeanDefinition) {
-      BeanDefinition beanRef = (BeanDefinition) node;
-      this.nodeType = "Bean Ref";
-      this.label = beanRef.getLabel() + " Bean";
-      this.shape = "box";
-    } else if (node instanceof TransformDefinition) {
-      this.nodeType = "Transform";
-      this.url = "http://camel.apache.org/message-translator.html";
-    }
-
-    // lets auto-default as many values as we can
-    if (isEmpty(this.nodeType) && node != null) {
-      String name = node.getClass().getName();
-      int idx = name.lastIndexOf('.');
-      if (idx > 0) {
-        name = name.substring(idx + 1);
-      }
-      if (name.endsWith("Type")) {
-        name = name.substring(0, name.length() - 4);
-      }
-      this.nodeType = insertSpacesBetweenCamelCase(name);
-    }
-    if (this.label == null) {
-      if (isEmpty(this.image)) {
-        this.label = this.nodeType;
-        this.shape = "box";
-      } else if (isNotEmpty(this.edgeLabel)) {
-        this.label = "";
-      } else {
-        this.label = String.valueOf(node);
-      }
-    }
-    if (isEmpty(this.tooltip)) {
-      if (isNotEmpty(this.nodeType)) {
-        String description = isNotEmpty(this.edgeLabel) ? this.edgeLabel : this.label;
-        this.tooltip = this.nodeType + ": " + description;
-      } else {
-        this.tooltip = this.label;
-      }
-    }
-    if (isEmpty(this.url) && isNotEmpty(this.nodeType)) {
-      this.url =
-          "http://camel.apache.org/"
-              + this.nodeType.toLowerCase(Locale.ENGLISH).replace(' ', '-')
-              + ".html";
-    }
-    if (node instanceof ProcessorDefinition && this.outputs == null) {
-      ProcessorDefinition<?> processorType = (ProcessorDefinition<?>) node;
-      this.outputs = processorType.getOutputs();
-    }
-  }
-
-  protected String removeQueryString(String text) {
-    int idx = text.indexOf('?');
-    if (idx <= 0) {
-      return text;
-    } else {
-      return text.substring(0, idx);
-    }
-  }
-
-  /** Inserts a space before each upper case letter after a lowercase */
-  public static String insertSpacesBetweenCamelCase(String name) {
-    boolean lastCharacterLowerCase = false;
-    StringBuilder buffer = new StringBuilder();
-    int i = 0;
-    for (int size = name.length(); i < size; i++) {
-      char ch = name.charAt(i);
-      if (Character.isUpperCase(ch)) {
-        if (lastCharacterLowerCase) {
-          buffer.append(' ');
-        }
-        lastCharacterLowerCase = false;
-      } else {
-        lastCharacterLowerCase = true;
-      }
-      buffer.append(ch);
-    }
-    return buffer.toString();
-  }
-}
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/PrologNode.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/PrologNode.java
deleted file mode 100644
index 6f3cf38d2..000000000
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/PrologNode.java
+++ /dev/null
@@ -1,126 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-route-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.rm.util;
-
-import static org.apache.camel.util.ObjectHelper.isEmpty;
-import static org.apache.camel.util.ObjectHelper.isNotEmpty;
-
-import java.util.ArrayList;
-import java.util.List;
-import org.apache.camel.model.AggregateDefinition;
-import org.apache.camel.model.BeanDefinition;
-import org.apache.camel.model.ChoiceDefinition;
-import org.apache.camel.model.FilterDefinition;
-import org.apache.camel.model.FromDefinition;
-import org.apache.camel.model.OtherwiseDefinition;
-import org.apache.camel.model.ProcessorDefinition;
-import org.apache.camel.model.RecipientListDefinition;
-import org.apache.camel.model.ResequenceDefinition;
-import org.apache.camel.model.RoutingSlipDefinition;
-import org.apache.camel.model.SplitDefinition;
-import org.apache.camel.model.ToDefinition;
-import org.apache.camel.model.TransformDefinition;
-import org.apache.camel.model.WhenDefinition;
-import org.checkerframework.checker.nullness.qual.NonNull;
-
-/** Represents a node in the EIP diagram tree */
-public class PrologNode {
-  //	public String id;
-  public String nodeType;
-  public String value;
-  //	public String predicate = "has_url";
-  public List<ProcessorDefinition<?>> outputs;
-
-  public PrologNode(@NonNull String id, @NonNull Object node) {
-    //		this.id = id;
-
-    if (node instanceof ProcessorDefinition) {
-      ProcessorDefinition<?> processorType = (ProcessorDefinition<?>) node;
-      //			this.predicate = "has_operation";
-      this.value = processorType.getLabel();
-    }
-    if (node instanceof FromDefinition) {
-      FromDefinition fromType = (FromDefinition) node;
-      this.nodeType = "from";
-      //			this.predicate = "has_url";
-      this.value = fromType.getEndpointUri();
-    } else if (node instanceof ToDefinition) {
-      ToDefinition toType = (ToDefinition) node;
-      this.value = toType.getEndpointUri();
-      this.nodeType = "to";
-    } else if (node instanceof FilterDefinition) {
-      this.nodeType = "message_filter";
-    } else if (node instanceof WhenDefinition) {
-      this.nodeType = "when";
-      this.value = ((WhenDefinition) node).getExpression().getExpression();
-    } else if (node instanceof OtherwiseDefinition) {
-      this.nodeType = "otherwise";
-      this.value = "";
-    } else if (node instanceof ChoiceDefinition) {
-      ChoiceDefinition choice = (ChoiceDefinition) node;
-      List<ProcessorDefinition<?>> outputs = new ArrayList<>(choice.getWhenClauses());
-      if (choice.getOtherwise() != null) {
-        outputs.add(choice.getOtherwise());
-      }
-      this.outputs = outputs;
-      this.nodeType = "choice";
-    } else if (node instanceof RecipientListDefinition) {
-      //			this.predicate = "recipient_list";
-      this.value = ((RecipientListDefinition) node).getLabel();
-      this.nodeType = "recipients";
-    } else if (node instanceof RoutingSlipDefinition) {
-      this.value = ((RoutingSlipDefinition) node).getLabel();
-      this.nodeType = "slip";
-    } else if (node instanceof SplitDefinition) {
-      this.nodeType = "splitter";
-    } else if (node instanceof AggregateDefinition) {
-      this.nodeType = "aggregator";
-    } else if (node instanceof ResequenceDefinition) {
-      //			this.predicate = "resequence";
-      this.value = ((ResequenceDefinition) node).getLabel();
-    } else if (node instanceof BeanDefinition) {
-      //			this.predicate = "bean";
-      this.value = ((BeanDefinition) node).getLabel();
-    } else if (node instanceof TransformDefinition) {
-      this.value = ((TransformDefinition) node).getLabel();
-      //			this.predicate = "transform";
-    }
-
-    // lets auto-default as many values as we can
-    if (isEmpty(this.nodeType) && node != null) {
-      String name = node.getClass().getName();
-      int idx = name.lastIndexOf('.');
-      if (idx > 0) {
-        name = name.substring(idx + 1);
-      }
-      if (name.endsWith("Type")) {
-        name = name.substring(0, name.length() - 4);
-      }
-      this.nodeType = name;
-    }
-    if (isEmpty(this.value) && isNotEmpty(this.nodeType)) {
-      this.value = this.nodeType;
-    }
-    if (node instanceof ProcessorDefinition && this.outputs == null) {
-      ProcessorDefinition<?> processorType = (ProcessorDefinition<?>) node;
-      this.outputs = processorType.getOutputs();
-    }
-  }
-}
diff --git a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/PrologPrinter.java b/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/PrologPrinter.java
deleted file mode 100644
index 915ca1d55..000000000
--- a/ids-route-manager/src/main/java/de/fhg/aisec/ids/rm/util/PrologPrinter.java
+++ /dev/null
@@ -1,125 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-route-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.rm.util;
-
-import org.apache.camel.model.ChoiceDefinition;
-import org.apache.camel.model.OptionalIdentifiedDefinition;
-import org.apache.camel.model.ProcessorDefinition;
-import org.apache.camel.model.RouteDefinition;
-import org.checkerframework.checker.nullness.qual.Nullable;
-
-import java.io.IOException;
-import java.io.Writer;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-import java.util.concurrent.atomic.AtomicInteger;
-
-public class PrologPrinter {
-
-  /**
-   * Prints a single Camel route in Prolog representation.
-   *
-   * @param writer
-   * @param route
-   * @throws IOException
-   */
-  public void printSingleRoute(@Nullable Writer writer, @Nullable RouteDefinition route)
-      throws IOException {
-    if (writer == null || route == null) {
-      return;
-    }
-
-    // Print route entry points
-    printInput(writer, route);
-  }
-
-  /**
-   * Prints a single node of a Camel route in Prolog representation.
-   *
-   * @param writer
-   * @param current
-   * @param preds
-   * @return
-   * @throws IOException
-   */
-  private List<ProcessorDefinition<?>> printNode(
-      Writer writer, ProcessorDefinition<?> current, List<OptionalIdentifiedDefinition<?>> preds)
-      throws IOException {
-    for (OptionalIdentifiedDefinition<?> p : preds) {
-      writer.write("succ(" + p.getId() + ", " + current.getId() + ").\n");
-    }
-    writer.write("stmt(" + current.getId() + ").\n");
-    writer.write("has_action(" + current.getId() + ", \"" + current.getLabel() + "\").\n");
-
-    // predecessor of next recursion is the current node
-    List<ProcessorDefinition<?>> newPreds = new ArrayList<>();
-    newPreds.add(current);
-    for (ProcessorDefinition<?> out : current.getOutputs()) {
-      // if this is a ChoiceDefinition, there is no link between its WhereDefinitions.
-      ArrayList<OptionalIdentifiedDefinition<?>> myPreds = new ArrayList<>();
-      if (current instanceof ChoiceDefinition) {
-        myPreds.add(current);
-      } else {
-        // @TODO: Looks somewhat strange... is this correct?
-        myPreds.addAll(newPreds);
-      }
-
-      // Recursion ...
-      List<ProcessorDefinition<?>> p = printNode(writer, out, myPreds);
-
-      // Predecessors of a ChoiceDefinition are all last stmts of its Where- and
-      // OtherwiseDefinitions
-      if (current instanceof ChoiceDefinition) {
-        newPreds.addAll(p);
-      } else {
-        newPreds.clear();
-        newPreds.addAll(p);
-      }
-    }
-
-    return newPreds;
-  }
-
-  /**
-   * Prints a single FromDefinition (= a route entry point) in Prolog representation.
-   *
-   * @throws IOException
-   */
-  private void printInput(Writer writer, RouteDefinition route)
-      throws IOException {
-    AtomicInteger counter = new AtomicInteger(0);
-    var i = route.getInput();
-    // Make sure every input node has a unique id
-    if (i.getId() == null) {
-      i.setCustomId(true);
-      i.setId("input" + counter.incrementAndGet());
-    }
-    writer.write("stmt(" + i.getId() + ").\n");
-    writer.write("entrynode(" + i.getId() + ").\n");
-    writer.write("has_action(" + i.getId() + ", \"" + i.getLabel() + "\").\n");
-
-    OptionalIdentifiedDefinition<?> prev = i;
-    for (ProcessorDefinition<?> next : route.getOutputs()) {
-      printNode(writer, next, Collections.singletonList(prev));
-      prev = next;
-    }
-  }
-}
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/CamelInterceptor.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/CamelInterceptor.kt
new file mode 100644
index 000000000..79aff6959
--- /dev/null
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/CamelInterceptor.kt
@@ -0,0 +1,63 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-route-manager
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.rm
+
+import de.fhg.aisec.ids.api.cm.ContainerManager
+import de.fhg.aisec.ids.api.idscp2.Idscp2UsageControlInterface
+import de.fhg.aisec.ids.api.policy.PDP
+import org.apache.camel.CamelContext
+import org.apache.camel.NamedNode
+import org.apache.camel.Processor
+import org.apache.camel.spi.InterceptStrategy
+import org.osgi.service.component.annotations.*
+
+@Component(immediate = true, name = "ids-camel-interceptor")
+class CamelInterceptor : InterceptStrategy {
+    @Reference(cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC)
+    @Volatile
+    private var pdp: PDP? = null
+    @Reference(cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC)
+    @Volatile
+    private var usageControlInterface: Idscp2UsageControlInterface? = null
+    @Reference(cardinality = ReferenceCardinality.OPTIONAL, policy = ReferencePolicy.DYNAMIC)
+    @Volatile
+    private var containerManager: ContainerManager? = null
+
+    @Activate
+    private fun activate() {
+        instance = this
+    }
+
+    override fun wrapProcessorInInterceptors(
+            context: CamelContext,
+            node: NamedNode,
+            target: Processor,
+            nextTarget: Processor?): Processor {
+        return PolicyEnforcementPoint(node, target)
+    }
+
+    companion object {
+        private lateinit var instance: CamelInterceptor
+
+        val pdp get() = instance.pdp
+        val usageControlInterface get() = instance.usageControlInterface
+        val containerManager get() = instance.containerManager
+    }
+}
\ No newline at end of file
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
new file mode 100644
index 000000000..08eaa4386
--- /dev/null
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
@@ -0,0 +1,236 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-route-manager
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.rm
+
+import com.google.common.collect.MapMaker
+import de.fhg.aisec.ids.api.policy.DecisionRequest
+import de.fhg.aisec.ids.api.policy.PolicyDecision
+import de.fhg.aisec.ids.api.policy.ServiceNode
+import de.fhg.aisec.ids.api.policy.TransformationDecision
+import de.fraunhofer.iais.eis.BinaryOperator
+import de.fraunhofer.iais.eis.Constraint
+import de.fraunhofer.iais.eis.LeftOperand
+import org.apache.camel.*
+import org.apache.camel.model.RouteDefinition
+import org.apache.camel.model.ToDefinition
+import org.slf4j.LoggerFactory
+import java.net.InetAddress
+import java.net.URI
+import java.util.*
+import java.util.concurrent.CompletableFuture
+
+class PolicyEnforcementPoint internal constructor(
+        private val node: NamedNode,
+        private val target: Processor) : AsyncProcessor {
+    /**
+     * The method performs flow control and calls Exchange.setException() when necessary
+     * It iterates through nodes in CamelRoute (<from>, <log>, <choice>, <process>, <to>, ...)
+     * and launches node specific usage enforcement actions.
+     *
+     * At node <from>: protect exchange msg's body if usage constraint is given
+     * At node <to>: unprotect exchange msg's body if usage constraing it fulfilled
+     *
+     * @param exchange The exchange object to check
+     * @return Whether target.process() is to be called for this exchange object
+     */
+
+    private fun processFlowControl(exchange: Exchange?): Boolean {
+        if (exchange == null) {
+            if (LOG.isWarnEnabled) {
+                LOG.warn("Cannot check data flow policy. Exchange object is null.")
+            }
+            return false
+        }
+        // Strict policy: If PDP or Usage Control interface are not available, block every checked data flow
+        val pdp = CamelInterceptor.pdp
+                ?: throw Exception("PDP is not available")
+        val ucInterface = CamelInterceptor.usageControlInterface
+                ?: throw Exception("Usage Control Interface is not available")
+
+        // Save per exchange object the source node's content (<from: uri="idscp2server://0...>)
+        // Same entry in Hashmap per CamelRoute, change of exchange properties do not create new entry
+        var source = lastDestinations[exchange]
+        val freshRoute = source == null
+        if (freshRoute) {
+            // If read CamelRoute's node is not <from> iterate to parent nodes
+            var routeNode = node.parent
+            while (routeNode !is RouteDefinition) {
+                routeNode = routeNode.parent
+            }
+            source = routeNode.input.toString()
+        }
+
+        // Save current destination node of CamelRoute
+        val destination = node.toString()
+        lastDestinations[exchange] = destination
+        if (LOG.isTraceEnabled) {
+            LOG.trace("{} -> {}", source, destination)
+        }
+
+        // While iterating through CamelNodes only take action for nodes <from> (=freshRoute) and <to>
+        if (freshRoute || node is ToDefinition) {
+            val ucContract = try {
+                ucInterface.getExchangeContract(exchange)
+            } catch (x: RuntimeException) {
+                throw Exception("Required contract is not available!", x)
+            }
+            ucContract?.let { contract ->
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Applying Contract $contract")
+                }
+                val dockerConstraint = { c: Constraint ->
+                    c.operator == BinaryOperator.SAME_AS && c.leftOperand == LeftOperand.SYSTEM }
+                contract.permission.firstOrNull { p ->
+                    // Check whether any constraint is given which fits the rules given above
+                    p.constraint.firstOrNull(dockerConstraint) != null
+                    // So far previous checks answered: "Can we principally work with given constraint?"
+                }?.constraint?.first(dockerConstraint)?.rightOperandReference?.let { dockerUri ->
+                    if (LOG.isDebugEnabled) {
+                        LOG.debug("UC: Restricting to Container URI $dockerUri")
+                    }
+                    // Extracting hash and port of containerUri given by CamelRoute
+                    val hashPart = dockerUri.path.split("/").last()
+                    if (!hashPart.startsWith("sha256-")) {
+                        throw Exception("Invalid docker URI for UC, last path component must start with \"sha256-\"!")
+                    }
+                    val hash = hashPart.substring(7)
+                    val port = try {
+                        dockerUri.fragment.toInt().also { assert(it in 1..65535) }
+                    } catch (nfe: NumberFormatException) {
+                        throw Exception("Invalid docker URI for UC, fragment must represent a valid port number!")
+                    } catch (ae: AssertionError) {
+                        throw Exception("Invalid docker URI for UC, ${dockerUri.fragment} is not a valid port number!")
+                    }
+                    // Check whether we deal with entry ("from:...") or output ("to:...") node in CamelRoute
+                    if (freshRoute) {
+                        // If we deal with entry, then protect exchange's body
+                        ucInterface.protectBody(exchange, ucContract.id)
+                    // Additionally check whether exchange's body was protected
+                    } else if (node is ToDefinition && ucInterface.isProtected(exchange)) {
+                        // Compare hash value and port of camelRoute's containerUri with local Docker containers
+                        CamelInterceptor.containerManager?.let { cm ->
+                            val endpointUri = URI.create(node.endpointUri)
+                            // Check is containerUri's port matched CamelRoute ToNode's port
+                            if (port != endpointUri.port) {
+                                LOG.warn("UC: Exchange blocked by contract: " +
+                                        "Port $port is permitted, but ${endpointUri.port} is used!")
+                            } else {
+                                val allowedContainers = cm.list(true).filter { container ->
+                                    // From running docker containers get all with the given hash
+                                    // Normally there is only one hash type, but there can be more
+                                    // Currently requested type is only sha256 (e.g. sha3 or else may be added later)
+                                    container.imageDigests.any { it.split(":").last() == hash }
+                                }
+                                // Save all ip addresses of allowed containers in one list
+                                val allowedIPs = allowedContainers.flatMap { it.ipAddresses }.toSet()
+                                // Check whether all endpoint's ip-addresses belong to allowed containers
+                                if (InetAddress.getAllByName(endpointUri.host).all { allowedIPs.contains(it) }) {
+                                    ucInterface.unprotectBody(exchange)
+                                    if (LOG.isDebugEnabled) {
+                                        LOG.debug("UC: Contract permits data flow, Exchange body has been restored.")
+                                    }
+                                } else {
+                                    LOG.warn("UC: Some or all IP addresses of the host ${endpointUri.host} " +
+                                            "do not belong to the permitted containers (${allowedContainers})")
+                                }
+                            }
+                        } ?: LOG.warn("UC: ContainerManager is not available, " +
+                                "cannot verify container-binding contract!")
+                    }
+                }
+            }
+        }
+
+        val sourceNode = ServiceNode(source, null, null)
+        val destNode = ServiceNode(destination, null, null)
+
+        // Call PDP to transform labels and decide whether to forward the Exchange
+        applyLabelTransformation(pdp.requestTranformations(sourceNode), exchange)
+        val labels = exchangeLabels.computeIfAbsent(exchange) { HashSet<String>() }
+        val decision = pdp.requestDecision(
+                DecisionRequest(sourceNode, destNode, labels, null))
+        return when (decision.decision!!) {
+            PolicyDecision.Decision.ALLOW -> true
+            PolicyDecision.Decision.DENY -> {
+                if (LOG.isWarnEnabled) {
+                    LOG.warn("Exchange explicitly blocked (DENY) by data flow policy. " +
+                            "Source: {}, Target: {}", sourceNode, destNode)
+                }
+                exchange.setException(Exception("Exchange blocked by data flow policy"))
+                false
+            }
+        }
+    }
+
+    /**
+     * Removes and adds labels to an exchange object.
+     *
+     * @param requestTransformations The request transformations (label changes) to be performed
+     * @param exchange Exchange processed
+     */
+    private fun applyLabelTransformation(
+            requestTransformations: TransformationDecision, exchange: Exchange) {
+        val labels = exchangeLabels.computeIfAbsent(exchange) { HashSet<String>() }
+
+        // Remove labels from exchange
+        labels.removeAll(requestTransformations.labelsToRemove)
+
+        // Add labels to exchange
+        labels.addAll(requestTransformations.labelsToAdd)
+    }
+
+    @Throws(Exception::class)
+    override fun process(exchange: Exchange) {
+        if (processFlowControl(exchange)) {
+            target.process(exchange)
+        }
+    }
+
+    override fun process(exchange: Exchange, callback: AsyncCallback): Boolean {
+        if (processFlowControl(exchange)) {
+            try {
+                target.process(exchange)
+                callback.done(true)
+                return true
+            } catch (e: Exception) {
+                LOG.error(e.message, e)
+            }
+        }
+        callback.done(false)
+        return false
+    }
+
+    override fun processAsync(exchange: Exchange): CompletableFuture<Exchange> {
+        return try {
+            target.process(exchange)
+            CompletableFuture.completedFuture(exchange)
+        } catch (x: Exception) {
+            CompletableFuture.failedFuture(x)
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(PolicyEnforcementPoint::class.java)
+        private val lastDestinations: MutableMap<Exchange, String> =
+                MapMaker().weakKeys().makeMap()
+        private val exchangeLabels: MutableMap<Exchange, MutableSet<String>> =
+                MapMaker().weakKeys().makeMap()
+    }
+}
\ No newline at end of file
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt
new file mode 100644
index 000000000..6e0b892e3
--- /dev/null
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt
@@ -0,0 +1,476 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-route-manager
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.rm
+
+import de.fhg.aisec.ids.api.router.*
+import de.fhg.aisec.ids.rm.util.CamelRouteToDot
+import de.fhg.aisec.ids.rm.util.PrologPrinter
+import org.apache.camel.CamelContext
+import org.apache.camel.Endpoint
+import org.apache.camel.ServiceStatus
+import org.apache.camel.impl.DefaultCamelContext
+import org.apache.camel.management.DefaultManagementAgent
+import org.apache.camel.model.ModelCamelContext
+import org.apache.camel.model.ModelHelper
+import org.apache.camel.model.RouteDefinition
+import org.apache.camel.support.dump.RouteStatDump
+import org.osgi.framework.FrameworkUtil
+import org.osgi.framework.InvalidSyntaxException
+import org.osgi.service.component.ComponentContext
+import org.osgi.service.component.annotations.Activate
+import org.osgi.service.component.annotations.Component
+import org.slf4j.LoggerFactory
+import java.io.*
+import java.nio.charset.StandardCharsets
+import java.util.*
+import java.util.stream.Collectors
+import javax.management.*
+import javax.xml.bind.JAXBContext
+import javax.xml.bind.JAXBException
+
+/**
+ * Manages Camel routes.
+ *
+ * @author Julian Schuette (julian.schuette@aisec.fraunhofer.de)
+ */
+@Component(immediate = true, name = "ids-routemanager")
+class RouteManagerService : RouteManager {
+    private lateinit var ctx: ComponentContext
+
+    @Activate
+    private fun activate(ctx: ComponentContext) {
+        this.ctx = ctx
+    }
+
+    override fun getRoutes(): List<RouteObject> {
+        val result: MutableList<RouteObject> = ArrayList()
+        val camelContexts = camelContexts
+
+        // Create response
+        for (cCtx in camelContexts) {
+            val mcc = cCtx.adapt(ModelCamelContext::class.java)
+            for (rd in mcc.routeDefinitions) {
+                result.add(routeDefinitionToObject(cCtx, rd))
+            }
+        }
+        return result
+    }
+
+    override fun getRoute(id: String): RouteObject? {
+        val camelContexts = camelContexts
+
+        // Create response
+        for (cCtx in camelContexts) {
+            val mcc = cCtx.adapt(ModelCamelContext::class.java)
+            val rd = mcc.getRouteDefinition(id)
+            if (rd != null) {
+                return routeDefinitionToObject(cCtx, rd)
+            }
+        }
+        return null
+    }
+
+    @Throws(RouteException::class)
+    override fun startRoute(routeId: String) {
+        val camelC = camelContexts
+        for (cCtx in camelC) {
+            val rt = cCtx.getRoute(routeId)
+            if (rt != null) {
+                try {
+                    cCtx.routeController.startRoute(routeId)
+                } catch (e: Exception) {
+                    throw RouteException(e)
+                }
+            }
+        }
+    }
+
+    @Throws(RouteException::class)
+    override fun stopRoute(routeId: String) {
+        val camelC = camelContexts
+        for (cCtx in camelC) {
+            val rt = cCtx.getRoute(routeId)
+            if (rt != null) {
+                try {
+                    cCtx.routeController.stopRoute(routeId)
+                } catch (e: Exception) {
+                    throw RouteException(e)
+                }
+            }
+        }
+    }
+
+    override fun listComponents(): List<RouteComponent> {
+        val componentNames: MutableList<RouteComponent> = ArrayList()
+        val bCtx = FrameworkUtil.getBundle(RouteManagerService::class.java).bundleContext
+                ?: return componentNames
+        try {
+            val services = bCtx.getServiceReferences("org.apache.camel.spi.ComponentResolver", null)
+            for (sr in services) {
+                var bundle = sr.bundle.headers["Bundle-Name"]
+                if (bundle == null || "" == bundle) {
+                    bundle = sr.bundle.symbolicName
+                }
+                var description = sr.bundle.headers["Bundle-Description"]
+                if (description == null) {
+                    description = ""
+                }
+                componentNames.add(RouteComponent(bundle, description))
+            }
+        } catch (e: InvalidSyntaxException) {
+            LOG.error(e.message, e)
+        }
+        return componentNames
+    }
+
+    override fun getEndpoints(): Map<String, Collection<String>> {
+        return camelContexts
+                .stream()
+                .collect(
+                        Collectors.toMap({ obj: CamelContext -> obj.name },
+                                { c: CamelContext ->
+                                    c.endpoints
+                                            .stream()
+                                            .map { obj: Endpoint -> obj.endpointUri }
+                                            .collect(Collectors.toList())
+                                }))
+    }
+
+    override fun listEndpoints(): Map<String, String> {
+        val epURIs: MutableMap<String, String> = HashMap()
+        for (cCtx in camelContexts) {
+            for ((key, value) in cCtx.endpointRegistry) {
+                epURIs[key!!.get()] = value.endpointUri
+            }
+        }
+        return epURIs
+    }
+
+    override fun getRouteMetrics(): Map<String, RouteMetrics> {
+        val rdump: MutableMap<String, RouteMetrics> = HashMap()
+        val cCtxs = camelContexts
+        for (cCtx in cCtxs) {
+            val mcc = cCtx.adapt(ModelCamelContext::class.java)
+            val rds = mcc.routeDefinitions
+            for (rd in rds) {
+                var stat: RouteStatDump?
+                try {
+                    stat = getRouteStats(cCtx, rd)
+                    if (stat != null) {
+                        val m = RouteMetrics()
+                        m.completed = stat.exchangesCompleted
+                        m.redeliveries = stat.redeliveries
+                        m.failed = stat.exchangesFailed
+                        m.failuresHandled = stat.failuresHandled
+                        m.inflight = stat.exchangesInflight
+                        m.maxProcessingTime = stat.maxProcessingTime
+                        m.minProcessingTime = stat.minProcessingTime
+                        m.meanProcessingTime = stat.meanProcessingTime
+                        rdump[rd.id] = m
+                    }
+                } catch (e: MalformedObjectNameException) {
+                    LOG.error(e.message, e)
+                } catch (e: AttributeNotFoundException) {
+                    LOG.error(e.message, e)
+                } catch (e: InstanceNotFoundException) {
+                    LOG.error(e.message, e)
+                } catch (e: MBeanException) {
+                    LOG.error(e.message, e)
+                } catch (e: ReflectionException) {
+                    LOG.error(e.message, e)
+                } catch (e: JAXBException) {
+                    LOG.error(e.message, e)
+                }
+            }
+        }
+        return rdump
+    }
+
+    override fun delRoute(routeId: String) {
+        val cCtxs = camelContexts
+        for (cCtx in cCtxs) {
+            val mcc = cCtx.adapt(ModelCamelContext::class.java)
+            for (rd in mcc.routeDefinitions) {
+                if (rd.id == routeId) {
+                    try {
+                        cCtx.removeRoute(rd.id)
+                    } catch (e: Exception) {
+                        LOG.error(e.message, e)
+                    }
+                    return
+                }
+            }
+        }
+    }
+
+    // sort the list
+    private val camelContexts: List<CamelContext>
+        get() {
+            return try {
+                ctx.bundleContext.getServiceReferences(CamelContext::class.java.name, null)
+                        ?.run {
+                            mapNotNull { reference -> ctx.bundleContext.getService(reference) }
+                                    .map { CamelContext::class.java.cast(it) }
+                                    .sortedWith(Comparator.comparing { it.name })
+                        } ?: emptyList()
+
+            } catch (e: Exception) {
+                LOG.warn("Cannot retrieve the list of Camel contexts.", e)
+                emptyList()
+            }
+        }
+
+    /**
+     * Wraps a RouteDefinition in a RouteObject for use over API.
+     *
+     * @param cCtx Camel Context
+     * @param rd The RouteDefinition to be transformed
+     * @return The resulting RouteObject
+     */
+    private fun routeDefinitionToObject(
+            cCtx: CamelContext, rd: RouteDefinition): RouteObject {
+        return RouteObject(
+                rd.id,
+                rd.descriptionText,
+                routeToDot(rd),
+                rd.shortName,
+                cCtx.name,
+                cCtx.uptimeMillis,
+                cCtx.routeController.getRouteStatus(rd.id).toString())
+    }
+
+    /**
+     * Creates a visualization of a Camel route in DOT (graphviz) format.
+     *
+     * @param rd The route definition to process
+     * @return The string representation of the Camel route in DOT
+     */
+    private fun routeToDot(rd: RouteDefinition): String {
+        var result = ""
+        try {
+            val viz = CamelRouteToDot()
+            val bos = ByteArrayOutputStream()
+            val writer = BufferedWriter(OutputStreamWriter(bos, StandardCharsets.UTF_8))
+            viz.printSingleRoute(writer, rd)
+            writer.flush()
+            result = bos.toString(StandardCharsets.UTF_8)
+        } catch (e: IOException) {
+            LOG.error(e.message, e)
+        }
+        return result
+    }
+
+    override fun getRouteInputUris(routeId: String): List<String> {
+        for (ctx in camelContexts) {
+            val mcc = ctx.adapt(ModelCamelContext::class.java)
+            for (rd in mcc.routeDefinitions) {
+                if (routeId == rd.id) {
+                    return listOf(rd.input.uri)
+                }
+            }
+        }
+        return emptyList()
+    }
+
+    @Throws(MalformedObjectNameException::class, JAXBException::class, AttributeNotFoundException::class, InstanceNotFoundException::class, MBeanException::class, ReflectionException::class)
+    fun getRouteStats(cCtx: CamelContext, rd: RouteDefinition): RouteStatDump? {
+        val context = JAXBContext.newInstance(RouteStatDump::class.java)
+        val unmarshaller = context.createUnmarshaller()
+        val agent = cCtx.managementStrategy.managementAgent
+        if (agent != null) {
+            val mBeanServer = agent.mBeanServer
+            val set = mBeanServer.queryNames(
+                    ObjectName(
+                            DefaultManagementAgent.DEFAULT_DOMAIN
+                                    + ":type=routes,name=\""
+                                    + rd.id
+                                    + "\",*"),
+                    null)
+            for (routeMBean in set) {
+                // the route must be part of the camel context
+                val camelId = mBeanServer.getAttribute(routeMBean, "CamelId") as String?
+                if (camelId != null && camelId == cCtx.name) {
+                    val xml = mBeanServer.invoke(
+                            routeMBean,
+                            "dumpRouteStatsAsXml", arrayOf<Any>(false, true), arrayOf("boolean", "boolean")) as String
+                    return unmarshaller.unmarshal(StringReader(xml)) as RouteStatDump
+                }
+            }
+        }
+        return null
+    }
+
+    /**
+     * Retrieves the Prolog representation of a route
+     *
+     * @param routeId The id of the route that is to be exported
+     */
+    override fun getRouteAsProlog(routeId: String): String {
+        val c = camelContexts
+                .parallelStream()
+                .filter { cCtx: CamelContext -> cCtx.adapt(ModelCamelContext::class.java).getRouteDefinition(routeId) != null }
+                .findAny()
+        if (c.isPresent) {
+            try {
+                val rd = c.get().adapt(ModelCamelContext::class.java).getRouteDefinition(routeId)
+                val writer = StringWriter()
+                PrologPrinter().printSingleRoute(writer, rd)
+                writer.flush()
+                return writer.toString()
+            } catch (e: IOException) {
+                LOG.error("Error printing route to prolog $routeId", e)
+            }
+        }
+        return ""
+    }
+
+    /**
+     * Retrieves the textual representation of a route
+     *
+     * @param routeId The id of the route that is to be exported
+     */
+    override fun getRouteAsString(routeId: String): String? {
+        for (c in camelContexts) {
+            val rd = c.adapt(ModelCamelContext::class.java).getRouteDefinition(routeId) ?: continue
+            try {
+                return ModelHelper.dumpModelAsXml(c, rd)
+            } catch (e: JAXBException) {
+                LOG.error(e.message, e)
+            }
+        }
+        return null
+    }
+
+    /**
+     * Save a route, replacing it with a new representation within the same context
+     *
+     * @param routeId ID of the route to save
+     * @param routeRepresentation The new textual representation of the route (XML etc.)
+     * @throws RouteException If the route does not exist or some Exception was thrown during route
+     * replacement.
+     */
+    @Throws(RouteException::class)
+    override fun saveRoute(routeId: String, routeRepresentation: String): RouteObject {
+        LOG.debug("Save route \"$routeId\": $routeRepresentation")
+        var cCtx: CamelContext? = null
+        var routeStarted = false
+
+        // Find the state and CamelContext of the route to be saved
+        for (c in camelContexts) {
+            val targetRoute = c.getRoute(routeId)
+            if (targetRoute != null) {
+                cCtx = c
+                val serviceStatus = cCtx.routeController.getRouteStatus(routeId)
+                routeStarted = serviceStatus == ServiceStatus.Started || serviceStatus == ServiceStatus.Starting
+                break
+            }
+        }
+        if (cCtx == null) {
+            LOG.error("Could not find route with id \"$routeId\"")
+            throw RouteException("Could not find route with id \"$routeId\"")
+        }
+
+        // Check for validity of route representation
+        var routes: List<RouteDefinition>
+        try {
+            ByteArrayInputStream(routeRepresentation.toByteArray(StandardCharsets.UTF_8)).use { bis ->
+                // Load route(s) from XML
+                val rd = ModelHelper.loadRoutesDefinition(cCtx, bis)
+                routes = rd.routes
+                val id = routes.stream().map { obj: RouteDefinition -> obj.id }.filter { rid: String -> routeId != rid }.findAny()
+                if (id.isPresent) {
+                    throw Exception(
+                            "The new route representation has a different ID: "
+                                    + "Expected \""
+                                    + routeId
+                                    + "\" but got \""
+                                    + id.get()
+                                    + "\"")
+                }
+            }
+        } catch (e: Exception) {
+            LOG.error(e.message, e)
+            throw RouteException(e)
+        }
+
+        // Remove old route from CamelContext
+        try {
+            cCtx.removeRoute(routeId)
+        } catch (e: Exception) {
+            LOG.error("Error while removing old route \"$routeId\"", e)
+            throw RouteException(e)
+        }
+
+        // Add new route and start it if it was started/starting before save
+        return try {
+            val routeDefinition = routes[0]
+            cCtx.adapt(ModelCamelContext::class.java).addRouteDefinition(routeDefinition)
+            if (routeStarted) {
+                cCtx.routeController.startRoute(routeDefinition.id)
+            }
+            routeDefinitionToObject(cCtx, routeDefinition)
+        } catch (e: Exception) {
+            LOG.error("Error while adding new route \"$routeId\"", e)
+            throw RouteException(e)
+        }
+    }
+
+    /**
+     * Create a new route in a fresh context from text
+     *
+     * @param routeRepresentation The textual representation of the route to be inserted
+     * @throws RouteException If a route with that name already exists
+     */
+    @Throws(RouteException::class)
+    override fun addRoute(routeRepresentation: String) {
+        LOG.debug("Adding new route: $routeRepresentation")
+        val existingRoutes = this.routes
+        // @todo: Need to verify that this or the call to CamelContext.start() below actually registers
+        // the route properly
+        val cCtx: CamelContext = DefaultCamelContext()
+        try {
+            ByteArrayInputStream(routeRepresentation.toByteArray(StandardCharsets.UTF_8)).use { bis ->
+                // Load route(s) from XML
+                val rd = ModelHelper.loadRoutesDefinition(cCtx, bis)
+                val routes = rd.routes
+                // Check that intersection of existing and new routes is empty (=we do not allow overwriting
+                // existing route ids)
+                val intersect = routes
+                        .stream()
+                        .filter { r -> existingRoutes.stream().anyMatch { it.id == r.id } }
+                        .map { it.id }
+                        .collect(Collectors.toList())
+                if (intersect.isNotEmpty()) {
+                    throw RouteException(
+                            "Route id already exists. Will not overwrite it. ${intersect.joinToString(", ")}")
+                }
+                cCtx.adapt(ModelCamelContext::class.java).addRouteDefinitions(routes)
+                cCtx.start()
+            }
+        } catch (e: Exception) {
+            LOG.error(e.message, e)
+            throw RouteException(e)
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(RouteManagerService::class.java)
+    }
+}
\ No newline at end of file
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/CamelRouteToDot.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/CamelRouteToDot.kt
new file mode 100644
index 000000000..0591cfcfd
--- /dev/null
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/CamelRouteToDot.kt
@@ -0,0 +1,231 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-route-manager
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.rm.util
+
+import org.apache.camel.model.*
+import org.apache.camel.util.ObjectHelper
+import java.io.IOException
+import java.io.PrintWriter
+import java.io.Writer
+import java.util.*
+
+/**
+ * Camel route definition to GraphViz converter.
+ *
+ *
+ * The output can be turned into pictures using dot, neato, and others.
+ */
+class CamelRouteToDot {
+    private val nodeMap: MutableMap<Any?, NodeData> = IdentityHashMap()
+    private var clusterCounter = 0
+
+    @Throws(IOException::class)
+    private fun printRoutes(writer: Writer, map: Map<String, List<RouteDefinition>>) {
+        val entries = map.entries
+        for ((group, value) in entries) {
+            printRoutes(writer, group, value)
+        }
+    }
+
+    @Throws(IOException::class)
+    private fun printRoutes(writer: Writer, group: String?, routes: List<RouteDefinition>) {
+        if (group != null) {
+            writer.write("""subgraph cluster_${clusterCounter++} {
+""")
+            writer.write("label = \"$group\";\n")
+            writer.write("color = grey;\n")
+            writer.write("style = \"dashed\";\n")
+        }
+        for (route in routes) {
+            printRoute(writer, route, route.input)
+            writer.write("\n")
+        }
+        if (group != null) {
+            writer.write("}\n\n")
+        }
+    }
+
+    /**
+     * Prints graphviz code of a single RouteDefinition to the provided PrintWriter.
+     *
+     * @param writer
+     * @param route
+     * @throws IOException
+     */
+    @Throws(IOException::class)
+    fun printSingleRoute(writer: Writer?, route: RouteDefinition?) {
+        if (writer == null || route == null) {
+            return
+        }
+        writer.write("digraph { rankdir=LR; size=\"4.5,5.5\" \n\n")
+        writer.write("node [shape=\"box\", style = \"filled\", fillcolor = white, "
+                + "fontname=\"Helvetica-Oblique\"];")
+        printRoute(writer, route, route.input)
+        writer.write("\n}")
+    }
+
+    @Throws(IOException::class)
+    private fun printRoute(writer: Writer, route: RouteDefinition, input: FromDefinition) {
+        val nodeData = getNodeData(input)
+        printNode(writer, nodeData)
+        var from: NodeData? = nodeData
+        for (output in route.outputs) {
+            from = printNode(writer, from, output)
+        }
+    }
+
+    @Throws(IOException::class)
+    private fun printNode(writer: Writer, fromData: NodeData?, node: ProcessorDefinition<*>?): NodeData? {
+        var fromDataVar = fromData
+        if (node is MulticastDefinition) {
+            // no need for a multicast or interceptor node
+            val outputs = node.getOutputs()
+            val isPipeline = isPipeline(node)
+            for (output in outputs) {
+                val out = printNode(writer, fromDataVar, output)
+                // if in pipeline then we should move the from node to the next
+                // in the pipeline
+                if (isPipeline) {
+                    fromDataVar = out
+                }
+            }
+            return fromDataVar
+        }
+        var toData: NodeData? = getNodeData(node!!)
+        printNode(writer, toData)
+        if (fromDataVar != null) {
+            writer.write(fromDataVar.id)
+            writer.write(" -> ")
+            writer.write(toData!!.id)
+            writer.write(" [\n")
+            val label = fromDataVar.edgeLabel
+            if (ObjectHelper.isNotEmpty(label)) {
+                writer.write("label = \"$label\"\n")
+            }
+            writer.write("];\n")
+        }
+
+        // now lets write any children
+        val outputs = toData!!.outputs
+        if (outputs != null) {
+            for (output in outputs) {
+                val newData = printNode(writer, toData, output)
+                if (!isMulticastNode(node)) {
+                    toData = newData
+                }
+            }
+        }
+        return toData
+    }
+
+    @Throws(IOException::class)
+    private fun printNode(writer: Writer, data: NodeData?) {
+        if (!data!!.nodeWritten) {
+            data.nodeWritten = true
+            writer.write("\n")
+            writer.write("""
+    ${data.id}
+    
+    """.trimIndent())
+            writer.write(" [\n")
+            writer.write("""
+    label = "${data.label}"
+    
+    """.trimIndent())
+            writer.write("""
+    tooltip = "${data.tooltip}"
+    
+    """.trimIndent())
+            val image = data.image
+            if (image != null) {
+                writer.write("shapefile = \"$image\"\n")
+                writer.write("peripheries=0")
+            }
+            var shape = data.shape
+            if (shape == null && image != null) {
+                shape = "custom"
+            }
+            if (shape != null) {
+                writer.write("shape = \"$shape\"\n")
+            }
+            writer.write("];\n\n")
+        }
+    }
+
+    @Throws(IOException::class)
+    fun generateFile(
+            writer: PrintWriter?, map: Map<String, List<RouteDefinition>>?) {
+        if (writer == null || map == null) {
+            return
+        }
+        writer.println("digraph CamelRoutes {")
+        writer.println()
+        writer.println("node [style = \"rounded,filled\", fillcolor = white, color = \"#898989\", "
+                + "fontname=\"Helvetica-Oblique\"];")
+        writer.println()
+        printRoutes(writer, map)
+        writer.println("}")
+    }
+
+    private fun getNodeData(node: Any): NodeData {
+        var key = node
+        if (node is FromDefinition) {
+            key = node.uri
+        } else if (node is ToDefinition) {
+            key = node.uri
+        }
+        var answer: NodeData? = nodeMap[key]
+        if (answer == null) {
+            val id = "node" + (nodeMap.size + 1)
+            answer = NodeData(id, node, PREFIX)
+            nodeMap[key] = answer
+        }
+        return answer
+    }
+
+    private fun isMulticastNode(node: ProcessorDefinition<*>?): Boolean {
+        return node is MulticastDefinition || node is ChoiceDefinition
+    }
+
+    /** Is the given node a pipeline  */
+    private fun isPipeline(node: ProcessorDefinition<*>): Boolean {
+        if (node is MulticastDefinition) {
+            return false
+        }
+        if (node is PipelineDefinition) {
+            return true
+        }
+        if (node.outputs.size > 1) {
+            // is pipeline if there is more than 1 output and they are all To
+            // types
+            for (type in node.outputs) {
+                if (type !is ToDefinition) {
+                    return false
+                }
+            }
+            return true
+        }
+        return false
+    }
+
+    companion object {
+        private const val PREFIX = "http://www.eaipatterns.com/img/"
+    }
+}
\ No newline at end of file
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/GraphProcessor.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/GraphProcessor.kt
new file mode 100644
index 000000000..036aa12ec
--- /dev/null
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/GraphProcessor.kt
@@ -0,0 +1,113 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-route-manager
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.rm.util
+
+import de.fhg.aisec.ids.api.router.graph.Edge
+import de.fhg.aisec.ids.api.router.graph.GraphData
+import de.fhg.aisec.ids.api.router.graph.Node
+import org.apache.camel.model.ChoiceDefinition
+import org.apache.camel.model.OptionalIdentifiedDefinition
+import org.apache.camel.model.ProcessorDefinition
+import org.apache.camel.model.RouteDefinition
+import java.util.*
+import java.util.concurrent.atomic.AtomicInteger
+
+object GraphProcessor {
+    /**
+     * Prints a single Camel route in Prolog representation.
+     *
+     * @param route The route to be transformed
+     */
+    fun processRoute(route: RouteDefinition): GraphData {
+        val gd = GraphData()
+        // Print route entry points
+        processInput(gd, route)
+        return gd
+    }
+
+    /**
+     * Prints a single node of a Camel route in Prolog representation.
+     *
+     * @param graphData
+     * @param current
+     * @param preds
+     * @return
+     */
+    private fun processNode(
+            graphData: GraphData,
+            current: ProcessorDefinition<*>,
+            preds: List<OptionalIdentifiedDefinition<*>>): List<ProcessorDefinition<*>> {
+        for (p in preds) {
+            graphData.addEdge(Edge(p.id, current.id))
+        }
+        graphData.addNode(
+                Node(
+                        current.id,
+                        current.label,
+                        if (current is ChoiceDefinition) Node.NodeType.ChoiceNode else Node.NodeType.Node))
+
+        // predecessor of next recursion is the current node
+        val newPreds: MutableList<ProcessorDefinition<*>> = ArrayList()
+        newPreds.add(current)
+        for (out in current.outputs) {
+            // if this is a ChoiceDefinition, there is no link between its WhereDefinitions.
+            val myPreds = ArrayList<OptionalIdentifiedDefinition<*>>()
+            if (current is ChoiceDefinition) {
+                myPreds.add(current)
+            } else {
+                // @TODO: Looks somewhat strange... is this correct?
+                myPreds.addAll(newPreds)
+            }
+
+            // Recursion ...
+            val p = processNode(graphData, out, myPreds)
+
+            // Predecessors of a ChoiceDefinition are all last stmts of its Where- and
+            // OtherwiseDefinitions
+            if (current is ChoiceDefinition) {
+                newPreds.addAll(p)
+            } else {
+                newPreds.clear()
+                newPreds.addAll(p)
+            }
+        }
+        return newPreds
+    }
+
+    /**
+     * Prints a single FromDefinition (= a route entry point) in Prolog representation.
+     */
+    private fun processInput(
+            graphData: GraphData, route: RouteDefinition) {
+        val counter = AtomicInteger(0)
+        val i = route.input
+        // Make sure every input node has a unique id
+        if (i.id == null) {
+            i.customId = true
+            i.id = "input$counter"
+        }
+        graphData.addNode(Node(i.id, i.label, Node.NodeType.EntryNode))
+        var prev: OptionalIdentifiedDefinition<*>? = i
+        for (next in route.outputs) {
+            processNode(graphData, next, prev?.let { listOf(it) } ?: emptyList())
+            prev = next
+        }
+    }
+}
\ No newline at end of file
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/NodeData.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/NodeData.kt
new file mode 100644
index 000000000..1d326b6d9
--- /dev/null
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/NodeData.kt
@@ -0,0 +1,187 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-route-manager
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.rm.util
+
+import org.apache.camel.model.*
+import org.apache.camel.util.ObjectHelper
+import java.util.*
+
+/** Represents a node in Graphviz representation of a route.  */
+class NodeData(var id: String, node: Any?, imagePrefix: String) {
+    var image: String? = null
+    var label: String? = null
+    var shape: String? = null
+    var edgeLabel: String? = null
+    var tooltip: String? = null
+    var nodeType: String? = null
+    var nodeWritten = false
+    var url: String? = null
+    var outputs: List<ProcessorDefinition<*>>? = null
+
+    private fun removeQueryString(text: String?): String? {
+        val idx = text!!.indexOf('?')
+        return if (idx <= 0) {
+            text
+        } else {
+            text.substring(0, idx)
+        }
+    }
+
+    companion object {
+        /** Inserts a space before each upper case letter after a lowercase  */
+        fun insertSpacesBetweenCamelCase(name: String): String {
+            var lastCharacterLowerCase = false
+            val buffer = StringBuilder()
+            var i = 0
+            val size = name.length
+            while (i < size) {
+                val ch = name[i]
+                lastCharacterLowerCase = if (Character.isUpperCase(ch)) {
+                    if (lastCharacterLowerCase) {
+                        buffer.append(' ')
+                    }
+                    false
+                } else {
+                    true
+                }
+                buffer.append(ch)
+                i++
+            }
+            return buffer.toString()
+        }
+    }
+
+    init {
+        if (node is ProcessorDefinition<*>) {
+            edgeLabel = node.label
+        }
+        when (node) {
+            is FromDefinition -> {
+                tooltip = node.label
+                label = removeQueryString(tooltip)
+                url = "http://camel.apache.org/message-endpoint.html"
+            }
+            is ToDefinition -> {
+                tooltip = node.label
+                label = removeQueryString(tooltip)
+                edgeLabel = ""
+                url = "http://camel.apache.org/message-endpoint.html"
+            }
+            is FilterDefinition -> {
+                image = imagePrefix + "MessageFilterIcon.png"
+                label = "Filter"
+                nodeType = "Message Filter"
+            }
+            is WhenDefinition -> {
+                image = imagePrefix + "MessageFilterIcon.png"
+                nodeType = "When Filter"
+                label = "When"
+                url = "http://camel.apache.org/content-based-router.html"
+            }
+            is OtherwiseDefinition -> {
+                nodeType = "Otherwise"
+                edgeLabel = ""
+                url = "http://camel.apache.org/content-based-router.html"
+                tooltip = "Otherwise"
+            }
+            is ChoiceDefinition -> {
+                image = imagePrefix + "ContentBasedRouterIcon.png"
+                nodeType = "Content Based Router"
+                label = "Choice"
+                edgeLabel = ""
+                val choice = node
+                val outputs: MutableList<ProcessorDefinition<*>> = ArrayList(choice.whenClauses)
+                if (choice.otherwise != null) {
+                    outputs.add(choice.otherwise)
+                }
+                this.outputs = outputs
+            }
+            is RecipientListDefinition<*> -> {
+                image = imagePrefix + "RecipientListIcon.png"
+                nodeType = "Recipient List"
+            }
+            is RoutingSlipDefinition<*> -> {
+                image = imagePrefix + "RoutingTableIcon.png"
+                nodeType = "Routing Slip"
+                url = "http://camel.apache.org/routing-slip.html"
+            }
+            is SplitDefinition -> {
+                image = imagePrefix + "SplitterIcon.png"
+                nodeType = "Splitter"
+            }
+            is AggregateDefinition -> {
+                image = imagePrefix + "AggregatorIcon.png"
+                nodeType = "Aggregator"
+            }
+            is ResequenceDefinition -> {
+                image = imagePrefix + "ResequencerIcon.png"
+                nodeType = "Resequencer"
+            }
+            is BeanDefinition -> {
+                nodeType = "Bean Ref"
+                label = node.label + " Bean"
+                shape = "box"
+            }
+            is TransformDefinition -> {
+                nodeType = "Transform"
+                url = "http://camel.apache.org/message-translator.html"
+            }
+        }
+
+        // lets auto-default as many values as we can
+        if (ObjectHelper.isEmpty(nodeType) && node != null) {
+            var name = node.javaClass.name
+            val idx = name.lastIndexOf('.')
+            if (idx > 0) {
+                name = name.substring(idx + 1)
+            }
+            if (name.endsWith("Type")) {
+                name = name.substring(0, name.length - 4)
+            }
+            nodeType = insertSpacesBetweenCamelCase(name)
+        }
+        if (label == null) {
+            if (ObjectHelper.isEmpty(image)) {
+                label = nodeType
+                shape = "box"
+            } else if (ObjectHelper.isNotEmpty(edgeLabel)) {
+                label = ""
+            } else {
+                label = node.toString()
+            }
+        }
+        if (ObjectHelper.isEmpty(tooltip)) {
+            if (ObjectHelper.isNotEmpty(nodeType)) {
+                val description = if (ObjectHelper.isNotEmpty(edgeLabel)) edgeLabel else label
+                tooltip = nodeType + ": " + description
+            } else {
+                tooltip = label
+            }
+        }
+        if (ObjectHelper.isEmpty(url) && ObjectHelper.isNotEmpty(nodeType)) {
+            url = ("http://camel.apache.org/"
+                    + nodeType!!.toLowerCase(Locale.ENGLISH).replace(' ', '-')
+                    + ".html")
+        }
+        if (node is ProcessorDefinition<*> && outputs == null) {
+            outputs = node.outputs
+        }
+    }
+}
\ No newline at end of file
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologNode.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologNode.kt
new file mode 100644
index 000000000..8460bbe69
--- /dev/null
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologNode.kt
@@ -0,0 +1,118 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-route-manager
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.rm.util
+
+import org.apache.camel.model.*
+import org.apache.camel.util.ObjectHelper
+import java.util.*
+
+/** Represents a node in the EIP diagram tree  */
+class PrologNode(node: Any) {
+    //	public String id;
+    private var nodeType: String? = null
+    private var value: String? = null
+
+    //	public String predicate = "has_url";
+    private var outputs: List<ProcessorDefinition<*>>? = null
+
+    init {
+        //		this.id = id;
+        if (node is ProcessorDefinition<*>) {
+            //			this.predicate = "has_operation";
+            value = node.label
+        }
+        when (node) {
+            is FromDefinition -> {
+                nodeType = "from"
+                //			this.predicate = "has_url";
+                value = node.endpointUri
+            }
+            is ToDefinition -> {
+                value = node.endpointUri
+                nodeType = "to"
+            }
+            is FilterDefinition -> {
+                nodeType = "message_filter"
+            }
+            is WhenDefinition -> {
+                nodeType = "when"
+                value = node.expression.expression
+            }
+            is OtherwiseDefinition -> {
+                nodeType = "otherwise"
+                value = ""
+            }
+            is ChoiceDefinition -> {
+                val outputs: MutableList<ProcessorDefinition<*>> = ArrayList(node.whenClauses)
+                if (node.otherwise != null) {
+                    outputs.add(node.otherwise)
+                }
+                this.outputs = outputs
+                nodeType = "choice"
+            }
+            is RecipientListDefinition<*> -> {
+                //			this.predicate = "recipient_list";
+                value = node.label
+                nodeType = "recipients"
+            }
+            is RoutingSlipDefinition<*> -> {
+                value = node.label
+                nodeType = "slip"
+            }
+            is SplitDefinition -> {
+                nodeType = "splitter"
+            }
+            is AggregateDefinition -> {
+                nodeType = "aggregator"
+            }
+            is ResequenceDefinition -> {
+                //			this.predicate = "resequence";
+                value = node.label
+            }
+            is BeanDefinition -> {
+                //			this.predicate = "bean";
+                value = node.label
+            }
+            is TransformDefinition -> {
+                value = node.label
+                //			this.predicate = "transform";
+            }
+        }
+
+        // lets auto-default as many values as we can
+        if (ObjectHelper.isEmpty(nodeType)) {
+            var name = node.javaClass.name
+            val idx = name.lastIndexOf('.')
+            if (idx > 0) {
+                name = name.substring(idx + 1)
+            }
+            if (name.endsWith("Type")) {
+                name = name.substring(0, name.length - 4)
+            }
+            nodeType = name
+        }
+        if (ObjectHelper.isEmpty(value) && ObjectHelper.isNotEmpty(nodeType)) {
+            value = nodeType
+        }
+        if (node is ProcessorDefinition<*> && outputs == null) {
+            outputs = node.outputs
+        }
+    }
+}
\ No newline at end of file
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologPrinter.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologPrinter.kt
new file mode 100644
index 000000000..b3fb3c93d
--- /dev/null
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologPrinter.kt
@@ -0,0 +1,136 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-route-manager
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.rm.util
+
+import org.apache.camel.model.ChoiceDefinition
+import org.apache.camel.model.OptionalIdentifiedDefinition
+import org.apache.camel.model.ProcessorDefinition
+import org.apache.camel.model.RouteDefinition
+import java.io.IOException
+import java.io.Writer
+import java.util.*
+import java.util.concurrent.atomic.AtomicInteger
+
+class PrologPrinter {
+    /**
+     * Prints a single Camel route in Prolog representation.
+     *
+     * @param writer
+     * @param route
+     * @throws IOException
+     */
+    @Throws(IOException::class)
+    fun printSingleRoute(writer: Writer?, route: RouteDefinition?) {
+        if (writer == null || route == null) {
+            return
+        }
+
+        // Print route entry points
+        printInput(writer, route)
+    }
+
+    /**
+     * Prints a single node of a Camel route in Prolog representation.
+     *
+     * @param writer
+     * @param current
+     * @param preds
+     * @return
+     * @throws IOException
+     */
+    @Throws(IOException::class)
+    private fun printNode(
+            writer: Writer, current: ProcessorDefinition<*>, preds: List<OptionalIdentifiedDefinition<*>>): List<ProcessorDefinition<*>> {
+        for (p in preds) {
+            writer.write("""
+    succ(${p.id}, ${current.id}).
+    
+    """.trimIndent())
+        }
+        writer.write("""
+    stmt(${current.id}).
+    
+    """.trimIndent())
+        writer.write("""
+    has_action(${current.id}, "${current.label}").
+    
+    """.trimIndent())
+
+        // predecessor of next recursion is the current node
+        val newPreds: MutableList<ProcessorDefinition<*>> = ArrayList()
+        newPreds.add(current)
+        for (out in current.outputs) {
+            // if this is a ChoiceDefinition, there is no link between its WhereDefinitions.
+            val myPreds = ArrayList<OptionalIdentifiedDefinition<*>>()
+            if (current is ChoiceDefinition) {
+                myPreds.add(current)
+            } else {
+                // @TODO: Looks somewhat strange... is this correct?
+                myPreds.addAll(newPreds)
+            }
+
+            // Recursion ...
+            val p = printNode(writer, out, myPreds)
+
+            // Predecessors of a ChoiceDefinition are all last stmts of its Where- and
+            // OtherwiseDefinitions
+            if (current is ChoiceDefinition) {
+                newPreds.addAll(p)
+            } else {
+                newPreds.clear()
+                newPreds.addAll(p)
+            }
+        }
+        return newPreds
+    }
+
+    /**
+     * Prints a single FromDefinition (= a route entry point) in Prolog representation.
+     *
+     * @throws IOException
+     */
+    @Throws(IOException::class)
+    private fun printInput(writer: Writer, route: RouteDefinition) {
+        val counter = AtomicInteger(0)
+        val i = route.input
+        // Make sure every input node has a unique id
+        if (i.id == null) {
+            i.customId = true
+            i.id = "input" + counter.incrementAndGet()
+        }
+        writer.write("""
+    stmt(${i.id}).
+    
+    """.trimIndent())
+        writer.write("""
+    entrynode(${i.id}).
+    
+    """.trimIndent())
+        writer.write("""
+    has_action(${i.id}, "${i.label}").
+    
+    """.trimIndent())
+        var prev: OptionalIdentifiedDefinition<*>? = i
+        for (next in route.outputs) {
+            printNode(writer, next, prev?.let { listOf(it) } ?: emptyList())
+            prev = next
+        }
+    }
+}
\ No newline at end of file
diff --git a/ids-route-manager/src/main/resources/log4j2-test.xml b/ids-route-manager/src/main/resources/log4j2-test.xml
new file mode 100644
index 000000000..c160b2637
--- /dev/null
+++ b/ids-route-manager/src/main/resources/log4j2-test.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ========================LICENSE_START=================================
+  Camel IDS Component
+  %%
+  Copyright (C) 2017 Fraunhofer AISEC
+  %%
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+  
+       http://www.apache.org/licenses/LICENSE-2.0
+  
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+  =========================LICENSE_END==================================
+  -->
+
+<Configuration package="log4j.test" status="WARN">
+<Appenders>
+    <Console name="Console" target="SYSTEM_OUT">
+        <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
+    </Console>
+</Appenders>
+<Loggers>
+    <Logger name="de.fhg" level="DEBUG" additivity="false">
+        <AppenderRef ref="Console" level="DEBUG" />
+    </Logger>
+    <Logger name="log4j.test.Log4jTest" level="INFO" additivity="false">
+        <AppenderRef ref="Console"/>
+    </Logger>
+    <Root level="INFO" additivity="false">
+        <AppenderRef ref="Console"/>
+    </Root>
+</Loggers>
+</Configuration>
diff --git a/ids-route-manager/src/test/java/de/fhg/aisec/ids/rm/RouteMetricsTest.java b/ids-route-manager/src/test/java/de/fhg/aisec/ids/rm/RouteMetricsTest.java
deleted file mode 100644
index 205e3a773..000000000
--- a/ids-route-manager/src/test/java/de/fhg/aisec/ids/rm/RouteMetricsTest.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-route-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.rm;
-
-import org.apache.camel.builder.RouteBuilder;
-import org.apache.camel.component.mock.MockEndpoint;
-import org.apache.camel.model.ModelCamelContext;
-import org.apache.camel.support.dump.RouteStatDump;
-import org.apache.camel.test.junit4.CamelTestSupport;
-import org.junit.Test;
-
-import java.util.Arrays;
-
-public class RouteMetricsTest extends CamelTestSupport {
-  protected static final String TEST_MESSAGE = "Hello World!";
-
-  @Test
-  public void testRouteStats() throws Exception {
-    final int MSG_COUNT = 123;
-    RouteManagerService rm = new RouteManagerService();
-    MockEndpoint mock = getMockEndpoint("mock:result");
-    var bodies = new String[MSG_COUNT];
-    Arrays.fill(bodies, TEST_MESSAGE);
-    mock.expectedBodiesReceived(Arrays.asList(bodies));
-
-    // Send MSG_COUNT Exchange objects into this route
-    for (int i = 0; i < MSG_COUNT; i++) {
-      template.sendBody("direct:input", TEST_MESSAGE);
-    }
-
-    // Make sure everything was received at the end of the route
-    mock.assertIsSatisfied();
-
-    // Retrieve route statistics from RouteManager and make sure they match expectations
-    RouteStatDump after =
-        rm.getRouteStats(
-            template.getCamelContext(),
-            template.getCamelContext().adapt(ModelCamelContext.class).getRouteDefinition("foo"));
-    assertEquals(MSG_COUNT, (long) after.getExchangesCompleted());
-    assertEquals(0L, (long) after.getExchangesFailed());
-    assertEquals(0L, (long) after.getRedeliveries());
-  }
-
-  @Override
-  protected RouteBuilder[] createRouteBuilders() {
-    // Define the most simple route for testing
-    RouteBuilder rb = new RouteBuilder() {
-      public void configure() {
-        from("direct:input")
-            .routeId("foo")
-            .log(">>> Message from direct to mock: ${body}")
-            .to("mock:result");
-      }
-    };
-    return new RouteBuilder[] { rb };
-  }
-}
diff --git a/ids-route-manager/src/test/kotlin/de/fhg/aisec/ids/rm/RouteMetricsTest.kt b/ids-route-manager/src/test/kotlin/de/fhg/aisec/ids/rm/RouteMetricsTest.kt
new file mode 100644
index 000000000..409a9ac80
--- /dev/null
+++ b/ids-route-manager/src/test/kotlin/de/fhg/aisec/ids/rm/RouteMetricsTest.kt
@@ -0,0 +1,72 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-route-manager
+ * %%
+ * Copyright (C) 2019 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
+package de.fhg.aisec.ids.rm
+
+import org.apache.camel.builder.RouteBuilder
+import org.apache.camel.model.ModelCamelContext
+import org.apache.camel.test.junit4.CamelTestSupport
+import org.junit.Test
+import java.util.*
+
+class RouteMetricsTest : CamelTestSupport() {
+    @Test
+    @Throws(Exception::class)
+    fun testRouteStats() {
+        val MSG_COUNT = 123
+        val rm = RouteManagerService()
+        val mock = getMockEndpoint("mock:result")
+        val bodies = arrayOfNulls<String>(MSG_COUNT)
+        Arrays.fill(bodies, TEST_MESSAGE)
+        mock.expectedBodiesReceived(listOf(*bodies))
+
+        // Send MSG_COUNT Exchange objects into this route
+        for (i in 0 until MSG_COUNT) {
+            template.sendBody("direct:input", TEST_MESSAGE)
+        }
+
+        // Make sure everything was received at the end of the route
+        mock.assertIsSatisfied()
+
+        // Retrieve route statistics from RouteManager and make sure they match expectations
+        val after = rm.getRouteStats(
+                template.camelContext,
+                template.camelContext.adapt(ModelCamelContext::class.java).getRouteDefinition("foo"))
+        assertEquals(MSG_COUNT.toLong(), after!!.exchangesCompleted as Long)
+        assertEquals(0L, after.exchangesFailed as Long)
+        assertEquals(0L, after.redeliveries as Long)
+    }
+
+    override fun createRouteBuilders(): Array<RouteBuilder> {
+        // Define the most simple route for testing
+        val rb: RouteBuilder = object : RouteBuilder() {
+            override fun configure() {
+                from("direct:input")
+                        .routeId("foo")
+                        .log(">>> Message from direct to mock: \${body}")
+                        .to("mock:result")
+            }
+        }
+        return arrayOf(rb)
+    }
+
+    companion object {
+        const val TEST_MESSAGE = "Hello World!"
+    }
+}
\ No newline at end of file
diff --git a/ids-webconsole/build.gradle b/ids-webconsole/build.gradle
index 7176a0f7f..fd0101bf8 100644
--- a/ids-webconsole/build.gradle
+++ b/ids-webconsole/build.gradle
@@ -59,9 +59,6 @@ dependencies {
     // Actual implementation must be provided by ids-infomodel-manager
     compileOnly group: 'de.fraunhofer.iais.eis.ids.infomodel', name: 'java', version: libraryVersions.infomodel
 
-    // Bill of Materials (BOM) for Camel
-    bom group: 'org.apache.camel', name: 'camel-parent', version: libraryVersions.camel
-
     providedByFeature group: 'javax.servlet', name: 'javax.servlet-api', version: libraryVersions.javaxServlet
 
     providedByFeature group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
diff --git a/idscp2-app-layer/bnd.bnd b/idscp2-app-layer/bnd.bnd
index 3cfdb47aa..bb5171797 100644
--- a/idscp2-app-layer/bnd.bnd
+++ b/idscp2-app-layer/bnd.bnd
@@ -1,5 +1,5 @@
-Bundle-Name: IDS :: IDS Communication Protocol
-Bundle-Description: IDS Communication Protocol
+Bundle-Name: IDS :: IDSCP2
+Bundle-Description: IDSCP2 protocol implementation
 Export-Package: \
   de.fhg.aisec.ids.idscp2.app_layer*
 Import-Package: \
diff --git a/idscp2-app-layer/build.gradle.kts b/idscp2-app-layer/build.gradle.kts
index fd361caac..7ccb6d48e 100644
--- a/idscp2-app-layer/build.gradle.kts
+++ b/idscp2-app-layer/build.gradle.kts
@@ -29,11 +29,11 @@ configure<IdeaModel> {
 }
 
 dependencies {
-    providedByBundle(project(":idscp2")) { isTransitive = false }
+    providedByBundle(project(":idscp2"))
 
     providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
 
     // Supplied by ids-infomodel-manager
-    compileOnly("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
-    compileOnly("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodelSerializer"])
+    publishCompile("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
+    publishCompile("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodel"])
 }
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
index 206922170..3f1b5564f 100644
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
@@ -2,6 +2,7 @@ package de.fhg.aisec.ids.idscp2.app_layer
 
 import com.google.protobuf.ByteString
 import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
+import de.fhg.aisec.ids.idscp2.app_layer.listeners.IdsMessageListener
 import de.fhg.aisec.ids.idscp2.app_layer.messages.AppLayer
 import de.fhg.aisec.ids.idscp2.drivers.interfaces.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2Connection
@@ -9,44 +10,54 @@ import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2ConnectionImpl
 import de.fhg.aisec.ids.idscp2.idscp_core.Idscp2MessageListener
 import de.fhg.aisec.ids.idscp2.idscp_core.configuration.Idscp2Settings
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
+import de.fraunhofer.iais.eis.Message
 import org.slf4j.LoggerFactory
 import java.util.*
 
 class AppLayerConnection private constructor(private val idscp2Connection: Idscp2Connection) :
         Idscp2Connection by idscp2Connection {
-    private var idscp2MessageListener: Idscp2MessageListener? = null
-    private val genericMessageListeners: MutableSet<GenericMessageListener> = Collections.synchronizedSet(HashSet())
-
-    constructor(secureChannel: SecureChannel, settings: Idscp2Settings, dapsDriver: DapsDriver) :
-            this(Idscp2ConnectionImpl(secureChannel, settings, dapsDriver))
-
-    private fun assureMessageListener() {
-        if (idscp2MessageListener == null) {
-            val listener = Idscp2MessageListener { _, data ->
-                try {
-                    val appLayerMessage = AppLayer.AppLayerMessage.parseFrom(data)
-                    if (LOG.isTraceEnabled) {
-                        LOG.trace("Received AppLayerMessage ${appLayerMessage.messageCase}")
+    private val idscp2MessageListener: Idscp2MessageListener = Idscp2MessageListener { _, data ->
+        try {
+            val appLayerMessage = AppLayer.AppLayerMessage.parseFrom(data)
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received AppLayerMessage ${appLayerMessage.messageCase}")
+            }
+            when (appLayerMessage.messageCase) {
+                AppLayer.AppLayerMessage.MessageCase.GENERICMESSAGE -> {
+                    genericMessageListeners.forEach { listener ->
+                        val genericMessage = appLayerMessage.genericMessage
+                        listener.onMessage(
+                                this,
+                                genericMessage.header,
+                                genericMessage.payload?.toByteArray())
                     }
-                    when (appLayerMessage.messageCase) {
-                        AppLayer.AppLayerMessage.MessageCase.GENERICMESSAGE -> {
-                            genericMessageListeners.forEach {
-                                val genericMessage = appLayerMessage.genericMessage
-                                it.onMessage(this,
-                                        genericMessage.header,
-                                        genericMessage.payload?.toByteArray())
-                            }
-                        }
-                        else -> LOG.warn("Unknown app layer message header encountered.")
+                }
+                AppLayer.AppLayerMessage.MessageCase.IDSMESSAGE -> {
+                    idsMessageListeners.forEach { listener ->
+                        val idsMessage = appLayerMessage.idsMessage
+                        listener.onMessage(
+                                this,
+                                idsMessage.header?.let {
+                                    Utils.SERIALIZER.deserialize(it, Message::class.java)
+                                },
+                                idsMessage.payload?.toByteArray())
                     }
-                } catch (e: Exception) {
-                    LOG.error("Error processing AppLayerMessage", e)
                 }
+                else -> LOG.warn("Unknown IDSCP2 app layer message type encountered.")
             }
-            idscp2Connection.addMessageListener(listener)
-            idscp2MessageListener = listener
+        } catch (e: Exception) {
+            LOG.error("Error processing AppLayerMessage", e)
         }
     }
+    private val genericMessageListeners: MutableSet<GenericMessageListener> =
+            Collections.synchronizedSet(LinkedHashSet())
+    private val idsMessageListeners: MutableSet<IdsMessageListener> =
+            Collections.synchronizedSet(LinkedHashSet())
+
+    constructor(secureChannel: SecureChannel, settings: Idscp2Settings, dapsDriver: DapsDriver) :
+            this(Idscp2ConnectionImpl(secureChannel, settings, dapsDriver)) {
+        idscp2Connection.addMessageListener(idscp2MessageListener)
+    }
 
     fun sendGenericMessage(header: String?, payload: ByteArray?) {
         val message = AppLayer.AppLayerMessage.newBuilder()
@@ -65,20 +76,41 @@ class AppLayerConnection private constructor(private val idscp2Connection: Idscp
     }
 
     fun addGenericMessageListener(listener: GenericMessageListener) {
-        assureMessageListener()
         genericMessageListeners += listener
         if (LOG.isTraceEnabled) {
             LOG.trace("Added GenericMessageListener $listener for connection {}", idscp2Connection.id)
         }
     }
 
-    fun removeGenericMessageListener(listener: GenericMessageListener): Boolean {
-        val ret = genericMessageListeners.remove(listener)
-        if (genericMessageListeners.isEmpty()) {
-            idscp2MessageListener?.let { idscp2Connection.removeMessageListener(it) }
-            idscp2MessageListener = null
+    fun removeGenericMessageListener(listener: GenericMessageListener) = genericMessageListeners.remove(listener)
+
+    fun sendIdsMessage(header: Message?, payload: ByteArray?) {
+        val message = AppLayer.AppLayerMessage.newBuilder()
+                .setIdsMessage(AppLayer.IdsMessage.newBuilder()
+                        .also {
+                            if (header != null) {
+                                it.header = Utils.SERIALIZER.serialize(header)
+                            }
+                            if (payload != null) {
+                                it.payload = ByteString.copyFrom(payload)
+                            }
+                        }
+                        .build())
+                .build()
+        idscp2Connection.send(message.toByteArray())
+    }
+
+    fun addIdsMessageListener(listener: IdsMessageListener) {
+        idsMessageListeners += listener
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Added IdsMessageListener $listener for connection {}", idscp2Connection.id)
         }
-        return ret
+    }
+
+    fun removeIdsMessageListener(listener: IdsMessageListener) = idsMessageListeners.remove(listener)
+
+    override fun toString(): String {
+        return "AppLayerConnection($id)"
     }
 
     companion object {
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/Utils.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/Utils.kt
similarity index 72%
rename from camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/Utils.kt
rename to idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/Utils.kt
index 0b4c071bb..b44752372 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/Utils.kt
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/Utils.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
+package de.fhg.aisec.ids.idscp2.app_layer
 
 import de.fraunhofer.iais.eis.ids.jsonld.Serializer
 
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/IdsMessageListener.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/IdsMessageListener.kt
new file mode 100644
index 000000000..86b8ab1e6
--- /dev/null
+++ b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/IdsMessageListener.kt
@@ -0,0 +1,8 @@
+package de.fhg.aisec.ids.idscp2.app_layer.listeners
+
+import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
+import de.fraunhofer.iais.eis.Message
+
+fun interface IdsMessageListener {
+    fun onMessage(connection: AppLayerConnection, header: Message?, payload: ByteArray?)
+}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/proto/idscp2-app.proto b/idscp2-app-layer/src/main/proto/idscp2-app.proto
index dba4ce1c0..ed39d755b 100644
--- a/idscp2-app-layer/src/main/proto/idscp2-app.proto
+++ b/idscp2-app-layer/src/main/proto/idscp2-app.proto
@@ -5,6 +5,7 @@ option java_outer_classname = "AppLayer";
 message AppLayerMessage {
   oneof message {
     GenericMessage genericMessage = 1;
+    IdsMessage idsMessage = 2;
   }
 }
 
@@ -13,4 +14,11 @@ message GenericMessage {
   string header = 1;
   // The actual, generic message payload
   bytes payload = 2;
+}
+
+message IdsMessage {
+  // Arbitrary header string
+  string header = 1;
+  // The actual, generic message payload
+  bytes payload = 2;
 }
\ No newline at end of file
diff --git a/idscp2/bnd.bnd b/idscp2/bnd.bnd
index 8d1e3ec11..767ce5990 100644
--- a/idscp2/bnd.bnd
+++ b/idscp2/bnd.bnd
@@ -1,4 +1,4 @@
-Bundle-Name: IDS :: IDS Communication Protocol
-Bundle-Description: IDS Communication Protocol
+Bundle-Name: IDS :: IDSCP2 App Layer
+Bundle-Description: IDSCP2 application layer implementation
 Export-Package: de.fhg.aisec.ids.idscp2*
 Import-Package: *
\ No newline at end of file
diff --git a/idscp2/build.gradle.kts b/idscp2/build.gradle.kts
index 86c910d37..3f63d011b 100644
--- a/idscp2/build.gradle.kts
+++ b/idscp2/build.gradle.kts
@@ -30,7 +30,7 @@ configure<IdeaModel> {
 
 dependencies {
     // For standalone running of examples
-    implementation("org.jetbrains.kotlin", "kotlin-stdlib-jdk8", libraryVersions["kotlin"])
+    publishCompile("org.jetbrains.kotlin", "kotlin-stdlib-jdk8", libraryVersions["kotlin"])
 
     providedByBundle("com.github.microsoft", "TSS.Java", libraryVersions["tssJava"])
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
index fbae5e457..a8468994f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/Idscp2ConnectionImpl.kt
@@ -98,6 +98,10 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
         return messageListeners.remove(listener)
     }
 
+    override fun toString(): String {
+        return "Idscp2ConnectionImpl($id)"
+    }
+
     companion object {
         private val LOG = LoggerFactory.getLogger(Idscp2ConnectionImpl::class.java)
     }
diff --git a/karaf-features-ids/build.gradle b/karaf-features-ids/build.gradle
index c3def8217..21bf680aa 100644
--- a/karaf-features-ids/build.gradle
+++ b/karaf-features-ids/build.gradle
@@ -9,7 +9,7 @@ ext {
 
 rootProject.configurations.findAll { it.name.endsWith('Bundle') }.each { project.ext.bundleConfigurations.add(it.name) }
 
-rootProject.subprojects.findAll { it.name.matches("(^(camel|ids)-.*|.*-(patch|wrapper)\$)") }.each { p ->
+rootProject.subprojects.findAll { it.name.matches("(^camel-ids(cp2-osgi)?|ids-.*|.*-(patch|wrapper)\$)") }.each { p ->
     Boolean included = false
     // Include each sub-project declaring dependencies with a configuration ending on "Bundle",
     // using exactly that configuration for the dependency itself and selection of additional recursive dependencies.
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index 933b954a1..909299ae3 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -1,8 +1,10 @@
 # Versions for modules that will be released as libraries
 api: "2.1.0"
 idscp: "1.1.0"
-idscp2: "1.0.0"
+idscp2: "0.2.0"
 
+# Kotlin library/compiler version
+kotlin: "1.4.20"
 # basically, the first requirement, all other libraries depend on this version
 karaf: "4.2.9"
 # Jetty version should fit bundled version in karaf
@@ -10,7 +12,6 @@ jetty: "9.4.22.v20191022"
 
 # The used version of the infomodel from IESE
 infomodel: "4.0.0"
-infomodelSerializer: "4.0.0"
 
 # For javax.xml.bind support in newer java versions
 jaxb: "2.2.11"
@@ -36,7 +37,6 @@ felixFramework: "5.6.10"
 ahc: "2.4.9"
 checkerQual: "2.5.2"
 guava: "27.0-jre"
-kotlin: "1.4.10"
 slf4j: "1.7.30"
 junit4: "4.12"
 mockito: "3.2.0"
diff --git a/settings.gradle b/settings.gradle
index 2da46cc74..3a49b1a8c 100644
--- a/settings.gradle
+++ b/settings.gradle
@@ -2,6 +2,7 @@ rootProject.name = 'trusted-connector-core'
 
 include ':camel-ids'
 include ':camel-idscp2'
+include ':camel-idscp2-osgi'
 include ':camel-influxdb'
 include ':camel-multipart-processor'
 include ':cxf-jaxws-patch'

From 0c067449ac6236ea6cc1fed72797a2362baa382e Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 8 Dec 2020 08:23:27 +0100
Subject: [PATCH 196/237] Disabled unused tpmsim in IDSCP2 examples

---
 .../docker-compose-broadcast-client.yaml           | 14 +++++++-------
 .../docker-compose-broadcast-server.yaml           | 14 +++++++-------
 .../example-idscp2/docker-compose-consumer.yaml    | 14 +++++++-------
 .../example-idscp2/docker-compose-provider.yaml    | 14 +++++++-------
 4 files changed, 28 insertions(+), 28 deletions(-)

diff --git a/examples/example-idscp2/docker-compose-broadcast-client.yaml b/examples/example-idscp2/docker-compose-broadcast-client.yaml
index 4480c10e6..1cefa36a5 100644
--- a/examples/example-idscp2/docker-compose-broadcast-client.yaml
+++ b/examples/example-idscp2/docker-compose-broadcast-client.yaml
@@ -2,13 +2,13 @@ version: '3'
 services:
 
   # TPM simulator
-  ids-tpmsim-consumer:
-    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-    volumes:
-      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
-      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-    networks:
-      - consumer-internal
+#  ids-tpmsim-consumer:
+#    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
+#    volumes:
+#      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
+#      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
+#    networks:
+#      - consumer-internal
 
   # The core platform, mounts docker control socket and route definition into the image
   consumer-core:
diff --git a/examples/example-idscp2/docker-compose-broadcast-server.yaml b/examples/example-idscp2/docker-compose-broadcast-server.yaml
index ec2e20f15..1765db7ac 100644
--- a/examples/example-idscp2/docker-compose-broadcast-server.yaml
+++ b/examples/example-idscp2/docker-compose-broadcast-server.yaml
@@ -2,13 +2,13 @@ version: '3'
 services:
 
   # TPM simulator
-  ids-tpmsim-provider:
-    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-    volumes:
-      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
-      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-    networks:
-      - provider-internal
+#  ids-tpmsim-provider:
+#    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
+#    volumes:
+#      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
+#      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
+#    networks:
+#      - provider-internal
 
   # The core platform, mounts docker control socket and route definition into the image
   provider-core:
diff --git a/examples/example-idscp2/docker-compose-consumer.yaml b/examples/example-idscp2/docker-compose-consumer.yaml
index c7dcf7032..3d0ddef40 100644
--- a/examples/example-idscp2/docker-compose-consumer.yaml
+++ b/examples/example-idscp2/docker-compose-consumer.yaml
@@ -2,13 +2,13 @@ version: '3'
 services:
 
   # TPM simulator
-  ids-tpmsim-consumer:
-    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-    volumes:
-      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
-      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-    networks:
-      - consumer-internal
+#  ids-tpmsim-consumer:
+#    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
+#    volumes:
+#      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
+#      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
+#    networks:
+#      - consumer-internal
 
   # The core platform, mounts docker control socket and route definition into the image
   consumer-core:
diff --git a/examples/example-idscp2/docker-compose-provider.yaml b/examples/example-idscp2/docker-compose-provider.yaml
index 942890599..87596110d 100644
--- a/examples/example-idscp2/docker-compose-provider.yaml
+++ b/examples/example-idscp2/docker-compose-provider.yaml
@@ -2,13 +2,13 @@ version: '3'
 services:
 
   # TPM simulator
-  ids-tpmsim-provider:
-    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-    volumes:
-      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
-      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-    networks:
-      - provider-internal
+#  ids-tpmsim-provider:
+#    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
+#    volumes:
+#      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
+#      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
+#    networks:
+#      - provider-internal
 
   # The core platform, mounts docker control socket and route definition into the image
   provider-core:

From 534a403c8299a5ce6d145c63e57bea7d86b97b65 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 8 Dec 2020 10:47:28 +0100
Subject: [PATCH 197/237] IDSCP2 code cleanup

---
 .../default_drivers/daps/DefaultDapsDriver.kt |  17 +-
 .../default_drivers/rat/tpm2d/TPM2dSocket.kt  |   4 +-
 .../secure_channel/client/TLSClient.kt        |   9 +-
 .../ids/idscp2/idscp_core/fsm/DynamicTimer.kt |   9 +-
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 153 ++++++++++--------
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  |   6 +-
 .../idscp2/idscp_core/fsm/StateEstablished.kt |  87 ++++++----
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  |  61 +++----
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   |  48 +++---
 .../fsm/StateWaitForDatAndRatVerifier.kt      |  31 ++--
 .../idscp_core/fsm/StateWaitForHello.kt       |  26 +--
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  |  64 ++++----
 .../idscp_core/fsm/StateWaitForRatProver.kt   |  54 ++++---
 .../idscp_core/fsm/StateWaitForRatVerifier.kt |  54 ++++---
 .../ids/idscp2/idscp_core/fsm/StaticTimer.kt  |   9 +-
 .../rat_registry/RatProverDriverRegistry.kt   |  17 +-
 .../rat_registry/RatVerifierDriverRegistry.kt |  13 +-
 17 files changed, 358 insertions(+), 304 deletions(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
index e08b96db2..15064c122 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
@@ -52,14 +52,13 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
                     config.keyPassword
             )
     private val dapsUrl: String = config.dapsUrl
-    private val cert: X509Certificate?//get http response from DAPS
+    private val cert: X509Certificate = PreConfiguration.getCertificate(
+            config.keyStorePath,
+            config.keyStorePassword,
+            config.keyAlias)  //get http response from DAPS
 
     init {
         //create ssl socket factory for secure
-        cert = PreConfiguration.getCertificate(
-                config.keyStorePath,
-                config.keyStorePassword,
-                config.keyAlias)
         val trustManagers = PreConfiguration.getX509ExtTrustManager(
                 config.trustStorePath,
                 config.trustStorePassword
@@ -90,7 +89,7 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
             // Get AKI
             //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
             val akiOid = Extension.authorityKeyIdentifier.id
-            val rawAuthorityKeyIdentifier = cert!!.getExtensionValue(akiOid)
+            val rawAuthorityKeyIdentifier = cert.getExtensionValue(akiOid)
             val akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIdentifier)
             val aki = AuthorityKeyIdentifier.getInstance(akiOc.octets)
             val authorityKeyIdentifier = aki.keyIdentifier
@@ -155,10 +154,8 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
                 if (!response.isSuccessful) {
                     throw DatException("Received non-200 http response: " + response.code())
                 }
-                if (response.body() == null) {
-                    throw DatException("Received empty DAPS response")
-                }
-                val json = JSONObject(response.body()!!.string())
+                val json = JSONObject(response.body()?.string()
+                    ?: throw DatException("Received empty DAPS response"))
                 if (json.has("access_token")) {
                     token = json.getString("access_token")
                     if (LOG.isDebugEnabled) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt
index 6860bba87..760f4b3cc 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt
@@ -14,9 +14,9 @@ class TPM2dSocket(host: String?) : Socket(host, 9505) {
     private val os: DataOutputStream = DataOutputStream(this.outputStream)
 
     @Throws(IOException::class)
-    fun requestAttestation(request: Tpm2dAttestation.RemoteToTpm2d?): Tpm2dAttestation.Tpm2dToRemote {
+    fun requestAttestation(request: Tpm2dAttestation.RemoteToTpm2d): Tpm2dAttestation.Tpm2dToRemote {
         // Write attestation request message
-        val requestBytes = request!!.toByteArray()
+        val requestBytes = request.toByteArray()
         os.writeInt(requestBytes.size)
         os.write(requestBytes)
         // Read attestation result message
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
index b72cebf66..fe84a8179 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
@@ -33,7 +33,7 @@ class TLSClient<CC: Idscp2Connection>(
 ) : HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
     private val clientSocket: Socket
     private var dataOutputStream: DataOutputStream? = null
-    private var inputListenerThread: InputListenerThread? = null
+    private lateinit var inputListenerThread: InputListenerThread
     private val listenerPromise = CompletableFuture<SecureChannelListener>()
 
     /**
@@ -73,8 +73,9 @@ class TLSClient<CC: Idscp2Connection>(
 
     private fun disconnect() {
         LOG.debug("Disconnecting from TLS server...")
-        //close listener
-        inputListenerThread?.safeStop()
+        if (::inputListenerThread.isInitialized) {
+            inputListenerThread.safeStop()
+        }
         if (!clientSocket.isClosed) {
             try {
                 clientSocket.close()
@@ -139,7 +140,7 @@ class TLSClient<CC: Idscp2Connection>(
             // Try to complete, won't do anything if promise has been cancelled
             listenerPromise.complete(secureChannel)
             val connection = connectionFactory(secureChannel, clientConfiguration)
-            inputListenerThread!!.start()
+            inputListenerThread.start()
             // Try to complete, won't do anything if promise has been cancelled
             connectionFuture.complete(connection)
             if (connectionFuture.isCancelled) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt
index fe24ed341..27972c232 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt
@@ -22,8 +22,7 @@ class DynamicTimer internal constructor(private val fsmIsBusy: ReentrantLock, pr
      */
     fun start(delay: Long) {
         mutex.lock()
-        thread = TimerThread(delay, timeoutHandler, fsmIsBusy)
-        thread!!.start()
+        thread = TimerThread(delay, timeoutHandler, fsmIsBusy).also { it.start() }
         mutex.unlock()
     }
 
@@ -32,10 +31,8 @@ class DynamicTimer internal constructor(private val fsmIsBusy: ReentrantLock, pr
      */
     fun cancelTimeout() {
         mutex.lock()
-        if (thread != null) {
-            thread!!.safeStop()
-            thread = null
-        }
+        thread?.safeStop()
+        thread = null
         mutex.unlock()
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 11c4df831..8bab1a5c0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -1,30 +1,28 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.fsm
 
 import com.google.protobuf.InvalidProtocolBufferException
+import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2HandshakeException
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
 import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.ScFsmListener
+import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpAck
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpData
+import de.fhg.aisec.ids.idscp2.messages.IDSCP2.*
 import kotlinx.coroutines.GlobalScope
 import kotlinx.coroutines.launch
 import org.slf4j.LoggerFactory
 import java.nio.charset.StandardCharsets
 import java.util.*
 import java.util.concurrent.locks.ReentrantLock
-import kotlin.jvm.Throws
+import kotlin.NoSuchElementException
 
 /**
  * The finite state machine FSM of the IDSCP2 protocol
@@ -37,7 +35,11 @@ import kotlin.jvm.Throws
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver: DapsDriver,
+class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
+    /**
+     * Daps Driver instance
+     */
+          private val dapsDriver: DapsDriver,
           attestationConfig: AttestationConfig, ackTimeoutDelay: Long, handshakeTimeoutDelay: Long)
     : RatProverFsmListener, RatVerifierFsmListener, ScFsmListener {
     /*  -----------   IDSCP2 Protocol States   ---------- */
@@ -95,16 +97,11 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     private var currentRatVerifierId //avoid messages from old verifier drivers
             : String? = null
 
-    /**
-     * Daps Driver instance
-     */
-    private val dapsDriver = dapsDriver
-
     /**
      * RAT Mechanisms, calculated during handshake in WAIT_FOR_HELLO_STATE
      */
-    private var proverMechanism: String? = null //RAT prover mechanism
-    private var verifierMechanism: String? = null //RAT Verifier mechanism
+    private lateinit var proverMechanism: String //RAT prover mechanism
+    private lateinit var verifierMechanism: String //RAT Verifier mechanism
 
     /**
      * A FIFO-fair synchronization lock for the finite state machine
@@ -133,7 +130,13 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     /**
      * Check if AckFlag is set
      */
-    private var ackFlag = false
+    var ackFlag = false
+        set(value) {
+            field = value
+            if (!value) {
+                this.bufferedIdscpData = null
+            }
+        }
     private var bufferedIdscpData: IdscpMessage? = null
 
     /**
@@ -385,10 +388,10 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     /**
      * Send idscp data from the fsm via the secure channel to the peer
      */
-    fun sendFromFSM(msg: IdscpMessage?): Boolean {
+    fun sendFromFSM(msg: IdscpMessage): Boolean {
         //send messages from fsm
         return try {
-            secureChannel.send(msg!!.toByteArray())
+            secureChannel.send(msg.toByteArray())
         } catch (e: Exception) {
             // catch secure channel exception within an FSM transition to avoid transition cancellation
             LOG.error("Exception occurred during sending data via the secure channel: {}", e)
@@ -508,16 +511,18 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         //assume verifier mechanism is set
         stopRatVerifierDriver()
         ratVerifierDriver = RatVerifierDriverRegistry.startRatVerifierDriver(verifierMechanism, this)
-        return if (ratVerifierDriver == null) {
-            LOG.error("Cannot create instance of RAT_VERIFIER_DRIVER")
-            currentRatVerifierId = ""
-            false
-        } else {
+        return ratVerifierDriver?.let {
             //safe the thread ID
-            currentRatVerifierId = ratVerifierDriver!!.id.toString()
-            LOG.debug("Start verifier_handshake timeout")
+            currentRatVerifierId = it.id.toString()
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Start verifier_handshake timeout")
+            }
             verifierHandshakeTimer.resetTimeout()
             true
+        } ?: run {
+            LOG.error("Cannot create instance of RAT_VERIFIER_DRIVER")
+            currentRatVerifierId = ""
+            false
         }
     }
 
@@ -548,16 +553,18 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         //assume prover mechanism is set
         stopRatProverDriver()
         ratProverDriver = RatProverDriverRegistry.startRatProverDriver(proverMechanism, this)
-        return if (ratProverDriver == null) {
+        return ratProverDriver?.let {
+            // Save the thread ID
+            currentRatProverId = it.id.toString()
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Start prover_handshake timeout")
+            }
+            proverHandshakeTimer.resetTimeout()
+            true
+        } ?: run {
             LOG.error("Cannot create instance of RAT_PROVER_DRIVER")
             currentRatProverId = ""
             false
-        } else {
-            //safe the thread ID
-            currentRatProverId = ratProverDriver!!.id.toString()
-            LOG.debug("Start prover_handshake timeout")
-            proverHandshakeTimer.resetTimeout()
-            true
         }
     }
 
@@ -566,12 +573,14 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
      */
     private fun stopRatProverDriver() {
         proverHandshakeTimer.cancelTimeout()
-        if (ratProverDriver != null && ratProverDriver!!.isAlive) {
-            ratProverDriver!!.interrupt()
+        ratProverDriver?.let {
+            if (it.isAlive) {
+                it.interrupt()
 
-            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-            GlobalScope.launch {
-                ratProverDriver!!.terminate()
+                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                GlobalScope.launch {
+                    it.terminate()
+                }
             }
         }
     }
@@ -644,44 +653,40 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
     val isFsmLocked: Boolean
         get() = isLocked
 
-    fun getState(state: FsmState?): State? {
-        return states[state]
+    fun getState(state: FsmState): State {
+        return states[state] ?: throw NoSuchElementException("State unknown")
     }
 
     val isNotClosed: Boolean
         get() = currentState == getState(FsmState.STATE_CLOSED)
 
-    fun setRatMechanisms(proverMechanism: String?, verifierMechanism: String?) {
+    fun setRatMechanisms(proverMechanism: String, verifierMechanism: String) {
         this.proverMechanism = proverMechanism
         this.verifierMechanism = verifierMechanism
     }
 
-    val getAckFlag: Boolean
-        get() = ackFlag
-
     val getBufferedIdscpMessage: IdscpMessage?
         get() = bufferedIdscpData
 
-    fun setAckFlag(value: Boolean) {
-        this.ackFlag = value
-        if (!value) {
-            this.bufferedIdscpData = null
-        }
-    }
-
     /**
      * Handle IdscpAck
      * @return true if everything if ack flag was cleared correctly, else false
      */
     fun recvAck(ack: IdscpAck): Boolean {
         if (ackFlag) {
-            LOG.debug("Received IdscpAck with alternating bit {}, cancel flag in fsm", ack.alternatingBit)
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IdscpAck with alternating bit {}, cancel flag in fsm", ack.alternatingBit)
+            }
             if (nextSendAlternatingBit.asBoolean() != ack.alternatingBit) {
-                LOG.debug("Received IdscpAck with wrong alternating bit. Ignoring")
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Received IdscpAck with wrong alternating bit. Ignoring")
+                }
             } else {
-                setAckFlag(false)
+                ackFlag = false
                 ackTimer.cancelTimeout()
-                LOG.debug("Alternate nextSend bit from {}", nextSendAlternatingBit.asBoolean())
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("Alternate nextSend bit from {}", nextSendAlternatingBit.asBoolean())
+                }
                 nextSendAlternatingBit.alternate()
                 return true
             }
@@ -695,13 +700,19 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
         LOG.debug("Received IdscpData with alternating bit {}", data.alternatingBit)
 
         if (data.alternatingBit != expectedAlternatingBit.asBoolean()) {
-            LOG.debug("Received IdscpData with unexpected alternating bit. Could be an old packet replayed. Ignore it.")
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Received IdscpData with unexpected alternating bit. Could be an old packet replayed. Ignore it.")
+            }
         } else {
-            LOG.debug("Send IdscpAck with received alternating bit {}", data.alternatingBit)
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IdscpAck with received alternating bit {}", data.alternatingBit)
+            }
             if (!sendFromFSM(Idscp2MessageHelper.createIdscpAckMessage(data.alternatingBit))) {
                 LOG.error("Cannot send ACK")
             }
-            LOG.debug("Alternate expected bit from {}", expectedAlternatingBit.asBoolean())
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Alternate expected bit from {}", expectedAlternatingBit.asBoolean())
+            }
             expectedAlternatingBit.alternate()
 
             // forward payload data to upper layer
@@ -719,27 +730,39 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
 
     init {
         val handshakeTimeoutHandler = Runnable {
-            LOG.debug("HANDSHAKE_TIMER_EXPIRED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("HANDSHAKE_TIMER_EXPIRED")
+            }
             onControlMessage(InternalControlMessage.TIMEOUT)
         }
         val datTimeoutHandler = Runnable {
-            LOG.debug("DAT_TIMER_EXPIRED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("DAT_TIMER_EXPIRED")
+            }
             onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED)
         }
         val ratTimeoutHandler = Runnable {
-            LOG.debug("RAT_TIMER_EXPIRED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("RAT_TIMER_EXPIRED")
+            }
             onControlMessage(InternalControlMessage.REPEAT_RAT)
         }
         val proverTimeoutHandler = Runnable {
-            LOG.debug("RAT_PROVER_HANDSHAKE_TIMER_EXPIRED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("RAT_PROVER_HANDSHAKE_TIMER_EXPIRED")
+            }
             onControlMessage(InternalControlMessage.TIMEOUT)
         }
         val verifierTimeoutHandler = Runnable {
-            LOG.debug("RAT_VERIFIER_HANDSHAKE_TIMER_EXPIRED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("RAT_VERIFIER_HANDSHAKE_TIMER_EXPIRED")
+            }
             onControlMessage(InternalControlMessage.TIMEOUT)
         }
         val ackTimeoutHandler = Runnable {
-            LOG.debug("ACK_TIMER_EXPIRED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("ACK_TIMER_EXPIRED")
+            }
             onControlMessage(InternalControlMessage.ACK_TIMER_EXPIRED)
         }
 
@@ -771,7 +794,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel, dapsDriver
                 this, ratTimer, handshakeTimer, ackTimer)
 
         // Set initial state
-        currentState = states[FsmState.STATE_CLOSED]!!
+        currentState = states[FsmState.STATE_CLOSED] ?: throw NoSuchElementException("State unknown")
         this.connection = connection
         this.secureChannel = secureChannel
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
index 0d7bb8ced..a2d106918 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
@@ -31,7 +31,9 @@ internal class StateClosed(fsm: FSM,
 
     override fun runEntryCode(fsm: FSM) {
         //State Closed entry code
-        LOG.debug("Switched to state STATE_CLOSED")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Switched to state STATE_CLOSED")
+        }
         fsm.shutdownFsm()
     }
 
@@ -72,7 +74,7 @@ internal class StateClosed(fsm: FSM,
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, this)
             }
             runExitCode(onMessageLock)
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_HELLO)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_HELLO))
         })
 
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
index 411097fa7..9a84efabe 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -12,14 +12,18 @@ import org.slf4j.LoggerFactory
  *
  * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
  */
-class StateEstablished(fsm: FSM,
-                       ratTimer: StaticTimer,
-                       handshakeTimer: StaticTimer,
-                       ackTimer: StaticTimer,
-                       alternatingBit: AlternatingBit) : State() {
+class StateEstablished(
+    fsm: FSM,
+    ratTimer: StaticTimer,
+    handshakeTimer: StaticTimer,
+    ackTimer: StaticTimer,
+    alternatingBit: AlternatingBit
+) : State() {
 
     override fun runEntryCode(fsm: FSM) {
-        LOG.debug("Switched to state STATE_ESTABLISHED")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Switched to state STATE_ESTABLISHED")
+        }
         fsm.notifyHandshakeCompleteLock()
     }
 
@@ -45,19 +49,21 @@ class StateEstablished(fsm: FSM,
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("Error occurred, close idscp connection")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            LOG.warn("Error occurred, close idscp connection")
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSCP_CLOSE")
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Send IDSCP_CLOSE")
+            }
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "User close",
                     CloseCause.USER_SHUTDOWN
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.SEND_DATA.value, Transition {
@@ -67,61 +73,73 @@ class StateEstablished(fsm: FSM,
             )
 
             // send repacked data
-            LOG.debug("Send IdscpData")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IdscpData")
+            }
             if (fsm.sendFromFSM(idscpMessage)) {
                 //Set Ack Flag
-                fsm.setAckFlag(true)
+                fsm.ackFlag = true
                 fsm.setBufferedIdscpData(idscpMessage)
                 ackTimer.start()
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK))
             } else {
                 LOG.warn("Cannot send IdscpData, shutdown FSM")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
         })
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
+            }
             ratTimer.cancelTimeout()
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
                 LOG.error("Cannot send ReRat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatVerifierDriver()) {
                 LOG.error("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
         })
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
             ratTimer.cancelTimeout()
-            LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
+            }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                 LOG.error("Cannot send DatExpired message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
+            }
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Set handshake timeout")
             }
-            LOG.debug("Set handshake timeout")
             handshakeTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
         })
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
+            }
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
         })
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            LOG.debug("DAT expired. Send new DAT and repeat RAT")
+            if (LOG.isDebugEnabled) {
+                LOG.debug("DAT expired. Send new DAT and repeat RAT")
+            }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                 LOG.error("Cannot send Dat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
         })
 
         addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition {
@@ -130,13 +148,16 @@ class StateEstablished(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Receive IDSCP_CLOSED")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Receive IDSCP_CLOSED")
+            }
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         setNoTransitionHandler {
-            LOG.debug("No transition available for given event $it")
-            LOG.debug("Stay in state STATE_ESTABLISHED")
+            if (LOG.isDebugEnabled) {
+                LOG.debug("No transition available for given event $it, stay in state STATE_ESTABLISHED")
+            }
             FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
         }
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
index 828a88792..e45f38422 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
@@ -18,7 +18,9 @@ class StateWaitForAck(fsm: FSM,
                       ackTimer: StaticTimer) : State() {
 
     override fun runEntryCode(fsm: FSM) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_ACK")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Switched to state STATE_WAIT_FOR_ACK")
+        }
     }
 
     companion object {
@@ -46,7 +48,7 @@ class StateWaitForAck(fsm: FSM,
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.ERROR.value, Transition {
             LOG.debug("Error occurred, close idscp connection")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
@@ -57,7 +59,7 @@ class StateWaitForAck(fsm: FSM,
                     CloseCause.USER_SHUTDOWN
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
@@ -66,13 +68,13 @@ class StateWaitForAck(fsm: FSM,
             ackTimer.cancelTimeout()
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
                 LOG.error("Cannot send ReRat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatVerifierDriver()) {
                 LOG.error("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
         })
 
         addTransition(InternalControlMessage.SEND_DATA.value, Transition {
@@ -86,54 +88,55 @@ class StateWaitForAck(fsm: FSM,
             LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                 LOG.error("Cannot send DatExpired message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             LOG.debug("Set handshake timeout")
             handshakeTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
         })
 
         addTransition(InternalControlMessage.ACK_TIMER_EXPIRED.value, Transition {
-            if (fsm.getAckFlag && fsm.getBufferedIdscpMessage != null) {
-                LOG.debug("ACK_timeout occurred. Send buffered IdscpData again")
-                if (!fsm.sendFromFSM(fsm.getBufferedIdscpMessage)) {
-                    LOG.warn("Cannot send IdscpData, shutdown FSM")
-                    return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-                } else {
-                    ackTimer.start()
-                    return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, this)
+            if (fsm.ackFlag) {
+                fsm.getBufferedIdscpMessage?.let {
+                    LOG.debug("ACK_timeout occurred. Sending buffered IdscpData again...")
+                    return@Transition if (!fsm.sendFromFSM(it)) {
+                        LOG.warn("Cannot send IdscpData, shutdown FSM")
+                        FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
+                    } else {
+                        ackTimer.start()
+                        FSM.FsmResult(FSM.FsmResultCode.OK, this)
+                    }
                 }
-            } else {
-                LOG.error("No IdscpData message buffered in state WAIT_FOR_ACK. Shutdown")
-                return@Transition FSM.FsmResult(
-                    FSM.FsmResultCode.IDSCP_DATA_NOT_CACHED,
-                    fsm.getState(FsmState.STATE_CLOSED)!!
-                )
             }
+            LOG.error("No IdscpData message buffered in state WAIT_FOR_ACK. Shutdown")
+            return@Transition FSM.FsmResult(
+                FSM.FsmResultCode.IDSCP_DATA_NOT_CACHED,
+                fsm.getState(FsmState.STATE_CLOSED)
+            )
         })
 
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             ackTimer.cancelTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
             LOG.debug("DAT expired. Send new DAT and repeat RAT")
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                 LOG.error("Cannot send Dat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             ackTimer.cancelTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
         })
 
         addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition {
@@ -143,7 +146,7 @@ class StateWaitForAck(fsm: FSM,
 
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
             if (fsm.recvAck(it.idscpMessage.idscpAck)) {
-                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
+                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED))
             } else {
                 FSM.FsmResult(FSM.FsmResultCode.OK, this)
             }
@@ -151,7 +154,7 @@ class StateWaitForAck(fsm: FSM,
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
             LOG.debug("Receive IDSCP_CLOSED")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         setNoTransitionHandler {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index 13e08b3ef..e41903a69 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -23,7 +23,9 @@ class StateWaitForDatAndRat(fsm: FSM,
                             dapsDriver: DapsDriver
 ) : State() {
     override fun runEntryCode(fsm: FSM) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Switched to state STATE_WAIT_FOR_DAT_AND_RAT")
+        }
     }
 
     companion object {
@@ -58,12 +60,12 @@ class StateWaitForDatAndRat(fsm: FSM,
                     CloseCause.USER_SHUTDOWN
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.ERROR.value, Transition {
             LOG.debug("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
@@ -82,13 +84,13 @@ class StateWaitForDatAndRat(fsm: FSM,
                     CloseCause.TIMEOUT
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
             LOG.debug("Received RAT_PROVER OK")
             proverHandshakeTimer.cancelTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
@@ -100,21 +102,21 @@ class StateWaitForDatAndRat(fsm: FSM,
                     CloseCause.RAT_PROVER_FAILED
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
             LOG.debug("Send IDSCP_RAT_PROVER")
             if (!fsm.sendFromFSM(event.idscpMessage)) {
                 LOG.error("Cannot send rat prover message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_CLOSE")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition { event: Event ->
@@ -137,7 +139,7 @@ class StateWaitForDatAndRat(fsm: FSM,
                     )
                     return@Transition FSM.FsmResult(
                         FSM.FsmResultCode.INVALID_DAT,
-                        fsm.getState(FsmState.STATE_CLOSED)!!
+                        fsm.getState(FsmState.STATE_CLOSED)
                     )
                 }
             } catch (e: Exception) {
@@ -147,7 +149,7 @@ class StateWaitForDatAndRat(fsm: FSM,
                         "No valid DAT", CloseCause.NO_VALID_DAT
                     )
                 )
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             LOG.debug("Remote DAT is valid. Set dat timeout")
@@ -156,21 +158,21 @@ class StateWaitForDatAndRat(fsm: FSM,
             //start RAT Verifier
             if (!fsm.restartRatVerifierDriver()) {
                 LOG.error("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                 LOG.error("Cannot send Dat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
@@ -181,17 +183,17 @@ class StateWaitForDatAndRat(fsm: FSM,
             if (!event.idscpMessage.hasIdscpRatVerifier()) {
                 // this should never happen
                 LOG.error("IDSCP_RAT_VERIFIER Message not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            if (fsm.ratProverDriver == null) {
+            fsm.ratProverDriver?.let {
+                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                GlobalScope.launch {
+                    it.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                }
+            } ?: run {
                 LOG.error("RatProverDriver not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-            }
-
-            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-            GlobalScope.launch {
-                fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
@@ -201,7 +203,7 @@ class StateWaitForDatAndRat(fsm: FSM,
             LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index d45395002..9cda2760f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -20,8 +20,9 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                                     datTimer: DynamicTimer,
                                     dapsDriver: DapsDriver) : State() {
     override fun runEntryCode(fsm: FSM) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER")
-        LOG.debug("Set handshake timeout")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Set handshake timeout")
+        }
     }
 
     companion object {
@@ -52,12 +53,12 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                     CloseCause.USER_SHUTDOWN
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.ERROR.value, Transition {
             LOG.debug("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
@@ -76,12 +77,12 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                     CloseCause.TIMEOUT
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_CLOSE")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition { event: Event ->
@@ -104,7 +105,7 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                     )
                     return@Transition FSM.FsmResult(
                         FSM.FsmResultCode.INVALID_DAT,
-                        fsm.getState(FsmState.STATE_CLOSED)!!
+                        fsm.getState(FsmState.STATE_CLOSED)
                     )
                 }
             } catch (e: Exception) {
@@ -114,7 +115,7 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                         "No valid DAT", CloseCause.NO_VALID_DAT
                     )
                 )
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             LOG.debug("Remote DAT is valid. Set dat timeout")
@@ -123,32 +124,32 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
             //start RAT Verifier
             if (!fsm.restartRatVerifierDriver()) {
                 LOG.error("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                 LOG.error("Cannot send DAT message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
         })
 
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
         })
 
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index f2099d750..0f78e9a00 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -24,8 +24,10 @@ class StateWaitForHello(fsm: FSM,
                         dapsDriver: DapsDriver,
                         attestationConfig: AttestationConfig) : State() {
     override fun runEntryCode(fsm: FSM) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_HELLO")
-        LOG.debug("Set handshake timeout to 5 seconds")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Switched to state STATE_WAIT_FOR_HELLO")
+            LOG.trace("Set handshake timeout to 5 seconds")
+        }
         handshakeTimer.resetTimeout()
     }
 
@@ -50,7 +52,7 @@ class StateWaitForHello(fsm: FSM,
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.ERROR.value, Transition {
             LOG.debug("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
@@ -61,7 +63,7 @@ class StateWaitForHello(fsm: FSM,
                     CloseCause.USER_SHUTDOWN
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.SEND_DATA.value, Transition {
@@ -84,12 +86,12 @@ class StateWaitForHello(fsm: FSM,
                     CloseCause.TIMEOUT
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_CLOSE. Close connection")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, Transition { event: Event ->
@@ -122,7 +124,7 @@ class StateWaitForHello(fsm: FSM,
                         "No valid DAT", CloseCause.NO_VALID_DAT
                     )
                 )
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.MISSING_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.MISSING_DAT, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             try {
@@ -137,7 +139,7 @@ class StateWaitForHello(fsm: FSM,
                     )
                     return@Transition FSM.FsmResult(
                         FSM.FsmResultCode.INVALID_DAT,
-                        fsm.getState(FsmState.STATE_CLOSED)!!
+                        fsm.getState(FsmState.STATE_CLOSED)
                     )
                 }
             } catch (e: Exception) {
@@ -147,7 +149,7 @@ class StateWaitForHello(fsm: FSM,
                         "No valid DAT", CloseCause.NO_VALID_DAT
                     )
                 )
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             LOG.debug("Remote DAT is valid. Set dat timeout to its validity period")
@@ -157,14 +159,14 @@ class StateWaitForHello(fsm: FSM,
             LOG.debug("Start RAT Prover and Verifier")
             if (!fsm.restartRatVerifierDriver()) {
                 LOG.error("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
         })
 
         setNoTransitionHandler {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index 3ba84b637..d50a139ad 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -21,7 +21,9 @@ class StateWaitForRat(fsm: FSM,
                       proverHandshakeTimer: StaticTimer,
                       ratTimer: StaticTimer) : State() {
     override fun runEntryCode(fsm: FSM) {
-        LOG.debug("Switch to state STATE_WAIT_FOR_RAT")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Switched to state STATE_WAIT_FOR_RAT")
+        }
     }
 
     companion object {
@@ -53,7 +55,7 @@ class StateWaitForRat(fsm: FSM,
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.ERROR.value, Transition {
             LOG.debug("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
@@ -64,7 +66,7 @@ class StateWaitForRat(fsm: FSM,
                     CloseCause.USER_SHUTDOWN
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.SEND_DATA.value, Transition {
@@ -79,14 +81,14 @@ class StateWaitForRat(fsm: FSM,
         addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
             LOG.debug("Received RAT_PROVER OK")
             proverHandshakeTimer.cancelTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
         })
 
         addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
             LOG.debug("Received RAT_VERIFIER OK")
             verifierHandshakeTimer.cancelTimeout()
             ratTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
@@ -98,7 +100,7 @@ class StateWaitForRat(fsm: FSM,
                     CloseCause.RAT_PROVER_FAILED
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
@@ -110,14 +112,14 @@ class StateWaitForRat(fsm: FSM,
                     CloseCause.RAT_VERIFIER_FAILED
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
             LOG.debug("Send IDSCP_RAT_PROVER")
             if (!fsm.sendFromFSM(event.idscpMessage)) {
                 LOG.error("Cannot send rat prover message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
@@ -126,7 +128,7 @@ class StateWaitForRat(fsm: FSM,
             LOG.debug("Send IDSCP_RAT_VERIFIER")
             if (!fsm.sendFromFSM(event.idscpMessage)) {
                 LOG.error("Cannot send rat verifier message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
@@ -136,11 +138,11 @@ class StateWaitForRat(fsm: FSM,
             fsm.stopRatVerifierDriver()
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                 LOG.error("Cannot send DatExpired message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             LOG.debug("Start Handshake Timer")
             handshakeTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
         })
 
         addTransition(InternalControlMessage.TIMEOUT.value, Transition {
@@ -151,7 +153,7 @@ class StateWaitForRat(fsm: FSM,
                     CloseCause.TIMEOUT
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
@@ -165,17 +167,17 @@ class StateWaitForRat(fsm: FSM,
             if (!event.idscpMessage.hasIdscpRatVerifier()) {
                 // this should never happen
                 LOG.error("IDSCP_RAT_Verifier Message not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            if (fsm.ratProverDriver == null) {
+            fsm.ratProverDriver?.let {
+                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                GlobalScope.launch {
+                    it.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                }
+            } ?: run {
                 LOG.error("RatProverDriver not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-            }
-
-            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-            GlobalScope.launch {
-                fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
@@ -187,17 +189,17 @@ class StateWaitForRat(fsm: FSM,
             if (!event.idscpMessage.hasIdscpRatProver()) {
                 // this should never happen
                 LOG.error("IDSCP_RAT_PROVER Message not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            if (fsm.ratVerifierDriver == null) {
+            fsm.ratVerifierDriver?.let {
+                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                GlobalScope.launch {
+                    it.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+                }
+            } ?: run {
                 LOG.error("RatVerifierDriver not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-            }
-
-            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-            GlobalScope.launch {
-                fsm.ratVerifierDriver!!.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
@@ -207,19 +209,19 @@ class StateWaitForRat(fsm: FSM,
             LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                 LOG.error("Cannot send DAT message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_CLOSE")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         setNoTransitionHandler { event: Event? ->
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index 61fc5734f..524d1daf9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -20,7 +20,9 @@ class StateWaitForRatProver(fsm: FSM,
                             proverHandshakeTimer: StaticTimer,
                             ackTimer: StaticTimer) : State() {
     override fun runEntryCode(fsm: FSM) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_RAT_PROVER")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Switched to state STATE_WAIT_FOR_RAT_PROVER")
+        }
     }
 
     companion object {
@@ -51,12 +53,12 @@ class StateWaitForRatProver(fsm: FSM,
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
             LOG.debug("Send IDSC_CLOSE")
             fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", CloseCause.USER_SHUTDOWN))
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.ERROR.value, Transition {
             LOG.debug("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.SEND_DATA.value, Transition {
@@ -71,7 +73,7 @@ class StateWaitForRatProver(fsm: FSM,
                     CloseCause.TIMEOUT
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
@@ -79,21 +81,21 @@ class StateWaitForRatProver(fsm: FSM,
             ratTimer.cancelTimeout()
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                 LOG.error("Cannot send DatExpired message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             LOG.debug("Start Handshake Timer")
             handshakeTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
             LOG.debug("Received RAT_PROVER OK")
             proverHandshakeTimer.cancelTimeout()
-            if (fsm.getAckFlag) {
+            if (fsm.ackFlag) {
                 ackTimer.start()
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK))
             } else {
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED))
             }
         })
 
@@ -106,14 +108,14 @@ class StateWaitForRatProver(fsm: FSM,
                     CloseCause.RAT_PROVER_FAILED
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
             LOG.debug("Send IDSCP_RAT_PROVER")
             if (!fsm.sendFromFSM(event.idscpMessage)) {
                 LOG.error("Cannot send rat prover message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
@@ -122,30 +124,30 @@ class StateWaitForRatProver(fsm: FSM,
             LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER")
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
                 LOG.error("Cannot send ReRat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             ratTimer.cancelTimeout()
             if (!fsm.restartRatVerifierDriver()) {
                 LOG.error("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_CLOSE")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                 LOG.error("Cannot send DAT message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
@@ -156,17 +158,17 @@ class StateWaitForRatProver(fsm: FSM,
             if (!event.idscpMessage.hasIdscpRatVerifier()) {
                 // this should never happen
                 LOG.error("IDSCP_RAT_VERIFIER Message not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            if (fsm.ratProverDriver == null) {
+            fsm.ratProverDriver?.let {
+                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                GlobalScope.launch {
+                    it.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                }
+            } ?: run {
                 LOG.error("RatProverDriver not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-            }
-
-            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-            GlobalScope.launch {
-                fsm.ratProverDriver!!.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
@@ -176,7 +178,7 @@ class StateWaitForRatProver(fsm: FSM,
             LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index f5eee4dec..e1291f24f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -20,7 +20,9 @@ class StateWaitForRatVerifier(fsm: FSM,
                               verifierHandshakeTimer: StaticTimer,
                               ackTimer: StaticTimer) : State() {
     override fun runEntryCode(fsm: FSM) {
-        LOG.debug("Switched to state STATE_WAIT_FOR_RAT_VERIFIER")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Switched to state STATE_WAIT_FOR_RAT_VERIFIER")
+        }
     }
 
     companion object {
@@ -54,12 +56,12 @@ class StateWaitForRatVerifier(fsm: FSM,
                     CloseCause.USER_SHUTDOWN
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.ERROR.value, Transition {
             LOG.debug("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
@@ -74,7 +76,7 @@ class StateWaitForRatVerifier(fsm: FSM,
         addTransition(InternalControlMessage.TIMEOUT.value, Transition {
             LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
             fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", CloseCause.TIMEOUT))
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
@@ -82,11 +84,11 @@ class StateWaitForRatVerifier(fsm: FSM,
             fsm.stopRatVerifierDriver()
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
                 LOG.error("Cannot send DatExpired message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             LOG.debug("Start Handshake Timer")
             handshakeTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
         })
 
         addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
@@ -94,11 +96,11 @@ class StateWaitForRatVerifier(fsm: FSM,
             verifierHandshakeTimer.cancelTimeout()
             LOG.debug("Start RAT Timer")
             ratTimer.resetTimeout()
-            if (fsm.getAckFlag) {
+            if (fsm.ackFlag) {
                 ackTimer.start()
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK))
             } else {
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED))
             }
         })
 
@@ -111,34 +113,34 @@ class StateWaitForRatVerifier(fsm: FSM,
                     CloseCause.RAT_VERIFIER_FAILED
                 )
             )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition { event: Event ->
             LOG.debug("Send IDSCP_RAT_VERIFIER")
             if (!fsm.sendFromFSM(event.idscpMessage)) {
                 LOG.error("Cannot send rat verifier message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_CLOSE")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
             LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
                 LOG.error("Cannot send DAT message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
         })
 
         addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
@@ -147,17 +149,17 @@ class StateWaitForRatVerifier(fsm: FSM,
             if (!event.idscpMessage.hasIdscpRatProver()) {
                 // this should never happen
                 LOG.error("IDSCP_RAT_PROVER Message not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
-            }
-
-            if (fsm.ratVerifierDriver == null) {
-                LOG.error("RatVerifierDriver not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-            GlobalScope.launch {
-                fsm.ratVerifierDriver!!.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+            fsm.ratVerifierDriver?.let {
+                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
+                GlobalScope.launch {
+                    it.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
+                }
+            } ?: run {
+                LOG.error("RatProverDriver not available")
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
@@ -167,9 +169,9 @@ class StateWaitForRatVerifier(fsm: FSM,
             LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
             if (!fsm.restartRatProverDriver()) {
                 LOG.error("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED)!!)
+                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT)!!)
+            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
         })
 
         addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt
index 6eab0d1bc..f90a41ab9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt
@@ -25,8 +25,7 @@ class StaticTimer internal constructor(private val fsmIsBusy: ReentrantLock,
      */
     fun start() {
         mutex.lock()
-        thread = TimerThread(delay, timeoutHandler, fsmIsBusy)
-        thread!!.start()
+        thread = TimerThread(delay, timeoutHandler, fsmIsBusy).also { it.start() }
         mutex.unlock()
     }
 
@@ -35,10 +34,8 @@ class StaticTimer internal constructor(private val fsmIsBusy: ReentrantLock,
      */
     fun cancelTimeout() {
         mutex.lock()
-        if (thread != null) {
-            thread!!.safeStop()
-            thread = null
-        }
+        thread?.safeStop()
+        thread = null
         mutex.unlock()
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
index fcb8361da..abd382012 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
@@ -25,7 +25,7 @@ object RatProverDriverRegistry {
             val driverFactory: (RatProverFsmListener) -> RatProverDriver<PC>,
             val driverConfig: PC?
     ) {
-        fun getInstance(listener: RatProverFsmListener) = driverFactory.invoke(listener).also {d ->
+        fun getInstance(listener: RatProverFsmListener) = driverFactory.invoke(listener).also { d ->
             driverConfig?.let { d.setConfig(it) }
         }
     }
@@ -59,13 +59,14 @@ object RatProverDriverRegistry {
      * The finite state machine is registered as the communication partner for the RatProver.
      * The RatProver will be initialized with a configuration, if present. Then it is started.
      */
-    fun startRatProverDriver(instance: String?, listener: RatProverFsmListener): RatProverDriver<*>? {
-        val driverWrapper = drivers[instance]
-        return try {
-            driverWrapper!!.getInstance(listener).also { it.start() }
-        } catch (e: Exception) {
-            LOG.error("Error during RAT prover start", e)
-            null
+    fun startRatProverDriver(instance: String, listener: RatProverFsmListener): RatProverDriver<*>? {
+        return drivers[instance]?.let { driverWrapper ->
+            return try {
+                driverWrapper.getInstance(listener).also { it.start() }
+            } catch (e: Exception) {
+                LOG.error("Error during RAT prover start", e)
+                null
+            }
         }
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
index 4e3fb39b0..dfe5da545 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
@@ -60,12 +60,13 @@ object RatVerifierDriverRegistry {
      * The RatVerifier will be initialized with a configuration, if present. Then it is started.
      */
     fun startRatVerifierDriver(mechanism: String?, listener: RatVerifierFsmListener): RatVerifierDriver<*>? {
-        val driverWrapper = drivers[mechanism]
-        return try {
-            driverWrapper!!.getInstance(listener).also { it.start() }
-        } catch (e: Exception) {
-            LOG.error("Error during RAT verifier start", e)
-            null
+        return drivers[mechanism]?.let { driverWrapper ->
+            return try {
+                driverWrapper.getInstance(listener).also { it.start() }
+            } catch (e: Exception) {
+                LOG.error("Error during RAT verifier start", e)
+                null
+            }
         }
     }
 }
\ No newline at end of file

From 5abf75b60f702fa1bbcdee33d80a5b9ed4d389ce Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 8 Dec 2020 11:08:27 +0100
Subject: [PATCH 198/237] Reduced log verbosity

---
 .../idscp2/default_drivers/secure_channel/client/TLSClient.kt | 4 +++-
 .../main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
index fe84a8179..169a0a390 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
@@ -108,7 +108,9 @@ class TLSClient<CC: Idscp2Connection>(
                     it.write(bytes)
                     it.flush()
                 } ?: throw IOException("DataOutputStream not available")
-                LOG.debug("Send message")
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("Sending message...")
+                }
                 true
             } catch (e: IOException) {
                 LOG.error("Client cannot send data", e)
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 8bab1a5c0..fb2f570ed 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -697,7 +697,9 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
     }
 
     fun recvData(data: IdscpData) {
-        LOG.debug("Received IdscpData with alternating bit {}", data.alternatingBit)
+        if (LOG.isTraceEnabled) {
+            LOG.debug("Received IdscpData with alternating bit {}", data.alternatingBit)
+        }
 
         if (data.alternatingBit != expectedAlternatingBit.asBoolean()) {
             if (LOG.isDebugEnabled) {

From 89265fffd8fdbbcff5445afabaf9fa7b5cc39291 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 8 Dec 2020 12:34:24 +0100
Subject: [PATCH 199/237] Semantic UC fix

---
 .../aisec/ids/rm/PolicyEnforcementPoint.kt    | 52 ++++++++++---------
 1 file changed, 28 insertions(+), 24 deletions(-)

diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
index 08eaa4386..0c787a0a4 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
@@ -28,6 +28,7 @@ import de.fraunhofer.iais.eis.BinaryOperator
 import de.fraunhofer.iais.eis.Constraint
 import de.fraunhofer.iais.eis.LeftOperand
 import org.apache.camel.*
+import org.apache.camel.model.FromDefinition
 import org.apache.camel.model.RouteDefinition
 import org.apache.camel.model.ToDefinition
 import org.slf4j.LoggerFactory
@@ -37,8 +38,8 @@ import java.util.*
 import java.util.concurrent.CompletableFuture
 
 class PolicyEnforcementPoint internal constructor(
-        private val node: NamedNode,
-        private val target: Processor) : AsyncProcessor {
+    private val destinationNode: NamedNode,
+    private val target: Processor) : AsyncProcessor {
     /**
      * The method performs flow control and calls Exchange.setException() when necessary
      * It iterates through nodes in CamelRoute (<from>, <log>, <choice>, <process>, <to>, ...)
@@ -66,31 +67,33 @@ class PolicyEnforcementPoint internal constructor(
 
         // Save per exchange object the source node's content (<from: uri="idscp2server://0...>)
         // Same entry in Hashmap per CamelRoute, change of exchange properties do not create new entry
-        var source = lastDestinations[exchange]
-        val freshRoute = source == null
-        if (freshRoute) {
-            // If read CamelRoute's node is not <from> iterate to parent nodes
-            var routeNode = node.parent
+        val sourceNode = lastDestinations[exchange] ?: {
+            // If there is no previously saved node for this exchange, use the parent <route> to find the input
+            // (first <from> statement) of the processed route.
+            var routeNode = destinationNode.parent
             while (routeNode !is RouteDefinition) {
                 routeNode = routeNode.parent
             }
-            source = routeNode.input.toString()
+            routeNode.input
         }
 
         // Save current destination node of CamelRoute
-        val destination = node.toString()
-        lastDestinations[exchange] = destination
+        lastDestinations[exchange] = destinationNode
+        val source = sourceNode.toString()
+        val destination = destinationNode.toString()
         if (LOG.isTraceEnabled) {
             LOG.trace("{} -> {}", source, destination)
         }
 
-        // While iterating through CamelNodes only take action for nodes <from> (=freshRoute) and <to>
-        if (freshRoute || node is ToDefinition) {
+        // Only take action for nodes of type <from> (= input) and <to> (= output)
+        if (sourceNode is FromDefinition || destinationNode is ToDefinition) {
             val ucContract = try {
                 ucInterface.getExchangeContract(exchange)
             } catch (x: RuntimeException) {
+                // Thrown if data provider references an unknown ContractAgreement via transferContract
                 throw Exception("Required contract is not available!", x)
             }
+            // If there is no known ContractAgreement for this Exchange, nothing to do here.
             ucContract?.let { contract ->
                 if (LOG.isDebugEnabled) {
                     LOG.debug("Applying Contract $contract")
@@ -118,15 +121,16 @@ class PolicyEnforcementPoint internal constructor(
                     } catch (ae: AssertionError) {
                         throw Exception("Invalid docker URI for UC, ${dockerUri.fragment} is not a valid port number!")
                     }
-                    // Check whether we deal with entry ("from:...") or output ("to:...") node in CamelRoute
-                    if (freshRoute) {
-                        // If we deal with entry, then protect exchange's body
+                    // Check whether we deal with an entry node ("from:...") as source...
+                    if (sourceNode is FromDefinition) {
+                        // If we found an entry node, then protect exchange's body
                         ucInterface.protectBody(exchange, ucContract.id)
-                    // Additionally check whether exchange's body was protected
-                    } else if (node is ToDefinition && ucInterface.isProtected(exchange)) {
+                    // ... or output ("to:...") node as destination of this transition.
+                    // Additionally check whether exchange's body was protected.
+                    } else if (destinationNode is ToDefinition && ucInterface.isProtected(exchange)) {
                         // Compare hash value and port of camelRoute's containerUri with local Docker containers
                         CamelInterceptor.containerManager?.let { cm ->
-                            val endpointUri = URI.create(node.endpointUri)
+                            val endpointUri = URI.create(destinationNode.endpointUri)
                             // Check is containerUri's port matched CamelRoute ToNode's port
                             if (port != endpointUri.port) {
                                 LOG.warn("UC: Exchange blocked by contract: " +
@@ -158,20 +162,20 @@ class PolicyEnforcementPoint internal constructor(
             }
         }
 
-        val sourceNode = ServiceNode(source, null, null)
-        val destNode = ServiceNode(destination, null, null)
+        val sourceServiceNode = ServiceNode(source, null, null)
+        val destinationServiceNode = ServiceNode(destination, null, null)
 
         // Call PDP to transform labels and decide whether to forward the Exchange
-        applyLabelTransformation(pdp.requestTranformations(sourceNode), exchange)
+        applyLabelTransformation(pdp.requestTranformations(sourceServiceNode), exchange)
         val labels = exchangeLabels.computeIfAbsent(exchange) { HashSet<String>() }
         val decision = pdp.requestDecision(
-                DecisionRequest(sourceNode, destNode, labels, null))
+                DecisionRequest(sourceServiceNode, destinationServiceNode, labels, null))
         return when (decision.decision!!) {
             PolicyDecision.Decision.ALLOW -> true
             PolicyDecision.Decision.DENY -> {
                 if (LOG.isWarnEnabled) {
                     LOG.warn("Exchange explicitly blocked (DENY) by data flow policy. " +
-                            "Source: {}, Target: {}", sourceNode, destNode)
+                            "Source: {}, Target: {}", sourceServiceNode, destinationServiceNode)
                 }
                 exchange.setException(Exception("Exchange blocked by data flow policy"))
                 false
@@ -228,7 +232,7 @@ class PolicyEnforcementPoint internal constructor(
 
     companion object {
         private val LOG = LoggerFactory.getLogger(PolicyEnforcementPoint::class.java)
-        private val lastDestinations: MutableMap<Exchange, String> =
+        private val lastDestinations: MutableMap<Exchange, NamedNode> =
                 MapMaker().weakKeys().makeMap()
         private val exchangeLabels: MutableMap<Exchange, MutableSet<String>> =
                 MapMaker().weakKeys().makeMap()

From 6348800ac9576dce9269e4119780576802e86625 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 8 Dec 2020 12:47:48 +0100
Subject: [PATCH 200/237] Auto-enable experimental docker features for buildx
 builds

---
 buildx/docker-buildx.sh | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/buildx/docker-buildx.sh b/buildx/docker-buildx.sh
index e896d6bcf..77266b274 100755
--- a/buildx/docker-buildx.sh
+++ b/buildx/docker-buildx.sh
@@ -72,6 +72,9 @@ while true; do
   esac
 done
 
+# Enable experimental Docker features (buildx)
+export DOCKER_CLI_EXPERIMENTAL="enabled"
+
 # Export vars for buildx bake yaml resolution
 export EXAMPLE_TAG="$EXAMPLE_TAG_ARG"
 export DOCKER_BUILD_TAG="$DOCKER_BUILD_TAG_ARG"

From 4bfcc1782baeeea8c4379fd18e7aac7f4d544e6a Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 9 Dec 2020 15:58:02 +0100
Subject: [PATCH 201/237] Started example cleanup

---
 .../docker-compose.yaml                       |   1 -
 .../example-getting-started/system.properties | 154 ------------------
 .../docker-compose-consumer.yaml              |   1 -
 .../docker-compose-provider.yaml              |   1 -
 examples/example-idscp/system.properties      | 154 ------------------
 .../docker-compose-broadcast-client.yaml      |   1 -
 .../docker-compose-broadcast-server.yaml      |   1 -
 .../docker-compose-consumer.yaml              |   1 -
 .../docker-compose-provider.yaml              |   1 -
 examples/example-idscp2/system.properties     | 154 ------------------
 10 files changed, 469 deletions(-)
 delete mode 100644 examples/example-getting-started/system.properties
 delete mode 100644 examples/example-idscp/system.properties
 delete mode 100644 examples/example-idscp2/system.properties

diff --git a/examples/example-getting-started/docker-compose.yaml b/examples/example-getting-started/docker-compose.yaml
index cda93372e..df664af39 100644
--- a/examples/example-getting-started/docker-compose.yaml
+++ b/examples/example-getting-started/docker-compose.yaml
@@ -25,7 +25,6 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ./system.properties:/root/etc/system.properties
       - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
       - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
diff --git a/examples/example-getting-started/system.properties b/examples/example-getting-started/system.properties
deleted file mode 100644
index f9e88f63b..000000000
--- a/examples/example-getting-started/system.properties
+++ /dev/null
@@ -1,154 +0,0 @@
-################################################################################
-#
-#    Licensed to the Apache Software Foundation (ASF) under one or more
-#    contributor license agreements.  See the NOTICE file distributed with
-#    this work for additional information regarding copyright ownership.
-#    The ASF licenses this file to You under the Apache License, Version 2.0
-#    (the "License"); you may not use this file except in compliance with
-#    the License.  You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS,
-#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#    See the License for the specific language governing permissions and
-#    limitations under the License.
-#
-################################################################################
-
-#
-# The properties defined in this file will be made available through system
-# properties at the very beginning of the Karaf's boot process.
-#
-
-
-# Log level when the pax-logging service is not available
-# This level will only be used while the pax-logging service bundle
-# is not fully available.
-# To change log levels, please refer to the org.ops4j.pax.logging.cfg file
-# instead.
-org.ops4j.pax.logging.DefaultServiceLog.level = ERROR
-
-#
-# Name of this Karaf instance.
-#
-karaf.name = root
-
-#
-# Default repository where bundles will be loaded from before using
-# other Maven repositories.  For the full Maven configuration, see
-# the org.ops4j.pax.url.mvn.cfg file.
-#
-karaf.default.repository = system
-
-#
-# Location of a shell script that will be run when starting a shell
-# session.  This script can be used to create aliases and define
-# additional commands.
-#
-karaf.shell.init.script = shell.init.script
-
-#
-# Sets the maximum size of the shell command history. If not set,
-# defaults to 500 entries. Setting to 0 will disable history.
-#
-# karaf.shell.history.maxSize = 0
-
-#
-# Deletes the entire karaf.data directory at every start
-#
-karaf.clean.all = false
-
-#
-# Deletes the karaf.data/cache directory at every start
-#
-karaf.clean.cache = true
-
-#
-# User name for the Karaf local console
-#
-karaf.local.user = karaf
-
-#
-# Roles to use when for the default user in the local Karaf console.
-#
-# The syntax is the following:
-#   [classname:]principal
-# where classname is the class name of the principal object
-# (defaults to org.apache.karaf.jaas.modules.RolePrincipal)
-# and principal is the name of the principal of that class
-# (defaults to instance).
-#
-karaf.local.roles = admin,manager,viewer,systembundles
-
-#
-# Set this empty property to avoid errors when validating xml documents.
-#
-xml.catalog.files =
-
-#
-# Suppress the bell in the console when hitting backspace too many times
-# for example
-#
-jline.nobell = true
-
-#
-# ServiceMix specs options
-#
-org.apache.servicemix.specs.debug = false
-org.apache.servicemix.specs.timeout = 0
-
-#
-# Settings for the OSGi 4.3 Weaving
-# By default, we will not weave any classes. Change this setting to include classes
-# that you application needs to have woven.
-#
-org.apache.aries.proxy.weaving.enabled = none
-# Classes not to weave - Aries default + Xerces which is known to have issues.
-org.apache.aries.proxy.weaving.disabled = org.objectweb.asm.*,org.slf4j.*,org.apache.log4j.*,javax.*,org.apache.xerces.*
-
-#
-# By default, only Karaf shell commands are secured, but additional services can be
-# secured by expanding this filter
-#
-karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
-
-#
-# By default, if there's no ACL policy for a certain karaf command, this command is allowed to access
-# without the RBAC. We can change this behavior by enable the following property, which means
-# if a karaf command has no corresponding ACL then access it must have one of the karaf.secured.command.compulsory.roles
-#
-#karaf.secured.command.compulsory.roles=admin
-
-#
-# Security properties
-#
-# To enable OSGi security, uncomment the properties below,
-# install the framework-security feature and restart.
-#
-#java.security.policy=${karaf.etc}/all.policy
-#org.osgi.framework.security=osgi
-#org.osgi.framework.trust.repositories=${karaf.etc}/trustStore.ks
-
-#
-# HA/Lock configuration
-#
-# Karaf uses a lock mechanism to know which instance is the master (HA)
-# The lock can be on the filesystem (default) or on a database.
-#
-# See http://karaf.apache.org/manual/latest/users-guide/failover.html for details.
-#
-# Even using a single instance, Karaf creates the lock file
-# You can specify the location of the lock file using the
-# karaf.lock.dir=/path/to/the/directory/containing/the/lock
-#
-# By default, the slave instances start but are passive.
-# If you want to prevent the slave instances startup, you can use
-# the karaf.lock.slave.block property (false by default):
-# karaf.lock.slave.block=true
-
-javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
-javax.net.ssl.keyStorePassword=password
-javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
-javax.net.ssl.trustStorePassword=password
\ No newline at end of file
diff --git a/examples/example-idscp/docker-compose-consumer.yaml b/examples/example-idscp/docker-compose-consumer.yaml
index b87fc36d6..c747732e5 100644
--- a/examples/example-idscp/docker-compose-consumer.yaml
+++ b/examples/example-idscp/docker-compose-consumer.yaml
@@ -18,7 +18,6 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ./system.properties:/root/etc/system.properties
       - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
diff --git a/examples/example-idscp/docker-compose-provider.yaml b/examples/example-idscp/docker-compose-provider.yaml
index 2f5fe92bd..c68125310 100644
--- a/examples/example-idscp/docker-compose-provider.yaml
+++ b/examples/example-idscp/docker-compose-provider.yaml
@@ -18,7 +18,6 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ./system.properties:/root/etc/system.properties
       - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
diff --git a/examples/example-idscp/system.properties b/examples/example-idscp/system.properties
deleted file mode 100644
index f9e88f63b..000000000
--- a/examples/example-idscp/system.properties
+++ /dev/null
@@ -1,154 +0,0 @@
-################################################################################
-#
-#    Licensed to the Apache Software Foundation (ASF) under one or more
-#    contributor license agreements.  See the NOTICE file distributed with
-#    this work for additional information regarding copyright ownership.
-#    The ASF licenses this file to You under the Apache License, Version 2.0
-#    (the "License"); you may not use this file except in compliance with
-#    the License.  You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS,
-#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#    See the License for the specific language governing permissions and
-#    limitations under the License.
-#
-################################################################################
-
-#
-# The properties defined in this file will be made available through system
-# properties at the very beginning of the Karaf's boot process.
-#
-
-
-# Log level when the pax-logging service is not available
-# This level will only be used while the pax-logging service bundle
-# is not fully available.
-# To change log levels, please refer to the org.ops4j.pax.logging.cfg file
-# instead.
-org.ops4j.pax.logging.DefaultServiceLog.level = ERROR
-
-#
-# Name of this Karaf instance.
-#
-karaf.name = root
-
-#
-# Default repository where bundles will be loaded from before using
-# other Maven repositories.  For the full Maven configuration, see
-# the org.ops4j.pax.url.mvn.cfg file.
-#
-karaf.default.repository = system
-
-#
-# Location of a shell script that will be run when starting a shell
-# session.  This script can be used to create aliases and define
-# additional commands.
-#
-karaf.shell.init.script = shell.init.script
-
-#
-# Sets the maximum size of the shell command history. If not set,
-# defaults to 500 entries. Setting to 0 will disable history.
-#
-# karaf.shell.history.maxSize = 0
-
-#
-# Deletes the entire karaf.data directory at every start
-#
-karaf.clean.all = false
-
-#
-# Deletes the karaf.data/cache directory at every start
-#
-karaf.clean.cache = true
-
-#
-# User name for the Karaf local console
-#
-karaf.local.user = karaf
-
-#
-# Roles to use when for the default user in the local Karaf console.
-#
-# The syntax is the following:
-#   [classname:]principal
-# where classname is the class name of the principal object
-# (defaults to org.apache.karaf.jaas.modules.RolePrincipal)
-# and principal is the name of the principal of that class
-# (defaults to instance).
-#
-karaf.local.roles = admin,manager,viewer,systembundles
-
-#
-# Set this empty property to avoid errors when validating xml documents.
-#
-xml.catalog.files =
-
-#
-# Suppress the bell in the console when hitting backspace too many times
-# for example
-#
-jline.nobell = true
-
-#
-# ServiceMix specs options
-#
-org.apache.servicemix.specs.debug = false
-org.apache.servicemix.specs.timeout = 0
-
-#
-# Settings for the OSGi 4.3 Weaving
-# By default, we will not weave any classes. Change this setting to include classes
-# that you application needs to have woven.
-#
-org.apache.aries.proxy.weaving.enabled = none
-# Classes not to weave - Aries default + Xerces which is known to have issues.
-org.apache.aries.proxy.weaving.disabled = org.objectweb.asm.*,org.slf4j.*,org.apache.log4j.*,javax.*,org.apache.xerces.*
-
-#
-# By default, only Karaf shell commands are secured, but additional services can be
-# secured by expanding this filter
-#
-karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
-
-#
-# By default, if there's no ACL policy for a certain karaf command, this command is allowed to access
-# without the RBAC. We can change this behavior by enable the following property, which means
-# if a karaf command has no corresponding ACL then access it must have one of the karaf.secured.command.compulsory.roles
-#
-#karaf.secured.command.compulsory.roles=admin
-
-#
-# Security properties
-#
-# To enable OSGi security, uncomment the properties below,
-# install the framework-security feature and restart.
-#
-#java.security.policy=${karaf.etc}/all.policy
-#org.osgi.framework.security=osgi
-#org.osgi.framework.trust.repositories=${karaf.etc}/trustStore.ks
-
-#
-# HA/Lock configuration
-#
-# Karaf uses a lock mechanism to know which instance is the master (HA)
-# The lock can be on the filesystem (default) or on a database.
-#
-# See http://karaf.apache.org/manual/latest/users-guide/failover.html for details.
-#
-# Even using a single instance, Karaf creates the lock file
-# You can specify the location of the lock file using the
-# karaf.lock.dir=/path/to/the/directory/containing/the/lock
-#
-# By default, the slave instances start but are passive.
-# If you want to prevent the slave instances startup, you can use
-# the karaf.lock.slave.block property (false by default):
-# karaf.lock.slave.block=true
-
-javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
-javax.net.ssl.keyStorePassword=password
-javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
-javax.net.ssl.trustStorePassword=password
\ No newline at end of file
diff --git a/examples/example-idscp2/docker-compose-broadcast-client.yaml b/examples/example-idscp2/docker-compose-broadcast-client.yaml
index 1cefa36a5..fd2bf5981 100644
--- a/examples/example-idscp2/docker-compose-broadcast-client.yaml
+++ b/examples/example-idscp2/docker-compose-broadcast-client.yaml
@@ -18,7 +18,6 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ./system.properties:/root/etc/system.properties
       - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
diff --git a/examples/example-idscp2/docker-compose-broadcast-server.yaml b/examples/example-idscp2/docker-compose-broadcast-server.yaml
index 1765db7ac..567021e22 100644
--- a/examples/example-idscp2/docker-compose-broadcast-server.yaml
+++ b/examples/example-idscp2/docker-compose-broadcast-server.yaml
@@ -18,7 +18,6 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ./system.properties:/root/etc/system.properties
       - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
diff --git a/examples/example-idscp2/docker-compose-consumer.yaml b/examples/example-idscp2/docker-compose-consumer.yaml
index 3d0ddef40..f83010ae9 100644
--- a/examples/example-idscp2/docker-compose-consumer.yaml
+++ b/examples/example-idscp2/docker-compose-consumer.yaml
@@ -18,7 +18,6 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ./system.properties:/root/etc/system.properties
       - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
diff --git a/examples/example-idscp2/docker-compose-provider.yaml b/examples/example-idscp2/docker-compose-provider.yaml
index 87596110d..75e13cec7 100644
--- a/examples/example-idscp2/docker-compose-provider.yaml
+++ b/examples/example-idscp2/docker-compose-provider.yaml
@@ -18,7 +18,6 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ./system.properties:/root/etc/system.properties
       - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
diff --git a/examples/example-idscp2/system.properties b/examples/example-idscp2/system.properties
deleted file mode 100644
index f9e88f63b..000000000
--- a/examples/example-idscp2/system.properties
+++ /dev/null
@@ -1,154 +0,0 @@
-################################################################################
-#
-#    Licensed to the Apache Software Foundation (ASF) under one or more
-#    contributor license agreements.  See the NOTICE file distributed with
-#    this work for additional information regarding copyright ownership.
-#    The ASF licenses this file to You under the Apache License, Version 2.0
-#    (the "License"); you may not use this file except in compliance with
-#    the License.  You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#    Unless required by applicable law or agreed to in writing, software
-#    distributed under the License is distributed on an "AS IS" BASIS,
-#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#    See the License for the specific language governing permissions and
-#    limitations under the License.
-#
-################################################################################
-
-#
-# The properties defined in this file will be made available through system
-# properties at the very beginning of the Karaf's boot process.
-#
-
-
-# Log level when the pax-logging service is not available
-# This level will only be used while the pax-logging service bundle
-# is not fully available.
-# To change log levels, please refer to the org.ops4j.pax.logging.cfg file
-# instead.
-org.ops4j.pax.logging.DefaultServiceLog.level = ERROR
-
-#
-# Name of this Karaf instance.
-#
-karaf.name = root
-
-#
-# Default repository where bundles will be loaded from before using
-# other Maven repositories.  For the full Maven configuration, see
-# the org.ops4j.pax.url.mvn.cfg file.
-#
-karaf.default.repository = system
-
-#
-# Location of a shell script that will be run when starting a shell
-# session.  This script can be used to create aliases and define
-# additional commands.
-#
-karaf.shell.init.script = shell.init.script
-
-#
-# Sets the maximum size of the shell command history. If not set,
-# defaults to 500 entries. Setting to 0 will disable history.
-#
-# karaf.shell.history.maxSize = 0
-
-#
-# Deletes the entire karaf.data directory at every start
-#
-karaf.clean.all = false
-
-#
-# Deletes the karaf.data/cache directory at every start
-#
-karaf.clean.cache = true
-
-#
-# User name for the Karaf local console
-#
-karaf.local.user = karaf
-
-#
-# Roles to use when for the default user in the local Karaf console.
-#
-# The syntax is the following:
-#   [classname:]principal
-# where classname is the class name of the principal object
-# (defaults to org.apache.karaf.jaas.modules.RolePrincipal)
-# and principal is the name of the principal of that class
-# (defaults to instance).
-#
-karaf.local.roles = admin,manager,viewer,systembundles
-
-#
-# Set this empty property to avoid errors when validating xml documents.
-#
-xml.catalog.files =
-
-#
-# Suppress the bell in the console when hitting backspace too many times
-# for example
-#
-jline.nobell = true
-
-#
-# ServiceMix specs options
-#
-org.apache.servicemix.specs.debug = false
-org.apache.servicemix.specs.timeout = 0
-
-#
-# Settings for the OSGi 4.3 Weaving
-# By default, we will not weave any classes. Change this setting to include classes
-# that you application needs to have woven.
-#
-org.apache.aries.proxy.weaving.enabled = none
-# Classes not to weave - Aries default + Xerces which is known to have issues.
-org.apache.aries.proxy.weaving.disabled = org.objectweb.asm.*,org.slf4j.*,org.apache.log4j.*,javax.*,org.apache.xerces.*
-
-#
-# By default, only Karaf shell commands are secured, but additional services can be
-# secured by expanding this filter
-#
-karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
-
-#
-# By default, if there's no ACL policy for a certain karaf command, this command is allowed to access
-# without the RBAC. We can change this behavior by enable the following property, which means
-# if a karaf command has no corresponding ACL then access it must have one of the karaf.secured.command.compulsory.roles
-#
-#karaf.secured.command.compulsory.roles=admin
-
-#
-# Security properties
-#
-# To enable OSGi security, uncomment the properties below,
-# install the framework-security feature and restart.
-#
-#java.security.policy=${karaf.etc}/all.policy
-#org.osgi.framework.security=osgi
-#org.osgi.framework.trust.repositories=${karaf.etc}/trustStore.ks
-
-#
-# HA/Lock configuration
-#
-# Karaf uses a lock mechanism to know which instance is the master (HA)
-# The lock can be on the filesystem (default) or on a database.
-#
-# See http://karaf.apache.org/manual/latest/users-guide/failover.html for details.
-#
-# Even using a single instance, Karaf creates the lock file
-# You can specify the location of the lock file using the
-# karaf.lock.dir=/path/to/the/directory/containing/the/lock
-#
-# By default, the slave instances start but are passive.
-# If you want to prevent the slave instances startup, you can use
-# the karaf.lock.slave.block property (false by default):
-# karaf.lock.slave.block=true
-
-javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
-javax.net.ssl.keyStorePassword=password
-javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
-javax.net.ssl.trustStorePassword=password
\ No newline at end of file

From 5f6ac78aad78b181c35a0e1c76d4de1f42cd902f Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 9 Dec 2020 21:33:54 +0100
Subject: [PATCH 202/237] Small auth fix

---
 .../fhg/aisec/ids/webconsole/api/UserApi.java | 51 +++++++++----------
 1 file changed, 24 insertions(+), 27 deletions(-)

diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/UserApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/UserApi.java
index 3c6852799..44b4c3da2 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/UserApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/UserApi.java
@@ -19,22 +19,15 @@
  */
 package de.fhg.aisec.ids.webconsole.api;
 
-import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
-import static javax.ws.rs.core.Response.Status.UNAUTHORIZED;
-
 import com.auth0.jwt.JWT;
 import com.auth0.jwt.algorithms.Algorithm;
 import de.fhg.aisec.ids.webconsole.api.data.User;
 import io.swagger.annotations.Api;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.util.Calendar;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
 import javax.crypto.KeyGenerator;
 import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.NameCallback;
 import javax.security.auth.callback.PasswordCallback;
 import javax.security.auth.login.Configuration;
@@ -46,8 +39,15 @@
 import javax.ws.rs.Produces;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.util.Calendar;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+
+import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
+import static javax.ws.rs.core.Response.Status.UNAUTHORIZED;
 
 @Path("/user")
 @Api(value = "User Authentication")
@@ -98,7 +98,7 @@ public Response authenticateUser(User user) {
 
   private String issueToken(String username) {
     Calendar cal = Calendar.getInstance();
-    cal.add(Calendar.DAY_OF_MONTH, 1);
+    cal.setTimeInMillis(cal.getTimeInMillis() + 86_400_000);
     Date tomorrow = cal.getTime();
 
     return JWT.create()
@@ -114,26 +114,23 @@ private boolean authenticate(String user, String password) throws LoginException
     can be configured as needed without changing this code here.
     */
     if (Configuration.getConfiguration().getAppConfigurationEntry("karaf") == null) {
-      LOG.warn(
-          "No LoginModules configured for karaf. This is okay if running as unit test. If this message appears in Karaf container, make sure that JAAS is available.");
+      LOG.warn("No LoginModules configured for karaf. This is okay if running as unit test. " +
+              "If this message appears in Karaf container, make sure that JAAS is available.");
       return "ids".equals(user) && "ids".equals(password);
     }
     LoginContext ctx =
         new LoginContext(
             "karaf",
-            new CallbackHandler() {
-              @Override
-              public void handle(Callback[] callbacks) {
-                for (Callback cb : callbacks) {
-                  if (cb instanceof PasswordCallback) {
-                    ((PasswordCallback) cb).setPassword(password.toCharArray());
-                  }
-                  if (cb instanceof NameCallback) {
-                    ((NameCallback) cb).setName(user);
+                callbacks -> {
+                  for (Callback cb : callbacks) {
+                    if (cb instanceof PasswordCallback) {
+                      ((PasswordCallback) cb).setPassword(password.toCharArray());
+                    }
+                    if (cb instanceof NameCallback) {
+                      ((NameCallback) cb).setName(user);
+                    }
                   }
-                }
-              }
-            });
+                });
     ctx.login();
     return true;
   }

From 474707040995cc69cff1e59bb90dbde01c0e2de1 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 11 Dec 2020 14:35:45 +0100
Subject: [PATCH 203/237] Error handling fix

---
 .../secure_channel/NativeTLSDriver.kt         | 28 ++++---------------
 .../secure_channel/client/TLSClient.kt        | 12 ++++----
 .../idscp_core/drivers/SecureChannelDriver.kt | 20 +++++++------
 3 files changed, 24 insertions(+), 36 deletions(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
index 4cf1b294c..72617bcb4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
@@ -2,18 +2,14 @@ package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel
 
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client.TLSClient
 import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server.TLSServer
+import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
 import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
-import org.slf4j.LoggerFactory
-import java.io.IOException
-import java.security.KeyManagementException
-import java.security.NoSuchAlgorithmException
 import java.util.concurrent.CompletableFuture
 
 /**
@@ -32,11 +28,7 @@ class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC, NativeTlsC
         try {
             val tlsClient = TLSClient(connectionFactory, configuration, secureChannelConfig, connectionFuture)
             tlsClient.connect(secureChannelConfig.host, secureChannelConfig.serverPort)
-        } catch (e: IOException) {
-            connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
-        } catch (e: NoSuchAlgorithmException) {
-            connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
-        } catch (e: KeyManagementException) {
+        } catch (e: Exception) {
             connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
         }
         return connectionFuture
@@ -53,16 +45,8 @@ class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC, NativeTlsC
                         secureChannelConfig: NativeTlsConfiguration): SecureServer {
         return try {
             TLSServer(secureChannelConfig, channelInitListener, serverListenerPromise)
-        } catch (e: IOException) {
-            throw Idscp2Exception("Error while trying to to start SecureServer", e)
-        } catch (e: NoSuchAlgorithmException) {
-            throw Idscp2Exception("Error while trying to to start SecureServer", e)
-        } catch (e: KeyManagementException) {
+        } catch (e: Exception) {
             throw Idscp2Exception("Error while trying to to start SecureServer", e)
         }
     }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(NativeTLSDriver::class.java)
-    }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
index 169a0a390..9e2c5c0dd 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
@@ -127,11 +127,11 @@ class TLSClient<CC: Idscp2Connection>(
         if (LOG.isDebugEnabled) {
             LOG.debug("TLS Handshake was successful")
         }
-        if (!connectionFuture.isCancelled) {
-            // TODO: When server behavior fixed, disconnect and return here instantly
-//            disconnect();
-//            return;
-        }
+        // TODO: When server behavior fixed, disconnect and return here instantly
+//        if (!connectionFuture.isCancelled) {
+//            disconnect()
+//            return
+//        }
 
         // verify tls session on application layer: hostname verification, certificate validity
         try {
@@ -197,7 +197,7 @@ class TLSClient<CC: Idscp2Connection>(
         sslParameters.needClientAuth = true
         sslParameters.protocols = TLSConstants.TLS_ENABLED_PROTOCOLS // only TLSv1.3
         sslParameters.cipherSuites = TLSConstants.TLS_ENABLED_CIPHERS // only allow strong cipher
-        //        sslParameters.setEndpointIdentificationAlgorithm("HTTPS");  // is done in application layer
+//        sslParameters.endpointIdentificationAlgorithm = "HTTPS";  // is done in application layer
         sslSocket.sslParameters = sslParameters
         LOG.debug("TLS Client was initialized successfully")
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
index a0234cb74..9a68f6f62 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
@@ -1,10 +1,10 @@
 package de.fhg.aisec.ids.idscp2.idscp_core.drivers
 
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
+import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
+import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
 import java.util.concurrent.CompletableFuture
 
 /**
@@ -17,14 +17,18 @@ interface SecureChannelDriver<CC : Idscp2Connection, SecureChannelConfiguration>
     /*
      * Asynchronous method to create a secure connection to a secure server
      */
-    fun connect(connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
-                     configuration: Idscp2Configuration,
-                     secureChannelConfig: SecureChannelConfiguration): CompletableFuture<CC>
+    fun connect(
+        connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
+        configuration: Idscp2Configuration,
+        secureChannelConfig: SecureChannelConfiguration
+    ): CompletableFuture<CC>
 
     /*
      * Starting a secure server
      */
-    fun listen(channelInitListener: SecureChannelInitListener<CC>,
-               serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>,
-                secureChannelConfig: SecureChannelConfiguration): SecureServer
+    fun listen(
+        channelInitListener: SecureChannelInitListener<CC>,
+        serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>,
+        secureChannelConfig: SecureChannelConfiguration
+    ): SecureServer
 }
\ No newline at end of file

From 35b8944095e137f913c73cc7c5bbe88330bb86d6 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Mon, 14 Dec 2020 12:42:20 +0100
Subject: [PATCH 204/237] Implemented reconnects for IDSCP2 client producers

---
 .../idscp2/client/Idscp2ClientEndpoint.kt     | 19 ++++-
 .../idscp2/client/Idscp2ClientProducer.kt     | 81 ++++++++++++-------
 2 files changed, 71 insertions(+), 29 deletions(-)

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index 737fc0e8a..df4b81ae3 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -87,6 +87,18 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
             defaultValue = "false"
     )
     var useIdsMessages: Boolean = false
+    @UriParam(
+        label = "client",
+        description = "Max attempts to connect to the IDSCP2 server",
+        defaultValue = "3"
+    )
+    var maxRetries: Int = 3
+    @UriParam(
+        label = "client",
+        description = "Delay after an failed connection attempt to the server",
+        defaultValue = "5000"
+    )
+    var retryDelayMs: Long = 5000
 
     private fun makeConnectionInternal(): CompletableFuture<AppLayerConnection> {
         return secureChannelDriver.connect(::AppLayerConnection, clientConfiguration, secureChannelConfig).thenApply { c ->
@@ -188,8 +200,11 @@ class Idscp2ClientEndpoint(uri: String?, private val remaining: String, componen
         }
         private fun releaseConnectionInternal(connectionFuture: CompletableFuture<AppLayerConnection>) {
             if (connectionFuture.isDone) {
-                connectionFuture.get().close()
-            } else if (!connectionFuture.isCompletedExceptionally) {
+                // Exceptional completion includes cancellation
+                if (!connectionFuture.isCompletedExceptionally) {
+                    connectionFuture.get().close()
+                }
+            } else {
                 connectionFuture.cancel(true)
             }
         }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
index 5aa393bf7..3e10ee3a2 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -18,6 +18,7 @@ package de.fhg.aisec.ids.camel.idscp2.client
 
 import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
+import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
 import de.fraunhofer.iais.eis.Message
 import org.apache.camel.Exchange
 import org.apache.camel.support.DefaultProducer
@@ -39,35 +40,57 @@ class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : Default
             val header = message.getHeader(IDSCP2_HEADER)
             val body = message.getBody(ByteArray::class.java)
             if (header != null || body != null) {
-                val connection = connectionFuture.get()
-                if (endpoint.awaitResponse) {
-                    val condition = reentrantLock.newCondition()
-                    val responseHandler = { responseHeader: Any?, responsePayload: ByteArray? ->
-                        message.setHeader(IDSCP2_HEADER, responseHeader)
-                        message.body = responsePayload
-                        reentrantLock.withLock {
-                            condition.signal()
+                for (t in 1..endpoint.maxRetries) {
+                    try {
+                        // If connectionFuture completed exceptionally, recreate Connection
+                        if (connectionFuture.isCompletedExceptionally) {
+                            connectionFuture = endpoint.makeConnection()
+                                .also { c -> c.thenAccept { it.unlockMessaging() } }
                         }
-                    }
-                    reentrantLock.withLock {
-                        if (endpoint.useIdsMessages) {
-                            connection.addIdsMessageListener { _, responseHeader, responsePayload ->
-                                responseHandler(responseHeader, responsePayload)
+                        val connection = connectionFuture.get()
+                        if (endpoint.awaitResponse) {
+                            val condition = reentrantLock.newCondition()
+                            val responseHandler = { responseHeader: Any?, responsePayload: ByteArray? ->
+                                message.setHeader(IDSCP2_HEADER, responseHeader)
+                                message.body = responsePayload
+                                reentrantLock.withLock {
+                                    condition.signal()
+                                }
+                            }
+                            reentrantLock.withLock {
+                                if (endpoint.useIdsMessages) {
+                                    connection.addIdsMessageListener { _, responseHeader, responsePayload ->
+                                        responseHandler(responseHeader, responsePayload)
+                                    }
+                                    connection.sendIdsMessage(header?.let { header as Message }, body)
+                                } else {
+                                    connection.addGenericMessageListener { _, responseHeader, responsePayload ->
+                                        responseHandler(responseHeader, responsePayload)
+                                    }
+                                    connection.sendGenericMessage(header?.toString(), body)
+                                }
+                                condition.await()
                             }
-                            connection.sendIdsMessage(header?.let { header as Message }, body)
                         } else {
-                            connection.addGenericMessageListener { _, responseHeader, responsePayload ->
-                                responseHandler(responseHeader, responsePayload)
+                            if (endpoint.useIdsMessages) {
+                                connection.sendIdsMessage(header?.let { header as Message }, body)
+                            } else {
+                                connection.sendGenericMessage(header?.toString(), body)
                             }
-                            connection.sendGenericMessage(header?.toString(), body)
                         }
-                        condition.await()
-                    }
-                } else {
-                    if (endpoint.useIdsMessages) {
-                        connection.sendIdsMessage(header?.let { header as Message }, body)
-                    } else {
-                        connection.sendGenericMessage(header?.toString(), body)
+                        return
+                    } catch (x: Exception) {
+                        if (endpoint.maxRetries == t) {
+                            LOG.error("Massage delivery failed finally, aborting exchange...")
+                            exchange.setException(x)
+                        } else {
+                            LOG.warn("Message delivery failed in attempt $t, " +
+                                    "reset connection and retry after ${endpoint.retryDelayMs} ms...", x)
+                            endpoint.releaseConnection(connectionFuture)
+                            connectionFuture = endpoint.makeConnection()
+                                .also { c -> c.thenAccept { it.unlockMessaging() } }
+                            Thread.sleep(endpoint.retryDelayMs)
+                        }
                     }
                 }
             }
@@ -79,9 +102,13 @@ class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : Default
         if (endpoint.awaitResponse) {
             reentrantLock = ReentrantLock()
         }
-        connectionFuture = endpoint.makeConnection()
-        // Unlock messaging immediately after obtaining connection
-        connectionFuture.thenAccept { it.unlockMessaging() }
+        connectionFuture = endpoint.makeConnection().also { c ->
+            // Unlock messaging immediately after obtaining connection
+            c.thenAccept { it.unlockMessaging() }.exceptionally {
+                LOG.warn("Could not connect to Server ${endpoint.endpointUri}, delaying connect until first message...")
+                null
+            }
+        }
     }
 
     public override fun doStop() {

From 2bd4915696cfbc9277cba153ca714c4c68c1d383 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 15 Dec 2020 14:18:06 +0100
Subject: [PATCH 205/237] Updated jackson dependencies

---
 libraryVersions.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index 49ccd4231..d3267fa0c 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -65,7 +65,7 @@ javaxJson: "1.1.4"
 dockerJavaApi: "0.0.11"
 
 # We will pull in a newer version of jackson because of security fixes
-jackson: "2.10.2"
+jackson: "2.12.0"
 
 # Needed for camel multipart processor
 commonsFileUpload: "1.4"

From 9582309bdb4d2b1ec6c348a48a5fcb1602bc0898 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 15 Dec 2020 21:57:57 +0100
Subject: [PATCH 206/237] Fixed feature packaging

---
 camel-idscp2-osgi/bnd.bnd       | 4 ++--
 karaf-features-ids/build.gradle | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/camel-idscp2-osgi/bnd.bnd b/camel-idscp2-osgi/bnd.bnd
index dcbf160e3..3fbd3aac9 100644
--- a/camel-idscp2-osgi/bnd.bnd
+++ b/camel-idscp2-osgi/bnd.bnd
@@ -1,5 +1,5 @@
-Bundle-Name: IDS :: Camel IDSCP2 Support
+Bundle-Name: IDS :: Camel IDSCP2 Support for OSGi
 Bundle-SymbolicName: de.fhg.aisec.ids.camel.idscp2.osgi
-Bundle-Description: Camel IDSCP2 protocol support
+Bundle-Description: Camel IDSCP2 protocol support for OSGi
 Export-Package: de.fhg.aisec.ids.camel.idscp2*
 Import-Package: *
\ No newline at end of file
diff --git a/karaf-features-ids/build.gradle b/karaf-features-ids/build.gradle
index 21bf680aa..2ec310bce 100644
--- a/karaf-features-ids/build.gradle
+++ b/karaf-features-ids/build.gradle
@@ -9,7 +9,7 @@ ext {
 
 rootProject.configurations.findAll { it.name.endsWith('Bundle') }.each { project.ext.bundleConfigurations.add(it.name) }
 
-rootProject.subprojects.findAll { it.name.matches("(^camel-ids(cp2-osgi)?|ids-.*|.*-(patch|wrapper)\$)") }.each { p ->
+rootProject.subprojects.findAll { it.name.matches("(^camel-(?!idscp2\$).*|ids-.*|.*-(patch|wrapper)\$)") }.each { p ->
     Boolean included = false
     // Include each sub-project declaring dependencies with a configuration ending on "Bundle",
     // using exactly that configuration for the dependency itself and selection of additional recursive dependencies.

From 7f1da3e5c215ae0f660676cb263066ff4cc7b33d Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 22 Dec 2020 13:47:46 +0100
Subject: [PATCH 207/237] IDSCP2 UC example, IDSCP2 default example cleanup,
 minor code cleanup

---
 .../processors/ArtifactResponseProcessor.kt   | 34 ---------
 examples/example-idscp/README.md              |  4 +-
 examples/example-idscp2-uc/.env               |  2 +
 examples/example-idscp2-uc/README.md          | 11 +++
 .../docker-compose-client.yaml}               | 21 ++----
 .../docker-compose-server.yaml                | 25 +++++++
 .../example-idscp2-client.xml                 | 70 +++++++++++++++++++
 .../example-idscp2-server.xml                 | 59 ++++++++++++++++
 examples/example-idscp2/README.md             | 24 +++++--
 .../docker-compose-broadcast-client.yaml      | 17 -----
 .../docker-compose-broadcast-server.yaml      | 17 +----
 .../example-idscp2/docker-compose-client.yaml | 25 +++++++
 ...nsumer.yaml => docker-compose-server.yaml} | 17 -----
 examples/route-examples/demo-route.xml        |  2 -
 14 files changed, 221 insertions(+), 107 deletions(-)
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactResponseProcessor.kt
 create mode 100644 examples/example-idscp2-uc/.env
 create mode 100644 examples/example-idscp2-uc/README.md
 rename examples/{example-idscp2/docker-compose-provider.yaml => example-idscp2-uc/docker-compose-client.yaml} (60%)
 create mode 100644 examples/example-idscp2-uc/docker-compose-server.yaml
 create mode 100644 examples/example-idscp2-uc/example-idscp2-client.xml
 create mode 100644 examples/example-idscp2-uc/example-idscp2-server.xml
 create mode 100644 examples/example-idscp2/docker-compose-client.yaml
 rename examples/example-idscp2/{docker-compose-consumer.yaml => docker-compose-server.yaml} (55%)

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactResponseProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactResponseProcessor.kt
deleted file mode 100644
index 6b1fcd8b6..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactResponseProcessor.kt
+++ /dev/null
@@ -1,34 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants
-import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.ArtifactResponseMessage
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-
-class ArtifactResponseProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("[IN] ${this::class.java.simpleName}")
-        }
-
-        val artifactResponseMessage = exchange.message.getHeader(
-                Constants.IDSCP2_HEADER, ArtifactResponseMessage::class.java)
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Received serialization header: {}", SERIALIZER.serialize(artifactResponseMessage))
-        }
-
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Received serialization body: {}", exchange.message.body)
-        }
-
-        // add behavior here depending on existing artifact or not
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ArtifactResponseProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/examples/example-idscp/README.md b/examples/example-idscp/README.md
index ce4704476..e63429f85 100644
--- a/examples/example-idscp/README.md
+++ b/examples/example-idscp/README.md
@@ -1,6 +1,4 @@
 This example demonstrates the conversion of MQTT messages (using Eclipse Paho)
 and publishing via a web interface using the Trusted Connector.
 
-Documentation is located at https://industrial-data-space.github.io/trusted-connector-documentation/docs/rest/
-
-(c) Fraunhofer AISEC 2018
\ No newline at end of file
+Documentation is located at https://industrial-data-space.github.io/trusted-connector-documentation/docs/rest/
\ No newline at end of file
diff --git a/examples/example-idscp2-uc/.env b/examples/example-idscp2-uc/.env
new file mode 100644
index 000000000..a424a7d41
--- /dev/null
+++ b/examples/example-idscp2-uc/.env
@@ -0,0 +1,2 @@
+# This defines the tag used for docker-compose example YAML files in the current directory
+EXAMPLE_TAG=develop
\ No newline at end of file
diff --git a/examples/example-idscp2-uc/README.md b/examples/example-idscp2-uc/README.md
new file mode 100644
index 000000000..39acbe03f
--- /dev/null
+++ b/examples/example-idscp2-uc/README.md
@@ -0,0 +1,11 @@
+# IDSCP2 communication examples
+
+This example demonstrates client-server communication between trusted connectors via the IDSCP2 protocol,
+including LUCON UC (Usage Control), limiting execution to a particular docker container, identified by its content hash.
+
+The example is started in the same way as described in `example-idscp2/README.md`, with the only difference that
+container names in `exec` commands (`server-core` and `client-core`) switch places.
+
+If the UC demo fails, check whether the repo digest needs to be adapted in the XML file`example-idscp2-server.xml`
+(last part of DockerHub URI). 
+You can show the most recent digest using the command `docker images --digests jmalloc/echo-server`.
\ No newline at end of file
diff --git a/examples/example-idscp2/docker-compose-provider.yaml b/examples/example-idscp2-uc/docker-compose-client.yaml
similarity index 60%
rename from examples/example-idscp2/docker-compose-provider.yaml
rename to examples/example-idscp2-uc/docker-compose-client.yaml
index 75e13cec7..55f60e83f 100644
--- a/examples/example-idscp2/docker-compose-provider.yaml
+++ b/examples/example-idscp2-uc/docker-compose-client.yaml
@@ -1,30 +1,18 @@
 version: '3'
 services:
 
-  # TPM simulator
-#  ids-tpmsim-provider:
-#    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-#    volumes:
-#      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
-#      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-#    networks:
-#      - provider-internal
-
   # The core platform, mounts docker control socket and route definition into the image
-  provider-core:
+  consumer-core:
     image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
     tty: true
     stdin_open: true
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
       - ./example-idscp2-client.xml:/root/deploy/example-idscp2-client.xml
-    environment:
-      - TPM_HOST=ids-tpmsim-provider
-    # Enable this lines for debugging or UI access from localhost
+    # Enable this port mappings for debugging or UI access from localhost
 #    ports:
 #      - "5005:5005"
 #      - "8181:8181"
@@ -33,6 +21,11 @@ services:
       - ids-wide
       - provider-internal
 
+  echo-server:
+    image: jmalloc/echo-server@sha256:c461e7e54d947a8777413aaf9c624b4ad1f1bac5d8272475da859ae82c1abd7d
+    networks:
+      - provider-internal
+
 networks:
   ids-wide:
     driver: bridge
diff --git a/examples/example-idscp2-uc/docker-compose-server.yaml b/examples/example-idscp2-uc/docker-compose-server.yaml
new file mode 100644
index 000000000..024c3546f
--- /dev/null
+++ b/examples/example-idscp2-uc/docker-compose-server.yaml
@@ -0,0 +1,25 @@
+version: '3'
+services:
+
+  # The core platform, mounts docker control socket and route definition into the image
+  provider-core:
+    image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
+    tty: true
+    stdin_open: true
+    volumes:
+      - ../log/:/root/log/
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
+      - ../cert-stores/truststore.p12:/root/etc/truststore.p12
+      - ./example-idscp2-server.xml:/root/deploy/example-idscp2-server.xml
+    # Enable this port mappings for debugging or UI access from localhost
+#    ports:
+#      - "5005:5005"
+#      - "8181:8181"
+#      - "8443:8443"
+    networks:
+      - ids-wide
+
+networks:
+  ids-wide:
+    driver: bridge
diff --git a/examples/example-idscp2-uc/example-idscp2-client.xml b/examples/example-idscp2-uc/example-idscp2-client.xml
new file mode 100644
index 000000000..c75908056
--- /dev/null
+++ b/examples/example-idscp2-uc/example-idscp2-client.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+    <camel:sslContextParameters id="clientSslContext" certAlias="1.0.1">
+        <camel:keyManagers keyPassword="password">
+            <camel:keyStore resource="etc/consumer-keystore.p12" password="password"/>
+        </camel:keyManagers>
+        <camel:trustManagers>
+            <camel:keyStore resource="etc/truststore.p12" password="password"/>
+        </camel:trustManagers>
+    </camel:sslContextParameters>
+
+    <bean id="ArtifactRequestCreationProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ArtifactRequestCreationProcessor" />
+    <bean id="ContractRequestCreationProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ContractRequestCreationProcessor"/>
+    <bean id="ContractResponseProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ContractResponseProcessor"/>
+    <bean id="TypeExtractionProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.IdsMessageTypeExtractionProcessor" />
+
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+        <route>
+            <from uri="timer://contractRequest?repeatCount=1" />
+            <setProperty name="artifactUri">
+                <constant>https://example.com/some_artifact</constant>
+            </setProperty>
+            <process ref="ContractRequestCreationProcessor" />
+            <to uri="idscp2client://provider-core:29292?awaitResponse=true&amp;connectionShareId=ucConnection&amp;sslContextParameters=#clientSslContext&amp;useIdsMessages=true"/>
+            <process ref="TypeExtractionProcessor"/>
+            <choice>
+                <when>
+                    <simple>${exchangeProperty.ids-type} == 'ContractResponseMessage'</simple>
+                    <log message="### Handle ContractResponseMessage ###"/>
+                    <process ref="ContractResponseProcessor"/>
+                    <to uri="idscp2client://provider-core:29292?connectionShareId=ucConnection&amp;sslContextParameters=#clientSslContext&amp;useIdsMessages=true"/>
+                </when>
+                <otherwise>
+                    <log loggingLevel="ERROR" message="Expected ContractResponseMessage, but received:\n${body}\n### Header: ###\n${headers[idscp2-header]}"/>
+                    <removeHeader headerName="idscp2-header" />
+                    <setBody><simple>${null}</simple></setBody>
+                </otherwise>
+            </choice>
+        </route>
+
+        <route>
+            <from uri="timer://tenSecondsTimer?fixedRate=true&amp;period=10000&amp;delay=10000"/>
+            <setProperty name="artifactUri">
+                <constant>https://example.com/some_artifact</constant>
+            </setProperty>
+            <process ref="ArtifactRequestCreationProcessor" />
+            <to uri="idscp2client://provider-core:29292?awaitResponse=true&amp;connectionShareId=ucConnection&amp;sslContextParameters=#clientSslContext&amp;useIdsMessages=true"/>
+            <process ref="TypeExtractionProcessor"/>
+            <choice>
+                <when>
+                    <simple>${exchangeProperty.ids-type} == 'ArtifactResponseMessage'</simple>
+                    <log message="### Handle ArtifactResponseMessage ###"/>
+                    <to uri="http://echo-server:8080"/>
+                    <log message="Response body\n\n${body}"/>
+                </when>
+                <otherwise>
+                    <log loggingLevel="ERROR" message="Expected ArtifactResponseMessage, but received:\n${body}\n### Header: ###\n${headers[idscp2-header]}"/>
+                </otherwise>
+            </choice>
+        </route>
+
+    </camelContext>
+
+</blueprint>
diff --git a/examples/example-idscp2-uc/example-idscp2-server.xml b/examples/example-idscp2-uc/example-idscp2-server.xml
new file mode 100644
index 000000000..6e9baae92
--- /dev/null
+++ b/examples/example-idscp2-uc/example-idscp2-server.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
+ http://www.osgi.org/xmlns/blueprint/v1.0.0 https://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
+ http://camel.apache.org/schema/blueprint https://camel.apache.org/schema/blueprint/camel-blueprint-3.3.0.xsd">
+
+    <camel:sslContextParameters id="serverSslContext" certAlias="1.0.1">
+        <camel:keyManagers keyPassword="password">
+            <camel:keyStore resource="etc/provider-keystore.p12" password="password"/>
+        </camel:keyManagers>
+        <camel:trustManagers>
+            <camel:keyStore resource="etc/truststore.p12" password="password"/>
+        </camel:trustManagers>
+    </camel:sslContextParameters>
+
+    <bean id="ArtifactRequestProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ArtifactRequestProcessor" />
+    <bean id="ContractRequestProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ContractRequestProcessor"/>
+    <bean id="ContractAgreementReceiverProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ContractAgreementReceiverProcessor"/>
+    <bean id="TypeExtractionProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.IdsMessageTypeExtractionProcessor" />
+
+    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
+
+        <route id="server">
+            <from uri="idscp2server://0.0.0.0:29292?sslContextParameters=#serverSslContext&amp;useIdsMessages=true"/>
+            <process ref="TypeExtractionProcessor"/>
+            <choice>
+                <when>
+                    <simple>${exchangeProperty.ids-type} == 'ContractRequestMessage'</simple>
+                    <log message="### Handle ContractRequestMessage ###"/>
+                    <setProperty name="containerUri">
+                        <constant>https://hub.docker.com/layers/jmalloc/echo-server/latest/images/sha256-c461e7e54d947a8777413aaf9c624b4ad1f1bac5d8272475da859ae82c1abd7d#8080</constant>
+                    </setProperty>
+                    <process ref="ContractRequestProcessor"/>
+                </when>
+                <when>
+                    <simple>${exchangeProperty.ids-type} == 'ContractAgreementMessage'</simple>
+                    <log message="### Handle ContractAgreementMessage ###"/>
+                    <!-- Only processing of incoming request must be performed, no reply -->
+                    <process ref="ContractAgreementReceiverProcessor"/>
+                    <removeHeader headerName="idscp2-header" />
+                    <setBody><simple>${null}</simple></setBody>
+                </when>
+                <when>
+                    <simple>${exchangeProperty.ids-type} == 'ArtifactRequestMessage'</simple>
+                    <log message="### Handle ArtifactRequestMessage ###"/>
+                    <process ref="ArtifactRequestProcessor" />
+                </when>
+                <otherwise>
+                    <log message="### Server received (otherwise branch):\n${body}\n### Header: ###\n${headers[idscp2-header]}"/>
+                    <removeHeader headerName="idscp2-header" />
+                    <setBody><simple>${null}</simple></setBody>
+                </otherwise>
+            </choice>
+        </route>
+
+    </camelContext>
+
+</blueprint>
diff --git a/examples/example-idscp2/README.md b/examples/example-idscp2/README.md
index ce4704476..cd695c1fa 100644
--- a/examples/example-idscp2/README.md
+++ b/examples/example-idscp2/README.md
@@ -1,6 +1,22 @@
-This example demonstrates the conversion of MQTT messages (using Eclipse Paho)
-and publishing via a web interface using the Trusted Connector.
+# IDSCP2 communication examples
 
-Documentation is located at https://industrial-data-space.github.io/trusted-connector-documentation/docs/rest/
+This examples demonstrate data transfer between trusted connectors via the IDSCP2 protocol.
 
-(c) Fraunhofer AISEC 2018
\ No newline at end of file
+### Default client-server-example
+
+First, start the server (consumer) with the command `docker-compose -f docker-compose-server.yaml up`.
+When the Karaf shell appears, you may attach to it via a separate SSH client connection using the command
+`docker-compose -f docker-compose-server.yaml exec server-core bin/client`, and show logs output `log:tail`.
+
+Second, start the client (provider) using the command `docker-compose -f docker-compose-provider.yaml up`.
+When the Karaf shell appears, you may use `docker-compose -f docker-compose-provider.yaml exec client-core bin/client`
+and `log:tail` analogous to the server.
+
+### Broadcast example
+
+For testing one-to-many broadcasting, the server and client can be started analogous to the client-server-example,
+with the following command modifications:
+
+- Write `docker-compose-broadcast-server.yaml` and `docker-compose-broadcast-client.yaml`
+  instead of `docker-compose-server.yaml` and `docker-compose-client.yaml`, respectively.
+- Container names for `exec` commands (`server-core` and `client-core`) switch places.
\ No newline at end of file
diff --git a/examples/example-idscp2/docker-compose-broadcast-client.yaml b/examples/example-idscp2/docker-compose-broadcast-client.yaml
index fd2bf5981..8a0ed97aa 100644
--- a/examples/example-idscp2/docker-compose-broadcast-client.yaml
+++ b/examples/example-idscp2/docker-compose-broadcast-client.yaml
@@ -1,15 +1,6 @@
 version: '3'
 services:
 
-  # TPM simulator
-#  ids-tpmsim-consumer:
-#    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-#    volumes:
-#      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
-#      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-#    networks:
-#      - consumer-internal
-
   # The core platform, mounts docker control socket and route definition into the image
   consumer-core:
     image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
@@ -18,25 +9,17 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
       - ./example-idscp2-client-broadcast.xml:/root/deploy/example-idscp2-client.xml
-    environment:
-      - TPM_HOST=ids-tpmsim-consumer
     # Enable this port mappings for debugging or UI access from localhost
 #    ports:
 #      - "5005:5005"
 #      - "8181:8181"
 #      - "8443:8443"
-    # Enable this port mapping (along with "ports:" above) to allow access to IDSCP from outside the ids-wide network
-#      - "9292:9292"
     networks:
       - ids-wide
-      - consumer-internal
 
 networks:
   ids-wide:
     driver: bridge
-  consumer-internal:
-    driver: bridge
diff --git a/examples/example-idscp2/docker-compose-broadcast-server.yaml b/examples/example-idscp2/docker-compose-broadcast-server.yaml
index 567021e22..77a29a9fb 100644
--- a/examples/example-idscp2/docker-compose-broadcast-server.yaml
+++ b/examples/example-idscp2/docker-compose-broadcast-server.yaml
@@ -1,15 +1,6 @@
 version: '3'
 services:
 
-  # TPM simulator
-#  ids-tpmsim-provider:
-#    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-#    volumes:
-#      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
-#      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-#    networks:
-#      - provider-internal
-
   # The core platform, mounts docker control socket and route definition into the image
   provider-core:
     image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
@@ -18,23 +9,17 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
       - ./example-idscp2-server-broadcast.xml:/root/deploy/example-idscp2-server.xml
-    environment:
-      - TPM_HOST=ids-tpmsim-provider
-    # Enable this lines for debugging or UI access from localhost
+    # Enable this port mappings for debugging or UI access from localhost
 #    ports:
 #      - "5005:5005"
 #      - "8181:8181"
 #      - "8443:8443"
     networks:
       - ids-wide
-      - provider-internal
 
 networks:
   ids-wide:
     driver: bridge
-  provider-internal:
-    driver: bridge
diff --git a/examples/example-idscp2/docker-compose-client.yaml b/examples/example-idscp2/docker-compose-client.yaml
new file mode 100644
index 000000000..fe1124ffd
--- /dev/null
+++ b/examples/example-idscp2/docker-compose-client.yaml
@@ -0,0 +1,25 @@
+version: '3'
+services:
+
+  # The core platform, mounts docker control socket and route definition into the image
+  provider-core:
+    image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
+    tty: true
+    stdin_open: true
+    volumes:
+      - ../log/:/root/log/
+      - /var/run/docker.sock:/var/run/docker.sock
+      - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
+      - ../cert-stores/truststore.p12:/root/etc/truststore.p12
+      - ./example-idscp2-client.xml:/root/deploy/example-idscp2-client.xml
+    # Enable this port mappings for debugging or UI access from localhost
+#    ports:
+#      - "5005:5005"
+#      - "8181:8181"
+#      - "8443:8443"
+    networks:
+      - ids-wide
+
+networks:
+  ids-wide:
+    driver: bridge
diff --git a/examples/example-idscp2/docker-compose-consumer.yaml b/examples/example-idscp2/docker-compose-server.yaml
similarity index 55%
rename from examples/example-idscp2/docker-compose-consumer.yaml
rename to examples/example-idscp2/docker-compose-server.yaml
index f83010ae9..8d5ea6152 100644
--- a/examples/example-idscp2/docker-compose-consumer.yaml
+++ b/examples/example-idscp2/docker-compose-server.yaml
@@ -1,15 +1,6 @@
 version: '3'
 services:
 
-  # TPM simulator
-#  ids-tpmsim-consumer:
-#    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-#    volumes:
-#      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
-#      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-#    networks:
-#      - consumer-internal
-
   # The core platform, mounts docker control socket and route definition into the image
   consumer-core:
     image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
@@ -18,25 +9,17 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
       - ./example-idscp2-server.xml:/root/deploy/example-idscp2-server.xml
-    environment:
-      - TPM_HOST=ids-tpmsim-consumer
     # Enable this port mappings for debugging or UI access from localhost
 #    ports:
 #      - "5005:5005"
 #      - "8181:8181"
 #      - "8443:8443"
-    # Enable this port mapping (along with "ports:" above) to allow access to IDSCP from outside the ids-wide network
-#      - "9292:9292"
     networks:
       - ids-wide
-      - consumer-internal
 
 networks:
   ids-wide:
     driver: bridge
-  consumer-internal:
-    driver: bridge
diff --git a/examples/route-examples/demo-route.xml b/examples/route-examples/demo-route.xml
index 8f9936732..bedb85a63 100644
--- a/examples/route-examples/demo-route.xml
+++ b/examples/route-examples/demo-route.xml
@@ -17,7 +17,6 @@
 	<!-- Processors for ArtifactMessages -->
 	<bean id="ArtifactRequestCreationProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ArtifactRequestCreationProcessor" />
 	<bean id="ArtifactRequestProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ArtifactRequestProcessor" />
-	<bean id="ArtifactResponseProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ArtifactResponseProcessor"/>
 	<!-- Processors for ContractMessages -->
 	<bean id="ContractRequestCreationProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ContractRequestCreationProcessor"/>
 	<bean id="ContractRequestProcessor" class="de.fhg.aisec.ids.camel.idscp2.processors.ContractRequestProcessor"/>
@@ -155,7 +154,6 @@
 				<when>
 					<simple>${exchangeProperty.ids-type} == 'ArtifactResponseMessage'</simple>
 					<log message="### Handle ArtifactResponseMessage ###"/>
-					<process ref="ArtifactResponseProcessor"/>
 					<to uri="http://172.17.0.2:8080"/>
 					<log message="Response body\n\n${body}"/>
 					<!-- End of message exchange reached -->

From a3a7bcb651f36175f2210923d3cc2cf4d661c88b Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 23 Dec 2020 21:03:54 +0100
Subject: [PATCH 208/237] UC bugfix

---
 .../kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt     | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
index 0c787a0a4..9b97cdb16 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
@@ -67,7 +67,7 @@ class PolicyEnforcementPoint internal constructor(
 
         // Save per exchange object the source node's content (<from: uri="idscp2server://0...>)
         // Same entry in Hashmap per CamelRoute, change of exchange properties do not create new entry
-        val sourceNode = lastDestinations[exchange] ?: {
+        val sourceNode: NamedNode = lastDestinations[exchange] ?: run {
             // If there is no previously saved node for this exchange, use the parent <route> to find the input
             // (first <from> statement) of the processed route.
             var routeNode = destinationNode.parent
@@ -125,6 +125,9 @@ class PolicyEnforcementPoint internal constructor(
                     if (sourceNode is FromDefinition) {
                         // If we found an entry node, then protect exchange's body
                         ucInterface.protectBody(exchange, ucContract.id)
+                        if (LOG.isDebugEnabled) {
+                            LOG.debug("UC: Protect Exchange body with UC contract ${ucContract.id}")
+                        }
                     // ... or output ("to:...") node as destination of this transition.
                     // Additionally check whether exchange's body was protected.
                     } else if (destinationNode is ToDefinition && ucInterface.isProtected(exchange)) {

From b3dbf286d65b289da18a35304dfe322d56fa1ace Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 23 Dec 2020 21:54:13 +0100
Subject: [PATCH 209/237] Local image digest support for UC, additional UC/IDS
 Processors

---
 .../ContractOfferCreationProcessor.kt         | 76 +++++++++++++++
 .../processors/ContractOfferProcessor.kt      | 94 +++++++++++++++++++
 .../processors/ContractResponseProcessor.kt   |  7 +-
 .../IdsMessageTypeExtractionProcessor.kt      |  2 +
 .../ResourceUpdateCreationProcessor.kt        | 53 +++++++++++
 .../ids/api/cm/ApplicationContainer.java      |  9 ++
 .../fhg/aisec/ids/cm/impl/docker/DockerCM.kt  |  4 +-
 .../aisec/ids/rm/PolicyEnforcementPoint.kt    |  1 +
 8 files changed, 242 insertions(+), 4 deletions(-)
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferCreationProcessor.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferProcessor.kt
 create mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ResourceUpdateCreationProcessor.kt

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferCreationProcessor.kt
new file mode 100644
index 000000000..210f3e0d9
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferCreationProcessor.kt
@@ -0,0 +1,76 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants
+import de.fhg.aisec.ids.camel.idscp2.Constants.CONTAINER_URI_PROPERTY
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.Utils
+import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.*
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+import java.net.URI
+
+/**
+ * This Processor handles a ContractRequestMessage and creates a ContractResponseMessage.
+ */
+class ContractOfferCreationProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("[IN] ${this::class.java.simpleName}")
+        }
+
+        val contractOfferMessageBuilder = ContractOfferMessageBuilder()
+        Utils.initMessageBuilder(contractOfferMessageBuilder)
+        contractOfferMessageBuilder.build().let {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Serialization header: {}",SERIALIZER.serialize(it))
+            }
+            exchange.message.setHeader(IDSCP2_HEADER, it)
+        }
+
+        // create ContractOffer, allowing use of received data in the given container only
+        val artifactUri = exchange.getProperty(Constants.ARTIFACT_URI_PROPERTY)?.let {
+            if (it is URI) {
+                it
+            } else {
+                URI.create(it.toString())
+            }
+        }
+        val containerUri = exchange.getProperty(CONTAINER_URI_PROPERTY).let {
+            if (it is URI) {
+                it
+            } else {
+                URI.create(it.toString())
+            }
+        }
+        val contractOffer = ContractOfferBuilder()
+                ._permission_(ArrayList<Permission>().also { pl ->
+                    pl += PermissionBuilder()
+                            ._target_(artifactUri)
+                            ._constraint_(ArrayList<Constraint>().also { cl ->
+                                cl += ConstraintBuilder()
+                                        ._leftOperand_(LeftOperand.SYSTEM)
+                                        ._operator_(BinaryOperator.SAME_AS)
+                                        ._rightOperandReference_(containerUri)
+                                        .build()
+                            })
+                            .build()
+                })
+                .build()
+
+        SERIALIZER.serialize(contractOffer).let {
+            if (LOG.isDebugEnabled) {
+                LOG.debug("ContractOffer ID: {}", contractOffer.id)
+                LOG.debug("Serialisation body: {}", it)
+            }
+            exchange.message.body = it
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(ContractOfferCreationProcessor::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferProcessor.kt
new file mode 100644
index 000000000..af07c59b5
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferProcessor.kt
@@ -0,0 +1,94 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
+import de.fhg.aisec.ids.camel.idscp2.Utils
+import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.*
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+import java.net.URI
+
+/**
+ * This Processor handles a ContractResponseMessage and creates a ContractAgreementMessage.
+ */
+class ContractOfferProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("[IN] ${this::class.java.simpleName}")
+        }
+
+        val contractOfferMessage = exchange.message.getHeader(
+                IDSCP2_HEADER, ContractOfferMessage::class.java)
+
+        val contractOfferReceived = SERIALIZER.deserialize(
+                exchange.message.getBody(String::class.java),
+                ContractOffer::class.java)
+
+        // if contract is denied send ContractRejectionMsg else send ContractAgreementMsg
+        val contractOfferIsAccepted = true
+        if(!contractOfferIsAccepted){
+            createContractRejectionMessage(exchange, contractOfferMessage.id)
+        } else {
+            ContractAgreementMessageBuilder().run {
+                Utils.initMessageBuilder(this)
+                _correlationMessage_(contractOfferMessage.id)
+                build().let {
+                    if (LOG.isDebugEnabled) {
+                        LOG.debug("Serialization Header: {}", SERIALIZER.serialize(it))
+                    }
+                    exchange.message.setHeader(IDSCP2_HEADER, it)
+                }
+            }
+
+            val contractAgreement = ContractAgreementBuilder()
+                    ._consumer_(contractOfferReceived.consumer)
+                    ._provider_(contractOfferReceived.provider)
+                    ._contractAnnex_(contractOfferReceived.contractAnnex)
+                    ._contractDate_(contractOfferReceived.contractDate)
+                    ._contractDocument_(contractOfferReceived.contractDocument)
+                    ._contractEnd_(contractOfferReceived.contractEnd)
+                    ._contractStart_(contractOfferReceived.contractStart)
+                    ._obligation_(contractOfferReceived.obligation)
+                    ._prohibition_(contractOfferReceived.prohibition)
+                    ._permission_(contractOfferReceived.permission)
+                    .build()
+
+            UsageControlMaps.addContractAgreement(contractAgreement)
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Consumer saved contract ${contractAgreement.id}")
+            }
+
+            SERIALIZER.serialize(contractAgreement).let {
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("ContractAgreement ID: {}", contractAgreement.id)
+                    LOG.debug("Serialization body: {}", it)
+                }
+                exchange.message.body = it
+            }
+        }
+    }
+
+    private fun createContractRejectionMessage(exchange: Exchange, correlationId: URI) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Constructing ContractRejectionMessage")
+        }
+        ContractRejectionMessageBuilder().run {
+            Utils.initMessageBuilder(this)
+            _correlationMessage_(correlationId)
+            build().let {
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Serialization Header: {}", SERIALIZER.serialize(it))
+                }
+                exchange.message.setHeader(IDSCP2_HEADER, it)
+            }
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(ContractOfferProcessor::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt
index c83b164e1..d679496ea 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt
@@ -8,6 +8,7 @@ import de.fraunhofer.iais.eis.*
 import org.apache.camel.Exchange
 import org.apache.camel.Processor
 import org.slf4j.LoggerFactory
+import java.net.URI
 
 /**
  * This Processor handles a ContractResponseMessage and creates a ContractAgreementMessage.
@@ -29,7 +30,7 @@ class ContractResponseProcessor : Processor {
         // if contract is denied send ContractRejectionMsg else send ContractAgreementMsg
         val contractOfferIsAccepted = true
         if(!contractOfferIsAccepted){
-            createContractRejectionMessage(exchange, contractResponseMessage)
+            createContractRejectionMessage(exchange, contractResponseMessage.id)
         } else {
             ContractAgreementMessageBuilder().run {
                 Utils.initMessageBuilder(this)
@@ -70,13 +71,13 @@ class ContractResponseProcessor : Processor {
         }
     }
 
-    private fun createContractRejectionMessage(exchange:Exchange, contractResponseMessage:ContractResponseMessage) {
+    private fun createContractRejectionMessage(exchange: Exchange, correlationId: URI) {
         if (LOG.isDebugEnabled) {
             LOG.debug("Constructing ContractRejectionMessage")
         }
         ContractRejectionMessageBuilder().run {
             Utils.initMessageBuilder(this)
-            _correlationMessage_(contractResponseMessage.id)
+            _correlationMessage_(correlationId)
             build().let {
                 if (LOG.isDebugEnabled) {
                     LOG.debug("Serialization Header: {}", SERIALIZER.serialize(it))
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt
index b7aaa08bf..cd07ecfac 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt
@@ -25,8 +25,10 @@ class IdsMessageTypeExtractionProcessor : Processor {
                     is ArtifactResponseMessage -> ArtifactResponseMessage::class.simpleName
                     is ContractRequestMessage -> ContractRequestMessage::class.simpleName
                     is ContractResponseMessage -> ContractResponseMessage::class.simpleName
+                    is ContractOfferMessage -> ContractOfferMessage::class.simpleName
                     is ContractAgreementMessage -> ContractAgreementMessage::class.simpleName
                     is ContractRejectionMessage -> ContractRejectionMessage::class.simpleName
+                    is ResourceUpdateMessage -> ResourceUpdateMessage::class.simpleName
                     is RejectionMessage -> RejectionMessage::class.simpleName
                     else -> header::class.simpleName
                 }
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ResourceUpdateCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ResourceUpdateCreationProcessor.kt
new file mode 100644
index 000000000..e7dd7b6f1
--- /dev/null
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ResourceUpdateCreationProcessor.kt
@@ -0,0 +1,53 @@
+package de.fhg.aisec.ids.camel.idscp2.processors
+
+import de.fhg.aisec.ids.camel.idscp2.Constants
+import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.ProviderDB
+import de.fhg.aisec.ids.camel.idscp2.Utils
+import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
+import de.fraunhofer.iais.eis.ResourceUpdateMessageBuilder
+import org.apache.camel.Exchange
+import org.apache.camel.Processor
+import org.slf4j.LoggerFactory
+import java.net.URI
+
+
+class ResourceUpdateCreationProcessor : Processor {
+
+    override fun process(exchange: Exchange) {
+        if (LOG.isDebugEnabled) {
+            LOG.debug("[IN] ${this::class.java.simpleName}")
+        }
+
+        val artifactUri = exchange.getProperty(Constants.ARTIFACT_URI_PROPERTY)?.let {
+            if (it is URI) {
+                it
+            } else {
+                URI.create(it.toString())
+            }
+        }
+
+        val usedContract = ProviderDB.artifactUrisMapped2ContractAgreements[artifactUri]
+            ?: throw RuntimeException("No UC contract found for resource/artifact $artifactUri")
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Contract for requested Artifact found {}", usedContract)
+        }
+
+        ResourceUpdateMessageBuilder().run {
+            Utils.initMessageBuilder(this)
+            _affectedResource_(artifactUri)
+            _transferContract_(usedContract)
+            build().let {
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Serialisation header: {}", SERIALIZER.serialize(it))
+                }
+                exchange.message.setHeader(IDSCP2_HEADER, it)
+            }
+        }
+    }
+
+    companion object {
+        private val LOG = LoggerFactory.getLogger(ResourceUpdateCreationProcessor::class.java)
+    }
+
+}
\ No newline at end of file
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/cm/ApplicationContainer.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/cm/ApplicationContainer.java
index e17c8eb12..3d04e2d9a 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/cm/ApplicationContainer.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/cm/ApplicationContainer.java
@@ -47,6 +47,7 @@ public class ApplicationContainer {
   private String signature;
   private String owner;
   private String image;
+  private String imageId;
   private List<String> imageDigests;
   private List<InetAddress> ipAddresses;
 
@@ -223,6 +224,14 @@ public void setImage(String image) {
     this.image = image;
   }
 
+  public String getImageId() {
+    return imageId;
+  }
+
+  public void setImageId(String imageId) {
+    this.imageId = imageId;
+  }
+
   public List<String> getImageDigests() {
     return imageDigests;
   }
diff --git a/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt b/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt
index 810bc2c5b..47495e62c 100644
--- a/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt
+++ b/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt
@@ -157,6 +157,7 @@ class DockerCM : ContainerManager {
         return getContainerSequence(!onlyRunning, withSize = true).map { c: Container ->
             try {
                 val info = c.inspect()
+                val imageInfo = getImage(c)?.inspect()
                 val state = info.getJsonObject("State")
                 val config = info.getJsonObject("Config")
                 val running = state.getBoolean("Running")
@@ -169,7 +170,8 @@ class DockerCM : ContainerManager {
                 val app = ApplicationContainer()
                 app.id = c.containerId()
                 app.image = config.getString("Image")
-                app.imageDigests = getImage(c)?.inspect()?.getJsonArray("RepoDigests")
+                app.imageId = imageInfo?.getString("Id")
+                app.imageDigests = imageInfo?.getJsonArray("RepoDigests")
                         ?.map { (it as JsonString).string } ?: emptyList()
                 app.ipAddresses = networks.values.mapNotNull {
                     val ip = (it as JsonObject).getString("IPAddress")
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
index 9b97cdb16..63649d682 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
@@ -144,6 +144,7 @@ class PolicyEnforcementPoint internal constructor(
                                     // Normally there is only one hash type, but there can be more
                                     // Currently requested type is only sha256 (e.g. sha3 or else may be added later)
                                     container.imageDigests.any { it.split(":").last() == hash }
+                                            || container.imageId.split(":").last() == hash
                                 }
                                 // Save all ip addresses of allowed containers in one list
                                 val allowedIPs = allowedContainers.flatMap { it.ipAddresses }.toSet()

From eb2fbff53e4446497881aea469b3c4abe4bfbb97 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 24 Dec 2020 11:54:40 +0100
Subject: [PATCH 210/237] Disabled cache because of internal registry bug

---
 buildx/docker-bake-multi.hcl | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/buildx/docker-bake-multi.hcl b/buildx/docker-bake-multi.hcl
index 243c78285..cc69dfbe2 100644
--- a/buildx/docker-bake-multi.hcl
+++ b/buildx/docker-bake-multi.hcl
@@ -6,22 +6,22 @@ target "jdk-base" {
 
 target "build-container" {
   output = ["type=registry"]
-  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-build-container:cache"]
-  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-build-container:cache"]
+//  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-build-container:cache"]
+//  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-build-container:cache"]
   platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
 }
 
 target "core" {
   output = ["type=registry"]
-  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-core:cache"]
-  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-core:cache"]
+//  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-core:cache"]
+//  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-core:cache"]
   platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
 }
 
 target "tpmsim" {
   output = ["type=registry"]
-  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-tpmsim:cache"]
-  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-tpmsim:cache"]
+//  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-tpmsim:cache"]
+//  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-tpmsim:cache"]
   platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
 }
 
@@ -33,14 +33,14 @@ target "ttpsim" {
 
 target "example-idscp-consumer-app" {
   output = ["type=registry"]
-  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-example-server:cache"]
-  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-example-server:cache"]
+//  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-example-server:cache"]
+//  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-example-server:cache"]
   platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
 }
 
 target "example-idscp-provider-app" {
   output = ["type=registry"]
-  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-example-client:cache"]
-  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-example-client:cache"]
+//  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-example-client:cache"]
+//  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-example-client:cache"]
   platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
 }

From 43a62ecd75fc561208999f675fee2f7565dff6ac Mon Sep 17 00:00:00 2001
From: Daniil Pankratov <mobigod0@gmail.com>
Date: Wed, 3 Feb 2021 19:41:22 +0300
Subject: [PATCH 211/237] Update Karaf to 4.2.10

Signed-off-by: Daniil Pankratov <mobigod0@gmail.com>
---
 libraryVersions.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index d3267fa0c..fac8718f8 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -7,9 +7,9 @@ idscp2: "0.2.0"
 kotlin: "1.4.20"
 kotlinxCoroutines: "1.4.1"
 # basically, the first requirement, all other libraries depend on this version
-karaf: "4.2.9"
+karaf: "4.2.10"
 # Jetty version should fit bundled version in karaf
-jetty: "9.4.22.v20191022"
+jetty: "9.4.30.v20200611"
 
 # The used version of the infomodel from IESE
 infomodel: "4.0.0"

From 7cb128c442746e9a2c879f0eb115a462624b7660 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 9 Feb 2021 09:35:15 +0100
Subject: [PATCH 212/237] Updated demo keystores

---
 examples/cert-stores/consumer-keystore.p12 | Bin 2693 -> 2693 bytes
 examples/cert-stores/provider-keystore.p12 | Bin 2693 -> 2693 bytes
 2 files changed, 0 insertions(+), 0 deletions(-)

diff --git a/examples/cert-stores/consumer-keystore.p12 b/examples/cert-stores/consumer-keystore.p12
index 6607767d644aea4ea7a11e98ac540c623b80283e..f6c7368bc10f9e15c57f5f07368e0b1458188b0b 100644
GIT binary patch
delta 2561
zcmV+c3jXzl6@?X$U4O)u(KHx}@s9!m2mpYB1fW2cqMaJuBGimUP7I=umot5Ou&q-a
zVTHSc67r9T0h_ZoOhx0o^V_QUk+YDwOz0$=7;$hpB-dSUn8r)k(56JOC`W#QnD~Tm
zqm|a+#7&FM;iJo5hiw?Ed^0C(6s3v{)PH#>=gqAuH?S?hD1W=h>mqW3+ve%e`p$zV
z!MU677@6=KU;+AHAI}Jx5n&D3;-eJF;r-FIjo02v=qKS@w|=7_{>!L82PE^EX%meq
z&UG>}8?UVGKi!_i6?_JX0HyN$jZWRrco0nr9?S>*^*FSnrvfB&0V^TiHDCN5s3stF
zsjjjqY;^G*gMY<`<cMio&p`1QIks%%U#--M+k#vy9wwa?oh&Yt-zF(DwRIF4xc-Lp
z{cc?&M8Pn;>g=)Ya4S)`79*KP=P+6t{y3gPw5WcnS#ro1VbbmbFZ2n9kS&&^)>)8T
zisl6PJpiMsgLeOp!9nk9M@i6poUHmbsmJcAEVUc!!hgIbwK-vQzdRjbnWRKZ;<8ei
z1p?|UhPKAhzE_(9VvAjaSzL(R4FGSV@se3a+A=bVIq~qznQq10EfK-UEh*dY4D`h~
z@0nWGc`%A0Wp=lYZFb)?0}pGYMT5#?f8T!z#qNUNPiOUNS=gwF>r9PXEHW$qvvFOQ
z5-eXzdw(0iiAyJb5x+&S-7fa=-Th$SCkTJS=^Qp}9`@+m5D$IYcPfzz#Kf?3SeAf)
zp9y=dTPTMPvT-=}x5pycc5CL_IQiw&bszQ@uF>wYHAgp5HNd`Z%xLj}L6jPyE}79=
zv$HL#Pg+Q#OIJ~nvi%TJxQl0|$8S85l9K;4Uw^Z97=zp$1D$$IH6uMBkAHvYA6E{~
zQ7Qh$y3~N}m;ZmC7AA|teR7LYn1uqWh8Yx6jmE`0QIBPdFa0eDSYL-%!6mJo+~dwL
zujF_PR|O`)A>-U0r6Y+Mb!B#8tP1PyRtGGe4pup^-vg*Y@2IJgXQrkTJE@CpE&HoO
zaerxw1)gZDBHEE@kVGb4jkwQ{>YX{SWvC5a`Yg$Xzg7)VSi??7m65S;=kAP`kcM6w
zH2A%K^hpyOG_t&J1ZZ+@TWZWNA>uTnlV~*p;SgFILyk)pz#MiF#k@IDWT=KI1boG=
zIHDU{Ri^jq0*irY<&B*@AINX;KyFL?)PKEVN6&kOMNqV^Laok#m*E|D5JVt|-3@Pr
z8irP#mk3(Zl?Mblm{dk{xy>#F=X7cjzO(PRWxZtPcJtY~&%3(%Cck$U7hdLx97X&!
zkBMDylRPaPI^W(|zO}A5KIQKZ^WHWH-tn9%Av!wUb2nX-zCr&&W433sqCbLb&VN#K
zBhXJuI%|_x7EMnJU#GaX0)6#pn`v)6t<Wc6a-IB3`KQ|wd?jQKWviNd_||c%r4{iE
zKRI3&d&nBzh#gxJJxNGyr%os$5--VmLB2V`L>mmbT2HCHi>~A4qfT;!7h^}39Xr{F
zJf4l_T|_Oej<uk___we9NQXpgwmAw;q%kyymQP>(eMum!GH;>jb*Or;W=3DJ1-3B5
zu)Kso<}}ahs_a7?g8NkHRnNH^NfgLHL<9Ac4FyJjSK<=u!vJbb0s;sC1cC&}FJYQh
zUaE8?1+>lJF=|XFQz{Q|a04}&2Hu-Zo~7pot8E}881ozFW(I7KF|`DQH5zyEnTn5i
z;hkqQ_%@zG$;RgQt&szJI;nZFNwy{R*!D!92yk>Fpt04wLLjc-)UuFhrKVnv+FTg)
zCV=06>8rLw_d5p&C6DfjjIj;u@?{pLIgMK<c?szD?-V3B(C<+YmqFQgLz41rnP~1N
z2=TorYDI_a+Qh&RLL8oEHinO-L74)=w*<>wuSQmvffDF*pK9n9Yb^nvC@mJ-QuSx%
zhWr*yp3m$=f=1TW5?{Ec8^j)LU3m(tg~?@qB1<G#RGSC5xpwl&pSM=9@2vdBtI&)~
z`GLVoNbWt4HzyTxK0p9jKI{)gfyx#;;G+jG^O}KFhdBTYKEU^P`wKrj1Eaw>Zm^w$
zL{s_|8nVxbkv9Y?@_~d~n2yA^87J94JZ`7pLzaU_6j@MDPv297L7BN`L1Puhd$k;Y
zuN=kqbcvblqxPxeS>l=wr}EB|-n5^tydMKPbCycL?UWa#hORBH`@KYYf=gSQzdN+U
zOvz%~VTFgh*Y!iiwl2~pj&h^uLoe~Oh(FzTR+}5E&s-2ddww|vEn3C!*9^eRhQ@hm
zfODM;Y(vW%!rO-kze>CJiqk<0uyq@MeSvJgBRAj<ZsjN+vk0T9iJiSd*eDJtggEHS
z91sa_Us%T#yaArazBZqEPP#*oRig}F5G_XwtV0dA4_7^0d<FtfY#ZO&|IrI5{5}=v
z0RBB8*<v($ALe1f)nN_QZ7x1nyKjI%HWD0Q`%l&ZQPdtbVkVxF0R?4W$eC_`P3jIQ
zEHx5o(!gyH^^pdfmoB7T{%gqKF8iCM7rU(mb>c0%R@DJ`!|AM04}&M2w-b_b>F{Kd
zX#}<Qx?x7df@*ihIk$<Kqm`q7yoWp`gH-huxeHV+dqOD2l~K%WhwGC`fbL7MNdI5}
zG>H#GC)|G|g`HUm!=$T#tlN-(dS_@EhPD4L&r<e_J(c<xQdll}o)yP(0hVjv`*P-m
zPGn6!ean3h#1r{K06O`hi9>o|^J^+KjcymmBDs6e%CysPy~KIF;YG5xwS{$b#*X_z
zXm?>n9f49K`9%MDVhi-3=qn>ts1RHxe=l2*JL~$9=6<R#rl_nzlg|Zz8_UbRzZA<;
zL6qUet+HpeQjz=2N&+J$)6%sYaXpdZAkF$GtI5UIQ|BoVj|ROE%1oOLN##>5ew{Mq
zJ6YoX>ykw+vKZwJB+DifYHLK$cOFx{UKJo3Tm>lzSM9gp7p<!i17x9WMW+Jl^Rt7H
zdl^DkH*{N?H$}(HmNS@tej#F{6TItu&-?uWTvQ%ze>hrd>!<Y(w0%oMQ=!2rj2$pL
zFK`7jRiCt$y68Qo89+u}>px*`@}{giqaR`>Yn;-|0YMwfOUK1!8lkx5sxSsn-_c|r
z****%$bt=WS=%xI=7H4@aE)`FHWNSrTo_HX>wZdsyL*!hAa^5wHH6O#7A24Gs#%9t
znKAa;oEg5u<fCxYAe#u?o}{>rdmJ1G=GUi3UqWgk-ul*s3>4??DkA!t?)yD<g#jLP
z6DzUAaJKUpQu?hYJg*(wBh}XW4ThNH#}bW=@QNO4&oL!1BL)d7hDe6@4FL%iF%|?A
ziuS*6{)oLYgcdD4j-WH9%Y8T?n=mmjAutIB1uG5%0vZJX1QfpEAsT^|bZKg6g-O>>
XJR8iQc6$T}hr^oFtLI=v0s;sC>~F<6

delta 2561
zcmV+c3jXzl6@?X$U4N{S7k(%IG&lkR2mpYB1fc8;s_9fr7W8|Ypq`3u1xdpR9A;OW
zv<Aj|Z*#m>2=LAv9syOz=prSYiqtl)@pztxpK=WXy1VbEG%@4{om{=nVl8-Mb!rLj
zGGs?3I?}jj)sK?`DhKQqt*TOWBJ%|OrH+Nx?4$r}&XHe>_J1=if7wrs1Sq3MF&7%a
z`Wlt}FsP-mxsLSw#I~7b2+<G2BY6jpXCQWrqwBU~>u9^|LjKTXUkMMvXUiD;Z3V8E
z*EFlw)hRAucip-nV$>;2#h9SuY5Xx}gRPr+TWcp1AU%);JE>q&dAGc~%{-R#+4b5d
zV`;oje#*}C1AqG+$K5?&zKrbp{deoIOJq7J-&-}L5AoN6G+hY^XpU5Y+@y)~Iiz|r
z0sV99N>ed9AaW>wxp^Tjt~ow`3#aOCIA^!eb=!mgU2ao2H?(d$BKf;en$(Y7F@g3|
z_0xv{@`X9eq*FcUi(#Y2xHjc%_VRJj#tdC)&SYVwxqkpWxiewAhINpqu<C?#r9l0L
zlPRHTx9y#ZQ)Luhla>gqQ^Em@*ZXJKSLK?Xlz1(nFU-dv<e`nhm+i#0s9x8AW1@4I
zo~!4TgIn`Q=Y5)7Ezxut#xvR&-pdmf$nYw8aEweYKKY%VOXV;ay;e+cV)GTc3GqvS
zFB*<rbAO3YEiyy`9RxM)tI~==0b}ll;%BK)-$w2Nw@P8=$b4r1f=n&Kpx<^$-bRy{
zm6=q27N+9El*I5_sYgcdTOv;{SK6W(UNIGC58xbmMamdw1tpx4;d&ros<3Tq1AL6>
zQ71D$otgo-UqV`@M_fRQ&8xY#noB~ie60f1B!5q6^>`?w!2UZ8xxjnZhTe|;4N1wT
z>?kGHvlL@)GO2t#<(#VUVr|q8Rf^-cgv?9e&5|>j8wEg^&VRO;mD7@qB&}AET)MWs
zSkWUy;5a07J*|hHG(!}%bUXj1MY)O*=H6lZb!mu}y+)}H@VE!+9*+<hIn|TfksZ&@
z{C^0ZbStmK=4tuEpA|(UCS7c;aRC32h0k>I=#6=X=^1+5dIe%3C907#GZ8hfYH&On
zPdh-jJxpNcUpAOeYjXQx{jW0BLH{%yfw5Lixtp*giyWx3jGE8zeKYsAtLEt%;m>jc
zCufMz9;jM2Ei1)d!L1U(Qh_fll)ox8DSyxaU2vYygsr`1`f`m{Fn}2gav=hbyR>uj
zLp6tpNN9Iw2;DCyUb5$g!Ymv(D!L<hGpLyha=y_OoF!6bf)RaHbjVQGezOh^_y56`
z8#ODv^es|KcSZbn0VvfZMH37cLAdM2b-o8Tk79$*yD=YHaKjAtv8&AMaTxmF!++H1
zt(d^8t-3|ABNN?9W95cpLB(W=tNRULnZsT_!qaG<p7**g7TvP|yZezgq<|Z`qdg{}
zs`O`UkTI^ym<{=nGbj2|=EMyv(H2KpRF$M~Vmzsid--RoA*;)GJdIA(0X+sS(HK*6
zncsKI#)?C;&4^map%FLGwKsa+t~niTWc{%*DE>DPV5+3+<hCeR{lX&@lntOd%@<7U
z3{gsPm!e>uF{vIoVFwfQ<D$TBxAbi|)Eat|4FyJjsGtTpg{GPx0s;sC1cC&}IT4w)
zNZ^VR67<*IFN?DZVC(+BtPU*Gev_Q%c7n$RK-P=(nv0N&X`N@hhAyLuicrpe`Jr0i
z``!vJSv+W~EqoIDqD_9lVI$e)jS!rvj$1{RD2odO(S8j|3LG~AUJ4;?H;IFE0nJZS
z#%HvD!3@{h{NtbWx=*Q{tnTR@x@=!!4C^8*@Ua;#c&0Uq>#KF+!`NO5ABBs(BDZ(9
z9ysCq@!jx4#S*uCiZ9$nwo}PRWpw&f-T{|3pwR~)Ixqg>EL8h+t`8$1TQ0YzlPjZR
zU=dR@Q>l&jJ6Cd4+~FVt<K!2&ZF#Ber)_e746JiBKm_I?<+AGXn^^|7{lDajhbZN%
zdN><Up@*+G&I|Gklj3wbg>Av%MpCFO-{#!V`5zsEHj}(yZ_>5umISOA?!XDFL1dqz
zb)~5`yMDFNB~!d_!c#(Vq@6v;R{puPZ9fBW_`F?FE9qzlFWtI(j(w4>^?EqW2JL@;
zucee1YPOhn*6@Oojhlyv>0B;^ca5}`^uXHYz8PoZE+rCm@dt0ZMmVaj?zZZ3zp6Fg
zq>@``?lON$Sr7KgEvt9UYOaI^E567O$#QBnLv4IGRTPSwcFvpOIJK;#jqNANbS@Q4
zOpky{Gu}92l3@aK%r5R~)1FEyxAdTYq6@58gkQ>Zf$PiHiuX;>Bg?G`G)9UR=6z3`
zh~$C)Ma7oBOq0Iq;J&dB0@bzxYsa0Uz#r{LShClv_gha-)3;o4nq$n3esm)F1>QM4
zE2=qs=~nj)>*b=oAW-b*yolrHAPm5DE$Kv9j@?g{bM=~cr8BrVC|L%oMe9m`x)Lsm
zyt}zc2VMIz6&_Y9n326yb1^RYXPJ*FQ}Nc1w}607%*>O2Fito<wP43*bpLZUx3DO&
zu#46_Ob0dv3;3O@8ZbX*dVKbc%+brOighYyzr(@>Y2nTLUNb9y0nBc5$o4&|O6>Cn
zRL9dMTmt_MJ!UaLnk6A6BcJ<!9Q>TypVqYKxAlCblP2ej5hLu=I?Vj!Pd195O>x95
z+=7w&-{kl%4P>m)E{Q3k{2Bm{cS381y6uqag)1?4xMTf~cTnT=)<?RqR}>Uh?$W5`
z8+pY^+n&6>ky;}2xu;$s9T7SGEz6`K!S7>58JI=KwIt1}k^xP*tpq!N4@~pt18FYV
z$0lfKw#hWAn$c*<2zqJXo3PsOJ*uT-mWWbnaa>Ny|If(e6<z}@b$L~HiyuH(E!B8>
zjUL}hj#Pbck8A+0?5ypymjg5Wj=+$%LPGRzk;DZMdhHQfleIAy1S;K}tw~Yu)AYim
z8;)$|pCVjtR4PU_Q#pr!Lzv1GHvN5{pwPR+18;@K!LZ_uDo)N;kh0!T<yBpPI=d_=
zF_gLGp$?+Y<UuaVzPO<!t}AtRwj@aM2A}mFJhUDayGu`S*@A7+pTYW`wO}IH>^qdp
z_1@(5u#@JBCatNTZ7mecG!OD|@4C;ZHlt>oQSx$#=hUr}FAvIp0%DbGuG44um~(7x
z7qc|6tuWOYlD-ZO9vq2;jl&906HPhc0!vS=y>Fj`8bz(t;wKR>1uj}ec&+tcSDxdQ
z*(NX8#VAM$#3bH1<cq)V_D2^(ms3|C@=W9_HO;C|pfM#dBL)d7hDe6@4FL%iF%|?A
z*?qLl8nXrV3-(Gp=-%#I6sYtahcGcPAutIB1uG5%0vZJX1QZ!sN*?!J=^h+ok8##L
X6@n&KvQ7jDgWTUB9--@H0s;sC44Lbt

diff --git a/examples/cert-stores/provider-keystore.p12 b/examples/cert-stores/provider-keystore.p12
index 830797f6993b334c9886c6aae7031b06a96bcb4d..7c45bd3087048bbef49cfcbf4d4cd40a338a82c2 100644
GIT binary patch
delta 2561
zcmV+c3jXzl6@?X$U4N0)VjK0}7gYiR2mpYB1fY9gI#l;!b3Ok(fG+Z?k~QRjD=R8C
zhhF=p3VFV8arwo9Smt<6%t6xhzCUU;=-Bgb7F6y2PzX$s?ugUG29Y{IG{Ic-&(#my
z9_wigX|?oji-1mIKspHq+y6x9^YZKSD!Wu1NDU;`I^7>ZfqxeiW#}*=RlUY^3*9x3
z#b#;$>|@A%)h|&-+li|}Iut}GHsDYUMV#_Rca<e{r#a*RnL&#sa71>6jjLDgb}f31
ziDXw@EGL~8mbT5>@+Qs>cH!${H)N|sP<^?>6jIJn)QtC|Evkb;>$yg$LYkK_L%l(5
zR}IxQtv8lIFMozr8PbUsH))tu`^{~8k-#sEq`vzw=f@#}&37KczOeP&Wre|kI1^&u
zdbN}kJDs~dmL&4wDk3|^hW6sWxquXPAAwNQ08UBe!$%-jEIFl6e$+RbNcs-GXz|ls
zb7df8#eL6QUh_JGOYwY?$O(cHlk&zd?V`wsCcZ!J<$oJx6U<Jn8!;PDd*gmAErh{)
z<U?wO#rjoT-%@W1@irqK=J%OWA30W*O0Iz0;g>h?`<%-KRgS8Uw;}pU7>p7Y34Asj
zY<n^qKeP1U?>TGFfswr`eV%^LyA}!(n5*tE3iIoT5%osahK=$JF((WNTK5BGK*2as
zrT0eRoPP@?Cm@c^N8R&5fqkxL&Gg^0%u9ty|42C{5op-H+6C((jh(iV8ZnBF<uEB`
zLt&<~{cb>D+mb?`K+lKy=F(CZ=7IlUCc!Cw7LXN{iiRDPjt?>8X-(0Z%)AHwb6q54
z-qoZ;=eWH+Kr-Ci1U)AYtcOS#v;C#QZxsJaRDYz(em`;6vDY~9^IQQWLs_)_;-i#4
z`j96%DWvecoH{zx*vhmlDm%n&0KWFn%{-(i3WZH~(8DXz%Y9tH6ip+55^Cg$_5{mu
zKZ}IzdFwBiSPA5=6O8RnRaf)|DrB2yXl?#`t!S@|3JS#mO{QKkgm4!GAx1I9_ss+x
zW`DLLuchA7zhE~K{@7$;1(QJkv;boQzbByGt^oK6Jx`|9{yH_DYXkX!pr;*l8HWIx
zDO%<wjw}?exb@2*MY&YdG?~ayzX5;BPDe)cb63y&G&f@TSe0CRr-=_-|8$1>ojHkY
zWlX2ZF`hizP8UNjYrzZ8h+q9=qd>|n$$zWSshb`j!WRy456LnetQi4y{(mkWL*TI(
zq&E6pcDGg{X1vDxkTSnRPzRptgJ7R(Z9-#-Iv~9bhP1Vx*gBepx23Loc0IA51Jd^m
z^c-&5G473r05CC227CfxJ3>#283@eYj%yAhXiWn=lOU?TCMmt>l;vg#nXv7227iAP
zT^T25`}}DbMnM4&F51arBhp4z)V{;Q-J!n~=7<`66kzlgnoSi6)82$N!GDm+NPJEq
zO<ke(eQqK|TCM?2$Hv72Ep5o6O~9CrG<TrmBs)D_%cpYnsi97-kNU55q^QyRu+PXG
zBLo>5d4;4IWs_S{f5u?73&}nVP&p0!w?eclHSIBEaNy(tC(jqp2E8>zETr0>b;oj^
z{tPnopF+llifX4y*w?xO$~w9nPkW=%a{r{04FyJjVk$cB?&rxT0s;sC1cC&}_D~r@
z3=gh9x7MZX&TnlVd`g$`yxh=3_Y0FzT`=9{+K2|s6I?LNFRuuOCqM_-0Bf18v;Vhs
zFY*K9V<k%j{!Mb9z$7>n&8jD|A!rUNG<}a&)4y0xP-m3%o$?uBPWF&)%#9G}!#u;#
zD&+Hjh1qxmkg<u@K_dlY|I--(&pCf|3NVddo$h`!w6*S=Q>~32Vq;JiZk>kj<nor-
zWubDCM7yV|$;PQ+36#=ZfA*PuLU}<0M2zYgS!tq}Y2j)}l|V66O+4*v*M#2n?Us@^
zwKh1{#lQA2(;=ed?8GGu5yya9?!uqvur3jQ+UGH*zSQWkNpChSW3raG>YlIC6S+Vk
zwNN;%Rh!gSO1Wpme<2-2$Pn~Nb^KzjgfT)KbX+ysJ!eQ*B^$})TGn3`^$MM0h-0%Y
zm+t{l$L>g!l*vF<+z8Lw7No{l+r2?K4}G;W+@?%GL;=T8bWqXN;sbJsnJBk<#(3s`
z5u|+A7rzlK{;PP69$P-7jT>v*{wWF`(*OtH4B0UzsRA}gj82>v09Bgy(Yw{QV>#l>
zOT1CJlHrhSPsF}4rmRT0o9hX}s-e(<pjs(ymHnD{_aGA@IO_O^g+UNd0*Uu5oHHZ(
z!IqGuy2b=*DT)MvQ!p)xsPFC4)O!GbvU?yXEg)1|6T;Bq0xiOe<Ksh`Ee%C2!`Q>m
z1AuyAzHqrp7OTyGPyJp32o%c`#KKX)vongNUel_+1F0+d1YD6z!1=GY2r3pF$lIBH
z!ue|?IKlh#qt}#%l+v8xoQrk0*1rT*CFcn3Dtpd{x%&V*GegUiXI&s(=}(M*4F<jn
z!4W>lJ^r5qjO|v#cewIS2B_zoiW$%d10z(^s_h{7moZHU4J%L}k04E$TBl73(C2BM
zrB65n!d-DxP!i{oey02{;47!JVT1Eb7OnU+9`15Scos}?HWhO0m06nY=%O83U(7XG
zBKV6xDr6`v+$J3!b18x>)u0)F>4yk=>)judncFncT7UNT#@1c)D~J3gCRF%C)mP6B
zgd<S{i33DaeaS{%hyMACWfmAHhLvCmyg<&AeYPxDgI2)t{hPXwKOH<#YU2cWjV)4p
zAgg0tR@AGPXGh9+Je^6Yl&odK{?9wXTi+^h&v!iQQ$W|=vQ`}cnF4Tsq^-&jub%h(
zD-8uA_f^pBgX{G+nxD9<4u4^cz1?oHbYgdRWoOJx`nh18=Y)8WNpH!aP0BAw=7@5b
z?5|@N6@`wgtlK1_y}Pw<W1e~o=-;%0-{Ay(q0K~<3&TmHe*_HiuN$@h+3g;YbM70H
zPr#)fmsKW2X|?q~WKW2H%^F8nL$X^`LT)%X*2n#QLYZHHRJyPy9lE;Zx(0oH!zkPH
z%9e%y?x{)rOjEP+s<$4I-$>n{9=lt?DaDT#bbB)#;duUAoRF;GFOB9xT9Q7L5(dQU
z6tPtP!>VtsqSJwms?+8V{+mi(+!ip9CG>3W4(Mt{2`llLyfGqw1Ej%jUd>orQB6XN
zfF*H^CuT$DsrxU;NJ0JUaQ|8APBchK!Y}GzdO8WtB+}enjb`V#jcw_1VE?tuFxZ0y
zm-q@v`>w&#&D?eFNA>VzPSM(M7v$ce28n@z#@XIlxG^O#BL)d7hDe6@4FL%iF%|?A
zQ@ClPY(pR~aM(^fa!MUI(v3#P6fiL`AutIB1uG5%0vZJX1QhX$E(@|`b3icJ@(oIY
X7u_U#D&qtQ-j16bohhyH0s;sC#B|r&

delta 2561
zcmV+c3jXzl6@?X$U4LSb=73!?VKxE+2mpYB1fcGGG<_%`!95*#^W%Wp^~egFZ^BUf
zd!#8}<*g)!su@S}*gfQS?+ZMLZv+v`zUlTHoVBE%EZm`PstFHY$@7slrvu*u+Y=>-
zAN;C&EGkH@JJXlDg2}m9;M~zbl#Hhi^9`F*HFY;DVGHUcGk?O*GB8vsbs8EYp<S=t
z?MtlOFa@{8;4t@KGdD~}oh)2=l?gQ}-ITWk@v^qT+~GHP5^mv7BAH7B#51KB7V?$?
z6*rEo?X2<wGQ=b8!b#b#MAvuWD0f-#m7s?*JieTwMoW~ycWSEqrs4}1Dl-lfR`eYb
zC6$YW*Tc`n6@N2T87ioc>Lqt)JoG-$y!;$|KQ)BNKz&XsI>$0XVMe0A26znjv@ym(
z9nbKeTnUS=283=deM)@-h`TO>sc(s?w8aXfjRaoOo{aY*Q&S+ZhK_QE)I&c@uHLTw
ziHmB=3So(?W|8)A#`l77{~Qjg`_Ta_lpnr}#0)dDNq_W8XJihR9S+9m;R7+5kN`QS
z!<h)3XeDFJHh5)ZCD_9|(W2nUZCAIDRXp7je4;e-G8)Z}Y1;1PutF1~W8arUMgZq8
zW4kInjWUf}PE4w7b0&frUZKivuNA_95y7g%@^<|e+ZI8{m;r9W<Fq95CZV%M-DXzm
zay<TJ%YRFxxs%v=jbjJDOV_2$WuaNs!y#u=d;bv7kUFf$JPfKKnN{(A7(Pfn@N__;
z+D&x4nYwJ-W?b$>uO&VX4kx56G6u8RsHq#d3`y@&o-8Yu>arKlhd`~0fJJi?L6RQ*
z@9cr?sSKnzEC(fG<?5om7twUPKJ&aH)%=}q%YTvvaX4U^ri#kcUvdVXQ4*8Z2Id#a
zMln-rceRvm@>mB)q^igy==hyatI|yGVy$xdWsVsB^{N;j8hqo@d?ZjN@)Nlp+j&)y
z*9d|L14u4_GRI;F6UP4{GQEVBEGJ|YaWqSgIey*tt!G<GwTaW{O(zJN`msiG1)bE|
zgnzv(2z@hsR^fDHUXF+ml$)rj8UC@6S<dFih=&aQjgOP(Esa&+!h{*YQ2x3a;1$pP
z$trc_$!GRRvQDll$o<|?+rYh^iFyNNuQhT#V>_Cr@UTJ5Tvs|X4NfH2=B+gxn^lav
zqNCSqvnynm4MoJS45G&@y!~wosRZ(L(|;A9u_=K0aizJXe$_{aWgJq9vNs5kAZjcc
zXE`yMuP)0&dKiOaMbyGfi~W)&&mOI69%<s6TQc~$8}}N(^1CAm4PI#@Ke|{L&<CBg
zuGkDsQ5_G2Uls)OPePHb;P$q+?13qa(cXn6Qz=!%=V6`szYRp&_)b?ZsSM#CRDX}>
zPX-eqjw(Y-RFK650IfO26qW18`Do%??G%V0+A1G{WZzK4$f+ag9y4%$H-9=N`-6&Q
zcdL@FA&JPL_vDiq>r>peKF3x){~TuPiP37ukEW<8jU`i<nt@$*;!O8TQ%z{a0JNsm
zBTDszOn|Q^2D}!Ks_H6@J@|<syg8=s@252UYk5nCUo=-nK(o;R3Vu`uj|fWiYt_Ve
z1uu63QW{9zY^}@etUNgokg`h3WUsRCPMQ0Y4FyJjNf!$D_Bi;M0s;sC1cC&}Z1u1b
zH_reH0n1FFX|taR!7W`5Urm*pKe)`)bZf?@Q7rC_q0Goge-hFKAgkpPv(`1waGk*I
zDb5Z5b~R>9*0y$JjV+n5tc^bafn7wu`-)uQRxg`OPT#(UD93!AsKOF~rbeOUo+ZEn
zt^_Q9(f1c6;@0LyCG3bKEPkR$>E3#PB0*xHP^yTW4YKUP(Y^~ii0+c1*zj8u;H=^y
zpeyT&%icJzAF?Z>9a6<0$7W=oI6w+&!+2EP$@}|AX-;5x%tyyY$VEiQPqL*y0`=1v
zBzk*Fb!lE;xb~pH-62da^*Z@0K7x#Z{f+K_TA{I%sNNr}KijoX<da-toW(r$n0<;i
za=%d>dOXv5Exv4LOzZEQ$6nkDS$@L&5#ga-1@-n!IEgNgXi$MCq*T1FIR>+4UrE_i
zQ+vBTa|i`dh*UGUf}~b)+S$2a%k)07^pPXPghmATr+0d=4wFZU(@NfpL(tj53Ry9K
z2J*K4S@$X{<nzX8zBSgHFU%QLaCg@#XR&M!P=7oV>AO}EcqPB=fSAl{laa1}%k__o
z9R?^)RxCiQI+TJL7sg@tqbx|Myv7v?OWZIcOrp9>o>L+|^#W%RtB=LpyECi@iuR-T
zNc^_;C(8~mW`*pdcBz@`7&P5pYNZ^1ebxA!NsRR3CPJD^7M6cd*}bzOD?rh#_oP%X
z>0xWUO@yW8tc3%9iCOLf4mzoezqrQURf2dN_1cz0ikb{!^~FJh3hGT;a58mQfoG*=
zV>+NCJ5y;pL-%Ny)XDix+27)d!ZBvV1wgqF2a)CoK^*PgoBVC7f}P`r;&Z@%KN@WY
z^g?FSNW=Gm-{7GwzkP!1^G$WEZ#6GI&6i!XP>`%JR6j;mVg%2`fz1(9At|7=3p}0F
z62$1z-`rJV?OJ8tW8K|`y>xJ4uYRtBNqU(@V~%V15S!F@!#r<tm-CbY;9Y3ybx`h_
z2!$7%OJNe+;PFab)5Zji+w_)yYbUQS$|ZU5kpU}NoBsd9q6ajj+>(Ib<&E-Xjc+xl
z=7ng@x?PPJY<^|<GwH>6V_%J?hJoyaO9FsPkzPK^KjJ`vGg=gs1w_N%qt^si`-pX5
zXtyvJWsanz%TfHOH)$nW(2{4hj{sJOISE!j8QiDembWVq4Y{<%g+(!cfx&0c!Y&|P
z$I%v3R9njW##8*D5jW8$#)vs9Vyq!bTthSFchQz<hZPL9zk;y?{={ae5S|$q{l}0z
z)@SkTQ65~1Wq1ym{jGA2K0wFZP*wv`HLKFbJrPt3bHZSKJ32M#Xr*C*%4a%b8XdrE
z!aPVi-@Vc5)_KL>;4`p)!73t*)O?Y~*M{XJ)1!^ld+sNN0NE2cZ1cYfOtbHnj1s|6
zuA@IbzawY_Tpnp20rWwNxz*=23zEI_z1q2DLio2DxJY{ifZXbThBrRE1({=P+_mwH
z!l!-2Q)S?r@ID>K$RU{JB~NUFO5iVYaKxyTb=$O+rXA9;Uez9dpvVNit+0}c)@6HQ
zc%`6GW;2HX3`Wm^#+)VYB4_gHBk%nRKIw;00ygcOOk;n1=*zbQkd>342uo0~<=mGS
z1)ba{VT8CBkfgJ^otyt$Q!&#tzoC0@=VHLYCjod&#W5u?BL)d7hDe6@4FL%iF%|?A
z#a=S(ifR)>HQ5O~J?iOsIzzkldN46CAutIB1uG5%0vZJX1QbU}8;WOzT&}LIy(BW#
X<3QlwJ;($I-FzHzECO!O0s;sCHZb56


From b725d370b036eee37fc21a216f4b4dcd6cdf42ba Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 9 Feb 2021 09:35:39 +0100
Subject: [PATCH 213/237] Minor improvement of IDSCP2 UC demo route

---
 examples/example-idscp2-uc/example-idscp2-server.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/example-idscp2-uc/example-idscp2-server.xml b/examples/example-idscp2-uc/example-idscp2-server.xml
index 6e9baae92..94db29984 100644
--- a/examples/example-idscp2-uc/example-idscp2-server.xml
+++ b/examples/example-idscp2-uc/example-idscp2-server.xml
@@ -47,7 +47,7 @@
                     <process ref="ArtifactRequestProcessor" />
                 </when>
                 <otherwise>
-                    <log message="### Server received (otherwise branch):\n${body}\n### Header: ###\n${headers[idscp2-header]}"/>
+                    <log loggingLevel="ERROR" message="### Server received unexpected message (otherwise branch):\n${body}\n### Header: ###\n${headers[idscp2-header]}"/>
                     <removeHeader headerName="idscp2-header" />
                     <setBody><simple>${null}</simple></setBody>
                 </otherwise>

From 170c0352896a7ab71d744b162f9307bce1008581 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 9 Feb 2021 09:38:35 +0100
Subject: [PATCH 214/237] UC support for routes receiving data via IDSCP2
 producers (<to> nodes) instead of consumers (<from> nodes)

---
 .../de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt |  4 ++++
 .../ids/camel/idscp2/client/Idscp2ClientConsumer.kt   |  6 ++++--
 .../ids/camel/idscp2/client/Idscp2ClientProducer.kt   |  4 +++-
 .../de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt     | 11 ++++++++---
 4 files changed, 19 insertions(+), 6 deletions(-)

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt
index bd8333976..8e848b14e 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt
@@ -55,6 +55,7 @@ object UsageControlMaps {
 
     fun unprotectBody(exchange: Exchange) {
         exchange.message.body = protectedBodies[exchange]
+        protectedBodies -= exchange
     }
 
     fun addContractAgreement(contractAgreement: ContractAgreement) {
@@ -77,5 +78,8 @@ object UsageControlMaps {
 
     fun setExchangeConnection(exchange: Exchange, connection: AppLayerConnection) {
         exchangeConnectionMap[exchange] = connection
+        if (LOG.isDebugEnabled) {
+            LOG.debug("UC: Assigned exchange $exchange to connection $connection")
+        }
     }
 }
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
index 52b1fc368..97e23a1a6 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
@@ -21,8 +21,8 @@ import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
 import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
 import de.fhg.aisec.ids.idscp2.app_layer.listeners.IdsMessageListener
-import de.fraunhofer.iais.eis.Message
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionListener
+import de.fraunhofer.iais.eis.Message
 import org.apache.camel.Processor
 import org.apache.camel.support.DefaultConsumer
 import org.slf4j.LoggerFactory
@@ -79,7 +79,9 @@ class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor
 
     private fun onMessage(connection: AppLayerConnection, header: Any?, payload: ByteArray?) {
         val exchange = endpoint.createExchange()
-        UsageControlMaps.setExchangeConnection(exchange, connection)
+        if (endpoint.useIdsMessages) {
+            UsageControlMaps.setExchangeConnection(exchange, connection)
+        }
         try {
             createUoW(exchange)
             // Set relevant information
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
index 3e10ee3a2..34a21712f 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
@@ -17,8 +17,8 @@
 package de.fhg.aisec.ids.camel.idscp2.client
 
 import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
+import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
 import de.fraunhofer.iais.eis.Message
 import org.apache.camel.Exchange
 import org.apache.camel.support.DefaultProducer
@@ -59,6 +59,8 @@ class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : Default
                             }
                             reentrantLock.withLock {
                                 if (endpoint.useIdsMessages) {
+                                    // Response might require UC protection, so register exchange if not yet registered
+                                    UsageControlMaps.setExchangeConnection(exchange, connection)
                                     connection.addIdsMessageListener { _, responseHeader, responsePayload ->
                                         responseHandler(responseHeader, responsePayload)
                                     }
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
index 63649d682..eb0eba747 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
@@ -28,6 +28,7 @@ import de.fraunhofer.iais.eis.BinaryOperator
 import de.fraunhofer.iais.eis.Constraint
 import de.fraunhofer.iais.eis.LeftOperand
 import org.apache.camel.*
+import org.apache.camel.model.EndpointRequiredDefinition
 import org.apache.camel.model.FromDefinition
 import org.apache.camel.model.RouteDefinition
 import org.apache.camel.model.ToDefinition
@@ -85,8 +86,10 @@ class PolicyEnforcementPoint internal constructor(
             LOG.trace("{} -> {}", source, destination)
         }
 
+        val isIdscp2Endpoint = { ep: EndpointRequiredDefinition -> ep.endpointUri.startsWith("idscp2") }
         // Only take action for nodes of type <from> (= input) and <to> (= output)
-        if (sourceNode is FromDefinition || destinationNode is ToDefinition) {
+        if ((sourceNode is EndpointRequiredDefinition && isIdscp2Endpoint(sourceNode))
+            || destinationNode is ToDefinition) {
             val ucContract = try {
                 ucInterface.getExchangeContract(exchange)
             } catch (x: RuntimeException) {
@@ -121,8 +124,10 @@ class PolicyEnforcementPoint internal constructor(
                     } catch (ae: AssertionError) {
                         throw Exception("Invalid docker URI for UC, ${dockerUri.fragment} is not a valid port number!")
                     }
-                    // Check whether we deal with an entry node ("from:...") as source...
-                    if (sourceNode is FromDefinition) {
+                    // Check whether we deal with an entry node ("from:...") or a response of a To node ("to...")...
+                    if (sourceNode is FromDefinition
+                        || (sourceNode is ToDefinition && !ucInterface.isProtected(exchange)
+                                && isIdscp2Endpoint(sourceNode))) {
                         // If we found an entry node, then protect exchange's body
                         ucInterface.protectBody(exchange, ucContract.id)
                         if (LOG.isDebugEnabled) {

From cb248aa461bec245843a784129b1b88482c71083 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 12 Feb 2021 11:53:18 +0100
Subject: [PATCH 215/237] Fixed old, minor bug with requested MIME type

---
 .../java/de/fhg/aisec/ids/webconsole/api/AppApi.java     | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/AppApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/AppApi.java
index 84756c148..775f7ef2d 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/AppApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/AppApi.java
@@ -19,6 +19,7 @@
  */
 package de.fhg.aisec.ids.webconsole.api;
 
+import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import de.fhg.aisec.ids.api.cm.ApplicationContainer;
 import de.fhg.aisec.ids.api.cm.ContainerManager;
@@ -307,12 +308,12 @@ public List<ApplicationContainer> search(AppSearchRequest searchRequest) {
       }
       String url = settings.getConnectorConfig().getAppstoreUrl();
 
-      String r = client.target(url).request(MediaType.TEXT_PLAIN).get(String.class);
+      String r = client.target(url).request(MediaType.APPLICATION_JSON).get(String.class);
 
       ObjectMapper mapper = new ObjectMapper();
-      ApplicationContainer[] result = mapper.readValue(r, ApplicationContainer[].class);
+      List<ApplicationContainer> result = mapper.readValue(r, new TypeReference<>() {});
       if (term != null && !term.equals("")) {
-        return Arrays.asList(result)
+        return result
             .parallelStream()
             .filter(
                 app ->
@@ -323,7 +324,7 @@ public List<ApplicationContainer> search(AppSearchRequest searchRequest) {
                         || (app.getCategories() != null && app.getCategories().contains(term)))
             .collect(Collectors.toList());
       } else {
-        return Arrays.asList(result);
+        return result;
       }
     } catch (IOException e) {
       throw new InternalServerErrorException(e);

From 74c7088a28ea756ce641497a7a876716ed55f402 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Tue, 23 Feb 2021 17:03:45 +0100
Subject: [PATCH 216/237] added jwt logging

---
 .../aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
index 15064c122..a317914d9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
@@ -146,7 +146,8 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
             return try {
                 //get http response from DAPS
                 if (LOG.isDebugEnabled) {
-                    LOG.debug("Acquire DAT from {}", dapsUrl)
+                    LOG.debug("Acquire DAT from {}/v2/token", dapsUrl)
+                    LOG.debug("JWT that serves as request token: {}", jwt.toString())
                 }
                 val response = client.newCall(request).execute()
 

From d69083c04a4a8a9ab9e5f643d2a088a3c9cb5f30 Mon Sep 17 00:00:00 2001
From: Gerd Brost <gerd.brost@aisec.fraunhofer.de>
Date: Wed, 24 Feb 2021 10:50:00 +0100
Subject: [PATCH 217/237] more meaningful debug output without logging token

---
 .../default_drivers/daps/DefaultDapsDriver.kt | 20 ++++++++++++++-----
 1 file changed, 15 insertions(+), 5 deletions(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
index a317914d9..d5d7fcb39 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
@@ -113,14 +113,18 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
             }
 
             //create signed JWT
+            val expiration = Date.from(Instant.now().plusSeconds(86400))
+            val issuedAt = Date.from(Instant.now())
+            val notBefore = Date.from(Instant.now())
+
             val jwt = Jwts.builder()
                     .setIssuer(connectorUUID)
                     .setSubject(connectorUUID)
                     .claim("@context", "https://w3id.org/idsa/contexts/context.jsonld")
                     .claim("@type", "ids:DatRequestToken")
-                    .setExpiration(Date.from(Instant.now().plusSeconds(86400)))
-                    .setIssuedAt(Date.from(Instant.now()))
-                    .setNotBefore(Date.from(Instant.now()))
+                    .setExpiration(expiration)
+                    .setIssuedAt(issuedAt)
+                    .setNotBefore(notBefore)
                     .setAudience(TARGET_AUDIENCE)
                     .signWith(privateKey, SignatureAlgorithm.RS256)
                     .compact()
@@ -146,13 +150,19 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
             return try {
                 //get http response from DAPS
                 if (LOG.isDebugEnabled) {
-                    LOG.debug("Acquire DAT from {}/v2/token", dapsUrl)
-                    LOG.debug("JWT that serves as request token: {}", jwt.toString())
+                    LOG.debug("Acquired DAT from {}/v2/token", dapsUrl)
                 }
                 val response = client.newCall(request).execute()
 
                 //check for valid response
                 if (!response.isSuccessful) {
+                    LOG.debug("Request token issued with parameters: Issuer: {}, Subject: {}, Expiration: {}, IssuedAt: {}, NotBefore: {}, Audience: {}",
+                            connectorUUID,
+                            connectorUUID,
+                            expiration,
+                            issuedAt,
+                            notBefore,
+                            TARGET_AUDIENCE)
                     throw DatException("Received non-200 http response: " + response.code())
                 }
                 val json = JSONObject(response.body()?.string()

From e34f60ab53110646d2bf1b6613a9eedd815e934a Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 25 Feb 2021 20:46:32 +0100
Subject: [PATCH 218/237] Further DAPS logging improvements

---
 .../ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
index d5d7fcb39..34906c722 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
@@ -149,14 +149,12 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
                     .build()
             return try {
                 //get http response from DAPS
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Acquired DAT from {}/v2/token", dapsUrl)
-                }
                 val response = client.newCall(request).execute()
 
                 //check for valid response
                 if (!response.isSuccessful) {
-                    LOG.debug("Request token issued with parameters: Issuer: {}, Subject: {}, Expiration: {}, IssuedAt: {}, NotBefore: {}, Audience: {}",
+                    LOG.error("Failed to request token issued with parameters: Issuer: {}, Subject: {}, " +
+                            "Expiration: {}, IssuedAt: {}, NotBefore: {}, Audience: {}",
                             connectorUUID,
                             connectorUUID,
                             expiration,
@@ -165,6 +163,9 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
                             TARGET_AUDIENCE)
                     throw DatException("Received non-200 http response: " + response.code())
                 }
+                if (LOG.isDebugEnabled) {
+                    LOG.debug("Acquired DAT from {}/v2/token", dapsUrl)
+                }
                 val json = JSONObject(response.body()?.string()
                     ?: throw DatException("Received empty DAPS response"))
                 if (json.has("access_token")) {

From 055fd563f72395a2deccb1fac1a9605862a280b0 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 25 Feb 2021 20:47:35 +0100
Subject: [PATCH 219/237] Minor cleanup

---
 .../fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt   | 2 +-
 certificate.pem                                                 | 0
 2 files changed, 1 insertion(+), 1 deletion(-)
 delete mode 100644 certificate.pem

diff --git a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
index a4f3e9dbe..f57d8ba97 100644
--- a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
@@ -129,7 +129,7 @@ class MultiPartOutputProcessor : Processor {
                             InputStreamBody(
                                     payload,
                                     ContentType.create(contentTypeString.toString()
-                                            .split(";").toTypedArray()[0])))
+                                            .split(";").first())))
                 }
             } else {
                 val payload = it.getBody(String::class.java)
diff --git a/certificate.pem b/certificate.pem
deleted file mode 100644
index e69de29bb..000000000

From 5e2ec81e2619af342a1b604b8032e2690ceff501 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Tue, 15 Dec 2020 14:25:55 +0100
Subject: [PATCH 220/237] Update logging levels

---
 .../keystores/CustomX509ExtendedKeyManager.kt | 41 ++++++----
 .../keystores/PreConfiguration.kt             |  4 +-
 .../TLSSessionVerificationHelper.kt           | 12 +--
 .../secure_channel/client/TLSClient.kt        | 28 ++++---
 .../secure_channel/server/TLSServer.kt        | 53 ++++++++++---
 .../secure_channel/server/TLSServerThread.kt  | 18 ++---
 .../idscp2/example/Idscp2ClientInitiator.kt   |  1 -
 .../ids/idscp2/example/RunTunnelClient.kt     |  2 +-
 .../ids/idscp2/example/RunTunnelServer.kt     |  2 +-
 .../idscp_connection/Idscp2ConnectionImpl.kt  | 24 +++---
 .../api/idscp_server/Idscp2Server.kt          |  9 ++-
 .../api/idscp_server/Idscp2ServerFactory.kt   |  8 +-
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 30 +++----
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  | 17 ++--
 .../idscp2/idscp_core/fsm/StateEstablished.kt | 36 ++++-----
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  | 54 ++++++++-----
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   | 67 ++++++++++------
 .../fsm/StateWaitForDatAndRatVerifier.kt      | 44 +++++++----
 .../idscp_core/fsm/StateWaitForHello.kt       | 56 ++++++++-----
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  | 78 ++++++++++++-------
 .../idscp_core/fsm/StateWaitForRatProver.kt   | 71 +++++++++++------
 .../idscp_core/fsm/StateWaitForRatVerifier.kt | 64 +++++++++------
 .../secure_channel/SecureChannel.kt           |  3 +
 23 files changed, 466 insertions(+), 256 deletions(-)

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt
index 41819bdb7..0a10fc2e9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt
@@ -41,14 +41,20 @@ class CustomX509ExtendedKeyManager internal constructor(
         if (listOf(*keyTypes).contains(keyType)) {
             if (cachedAliases[certAlias]?.match(keyType, issuers) == true
                     || listOf(*getClientAliases(keyType, issuers)).contains(certAlias)) {
-                LOG.debug("CertificateAlias is {}", certAlias)
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("CertificateAlias is {}", certAlias)
+                }
                 return certAlias
             } else {
-                LOG.warn("certAlias '{}' was not found in keystore", certAlias)
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("certAlias '{}' was not found in keystore", certAlias)
+                }
             }
         } else if (LOG.isTraceEnabled) {
-            LOG.trace("Different keyType '{}' in chooseClientAlias() in CustomX509ExtendedKeyManager, expected '{}'",
-                    keyType, this.keyType)
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Different keyType '{}' in chooseClientAlias() in CustomX509ExtendedKeyManager, expected '{}'",
+                        keyType, this.keyType)
+            }
         }
         return null
     }
@@ -70,14 +76,20 @@ class CustomX509ExtendedKeyManager internal constructor(
         if (keyType == this.keyType) {
             if (cachedAliases[certAlias]?.match(keyType, issuers) == true
                     || listOf(*getServerAliases(keyType, issuers)).contains(certAlias)) {
-                LOG.debug("CertificateAlias is {}", certAlias)
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("CertificateAlias is {}", certAlias)
+                }
                 return certAlias
             } else {
-                LOG.warn("certAlias '{}' was not found in keystore", certAlias)
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("certAlias '{}' was not found in keystore", certAlias)
+                }
             }
         } else if (LOG.isTraceEnabled) {
-            LOG.trace("Different keyType '{}' in chooseServerAlias() in CustomX509ExtendedKeyManager, expected '{}'",
-                    keyType, this.keyType)
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Different keyType '{}' in chooseServerAlias() in CustomX509ExtendedKeyManager, expected '{}'",
+                        keyType, this.keyType)
+            }
         }
         return null
     }
@@ -89,8 +101,8 @@ class CustomX509ExtendedKeyManager internal constructor(
         return if (certAlias == this.certAlias) {
             delegate.getCertificateChain(certAlias)
         } else {
-            LOG.warn("Different certAlias '{}' in getCertificateChain() in class X509ExtendedKeyManager, " +
-                    "expected: '{}'", certAlias, this.certAlias)
+                LOG.warn("Different certAlias '{}' in getCertificateChain() in class X509ExtendedKeyManager, " +
+                        "expected: '{}'", certAlias, this.certAlias)
             null
         }
     }
@@ -101,8 +113,9 @@ class CustomX509ExtendedKeyManager internal constructor(
         return if (certAlias == this.certAlias) {
             delegate.getPrivateKey(certAlias)
         } else {
-            LOG.warn("Different certAlias '{}' in getPrivateKey() in class X509ExtendedKeyManager, expected '{}'",
-                    certAlias, this.certAlias)
+                LOG.warn("Different certAlias '{}' in getPrivateKey() in class X509ExtendedKeyManager, expected '{}'",
+                        certAlias, this.certAlias)
+
             null
         }
     }
@@ -125,7 +138,7 @@ class CustomX509ExtendedKeyManager internal constructor(
         /**
          * This method is called for a given certificate alias and checks if the corresponding
          * cached alias entry (contains keytype for certAlias and issuer of thee certificate)
-         * matches the requested conditions in thee TLS handshake.
+         * matches the requested conditions in the TLS handshake.
          *
          * It must enforce checking if the certAlias belongs to a valid key algorithm type name,
          * e.g. 'RSA' or 'EC' and it must check if the certificate issuer is one of the accepted
@@ -133,6 +146,7 @@ class CustomX509ExtendedKeyManager internal constructor(
          *
          * returns true, if the keyAlias fulfills the requirements
          */
+        // FIXME currently all issuers are allowed
         fun match(keyType: String, issuers: Array<Principal>?) =
                 this.keyType == keyType && (issuers == null || listOf(*issuers).contains(issuer))
     }
@@ -140,5 +154,4 @@ class CustomX509ExtendedKeyManager internal constructor(
     companion object {
         private val LOG = LoggerFactory.getLogger(CustomX509ExtendedKeyManager::class.java)
     }
-
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
index d4e9db3d0..8e192b3b9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
@@ -34,8 +34,8 @@ object PreConfiguration {
             }
         }
         Files.newInputStream(keyStorePath).use { keyStoreInputStream ->
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Loading key store: $pathString")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Loading key store: $pathString")
             }
             ks.load(keyStoreInputStream, keyStorePassword)
         }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSSessionVerificationHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSSessionVerificationHelper.kt
index ce246fc9b..f83860521 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSSessionVerificationHelper.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSSessionVerificationHelper.kt
@@ -38,7 +38,9 @@ object TLSSessionVerificationHelper {
     @Throws(SSLPeerUnverifiedException::class)
     fun verifyTlsSession(sslSession: SSLSession) {
         val host = sslSession.peerHost
-        LOG.debug("Connected to {}:{}", host, sslSession.peerPort)
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Connected to {}:{}", host, sslSession.peerPort)
+        }
         try {
 
             //get certificate
@@ -76,8 +78,8 @@ object TLSSessionVerificationHelper {
                         acceptedIpAddresses.add(String(value))
                     }
                     else -> {
-                        if (LOG.isDebugEnabled) {
-                            LOG.debug("Unhandled SAN type \"{}\" with value \"{}\"", subjectAltName[0], value)
+                        if (LOG.isTraceEnabled) {
+                            LOG.trace("Unhandled SAN type \"{}\" with value \"{}\"", subjectAltName[0], value)
                         }
                     }
                 }
@@ -95,8 +97,8 @@ object TLSSessionVerificationHelper {
                             emptyList()
                         }
                     }.map { it.hostAddress }
-                    if (LOG.isDebugEnabled) {
-                        LOG.debug("Resolved IPs: {}", resolvedIps.toSet().joinToString())
+                    if (LOG.isTraceEnabled) {
+                        LOG.trace("Resolved IPs: {}", resolvedIps.toSet().joinToString())
                     }
                     if (!resolvedIps.contains(host)) {
                         throw SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
index 9e2c5c0dd..1df8f1655 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
@@ -46,7 +46,9 @@ class TLSClient<CC: Idscp2Connection>(
         }
         try {
             sslSocket.connect(InetSocketAddress(hostname, port))
-            LOG.debug("Client is connected to server {}:{}", hostname, port)
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Client is connected to server {}:{}", hostname, port)
+            }
 
             //set clientSocket timeout to allow safeStop()
             clientSocket.soTimeout = 5000
@@ -55,7 +57,9 @@ class TLSClient<CC: Idscp2Connection>(
             // Add inputListener but start it not before handshake is complete
             inputListenerThread = InputListenerThread(clientSocket.getInputStream(), this)
             sslSocket.addHandshakeCompletedListener(this)
-            LOG.debug("Start TLS Handshake")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Start TLS Handshake")
+            }
             sslSocket.startHandshake()
         } catch (e: SSLHandshakeException) {
             // FIXME: Any such disconnect makes the server maintain a broken connection
@@ -72,7 +76,9 @@ class TLSClient<CC: Idscp2Connection>(
     }
 
     private fun disconnect() {
-        LOG.debug("Disconnecting from TLS server...")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Disconnecting from TLS server...")
+        }
         if (::inputListenerThread.isInitialized) {
             inputListenerThread.safeStop()
         }
@@ -99,7 +105,7 @@ class TLSClient<CC: Idscp2Connection>(
 
     override fun send(bytes: ByteArray): Boolean {
         return if (!isConnected) {
-            LOG.error("Client cannot send data because socket is not connected")
+            LOG.warn("Client cannot send data because socket is not connected")
             false
         } else {
             try {
@@ -113,7 +119,7 @@ class TLSClient<CC: Idscp2Connection>(
                 }
                 true
             } catch (e: IOException) {
-                LOG.error("Client cannot send data", e)
+                LOG.warn("Client cannot send data", e)
                 false
             }
         }
@@ -124,8 +130,8 @@ class TLSClient<CC: Idscp2Connection>(
 
     override fun handshakeCompleted(handshakeCompletedEvent: HandshakeCompletedEvent) {
         //start receiving listener after TLS Handshake was successful
-        if (LOG.isDebugEnabled) {
-            LOG.debug("TLS Handshake was successful")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("TLS Handshake was successful")
         }
         // TODO: When server behavior fixed, disconnect and return here instantly
 //        if (!connectionFuture.isCancelled) {
@@ -136,7 +142,9 @@ class TLSClient<CC: Idscp2Connection>(
         // verify tls session on application layer: hostname verification, certificate validity
         try {
             TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.session)
-            LOG.debug("TLS session is valid")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("TLS session is valid")
+            }
             // Create secure channel, register secure channel as message listener and notify IDSCP2 Configuration.
             val secureChannel = SecureChannel(this)
             // Try to complete, won't do anything if promise has been cancelled
@@ -199,6 +207,8 @@ class TLSClient<CC: Idscp2Connection>(
         sslParameters.cipherSuites = TLSConstants.TLS_ENABLED_CIPHERS // only allow strong cipher
 //        sslParameters.endpointIdentificationAlgorithm = "HTTPS";  // is done in application layer
         sslSocket.sslParameters = sslParameters
-        LOG.debug("TLS Client was initialized successfully")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("TLS Client was initialized successfully")
+        }
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
index fc4b1d028..47f7d7fcf 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
@@ -34,22 +34,30 @@ class TLSServer<CC: Idscp2Connection>(nativeTlsConfiguration: NativeTlsConfigura
     private val serverThread: Thread
     override fun run() {
         if (serverSocket.isClosed) {
-            LOG.error("ServerSocket has been closed, server thread is stopping now.")
+            LOG.warn("ServerSocket has been closed, server thread is stopping now.")
             return
         }
         isRunning = true
-        LOG.debug("TLS server started, entering accept() loop...")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("TLS server started, entering accept() loop...")
+        }
         while (isRunning) {
             try {
+                /*
+                 * accept for new (incoming) ssl sockets. A timeout exception is thrown
+                 * after 5 seconds of inactivity to allow a clean stop via the safeStop() method
+                 */
                 val sslSocket = serverSocket.accept() as SSLSocket
                 try {
                     // Start new server thread
-                    LOG.debug("New TLS client has connected. Creating new server thread...")
+                    if (LOG.isTraceEnabled) {
+                        LOG.trace("New TLS client has connected. Creating new server thread...")
+                    }
                     val serverThread = TLSServerThread(sslSocket, secureChannelInitListener, serverListenerPromise)
                     sslSocket.addHandshakeCompletedListener(serverThread)
                     serverThread.start()
                 } catch (serverThreadException: Exception) {
-                    LOG.error("Error whilst creating/starting TLSServerThread", serverThreadException)
+                    LOG.warn("Error whilst creating/starting TLSServerThread", serverThreadException)
                 }
             } catch (e: SocketTimeoutException) {
                 //timeout on serverSocket blocking functions was reached
@@ -57,10 +65,12 @@ class TLSServer<CC: Idscp2Connection>(nativeTlsConfiguration: NativeTlsConfigura
                 //without closing the serverSocket, so we can stop and restart the server
                 //alternative: close serverSocket. But then we cannot reuse it
             } catch (e: SocketException) {
-                LOG.debug("Server socket has been closed.")
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("Server socket has been closed.")
+                }
                 isRunning = false
             } catch (e: IOException) {
-                LOG.error("Error during TLS server socket accept, notifying error handlers...")
+                LOG.warn("Error during TLS server socket accept, notifying error handlers...")
                 secureChannelInitListener.onError(e)
                 isRunning = false
             }
@@ -75,13 +85,22 @@ class TLSServer<CC: Idscp2Connection>(nativeTlsConfiguration: NativeTlsConfigura
     }
 
     override fun safeStop() {
-        LOG.debug("Stopping tls server")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Stopping tls server")
+        }
+        /*
+         * Set the volatile running variable to false. The serverSocket will receive
+         * a socket timeout after at least 5 seconds while it is blocked in accept()
+         * and will then check again if isRunning is still true
+         */
         isRunning = false
-        //        try {
+
+//        try {
 //            serverSocket.close();
 //        } catch (IOException e) {
 //            LOG.warn("Trying to close server socket failed!", e);
 //        }
+
         try {
             serverThread.join()
         } catch (e: InterruptedException) {
@@ -100,7 +119,9 @@ class TLSServer<CC: Idscp2Connection>(nativeTlsConfiguration: NativeTlsConfigura
 
         // Get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager,
         // which enables host verification and algorithm constraints
-        LOG.debug("Creating trust manager for TLS server...")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Creating trust manager for TLS server...")
+        }
         val myTrustManager = PreConfiguration.getX509ExtTrustManager(
                 nativeTlsConfiguration.trustStorePath,
                 nativeTlsConfiguration.trustStorePassword
@@ -108,7 +129,9 @@ class TLSServer<CC: Idscp2Connection>(nativeTlsConfiguration: NativeTlsConfigura
 
         // Get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager,
         // which enables connection specific key selection via key alias
-        LOG.debug("Creating key manager for TLS server...")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Creating key manager for TLS server...")
+        }
         val myKeyManager = PreConfiguration.getX509ExtKeyManager(
                 nativeTlsConfiguration.keyPassword,
                 nativeTlsConfiguration.keyStorePath,
@@ -116,7 +139,10 @@ class TLSServer<CC: Idscp2Connection>(nativeTlsConfiguration: NativeTlsConfigura
                 nativeTlsConfiguration.certificateAlias,
                 nativeTlsConfiguration.keyStoreKeyType
         )
-        LOG.debug("Setting TLS security attributes and creating TLS server socket...")
+
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Setting TLS security attributes and creating TLS server socket...")
+        }
         // Create TLS context based on keyManager and trustManager
         val sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE)
         sslContext.init(myKeyManager, myTrustManager, null)
@@ -133,7 +159,10 @@ class TLSServer<CC: Idscp2Connection>(nativeTlsConfiguration: NativeTlsConfigura
         sslParameters.protocols = TLSConstants.TLS_ENABLED_PROTOCOLS //only TLSv1.3
         sslParameters.cipherSuites = TLSConstants.TLS_ENABLED_CIPHERS //only allow strong cipher suite
         sslServerSocket.sslParameters = sslParameters
-        LOG.debug("Starting TLS server...")
+
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Starting TLS server...")
+        }
         serverThread = Thread(this, "TLS Server Thread "
                 + nativeTlsConfiguration.host + ":" + nativeTlsConfiguration.serverPort)
         serverThread.start()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
index c0302ca2f..a0b647ed9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
@@ -47,7 +47,7 @@ class TLSServerThread<CC : Idscp2Connection> internal constructor(
             // Wait for TLS session verification
             tlsVerificationLatch.await()
         } catch (e: Exception) {
-            LOG.error("Exception occurred during SSL handshake. Quiting server thread...", e)
+            LOG.warn("Exception occurred during SSL handshake. Quiting server thread...", e)
             onError(e)
             running = false
         }
@@ -84,7 +84,7 @@ class TLSServerThread<CC : Idscp2Connection> internal constructor(
 
     override fun send(bytes: ByteArray): Boolean {
         return if (!isConnected) {
-            LOG.error("Server cannot send data because socket is not connected")
+            LOG.warn("Server cannot send data because socket is not connected")
             closeSockets()
             false
         } else {
@@ -94,7 +94,7 @@ class TLSServerThread<CC : Idscp2Connection> internal constructor(
                 out.flush()
                 true
             } catch (e: IOException) {
-                LOG.error("Server could not send data", e)
+                LOG.warn("Server could not send data", e)
                 closeSockets()
                 false
             }
@@ -125,18 +125,18 @@ class TLSServerThread<CC : Idscp2Connection> internal constructor(
         get() = sslSocket.isConnected
 
     override fun handshakeCompleted(handshakeCompletedEvent: HandshakeCompletedEvent) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("TLS Handshake was successful")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("TLS Handshake was successful")
         }
 
         // verify tls session on application layer: hostname verification, certificate validity
         try {
             TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.session)
-            LOG.debug("TLS session is valid")
-        } catch (e: SSLPeerUnverifiedException) {
-            if (LOG.isWarnEnabled) {
-                LOG.warn("TLS session is not valid. Close TLS connection", e)
+            if (LOG.isTraceEnabled) {
+                LOG.trace("TLS session is valid")
             }
+        } catch (e: SSLPeerUnverifiedException) {
+            LOG.warn("TLS session is not valid. Close TLS connection", e)
             running = false // set running false before tlsVerificationLatch is decremented
             return
         } finally {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index 077e63dbd..f7b69b899 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -45,7 +45,6 @@ class Idscp2ClientInitiator {
             connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
                 LOG.info("Received ping message: " + String(data, StandardCharsets.UTF_8))
 
-                LOG.info("Close Connection")
                 c.close()
             }
             connection.unlockMessaging()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
index 337445bb3..f355ca3ce 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
@@ -33,7 +33,7 @@ object RunTunnelClient {
                 .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector2-keystore.p12")).path))
                 .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
                 .setCertificateAlias("1.0.1")
-                .setServerPort(1234)
+                .setServerPort(12345)
                 .build()
 
         val initiator = CommandlineTunnelClient()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
index 3890fd78c..a831efa3f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
@@ -31,7 +31,7 @@ object RunTunnelServer {
                 .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
                 .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
                 .setCertificateAlias("1.0.1")
-                .setServerPort(1234)
+                .setServerPort(12345)
                 .build()
 
         val initiator = CommandlineTunnelServer()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
index 55a69fee6..ea2ce4363 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
@@ -39,8 +39,8 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
      * Close the idscp connection
      */
     override fun close() {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Closing connection {}...", id)
+        if (LOG.isInfoEnabled) {
+            LOG.info("Closing connection {}...", id)
         }
 
         when (val res = fsm.closeConnection()) {
@@ -56,8 +56,8 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
      */
 
     override fun nonBlockingSend(msg: ByteArray) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Sending data via connection {}...", id)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Sending data via connection {}...", id)
         }
 
         when (val res = fsm.send(msg)) {
@@ -72,8 +72,8 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
     }
 
     override fun blockingSend(msg: ByteArray, timeout: Long, retryInterval: Long) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Sending data via connection {}...", id)
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Sending data via connection {}...", id)
         }
 
         val start = System.currentTimeMillis()
@@ -101,8 +101,8 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
     }
 
     override fun repeatRat() {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Repeat Rat for connection {}...", id)
+        if (LOG.isInfoEnabled) {
+            LOG.info("Repeat Rat for connection {}...", id)
         }
 
         // match result
@@ -119,8 +119,8 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
     override fun onMessage(msg: ByteArray) {
         // When unlock is called, although not synchronized, this will eventually stop blocking.
         messageLatch.await()
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Received new IDSCP Message")
+        if (LOG.isDebugEnabled) {
+            LOG.debug("Received new IDSCP Message")
         }
         messageListeners.forEach { l: Idscp2MessageListener -> l.onMessage(this, msg) }
     }
@@ -131,7 +131,9 @@ class Idscp2ConnectionImpl(secureChannel: SecureChannel,
     }
 
     override fun onClose() {
-        LOG.debug("Connection with id {} is closing, notify listeners...", id)
+        if (LOG.isInfoEnabled) {
+            LOG.info("Connection with id {} is closing, notify listeners...", id)
+        }
         connectionListeners.forEach { l: Idscp2ConnectionListener -> l.onClose() }
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt
index 199df50a1..b361fdc18 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt
@@ -18,10 +18,15 @@ class Idscp2Server<CC: Idscp2Connection>(private val secureServer: SecureServer)
      * Terminate the IDSCP2 server, the secure server and close all connections
      */
     fun terminate() {
-        LOG.info("Terminating IDSCP2 server {}", this.toString())
+        if (LOG.isInfoEnabled) {
+            LOG.info("Terminating IDSCP2 server {}", this.toString())
+        }
+
         for (connection in connections) {
             connection.close()
-            LOG.debug("Idscp connection with id {} has been closed", connection.id)
+            if (LOG.isDebugEnabled) {
+                LOG.debug("Idscp connection with id {} has been closed", connection.id)
+            }
             connections.remove(connection)
         }
         secureServer.safeStop()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
index 377944d8f..c50cedfb7 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
@@ -29,7 +29,9 @@ class Idscp2ServerFactory<CC: Idscp2Connection, SecureChannelConfiguration>(
      */
     @Throws(Idscp2Exception::class)
     fun listen(): Idscp2Server<CC> {
-        LOG.info("Starting new IDSCP2 server")
+        if (LOG.isInfoEnabled) {
+            LOG.info("Starting new IDSCP2 server")
+        }
         val serverListenerPromise = CompletableFuture<ServerConnectionListener<CC>>()
         val secureServer = secureChannelDriver.listen(this, serverListenerPromise, secureChannelConfig)
         val server = Idscp2Server<CC>(secureServer)
@@ -50,7 +52,9 @@ class Idscp2ServerFactory<CC: Idscp2Connection, SecureChannelConfiguration>(
     @Synchronized
     override fun onSecureChannel(secureChannel: SecureChannel,
                                  serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>) {
-        LOG.trace("A new secure channel for an IDSCP2 connection was established")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("A new secure channel for an IDSCP2 connection was established")
+        }
         // Threads calling onMessage() will be blocked until all listeners have been registered, see below
         val newConnection = connectionFactory(secureChannel, configuration)
         // Complete the connection promise for the IDSCP server
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index fb2f570ed..5121e65a1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -265,7 +265,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
             if (Thread.currentThread().id.toString() == currentRatProverId) {
                 feedEvent(e)
             } else {
-                LOG.error("An old or unknown Thread (${Thread.currentThread().id}) calls onRatProverMessage()")
+                LOG.warn("An old or unknown Thread (${Thread.currentThread().id}) calls onRatProverMessage()")
             }
         } finally {
             fsmIsBusy.unlock()
@@ -300,7 +300,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
             if (Thread.currentThread().id.toString() == currentRatVerifierId) {
                 feedEvent(e)
             } else {
-                LOG.error("An old or unknown Thread (${Thread.currentThread().id}) calls onRatVerifierMessage()")
+                LOG.warn("An old or unknown Thread (${Thread.currentThread().id}) calls onRatVerifierMessage()")
             }
         } finally {
             fsmIsBusy.unlock()
@@ -341,7 +341,9 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
      */
     fun closeConnection() : FsmResultCode {
         //check for incorrect usage
-        LOG.debug("Sending stop message to connection peer...")
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Sending stop message to connection peer...")
+        }
         return onUpperEvent(Event(InternalControlMessage.IDSCP_STOP))
     }
 
@@ -514,8 +516,8 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
         return ratVerifierDriver?.let {
             //safe the thread ID
             currentRatVerifierId = it.id.toString()
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Start verifier_handshake timeout")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Start verifier_handshake timeout")
             }
             verifierHandshakeTimer.resetTimeout()
             true
@@ -556,8 +558,8 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
         return ratProverDriver?.let {
             // Save the thread ID
             currentRatProverId = it.id.toString()
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Start prover_handshake timeout")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Start prover_handshake timeout")
             }
             proverHandshakeTimer.resetTimeout()
             true
@@ -590,8 +592,9 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
      * and notify handshake lock if necessary
      */
     fun shutdownFsm() {
-        LOG.debug("Shutting down FSM of connection {}...", connection.id)
+
         if (LOG.isTraceEnabled) {
+            LOG.trace("Shutting down FSM of connection {}...", connection.id)
             LOG.trace("Running close handlers of connection {}...", connection.id)
         }
 
@@ -622,6 +625,7 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
         stopRatProverDriver()
         // Cancels verifierHandshakeTimer
         stopRatVerifierDriver()
+
         if (LOG.isTraceEnabled) {
             LOG.trace("Mark FSM as terminated...")
         }
@@ -678,8 +682,8 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
                 LOG.trace("Received IdscpAck with alternating bit {}, cancel flag in fsm", ack.alternatingBit)
             }
             if (nextSendAlternatingBit.asBoolean() != ack.alternatingBit) {
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Received IdscpAck with wrong alternating bit. Ignoring")
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("Received IdscpAck with wrong alternating bit. Ignoring")
                 }
             } else {
                 ackFlag = false
@@ -698,12 +702,12 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
 
     fun recvData(data: IdscpData) {
         if (LOG.isTraceEnabled) {
-            LOG.debug("Received IdscpData with alternating bit {}", data.alternatingBit)
+            LOG.trace("Received IdscpData with alternating bit {}", data.alternatingBit)
         }
 
         if (data.alternatingBit != expectedAlternatingBit.asBoolean()) {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Received IdscpData with unexpected alternating bit. Could be an old packet replayed. Ignore it.")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IdscpData with unexpected alternating bit. Could be an old packet replayed. Ignore it.")
             }
         } else {
             if (LOG.isTraceEnabled) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
index a2d106918..777e41234 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
@@ -59,16 +59,21 @@ internal class StateClosed(fsm: FSM,
             }
 
             // FSM not locked, start handshake
-            LOG.debug("Get DAT Token vom DAT_DRIVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Get DAT Token vom DAT_DRIVER")
+            }
             val dat = fsm.getDynamicAttributeToken
-            LOG.debug("Send IDSCP_HELLO")
+
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSCP_HELLO")
+            }
             val idscpHello = Idscp2MessageHelper.createIdscpHelloMessage(
                 dat,
                 attestationConfig.supportedAttestationSuite,
                 attestationConfig.expectedAttestationSuite
             )
             if (!fsm.sendFromFSM(idscpHello)) {
-                LOG.error("Cannot send IdscpHello. Close connection")
+                LOG.warn("Cannot send IdscpHello. Close connection")
                 runEntryCode(fsm)
                 onMessageLock.signalAll()
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, this)
@@ -118,14 +123,14 @@ internal class StateClosed(fsm: FSM,
         })
 
         setNoTransitionHandler {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("No transition available for given event {}, stack trace for analysis:\n{}",
+            if (LOG.isTraceEnabled) {
+                LOG.trace("No transition available for given event {}, stack trace for analysis:\n{}",
                     it,
                     Arrays.stream(Thread.currentThread().stackTrace)
                         .skip(1)
                         .map { obj: StackTraceElement -> obj.toString() }
                         .collect(Collectors.joining("\n")))
-                LOG.debug("Stay in state STATE_CLOSED")
+                LOG.trace("Stay in state STATE_CLOSED")
             }
             FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
         }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
index 9a84efabe..61a62dfe7 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
@@ -54,8 +54,8 @@ class StateEstablished(
         })
 
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Send IDSCP_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSCP_CLOSE")
             }
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
@@ -88,27 +88,27 @@ class StateEstablished(
             }
         })
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
             }
             ratTimer.cancelTimeout()
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                LOG.error("Cannot send ReRat message")
+                LOG.warn("Cannot send ReRat message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatVerifierDriver()) {
-                LOG.error("Cannot run Rat verifier, close idscp connection")
+                LOG.warn("Cannot run Rat verifier, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
         })
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
             ratTimer.cancelTimeout()
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
             }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                LOG.error("Cannot send DatExpired message")
+                LOG.warn("Cannot send DatExpired message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (LOG.isTraceEnabled) {
@@ -118,25 +118,25 @@ class StateEstablished(
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
         })
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_RERAT. Start RAT_PROVER")
             }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
         })
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("DAT expired. Send new DAT and repeat RAT")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("DAT expired. Send new DAT and repeat RAT")
             }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.error("Cannot send Dat message")
+                LOG.warn("Cannot send Dat message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
@@ -155,8 +155,8 @@ class StateEstablished(
         })
 
         setNoTransitionHandler {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("No transition available for given event $it, stay in state STATE_ESTABLISHED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("No transition available for given event $it, stay in state STATE_ESTABLISHED")
             }
             FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
         }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
index e45f38422..2c3eb7cc3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
@@ -47,12 +47,14 @@ class StateWaitForAck(fsm: FSM,
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("Error occurred, close idscp connection")
+            LOG.warn("Error occurred, close idscp connection")
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSCP_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSCP_CLOSE")
+            }
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "User close",
@@ -63,15 +65,17 @@ class StateWaitForAck(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            LOG.debug("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
+            }
             ratTimer.cancelTimeout()
             ackTimer.cancelTimeout()
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                LOG.error("Cannot send ReRat message")
+                LOG.warn("Cannot send ReRat message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatVerifierDriver()) {
-                LOG.error("Cannot run Rat verifier, close idscp connection")
+                LOG.warn("Cannot run Rat verifier, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
@@ -85,12 +89,16 @@ class StateWaitForAck(fsm: FSM,
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
             ratTimer.cancelTimeout()
             ackTimer.cancelTimeout()
-            LOG.debug("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
+            }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                LOG.error("Cannot send DatExpired message")
+                LOG.warn("Cannot send DatExpired message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            LOG.debug("Set handshake timeout")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Set handshake timeout")
+            }
             handshakeTimer.resetTimeout()
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
         })
@@ -98,7 +106,9 @@ class StateWaitForAck(fsm: FSM,
         addTransition(InternalControlMessage.ACK_TIMER_EXPIRED.value, Transition {
             if (fsm.ackFlag) {
                 fsm.getBufferedIdscpMessage?.let {
-                    LOG.debug("ACK_timeout occurred. Sending buffered IdscpData again...")
+                    if (LOG.isTraceEnabled) {
+                        LOG.trace("ACK_timeout occurred. Sending buffered IdscpData again...")
+                    }
                     return@Transition if (!fsm.sendFromFSM(it)) {
                         LOG.warn("Cannot send IdscpData, shutdown FSM")
                         FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
@@ -108,7 +118,7 @@ class StateWaitForAck(fsm: FSM,
                     }
                 }
             }
-            LOG.error("No IdscpData message buffered in state WAIT_FOR_ACK. Shutdown")
+            LOG.warn("No IdscpData message buffered in state WAIT_FOR_ACK. Shutdown")
             return@Transition FSM.FsmResult(
                 FSM.FsmResultCode.IDSCP_DATA_NOT_CACHED,
                 fsm.getState(FsmState.STATE_CLOSED)
@@ -116,9 +126,11 @@ class StateWaitForAck(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_RERAT. Start RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_RERAT. Start RAT_PROVER")
+            }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             ackTimer.cancelTimeout()
@@ -126,13 +138,15 @@ class StateWaitForAck(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            LOG.debug("DAT expired. Send new DAT and repeat RAT")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("DAT expired. Send new DAT and repeat RAT")
+            }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.error("Cannot send Dat message")
+                LOG.warn("Cannot send Dat message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             ackTimer.cancelTimeout()
@@ -153,13 +167,17 @@ class StateWaitForAck(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Receive IDSCP_CLOSED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Receive IDSCP_CLOSED")
+            }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         setNoTransitionHandler {
-            LOG.debug("No transition available for given event $it")
-            LOG.debug("Stay in state STATE_WAIT_FOR_ACK")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("No transition available for given event $it")
+                LOG.trace("Stay in state STATE_WAIT_FOR_ACK")
+            }
             FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
         }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index e41903a69..20af0cb8b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -53,7 +53,9 @@ class StateWaitForDatAndRat(fsm: FSM,
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSC_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSC_CLOSE")
+            }
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "User close",
@@ -64,7 +66,7 @@ class StateWaitForDatAndRat(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
+            LOG.warn("An internal control error occurred")
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
@@ -77,7 +79,7 @@ class StateWaitForDatAndRat(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            LOG.warn("Handshake timeout occurred. Send IDSCP_CLOSE")
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "Handshake timeout",
@@ -88,14 +90,15 @@ class StateWaitForDatAndRat(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
-            LOG.debug("Received RAT_PROVER OK")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received RAT_PROVER OK")
+            }
             proverHandshakeTimer.cancelTimeout()
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
-            LOG.error("RAT_PROVER failed")
-            LOG.debug("Send IDSC_CLOSE")
+            LOG.warn("RAT_PROVER failed. Send IDSCP_CLOSE")
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "RAT_PROVER failed",
@@ -106,23 +109,29 @@ class StateWaitForDatAndRat(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
-            LOG.debug("Send IDSCP_RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSCP_RAT_PROVER")
+            }
             if (!fsm.sendFromFSM(event.idscpMessage)) {
-                LOG.error("Cannot send rat prover message")
+                LOG.warn("Cannot send rat prover message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_CLOSE")
+            }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition { event: Event ->
 
             handshakeTimer.cancelTimeout()
-            LOG.debug("Verify received DAT")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Verify received DAT")
+            }
 
             //check if Dat is available and verify dat
             // toDo security Requirements
@@ -131,7 +140,9 @@ class StateWaitForDatAndRat(fsm: FSM,
 
             try {
                 if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
-                    LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                    if (LOG.isTraceEnabled) {
+                        LOG.trace("No valid remote DAT is available. Send IDSCP_CLOSE")
+                    }
                     fsm.sendFromFSM(
                         Idscp2MessageHelper.createIdscpCloseMessage(
                             "No valid DAT", CloseCause.NO_VALID_DAT
@@ -143,7 +154,7 @@ class StateWaitForDatAndRat(fsm: FSM,
                     )
                 }
             } catch (e: Exception) {
-                LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE: {}", e)
+                LOG.warn("DapsDriver has thrown Exception while validating remote DAT. Send IDSCP_CLOSE: {}", e)
                 fsm.sendFromFSM(
                     Idscp2MessageHelper.createIdscpCloseMessage(
                         "No valid DAT", CloseCause.NO_VALID_DAT
@@ -152,12 +163,14 @@ class StateWaitForDatAndRat(fsm: FSM,
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            LOG.debug("Remote DAT is valid. Set dat timeout")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Remote DAT is valid. Set dat timeout")
+            }
             datTimer.resetTimeout(datValidityPeriod * 1000)
 
             //start RAT Verifier
             if (!fsm.restartRatVerifierDriver()) {
-                LOG.error("Cannot run Rat verifier, close idscp connection")
+                LOG.warn("Cannot run Rat verifier, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -165,24 +178,28 @@ class StateWaitForDatAndRat(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+            }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.error("Cannot send Dat message")
+                LOG.warn("Cannot send Dat message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
-            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+            }
 
             if (!event.idscpMessage.hasIdscpRatVerifier()) {
                 // this should never happen
-                LOG.error("IDSCP_RAT_VERIFIER Message not available")
+                LOG.warn("IDSCP_RAT_VERIFIER Message not available")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -192,7 +209,7 @@ class StateWaitForDatAndRat(fsm: FSM,
                     it.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
                 }
             } ?: run {
-                LOG.error("RatProverDriver not available")
+                LOG.warn("RatProverDriver not available")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -200,9 +217,11 @@ class StateWaitForDatAndRat(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_RE_RAT. Restart RAT_PROVER")
+            }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
@@ -214,7 +233,9 @@ class StateWaitForDatAndRat(fsm: FSM,
         })
 
         setNoTransitionHandler {
-            LOG.debug("No transition available for given event $it")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("No transition available for given event $it")
+            }
             FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
         }
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index 9cda2760f..7b388d028 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -46,7 +46,9 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSC_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSC_CLOSE")
+            }
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "User close",
@@ -57,7 +59,7 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
+            LOG.warn("An internal control error occurred")
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
@@ -70,7 +72,7 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            LOG.warn("Handshake timeout occurred. Send IDSCP_CLOSE")
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "Handshake timeout",
@@ -81,14 +83,18 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_CLOSE")
+            }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition { event: Event ->
 
             handshakeTimer.cancelTimeout()
-            LOG.debug("Verify received DAT")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Verify received DAT")
+            }
 
             //check if Dat is available and verify dat
             //toDo security requirements
@@ -97,7 +103,7 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
 
             try {
                 if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
-                    LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                    LOG.warn("No valid remote DAT is available. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(
                         Idscp2MessageHelper.createIdscpCloseMessage(
                             "No valid DAT", CloseCause.NO_VALID_DAT
@@ -109,7 +115,7 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                     )
                 }
             } catch (e: Exception) {
-                LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE: {}", e)
+                LOG.warn("DapsDriver has thrown Exception while validating remote DAT. Send IDSCP_CLOSE: {}", e)
                 fsm.sendFromFSM(
                     Idscp2MessageHelper.createIdscpCloseMessage(
                         "No valid DAT", CloseCause.NO_VALID_DAT
@@ -118,12 +124,14 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            LOG.debug("Remote DAT is valid. Set dat timeout")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Remote DAT is valid. Set dat timeout")
+            }
             datTimer.resetTimeout(datValidityPeriod * 1000)
 
             //start RAT Verifier
             if (!fsm.restartRatVerifierDriver()) {
-                LOG.error("Cannot run Rat verifier, close idscp connection")
+                LOG.warn("Cannot run Rat verifier, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -131,22 +139,26 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
+            }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.error("Cannot send DAT message")
+                LOG.warn("Cannot send DAT message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
         })
 
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_RE_RAT. Start RAT_PROVER")
+            }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
@@ -158,7 +170,9 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
         })
 
         setNoTransitionHandler { event: Event? ->
-            LOG.debug("No transition available for given event " + event.toString())
+            if (LOG.isTraceEnabled) {
+                LOG.trace("No transition available for given event " + event.toString())
+            }
             FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
         }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index 0f78e9a00..2e0d54d39 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -51,12 +51,14 @@ class StateWaitForHello(fsm: FSM,
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_HELLO
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
+            LOG.warn("An internal control error occurred")
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Received stop signal from user. Send IDSCP_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received stop signal from user. Send IDSCP_CLOSE")
+            }
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "User close",
@@ -67,19 +69,23 @@ class StateWaitForHello(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            LOG.debug("Received SEND signal from user, but FSM is not connected yet")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received SEND signal from user, but FSM is not connected yet")
+            }
             FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
         })
 
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
             // nothing to to, result should be okay since RAT will be done in the next
             // state for the first time
-            LOG.debug("Received REPEAT_RAT signal from user")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received REPEAT_RAT signal from user")
+            }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE")
+            LOG.warn("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE")
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "Handshake Timeout",
@@ -90,7 +96,9 @@ class StateWaitForHello(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE. Close connection")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_CLOSE. Close connection")
+            }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
@@ -98,11 +106,15 @@ class StateWaitForHello(fsm: FSM,
             handshakeTimer.cancelTimeout()
 
             val idscpHello = event.idscpMessage.idscpHello
-            LOG.debug("Received IDSCP_HELLO")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_HELLO")
+            }
 
             // toDo compare certificate fingerprints
             // toDo check for valid calculation of rat mechanisms, return NegotiationError
-            LOG.debug("Calculate Rat mechanisms")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Calculate Rat mechanisms")
+            }
             val proverMechanism = fsm.getRatProverMechanism(
                 attestationConfig.supportedAttestationSuite,
                 idscpHello.expectedRatSuiteList.toTypedArray()
@@ -113,12 +125,14 @@ class StateWaitForHello(fsm: FSM,
             )
 
             // toDo securityRequirements
-            LOG.debug("Verify received DAT")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Verify received DAT")
+            }
             //check if Dat is available and verify dat
             var datValidityPeriod: Long
 
             if (!idscpHello.hasDynamicAttributeToken()) {
-                LOG.debug("No remote DAT is available. Send IDSCP_CLOSE")
+                LOG.warn("No remote DAT is available. Send IDSCP_CLOSE")
                 fsm.sendFromFSM(
                     Idscp2MessageHelper.createIdscpCloseMessage(
                         "No valid DAT", CloseCause.NO_VALID_DAT
@@ -131,7 +145,7 @@ class StateWaitForHello(fsm: FSM,
                 if (0 > dapsDriver.verifyToken(idscpHello.dynamicAttributeToken.token.toByteArray(), null)
                         .also { datValidityPeriod = it }
                 ) {
-                    LOG.debug("No valid remote DAT is available. Send IDSCP_CLOSE")
+                    LOG.warn("No valid remote DAT is available. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(
                         Idscp2MessageHelper.createIdscpCloseMessage(
                             "No valid DAT", CloseCause.NO_VALID_DAT
@@ -143,7 +157,7 @@ class StateWaitForHello(fsm: FSM,
                     )
                 }
             } catch (e: Exception) {
-                LOG.debug("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE {}", e)
+                LOG.warn("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE {}", e)
                 fsm.sendFromFSM(
                     Idscp2MessageHelper.createIdscpCloseMessage(
                         "No valid DAT", CloseCause.NO_VALID_DAT
@@ -152,17 +166,21 @@ class StateWaitForHello(fsm: FSM,
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED))
             }
 
-            LOG.debug("Remote DAT is valid. Set dat timeout to its validity period")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Remote DAT is valid. Set dat timeout to its validity period")
+            }
             datTimer.resetTimeout(datValidityPeriod * 1000)
             fsm.setRatMechanisms(proverMechanism, verifierMechanism)
 
-            LOG.debug("Start RAT Prover and Verifier")
+            if (LOG.isTraceEnabled) {
+                LOG.debug("Start RAT Prover and Verifier")
+            }
             if (!fsm.restartRatVerifierDriver()) {
-                LOG.error("Cannot run Rat verifier, close idscp connection")
+                LOG.warn("Cannot run Rat verifier, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -170,8 +188,10 @@ class StateWaitForHello(fsm: FSM,
         })
 
         setNoTransitionHandler {
-            LOG.debug("No transition available for given event $it")
-            LOG.debug("Stay in state STATE_WAIT_FOR_HELLO")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("No transition available for given event $it")
+                LOG.trace("Stay in state STATE_WAIT_FOR_HELLO")
+            }
             FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
         }
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
index d50a139ad..4b2afb227 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
@@ -54,12 +54,14 @@ class StateWaitForRat(fsm: FSM,
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
+            LOG.warn("An internal control error occurred")
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSCP_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSCP_CLOSE")
+            }
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "User close",
@@ -79,21 +81,24 @@ class StateWaitForRat(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
-            LOG.debug("Received RAT_PROVER OK")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received RAT_PROVER OK")
+            }
             proverHandshakeTimer.cancelTimeout()
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
         })
 
         addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
-            LOG.debug("Received RAT_VERIFIER OK")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received RAT_VERIFIER OK")
+            }
             verifierHandshakeTimer.cancelTimeout()
             ratTimer.resetTimeout()
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
-            LOG.error("RAT_PROVER failed")
-            LOG.debug("Send IDSC_CLOSE")
+            LOG.warn("RAT_PROVER failed. Send IDSCP_CLOSE")
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "RAT_PROVER failed",
@@ -104,8 +109,7 @@ class StateWaitForRat(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
-            LOG.error("RAT_VERIFIER failed")
-            LOG.debug("Send IDSC_CLOSE")
+            LOG.warn("RAT_VERIFIER failed. Send IDSCP_CLOSE")
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "RAT_VERIFIER failed",
@@ -116,37 +120,45 @@ class StateWaitForRat(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
-            LOG.debug("Send IDSCP_RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSCP_RAT_PROVER")
+            }
             if (!fsm.sendFromFSM(event.idscpMessage)) {
-                LOG.error("Cannot send rat prover message")
+                LOG.warn("Cannot send rat prover message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition { event: Event ->
-            LOG.debug("Send IDSCP_RAT_VERIFIER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSCP_RAT_VERIFIER")
+            }
             if (!fsm.sendFromFSM(event.idscpMessage)) {
-                LOG.error("Cannot send rat verifier message")
+                LOG.warn("Cannot send rat verifier message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
-            LOG.debug("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER")
+            }
             fsm.stopRatVerifierDriver()
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                LOG.error("Cannot send DatExpired message")
+                LOG.warn("Cannot send DatExpired message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            LOG.debug("Start Handshake Timer")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Start Handshake Timer")
+            }
             handshakeTimer.resetTimeout()
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
         })
 
         addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            LOG.warn("Handshake timeout occurred. Send IDSCP_CLOSE")
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "Handshake timeout",
@@ -162,11 +174,13 @@ class StateWaitForRat(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
-            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+            }
 
             if (!event.idscpMessage.hasIdscpRatVerifier()) {
                 // this should never happen
-                LOG.error("IDSCP_RAT_Verifier Message not available")
+                LOG.warn("IDSCP_RAT_Verifier message not available")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -176,7 +190,7 @@ class StateWaitForRat(fsm: FSM,
                     it.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
                 }
             } ?: run {
-                LOG.error("RatProverDriver not available")
+                LOG.warn("RatProverDriver not available")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -184,11 +198,13 @@ class StateWaitForRat(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
-            LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
+            }
 
             if (!event.idscpMessage.hasIdscpRatProver()) {
                 // this should never happen
-                LOG.error("IDSCP_RAT_PROVER Message not available")
+                LOG.warn("IDSCP_RAT_PROVER message not available")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -198,7 +214,7 @@ class StateWaitForRat(fsm: FSM,
                     it.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
                 }
             } ?: run {
-                LOG.error("RatVerifierDriver not available")
+                LOG.warn("RatVerifierDriver not available")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -206,27 +222,33 @@ class StateWaitForRat(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+            }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.error("Cannot send DAT message")
+                LOG.warn("Cannot send DAT message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_CLOSE")
+            }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         setNoTransitionHandler { event: Event? ->
-            LOG.debug("No transition available for given event " + event.toString())
-            LOG.debug("Stay in state STATE_WAIT_FOR_RAT")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("No transition available for given event " + event.toString())
+                LOG.trace("Stay in state STATE_WAIT_FOR_RAT")
+            }
             FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
         }
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
index 524d1daf9..b883ea0e3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
@@ -51,13 +51,15 @@ class StateWaitForRatProver(fsm: FSM,
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_PROVER
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSC_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSC_CLOSE")
+            }
             fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", CloseCause.USER_SHUTDOWN))
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
+            LOG.warn("An internal control error occurred")
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
@@ -66,7 +68,7 @@ class StateWaitForRatProver(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            LOG.warn("Handshake timeout occurred. Send IDSCP_CLOSE")
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "Handshake timeout",
@@ -77,19 +79,25 @@ class StateWaitForRatProver(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
-            LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("DAT timeout occurred. Send IDSCP_DAT_EXPIRED")
+            }
             ratTimer.cancelTimeout()
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                LOG.error("Cannot send DatExpired message")
+                LOG.warn("Cannot send DatExpired message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            LOG.debug("Start Handshake Timer")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Start Handshake Timer")
+            }
             handshakeTimer.resetTimeout()
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
-            LOG.debug("Received RAT_PROVER OK")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received RAT_PROVER OK")
+            }
             proverHandshakeTimer.cancelTimeout()
             if (fsm.ackFlag) {
                 ackTimer.start()
@@ -100,8 +108,7 @@ class StateWaitForRatProver(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
-            LOG.error("RAT_PROVER failed")
-            LOG.debug("Send IDSC_CLOSE")
+            LOG.warn("RAT_PROVER failed. Send IDSCP_CLOSE")
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "RAT_PROVER failed",
@@ -112,52 +119,62 @@ class StateWaitForRatProver(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
-            LOG.debug("Send IDSCP_RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSCP_RAT_PROVER")
+            }
             if (!fsm.sendFromFSM(event.idscpMessage)) {
-                LOG.error("Cannot send rat prover message")
+                LOG.warn("Cannot send rat prover message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            LOG.debug("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER")
+            }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                LOG.error("Cannot send ReRat message")
+                LOG.warn("Cannot send ReRat message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             ratTimer.cancelTimeout()
             if (!fsm.restartRatVerifierDriver()) {
-                LOG.error("Cannot run Rat verifier, close idscp connection")
+                LOG.warn("Cannot run Rat verifier, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_CLOSE")
+            }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
+            }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.error("Cannot send DAT message")
+                LOG.warn("Cannot send DAT message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
-            LOG.debug("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
+            }
 
             if (!event.idscpMessage.hasIdscpRatVerifier()) {
                 // this should never happen
-                LOG.error("IDSCP_RAT_VERIFIER Message not available")
+                LOG.warn("IDSCP_RAT_VERIFIER Message not available")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -167,7 +184,7 @@ class StateWaitForRatProver(fsm: FSM,
                     it.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
                 }
             } ?: run {
-                LOG.error("RatProverDriver not available")
+                LOG.warn("RatProverDriver not available")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -175,9 +192,11 @@ class StateWaitForRatProver(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_RE_RAT. Restart RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_RE_RAT. Restart RAT_PROVER")
+            }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
@@ -189,8 +208,10 @@ class StateWaitForRatProver(fsm: FSM,
         })
 
         setNoTransitionHandler {
-            LOG.debug("No transition available for given event $it")
-            LOG.debug("Stay in state STATE_WAIT_FOR_RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("No transition available for given event $it")
+                LOG.trace("Stay in state STATE_WAIT_FOR_RAT_PROVER")
+            }
             FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
         }
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
index e1291f24f..c99843db6 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
@@ -49,7 +49,9 @@ class StateWaitForRatVerifier(fsm: FSM,
          * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
          * --------------------------------------------------- */
         addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            LOG.debug("Send IDSC_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSC_CLOSE")
+            }
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "User close",
@@ -60,7 +62,7 @@ class StateWaitForRatVerifier(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.debug("An internal control error occurred")
+            LOG.warn("An internal control error occurred")
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
@@ -74,27 +76,32 @@ class StateWaitForRatVerifier(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.debug("Handshake timeout occurred. Send IDSCP_CLOSE")
+            LOG.warn("Handshake timeout occurred. Send IDSCP_CLOSE")
             fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", CloseCause.TIMEOUT))
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
-            LOG.debug("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER")
+            }
             fsm.stopRatVerifierDriver()
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                LOG.error("Cannot send DatExpired message")
+                LOG.warn("Cannot send DatExpired message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
-            LOG.debug("Start Handshake Timer")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Start Handshake Timer")
+            }
             handshakeTimer.resetTimeout()
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
         })
 
         addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
-            LOG.debug("Received RAT_VERIFIER OK")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received RAT_VERIFIER OK. Start RAT Timer")
+            }
             verifierHandshakeTimer.cancelTimeout()
-            LOG.debug("Start RAT Timer")
             ratTimer.resetTimeout()
             if (fsm.ackFlag) {
                 ackTimer.start()
@@ -105,8 +112,7 @@ class StateWaitForRatVerifier(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
-            LOG.error("RAT_VERIFIER failed")
-            LOG.debug("Send IDSC_CLOSE")
+            LOG.warn("RAT_VERIFIER failed. Send IDSCP_CLOSE")
             fsm.sendFromFSM(
                 Idscp2MessageHelper.createIdscpCloseMessage(
                     "RAT_VERIFIER failed",
@@ -117,38 +123,46 @@ class StateWaitForRatVerifier(fsm: FSM,
         })
 
         addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition { event: Event ->
-            LOG.debug("Send IDSCP_RAT_VERIFIER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Send IDSCP_RAT_VERIFIER")
+            }
             if (!fsm.sendFromFSM(event.idscpMessage)) {
-                LOG.error("Cannot send rat verifier message")
+                LOG.warn("Cannot send rat verifier message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, this)
         })
 
         addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_CLOSE")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_CLOSE")
+            }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
         })
 
         addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
+            }
             if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.error("Cannot send DAT message")
+                LOG.warn("Cannot send DAT message")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
         })
 
         addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
-            LOG.debug("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
+            }
 
             if (!event.idscpMessage.hasIdscpRatProver()) {
                 // this should never happen
-                LOG.error("IDSCP_RAT_PROVER Message not available")
+                LOG.warn("IDSCP_RAT_PROVER Message not available")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -158,7 +172,7 @@ class StateWaitForRatVerifier(fsm: FSM,
                     it.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
                 }
             } ?: run {
-                LOG.error("RatProverDriver not available")
+                LOG.warn("RatProverDriver not available")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
 
@@ -166,9 +180,11 @@ class StateWaitForRatVerifier(fsm: FSM,
         })
 
         addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            LOG.debug("Received IDSCP_RE_RAT. Start RAT_PROVER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("Received IDSCP_RE_RAT. Start RAT_PROVER")
+            }
             if (!fsm.restartRatProverDriver()) {
-                LOG.error("Cannot run Rat prover, close idscp connection")
+                LOG.warn("Cannot run Rat prover, close idscp connection")
                 return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
             }
             FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
@@ -180,8 +196,10 @@ class StateWaitForRatVerifier(fsm: FSM,
         })
 
         setNoTransitionHandler {
-            LOG.debug("No transition available for given event $it")
-            LOG.debug("Stay in state STATE_WAIT_FOR_RAT_VERIFIER")
+            if (LOG.isTraceEnabled) {
+                LOG.trace("No transition available for given event $it")
+                LOG.trace("Stay in state STATE_WAIT_FOR_RAT_VERIFIER")
+            }
             FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
         }
     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
index 2fec1d806..56956b1d0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
@@ -18,6 +18,9 @@ class SecureChannel(private val endpoint: SecureChannelEndpoint) : SecureChannel
      * close the secure channel forever
      */
     fun close() {
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Close secure channel")
+        }
         endpoint.close()
     }
 

From 40da05924eef79c2655e1fccf4ec673878497457 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Wed, 16 Dec 2020 11:40:52 +0100
Subject: [PATCH 221/237] Implement Rat mechanisms calculation. Move TLS secure
 channel into own package. Remove onMessage from endpoint interface

---
 .../idscp2/client/Idscp2ClientEndpoint.kt     |  4 +-
 .../camel/idscp2/server/CamelIdscp2Server.kt  |  4 +-
 .../idscp2/server/Idscp2ServerComponent.kt    |  2 +-
 .../idscp2/server/Idscp2ServerEndpoint.kt     |  2 +-
 .../idscp2/default_drivers/daps/NullDaps.kt   |  2 -
 .../keystores/PreConfiguration.kt             |  1 +
 .../default_drivers/secure_channel/README.md  |  1 +
 .../{ => tlsv1_3}/NativeTLSDriver.kt          |  6 +-
 .../{ => tlsv1_3}/NativeTlsConfiguration.kt   |  2 +-
 .../{ => tlsv1_3}/TLSConstants.kt             |  2 +-
 .../TLSSessionVerificationHelper.kt           |  2 +-
 .../client/DataAvailableListener.kt           |  2 +-
 .../client/InputListenerThread.kt             |  2 +-
 .../{ => tlsv1_3}/client/TLSClient.kt         |  8 +--
 .../{ => tlsv1_3}/server/TLSServer.kt         |  6 +-
 .../{ => tlsv1_3}/server/TLSServerThread.kt   |  6 +-
 .../idscp2/example/CommandlineTunnelClient.kt |  4 +-
 .../idscp2/example/CommandlineTunnelServer.kt |  7 +--
 .../idscp2/example/Idscp2ClientInitiator.kt   |  4 +-
 .../idscp2/example/Idscp2ServerInitiator.kt   |  4 +-
 .../aisec/ids/idscp2/example/RunTLSClient.kt  |  2 +-
 .../aisec/ids/idscp2/example/RunTLSServer.kt  |  2 +-
 .../ids/idscp2/example/RunTunnelClient.kt     |  2 +-
 .../ids/idscp2/example/RunTunnelServer.kt     |  2 +-
 .../drivers/SecureChannelEndpoint.kt          |  5 --
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 62 +++++++++++++++++--
 .../idscp_core/fsm/StateWaitForHello.kt       | 19 +++++-
 27 files changed, 111 insertions(+), 54 deletions(-)
 create mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/README.md
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/{ => tlsv1_3}/NativeTLSDriver.kt (90%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/{ => tlsv1_3}/NativeTlsConfiguration.kt (98%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/{ => tlsv1_3}/TLSConstants.kt (91%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/{ => tlsv1_3}/TLSSessionVerificationHelper.kt (99%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/{ => tlsv1_3}/client/DataAvailableListener.kt (86%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/{ => tlsv1_3}/client/InputListenerThread.kt (95%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/{ => tlsv1_3}/client/TLSClient.kt (96%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/{ => tlsv1_3}/server/TLSServer.kt (96%)
 rename idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/{ => tlsv1_3}/server/TLSServerThread.kt (96%)

diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
index df4b81ae3..743a513fd 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
@@ -26,8 +26,8 @@ import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
index 85c6d530b..6f2cae9c7 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
@@ -18,8 +18,8 @@ package de.fhg.aisec.ids.camel.idscp2.server
 
 import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
 import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2Server
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
index 96716e386..ee54cf8d9 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
@@ -23,7 +23,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifierConfig
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
index ca8889a1c..c364061fc 100644
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
@@ -26,7 +26,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionListener
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
index 272046bd6..7a3d0d05f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
@@ -13,6 +13,4 @@ class NullDaps : DapsDriver {
     override fun verifyToken(dat: ByteArray, securityRequirements: Any?): Long {
         return 100 // DA is always valid for 100 seconds
     }
-
-
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
index 8e192b3b9..64669030d 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
@@ -100,6 +100,7 @@ object PreConfiguration {
             keyManagerFactory.init(keystore, keyPassword)
             myKeyManager = keyManagerFactory.keyManagers
 
+
             /* set up keyManager config */
             //allow only X509 Authentication
             if (myKeyManager.size == 1 && myKeyManager[0] is X509ExtendedKeyManager) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/README.md b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/README.md
new file mode 100644
index 000000000..e9dd5a9be
--- /dev/null
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/README.md
@@ -0,0 +1 @@
+Default SecureChannel Driver Implementations for the IDSCPv2
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTLSDriver.kt
similarity index 90%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTLSDriver.kt
index 72617bcb4..ff0563de4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTLSDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTLSDriver.kt
@@ -1,11 +1,11 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3
 
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client.TLSClient
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server.TLSServer
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client.TLSClient
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.server.TLSServer
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
 import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTlsConfiguration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTlsConfiguration.kt
similarity index 98%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTlsConfiguration.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTlsConfiguration.kt
index bc56c3fc4..1330260a9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/NativeTlsConfiguration.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTlsConfiguration.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3
 
 import java.nio.file.Path
 import java.nio.file.Paths
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSConstants.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSConstants.kt
similarity index 91%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSConstants.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSConstants.kt
index 92835780b..3fa599e49 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSConstants.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSConstants.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3
 
 /**
  * TLS Constants
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSSessionVerificationHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSSessionVerificationHelper.kt
similarity index 99%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSSessionVerificationHelper.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSSessionVerificationHelper.kt
index f83860521..f744a1fd1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/TLSSessionVerificationHelper.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSSessionVerificationHelper.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3
 
 import org.slf4j.LoggerFactory
 import java.net.InetAddress
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/DataAvailableListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/DataAvailableListener.kt
similarity index 86%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/DataAvailableListener.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/DataAvailableListener.kt
index d5fad12b3..237f4b0cf 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/DataAvailableListener.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/DataAvailableListener.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client
 
 /**
  * An interface for DataAvailableListeners, that will be notified when new data has been received
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListenerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/InputListenerThread.kt
similarity index 95%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListenerThread.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/InputListenerThread.kt
index 3ed44620c..291c7e7d9 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/InputListenerThread.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/InputListenerThread.kt
@@ -1,4 +1,4 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client
 
 import java.io.DataInputStream
 import java.io.EOFException
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient.kt
similarity index 96%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient.kt
index 1df8f1655..a33372f21 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/client/TLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient.kt
@@ -1,9 +1,9 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.client
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client
 
 import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSConstants
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSSessionVerificationHelper
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.TLSConstants
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.TLSSessionVerificationHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServer.kt
similarity index 96%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServer.kt
index 47f7d7fcf..d9a85f0ac 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServer.kt
@@ -1,8 +1,8 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.server
 
 import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSConstants
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.TLSConstants
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServerThread.kt
similarity index 96%
rename from idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
rename to idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServerThread.kt
index a0b647ed9..7c7a8d99b 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/server/TLSServerThread.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServerThread.kt
@@ -1,6 +1,6 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.server
+package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.server
 
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.TLSSessionVerificationHelper
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.TLSSessionVerificationHelper
 import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
@@ -113,7 +113,7 @@ class TLSServerThread<CC : Idscp2Connection> internal constructor(
         safeStop()
     }
 
-    override fun onMessage(bytes: ByteArray) {
+    fun onMessage(bytes: ByteArray) {
         channelListenerPromise.thenAccept { listener: SecureChannelListener -> listener.onMessage(bytes) }
     }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
index 5957414ce..b64eb9dbc 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
@@ -2,8 +2,8 @@ package de.fhg.aisec.ids.idscp2.example
 
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
index 6318e68f7..7c3a4fbe1 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
@@ -1,12 +1,10 @@
 package de.fhg.aisec.ids.idscp2.example
 
 import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
@@ -16,7 +14,6 @@ import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
 import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
 import org.slf4j.LoggerFactory
 import java.nio.charset.StandardCharsets
-import java.util.concurrent.CompletableFuture
 
 class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
     fun init(configuration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) {
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
index f7b69b899..19c509dbb 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
@@ -2,8 +2,8 @@ package de.fhg.aisec.ids.idscp2.example
 
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
index 55643fa4c..dc5110ac6 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
@@ -3,8 +3,8 @@ package de.fhg.aisec.ids.idscp2.example
 import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
 import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
index 10652f6d6..ae712e03e 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
@@ -4,7 +4,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import java.nio.file.Paths
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
index a5b9306f5..be5ef1d95 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
@@ -4,7 +4,7 @@ import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
index f355ca3ce..6fc5d0ccf 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
@@ -3,7 +3,7 @@ package de.fhg.aisec.ids.idscp2.example
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import java.nio.file.Paths
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
index a831efa3f..0b6c5eef4 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
@@ -3,7 +3,7 @@ package de.fhg.aisec.ids.idscp2.example
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
 import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.NativeTlsConfiguration
+import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
 import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
 import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
index 6233e0371..35509957f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
@@ -13,11 +13,6 @@ interface SecureChannelEndpoint {
      */
     fun close()
 
-    /**
-     * API to delegate messages from an input listener to the secure channel endpoint
-     */
-    fun onMessage(bytes: ByteArray)
-
     /**
      * Send data from the secure channel endpoint to the peer connector
      *
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
index 5121e65a1..49e1dcdd5 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
@@ -23,6 +23,7 @@ import java.nio.charset.StandardCharsets
 import java.util.*
 import java.util.concurrent.locks.ReentrantLock
 import kotlin.NoSuchElementException
+import kotlin.collections.ArrayList
 
 /**
  * The finite state machine FSM of the IDSCP2 protocol
@@ -486,21 +487,70 @@ class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
     /**
      * Calculate the RatProver mechanism
      *
+     * The remote peer decides about its verifier mechanism, so we have to prefer remoteExpected list
+     *
      * @return The String of the cipher or null if no match was found
      */
-    fun getRatProverMechanism(localSupportedProver: Array<String>, remoteExpectedVerifier: Array<String>): String {
-        //toDo implement logic
-        return localSupportedProver[0]
+    fun getRatProverMechanism(localSupportedProver: Array<String>, remoteExpectedVerifier: Array<String>): String? {
+        if (localSupportedProver.isEmpty()) {
+            LOG.warn("Got empty RAT localSupportedProver suite")
+            return null
+        }
+
+        if (remoteExpectedVerifier.isEmpty()) {
+            LOG.warn("Got empty RAT remoteExpectedVerifier suite")
+            return null
+        }
+
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Calculate RAT prover mechanism for given local provers: {} " +
+                    "and remote verifiers: {}", localSupportedProver.contentToString(),
+                    remoteExpectedVerifier.contentToString())
+        }
+
+        return matchRatMechanisms(remoteExpectedVerifier, localSupportedProver)
     }
 
     /**
      * Calculate the RatVerifier mechanism
      *
+     * We have to decide our verifier mechanism, so we have to prefer localExpected list
+     *
      * @return The String of the cipher or null if no match was found
      */
-    fun getRatVerifierMechanism(localExpectedVerifier: Array<String>, remoteSupportedProver: Array<String>): String {
-        //toDo implement logic
-        return localExpectedVerifier[0]
+    fun getRatVerifierMechanism(localExpectedVerifier: Array<String>, remoteSupportedProver: Array<String>): String? {
+        if (localExpectedVerifier.isEmpty()) {
+            LOG.warn("Got empty RAT localExpectedVerifier suite")
+            return null
+        }
+
+        if (remoteSupportedProver.isEmpty()) {
+            LOG.warn("Got empty RAT remoteSupportedProver suite")
+            return null
+        }
+
+        if (LOG.isTraceEnabled) {
+            LOG.trace("Calculate RAT verifier mechanism for given local verifiers: {} " +
+                    "and remote provers: {}", localExpectedVerifier.contentToString(),
+                    remoteSupportedProver.contentToString())
+        }
+
+        return matchRatMechanisms(localExpectedVerifier, remoteSupportedProver)
+    }
+
+    fun matchRatMechanisms(primary: Array<String>, secondary: Array<String>): String? {
+        for (p in primary) {
+            for (s in secondary) {
+                if (p == s) {
+                    if (LOG.isDebugEnabled) {
+                        LOG.debug("RAT mechanism is {}", p)
+                    }
+                    return p
+                }
+            }
+        }
+        // no match
+        return null
     }
 
     /**
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index 2e0d54d39..b605d4143 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -110,8 +110,6 @@ class StateWaitForHello(fsm: FSM,
                 LOG.trace("Received IDSCP_HELLO")
             }
 
-            // toDo compare certificate fingerprints
-            // toDo check for valid calculation of rat mechanisms, return NegotiationError
             if (LOG.isTraceEnabled) {
                 LOG.trace("Calculate Rat mechanisms")
             }
@@ -119,11 +117,28 @@ class StateWaitForHello(fsm: FSM,
                 attestationConfig.supportedAttestationSuite,
                 idscpHello.expectedRatSuiteList.toTypedArray()
             )
+
+            if (proverMechanism == null) {
+                LOG.warn("No match for RAT prover mechanism")
+                return@Transition FSM.FsmResult(
+                        FSM.FsmResultCode.RAT_NEGOTIATION_ERROR,
+                        fsm.getState(FsmState.STATE_CLOSED)
+                )
+            }
+
             val verifierMechanism = fsm.getRatVerifierMechanism(
                 attestationConfig.expectedAttestationSuite,
                 idscpHello.supportedRatSuiteList.toTypedArray()
             )
 
+            if (verifierMechanism == null) {
+                LOG.warn("No match for RAT verifier mechanism")
+                return@Transition FSM.FsmResult(
+                        FSM.FsmResultCode.RAT_NEGOTIATION_ERROR,
+                        fsm.getState(FsmState.STATE_CLOSED)
+                )
+            }
+
             // toDo securityRequirements
             if (LOG.isTraceEnabled) {
                 LOG.trace("Verify received DAT")

From 0634da99095b49980ec10bc2a0aa8e03641f855e Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Tue, 2 Mar 2021 12:52:53 +0100
Subject: [PATCH 222/237] Change idscpv2 example keystores

---
 .../fhg/aisec/ids/idscp2/example/RunTLSClient.kt |   5 +++--
 .../fhg/aisec/ids/idscp2/example/RunTLSServer.kt |   5 +++--
 .../aisec/ids/idscp2/example/RunTunnelClient.kt  |   5 +++--
 .../aisec/ids/idscp2/example/RunTunnelServer.kt  |   5 +++--
 .../src/main/resources/ssl/consumer-keystore.p12 | Bin 0 -> 2693 bytes
 .../src/main/resources/ssl/provider-keystore.p12 | Bin 0 -> 2693 bytes
 idscp2/src/main/resources/ssl/truststore.p12     | Bin 0 -> 2266 bytes
 7 files changed, 12 insertions(+), 8 deletions(-)
 create mode 100644 idscp2/src/main/resources/ssl/consumer-keystore.p12
 create mode 100644 idscp2/src/main/resources/ssl/provider-keystore.p12
 create mode 100644 idscp2/src/main/resources/ssl/truststore.p12

diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
index ae712e03e..0417deed3 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
@@ -15,10 +15,10 @@ object RunTLSClient {
     fun main(args: Array<String>) {
 
         val keyStorePath = Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader
-                .getResource("ssl/aisecconnector1-keystore.p12")).path)
+                .getResource("ssl/consumer-keystore.p12")).path)
 
         val trustStorePath = Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader
-                .getResource("ssl/client-truststore_new.p12")).path)
+                .getResource("ssl/truststore.p12")).path)
 
         val localAttestationConfig = AttestationConfig.Builder()
                 .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
@@ -46,6 +46,7 @@ object RunTLSClient {
                 .setKeyStorePath(keyStorePath)
                 .setTrustStorePath(trustStorePath)
                 .setCertificateAlias("1.0.1")
+                .setHost("provider-core")
                 .build()
 
         val initiator = Idscp2ClientInitiator()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
index be5ef1d95..100436351 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
@@ -16,10 +16,10 @@ object RunTLSServer {
     fun main(argv: Array<String>) {
 
         val keyStorePath = Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader
-                .getResource("ssl/aisecconnector1-keystore.p12")).path)
+                .getResource("ssl/provider-keystore.p12")).path)
 
         val trustStorePath = Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader
-                .getResource("ssl/client-truststore_new.p12")).path)
+                .getResource("ssl/truststore.p12")).path)
 
         val localAttestationConfig = AttestationConfig.Builder()
                 .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
@@ -43,6 +43,7 @@ object RunTLSServer {
                 .setKeyStorePath(keyStorePath)
                 .setTrustStorePath(trustStorePath)
                 .setCertificateAlias("1.0.1")
+                .setHost("consumer-core")
                 .build()
 
         val initiator = Idscp2ServerInitiator()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
index 6fc5d0ccf..e13cc6af6 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
@@ -30,10 +30,11 @@ object RunTunnelClient {
                 .build()
 
         val nativeTlsConfiguration = NativeTlsConfiguration.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/aisecconnector2-keystore.p12")).path))
-                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/consumer-keystore.p12")).path))
+                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/truststore.p12")).path))
                 .setCertificateAlias("1.0.1")
                 .setServerPort(12345)
+                .setHost("provider-core")
                 .build()
 
         val initiator = CommandlineTunnelClient()
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
index 0b6c5eef4..9abf06380 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
@@ -28,10 +28,11 @@ object RunTunnelServer {
                 .build()
 
         val nativeTlsConfiguration = NativeTlsConfiguration.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/aisecconnector1-keystore.p12")).path))
-                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/client-truststore_new.p12")).path))
+                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/provider-keystore.p12")).path))
+                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/truststore.p12")).path))
                 .setCertificateAlias("1.0.1")
                 .setServerPort(12345)
+                .setHost("consumer-core")
                 .build()
 
         val initiator = CommandlineTunnelServer()
diff --git a/idscp2/src/main/resources/ssl/consumer-keystore.p12 b/idscp2/src/main/resources/ssl/consumer-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..6607767d644aea4ea7a11e98ac540c623b80283e
GIT binary patch
literal 2693
zcmY+^c{me}9|v%oZEjNTkejgC%rV#ZtNNm(CKKhpG734SAy+F$TXQXP--^vdu`x%k
zkXx=UBv;PlOvtbA^Zb6l@9+1==lML(`~5ucKVNVH_dOth9ZujjgK(+Fo{!z-18@NH
z3EU_Ufm`c$42Kgy3;$G*d;;j*?`Q-FVEg_0{%HVkNeK797kB{>I6sK9JVi88`A7=|
z1ah)P6F~VZywpW&3z4n6S^2p{Kk$V%E=f<@tZGQd-P=J8Hk|AIlG1>yU0>xCvxy@*
z72iX0<MIOefUNp&&$JM;961h+{cg|@_u!jcYnmQriu!MBv7?C;peo0T2%TybEVl_d
zEJ=tNTPbGq=}&eh?I591@6lwCN|7l-RHEglMCu{Dw4|yoVe6osk#U1_NT5wVlp_%<
zbLUafGQ)k@tA6F|uR#xIE`b(okJy1PxZ=sU7Hxd=G|UA*!IE_wIc@PeJ%7gg0O5I`
zo)v0;OZkM1Q4-jo%*85{*-+nSn6~+T`-8H(cf;k#?*2{oeW}g~Bj=_^D?bnM%as>B
z^iNOOYZnWAA17!za&dVjSl|0p{BTpRI7}087_@ATLFmf_szlX=%EBu2{)pmvw&aJx
zG6#b{-am5m!=QAl{S4&x>Mb)z5*-oub}-w+acmngdOgJ$qpu{_qK;afIiH=4fT0dv
zNAG?Q*OEFm!#bpEeQa>jv&y9hxDw;TSjy=FZ{}(a5pzSxiIT=yj%fvu#`m%BZ09m_
zABR8-G<rK_W(&wIPgdJ&N}a}|-3x=#b7>2y_w6^$79uhophGzE4&(>1$(|D;UF)i$
z{*NqRf9&PtUYvuAHQHGCyKM@yxV~SE){sbW40>n@)%*)61=3!ny(OLjxUa>2!IoK0
znXUnu=C1Qy;hskX3utTp)SU~Hrj+#54C_ddr(fD0x3AlknVEjGmqTmVekc@oLI`68
zK1+t0bc<oZirFdCVKOe%O5a=T;g1%tC?o&O$pq9opS62x=3q?fqt!7oFP^Okrvpb6
z&|cdiDn-q|4EXAr?~cb#Cj8>N@aEZyisINyA$LE`vT(z>Z0fq3?+E`@;tcaa@5Rr3
zDaeeIVB_@uC`Nkfa0*$0Zj<D|Vl-YGlK<;7N&#m?kIU6MCsczoIC^SQM--f&blng3
zj!$beE#qIW<yewVJSL_$O8J;9HPC;+nTu0<-ahZW*On)2qM+pHLl0m(N{Si4ZG0t%
z#x9D7eF_7+$tqHlkw`)9=QsTgCC~=OOd|`Id1sw;^sT^s*Td(Uqi2q^B=1$(T&l~e
zR3J%~zIc>5upWWjWzgmqC8h@gfy&tULFrOE9jMxCrxyD07OQ(2>W^QkYMmZrbM((0
zctCIT{255Lfk%t;1j+&v>#Kt{&uPcSpZCIJIVUufon9=&wyH~_R9W&N$kGg+z@{PL
zY(*<if?&i|T$kl|<V$}3-J_PYliF&HTTm-=yvYF`pfajpa)MX%Ozm<<a1)1aqTBs}
zdc-L^|2E#8Dq8PyfY{Hewvn&&^ky2JWl|-7V#3^gF4q0bYmbMteLk0rHm5&YhrRN0
zcUdrziI;5k`^h@R(I;6&MoI<LEv!!xqM|3AZ!a0C{L^Z_olk8@#O%6tYO%kYVOhf6
zJuFq0)`K@BUmgV*L7+oon4pX)d`}1Q+{?aryRHI3-N72&u*nK3Uys8ogvu}7V=mO<
z<ynS`?P06D&||)Q{XS8P72Yf60Z$5Dau8+GdafKNHfIW({g_+6s1b=UI01a-e?ZG8
zfHgq`Fzk1%`umh1JpbX18vy+6;M#8hm;O&Z_P^CD&4=j4Jk31yw|XD~s7p^Uqvrf)
z;_>5K;}aUBm)tJPzh0H|s}Dy~vKQ_UI>E+cr0q;n63IIU+Yk#YA`&h8BlimIKJQO*
z!>${8(V*eS_X{sYHoMBdpCcd3E=#aCNmC*5fQBOZ%(*3Xfll1AzPb<Z;{bhVOb52Q
zg?IeJ!A#y33tg5|zP2dE@^N<KU6xZ@uM&raJk=&H(}HK(-Z^ofiXk=1G4V`k)b#%M
ziS=`@k2AxG8lOxUm^WrOa6hdl0Z(-Dhd5;PHGX|jx8BE92*}IW!<bJgYDMlYf*2&G
zjJ#`L8)*G$T84dQR+Q-*TDJ1cH;}hHNXr;BFFW^QX(Q`8gmL(4mKdipM+-xpv@D2w
zuG`PE!Atpq(~t3OnKrd5RiB#wG`M$4il9SjaJl`qW+@F+F1FUpMLXk>R~TGUrc)nT
zGo*-VxZR358&I5M)MfLluG;rccK;s@j#tzcy*M-`Sa%a5lIh!Fs9wlw)bo<ZqBj}o
z__1|D3OOq-e$fH;08g$?+iLzW-z1Kmfhisj{?2imWs0I!tTC1XUs1KEic{>p)-<Ec
zuM6ySLuvTFn-vcrYE50o-UQy%KIa>bx++A>y3?OEjjAaxCa)^L!NG(rEE1#5k&`I5
z6jxwSFKq4RaIU#3b1T1)r~KLj=Wg7+<(_fk?xjKb9y*tnDN$rT0-YT{d+*5Pby|}J
zrD^GNQ<VU4lmWcenN!$&YSrx8i*eenJsLgCbO^|F?<Gg#<o3XmdWLFLz3@ewUEbxn
z!bTa(m4$}*nFSf%=3waJU)K^Q(5XS&nfMZ9ElTA&gle*E&N>bwHq_T$;Beg66qdG8
zO;2vL4nn~8uo;P`G2h1$nbFagdwVHS@XIKp8kbHi?kGryS*cQ0Ng6Y>;Lri{{K%n6
z!2k3N3*RC44)xH9!K&C-ZLMJM>Arm@q*@f9*Dt7R$B1gavI(*799D7w9`PA@B8)Q?
zWfkS~_9YLpKjw{9e`Rimmr#@zNP_Y!!}`4kvuGV+-lc$c^-qN4{i)d>Fg}m+LD<97
zg$ELBiTJa(Vp*$6OEGE)e69OoBHnUlbIgoYX)7dTv-Y-h?qule3m<bEnv(70HtU`_
z$w~?89YTAGWm~?vn~0~Ibk->J(NX}H>gXT?0gKHAc5m4GP9-ld#v3ha=8)GL&M@z(
ztjZ7TM${6Iw0NtV0S=eDj|RGCg`L>dgF~<4NvDjjK}SQv$kJ2h3Dyz*i9T!<E9I-z
zPuP(M3C&52vuC&blH0+@!d3<CC^ZOCkm^J>{lb-R!&|MzClh?;^W+@-tW{05F?w<5
z(z}Ip4kPmN2kYC|Z^v}BRDL0=UhcO^dNFA^chxakzg}Gh@wjfTfWL5H_6)4MskT6|
zLM`|XL*e`eByU^Vuv%KU{vz7{J;8S<ujOZMjf>p76@$k;+mo}~m6Um+61^<X7b?`N
zC9o0jjWtlJQ{<U_Wg{?tVT4Z65a<TFrQWI-#{NhT^6?dYsZ~XXkBX->@$*YdK72rK
z<3^vjq&E$`h^9B*&bu#RLLd2}EC>g~>`X%F+s?MRGpX;DG~T^dInUj$FsV07dbPG=
zCVK7(#`e^P#jKik9~GUCP=w3>S4S>kga}CJeMEJi#7poF&yM-m$u)bS(k-btI07yU
x=YoLM_}PIHU^bADxShH5uH&M#q<dn(n2|6+$>zmn5a<0*Q!>&8%Qya3@?X+^2G#%o

literal 0
HcmV?d00001

diff --git a/idscp2/src/main/resources/ssl/provider-keystore.p12 b/idscp2/src/main/resources/ssl/provider-keystore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..830797f6993b334c9886c6aae7031b06a96bcb4d
GIT binary patch
literal 2693
zcmV;03VQW0f(n5G0Ru3C3P%PBDuzgg_YDCD0ic2kI0S+UG%$h+Fff7y=LQKXhDe6@
z4FLxRpn?S0FoFcs0s#Opf&|S52`Yw2hW8Bt2LUh~1_~;MNQU<f0So~KFb)I=Vvy#5
zT{2-d0s;sCfPw^|?tC<TC?UZ;9eDHOfZFxQ3Y%}jQ2TqNDPQHSB!;RPNAlP`<aX~1
zJcw@u5zD^m_8gqGq@OI@p>C=P4`0diku|3S-viqdC5RvVs(UOdNUl56m%D<=xme)b
z(Lj`prw;QCn^QG)H!EQa>LfG5&oVGnDs>tfBcWZd-R(=P+%N^V#o#daU^6#NN1ZHO
zd6fw@D&3T~1o5)A!QA0DcoJ^mPa>I11jI9?7#8xD0u?uotnIAw0y4xS?ZQdfu0+>&
z;V5@m@Rgv4GCaPVqDD)Uz;|k@{HEdy7b-Ij6IS#c5+#+3gxAB*#T7GE87ioc>Lqt)
zJoG-$y!;$|KQ)BNKz&XsI>$0XVMe0A26znjv@ym(9nbKeTnUS=283=deM)@-h`TO>
zsc(s?w8aXfjRaoOo{aY*Q&S+ZhK_QE)I&c@uHLTwiHmB=3So(?W|8)A#`l77{~Qjg
z`_Ta_lpnr}#0)dDN%Tr*WDb@c4#w!=12LJ906C|_nFyU|C1cDscx7ZI*uy)~qTtAF
zSGSN=Jlzv~qBQd|8qJPr+V17BLKCB7-<Ly10Ov1byDB}6GL2hKOsZ^iCW0AWp~`Nr
z6~ciL!K%aZcKsIH7D33E0dB(Mv?TH-p|eHZW>)HQJpN_NOQgAz*m;d(2fs_#rOaia
zS=GZKXH$Fs5YUi1tjIhJsv((G@qQRSNImd$K%&}BbiA3mY};mB?nJL8J`N5iq%1N9
zv)QPr8@UWg?^2#DE0^lB7te=4t%`s}a}z<59{um^f$gabq&O@GC1U03qP!Q;bh|$D
zydu^7oo>sL25~rGnWl=$)L(K2o>3B$)&}Mm%0@9$YIn7iZt_?MN2IFAB<T2^Ppi^Q
z?_#ZT`DKn6{`IOD9~yk)(tIRPCh`-x9@}|Uk=F=<2m?qifHKEo2ouKtA~L;%mMkY^
z6>&66jyZna_N`}IO0|j8=uIaGn)<Ouas{2#+JwC<2z@hsR^fDHUXF+ml$)rj8UC@6
zS<dFih=&aQjgOP(Esa&+!h{*YQ2x3a;1$pP$trc_$!GRRvQDll$o<|?+rYh^iFyNN
zuQhT#V>_Cr@UTJ5Tvs|X4NfH2=B+gxn^lavqNCSqvnynm4MoJS45G&@y!~wosRZ(L
z(-okxDS-KLrMabk)klbB98!w1Hwcj+YAhOOIWd{9F3UrD7=vR))WS@Q{gNin9<6E~
zY2uq(GWfY0_Zq<RyCVq=UTGsgx>y*{2c5L8*bGfk9S?+G76kK8LXoWC_O`d|fhmm9
z-i0MoDOJShVV(KE4Mf}cPFF9f4B;PCkLOPY6CsW&LrYYU#RUMZImHx}>&N+M;#}<%
zh#=Z3AA)4xP{hcoBk3M9aDF#`Iwt#rie-1JlCB|%$f5V-lNsw%+_pZ)Rz3e5X6uR3
zYR8YJs40ylQ<$28U3TJ3_e)bvXvF}urqm-!^@L1-uO|k)7LcmyDvdq(i6OkE?(e5G
z{A+njhF>&SMnJRC01AFo29F3z^lR0`cLgtZ0#X`C-E6JP?5sRF5RkG;%4Dyy?@pQf
zFoFd^1_>&LNQU<f0S5t~f(0@Jf(0%xf(0rtf(0f93o3?4hW8Bt3<?1Ppn?SMFoFc?
zFdPO7Duzgg_YDCI0Ru1&1PDnN3itLn_?Q9$2ml0v1jualuo5@V015%iOrUAAp9#S&
zT@GJOm771f%+z#i#->p$?v0_$$Vh(@(gh%^<r1^jHP3LJ!0jo{4gYpEW=z($c4Un$
znXs&lKLCMUM8ErrT;WzPn@mpMzJ@5re4VJm5`m^hq2!(=zyhuWEYbHDCF0iRMkVZs
zBrJZSNa@~sfFeO+piruaoDH(<!O^}8JBaR*q1f<S6X2}kA)qVkip$<OuOG52qa9Mk
zAjf88pEy7YYQuO`-O2m=NNG-Bc+5w~M#x1($4|1QKLYjB7$kaoN_A;oV7T_6z}+EC
zF7-P3D?WmZfc=f`TA{I%sNNr}KijoX<da-toW(r$n0<;ia=%d>dOXv5Exv4LOzZEQ
z$6nkDS$@L&5#ga-1@-n!IEgNgXi$MCq*T1FIR>+4UrE_iQ+vBTa|i`dh*UGUf}~b)
z+S$2a%k)07^pPXPghmATr+0d=4wFZU(@NfpL(tj53Ry7*^0xk2_bMyo^TuetHP)Li
z%o$a1ch@Rsv1|@de>@ZEyH*l-CBN)|n9OUFk*<Hs^^c1k1}IKeEI_O}l!6%-#$orP
zEJ&!l#uW)m+%O|dqPk3;QzAa~0%sAckHy@(Gpq-S_M`Vm{I>Qd%MLGQh3untshR5-
zG~Hfmr5t_L_?$_M^x`H$noAaze^A-Ivmz@%(X98RR50mbYrIW_rRA)J1Ad8F?g9=v
zsf)k3#@<zecpUZGmP3k~3}W@gL4ykFO<Qm>bytCBrDkI~pd&j|X*)yrXqeQ=`Aym1
z;)=pCX2b<Rxey1D<_JL??cSUGZL5Nv<A&mMz&{#o2J}K^(@4Yjf#2YvEx&z&>+?-@
ztZy|hKFyb1vrv$%FjPNAR$>It#DUEbQz0p!v<p0))Dpz#(%;-wV(nUG-ecX}hP`xf
zVXuC!gGqXsMPrU@_z;`acf&kya+mXz0^nU}>UB`=nh1p#oJ(O6+~Dy_UDL({job8=
zYbUQS$|ZU5kpU}NoBsd9q6ajj+>(Ib<&E-Xjc+xl=7ng@x?PPJY<^|<GwH>6V_%J?
zhJoyaO9FsPkzPK^KjJ`vGg=gs1w_N%qt^si`-pX5XtyvJWsanz%TfHOH)$nW(2{4h
zj{sJOISE!j8QiDembWVq4Y{<%g+(!e!DrCIE+AdU(H2uwTgv*zQ~aP2H_;}>h&d}_
ztRYHVLo?=g(Uxh46%4h%g0Tbs#Ac`vo*5VY$B;bMXYuS&9$boLcn+EUt#Xb&K*!ur
zRs&HrtJ20j5mXCv!eD(nIyLENrD1@|XF6jV9l&eCJV-j<z0vB{dBxx0GqAxbB8=30
zk;d1C<s{RijnsSYCxrmn6FF@2zX?pU@0N@b!BDQFKR&-BXarmyX&wReL5jK6=QRtG
zz4N`=xn)B5w;H%edj){p>VJkeKD-5)V{F{D@r=T!eZ*5`;G6J19mmKanB^r;Y=cVR
zFLH3isFZcvw3VhE(y?CE9-znszOAs5iq>U&VtA#XQD!rT01QUYfySIA?jmRM=_Bv`
z3O?zFPy#mXoJ?bXeCW%!1CW)Ip9o7(u;tvB7X_W%Ct-xR7m%d0x}BT<TvIXAG{2#H
zaOYyc!6yNDOvN!JFe3&DDuzgg_YDCF6)_eB6vbXL?22j=Lp9k6J?iOsIzzkldN46C
zAutIB1uG5%0vZJX1QbU}8;WOzT&}LIy(BW#<3QlwJ;($I-FzHzECO!O0s;sCi+B4r

literal 0
HcmV?d00001

diff --git a/idscp2/src/main/resources/ssl/truststore.p12 b/idscp2/src/main/resources/ssl/truststore.p12
new file mode 100644
index 0000000000000000000000000000000000000000..aa430cd6cea20b45cab4ee93b93ddb5bfa565792
GIT binary patch
literal 2266
zcmV<02qpJ0f(X_E0Ru3C2#*E{Duzgg_YDCD0ic2ifCPdFd@zCtcrbzpbOs43hDe6@
z4FLxRpn?cxFoFnS0s#Opf(Tj$2`Yw2hW8Bt2LUiC1_~;MNQU<f0So~KFdGCE_36Ya
zczgI;K&GhWQwt~?3?38Z0s{cUP=JC6Ah4OOG_z4f+DDNe9|M><HIXW^6acL}6(g0U
zPL!ra3<ycM3+|1I6+_y4yL+w>6_}Q(yvfcC^&_cW>yQk#7^I_Wt0KctQ=k1`yr(d#
zb;{`+63xwPvoOWD9ETRg$o}Djc(-5VqqNAi(~e`$Jssy-<S9k!hg{F-Mcdp*eupZ!
zg;!FoF{B>(RDqQX(jg7`kr&|?5$;7qey&L;K<Tglw64WfU4F?OaPI#$>;G+Ywjj}N
zyBSX-knuHx5!^vju>gYVJS$SiB<3PylUj5JN$Oge=LS6)uZ^fpdXX|LY=6Rt9DQ04
zV`FUftPZ7LtfP>ly7142kK=tPtclXZt`W9mw?tUxQ~&@{9*sm@c~RQ-EPtNxmc@6n
zNYN4id|h3hz66q~-rawCg6x+>bZV;ocRNT`p7V7!Qou70Y=6L0PphATL1)#C=iQz6
zOD3evIJ2?$EccK66fL11J|BHT$PEtY+(3L{RcW||w@38yKMMk}<Y1h|`!I$zjdeHG
zu+G*}M^b^c0c>O(b^P0iic6jq>M>3mG6<yPA1(_$TiDeXZCQZ}zGo)xk-WuDJF|x!
zFiRkH<le=5PfLa+?b49Eb*chVuwvKIBAed?13tjfGiZo<f(DNn)~<X!=f@V@l2cPE
zqC`Yie_M-A%<i{Io7XXSMnpB_PvOyl=x*}%CaNbC=kgiTZmylR-LVRDAujh8lktWo
zb?L;+QiMv$QP1-vg+@kNAg*4Efmn5md_KMA<@KRioQ(Wc=kfq4J&W4F6oZNc)k=<K
zWj`~_(f<5(Cu?klyEvKsrS&BJsX01EVhUpu+|`7&vV*_L&hTJhWBBU7<6h3-jYyZG
zOMg>ysV;)*j6`OQ0GsWw>aN^MJ2x=0Ki2mw5yw-34ZHFA2V8}mPov2wN;{VLJuK&;
zP1?@ngT_;Ep1~sA+dFa9u4axP`JwJV3PmfBYlvtO=}Gi%eHY#d7{d`l`=6dMcM@7v
zWu&2v*Gt+agxuPlQ9F;83GAOfPB2K_i9)v%b6Xh|oeZ|sM;Sht&S{v0L_)%A@_VmM
z-$B<S_T!r)C$x%hCMAdKVpK|K)D_;0F~maS5BqE-CRmvxZh({pf^n!F8t_bPw_kJB
z$U|BuB#B2*6U<VFkV0kCAXNzo@tUHM2=jH}5R%dZbg2bRw3J^*?_Z9e+SwWz9QB5x
zSL_;u=gB(V&R^tf*$4Lzb->-p4lb?sOC3vPa+XpxB3^8#)HMa*ay(fD2%|IiNz!<6
zmk>&2z<ZX;#q1?0G^oMjR{5>Ry9ujZK5|V-VlNy!Cn|pK$UIA1NbF1Se;XjBz=s(z
zV^V@==Qqs7q<|>BDUF1}teO2ER#Om~g;RBr;tx!6wS)G(ZZg4P#45d;`SLSaDev7c
zA;y^Yx(dfE0+>3&jJ@D|*m#+fFIQG<!!{6d)ubtFbj%4Nq)VSHa{g!oV6!lDZg(fH
zL2}Ow$Qb0zJ1rBzJJe8Y2$8`w0`m}9VbxQtG=d7G-`LQ#7@ghTIM$?hn~g*2WNes|
zyqCTQEk?2G>HmFs@B)oU9iCc>Ny3w$oKRSM`D@s#F3d?fmA*Gi6kO=F0`!4y1O<fq
zlrS^2n_v9DIm({G-!z@*T8EXn(^VO5dwU}YT=ypCzSJ0?c$*&j+rQaV04V^Je*4}V
zCgPXf28A!Kp*8Pso=49g#~QQEDXQ`!p03E;!*gPZPf^u97a!U$5jLT%;5)vxk$tG)
zffaqF_ZI#P&CCgapV~#fVJA<sQrQ1}*@<@j%1F0v{-&Z;g-hTI*Or>KyUr|(u2g+l
z771#owy3aSd-kkXZ=&`kr$gB*P@Pml5JwK$C8ghMXT+?zfjtR&dW3`?#n86oI`~#)
z*<w$g(7su80a1-8a4QF;_85vM?%4NhA|&@SdhXNu!-`1luNfW?mc1p08Q@mO5H^}(
z5vEG`ps(5@3p-yI@ulUE)ivYr^M+sKY>7!By8c#@`#xb#77z0BEbZON;L*1f)Z$VF
z|6;XpQE3sou*&^%u#v@oBtU)SASL-^RB<jukXCqR)C-$2#uKlM&5%3xJ9$0?s15pR
zeuXHSuJSvexm99m#<HC`)f7~&v}@baCne$<+c?q{GBl|2^@;eVuC_U-)k>+rd^yTi
z@q{o;j4Ka_+`if-%mT{3vy>OaSJmx?i(1=>p6qr?8xWhl=7xD7?KX6aYADM6K8_0B
zr+6l(!2Q^^5_nl!Efb`tbMl1<1z1x;-xb2ensA-Fk{P!8Ca*I8BWfkTK~bkue#Wb&
zdd38WlkgkZ!WU}-d{9c+E>}MY&ISqAY{ph!foUms&aOjgYR4%#Dh21F0c(H<)OkVI
z8?3lc+Ha#&8&2bqKo~3GH;N8ej3HD%8;!k+ZNMl1>7#^3lb!VoL?#o0VrZuT9Zdzf
zK4;)R7!CsL6bcrh^tel4il$0nPl5U1209G^rJ~sqx~kcod%Bvw17L3X@Wd^X&<i8g
zSMk{ir5EC7Iegz%(IA#fkhJ_SmX58(aa~Y_FYnEa1Do5NZ@$j0-q?})%BgG{xk5`A
zYHML!{NLY6M<opaNnhqr6WJ7<Vc5#)jQaKpi^)QHbRY+>J-F}B;tFlBx)wXUx6r`4
z)nc_2q~%*k1a4t56^Ldi01ZJ;v&NO)8(T5(2WJFuF8(18!kk)al}*tB_KY{^-qBte
z%wvOgf>hFgG4w>LJbeEp=LET#9k%K)EHFMWAutIB1uG5%0vZJX1QaB+4I|w6w3iur
oMHiK}SS7VKy59s8_s+sV^Tu!qIt)hP^g8I#Y)O}U0s{etp!Rk@DF6Tf

literal 0
HcmV?d00001


From 8342d2118f39f745d019fa69e92d62a24092c5c5 Mon Sep 17 00:00:00 2001
From: Leon Beckmann <leon.beckmann@aisec.fraunhofer.de>
Date: Tue, 2 Mar 2021 13:52:59 +0100
Subject: [PATCH 223/237] Move security requirements into the default DAPS only

---
 .../ids/tokenmanager/TokenManagerService.java |  5 +-
 .../default_drivers/daps/DefaultDapsDriver.kt | 28 +++++++++--
 .../daps/DefaultDapsDriverConfig.kt           |  6 +++
 .../idscp2/default_drivers/daps/NullDaps.kt   |  2 +-
 .../idscp2/idscp_core/drivers/DapsDriver.kt   |  4 +-
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   |  3 +-
 .../fsm/StateWaitForDatAndRatVerifier.kt      |  3 +-
 .../idscp_core/fsm/StateWaitForHello.kt       |  3 +-
 idscp2/src/test/java/DapsDriverTest.java      | 46 +++++++++++--------
 9 files changed, 66 insertions(+), 34 deletions(-)

diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index 451ba0e16..eb09d2003 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -22,6 +22,7 @@
 import de.fhg.aisec.ids.api.settings.ConnectionSettings;
 import de.fhg.aisec.ids.api.settings.ConnectorConfig;
 import de.fhg.aisec.ids.api.settings.Settings;
+import de.fhg.aisec.ids.api.tokenm.DatException;
 import de.fhg.aisec.ids.api.tokenm.TokenManager;
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver;
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig;
@@ -91,12 +92,12 @@ public void verifyJWT(
       String dynamicAttributeToken,
       ConnectionSettings connectionSettings) {
     if (connectionSettings == null) {
-      this.driver.verifyToken(dynamicAttributeToken.getBytes(StandardCharsets.UTF_8), null);
+      this.driver.verifyTokenSecurityAttributes(dynamicAttributeToken.getBytes(StandardCharsets.UTF_8), null);
     } else {
       SecurityRequirements securityRequirements = new SecurityRequirements.Builder()
               .setRequiredSecurityLevel(connectionSettings.getRequiredSecurityProfile())
               .build();
-      this.driver.verifyToken(dynamicAttributeToken.getBytes(StandardCharsets.UTF_8), securityRequirements);
+      this.driver.verifyTokenSecurityAttributes(dynamicAttributeToken.getBytes(StandardCharsets.UTF_8), securityRequirements);
     }
   }
 
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
index 34906c722..2c9e9e870 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
@@ -44,6 +44,7 @@ import javax.net.ssl.X509ExtendedTrustManager
  */
 class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
     private var sslSocketFactory: SSLSocketFactory
+    private var securityRequirements: SecurityRequirements? = config.securityRequirements
     private val trustManager: X509ExtendedTrustManager
     private val privateKey: Key = PreConfiguration.getKey(
                     config.keyStorePath,
@@ -79,6 +80,8 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
 
     /**
      * Receive the signed and valid dynamic attribute token from the DAPS
+     *
+     * @throws DatException
      */
     override val token: ByteArray
         get() {
@@ -178,7 +181,7 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
                 } else {
                     throw DatException("DAPS response does not contain \"access_token\" or \"error\" field.")
                 }
-                verifyToken(token.toByteArray(StandardCharsets.UTF_8), null)
+                verifyTokenSecurityAttributes(token.toByteArray(StandardCharsets.UTF_8), null)
                 token.toByteArray(StandardCharsets.UTF_8)
             } catch (e: IOException) {
                 throw DatException("Error whilst retrieving DAT", e)
@@ -186,15 +189,34 @@ class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
         }
 
     /**
-     * Verify a given dynamic attribute token
+     * Update the security requirements of the DAPS (This might be caused by changes in the connector configuration)
+     */
+    fun updateSecurityRequirements(securityRequirements: SecurityRequirements?) {
+        this.securityRequirements = securityRequirements
+    }
+
+    /**
+     * Public verifyToken API, used from the IDSCPv2 protocol. Security requirements are used from the DAPS config
+     *
+     * @return The number of seconds this DAT is valid
+     * @throws DatException
+     */
+    override fun verifyToken(dat: ByteArray): Long {
+        return verifyTokenSecurityAttributes(dat, securityRequirements)
+    }
+
+    /**
+     * Verify a given dynamic attribute token, given the security attributes as parameter. This is used for IDSCPv1
+     * legacy implementation and for internal purpose
      *
      * If the security requirements is not null and an instance of the SecurityRequirements class
      * the method will also check the provided security attributes of the connector that belongs
      * to the provided DAT
      *
      * @return The number of seconds this DAT is valid
+     * @throws DatException
      */
-    override fun verifyToken(dat: ByteArray, securityRequirements: Any?): Long {
+    fun verifyTokenSecurityAttributes(dat: ByteArray, securityRequirements: Any?): Long {
         if (LOG.isDebugEnabled) {
             LOG.debug("Verifying dynamic attribute token...")
         }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt
index d6e0af69b..6cd372475 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt
@@ -23,6 +23,7 @@ class DefaultDapsDriverConfig {
         private set
     var trustStorePassword: CharArray = "password".toCharArray()
         private set
+    var securityRequirements: SecurityRequirements? = null
 
     class Builder {
         private val config = DefaultDapsDriverConfig()
@@ -61,6 +62,11 @@ class DefaultDapsDriverConfig {
             return this
         }
 
+        fun setSecurityRequirements(securityRequirements: SecurityRequirements): Builder {
+            config.securityRequirements = securityRequirements
+            return this
+        }
+
         fun build(): DefaultDapsDriverConfig {
             return config
         }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
index 7a3d0d05f..90fecf055 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
@@ -10,7 +10,7 @@ class NullDaps : DapsDriver {
     override val token: ByteArray
         get() =  "This dummy token is generated by 'NullDAPS' driver! Do not depend on it!".toByteArray()
 
-    override fun verifyToken(dat: ByteArray, securityRequirements: Any?): Long {
+    override fun verifyToken(dat: ByteArray): Long {
         return 100 // DA is always valid for 100 seconds
     }
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt
index c452f41ed..058f51c5c 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt
@@ -14,9 +14,7 @@ interface DapsDriver {
     /*
      * Verify a Daps token
      *
-     * An optional security requirements object can be provided to validate the DAT body
-     *
      * Return the number of seconds, the DAT is valid
      */
-    fun verifyToken(dat: ByteArray, securityRequirements: Any?): Long
+    fun verifyToken(dat: ByteArray): Long
 }
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
index 20af0cb8b..eafbe3ff0 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
@@ -134,12 +134,11 @@ class StateWaitForDatAndRat(fsm: FSM,
             }
 
             //check if Dat is available and verify dat
-            // toDo security Requirements
             val dat = event.idscpMessage.idscpDat.token.toByteArray()
             var datValidityPeriod: Long
 
             try {
-                if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
+                if (0 > dapsDriver.verifyToken(dat).also { datValidityPeriod = it }) {
                     if (LOG.isTraceEnabled) {
                         LOG.trace("No valid remote DAT is available. Send IDSCP_CLOSE")
                     }
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
index 7b388d028..f6084b93f 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
@@ -97,12 +97,11 @@ class StateWaitForDatAndRatVerifier(fsm: FSM,
             }
 
             //check if Dat is available and verify dat
-            //toDo security requirements
             val dat = event.idscpMessage.idscpDat.token.toByteArray()
             var datValidityPeriod: Long
 
             try {
-                if (0 > dapsDriver.verifyToken(dat, null).also { datValidityPeriod = it }) {
+                if (0 > dapsDriver.verifyToken(dat).also { datValidityPeriod = it }) {
                     LOG.warn("No valid remote DAT is available. Send IDSCP_CLOSE")
                     fsm.sendFromFSM(
                         Idscp2MessageHelper.createIdscpCloseMessage(
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
index b605d4143..4010bb084 100644
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
@@ -139,7 +139,6 @@ class StateWaitForHello(fsm: FSM,
                 )
             }
 
-            // toDo securityRequirements
             if (LOG.isTraceEnabled) {
                 LOG.trace("Verify received DAT")
             }
@@ -157,7 +156,7 @@ class StateWaitForHello(fsm: FSM,
             }
 
             try {
-                if (0 > dapsDriver.verifyToken(idscpHello.dynamicAttributeToken.token.toByteArray(), null)
+                if (0 > dapsDriver.verifyToken(idscpHello.dynamicAttributeToken.token.toByteArray())
                         .also { datValidityPeriod = it }
                 ) {
                     LOG.warn("No valid remote DAT is available. Send IDSCP_CLOSE")
diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
index 8474b398c..d9fb7ce61 100644
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ b/idscp2/src/test/java/DapsDriverTest.java
@@ -14,6 +14,15 @@ public class DapsDriverTest {
 
     @Test
     public void testValidToken() {
+
+        SecurityRequirements requirements = new SecurityRequirements.Builder()
+                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
+                .build();
+
+        SecurityRequirements requirements2 = new SecurityRequirements.Builder()
+                .setRequiredSecurityLevel("idsc:BASE_CONNECTOR_SECURITY_PROFILE")
+                .build();
+
         DefaultDapsDriverConfig config =
                 new DefaultDapsDriverConfig.Builder()
                         .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
@@ -27,20 +36,15 @@ public void testValidToken() {
                         .setDapsUrl("https://daps.aisec.fraunhofer.de")
                         .build();
 
-        DapsDriver dapsDriver = new DefaultDapsDriver(config);
+        DefaultDapsDriver dapsDriver = new DefaultDapsDriver(config);
         String token = new String(dapsDriver.getToken());
         assertNotEquals(token, "INVALID_TOKEN");
 
-        SecurityRequirements requirements = new SecurityRequirements.Builder()
-                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
-                .build();
 
-        SecurityRequirements requirements2 = new SecurityRequirements.Builder()
-                .setRequiredSecurityLevel("idsc:BASE_CONNECTOR_SECURITY_PROFILE")
-                .build();
+        assertTrue(dapsDriver.verifyTokenSecurityAttributes(token.getBytes(), requirements) >= 0);
 
-        assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) >= 0);
-        assertFalse(dapsDriver.verifyToken(token.getBytes(), requirements2) >= 0);
+
+        assertFalse(dapsDriver.verifyTokenSecurityAttributes(token.getBytes(), requirements2) >= 0);
     }
 
     /****
@@ -159,6 +163,11 @@ public void testInvalidKeyAlias() {
 
     @Test
     public void testInvalidAuditLogging() {
+
+        SecurityRequirements requirements = new SecurityRequirements.Builder()
+                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")
+                .build();
+
         DefaultDapsDriverConfig config =
                 new DefaultDapsDriverConfig.Builder()
                         .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
@@ -170,20 +179,22 @@ public void testInvalidAuditLogging() {
                         .setKeyAlias("1")
                         .setKeyPassword("password".toCharArray())
                         .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .setSecurityRequirements(requirements)
                         .build();
 
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
         String token = new String(dapsDriver.getToken());
         assertNotEquals(token, "INVALID_TOKEN");
 
-        SecurityRequirements requirements = new SecurityRequirements.Builder()
-                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")
-                .build();
-
-        assertTrue(dapsDriver.verifyToken(token.getBytes(), requirements) < 0);
+        assertTrue(dapsDriver.verifyToken(token.getBytes()) < 0);
     }
 
     public static void main(String[] args) {
+
+        SecurityRequirements requirements = new SecurityRequirements.Builder()
+                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
+                .build();
+
         //get token
         DefaultDapsDriverConfig config =
                 new DefaultDapsDriverConfig.Builder()
@@ -196,18 +207,15 @@ public static void main(String[] args) {
                         .setKeyAlias("1")
                         .setKeyPassword("password".toCharArray())
                         .setDapsUrl("https://daps.aisec.fraunhofer.de")
+                        .setSecurityRequirements(requirements)
                         .build();
 
         DapsDriver dapsDriver = new DefaultDapsDriver(config);
         String token = new String(dapsDriver.getToken());
         System.out.println(token);
 
-        SecurityRequirements requirements = new SecurityRequirements.Builder()
-                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
-                .build();
-
         long ret;
-        if (0 > (ret = dapsDriver.verifyToken(token.getBytes(), requirements))) {
+        if (0 > (ret = dapsDriver.verifyToken(token.getBytes()))) {
             System.out.println("failed");
         } else {
             System.out.println("success: " + ret);

From 1d9329e83736dfee27f5f4c07b6dca954fc2f3dd Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 11 Mar 2021 10:20:25 +0100
Subject: [PATCH 224/237] Updates, separated IDSCP2, removed old IDSCP with
 ttpsim and examples

---
 build.gradle                                  | 256 ------
 build.gradle.kts                              | 173 ++++
 buildx/docker-bake-multi.hcl                  |  32 +-
 buildx/docker-bake.hcl                        |  18 +-
 buildx/docker-buildx.sh                       |   6 +-
 buildx/docker-compose.yml                     |  31 +-
 camel-ids/.classpath                          |  15 -
 camel-ids/.gitignore                          |   6 -
 camel-ids/DEVS.TXT                            |   1 -
 camel-ids/LICENSE.txt                         | 201 ----
 camel-ids/README.md                           |   1 -
 camel-ids/bnd.bnd                             |  11 -
 camel-ids/build.gradle                        |  26 -
 .../aisec/ids/camel/ids/CamelComponent.java   | 123 ---
 .../aisec/ids/camel/ids/IdscpConstants.java   |  28 -
 .../ids/camel/ids/ProxyX509TrustManager.java  | 107 ---
 .../ids/camel/ids/WebSocketConstants.java     |  33 -
 .../ids/camel/ids/client/WsComponent.java     |  46 -
 .../ids/camel/ids/client/WsConsumer.java      | 105 ---
 .../ids/camel/ids/client/WsEndpoint.java      | 337 -------
 .../ids/camel/ids/client/WsListener.java      |  83 --
 .../ids/camel/ids/client/WsProducer.java      | 151 ---
 .../ConnectionManagerService.java             | 104 ---
 .../server/DefaultNodeSynchronization.java    |  44 -
 .../ids/server/DefaultWebSocketFactory.java   |  57 --
 .../camel/ids/server/DefaultWebsocket.java    | 298 ------
 .../ids/server/JettyClassPathResource.java    | 130 ---
 .../ids/server/MemoryWebSocketStore.java      |  75 --
 .../camel/ids/server/NodeSynchronization.java |  44 -
 .../camel/ids/server/WebSocketComponent.java  | 560 ------------
 .../ids/server/WebSocketComponentServlet.java |  73 --
 .../camel/ids/server/WebSocketConsumer.java   |  84 --
 .../camel/ids/server/WebSocketEndpoint.java   | 374 --------
 .../camel/ids/server/WebSocketFactory.java    |  33 -
 .../camel/ids/server/WebSocketProducer.java   | 109 ---
 .../ids/server/WebSocketProducerConsumer.java |  26 -
 .../ids/camel/ids/server/WebSocketStore.java  |  37 -
 .../ids/server/WebsocketSendException.java    |  38 -
 .../org/apache/camel/component/idsclient      |  17 -
 .../org/apache/camel/component/idsclientplain |  17 -
 .../org/apache/camel/component/idsserver      |  17 -
 ...entServerPlaintextWithAttestationTest.java | 139 ---
 .../camel/ids/client/WebSocketMockHelper.java |  68 --
 .../ids/camel/ids/client/WsProducerTest.java  |  95 --
 .../org.mockito.plugins.MockMaker             |   1 -
 camel-ids/ssl/ca.sh                           | 122 ---
 camel-ids/ssl/ca/cachain.cert                 | 111 ---
 camel-ids/ssl/ca/index.txt                    |  11 -
 camel-ids/ssl/ca/index.txt.attr               |   1 -
 camel-ids/ssl/ca/index.txt.attr.old           |   1 -
 camel-ids/ssl/ca/index.txt.old                |  10 -
 camel-ids/ssl/ca/rootca.cert                  |  21 -
 camel-ids/ssl/ca/rootca.key                   |  28 -
 camel-ids/ssl/ca/serial.txt                   |   1 -
 camel-ids/ssl/ca/serial.txt.old               |   1 -
 camel-ids/ssl/ca/subca.cert                   |  90 --
 camel-ids/ssl/ca/subca.key                    |  28 -
 camel-ids/ssl/cert.sh                         | 117 ---
 camel-ids/ssl/certs/01.pem                    |  98 --
 camel-ids/ssl/certs/02.pem                    |  98 --
 camel-ids/ssl/certs/03.pem                    |  98 --
 camel-ids/ssl/certs/04.pem                    |  98 --
 camel-ids/ssl/certs/05.pem                    |  98 --
 camel-ids/ssl/certs/06.pem                    |  98 --
 camel-ids/ssl/certs/07.pem                    |  98 --
 camel-ids/ssl/certs/08.pem                    |  97 --
 camel-ids/ssl/certs/09.pem                    |  97 --
 camel-ids/ssl/certs/0A.pem                    |  98 --
 camel-ids/ssl/certs/0B.pem                    |  98 --
 camel-ids/ssl/certs/client.cert               |  98 --
 camel-ids/ssl/certs/client.key                |  28 -
 camel-ids/ssl/certs/client.p12                | Bin 2789 -> 0 bytes
 camel-ids/ssl/certs/server.cert               |  98 --
 camel-ids/ssl/certs/server.key                |  28 -
 camel-ids/ssl/certs/server.p12                | Bin 2789 -> 0 bytes
 camel-ids/ssl/certs/test.cert                 |  98 --
 camel-ids/ssl/certs/test.key                  |  28 -
 camel-ids/ssl/certs/test.p12                  |   0
 camel-ids/ssl/client-keystore.jks             | Bin 2537 -> 0 bytes
 camel-ids/ssl/client-truststore.jks           | Bin 1954 -> 0 bytes
 .../configs/openssl-connector.cnf.template    |  59 --
 .../openssl-connector.cnf.template.old        |  54 --
 camel-ids/ssl/configs/openssl-rootca.cnf      |  74 --
 camel-ids/ssl/configs/openssl-subca.cnf       |  76 --
 camel-ids/ssl/keystore.sh                     |  20 -
 camel-ids/ssl/readme.md                       |  24 -
 camel-ids/ssl/server-keystore.jks             | Bin 2535 -> 0 bytes
 camel-ids/ssl/server-truststore.jks           | Bin 1954 -> 0 bytes
 camel-idscp2-osgi/bnd.bnd                     |   3 +-
 camel-idscp2-osgi/build.gradle.kts            |  12 +-
 camel-idscp2/LICENSE.txt                      | 201 ----
 camel-idscp2/README.md                        |   2 -
 camel-idscp2/bnd.bnd                          |   4 -
 camel-idscp2/build.gradle.kts                 |  23 -
 .../fhg/aisec/ids/camel/idscp2/Constants.kt   |   9 -
 .../fhg/aisec/ids/camel/idscp2/ProviderDB.kt  |  15 -
 .../ids/camel/idscp2/RefCountingHashMap.kt    |  77 --
 .../ids/camel/idscp2/UsageControlMaps.kt      |  85 --
 .../de/fhg/aisec/ids/camel/idscp2/Utils.kt    |  48 -
 .../idscp2/client/Idscp2ClientComponent.kt    |  55 --
 .../idscp2/client/Idscp2ClientConsumer.kt     | 115 ---
 .../idscp2/client/Idscp2ClientEndpoint.kt     | 212 -----
 .../idscp2/client/Idscp2ClientProducer.kt     | 125 ---
 .../ArtifactRequestCreationProcessor.kt       |  45 -
 .../processors/ArtifactRequestProcessor.kt    |  93 --
 .../ContractAgreementReceiverProcessor.kt     |  49 -
 .../ContractOfferCreationProcessor.kt         |  76 --
 .../processors/ContractOfferProcessor.kt      |  94 --
 .../ContractRequestCreationProcessor.kt       |  61 --
 .../processors/ContractRequestProcessor.kt    |  77 --
 .../processors/ContractResponseProcessor.kt   |  94 --
 .../IdsMessageTypeExtractionProcessor.kt      |  42 -
 .../ResourceUpdateCreationProcessor.kt        |  53 --
 .../camel/idscp2/server/CamelIdscp2Server.kt  |  63 --
 .../idscp2/server/Idscp2ServerComponent.kt    |  73 --
 .../idscp2/server/Idscp2ServerConsumer.kt     |  93 --
 .../idscp2/server/Idscp2ServerEndpoint.kt     | 235 -----
 .../idscp2/server/Idscp2ServerProducer.kt     |  38 -
 .../org/apache/camel/component/idscp2client   |  17 -
 .../org/apache/camel/component/idscp2server   |  17 -
 camel-influxdb/build.gradle                   |   4 -
 camel-influxdb/build.gradle.kts               |   9 +
 .../docker-compose.yaml                       |  16 -
 .../example-idscp-localloop.xml               |   8 +-
 examples/example-idscp-localhost/README.md    |  19 -
 .../docker-compose-provider.override.yaml     |  11 -
 examples/example-idscp/.env                   |   2 -
 examples/example-idscp/README.md              |   4 -
 .../docker-compose-consumer.yaml              |  51 --
 .../docker-compose-provider.yaml              |  53 --
 .../example-idscp/docker-compose-ttp.yaml     |  17 -
 .../example-idscp/example-client/Dockerfile   |  12 -
 examples/example-idscp/example-client/app.js  |  36 -
 .../example-idscp/example-client/package.json |  26 -
 .../example-idscp/example-consumer-routes.xml |  39 -
 .../example-idscp/example-provider-routes.xml |  33 -
 .../example-idscp/example-server/Dockerfile   |  12 -
 examples/example-idscp/example-server/app.js  |  49 -
 .../example-idscp/example-server/package.json |  27 -
 .../example-idscp/settings-consumer.mapdb     | Bin 2097152 -> 0 bytes
 .../example-idscp/settings-provider.mapdb     | Bin 2097152 -> 0 bytes
 .../example-idscp-localloop.xml               |  47 -
 .../{example-idscp => example-idscp2-uc}/.env |   0
 ids-api/build.gradle                          |   2 -
 ids-comm/.gitignore                           |   8 -
 ids-comm/LICENSE.txt                          | 201 ----
 ids-comm/README.md                            |   1 -
 ids-comm/bnd.bnd                              |   7 -
 ids-comm/build.gradle                         |  22 -
 ids-comm/socket/.gitignore                    |   1 -
 .../de/fhg/aisec/ids/comm/ByteArrayUtil.java  |  48 -
 .../fhg/aisec/ids/comm/CertificatePair.java   |  51 --
 .../de/fhg/aisec/ids/comm/DatVerifier.java    |   8 -
 .../aisec/ids/comm/IdscpConfiguration.java    |  33 -
 .../ids/comm/client/ClientConfiguration.java  | 140 ---
 .../aisec/ids/comm/client/IdscpClient.java    | 179 ----
 .../ids/comm/client/IdspClientSocket.java     | 145 ---
 .../aisec/ids/comm/server/IdscpServer.java    | 123 ---
 .../ids/comm/server/IdscpServerSocket.java    | 168 ----
 .../comm/server/IdscpWebSocketCreator.java    |  40 -
 .../ids/comm/server/ServerConfiguration.java  | 179 ----
 .../ids/comm/server/ServerSocketServlet.java  |  43 -
 .../aisec/ids/comm/server/SocketListener.java |  37 -
 .../ws/protocol/ClientProtocolMachine.java    | 197 ----
 .../ids/comm/ws/protocol/IDSCPException.java  |  30 -
 .../ids/comm/ws/protocol/ProtocolState.java   |  78 --
 .../ws/protocol/ServerProtocolMachine.java    | 219 -----
 .../comm/ws/protocol/error/ErrorHandler.java  |  45 -
 .../comm/ws/protocol/fsm/ChangeListener.java  |  30 -
 .../aisec/ids/comm/ws/protocol/fsm/Event.java |  64 --
 .../aisec/ids/comm/ws/protocol/fsm/FSM.java   | 213 -----
 .../aisec/ids/comm/ws/protocol/fsm/State.java |  65 --
 .../ids/comm/ws/protocol/fsm/Transition.java  | 100 --
 .../metadata/MetadataConsumerHandler.java     |  45 -
 .../ws/protocol/metadata/MetadataHandler.java |  58 --
 .../metadata/MetadataProviderHandler.java     |  45 -
 .../comm/ws/protocol/rat/NonceGenerator.java  |  40 -
 .../rat/RemoteAttestationClientHandler.java   | 191 ----
 .../rat/RemoteAttestationHandler.java         | 302 ------
 .../rat/RemoteAttestationServerHandler.java   | 189 ----
 .../ids/comm/ws/protocol/rat/Tpm2dSocket.java |  50 -
 .../ids/protocol/ADVANCEDAttestationIT.java   | 228 -----
 .../camel/ids/protocol/ALLAttestationIT.java  | 227 -----
 .../ids/protocol/BASICAttestationIT.java      | 225 -----
 .../de/fhg/aisec/ids/comm/EventSocket.java    |  49 -
 .../fhg/aisec/ids/comm/MySocketListener.java  |  52 --
 .../de/fhg/aisec/ids/comm/ProtocolTest.java   | 121 ---
 .../test/resources/jsse/client-keystore.jks   | Bin 2495 -> 0 bytes
 .../test/resources/jsse/client-truststore.jks | Bin 1954 -> 0 bytes
 .../test/resources/jsse/server-keystore.jks   | Bin 4494 -> 0 bytes
 .../test/resources/jsse/server-truststore.jks | Bin 1954 -> 0 bytes
 ids-comm/src/test/resources/log4j2-test.xml   |  39 -
 ids-dataflow-control/build.gradle.kts         |   4 +-
 ids-route-manager/build.gradle.kts            |   5 +-
 .../aisec/ids/rm/PolicyEnforcementPoint.kt    |  33 +-
 .../fhg/aisec/ids/rm/RouteManagerService.kt   |   2 -
 ids-settings/build.gradle.kts                 |  10 +-
 ids-token-manager/bnd.bnd                     |   4 +-
 ids-token-manager/build.gradle                |  21 -
 ids-token-manager/build.gradle.kts            |  13 +
 .../ids/tokenmanager/TokenManagerService.java |  33 -
 ids-webconsole/build.gradle                   |   1 -
 .../aisec/ids/webconsole/api/RouteApi.java    |  39 +-
 idscp2-app-layer/LICENSE.txt                  | 201 ----
 idscp2-app-layer/README.md                    |   1 -
 idscp2-app-layer/bnd.bnd                      |   6 -
 idscp2-app-layer/build.gradle.kts             |  39 -
 .../idscp2/app_layer/AppLayerConnection.kt    | 130 ---
 .../fhg/aisec/ids/idscp2/app_layer/Utils.kt   |   7 -
 .../listeners/GenericMessageListener.kt       |   7 -
 .../app_layer/listeners/IdsMessageListener.kt |   8 -
 .../src/main/proto/idscp2-app.proto           |  24 -
 .../main/resources/simplelogger.properties    |   1 -
 idscp2/LICENSE.txt                            | 201 ----
 idscp2/README.md                              |   1 -
 idscp2/bnd.bnd                                |   8 -
 idscp2/build.gradle.kts                       |  49 -
 .../default_drivers/daps/DefaultDapsDriver.kt | 358 --------
 .../daps/DefaultDapsDriverConfig.kt           |  74 --
 .../idscp2/default_drivers/daps/NullDaps.kt   |  16 -
 .../daps/SecurityRequirements.kt              |  24 -
 .../keystores/CustomX509ExtendedKeyManager.kt | 157 ----
 .../keystores/PreConfiguration.kt             | 211 -----
 .../rat/dummy/RatProverDummy.kt               |  53 --
 .../rat/dummy/RatVerifierDummy.kt             |  53 --
 .../default_drivers/rat/null/NullRatProver.kt |  43 -
 .../rat/null/NullRatVerifier.kt               |  42 -
 .../default_drivers/rat/tpm2d/TPM2dHelper.kt  |  75 --
 .../rat/tpm2d/TPM2dMessageFactory.kt          |  83 --
 .../default_drivers/rat/tpm2d/TPM2dProver.kt  | 195 ----
 .../rat/tpm2d/TPM2dProverConfig.kt            |  39 -
 .../default_drivers/rat/tpm2d/TPM2dSocket.kt  |  28 -
 .../rat/tpm2d/TPM2dVerifier.kt                | 260 ------
 .../rat/tpm2d/TPM2dVerifierConfig.kt          |  60 --
 .../default_drivers/secure_channel/README.md  |   1 -
 .../secure_channel/tlsv1_3/NativeTLSDriver.kt |  52 --
 .../tlsv1_3/NativeTlsConfiguration.kt         | 126 ---
 .../secure_channel/tlsv1_3/TLSConstants.kt    |  23 -
 .../tlsv1_3/TLSSessionVerificationHelper.kt   | 189 ----
 .../tlsv1_3/client/DataAvailableListener.kt   |  24 -
 .../tlsv1_3/client/InputListenerThread.kt     |  51 --
 .../tlsv1_3/client/TLSClient.kt               | 214 -----
 .../tlsv1_3/server/TLSServer.kt               | 170 ----
 .../tlsv1_3/server/TLSServerThread.kt         | 162 ----
 .../idscp2/example/CommandlineTunnelClient.kt |  90 --
 .../idscp2/example/CommandlineTunnelServer.kt |  69 --
 .../idscp2/example/Idscp2ClientInitiator.kt   |  62 --
 .../idscp2/example/Idscp2ServerInitiator.kt   |  69 --
 .../aisec/ids/idscp2/example/RunTLSClient.kt  |  55 --
 .../aisec/ids/idscp2/example/RunTLSServer.kt  |  52 --
 .../ids/idscp2/example/RunTunnelClient.kt     |  43 -
 .../ids/idscp2/example/RunTunnelServer.kt     |  41 -
 .../aisec/ids/idscp2/idscp_core/FastLatch.kt  |  52 --
 .../idscp_core/api/Idscp2EndpointListener.kt  |  21 -
 .../api/configuration/AttestationConfig.kt    |  59 --
 .../api/configuration/Idscp2Configuration.kt  |  82 --
 .../api/idscp_connection/Idscp2Connection.kt  |  68 --
 .../Idscp2ConnectionAdapter.kt                |  15 -
 .../idscp_connection/Idscp2ConnectionImpl.kt  | 181 ----
 .../Idscp2ConnectionListener.kt               |  10 -
 .../idscp_connection/Idscp2MessageListener.kt |  11 -
 .../api/idscp_server/Idscp2Server.kt          |  58 --
 .../api/idscp_server/Idscp2ServerFactory.kt   |  81 --
 .../idscp_server/SecureChannelInitListener.kt |  23 -
 .../idscp_server/ServerConnectionListener.kt  |  14 -
 .../idscp2/idscp_core/drivers/DapsDriver.kt   |  20 -
 .../idscp_core/drivers/RatProverDriver.kt     |  35 -
 .../idscp_core/drivers/RatVerifierDriver.kt   |  35 -
 .../idscp_core/drivers/SecureChannelDriver.kt |  34 -
 .../drivers/SecureChannelEndpoint.kt          |  37 -
 .../idscp2/idscp_core/drivers/SecureServer.kt |  18 -
 .../idscp2/idscp_core/error/DatException.kt   |   6 -
 .../idscp_core/error/Idscp2Exception.kt       |  11 -
 .../error/Idscp2HandshakeException.kt         |  10 -
 .../error/Idscp2TimeoutException.kt           |   8 -
 .../error/Idscp2WouldBlockException.kt        |   8 -
 .../idscp2/idscp_core/fsm/AlternatingBit.kt   |  38 -
 .../ids/idscp2/idscp_core/fsm/DynamicTimer.kt |  38 -
 .../aisec/ids/idscp2/idscp_core/fsm/Event.kt  |  67 --
 .../aisec/ids/idscp2/idscp_core/fsm/FSM.kt    | 857 ------------------
 .../idscp_core/fsm/InternalControlMessage.kt  |  26 -
 .../aisec/ids/idscp2/idscp_core/fsm/State.kt  |  48 -
 .../ids/idscp2/idscp_core/fsm/StateClosed.kt  | 138 ---
 .../idscp2/idscp_core/fsm/StateEstablished.kt | 164 ----
 .../idscp2/idscp_core/fsm/StateWaitForAck.kt  | 185 ----
 .../idscp_core/fsm/StateWaitForDatAndRat.kt   | 241 -----
 .../fsm/StateWaitForDatAndRatVerifier.kt      | 179 ----
 .../idscp_core/fsm/StateWaitForHello.kt       | 212 -----
 .../idscp2/idscp_core/fsm/StateWaitForRat.kt  | 255 ------
 .../idscp_core/fsm/StateWaitForRatProver.kt   | 218 -----
 .../idscp_core/fsm/StateWaitForRatVerifier.kt | 206 -----
 .../ids/idscp2/idscp_core/fsm/StaticTimer.kt  |  41 -
 .../ids/idscp2/idscp_core/fsm/TimerThread.kt  |  56 --
 .../ids/idscp2/idscp_core/fsm/Transition.kt   |  13 -
 .../fsm/fsmListeners/RatProverFsmListener.kt  |  18 -
 .../fsmListeners/RatVerifierFsmListener.kt    |  19 -
 .../fsm/fsmListeners/ScFsmListener.kt         |  25 -
 .../messages/Idscp2MessageHelper.kt           | 106 ---
 .../rat_registry/RatProverDriverRegistry.kt   |  72 --
 .../rat_registry/RatVerifierDriverRegistry.kt |  72 --
 .../secure_channel/SecureChannel.kt           |  69 --
 .../secure_channel/SecureChannelListener.kt   |  21 -
 idscp2/src/main/proto/idscpv2.proto           |  80 --
 idscp2/src/main/proto/tpm2dAttestation.proto  | 147 ---
 .../main/resources/simplelogger.properties    |   1 -
 .../ssl/aisecconnector1-keystore.p12          | Bin 2853 -> 0 bytes
 .../ssl/aisecconnector2-keystore.p12          | Bin 2853 -> 0 bytes
 .../resources/ssl/client-truststore_new.p12   | Bin 2266 -> 0 bytes
 .../resources/ssl/consumer-core-keystore.p12  | Bin 2765 -> 0 bytes
 .../src/main/resources/ssl/consumer-core.cert |  96 --
 .../main/resources/ssl/consumer-keystore.p12  | Bin 2693 -> 0 bytes
 .../resources/ssl/provider-core-keystore.p12  | Bin 2765 -> 0 bytes
 .../src/main/resources/ssl/provider-core.cert |  96 --
 .../main/resources/ssl/provider-keystore.p12  | Bin 2693 -> 0 bytes
 idscp2/src/main/resources/ssl/truststore.p12  | Bin 2266 -> 0 bytes
 idscp2/src/test/java/DapsDriverTest.java      | 224 -----
 idscp2/src/test/java/RatDriverTest.java       |  12 -
 idscp2/src/test/resources/log4j2-test.xml     |  39 -
 javax-xml-bind-patch/.gitignore               |   5 -
 javax-xml-bind-patch/LICENSE.txt              | 201 ----
 javax-xml-bind-patch/README.md                |   4 -
 javax-xml-bind-patch/bnd.bnd                  |   3 -
 javax-xml-bind-patch/build.gradle             |   8 -
 jsonwebtoken-wrapper/LICENSE.txt              | 201 ----
 jsonwebtoken-wrapper/README.md                |   1 -
 jsonwebtoken-wrapper/bnd.bnd                  |   8 -
 jsonwebtoken-wrapper/build.gradle.kts         |   8 -
 karaf-assembly/build.gradle                   |   2 +-
 .../src/main/resources/etc/system.properties  |  10 +-
 karaf-features-ids/build.gradle               |   5 +-
 libraryVersions.yaml                          |  34 +-
 rat-repository/.gitignore                     |   5 -
 rat-repository/Dockerfile                     |  28 -
 rat-repository/LICENSE.txt                    | 201 ----
 rat-repository/README.md                      |   1 -
 rat-repository/bnd.bnd                        |   6 -
 rat-repository/build.gradle                   |  36 -
 .../aisec/ids/attestation/Configuration.java  |  98 --
 .../fhg/aisec/ids/attestation/Database.java   | 293 ------
 .../aisec/ids/attestation/MediaTypeExt.java   |  33 -
 .../attestation/ProtobufAutoDiscoverable.java |  35 -
 .../ids/attestation/ProtobufFeature.java      |  38 -
 .../attestation/ProtobufMessageException.java |  41 -
 .../ids/attestation/ProtobufProvider.java     | 100 --
 .../de/fhg/aisec/ids/attestation/REST.java    | 214 -----
 .../attestation/RemoteAttestationServer.java  | 140 ---
 .../de/fhg/aisec/ids/attestation/Start.java   |  98 --
 rat-repository/src/main/resources/log4j2.xml  |  17 -
 .../main/resources/repository-keystore.jks    | Bin 2481 -> 0 bytes
 .../main/resources/repository-truststore.jks  | Bin 934 -> 0 bytes
 .../ids/attestation/RatRepositoryTest.java    | 285 ------
 .../src/test/resources/configurationList.json |   1 -
 rat-repository/src/test/resources/log4j2.xml  |  37 -
 settings.gradle                               |  29 -
 settings.gradle.kts                           |  21 +
 355 files changed, 303 insertions(+), 24584 deletions(-)
 delete mode 100644 build.gradle
 create mode 100644 build.gradle.kts
 delete mode 100644 camel-ids/.classpath
 delete mode 100644 camel-ids/.gitignore
 delete mode 100644 camel-ids/DEVS.TXT
 delete mode 100644 camel-ids/LICENSE.txt
 delete mode 100644 camel-ids/README.md
 delete mode 100644 camel-ids/bnd.bnd
 delete mode 100644 camel-ids/build.gradle
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/CamelComponent.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/IdscpConstants.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/ProxyX509TrustManager.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/WebSocketConstants.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsComponent.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsConsumer.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsEndpoint.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsListener.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/connectionmanagement/ConnectionManagerService.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultNodeSynchronization.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebSocketFactory.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/JettyClassPathResource.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/MemoryWebSocketStore.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/NodeSynchronization.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponent.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketConsumer.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketEndpoint.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketFactory.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducer.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducerConsumer.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketStore.java
 delete mode 100644 camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketSendException.java
 delete mode 100644 camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsclient
 delete mode 100644 camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsclientplain
 delete mode 100644 camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsserver
 delete mode 100644 camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
 delete mode 100644 camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WebSocketMockHelper.java
 delete mode 100644 camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WsProducerTest.java
 delete mode 100644 camel-ids/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker
 delete mode 100755 camel-ids/ssl/ca.sh
 delete mode 100644 camel-ids/ssl/ca/cachain.cert
 delete mode 100644 camel-ids/ssl/ca/index.txt
 delete mode 100644 camel-ids/ssl/ca/index.txt.attr
 delete mode 100644 camel-ids/ssl/ca/index.txt.attr.old
 delete mode 100644 camel-ids/ssl/ca/index.txt.old
 delete mode 100644 camel-ids/ssl/ca/rootca.cert
 delete mode 100644 camel-ids/ssl/ca/rootca.key
 delete mode 100644 camel-ids/ssl/ca/serial.txt
 delete mode 100644 camel-ids/ssl/ca/serial.txt.old
 delete mode 100644 camel-ids/ssl/ca/subca.cert
 delete mode 100644 camel-ids/ssl/ca/subca.key
 delete mode 100755 camel-ids/ssl/cert.sh
 delete mode 100644 camel-ids/ssl/certs/01.pem
 delete mode 100644 camel-ids/ssl/certs/02.pem
 delete mode 100644 camel-ids/ssl/certs/03.pem
 delete mode 100644 camel-ids/ssl/certs/04.pem
 delete mode 100644 camel-ids/ssl/certs/05.pem
 delete mode 100644 camel-ids/ssl/certs/06.pem
 delete mode 100644 camel-ids/ssl/certs/07.pem
 delete mode 100644 camel-ids/ssl/certs/08.pem
 delete mode 100644 camel-ids/ssl/certs/09.pem
 delete mode 100644 camel-ids/ssl/certs/0A.pem
 delete mode 100644 camel-ids/ssl/certs/0B.pem
 delete mode 100644 camel-ids/ssl/certs/client.cert
 delete mode 100644 camel-ids/ssl/certs/client.key
 delete mode 100644 camel-ids/ssl/certs/client.p12
 delete mode 100644 camel-ids/ssl/certs/server.cert
 delete mode 100644 camel-ids/ssl/certs/server.key
 delete mode 100644 camel-ids/ssl/certs/server.p12
 delete mode 100644 camel-ids/ssl/certs/test.cert
 delete mode 100644 camel-ids/ssl/certs/test.key
 delete mode 100644 camel-ids/ssl/certs/test.p12
 delete mode 100644 camel-ids/ssl/client-keystore.jks
 delete mode 100644 camel-ids/ssl/client-truststore.jks
 delete mode 100755 camel-ids/ssl/configs/openssl-connector.cnf.template
 delete mode 100755 camel-ids/ssl/configs/openssl-connector.cnf.template.old
 delete mode 100755 camel-ids/ssl/configs/openssl-rootca.cnf
 delete mode 100755 camel-ids/ssl/configs/openssl-subca.cnf
 delete mode 100755 camel-ids/ssl/keystore.sh
 delete mode 100644 camel-ids/ssl/readme.md
 delete mode 100644 camel-ids/ssl/server-keystore.jks
 delete mode 100644 camel-ids/ssl/server-truststore.jks
 delete mode 100644 camel-idscp2/LICENSE.txt
 delete mode 100644 camel-idscp2/README.md
 delete mode 100644 camel-idscp2/bnd.bnd
 delete mode 100644 camel-idscp2/build.gradle.kts
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/ProviderDB.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/RefCountingHashMap.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Utils.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractAgreementReceiverProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferCreationProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ResourceUpdateCreationProcessor.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
 delete mode 100644 camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
 delete mode 100644 camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
 delete mode 100644 camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server
 delete mode 100644 camel-influxdb/build.gradle
 create mode 100644 camel-influxdb/build.gradle.kts
 delete mode 100644 examples/example-idscp-localhost/README.md
 delete mode 100644 examples/example-idscp-localhost/docker-compose-provider.override.yaml
 delete mode 100644 examples/example-idscp/.env
 delete mode 100644 examples/example-idscp/README.md
 delete mode 100644 examples/example-idscp/docker-compose-consumer.yaml
 delete mode 100644 examples/example-idscp/docker-compose-provider.yaml
 delete mode 100644 examples/example-idscp/docker-compose-ttp.yaml
 delete mode 100644 examples/example-idscp/example-client/Dockerfile
 delete mode 100644 examples/example-idscp/example-client/app.js
 delete mode 100644 examples/example-idscp/example-client/package.json
 delete mode 100644 examples/example-idscp/example-consumer-routes.xml
 delete mode 100644 examples/example-idscp/example-provider-routes.xml
 delete mode 100644 examples/example-idscp/example-server/Dockerfile
 delete mode 100644 examples/example-idscp/example-server/app.js
 delete mode 100644 examples/example-idscp/example-server/package.json
 delete mode 100644 examples/example-idscp/settings-consumer.mapdb
 delete mode 100644 examples/example-idscp/settings-provider.mapdb
 delete mode 100644 examples/route-examples/example-idscp-localloop.xml
 rename examples/templates/{example-idscp => example-idscp2-uc}/.env (100%)
 delete mode 100644 ids-comm/.gitignore
 delete mode 100644 ids-comm/LICENSE.txt
 delete mode 100644 ids-comm/README.md
 delete mode 100644 ids-comm/bnd.bnd
 delete mode 100644 ids-comm/build.gradle
 delete mode 100644 ids-comm/socket/.gitignore
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ByteArrayUtil.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/CertificatePair.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/DatVerifier.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/IdscpConfiguration.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/ClientConfiguration.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/IdscpClient.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/IdspClientSocket.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpServer.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpServerSocket.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpWebSocketCreator.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerConfiguration.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerSocketServlet.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/SocketListener.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ClientProtocolMachine.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/IDSCPException.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ProtocolState.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ServerProtocolMachine.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/error/ErrorHandler.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/ChangeListener.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/Event.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/FSM.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/State.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/Transition.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataConsumerHandler.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataHandler.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataProviderHandler.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/NonceGenerator.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationClientHandler.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationHandler.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationServerHandler.java
 delete mode 100644 ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/Tpm2dSocket.java
 delete mode 100644 ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/ADVANCEDAttestationIT.java
 delete mode 100644 ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/ALLAttestationIT.java
 delete mode 100644 ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/BASICAttestationIT.java
 delete mode 100644 ids-comm/src/test/java/de/fhg/aisec/ids/comm/EventSocket.java
 delete mode 100644 ids-comm/src/test/java/de/fhg/aisec/ids/comm/MySocketListener.java
 delete mode 100644 ids-comm/src/test/java/de/fhg/aisec/ids/comm/ProtocolTest.java
 delete mode 100644 ids-comm/src/test/resources/jsse/client-keystore.jks
 delete mode 100644 ids-comm/src/test/resources/jsse/client-truststore.jks
 delete mode 100644 ids-comm/src/test/resources/jsse/server-keystore.jks
 delete mode 100644 ids-comm/src/test/resources/jsse/server-truststore.jks
 delete mode 100644 ids-comm/src/test/resources/log4j2-test.xml
 delete mode 100755 ids-token-manager/build.gradle
 create mode 100644 ids-token-manager/build.gradle.kts
 delete mode 100644 idscp2-app-layer/LICENSE.txt
 delete mode 100644 idscp2-app-layer/README.md
 delete mode 100644 idscp2-app-layer/bnd.bnd
 delete mode 100644 idscp2-app-layer/build.gradle.kts
 delete mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
 delete mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/Utils.kt
 delete mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
 delete mode 100644 idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/IdsMessageListener.kt
 delete mode 100644 idscp2-app-layer/src/main/proto/idscp2-app.proto
 delete mode 100644 idscp2-app-layer/src/main/resources/simplelogger.properties
 delete mode 100644 idscp2/LICENSE.txt
 delete mode 100644 idscp2/README.md
 delete mode 100644 idscp2/bnd.bnd
 delete mode 100644 idscp2/build.gradle.kts
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/SecurityRequirements.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dHelper.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dMessageFactory.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProverConfig.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifierConfig.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/README.md
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTLSDriver.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTlsConfiguration.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSConstants.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSSessionVerificationHelper.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/DataAvailableListener.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/InputListenerThread.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServer.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServerThread.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/Idscp2EndpointListener.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionAdapter.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionListener.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/SecureChannelInitListener.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/ServerConnectionListener.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureServer.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatProverFsmListener.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatVerifierFsmListener.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/ScFsmListener.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/messages/Idscp2MessageHelper.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
 delete mode 100644 idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.kt
 delete mode 100644 idscp2/src/main/proto/idscpv2.proto
 delete mode 100644 idscp2/src/main/proto/tpm2dAttestation.proto
 delete mode 100644 idscp2/src/main/resources/simplelogger.properties
 delete mode 100644 idscp2/src/main/resources/ssl/aisecconnector1-keystore.p12
 delete mode 100644 idscp2/src/main/resources/ssl/aisecconnector2-keystore.p12
 delete mode 100644 idscp2/src/main/resources/ssl/client-truststore_new.p12
 delete mode 100644 idscp2/src/main/resources/ssl/consumer-core-keystore.p12
 delete mode 100644 idscp2/src/main/resources/ssl/consumer-core.cert
 delete mode 100644 idscp2/src/main/resources/ssl/consumer-keystore.p12
 delete mode 100644 idscp2/src/main/resources/ssl/provider-core-keystore.p12
 delete mode 100644 idscp2/src/main/resources/ssl/provider-core.cert
 delete mode 100644 idscp2/src/main/resources/ssl/provider-keystore.p12
 delete mode 100644 idscp2/src/main/resources/ssl/truststore.p12
 delete mode 100644 idscp2/src/test/java/DapsDriverTest.java
 delete mode 100644 idscp2/src/test/java/RatDriverTest.java
 delete mode 100644 idscp2/src/test/resources/log4j2-test.xml
 delete mode 100644 javax-xml-bind-patch/.gitignore
 delete mode 100644 javax-xml-bind-patch/LICENSE.txt
 delete mode 100644 javax-xml-bind-patch/README.md
 delete mode 100644 javax-xml-bind-patch/bnd.bnd
 delete mode 100644 javax-xml-bind-patch/build.gradle
 delete mode 100644 jsonwebtoken-wrapper/LICENSE.txt
 delete mode 100644 jsonwebtoken-wrapper/README.md
 delete mode 100644 jsonwebtoken-wrapper/bnd.bnd
 delete mode 100644 jsonwebtoken-wrapper/build.gradle.kts
 delete mode 100644 rat-repository/.gitignore
 delete mode 100644 rat-repository/Dockerfile
 delete mode 100644 rat-repository/LICENSE.txt
 delete mode 100644 rat-repository/README.md
 delete mode 100644 rat-repository/bnd.bnd
 delete mode 100644 rat-repository/build.gradle
 delete mode 100644 rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Configuration.java
 delete mode 100644 rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Database.java
 delete mode 100644 rat-repository/src/main/java/de/fhg/aisec/ids/attestation/MediaTypeExt.java
 delete mode 100644 rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufAutoDiscoverable.java
 delete mode 100644 rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufFeature.java
 delete mode 100644 rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufMessageException.java
 delete mode 100644 rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufProvider.java
 delete mode 100644 rat-repository/src/main/java/de/fhg/aisec/ids/attestation/REST.java
 delete mode 100644 rat-repository/src/main/java/de/fhg/aisec/ids/attestation/RemoteAttestationServer.java
 delete mode 100644 rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Start.java
 delete mode 100644 rat-repository/src/main/resources/log4j2.xml
 delete mode 100644 rat-repository/src/main/resources/repository-keystore.jks
 delete mode 100644 rat-repository/src/main/resources/repository-truststore.jks
 delete mode 100644 rat-repository/src/test/java/de/fhg/aisec/ids/attestation/RatRepositoryTest.java
 delete mode 100644 rat-repository/src/test/resources/configurationList.json
 delete mode 100644 rat-repository/src/test/resources/log4j2.xml
 delete mode 100644 settings.gradle
 create mode 100644 settings.gradle.kts

diff --git a/build.gradle b/build.gradle
deleted file mode 100644
index e66cc2166..000000000
--- a/build.gradle
+++ /dev/null
@@ -1,256 +0,0 @@
-import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
-import org.yaml.snakeyaml.Yaml
-
-buildscript {
-    repositories {
-        mavenCentral()
-    }
-    dependencies {
-        classpath("org.yaml:snakeyaml:1.26")
-    }
-}
-
-plugins {
-    id "java"
-    id "com.google.protobuf" version "0.8.10"
-    id "com.moowork.node" version "1.3.1"
-    id "biz.aQute.bnd" version "5.1.2" apply false
-    id "com.github.lburgazzoli.karaf" version "0.5.1"
-    id "org.jetbrains.kotlin.jvm" version "1.4.10"
-    id "com.github.jlouns.cpe" version "0.5.0"
-    id "com.benjaminsproule.swagger" version "1.0.6"
-    id "com.diffplug.gradle.spotless" version "3.13.0"
-    id "com.github.jk1.dependency-license-report" version "1.2"
-}
-
-ext.set("libraryVersions",
-        new Yaml().loadAs(new FileInputStream(file("${rootDir}/libraryVersions.yaml")), Map.class))
-
-licenseReport {
-    configurations = ["compile", "providedByFeature", "providedByBundle"]
-}
-
-allprojects {
-    group = "de.fhg.aisec.ids"
-    version = "3.0.2"
-
-    configurations {
-        // Configuration for dependencies that will be provided through features in the OSGi environment
-        providedByFeature
-
-        // Configurations for dependencies that will be provided through bundles in the OSGi environment
-        // Separate configurations are required when two bundles depend on different versions of the same bundle!
-        providedByBundle
-        unixSocketBundle
-        infomodelBundle
-
-        // Configurations for bundles grouped to dedicated features apart from the main ids feature
-        influxFeature
-        zmqFeature
-
-        // OSGi core dependencies which will just be there during runtime
-        osgiCore
-
-        // For artifacts that should be included as "compile" dependencies into published maven artifacts
-        publishCompile
-
-        // The "compile" configuration needs to be extended for dependency resolution of maven-publish
-        compile.extendsFrom providedByFeature, providedByBundle, unixSocketBundle, infomodelBundle, osgiCore, publishCompile
-        // Some compileOnly dependencies are also needed for unit tests
-        testImplementation.extendsFrom compileOnly
-    }
-
-    repositories {
-        mavenCentral()
-        jcenter()
-        // References IAIS repository that contains the infomodel artifacts
-        maven {
-            url "https://maven.iais.fraunhofer.de/artifactory/eis-ids-public/"
-        }
-    }
-}
-
-subprojects {
-    apply plugin: "biz.aQute.bnd.builder"
-    apply plugin: "java"
-    apply plugin: "maven"
-    apply plugin: "kotlin"
-
-    sourceCompatibility = JavaVersion.VERSION_11
-    targetCompatibility = JavaVersion.VERSION_11
-
-    test {
-        exclude "**/*IT.*"
-    }
-
-    task integrationTest(type: Test) {
-        include "**/*IT.*"
-        systemProperty "project.version", "$project.version"
-    }
-
-    tasks.withType(Test) {
-        testLogging {
-            events "failed"
-            exceptionFormat "full"
-        }
-    }
-
-    check.dependsOn integrationTest
-
-    // define some Bill of Materials (BOM) for all subprojects
-    dependencies {
-        // Logging API
-        providedByBundle group: "org.slf4j", name: "slf4j-simple", version: libraryVersions.slf4j
-
-        // Needed for kotlin modules, provided at runtime via kotlin-osgi-bundle in karaf-features-ids
-        compileOnly group: "org.jetbrains.kotlin", name: "kotlin-stdlib-jdk8", version: libraryVersions.kotlin
-
-        // Required for successful build with JDK 11
-        compileOnly group: "javax.xml.bind", name: "jaxb-api", version: libraryVersions.jaxb
-        testImplementation group: "javax.xml.bind", name: "jaxb-api", version: libraryVersions.jaxb
-        testImplementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
-        testImplementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
-        testImplementation group: "com.sun.activation", name: "javax.activation", version: libraryVersions.jaxActivation
-    }
-
-    tasks.withType(KotlinCompile) {
-        kotlinOptions {
-            jvmTarget = "11"
-        }
-    }
-
-    tasks.withType(JavaCompile) {
-        options.encoding = "UTF-8"
-//        options.compilerArgs << "-Xlint:unchecked"
-//        options.deprecation = true
-    }
-
-    tasks.withType(Jar) {
-        jar {
-            manifest {
-                attributes "Bundle-Vendor": "Fraunhofer AISEC"
-                attributes "-noee": true
-            }
-        }
-    }
-}
-
-configure(subprojects.findAll { it.name != "examples" }) {
-    apply plugin: "com.diffplug.gradle.spotless"
-
-    spotless {
-        java {
-            enforceCheck = false // do not really check for now, we first need to format all the files
-
-            googleJavaFormat()
-
-            licenseHeader("""/*-
- * ========================LICENSE_START=================================
- * """ + project.name + """
-" * %%
- * Copyright (C) \$YEAR Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */""").yearSeparator(" - ")
-        }
-    }
-}
-
-final Map<String, String> descriptions = [
-        "idscp2": "IDSCP2 Protocol Implementation",
-        "idscp2-app-layer": "IDSCP2 Application Layer Implementation",
-        "camel-idscp2": "Camel IDSCP2 Component Implementation"
-]
-
-configure(subprojects.findAll {
-    /*it.name == "ids-api" || it.name == "ids-comm" ||*/ it.name.startsWith("idscp2") || it.name == "camel-idscp2"
-}) {
-    apply plugin: "maven-publish"
-    apply plugin: "signing"
-
-    task sourcesJar(type: Jar) {
-        from sourceSets.main.allSource
-        from ("src/main") {
-            include "proto/**"
-        }
-        archiveClassifier = "sources"
-    }
-
-    task javadocJar(type: Jar) {
-        from javadoc
-        archiveClassifier = "javadoc"
-    }
-
-    // Must disable gradle metadata because of infomodel SNAPSHOT dependencies
-    tasks.withType(GenerateModuleMetadata) {
-        enabled = false
-    }
-
-    publishing {
-        publications {
-            idsLibrary(MavenPublication) {
-                from components.java
-                artifact sourcesJar
-                artifact javadocJar
-                pom {
-                    name = project.name
-                    description = descriptions[project.name]
-                    url = "https://github.com/industrial-data-space/trusted-connector"
-                    licenses {
-                        license {
-                            name = "The Apache License, Version 2.0"
-                            url = "http://www.apache.org/licenses/LICENSE-2.0.txt"
-                        }
-                    }
-                    developers {
-                        developer {
-                            name = "Michael Lux"
-                            email = "michael.lux@aisec.fraunhofer.de"
-                            organization = "Fraunhofer AISEC"
-                            organizationUrl = "aisec.fraunhofer.de"
-                        }
-                    }
-                    scm {
-                        connection = "scm:git:git://github.com:industrial-data-space/trusted-connector.git"
-                        developerConnection = "scm:git:ssh://github.com:industrial-data-space/trusted-connector.git"
-                        url = "https://github.com/industrial-data-space/trusted-connector"
-                    }
-                }
-            }
-        }
-
-        repositories {
-            maven {
-                def releasesRepoUrl = "https://oss.sonatype.org/service/local/staging/deploy/maven2"
-                def snapshotsRepoUrl = "https://oss.sonatype.org/content/repositories/snapshots"
-                url = version.endsWith("SNAPSHOT") ? snapshotsRepoUrl : releasesRepoUrl
-
-                credentials {
-                    username = project.findProperty("deployUsername")
-                    password = project.findProperty("deployPassword")
-                }
-            }
-        }
-    }
-
-    signing {
-        useGpgCmd()
-        sign publishing.publications.idsLibrary
-    }
-}
-
-// Always write project version to version.txt after build/install
-task dumpVersion {
-    new File(project.projectDir, "version.txt").text = project.version
-}
\ No newline at end of file
diff --git a/build.gradle.kts b/build.gradle.kts
new file mode 100644
index 000000000..9381970d0
--- /dev/null
+++ b/build.gradle.kts
@@ -0,0 +1,173 @@
+import org.gradle.api.tasks.testing.logging.TestExceptionFormat
+import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
+import org.yaml.snakeyaml.Yaml
+
+buildscript {
+    dependencies {
+        classpath("org.yaml:snakeyaml:1.26")
+    }
+}
+
+repositories {
+    mavenCentral()
+}
+
+plugins {
+    java
+    maven
+    id("com.google.protobuf") version "0.8.15"
+    id("com.moowork.node") version "1.3.1"
+    // WARNING: Versions 5.2.x onwards export java.* packages, which is not allowed in Felix OSGi Resolver!
+    // See http://karaf.922171.n3.nabble.com/Manifest-import-problems-td4059042.html
+    id("biz.aQute.bnd") version "5.1.2" apply false
+    id("com.github.lburgazzoli.karaf") version "0.5.1"
+    id("org.jetbrains.kotlin.jvm") version "1.4.31"
+    id("com.github.jlouns.cpe") version "0.5.0"
+    id("com.benjaminsproule.swagger") version "1.0.14"
+    id("com.diffplug.spotless") version "5.11.0"
+    id("com.github.jk1.dependency-license-report") version "1.16"
+}
+
+@Suppress("UNCHECKED_CAST")
+val libraryVersions: Map<String, String> =
+    Yaml().loadAs(file("${rootDir}/libraryVersions.yaml").inputStream(), Map::class.java) as Map<String, String>
+extra.set("libraryVersions", libraryVersions)
+
+licenseReport {
+    configurations = arrayOf("compile", "providedByFeature", "providedByBundle")
+}
+
+allprojects {
+    group = "de.fhg.aisec.ids"
+    version = "4.0.0"
+}
+
+subprojects {
+    repositories {
+        mavenCentral()
+        mavenLocal()
+
+        // References IAIS repository that contains the infomodel artifacts
+        maven("https://maven.iais.fraunhofer.de/artifactory/eis-ids-public/")
+    }
+
+    apply(plugin = "biz.aQute.bnd.builder")
+    apply(plugin = "java")
+    apply(plugin = "maven")
+    apply(plugin = "kotlin")
+
+    java {
+        sourceCompatibility = JavaVersion.VERSION_11
+        targetCompatibility = JavaVersion.VERSION_11
+    }
+
+    tasks.test {
+        exclude("**/*IT.*")
+    }
+
+    val integrationTest = tasks.register<Test>("integrationTest") {
+        include("**/*IT.*")
+        systemProperty("project.version", "$project.version")
+    }
+
+    tasks.withType<Test> {
+        testLogging {
+            events("failed")
+            exceptionFormat = TestExceptionFormat.FULL
+        }
+    }
+
+    tasks.check {
+        dependsOn(integrationTest)
+    }
+
+    // Configuration for dependencies that will be provided through features in the OSGi environment
+    val providedByFeature by configurations.creating
+
+    // Configurations for dependencies that will be provided through bundles in the OSGi environment
+    // Separate configurations are required when two bundles depend on different versions of the same bundle!
+    val providedByBundle by configurations.creating
+    val unixSocketBundle by configurations.creating
+    val infomodelBundle by configurations.creating
+
+    // Configurations for bundles grouped to dedicated features apart from the main ids feature
+    @Suppress("UNUSED_VARIABLE")
+    val influxFeature by configurations.creating
+    @Suppress("UNUSED_VARIABLE")
+    val zmqFeature by configurations.creating
+
+    // OSGi core dependencies which will just be there during runtime
+    val osgiCore by configurations.creating
+
+    // For artifacts that should be included as "compile" dependencies into published maven artifacts
+    val publishCompile by configurations.creating
+
+    configurations["compile"].extendsFrom(providedByFeature, providedByBundle, unixSocketBundle, infomodelBundle,
+        osgiCore, publishCompile)
+
+    dependencies {
+        // Logging API
+        providedByBundle("org.slf4j", "slf4j-simple", libraryVersions["slf4j"])
+
+        // Needed for kotlin modules, provided at runtime via kotlin-osgi-bundle in karaf-features-ids
+        compileOnly("org.jetbrains.kotlin", "kotlin-stdlib-jdk8", libraryVersions["kotlin"])
+    }
+
+    tasks.withType<KotlinCompile> {
+        kotlinOptions {
+            jvmTarget = "11"
+        }
+    }
+
+    tasks.withType<JavaCompile> {
+        options.encoding = "UTF-8"
+        options.compilerArgs.add("-Xlint:unchecked")
+//        options.isDeprecation = true
+    }
+
+    tasks.jar {
+        manifest {
+            attributes(
+                    "Bundle-Vendor" to "Fraunhofer AISEC",
+                    "-noee" to true
+            )
+        }
+    }
+}
+
+configure(subprojects.filter { it.name != "examples" }) {
+    apply(plugin = "com.diffplug.spotless")
+
+    spotless {
+        isEnforceCheck = false
+
+        kotlin {
+            licenseHeader("""/*-
+ * ========================LICENSE_START=================================
+ * ${project.name}
+ * %%
+ * Copyright (C) \${"$"}YEAR Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */""").yearSeparator(" - ")
+        }
+    }
+}
+
+// Always write project version to version.txt after build/install
+tasks.register<Task>("dumpVersion") {
+    file(project.projectDir).resolve("version.txt").bufferedWriter().use {
+        it.write(project.version.toString())
+    }
+}
\ No newline at end of file
diff --git a/buildx/docker-bake-multi.hcl b/buildx/docker-bake-multi.hcl
index cc69dfbe2..660b5f6b4 100644
--- a/buildx/docker-bake-multi.hcl
+++ b/buildx/docker-bake-multi.hcl
@@ -18,29 +18,9 @@ target "core" {
   platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
 }
 
-target "tpmsim" {
-  output = ["type=registry"]
-//  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-tpmsim:cache"]
-//  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-tpmsim:cache"]
-  platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
-}
-
-# Caching not practical here, since build from jdk-base is trivial
-target "ttpsim" {
-  output = ["type=registry"]
-  platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
-}
-
-target "example-idscp-consumer-app" {
-  output = ["type=registry"]
-//  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-example-server:cache"]
-//  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-example-server:cache"]
-  platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
-}
-
-target "example-idscp-provider-app" {
-  output = ["type=registry"]
-//  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-example-client:cache"]
-//  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-example-client:cache"]
-  platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
-}
+//target "tpmsim" {
+//  output = ["type=registry"]
+////  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-tpmsim:cache"]
+////  cache-from = ["registry.netsec.aisec.fraunhofer.de/tc-tpmsim:cache"]
+//  platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
+//}
\ No newline at end of file
diff --git a/buildx/docker-bake.hcl b/buildx/docker-bake.hcl
index ee0463639..762c7eb3d 100644
--- a/buildx/docker-bake.hcl
+++ b/buildx/docker-bake.hcl
@@ -10,18 +10,6 @@ target "core" {
   output = ["type=docker"]
 }
 
-target "tpmsim" {
-  output = ["type=docker"]
-}
-
-target "ttpsim" {
-  output = ["type=docker"]
-}
-
-target "example-idscp-consumer-app" {
-  output = ["type=docker"]
-}
-
-target "example-idscp-provider-app" {
-  output = ["type=docker"]
-}
\ No newline at end of file
+//target "tpmsim" {
+//  output = ["type=docker"]
+//}
\ No newline at end of file
diff --git a/buildx/docker-buildx.sh b/buildx/docker-buildx.sh
index 77266b274..397cd9a97 100755
--- a/buildx/docker-buildx.sh
+++ b/buildx/docker-buildx.sh
@@ -35,7 +35,7 @@ eval set -- "$PARSED"
 EXAMPLE_TAG_ARG="develop"
 DOCKER_BUILD_TAG_ARG="develop"
 BASE_IMAGE_ARG="adoptopenjdk:11-jdk-hotspot-focal"
-TARGETS="core tpmsim ttpsim example-idscp-consumer-app example-idscp-provider-app"
+TARGETS="core"
 FILES=""
 BUILD_CONTAINER=0
 
@@ -49,6 +49,10 @@ while true; do
     EXAMPLE_TAG_ARG="$2"
     shift 2
     ;;
+  --targets)
+    TARGETS="$2"
+    shift 2
+    ;;
   -b | --base-image)
     BASE_IMAGE_ARG="$2"
     shift 2
diff --git a/buildx/docker-compose.yml b/buildx/docker-compose.yml
index 90c75a0db..b60d95b99 100644
--- a/buildx/docker-compose.yml
+++ b/buildx/docker-compose.yml
@@ -25,29 +25,8 @@ services:
       args:
         JDK_BASE_IMAGE: fraunhoferaisec/jdk-base:${DOCKER_BUILD_TAG:-develop}
 
-  # TPM simulator
-  tpmsim:
-    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-    build:
-      context: '../examples/tpmsim'
-
-  # Trusted third party (RAT repository) simulator
-  ttpsim:
-    image: fraunhoferaisec/ttpsim:${EXAMPLE_TAG:-develop}
-    build:
-      context: '../rat-repository'
-      args:
-        JDK_BASE_IMAGE: fraunhoferaisec/jdk-base:${DOCKER_BUILD_TAG:-develop}
-        VERSION: ${PROJECT_VERSION}
-
-  # IDSCP example data app (REST consumer, displays web page)
-  example-idscp-consumer-app:
-    image: fraunhoferaisec/example-server:${EXAMPLE_TAG:-develop}
-    build:
-      context: '../examples/example-idscp/example-server'
-
-  # IDSCP example data provider
-  example-idscp-provider-app:
-    image: fraunhoferaisec/example-client:${EXAMPLE_TAG:-develop}
-    build:
-      context: '../examples/example-idscp/example-client'
\ No newline at end of file
+#  # TPM simulator
+#  tpmsim:
+#    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
+#    build:
+#      context: '../examples/tpmsim'
\ No newline at end of file
diff --git a/camel-ids/.classpath b/camel-ids/.classpath
deleted file mode 100644
index 7657d3ee9..000000000
--- a/camel-ids/.classpath
+++ /dev/null
@@ -1,15 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
-	<classpathentry excluding="target/generated-sources/annotations/" kind="src" path=""/>
-	<classpathentry kind="src" path="target/generated-sources/annotations">
-		<attributes>
-			<attribute name="optional" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="src" path=".apt_generated">
-		<attributes>
-			<attribute name="optional" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="output" path="target/classes"/>
-</classpath>
diff --git a/camel-ids/.gitignore b/camel-ids/.gitignore
deleted file mode 100644
index 2d5934877..000000000
--- a/camel-ids/.gitignore
+++ /dev/null
@@ -1,6 +0,0 @@
-configuration.db
-/cp.txt
-*.pyc
-/.classpath
-/.apt_generated/
-/socket/
diff --git a/camel-ids/DEVS.TXT b/camel-ids/DEVS.TXT
deleted file mode 100644
index 3c8d586c0..000000000
--- a/camel-ids/DEVS.TXT
+++ /dev/null
@@ -1 +0,0 @@
-Based on (forked from) camel-ahc-ws/camel-websocket 6cfdf4214288854d2f91a0fbf407ee1df99a8a01 https://github.com/apache/camel/commit/6cfdf4214288854d2f91a0fbf407ee1df99a8a01
\ No newline at end of file
diff --git a/camel-ids/LICENSE.txt b/camel-ids/LICENSE.txt
deleted file mode 100644
index 261eeb9e9..000000000
--- a/camel-ids/LICENSE.txt
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/camel-ids/README.md b/camel-ids/README.md
deleted file mode 100644
index 7f1b95d58..000000000
--- a/camel-ids/README.md
+++ /dev/null
@@ -1 +0,0 @@
-The _camel-ids_ module adds IDSCP support to the integrated Camel deployment. It creates a Camel Component to make the IDSCP available while building Camel routes. IDSCP itself is contained in module _ids-comm_.
diff --git a/camel-ids/bnd.bnd b/camel-ids/bnd.bnd
deleted file mode 100644
index 5ea70404e..000000000
--- a/camel-ids/bnd.bnd
+++ /dev/null
@@ -1,11 +0,0 @@
-Bundle-Name: IDS :: Camel IDSCP Support
-Bundle-Description: Camel IDS protocol support
-Export-Package: de.fhg.camel.ids.server,\
-	de.fhg.camel.ids.connectionmanagement,\
-	de.fhg.camel.ids.client
-Import-Package: \
-	!org.checkerframework.checker.*,\
-	*
-DynamicImport-Package: \
-	org.asynchttpclient.netty.*,\
-	com.typesafe.netty.*
diff --git a/camel-ids/build.gradle b/camel-ids/build.gradle
deleted file mode 100644
index b6650298c..000000000
--- a/camel-ids/build.gradle
+++ /dev/null
@@ -1,26 +0,0 @@
-description = 'Camel IDS Component'
-
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-    providedByBundle(project(':ids-comm')) { transitive = false }
-
-    providedByFeature group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
-    providedByFeature group: 'org.apache.camel', name: 'camel-ahc', version: libraryVersions.camel
-
-    providedByFeature group: 'org.eclipse.jetty', name: 'jetty-servlet', version: libraryVersions.jetty
-    providedByFeature group: 'org.eclipse.jetty', name: 'jetty-jmx', version: libraryVersions.jetty
-    providedByFeature group: 'org.eclipse.jetty', name: 'jetty-servlets', version: libraryVersions.jetty
-
-    providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-server', version: libraryVersions.jetty
-    providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-client', version: libraryVersions.jetty
-
-    compileOnly group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
-
-    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-
-    providedByFeature group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
-
-    testImplementation group: 'junit', name: 'junit'
-    testImplementation group: 'org.apache.camel', name: 'camel-test', version: libraryVersions.camel
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/CamelComponent.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/CamelComponent.java
deleted file mode 100644
index a632efd4a..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/CamelComponent.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids;
-
-import de.fhg.aisec.ids.api.endpointconfig.EndpointConfigManager;
-import de.fhg.aisec.ids.api.infomodel.InfoModel;
-import de.fhg.aisec.ids.api.settings.Settings;
-import de.fhg.aisec.ids.api.tokenm.TokenManager;
-import org.checkerframework.checker.nullness.qual.Nullable;
-import org.osgi.service.component.annotations.*;
-
-@Component
-public class CamelComponent {
-
-  @Reference(cardinality = ReferenceCardinality.MANDATORY)
-  private Settings settings = null;
-
-  @Reference(cardinality = ReferenceCardinality.MANDATORY)
-  private InfoModel infoModelManager = null;
-
-  @Reference(cardinality = ReferenceCardinality.OPTIONAL)
-  private TokenManager tokenManager = null;
-
-  @Reference(cardinality = ReferenceCardinality.OPTIONAL)
-  private EndpointConfigManager endpointConfigManager = null;
-
-  private static CamelComponent instance;
-
-  @Activate
-  @SuppressWarnings("squid:S2696")
-  protected void activate() {
-    instance = this;
-  }
-
-  @Deactivate
-  @SuppressWarnings("squid:S2696")
-  protected void deactivate() {
-    instance = null;
-  }
-
-  @Nullable
-  public static Settings getSettings() {
-    CamelComponent in = instance;
-    if (in != null) {
-      return in.settings;
-    }
-    return null;
-  }
-
-  /**
-   * Is actually NonNull due to ReferenceCardinality.MANDATORY,
-   * but instance might be null for Unit Tests
-   * @return Info-Model-Manager instance
-   */
-  @Nullable
-  public static InfoModel getInfoModelManager() {
-    CamelComponent in = instance;
-    if (in != null) {
-      return in.infoModelManager;
-    }
-    return null;
-  }
-
-  /**
-   * Is actually NonNull due to ReferenceCardinality.MANDATORY,
-   * but instance might be null for Unit Tests
-   * @return Token-Manager instance
-   */
-  @Nullable
-  public static TokenManager getTokenManager() {
-    CamelComponent in = instance;
-    if (in != null) {
-      return in.tokenManager;
-    }
-    return null;
-  }
-
-  @Nullable
-  public static EndpointConfigManager getEndpointConfigManager() {
-    CamelComponent in = instance;
-    if (in != null) {
-      return in.endpointConfigManager;
-    }
-    return null;
-  }
-
-  public void setSettings(Settings settings) {
-    this.settings = settings;
-  }
-
-  public void setInfoModelManager(InfoModel infoModelManager) {
-    this.infoModelManager = infoModelManager;
-  }
-
-  public void setTokenManager(TokenManager tokenManager) {
-    this.tokenManager = tokenManager;
-  }
-
-  public void setEndpointConfigManager(EndpointConfigManager endpointConfigManager) {
-    this.endpointConfigManager = endpointConfigManager;
-  }
-
-  public static void setInstance(CamelComponent instance) {
-    CamelComponent.instance = instance;
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/IdscpConstants.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/IdscpConstants.java
deleted file mode 100644
index bc53fda9a..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/IdscpConstants.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids;
-
-/** */
-public final class IdscpConstants {
-  public static final String WS_PROTOCOL = "idsclientplain";
-  public static final String WSS_PROTOCOL = "idsclient";
-
-  private IdscpConstants() {}
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/ProxyX509TrustManager.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/ProxyX509TrustManager.java
deleted file mode 100644
index 5ee731365..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/ProxyX509TrustManager.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids;
-
-import de.fhg.aisec.ids.comm.CertificatePair;
-import org.apache.camel.support.jsse.*;
-
-import javax.net.ssl.X509TrustManager;
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.Enumeration;
-
-public class ProxyX509TrustManager implements X509TrustManager {
-
-  public static void bindCertificatePair(
-      SSLContextParameters sslContextParameters, boolean isServer, CertificatePair certificatePair)
-      throws GeneralSecurityException, IOException {
-    // Acquire the local certificate
-    if (sslContextParameters.getKeyManagers() != null) {
-      KeyManagersParameters keyManagers = sslContextParameters.getKeyManagers();
-      if (keyManagers.getKeyStore() != null) {
-        KeyStoreParameters keyStoreParameters = keyManagers.getKeyStore();
-        KeyStore keyStore = keyStoreParameters.createKeyStore();
-        // If a certificate alias is set, use it
-        String alias = sslContextParameters.getCertAlias();
-
-        // Otherwise, the first alias with a private key is relevant for us
-        if (alias == null) {
-          Enumeration<String> es = keyStore.aliases();
-          while (es.hasMoreElements()) {
-            alias = es.nextElement();
-            if (keyStore.isKeyEntry(alias)) {
-              break;
-            }
-          }
-        }
-        // Now assign the certificate from the key store to the pair
-        if (alias != null) {
-          certificatePair.setLocalCertificate(keyStore.getCertificate(alias));
-        }
-      }
-    }
-    // Acquire the remote server certificate OR just configure the server
-    if (isServer) {
-      // SERVER ONLY: Configure server to ask for client certificates
-      SSLContextServerParameters serverParameters = sslContextParameters.getServerParameters();
-      if (serverParameters == null) {
-        serverParameters = new SSLContextServerParameters();
-      }
-      serverParameters.setClientAuthentication("WANT");
-      sslContextParameters.setServerParameters(serverParameters);
-    } else {
-      // CLIENT ONLY: Replace X509TrustManager with this proxy implementation to log certificate of
-      // remote server
-      TrustManagersParameters tmParams = sslContextParameters.getTrustManagers();
-      X509TrustManager systemTrustManager = (X509TrustManager) tmParams.createTrustManagers()[0];
-      tmParams.setTrustManager(new ProxyX509TrustManager(systemTrustManager, certificatePair));
-    }
-  }
-
-  private final X509TrustManager trustManager;
-  private final CertificatePair certificatePair;
-
-  public ProxyX509TrustManager(X509TrustManager trustManager, CertificatePair certificatePair) {
-    this.trustManager = trustManager;
-    this.certificatePair = certificatePair;
-  }
-
-  @Override
-  public void checkClientTrusted(X509Certificate[] chain, String authType)
-      throws CertificateException {
-    trustManager.checkClientTrusted(chain, authType);
-  }
-
-  @Override
-  public void checkServerTrusted(X509Certificate[] chain, String authType)
-      throws CertificateException {
-    // Save observed server certificate
-    certificatePair.setRemoteCertificate(chain[0]);
-    trustManager.checkServerTrusted(chain, authType);
-  }
-
-  @Override
-  public X509Certificate[] getAcceptedIssuers() {
-    return trustManager.getAcceptedIssuers();
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/WebSocketConstants.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/WebSocketConstants.java
deleted file mode 100644
index 7fc982549..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/WebSocketConstants.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids;
-
-public final class WebSocketConstants {
-
-  public static final String DEFAULT_PORT = "9292";
-  public static final String DEFAULT_HOST = "0.0.0.0";
-
-  public static final String CONNECTION_KEY = "websocket.connectionKey";
-
-  public static final String WS_PROTOCOL = "ws";
-  public static final String WSS_PROTOCOL = "wss";
-
-  private WebSocketConstants() {}
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsComponent.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsComponent.java
deleted file mode 100644
index f23d9ebf5..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsComponent.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.client;
-
-import de.fhg.aisec.ids.camel.ids.IdscpConstants;
-import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
-import org.apache.camel.component.ahc.AhcComponent;
-import org.apache.camel.component.ahc.AhcEndpoint;
-
-import java.net.URI;
-
-public class WsComponent extends AhcComponent {
-
-  @Override
-  protected String createAddressUri(String uri, String remaining) {
-    if (uri.startsWith(IdscpConstants.WSS_PROTOCOL + ":")) {
-      uri = uri.replaceFirst(IdscpConstants.WSS_PROTOCOL, WebSocketConstants.WSS_PROTOCOL);
-    } else if (uri.startsWith(IdscpConstants.WS_PROTOCOL + ":")) {
-      uri = uri.replaceFirst(IdscpConstants.WS_PROTOCOL, WebSocketConstants.WS_PROTOCOL);
-    }
-    // Should not happen
-    return uri;
-  }
-
-  @Override
-  protected AhcEndpoint createAhcEndpoint(String endpointUri, AhcComponent component, URI httpUri) {
-    return new WsEndpoint(endpointUri, (WsComponent) component);
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsConsumer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsConsumer.java
deleted file mode 100644
index 2a719a34d..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsConsumer.java
+++ /dev/null
@@ -1,105 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.client;
-
-import org.apache.camel.Exchange;
-import org.apache.camel.Processor;
-import org.apache.camel.support.DefaultConsumer;
-
-import java.io.InputStream;
-import java.io.Reader;
-
-/**
- * A camel consumer retrieves an message, wraps in a Camel Exchange object and feeds it into Camel.
- *
- * <p>This is basically the implementation of a web socket server which accepts messages and sends
- * them to Camel.
- *
- * @author Julian Schütte (julian.schuette@aisec.fraunhofer.de)
- */
-public class WsConsumer extends DefaultConsumer {
-
-  public WsConsumer(WsEndpoint endpoint, Processor processor) {
-    super(endpoint, processor);
-  }
-
-  @Override
-  public void start() {
-    super.start();
-    getEndpoint().connect(this);
-  }
-
-  @Override
-  public void stop() {
-    getEndpoint().disconnect(this);
-    super.stop();
-  }
-
-  @Override
-  public WsEndpoint getEndpoint() {
-    return (WsEndpoint) super.getEndpoint();
-  }
-
-  public void sendMessage(String message) {
-    sendMessageInternal(message);
-  }
-
-  public void sendMessage(Throwable throwable) {
-    sendMessageInternal(throwable);
-  }
-
-  public void sendMessage(byte[] message) {
-    sendMessageInternal(message);
-  }
-
-  public void sendMessage(InputStream message) {
-    sendMessageInternal(message);
-  }
-
-  public void sendMessage(Reader message) {
-    sendMessageInternal(message);
-  }
-
-  private void sendMessageInternal(Object message) {
-    final Exchange exchange = getEndpoint().createExchange();
-
-    // TODO may set some headers with some meta info (e.g., socket info, unique-id for correlation
-    // purpose, etc0
-    // set the body
-
-    if (message instanceof Throwable) {
-      exchange.setException((Throwable) message);
-    } else {
-      exchange.getIn().setBody(message);
-    }
-
-    // send exchange using the async routing engine
-    getAsyncProcessor()
-        .process(
-            exchange,
-            doneSync -> {
-              if (exchange.getException() != null) {
-                getExceptionHandler()
-                    .handleException(
-                        "Error processing exchange", exchange, exchange.getException());
-              }
-            });
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsEndpoint.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsEndpoint.java
deleted file mode 100644
index 5f71f1519..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsEndpoint.java
+++ /dev/null
@@ -1,337 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.client;
-
-import de.fhg.aisec.ids.api.conm.IDSCPOutgoingConnection;
-import de.fhg.aisec.ids.api.infomodel.InfoModel;
-import de.fhg.aisec.ids.api.settings.Settings;
-import de.fhg.aisec.ids.camel.ids.CamelComponent;
-import de.fhg.aisec.ids.camel.ids.IdscpConstants;
-import de.fhg.aisec.ids.camel.ids.ProxyX509TrustManager;
-import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
-import de.fhg.aisec.ids.comm.CertificatePair;
-import de.fhg.aisec.ids.comm.client.ClientConfiguration;
-import de.fhg.aisec.ids.comm.client.IdspClientSocket;
-import de.fhg.aisec.ids.comm.ws.protocol.IDSCPException;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import org.apache.camel.Consumer;
-import org.apache.camel.Processor;
-import org.apache.camel.Producer;
-import org.apache.camel.component.ahc.AhcEndpoint;
-import org.apache.camel.spi.UriEndpoint;
-import org.apache.camel.spi.UriParam;
-import org.apache.camel.support.jsse.SSLContextParameters;
-import org.asynchttpclient.*;
-import org.asynchttpclient.ws.WebSocket;
-import org.asynchttpclient.ws.WebSocketUpgradeHandler;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.security.GeneralSecurityException;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.TimeUnit;
-
-/**
- * This is the client-side implementation of a Camel endpoint for the IDS communication protocol
- * (IDCP).
- *
- * <p>It is based on camel-ahc, further info is available at: <a
- * href="http://github.com/sonatype/async-http-client">Async Http Client</a>.
- */
-@UriEndpoint(
-  scheme = "idsclientplain,idsclient",
-  extendsScheme = "ahc,ahc",
-  title = "IDS Protocol",
-  syntax = "idsclient:httpUri",
-  label = "websocket"
-)
-public class WsEndpoint extends AhcEndpoint {
-  private static final Logger LOG = LoggerFactory.getLogger(WsEndpoint.class);
-
-  private static final List<IDSCPOutgoingConnection> outgoingConnections = new ArrayList<>();
-
-  private final Set<WsConsumer> consumers = new HashSet<>();
-  private final WsListener listener = new WsListener(consumers, this);
-  private WebSocket websocket;
-  private final CertificatePair certificatePair = new CertificatePair();
-
-  @UriParam(label = "producer")
-  private boolean useStreaming;
-
-  @UriParam(label = "consumer")
-  private boolean sendMessageOnError;
-
-  @UriParam(
-    label = "attestation",
-    defaultValue = "0",
-    description =
-        "defines the remote attestation mode: 0=BASIC, 1=ALL, 2=ADVANCED, 3=ZERO. default value is 0=BASIC. (see api/attestation.proto for more details)"
-  )
-  private int attestation = IdsAttestationType.BASIC.getNumber();
-
-  @UriParam(
-    label = "attestationMask",
-    defaultValue = "0",
-    description =
-        "defines the upper boundary of PCR values tested in ADVANCED mode. i.e. attestationMask=5 means values PCR0, PCR1, PCR2, PCR3 and PCR4"
-  )
-  private Integer attestationMask = 0;
-
-  public WsEndpoint(String endpointUri, WsComponent component) {
-    super(endpointUri, component, null);
-  }
-
-  @Override
-  public void setSslContextParameters(SSLContextParameters sslContextParameters) {
-    if (sslContextParameters != null) {
-      try {
-        ProxyX509TrustManager.bindCertificatePair(sslContextParameters, false, certificatePair);
-      } catch (GeneralSecurityException | IOException e) {
-        LOG.error("Failed to patch TrustManager for WsEndpoint", e);
-      }
-    }
-    super.setSslContextParameters(sslContextParameters);
-  }
-
-  @Override
-  public WsComponent getComponent() {
-    return (WsComponent) super.getComponent();
-  }
-
-  @Override
-  public Producer createProducer() {
-    return new WsProducer(this);
-  }
-
-  @Override
-  public Consumer createConsumer(Processor processor) {
-    return new WsConsumer(this, processor);
-  }
-
-  public static List<IDSCPOutgoingConnection> getOutgoingConnections() {
-    return outgoingConnections;
-  }
-
-  WebSocket getWebSocket() {
-    synchronized (this) {
-      // ensure we are connected
-      reConnect();
-    }
-    return websocket;
-  }
-
-  @SuppressWarnings("unused")
-  void setWebSocket(WebSocket websocket) {
-    this.websocket = websocket;
-  }
-
-  public boolean isUseStreaming() {
-    return useStreaming;
-  }
-
-  /** To enable streaming to send data as multiple text fragments. */
-  @SuppressWarnings("unused")
-  public void setUseStreaming(boolean useStreaming) {
-    this.useStreaming = useStreaming;
-  }
-
-  public boolean isSendMessageOnError() {
-    return sendMessageOnError;
-  }
-
-  @SuppressWarnings("unused")
-  public void setAttestation(int type) {
-    this.attestation = type;
-  }
-
-  public int getAttestation() {
-    return attestation;
-  }
-
-  @SuppressWarnings("unused")
-  public void setAttestationMask(int type) {
-    this.attestationMask = type;
-  }
-
-  public int getAttestationMask() {
-    return attestationMask;
-  }
-
-  /** Whether to send an message if the web-socket listener received an error. */
-  @SuppressWarnings("unused")
-  public void setSendMessageOnError(boolean sendMessageOnError) {
-    this.sendMessageOnError = sendMessageOnError;
-  }
-
-  @Override
-  protected AsyncHttpClient createClient(AsyncHttpClientConfig config) {
-    if (config == null) {
-      config = new DefaultAsyncHttpClientConfig.Builder().build();
-    }
-    return new DefaultAsyncHttpClient(config);
-  }
-
-  public void connect() {
-    String uri = getHttpUri().toASCIIString();
-    if (uri.startsWith(IdscpConstants.WSS_PROTOCOL + ":")) {
-      uri = uri.replaceFirst(IdscpConstants.WSS_PROTOCOL, WebSocketConstants.WSS_PROTOCOL);
-    } else if (uri.startsWith(IdscpConstants.WS_PROTOCOL + ":")) {
-      uri = uri.replaceFirst(IdscpConstants.WS_PROTOCOL, WebSocketConstants.WS_PROTOCOL);
-    }
-
-    LOG.debug("Connecting to {}", uri);
-    BoundRequestBuilder reqBuilder =
-        getClient().prepareGet(uri).addHeader("Sec-WebSocket-Protocol", "ids");
-
-    LOG.debug("remote-attestation mode: {}", this.getAttestation());
-    LOG.debug("remote-attestation mask: {}", this.getAttestationMask());
-
-    IdsAttestationType attestationType = IdsAttestationType.forNumber(this.getAttestation());
-    if (attestationType == null) {
-      throw new RuntimeException("Error: " + this.getAttestation()
-              + " does not seem to be a valid attestation type, aborting");
-    }
-
-    // Execute IDS protocol immediately after connect
-    Settings settings = CamelComponent.getSettings();
-    URI ttpUri = null;
-    try {
-      if (settings != null) {
-        ttpUri =
-            new URI(
-                String.format(
-                    "https://%s:%d/rat-verify",
-                    settings.getConnectorConfig().getTtpHost(),
-                    settings.getConnectorConfig().getTtpPort()));
-      }
-    } catch (URISyntaxException e) {
-      LOG.error("incorrect TTP URI syntax", e);
-    }
-    if (ttpUri == null) {
-      throw new RuntimeException("Error: ttpUri required, aborting!");
-    }
-
-    InfoModel infoModelManager = CamelComponent.getInfoModelManager();
-    ClientConfiguration.Builder clientConfigBuilder =
-        new ClientConfiguration.Builder()
-            .attestationType(attestationType)
-            .attestationMask(this.getAttestationMask())
-            .certificatePair(certificatePair)
-            .ttpUrl(ttpUri);
-    if (infoModelManager == null) {
-      clientConfigBuilder
-          .rdfDescription("{\"message\":\"Infomodel is not available\"}")
-          .dynamicAttributeToken("{\"message\":\"DAPS token is not available\"}");
-    } else {
-      try {
-        clientConfigBuilder.rdfDescription(infoModelManager.getConnectorAsJsonLd());
-      } catch (Exception x) {
-        LOG.error("Infomodel load failed, please configure a valid Infomodel via the REST API!");
-        clientConfigBuilder.rdfDescription("{\"message\":\"Infomodel is not available\"}");
-      }
-      try {
-        clientConfigBuilder.dynamicAttributeToken(infoModelManager.getDynamicAttributeToken());
-      } catch (Exception x) {
-        LOG.error("DAPS token load failed, please verify your DAPS configuration!");
-        clientConfigBuilder.dynamicAttributeToken("{\"message\":\"DAPS token is not available\"}");
-      }
-    }
-    IdspClientSocket idspListener = new IdspClientSocket(clientConfigBuilder.build());
-
-    try {
-      // Block until IDSCP has finished
-      idspListener.semaphore().lockInterruptibly();
-
-      websocket =
-          reqBuilder
-              .execute(
-                  new WebSocketUpgradeHandler.Builder().addWebSocketListener(idspListener).build())
-              .get();
-
-      do {
-        try {
-          if (idspListener.idscpInProgressCondition().await(30, TimeUnit.SECONDS)) {
-            break;
-          }
-        } catch (InterruptedException ie) {
-          LOG.warn("Interrupt occurred whilst waiting for IDSCP handshake", ie);
-          Thread.currentThread().interrupt();
-        }
-      } while (!idspListener.isTerminated()); // To handle sporadic wake-ups
-    } catch (ExecutionException | InterruptedException e) {
-      Thread.currentThread().interrupt();
-      throw new IDSCPException("Error in WebSocket connect", e);
-    } finally {
-      idspListener.semaphore().unlock();
-    }
-    // get remote address, get upgrade headers, instantiate ConnectionManagerService to register
-    // websocket
-    // When IDS protocol has finished, hand over to normal web socket listener
-    websocket.addWebSocketListener(listener);
-    websocket.removeWebSocketListener(idspListener);
-
-    // Add Client Endpoint information to static List
-    IDSCPOutgoingConnection ce = new IDSCPOutgoingConnection();
-    ce.setAttestationResult(idspListener.getAttestationResult());
-    ce.setMetaData(idspListener.getMetaResult());
-    ce.setEndpointIdentifier(this.getEndpointUri());
-    ce.setEndpointKey(this.getEndpointKey());
-    ce.setRemoteIdentity(websocket.getRemoteAddress().toString());
-    outgoingConnections.add(ce);
-  }
-
-  @Override
-  protected void doStop() throws Exception {
-    if (websocket != null && websocket.isOpen()) {
-      if (LOG.isDebugEnabled()) {
-        LOG.debug("Disconnecting from {}", getHttpUri().toASCIIString());
-      }
-      websocket.removeWebSocketListener(listener);
-      websocket.sendCloseFrame();
-      websocket = null;
-    }
-    outgoingConnections.removeIf(ic -> ic.getEndpointKey().equals(this.getEndpointKey()));
-    super.doStop();
-  }
-
-  void connect(WsConsumer wsConsumer) {
-    consumers.add(wsConsumer);
-    //reConnect();
-  }
-
-  void disconnect(WsConsumer wsConsumer) {
-    consumers.remove(wsConsumer);
-  }
-
-  void reConnect() {
-    if (websocket == null || !websocket.isOpen()) {
-      String uri = getHttpUri().toASCIIString();
-      LOG.info("Reconnecting websocket: {}", uri);
-      connect();
-    }
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsListener.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsListener.java
deleted file mode 100644
index 5cd6cc522..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsListener.java
+++ /dev/null
@@ -1,83 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.client;
-
-import java.util.Set;
-import org.asynchttpclient.ws.WebSocket;
-import org.asynchttpclient.ws.WebSocketListener;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-class WsListener implements WebSocketListener {
-  private static final Logger LOG = LoggerFactory.getLogger(WsListener.class);
-
-  private final Set<WsConsumer> consumers;
-  private final WsEndpoint endpoint;
-
-  public WsListener(Set<WsConsumer> consumers, WsEndpoint endpoint) {
-    this.consumers = consumers;
-    this.endpoint = endpoint;
-  }
-
-  @Override
-  public void onOpen(WebSocket websocket) {
-    LOG.debug("Websocket opened");
-  }
-
-  @Override
-  public void onClose(WebSocket websocket, int code, String status) {
-    if (code == 1003){
-      LOG.debug("websocket closed - " + status);
-    } else {
-      LOG.debug("websocket closed - reconnecting");
-      try {
-        this.endpoint.reConnect();
-      } catch (Exception e) {
-        LOG.warn("Error re-connecting to websocket", e);
-      }
-    }
-  }
-
-  @Override
-  public void onError(Throwable t) {
-    LOG.debug("websocket on error", t);
-    if (endpoint.isSendMessageOnError()) {
-      for (WsConsumer consumer : consumers) {
-        consumer.sendMessage(t);
-      }
-    }
-  }
-
-  @Override
-  public void onBinaryFrame(byte[] message, boolean finalFragment, int rsv) {
-    LOG.debug("Received message --> {}", message);
-    for (WsConsumer consumer : consumers) {
-      consumer.sendMessage(message);
-    }
-  }
-
-  @Override
-  public void onTextFrame(String message, boolean finalFragment, int rsv) {
-    LOG.debug("Received message --> {}", message);
-    for (WsConsumer consumer : consumers) {
-      consumer.sendMessage(message);
-    }
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
deleted file mode 100644
index cf6638804..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/client/WsProducer.java
+++ /dev/null
@@ -1,151 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.client;
-
-import org.apache.camel.Exchange;
-import org.apache.camel.Message;
-import org.apache.camel.support.DefaultProducer;
-import org.asynchttpclient.ws.WebSocket;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-
-public class WsProducer extends DefaultProducer {
-  public static final int STREAM_BUFFER_SIZE = 8192;
-
-  public WsProducer(WsEndpoint endpoint) {
-    super(endpoint);
-  }
-
-  @Override
-  public WsEndpoint getEndpoint() {
-    return (WsEndpoint) super.getEndpoint();
-  }
-
-  @Override
-  public void process(Exchange exchange) throws Exception {
-    Message in = exchange.getIn();
-    Object message = in.getBody();
-    if (message != null) {
-      if (log.isTraceEnabled()) {
-        log.debug("Sending out {}", message);
-      }
-      if (message instanceof String) {
-        sendMessage(getWebSocket(), (String) message, getEndpoint().isUseStreaming());
-      } else if (message instanceof byte[]) {
-        sendMessage(getWebSocket(), (byte[]) message, getEndpoint().isUseStreaming());
-      } else if (message instanceof InputStream) {
-        sendStreamMessage(getWebSocket(), (InputStream) message);
-      } else {
-        // TODO provide other binding option, for now use the converted string
-        getWebSocket().sendTextFrame(in.getMandatoryBody(String.class));
-      }
-    }
-  }
-
-  public static void sendMessage(WebSocket webSocket, String msg, boolean streaming) {
-    if (streaming && msg.length() > STREAM_BUFFER_SIZE) {
-      int p = 0;
-      while (p < msg.length()) {
-        if (msg.length() - p < STREAM_BUFFER_SIZE) {
-          webSocket.sendContinuationFrame(msg.substring(p), true, 0);
-          p = msg.length();
-        } else if (p == 0) {
-          p = STREAM_BUFFER_SIZE;
-          webSocket.sendTextFrame(msg.substring(0, STREAM_BUFFER_SIZE), false, 0);
-        } else {
-          var substring = msg.substring(p, p + STREAM_BUFFER_SIZE);
-          p += STREAM_BUFFER_SIZE;
-          webSocket.sendContinuationFrame(substring, msg.length() == p, 0);
-        }
-      }
-    } else {
-      webSocket.sendTextFrame(msg);
-    }
-  }
-
-  public static void sendMessage(WebSocket webSocket, byte[] msg, boolean streaming) {
-    if (streaming && msg.length > STREAM_BUFFER_SIZE) {
-      int p = 0;
-      byte[] writebuf = new byte[STREAM_BUFFER_SIZE];
-      while (p < msg.length) {
-        if (msg.length - p < STREAM_BUFFER_SIZE) {
-          int rest = msg.length - p;
-          // bug in grizzly? we need to create a byte array with the exact length
-          byte[] tmpbuf = new byte[rest];
-          System.arraycopy(msg, p, tmpbuf, 0, rest);
-          p = msg.length;
-          webSocket.sendContinuationFrame(tmpbuf, true, 0);
-        } else if (p == 0) {
-          System.arraycopy(msg, p, writebuf, 0, STREAM_BUFFER_SIZE);
-          p = STREAM_BUFFER_SIZE;
-          webSocket.sendBinaryFrame(writebuf, false, 0);
-        } else {
-          System.arraycopy(msg, p, writebuf, 0, STREAM_BUFFER_SIZE);
-          p += STREAM_BUFFER_SIZE;
-          webSocket.sendContinuationFrame(writebuf, msg.length == p, 0);
-        }
-      }
-    } else {
-      webSocket.sendBinaryFrame(msg);
-    }
-  }
-
-  public static void sendStreamMessage(WebSocket webSocket, InputStream in) throws IOException {
-    try (in) {
-      byte[] buffer = new byte[STREAM_BUFFER_SIZE];
-      int rn;
-      if ((rn = in.read(buffer, 0, STREAM_BUFFER_SIZE)) < STREAM_BUFFER_SIZE) {
-        if (rn >= 0) {
-          byte[] smallBuffer = new byte[rn];
-          if (rn > 0) {
-            System.arraycopy(buffer, 0, smallBuffer, 0, rn);
-          }
-          webSocket.sendBinaryFrame(smallBuffer, true, 0);
-        }
-      } else {
-        byte[] nextBuffer = new byte[STREAM_BUFFER_SIZE];
-        int rnNext = in.read(nextBuffer, 0, STREAM_BUFFER_SIZE);
-        // Send first (maybe last) frame
-        webSocket.sendBinaryFrame(buffer, rnNext <= 0, 0);
-        while (rnNext == STREAM_BUFFER_SIZE) {
-          // swap buffer and nextBuffer
-          byte[] swap = buffer;
-          buffer = nextBuffer;
-          nextBuffer = swap;
-          rnNext = in.read(nextBuffer, 0, STREAM_BUFFER_SIZE);
-          // Send chunk read in previous round
-          webSocket.sendContinuationFrame(buffer, rnNext <= 0, 0);
-        }
-        // Send final chunk with length-adjusted byte array
-        if (rnNext > 0) {
-          byte[] finalBuffer = new byte[rnNext];
-          System.arraycopy(nextBuffer, 0, finalBuffer, 0, rnNext);
-          webSocket.sendContinuationFrame(finalBuffer, true, 0);
-        }
-      }
-    }
-  }
-
-  private WebSocket getWebSocket() {
-    return getEndpoint().getWebSocket();
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/connectionmanagement/ConnectionManagerService.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/connectionmanagement/ConnectionManagerService.java
deleted file mode 100644
index fd9f51727..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/connectionmanagement/ConnectionManagerService.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.connectionmanagement;
-
-import de.fhg.aisec.ids.api.conm.ConnectionManager;
-import de.fhg.aisec.ids.api.conm.IDSCPIncomingConnection;
-import de.fhg.aisec.ids.api.conm.IDSCPOutgoingConnection;
-import de.fhg.aisec.ids.api.conm.IDSCPServerEndpoint;
-import de.fhg.aisec.ids.camel.ids.client.WsEndpoint;
-import de.fhg.aisec.ids.camel.ids.server.WebSocketComponent;
-import de.fhg.aisec.ids.camel.ids.server.WebSocketComponentServlet;
-import org.osgi.service.component.annotations.Component;
-
-import java.util.List;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
-
-/**
- * Main entry point of the Connection Management Layer.
- *
- * <p>This class is exposed as an OSGi Service and serves to access connection data from the
- * management layer and REST API.
- *
- * @author Gerd Brost(gerd.brost@aisec.fraunhofer.de)
- */
-@Component(name = "ids-connection-manager", immediate = true)
-public class ConnectionManagerService implements ConnectionManager {
-
-  @Override
-  public List<IDSCPServerEndpoint> listAvailableEndpoints() {
-    return WebSocketComponent.getConnectors()
-        .entrySet()
-        .stream()
-        .map(
-            cEntry -> {
-              IDSCPServerEndpoint endpoint = new IDSCPServerEndpoint();
-              endpoint.setHost(cEntry.getValue().getConnector().getHost());
-              endpoint.setPort(Integer.toString(cEntry.getValue().getConnector().getPort()));
-              endpoint.setDefaultProtocol(cEntry.getValue().getConnector().getDefaultProtocol());
-              endpoint.setEndpointIdentifier(cEntry.getKey());
-              return endpoint;
-            })
-        .collect(Collectors.toList());
-  }
-
-  @Override
-  public List<IDSCPIncomingConnection> listIncomingConnections() {
-    return WebSocketComponent.getConnectors()
-        .values()
-        .stream()
-        .flatMap(
-            connectorRef -> {
-              WebSocketComponentServlet servlet = connectorRef.getServlet();
-              // Servlet only present if an incoming connection exists. If null, do not collect
-              // consumer information.
-              if (servlet != null) {
-                // Every connection has a websocket. We collect connection information this way.
-                return connectorRef
-                    .getMemoryStore()
-                    .getAll()
-                    .stream()
-                    .map(
-                        dws -> {
-                          IDSCPIncomingConnection incomingConnection =
-                              new IDSCPIncomingConnection();
-                          incomingConnection.setEndpointIdentifier(
-                              servlet.getConsumer().getEndpoint().toString());
-                          incomingConnection.setEndpointKey(dws.getConnectionKey());
-                          incomingConnection.setRemoteHostName(dws.getRemoteHostname());
-                          incomingConnection.setAttestationResult(dws.getAttestationResult());
-                          incomingConnection.setMetaData(dws.getMetaResult());
-                          incomingConnection.setDynamicAttributeToken(
-                              dws.getDynamicAttributeToken());
-                          return incomingConnection;
-                        });
-              } else {
-                return Stream.empty();
-              }
-            })
-        .collect(Collectors.toList());
-  }
-
-  @Override
-  public List<IDSCPOutgoingConnection> listOutgoingConnections() {
-    return WsEndpoint.getOutgoingConnections();
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultNodeSynchronization.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultNodeSynchronization.java
deleted file mode 100644
index 61b5cae9d..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultNodeSynchronization.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-public class DefaultNodeSynchronization implements NodeSynchronization {
-
-  private final WebSocketStore memoryStore;
-
-  public DefaultNodeSynchronization(WebSocketStore memoryStore) {
-    this.memoryStore = memoryStore;
-  }
-
-  @Override
-  public void addSocket(DefaultWebsocket socket) {
-    memoryStore.add(socket);
-  }
-
-  @Override
-  public void removeSocket(String id) {
-    memoryStore.remove(id);
-  }
-
-  @Override
-  public void removeSocket(DefaultWebsocket socket) {
-    memoryStore.remove(socket);
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebSocketFactory.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebSocketFactory.java
deleted file mode 100644
index af5a0d45e..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebSocketFactory.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import de.fhg.aisec.ids.comm.CertificatePair;
-import org.eclipse.jetty.websocket.servlet.ServletUpgradeRequest;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.security.cert.X509Certificate;
-
-/** Default WebSocket factory. Used when no custom WebSocket is needed. */
-public class DefaultWebSocketFactory implements WebSocketFactory {
-  private static final Logger LOG = LoggerFactory.getLogger(DefaultWebSocketFactory.class);
-
-  private final CertificatePair certificatePair;
-
-  public DefaultWebSocketFactory(CertificatePair certificatePair) {
-    this.certificatePair = certificatePair;
-  }
-
-  @Override
-  public DefaultWebsocket newInstance(
-      ServletUpgradeRequest request,
-      String protocol,
-      String pathSpec,
-      NodeSynchronization sync,
-      WebSocketConsumer consumer) {
-    // Create final, complete pair from the local (server) certificate ...
-    CertificatePair finalPair = new CertificatePair(certificatePair);
-    // ... plus the remote (client) certificate from the request
-    X509Certificate[] certificates = request.getCertificates();
-    if (certificates != null && certificates.length > 0) {
-      finalPair.setRemoteCertificate(certificates[0]);
-    } else {
-      LOG.warn("Remote client did not present TLS certificate");
-    }
-    return new DefaultWebsocket(sync, pathSpec, consumer, finalPair);
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
deleted file mode 100644
index 6bd50128d..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/DefaultWebsocket.java
+++ /dev/null
@@ -1,298 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import com.google.protobuf.InvalidProtocolBufferException;
-import de.fhg.aisec.ids.api.conm.RatResult;
-import de.fhg.aisec.ids.api.endpointconfig.EndpointConfigListener;
-import de.fhg.aisec.ids.api.endpointconfig.EndpointConfigManager;
-import de.fhg.aisec.ids.api.infomodel.InfoModel;
-import de.fhg.aisec.ids.api.settings.ConnectionSettings;
-import de.fhg.aisec.ids.api.settings.Settings;
-import de.fhg.aisec.ids.api.tokenm.DatException;
-import de.fhg.aisec.ids.api.tokenm.TokenManager;
-import de.fhg.aisec.ids.camel.ids.CamelComponent;
-import de.fhg.aisec.ids.comm.CertificatePair;
-import de.fhg.aisec.ids.comm.server.ServerConfiguration;
-import de.fhg.aisec.ids.comm.ws.protocol.ProtocolState;
-import de.fhg.aisec.ids.comm.ws.protocol.ServerProtocolMachine;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.FSM;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.eclipse.jetty.websocket.api.CloseStatus;
-import org.eclipse.jetty.websocket.api.Session;
-import org.eclipse.jetty.websocket.api.annotations.*;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.nio.charset.StandardCharsets;
-import java.util.Arrays;
-import java.util.UUID;
-
-@WebSocket
-public class DefaultWebsocket implements EndpointConfigListener {
-    private static final Logger LOG = LoggerFactory.getLogger(DefaultWebsocket.class);
-
-    private final WebSocketConsumer consumer;
-    private final NodeSynchronization sync;
-    private Session session;
-    private String connectionKey;
-    private final String pathSpec;
-    private FSM idsFsm;
-    private final CertificatePair certificatePair;
-
-    public DefaultWebsocket(
-            NodeSynchronization sync,
-            String pathSpec,
-            WebSocketConsumer consumer,
-            CertificatePair certificatePair) {
-        this.sync = sync;
-        this.consumer = consumer;
-        this.pathSpec = pathSpec;
-        this.certificatePair = certificatePair;
-    }
-
-    @OnWebSocketClose
-    public void onClose(int closeCode, String message) {
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("onClose {} {}", closeCode, message);
-        }
-        sync.removeSocket(this);
-
-        // Remove Listener from EndpointConfigManager
-        final EndpointConfigManager ecp = CamelComponent.getEndpointConfigManager();
-        if (ecp != null) {
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("Remove EndpointConfigListener: {}", this);
-            }
-            String endpointIdentifier = consumer.getEndpoint().getHost() + ":" + consumer.getEndpoint().getPort();
-            ecp.removeEndpointConfigListener(endpointIdentifier);
-        }
-    }
-
-    @OnWebSocketConnect
-    public void onConnect(Session session) {
-        if (LOG.isTraceEnabled()) {
-            LOG.trace("onConnect {}", session);
-        }
-        this.session = session;
-        this.connectionKey = UUID.randomUUID().toString();
-        IdsAttestationType type;
-        int attestationMask = 0;
-        switch (this.consumer.getAttestationType()) {
-            case 1:
-                type = IdsAttestationType.ALL;
-                break;
-            case 2:
-                type = IdsAttestationType.ADVANCED;
-                attestationMask = this.consumer.getAttestationMask();
-                break;
-            case 0:
-            default:
-                type = IdsAttestationType.BASIC;
-        }
-        // Integrate server-side of IDS protocol
-        Settings settings = CamelComponent.getSettings();
-        URI ttpUri = null;
-        try {
-            if (settings != null) {
-                ttpUri =
-                        new URI(
-                                String.format(
-                                        "https://%s:%d/rat-verify",
-                                        settings.getConnectorConfig().getTtpHost(),
-                                        settings.getConnectorConfig().getTtpPort()));
-            }
-        } catch (URISyntaxException e) {
-            LOG.error("incorrect TTP URI syntax", e);
-        }
-        InfoModel infoModelManager = CamelComponent.getInfoModelManager();
-        ServerConfiguration.Builder serverConfigBuilder =
-                new ServerConfiguration.Builder()
-                        .attestationType(type)
-                        .attestationMask(attestationMask)
-                        .certificatePair(certificatePair)
-                        .ttpUrl(ttpUri);
-        if (infoModelManager == null) {
-            serverConfigBuilder
-                    .rdfDescription("{\"message\":\"Infomodel is not available\"}")
-                    .dynamicAttributeToken("{\"message\":\"DAPS token is not available\"}");
-        } else {
-            try {
-                serverConfigBuilder.rdfDescription(infoModelManager.getConnectorAsJsonLd());
-            } catch (Exception x) {
-                LOG.error("Infomodel load failed, please configure a valid Infomodel via the REST API!");
-                serverConfigBuilder.rdfDescription("{\"message\":\"Infomodel is not available\"}");
-            }
-            try {
-                serverConfigBuilder.dynamicAttributeToken(infoModelManager.getDynamicAttributeToken());
-            } catch (Exception x) {
-                LOG.error("DAPS token load failed, please verify your DAPS configuration!");
-                serverConfigBuilder.dynamicAttributeToken("{\"message\":\"DAPS token is not available\"}");
-            }
-        }
-        idsFsm = new ServerProtocolMachine(session, serverConfigBuilder.build(), this::validateDynamicAttributeToken);
-        sync.addSocket(this);
-
-        // Register listener at EndpointConfigManager
-        final EndpointConfigManager ecp = CamelComponent.getEndpointConfigManager();
-        if (ecp != null) {
-            if (LOG.isDebugEnabled()) {
-                LOG.debug("Register EndpointConfigListener: {}", this);
-            }
-            String endpointIdentifier = consumer.getEndpoint().getHost() + ":" + consumer.getEndpoint().getPort();
-            ecp.addEndpointConfigListener(endpointIdentifier, this);
-        }
-    }
-
-
-    @OnWebSocketMessage
-    public void onMessage(String message) {
-        LOG.debug("onMessage: {}", message);
-        // Check if fsm is in its final state If not, this message is not our department
-        if (idsFsm.getState().equals(ProtocolState.IDSCP_END.id())) {
-            if (this.consumer != null) {
-                this.consumer.sendMessage(this.connectionKey, message);
-            } else {
-                LOG.warn("No consumer to handle message received: {}", message);
-            }
-            return;
-        }
-        // Otherwise, we are still in the process of running IDS protocol and hold back the original
-        // message. In this case, feed the message into the protocol FSM
-        try {
-            ConnectorMessage msg = ConnectorMessage.parseFrom(message.getBytes());
-            // we de-protobuf and split messages into cmd and payload
-            idsFsm.feedEvent(new Event(msg.getType(), message, msg));
-        } catch (InvalidProtocolBufferException e) {
-            // An invalid message has been received during IDS protocol. close connection
-            LOG.error(e.getMessage(), e);
-            this.session.close(new CloseStatus(403, "invalid protobuf"));
-        }
-    }
-
-    @OnWebSocketMessage
-    public void onMessage(byte[] data, int offset, int length) {
-        LOG.trace("server received {} byte in onMessage", length);
-        if (idsFsm.getState().equals(ProtocolState.IDSCP_END.id())) {
-            if (this.consumer != null) {
-                this.consumer.sendMessage(this.connectionKey, data);
-            } else {
-                LOG.debug("No consumer to handle message received: {}", data);
-            }
-        } else {
-            try {
-                ConnectorMessage msg = ConnectorMessage.parseFrom(data);
-                idsFsm.feedEvent(
-                        new Event(
-                                msg.getType(),
-                                new String(data, StandardCharsets.UTF_8),
-                                msg)); // we need to de-protobuf here and split messages into cmd and payload
-            } catch (IOException e) {
-                // An invalid message has been received during IDS protocol. close connection
-                LOG.error("Closing session because " + e.getMessage(), e);
-                this.session.close(new CloseStatus(403, "invalid protobuf"));
-            }
-        }
-    }
-
-    @OnWebSocketError
-    public void onError(Session session, Throwable t) {
-        LOG.error(t.getMessage() + " Host: " + session.getRemoteAddress().getHostName(), t);
-    }
-
-    private void validateDynamicAttributeToken(@NonNull String dat) throws DatException {
-        TokenManager tokenManager = CamelComponent.getTokenManager();
-        assert tokenManager != null;
-        Settings settings = CamelComponent.getSettings();
-        assert settings != null;
-
-        String dapsUrl = settings.getConnectorConfig().getDapsUrl();
-
-        // Get endpoint security settings, never returns null
-        ConnectionSettings connectionSettings = settings.getConnectionSettings(consumer.getEndpoint().getHost() + ":"
-                + consumer.getEndpoint().getPort().toString());
-
-
-        try {
-            //validate token signature, target Audience, expire date and security attributes
-            tokenManager.verifyJWT(dat, connectionSettings);
-        } catch (Exception e) {
-            LOG.debug("Dat Verification failed: Message: " + e.getMessage() + "\n Trace:" +
-                    Arrays.toString(e.getStackTrace()));
-            throw new DatException(e.getMessage(), e);
-        }
-    }
-
-    public Session getSession() {
-        return session;
-    }
-
-    public String getPathSpec() {
-        return pathSpec;
-    }
-
-    public String getConnectionKey() {
-        return connectionKey;
-    }
-
-    // get the result of the remote attestation
-    public RatResult getAttestationResult() {
-        return idsFsm.getRatResult();
-    }
-
-    public String getMetaResult() {
-        return idsFsm.getMetaData();
-    }
-
-    public String getDynamicAttributeToken() {
-        return idsFsm.getDynamicAttributeToken();
-    }
-
-    public String getRemoteHostname() {
-        return session.getRemoteAddress().getHostName();
-    }
-
-    // Observer update function, that is called by the subject when endpoint settings have changed
-    @Override
-    public void updateTokenValidation() {
-        if (LOG.isInfoEnabled()) {
-            LOG.info("Endpoint config for endpoint {}:{} has changed. Verify DynamicAttributeToken again",
-                    consumer.getEndpoint().getHost(), consumer.getEndpoint().getPort());
-        }
-
-        try {
-            validateDynamicAttributeToken(getDynamicAttributeToken());
-            if (LOG.isInfoEnabled()) {
-                LOG.info("DynamicAttributeToken: Client validation was successful.");
-            }
-        } catch(DatException de) {
-            if (LOG.isInfoEnabled()) {
-                LOG.warn("DynamicAttributeToken: Client validation failed. Disconnecting from Client...");
-            }
-            this.session.close(new CloseStatus(1003, "Security requirements not fulfilled anymore"));
-        }
-    }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/JettyClassPathResource.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/JettyClassPathResource.java
deleted file mode 100644
index 083f6ae2a..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/JettyClassPathResource.java
+++ /dev/null
@@ -1,130 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import java.io.File;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URI;
-import java.net.URL;
-import java.nio.channels.ReadableByteChannel;
-import org.apache.camel.spi.ClassResolver;
-import org.apache.camel.util.IOHelper;
-import org.apache.camel.util.ObjectHelper;
-import org.eclipse.jetty.util.resource.Resource;
-
-/**
- * A Jetty {@link Resource} to load from the classpath using Camels {@link ClassResolver} which
- * ensures loading resources works in OSGi and other containers.
- */
-public class JettyClassPathResource extends Resource {
-
-  private final ClassResolver resolver;
-  private final String path;
-
-  public JettyClassPathResource(ClassResolver resolver, String path) {
-    this.resolver = ObjectHelper.notNull(resolver, "ClassResolver");
-    this.path = ObjectHelper.notNull(path, "path");
-  }
-
-  @Override
-  public boolean isContainedIn(Resource r) {
-    return false;
-  }
-
-  @Override
-  public boolean exists() {
-    InputStream is = resolver.loadResourceAsStream(path);
-    if (is != null) {
-      IOHelper.close(is);
-    }
-    return is != null;
-  }
-
-  @Override
-  public boolean isDirectory() {
-    return exists() && path.endsWith("/");
-  }
-
-  @Override
-  public long lastModified() {
-    return 0;
-  }
-
-  @Override
-  public long length() {
-    return 0;
-  }
-
-  @Override
-  @Deprecated
-  public URL getURL() {
-    return resolver.loadResourceAsURL(path);
-  }
-
-  @Override
-  public File getFile() throws IOException {
-    URI uri = getURI();
-    if (uri != null) {
-      return new File(uri.toURL().getFile());
-    }
-    return null;
-  }
-
-  @Override
-  public String getName() {
-    return path;
-  }
-
-  @Override
-  public InputStream getInputStream() {
-    return resolver.loadResourceAsStream(path);
-  }
-
-  @Override
-  public boolean delete() {
-    return false;
-  }
-
-  @Override
-  public boolean renameTo(Resource dest) {
-    return false;
-  }
-
-  @Override
-  public String[] list() {
-    return new String[0];
-  }
-
-  @Override
-  public Resource addPath(String path) {
-    return new JettyClassPathResource(resolver, this.path + "/" + path);
-  }
-
-  @Override
-  public void close() {
-    // noop
-  }
-
-  @Override
-  public ReadableByteChannel getReadableByteChannel() {
-    return null;
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/MemoryWebSocketStore.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/MemoryWebSocketStore.java
deleted file mode 100644
index 8ef11e26d..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/MemoryWebSocketStore.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import java.util.Collection;
-import java.util.concurrent.ConcurrentHashMap;
-
-public class MemoryWebSocketStore extends ConcurrentHashMap<String, DefaultWebsocket>
-    implements WebSocketStore {
-
-  private static final long serialVersionUID = -2826843758230613922L;
-
-  @Override
-  public void add(DefaultWebsocket ws) {
-    super.put(getKey(ws), ws);
-  }
-
-  @Override
-  public void remove(DefaultWebsocket ws) {
-    super.remove(getKey(ws));
-  }
-
-  @Override
-  public void remove(String key) {
-    super.remove(key);
-  }
-
-  @Override
-  public DefaultWebsocket get(String key) {
-    return super.get(key);
-  }
-
-  @Override
-  public Collection<DefaultWebsocket> getAll() {
-    return super.values();
-  }
-
-  @Override
-  public void start() {
-    // noop
-  }
-
-  @Override
-  public void stop() {
-    clear();
-  }
-
-  private String getKey(DefaultWebsocket ws) {
-    StringBuilder sb = new StringBuilder();
-    if (ws.getConnectionKey() != null) {
-      sb.append(ws.getConnectionKey());
-    }
-    if (ws.getPathSpec() != null) {
-      sb.append(ws.getPathSpec());
-    }
-    return sb.toString();
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/NodeSynchronization.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/NodeSynchronization.java
deleted file mode 100644
index 45caf0f3a..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/NodeSynchronization.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-public interface NodeSynchronization {
-
-  /**
-   * Adds the web socket to both (always if present) stores.
-   *
-   * @param socket the web socket
-   */
-  void addSocket(DefaultWebsocket socket);
-
-  /**
-   * Removes the Websocket from both stores
-   *
-   * @param id id of the web socket
-   */
-  void removeSocket(String id);
-
-  /**
-   * Removes the Websocket from both stores
-   *
-   * @param socket web socket to remove
-   */
-  void removeSocket(DefaultWebsocket socket);
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponent.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponent.java
deleted file mode 100644
index b436918ad..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponent.java
+++ /dev/null
@@ -1,560 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import de.fhg.aisec.ids.camel.ids.ProxyX509TrustManager;
-import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
-import de.fhg.aisec.ids.comm.CertificatePair;
-import org.apache.camel.Endpoint;
-import org.apache.camel.RuntimeCamelException;
-import org.apache.camel.SSLContextParametersAware;
-import org.apache.camel.spi.Metadata;
-import org.apache.camel.support.DefaultComponent;
-import org.apache.camel.support.jsse.SSLContextParameters;
-import org.eclipse.jetty.server.Connector;
-import org.eclipse.jetty.server.Handler;
-import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.ServerConnector;
-import org.eclipse.jetty.server.handler.ContextHandlerCollection;
-import org.eclipse.jetty.server.handler.HandlerCollection;
-import org.eclipse.jetty.server.handler.HandlerWrapper;
-import org.eclipse.jetty.server.session.SessionHandler;
-import org.eclipse.jetty.servlet.FilterHolder;
-import org.eclipse.jetty.servlet.ServletContextHandler;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.eclipse.jetty.servlets.CrossOriginFilter;
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-import org.eclipse.jetty.util.thread.QueuedThreadPool;
-import org.eclipse.jetty.util.thread.ThreadPool;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.servlet.DispatcherType;
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.util.EnumSet;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.concurrent.atomic.AtomicInteger;
-
-public class WebSocketComponent extends DefaultComponent implements SSLContextParametersAware {
-  protected static final Logger LOG = LoggerFactory.getLogger(WebSocketComponent.class);
-  protected static final Map<String, ConnectorRef> CONNECTORS = new HashMap<>();
-
-  protected Map<String, WebSocketFactory> socketFactories;
-  private final CertificatePair certificatePair = new CertificatePair();
-
-  @Metadata(label = "security")
-  protected SSLContextParameters sslContextParameters;
-
-  @Metadata(label = "security", defaultValue = "false")
-  protected boolean useGlobalSslContextParameters;
-
-  @Metadata(label = "advanced")
-  protected ThreadPool threadPool;
-
-  @Metadata(defaultValue = WebSocketConstants.DEFAULT_PORT)
-  protected Integer port = Integer.parseInt(WebSocketConstants.DEFAULT_PORT);
-
-  @Metadata(label = "advanced")
-  protected Integer minThreads;
-
-  @Metadata(label = "advanced")
-  protected Integer maxThreads;
-
-  @Metadata(defaultValue = WebSocketConstants.DEFAULT_HOST)
-  protected String host = WebSocketConstants.DEFAULT_HOST;
-
-  /**
-   * Map for storing servlets. {@link WebSocketComponentServlet} is identified by pathSpec {@link
-   * String}.
-   */
-  private final Map<String, WebSocketComponentServlet> servlets = new HashMap<>();
-
-  public static class ConnectorRef {
-    Server server;
-    ServerConnector connector;
-    WebSocketComponentServlet servlet;
-    MemoryWebSocketStore memoryStore;
-    AtomicInteger refCount = new AtomicInteger(1);
-
-    ConnectorRef(
-        Server server,
-        ServerConnector connector,
-        WebSocketComponentServlet servlet,
-        MemoryWebSocketStore memoryStore) {
-      this.server = server;
-      this.connector = connector;
-      this.servlet = servlet;
-      this.memoryStore = memoryStore;
-    }
-
-    public void increment() {
-      refCount.incrementAndGet();
-    }
-
-    public int decrement() {
-      return refCount.decrementAndGet();
-    }
-
-    public int getRefCount() {
-      return refCount.get();
-    }
-
-    public MemoryWebSocketStore getMemoryStore() {
-      return memoryStore;
-    }
-
-    public WebSocketComponentServlet getServlet() {
-      return servlet;
-    }
-
-    public ServerConnector getConnector() {
-      return connector;
-    }
-  }
-
-  public WebSocketComponent() {
-    this.setUseGlobalSslContextParameters(true);
-    // this will automatically set up the ids handler factory
-    this.setSocketFactories(new HashMap<>());
-  }
-
-  /** Connects the URL specified on the endpoint to the specified processor. */
-  public void connect(WebSocketProducerConsumer prodcon) throws Exception {
-    WebSocketEndpoint endpoint = prodcon.getEndpoint();
-
-    String connectorKey = getConnectorKey(endpoint);
-
-    synchronized (CONNECTORS) {
-      ConnectorRef connectorRef = CONNECTORS.get(connectorKey);
-      if (connectorRef == null) {
-        // Create Server and add connector
-        Server server = createServer();
-
-        ServerConnector connector = getSocketConnector(server, endpoint.getSslContextParameters());
-
-        if (endpoint.getPort() != null) {
-          connector.setPort(endpoint.getPort());
-        } else {
-          connector.setPort(port);
-        }
-
-        if (endpoint.getHost() != null) {
-          connector.setHost(endpoint.getHost());
-        } else {
-          connector.setHost(host);
-        }
-
-        server.addConnector(connector);
-
-        LOG.trace("Jetty Connector added: {}", connector.getName());
-
-        // Create ServletContextHandler
-        ServletContextHandler context = createContext(server, connector, endpoint.getHandlers());
-        // setup the WebSocketComponentServlet initial parameters
-        setWebSocketComponentServletInitialParameter(context, endpoint);
-        server.setHandler(context);
-
-        // Apply CORS (http://www.w3.org/TR/cors/)
-        applyCrossOriginFiltering(endpoint, context);
-
-        MemoryWebSocketStore memoryStore = new MemoryWebSocketStore();
-
-        // Don't provide a Servlet object as Producer/Consumer will create them later on
-        connectorRef = new ConnectorRef(server, connector, null, memoryStore);
-
-        // must enable session before we start
-        if (endpoint.isSessionSupport()) {
-          enableSessionSupport(connectorRef.server, connectorKey);
-        }
-        LOG.info("Jetty Server starting on host: {}:{}", connector.getHost(), connector.getPort());
-        connectorRef.memoryStore.start();
-        connectorRef.server.start();
-
-        CONNECTORS.put(connectorKey, connectorRef);
-      } else {
-        connectorRef.increment();
-      }
-
-      // check the session support
-      if (endpoint.isSessionSupport()) {
-        enableSessionSupport(connectorRef.server, connectorKey);
-      }
-
-      NodeSynchronization sync = new DefaultNodeSynchronization(connectorRef.memoryStore);
-      WebSocketComponentServlet servlet = addServlet(sync, prodcon, endpoint.getResourceUri());
-      if (prodcon instanceof WebSocketConsumer) {
-        WebSocketConsumer consumer = (WebSocketConsumer) prodcon;
-        if (servlet.getConsumer() == null) {
-          servlet.setConsumer(consumer);
-        }
-      }
-      if (prodcon instanceof WebSocketProducer) {
-        WebSocketProducer producer = (WebSocketProducer) prodcon;
-        producer.setStore(connectorRef.memoryStore);
-      }
-    }
-  }
-
-  /** Disconnects the URL specified on the endpoint from the specified processor. */
-  public void disconnect(WebSocketProducerConsumer prodcon) throws Exception {
-    // If the connector is not needed anymore then stop it
-    WebSocketEndpoint endpoint = prodcon.getEndpoint();
-    String connectorKey = getConnectorKey(endpoint);
-
-    synchronized (CONNECTORS) {
-      ConnectorRef connectorRef = CONNECTORS.get(connectorKey);
-      if (connectorRef != null) {
-        if (connectorRef.decrement() == 0) {
-          LOG.info(
-              "Stopping Jetty Server as the last connector is disconnecting: {}: {}",
-              connectorRef.connector.getHost(),
-              connectorRef.connector.getPort());
-          servlets.remove(createPathSpec(endpoint.getResourceUri()));
-          connectorRef.server.removeConnector(connectorRef.connector);
-          if (connectorRef.connector != null) {
-            // static server may not have set a connector
-            connectorRef.connector.stop();
-          }
-          connectorRef.server.stop();
-          connectorRef.memoryStore.stop();
-          CONNECTORS.remove(connectorKey);
-          // Camel controls the lifecycle of these entities so remove the
-          // registered MBeans when Camel is done with the managed objects.
-        }
-        if (prodcon instanceof WebSocketProducer) {
-          ((WebSocketProducer) prodcon).setStore(null);
-        }
-      }
-    }
-  }
-
-  @Override
-  protected Endpoint createEndpoint(String uri, String remaining, Map<String, Object> parameters)
-      throws Exception {
-    SSLContextParameters sslContextParameters =
-        resolveAndRemoveReferenceParameter(
-            parameters, "sslContextParameters", SSLContextParameters.class);
-
-    int port = extractPortNumber(remaining);
-    String host = extractHostName(remaining);
-
-    WebSocketEndpoint endpoint = new WebSocketEndpoint(this, uri, remaining);
-
-    // prefer to use endpoint configured over component configured
-    if (sslContextParameters == null) {
-      // fallback to component configured
-      sslContextParameters = getSslContextParameters();
-    }
-    if (sslContextParameters == null) {
-      sslContextParameters = retrieveGlobalSslContextParameters();
-    }
-
-    endpoint.setSslContextParameters(sslContextParameters);
-    endpoint.setPort(port);
-    endpoint.setHost(host);
-
-    setProperties(endpoint, parameters);
-    return endpoint;
-  }
-
-  protected void setWebSocketComponentServletInitialParameter(
-      ServletContextHandler context, WebSocketEndpoint endpoint) {
-    if (endpoint.getBufferSize() != null) {
-      context.setInitParameter("bufferSize", endpoint.getBufferSize().toString());
-    }
-    if (endpoint.getMaxIdleTime() != null) {
-      context.setInitParameter("maxIdleTime", endpoint.getMaxIdleTime().toString());
-    }
-    if (endpoint.getMaxTextMessageSize() != null) {
-      context.setInitParameter("maxTextMessageSize", endpoint.getMaxTextMessageSize().toString());
-    }
-    if (endpoint.getMaxBinaryMessageSize() != null) {
-      context.setInitParameter(
-          "maxBinaryMessageSize", endpoint.getMaxBinaryMessageSize().toString());
-    }
-    if (endpoint.getMinVersion() != null) {
-      context.setInitParameter("minVersion", endpoint.getMinVersion().toString());
-    }
-  }
-
-  protected Server createServer() {
-    Server server = null;
-    if (minThreads == null && maxThreads == null && getThreadPool() == null) {
-      minThreads = 1;
-      // 1+selectors+acceptors
-      maxThreads = 2 * (1 + Runtime.getRuntime().availableProcessors() * 2);
-    }
-    // configure thread pool if min/max given
-    if (minThreads != null || maxThreads != null) {
-      if (getThreadPool() != null) {
-        throw new IllegalArgumentException(
-            "You cannot configure both minThreads/maxThreads "
-                + "and a custom threadPool on JettyHttpComponent: "
-                + this);
-      }
-      QueuedThreadPool qtp = new QueuedThreadPool();
-      if (minThreads != null) {
-        qtp.setMinThreads(minThreads);
-      }
-      if (maxThreads != null) {
-        qtp.setMaxThreads(maxThreads);
-      }
-      // let the thread names indicate they are from the server
-      qtp.setName("CamelJettyWebSocketServer");
-      try {
-        qtp.start();
-      } catch (Exception e) {
-        throw new RuntimeCamelException(
-            "Error starting JettyWebSocketServer thread pool: " + qtp, e);
-      }
-      server = new Server(qtp);
-      ContextHandlerCollection collection = new ContextHandlerCollection();
-      server.setHandler(collection);
-    }
-
-    if (getThreadPool() != null) {
-      server = new Server(getThreadPool());
-      ContextHandlerCollection collection = new ContextHandlerCollection();
-      server.setHandler(collection);
-    }
-
-    return server;
-  }
-
-  protected WebSocketComponentServlet addServlet(
-          NodeSynchronization sync, WebSocketProducerConsumer prodcon, String resourceUri)
-      throws Exception {
-
-    // Get Connector from one of the Jetty Instances to add WebSocket Servlet
-    WebSocketEndpoint endpoint = prodcon.getEndpoint();
-    String key = getConnectorKey(endpoint);
-    ConnectorRef connectorRef = getConnectors().get(key);
-
-    WebSocketComponentServlet servlet;
-
-    if (connectorRef != null) {
-      String pathSpec = createPathSpec(resourceUri);
-      servlet = servlets.get(pathSpec);
-      if (servlet == null) {
-        // Retrieve Context
-        ServletContextHandler context = (ServletContextHandler) connectorRef.server.getHandler();
-        servlet = createServlet(sync, pathSpec, servlets, context);
-        connectorRef.servlet = servlet;
-        LOG.debug(
-            "WebSocket servlet added for the following path: {}, to the Jetty Server: {}",
-            pathSpec,
-            key);
-      }
-
-      return servlet;
-    } else {
-      throw new Exception("Jetty instance has not been retrieved for : " + key);
-    }
-  }
-
-  protected WebSocketComponentServlet createServlet(
-      NodeSynchronization sync,
-      String pathSpec,
-      Map<String, WebSocketComponentServlet> servlets,
-      ServletContextHandler handler) {
-    WebSocketComponentServlet servlet =
-        new WebSocketComponentServlet(sync, pathSpec, getSocketFactories());
-    servlets.put(pathSpec, servlet);
-    ServletHolder servletHolder = new ServletHolder(servlet);
-    servletHolder.getInitParameters().putAll(handler.getInitParams());
-    // Jetty 9 parameter bufferSize is now inputBufferSize
-    servletHolder.setInitParameter("inputBufferSize", handler.getInitParameter("bufferSize"));
-    handler.addServlet(servletHolder, pathSpec);
-    return servlet;
-  }
-
-  protected ServletContextHandler createContext(
-      Server server, Connector connector, List<Handler> handlers) {
-    ServletContextHandler context =
-        new ServletContextHandler(
-            server, "/", ServletContextHandler.NO_SECURITY | ServletContextHandler.NO_SESSIONS);
-    server.addConnector(connector);
-
-    if (handlers != null && !handlers.isEmpty()) {
-      for (Handler handler : handlers) {
-        if (handler instanceof HandlerWrapper) {
-          ((HandlerWrapper) handler).setHandler(server.getHandler());
-          server.setHandler(handler);
-        } else {
-          HandlerCollection handlerCollection = new HandlerCollection();
-          handlerCollection.addHandler(server.getHandler());
-          handlerCollection.addHandler(handler);
-          server.setHandler(handlerCollection);
-        }
-      }
-    }
-
-    return context;
-  }
-
-  private void enableSessionSupport(Server server, String connectorKey) {
-    ServletContextHandler context = server.getChildHandlerByClass(ServletContextHandler.class);
-    if (context.getSessionHandler() == null) {
-      SessionHandler sessionHandler = new SessionHandler();
-      if (context.isStarted()) {
-        throw new IllegalStateException(
-            "Server has already been started. "
-                + "Cannot enabled sessionSupport on "
-                + connectorKey);
-      } else {
-        context.setSessionHandler(sessionHandler);
-      }
-    }
-  }
-
-  private ServerConnector getSocketConnector(
-      Server server, SSLContextParameters sslContextParameters)
-      throws GeneralSecurityException, IOException {
-    if (sslContextParameters == null) {
-      sslContextParameters = retrieveGlobalSslContextParameters();
-    }
-    if (sslContextParameters != null) {
-      try {
-        ProxyX509TrustManager.bindCertificatePair(sslContextParameters, true, certificatePair);
-      } catch (GeneralSecurityException | IOException e) {
-        LOG.error("Failed to patch TrustManager for WebSocketComponent", e);
-      }
-      SslContextFactory sslContextFactory = new SslContextFactory.Server();
-      sslContextFactory.setSslContext(sslContextParameters.createSSLContext(getCamelContext()));
-      return new ServerConnector(server, sslContextFactory);
-    } else {
-      return new ServerConnector(server);
-    }
-  }
-
-  public static String createPathSpec(String remaining) {
-    int index = remaining.indexOf('/');
-    if (index != -1) {
-      return remaining.substring(index);
-    } else {
-      return "/" + remaining;
-    }
-  }
-
-  private int extractPortNumber(String remaining) {
-    int index1 = remaining.indexOf(':');
-    int index2 = remaining.indexOf('/');
-
-    if ((index1 != -1) && (index2 != -1)) {
-      String result = remaining.substring(index1 + 1, index2);
-      return Integer.parseInt(result);
-    } else {
-      return port;
-    }
-  }
-
-  private String extractHostName(String remaining) {
-    int index = remaining.indexOf(':');
-    if (index != -1) {
-      return remaining.substring(0, index);
-    } else {
-      return host;
-    }
-  }
-
-  private static String getConnectorKey(WebSocketEndpoint endpoint) {
-    return endpoint.getProtocol() + ":" + endpoint.getHost() + ":" + endpoint.getPort();
-  }
-
-  private void applyCrossOriginFiltering(
-          WebSocketEndpoint endpoint, ServletContextHandler context) {
-    if (endpoint.isCrossOriginFilterOn()) {
-      FilterHolder filterHolder = new FilterHolder();
-      CrossOriginFilter filter = new CrossOriginFilter();
-      filterHolder.setFilter(filter);
-      filterHolder.setInitParameter("allowedOrigins", endpoint.getAllowedOrigins());
-      context.addFilter(
-          filterHolder, endpoint.getFilterPath(), EnumSet.allOf(DispatcherType.class));
-    }
-  }
-
-  public ThreadPool getThreadPool() {
-    return threadPool;
-  }
-
-  public SSLContextParameters getSslContextParameters() {
-    return sslContextParameters;
-  }
-
-  @Override
-  public boolean isUseGlobalSslContextParameters() {
-    return this.useGlobalSslContextParameters;
-  }
-
-  /** Enable usage of global SSL context parameters. */
-  @Override
-  public void setUseGlobalSslContextParameters(boolean useGlobalSslContextParameters) {
-    this.useGlobalSslContextParameters = useGlobalSslContextParameters;
-  }
-
-  public Map<String, WebSocketFactory> getSocketFactories() {
-    return socketFactories;
-  }
-
-  /**
-   * To configure a map which contains custom WebSocketFactory for sub protocols. The key in the map
-   * is the sub protocol.
-   *
-   * <p>The <tt>default</tt> key is reserved for the default implementation.
-   */
-  public void setSocketFactories(Map<String, WebSocketFactory> socketFactories) {
-    this.socketFactories = socketFactories;
-
-    if (!this.socketFactories.containsKey("ids")) {
-      this.socketFactories.put("ids", new DefaultWebSocketFactory(certificatePair));
-    }
-  }
-
-  public static Map<String, ConnectorRef> getConnectors() {
-    return CONNECTORS;
-  }
-
-  @Override
-  protected void doStart() throws Exception {
-    super.doStart();
-  }
-
-  @Override
-  public void doStop() throws Exception {
-    super.doStop();
-    if (CONNECTORS.size() > 0) {
-      for (ConnectorRef connectorRef : CONNECTORS.values()) {
-        if (connectorRef != null && connectorRef.getRefCount() == 0) {
-          connectorRef.server.removeConnector(connectorRef.connector);
-          connectorRef.connector.stop();
-          connectorRef.server.stop();
-          connectorRef.memoryStore.stop();
-          connectorRef.servlet = null;
-        }
-      }
-    }
-    CONNECTORS.clear();
-
-    servlets.clear();
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java
deleted file mode 100644
index d36179308..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketComponentServlet.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import org.eclipse.jetty.websocket.servlet.WebSocketServlet;
-import org.eclipse.jetty.websocket.servlet.WebSocketServletFactory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.Map;
-
-public class WebSocketComponentServlet extends WebSocketServlet {
-  public static final int MAX_MESSAGE_SIZE = 100 * 1024 * 1024;
-
-  private static final long serialVersionUID = 1L;
-  private static final Logger LOG = LoggerFactory.getLogger(WebSocketComponentServlet.class);
-
-  private final NodeSynchronization sync;
-  private final Map<String, WebSocketFactory> socketFactories;
-  private final String pathSpec;
-
-  private WebSocketConsumer consumer;
-
-  public WebSocketComponentServlet(
-      NodeSynchronization sync, String pathSpec, Map<String, WebSocketFactory> socketFactories) {
-    this.sync = sync;
-    this.socketFactories = socketFactories;
-    this.pathSpec = pathSpec;
-  }
-
-  public WebSocketConsumer getConsumer() {
-    return consumer;
-  }
-
-  public void setConsumer(WebSocketConsumer consumer) {
-    this.consumer = consumer;
-  }
-
-  @Override
-  public void configure(WebSocketServletFactory factory) {
-    factory.getPolicy().setMaxBinaryMessageSize(MAX_MESSAGE_SIZE);
-    factory.getPolicy().setMaxTextMessageSize(MAX_MESSAGE_SIZE);
-    factory.setCreator(
-        (req, resp) -> {
-          String protocolKey = "ids";
-          if (req.getSubProtocols().isEmpty() || req.getSubProtocols().contains(protocolKey)) {
-            WebSocketFactory wsFactory = socketFactories.get(protocolKey);
-            resp.setAcceptedSubProtocol(protocolKey);
-            return wsFactory.newInstance(req, protocolKey, pathSpec, sync, consumer);
-          } else {
-            LOG.error("WS subprotocols not supported: {}", String.join(",", req.getSubProtocols()));
-            return null;
-          }
-        });
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketConsumer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketConsumer.java
deleted file mode 100644
index b6368d743..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketConsumer.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
-import org.apache.camel.Exchange;
-import org.apache.camel.Processor;
-import org.apache.camel.support.DefaultConsumer;
-
-public class WebSocketConsumer extends DefaultConsumer implements WebSocketProducerConsumer {
-
-  private final WebSocketEndpoint endpoint;
-
-  public WebSocketConsumer(WebSocketEndpoint endpoint, Processor processor) {
-    super(endpoint, processor);
-    this.endpoint = endpoint;
-  }
-
-  @Override
-  public void doStart() throws Exception {
-    super.doStart();
-    endpoint.connect(this);
-  }
-
-  @Override
-  public void doStop() throws Exception {
-    endpoint.disconnect(this);
-    super.doStop();
-  }
-
-  public WebSocketEndpoint getEndpoint() {
-    return endpoint;
-  }
-
-  public int getAttestationType() {
-    return endpoint.getAttestation();
-  }
-
-  public int getAttestationMask() {
-    return endpoint.getAttestationMask();
-  }
-
-  public void sendMessage(final String connectionKey, final String message) {
-    sendMessage(connectionKey, (Object) message);
-  }
-
-  public void sendMessage(final String connectionKey, final Object message) {
-
-    final Exchange exchange = getEndpoint().createExchange();
-
-    // set header and body
-    exchange.getIn().setHeader(WebSocketConstants.CONNECTION_KEY, connectionKey);
-    exchange.getIn().setBody(message);
-
-    // send exchange using the async routing engine
-    getAsyncProcessor()
-        .process(
-            exchange,
-            doneSync -> {
-              if (exchange.getException() != null) {
-                getExceptionHandler()
-                    .handleException(
-                        "Error processing exchange", exchange, exchange.getException());
-              }
-            });
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketEndpoint.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketEndpoint.java
deleted file mode 100644
index ff6f360d2..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketEndpoint.java
+++ /dev/null
@@ -1,374 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
-import org.apache.camel.Consumer;
-import org.apache.camel.Processor;
-import org.apache.camel.Producer;
-import org.apache.camel.spi.Metadata;
-import org.apache.camel.spi.UriEndpoint;
-import org.apache.camel.spi.UriParam;
-import org.apache.camel.spi.UriPath;
-import org.apache.camel.support.DefaultEndpoint;
-import org.apache.camel.support.jsse.SSLContextParameters;
-import org.apache.camel.util.ObjectHelper;
-import org.eclipse.jetty.server.Handler;
-
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.util.List;
-
-/**
- * The websocket component provides websocket endpoints for communicating with clients using
- * websocket.
- *
- * <p>This component uses Jetty as the websocket implementation.
- */
-@UriEndpoint(
-  scheme = "idsserver",
-  title = "IDS Server Socket",
-  syntax = "idsserver:host:port/resourceUri",
-  label = "idsserver"
-)
-public class WebSocketEndpoint extends DefaultEndpoint {
-
-  private final WebSocketComponent component;
-  private final URI uri;
-  private List<Handler> handlers;
-
-  @UriPath(defaultValue = WebSocketConstants.DEFAULT_HOST)
-  private String host;
-
-  @UriPath(defaultValue = WebSocketConstants.DEFAULT_PORT)
-  private Integer port;
-
-  @UriPath
-  @Metadata(required = true)
-  private String resourceUri;
-
-  @UriParam(label = "producer", defaultValue = "30000")
-  private Integer sendTimeout = 30000;
-
-  @UriParam(label = "consumer")
-  private boolean sessionSupport;
-
-  @UriParam(label = "cors", description = "enables or disables Cross Origin Filter")
-  private boolean crossOriginFilterOn;
-
-  @UriParam(
-    label = "sslContextParameters",
-    description = "used to save the SSLContextParameters when connecting via idsclient:// "
-  )
-  private SSLContextParameters sslContextParameters;
-
-  @UriParam(label = "cors")
-  private String allowedOrigins;
-
-  @UriParam(label = "cors")
-  private String filterPath;
-
-  @UriParam(label = "advanced", defaultValue = "8192")
-  private Integer bufferSize;
-
-  @UriParam(label = "advanced", defaultValue = "300000")
-  private Integer maxIdleTime;
-
-  @UriParam(label = "advanced")
-  private Integer maxTextMessageSize;
-
-  @UriParam(defaultValue = "-1")
-  private Integer maxBinaryMessageSize;
-
-  @UriParam(label = "advanced", defaultValue = "13")
-  private Integer minVersion;
-
-  @UriParam(
-    label = "attestation",
-    defaultValue = "0",
-    description =
-        "defines the remote attestation mode: 0=BASIC, 1=ALL, 2=ADVANCED, 3=ZERO. default value is 0=BASIC. (see api/attestation.proto for more details)"
-  )
-  private Integer attestation = 0;
-
-  @UriParam(
-    label = "attestationMask",
-    defaultValue = "0",
-    description =
-        "defines the upper boundary of PCR values tested in ADVANCED mode. i.e. attestationMask=5 means values PCR0, PCR1, PCR2, PCR3 and PCR4"
-  )
-  private Integer attestationMask = 0;
-
-  public WebSocketEndpoint(
-          WebSocketComponent component,
-          String uri,
-          String resourceUri) {
-    super(uri, component);
-    this.resourceUri = resourceUri;
-    this.component = component;
-    try {
-      this.uri = new URI(uri);
-    } catch (URISyntaxException e) {
-      throw new IllegalArgumentException(e);
-    }
-  }
-
-  @Override
-  public WebSocketComponent getComponent() {
-    ObjectHelper.notNull(component, "component");
-    return (WebSocketComponent) super.getComponent();
-  }
-
-  @Override
-  public Consumer createConsumer(Processor processor) throws Exception {
-    ObjectHelper.notNull(component, "component");
-    WebSocketConsumer consumer = new WebSocketConsumer(this, processor);
-    configureConsumer(consumer);
-    return consumer;
-  }
-
-  @Override
-  public Producer createProducer() {
-    return new WebSocketProducer(this);
-  }
-
-  public void connect(WebSocketConsumer consumer) throws Exception {
-    component.connect(consumer);
-  }
-
-  public void disconnect(WebSocketConsumer consumer) throws Exception {
-    component.disconnect(consumer);
-  }
-
-  public void connect(WebSocketProducer producer) throws Exception {
-    component.connect(producer);
-  }
-
-  public void disconnect(WebSocketProducer producer) throws Exception {
-    component.disconnect(producer);
-  }
-
-  @Override
-  public boolean isSingleton() {
-    return true;
-  }
-
-  @SuppressWarnings("unused")
-  public URI getUri() {
-    return uri;
-  }
-
-  public Integer getPort() {
-    return port;
-  }
-
-  public String getHost() {
-    return host;
-  }
-
-  /**
-   * The hostname. The default value is <tt>0.0.0.0</tt>. Setting this option on the component will
-   * use the component configured value as default.
-   */
-  public void setHost(String host) {
-    this.host = host;
-  }
-
-  /**
-   * The port number. The default value is <tt>9292</tt>. Setting this option on the component will
-   * use the component configured value as default.
-   */
-  public void setPort(int port) {
-    this.port = port;
-  }
-
-  public Integer getSendTimeout() {
-    return sendTimeout;
-  }
-
-  /**
-   * Timeout in millis when sending to a websocket channel. The default timeout is 30000 (30
-   * seconds).
-   */
-  @SuppressWarnings("unused")
-  public void setSendTimeout(Integer sendTimeout) {
-    this.sendTimeout = sendTimeout;
-  }
-
-  public String getProtocol() {
-    return uri.getScheme();
-  }
-
-  @SuppressWarnings("unused")
-  public String getPath() {
-    return uri.getPath();
-  }
-
-  /** Whether to enable session support which enables HttpSession for each http request. */
-  @SuppressWarnings("unused")
-  public void setSessionSupport(boolean support) {
-    sessionSupport = support;
-  }
-
-  public boolean isSessionSupport() {
-    return sessionSupport;
-  }
-
-  public Integer getBufferSize() {
-    return bufferSize;
-  }
-
-  public int getAttestation() {
-    return attestation;
-  }
-
-  @SuppressWarnings("unused")
-  public void setAttestation(int i) {
-    attestation = i;
-  }
-
-  public int getAttestationMask() {
-    return attestationMask;
-  }
-
-  @SuppressWarnings("unused")
-  public void setAttestationMask(int i) {
-    attestationMask = i;
-  }
-
-  /**
-   * Set the buffer size of the websocketServlet, which is also the max frame byte size (default
-   * 8192)
-   */
-  @SuppressWarnings("unused")
-  public void setBufferSize(Integer bufferSize) {
-    this.bufferSize = bufferSize;
-  }
-
-  public Integer getMaxIdleTime() {
-    return maxIdleTime;
-  }
-
-  /**
-   * Set the time in ms that the websocket created by the websocketServlet may be idle before
-   * closing. (default is 300000)
-   */
-  @SuppressWarnings("unused")
-  public void setMaxIdleTime(Integer maxIdleTime) {
-    this.maxIdleTime = maxIdleTime;
-  }
-
-  public Integer getMaxTextMessageSize() {
-    return maxTextMessageSize;
-  }
-
-  /**
-   * Can be used to set the size in characters that the websocket created by the websocketServlet
-   * may be accept before closing.
-   */
-  @SuppressWarnings("unused")
-  public void setMaxTextMessageSize(Integer maxTextMessageSize) {
-    this.maxTextMessageSize = maxTextMessageSize;
-  }
-
-  public Integer getMaxBinaryMessageSize() {
-    return maxBinaryMessageSize;
-  }
-
-  /**
-   * Can be used to set the size in bytes that the websocket created by the websocketServlet may be
-   * accept before closing. (Default is -1 - or unlimited)
-   */
-  @SuppressWarnings("unused")
-  public void setMaxBinaryMessageSize(Integer maxBinaryMessageSize) {
-    this.maxBinaryMessageSize = maxBinaryMessageSize;
-  }
-
-  public Integer getMinVersion() {
-    return minVersion;
-  }
-
-  /**
-   * Can be used to set the minimum protocol version accepted for the websocketServlet. (Default 13
-   * - the RFC6455 version)
-   */
-  @SuppressWarnings("unused")
-  public void setMinVersion(Integer minVersion) {
-    this.minVersion = minVersion;
-  }
-
-  public List<Handler> getHandlers() {
-    return handlers;
-  }
-
-  @SuppressWarnings("unused")
-  public void setHandlers(List<Handler> handlers) {
-    this.handlers = handlers;
-  }
-
-  public SSLContextParameters getSslContextParameters() {
-    return sslContextParameters;
-  }
-
-  /** To configure security using SSLContextParameters */
-  public void setSslContextParameters(SSLContextParameters sslContextParameters) {
-    this.sslContextParameters = sslContextParameters;
-  }
-
-  public String getAllowedOrigins() {
-    return allowedOrigins;
-  }
-
-  /** The CORS allowed origins. Use * to allow all. */
-  @SuppressWarnings("unused")
-  public void setAllowedOrigins(String allowedOrigins) {
-    this.allowedOrigins = allowedOrigins;
-  }
-
-  public boolean isCrossOriginFilterOn() {
-    return crossOriginFilterOn;
-  }
-
-  /** Whether to enable CORS */
-  @SuppressWarnings("unused")
-  public void setCrossOriginFilterOn(boolean crossOriginFilterOn) {
-    this.crossOriginFilterOn = crossOriginFilterOn;
-  }
-
-  public String getFilterPath() {
-    return filterPath;
-  }
-
-  /** Context path for filtering CORS */
-  @SuppressWarnings("unused")
-  public void setFilterPath(String filterPath) {
-    this.filterPath = filterPath;
-  }
-
-  public String getResourceUri() {
-    return resourceUri;
-  }
-
-  /** Name of the websocket channel to use */
-  @SuppressWarnings("unused")
-  public void setResourceUri(String resourceUri) {
-    this.resourceUri = resourceUri;
-  }
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketFactory.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketFactory.java
deleted file mode 100644
index ea80ce03b..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketFactory.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import org.eclipse.jetty.websocket.servlet.ServletUpgradeRequest;
-
-/** Web socket factory interface. */
-public interface WebSocketFactory {
-
-  DefaultWebsocket newInstance(
-      ServletUpgradeRequest request,
-      String protocol,
-      String pathSpec,
-      NodeSynchronization sync,
-      WebSocketConsumer consumer);
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducer.java
deleted file mode 100644
index a9dbf77f3..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducer.java
+++ /dev/null
@@ -1,109 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import de.fhg.aisec.ids.camel.ids.WebSocketConstants;
-import org.apache.camel.Exchange;
-import org.apache.camel.Message;
-import org.apache.camel.support.DefaultProducer;
-
-import java.nio.ByteBuffer;
-import java.util.concurrent.Future;
-import java.util.concurrent.TimeUnit;
-
-public class WebSocketProducer extends DefaultProducer implements WebSocketProducerConsumer {
-
-  private WebSocketStore store;
-  private final WebSocketEndpoint endpoint;
-
-  public WebSocketProducer(WebSocketEndpoint endpoint) {
-    super(endpoint);
-    this.endpoint = endpoint;
-  }
-
-  @Override
-  public void process(Exchange exchange) throws Exception {
-    Message in = exchange.getIn();
-    Object message = in.getMandatoryBody();
-    if (!(message == null || message instanceof String || message instanceof byte[])) {
-      message = in.getMandatoryBody(String.class);
-    }
-
-    // look for connection key and get Websocket
-    String connectionKey = in.getHeader(WebSocketConstants.CONNECTION_KEY, String.class);
-    if (connectionKey != null) {
-      String pathSpec = "";
-      if (endpoint.getResourceUri() != null) {
-        pathSpec = WebSocketComponent.createPathSpec(endpoint.getResourceUri());
-      }
-      DefaultWebsocket websocket = store.get(connectionKey + pathSpec);
-      log.debug("Sending to connection key {} -> {}", connectionKey, message);
-      Future<Void> future = sendMessage(websocket, message);
-      if (future != null) {
-        int timeout = endpoint.getSendTimeout();
-        future.get(timeout, TimeUnit.MILLISECONDS);
-        if (!future.isCancelled() && !future.isDone()) {
-          throw new WebsocketSendException(
-              "Failed to send message to the connection within " + timeout + " millis.", exchange);
-        }
-      }
-    } else {
-      throw new WebsocketSendException(
-          "Failed to send message to single connection; connection key not set.", exchange);
-    }
-  }
-
-  public WebSocketEndpoint getEndpoint() {
-    return endpoint;
-  }
-
-  @Override
-  public void doStart() throws Exception {
-    super.doStart();
-    endpoint.connect(this);
-  }
-
-  @Override
-  public void doStop() throws Exception {
-    endpoint.disconnect(this);
-    super.doStop();
-  }
-
-  Future<Void> sendMessage(DefaultWebsocket websocket, Object message) {
-    Future<Void> future = null;
-    // in case there is web socket and socket connection is open - send message
-    if (websocket != null && websocket.getSession().isOpen()) {
-      log.trace("Sending to websocket {} -> {}", websocket.getConnectionKey(), message);
-      if (message instanceof String) {
-        future = websocket.getSession().getRemote().sendStringByFuture((String) message);
-      } else if (message instanceof byte[]) {
-        ByteBuffer buf = ByteBuffer.wrap((byte[]) message);
-        future = websocket.getSession().getRemote().sendBytesByFuture(buf);
-      }
-    }
-    return future;
-  }
-
-  // Store is set/unset upon connect/disconnect of the producer
-  public void setStore(WebSocketStore store) {
-    this.store = store;
-  }
-
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducerConsumer.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducerConsumer.java
deleted file mode 100644
index 15aa58445..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketProducerConsumer.java
+++ /dev/null
@@ -1,26 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-public interface WebSocketProducerConsumer {
-
-  /** Gets the endpoint */
-  WebSocketEndpoint getEndpoint();
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketStore.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketStore.java
deleted file mode 100644
index db0024d71..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebSocketStore.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import org.apache.camel.Service;
-
-import java.util.Collection;
-
-public interface WebSocketStore extends Service {
-
-  void add(DefaultWebsocket ws);
-
-  void remove(DefaultWebsocket ws);
-
-  void remove(String key);
-
-  DefaultWebsocket get(String key);
-
-  Collection<DefaultWebsocket> getAll();
-}
diff --git a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketSendException.java b/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketSendException.java
deleted file mode 100644
index 8bab92f66..000000000
--- a/camel-ids/src/main/java/de/fhg/aisec/ids/camel/ids/server/WebsocketSendException.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.server;
-
-import org.apache.camel.CamelExchangeException;
-import org.apache.camel.Exchange;
-
-/** Exception while sending to a websocket channel. */
-public class WebsocketSendException extends CamelExchangeException {
-
-  private static final long serialVersionUID = 1L;
-
-  public WebsocketSendException(String message, Exchange exchange) {
-    super(message, exchange);
-  }
-
-  @SuppressWarnings("unused")
-  public WebsocketSendException(String message, Exchange exchange, Throwable cause) {
-    super(message, exchange, cause);
-  }
-}
diff --git a/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsclient b/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsclient
deleted file mode 100644
index 688c0cadd..000000000
--- a/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsclient
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-class=de.fhg.aisec.ids.camel.ids.client.WsComponent
diff --git a/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsclientplain b/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsclientplain
deleted file mode 100644
index 688c0cadd..000000000
--- a/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsclientplain
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-class=de.fhg.aisec.ids.camel.ids.client.WsComponent
diff --git a/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsserver b/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsserver
deleted file mode 100644
index 695ae6f68..000000000
--- a/camel-ids/src/main/resources/META-INF/services/org/apache/camel/component/idsserver
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-class=de.fhg.aisec.ids.camel.ids.server.WebSocketComponent
diff --git a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
deleted file mode 100644
index c27bbd9d1..000000000
--- a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/IdsClientServerPlaintextWithAttestationTest.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids;
-
-import de.fhg.aisec.ids.api.conm.IDSCPIncomingConnection;
-import de.fhg.aisec.ids.api.conm.IDSCPOutgoingConnection;
-import de.fhg.aisec.ids.api.conm.RatResult;
-import de.fhg.aisec.ids.api.settings.ConnectionSettings;
-import de.fhg.aisec.ids.api.settings.ConnectorConfig;
-import de.fhg.aisec.ids.api.settings.Settings;
-import de.fhg.aisec.ids.api.tokenm.TokenManager;
-import de.fhg.aisec.ids.camel.ids.connectionmanagement.ConnectionManagerService;
-import org.apache.camel.builder.RouteBuilder;
-import org.apache.camel.component.mock.MockEndpoint;
-import org.apache.camel.test.junit4.CamelTestSupport;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.util.List;
-
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.ArgumentMatchers.anyString;
-import static org.mockito.Mockito.*;
-
-public class IdsClientServerPlaintextWithAttestationTest extends CamelTestSupport {
-  private static final String TEST_MESSAGE = "Hello World!";
-  private static final String TEST_MESSAGE_2 = "Hello Again!";
-
-  @Before
-  public void mockRequiredBundles() throws Exception {
-    CamelComponent cc = new CamelComponent();
-    Settings settings = mock(Settings.class);
-    ConnectorConfig connectorConfig = mock(ConnectorConfig.class);
-    when(settings.getConnectorConfig()).thenReturn(connectorConfig);
-    when(connectorConfig.getDapsUrl()).thenReturn("daps.mock.url");
-    when(settings.getConnectionSettings(anyString())).thenReturn(new ConnectionSettings());
-    cc.setSettings(settings);
-    TokenManager tm = mock(TokenManager.class);
-    doNothing().when(tm).verifyJWT(anyString(), any(ConnectionSettings.class));
-    cc.setTokenManager(tm);
-    CamelComponent.setInstance(cc);
-  }
-
-  @Test
-  public void testFromRouteAToB() throws InterruptedException {
-    ConnectionManagerService conm = new ConnectionManagerService();
-    assertTrue(conm.listIncomingConnections().isEmpty());
-
-    MockEndpoint mock = getMockEndpoint("mock:result");
-    mock.expectedBodiesReceived(TEST_MESSAGE);
-
-    // Send a test message into begin of client route
-    template.sendBody("direct:input", TEST_MESSAGE);
-
-    // We expect that mock endpoint is happy and has received a message
-    mock.assertIsSatisfied();
-
-    // We expect one incoming connection to be listed by ConnectionManager
-    List<IDSCPIncomingConnection> incomings = conm.listIncomingConnections();
-    assertEquals(
-        "Incoming connection established, but ConnectionManager did not list it.",
-        1,
-        incomings.size());
-
-    IDSCPIncomingConnection incomingConnection = incomings.get(0);
-
-    // We expect attestation to FAIL because unit tests have no valid TPM
-    RatResult ratResult = incomingConnection.getAttestationResult();
-    assertEquals(RatResult.Status.FAILED, ratResult.getStatus());
-
-    // We expect some meta data about the remote endpoint
-    assertEquals("{\"message\":\"Infomodel is not available\"}", incomingConnection.getMetaData());
-
-    List<IDSCPOutgoingConnection> outgoings = conm.listOutgoingConnections();
-    assertEquals(1, outgoings.size());
-
-    // Also outgoing connection will have failed remote attestation
-    IDSCPOutgoingConnection outgoingConnection = outgoings.get(0);
-    assertEquals(RatResult.Status.FAILED, outgoingConnection.getAttestationResult().getStatus());
-
-    // ... and some meta data
-    String meta = outgoingConnection.getMetaData();
-    assertEquals("{\"message\":\"Infomodel is not available\"}", meta);
-  }
-
-  @Test
-  public void testTwoRoutesRestartConsumer() throws Exception {
-    MockEndpoint mock = getMockEndpoint("mock:result");
-
-    resetMocks();
-    mock.expectedBodiesReceived(TEST_MESSAGE);
-    template.sendBody("direct:input", TEST_MESSAGE);
-    mock.assertIsSatisfied();
-
-    // Now stop and start the client route
-    log.info("Restarting client route");
-    var routeController = context.getRouteController();
-    routeController.stopRoute("client");
-    routeController.startRoute("client");
-
-    resetMocks();
-    mock.expectedBodiesReceived(TEST_MESSAGE_2);
-    template.sendBody("direct:input", TEST_MESSAGE_2);
-    mock.assertIsSatisfied();
-  }
-
-  @Override
-  protected RouteBuilder[] createRouteBuilders() {
-    return new RouteBuilder[] {
-      new RouteBuilder() {
-        public void configure() {
-          from("direct:input").routeId("client").to("idsclientplain://localhost:9292/zero");
-        }
-      },
-      new RouteBuilder() {
-        public void configure() {
-          from("idsserver://0.0.0.0:9292/zero").routeId("server").to("mock:result");
-        }
-      }
-    };
-  }
-}
diff --git a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WebSocketMockHelper.java b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WebSocketMockHelper.java
deleted file mode 100644
index e55623f3a..000000000
--- a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WebSocketMockHelper.java
+++ /dev/null
@@ -1,68 +0,0 @@
-package de.fhg.aisec.ids.camel.ids.client;
-
-import org.asynchttpclient.ws.WebSocket;
-import org.mockito.stubbing.Answer;
-
-import java.nio.charset.StandardCharsets;
-
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-
-public class WebSocketMockHelper {
-    private final WebSocket mock;
-    private final byte[] buffer = new byte[3 * WsProducer.STREAM_BUFFER_SIZE];
-    private int bufferOffset = 0;
-    private byte[] resultBytes = null;
-
-    public WebSocketMockHelper() {
-        mock = mock(WebSocket.class);
-        var bytesAnswer = (Answer<?>) invocation -> {
-            var nArgs = invocation.getArguments().length;
-            handleFrame(
-                    invocation.getArgument(0, byte[].class),
-                    nArgs > 1 ? invocation.getArgument(1, Boolean.class) : true);
-            return null;
-        };
-        var stringAnswer = (Answer<?>) invocation -> {
-            var nArgs = invocation.getArguments().length;
-            handleFrame(
-                    invocation.getArgument(0, String.class).getBytes(StandardCharsets.US_ASCII),
-                    nArgs > 1 ? invocation.getArgument(1, Boolean.class) : true);
-            return null;
-        };
-        when(mock.sendBinaryFrame(any(byte[].class), any(Boolean.class), any(Integer.class))).thenAnswer(bytesAnswer);
-        when(mock.sendBinaryFrame(any(byte[].class))).thenAnswer(bytesAnswer);
-        when(mock.sendTextFrame(any(String.class), any(Boolean.class), any(Integer.class))).thenAnswer(stringAnswer);
-        when(mock.sendTextFrame(any(String.class))).thenAnswer(stringAnswer);
-        when(mock.sendContinuationFrame(any(byte[].class), any(Boolean.class), any(Integer.class))).thenAnswer(bytesAnswer);
-        when(mock.sendContinuationFrame(any(String.class), any(Boolean.class), any(Integer.class))).thenAnswer(stringAnswer);
-    }
-
-    private synchronized void handleFrame(byte[] buffer, boolean isFinal) {
-        if (resultBytes != null) {
-            throw new RuntimeException("WebSocket mock received a final frame, fix the bug just observed " +
-                    "or call resetBuffer() before reuse if intended!");
-        }
-        System.arraycopy(buffer, 0, this.buffer, bufferOffset, buffer.length);
-        bufferOffset += buffer.length;
-        // Set result on final frame
-        if (isFinal) {
-            resultBytes = new byte[bufferOffset];
-            System.arraycopy(this.buffer, 0, resultBytes, 0, bufferOffset);
-        }
-    }
-
-    public synchronized void resetBuffer() {
-        bufferOffset = 0;
-        resultBytes = null;
-    }
-
-    public WebSocket getMock() {
-        return mock;
-    }
-
-    public byte[] getResultBytes() {
-        return resultBytes;
-    }
-}
diff --git a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WsProducerTest.java b/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WsProducerTest.java
deleted file mode 100644
index aeeaddef0..000000000
--- a/camel-ids/src/test/java/de/fhg/aisec/ids/camel/ids/client/WsProducerTest.java
+++ /dev/null
@@ -1,95 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.client;
-
-import org.junit.Test;
-
-import java.nio.charset.StandardCharsets;
-import java.util.Arrays;
-import java.util.Random;
-import java.util.stream.Stream;
-
-import static de.fhg.aisec.ids.camel.ids.client.WsProducer.STREAM_BUFFER_SIZE;
-import static org.junit.Assert.assertArrayEquals;
-
-public class WsProducerTest {
-    public static final int[] TEST_SIZES = {
-            0, 1,
-            STREAM_BUFFER_SIZE - 1, STREAM_BUFFER_SIZE, STREAM_BUFFER_SIZE + 1,
-            STREAM_BUFFER_SIZE * 2 - 1, STREAM_BUFFER_SIZE * 2, STREAM_BUFFER_SIZE * 2 + 1
-    };
-
-    public byte[] getRandomPrintableAsciiBytes(int length) {
-        byte[] buffer = new byte[length];
-        var rand = new Random();
-        for (int i = 0; i < length; i++) {
-            buffer[i] = (byte)('!' + rand.nextInt('~' - '!'));
-        }
-        return buffer;
-    }
-
-    public Stream<byte[]> getTestByteArrayStream() {
-        return Arrays.stream(TEST_SIZES).mapToObj(this::getRandomPrintableAsciiBytes);
-    }
-
-//    public Exchange getTestExchange(Object body) {
-//        var message = mock(Message.class);
-//        when(message.getBody()).thenReturn(body);
-//        var exchange = mock(Exchange.class);
-//        when(exchange.getIn()).thenReturn(message);
-//        return exchange;
-//    }
-//
-//    public WsProducer getProducerMock(WebSocketMockHelper mockHelper, boolean streaming) throws Exception {
-//        var endpoint = mock(WsEndpoint.class);
-//        when(endpoint.isUseStreaming()).thenReturn(streaming);
-//        when(endpoint.getWebSocket()).thenReturn(mockHelper.getMock());
-//        var producer = mock(WsProducer.class);
-//        when(producer.getEndpoint()).thenReturn(endpoint);
-//        doCallRealMethod().when(producer).process(any(Exchange.class));
-//        return producer;
-//    }
-
-    @Test
-    public void testSendMessage() {
-        var wsMockHelper = new WebSocketMockHelper();
-//        var producerMockDefault = getProducerMock(wsMockHelper, false);
-//        var producerMockStreaming = getProducerMock(wsMockHelper, true);
-        getTestByteArrayStream().forEach(bytes -> {
-            try {
-                WsProducer.sendMessage(wsMockHelper.getMock(), bytes, false);
-                assertArrayEquals("sendMessage() (bytes, non-streaming) seems flawed", bytes, wsMockHelper.getResultBytes());
-                wsMockHelper.resetBuffer();
-                WsProducer.sendMessage(wsMockHelper.getMock(), bytes, true);
-                assertArrayEquals("sendMessage() (bytes, streaming) seems flawed", bytes, wsMockHelper.getResultBytes());
-                wsMockHelper.resetBuffer();
-                var string = new String(bytes, StandardCharsets.US_ASCII);
-                WsProducer.sendMessage(wsMockHelper.getMock(), string, false);
-                assertArrayEquals("sendMessage() (String, non-streaming) seems flawed", bytes, wsMockHelper.getResultBytes());
-                wsMockHelper.resetBuffer();
-                WsProducer.sendMessage(wsMockHelper.getMock(), string, true);
-                assertArrayEquals("sendMessage() (String, streaming) seems flawed", bytes, wsMockHelper.getResultBytes());
-                wsMockHelper.resetBuffer();
-            } catch (Exception e) {
-                throw new RuntimeException(e);
-            }
-        });
-    }
-}
diff --git a/camel-ids/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker b/camel-ids/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker
deleted file mode 100644
index ca6ee9cea..000000000
--- a/camel-ids/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker
+++ /dev/null
@@ -1 +0,0 @@
-mock-maker-inline
\ No newline at end of file
diff --git a/camel-ids/ssl/ca.sh b/camel-ids/ssl/ca.sh
deleted file mode 100755
index 0abca82ed..000000000
--- a/camel-ids/ssl/ca.sh
+++ /dev/null
@@ -1,122 +0,0 @@
-#!/bin/bash
-#
-
-cleanup(){
-echo "Cleanup unnecessary files"
-[[ -f ${SUBCA_CSR} ]] && rm ${SUBCA_CSR}
-[[ -f ${INDEX_FILE}.attr ]] && rm ${INDEX_FILE}.attr
-[[ -f ${INDEX_FILE}.old ]] && rm ${INDEX_FILE}.old
-[[ -f ${SERIAL_FILE}.old ]] && rm ${SERIAL_FILE}.old
-[[ -f ${PEM_FILE} ]] && rm ${PEM_FILE}
-}
-
-error_check(){
-if [ "$1" != "0" ]; then
-  echo "Error: $2"
-  cleanup
-  exit 1
-fi
-}
-
-assert_file_exists(){
-if [ ! -f $1 ]; then
-  echo "Error: Missing file $1"
-  exit 1
-fi
-}
-
-assert_file_not_exists(){
-if [ -f $1 ]; then
-  echo "Error: File $1 exists. Precautional exit"
-  exit 1
-fi
-}
-
-CA_FOLDER="./ca"
-
-#root CA files
-#root 01.pem
-PEM_FILE="$CA_FOLDER/01.pem"
-#root CA sign index file
-INDEX_FILE="$CA_FOLDER/index.txt"
-#root CA sign serial file
-SERIAL_FILE="$CA_FOLDER/serial.txt"
-#root CA config file
-ROOTCA_CONFIG="configs/openssl-rootca.cnf"
-#root CA cert file
-ROOTCA_CERT="$CA_FOLDER/rootca.cert"
-#root CA key file
-ROOTCA_KEY="$CA_FOLDER/rootca.key"
-
-#sub CA config file
-SUBCA_CONFIG="configs/openssl-subca.cnf"
-#sub CA csr file
-SUBCA_CSR="$CA_FOLDER/subca.csr"
-#sub CA cert file
-SUBCA_CERT="$CA_FOLDER/subca.cert"
-#sub CA key file
-SUBCA_KEY="$CA_FOLDER/subca.key"
-
-#ca chain file
-CACHAIN_CERT="$CA_FOLDER/cachain.cert"
-
-if [ $# -eq 0 ] ; then
-  echo "No arguments supplied, which is good"
-else
-  echo "Invalid number of arguments: $# (expected 0)"
-  echo "Usage: $0"
-  exit 1
-fi
-
-cd $(dirname $0)
-echo "Check if directory is clean"
-assert_file_not_exists ${INDEX_FILE}
-assert_file_not_exists ${SERIAL_FILE}
-assert_file_not_exists ${ROOTCA_CERT}
-assert_file_not_exists ${ROOTCA_KEY}
-assert_file_not_exists ${SUBCA_CERT}
-assert_file_not_exists ${SUBCA_CSR}
-assert_file_not_exists ${SUBCA_KEY}
-assert_file_not_exists ${CACHAIN_CERT}
-
-echo "Trying to find required files"
-assert_file_exists ${ROOTCA_CONFIG}
-assert_file_exists ${SUBCA_CONFIG}
-echo "Successfully found requrired files"
-
-
-########## ROOT CA CERT ##########
-# -nodes option omits passphrase
-echo "Create self-signed root CA certificate"
-openssl req -batch -x509 -config ${ROOTCA_CONFIG} -newkey rsa:2048 -sha1 -nodes -out ${ROOTCA_CERT} -outform PEM -days 7300 -keyout ${ROOTCA_KEY}
-error_check $? "Failed to create self signed root CA certificate"
-
-########## SUB CA CERT ##########
-# -nodes option omits passphrase
-echo "Create sub CA CSR"
-openssl req -batch -config ${SUBCA_CONFIG} -newkey rsa:2048 -sha1 -nodes -out ${SUBCA_CSR} -outform PEM -keyout ${SUBCA_KEY}
-error_check $? "Failed to create sub CA CSR"
-
-echo "Sign sub CA CSR with root CA"
-touch ca/index.txt
-touch ca/serial.txt
-echo '01' > ca/serial.txt
-openssl ca -batch -config ${ROOTCA_CONFIG} -policy signing_policy -extensions signing_req_CA -out ${SUBCA_CERT} -infiles ${SUBCA_CSR}
-error_check $? "Failed to sign sub CA CSR with root CA certificate"
-
-echo "Verify newly created sub CA certificate"
-openssl verify -CAfile ${ROOTCA_CERT} ${SUBCA_CERT}
-error_check $? "Failed to verify newly signed sub CA certificate"
-
-echo "Concatenate root CA to sub CA"
-echo "************************** ROOT CA CERTIFICATE *****************************************"
-cat ${ROOTCA_CERT}
-echo "************************** SUB CA CERTIFICATE *****************************************"
-cat ${SUBCA_CERT}
-
-cat ${ROOTCA_CERT} ${SUBCA_CERT} >> ${CACHAIN_CERT}
-
-echo "Cleanup temp files"
-cleanup
-
-exit 0
diff --git a/camel-ids/ssl/ca/cachain.cert b/camel-ids/ssl/ca/cachain.cert
deleted file mode 100644
index e55463562..000000000
--- a/camel-ids/ssl/ca/cachain.cert
+++ /dev/null
@@ -1,111 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDXTCCAkWgAwIBAgIJAPbCZBTm8zbBMA0GCSqGSIb3DQEBBQUAMD0xCzAJBgNV
-BAYTAkRFMRMwEQYDVQQKDApGcmF1bmhvZmVyMRkwFwYDVQQDDBBJRFMgUm9vdCBD
-QSAyMDE2MB4XDTE3MDIxNTEwMzkyMFoXDTM3MDIxMDEwMzkyMFowPTELMAkGA1UE
-BhMCREUxEzARBgNVBAoMCkZyYXVuaG9mZXIxGTAXBgNVBAMMEElEUyBSb290IENB
-IDIwMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyG8fCjoH2X+tr
-BFGscizg7ODNTZd0GoyVOX1xkNmkLa1vMeo+mDfO8sXLzcRSFuNRfQHIR9O8jR6V
-A5WhIzGYYvhO2mDl5NVAtGzljrPB2xCCzGyFDf4QOz+WPrJWGJ5ThhnaUIwC+Tcb
-EYZUQfm2aSqIzRi876qCtYdIdxHvo32+M8APStkuOeGBZvNpVQiG4Hy3mECPLFZm
-XphgfD1mGVWMRHE3iHnqO1zG3fWDWZcTzWlHd9/VaY9ruYKWow2Zh80mTIsOPrM8
-p9dh8PrNewXSMa4sKalMuyZAgwKbhgpcqSqdAIgl6pRafdjQeXvpJ4++VF+sAhkC
-jYJTl7FfAgMBAAGjYDBeMB0GA1UdDgQWBBSZuq591Lv1vJSCsDLaYY12omzY6zAf
-BgNVHSMEGDAWgBSZuq591Lv1vJSCsDLaYY12omzY6zAPBgNVHRMBAf8EBTADAQH/
-MAsGA1UdDwQEAwIBRjANBgkqhkiG9w0BAQUFAAOCAQEApfE/TCbERGvbATl7KnDk
-v0CdHVsDikg91sFI+PgmVoMlxorBSMbAuv9+FOhHsje/rOkiaZ7XyhWawGTXeA5p
-S26Qev0BJNQPisCFIGY9Pwa6cfASjmAlByxORGjkGOsOYaUYrbbrwFXUDRdqqs0f
-tACuI0szGMa0GUz6kga8xy+wQ9nU6WXprTYQmbM4TPFJjUBdg26lE/QDH/AeLh/m
-TX7amieWM85fM7gyIXc4ZKEHDEfn74fSXL1DU+t/NJYGK6x93r85PnNWGiKLIoht
-ZfN+3mTT4IwKPPE7E/l6EMUCfXkvAZ/mguYlOD0kfdYzHt0FVW3F865gtH08bMJg
-kw==
------END CERTIFICATE-----
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS Root CA 2016
-        Validity
-            Not Before: Feb 15 10:39:21 2017 GMT
-            Not After : Feb 13 10:39:21 2025 GMT
-        Subject: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:b6:b8:53:48:45:6d:8d:68:03:2d:9a:07:ba:ce:
-                    8f:31:d6:d5:1f:79:fa:ec:e9:9f:99:03:c9:2d:4e:
-                    e7:ea:18:bb:00:38:0c:6b:f3:31:aa:6a:d5:58:42:
-                    5e:a7:fa:19:58:b1:87:31:dc:8a:1e:ba:a4:9f:9b:
-                    56:7a:b4:46:b3:43:eb:47:2c:ea:f7:0f:33:ff:c8:
-                    8c:b0:da:05:8e:14:fc:6a:5b:7b:bd:09:f7:84:b2:
-                    7b:db:fb:e7:b1:7d:d2:a1:d0:0e:a6:ef:5b:37:af:
-                    0c:c1:b6:76:25:9b:42:93:e7:63:00:cf:e8:52:86:
-                    4d:ee:5f:a8:4d:57:1b:58:7c:77:05:49:cd:55:4f:
-                    23:20:eb:c2:c7:be:3d:e9:2a:8c:58:f1:52:45:be:
-                    20:40:b4:7b:d8:a9:c5:e8:88:d2:ab:a7:15:74:32:
-                    6a:81:7f:e9:00:81:69:8f:0d:3d:ad:01:48:35:1f:
-                    4a:dc:74:e5:3b:5b:f7:ca:99:54:b3:d4:ca:a9:55:
-                    70:b6:da:7a:69:ea:66:cf:23:16:3b:ea:53:2f:b1:
-                    de:9f:97:2b:7c:a6:68:21:ae:58:37:89:ef:e4:4d:
-                    ad:aa:97:50:c3:87:61:f2:48:33:fb:c0:4a:09:f4:
-                    bc:13:a6:e6:9e:7e:4b:90:2c:82:69:6a:6c:54:fc:
-                    a2:a9
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-            X509v3 Authority Key Identifier: 
-                keyid:99:BA:AE:7D:D4:BB:F5:BC:94:82:B0:32:DA:61:8D:76:A2:6C:D8:EB
-
-            X509v3 Basic Constraints: critical
-                CA:TRUE
-            X509v3 Key Usage: 
-                Digital Signature, Certificate Sign, CRL Sign
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-    Signature Algorithm: sha256WithRSAEncryption
-         37:d8:e0:90:e8:3d:fe:bc:0d:12:83:95:b4:9e:cb:3b:13:20:
-         f9:4d:a2:39:b3:cb:1f:44:2d:b5:77:13:a0:5a:3b:dd:00:75:
-         f5:a1:e7:48:e0:3a:8d:84:c3:0b:67:eb:ec:7e:d4:af:89:fb:
-         ed:2b:e1:35:7a:f3:c3:62:2c:83:34:8c:dd:a8:2d:2f:ed:90:
-         75:a7:4c:89:27:48:fa:45:44:2b:63:ea:f2:45:23:18:8e:68:
-         4b:ec:ad:fa:2c:13:f1:25:3e:0f:14:75:bb:39:0e:64:65:67:
-         35:9f:7d:16:6d:7a:1e:79:c3:41:4f:bf:98:14:f8:d1:ac:4d:
-         31:16:db:8e:c2:22:89:56:8f:e0:1b:c0:fc:95:aa:cb:7e:a8:
-         a0:9a:93:da:5f:cd:e9:1d:9a:58:d9:c8:31:8d:57:fb:5f:bd:
-         7e:bc:13:e3:e0:c7:64:65:49:28:22:88:cf:3e:f4:60:fd:53:
-         9c:0b:fc:02:bb:c8:08:6e:c7:0f:08:ef:6f:90:5b:8f:27:0c:
-         8f:d0:09:16:8e:1b:f0:42:ca:df:49:05:08:d3:0d:d3:fc:fb:
-         70:27:9e:d5:9b:98:50:6b:11:ff:ef:d8:78:13:04:2f:6d:9d:
-         70:8f:f8:cb:07:86:3f:55:56:49:c7:4b:2d:17:ce:cf:92:63:
-         ba:4c:3c:ec
------BEGIN CERTIFICATE-----
-MIID5DCCAsygAwIBAgIBATANBgkqhkiG9w0BAQsFADA9MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEZMBcGA1UEAwwQSURTIFJvb3QgQ0EgMjAxNjAe
-Fw0xNzAyMTUxMDM5MjFaFw0yNTAyMTMxMDM5MjFaMDsxCzAJBgNVBAYTAkRFMRMw
-EQYDVQQKDApGcmF1bmhvZmVyMRcwFQYDVQQDDA5JRFMgU3ViQ0EgMjAxNjCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALa4U0hFbY1oAy2aB7rOjzHW1R95
-+uzpn5kDyS1O5+oYuwA4DGvzMapq1VhCXqf6GVixhzHcih66pJ+bVnq0RrND60cs
-6vcPM//IjLDaBY4U/Gpbe70J94Sye9v757F90qHQDqbvWzevDMG2diWbQpPnYwDP
-6FKGTe5fqE1XG1h8dwVJzVVPIyDrwse+PekqjFjxUkW+IEC0e9ipxeiI0qunFXQy
-aoF/6QCBaY8NPa0BSDUfStx05Ttb98qZVLPUyqlVcLbaemnqZs8jFjvqUy+x3p+X
-K3ymaCGuWDeJ7+RNraqXUMOHYfJIM/vASgn0vBOm5p5+S5AsgmlqbFT8oqkCAwEA
-AaOB8DCB7TAdBgNVHQ4EFgQUiYuC72su5EAtzlxs93guerB7GR0wHwYDVR0jBBgw
-FoAUmbqufdS79byUgrAy2mGNdqJs2OswDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8E
-BAMCAYYwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDANBgkqhkiG9w0BAQsFAAOCAQEAN9jgkOg9/rwNEoOVtJ7LOxMg+U2iObPL
-H0QttXcToFo73QB19aHnSOA6jYTDC2fr7H7Ur4n77SvhNXrzw2IsgzSM3agtL+2Q
-dadMiSdI+kVEK2Pq8kUjGI5oS+yt+iwT8SU+DxR1uzkOZGVnNZ99Fm16HnnDQU+/
-mBT40axNMRbbjsIiiVaP4BvA/JWqy36ooJqT2l/N6R2aWNnIMY1X+1+9frwT4+DH
-ZGVJKCKIzz70YP1TnAv8ArvICG7HDwjvb5BbjycMj9AJFo4b8ELK30kFCNMN0/z7
-cCee1ZuYUGsR/+/YeBMEL22dcI/4yweGP1VWScdLLRfOz5Jjukw87A==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/ca/index.txt b/camel-ids/ssl/ca/index.txt
deleted file mode 100644
index fc4d4ef1c..000000000
--- a/camel-ids/ssl/ca/index.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-V	190215104012Z		01	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215104017Z		02	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215105339Z		03	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215105401Z		04	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215105409Z		05	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215114845Z		06	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215114851Z		07	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215122054Z		08	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215122104Z		09	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215123310Z		0A	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215123319Z		0B	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
diff --git a/camel-ids/ssl/ca/index.txt.attr b/camel-ids/ssl/ca/index.txt.attr
deleted file mode 100644
index 3a7e39e6e..000000000
--- a/camel-ids/ssl/ca/index.txt.attr
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/camel-ids/ssl/ca/index.txt.attr.old b/camel-ids/ssl/ca/index.txt.attr.old
deleted file mode 100644
index 3a7e39e6e..000000000
--- a/camel-ids/ssl/ca/index.txt.attr.old
+++ /dev/null
@@ -1 +0,0 @@
-unique_subject = no
diff --git a/camel-ids/ssl/ca/index.txt.old b/camel-ids/ssl/ca/index.txt.old
deleted file mode 100644
index d28f57290..000000000
--- a/camel-ids/ssl/ca/index.txt.old
+++ /dev/null
@@ -1,10 +0,0 @@
-V	190215104012Z		01	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215104017Z		02	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215105339Z		03	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215105401Z		04	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215105409Z		05	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215114845Z		06	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215114851Z		07	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215122054Z		08	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215122104Z		09	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
-V	190215123310Z		0A	unknown	/C=DE/ST=Bayern/L=Muenchen/O=Fraunhofer/OU=AISEC/CN=AISEC IDS Client
diff --git a/camel-ids/ssl/ca/rootca.cert b/camel-ids/ssl/ca/rootca.cert
deleted file mode 100644
index 3aa1c366d..000000000
--- a/camel-ids/ssl/ca/rootca.cert
+++ /dev/null
@@ -1,21 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDXTCCAkWgAwIBAgIJAPbCZBTm8zbBMA0GCSqGSIb3DQEBBQUAMD0xCzAJBgNV
-BAYTAkRFMRMwEQYDVQQKDApGcmF1bmhvZmVyMRkwFwYDVQQDDBBJRFMgUm9vdCBD
-QSAyMDE2MB4XDTE3MDIxNTEwMzkyMFoXDTM3MDIxMDEwMzkyMFowPTELMAkGA1UE
-BhMCREUxEzARBgNVBAoMCkZyYXVuaG9mZXIxGTAXBgNVBAMMEElEUyBSb290IENB
-IDIwMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyG8fCjoH2X+tr
-BFGscizg7ODNTZd0GoyVOX1xkNmkLa1vMeo+mDfO8sXLzcRSFuNRfQHIR9O8jR6V
-A5WhIzGYYvhO2mDl5NVAtGzljrPB2xCCzGyFDf4QOz+WPrJWGJ5ThhnaUIwC+Tcb
-EYZUQfm2aSqIzRi876qCtYdIdxHvo32+M8APStkuOeGBZvNpVQiG4Hy3mECPLFZm
-XphgfD1mGVWMRHE3iHnqO1zG3fWDWZcTzWlHd9/VaY9ruYKWow2Zh80mTIsOPrM8
-p9dh8PrNewXSMa4sKalMuyZAgwKbhgpcqSqdAIgl6pRafdjQeXvpJ4++VF+sAhkC
-jYJTl7FfAgMBAAGjYDBeMB0GA1UdDgQWBBSZuq591Lv1vJSCsDLaYY12omzY6zAf
-BgNVHSMEGDAWgBSZuq591Lv1vJSCsDLaYY12omzY6zAPBgNVHRMBAf8EBTADAQH/
-MAsGA1UdDwQEAwIBRjANBgkqhkiG9w0BAQUFAAOCAQEApfE/TCbERGvbATl7KnDk
-v0CdHVsDikg91sFI+PgmVoMlxorBSMbAuv9+FOhHsje/rOkiaZ7XyhWawGTXeA5p
-S26Qev0BJNQPisCFIGY9Pwa6cfASjmAlByxORGjkGOsOYaUYrbbrwFXUDRdqqs0f
-tACuI0szGMa0GUz6kga8xy+wQ9nU6WXprTYQmbM4TPFJjUBdg26lE/QDH/AeLh/m
-TX7amieWM85fM7gyIXc4ZKEHDEfn74fSXL1DU+t/NJYGK6x93r85PnNWGiKLIoht
-ZfN+3mTT4IwKPPE7E/l6EMUCfXkvAZ/mguYlOD0kfdYzHt0FVW3F865gtH08bMJg
-kw==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/ca/rootca.key b/camel-ids/ssl/ca/rootca.key
deleted file mode 100644
index e538f2d25..000000000
--- a/camel-ids/ssl/ca/rootca.key
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCyG8fCjoH2X+tr
-BFGscizg7ODNTZd0GoyVOX1xkNmkLa1vMeo+mDfO8sXLzcRSFuNRfQHIR9O8jR6V
-A5WhIzGYYvhO2mDl5NVAtGzljrPB2xCCzGyFDf4QOz+WPrJWGJ5ThhnaUIwC+Tcb
-EYZUQfm2aSqIzRi876qCtYdIdxHvo32+M8APStkuOeGBZvNpVQiG4Hy3mECPLFZm
-XphgfD1mGVWMRHE3iHnqO1zG3fWDWZcTzWlHd9/VaY9ruYKWow2Zh80mTIsOPrM8
-p9dh8PrNewXSMa4sKalMuyZAgwKbhgpcqSqdAIgl6pRafdjQeXvpJ4++VF+sAhkC
-jYJTl7FfAgMBAAECggEAJxloIfLM3vwxnx2knFm4Nmxp8UfuTqOhZwTm3+5viNYq
-M7XeeX1LCxhKibITPf4eSv5JTOFPvx2vsADIcUZbldtsLUtNaEpy8jBpk39fQNhJ
-aJ1d2Vu4AXIwRFhhJ/thjm5q8H0sL17sVPnk5kxReFTf7IYxvxBR+z3EhAj3nAaH
-Rwj22YhDLqglcaBOGvStK1JYJp5M2AH7qjzDpNFRgxPIdU88SCA5TH/EDGGUo1K7
-enuST0qELdLYztC7QqqmHkLeNpmM5wIQGQenJ3RqUmKjdshKCxrpGmLVaPZI3751
-wbEnec0fhjETAPbX1TlX/OjCt/+MtQjC2E+qHCl9eQKBgQDaI0U3FSsLvEoXgxGe
-RIDHVBX5C3Bky61W30IHArbM6yYuTVzAJFykMLkgyMxMBObRoRjqlqD+0Clgluov
-k230ZsMvDb39fI5Q83RH0bl8kjGVvdufYFhGOGWLMLjNuSA80zZrsuTTL1SnmpT3
-tum2JD+zR3Zlrlc39mh25qKEFQKBgQDRBdnFjmX3/dgDwaANwBWS2rhfv1RVt5hX
-qCEbfVIFzJUsq9OcFuqvHe+fAzfPzkhfQRO/v1y700j/WHT3PhtNGsOvEBvl+gzt
-hWcEbm8VxHpkL4eQOLeQgHf8rq0wD802NyKwMyQrxGDp2Tuo7GpduVyqpVb/aFnd
-qlKpGZU4owKBgQDXN/1OP2BdD8S6NeLoGAZGo7uaH6Mgj6PSFiv65r6cp1TgUgu0
-tyuAA2Jj6jlGt39UTHFc4oitX4uzdLJRhk/x1oG0pwZQVtfDHrAXO+CZ+1NYvh01
-vcTaY0IsdkGfF4uq92i2EaaahhQr2OQpExq7TkBbDaLO55e96yteRGcLkQKBgQC5
-t88Uvz9Opxblz4ZccU053Ghxelh+iNAtIk+4UxMr3+izdkBgseP3kEu2J2/RjeGz
-8OiROIA2yrZTWs8iVuZ/DcbMpy2CmzgdWqh7wXumBZsRpUF4HUzMcbkqpDFxQLj+
-8OI7WFVNJgFOBhwCLX0cpXP2k03HRXqDf7BOW1LArQKBgQCwvmbZMhkxMUIUjEgK
-3zpKICbz9FEkEYH83L6jgBDhres9QBJu5n5JldOFDC1ga/MiHYE8xiB9jEQNslbY
-ktGGiq9Jan7qytUxHnHrU0KsYuu86asHFy/iLPt/C9M1xLu6+zZgWfPWCL2WLSGN
-tH7Lvo+0B0k6quxxCo7Ak2m/Jw==
------END PRIVATE KEY-----
diff --git a/camel-ids/ssl/ca/serial.txt b/camel-ids/ssl/ca/serial.txt
deleted file mode 100644
index d73cdef37..000000000
--- a/camel-ids/ssl/ca/serial.txt
+++ /dev/null
@@ -1 +0,0 @@
-0C
diff --git a/camel-ids/ssl/ca/serial.txt.old b/camel-ids/ssl/ca/serial.txt.old
deleted file mode 100644
index eb589e9da..000000000
--- a/camel-ids/ssl/ca/serial.txt.old
+++ /dev/null
@@ -1 +0,0 @@
-0B
diff --git a/camel-ids/ssl/ca/subca.cert b/camel-ids/ssl/ca/subca.cert
deleted file mode 100644
index 136817b3b..000000000
--- a/camel-ids/ssl/ca/subca.cert
+++ /dev/null
@@ -1,90 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS Root CA 2016
-        Validity
-            Not Before: Feb 15 10:39:21 2017 GMT
-            Not After : Feb 13 10:39:21 2025 GMT
-        Subject: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:b6:b8:53:48:45:6d:8d:68:03:2d:9a:07:ba:ce:
-                    8f:31:d6:d5:1f:79:fa:ec:e9:9f:99:03:c9:2d:4e:
-                    e7:ea:18:bb:00:38:0c:6b:f3:31:aa:6a:d5:58:42:
-                    5e:a7:fa:19:58:b1:87:31:dc:8a:1e:ba:a4:9f:9b:
-                    56:7a:b4:46:b3:43:eb:47:2c:ea:f7:0f:33:ff:c8:
-                    8c:b0:da:05:8e:14:fc:6a:5b:7b:bd:09:f7:84:b2:
-                    7b:db:fb:e7:b1:7d:d2:a1:d0:0e:a6:ef:5b:37:af:
-                    0c:c1:b6:76:25:9b:42:93:e7:63:00:cf:e8:52:86:
-                    4d:ee:5f:a8:4d:57:1b:58:7c:77:05:49:cd:55:4f:
-                    23:20:eb:c2:c7:be:3d:e9:2a:8c:58:f1:52:45:be:
-                    20:40:b4:7b:d8:a9:c5:e8:88:d2:ab:a7:15:74:32:
-                    6a:81:7f:e9:00:81:69:8f:0d:3d:ad:01:48:35:1f:
-                    4a:dc:74:e5:3b:5b:f7:ca:99:54:b3:d4:ca:a9:55:
-                    70:b6:da:7a:69:ea:66:cf:23:16:3b:ea:53:2f:b1:
-                    de:9f:97:2b:7c:a6:68:21:ae:58:37:89:ef:e4:4d:
-                    ad:aa:97:50:c3:87:61:f2:48:33:fb:c0:4a:09:f4:
-                    bc:13:a6:e6:9e:7e:4b:90:2c:82:69:6a:6c:54:fc:
-                    a2:a9
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-            X509v3 Authority Key Identifier: 
-                keyid:99:BA:AE:7D:D4:BB:F5:BC:94:82:B0:32:DA:61:8D:76:A2:6C:D8:EB
-
-            X509v3 Basic Constraints: critical
-                CA:TRUE
-            X509v3 Key Usage: 
-                Digital Signature, Certificate Sign, CRL Sign
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-    Signature Algorithm: sha256WithRSAEncryption
-         37:d8:e0:90:e8:3d:fe:bc:0d:12:83:95:b4:9e:cb:3b:13:20:
-         f9:4d:a2:39:b3:cb:1f:44:2d:b5:77:13:a0:5a:3b:dd:00:75:
-         f5:a1:e7:48:e0:3a:8d:84:c3:0b:67:eb:ec:7e:d4:af:89:fb:
-         ed:2b:e1:35:7a:f3:c3:62:2c:83:34:8c:dd:a8:2d:2f:ed:90:
-         75:a7:4c:89:27:48:fa:45:44:2b:63:ea:f2:45:23:18:8e:68:
-         4b:ec:ad:fa:2c:13:f1:25:3e:0f:14:75:bb:39:0e:64:65:67:
-         35:9f:7d:16:6d:7a:1e:79:c3:41:4f:bf:98:14:f8:d1:ac:4d:
-         31:16:db:8e:c2:22:89:56:8f:e0:1b:c0:fc:95:aa:cb:7e:a8:
-         a0:9a:93:da:5f:cd:e9:1d:9a:58:d9:c8:31:8d:57:fb:5f:bd:
-         7e:bc:13:e3:e0:c7:64:65:49:28:22:88:cf:3e:f4:60:fd:53:
-         9c:0b:fc:02:bb:c8:08:6e:c7:0f:08:ef:6f:90:5b:8f:27:0c:
-         8f:d0:09:16:8e:1b:f0:42:ca:df:49:05:08:d3:0d:d3:fc:fb:
-         70:27:9e:d5:9b:98:50:6b:11:ff:ef:d8:78:13:04:2f:6d:9d:
-         70:8f:f8:cb:07:86:3f:55:56:49:c7:4b:2d:17:ce:cf:92:63:
-         ba:4c:3c:ec
------BEGIN CERTIFICATE-----
-MIID5DCCAsygAwIBAgIBATANBgkqhkiG9w0BAQsFADA9MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEZMBcGA1UEAwwQSURTIFJvb3QgQ0EgMjAxNjAe
-Fw0xNzAyMTUxMDM5MjFaFw0yNTAyMTMxMDM5MjFaMDsxCzAJBgNVBAYTAkRFMRMw
-EQYDVQQKDApGcmF1bmhvZmVyMRcwFQYDVQQDDA5JRFMgU3ViQ0EgMjAxNjCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALa4U0hFbY1oAy2aB7rOjzHW1R95
-+uzpn5kDyS1O5+oYuwA4DGvzMapq1VhCXqf6GVixhzHcih66pJ+bVnq0RrND60cs
-6vcPM//IjLDaBY4U/Gpbe70J94Sye9v757F90qHQDqbvWzevDMG2diWbQpPnYwDP
-6FKGTe5fqE1XG1h8dwVJzVVPIyDrwse+PekqjFjxUkW+IEC0e9ipxeiI0qunFXQy
-aoF/6QCBaY8NPa0BSDUfStx05Ttb98qZVLPUyqlVcLbaemnqZs8jFjvqUy+x3p+X
-K3ymaCGuWDeJ7+RNraqXUMOHYfJIM/vASgn0vBOm5p5+S5AsgmlqbFT8oqkCAwEA
-AaOB8DCB7TAdBgNVHQ4EFgQUiYuC72su5EAtzlxs93guerB7GR0wHwYDVR0jBBgw
-FoAUmbqufdS79byUgrAy2mGNdqJs2OswDwYDVR0TAQH/BAUwAwEB/zALBgNVHQ8E
-BAMCAYYwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDANBgkqhkiG9w0BAQsFAAOCAQEAN9jgkOg9/rwNEoOVtJ7LOxMg+U2iObPL
-H0QttXcToFo73QB19aHnSOA6jYTDC2fr7H7Ur4n77SvhNXrzw2IsgzSM3agtL+2Q
-dadMiSdI+kVEK2Pq8kUjGI5oS+yt+iwT8SU+DxR1uzkOZGVnNZ99Fm16HnnDQU+/
-mBT40axNMRbbjsIiiVaP4BvA/JWqy36ooJqT2l/N6R2aWNnIMY1X+1+9frwT4+DH
-ZGVJKCKIzz70YP1TnAv8ArvICG7HDwjvb5BbjycMj9AJFo4b8ELK30kFCNMN0/z7
-cCee1ZuYUGsR/+/YeBMEL22dcI/4yweGP1VWScdLLRfOz5Jjukw87A==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/ca/subca.key b/camel-ids/ssl/ca/subca.key
deleted file mode 100644
index 3b4a125ac..000000000
--- a/camel-ids/ssl/ca/subca.key
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC2uFNIRW2NaAMt
-mge6zo8x1tUfefrs6Z+ZA8ktTufqGLsAOAxr8zGqatVYQl6n+hlYsYcx3IoeuqSf
-m1Z6tEazQ+tHLOr3DzP/yIyw2gWOFPxqW3u9CfeEsnvb++exfdKh0A6m71s3rwzB
-tnYlm0KT52MAz+hShk3uX6hNVxtYfHcFSc1VTyMg68LHvj3pKoxY8VJFviBAtHvY
-qcXoiNKrpxV0MmqBf+kAgWmPDT2tAUg1H0rcdOU7W/fKmVSz1MqpVXC22npp6mbP
-IxY76lMvsd6flyt8pmghrlg3ie/kTa2ql1DDh2HySDP7wEoJ9LwTpuaefkuQLIJp
-amxU/KKpAgMBAAECggEBAJbEKRPtFaQkOtsZyV7+qXD6TwiV4dIyQxpC4XCdNwcW
-ONbJaJZ6KHTxifA1c10vJFLmySL/UohggQ2hYw4ESoIIfM5R5d7NkJ5xoIUcoJDI
-CC7KJaOp4a6Ah2rQxDDUHUSfJDfiMGYV7nS4VWxaW+kmd65n3s6ZOxyBmaGXSl0L
-kMocEQxoHXmt6nCJm7bI7fHBHrfNitRDLrb3FOS48D78xMEyeYkQ7Tuuu5vK5+y+
-4186THsZ1yMOlyskVPQ0k2SmiNfV4K14Y/wlJoFgyEJXYdV/frZMtWAerVgLk3FR
-F+PqQFVU8ONt8TnIDnTD9sGwvnFk2rgcCD1syNc+9fECgYEA5EEpxcYsweFP49U6
-dydYjenm5HmjWDBxkqYI+hSvVDmfnk9xFYyDRbea2MQbj/Xm8dWezqdyGXy4svaN
-2qXrqE7khC4YFYyrDkv3qIeHPd40/OhGeBXQSD2wXY9y793eG/W1llmW8QFIryO9
-far44M6QEToFq7kbnOfGoju6tOMCgYEAzO43a3vaA+v9LxyviXozOnfU5MnoIiKQ
-MeJUY4vTfI1Zdfqp1oChaSW8b4dUW2aXX5Dq8k5kvinAlzZFFKEALnxT9pjcfF4H
-Owaoc9P55ztCHxp6eSn/LhbCloIszFf98hGVc5gP4kYCPh4zpyNq65XMUYw4yh7N
-e0kl3wXsrAMCgYEA4wPAZRiF2UqbJ3EiVfHHDFYPMzubbxG3U3BZS0iZXH53N3+x
-bAo1YXiLxH2/H/4k9G9PJB+7xoeaNzwqt8T/zYSxmJkzkPM4Cd8acP5iTvEa6FKo
-C7U+Uysvps4ONW0IA+zr7p4qFob9YFt+kmciYoxvEwMPMszHHtYSY7ZeKpsCgYEA
-liSyVf2X7eeoyCusMH1nqx7AzB9iBCBupR291nFLsaWeNeJBLPdxSyhqtwvfslen
-8Eys1nq5NNpCUIdidYrAJ07P9YxpfnUltwlZwgM8xT2VZFRyBvPOEmZ6ius1B0Iw
-vHpFlTuD57SDUB+wmHRKkfBekiC6Otv2kK03If+lNyECgYBU7nfyrBUnym2e2QeV
-j+y/xjK+95Dfd6qNWD5JiPqiRMdH5ew3LfTB+TDbXFyxv8NZV1CgtZZaunp8qHPD
-CkLPedDGf4NGrtNkv28/mENMxFJgMyh2QnnZWHmRiNrQk0ooc6N36u/E4Aj40yDk
-jCELRQAYr8VhAddlWgvR2FbOVw==
------END PRIVATE KEY-----
diff --git a/camel-ids/ssl/cert.sh b/camel-ids/ssl/cert.sh
deleted file mode 100755
index aa8ce5e74..000000000
--- a/camel-ids/ssl/cert.sh
+++ /dev/null
@@ -1,117 +0,0 @@
-#!/bin/bash
-#
-# Copyright (C) 2013-2015 with regard to distribution / exploitation:
-# Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V.
-# 
-
-cleanup(){
-echo "Cleanup unnecessary files"
-[[ -f ${CONNECTOR_CSR} ]] && rm ${CONNECTOR_CSR}
-[[ -f ${CONNECTOR_CONFIG} ]] && rm ${CONNECTOR_CONFIG}
-[[ -f ${INDEX_FILE} ]] && rm ${INDEX_FILE}
-[[ -f ${SERIAL_FILE} ]] && rm ${SERIAL_FILE}
-[[ -f ${INDEX_FILE}.attr ]] && rm ${INDEX_FILE}.attr
-[[ -f ${INDEX_FILE}.old ]] && rm ${INDEX_FILE}.old
-[[ -f ${SERIAL_FILE}.old ]] && rm ${SERIAL_FILE}.old
-[[ -f 01.pem ]] && rm 01.pem
-}
-
-error_check(){
-if [ "$1" != "0" ]; then
-  echo "Error: $2"
-  cleanup
-  exit 1
-fi
-}
-
-assert_file_exists(){
-if [ ! -f $1 ]; then 
-  echo "Error: Missing file $1"
-  exit 1
-fi
-}
-
-assert_file_not_exists(){
-if [ -f $1 ]; then 
-  echo "Error: File $1 exists. Precautional exit"
-  exit 1
-fi
-}
-
-# signing files
-INDEX_FILE="certs/index.txt"
-SERIAL_FILE="certs/serial.txt"
-
-#CA files
-SUBCA_CONFIG="configs/openssl-subca.cnf"
-SUBCA_CERT="ca/subca.cert"
-SUBCA_KEY="ca/subca.key"
-CACHAIN_CERT="ca/cachain.cert"
-
-#CONNECTOR certificate files
-CONNECTOR_CONFIG="configs/openssl-connector.cnf"
-CONNECTOR_CONFIG_TEMPLATE="configs/openssl-connector.cnf.template"
-CONNECTOR_CSR="certs/$1.csr"
-CONNECTOR_CERT="certs/$1.cert"
-CONNECTOR_KEY="certs/$1.key"
-CONNECTOR_P12="certs/$1.p12"
-
-if [ $# -eq 1 ] ; then
-  echo "One arguments supplied, which is good"
-else
-  echo "Invalid number of arguments: $# (expected 1)"
-  echo "Usage: $0 filename"
-  exit 1
-fi
-
-cd $(dirname $0)
-echo "Check if directory is clean"
-assert_file_not_exists ${INDEX_FILE}
-assert_file_not_exists ${SERIAL_FILE}
-assert_file_not_exists ${CONNECTOR_CSR}
-assert_file_not_exists ${CONNECTOR_KEY}
-assert_file_not_exists ${CONNECTOR_CERT}
-assert_file_not_exists ${CONNECTOR_CONFIG}
-assert_file_not_exists ${CONNECTOR_P12}
-
-echo "Trying to find required files"
-assert_file_exists ${SUBCA_KEY}
-assert_file_exists ${SUBCA_CERT}
-assert_file_exists ${SUBCA_CONFIG}
-assert_file_exists ${CACHAIN_CERT}
-assert_file_exists ${CONNECTOR_CONFIG_TEMPLATE}
-echo "Successfully found requrired files"
-
-########## CONNECTOR CERT ##########
-echo "Create connector config"
-# copy template and set random values to uuid&serial
-cp ${CONNECTOR_CONFIG_TEMPLATE} ${CONNECTOR_CONFIG}
-
-# create uuid and serial
-UUID=$(cat /proc/sys/kernel/random/uuid)
-SERIAL=$(cat /dev/urandom | tr -dc '0-9' | fold -w 16 | head -n 1)
-sed -i "s/%%CONNECTOR_UUID%%/${UUID}/g" ${CONNECTOR_CONFIG}
-sed -i "s/%%CONNECTOR_SERIAL%%/${SERIAL}/g" ${CONNECTOR_CONFIG}
-
-echo "Create dummy connector CSR"
-openssl req -batch -config ${CONNECTOR_CONFIG} -newkey rsa:2048 -sha256 -nodes -out ${CONNECTOR_CSR} -outform PEM -keyout certs/$1.key
-error_check $? "Failed to create test connector CSR"
-
-echo "Sign test connector CSR with sub CA certificate"
-touch ${INDEX_FILE}
-touch ${SERIAL_FILE}
-echo '01' > ${SERIAL_FILE}
-openssl ca -batch -config ${SUBCA_CONFIG} -policy signing_policy -extensions signing_req -out ${CONNECTOR_CERT} -infiles ${CONNECTOR_CSR}
-error_check $? "Failed to sign connector CSR with CA certificate"
-
-echo "Verify newly created test connector certificate"
-openssl verify -CAfile ${CACHAIN_CERT} ${CONNECTOR_CERT}
-error_check $? "Failed to verify newly signed test certificate"
-
-echo "Create connector token with certifcate and key"
-openssl pkcs12 -export -inkey ${CONNECTOR_KEY} -in ${CONNECTOR_CERT} -out ${CONNECTOR_P12}
-
-echo "Test certificates successfully created"
-cleanup
-
-exit 0
diff --git a/camel-ids/ssl/certs/01.pem b/camel-ids/ssl/certs/01.pem
deleted file mode 100644
index a8cca8756..000000000
--- a/camel-ids/ssl/certs/01.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 1 (0x1)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 10:40:12 2017 GMT
-            Not After : Feb 15 10:40:12 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:de:1b:f0:c8:00:b2:da:14:de:2d:75:47:69:de:
-                    21:b1:0c:df:b8:3f:6b:3b:b9:a5:c1:79:b5:5e:e0:
-                    19:bc:f6:50:3c:86:bb:51:df:ce:f4:1b:39:0c:a4:
-                    d2:33:94:e3:fa:10:8c:4c:ae:19:c2:ca:64:70:24:
-                    09:d4:8c:de:85:54:10:00:7e:fc:64:ea:59:5e:fb:
-                    60:e7:62:32:20:24:0d:63:05:ac:e2:a4:89:9e:6c:
-                    39:4d:cf:ed:5b:c9:74:2f:79:5d:71:86:7d:95:0c:
-                    e6:c7:10:77:5e:c7:f8:aa:83:6b:03:73:45:ac:1d:
-                    e5:52:5c:17:72:f9:c9:04:f8:7d:51:a5:51:d4:b8:
-                    cc:69:0c:55:4f:88:0f:ff:f9:d5:2d:6d:12:66:33:
-                    ec:d0:b9:9a:74:a5:b9:b8:8c:ea:52:a8:43:79:1a:
-                    82:fc:76:13:69:74:1e:83:04:99:4a:cb:ca:74:17:
-                    1d:a9:c1:aa:b1:c1:31:82:eb:8f:83:36:2f:4d:6f:
-                    14:ae:18:da:dc:0e:47:a2:78:a2:69:2d:ad:5e:a5:
-                    5b:e8:86:10:10:57:cc:3c:6b:16:02:33:99:16:a7:
-                    92:fc:8a:de:ce:91:ba:c6:38:21:cf:9c:71:6d:5e:
-                    7a:f2:84:08:9e:26:b5:eb:e9:c0:b1:ca:36:ce:26:
-                    26:77
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                0A:76:2C:69:51:01:75:28:A4:98:A5:68:84:88:95:70:EC:0D:0E:A5
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:127.0.0.1, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19
-    Signature Algorithm: sha256WithRSAEncryption
-         5a:8f:2c:71:0e:84:38:31:68:eb:dc:7f:5f:5e:5e:ca:50:78:
-         fc:61:75:50:16:e2:1e:11:82:9f:6c:fe:7c:9b:0e:6d:bf:42:
-         79:72:79:85:0e:ce:95:21:68:ac:83:a6:62:44:14:f2:f5:06:
-         99:03:d1:f4:ba:06:fc:ca:0c:2a:8c:88:9e:b7:88:dc:df:3a:
-         a4:a5:b2:6e:2e:4f:0a:e4:23:95:a6:33:db:fa:45:e5:24:ed:
-         6f:a4:62:09:33:7c:7f:ff:67:c9:fa:cb:fc:bd:d0:38:8c:a3:
-         58:21:7b:2e:c3:92:46:c8:54:ff:31:44:04:36:b0:20:ff:3d:
-         d9:05:cb:cd:d8:4f:be:49:a1:2c:cb:50:88:1b:91:9f:f1:f3:
-         57:d9:9a:9b:d3:1f:ea:c4:15:a3:da:7b:f4:84:01:b2:b9:0b:
-         c6:1b:fc:a3:2f:01:dc:60:5b:c3:7c:9e:76:4c:2c:d4:84:0c:
-         3d:42:b4:48:f8:a3:72:34:b4:c5:40:ed:ba:7d:cc:8a:51:b9:
-         8d:76:eb:8f:01:1a:0d:11:3a:b2:4c:d1:d0:84:38:21:bc:bc:
-         eb:52:65:b2:3a:cb:7e:e2:f0:f0:79:d0:40:92:74:7f:36:f8:
-         e6:85:fb:10:bd:67:ca:b6:25:79:c9:c1:7e:72:f2:48:82:d1:
-         21:e1:90:03
------BEGIN CERTIFICATE-----
-MIIEjzCCA3egAwIBAgIBATANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTA0MDEyWhcNMTkwMjE1MTA0MDEyWjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeG/DIALLaFN4tdUdp3iGx
-DN+4P2s7uaXBebVe4Bm89lA8hrtR3870GzkMpNIzlOP6EIxMrhnCymRwJAnUjN6F
-VBAAfvxk6lle+2DnYjIgJA1jBazipImebDlNz+1byXQveV1xhn2VDObHEHdex/iq
-g2sDc0WsHeVSXBdy+ckE+H1RpVHUuMxpDFVPiA//+dUtbRJmM+zQuZp0pbm4jOpS
-qEN5GoL8dhNpdB6DBJlKy8p0Fx2pwaqxwTGC64+DNi9NbxSuGNrcDkeieKJpLa1e
-pVvohhAQV8w8axYCM5kWp5L8it7OkbrGOCHPnHFtXnryhAieJrXr6cCxyjbOJiZ3
-AgMBAAGjggFmMIIBYjAdBgNVHQ4EFgQUCnYsaVEBdSikmKVohIiVcOwNDqUwHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwWgYDVR0RBFMwUYIJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEfwAA
-AYcECgECD4cECgECEIcECgECEYcECgECEocECgECEzANBgkqhkiG9w0BAQsFAAOC
-AQEAWo8scQ6EODFo69x/X15eylB4/GF1UBbiHhGCn2z+fJsObb9CeXJ5hQ7OlSFo
-rIOmYkQU8vUGmQPR9LoG/MoMKoyInreI3N86pKWybi5PCuQjlaYz2/pF5STtb6Ri
-CTN8f/9nyfrL/L3QOIyjWCF7LsOSRshU/zFEBDawIP892QXLzdhPvkmhLMtQiBuR
-n/HzV9mam9Mf6sQVo9p79IQBsrkLxhv8oy8B3GBbw3yedkws1IQMPUK0SPijcjS0
-xUDtun3MilG5jXbrjwEaDRE6skzR0IQ4Iby861JlsjrLfuLw8HnQQJJ0fzb45oX7
-EL1nyrYlecnBfnLySILRIeGQAw==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/02.pem b/camel-ids/ssl/certs/02.pem
deleted file mode 100644
index adca2577a..000000000
--- a/camel-ids/ssl/certs/02.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 2 (0x2)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 10:40:17 2017 GMT
-            Not After : Feb 15 10:40:17 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:ce:03:d3:06:e9:43:23:56:ac:26:13:70:ad:e9:
-                    b6:ce:65:1f:1f:02:ff:06:7b:ef:d9:77:7e:b4:12:
-                    06:e5:0b:f9:50:6b:e2:d5:85:30:72:9f:b3:0c:9c:
-                    f7:ff:a7:63:34:ad:58:5d:e5:c1:ce:09:f5:41:2b:
-                    6c:fb:1c:03:9a:61:67:b8:57:54:2f:f3:f9:55:10:
-                    90:28:73:14:1b:79:d3:5d:94:ac:54:63:1a:9b:53:
-                    80:97:69:b6:f9:91:a0:bb:8c:ee:c2:8c:ea:5b:1b:
-                    bd:21:58:ef:a3:c6:c6:c6:4f:c2:1f:8d:a1:1c:79:
-                    da:93:62:82:57:bf:f9:c4:8b:9d:ed:50:e4:0e:38:
-                    6d:70:1a:16:b3:34:c4:89:93:ad:4d:13:9d:c0:b3:
-                    51:05:42:98:5b:c1:8a:a2:09:49:f3:56:51:86:91:
-                    f8:ac:9a:c4:a9:04:d6:cd:51:1d:1d:5c:d7:05:76:
-                    ce:69:1a:03:ef:e3:03:05:de:d6:c5:1e:3a:7d:47:
-                    a3:81:c9:10:58:0e:93:1c:5c:d4:ec:a2:94:6e:72:
-                    89:a1:29:79:20:1e:48:97:ec:8d:de:4e:30:b5:6f:
-                    92:c1:e6:8a:11:3b:21:57:5f:d9:4c:11:a2:62:a1:
-                    68:a0:b2:aa:31:ca:8a:30:79:40:9e:63:92:d3:0a:
-                    c7:b3
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                76:76:0E:1C:DF:D0:9C:D7:E9:08:E2:93:2A:0C:D9:DE:D3:CA:2F:FA
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:127.0.0.1, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19
-    Signature Algorithm: sha256WithRSAEncryption
-         18:fe:4a:4c:82:a8:d6:c2:9b:1f:31:6c:de:32:d9:e7:12:b1:
-         f6:b1:88:a2:b5:99:8b:59:38:a4:da:58:1b:a0:f2:fd:4c:95:
-         36:10:63:70:f5:5c:82:a5:3d:dd:dd:f4:d9:f9:35:a7:cb:8c:
-         e4:41:16:34:b8:2c:35:18:fe:74:d3:df:95:05:a4:0e:44:9f:
-         85:37:20:90:fa:53:7e:0d:c3:2e:7a:6c:a1:4d:a4:db:9c:12:
-         23:f5:49:e5:c1:95:03:11:20:e4:41:2a:3b:29:09:d9:bb:a9:
-         20:d0:20:76:51:e9:76:c0:3d:de:06:e1:86:5d:42:bd:a9:b9:
-         8e:dd:d9:23:ce:0a:8f:8c:0c:01:ed:aa:ac:63:1c:bc:27:82:
-         03:66:4f:f7:2d:d7:4a:8b:d3:e4:2c:72:a4:46:37:5c:86:a5:
-         af:74:97:00:e7:74:40:60:1d:ba:32:6d:94:f8:0e:5a:c8:bc:
-         f6:f5:9e:b7:a8:30:ca:54:d8:a3:e5:7c:3e:37:75:1f:fc:10:
-         82:47:a6:35:5b:ed:3e:cf:87:bc:2a:3a:e7:24:17:21:6c:96:
-         7a:0c:95:59:18:92:6f:2f:7d:82:ae:80:50:50:cb:0a:73:d3:
-         4e:10:9e:7a:73:ee:22:21:19:9b:f4:03:98:b9:c4:c4:f2:a3:
-         81:94:eb:0d
------BEGIN CERTIFICATE-----
-MIIEjzCCA3egAwIBAgIBAjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTA0MDE3WhcNMTkwMjE1MTA0MDE3WjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOA9MG6UMjVqwmE3Ct6bbO
-ZR8fAv8Ge+/Zd360EgblC/lQa+LVhTByn7MMnPf/p2M0rVhd5cHOCfVBK2z7HAOa
-YWe4V1Qv8/lVEJAocxQbedNdlKxUYxqbU4CXabb5kaC7jO7CjOpbG70hWO+jxsbG
-T8IfjaEcedqTYoJXv/nEi53tUOQOOG1wGhazNMSJk61NE53As1EFQphbwYqiCUnz
-VlGGkfismsSpBNbNUR0dXNcFds5pGgPv4wMF3tbFHjp9R6OByRBYDpMcXNTsopRu
-comhKXkgHkiX7I3eTjC1b5LB5ooROyFXX9lMEaJioWigsqoxyooweUCeY5LTCsez
-AgMBAAGjggFmMIIBYjAdBgNVHQ4EFgQUdnYOHN/QnNfpCOKTKgzZ3tPKL/owHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwWgYDVR0RBFMwUYIJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEfwAA
-AYcECgECD4cECgECEIcECgECEYcECgECEocECgECEzANBgkqhkiG9w0BAQsFAAOC
-AQEAGP5KTIKo1sKbHzFs3jLZ5xKx9rGIorWZi1k4pNpYG6Dy/UyVNhBjcPVcgqU9
-3d302fk1p8uM5EEWNLgsNRj+dNPflQWkDkSfhTcgkPpTfg3DLnpsoU2k25wSI/VJ
-5cGVAxEg5EEqOykJ2bupINAgdlHpdsA93gbhhl1Cvam5jt3ZI84Kj4wMAe2qrGMc
-vCeCA2ZP9y3XSovT5CxypEY3XIalr3SXAOd0QGAdujJtlPgOWsi89vWet6gwylTY
-o+V8Pjd1H/wQgkemNVvtPs+HvCo65yQXIWyWegyVWRiSby99gq6AUFDLCnPTThCe
-enPuIiEZm/QDmLnExPKjgZTrDQ==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/03.pem b/camel-ids/ssl/certs/03.pem
deleted file mode 100644
index b0b0f90af..000000000
--- a/camel-ids/ssl/certs/03.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 3 (0x3)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 10:53:39 2017 GMT
-            Not After : Feb 15 10:53:39 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:c3:f9:1c:2b:cb:b5:40:da:a1:9d:04:20:64:77:
-                    d2:f1:5a:ae:29:94:a0:6d:02:dc:92:be:c4:82:51:
-                    a4:87:98:45:41:52:ee:aa:c0:af:8d:fe:13:03:20:
-                    63:e1:18:2d:b4:83:fd:d0:56:64:84:c3:3e:41:68:
-                    85:18:30:b5:9c:29:43:67:8b:70:6b:f2:0b:ee:2a:
-                    cc:44:5b:98:7a:88:ae:cf:fc:5b:02:4d:15:57:06:
-                    63:1a:11:ab:99:81:61:e9:d5:ff:bd:04:c2:6c:ae:
-                    c4:14:6b:a0:8a:88:f9:c8:54:ab:8f:56:49:1e:95:
-                    cf:70:84:b6:b8:fb:fe:aa:f6:90:28:a0:e0:71:23:
-                    44:c3:a4:75:85:fb:c0:06:4e:cb:73:50:13:15:f6:
-                    7c:40:31:06:09:12:9d:ab:06:fa:ec:d0:6a:46:72:
-                    4f:2a:62:7b:bc:13:0d:29:d5:ce:88:27:98:25:25:
-                    5b:c0:41:57:49:b1:e3:95:e0:91:dc:8b:5f:9f:ae:
-                    34:77:e1:40:ec:92:03:d8:81:56:26:bf:f0:c1:ae:
-                    84:ba:7a:2a:0e:a5:b3:63:55:49:9c:dd:2d:2b:94:
-                    13:a8:05:ef:aa:79:5c:9e:18:d0:34:67:f8:f7:aa:
-                    79:e3:b9:83:ea:33:e7:08:94:5c:12:db:9b:bc:cc:
-                    af:63
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                18:DE:0F:BE:24:E7:24:2C:92:F6:BB:35:21:E4:08:15:47:11:8A:0D
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:127.0.0.1, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19
-    Signature Algorithm: sha256WithRSAEncryption
-         77:81:53:e3:26:5f:a1:c0:57:66:31:6b:5f:e9:80:26:a8:ae:
-         8d:4a:1a:cd:5f:75:16:a6:01:d3:ac:53:f8:67:5a:40:7f:4e:
-         3d:6a:32:a3:7e:73:58:4b:bb:d4:52:44:3b:91:f8:f6:28:3f:
-         db:85:61:ff:56:96:48:46:bd:24:58:44:c0:d1:19:fc:8a:b3:
-         b3:5e:a9:69:83:7a:b3:03:dc:79:bb:b7:58:67:92:48:ed:be:
-         d3:47:a6:c7:2c:85:56:5d:c2:88:2d:19:1a:17:29:e5:3c:9e:
-         36:63:64:6b:7f:1e:c9:16:3b:4c:0b:e5:fd:6a:aa:6e:ab:96:
-         22:75:86:2f:29:8d:93:d5:c5:ba:9f:6e:e8:10:09:2a:eb:5a:
-         19:6e:49:c1:28:43:a6:25:87:22:70:bb:fc:0e:10:e0:5f:f7:
-         ab:35:80:c6:b4:73:b6:ca:d0:68:21:5c:b7:0a:35:c4:8f:63:
-         22:2f:2b:51:24:36:24:77:80:e4:4f:a5:72:8a:2e:19:74:8e:
-         dd:c5:34:7b:85:2e:e4:f8:86:0f:73:95:d9:53:0b:be:f1:9c:
-         37:f5:59:ab:1e:1a:2b:42:df:56:46:c8:28:7b:76:af:9a:25:
-         66:1c:1b:17:b8:1c:3f:f5:93:69:bb:70:7f:81:c4:78:ce:f6:
-         83:64:cb:63
------BEGIN CERTIFICATE-----
-MIIEjzCCA3egAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTA1MzM5WhcNMTkwMjE1MTA1MzM5WjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD+Rwry7VA2qGdBCBkd9Lx
-Wq4plKBtAtySvsSCUaSHmEVBUu6qwK+N/hMDIGPhGC20g/3QVmSEwz5BaIUYMLWc
-KUNni3Br8gvuKsxEW5h6iK7P/FsCTRVXBmMaEauZgWHp1f+9BMJsrsQUa6CKiPnI
-VKuPVkkelc9whLa4+/6q9pAooOBxI0TDpHWF+8AGTstzUBMV9nxAMQYJEp2rBvrs
-0GpGck8qYnu8Ew0p1c6IJ5glJVvAQVdJseOV4JHci1+frjR34UDskgPYgVYmv/DB
-roS6eioOpbNjVUmc3S0rlBOoBe+qeVyeGNA0Z/j3qnnjuYPqM+cIlFwS25u8zK9j
-AgMBAAGjggFmMIIBYjAdBgNVHQ4EFgQUGN4PviTnJCyS9rs1IeQIFUcRig0wHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwWgYDVR0RBFMwUYIJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEfwAA
-AYcECgECD4cECgECEIcECgECEYcECgECEocECgECEzANBgkqhkiG9w0BAQsFAAOC
-AQEAd4FT4yZfocBXZjFrX+mAJqiujUoazV91FqYB06xT+GdaQH9OPWoyo35zWEu7
-1FJEO5H49ig/24Vh/1aWSEa9JFhEwNEZ/Iqzs16paYN6swPcebu3WGeSSO2+00em
-xyyFVl3CiC0ZGhcp5TyeNmNka38eyRY7TAvl/WqqbquWInWGLymNk9XFup9u6BAJ
-KutaGW5JwShDpiWHInC7/A4Q4F/3qzWAxrRztsrQaCFctwo1xI9jIi8rUSQ2JHeA
-5E+lcoouGXSO3cU0e4Uu5PiGD3OV2VMLvvGcN/VZqx4aK0LfVkbIKHt2r5olZhwb
-F7gcP/WTabtwf4HEeM72g2TLYw==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/04.pem b/camel-ids/ssl/certs/04.pem
deleted file mode 100644
index 933342149..000000000
--- a/camel-ids/ssl/certs/04.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 4 (0x4)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 10:54:01 2017 GMT
-            Not After : Feb 15 10:54:01 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:bd:10:0f:51:77:42:72:56:bf:e5:59:9b:04:20:
-                    67:54:32:1f:22:26:60:cd:24:6f:50:f2:0b:c0:ff:
-                    7b:da:00:86:7b:54:3b:ec:d6:b4:f4:54:6e:97:38:
-                    82:9f:91:2c:1d:bb:14:0a:44:53:06:28:94:be:9e:
-                    1a:cc:9d:1d:90:36:57:b3:84:07:ac:bf:4b:f2:69:
-                    6c:54:26:6a:24:af:23:06:c3:f4:ae:0d:5e:93:4f:
-                    88:1a:97:39:ab:c1:67:29:54:23:54:44:94:58:59:
-                    ba:ac:47:50:d7:9a:15:bc:d8:ff:98:51:e3:10:a7:
-                    e9:db:1f:58:8d:4a:d8:5a:53:0a:f9:ff:3e:c6:d8:
-                    07:ff:23:07:76:1c:71:11:45:f2:8a:09:f7:4a:ee:
-                    9d:88:01:8a:d5:3f:e9:6d:7e:dc:4e:a2:7e:d2:bf:
-                    69:6c:f7:2a:d9:4d:c8:f6:39:bc:1c:03:5f:4f:85:
-                    33:24:1a:db:3d:bb:07:6b:01:d2:d6:4f:f8:1c:02:
-                    5c:66:dd:b4:31:b9:3e:a6:43:6c:4f:49:ea:e5:4c:
-                    50:7b:07:10:e5:66:42:18:7e:1b:e7:96:f7:ac:f9:
-                    f9:59:ef:37:97:ef:bd:b9:ab:fa:8d:64:6a:32:6f:
-                    5c:05:96:3b:73:8e:75:6d:4e:a9:d7:c5:e0:b8:6c:
-                    6c:8b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                CD:D4:B2:D4:BD:AA:83:CA:FA:45:26:E9:7D:E7:94:2C:EB:DD:20:87
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:127.0.0.1, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19
-    Signature Algorithm: sha256WithRSAEncryption
-         04:ad:ff:ad:a0:7b:df:c2:47:d4:ae:69:0f:43:6d:be:93:e5:
-         bd:6a:1e:28:87:6e:63:08:a4:6d:59:e1:d2:79:be:84:f7:ca:
-         a5:87:b9:91:9b:4b:58:77:8d:2a:a0:32:fe:6f:1e:3e:0d:ff:
-         af:40:ba:94:7f:13:5d:8c:22:03:f5:de:13:3c:85:f1:72:59:
-         eb:03:e7:bc:95:4f:ac:29:a9:c4:ce:db:fe:38:6d:b4:7d:dc:
-         99:7c:c2:f9:f4:c3:e6:9a:cc:13:f9:15:ce:5a:4c:b1:e9:85:
-         29:32:a0:ed:2f:3d:ce:91:2e:d3:ba:7d:42:7e:74:3d:16:fc:
-         ff:4a:03:80:d6:e2:be:87:84:6b:d5:ff:1c:15:d2:45:9e:b4:
-         c8:8f:ce:ed:b6:3b:92:52:36:91:18:8d:fb:2c:d0:20:4a:ab:
-         09:32:b4:c7:98:a8:de:57:73:2b:4f:34:cf:62:ac:2f:2e:59:
-         06:13:9e:2d:42:0f:8c:c1:63:f7:44:87:ad:45:00:b7:26:95:
-         ce:80:87:96:d0:f9:69:21:cc:cd:6e:30:92:c8:76:93:a1:1a:
-         09:eb:90:87:c8:2c:23:35:cb:14:6d:7d:ae:d3:f9:50:19:db:
-         30:4e:93:ab:0e:ab:ab:fe:3c:db:39:52:34:f8:2f:87:b0:f7:
-         11:e4:9a:34
------BEGIN CERTIFICATE-----
-MIIEjzCCA3egAwIBAgIBBDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTA1NDAxWhcNMTkwMjE1MTA1NDAxWjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9EA9Rd0JyVr/lWZsEIGdU
-Mh8iJmDNJG9Q8gvA/3vaAIZ7VDvs1rT0VG6XOIKfkSwduxQKRFMGKJS+nhrMnR2Q
-NlezhAesv0vyaWxUJmokryMGw/SuDV6TT4galzmrwWcpVCNURJRYWbqsR1DXmhW8
-2P+YUeMQp+nbH1iNSthaUwr5/z7G2Af/Iwd2HHERRfKKCfdK7p2IAYrVP+ltftxO
-on7Sv2ls9yrZTcj2ObwcA19PhTMkGts9uwdrAdLWT/gcAlxm3bQxuT6mQ2xPSerl
-TFB7BxDlZkIYfhvnlves+flZ7zeX7725q/qNZGoyb1wFljtzjnVtTqnXxeC4bGyL
-AgMBAAGjggFmMIIBYjAdBgNVHQ4EFgQUzdSy1L2qg8r6RSbpfeeULOvdIIcwHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwWgYDVR0RBFMwUYIJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEfwAA
-AYcECgECD4cECgECEIcECgECEYcECgECEocECgECEzANBgkqhkiG9w0BAQsFAAOC
-AQEABK3/raB738JH1K5pD0NtvpPlvWoeKIduYwikbVnh0nm+hPfKpYe5kZtLWHeN
-KqAy/m8ePg3/r0C6lH8TXYwiA/XeEzyF8XJZ6wPnvJVPrCmpxM7b/jhttH3cmXzC
-+fTD5prME/kVzlpMsemFKTKg7S89zpEu07p9Qn50PRb8/0oDgNbivoeEa9X/HBXS
-RZ60yI/O7bY7klI2kRiN+yzQIEqrCTK0x5io3ldzK080z2KsLy5ZBhOeLUIPjMFj
-90SHrUUAtyaVzoCHltD5aSHMzW4wksh2k6EaCeuQh8gsIzXLFG19rtP5UBnbME6T
-qw6rq/482zlSNPgvh7D3EeSaNA==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/05.pem b/camel-ids/ssl/certs/05.pem
deleted file mode 100644
index 404f47169..000000000
--- a/camel-ids/ssl/certs/05.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 5 (0x5)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 10:54:09 2017 GMT
-            Not After : Feb 15 10:54:09 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:c7:37:46:b3:57:62:e3:e3:70:8a:34:7f:48:ea:
-                    f1:b6:34:c8:c7:ba:a5:ad:92:70:24:e4:2b:b2:2b:
-                    db:75:57:43:a5:e8:95:69:3b:fd:9e:b7:c1:3e:34:
-                    49:b0:3d:5e:65:6d:ec:68:b1:b3:be:41:2e:df:dc:
-                    76:05:2f:b3:2e:42:f3:e8:8b:e3:25:c7:81:10:e3:
-                    4f:44:a9:7f:ab:40:1b:a8:c8:38:63:01:16:ff:81:
-                    01:a7:ac:4e:97:13:2d:92:60:f9:a4:32:3b:fc:8a:
-                    6c:4e:e5:ec:36:38:42:32:22:39:63:38:68:85:05:
-                    51:be:54:6c:11:fd:34:f0:ae:05:be:97:70:0d:bb:
-                    4e:9b:35:c1:b0:cf:bd:d0:bf:32:32:ad:d4:ce:1e:
-                    dd:ab:69:5d:3f:69:b4:97:c1:6e:82:d8:65:65:f2:
-                    4c:ae:12:77:ba:33:7b:69:5e:0d:63:1a:fb:43:70:
-                    a0:56:24:2b:51:83:87:fe:b1:db:fc:2d:99:9f:c8:
-                    6f:46:d5:28:03:0a:c2:43:aa:32:fc:61:1a:fc:5f:
-                    1b:53:b9:b7:fd:10:d2:5d:5b:81:16:49:f0:4a:21:
-                    9e:be:67:1d:94:89:84:ff:9f:d5:81:9a:97:20:96:
-                    78:be:47:c3:c3:51:bb:fd:3e:09:ec:36:3d:6f:1b:
-                    11:61
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                9F:E7:48:2B:6E:7F:EF:52:DB:18:5F:EE:31:C9:2F:0C:D6:9F:C6:7D
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:127.0.0.1, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19
-    Signature Algorithm: sha256WithRSAEncryption
-         b3:73:00:e9:18:66:e9:57:12:e1:47:20:58:8e:ed:87:43:3b:
-         b4:fc:4c:63:0c:4e:6e:73:ce:9f:ec:6a:49:e9:2a:fe:a4:5a:
-         02:5b:ae:aa:ed:bc:0c:00:07:82:5e:09:e1:fc:23:6e:bb:b8:
-         71:7c:09:4b:ac:9b:5b:2f:6b:84:4c:45:a3:60:18:b0:69:d3:
-         fb:d6:79:c7:7a:78:34:bc:29:ec:61:fd:b3:7c:d0:7b:79:5e:
-         eb:94:cb:ec:9e:32:41:64:d5:79:3f:42:56:14:22:f8:5d:fe:
-         28:67:0c:f3:c6:b0:8f:23:db:61:6d:5a:7b:88:0f:37:b8:ec:
-         76:90:ef:88:20:00:37:c4:d9:56:34:10:56:2c:54:8a:4a:55:
-         7b:a4:e5:2d:82:84:a9:5a:fa:77:21:b9:63:9e:bc:8b:5a:f3:
-         39:bc:9f:c5:da:05:e8:e8:cb:c0:d8:63:81:8f:d4:17:ff:08:
-         8d:db:1e:0d:a0:46:03:10:f0:36:e3:ce:11:36:0f:a8:3d:7c:
-         af:3f:6c:f7:38:a0:62:a3:da:9e:ea:c2:b0:34:ac:43:8d:72:
-         97:89:21:75:fe:6b:12:68:18:2e:e5:b9:07:25:b4:55:bc:c4:
-         65:55:a4:cc:b8:d3:ba:e9:39:76:fb:43:56:3a:18:83:4a:66:
-         be:2b:f3:7f
------BEGIN CERTIFICATE-----
-MIIEjzCCA3egAwIBAgIBBTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTA1NDA5WhcNMTkwMjE1MTA1NDA5WjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHN0azV2Lj43CKNH9I6vG2
-NMjHuqWtknAk5CuyK9t1V0Ol6JVpO/2et8E+NEmwPV5lbexosbO+QS7f3HYFL7Mu
-QvPoi+Mlx4EQ409EqX+rQBuoyDhjARb/gQGnrE6XEy2SYPmkMjv8imxO5ew2OEIy
-IjljOGiFBVG+VGwR/TTwrgW+l3ANu06bNcGwz73QvzIyrdTOHt2raV0/abSXwW6C
-2GVl8kyuEne6M3tpXg1jGvtDcKBWJCtRg4f+sdv8LZmfyG9G1SgDCsJDqjL8YRr8
-XxtTubf9ENJdW4EWSfBKIZ6+Zx2UiYT/n9WBmpcglni+R8PDUbv9PgnsNj1vGxFh
-AgMBAAGjggFmMIIBYjAdBgNVHQ4EFgQUn+dIK25/71LbGF/uMckvDNafxn0wHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwWgYDVR0RBFMwUYIJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEfwAA
-AYcECgECD4cECgECEIcECgECEYcECgECEocECgECEzANBgkqhkiG9w0BAQsFAAOC
-AQEAs3MA6Rhm6VcS4UcgWI7th0M7tPxMYwxObnPOn+xqSekq/qRaAluuqu28DAAH
-gl4J4fwjbru4cXwJS6ybWy9rhExFo2AYsGnT+9Z5x3p4NLwp7GH9s3zQe3le65TL
-7J4yQWTVeT9CVhQi+F3+KGcM88awjyPbYW1ae4gPN7jsdpDviCAAN8TZVjQQVixU
-ikpVe6TlLYKEqVr6dyG5Y568i1rzObyfxdoF6OjLwNhjgY/UF/8IjdseDaBGAxDw
-NuPOETYPqD18rz9s9zigYqPanurCsDSsQ41yl4khdf5rEmgYLuW5ByW0VbzEZVWk
-zLjTuuk5dvtDVjoYg0pmvivzfw==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/06.pem b/camel-ids/ssl/certs/06.pem
deleted file mode 100644
index 23a840038..000000000
--- a/camel-ids/ssl/certs/06.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 6 (0x6)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 11:48:45 2017 GMT
-            Not After : Feb 15 11:48:45 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:da:df:c7:09:ce:93:90:3e:75:e6:2d:33:22:0a:
-                    d5:35:a6:c6:53:4f:eb:d7:bd:a5:e4:8b:13:3c:8d:
-                    a6:e8:bb:57:34:7e:41:1a:af:5d:46:14:77:f6:b3:
-                    22:91:84:4b:42:e4:7f:9d:1d:48:68:fd:dd:bd:ef:
-                    7e:4b:a5:49:7a:86:05:18:e0:f6:a3:6e:d2:cf:b3:
-                    37:4f:40:4d:71:2b:6b:79:8c:e4:7d:e6:d4:45:c6:
-                    3f:b6:f4:d2:2d:98:eb:aa:b4:e8:fd:df:78:f4:58:
-                    7d:2f:2c:74:8d:bc:6b:c1:e5:34:66:90:8c:4d:87:
-                    94:7b:b2:10:67:8a:3b:d9:33:16:1f:cc:c5:c1:17:
-                    66:9d:2d:e2:bf:21:2a:b7:ca:38:2f:e6:89:2e:cf:
-                    d7:30:50:49:73:f1:c1:e1:b9:78:26:e2:e7:35:d5:
-                    0f:8d:7b:7b:9e:ba:b9:e9:18:6e:f3:b3:6e:44:a6:
-                    42:23:54:7e:84:ca:64:a0:1f:e5:ec:57:7a:94:b1:
-                    50:13:b2:43:1f:0f:aa:dc:0f:14:0f:5e:f0:72:ff:
-                    5a:ac:22:bb:90:67:d7:c6:05:e3:3f:46:df:6e:15:
-                    31:66:6e:c6:79:fa:fe:9b:62:80:da:7e:9a:0e:63:
-                    f9:bc:64:b4:79:db:9d:ff:a0:5f:8d:4a:4f:7a:19:
-                    6e:8d
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                20:FB:F1:B6:EB:55:5D:9C:AB:BE:6E:E1:3F:B3:A9:45:16:D6:1E:2E
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:127.0.0.1, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19, IP Address:10.1.2.20, IP Address:10.1.2.21
-    Signature Algorithm: sha256WithRSAEncryption
-         19:d3:82:26:88:34:34:1c:3c:b8:5c:9b:51:c9:2a:0a:6b:be:
-         1d:e7:42:30:1e:57:1e:55:54:44:42:34:9a:0f:71:63:29:f6:
-         6a:46:a9:b7:d2:be:29:75:5f:9b:6f:d5:99:8e:36:bc:ff:0c:
-         cd:27:37:5c:4e:f5:a9:da:5d:60:f1:39:15:62:75:5a:8a:ef:
-         24:89:e2:ad:f0:b8:e2:80:59:ef:78:b7:15:77:8e:3a:21:3d:
-         64:83:71:13:9a:c0:55:da:98:a5:e0:e8:96:7b:ca:2a:12:1d:
-         fa:d8:e1:cc:8c:b6:4b:a0:0c:f1:a4:5e:be:84:a7:45:a0:f2:
-         47:73:bf:cc:3b:d8:d3:3f:3a:25:c8:11:fc:bd:ef:ca:24:10:
-         22:06:b7:b7:48:79:bf:8f:8f:d1:4b:f3:5d:ff:b1:04:e6:6c:
-         16:ec:fe:aa:01:10:b4:a2:e2:a2:a8:b1:fe:61:8c:6f:29:98:
-         7f:9a:32:65:dd:a5:1e:5c:53:b7:c6:9f:a6:c9:68:2e:73:42:
-         2e:43:7f:1b:3b:a2:e8:80:d5:9b:06:b5:38:73:b2:15:ae:6f:
-         78:bc:95:64:5f:b4:6a:ce:b5:53:e4:30:2d:b8:0e:2f:57:ae:
-         57:62:26:43:94:81:1c:73:63:57:9c:c2:29:1f:06:14:c4:fa:
-         52:3a:99:e4
------BEGIN CERTIFICATE-----
-MIIEmzCCA4OgAwIBAgIBBjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTE0ODQ1WhcNMTkwMjE1MTE0ODQ1WjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa38cJzpOQPnXmLTMiCtU1
-psZTT+vXvaXkixM8jabou1c0fkEar11GFHf2syKRhEtC5H+dHUho/d29735LpUl6
-hgUY4PajbtLPszdPQE1xK2t5jOR95tRFxj+29NItmOuqtOj933j0WH0vLHSNvGvB
-5TRmkIxNh5R7shBnijvZMxYfzMXBF2adLeK/ISq3yjgv5okuz9cwUElz8cHhuXgm
-4uc11Q+Ne3ueurnpGG7zs25EpkIjVH6EymSgH+XsV3qUsVATskMfD6rcDxQPXvBy
-/1qsIruQZ9fGBeM/Rt9uFTFmbsZ5+v6bYoDafpoOY/m8ZLR5253/oF+NSk96GW6N
-AgMBAAGjggFyMIIBbjAdBgNVHQ4EFgQUIPvxtutVXZyrvm7hP7OpRRbWHi4wHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwZgYDVR0RBF8wXYIJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEfwAA
-AYcECgECD4cECgECEIcECgECEYcECgECEocECgECE4cECgECFIcECgECFTANBgkq
-hkiG9w0BAQsFAAOCAQEAGdOCJog0NBw8uFybUckqCmu+HedCMB5XHlVUREI0mg9x
-Yyn2akapt9K+KXVfm2/VmY42vP8MzSc3XE71qdpdYPE5FWJ1WorvJInirfC44oBZ
-73i3FXeOOiE9ZINxE5rAVdqYpeDolnvKKhId+tjhzIy2S6AM8aRevoSnRaDyR3O/
-zDvY0z86JcgR/L3vyiQQIga3t0h5v4+P0UvzXf+xBOZsFuz+qgEQtKLioqix/mGM
-bymYf5oyZd2lHlxTt8afpsloLnNCLkN/Gzui6IDVmwa1OHOyFa5veLyVZF+0as61
-U+QwLbgOL1euV2ImQ5SBHHNjV5zCKR8GFMT6UjqZ5A==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/07.pem b/camel-ids/ssl/certs/07.pem
deleted file mode 100644
index f652d5e97..000000000
--- a/camel-ids/ssl/certs/07.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 7 (0x7)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 11:48:51 2017 GMT
-            Not After : Feb 15 11:48:51 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:b1:b0:1a:4c:3d:5a:37:5a:72:9b:a6:3f:4f:44:
-                    0c:54:5a:6b:03:c0:52:9b:23:9c:ce:44:86:38:98:
-                    63:ea:81:03:a9:8a:38:4c:82:6b:11:56:98:2a:36:
-                    34:84:3f:c7:cf:18:ea:3f:d9:c0:19:cc:e4:bf:c2:
-                    49:e5:08:a7:b7:f3:58:ab:f4:e8:43:83:6a:4e:84:
-                    11:4c:a1:8b:b1:09:0f:ce:1f:cb:1a:73:fa:68:b9:
-                    d0:fd:d1:ca:69:4a:55:52:41:f1:a1:70:1d:88:c0:
-                    58:9b:24:e2:5f:f6:96:eb:03:db:91:c6:27:8b:12:
-                    45:53:a3:f4:61:9c:51:ba:50:47:37:60:2b:dc:d4:
-                    18:58:57:7a:dc:16:f4:ce:ea:22:a3:48:3b:f0:a5:
-                    42:52:34:05:da:1e:5e:85:da:32:3a:44:e7:38:9b:
-                    dc:ba:24:dd:a8:05:61:db:8d:7c:79:25:34:bf:64:
-                    33:88:97:70:e8:5d:65:f2:70:c1:ad:e3:2a:0a:41:
-                    bf:f8:9f:15:7f:c4:d5:7f:f7:88:e1:92:3a:7d:34:
-                    4e:4b:ee:36:9b:5e:06:1a:07:26:3a:78:23:78:e6:
-                    5f:42:1f:e9:e3:80:02:73:a9:84:56:68:47:1a:68:
-                    97:99:f7:4d:ad:29:2b:f3:79:2d:02:58:0b:a7:2b:
-                    f9:5b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                AB:11:36:B5:A6:D9:07:02:0C:37:9D:82:A9:43:C5:19:06:76:C1:06
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:127.0.0.1, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19, IP Address:10.1.2.20, IP Address:10.1.2.21
-    Signature Algorithm: sha256WithRSAEncryption
-         62:e0:84:9a:e4:cb:93:c1:76:a2:99:88:30:5e:1d:8c:53:7c:
-         e2:19:96:c7:d8:04:cb:32:1b:a5:53:23:0e:b4:1a:2d:c3:97:
-         9c:83:53:99:c6:bb:39:5c:b4:10:22:19:90:6d:e2:fe:f4:38:
-         a1:dc:c4:08:fc:02:e1:c2:71:7a:4d:dd:a8:2a:23:7d:42:bb:
-         f6:b9:ff:96:ca:87:19:a4:7f:c8:db:3c:13:50:a3:30:d8:76:
-         12:b6:47:43:46:96:76:5e:d2:86:ed:f8:cb:c2:d9:f7:91:55:
-         3c:20:b9:d2:e1:63:c9:5c:6d:0d:5d:7d:10:95:18:fb:79:8c:
-         f5:c6:51:5a:ec:de:13:16:87:27:7a:7b:60:55:5c:4d:af:2e:
-         e3:a7:b2:88:12:96:32:8f:8c:46:50:1b:79:2e:26:cb:ad:32:
-         63:6d:a8:5b:c5:f2:92:a8:62:31:90:f9:6a:f9:d1:8c:6d:eb:
-         15:03:9d:df:e7:8b:a0:99:d9:c1:8e:ff:45:d9:3a:5f:f0:7d:
-         86:40:2e:78:7b:16:2f:29:5b:7a:b9:a4:75:a7:5b:b9:86:84:
-         9a:40:b5:fb:7b:ee:98:11:33:0a:a0:fe:26:3b:56:57:5e:a8:
-         83:9c:9c:3d:e3:da:20:fc:d4:3e:c3:cf:5d:33:77:fc:2e:8c:
-         1b:12:0a:28
------BEGIN CERTIFICATE-----
-MIIEmzCCA4OgAwIBAgIBBzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTE0ODUxWhcNMTkwMjE1MTE0ODUxWjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxsBpMPVo3WnKbpj9PRAxU
-WmsDwFKbI5zORIY4mGPqgQOpijhMgmsRVpgqNjSEP8fPGOo/2cAZzOS/wknlCKe3
-81ir9OhDg2pOhBFMoYuxCQ/OH8sac/poudD90cppSlVSQfGhcB2IwFibJOJf9pbr
-A9uRxieLEkVTo/RhnFG6UEc3YCvc1BhYV3rcFvTO6iKjSDvwpUJSNAXaHl6F2jI6
-ROc4m9y6JN2oBWHbjXx5JTS/ZDOIl3DoXWXycMGt4yoKQb/4nxV/xNV/94jhkjp9
-NE5L7jabXgYaByY6eCN45l9CH+njgAJzqYRWaEcaaJeZ902tKSvzeS0CWAunK/lb
-AgMBAAGjggFyMIIBbjAdBgNVHQ4EFgQUqxE2tabZBwIMN52CqUPFGQZ2wQYwHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwZgYDVR0RBF8wXYIJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEfwAA
-AYcECgECD4cECgECEIcECgECEYcECgECEocECgECE4cECgECFIcECgECFTANBgkq
-hkiG9w0BAQsFAAOCAQEAYuCEmuTLk8F2opmIMF4djFN84hmWx9gEyzIbpVMjDrQa
-LcOXnINTmca7OVy0ECIZkG3i/vQ4odzECPwC4cJxek3dqCojfUK79rn/lsqHGaR/
-yNs8E1CjMNh2ErZHQ0aWdl7Shu34y8LZ95FVPCC50uFjyVxtDV19EJUY+3mM9cZR
-WuzeExaHJ3p7YFVcTa8u46eyiBKWMo+MRlAbeS4my60yY22oW8XykqhiMZD5avnR
-jG3rFQOd3+eLoJnZwY7/Rdk6X/B9hkAueHsWLylbermkdadbuYaEmkC1+3vumBEz
-CqD+JjtWV16og5ycPePaIPzUPsPPXTN3/C6MGxIKKA==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/08.pem b/camel-ids/ssl/certs/08.pem
deleted file mode 100644
index c2fae1a4d..000000000
--- a/camel-ids/ssl/certs/08.pem
+++ /dev/null
@@ -1,97 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 8 (0x8)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 12:20:54 2017 GMT
-            Not After : Feb 15 12:20:54 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:ab:5e:79:16:ab:09:6c:01:82:39:85:35:68:89:
-                    5e:97:80:17:f4:ce:82:49:72:a2:c8:f0:a0:4d:29:
-                    1b:fd:fb:da:72:e0:e3:43:f6:bf:ab:a6:5c:18:a8:
-                    e0:e1:9f:6d:ae:18:ed:46:60:d1:62:71:14:a0:91:
-                    24:2c:dd:23:77:5c:6c:16:23:b5:7a:17:23:8a:04:
-                    f1:61:17:10:84:8f:9f:b0:55:1d:f5:51:6b:fb:39:
-                    e0:3b:e2:df:e4:a2:b6:88:5e:4a:62:cb:38:1f:5d:
-                    97:46:24:06:f2:57:7d:0b:fd:44:9a:a2:6c:b5:62:
-                    75:0f:09:ff:c6:50:ba:23:3f:a9:72:51:5f:b7:56:
-                    e8:de:9c:c2:a8:e3:29:60:af:83:3f:a5:e4:f6:f8:
-                    62:6f:9e:0e:ed:ab:0e:72:04:da:45:cc:60:9e:d2:
-                    f3:ea:f0:e3:8d:50:72:ef:37:6d:74:cc:8e:14:ce:
-                    25:58:35:18:50:37:56:f5:af:5c:9e:41:d0:3c:e0:
-                    64:d4:a3:e6:f9:3d:b0:1a:a8:90:94:53:9b:bf:e2:
-                    04:22:40:71:c5:ab:10:9a:16:9c:00:71:ec:9e:0f:
-                    87:ba:95:18:ba:df:de:8e:2d:5c:0a:37:ab:3f:7a:
-                    37:05:cb:05:cd:ff:8e:6e:c5:b0:db:88:58:04:c1:
-                    07:31
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                7F:87:F0:CE:E0:E9:9F:EC:D8:4F:98:EF:BE:3F:D4:30:A0:BC:80:F2
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:0.0.0.0
-    Signature Algorithm: sha256WithRSAEncryption
-         8a:30:c6:95:9d:5f:3d:e1:73:1a:94:62:0e:81:07:99:ac:bd:
-         d8:12:27:5d:29:1a:ea:5f:ab:eb:6d:1e:ae:df:38:ef:39:28:
-         f3:25:cf:3a:06:e1:01:c7:ef:e7:21:98:b6:22:22:f5:a6:c2:
-         90:4f:fb:45:17:75:f4:da:c5:2b:ca:62:4e:bc:a4:48:ed:e7:
-         d3:9e:38:3a:ca:de:90:9d:b8:fe:7d:c9:28:1a:39:96:24:b3:
-         24:78:23:3b:1d:ef:e5:4c:8f:2a:c9:b8:a5:08:c3:43:47:a6:
-         a6:1f:ab:8d:bb:07:ce:6a:77:f5:d6:65:de:78:fb:ca:ff:36:
-         80:09:2f:63:19:65:6a:b7:39:2e:f8:7f:6c:4a:79:31:9d:d6:
-         e4:b7:05:07:3f:72:82:70:76:51:8b:ec:8b:98:5f:38:ed:30:
-         ad:8f:a0:b5:17:99:92:fc:1a:5b:e6:c6:b2:f7:d9:f3:71:8a:
-         e5:b5:ba:47:64:00:15:f8:88:90:04:ff:13:ae:08:6c:0c:a6:
-         e8:61:e6:32:4c:4b:d1:d8:50:92:a0:65:a7:f6:da:d2:35:7e:
-         c9:52:ba:2a:79:c7:4a:18:1a:80:fc:90:c2:f4:95:d3:ca:1f:
-         68:36:26:da:08:81:06:74:80:68:24:23:d8:24:55:44:d6:5f:
-         a3:b3:30:b8
------BEGIN CERTIFICATE-----
-MIIEcTCCA1mgAwIBAgIBCDANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTIyMDU0WhcNMTkwMjE1MTIyMDU0WjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrXnkWqwlsAYI5hTVoiV6X
-gBf0zoJJcqLI8KBNKRv9+9py4OND9r+rplwYqODhn22uGO1GYNFicRSgkSQs3SN3
-XGwWI7V6FyOKBPFhFxCEj5+wVR31UWv7OeA74t/koraIXkpiyzgfXZdGJAbyV30L
-/USaomy1YnUPCf/GULojP6lyUV+3VujenMKo4ylgr4M/peT2+GJvng7tqw5yBNpF
-zGCe0vPq8OONUHLvN210zI4UziVYNRhQN1b1r1yeQdA84GTUo+b5PbAaqJCUU5u/
-4gQiQHHFqxCaFpwAceyeD4e6lRi6396OLVwKN6s/ejcFywXN/45uxbDbiFgEwQcx
-AgMBAAGjggFIMIIBRDAdBgNVHQ4EFgQUf4fwzuDpn+zYT5jvvj/UMKC8gPIwHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwPAYDVR0RBDUwM4IJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEAAAA
-ADANBgkqhkiG9w0BAQsFAAOCAQEAijDGlZ1fPeFzGpRiDoEHmay92BInXSka6l+r
-620ert847zko8yXPOgbhAcfv5yGYtiIi9abCkE/7RRd19NrFK8piTrykSO3n0544
-OsrekJ24/n3JKBo5liSzJHgjOx3v5UyPKsm4pQjDQ0emph+rjbsHzmp39dZl3nj7
-yv82gAkvYxllarc5Lvh/bEp5MZ3W5LcFBz9ygnB2UYvsi5hfOO0wrY+gtReZkvwa
-W+bGsvfZ83GK5bW6R2QAFfiIkAT/E64IbAym6GHmMkxL0dhQkqBlp/ba0jV+yVK6
-KnnHShgagPyQwvSV08ofaDYm2giBBnSAaCQj2CRVRNZfo7MwuA==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/09.pem b/camel-ids/ssl/certs/09.pem
deleted file mode 100644
index ea53d184b..000000000
--- a/camel-ids/ssl/certs/09.pem
+++ /dev/null
@@ -1,97 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 9 (0x9)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 12:21:04 2017 GMT
-            Not After : Feb 15 12:21:04 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:cd:0a:c5:5d:d9:ec:cd:c4:88:f9:b3:54:23:b1:
-                    35:17:f0:46:54:a2:23:1e:ce:62:23:a6:e2:cb:f6:
-                    82:f6:a1:25:36:5d:af:fc:59:4c:fb:ba:a4:7b:1f:
-                    e9:14:55:cb:d3:76:6c:97:b3:4b:54:d5:9f:7b:b8:
-                    10:34:e2:01:00:ba:05:87:c3:a3:42:f7:9a:1c:03:
-                    cf:5f:35:0f:2c:89:91:f7:c9:8c:e9:9a:c4:2c:0b:
-                    2f:40:c8:8e:13:39:80:ed:37:e7:fa:13:b8:f3:dc:
-                    60:58:61:7e:ff:cf:41:0d:7e:0a:c4:0c:04:73:37:
-                    fc:33:2c:84:91:27:d2:81:c5:63:45:94:00:67:26:
-                    6f:b8:d8:22:0d:83:b2:4b:55:0a:83:8a:e0:a1:1d:
-                    80:bb:76:6c:57:b8:ce:0c:ef:a5:a8:69:76:08:25:
-                    13:a1:63:c1:03:3e:39:71:70:fd:c9:f2:e8:97:a2:
-                    e5:6c:c5:18:f4:45:6a:33:25:db:98:56:71:68:e9:
-                    a7:7b:99:a2:a3:8e:46:8c:68:5e:bd:6c:c2:e4:0a:
-                    66:49:db:af:07:57:ab:57:af:17:1f:f7:a3:11:01:
-                    9b:37:f1:ad:75:29:a4:5c:13:67:74:21:2e:90:a3:
-                    63:ad:1b:4e:71:e5:29:40:53:1e:b8:31:ea:c9:14:
-                    96:4d
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                B1:5B:E0:F3:B0:3C:39:C8:35:57:EF:B2:1A:4B:40:96:7A:40:5C:82
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:0.0.0.0
-    Signature Algorithm: sha256WithRSAEncryption
-         7a:c2:05:14:14:5b:c3:a9:a5:4f:d0:63:be:bd:e8:a4:b5:d3:
-         bc:f6:ed:b1:74:6e:5c:b1:80:3a:03:0c:69:1e:a7:57:17:c8:
-         33:ab:62:e7:e5:39:8f:78:f0:2a:c7:72:f1:57:25:6d:2a:29:
-         d7:a4:14:67:7f:55:db:c3:99:8c:13:8e:29:33:65:80:9d:2c:
-         e8:d4:63:76:6b:91:da:50:2d:0c:a2:97:b8:03:80:32:3d:9b:
-         ce:31:ba:d9:7a:b9:c5:e3:53:dd:15:54:c6:84:9d:1c:e5:87:
-         06:94:2d:bc:97:e5:8f:a9:d6:66:5f:55:5c:84:0d:3e:ea:f1:
-         36:ff:92:f4:4e:68:3d:bf:3c:07:53:96:38:6f:30:b0:29:47:
-         0d:59:b8:e4:f0:74:b0:60:a9:9c:b4:fd:6e:17:0d:47:b3:de:
-         f2:c7:2a:a2:c8:66:c9:8b:96:da:4b:c6:b2:fd:72:09:1c:f4:
-         51:7d:2c:9e:de:f4:d5:73:d3:6c:f4:98:02:a9:05:a8:4a:b5:
-         31:dd:3a:b6:db:a2:41:5d:0d:94:3d:8e:b6:f7:91:cb:66:02:
-         e3:fa:c7:05:e0:02:33:b1:f6:dd:c8:ce:14:0b:9f:8d:0c:67:
-         76:a0:93:9e:8e:b1:bb:f9:00:b3:2f:e0:26:02:47:2c:88:e4:
-         54:ff:3b:f9
------BEGIN CERTIFICATE-----
-MIIEcTCCA1mgAwIBAgIBCTANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTIyMTA0WhcNMTkwMjE1MTIyMTA0WjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNCsVd2ezNxIj5s1QjsTUX
-8EZUoiMezmIjpuLL9oL2oSU2Xa/8WUz7uqR7H+kUVcvTdmyXs0tU1Z97uBA04gEA
-ugWHw6NC95ocA89fNQ8siZH3yYzpmsQsCy9AyI4TOYDtN+f6E7jz3GBYYX7/z0EN
-fgrEDARzN/wzLISRJ9KBxWNFlABnJm+42CINg7JLVQqDiuChHYC7dmxXuM4M76Wo
-aXYIJROhY8EDPjlxcP3J8uiXouVsxRj0RWozJduYVnFo6ad7maKjjkaMaF69bMLk
-CmZJ268HV6tXrxcf96MRAZs38a11KaRcE2d0IS6Qo2OtG05x5SlAUx64MerJFJZN
-AgMBAAGjggFIMIIBRDAdBgNVHQ4EFgQUsVvg87A8Ocg1V++yGktAlnpAXIIwHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwPAYDVR0RBDUwM4IJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEAAAA
-ADANBgkqhkiG9w0BAQsFAAOCAQEAesIFFBRbw6mlT9Bjvr3opLXTvPbtsXRuXLGA
-OgMMaR6nVxfIM6ti5+U5j3jwKsdy8VclbSop16QUZ39V28OZjBOOKTNlgJ0s6NRj
-dmuR2lAtDKKXuAOAMj2bzjG62Xq5xeNT3RVUxoSdHOWHBpQtvJflj6nWZl9VXIQN
-PurxNv+S9E5oPb88B1OWOG8wsClHDVm45PB0sGCpnLT9bhcNR7Pe8scqoshmyYuW
-2kvGsv1yCRz0UX0snt701XPTbPSYAqkFqEq1Md06ttuiQV0NlD2OtveRy2YC4/rH
-BeACM7H23cjOFAufjQxndqCTno6xu/kAsy/gJgJHLIjkVP87+Q==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/0A.pem b/camel-ids/ssl/certs/0A.pem
deleted file mode 100644
index 8e5e59f82..000000000
--- a/camel-ids/ssl/certs/0A.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 10 (0xa)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 12:33:10 2017 GMT
-            Not After : Feb 15 12:33:10 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:c1:46:79:a9:fc:24:16:92:7f:b1:76:fa:93:3d:
-                    56:49:a1:3f:db:08:66:b1:3d:c5:ad:6a:4a:45:eb:
-                    f1:5f:e7:2d:9a:96:1b:2f:05:97:57:27:dd:2d:ee:
-                    5d:8c:ac:be:9b:f0:2e:26:5f:18:21:22:b5:41:f3:
-                    a6:65:8b:6e:84:93:df:ef:e4:2d:a8:cd:d5:ff:55:
-                    3c:1f:9d:2c:77:43:3f:b4:c8:4c:18:25:5b:39:9f:
-                    b1:e9:95:9a:d6:5a:a7:07:60:d6:8b:cd:17:6b:86:
-                    98:67:86:45:49:df:f5:ea:29:7e:76:e3:82:bf:e0:
-                    27:29:c8:cc:82:22:ba:8e:6d:73:b1:8b:03:d5:2a:
-                    19:69:c5:97:7b:d6:cc:fc:90:bf:0f:2e:4f:ec:ab:
-                    26:0e:01:c6:f5:f2:54:54:4e:74:54:34:bc:de:14:
-                    5d:2d:d4:00:a1:dc:88:84:d8:40:0b:1a:17:cb:7b:
-                    22:8a:ad:3d:ac:9b:0d:64:7d:51:64:12:50:76:db:
-                    bf:6a:44:87:b5:33:08:28:c4:8f:88:24:b1:c2:a9:
-                    ba:e7:58:e7:cd:99:c0:c3:05:1c:4a:31:fc:73:df:
-                    71:41:ae:09:e8:6a:31:69:29:7b:ac:fe:48:fc:6a:
-                    0a:f0:6c:dc:8e:24:10:6b:48:a5:a3:af:ee:43:d1:
-                    8e:ad
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                22:85:57:AC:8D:C9:E7:50:66:B8:BA:FF:FB:BC:15:78:34:52:F2:8C
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:0.0.0.0, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19, IP Address:10.1.2.20, IP Address:10.1.2.21, IP Address:10.1.2.22
-    Signature Algorithm: sha256WithRSAEncryption
-         52:f7:94:16:44:2a:c2:e3:ef:b4:91:93:61:19:d2:f3:46:b8:
-         8f:5e:89:1c:37:d5:f0:8d:3b:eb:30:47:c2:d9:a5:fd:c1:48:
-         17:b9:1e:8a:d3:a7:2d:06:43:e5:39:42:32:9c:f1:a9:47:f1:
-         24:7b:da:af:ae:97:e3:bb:8c:98:b0:33:87:f3:3b:43:22:99:
-         f5:42:b6:1f:62:03:e7:16:f6:61:ba:d6:b7:0a:28:3d:19:6e:
-         d7:dc:c8:7e:f2:0b:97:46:1a:d8:95:71:8d:da:22:45:d6:89:
-         e8:4b:e6:9d:cb:5f:92:80:26:a3:a9:6c:fc:7c:80:fe:e3:ed:
-         8c:f6:9d:77:4d:06:34:69:95:95:bd:fe:f0:5e:57:8e:ee:85:
-         65:57:d7:c9:18:77:9c:58:c3:e4:eb:a4:07:11:f0:41:61:af:
-         4c:40:24:d3:03:01:89:85:59:09:60:76:ec:ae:e2:53:cf:8f:
-         be:a9:0f:c5:99:a5:3a:3a:df:73:22:49:f5:d9:da:43:48:a8:
-         d5:38:95:77:00:3c:1e:2d:86:de:94:b0:00:e8:31:84:2a:8c:
-         03:e4:c9:f1:b0:4f:42:9c:08:f1:a6:17:18:35:0d:18:0d:a9:
-         a7:1b:81:41:3a:b4:2d:f3:ef:0f:4c:4e:48:a7:f6:6f:94:f3:
-         d6:e7:ae:1a
------BEGIN CERTIFICATE-----
-MIIEoTCCA4mgAwIBAgIBCjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTIzMzEwWhcNMTkwMjE1MTIzMzEwWjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBRnmp/CQWkn+xdvqTPVZJ
-oT/bCGaxPcWtakpF6/Ff5y2alhsvBZdXJ90t7l2MrL6b8C4mXxghIrVB86Zli26E
-k9/v5C2ozdX/VTwfnSx3Qz+0yEwYJVs5n7HplZrWWqcHYNaLzRdrhphnhkVJ3/Xq
-KX5244K/4CcpyMyCIrqObXOxiwPVKhlpxZd71sz8kL8PLk/sqyYOAcb18lRUTnRU
-NLzeFF0t1ACh3IiE2EALGhfLeyKKrT2smw1kfVFkElB2279qRIe1MwgoxI+IJLHC
-qbrnWOfNmcDDBRxKMfxz33FBrgnoajFpKXus/kj8agrwbNyOJBBrSKWjr+5D0Y6t
-AgMBAAGjggF4MIIBdDAdBgNVHQ4EFgQUIoVXrI3J51BmuLr/+7wVeDRS8owwHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwbAYDVR0RBGUwY4IJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEAAAA
-AIcECgECD4cECgECEIcECgECEYcECgECEocECgECE4cECgECFIcECgECFYcECgEC
-FjANBgkqhkiG9w0BAQsFAAOCAQEAUveUFkQqwuPvtJGTYRnS80a4j16JHDfV8I07
-6zBHwtml/cFIF7keitOnLQZD5TlCMpzxqUfxJHvar66X47uMmLAzh/M7QyKZ9UK2
-H2ID5xb2YbrWtwooPRlu19zIfvILl0Ya2JVxjdoiRdaJ6EvmnctfkoAmo6ls/HyA
-/uPtjPadd00GNGmVlb3+8F5Xju6FZVfXyRh3nFjD5OukBxHwQWGvTEAk0wMBiYVZ
-CWB27K7iU8+PvqkPxZmlOjrfcyJJ9dnaQ0io1TiVdwA8Hi2G3pSwAOgxhCqMA+TJ
-8bBPQpwI8aYXGDUNGA2ppxuBQTq0LfPvD0xOSKf2b5Tz1ueuGg==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/0B.pem b/camel-ids/ssl/certs/0B.pem
deleted file mode 100644
index 592c2115c..000000000
--- a/camel-ids/ssl/certs/0B.pem
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 11 (0xb)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 12:33:19 2017 GMT
-            Not After : Feb 15 12:33:19 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:af:7a:37:24:3f:d1:60:a2:b1:d5:f2:3c:97:4a:
-                    9a:4f:c4:05:07:f9:ac:60:52:37:41:76:9d:56:ee:
-                    e0:b5:e3:87:2b:21:f5:65:8e:d7:db:8e:38:95:5a:
-                    5a:18:df:6f:56:b4:f3:77:5b:e2:dc:6a:be:fe:3b:
-                    4f:17:d3:c9:f1:44:7e:68:5d:a6:5a:f8:ff:de:1e:
-                    22:60:3a:73:9b:e7:c2:14:42:1b:72:57:9e:f7:83:
-                    e8:a2:ef:6b:85:5e:57:de:64:0a:ed:2d:f7:b0:1f:
-                    45:f3:4d:25:61:1e:e1:40:4f:a5:31:8a:a7:9a:fa:
-                    5b:44:d6:dc:29:95:e6:94:64:42:82:a7:af:15:61:
-                    0d:dc:7e:64:90:35:ef:7d:4c:ba:ed:d4:a7:55:68:
-                    61:80:e4:ae:14:ee:e6:a3:08:3f:0a:90:d5:06:a0:
-                    cf:10:13:b5:fe:09:5b:fc:e7:59:ce:6a:d0:25:79:
-                    64:6c:14:5f:5d:8f:6f:58:b0:86:bb:29:86:f9:eb:
-                    86:80:d7:6e:46:96:b0:61:60:71:a6:00:35:bd:89:
-                    b4:58:e4:49:94:69:a2:06:36:c7:c9:b5:ac:da:62:
-                    51:21:98:c2:56:53:b2:50:62:af:83:4d:62:9b:c6:
-                    50:27:16:d9:30:8f:b8:39:d2:13:cd:e7:04:cf:9b:
-                    5b:63
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                B1:09:6F:20:2F:F3:A9:2E:F0:93:63:C9:40:12:18:33:99:A6:05:6E
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:0.0.0.0, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19, IP Address:10.1.2.20, IP Address:10.1.2.21, IP Address:10.1.2.22
-    Signature Algorithm: sha256WithRSAEncryption
-         68:b4:77:f9:27:59:44:34:e2:f4:ef:d1:72:59:4e:6e:1b:23:
-         60:41:f7:c6:32:38:13:94:98:48:ac:f0:f9:d5:f2:dc:54:ad:
-         5e:b0:de:ad:85:20:b3:86:f5:d2:7c:b1:85:2e:db:f0:fb:88:
-         b8:37:71:d0:f3:be:1b:73:e0:b0:9b:e0:b7:6c:46:e7:9a:fd:
-         a6:ca:07:f1:05:d7:7f:6a:d2:6b:46:e5:52:ad:06:7b:39:6d:
-         a8:a1:f9:d8:f0:7b:4f:3b:96:12:1f:41:fd:38:e7:a2:fd:29:
-         8e:d4:66:4a:0e:24:8f:60:d3:0a:3f:55:5f:a8:98:3d:85:bd:
-         9e:bb:d3:33:a0:26:99:2c:22:eb:77:d4:e1:e0:fc:81:a6:1f:
-         39:be:96:72:ad:c1:72:c5:61:e7:8d:30:de:c8:09:41:c0:a7:
-         67:ca:12:05:b3:45:a0:23:b5:bb:ad:41:f6:86:7e:dd:b5:be:
-         cc:6f:65:69:e0:ba:39:6d:bd:27:63:9a:eb:7a:9a:1b:91:a3:
-         8d:fb:6e:9c:64:eb:08:46:a6:7e:b3:97:93:f9:aa:91:9a:a5:
-         53:90:92:44:e0:67:c7:e7:f0:7f:6c:d0:59:e7:bf:21:91:13:
-         e7:b4:6b:ae:d4:84:33:2a:e4:df:76:1a:56:96:29:26:f7:a8:
-         6d:ef:55:93
------BEGIN CERTIFICATE-----
-MIIEoTCCA4mgAwIBAgIBCzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTIzMzE5WhcNMTkwMjE1MTIzMzE5WjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvejckP9FgorHV8jyXSppP
-xAUH+axgUjdBdp1W7uC144crIfVljtfbjjiVWloY329WtPN3W+Lcar7+O08X08nx
-RH5oXaZa+P/eHiJgOnOb58IUQhtyV573g+ii72uFXlfeZArtLfewH0XzTSVhHuFA
-T6Uxiqea+ltE1twpleaUZEKCp68VYQ3cfmSQNe99TLrt1KdVaGGA5K4U7uajCD8K
-kNUGoM8QE7X+CVv851nOatAleWRsFF9dj29YsIa7KYb564aA125GlrBhYHGmADW9
-ibRY5EmUaaIGNsfJtazaYlEhmMJWU7JQYq+DTWKbxlAnFtkwj7g50hPN5wTPm1tj
-AgMBAAGjggF4MIIBdDAdBgNVHQ4EFgQUsQlvIC/zqS7wk2PJQBIYM5mmBW4wHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwbAYDVR0RBGUwY4IJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEAAAA
-AIcECgECD4cECgECEIcECgECEYcECgECEocECgECE4cECgECFIcECgECFYcECgEC
-FjANBgkqhkiG9w0BAQsFAAOCAQEAaLR3+SdZRDTi9O/RcllObhsjYEH3xjI4E5SY
-SKzw+dXy3FStXrDerYUgs4b10nyxhS7b8PuIuDdx0PO+G3PgsJvgt2xG55r9psoH
-8QXXf2rSa0blUq0GezltqKH52PB7TzuWEh9B/Tjnov0pjtRmSg4kj2DTCj9VX6iY
-PYW9nrvTM6AmmSwi63fU4eD8gaYfOb6Wcq3BcsVh540w3sgJQcCnZ8oSBbNFoCO1
-u61B9oZ+3bW+zG9laeC6OW29J2Oa63qaG5GjjftunGTrCEamfrOXk/mqkZqlU5CS
-ROBnx+fwf2zQWee/IZET57RrrtSEMyrk33YaVpYpJveobe9Vkw==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/client.cert b/camel-ids/ssl/certs/client.cert
deleted file mode 100644
index 8e5e59f82..000000000
--- a/camel-ids/ssl/certs/client.cert
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 10 (0xa)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 12:33:10 2017 GMT
-            Not After : Feb 15 12:33:10 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:c1:46:79:a9:fc:24:16:92:7f:b1:76:fa:93:3d:
-                    56:49:a1:3f:db:08:66:b1:3d:c5:ad:6a:4a:45:eb:
-                    f1:5f:e7:2d:9a:96:1b:2f:05:97:57:27:dd:2d:ee:
-                    5d:8c:ac:be:9b:f0:2e:26:5f:18:21:22:b5:41:f3:
-                    a6:65:8b:6e:84:93:df:ef:e4:2d:a8:cd:d5:ff:55:
-                    3c:1f:9d:2c:77:43:3f:b4:c8:4c:18:25:5b:39:9f:
-                    b1:e9:95:9a:d6:5a:a7:07:60:d6:8b:cd:17:6b:86:
-                    98:67:86:45:49:df:f5:ea:29:7e:76:e3:82:bf:e0:
-                    27:29:c8:cc:82:22:ba:8e:6d:73:b1:8b:03:d5:2a:
-                    19:69:c5:97:7b:d6:cc:fc:90:bf:0f:2e:4f:ec:ab:
-                    26:0e:01:c6:f5:f2:54:54:4e:74:54:34:bc:de:14:
-                    5d:2d:d4:00:a1:dc:88:84:d8:40:0b:1a:17:cb:7b:
-                    22:8a:ad:3d:ac:9b:0d:64:7d:51:64:12:50:76:db:
-                    bf:6a:44:87:b5:33:08:28:c4:8f:88:24:b1:c2:a9:
-                    ba:e7:58:e7:cd:99:c0:c3:05:1c:4a:31:fc:73:df:
-                    71:41:ae:09:e8:6a:31:69:29:7b:ac:fe:48:fc:6a:
-                    0a:f0:6c:dc:8e:24:10:6b:48:a5:a3:af:ee:43:d1:
-                    8e:ad
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                22:85:57:AC:8D:C9:E7:50:66:B8:BA:FF:FB:BC:15:78:34:52:F2:8C
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:0.0.0.0, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19, IP Address:10.1.2.20, IP Address:10.1.2.21, IP Address:10.1.2.22
-    Signature Algorithm: sha256WithRSAEncryption
-         52:f7:94:16:44:2a:c2:e3:ef:b4:91:93:61:19:d2:f3:46:b8:
-         8f:5e:89:1c:37:d5:f0:8d:3b:eb:30:47:c2:d9:a5:fd:c1:48:
-         17:b9:1e:8a:d3:a7:2d:06:43:e5:39:42:32:9c:f1:a9:47:f1:
-         24:7b:da:af:ae:97:e3:bb:8c:98:b0:33:87:f3:3b:43:22:99:
-         f5:42:b6:1f:62:03:e7:16:f6:61:ba:d6:b7:0a:28:3d:19:6e:
-         d7:dc:c8:7e:f2:0b:97:46:1a:d8:95:71:8d:da:22:45:d6:89:
-         e8:4b:e6:9d:cb:5f:92:80:26:a3:a9:6c:fc:7c:80:fe:e3:ed:
-         8c:f6:9d:77:4d:06:34:69:95:95:bd:fe:f0:5e:57:8e:ee:85:
-         65:57:d7:c9:18:77:9c:58:c3:e4:eb:a4:07:11:f0:41:61:af:
-         4c:40:24:d3:03:01:89:85:59:09:60:76:ec:ae:e2:53:cf:8f:
-         be:a9:0f:c5:99:a5:3a:3a:df:73:22:49:f5:d9:da:43:48:a8:
-         d5:38:95:77:00:3c:1e:2d:86:de:94:b0:00:e8:31:84:2a:8c:
-         03:e4:c9:f1:b0:4f:42:9c:08:f1:a6:17:18:35:0d:18:0d:a9:
-         a7:1b:81:41:3a:b4:2d:f3:ef:0f:4c:4e:48:a7:f6:6f:94:f3:
-         d6:e7:ae:1a
------BEGIN CERTIFICATE-----
-MIIEoTCCA4mgAwIBAgIBCjANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTIzMzEwWhcNMTkwMjE1MTIzMzEwWjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBRnmp/CQWkn+xdvqTPVZJ
-oT/bCGaxPcWtakpF6/Ff5y2alhsvBZdXJ90t7l2MrL6b8C4mXxghIrVB86Zli26E
-k9/v5C2ozdX/VTwfnSx3Qz+0yEwYJVs5n7HplZrWWqcHYNaLzRdrhphnhkVJ3/Xq
-KX5244K/4CcpyMyCIrqObXOxiwPVKhlpxZd71sz8kL8PLk/sqyYOAcb18lRUTnRU
-NLzeFF0t1ACh3IiE2EALGhfLeyKKrT2smw1kfVFkElB2279qRIe1MwgoxI+IJLHC
-qbrnWOfNmcDDBRxKMfxz33FBrgnoajFpKXus/kj8agrwbNyOJBBrSKWjr+5D0Y6t
-AgMBAAGjggF4MIIBdDAdBgNVHQ4EFgQUIoVXrI3J51BmuLr/+7wVeDRS8owwHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwbAYDVR0RBGUwY4IJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEAAAA
-AIcECgECD4cECgECEIcECgECEYcECgECEocECgECE4cECgECFIcECgECFYcECgEC
-FjANBgkqhkiG9w0BAQsFAAOCAQEAUveUFkQqwuPvtJGTYRnS80a4j16JHDfV8I07
-6zBHwtml/cFIF7keitOnLQZD5TlCMpzxqUfxJHvar66X47uMmLAzh/M7QyKZ9UK2
-H2ID5xb2YbrWtwooPRlu19zIfvILl0Ya2JVxjdoiRdaJ6EvmnctfkoAmo6ls/HyA
-/uPtjPadd00GNGmVlb3+8F5Xju6FZVfXyRh3nFjD5OukBxHwQWGvTEAk0wMBiYVZ
-CWB27K7iU8+PvqkPxZmlOjrfcyJJ9dnaQ0io1TiVdwA8Hi2G3pSwAOgxhCqMA+TJ
-8bBPQpwI8aYXGDUNGA2ppxuBQTq0LfPvD0xOSKf2b5Tz1ueuGg==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/client.key b/camel-ids/ssl/certs/client.key
deleted file mode 100644
index 999e51f1b..000000000
--- a/camel-ids/ssl/certs/client.key
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDBRnmp/CQWkn+x
-dvqTPVZJoT/bCGaxPcWtakpF6/Ff5y2alhsvBZdXJ90t7l2MrL6b8C4mXxghIrVB
-86Zli26Ek9/v5C2ozdX/VTwfnSx3Qz+0yEwYJVs5n7HplZrWWqcHYNaLzRdrhphn
-hkVJ3/XqKX5244K/4CcpyMyCIrqObXOxiwPVKhlpxZd71sz8kL8PLk/sqyYOAcb1
-8lRUTnRUNLzeFF0t1ACh3IiE2EALGhfLeyKKrT2smw1kfVFkElB2279qRIe1Mwgo
-xI+IJLHCqbrnWOfNmcDDBRxKMfxz33FBrgnoajFpKXus/kj8agrwbNyOJBBrSKWj
-r+5D0Y6tAgMBAAECggEBAKRADz79b3HbWDdpxHMCymTSa2DqF9OCio7gaHRZmgyF
-e0UHUdy5JK9FynqxOsFFQMtm5uFnKStnwqBkvsFHKEn1HXdR89ej7bwLJIg9Wz+T
-X/1zxu8yN/+Vjm3S3P5TleT4T/wI9GFFxhkci5/He8ZfMwE4QbJsfPvOkLX7a42D
-S37iaUjsmoCRz76awkOov0wZCnJqEQATXVFgTB2jOc7052j9eY+tk8/H6ayQndTh
-vj6qcS5Y1Rd8qaWPkbE77HSPGz32Di9fN/jZ8TIGVjg7RunmlnOP0IX0YFuYflni
-K6eEzEemtcnR3FOx9XB/fZmaUXV7BNGJKxriF1Fg6YECgYEA/PISxaMOgq5YSrlY
-O4Vif00sgdOHLPINCqEz015aWAI7XkqeDhsHWu5rnXZtDjhlkGK5MdQ/dkT01ECn
-p/bg1ZqGKaw7Bzbo4w6eQhOUm2I+5pUcL6APILt+DbHQGNzR/yf791XaMVoN1/uQ
-TM493W2K+9BGbLvLU7iUFSANWk0CgYEAw5vxrkPg0jDxepgAnKkd2C+7dVMaqdCh
-0EycNRBzWjqoVjJ5A39omTE71zrF9F22n9U7H0Q9JEi9Pd5j6EsTVBw7VLKNxOHS
-/T7zBQUSvHQS96KSZVlUrj4je36pSBJTxz8mbHotpc9DxBA8JkzdDJmjyeE5Y1Ud
-KxGgUT0QdeECgYAhGolMZk+i2LBjbyhV+dnvMSlvAEEDp9X/GyPOON34AKrGZ1uS
-GwV2aBebbwFMyCK6p8D2/YEkuFeWY7PNbqj0K5n9YDYFdrE57hLWMPvU7iGvSbp7
-nSX9sawInMnQRy4Qh6oZL5oztUZ0is7SzncYQJrc4+AjoNw2Y8S1kxFMTQKBgHI9
-ajmvdObtJKrHiVv1PPPcdKvBvEm/CjH//B7Vm7jvlw64bYqIZ4tIgL1jmubrsFPK
-kbvh+59sR/GRJ2IsLn6p+lCt8zQv+yxiDkY5P0cGt2ke7kb4lAcrTUe7opvv8DPm
-gsdJ180FrnscTDTGITdRp6Gowv5rYByeL7YiZrGhAoGBAOkPVp0AXX6y6HO8TmIm
-BAAyZ/w5mLoY2qzUou10Q5Na2ulX1uDcp4TvIDQA4Y0s7x5Yyo2tC74PA0LJg2qw
-gM8vpDTXc9tk/42H/AYG4C3N9bseq9SfXayMT0bL/OkMWniImU+ZyZVZNhRHeQkl
-PIZaz4luZ2d9LjtsZxMtbckD
------END PRIVATE KEY-----
diff --git a/camel-ids/ssl/certs/client.p12 b/camel-ids/ssl/certs/client.p12
deleted file mode 100644
index 55ffc0f968c070d482c100612448b3d7e9d3a23b..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2789
zcmY+^cQhM}8U}EQ*kaVES*a0fM$nqI#VWB%ZB?U1<+EF(q-Kr!ti~3lMC{Spq|}a4
zyVas0Ma5R7pSu0dx%Yne{_&pooaZ^``SS-uGp+&w)G#z-1ucVQykYza7(fRoK{H}N
zXvVDHaXJi5gZQVSEkV;L|Be)a0IJ_l=AQ-t6QE`M_X0D37RCaiU#{3|GMwd^1On-)
zqR})|nL1U0mt4WJGJ_AvyjQH$D%ZtD56S)QF&eohhdMHwPx0D3y%hIWUur8uS7Y}8
z0##@)y|kV2=G=J4*Ox|b?9UddbJSv|BZ-T-kYQADf2fjNxALxQgxEsW4W-xZuPY!T
z%_3UxI$QIZ*E4lOCX~z{XIPIRI|uRdPmsENUOjDHp?M_@GJnaLhOy!;+dyE=<%v<o
zzH39y%|OA8;Hs{^SWFtLw07LqR=SP->S>{!11ACqCAhPFh+kZJocku6X94z}C@TZD
z<NelOotg8Z1D`Xa+P=E6bN&1qta%+mwmfVqlu^yZbZu27<$WbQwRCf)R#hzV5b}r5
zf2{mzGl~x_4r>u^>mSip=uysg%Zs+Q_-hN}XGrRml}-7@nDyw|%bW9#n>gFAN*5A3
zS-15IqiQ&3Fo#|c<QIiNV>4&RvR#ZbLWD@694A3pQEc5q0i{kJZQ@4I{CHFWV_J-4
zWagJ}H}`ba221J50%v?CiHMZup@n_cu3_}9mT_4&CGozz(x66gKZg_Wki<6T$I;C{
zRRr#P2vPn_5^go&qu6OrRkD^P6R(rIAsK0k)4lkDx=ZUGe27*`Wsvb5;>OeK3Djok
z*4>{bXd<}>lw$9thn%-9?UCPWxd1#(S7t9MT;LbwEM~dXF^wz<42M$n)N6MJy4hM$
z-$8P9C??90I#UbO1BZolxxWHA6=m{_x1hbiF^@gi)%#Y|#CkLd3O`rEEb~W&pXSA-
zx>k&4Zyki%#x7JY3k4sMl+1=s^9n*bVR9K&_m$sj)w<}xuLRJ!&423cK@}2-<y|$3
z>#o~f0Z`Z8*5<ZG{HCC02?fde>Lbq&R3s%;>P{+ziBB?-MeITzW;3cygU)`v{`%om
zub->}(wWRKB@k%RIoI)AD^x9-zMRtScpgulC$nDvOiIxgg;g6+nWu7zeJ-=iVLSv}
z$4RXT)*;P0?YZd-UvvZ1y(?xUWg<B4_R_}FyfYMmRQJ}Z7>(T)n^yfIHGjdekY&^}
zf2!@894C1dhaJ7SR0|!>w_2lK+S%?MAq*OXJCxf^Qt!OC)x9P0qEKD=W~;4{z=tt*
z@R3QVXF!TsGecf0IgMLhV>_P<e-t$X9C+w&#ohSP&R^3(4;skHa@gL&q-DMTZ9I_3
z)4%>}k2MkMvLOx#8t551Z$<FA$6Dq^)%vo-ii*cto~-dXG06w&&qdA+ikDq_mY>)R
zB2&$5%LPWPvBDu&Q%<|}4xVw<|19v+(h3*f!D6)PjO7nfyv-(&NJe>#;$ssj)rb!(
zXDW}IXQCmzZ>fHSU|pLD3#&(#4`%PRK^uaP{y?p#S>bJIf8>76ZQ94NuyuC%`sZCN
zrSUJ>si-vr&kaLwcnb$?EN)%az-Xt0NP~gjeeC!!kx9?Z%#LzeoWCf*c8x%@?k7zJ
zqvrBGQ*w@7F}uQiTk__tv!5i9txe<4Qcsx7p*pd(WsYk5l?TZJLUZ5&VSO+5Xt<Ht
z<uy~Rd9DepUb6b0B9|H1qg2E_sApFZ`f&cj&l)MB3ywItFnl$US*X0Ve%Qg@prCk5
zx5|faVA&#;sx3|XAels}O6tyiI`sffsh4kRq`Wr_VBv6?Buz_;b=pZCoiJ9#?H-Dq
zw)~3MOG%ov_F?Ozav~<j5o@fmw7mV&{OnyvTqYL3!PNdAFn?1D2cc<Xf5(!)4@%4Q
zA3hlYz!EfQ2Zjc1{hzATf2-Pz#rtusZ+ZN!DhLf4a?9$sY=1!--IFT1hzs_)oZ!EP
z*{G25MUE&NH+A0OMyIcJfI}0DiY+YysP2;n$|;Gqk)u-w)ne*Jko3yTC+ZQJD7P^o
z>+v4unlmOor7PeQ@puoGgV~yA4JgNswecqZ7tE+F{9w%Uo~GPfuo41qL-1Q@zBaYK
zhM`-ImE>*^%?j+MOZI`9uD}V~aX9f@aYcg4{rem%%S@tQ=yT%sntolXy>TzBO3U6o
zDj_l|JWt{D<D4d;I<Nnv_h1*SN-jp|mfn5%9)HV4XEz+Ks@^((qUOZsnSglp=<4b#
z*0=IkKn{R$6Ysu81Yu-+Ne;C;;>qux5I<65y^kZY4}6R6W1JWftT?J_2uRqRVj4{h
z;td4`j$lgb`5*ht=rFrJ5Nee3)s*ya3OCa*&9V-gcoZRlx*bv$6nr-?j1CW0bj^D(
zVW)2Gd9vZm+_;eyG`8e-byW%)K@giWw6n{N6f}5sdmj-BAdQJUXe6JG=6+Y(t$Js1
zciwOLTH|2YU^Hm<Q0Eg@Ftfilc*aTf=#qYz-;SsGN(O5f`|<aL29H7NTs$8ra<8+#
z&uin!K{mFC>aVuo5UzLQ5yBUV#<+Ak{o4wc?S_MqNYwMw0MUJkmXt^cEcN+%>zL-^
z=AQuPo>eh-w86tS@Oz7qb(w<Z&7we4%+~1eH4{`R)*m;lT#OH;{iJ9-m0Ye-UOFRa
zvuEDC+?TBr^w#8LO1)wPYrf*vKC6+c;&~jldT!B}P_~^uDqa6`)}&<cwT_W;hTJfq
zvaUR=Lf~M=9Gvf2dXKK(#{L|@HJc(}*0o%+vq2~sDms<|Iz3%H+n+EcgEQqZ6(ac^
z0Ybb-Z178FJ}_H^Ug{P6A40ZYeb`i<EwIH`bm)G+gBuqS>qf}?jxEMd;Qa^>wb`DW
z9YRLNruW2?*<|=xn4T-Iv_B4$0x$FwDnoZ}Stf~Yyv+RNu$~iRMb_EAruy>+5p((t
zCc`XlUZEG4j?;C>mI<0(l8Js!>6Cn<ruJj>tR2oJv+z<_DPR-H(J@e9#&1QiES=0O
zW=kKo9vMFmE$|&Y_D*c*b6}R}rc)U|aWDE#@5vqO;cM<kFAHyLn~ox@Cv!G0z)1bG
zZLn??^%b)IvHm;z!(f#ZBGv^fHY@M~*K=7!<Y+t5Jmw<X^?mZf(Q2LrjpL&~Zh8w|
zX$w59`EyHzE3K?FLh}@l)x38dw+_E7>Vu`D32upV(><R@9yesWw4K$eOg1$*SO=-<
z50P!n#Uu7tQf_g8A`YHeZDb@B*W16?Nl(t1s4E(K+akU3#>=L*xLsn=&D$Z(Z6xMP
z8c*f+XTv<7qWD~%K2~~o`80daJKB=XZ%FT?cNBU(wsCzH%*Iy)&R3CBypwmvw(gL{
zAdV1496pcHOGI*U401;$8*gqbUC-NYZ}OGD`T^lMC&B2B#u>Inee<#+A)dyKM|*em
z3JnP<2HY)r=0zLR6TI6UlfmF@Vq?G7=AVJ{>2pJ^WGImJQ;s7I=~%w&c$r28=FP~I
z%xQx;B*xQg!l1616~MlqHOTFd5UxaZSN3YVoS~>8&M7UaZQ?8)2fyZA_MxBU0WwJ0
z6DxW%W;Rh?3?}kl9T~Xfxj~%U?30bfL=grhS!1HXD_Ux_jpbFCJnSlrftE&!g&N35
oLj~fT&~PHj-3>V}Bf(ZDV)02I!XY<6^dAkR#i{CB4E|Q~UpAaL^8f$<

diff --git a/camel-ids/ssl/certs/server.cert b/camel-ids/ssl/certs/server.cert
deleted file mode 100644
index 592c2115c..000000000
--- a/camel-ids/ssl/certs/server.cert
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 11 (0xb)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 12:33:19 2017 GMT
-            Not After : Feb 15 12:33:19 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:af:7a:37:24:3f:d1:60:a2:b1:d5:f2:3c:97:4a:
-                    9a:4f:c4:05:07:f9:ac:60:52:37:41:76:9d:56:ee:
-                    e0:b5:e3:87:2b:21:f5:65:8e:d7:db:8e:38:95:5a:
-                    5a:18:df:6f:56:b4:f3:77:5b:e2:dc:6a:be:fe:3b:
-                    4f:17:d3:c9:f1:44:7e:68:5d:a6:5a:f8:ff:de:1e:
-                    22:60:3a:73:9b:e7:c2:14:42:1b:72:57:9e:f7:83:
-                    e8:a2:ef:6b:85:5e:57:de:64:0a:ed:2d:f7:b0:1f:
-                    45:f3:4d:25:61:1e:e1:40:4f:a5:31:8a:a7:9a:fa:
-                    5b:44:d6:dc:29:95:e6:94:64:42:82:a7:af:15:61:
-                    0d:dc:7e:64:90:35:ef:7d:4c:ba:ed:d4:a7:55:68:
-                    61:80:e4:ae:14:ee:e6:a3:08:3f:0a:90:d5:06:a0:
-                    cf:10:13:b5:fe:09:5b:fc:e7:59:ce:6a:d0:25:79:
-                    64:6c:14:5f:5d:8f:6f:58:b0:86:bb:29:86:f9:eb:
-                    86:80:d7:6e:46:96:b0:61:60:71:a6:00:35:bd:89:
-                    b4:58:e4:49:94:69:a2:06:36:c7:c9:b5:ac:da:62:
-                    51:21:98:c2:56:53:b2:50:62:af:83:4d:62:9b:c6:
-                    50:27:16:d9:30:8f:b8:39:d2:13:cd:e7:04:cf:9b:
-                    5b:63
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                B1:09:6F:20:2F:F3:A9:2E:F0:93:63:C9:40:12:18:33:99:A6:05:6E
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:0.0.0.0, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19, IP Address:10.1.2.20, IP Address:10.1.2.21, IP Address:10.1.2.22
-    Signature Algorithm: sha256WithRSAEncryption
-         68:b4:77:f9:27:59:44:34:e2:f4:ef:d1:72:59:4e:6e:1b:23:
-         60:41:f7:c6:32:38:13:94:98:48:ac:f0:f9:d5:f2:dc:54:ad:
-         5e:b0:de:ad:85:20:b3:86:f5:d2:7c:b1:85:2e:db:f0:fb:88:
-         b8:37:71:d0:f3:be:1b:73:e0:b0:9b:e0:b7:6c:46:e7:9a:fd:
-         a6:ca:07:f1:05:d7:7f:6a:d2:6b:46:e5:52:ad:06:7b:39:6d:
-         a8:a1:f9:d8:f0:7b:4f:3b:96:12:1f:41:fd:38:e7:a2:fd:29:
-         8e:d4:66:4a:0e:24:8f:60:d3:0a:3f:55:5f:a8:98:3d:85:bd:
-         9e:bb:d3:33:a0:26:99:2c:22:eb:77:d4:e1:e0:fc:81:a6:1f:
-         39:be:96:72:ad:c1:72:c5:61:e7:8d:30:de:c8:09:41:c0:a7:
-         67:ca:12:05:b3:45:a0:23:b5:bb:ad:41:f6:86:7e:dd:b5:be:
-         cc:6f:65:69:e0:ba:39:6d:bd:27:63:9a:eb:7a:9a:1b:91:a3:
-         8d:fb:6e:9c:64:eb:08:46:a6:7e:b3:97:93:f9:aa:91:9a:a5:
-         53:90:92:44:e0:67:c7:e7:f0:7f:6c:d0:59:e7:bf:21:91:13:
-         e7:b4:6b:ae:d4:84:33:2a:e4:df:76:1a:56:96:29:26:f7:a8:
-         6d:ef:55:93
------BEGIN CERTIFICATE-----
-MIIEoTCCA4mgAwIBAgIBCzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTIzMzE5WhcNMTkwMjE1MTIzMzE5WjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvejckP9FgorHV8jyXSppP
-xAUH+axgUjdBdp1W7uC144crIfVljtfbjjiVWloY329WtPN3W+Lcar7+O08X08nx
-RH5oXaZa+P/eHiJgOnOb58IUQhtyV573g+ii72uFXlfeZArtLfewH0XzTSVhHuFA
-T6Uxiqea+ltE1twpleaUZEKCp68VYQ3cfmSQNe99TLrt1KdVaGGA5K4U7uajCD8K
-kNUGoM8QE7X+CVv851nOatAleWRsFF9dj29YsIa7KYb564aA125GlrBhYHGmADW9
-ibRY5EmUaaIGNsfJtazaYlEhmMJWU7JQYq+DTWKbxlAnFtkwj7g50hPN5wTPm1tj
-AgMBAAGjggF4MIIBdDAdBgNVHQ4EFgQUsQlvIC/zqS7wk2PJQBIYM5mmBW4wHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwbAYDVR0RBGUwY4IJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEAAAA
-AIcECgECD4cECgECEIcECgECEYcECgECEocECgECE4cECgECFIcECgECFYcECgEC
-FjANBgkqhkiG9w0BAQsFAAOCAQEAaLR3+SdZRDTi9O/RcllObhsjYEH3xjI4E5SY
-SKzw+dXy3FStXrDerYUgs4b10nyxhS7b8PuIuDdx0PO+G3PgsJvgt2xG55r9psoH
-8QXXf2rSa0blUq0GezltqKH52PB7TzuWEh9B/Tjnov0pjtRmSg4kj2DTCj9VX6iY
-PYW9nrvTM6AmmSwi63fU4eD8gaYfOb6Wcq3BcsVh540w3sgJQcCnZ8oSBbNFoCO1
-u61B9oZ+3bW+zG9laeC6OW29J2Oa63qaG5GjjftunGTrCEamfrOXk/mqkZqlU5CS
-ROBnx+fwf2zQWee/IZET57RrrtSEMyrk33YaVpYpJveobe9Vkw==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/server.key b/camel-ids/ssl/certs/server.key
deleted file mode 100644
index 82f13b3b4..000000000
--- a/camel-ids/ssl/certs/server.key
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCvejckP9FgorHV
-8jyXSppPxAUH+axgUjdBdp1W7uC144crIfVljtfbjjiVWloY329WtPN3W+Lcar7+
-O08X08nxRH5oXaZa+P/eHiJgOnOb58IUQhtyV573g+ii72uFXlfeZArtLfewH0Xz
-TSVhHuFAT6Uxiqea+ltE1twpleaUZEKCp68VYQ3cfmSQNe99TLrt1KdVaGGA5K4U
-7uajCD8KkNUGoM8QE7X+CVv851nOatAleWRsFF9dj29YsIa7KYb564aA125GlrBh
-YHGmADW9ibRY5EmUaaIGNsfJtazaYlEhmMJWU7JQYq+DTWKbxlAnFtkwj7g50hPN
-5wTPm1tjAgMBAAECggEAPO4O34NZTFixrzwhVdcNpczGgnJrLDbgANcS4vCnDgEn
-Gg78insC8LV9aD6rMh/DJTRHpZY+O5LFJrmpSPi9Eg1aZxq9fLEhBxsnjIo/Qk9C
-0I3zwcwy4nbm/Ext5S1RDWNnd9uSOZFiVIzhAcwbIp2FGqKud92ee1SvtbDbE4L5
-UKtiI4Gqiv29YPCQ2B3Q5LbH6ReeZCmbA6/lkJprgur00qdzbm9idRJ1EUtcUQMC
-hMzqPzkSyjT2peskeXQ04d78BNxG9Ut09N9kUFQvF54hOMPorDF0Pc2zeB4ibec2
-5csSbca7Ajnx00M+o1BJJMYrem91sjwrfU36zfUdgQKBgQDda5VHkwVYtlIac72B
-BjEcR2UDS3DO+uswujYkwWFiY3DHTpOEOf1OGREJkuEG1kyGYWZgdVhAhYi4057l
-y0LelpSRJiYJkDNOKcxVUmR6691ytXd2Qz24AEfOHK2ZEHz+w4QAOINknIB841Og
-kT9+nYZhimHqXXR9Dx2KQGl1sQKBgQDK4dR/uzG+0QgPoJDkFdW5h/mw6Pzu3S7S
-qH4QfUJJoCrmu0ntfKSAxhcfTEaFDI40zGfN9puEut6b8BoEPlOqExuVU/CS/7Wp
-ZunpHuijyB6LcwnPq8adwg2PdR/l7yL2Jyj12xyogAir4krTM7aDLpV1ngvIiCa3
-LExhRUMjUwKBgDzZ4zW/bvm5aYkBg/QgmoCWEmm8Yu1PQjGrC1RAnR3oDEeKDbqK
-IVZER01lQ1iYroFD5VnfBfj9edyptAKdQOxhX8UgQdXg/midzh0ovpqVlc9/law3
-wI9/7Dv137OwN1ngq7dP0LRm2lz4MLRxFo0ah6Lo4A4Dzw7Lh6fGGfWRAoGAJi6m
-PXvPeugAKmC/pA1v8cDjfyX6JEJAQ6kuQJAyX4TjThVFboqcsxeU1nEWfIfGY61s
-g9i7oBlDN/nSC6ZnPIToFgx8JE43tDAIKbWFdv18siXuXMUpVhtlTfBvFmkRHV51
-WP/pvtSJzT+DcYgz+zBTNJWQBieJkcOmhE/yuL0CgYAdQMVz8QnfzC4WM4npxjbU
-j6T8f86aTcmBFT7aKw6Vek9yj9DoJ0kyj3TreL2ds+G1zbpcetSlRzWGbe9zWmfB
-U2yB45m731TNuIMXhJaCmYKbbc7FWYu6gJwXCPF16KcS4p8ytWkUeKATsntjHCOP
-PI6dk3w5TIdCJG7JfYkYSg==
------END PRIVATE KEY-----
diff --git a/camel-ids/ssl/certs/server.p12 b/camel-ids/ssl/certs/server.p12
deleted file mode 100644
index 2dfde3054ee0e6dc2e6ed44b9c6431542eedd3ac..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2789
zcmY+^cT^IL8U}C#T$ElH+H?=xIM6H=H83bk?KAf%HQX}?mJ`deoG9+ky-ibcgd=j5
zQn@S5MBJ%lYHrfLzH{!q-@Sjl=RN0n&Uya)!3mHVAR7oyfK+gBE5u>qc6r!1*$N4e
zEHD9*{yR>A6WA~PQ*jg$*w6irG=Xe@-%t6Uh7Ep(1M=^M<7^yoUND!^F{}JFv>g!$
z<N`z!*a4Qrr}3sqI&5NXtvq>E(Y>&|p2ciB?zQ>kLlz|TYm88&&H0;aExH;95JHsd
z+%LbmAbSmL^$m2Hk?(HNS^KivjuA9l{ihdYpxJ-s063{GzM-bsvyTrX9Nc>4N32Z|
z3-+?oh!{j5w`$9sGXkg)Eb%7o9akZrO=HhRgV=T_##?DFZ!c73oPbs02fs9ILdS__
zZyR;_!rUwPB}~S$3rN+%!y0*^d&g{d?)WaqjiEGbU0-#3*zk1{ba}fwTdVJtlca_p
zUVd)_59}AK-loY(mpM<(M+_1UzW?Oz%5&^LX7F=(^TBGTAS&ljuMSeKB?MXgM*VSV
z>|T{JL+x&$p0>;r@60%F2osTjR5%0coni7GGSlV<HZNk;R<U@w!^FZ662l4il3#Nk
z!>n7He+H`$*C^iiyV7Hu0%^#08xmdhXzlCR19-fK+<0Pepa|5HLw{L*_vM)BxdWxl
zKeg|Q$Hb|-&MomOie$}xLyh9jbWs>qGuHNeU-{cWJ0y{Cd++M>Mzb96%ALI<Q+(wT
zYow5Qa_QqH4zpzJB{fMe^{YpA44fy)n}$V9D!NY+KuOr-Ml^H3vuoqa>O<Q^%jdE^
zqH;T5z_dO)8wviOY>F{f&X<!z7pIMl&Tk4EYUjE|?CV)$Sx{l;e(EgFx7TRG;`zkU
zNg4?*o(~%IqU{OkAUb~}7_JM)Qd}JBH1^7xHI)7UhDZ+)d{QG54u{)xsfvb;FNORC
zZRK+OFO~F?XH)5BUqDOP<I3v`o_vxo5YEH(5r<c$1u1nawL1?YZzrD$IacIp66_q=
z-2pDUIkx8jdFD;mJ;*Nq`MQ3Kz^=dj@=N#we(pT}F#Ve$&9?59OgecSC$MT|d2ne(
zSZ4FA+E`Jh$C>nEbJ==JV=a#xOXMLvB{d;_^&o}pe0UT=U$9ibaDS+^ck(K3fD^SB
z%I2P=$4D8K^}ugwov0YieUrf$q;12urh>LtLd6T7u2XZYduY`W<r|f5m9O3tEG^A(
z9LzZO&xw`?KD;T6Xd%MT)YYU&<TLLEldvc~F+uZesl4gqPgdu{mf9Du@j_TE0f+wO
z64}bU&uaFgLI=rh!io{3J?%GdPdtdT$bGUIBtzYO6ccPguMc>l<)(WBzt0OFtBX9*
zk{M(3qpg8HYoGhM)8mwebi*u55$6FJTcA^F{=m2Pv^hMKubSBjjZQ+c#t~ziaQ`l?
zPLm;DI9>l_abCjd^SAD!hK}BAHs{1WLRNASo|9@a0mkj_@{ieLt{*=#h_E5s=v$G$
zR-{r&^vsRX`PKJ`Qc%G|O##3<-@9D93as`#EkZ=EiqaJ&xTjVp)@|#26gDJ^UB81W
z4|HX4lXG(~8^NNS94*z;m`i~kn^M*)+UfR^<1Q_J!wd7qoqihPNhrNUOF^U<YGCv_
zvV{ee-ra>`Mgj*zHv)K_2aPwt_syF15_&yc!z*UnrhKwEXYB68OyY5Mma3nWcjp|n
zPI0)g`i;m&1U~LZmx&8pBD#ns=U3}%u2Kk{Q-m7J1!Q#(9|l`XKH6^42oXbzdmuIj
zeI7xTyQd<&_w`TTY81+w4iBuGS_lH+gLThw^(i#zIGP|zpTo?`UWPOAX&uE>ydmSK
z_V!iz&drdzkNVKEiLWFlgf0!!uD#b;x4hiMS$xm_H<*V11Lki^)xiXImEW<#?~~;?
z_8&eWY`{VScnwYful%2?pubhU)w7!4y-cJ1ttyxR?n`LKjabCF#C=q-C#m78fNdXC
z5R`)X?E27O4Ot}8-A^zj+>X5D8?*tRc#QA8@@BY<(ioWsxn3M$?(JV&CB}Ys+(D}f
zlf!)V>;{HX_&7JLTf$27jEmi+qnM8(Ez~OqwfY9gB95{OMt+{8;|Z8}+M0<-2uL#-
zhkDJk#S@+)N`6~nf@t=cB2s{<L5=g}eC?fnOC-$BBwQh@pu`7I(u~Y?@SRXM?!v9;
zj{oYhx+hBKOavIjKly<iRP||*b+&*~7wZ#9cQ3U%x?UT0R=V}hY-8gVtFPsc7qqJx
z)5+G_J6M^!d4dh<z%8B(wNI{*@4oZeTxU(*rL?t5qS>hf0j^^^x+SikD)%dHhK~Wx
z64f=Rxz}$5qa-|IO?A3T=mqzD1!NzVJA8hVWJI>|>ec3X!3nhpLCa-rNqwkJGg`@M
z+YKld9VAK#+*DdSVH7CVZhTb=6K@N%o*Zp$xZUhvkI&ON<>|gmG`84!?<6U#0V4^a
zYwXQ$g{xULdd|MB$@#co=cFR9Y?b~f65xM-P2glzfEjzDD#aL<Z%oQ=KmX0Y!-jvN
zX_rV3QXP69Q#V5c6gGV5mkg`!v246x%9OsfAnz8hd5KbsINP+657j7rLrg%{q{ru;
zTnYm>6{O_{xZLjel<(}kfXI;hIg#<pz`5<k!;)U{{;^i3<%PiVn0L@l$mYv&_Y2b~
zdJnQxd06`B3+e!L&eV1DURp_H71q_{%*i4||Bx==EJZrLo3Ziza(yk+r~P8u%Xxa#
zq(zx|22}*`K6+BAbK(0K98<Ch8!(eD+78VT?ovh1XRIUow0jE*BD)OyY;98J6mQ@&
zMr-;YlvK}O&U(3BN4R0pY5k#MvfZ3@PBpeN>t#LL@UoB2%x9PyS5V95qj}bZpkJov
z^0`<yuabQ{aZhTKp@Xm7uKm$t;cHj#Hy}D?sv#~#cn%tz=5d&N6}RY!H#xT5s{2h_
zmgP`-9e8@fYXU#}F>31*Ydb*&@91SRA%M0XL|J!k#A76Wc3lu^g6`AYZ$~-R2IL6c
z!Cu?Lu#e2AdBz75+nrnq9TSR-;Kvewf@DH`50Xpb9cs#40$27fT!FkV)#(9EG^SC+
zRstp3`eW?kdITeSvl1Epqo3z5B(lR^0}VpnISnR0wLhJe+Bh!|WwtKw%tIHCW-Tzg
z8w>QG+|*?N?e>$7H0RtY*Qu=R(iHAzMh|LNfy?JZ%y+9=qE$L#yAD>@btp$NBjTUN
zswFP7zd0d0<7&`VR4*w|_d<(E@H(8H7$V4%T}hxce=KKGUQPvTQInS5tTdvYs^c}R
zOEkM1edNOB5vIL1^z9-ByLhoW!Jn$SOkdQ#pKnC1&P24NK4lH-k8g<*qO?xFu2V5+
z$`rJQkL~akFvJ8j#|?7>6gt)y98ByQ(pzeNjb$f5F9(RkmB6mPp}sI@bl}JnDeYa!
z9ayX{Q;Ocni$cPNf}4($I!b|2v6apL;@<_MmaCH4@;-c)3j~z=@qdVj<pT_epH56p
z7*N&ZRYp%J<Rh6R3-_bpkttGbEQiOyHIZvD9r?q-3=P@9kQzRo;p(LWZ-30kVTBK~
zIF-X>2{jqG)PHs4hN=mJg~INvg~iz%o^EeVsWXd)ql1nzp2OAP5^!z~c12zg@Dw`$
nEOZfioNPSZDKyzzr14-cxYh*Cu?ObzipY%8@ySW}TgkrwizrF3

diff --git a/camel-ids/ssl/certs/test.cert b/camel-ids/ssl/certs/test.cert
deleted file mode 100644
index b0b0f90af..000000000
--- a/camel-ids/ssl/certs/test.cert
+++ /dev/null
@@ -1,98 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 3 (0x3)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS SubCA 2016
-        Validity
-            Not Before: Feb 15 10:53:39 2017 GMT
-            Not After : Feb 15 10:53:39 2019 GMT
-        Subject: C=DE, ST=Bayern, L=Muenchen, O=Fraunhofer, OU=AISEC, CN=AISEC IDS Client
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:c3:f9:1c:2b:cb:b5:40:da:a1:9d:04:20:64:77:
-                    d2:f1:5a:ae:29:94:a0:6d:02:dc:92:be:c4:82:51:
-                    a4:87:98:45:41:52:ee:aa:c0:af:8d:fe:13:03:20:
-                    63:e1:18:2d:b4:83:fd:d0:56:64:84:c3:3e:41:68:
-                    85:18:30:b5:9c:29:43:67:8b:70:6b:f2:0b:ee:2a:
-                    cc:44:5b:98:7a:88:ae:cf:fc:5b:02:4d:15:57:06:
-                    63:1a:11:ab:99:81:61:e9:d5:ff:bd:04:c2:6c:ae:
-                    c4:14:6b:a0:8a:88:f9:c8:54:ab:8f:56:49:1e:95:
-                    cf:70:84:b6:b8:fb:fe:aa:f6:90:28:a0:e0:71:23:
-                    44:c3:a4:75:85:fb:c0:06:4e:cb:73:50:13:15:f6:
-                    7c:40:31:06:09:12:9d:ab:06:fa:ec:d0:6a:46:72:
-                    4f:2a:62:7b:bc:13:0d:29:d5:ce:88:27:98:25:25:
-                    5b:c0:41:57:49:b1:e3:95:e0:91:dc:8b:5f:9f:ae:
-                    34:77:e1:40:ec:92:03:d8:81:56:26:bf:f0:c1:ae:
-                    84:ba:7a:2a:0e:a5:b3:63:55:49:9c:dd:2d:2b:94:
-                    13:a8:05:ef:aa:79:5c:9e:18:d0:34:67:f8:f7:aa:
-                    79:e3:b9:83:ea:33:e7:08:94:5c:12:db:9b:bc:cc:
-                    af:63
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                18:DE:0F:BE:24:E7:24:2C:92:F6:BB:35:21:E4:08:15:47:11:8A:0D
-            X509v3 Authority Key Identifier: 
-                keyid:89:8B:82:EF:6B:2E:E4:40:2D:CE:5C:6C:F7:78:2E:7A:B0:7B:19:1D
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:localhost, DNS:idsconnector.aisec.fraunhofer.de, IP Address:127.0.0.1, IP Address:10.1.2.15, IP Address:10.1.2.16, IP Address:10.1.2.17, IP Address:10.1.2.18, IP Address:10.1.2.19
-    Signature Algorithm: sha256WithRSAEncryption
-         77:81:53:e3:26:5f:a1:c0:57:66:31:6b:5f:e9:80:26:a8:ae:
-         8d:4a:1a:cd:5f:75:16:a6:01:d3:ac:53:f8:67:5a:40:7f:4e:
-         3d:6a:32:a3:7e:73:58:4b:bb:d4:52:44:3b:91:f8:f6:28:3f:
-         db:85:61:ff:56:96:48:46:bd:24:58:44:c0:d1:19:fc:8a:b3:
-         b3:5e:a9:69:83:7a:b3:03:dc:79:bb:b7:58:67:92:48:ed:be:
-         d3:47:a6:c7:2c:85:56:5d:c2:88:2d:19:1a:17:29:e5:3c:9e:
-         36:63:64:6b:7f:1e:c9:16:3b:4c:0b:e5:fd:6a:aa:6e:ab:96:
-         22:75:86:2f:29:8d:93:d5:c5:ba:9f:6e:e8:10:09:2a:eb:5a:
-         19:6e:49:c1:28:43:a6:25:87:22:70:bb:fc:0e:10:e0:5f:f7:
-         ab:35:80:c6:b4:73:b6:ca:d0:68:21:5c:b7:0a:35:c4:8f:63:
-         22:2f:2b:51:24:36:24:77:80:e4:4f:a5:72:8a:2e:19:74:8e:
-         dd:c5:34:7b:85:2e:e4:f8:86:0f:73:95:d9:53:0b:be:f1:9c:
-         37:f5:59:ab:1e:1a:2b:42:df:56:46:c8:28:7b:76:af:9a:25:
-         66:1c:1b:17:b8:1c:3f:f5:93:69:bb:70:7f:81:c4:78:ce:f6:
-         83:64:cb:63
------BEGIN CERTIFICATE-----
-MIIEjzCCA3egAwIBAgIBAzANBgkqhkiG9w0BAQsFADA7MQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEXMBUGA1UEAwwOSURTIFN1YkNBIDIwMTYwHhcN
-MTcwMjE1MTA1MzM5WhcNMTkwMjE1MTA1MzM5WjBxMQswCQYDVQQGEwJERTEPMA0G
-A1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjETMBEGA1UECgwKRnJhdW5o
-b2ZlcjEOMAwGA1UECwwFQUlTRUMxGTAXBgNVBAMMEEFJU0VDIElEUyBDbGllbnQw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD+Rwry7VA2qGdBCBkd9Lx
-Wq4plKBtAtySvsSCUaSHmEVBUu6qwK+N/hMDIGPhGC20g/3QVmSEwz5BaIUYMLWc
-KUNni3Br8gvuKsxEW5h6iK7P/FsCTRVXBmMaEauZgWHp1f+9BMJsrsQUa6CKiPnI
-VKuPVkkelc9whLa4+/6q9pAooOBxI0TDpHWF+8AGTstzUBMV9nxAMQYJEp2rBvrs
-0GpGck8qYnu8Ew0p1c6IJ5glJVvAQVdJseOV4JHci1+frjR34UDskgPYgVYmv/DB
-roS6eioOpbNjVUmc3S0rlBOoBe+qeVyeGNA0Z/j3qnnjuYPqM+cIlFwS25u8zK9j
-AgMBAAGjggFmMIIBYjAdBgNVHQ4EFgQUGN4PviTnJCyS9rs1IeQIFUcRig0wHwYD
-VR0jBBgwFoAUiYuC72su5EAtzlxs93guerB7GR0wCQYDVR0TBAIwADALBgNVHQ8E
-BAMCBaAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5haXNlYy5mcmF1bmhv
-ZmVyLmRlL2lkcy5jcmwwVAYIKwYBBQUHAQEESDBGMEQGCCsGAQUFBzAChjhodHRw
-Oi8vZG93bmxvYWRzLmFpc2VjLmZyYXVuaG9mZXIuZGUvcm9vdGNhY2VydDIwMTYu
-Y2VydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwWgYDVR0RBFMwUYIJ
-bG9jYWxob3N0giBpZHNjb25uZWN0b3IuYWlzZWMuZnJhdW5ob2Zlci5kZYcEfwAA
-AYcECgECD4cECgECEIcECgECEYcECgECEocECgECEzANBgkqhkiG9w0BAQsFAAOC
-AQEAd4FT4yZfocBXZjFrX+mAJqiujUoazV91FqYB06xT+GdaQH9OPWoyo35zWEu7
-1FJEO5H49ig/24Vh/1aWSEa9JFhEwNEZ/Iqzs16paYN6swPcebu3WGeSSO2+00em
-xyyFVl3CiC0ZGhcp5TyeNmNka38eyRY7TAvl/WqqbquWInWGLymNk9XFup9u6BAJ
-KutaGW5JwShDpiWHInC7/A4Q4F/3qzWAxrRztsrQaCFctwo1xI9jIi8rUSQ2JHeA
-5E+lcoouGXSO3cU0e4Uu5PiGD3OV2VMLvvGcN/VZqx4aK0LfVkbIKHt2r5olZhwb
-F7gcP/WTabtwf4HEeM72g2TLYw==
------END CERTIFICATE-----
diff --git a/camel-ids/ssl/certs/test.key b/camel-ids/ssl/certs/test.key
deleted file mode 100644
index 77cbd19b6..000000000
--- a/camel-ids/ssl/certs/test.key
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDD+Rwry7VA2qGd
-BCBkd9LxWq4plKBtAtySvsSCUaSHmEVBUu6qwK+N/hMDIGPhGC20g/3QVmSEwz5B
-aIUYMLWcKUNni3Br8gvuKsxEW5h6iK7P/FsCTRVXBmMaEauZgWHp1f+9BMJsrsQU
-a6CKiPnIVKuPVkkelc9whLa4+/6q9pAooOBxI0TDpHWF+8AGTstzUBMV9nxAMQYJ
-Ep2rBvrs0GpGck8qYnu8Ew0p1c6IJ5glJVvAQVdJseOV4JHci1+frjR34UDskgPY
-gVYmv/DBroS6eioOpbNjVUmc3S0rlBOoBe+qeVyeGNA0Z/j3qnnjuYPqM+cIlFwS
-25u8zK9jAgMBAAECggEAGtQjsys0KSjFL0W9WYO98STE6xRZ0hKuN7i+FkkvCREj
-ignceqveXMYHvEnW4p34w9m+CaOKJ1LDVxkD/4fLlRFhFO/V+DEuyPA6/rC7cyr7
-I6Ycn3gGD9/j+VGp+F3qFaUiWbIpG8/hMBp74/tUlsRgqELbx8AiofjJOxHkj2rs
-AG6/SDQBhVPo9uZHmbOMtXwQzNOjBaz+L4GuZHk0K9tlwTzjMWNJwzSSdxT15sak
-ojg4adoiTeZUdoCd1CdyfD8sVJlwjQpAGA36sB0Hym5uwnlZKStofoXPGWNjBPup
-qS/wRKikrlBsu/pViIBbm4G1i25VgMSSxHjOHc24QQKBgQD/Gl8ZktSCHHMHNR/V
-UTBePE50i/OUHuI0ZmIkYQNRxEadNEowf7Fk0AWgqTExeGTZz/L0n76KM1dnoiIV
-upXHZrQQTcOpM/N9Rfj1bJzJuoQSeVfHa4sxiSK4uu2LOo9bA1PmpUjV5RGXPIvp
-F1GlLakxzYrg3j5bTd50z7EvewKBgQDEqYNpTzSTIsIWAtBRbXe5T9189WXdQAJa
-lKehoXObUWj/ulArCtXAHCZfC3HpFOGTgiQPpGA24zQuqRIFTGFf9ruUekzsyySZ
-c+LOk8v1KtNxbfxGfRTAzG+Uq/6SheKiXPlw3TeQdCyvbTb7mAwEMb8HNVEAQY9P
-mwALsCpHOQKBgQCjlxrDQJiMc4gEaDnoxu7Yj53UOWdTZlazObDYGWpShiauazjk
-Tw7IUmo5dCZ6zfUGhMcNvl8nKvNzHtLy0jt4qtDv356IpCsR+8xCPotxBe3qFuyG
-kt2pP4MHqb/pV/1UZRbpwrapjAMy0/341R5jaZult2TG/V5JmO7+Q64hfwKBgH4Y
-hpbuXzJ8Vd/RHAsp2lsql0R5AEB1u0yjBjy/jaWn9GAL8T037EgKhJvqdbZSWjS/
-fCm/ZqWq1pmYdGKLT+A9DpcsN8iYlDYENQfpghwHwp13PQthRf481sqH4WnHiMI8
-RQAWB3uK0eAFcfytx/6keuy/RdmZL6+GHehgoysZAoGBAOVTl5ydUtN1M2I8u6dt
-6Vbx6uxnay+fa1FoFceYeib5Y3NU8kj49jnObQHv4GU8651Ddo9ZuO4MtDSjgmt2
-ciezeY7TJZy0ovG8I+tnyNh6UQatxt1CqmxDnow+Zq4fkKJ5movdNXB1Pm190wtl
-eFFRfOTTocGliFXUptaWGkhR
------END PRIVATE KEY-----
diff --git a/camel-ids/ssl/certs/test.p12 b/camel-ids/ssl/certs/test.p12
deleted file mode 100644
index e69de29bb..000000000
diff --git a/camel-ids/ssl/client-keystore.jks b/camel-ids/ssl/client-keystore.jks
deleted file mode 100644
index b892a543f451d0ac961064942e2140f89d279b9f..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2537
zcmZuyc{r5o8=h}AjAd*M23gL?(#-gVC`y(=I2}3|w4iB>FwTr+EOAH^V^<Pca*(a5
z#7HOPq-;@WLnT?FbSyEJR!wI(zjLmB*LD7Q@9Vjr_x<kodEe`PpHDb1oQFUlP|*N3
z20#);2dq2PA|Mb16y(5#pbQeV6$!ur1E?GTARurKd}jIxQhxLz-gWS^;JAMHuPz1{
zWP?rvcXtj$zvmaZ8~29~=Nia7RiSjl<b2|Ne*I&z)UV1ZEH(AZZnn<w@=>zNp(V?H
z*RP{9l~&o4MU=cL_SBE6-VQ63v38%I==xrIs83(5C8UkS@_WqU@SnLF@=~_NhV~fQ
z`O52z;++%Wtsaja>*Ym_n8>qNTHbfOF8O%9z^^NmJTckVSLh691-4fzpID-|QXZ(3
z@ZZQ!DiodXON>a4d})aB{axpdf3@&Yrms;4xX1Ze`5Erw;8KSSpN>r(VYi<0j_BqI
zzo9FL0onF?@$Rc%dq1Jbn~p5D=ft~zYYZ7aS^rAapH+d*)AM<I?W|5zPGlmzP&KBW
zB&erZ>!S7<{Zz6!cx|}lWOz+{KOz86-BdxCe_Mx3N;2u-Y*Qn=B>JTMIGdQ(^nqZY
z7nd-Y`}k0w#mS=~@%diH32jd!Qrp~I(!^Akeqi)$0UqK^VBxrUhFJ%;x9bQ2(?6yV
zz-wxK!0Qv&ZH=NEUCJG&npM9>gxWs1q-lt^H7zgj=nIa<D$dHTDBc{uVG)>A|G8Mu
zYMkU1SaIf0DnI=;`7u$=mY|1OytsV(U?E1`X@Hi9t@^wJSW(8;k~u!1NjJ^q`X6O#
za(h-A$;d+9M-z_&Dg#w&T5(-Yl)HxcssmHHemML$8!@co(FDET(r2ohWojOF5BPF~
zxv|;N^EXdO@45W0Op_#WSqEupntimrQUCdcxes%yyPF7VU3JE?FkFT}_Ab4s3g;s%
z(31=DPN=<Iq5oJp76k5Qu!i?t$Z{PwWXWVJYJCm#Fwcra_thF6+=aLIslD%-+W$gq
z+^Q__;8v5WYlqqJ7ZE8yMO_2uKn=e=hz7m<G0a`yxnL=vjGSIdAv}OMMz$9&&XBm}
zY5kPD9On!By;`FSCBz?kAD{5*iCb}aKVSrpd*_>IBe;2~;a>HViTvI7kP#-748HK^
zP)CbAH6#2(hWVd&+MGh0CY!%1cOJ9iVUueULb3OP)N0wCHx8M+ik#4h%|4&sPwh;B
z$D6139)EG9AmkPUpZR)aAa$$T#le6U8IKSLbg!FN(a@_2-3uox8yT5Zv0`&^Wfh>A
z>)^{cj}h<fVq%sq2b&q1wVuYdXT!c&wP<iw_ogB5Idf{1if6#Iq_)vVue@H{!{R@E
zN%t3L&7&$CVn*`@cI2~I)}sr}TCL?Oji^~Mt0tB#TxH96V7zC#O_=(%+n<~@3ktDc
z?INPGibw4n&7Aw{8CB1BElWtno)+%5{AI$BT-d0kWg|6xjOof7OSvmA|Ih+c+uk1`
zGgO2-kQ=?JdOF~fqt`$lBWCT`Xy+|vrp${(=4SC{0Z=V<rKaEQRWC#$n&05-?rJ=J
za{V-xN4X!7E5vH;Npykv*Q5ABV<Zj7gqCIo`SQ#u!s8G(kA*{*@J^kJVrP2ajT4bI
zIiC!x0g9!|+_Gkfw;M!YbqAw3s&IPZhsfVnbYBB2XIZ9Y6HNazGh|BFiAgj(lGIQ_
zew0$e%I)m~KN4gMO)1OC*Bogc-!2Yb+RC4MQ#9VwXY=IxM^n?%XNc4F$m-jwbBeef
zzs0<I8ROUGDeiMk=Vs4K8EWInc2u)Nq-I<4Ud{I0wX(99{dL}4&Q-URlEv2Uj~h)9
z;YBn7%^(nXrKlm6fgD(BDGUlgp#Tb$MoJiP9k?H)0YDM~0e6xlK?x*`0!J!9ZS6=3
zpxin^Nulh+s1eKnmOnj=qy%nSPr{^R9Bth+-6D>Vtu>86k}0@ZNt(1BG$NUhjEs#*
z-~kae`;LO4|1XXfZ7$LgmqOZ5kI}=JBsmbho)D7~|0#mbqy^BK|6PC#D7C&$QVL=1
z=w?SIsenp<7bLsEHP_1`2M5xbY>)$Je}6<#`-gD=G(?m~K{)^bxnqBfw}!)<InIy#
zoMYkPSZ4V`+@EjJSrg=BH!JX+CKTqW8Y0el>b@kr^Uk<(t7wt9#aCHN`?~dV6+NAq
zm@~F8MYz~E_>HnlqZl7WwruF$tE_X-tc3q(ZsE{@YO%vZ>3vEJZvIiOo#WW*jDCFN
zB&T&;SHHWLqureKOE^CrHfW#{*m*8?sCVsjE1KvscX^8p(6zec?(WQX-_|m!=uH@a
zl#Qe$KC_a<D&3FOPOGuFQY7sc_p_h;zQ`A?LAJ@)jm7mkPNm@ZZM^1buj#&m+wBN7
zC(>H@Sg7??iMK(dK>gS&LWi{=)MD^R7EYGoP+4C4j{GRA1_}cpKsg797TpLNR2N;N
zx(plxSJY1Oypq{7z0bd~`P-M4P0`z2moh+&_30nr${;2|F*TjDz#vXp5&91We~2c=
z)Wxc(Z#YL?0S*Nrpyc{mG#n0tB1*yS>qG+%f<zEsYEY`j-4eiNhnO20(!zp?)WC2$
zjp+ZczleTx!$7}qqG%3uM~aJn-3Wvj0KgqUd(ieD4nny*{-@!`ied({sG=|aODT-S
zV$-NJdKi1%qQv#!?_=t~F`(i<axmz>5da3SS1SjngEWprFpEYF4q%0|IhvxHXe=g^
zPGhse{%fmbxah4xlHn)-irzrk4V2qJ`3+RqK*bH*w1JrK-6?v2B6k81*AHhgwgzpJ
z3k}&hRF%ie_Kl}}Qq{H(E@tkW1^2W)ul#z)L8)nT+LLMmlKk4t#^}6&w?}}B9j?84
zZt`YEew}gh@=mgL!K%&g8b@H$nD^A?p&KYY3l-+mk?!~<$#eGDXSt!7!`gO3sc(OL
zQ+(g|Ov09OUhvwl3Bt+wjQ7P+KOwgT=H~t(T=enGdY44^eA=TNb>6FeYPLd5Zqb@r
zyVnZ$1O}ug?Uy(lId}Dy+k;cLc<9c8N^|qEaBauc=fh-&i-S9IqaeFB6S$*i>mYAQ
zi3S<4sUAU{i_Lj)L6wrSiL|mbuUhqlwRr<!c>%rG*`fM9>+JH-^i^#1_CIda8Bu26
Q@1I4>Ib^G3O7cGZ1-fG;0RR91

diff --git a/camel-ids/ssl/client-truststore.jks b/camel-ids/ssl/client-truststore.jks
deleted file mode 100644
index 99ec32c1236de83e8ed52c0e07591f01f901f596..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1954
zcmezO_TO6u1_mZLW=c+EU|@`LJi_{qfi*(U)WDK~fjQBji8<DwiOF>VGZP~d6DPyB
zLn$K9KARmh;AP{~YV&CO&dbQi%F1A1YshWD$;KSY!Y0h*;%X>tAPC}c@o>2nC6?x8
z<fo+;8A=+6g9Mp*1Uy}W6@v2fOB9?P6^slF%?#wkc@51Cj0{Z;4U8>~45Gw&jX_)k
zD3?;>n;4al9n8qez}&>h&tTBR$i>ve$jGos`uL%~#&7YjvsnVy6zM#8^Wd!S^b)C_
zsg|{c6K*ciU7K(C%5H}Fxlcz=pFI*J_BgPX@r3*3J-u>MnWrvPHk^_4!|ztY(<fIQ
zw&XnR+kEi0K+~C=R^ERC*7novHib#d3vQFV70|=<(_C7xEyVHXwoI*#vl4sWuWH)b
z?olrIesS$S;{*I&H}xzZHl}^f4CQEhP_uo8L%&W~THK6;8rw9<&>ojU^Nz|_)-lKK
zer=ANE_^oAz5M>w%>L}1P16?h&TK!c=F`n*x7lX-^~4Xq&Q`NtGF+#lxzcC1nnN?w
z>^82Lm0EKdI#gdxiK@MEp|bj=djGzV_%%$DOubFP(>KO5F*7nSE>19rGmr(wkSrgI
z7>mfvUF&ME?EboEO4A0TTZz48i*jzfHjoENE3-%#h&5nWzz<R&%*gnkh1Gx=NEvX0
z1o&B4fa%8#ISzn{1{ep73`;-S`=}jp$-d2KS*=y@WWU2)*=Xi258G=8J%0R93u{(A
z)^*V1*nwUD>qK6-Z!+J%=A}~Ryz8e#XB|knUcr~?oj0NCFQdv8{;mV93Td|XY`Y3S
z2=yhXvg`P{WIU00&6l`TV(qrq2STs#if64lE5C(dowB#F#IY@sKEEch?K!T$!TIKu
zm#Ht;nhDI@Y~l0Kv)3WEId7@(7iRena(eR5eCuw_QlDmgF5Y;Dkz%<;%0hM?_vi21
zFU9P24t`y4GL21pP3^t?mUhKqQcB%Q9l5EW>+Ypoe$c~Z^U+%PXO+NFrrJt<#`({h
zo~c^cs?=UHmb=RuntSx~x`ZvYHaUk9CWG@IYjJ53Ec@|%MP$Dh!0h(~nElQ`vL7QO
zatLx$JKGrovz?JCFxwe}vz=j-fi)4iTHHVs7{$O`%?HZW!KF#CJWVLmZQBv-;hNi<
z!K^!reb>2u!)sUND}TLtIe#YeNnO9^uOxOeSny<jHe8i;HNq)w`7g<cjqQeay5x2(
znLj(MYKz-u=hyB!ufFpe|3A^Q;TCJ3$e*m}>b;!bTQ*hS{{4Jo?WKhm_?EqoHeb(k
za9f$`Y^TZ3lNrvx2x{|v7r(+cTsoqroYnJesK2tp>qE!)*}l~3iTD`gx=+DjOZAPF
zM_+VYTD@Gf#3-w={v|_WW<Rg(T1F33d9OPqPpzZBpPCu6`O2x4p#|G+Rb{?PJFhHe
z{VG_0<GuOQwQH7TD6Wez?|lEnckQa_0f*ZYKY1AcKH$aqWsmT(XY=a3C+IX~X61zZ
zS+o+8=^8&6G`>a3cAec#@3ZxuIOv{>$@yNPSGA#9QkJr8*JfZ2%7gMO1_pWtIt#QG
zXtb$il#~=$>FXyK<>)157N;ibrNN77y_8h_%#>n1pqxPn8;3R<uzY7{WMuI$a5Hd$
z@eP>TETCqj<d^5=<R=1kU^A%*Sjs0SCZ`safXaD25Cbg@gG&MP8xJPDu>H4(SEzaF
zmU*YGg%y7KF0$NwTHZx>Yq{`(DC@fnrC%35_jq8{+j5vY{q>u=E9*Odztw(dTJ`yG
zl1{Tp&)pTe`fn$cF8AqF_xR=NqMiKeldG~sUxxRawZC+PKdRdCi<IuR<V#6SH=SQA
zmRluPdDzi^{|u2I7uWb2irwxzq|_PK|3Lb{pQ)=(*R5DEYx1r5voB?5Mch1L*c<*k
zesA3#;l~e-r=)snD0Q5-`;zcCcn<d;rrjqv@{aR!yw9Hy-LKBme}Pl1Px^z?sr#O+
z9G7`7|M^{@KJV)683EaX|KH!J5N6TOom<fV<1~AleQ22Hac^DmbLS@|@A9#E!}C>A
WO?K}qc?E0#seN0HeP7YsBntq=W!%L8

diff --git a/camel-ids/ssl/configs/openssl-connector.cnf.template b/camel-ids/ssl/configs/openssl-connector.cnf.template
deleted file mode 100755
index 89f3c97b9..000000000
--- a/camel-ids/ssl/configs/openssl-connector.cnf.template
+++ /dev/null
@@ -1,59 +0,0 @@
-HOME            = .
-RANDFILE        = $ENV::HOME/.rnd
-
-####################################################################
-[ req ]
-default_bits        = 2048
-#default_keyfile     = connector.key
-distinguished_name  = connector_distinguished_name
-req_extensions      = connector_req_extensions
-string_mask         = utf8only
-
-####################################################################
-[ connector_distinguished_name ]
-countryName         = Country Name (2 letter code)
-countryName_default     = DE
-
-stateOrProvinceName     = State or Province Name (full name)
-stateOrProvinceName_default = Bayern
-
-localityName            = Locality Name (eg, city)
-localityName_default        = Muenchen
-
-organizationName         = Organization Name (eg, company)
-organizationName_default    = Fraunhofer
-
-organizationalUnitName	= Organizational Unit Name (department, division)
-organizationalUnitName_default 	= AISEC
-
-commonName          = Common Name (e.g. server FQDN or YOUR name)
-commonName_default      = AISEC IDS Client
-
-emailAddress            = Email Address
-emailAddress_default        = ids@aisec.fraunhofer.de
-
-
-####################################################################
-[ connector_req_extensions ]
-
-subjectKeyIdentifier        = hash
-basicConstraints        = CA:FALSE
-keyUsage            = digitalSignature, keyEncipherment, nonRepudiation
-extendedKeyUsage	= clientAuth, serverAuth
-#securityProfile = ASN1:UTF8:IDS Security Profile Specification
-#subjectAltName 		= URI:UUID:%%DEVICE_UUID%%
-subjectAltName          = @alternate_names
-
-[ alternate_names ]
-
-DNS.1       = localhost
-DNS.2       = idsconnector.aisec.fraunhofer.de
-IP.1        = 0.0.0.0
-IP.2        = 10.1.2.15
-IP.3        = 10.1.2.16
-IP.4        = 10.1.2.17
-IP.5        = 10.1.2.18
-IP.6        = 10.1.2.19
-IP.7        = 10.1.2.20
-IP.8        = 10.1.2.21
-IP.9        = 10.1.2.22
diff --git a/camel-ids/ssl/configs/openssl-connector.cnf.template.old b/camel-ids/ssl/configs/openssl-connector.cnf.template.old
deleted file mode 100755
index b943510b6..000000000
--- a/camel-ids/ssl/configs/openssl-connector.cnf.template.old
+++ /dev/null
@@ -1,54 +0,0 @@
-HOME            = .
-RANDFILE        = $ENV::HOME/.rnd
-
-####################################################################
-[ req ]
-default_bits        = 2048
-#default_keyfile     = connector.key
-distinguished_name  = connector_distinguished_name
-req_extensions      = connector_req_extensions
-string_mask         = utf8only
-
-####################################################################
-[ connector_distinguished_name ]
-countryName         = Country Name (2 letter code)
-countryName_default     = DE
-
-stateOrProvinceName     = State or Province Name (full name)
-stateOrProvinceName_default = Bayern
-
-localityName            = Locality Name (eg, city)
-localityName_default        = Muenchen
-
-organizationName         = Organization Name (eg, company)
-organizationName_default    = Fraunhofer
-
-organizationalUnitName	= Organizational Unit Name (department, division)
-organizationalUnitName_default 	= AISEC
-
-commonName          = Common Name (e.g. server FQDN or YOUR name)
-commonName_default      = AISEC IDS Client
-
-emailAddress            = Email Address
-emailAddress_default        = ids@aisec.fraunhofer.de
-
-
-####################################################################
-[ connector_req_extensions ]
-
-subjectKeyIdentifier        = hash
-basicConstraints        = CA:FALSE
-keyUsage            = digitalSignature, keyEncipherment, nonRepudiation
-extendedKeyUsage	= clientAuth
-#securityProfile = ASN1:UTF8:IDS Security Profile Specification
-#subjectAltName 		= URI:UUID:%%DEVICE_UUID%%
-subjectAltName          = @alternate_names
-
-[ alternate_names ]
-
-DNS.1       = localhost
-DNS.2       = 127.0.0.1
-DNS.3       = idsconnector.aisec.fraunhofer.de
-
-
-
diff --git a/camel-ids/ssl/configs/openssl-rootca.cnf b/camel-ids/ssl/configs/openssl-rootca.cnf
deleted file mode 100755
index c0c992025..000000000
--- a/camel-ids/ssl/configs/openssl-rootca.cnf
+++ /dev/null
@@ -1,74 +0,0 @@
-HOME            = .
-RANDFILE        = $ENV::HOME/.rnd
-
-####################################################################
-[ ca ]
-default_ca  = CA_default        # The default ca section
-
-[ CA_default ]
-
-default_days    = 2920          # how long to certify for
-default_md  = sha256       # use public key default MD
-preserve    = no            # keep passed DN ordering
-
-x509_extensions = ca_extensions     # The extensions to add to the cert
-
-email_in_dn = no            # Don't concat the email in the DN
-copy_extensions = copy          # Required to copy SANs from CSR to cert
-
-base_dir    = ca
-certificate = $base_dir/rootca.cert  # The CA certifcate
-private_key = $base_dir/rootca.key   # The CA private key
-new_certs_dir   = certs     # Location for new certs after signing
-database    = $base_dir/index.txt   # Database index file
-serial      = $base_dir/serial.txt  # The current serial number
-
-unique_subject  = no            # Set to 'no' to allow creation of
-                # several certificates with same subject.
-
-####################################################################
-[ req ]
-default_bits        = 2048
-default_keyfile     = ca/rootca.key
-distinguished_name  = ca_distinguished_name
-x509_extensions     = ca_extensions
-string_mask         = utf8only
-
-####################################################################
-[ ca_distinguished_name ]
-countryName         = Country Name (2 letter code)
-countryName_default     = DE
-
-organizationName         = Organization Name (eg, company)
-organizationName_default    = Fraunhofer
-
-commonName          = Common Name (e.g. server FQDN or YOUR name)
-commonName_default      = IDS Root CA 2016
-
-####################################################################
-[ ca_extensions ]
-
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid:always, issuer
-basicConstraints = critical, CA:true
-keyUsage = nonRepudiation, keyCertSign, cRLSign
-#crlDistributionPoints=URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-####################################################################
-[ signing_policy ]
-countryName     = optional
-stateOrProvinceName = optional
-localityName        = optional
-organizationName    = optional
-organizationalUnitName  = optional
-commonName      = supplied
-emailAddress        = optional
-
-####################################################################
-[ signing_req_CA ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid
-basicConstraints = critical, CA:true
-keyUsage = digitalSignature, keyCertSign, cRLSign
-crlDistributionPoints=URI:http://crl.aisec.fraunhofer.de/ids.crl
-authorityInfoAccess=caIssuers;URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
diff --git a/camel-ids/ssl/configs/openssl-subca.cnf b/camel-ids/ssl/configs/openssl-subca.cnf
deleted file mode 100755
index 344bd0a63..000000000
--- a/camel-ids/ssl/configs/openssl-subca.cnf
+++ /dev/null
@@ -1,76 +0,0 @@
-HOME            = .
-RANDFILE        = $ENV::HOME/.rnd
-
-####################################################################
-[ ca ]
-default_ca  = CA_default        # The default ca section
-
-[ CA_default ]
-
-default_days    = 730          # how long to certify for
-default_md  = sha256       # use public key default MD
-preserve    = no            # keep passed DN ordering
-
-x509_extensions = ca_extensions     # The extensions to add to the cert
-
-email_in_dn = no            # Don't concat the email in the DN
-copy_extensions = copy          # Required to copy SANs from CSR to cert
-
-base_dir    = ca
-certificate = $base_dir/subca.cert  # The CA certifcate
-private_key = $base_dir/subca.key   # The CA private key
-new_certs_dir   = certs     # Location for new certs after signing
-database    = $base_dir/index.txt   # Database index file
-serial      = $base_dir/serial.txt  # The current serial number
-
-unique_subject  = no            # Set to 'no' to allow creation of
-                # several certificates with same subject.
-
-####################################################################
-[ req ]
-default_bits        = 2048
-default_keyfile     = ca/subca.key
-distinguished_name  = ca_distinguished_name
-req_extensions     = ca_extensions
-string_mask         = utf8only
-
-####################################################################
-[ ca_distinguished_name ]
-countryName         = Country Name (2 letter code)
-countryName_default     = DE
-
-organizationName         = Organization Name (eg, company)
-organizationName_default    = Fraunhofer
-
-commonName          = Common Name (e.g. server FQDN or YOUR name)
-commonName_default      = IDS SubCA 2016
-
-####################################################################
-[ ca_extensions ]
-
-subjectKeyIdentifier=hash
-#authorityKeyIdentifier=keyid:always, issuer
-basicConstraints = critical, CA:true
-keyUsage = digitalSignature, keyCertSign, cRLSign
-crlDistributionPoints=URI:http://crl.aisec.fraunhofer.de/ids.crl
-authorityInfoAccess=caIssuers;URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-####################################################################
-[ signing_policy ]
-countryName     = optional
-stateOrProvinceName = optional
-localityName        = optional
-organizationName    = optional
-organizationalUnitName  = optional
-commonName      = supplied
-emailAddress = optional
-
-####################################################################
-[ signing_req ]
-subjectKeyIdentifier=hash
-authorityKeyIdentifier=keyid,issuer
-
-basicConstraints = CA:FALSE
-keyUsage = digitalSignature, keyEncipherment
-crlDistributionPoints=URI:http://crl.aisec.fraunhofer.de/ids.crl
-authorityInfoAccess=caIssuers;URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
diff --git a/camel-ids/ssl/keystore.sh b/camel-ids/ssl/keystore.sh
deleted file mode 100755
index fd23f7fa9..000000000
--- a/camel-ids/ssl/keystore.sh
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/bash
-#
-# Imports CA chain and connector cert into karaf keystore. Execute in $(Karaf-dir)/etc/keystores/
-# Then, build karaf. The keystore is automatically deployed.
-if [ $# -eq 1 ] ; then
-  echo "Two arguments supplied, which is good"
-else
-  echo "Invalid number of arguments: $# (expected one)"
-  echo "Usage: $0 PKCS12_filename (WITHOUT file ending)"
-  exit 1
-fi
-
-#keytool -keystore $2_truststore -importcert -alias ca -file test_ca_certs/rootca.cert
-#keytool -keystore $2_keystore -importcert -alias subca -file test_ca_certs/subca.cert
-#keytool -keystore $1-truststore.jks -importcert -alias subca -file test_ca_certs/cachain.cert -noprompt
-keytool -keystore $1-truststore.jks -importcert -alias ca -file ca/rootca.cert
-keytool -keystore $1-truststore.jks -importcert -alias subca -file ca/subca.cert
-
-keytool -v -importkeystore -srckeystore certs/$1.p12 -srcstoretype PKCS12 -destkeystore $1-keystore.jks -deststoretype JKS
-
diff --git a/camel-ids/ssl/readme.md b/camel-ids/ssl/readme.md
deleted file mode 100644
index 1a5c9febb..000000000
--- a/camel-ids/ssl/readme.md
+++ /dev/null
@@ -1,24 +0,0 @@
-This is a script collection for creating a very simple Root/Sub-CA for Industrial Dataspace Test Environments.
-** This is not meant for real world scenarios. Certificates should be issued by a real CA and handled accordingly. **
-
-To create the CA/Sub-CA:
-```
-./ca.sh
-```
-
-To create a certificate for a device:
-```
-./cert.sh "connector-name"
-```
-Before creating a device certificate, make sure the configs/openssl-connector.cnf.template template file is adapted to the use case. Please change the DNS/IP Adresses needed to your setup. 
-
-
-To create a keystore and truststore:
-```
-./keystore.sh "connector-name"
-```
-
-
-Documentation is located at https://fraunhofer-aisec.github.io/trusted-iot-connector-documentation/
-
-(C)) Fraunhofer AISEC 2018
diff --git a/camel-ids/ssl/server-keystore.jks b/camel-ids/ssl/server-keystore.jks
deleted file mode 100644
index d7edc0692ebdf5ab5f2da0018b547ba74c2cd1e9..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2535
zcmZuydpy(YAK!PjVdgTEG|3{lZhdENt4=PlB+|*X5oRXWP0YQL#X9^#B7|xsqkeA1
zigG)sIMGdXLzK)VxmE6*aen8#`n_J~kLUgRyr0Yac|XtV^L(C_@s)811OgQ`V7&oE
zQA9Owq2@p!a0tkOErBu!q%H!00Xk4L0Kg$I4s6&7BiUirRNdWx$|p6>#b?jJcQ${q
zv&HL>t+BPY_6^By&^mGJ@a4dO%bw8cZFsgheXgSW9rz<EI&dOD32)F)=3Ld-qLeCG
zJ3x|HJ-gW6^7g!-$zo)5^xB(4Vtdl{f*ThaAKiK7O};XmI3n9P<A1tFrZ^>5`z`g!
z)XnTaq}+>nQwK50xn{QlWsVFJjjOXO1)tI8HD5g58y2LU%KyN;c82&WP$u>mlwkjT
zF&y_nQ!9V^?$=+8ZW}wrH$LlZ=$t-qpyo~6IBz(RUn*;lB%YNc7#%;9@VT*W{@&md
z;fLY<X1%Ff+E-A@-qGIr->k!K*iJp#-|}To>5b2x*(`i;&iv%666DS4+AHWwREXC+
z^vmsp<fALtQCADl`g@aoz8rEBQ=%s4UYu3b7&gzC9tz+$g(N-fedeBFa=h|{!x_k|
zpKi+gC;EnM2HaBh#gK{USpjJ^_4Vd=@Dp^aZ0t^%#w!L<r|U{<nN2kZifqyLm-uX}
zjjgJ$m#2OZAFj9z3T?h#q_CWqebZO(5^T*VSm*k09dqS#$+nL7_dE+Al9|0v!Xq17
z3m+e~xuEKU=+Mx@R@%8dzZd4^(jC+_{A=rcs{81XtRY;b^1<D5TEj4>`$C*RwU54{
z#;{W;eb2FdhuUH@Q_`*YML&?77BHOd*oxhw7^1TzZQ2#(+@j{|+&ZEZVeBNpwreY$
z)!UHCt48UzP$N3j6UGM~P;PBix13Xv#n*`o>qA!4@4{|N->A?dMqTxZD5)Yjk@8J0
zQ<fI=AH)sp=~j{#+A7u#<Zxby>5#uorjhm_GNy%BPw5oDVHW4_S4R<aF5r95wVL7O
zHzF_MKdRu{79?Z~BbrJUt>QemH=Ff1`QCGokqp6Tj33%`+g$jxOYxHC)6G}3?7ugi
z>o+8i21uQ^{E@awN)z)u_-*e}b&?h?CMjPYnW1bMFEOMxo9q#9*>kfDkGo%*_i-fh
zwU3)GAN|{Lpl{n-jLPH#m{w<S)=+^(LkI?KyK5(mmf6gnJjXj0Npk~7RmDC0quQp&
z{jV-qsI$pMD=GCR+^h2+rZti{QnA?oYG3QpIq5|}Ehjh_n5N2@AG-Rc$+7(MGD|xp
z;Y8}rV)~bklP%ct8`4?MzlTHQh1-;Ns|<i;C=FFty|{e@x5~1)SwO!DH^$|@kV3rs
zx{sRG<(h<i+?q6?Nh(YGq|#}f8eDs$CM4ue-_ep_847=&rGx5rbMeM0m<C$6@XqEk
zo92X(8_}RuJHuV8%fR-<fERC{$==M;fd%ciS(L<<gEo2B7Y#LfTe4U74&!gew#Hzy
zw+h83jdq*Fc<GAg9B}E8tQZ-w^Bm1RAi&*|TdGUXhc{gSY72)nAe56P(Z0`2<M}70
zA8AF#IDJI9_$Mg4ESZfpS1&%N+9(-yOLP;?Y|ccLCwIket^rv7gCCn4P1~fv&1&ts
ze2+)%jz(ZdJobnCL6_+UTm#tPm?%A0L@&^nqxQ~Vs%X|q3x-Qn7`m`xOU}OLsVZK)
zjdlIwi!r}ZKNUEOvmx%n%7@5W)|l+B2t@<mR0!JPT;Fc6HzsAbL63}yeSbxhk%a^n
ziqOqFk^NY+b(nqW{JCF#-~Iy^JB@gGlYLZhznSlueBIW5!8ES;X>UN<dP#)45)45y
z1Oh7*mBVWwM=Xga1_hu{Knj#bNa}E{xwFy$ASJ4nyNFVtBtpyyhQL5At%w*9y+)8I
zBqfv<&h%sXGD3+P!3}GjVknvYmJT?FaPPh5IDL?41a8?VO*97eiH1ad5{XEriYWOf
z3LgJ|aaqykA{_}7!h#mf2xSt{pzK<QI7-4UoWZ2~F_`~uKn6su&67gG&G$Q4?Imsk
zH~wWvZk^-SZ0!y5XE50y2T=R@h@#>z#sOqSzXE`SasU8Q9%H=C^o7^;+g;PUvu$$i
zTj1jJC0>V(%_A;5f9)51I;*?&J0tb=`&5&QRI1VkmUGoiq}#`yfclkP_8U9frYukS
z9pzK!R{OT7dF>3#6E-PWD2KXSnLRUneIhW?!==v$IgX#LP_>$|)1Yk`FtaZtCKu%{
zxLJ1hXkQ%4^s(R+m2aR)_nh)MZ#Z$%_Wt;*A}2rE>A^CEuR{eArpWVM2;MU}j9^95
zZAp0KX~1)hXrCYj&!cH9*9z_fZSMRS_w;KfC98twb({||tV^nL9o(Pke;r};xJ^*<
z&imJ`IZe(EcMf@%pRx1Kdvr)s@hzBEO@4{#5W=42xzV9w00b!D08yeFVS_57YgCbe
zDZ&(POR{h~W^NKDGw5w*@=Byjd^i(ST^m-1DS?Wo6_WnLnFu5dn&F?i2hBziVk%-c
zsjO#?3I+xRA)wUSTv-@Q3<~Fg#%n|s27&}okEg@a;%@h2vqN_7*g+2sBGCN97<7W~
zKlw%QVeIht2_uNcKu3gx=;MaN#Q^|j4N^eMzc~oyn*2}0hZV^TV$nn^{!J;A#bVQG
zbVew9Eky}y!C%MJfGL6sf6IwM|A_!FXw5Ae#sKLY$siV;7UahYV{>pKPjnWO$)K}Y
zq5rnkS(xapLC(UE091Az<<=3sj`Hh>Sx1F++^~*{KWC@t0gAE{fcRBK&TAgAH2C;!
z;zj6@gG^<0FZ0<)`X-pn9P5(F`L5|6$5M}qzS2ZoCHMQw6Sory?<W_3t2RFVe5PJG
ztiK|!|6UM9n7hpXLwpMUIxgU4Am#JnQba5{xcJ)qo5@)FU0L#~=F29+>&x1yuY7G}
zwxxM>B2Aq<i*tTSth@4{lf>J8Nl$Go^3_29QaoRkT%Q$M`g`a@nlJ_IYn3!_EIRgw
zJiOA1r!II<YW{<Js#j3o&SLoY-zNvxY0`7YVse$!3sM%D`95P36#l8o?2P$a>A8gt
z=Py|HAA2mEj0<{xMA)!39V4s?EPIte(i!{^fpyN(-acC#JmHk#S4lF8jvi{qED*%M
MW`54Ab&dG+C&`8<O8@`>

diff --git a/camel-ids/ssl/server-truststore.jks b/camel-ids/ssl/server-truststore.jks
deleted file mode 100644
index 24511f7b32a3d118a67a0072c750970a05e3b775..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1954
zcmezO_TO6u1_mZLW=c+EU|@`LJmO-;z#5@vYGBF0z?^8%#2jnT#N@hwnTe5!iId^m
zp%js4pUn;$@Un4gwRyCC=VfGMWo0n1HRLwnWMd9xVH0L@aWxb+5Cn0!c(~k(5=-+k
z^3zg_3?&W3L4wRY0-i3x3PJh#B?``t3PuKoW(IQNyoTlmMuw(_2F8{~22tX?#vrZ%
zluN1cO^iy&4rXL!U~XdMXE11D<YH=KWMtSRef&^g<G1+N*(`x;igX^ld2rTudWlre
zRLk1J2{)JMuFW@mWjDk8+^3_b&mIX9dmLEHc*6bio?f}B%u^RC8_r1j;dd+H>65Dt
zTXLTEZ9aHgpy^CbEAKx6Yx`+-o5CdK1-D7w3g}__X)Z0;7UKAGTc%dWS&2RGS2b;I
z_b3;9zqodv@d19Xn|hWH8`C~#hH|t$sM$Wlp<gE~EpA3ajcuA_Xpc*wc}L|d>zHGA
zzcxos7e1TmUVi^-W`Fk1rfG|LXSSbJ^XcZZ+ibJ^dg6y)XRBE+8LrdOT<No0&7qlT
zb{kjBO0BsJ9jdRUMAhE7P+9#_y?<Xw{2C@nrrxID=^Nvjm>C%u7bh6R8OQ=-NS2R9
zj74PTu64Cnc7NS7rD=oFt;F84ML9QK8_0vCm02VV#2T<G;0GxXW@P-&!fL<_qzt%0
z0{kp2!1UvW90$Ne1B?SkhNU0vebkP)WZ!1Atkx=cvfp8@Y&3J1hwZh49zTAlg*B@l
z>pJLh?7*)7bs{g^H<|BW^HM2u-t|+Wvks(Oui(q{&YMv6mr>;kf7gLlg*01xwq1oE
zg!&Rx*>(I}GM-4h=1W{Ev3A?*1EE)V#j{qOmEXd!PTAX7;@B2RpI?*M_8iyW;C%DS
z%hZ=^%>-s{w($Ar+3OJ7oVQf?3$y$OIX(GjzIC@|sZTRL7jL}7NU_`^Wg$C{`}6nh
zmtyuh2fwa2nZ~BQruN=`OS|GQDWz_uj@;DGb@x&(Kj`7I`DiWtvr6D7Q*EU_<NRk$
z&r~gJRcfyp%iU!S%{}^gUBZ@Ho18-llfn6qwYW41mi@e5AhO>JVD@_g%zkGe*^iMC
zIRv?>o$U;P+0MumnC*<g+0HP^z?z6$Ep8wRjACG}<^$#G;L;>mo+gy(w(SV^aLw(_
zVAh?*zUy4S;kB#smA~G+oIjKKq^{rdR}#A!EO@d%8?MT_8sQYT{Fh|J#&*LyU2?mY
z%%2@rwZ(0-^J{mVSKs-K|DWjDaErB1<WE*~^<K{JEt{%u|9-x)_R_)&e9PWPo3H0N
zxUEcew$tS2$qeUT1hx6Ti(lazE*()*&gywK)L&WQ^`YbYY+q{iM0^Z#-KXHNrTWIo
zqc1uxtzIr#VwBZb|B|6Gv!B;?Eu)92yw{zQr`FNmPt6S3eC5>2(1LBZsxn`tomUpK
zeif|0@!tID+BM5E6xT(VcfNn(yLQ#|fWz&HpFE6zAMoP*vPXE?vw3yi6Lgv~vvNZI
zELsW4bd4Vj8s8#iyUy;W_t|<+9CXjc<b1EttJ+X4DN9+lYcnth<w1EC0|Pw+odsG8
zG}_cMN=gc>^!1aAa`X~2i&K;J(%{9kUP`KdW=gRhP|hHPjYFFaSiZ9}GO~CWxEZ*>
z_y$aE7Em)%^2_sb@)LnNu$fc@Eaj6ElT(XIK;^t1h=G=d!KHxtjRzB6*#6tYE7Ux7
z%e>Rp!U{iq7g=sTE$^bcwOn{Xl=WSP(yt4jdpxk}Z8^-H{`yVbmGzy!-)cWJt@?a8
zNvGMQ=k5w!{kIcJm-}?8d;D^B(N2E#$yHgRFT?xI+Fv@tA64!6MM`&D@};Dvo6fHl
z%dL{DJnZPde}>49i)(xh#cuZ<QtAxre;|F}&(u|?>sBn7HThQj*_X1jB5s~A><#}N
zzqf9W@Z$%^Q&K%OlseAaeM$HmJcs)a)9w=-dB^!V-sew<?pNpOzrZQhC;h?c)O}A@
zj?284|NJgcpLcckjDT#x|L<>92(#$t&MoNwahko&J~YhpxVNtOx$~2fclp@7Iicyj
W?BD&1tMd=X&41?}+az>0`z-*fMBeuR

diff --git a/camel-idscp2-osgi/bnd.bnd b/camel-idscp2-osgi/bnd.bnd
index 3fbd3aac9..f5c097400 100644
--- a/camel-idscp2-osgi/bnd.bnd
+++ b/camel-idscp2-osgi/bnd.bnd
@@ -1,5 +1,6 @@
 Bundle-Name: IDS :: Camel IDSCP2 Support for OSGi
 Bundle-SymbolicName: de.fhg.aisec.ids.camel.idscp2.osgi
 Bundle-Description: Camel IDSCP2 protocol support for OSGi
-Export-Package: de.fhg.aisec.ids.camel.idscp2*
+Export-Package: \
+    de.fhg.aisec.ids.camel.idscp2.osgi
 Import-Package: *
\ No newline at end of file
diff --git a/camel-idscp2-osgi/build.gradle.kts b/camel-idscp2-osgi/build.gradle.kts
index c697a6155..8900785e8 100644
--- a/camel-idscp2-osgi/build.gradle.kts
+++ b/camel-idscp2-osgi/build.gradle.kts
@@ -29,9 +29,13 @@ configure<IdeaModel> {
 
 dependencies {
     providedByBundle(project(":ids-api")) { isTransitive = false }
-    providedByBundle(project(":idscp2-app-layer")) { isTransitive = false }
 
-    implementation(project(":camel-idscp2")) { isTransitive = false }
+    providedByBundle("de.fhg.aisec.ids", "camel-idscp2", libraryVersions["idscp2"]) {
+        exclude("de.fraunhofer.iais.eis.ids.infomodel", "java")
+        exclude("de.fraunhofer.iais.eis.ids", "infomodel-serializer")
+        exclude("org.jetbrains.kotlin", "*")
+        exclude("org.jetbrains.kotlinx", "kotlinx-coroutines-core")
+    }
 
     implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
     implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodel"])
@@ -42,9 +46,7 @@ dependencies {
 
     providedByFeature("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
 
-    providedByBundle("com.google.guava", "guava", libraryVersions["guava"]) {
-        isTransitive = false  // Avoid pulling in of checker framework and other annotation stuff
-    }
+    providedByBundle("com.google.guava", "guava", libraryVersions["guava"])
 
     testImplementation("junit", "junit", libraryVersions["junit4"])
     testImplementation("org.apache.camel", "camel-test", libraryVersions["camel"])
diff --git a/camel-idscp2/LICENSE.txt b/camel-idscp2/LICENSE.txt
deleted file mode 100644
index 261eeb9e9..000000000
--- a/camel-idscp2/LICENSE.txt
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/camel-idscp2/README.md b/camel-idscp2/README.md
deleted file mode 100644
index a0d7198a1..000000000
--- a/camel-idscp2/README.md
+++ /dev/null
@@ -1,2 +0,0 @@
-The _camel-idscp2_ module adds IDSCP2 support to the integrated Camel deployment. It creates a Camel Component to make IDSCP2 available for building Camel routes.
-IDSCP2 itself and the application layer implementation are contained in modules _idscp2_ and _idscp2-app-layer_
diff --git a/camel-idscp2/bnd.bnd b/camel-idscp2/bnd.bnd
deleted file mode 100644
index 2b60f466c..000000000
--- a/camel-idscp2/bnd.bnd
+++ /dev/null
@@ -1,4 +0,0 @@
-Bundle-Name: IDS :: Camel IDSCP2 Support
-Bundle-Description: Camel IDSCP2 protocol support
-Export-Package: de.fhg.aisec.ids.camel.idscp2*
-Import-Package: *
\ No newline at end of file
diff --git a/camel-idscp2/build.gradle.kts b/camel-idscp2/build.gradle.kts
deleted file mode 100644
index 3fc102020..000000000
--- a/camel-idscp2/build.gradle.kts
+++ /dev/null
@@ -1,23 +0,0 @@
-@Suppress("UNCHECKED_CAST")
-val libraryVersions = rootProject.ext.get("libraryVersions") as Map<String, String>
-
-version = libraryVersions["idscp2"] ?: error("IDSCP2 version not specified")
-
-dependencies {
-    providedByBundle(project(":idscp2-app-layer"))
-
-    publishCompile("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
-    publishCompile("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodel"])
-
-    providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
-
-    providedByFeature("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
-
-    providedByBundle("com.google.guava", "guava", libraryVersions["guava"]) {
-        isTransitive = false  // Avoid pulling in of checker framework and other annotation stuff
-    }
-
-    testImplementation("junit", "junit", libraryVersions["junit4"])
-    testImplementation("org.apache.camel", "camel-test", libraryVersions["camel"])
-    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
-}
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt
deleted file mode 100644
index df18e9970..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Constants.kt
+++ /dev/null
@@ -1,9 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2
-
-object Constants {
-    const val IDSCP2_HEADER = "idscp2-header"
-    const val IDS_TYPE = "ids-type"
-    const val CONTAINER_URI_PROPERTY = "containerUri"
-    const val ARTIFACT_URI_PROPERTY = "artifactUri"
-    const val DEFAULT_DAPS_URL = "https://daps.aisec.fraunhofer.de"
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/ProviderDB.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/ProviderDB.kt
deleted file mode 100644
index bc8d38d36..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/ProviderDB.kt
+++ /dev/null
@@ -1,15 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2
-
-import de.fraunhofer.iais.eis.ContractAgreement
-import java.net.URI
-import java.util.concurrent.ConcurrentHashMap
-
-object ProviderDB {
-    val availableArtifactURIs: ConcurrentHashMap<URI, String> = ConcurrentHashMap()
-    val artifactUrisMapped2ContractAgreements: ConcurrentHashMap<URI, URI> = ConcurrentHashMap()
-    val contractAgreements: ConcurrentHashMap<URI, ContractAgreement> = ConcurrentHashMap()
-
-    init {
-        availableArtifactURIs[URI.create("https://example.com/some_artifact")] = "AVAILABLE"
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/RefCountingHashMap.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/RefCountingHashMap.kt
deleted file mode 100644
index 6c7fa5a1b..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/RefCountingHashMap.kt
+++ /dev/null
@@ -1,77 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2
-
-/**
- * A wrapped, synchronized HashMap counting the number of references to its values.
- * When all references are released, releaseFunction will be called to finalize the freed value.
- *
- * @author Michael Lux <michael.lux@aisec.fraunhofer.de>
- *
- * @param releaseFunction The function used to finalize elements without remaining references.
- */
-class RefCountingHashMap<K, V>(private val releaseFunction: (V) -> Unit) {
-    private val map = HashMap<K, Pair<Int, V>>()
-
-    /**
-     * Increments the reference count of an existing element
-     * or inserts the element newly created by mappingFunction with reference count 1.
-     *
-     * @param key The key of the element to be retrieved (w. increased reference count)
-     * or created with reference count 1.
-     * @param mappingFunction The function to create the element if it doesn't exist
-     */
-    @Synchronized
-    fun computeIfAbsent(key: K, mappingFunction: (K) -> V): V {
-        return map[key]?.let {
-            map[key] = Pair(it.first + 1, it.second)
-            it.second
-        } ?: let {
-            val value = mappingFunction(key)
-            map[key] = Pair(1, value)
-            value
-        }
-    }
-
-    /**
-     * Decrements the reference count of an existing element,
-     * deleting it and finalizing it using releaseFunction if reference count becomes zero.
-     */
-    @Synchronized
-    fun release(key: K) {
-        map[key]?.let {
-            if (it.first == 1) {
-                releaseFunction(it.second)
-                map.remove(key)
-            } else {
-                map[key] = Pair(it.first - 1, it.second)
-            }
-        }
-    }
-
-    /**
-     * Frees all resources (using releaseFunction) and clears the map.
-     *
-     * @param parallel Whether to use parallelStream() (default) or just stream() for iteration
-     */
-    @Synchronized
-    fun freeAll(parallel: Boolean = true) {
-        map.values.let { if (parallel) it.parallelStream() else it.stream() }
-                .forEach { releaseFunction(it.second) }
-        map.clear()
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt
deleted file mode 100644
index 8e848b14e..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/UsageControlMaps.kt
+++ /dev/null
@@ -1,85 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * camel-ids
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.idscp2
-
-import com.github.jsonldjava.shaded.com.google.common.collect.MapMaker
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fraunhofer.iais.eis.ContractAgreement
-import org.apache.camel.Exchange
-import org.slf4j.LoggerFactory
-import java.net.URI
-
-object UsageControlMaps {
-    private val LOG = LoggerFactory.getLogger(Utils::class.java)
-
-    private val contractMap: MutableMap<URI, ContractAgreement> =
-            MapMaker().makeMap()
-    private val exchangeConnectionMap: MutableMap<Exchange, AppLayerConnection> =
-            MapMaker().weakKeys().makeMap()
-    private val connectionContracts: MutableMap<AppLayerConnection, URI> =
-            MapMaker().weakKeys().makeMap()
-    private val protectedBodies: MutableMap<Exchange, Any> =
-            MapMaker().weakKeys().makeMap()
-
-    fun getExchangeContract(exchange: Exchange): ContractAgreement? {
-        return exchangeConnectionMap[exchange]?.let { connection ->
-            connectionContracts[connection]?.let { uri ->
-                contractMap[uri] ?: throw RuntimeException("Contract $uri is not available!")
-            }
-        }
-    }
-
-    fun protectBody(exchange: Exchange, contractUri: URI) {
-        protectedBodies[exchange] = exchange.message.body
-        exchange.message.body = "### Usage control protected body, contract $contractUri ###"
-    }
-
-    fun isProtected(exchange: Exchange) = protectedBodies.containsKey(exchange)
-
-    fun unprotectBody(exchange: Exchange) {
-        exchange.message.body = protectedBodies[exchange]
-        protectedBodies -= exchange
-    }
-
-    fun addContractAgreement(contractAgreement: ContractAgreement) {
-        contractMap[contractAgreement.id] = contractAgreement
-    }
-
-    fun setConnectionContract(connection: AppLayerConnection, contractUri: URI?) {
-        if (contractUri != null) {
-            connectionContracts[connection] = contractUri
-            if (LOG.isDebugEnabled) {
-                LOG.debug("UC: Assigned contract $contractUri to connection $connection")
-            }
-        } else {
-            connectionContracts -= connection
-            if (LOG.isDebugEnabled) {
-                LOG.debug("UC: Assigned no contract to connection $connection")
-            }
-        }
-    }
-
-    fun setExchangeConnection(exchange: Exchange, connection: AppLayerConnection) {
-        exchangeConnectionMap[exchange] = connection
-        if (LOG.isDebugEnabled) {
-            LOG.debug("UC: Assigned exchange $exchange to connection $connection")
-        }
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Utils.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Utils.kt
deleted file mode 100644
index 09fa0dd68..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/Utils.kt
+++ /dev/null
@@ -1,48 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2
-
-import de.fraunhofer.iais.eis.DynamicAttributeToken
-import de.fraunhofer.iais.eis.DynamicAttributeTokenBuilder
-import de.fraunhofer.iais.eis.TokenFormat
-import de.fraunhofer.iais.eis.ids.jsonld.Serializer
-import org.slf4j.LoggerFactory
-import java.net.URI
-import java.util.*
-import javax.xml.datatype.DatatypeFactory
-import javax.xml.datatype.XMLGregorianCalendar
-
-object Utils {
-    val SERIALIZER: Serializer by lazy { Serializer() }
-    private val LOG = LoggerFactory.getLogger(Utils::class.java)
-
-    lateinit var dynamicAttributeTokenProducer: () -> String
-    lateinit var maintainerUrlProducer: () -> URI
-    lateinit var connectorUrlProducer: () -> URI
-    lateinit var infomodelVersion: String
-    var dapsUrlProducer: () -> String = { Constants.DEFAULT_DAPS_URL }
-
-    fun createGregorianCalendarTimestamp(timeInput: Long): XMLGregorianCalendar? {
-        return DatatypeFactory.newInstance().newXMLGregorianCalendar(
-                GregorianCalendar().apply { timeInMillis = timeInput })
-    }
-
-    fun <T: Any> initMessageBuilder(builder: T): T {
-        try {
-            builder::class.java.apply {
-                getMethod("_securityToken_", DynamicAttributeToken::class.java)
-                        .invoke(builder, DynamicAttributeTokenBuilder()._tokenFormat_(TokenFormat.JWT)
-                                ._tokenValue_(dynamicAttributeTokenProducer()).build())
-                getMethod("_senderAgent_", URI::class.java).invoke(builder, maintainerUrlProducer())
-                getMethod("_issuerConnector_", URI::class.java).invoke(builder, connectorUrlProducer())
-                getMethod("_issued_", XMLGregorianCalendar::class.java)
-                        .invoke(builder, createGregorianCalendarTimestamp(System.currentTimeMillis()))
-                getMethod("_modelVersion_", String::class.java).invoke(builder, infomodelVersion)
-            }
-        } catch (upa: UninitializedPropertyAccessException) {
-            LOG.error("At least one property of de.fhg.aisec.ids.camel.idscp2.Utils has not been " +
-                    "properly initialized. This is a mandatory requirement for initialization " +
-                    "of IDSCP Messages within the IDSCP2 Camel Adapter!")
-        }
-        return builder
-    }
-}
-
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
deleted file mode 100644
index 7ab1f18b0..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientComponent.kt
+++ /dev/null
@@ -1,55 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.client
-
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProverConfig
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifierConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
-import org.apache.camel.Endpoint
-import org.apache.camel.spi.annotations.Component
-import org.apache.camel.support.DefaultComponent
-
-@Component("idscp2server")
-class Idscp2ClientComponent : DefaultComponent() {
-
-    init {
-        RatProverDriverRegistry.registerDriver(
-                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
-        RatVerifierDriverRegistry.registerDriver(
-                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
-        RatProverDriverRegistry.registerDriver(
-                TPM2dProver.TPM_RAT_PROVER_ID, ::TPM2dProver,
-                TPM2dProverConfig.Builder().build()
-        )
-        RatVerifierDriverRegistry.registerDriver(
-                TPM2dVerifier.TPM_RAT_VERIFIER_ID, ::TPM2dVerifier,
-                TPM2dVerifierConfig.Builder().build()
-        )
-    }
-
-    override fun createEndpoint(uri: String, remaining: String, parameters: Map<String, Any>): Endpoint {
-        val endpoint: Endpoint = Idscp2ClientEndpoint(uri, remaining, this)
-        setProperties(endpoint, parameters)
-        return endpoint
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
deleted file mode 100644
index 97e23a1a6..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientConsumer.kt
+++ /dev/null
@@ -1,115 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.client
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
-import de.fhg.aisec.ids.idscp2.app_layer.listeners.IdsMessageListener
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionListener
-import de.fraunhofer.iais.eis.Message
-import org.apache.camel.Processor
-import org.apache.camel.support.DefaultConsumer
-import org.slf4j.LoggerFactory
-import java.util.concurrent.CompletableFuture
-
-/**
- * The IDSCP2 client consumer.
- */
-class Idscp2ClientConsumer(private val endpoint: Idscp2ClientEndpoint, processor: Processor) :
-        DefaultConsumer(endpoint, processor), GenericMessageListener, IdsMessageListener {
-    private lateinit var connectionFuture: CompletableFuture<AppLayerConnection>
-
-    override fun doStart() {
-        super.doStart()
-        connectionFuture = endpoint.makeConnection()
-        connectionFuture.thenAccept {
-            if (endpoint.useIdsMessages) {
-                it.addIdsMessageListener(this)
-            } else {
-                it.addGenericMessageListener(this)
-            }
-            // Handle connection errors and closing
-            it.addConnectionListener(object : Idscp2ConnectionListener {
-                override fun onError(t: Throwable) {
-                    LOG.error("Error in Idscp2ClientConsumer connection", t)
-                }
-                override fun onClose() {
-                    stop()
-                }
-            })
-            it.unlockMessaging()
-        }
-    }
-
-    public override fun doStop() {
-        LOG.debug("Stopping/releasing IDSCP2 client consumer connection {}...",
-                if (connectionFuture.isDone) connectionFuture.get().id else "<pending>")
-        endpoint.releaseConnection(connectionFuture)
-    }
-
-    override fun onMessage(connection: AppLayerConnection, header: Message?, payload: ByteArray?) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Idscp2ClientConsumer received IdsMessage with header:\n{}", header)
-        }
-        onMessage(connection, header as Any, payload)
-    }
-
-    override fun onMessage(connection: AppLayerConnection, header: String?, payload: ByteArray?) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Idscp2ClientConsumer received GenericMessage with header:\n{}", header)
-        }
-        onMessage(connection, header as Any, payload)
-    }
-
-    private fun onMessage(connection: AppLayerConnection, header: Any?, payload: ByteArray?) {
-        val exchange = endpoint.createExchange()
-        if (endpoint.useIdsMessages) {
-            UsageControlMaps.setExchangeConnection(exchange, connection)
-        }
-        try {
-            createUoW(exchange)
-            // Set relevant information
-            exchange.message.let {
-                it.setHeader(IDSCP2_HEADER, header)
-                it.setBody(payload, ByteArray::class.java)
-            }
-            // Do processing
-            processor.process(exchange)
-            // Handle response
-            exchange.message.let {
-                val responseHeader = it.getHeader(IDSCP2_HEADER)
-                val responseBody = it.getBody(ByteArray::class.java)
-                if (responseBody != null || responseHeader != null) {
-                    if (endpoint.useIdsMessages) {
-                        connection.sendIdsMessage(responseHeader?.let { responseHeader as Message }, responseBody)
-                    } else {
-                        connection.sendGenericMessage(responseHeader?.toString(), responseBody)
-                    }
-                }
-            }
-        } finally {
-            doneUoW(exchange)
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ClientConsumer::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
deleted file mode 100644
index 743a513fd..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientEndpoint.kt
+++ /dev/null
@@ -1,212 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.client
-
-import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
-import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
-import de.fhg.aisec.ids.camel.idscp2.Utils
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import org.apache.camel.Processor
-import org.apache.camel.Producer
-import org.apache.camel.spi.UriEndpoint
-import org.apache.camel.spi.UriParam
-import org.apache.camel.support.DefaultEndpoint
-import org.apache.camel.support.jsse.SSLContextParameters
-import org.slf4j.LoggerFactory
-import java.nio.file.Paths
-import java.util.concurrent.CompletableFuture
-import java.util.regex.Pattern
-
-@UriEndpoint(
-        scheme = "idscp2client",
-        title = "IDSCP2 Client Socket",
-        syntax = "idscp2client://host:port",
-        label = "ids"
-)
-class Idscp2ClientEndpoint(uri: String?, private val remaining: String, component: Idscp2ClientComponent?) :
-        DefaultEndpoint(uri, component) {
-    private lateinit var secureChannelDriver: SecureChannelDriver<AppLayerConnection, NativeTlsConfiguration>
-    private lateinit var clientConfiguration: Idscp2Configuration
-    private lateinit var secureChannelConfig: NativeTlsConfiguration
-
-    @UriParam(
-            label = "security",
-            description = "The SSL context for the IDSCP2 endpoint"
-    )
-    var sslContextParameters: SSLContextParameters? = null
-    @UriParam(
-            label = "security",
-            description = "The alias of the DAPS key in the keystore provided by sslContextParameters"
-    )
-    var dapsKeyAlias: String? = null
-    @UriParam(
-            label = "security",
-            description = "The validity time of remote attestation and DAT in milliseconds",
-            defaultValue = "600000"
-    )
-    var dapsRatTimeoutDelay: Long? = null
-    @UriParam(
-            label = "client",
-            description = "Used to make N endpoints share the same connection, " +
-                    "e.g. for using a consumer to receive responses to the requests of another producer"
-    )
-    var connectionShareId: String? = null
-    @UriParam(
-            label = "client,producer",
-            description = "Makes the client producer block and wait for a reply message from the server"
-    )
-    var awaitResponse: Boolean = false
-    @UriParam(
-            label = "common",
-            description = "Enable IdsMessage headers (Required for Usage Control)",
-            defaultValue = "false"
-    )
-    var useIdsMessages: Boolean = false
-    @UriParam(
-        label = "client",
-        description = "Max attempts to connect to the IDSCP2 server",
-        defaultValue = "3"
-    )
-    var maxRetries: Int = 3
-    @UriParam(
-        label = "client",
-        description = "Delay after an failed connection attempt to the server",
-        defaultValue = "5000"
-    )
-    var retryDelayMs: Long = 5000
-
-    private fun makeConnectionInternal(): CompletableFuture<AppLayerConnection> {
-        return secureChannelDriver.connect(::AppLayerConnection, clientConfiguration, secureChannelConfig).thenApply { c ->
-            c.addIdsMessageListener { connection, header, _ ->
-                header?.let { UsageControlMaps.setConnectionContract(connection, it.transferContract) }
-            }
-            c
-        }
-    }
-
-    fun makeConnection(): CompletableFuture<AppLayerConnection> {
-        connectionShareId?.let {
-            return sharedConnections.computeIfAbsent(it) {
-                makeConnectionInternal()
-            }
-        } ?: return makeConnectionInternal()
-    }
-
-    fun releaseConnection(connectionFuture: CompletableFuture<AppLayerConnection>) {
-        connectionShareId?.let { sharedConnections.release(it) } ?: releaseConnectionInternal(connectionFuture)
-    }
-
-    override fun createProducer(): Producer {
-        return Idscp2ClientProducer(this)
-    }
-
-    override fun createConsumer(processor: Processor): org.apache.camel.Consumer {
-        return Idscp2ClientConsumer(this, processor)
-    }
-
-    public override fun doStart() {
-        LOG.debug("Starting IDSCP2 client endpoint $endpointUri")
-        val remainingMatcher = URI_REGEX.matcher(remaining)
-        require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
-        val matchResult = remainingMatcher.toMatchResult()
-        val host = matchResult.group(1)
-        val port = matchResult.group(2)?.toInt() ?: NativeTlsConfiguration.DEFAULT_SERVER_PORT
-
-        // create attestation config
-        val localAttestationConfig = AttestationConfig.Builder()
-                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID, TPM2dProver.TPM_RAT_PROVER_ID))
-                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, TPM2dVerifier.TPM_RAT_VERIFIER_ID))
-                .setRatTimeoutDelay(dapsRatTimeoutDelay ?: AttestationConfig.DEFAULT_RAT_TIMEOUT_DELAY.toLong())
-                .build()
-
-        // create daps config builder
-        val dapsDriverConfigBuilder = DefaultDapsDriverConfig.Builder()
-                .setDapsUrl(Utils.dapsUrlProducer())
-                .setKeyAlias(dapsKeyAlias ?: "1")
-
-        // secure channel config
-        val secureChannelConfigBuilder = NativeTlsConfiguration.Builder()
-                .setHost(host)
-                .setServerPort(port)
-
-        sslContextParameters?.let {
-            secureChannelConfigBuilder
-                    .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
-                            ?: "password".toCharArray())
-                    .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
-                    .setKeyStoreKeyType(it.keyManagers?.keyStore?.type ?: "RSA")
-                    .setKeyStorePassword(it.keyManagers?.keyStore?.password?.toCharArray()
-                            ?: "password".toCharArray())
-                    .setTrustStorePath(Paths.get(it.trustManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
-                    .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
-                            ?: "password".toCharArray())
-                    .setCertificateAlias(it.certAlias ?: "1.0.1")
-
-            dapsDriverConfigBuilder
-                    .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
-                            ?: "password".toCharArray())
-                    .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
-                    .setKeyStorePassword(it.keyManagers?.keyStore?.password?.toCharArray()
-                            ?: "password".toCharArray())
-                    .setTrustStorePath(Paths.get(it.trustManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
-                    .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
-                            ?: "password".toCharArray())
-        }
-
-        // create idscp configuration
-        clientConfiguration = Idscp2Configuration.Builder()
-                .setAttestationConfig(localAttestationConfig)
-                .setDapsDriver(DefaultDapsDriver(dapsDriverConfigBuilder.build()))
-                .build()
-
-        secureChannelDriver = NativeTLSDriver()
-        secureChannelConfig = secureChannelConfigBuilder.build()
-    }
-
-    public override fun doStop() {
-        LOG.debug("Stopping IDSCP2 client endpoint $endpointUri")
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ClientEndpoint::class.java)
-        private val URI_REGEX = Pattern.compile("(.*?)(?::(\\d+))?/?$")
-        private val sharedConnections = RefCountingHashMap<String, CompletableFuture<AppLayerConnection>> {
-            releaseConnectionInternal(it)
-        }
-        private fun releaseConnectionInternal(connectionFuture: CompletableFuture<AppLayerConnection>) {
-            if (connectionFuture.isDone) {
-                // Exceptional completion includes cancellation
-                if (!connectionFuture.isCompletedExceptionally) {
-                    connectionFuture.get().close()
-                }
-            } else {
-                connectionFuture.cancel(true)
-            }
-        }
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
deleted file mode 100644
index 34a21712f..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/client/Idscp2ClientProducer.kt
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.client
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fraunhofer.iais.eis.Message
-import org.apache.camel.Exchange
-import org.apache.camel.support.DefaultProducer
-import org.slf4j.LoggerFactory
-import java.util.concurrent.CompletableFuture
-import java.util.concurrent.locks.ReentrantLock
-import kotlin.concurrent.withLock
-
-/**
- * The IDSCP2 client producer.
- * Sends a message to the server connected to this client endpoint.
- */
-class Idscp2ClientProducer(private val endpoint: Idscp2ClientEndpoint) : DefaultProducer(endpoint) {
-    private lateinit var connectionFuture: CompletableFuture<AppLayerConnection>
-    private lateinit var reentrantLock: ReentrantLock
-
-    override fun process(exchange: Exchange) {
-        exchange.message.let { message ->
-            val header = message.getHeader(IDSCP2_HEADER)
-            val body = message.getBody(ByteArray::class.java)
-            if (header != null || body != null) {
-                for (t in 1..endpoint.maxRetries) {
-                    try {
-                        // If connectionFuture completed exceptionally, recreate Connection
-                        if (connectionFuture.isCompletedExceptionally) {
-                            connectionFuture = endpoint.makeConnection()
-                                .also { c -> c.thenAccept { it.unlockMessaging() } }
-                        }
-                        val connection = connectionFuture.get()
-                        if (endpoint.awaitResponse) {
-                            val condition = reentrantLock.newCondition()
-                            val responseHandler = { responseHeader: Any?, responsePayload: ByteArray? ->
-                                message.setHeader(IDSCP2_HEADER, responseHeader)
-                                message.body = responsePayload
-                                reentrantLock.withLock {
-                                    condition.signal()
-                                }
-                            }
-                            reentrantLock.withLock {
-                                if (endpoint.useIdsMessages) {
-                                    // Response might require UC protection, so register exchange if not yet registered
-                                    UsageControlMaps.setExchangeConnection(exchange, connection)
-                                    connection.addIdsMessageListener { _, responseHeader, responsePayload ->
-                                        responseHandler(responseHeader, responsePayload)
-                                    }
-                                    connection.sendIdsMessage(header?.let { header as Message }, body)
-                                } else {
-                                    connection.addGenericMessageListener { _, responseHeader, responsePayload ->
-                                        responseHandler(responseHeader, responsePayload)
-                                    }
-                                    connection.sendGenericMessage(header?.toString(), body)
-                                }
-                                condition.await()
-                            }
-                        } else {
-                            if (endpoint.useIdsMessages) {
-                                connection.sendIdsMessage(header?.let { header as Message }, body)
-                            } else {
-                                connection.sendGenericMessage(header?.toString(), body)
-                            }
-                        }
-                        return
-                    } catch (x: Exception) {
-                        if (endpoint.maxRetries == t) {
-                            LOG.error("Massage delivery failed finally, aborting exchange...")
-                            exchange.setException(x)
-                        } else {
-                            LOG.warn("Message delivery failed in attempt $t, " +
-                                    "reset connection and retry after ${endpoint.retryDelayMs} ms...", x)
-                            endpoint.releaseConnection(connectionFuture)
-                            connectionFuture = endpoint.makeConnection()
-                                .also { c -> c.thenAccept { it.unlockMessaging() } }
-                            Thread.sleep(endpoint.retryDelayMs)
-                        }
-                    }
-                }
-            }
-        }
-    }
-
-    override fun doStart() {
-        super.doStart()
-        if (endpoint.awaitResponse) {
-            reentrantLock = ReentrantLock()
-        }
-        connectionFuture = endpoint.makeConnection().also { c ->
-            // Unlock messaging immediately after obtaining connection
-            c.thenAccept { it.unlockMessaging() }.exceptionally {
-                LOG.warn("Could not connect to Server ${endpoint.endpointUri}, delaying connect until first message...")
-                null
-            }
-        }
-    }
-
-    public override fun doStop() {
-        LOG.debug("Stopping/releasing IDSCP2 client producer connection {}...",
-                if (connectionFuture.isDone) connectionFuture.get().id else "<pending>")
-        endpoint.releaseConnection(connectionFuture)
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ClientProducer::class.java)
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
deleted file mode 100644
index 7d8afc4dd..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestCreationProcessor.kt
+++ /dev/null
@@ -1,45 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.ARTIFACT_URI_PROPERTY
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.Utils
-import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.ArtifactRequestMessageBuilder
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-import java.net.URI
-
-class ArtifactRequestCreationProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("[IN] ${this::class.java.simpleName}")
-        }
-        val requestMessage = ArtifactRequestMessageBuilder().run {
-            Utils.initMessageBuilder(this)
-            exchange.getProperty(ARTIFACT_URI_PROPERTY)?.let {
-                if (it is URI) {
-                    it
-                } else {
-                    URI.create(it.toString())
-                }
-            }?.let {
-                _requestedArtifact_(it)
-            }
-            build()
-        }
-
-        requestMessage.let {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Serialisation header: {}", SERIALIZER.serialize(it))
-            }
-            exchange.message.setHeader(IDSCP2_HEADER, it)
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ArtifactRequestCreationProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestProcessor.kt
deleted file mode 100644
index 3f021cce7..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ArtifactRequestProcessor.kt
+++ /dev/null
@@ -1,93 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.ProviderDB
-import de.fhg.aisec.ids.camel.idscp2.Utils
-import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.*
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-import java.math.BigDecimal
-import java.math.BigInteger
-
-
-class ArtifactRequestProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("[IN] ${this::class.java.simpleName}")
-        }
-
-        val artifactRequestMessage = exchange.message.getHeader(
-                IDSCP2_HEADER, ArtifactRequestMessage::class.java)
-        val requestedArtifact = artifactRequestMessage.requestedArtifact
-//        val transferContract = artifactRequestMessage.transferContract
-
-        // TODO: If transferContract doesn't match expected contract from database, send rejection!
-        val usedContract = ProviderDB.artifactUrisMapped2ContractAgreements[requestedArtifact]
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Contract for requested Artifact found {}", usedContract)
-        }
-
-        // if artifact is available/authorised create response else create rejection message
-        if (!ProviderDB.availableArtifactURIs.containsKey(requestedArtifact)) {
-            createRejectionMessage(exchange, artifactRequestMessage, RejectionReason.NOT_FOUND)
-        } else if (!ProviderDB.contractAgreements.containsKey(usedContract)) {
-            createRejectionMessage(exchange, artifactRequestMessage, RejectionReason.NOT_AUTHORIZED)
-        } else {
-            // Proceed normally and send ArtifactResponseMessage
-            ArtifactResponseMessageBuilder().run {
-                Utils.initMessageBuilder(this)
-                _correlationMessage_(artifactRequestMessage.id)
-                _transferContract_(usedContract)
-                build().let {
-                    if (LOG.isDebugEnabled) {
-                        LOG.debug("Serialisation header: {}", SERIALIZER.serialize(it))
-                    }
-                    exchange.message.setHeader(IDSCP2_HEADER, it)
-                }
-            }
-
-            // create sample artifact
-            val artifactDate = Utils.createGregorianCalendarTimestamp(System.currentTimeMillis())
-            val artifact = ArtifactBuilder()
-                    ._byteSize_(BigInteger.valueOf(50000))
-                    ._checkSum_("ABCDEFG-CHECKSUM")
-                    ._creationDate_(artifactDate)
-                    ._duration_(BigDecimal(5000))
-                    ._fileName_("testArtifactFilename.dat")
-                    .build()
-
-            SERIALIZER.serialize(artifact).let {
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Serialisation body: {}", it)
-                }
-                exchange.message.body = it
-            }
-        }
-    }
-
-    private fun createRejectionMessage(exchange: Exchange, artifactRequestMessage: ArtifactRequestMessage,
-                                       rejectionReason: RejectionReason) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Constructing RejectionMessage for requested artifact: {}", rejectionReason)
-        }
-        val rejectionMessageBuilder = RejectionMessageBuilder()
-        Utils.initMessageBuilder(rejectionMessageBuilder)
-        rejectionMessageBuilder
-                ._correlationMessage_(artifactRequestMessage.correlationMessage)
-                ._rejectionReason_(rejectionReason)
-        rejectionMessageBuilder.build().let {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Serialisation header: {}", SERIALIZER.serialize(it))
-            }
-            exchange.message.setHeader(IDSCP2_HEADER, it)
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ArtifactRequestProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractAgreementReceiverProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractAgreementReceiverProcessor.kt
deleted file mode 100644
index 968d9d50f..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractAgreementReceiverProcessor.kt
+++ /dev/null
@@ -1,49 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.ProviderDB
-import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
-import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.ContractAgreement
-import de.fraunhofer.iais.eis.ContractAgreementMessage
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-
-class ContractAgreementReceiverProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("[IN] ${this::class.java.simpleName}")
-        }
-
-        val contractAgreementMessage = exchange.message.getHeader(
-                IDSCP2_HEADER, ContractAgreementMessage::class.java)
-
-        val contractAgreement = SERIALIZER.deserialize(
-                exchange.message.getBody(String::class.java),
-                ContractAgreement::class.java)
-
-        UsageControlMaps.addContractAgreement(contractAgreement)
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Provider is saving contract ${contractAgreement.id}")
-        }
-
-        ProviderDB.contractAgreements[contractAgreement.id] = contractAgreement
-        for (permission in contractAgreement.permission) {
-            ProviderDB.artifactUrisMapped2ContractAgreements[permission.target] = contractAgreement.id
-        }
-
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Saved Agreement {}", contractAgreement.id)
-        }
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Received ContractAgreementMessage {}", SERIALIZER.serialize(contractAgreementMessage))
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ContractAgreementReceiverProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferCreationProcessor.kt
deleted file mode 100644
index 210f3e0d9..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferCreationProcessor.kt
+++ /dev/null
@@ -1,76 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants
-import de.fhg.aisec.ids.camel.idscp2.Constants.CONTAINER_URI_PROPERTY
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.Utils
-import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.*
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-import java.net.URI
-
-/**
- * This Processor handles a ContractRequestMessage and creates a ContractResponseMessage.
- */
-class ContractOfferCreationProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("[IN] ${this::class.java.simpleName}")
-        }
-
-        val contractOfferMessageBuilder = ContractOfferMessageBuilder()
-        Utils.initMessageBuilder(contractOfferMessageBuilder)
-        contractOfferMessageBuilder.build().let {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Serialization header: {}",SERIALIZER.serialize(it))
-            }
-            exchange.message.setHeader(IDSCP2_HEADER, it)
-        }
-
-        // create ContractOffer, allowing use of received data in the given container only
-        val artifactUri = exchange.getProperty(Constants.ARTIFACT_URI_PROPERTY)?.let {
-            if (it is URI) {
-                it
-            } else {
-                URI.create(it.toString())
-            }
-        }
-        val containerUri = exchange.getProperty(CONTAINER_URI_PROPERTY).let {
-            if (it is URI) {
-                it
-            } else {
-                URI.create(it.toString())
-            }
-        }
-        val contractOffer = ContractOfferBuilder()
-                ._permission_(ArrayList<Permission>().also { pl ->
-                    pl += PermissionBuilder()
-                            ._target_(artifactUri)
-                            ._constraint_(ArrayList<Constraint>().also { cl ->
-                                cl += ConstraintBuilder()
-                                        ._leftOperand_(LeftOperand.SYSTEM)
-                                        ._operator_(BinaryOperator.SAME_AS)
-                                        ._rightOperandReference_(containerUri)
-                                        .build()
-                            })
-                            .build()
-                })
-                .build()
-
-        SERIALIZER.serialize(contractOffer).let {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("ContractOffer ID: {}", contractOffer.id)
-                LOG.debug("Serialisation body: {}", it)
-            }
-            exchange.message.body = it
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ContractOfferCreationProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferProcessor.kt
deleted file mode 100644
index af07c59b5..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractOfferProcessor.kt
+++ /dev/null
@@ -1,94 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
-import de.fhg.aisec.ids.camel.idscp2.Utils
-import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.*
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-import java.net.URI
-
-/**
- * This Processor handles a ContractResponseMessage and creates a ContractAgreementMessage.
- */
-class ContractOfferProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("[IN] ${this::class.java.simpleName}")
-        }
-
-        val contractOfferMessage = exchange.message.getHeader(
-                IDSCP2_HEADER, ContractOfferMessage::class.java)
-
-        val contractOfferReceived = SERIALIZER.deserialize(
-                exchange.message.getBody(String::class.java),
-                ContractOffer::class.java)
-
-        // if contract is denied send ContractRejectionMsg else send ContractAgreementMsg
-        val contractOfferIsAccepted = true
-        if(!contractOfferIsAccepted){
-            createContractRejectionMessage(exchange, contractOfferMessage.id)
-        } else {
-            ContractAgreementMessageBuilder().run {
-                Utils.initMessageBuilder(this)
-                _correlationMessage_(contractOfferMessage.id)
-                build().let {
-                    if (LOG.isDebugEnabled) {
-                        LOG.debug("Serialization Header: {}", SERIALIZER.serialize(it))
-                    }
-                    exchange.message.setHeader(IDSCP2_HEADER, it)
-                }
-            }
-
-            val contractAgreement = ContractAgreementBuilder()
-                    ._consumer_(contractOfferReceived.consumer)
-                    ._provider_(contractOfferReceived.provider)
-                    ._contractAnnex_(contractOfferReceived.contractAnnex)
-                    ._contractDate_(contractOfferReceived.contractDate)
-                    ._contractDocument_(contractOfferReceived.contractDocument)
-                    ._contractEnd_(contractOfferReceived.contractEnd)
-                    ._contractStart_(contractOfferReceived.contractStart)
-                    ._obligation_(contractOfferReceived.obligation)
-                    ._prohibition_(contractOfferReceived.prohibition)
-                    ._permission_(contractOfferReceived.permission)
-                    .build()
-
-            UsageControlMaps.addContractAgreement(contractAgreement)
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Consumer saved contract ${contractAgreement.id}")
-            }
-
-            SERIALIZER.serialize(contractAgreement).let {
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("ContractAgreement ID: {}", contractAgreement.id)
-                    LOG.debug("Serialization body: {}", it)
-                }
-                exchange.message.body = it
-            }
-        }
-    }
-
-    private fun createContractRejectionMessage(exchange: Exchange, correlationId: URI) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Constructing ContractRejectionMessage")
-        }
-        ContractRejectionMessageBuilder().run {
-            Utils.initMessageBuilder(this)
-            _correlationMessage_(correlationId)
-            build().let {
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Serialization Header: {}", SERIALIZER.serialize(it))
-                }
-                exchange.message.setHeader(IDSCP2_HEADER, it)
-            }
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ContractOfferProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt
deleted file mode 100644
index 5b767dc1e..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestCreationProcessor.kt
+++ /dev/null
@@ -1,61 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.ARTIFACT_URI_PROPERTY
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.Utils
-import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.ContractRequestBuilder
-import de.fraunhofer.iais.eis.ContractRequestMessageBuilder
-import de.fraunhofer.iais.eis.Permission
-import de.fraunhofer.iais.eis.PermissionBuilder
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-import java.net.URI
-
-class ContractRequestCreationProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("[IN] ${this::class.java.simpleName}")
-        }
-
-        val requestMessageBuilder = ContractRequestMessageBuilder()
-        Utils.initMessageBuilder(requestMessageBuilder)
-        requestMessageBuilder.build().let {
-            if (LOG.isDebugEnabled) LOG.debug("Serialization header: {}",SERIALIZER.serialize(it))
-            exchange.message.setHeader(IDSCP2_HEADER, it)
-        }
-
-        val artifactUri = exchange.getProperty(ARTIFACT_URI_PROPERTY)?.let {
-            if (it is URI) {
-                it
-            } else {
-                URI.create(it.toString())
-            }
-        }
-        // setting creation/start date of contract to now
-        val contractDate = Utils.createGregorianCalendarTimestamp(System.currentTimeMillis())
-        val contractRequest = ContractRequestBuilder()
-                ._contractDate_(contractDate)
-                ._contractStart_(contractDate)
-                // Contract end one year in the future
-                ._contractEnd_(contractDate?.apply { year += 1 })
-                // Request permission for (unrestricted?) usage of an artifact, identified by URI
-                ._permission_(ArrayList<Permission>().also { pl ->
-                    pl += PermissionBuilder()
-                            ._target_(artifactUri)
-                            .build()
-                })
-                .build()
-        SERIALIZER.serialize(contractRequest).let {
-            if (LOG.isDebugEnabled) LOG.debug("Serialization body: {}", it)
-            exchange.message.body = it
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ContractRequestCreationProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestProcessor.kt
deleted file mode 100644
index a28f0ca7b..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractRequestProcessor.kt
+++ /dev/null
@@ -1,77 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.CONTAINER_URI_PROPERTY
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.Utils
-import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.*
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-import java.net.URI
-
-/**
- * This Processor handles a ContractRequestMessage and creates a ContractResponseMessage.
- */
-class ContractRequestProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("[IN] ${this::class.java.simpleName}")
-        }
-
-        val contractRequest = SERIALIZER.deserialize(
-                exchange.message.getBody(String::class.java),
-                ContractRequest::class.java)
-        val requestedArtifact = contractRequest.permission[0].target
-
-        val contractRequestMessage = exchange.message.getHeader(
-                IDSCP2_HEADER, ContractRequestMessage::class.java)
-
-        val contractResponseMessageBuilder = ContractResponseMessageBuilder()
-        Utils.initMessageBuilder(contractResponseMessageBuilder)
-        contractResponseMessageBuilder._correlationMessage_(contractRequestMessage.id)
-        contractResponseMessageBuilder.build().let {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Serialization header: {}",SERIALIZER.serialize(it))
-            }
-            exchange.message.setHeader(IDSCP2_HEADER, it)
-        }
-
-        // create ContractOffer, allowing use of received data in the given container only
-        val containerUri = exchange.getProperty(CONTAINER_URI_PROPERTY).let {
-            if (it is URI) {
-                it
-            } else {
-                URI.create(it.toString())
-            }
-        }
-        val contractOffer = ContractOfferBuilder()
-                ._permission_(ArrayList<Permission>().also { pl ->
-                    pl += PermissionBuilder()
-                            ._target_(requestedArtifact)
-                            ._constraint_(ArrayList<Constraint>().also { cl ->
-                                cl += ConstraintBuilder()
-                                        ._leftOperand_(LeftOperand.SYSTEM)
-                                        ._operator_(BinaryOperator.SAME_AS)
-                                        ._rightOperandReference_(containerUri)
-                                        .build()
-                            })
-                            .build()
-                })
-                .build()
-
-        SERIALIZER.serialize(contractOffer).let {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("ContractOffer ID: {}", contractOffer.id)
-                LOG.debug("Serialisation body: {}", it)
-            }
-            exchange.message.body = it
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ContractRequestProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt
deleted file mode 100644
index d679496ea..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ContractResponseProcessor.kt
+++ /dev/null
@@ -1,94 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
-import de.fhg.aisec.ids.camel.idscp2.Utils
-import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.*
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-import java.net.URI
-
-/**
- * This Processor handles a ContractResponseMessage and creates a ContractAgreementMessage.
- */
-class ContractResponseProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("[IN] ${this::class.java.simpleName}")
-        }
-
-        val contractResponseMessage = exchange.message.getHeader(
-                IDSCP2_HEADER, ContractResponseMessage::class.java)
-
-        val contractOfferReceived = SERIALIZER.deserialize(
-                exchange.message.getBody(String::class.java),
-                ContractOffer::class.java)
-
-        // if contract is denied send ContractRejectionMsg else send ContractAgreementMsg
-        val contractOfferIsAccepted = true
-        if(!contractOfferIsAccepted){
-            createContractRejectionMessage(exchange, contractResponseMessage.id)
-        } else {
-            ContractAgreementMessageBuilder().run {
-                Utils.initMessageBuilder(this)
-                _correlationMessage_(contractResponseMessage.id)
-                build().let {
-                    if (LOG.isDebugEnabled) {
-                        LOG.debug("Serialization Header: {}", SERIALIZER.serialize(it))
-                    }
-                    exchange.message.setHeader(IDSCP2_HEADER, it)
-                }
-            }
-
-            val contractAgreement = ContractAgreementBuilder()
-                    ._consumer_(contractOfferReceived.consumer)
-                    ._provider_(contractOfferReceived.provider)
-                    ._contractAnnex_(contractOfferReceived.contractAnnex)
-                    ._contractDate_(contractOfferReceived.contractDate)
-                    ._contractDocument_(contractOfferReceived.contractDocument)
-                    ._contractEnd_(contractOfferReceived.contractEnd)
-                    ._contractStart_(contractOfferReceived.contractStart)
-                    ._obligation_(contractOfferReceived.obligation)
-                    ._prohibition_(contractOfferReceived.prohibition)
-                    ._permission_(contractOfferReceived.permission)
-                    .build()
-
-            UsageControlMaps.addContractAgreement(contractAgreement)
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Consumer saved contract ${contractAgreement.id}")
-            }
-
-            SERIALIZER.serialize(contractAgreement).let {
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("ContractAgreement ID: {}", contractAgreement.id)
-                    LOG.debug("Serialization body: {}", it)
-                }
-                exchange.message.body = it
-            }
-        }
-    }
-
-    private fun createContractRejectionMessage(exchange: Exchange, correlationId: URI) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Constructing ContractRejectionMessage")
-        }
-        ContractRejectionMessageBuilder().run {
-            Utils.initMessageBuilder(this)
-            _correlationMessage_(correlationId)
-            build().let {
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Serialization Header: {}", SERIALIZER.serialize(it))
-                }
-                exchange.message.setHeader(IDSCP2_HEADER, it)
-            }
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ContractResponseProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt
deleted file mode 100644
index cd07ecfac..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/IdsMessageTypeExtractionProcessor.kt
+++ /dev/null
@@ -1,42 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDS_TYPE
-import de.fraunhofer.iais.eis.*
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-
-class IdsMessageTypeExtractionProcessor : Processor {
-    override fun process(exchange: Exchange) {
-        processHeader(exchange)
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(IdsMessageTypeExtractionProcessor::class.java)
-
-        fun processHeader(exchange: Exchange) {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("[IN] ${IdsMessageTypeExtractionProcessor::class.java.simpleName}")
-            }
-            exchange.message.getHeader(IDSCP2_HEADER, Message::class.java)?.let { header ->
-                val messageType = when (header) {
-                    is ArtifactRequestMessage -> ArtifactRequestMessage::class.simpleName
-                    is ArtifactResponseMessage -> ArtifactResponseMessage::class.simpleName
-                    is ContractRequestMessage -> ContractRequestMessage::class.simpleName
-                    is ContractResponseMessage -> ContractResponseMessage::class.simpleName
-                    is ContractOfferMessage -> ContractOfferMessage::class.simpleName
-                    is ContractAgreementMessage -> ContractAgreementMessage::class.simpleName
-                    is ContractRejectionMessage -> ContractRejectionMessage::class.simpleName
-                    is ResourceUpdateMessage -> ResourceUpdateMessage::class.simpleName
-                    is RejectionMessage -> RejectionMessage::class.simpleName
-                    else -> header::class.simpleName
-                }
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Detected ids-type: {}", messageType)
-                }
-                exchange.setProperty(IDS_TYPE, messageType)
-            }
-        }
-    }
-}
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ResourceUpdateCreationProcessor.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ResourceUpdateCreationProcessor.kt
deleted file mode 100644
index e7dd7b6f1..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/processors/ResourceUpdateCreationProcessor.kt
+++ /dev/null
@@ -1,53 +0,0 @@
-package de.fhg.aisec.ids.camel.idscp2.processors
-
-import de.fhg.aisec.ids.camel.idscp2.Constants
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.ProviderDB
-import de.fhg.aisec.ids.camel.idscp2.Utils
-import de.fhg.aisec.ids.camel.idscp2.Utils.SERIALIZER
-import de.fraunhofer.iais.eis.ResourceUpdateMessageBuilder
-import org.apache.camel.Exchange
-import org.apache.camel.Processor
-import org.slf4j.LoggerFactory
-import java.net.URI
-
-
-class ResourceUpdateCreationProcessor : Processor {
-
-    override fun process(exchange: Exchange) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("[IN] ${this::class.java.simpleName}")
-        }
-
-        val artifactUri = exchange.getProperty(Constants.ARTIFACT_URI_PROPERTY)?.let {
-            if (it is URI) {
-                it
-            } else {
-                URI.create(it.toString())
-            }
-        }
-
-        val usedContract = ProviderDB.artifactUrisMapped2ContractAgreements[artifactUri]
-            ?: throw RuntimeException("No UC contract found for resource/artifact $artifactUri")
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Contract for requested Artifact found {}", usedContract)
-        }
-
-        ResourceUpdateMessageBuilder().run {
-            Utils.initMessageBuilder(this)
-            _affectedResource_(artifactUri)
-            _transferContract_(usedContract)
-            build().let {
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Serialisation header: {}", SERIALIZER.serialize(it))
-                }
-                exchange.message.setHeader(IDSCP2_HEADER, it)
-            }
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(ResourceUpdateCreationProcessor::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
deleted file mode 100644
index 6f2cae9c7..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/CamelIdscp2Server.kt
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.server
-
-import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2Server
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2ServerFactory
-import java.util.*
-
-class CamelIdscp2Server(serverConfiguration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration)
-    : Idscp2EndpointListener<AppLayerConnection> {
-    private val server: Idscp2Server<AppLayerConnection>
-    val listeners: MutableSet<Idscp2EndpointListener<AppLayerConnection>> = Collections.synchronizedSet(HashSet())
-
-    init {
-        val serverFactory = Idscp2ServerFactory(
-                ::AppLayerConnection,
-                this,
-                serverConfiguration,
-                NativeTLSDriver(),
-                nativeTlsConfiguration
-        )
-        server = serverFactory.listen()
-    }
-
-    override fun onConnection(connection: AppLayerConnection) {
-        connection.addIdsMessageListener { c, header, _ ->
-            header?.let {
-                UsageControlMaps.setConnectionContract(c, it.transferContract)
-            }
-        }
-        listeners.forEach { it.onConnection(connection) }
-    }
-
-    override fun onError(t: Throwable) {
-        listeners.forEach { it.onError(t) }
-    }
-
-    val allConnections: Collection<AppLayerConnection> = server.allConnections
-
-    fun terminate() {
-        server.terminate()
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
deleted file mode 100644
index ee54cf8d9..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerComponent.kt
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.server
-
-import de.fhg.aisec.ids.camel.idscp2.RefCountingHashMap
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProverConfig
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifierConfig
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
-import org.apache.camel.Endpoint
-import org.apache.camel.spi.annotations.Component
-import org.apache.camel.support.DefaultComponent
-
-@Component("idscp2server")
-class Idscp2ServerComponent : DefaultComponent() {
-    private val servers = RefCountingHashMap<Idscp2Configuration, CamelIdscp2Server> {
-        it.terminate()
-    }
-
-    init {
-        RatProverDriverRegistry.registerDriver(
-                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
-        RatVerifierDriverRegistry.registerDriver(
-                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
-        RatProverDriverRegistry.registerDriver(
-                TPM2dProver.TPM_RAT_PROVER_ID, ::TPM2dProver,
-                TPM2dProverConfig.Builder().build()
-        )
-        RatVerifierDriverRegistry.registerDriver(
-                TPM2dVerifier.TPM_RAT_VERIFIER_ID, ::TPM2dVerifier,
-                TPM2dVerifierConfig.Builder().build()
-        )
-    }
-
-    override fun createEndpoint(uri: String, remaining: String, parameters: Map<String, Any>): Endpoint {
-        val endpoint: Endpoint = Idscp2ServerEndpoint(uri, remaining, this)
-        setProperties(endpoint, parameters)
-        return endpoint
-    }
-
-    @Synchronized
-    fun getServer(serverConfiguration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) =
-            servers.computeIfAbsent(serverConfiguration) { CamelIdscp2Server(it, nativeTlsConfiguration) }
-
-    @Synchronized
-    fun freeServer(serverConfiguration: Idscp2Configuration) = servers.release(serverConfiguration)
-
-    @Synchronized
-    override fun doStop() {
-        servers.freeAll()
-        super.doStop()
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
deleted file mode 100644
index a57b1a4fc..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerConsumer.kt
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.server
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
-import de.fhg.aisec.ids.idscp2.app_layer.listeners.IdsMessageListener
-import de.fraunhofer.iais.eis.Message
-import org.apache.camel.Processor
-import org.apache.camel.support.DefaultConsumer
-import org.slf4j.LoggerFactory
-
-/**
- * The IDSCP2 server consumer.
- */
-class Idscp2ServerConsumer(private val endpoint: Idscp2ServerEndpoint, processor: Processor) :
-        DefaultConsumer(endpoint, processor), GenericMessageListener, IdsMessageListener {
-    override fun doStart() {
-        super.doStart()
-        endpoint.addConsumer(this)
-    }
-
-    override fun doStop() {
-        endpoint.removeConsumer(this)
-        super.doStop()
-    }
-
-    override fun onMessage(connection: AppLayerConnection, header: Message?, payload: ByteArray?) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Idscp2ServerConsumer received IdsMessage with header:\n{}", header)
-        }
-        onMessage(connection, header as Any, payload)
-    }
-
-    override fun onMessage(connection: AppLayerConnection, header: String?, payload: ByteArray?) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Idscp2ServerConsumer received GenericMessage with header:\n{}", header)
-        }
-        onMessage(connection, header as Any, payload)
-    }
-
-    private fun onMessage(connection: AppLayerConnection, header: Any?, payload: ByteArray?) {
-        val exchange = endpoint.createExchange()
-        UsageControlMaps.setExchangeConnection(exchange, connection)
-        try {
-            createUoW(exchange)
-            // Set relevant information
-            exchange.message.let {
-                it.setHeader(IDSCP2_HEADER, header)
-                it.setBody(payload, ByteArray::class.java)
-            }
-            // Do processing
-            processor.process(exchange)
-            // Handle response
-            exchange.message.let {
-                val responseHeader = it.getHeader(IDSCP2_HEADER)
-                val responseBody = it.getBody(ByteArray::class.java)
-                if (responseBody != null || responseHeader != null) {
-                    if (endpoint.useIdsMessages) {
-                        connection.sendIdsMessage(responseHeader?.let { responseHeader as Message }, responseBody)
-                    } else {
-                        connection.sendGenericMessage(responseHeader?.toString(), responseBody)
-                    }
-                }
-            }
-        } catch (e: Exception) {
-            LOG.error("Error in Idscp2ServerConsumer.onMessage()", e)
-        } finally {
-            doneUoW(exchange)
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ServerConsumer::class.java)
-    }
-
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
deleted file mode 100644
index c364061fc..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerEndpoint.kt
+++ /dev/null
@@ -1,235 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.server
-
-import de.fhg.aisec.ids.camel.idscp2.Utils
-import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fraunhofer.iais.eis.Message
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dProver
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d.TPM2dVerifier
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionListener
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import org.apache.camel.Processor
-import org.apache.camel.Producer
-import org.apache.camel.spi.UriEndpoint
-import org.apache.camel.spi.UriParam
-import org.apache.camel.support.DefaultEndpoint
-import org.apache.camel.support.jsse.SSLContextParameters
-import org.slf4j.LoggerFactory
-import java.nio.file.Paths
-import java.util.*
-import java.util.regex.Pattern
-
-@UriEndpoint(
-        scheme = "idscp2server",
-        title = "IDSCP2 Server Socket",
-        syntax = "idscp2server://host:port",
-        label = "ids"
-)
-class Idscp2ServerEndpoint(uri: String?, private val remaining: String, component: Idscp2ServerComponent?) :
-        DefaultEndpoint(uri, component), Idscp2EndpointListener<AppLayerConnection> {
-    private lateinit var serverConfiguration: Idscp2Configuration
-    private lateinit var secureChannelConfig: NativeTlsConfiguration
-    private var server: CamelIdscp2Server? = null
-    private val consumers: MutableSet<Idscp2ServerConsumer> = HashSet()
-
-    @UriParam(
-            label = "security",
-            description = "The SSL context for the IDSCP2 endpoint"
-    )
-    var sslContextParameters: SSLContextParameters? = null
-    @UriParam(
-            label = "security",
-            description = "The alias of the DAPS key in the keystore provided by sslContextParameters",
-            defaultValue = "1"
-    )
-    var dapsKeyAlias: String = "1"
-    @UriParam(
-            label = "security",
-            description = "The validity time of remote attestation and DAT in milliseconds",
-            defaultValue = "600000"
-    )
-    var dapsRatTimeoutDelay: Long = AttestationConfig.DEFAULT_RAT_TIMEOUT_DELAY.toLong()
-    @UriParam(
-            label = "common",
-            description = "Enable IdsMessage headers (Required for Usage Control)",
-            defaultValue = "false"
-    )
-    var useIdsMessages: Boolean = false
-
-    @Synchronized
-    fun addConsumer(consumer: Idscp2ServerConsumer) {
-        consumers.add(consumer)
-        if (useIdsMessages) {
-            server?.allConnections?.forEach { it.addIdsMessageListener(consumer) }
-        } else {
-            server?.allConnections?.forEach { it.addGenericMessageListener(consumer) }
-        }
-    }
-
-    @Synchronized
-    fun removeConsumer(consumer: Idscp2ServerConsumer) {
-        if (useIdsMessages) {
-            server?.allConnections?.forEach { it.removeIdsMessageListener(consumer) }
-        } else {
-            server?.allConnections?.forEach { it.removeGenericMessageListener(consumer) }
-        }
-        consumers.remove(consumer)
-    }
-
-    @Synchronized
-    fun sendMessage(header: Any?, body: ByteArray?) {
-        server?.let { server ->
-            server.allConnections.forEach {
-                if (useIdsMessages) {
-                    it.sendIdsMessage(header?.let { header as Message }, body)
-                } else {
-                    it.sendGenericMessage(header?.toString(), body)
-                }
-            }
-        }
-    }
-
-    @Synchronized
-    override fun createProducer(): Producer {
-        return Idscp2ServerProducer(this)
-    }
-
-    @Synchronized
-    override fun createConsumer(processor: Processor): org.apache.camel.Consumer {
-        return Idscp2ServerConsumer(this, processor)
-    }
-
-    @Synchronized
-    override fun onConnection(connection: AppLayerConnection) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("New IDSCP2 connection on $endpointUri, register consumer listeners")
-        }
-        if (useIdsMessages) {
-            consumers.forEach { connection.addIdsMessageListener(it) }
-        } else {
-            consumers.forEach { connection.addGenericMessageListener(it) }
-        }
-        // Handle connection errors and closing
-        connection.addConnectionListener(object : Idscp2ConnectionListener {
-            override fun onError(t: Throwable) {
-                LOG.error("Error in Idscp2ServerEndpoint-managed connection", t)
-            }
-            override fun onClose() {
-                if (useIdsMessages) {
-                    consumers.forEach { connection.removeIdsMessageListener(it) }
-                } else {
-                    consumers.forEach { connection.removeGenericMessageListener(it) }
-                }
-            }
-        })
-    }
-
-    override fun onError(t: Throwable) {
-        LOG.error("Error in IDSCP2 server endpoint $endpointUri", t)
-    }
-
-    @Synchronized
-    public override fun doStart() {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Starting IDSCP2 server endpoint $endpointUri")
-        }
-        val remainingMatcher = URI_REGEX.matcher(remaining)
-        require(remainingMatcher.matches()) { "$remaining is not a valid URI remainder, must be \"host:port\"." }
-        val matchResult = remainingMatcher.toMatchResult()
-        val host = matchResult.group(1)
-        val port = matchResult.group(2)?.toInt() ?: NativeTlsConfiguration.DEFAULT_SERVER_PORT
-
-        // create attestation config
-        val localAttestationConfig = AttestationConfig.Builder()
-                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID, TPM2dProver.TPM_RAT_PROVER_ID))
-                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, TPM2dVerifier.TPM_RAT_VERIFIER_ID))
-                .setRatTimeoutDelay(dapsRatTimeoutDelay)
-                .build()
-
-        // create daps config
-        val dapsDriverConfigBuilder = DefaultDapsDriverConfig.Builder()
-                .setDapsUrl(Utils.dapsUrlProducer())
-                .setKeyAlias(dapsKeyAlias)
-
-        val secureChannelConfigBuilder = NativeTlsConfiguration.Builder()
-                .setHost(host)
-                .setServerPort(port)
-
-        sslContextParameters?.let {
-            secureChannelConfigBuilder
-                    .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
-                            ?: "password".toCharArray())
-                    .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
-                    .setKeyStoreKeyType(it.keyManagers?.keyStore?.type ?: "RSA")
-                    .setKeyStorePassword(it.keyManagers?.keyStore?.password?.toCharArray()
-                            ?: "password".toCharArray())
-                    .setTrustStorePath(Paths.get(it.trustManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
-                    .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
-                            ?: "password".toCharArray())
-                    .setCertificateAlias(it.certAlias ?: "1.0.1")
-
-            dapsDriverConfigBuilder
-                    .setKeyPassword(it.keyManagers?.keyPassword?.toCharArray()
-                        ?: "password".toCharArray())
-                    .setKeyStorePath(Paths.get(it.keyManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
-                    .setKeyStorePassword(it.keyManagers?.keyStore?.password?.toCharArray()
-                            ?: "password".toCharArray())
-                    .setTrustStorePath(Paths.get(it.trustManagers?.keyStore?.resource ?: "DUMMY-FILENAME.p12"))
-                    .setTrustStorePassword(it.trustManagers?.keyStore?.password?.toCharArray()
-                            ?: "password".toCharArray())
-        }
-
-        // create idscp config
-        serverConfiguration = Idscp2Configuration.Builder()
-                .setAttestationConfig(localAttestationConfig)
-                .setDapsDriver(DefaultDapsDriver(dapsDriverConfigBuilder.build()))
-                .build()
-
-        secureChannelConfig = secureChannelConfigBuilder.build()
-
-        (component as Idscp2ServerComponent).getServer(serverConfiguration, secureChannelConfig).let {
-            server = it
-            // Add this endpoint to this server's Idscp2EndpointListener set
-            it.listeners += this
-        }
-    }
-
-    @Synchronized
-    public override fun doStop() {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Stopping IDSCP2 server endpoint $endpointUri")
-        }
-        // Remove this endpoint from the server's Idscp2EndpointListener set
-        server?.let { it.listeners -= this }
-        if (this::serverConfiguration.isInitialized) {
-            (component as Idscp2ServerComponent).freeServer(serverConfiguration)
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ServerEndpoint::class.java)
-        private val URI_REGEX = Pattern.compile("(.*?)(?::(\\d+))?/?$")
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt b/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
deleted file mode 100644
index ecef9d884..000000000
--- a/camel-idscp2/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/server/Idscp2ServerProducer.kt
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package de.fhg.aisec.ids.camel.idscp2.server
-
-import de.fhg.aisec.ids.camel.idscp2.Constants.IDSCP2_HEADER
-import org.apache.camel.Exchange
-import org.apache.camel.support.DefaultProducer
-
-/**
- * The IDSCP2 server producer.
- * Sends each message to all clients connected to this server endpoint.
- */
-class Idscp2ServerProducer(private val endpoint: Idscp2ServerEndpoint) : DefaultProducer(endpoint) {
-
-    override fun process(exchange: Exchange) {
-        exchange.message.let {
-            val type = it.getHeader(IDSCP2_HEADER)
-            val body = it.getBody(ByteArray::class.java)
-            if (type != null || body != null) {
-                endpoint.sendMessage(type, body)
-            }
-        }
-    }
-}
\ No newline at end of file
diff --git a/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client b/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
deleted file mode 100644
index f0e6faab9..000000000
--- a/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2client
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-class=de.fhg.aisec.ids.camel.idscp2.client.Idscp2ClientComponent
diff --git a/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server b/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server
deleted file mode 100644
index 95abf4615..000000000
--- a/camel-idscp2/src/main/resources/META-INF/services/org/apache/camel/component/idscp2server
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-class=de.fhg.aisec.ids.camel.idscp2.server.Idscp2ServerComponent
diff --git a/camel-influxdb/build.gradle b/camel-influxdb/build.gradle
deleted file mode 100644
index bad570517..000000000
--- a/camel-influxdb/build.gradle
+++ /dev/null
@@ -1,4 +0,0 @@
-dependencies {
-    influxFeature group: 'org.influxdb', name: 'influxdb-java', version: libraryVersions.influxDB
-    influxFeature group: 'org.apache.camel', name: 'camel-influxdb', version: libraryVersions.camel
-}
diff --git a/camel-influxdb/build.gradle.kts b/camel-influxdb/build.gradle.kts
new file mode 100644
index 000000000..6f7ed37a5
--- /dev/null
+++ b/camel-influxdb/build.gradle.kts
@@ -0,0 +1,9 @@
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.ext.get("libraryVersions") as Map<String, String>
+
+dependencies {
+    val influxFeature by configurations
+
+    influxFeature("org.influxdb", "influxdb-java", libraryVersions["influxDB"])
+    influxFeature("org.apache.camel", "camel-influxdb", libraryVersions["camel"])
+}
diff --git a/examples/example-getting-started/docker-compose.yaml b/examples/example-getting-started/docker-compose.yaml
index df664af39..14c7af5b7 100644
--- a/examples/example-getting-started/docker-compose.yaml
+++ b/examples/example-getting-started/docker-compose.yaml
@@ -1,22 +1,6 @@
 version: '3'
 services:
 
-  # TPM simulator
-  ids-tpmsim:
-    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-    volumes:
-      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-    networks:
-      - example-internal
-
-  # Trusted third party (RAT repository) simulator
-  ids-ttpsim:
-    image: fraunhoferaisec/ttpsim:${EXAMPLE_TAG:-develop}
-    networks:
-      example-internal:
-        aliases:
-          - repository.aisec.fraunhofer.de
-
   # The core platform, mounts docker control socket into the image
   ids-core:
     image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
diff --git a/examples/example-getting-started/example-idscp-localloop.xml b/examples/example-getting-started/example-idscp-localloop.xml
index 047dde31d..d7a35dc99 100644
--- a/examples/example-getting-started/example-idscp-localloop.xml
+++ b/examples/example-getting-started/example-idscp-localloop.xml
@@ -28,17 +28,17 @@
     <!-- Routes -->
     <camelContext xmlns="http://camel.apache.org/schema/blueprint">
 
-        <route id="sendTemp">
+        <route id="sendTime">
             <from uri="timer://tempPerSecond?fixedRate=true&amp;period=10000"/>
             <setBody>
                 <simple>Message at $simple{date:now:yyyy-MM-dd HH:mm:ss}</simple>
             </setBody>
             <log message="Sending message body &quot;${body}&quot;..."/>
-            <to uri="idsclient://consumer-core:9292/?sslContextParameters=#clientSslContext&amp;attestation=0" />
+            <to uri="idscp2client://consumer-core:9292/?sslContextParameters=#clientSslContext" />
         </route>
 
-        <route id="receiveTemp">
-            <from uri="idsserver://0.0.0.0:9292/?sslContextParameters=#serverSslContext&amp;attestation=0"/>
+        <route id="receiveTime">
+            <from uri="idscp2server://0.0.0.0:9292/?sslContextParameters=#serverSslContext"/>
             <log message="Received via IDS protocol: ${body}"/>
         </route>
 
diff --git a/examples/example-idscp-localhost/README.md b/examples/example-idscp-localhost/README.md
deleted file mode 100644
index b857a31cb..000000000
--- a/examples/example-idscp-localhost/README.md
+++ /dev/null
@@ -1,19 +0,0 @@
-This is an docker-compose override file for example-idscp featuring communication over localhost (or any other test network).
-
-It relies on the docker0 bridge using the gateway IP 172.17.0.1 (default value for docker setups).
-
-*NOTE: Publish the IDSCP port (TCP 9292, see docker-compose-consumer.yaml), otherwise consumer-core will not listen on localhost!*
-
-Usage (assumes example-idscp as working directory):
-`docker-compose -f docker-compose-provider.yaml -f ../example-idscp-localhost/docker-compose-provider.override.yaml up`
-
-The following lines are overridden in the provider YAML file (consumer remains unchanged):
-```
-provider-core:
-  extra_hosts:
-    - "consumer-core:172.17.0.1"
-```
-Due to this directive, the provider will connect to localhost over bridge0,
-instead of contacting the consumer directly via the `ids-wide` network.
-
-The IP address can be adjusted to another address of a machine where an example consumer is running.
\ No newline at end of file
diff --git a/examples/example-idscp-localhost/docker-compose-provider.override.yaml b/examples/example-idscp-localhost/docker-compose-provider.override.yaml
deleted file mode 100644
index a0e964afd..000000000
--- a/examples/example-idscp-localhost/docker-compose-provider.override.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-# NOTE: Publish the IDSCP port (TCP 9292, see docker-compose-consumer.yaml), otherwise consumer-core will not listen on localhost!
-
-# Use from directory "example-idscp" like this:
-# docker-compose -f docker-compose-provider.yaml -f ../example-idscp-localhost/docker-compose-provider.override.yaml up
-
-version: '3'
-services:
-
-  provider-core:
-    extra_hosts:
-      - "consumer-core:172.17.0.1"
\ No newline at end of file
diff --git a/examples/example-idscp/.env b/examples/example-idscp/.env
deleted file mode 100644
index a424a7d41..000000000
--- a/examples/example-idscp/.env
+++ /dev/null
@@ -1,2 +0,0 @@
-# This defines the tag used for docker-compose example YAML files in the current directory
-EXAMPLE_TAG=develop
\ No newline at end of file
diff --git a/examples/example-idscp/README.md b/examples/example-idscp/README.md
deleted file mode 100644
index e63429f85..000000000
--- a/examples/example-idscp/README.md
+++ /dev/null
@@ -1,4 +0,0 @@
-This example demonstrates the conversion of MQTT messages (using Eclipse Paho)
-and publishing via a web interface using the Trusted Connector.
-
-Documentation is located at https://industrial-data-space.github.io/trusted-connector-documentation/docs/rest/
\ No newline at end of file
diff --git a/examples/example-idscp/docker-compose-consumer.yaml b/examples/example-idscp/docker-compose-consumer.yaml
deleted file mode 100644
index c747732e5..000000000
--- a/examples/example-idscp/docker-compose-consumer.yaml
+++ /dev/null
@@ -1,51 +0,0 @@
-version: '3'
-services:
-
-  # TPM simulator
-  ids-tpmsim-consumer:
-    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-    volumes:
-      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
-      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-    networks:
-      - consumer-internal
-
-  # The core platform, mounts docker control socket and route definition into the image
-  consumer-core:
-    image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
-    tty: true
-    stdin_open: true
-    volumes:
-      - ../log/:/root/log/
-      - /var/run/docker.sock:/var/run/docker.sock
-      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
-      - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
-      - ../cert-stores/truststore.p12:/root/etc/truststore.p12
-      - ./settings-consumer.mapdb:/root/etc/settings.mapdb
-      - ./example-consumer-routes.xml:/root/deploy/example-consumer-routes.xml
-    environment:
-      - TPM_HOST=ids-tpmsim-consumer
-    # Enable this port mappings for debugging or UI access from localhost
-#    ports:
-#      - "5005:5005"
-#      - "8181:8181"
-#      - "8443:8443"
-    # Enable this port mapping (along with "ports:" above) to allow access to IDSCP from outside the ids-wide network
-#      - "9292:9292"
-    networks:
-      - ids-wide
-      - consumer-internal
-
-  # Data App (REST consumer, displays web page)
-  consumer-app:
-    image: fraunhoferaisec/example-server:${EXAMPLE_TAG:-develop}
-    ports:
-      - "8081:8081"
-    networks:
-      - consumer-internal
-
-networks:
-  ids-wide:
-    driver: bridge
-  consumer-internal:
-    driver: bridge
diff --git a/examples/example-idscp/docker-compose-provider.yaml b/examples/example-idscp/docker-compose-provider.yaml
deleted file mode 100644
index c68125310..000000000
--- a/examples/example-idscp/docker-compose-provider.yaml
+++ /dev/null
@@ -1,53 +0,0 @@
-version: '3'
-services:
-
-  # TPM simulator
-  ids-tpmsim-provider:
-    image: fraunhoferaisec/tpmsim:${EXAMPLE_TAG:-develop}
-    volumes:
-      # Always extract a "clean state" for our TPM simulator to prevent DA lockout issues
-      - ../tpmsim/tpmsim_data.tar:/tpmsim_data.tar
-    networks:
-      - provider-internal
-
-  # The core platform, mounts docker control socket and route definition into the image
-  provider-core:
-    image: fraunhoferaisec/trusted-connector-core:${EXAMPLE_TAG:-develop}
-    tty: true
-    stdin_open: true
-    volumes:
-      - ../log/:/root/log/
-      - /var/run/docker.sock:/var/run/docker.sock
-      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
-      - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
-      - ../cert-stores/truststore.p12:/root/etc/truststore.p12
-      - ./settings-provider.mapdb:/root/etc/settings.mapdb
-      - ./example-provider-routes.xml:/root/deploy/example-provider-routes.xml
-    environment:
-      - TPM_HOST=ids-tpmsim-provider
-    # Enable this lines for debugging or UI access from localhost
-#    ports:
-#      - "5005:5005"
-#      - "8181:8181"
-#      - "8443:8443"
-    networks:
-      - ids-wide
-      - provider-internal
-
-  # Mosquitto MQTT broker
-  mqtt-broker:
-    image: eclipse-mosquitto:latest
-    networks:
-      - provider-internal
-
-  # Sensor data provider
-  provider-app:
-    image: fraunhoferaisec/example-client:${EXAMPLE_TAG:-develop}
-    networks:
-      - provider-internal
-
-networks:
-  ids-wide:
-    driver: bridge
-  provider-internal:
-    driver: bridge
diff --git a/examples/example-idscp/docker-compose-ttp.yaml b/examples/example-idscp/docker-compose-ttp.yaml
deleted file mode 100644
index 0ff6c73df..000000000
--- a/examples/example-idscp/docker-compose-ttp.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-version: '3'
-services:
-
-  # TPM trusted third party (RAT repository)
-  ids-ttpsim:
-    image: fraunhoferaisec/ttpsim:${EXAMPLE_TAG:-develop}
-    # Enable this port mapping to access TTP from outside the ids-wide network
-#    ports:
-#      - "31337:31337"
-    networks:
-      ids-wide:
-        aliases:
-          - repository.aisec.fraunhofer.de
-
-networks:
-  ids-wide:
-    driver: bridge
diff --git a/examples/example-idscp/example-client/Dockerfile b/examples/example-idscp/example-client/Dockerfile
deleted file mode 100644
index 9cd1c2869..000000000
--- a/examples/example-idscp/example-client/Dockerfile
+++ /dev/null
@@ -1,12 +0,0 @@
-FROM node:alpine
-
-WORKDIR /app
-
-ADD package.json /app
-RUN npm install
-
-ADD app.js /app
-
-EXPOSE 8080
-
-ENTRYPOINT [ "node", "app.js" ]
diff --git a/examples/example-idscp/example-client/app.js b/examples/example-idscp/example-client/app.js
deleted file mode 100644
index ae4552b3d..000000000
--- a/examples/example-idscp/example-client/app.js
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
-	Example of a very simple MQTT consumer app.
-
-	This app subscribes to events at a public MQTT broker and makes them 
-	available by a REST API. For demonstration purposes, it continuously 
-	publishes random values under the subscribed MQTT topic.
-
-	(C) Fraunhofer AISEC, 2017
-*/
-
-// Start MQTT client
-const mqtt = require('mqtt');
-const client = mqtt.connect('mqtt://mqtt-broker');
-const TEMP_TOPIC = 'ids-example-010/temp';
-
-// React on MQTT connection
-client.on('connect', () => {
-    console.log("Connected to MQTT broker")
-    client.subscribe(TEMP_TOPIC)
-})
-
-// React on received MQTT messages
-client.on('message', (topic, message) => {
-  switch (topic) {
-    case TEMP_TOPIC:
-      console.log('Published and Received temp %s', message);
-      break;
-    default:
-      console.log('No handler for topic %s', topic);
-  }
-})
-
-// simulate sensor data by publishing random temperature data to MQTT broker
-setInterval(() => {
-    client.publish(TEMP_TOPIC,  String(Math.random() * (35 - 10) + 10));
-}, 1000)
\ No newline at end of file
diff --git a/examples/example-idscp/example-client/package.json b/examples/example-idscp/example-client/package.json
deleted file mode 100644
index 41e8030ed..000000000
--- a/examples/example-idscp/example-client/package.json
+++ /dev/null
@@ -1,26 +0,0 @@
-{
-  "name": "@FraunhoferAISEC/ids-example-010-client",
-  "version": "1.0.0",
-  "description": "A sample application retrieving MQTT data and providing it as REST service",
-  "main": "controller.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1",
-    "style": "standard"
-  },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/industrial-data-space/trusted-connector.git"
-  },
-  "author": "",
-  "license": "ISC",
-  "bugs": {
-    "url": "https://github.com/FraunhoferAISEC"
-  },
-  "homepage": "https://github.com/FraunhoferAISEC",
-  "dependencies": {
-    "mqtt": "^2.18.8"
-  },
-  "devDependencies": {
-    "standard": "^12.0.1"
-  }
-}
diff --git a/examples/example-idscp/example-consumer-routes.xml b/examples/example-idscp/example-consumer-routes.xml
deleted file mode 100644
index 99812e3d5..000000000
--- a/examples/example-idscp/example-consumer-routes.xml
+++ /dev/null
@@ -1,39 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:camel="http://camel.apache.org/schema/blueprint"
-  xmlns:camel-cxf="http://camel.apache.org/schema/blueprint/cxf"
-  xsi:schemaLocation="
- http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
- http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
-
-  <!-- Define TLS configuration for data consumer -->
-  <camel:sslContextParameters id="serverSslContext">
-    <camel:keyManagers keyPassword="password">
-      <camel:keyStore resource="etc/consumer-keystore.p12" password="password"/>
-    </camel:keyManagers>
-    <camel:trustManagers>
-      <camel:keyStore resource="etc/truststore.p12" password="password"/>
-    </camel:trustManagers>
-  </camel:sslContextParameters>
-
-  <camel-cxf:cxfEndpoint id="testEndpoint" address="http://consumer-app:8081/temp">
-    <camel-cxf:properties>
-      <entry key="dataFormat" value="MESSAGE"/>
-      <!--  enable mtom by setting this property to true -->
-      <entry key="mtom-enabled" value="true"/>
-    </camel-cxf:properties>
-  </camel-cxf:cxfEndpoint>
-
-  <!-- Routes -->
-  <camelContext xmlns="http://camel.apache.org/schema/blueprint">
-    <!-- Retrieve temperature value from IDS protocol, setting remote attestation to most relaxed config (for
-          demo only. Use 1 in production). Forward to Data App 2 -->
-    <route id="receiveTemp">
-      <from
-        uri="idsserver://0.0.0.0:9292/?sslContextParameters=#serverSslContext&amp;attestation=0"/>
-      <log message="Received via IDS protocol: ${body}"/>
-      <to uri="testEndpoint"/>
-    </route>
-  </camelContext>
-</blueprint>
diff --git a/examples/example-idscp/example-provider-routes.xml b/examples/example-idscp/example-provider-routes.xml
deleted file mode 100644
index 013a25312..000000000
--- a/examples/example-idscp/example-provider-routes.xml
+++ /dev/null
@@ -1,33 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:camel="http://camel.apache.org/schema/blueprint"
-  xsi:schemaLocation="
- http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
- http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
-
-  <!-- Define TLS configuration for data provider -->
-  <camel:sslContextParameters id="clientSslContext">
-    <camel:keyManagers keyPassword="password">
-      <camel:keyStore resource="etc/provider-keystore.p12" password="password"/>
-    </camel:keyManagers>
-    <camel:trustManagers>
-      <camel:keyStore resource="etc/truststore.p12" password="password"/>
-    </camel:trustManagers>
-  </camel:sslContextParameters>
-
-  <!-- Routes -->
-  <camelContext xmlns="http://camel.apache.org/schema/blueprint">
-    <!-- Retrieve temperature value from Data App via HTTP GET request and forward it over secure IDS protocol,
-          setting remote attestation to most relaxed config (for demo only. Use 1 in production )-->
-    <route id="sendTemp">
-      <!-- Alternative MQTT client, requires camel-mqtt feature in karaf-features-ids/build.gradle! -->
-      <!--<from uri="mqtt:temp?host=tcp://mqtt-broker:1883&amp;subscribeTopicName=ids-example-010/temp"/>-->
-      <from uri="paho:ids-example-010/temp?brokerUrl=tcp://mqtt-broker:1883"/>
-      <convertBodyTo type="java.lang.String"/>
-      <log message="Got temperature ${body}"/>
-      <to
-        uri="idsclient://consumer-core:9292/?sslContextParameters=#clientSslContext&amp;attestation=0"/>
-    </route>
-  </camelContext>
-</blueprint>
diff --git a/examples/example-idscp/example-server/Dockerfile b/examples/example-idscp/example-server/Dockerfile
deleted file mode 100644
index 234c2858b..000000000
--- a/examples/example-idscp/example-server/Dockerfile
+++ /dev/null
@@ -1,12 +0,0 @@
-FROM node:alpine
-
-WORKDIR /app
-
-ADD package.json /app
-RUN npm install
-
-ADD app.js /app
-
-EXPOSE 8081
-
-ENTRYPOINT [ "node", "app.js" ]
\ No newline at end of file
diff --git a/examples/example-idscp/example-server/app.js b/examples/example-idscp/example-server/app.js
deleted file mode 100644
index e4c55bec7..000000000
--- a/examples/example-idscp/example-server/app.js
+++ /dev/null
@@ -1,49 +0,0 @@
-/*
-  Example of a very simple REST consumer app.
-
-  This app accepts sensor values from POST requests to 
-  http://<host>:8081/temp
-  and displays them under
-  http://<host>:8081/
-  
-  For demonstration purposes only.
-
-  (C) Fraunhofer AISEC, 2017
-*/
-var temp = 0
-
-// Start REST server
-var express = require('express')
-  , app = express()
-
-// just use raw body data
-var bodyParser = require('body-parser')
-var options = {
-  inflate: true,
-  limit: '10kb',
-  type: 'text/xml'
-};
-app.use( bodyParser.raw(options) );
-
-// Start REST endpoint /temp
-app.post('/temp', function (req, res) {
-  temp = req.body
-  console.log('received temp ' + temp)
-  res.end('OK')
-})
-
-// Start web page /
-app.get('/', function (req, res, next) {
-  try {
-    var html = '<html><body><h1>Temp '+Number(temp).toFixed(2)+'</h1><script>function refresh () {window.location.reload(true);}; window.setTimeout(refresh, 1000);</script></body></html>'
-    res.send(html)
-  } catch (e) {
-    next(e)
-  }
-})
-
-var server = app.listen(8081, function () {
-  var host = server.address().address
-  var port = server.address().port
-  console.log("REST API listening at http://%s:%s", host, port)
-})
diff --git a/examples/example-idscp/example-server/package.json b/examples/example-idscp/example-server/package.json
deleted file mode 100644
index 8759276f8..000000000
--- a/examples/example-idscp/example-server/package.json
+++ /dev/null
@@ -1,27 +0,0 @@
-{
-  "name": "@FraunhoferAISEC/ids-example-010-client",
-  "version": "1.0.0",
-  "description": "A sample application retrieving MQTT data and providing it as REST service",
-  "main": "controller.js",
-  "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1",
-    "style": "standard"
-  },
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/industrial-data-space/trusted-connector.git"
-  },
-  "author": "",
-  "license": "ISC",
-  "bugs": {
-    "url": "https://github.com/FraunhoferAISEC"
-  },
-  "homepage": "https://github.com/FraunhoferAISEC",
-  "dependencies": {
-    "body-parser": "^1.18.3",
-    "express": "^4.16.4"
-  },
-  "devDependencies": {
-    "standard": "^12.0.1"
-  }
-}
diff --git a/examples/example-idscp/settings-consumer.mapdb b/examples/example-idscp/settings-consumer.mapdb
deleted file mode 100644
index 181f2b46034d4fa9949802a4867e4db338b7441d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2097152
zcmeI*U2J37VIOeK&L$b7MZAsUJ|rm6)My?zKnwJt4{g!J1yU5KVLK1)Lxb&R-E5Gq
zll8iA3)I%^>~_cYuCv>XV<&N(iH$aWn9-2b*T`=giIOOZq(qUF$QP9#R}v+DXh=#F
z_2ORYV`g?oJMp#wW()i@&>ZrfbI(2Z$IJgY_s+xo%gaL#|6B^+T>7>D{ro>a+4#)g
z`$wmhmp*Y){@tZ_PTxQB_obn~6>fXx=f8VaGw5gV^Wn>12={vC^7WIw|8Mp`-SNX8
z_pf`uzcDzEE43$f9w*2Dr9XaR$N#XNC*%F(zy1GaydU=bv>ymO`R}FA!RO#Q^gWaV
zazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vHAP3}t9FPNYKn}<OIUon*fE<tm
zazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vHAP3}t9FPNYKn}<OIUon*fE<tm
zazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vHAP3}t9FPNYKn}<OIUon*fE<tm
zazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vHAP1g!4pdi9FT<gsr@t4zdgf!-
zPX8zH;irE5<CB`7xE%WAVE-$h8+v9?4t?UR{M1?b56;S8J#F`QesEe|{`aTl)8*6S
ze*E&#&kpu~D)#iop!{TK=obg&)1P`OGAMuQ^3cZz<<QG#{XKPBUU~VnpHKe7v-j_w
zl|MWyV`t^eS(zDnebCP*I;Zb{{@PO`gZIC%b~e6i;X6MB2oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+0D;E}Tz@N(%1<vR
zW;e6xrFd%S+BX}eT643~YHroGzdbzk_IEo$w_9s&cQ!lSRy+7%SW{Wsscm(yj(+cv
zs)J@XXlH^-t=bv>&iiVswf5<LlQ-U16CCZ=+QCdaD0PF?gWw<-{{CZHWV6dxBY$>b
zgZZF)y8oYkQ1!{q7au>jU;QhNf7;@ti}#=0PN}oA76jFA-ik%XMyKw?CL@pV>;?U`
zpj|7~YsW$RPh0Knkw$61S{`|@@rP^KOd>V^?e~qo9vlYs&egHMeBbtV&}bb7Gp%~P
zwBHFjiDor8%C>{xwQl<$_~Z9CZne6npUfXk-Hb+VMx!^Qv76D+o6)hG(eazniFe<(
zL$|*lys;3TSF*JKC-18}EY%N!M6+IN2Cr|G>Yd>JHFoVA)$-<H(C*Y)&3A_HZ~myi
zxO6_i|Ne<z`~B|un?ZTw<jv(PLxn4su3x!yc;)i!m8bWv{LGz`?N9u#Yu~B%o25pr
zvRUeO+qLpRH`wg9_JZcS!%uu{A7TLa{r~WHUirCu5A7HkzEurIwsy8hO0`Z<83~hR
zq_kffIlmxBW?Ic=Pzj?cd=W<0(9m1oDpeZ6N~_&n56WR$UAk6lcK@K;>P%NE!T$Ni
zH_EM6Jt#Hb=yvx9ZBJUgHP~~u**V>D=<VIoVQHjZYHp9Lg|^M@w+Hp%*EPJpKd8w!
zOZ)pLL78jUAMN1l<#zblv@fiCqZ)pTFRXbdOpcR2r|Y#+Csk?$kM{iLd7F!?-#)Ki
zDRnx%R=fIW58nz?qtiV(&c%HUs1{nC?xVZj9)4^1mp*g#saHSsUtYX+{q3EwVdqD;
zZ+BXaVC0}(f9=1%etrFXW4qKF*{*eW4$23epdEfb-JsbWsk9omYt3pnfI&ds3X`~W
ztFvFK1h>0EW4|5-bLV!W)Cp&o2OCCqJFVt_yZ-KZ&nJgF1%BiDjq|Mo)w647t6e&1
z?zFao_DD6j{?+K$uYY^L-8!sQgZ8a+pOO7&>>ID|pDBIw`a>#%syDBHza8wiI<@eE
z>tEFELznJH`Q`oZ+aLXtfA;SxPjaL;P7WUC>pM?!6d!o(8-EsFqJw}5=d;c8(0O<f
z^cNS`KfDt9-bGCwEQkKbMb(e4i3SIKWFQYWJ6V|g;DcM;Ume|eY@3sA9y6wg*GZ2V
z(?g4;3(x<2#q{-PbRrU&7$1#XC>ee)AFPiaw`ls4i%#l%<#h9+%EvCBzJK8!_t#M0
ziH+Wjjoplm-;7P%j7{E*-MJZ?x;Yy8?nS#jypsC!iyAz#oU-T+?=()Y?T4--i|!9t
zbbnxaJ^703AA2k4FGhlm=~}wBxRj5s)|O`$+oko@!TY`9dU2<^eiTX6dbPs(Q8TgI
zs^#j*ekxn2ZLN-kyB-(UQ_)JJ9trYy`{h`1zdWBC?7ClENbRQUnYDaAmCNKZTdR?&
zbapR4n~zVeZA4RZtI_=0T0T?Uh~8bxMv9Bscy4g$et5`wrMb9YZd7N>vGIej|44Z>
zG3c{ZUC8v(wL6EEg~h{aqrO+%NOTLaseW;7JREBDa4^i(h0J*6{uq)InfbX$ZhmgO
zJU_KloJn*Ndv|xkej~+=oyg#HN(-4tWg$7S+@Bgv#_D^^jj+G|)L{HO%dym9xtXa4
z3z_2wuU8LB&2W3;Xm4=5>cZkqxtZ#fM;9Zjv3$R}kjj?k<0nMnn0Jcvxn3c=Q%fEf
z!`G=sVSP1PoKMDz^ZC7EHa?cxy}OfMFN_zCbK|LOC6=Bqj3;BsSb9CRlbWqWlDnDR
z<m}E)xL>buJRL2r$D@PeR>HAW=JUsi-TiVRw5Y_A6KlClb|aEn$?lDZzL}L=ed=z0
zF0;0lTg>O<`LJ#-nVngzhR)%~dh!vUeolM!crH3Mn~jX8Gr3eQ8(lnW8+tYB$CZ9!
zBGK51R2S|Z5B!VsbG=G`e5bULsu%j>jY?xKT5jwd7908gawAhe8Q*BWHt=2Dot{X~
zZcnUc2W5OBnOmJ$jT9zUj}sHCyWwv(cT%4UUnh?%6X|$jA{DkxM#8qc+Y`y~eKNZj
zZVP{R_a;iQ{CIeIhJ7T$w#l%cO4v^!>?1dkI^GNW3-{R#w`ap+gl&>x|Esw{Svl=@
zuP~7b>r%U6``P3~DjZKHyFIw}4hoGzExj9$rn9S~>FjnaHCqVJKR;HPIq7FSHM`wQ
z?j|CsW@IGT9^2U3-ss*rYVGC@OSReM%toYNTArH8q?=o%a<sd6w3}+**&3^rlhyv%
ze5%zPn`sti8cUNKv(>{&zp&PdrYDa#_cwZ_nc7OW)Z3m)_2!pmj$^HIq>@>mJDxu{
z%%=}aiCAoYes7{ZT1$?V)|#DCJ$EO)Gn>D&bTqv%Gd8_FI^JKcAE#2Qxpsg2R&jp6
z)~n1_W>%M$ck79XU}vh@h&JjQ$<@WN#>z}=Z+m<FaQ{{}RZ4bm6+4rOa;~*LmFPrs
zk$5MbXce|5>zmb1xw?`s_G9s#?Dk4}JeO#cVjFuq2a^Z;-L1u1&>wBJj*en8-AZlm
zPWC7nB#NUm+sU!{!d9m-Rqstt_7g#RDl-;YJ&tc|HOG#RGu6s|YHd2cy4_1J)E1VK
z+r`az@!p+6eY!ST8e8i<`9ysD2qMFgpXh!!T#l}tJ(wFBy7~v<t?@y-*6pvfTU)jI
z1^0)yhp!G_|I6_1x$>iICbyQ2&u-47Q>pk&Hl5jAi_hdTiELqWC6k^@EXN-j;<Yy;
zBPV};G!>hQ{rT|y=OItMeP!s)D?{ISsO?AS<^B7c8!!ITUtW56U^h<QT)uL-@bK1;
z%<JnP%b73Dm*&fd=gU}fHaVJ{jmOg2++e-1Q$3k43%zhY?<KQ^@zh$cR%&MU2kU`s
zKGO{L#wS)cc2+WT`H5^Kb2pWn%9W1qrh~ocXf~Q@udEH$9q04zX+NoKVm!4G8ChHp
zc5ijZwz`Gx{N_Y!VsW}Uy&F&7%S7+Z7WR*p@731kYS~2OXtlgjTwjS#?{t!}U^<qr
zRF@VS-KDAJ$?DyOQsQWK=cw1t_j1R_)6MavrSkmb(N;N{oZBDWo|~@cSL<VA^?vGB
zbF<ak>lOCz#v|GA8E1L49P}0n(SCKa9JGsziEgo<TIr82^k=7*c5}Viv39I8ejFU%
zDI6BtOOffhbR=Ea89!+D?qwD>YWZ%qb$4v3nOV<I=c29IndSCMA-=j>?v|@#<MWei
ztD7sOOmeNac~CB_^tW@}SUEg!Ip3b$96L@fttJ*D<+X*o&CbT;-CTBdp>dR6-bzl7
zuZN4K%>K$|qh8G(m$TLOQEFu^v$j0BJiZ($?6uqFXy(>_vcIr$oY~*ImFR56#;1!x
zel)YaJU)FMu#w^07tU|B=2olGss{B34|LDxvZ2@h@a(3!)s8p2;Vd_JKG_-i*2&}9
zgKn)pvRvzQ-@M;w@DTOQlgeh$9SLW)w+8>F)eV17AHBY(?vbhUe-6g?;7MUE{7goI
z@OSOKQ|#^G*M@(1HFEWTeL(Y*ab?4QL#Zy;!pD}S`q0p8*9Xs%4@%n?%+KElpG58l
z?QShRv3DPw*mS#H>JQHDwZTJ#N1wdDe)8zx(e1adzBc@|pn3JutCy}_e<wS5vKv%y
z%$z?fzZ!Y<JqSaWZohi7G4xYkdimpD``XujJoGnz=ehs%+_Nve@XE8l@!4Ph%J020
z^!I=Jl~;c6OaJ&+e&zWuzVy-y&%g4;m!Ey^#V@_^{Ig$p`MEE@^xI$j!V51y`&%!3
z<<-BUn_oQd=AxaiMXvpX_LnZ*zBU-{SI>s~%fI!)!vlFS?ETpn!r#xm@cfrwe({z6
z{F#@(_=OjL_l2*VHUHU@v-{oWUiuHue)^>^|Hr}k{q4_x_BTHF`QQB9r++m(;m`k@
z-~7yH|MkE4^?&v0p`mN<+`p_g!;fgNxcZCX^NaaGd4Ij}gRlPdE7=FzKk~1x|Mac@
z$Mr^df7~l>Bx~t<*L~mP@B6}eEYT0=tg-N3@xAldZsIs~ynU4Fzh@rX4dT(<>P9sc
z?8STGyp|u#Yq^bjDig1dXX}~WN9M8c-Z7b7JxYy6M%I@%jwfT~*mSAVAB)V7P0uZ~
zM}z(BTCaV)xj45|O14w+mBwOkxjEk2PaVZ${pen;osP$sSE}>1?o_%ND^~6;%#NlT
zxoR_>E9R$rM_Z|4^j4!W-)-KRE!~+}Pmkxjk;B$fy1tcerxR1{vEor_bgY!CB|68Y
zNTm}r?ku(^)|-XS!ok{X{Ah7GJ2N?&iboa~cV@z;43VAbu}F1hqjJ2|E9BF=hxO$k
zJ2@SVjAoj>wVBb;)w})L^u6iwa=NiSIWxcBoh}xZr+WFB?ya5a<9lN>$8#%@jk&d*
zrP2Q6)^crP^JwDMOmTa?Fn6#O4F_J^YG;b^$ymMLOx~Rx-Am5aw-#f?mC;~)?p`j@
z?)2uio0Zr>D?7fGyfa(fSUBFO9n8jyx6-|_W~SEauGXgJCJxr}^PScE_dh?g{E`1|
z8z2D!1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
S5FkK+009C72oU(|68Jynjdq9t

diff --git a/examples/example-idscp/settings-provider.mapdb b/examples/example-idscp/settings-provider.mapdb
deleted file mode 100644
index 6717a43c3b39b5e2bb9379ba5a3f318a9b91ec2a..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2097152
zcmeI*U2J37VIOeK&L$b7MZAsUJ|rm6)My?zKnwJt4^5H81yU5KVLK1)Lxb&R-E5Gq
zll3}q1Ju^+>~_cYuCv>XV<&N(iH$aWn9-1wL`i<rNR&j4NQo3liF#2f@=Bz{FOk&e
zi+ib$8F@!L@wNeG3;Z<D9P*xX&pr3Y%l|p|&cpocs{<E*u7q!{{M!G1{#Q;mKJ$<M
z*=gmKkDZkN@cuie?;rX5%D~?Xw>|T--#)A9_tXFR;N{PSdp&dY=E>gwH~XLN_`#3+
zx4qxr>7U27+7mmEljHxwpFXkUe^Aep@qYZ@|9>;y4|;yu_XVE(_tNL!b8sE{9?AhZ
zAP3}t9FPNYKn}<OIUon*fE<tmazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vH
zAP3}t9FPNYKn}<OIUon*fE<tmazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vH
zAP3}t9FPNYKn}<OIUon*fE<tmazGBq0XZNC<bWKI19CtP$N@PZ2jqYpkOOi+4#)vH
zAP3}t9FPNYKn}<OIUon*fE<tmazGBq0XZNC<bWKI15Z2$Dw)&EaA4r+?}V?O`N)ma
z{|S8XsUQCEq~^yi2R`24|Jr8;p6QnZA3G~QaaR75v+`F@+x>&@ot9Vs<7xTy#_4fC
zdUfEZ`};o?dwR8Be!M&I^ZoMaPdpXrmp^fJ;G_L=;N`Rao;oeBy?olw$N%Zs`*+XE
z@1K>ivvTUJ%nrQX@8@IP)Av7n<Ef$k`=47r8{duaogV@O2oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+z+(k&zLiWDCKr;^
z>$%1IiS)pYuQy7y=6bo++^lVVb8z78Z+C-Uuh!h^u6KK_PVoJ(ro3FOZT7AYf9H{^
zy=E`yWP@_8(jENPdul7S&gp(*x873|9JXtnV5$?8dO>C{*b4@~`<NEF+`{$9UtHQ?
zHt3!1|L5;leX{fA$IrJbf5Y)lTby+9-jl1Ay4B?%sC@lSEIKkgF&-O>Ji@aR94!Z(
zTB%+;4my9{>TC@)O6|(V(8G=2U(RKd>Dh0-XY}=8Kd5)FkNov}ws(R?Yd@H3)$65p
zH|QptmEbVf34+&poxR{s-`lv=>YaWve=>198o3>f-j2p@M~81mM{Y+)Z%5<rzGsKt
zQ9F2JE<CSPsr_f~soO8r_kv`zUTX%gZ<gxa;K4O^<7<_T_5GmJt+kr(3_jTWVSjPu
ze1QM`W54$Mz4JHy^47_ltJemK*RI^Wc4hzC)#+<b?_B$-@ssUO{I46|svI>-jaqrV
z)a!L>8+*NAz1P|an(q!i@v(h?0X*>k<KKDZXLc{_7#X}%35GVSTSKK<Hz*H<$ud-G
z*M`n7$f2oLvl*1bXbNA1ku@;z);CJ!MzGZC^j3n6Fs-iKs5N_k)N6Go%jKYbzVVHX
zR;wPAns4-a?S9*nR&Vw9oNjhccN}<oyR=^#s+XEuL(8FUbL;JXefV_^ukZJ3^7T@?
zeG-)UPW{mizPix~Kby{_b#GL{Z}Fuy?}W*5(&uEoR_dlpjo{Iq-#l+~dG*`p)k~#r
z_n_6OJlexI!qn*YPL6YVAAPF1R=4-)u6GCD8vKP%U4QD;PyFGFH*UUN4I6fUaQAMv
z)d+_6I`!B7>+3gH&Np^S2SZ!6UUhF{uN!p2&!-nOdqd?`<8G~42?x**$U9*Ym+o}i
zrE+k$7c|=SFqpe{8>MbIyFA=5wB2nr|J%)X&wD;O+$r!IH*cM9?W>+$JDZ)-UbEWT
z3_3%V;O3X3U%mOwcBi#ps|1}p=RQO2XzXjRx6hQme)ED#zv|7K-|YnLR<{;ja7UMQ
zd*RakFu#28efyJt@h|^F`ALrS*2%%ce0}Fhj^cffed{m6OSB&_;e57!9y%8nL4S35
z{l%5gcP?x4a5?lpE~|cYP1HZ=BLlhE>||l`z4veRV0Cosv29MedCZtDu9F@!rVERu
zOV9s&#q`x^G#-h>M~5SqN`~LdhwG!qEt>x9vXeSrIo-aj^0CXO?_RpcgEiE*V#Bv%
zBe!Ftw`1|!v9a5+@!PS9+ryD>U$)!DmDFEe*5Hxlltp)Vr*V31U$~Aey5DEf{l4k-
z<STA|<gMUnJ`$`>))s5?_Y2WXZDDG@Q(DRN-|wugtW_&3hmmCMpjKQtY$mr`wR}Bw
zl+G1vo0*|-*W<O7bhO;4M}oq=qm9^Fdt)}=-?hCqm)>5iXO|0wbUvHUZe}7Ai@BY`
zbRjXZyc$i<WTJ)T<wACCHF|G37g?LnCG!14ABBgkmz(qLjYeg9BR0Ah_8-|8PWJn3
zRpzn>i?#9n^4$D>rBUBmTTS+gv5BL#<<W4c(f$4~GjrL|@`Ev?;@R1mNPc!^bYpg+
zx;B;UCU@>_hy6y@R;!Wz>6GTOk@8$BzHl@#oQl<V78+rHM-%<=R~KUG{f%a}9?WHr
zAHL4)m73x9#^Fx?c$K;N>P9nturWLz$;1jrmAQ1TG@Cdf3ddYso6R2-bJbevcrARL
zZWLEC(Y4uBY;Cr%vzAMYq_^)?7gvg-#pC>FI#-S@&K5^gu~ckvC0$KVmm{g|>~?Cp
zS`GI*C>~En*H#kI{&CCU*vhko<K%XGBN<whW2yLZKAT&Oq?d9#qoHqhDPNzsSD48z
zFX!hAg+w8&n@Q!S<}0Cd__3aR#HXLrPCb#2PE6+_ql?*mI-iTqpS2CW8ujDyQ8J!v
zR3nwSd&hnMwb_}2^3iCuw3@CLk478i#!PghQQco_6pj`e+4{-&h6}a6Z)STkzBs)V
z&*b`LBA&`;;+aS>o;gm&Guz>BE`L&=4qvB^%kjlTGM*0GrXpe6?X7q!e4onggxkX3
z?VWfjRu~O0&#;eV*ftgRQx5wnhJEDY>EoTSzi^-JaC<I1M%X45_Mgf3%kpWzJH>c5
ztV?f)?Wa@mbU2=DZmWOo?G+ov+TwO1x|quhFXpyl>FHv4{)Lh9)JZ?1>FKS5)OIqG
zZbpWJt&!Eut<~Q6VQV|TU#d+nWLG0crG<&9>|%4Xv=QyiA8w~R<C`P3ja21mWH#Mu
zj!ZR+Q;qv$tJ9VJ@=<ZQ6<r)VUT?1+l%{G+xzfSbMEYR%{?u`-wGk<2S7wf9_x1~m
z`=w+oHaoi$?+n*cBc<hLw^YxMFIJ}u<M$6I=cYy`w}wZLGWFwhI+O1ljow+CZPyOU
zGv%qw{e|s%G9FYXDvfBPzM9I+k2IF1Vmn(~EBoy`y>uznyR+6EOK#*_D-+3XG#^QH
z6UkO_bF98z>26e(3TsEPL^Zdyv^bhiHcGM8o$B7$Uc0wBUki?gTdl*x*i^4v+ZoRt
zrh??!@YGgnWVX23ZA{b;CdZDF!Qw=AB$7E!tZp_(j*qjIayz{|naFG%EY8*D?x(ia
z))Q;H<Hh=9ZLBo1eDLHG@$n;w3`Tye``vIkx_tIvZeZa0ABDHZd!1VEXsOfMtko~M
zKfF75eemXAhj-8AALO$6<y>NVeQGhCPE6$%v+K)=seCq>E3PkP7iW?Si3>x#@n&S`
z<j)T#ViU2y9DMLR<f*r>4ZL}6;A<D!eu!Q^xWBpe;xGT={fh&;b@JxwwX4O8TR$|f
zZ+;|izBFH&FE7rQvD9>GI5nLZ4(G=HdZAi5nJ<e6;e37&&bvpcaJ^D$X50PsK(5(d
zOYMyAF0a<p+1biSZYSGJ<wtjm!}X=YOg)~9CMK4a`~95HyQlr6bE%_LIPXp^XQSiE
z{pGRN{kh%4rRdm7q}bdTE!JxLJF$cP#pGfnzP;bwE6#Oe)BCB+Sn_apy0qEKjqh&E
zPbSBPM>0!G%d1P>d_6uo(QO5-b~U-sitq1jmY33*_I5B_+&M~bZ>_JDa)s_*y|%W$
zF_K7E?u}Mkld;Iw-bjA-UN^Bdwz9HX$aba{DwCy+-d<#DdUQN9Jhe2lF*>_{uh2?Y
z_lH}Hv+>+qE;!!LM8a8gw75O9v$<0|Ow6S-$?14<efD5-a&msSet&Q8-fn9%Q#{(9
z8Y?H36ZdzUo88PrGq!q=yR$buy<baA4Og?rJG<Mxc5i08H(XBKn;uK9P8YXoi*t#1
z{;08j?|3AUoX^cq?2k>3$2)hHGsETMRAFYJyxC5rQuBxRqdPluvy(gF6SBrka(85P
zX)0T5tlXbG57@}y-Am`UT6442XjOvx!w0(ObJ@Uae|&b+-0CEny>OQ6KcDOleB<Qt
z>|U={A6lq&dv88y)PIQj=1FBU=naK4+gtsA)9Qu4r;lELr0$Wa^MCfo_wY$!Eqv}g
z6okLaKRU(U9ei!@``07a|JVC8KN(jp{5O=!LM?o3S*i~VymqtyEP1cAb;<nvweU$~
zJLvRk;fcNb@WduNozhYN>|X0XM0oVc>+2_v4j$cp_xfvtUkRGmue^HY#?5zf{U^IY
z<<`{sv-0baSAPUy;L6=sZ#M>h;tMZ-^ebQa$`1$r?(aPJ2hTnG(hILV`x~GB^)LP2
zD+B-dw_kbX_rCDYf9aQ=|NKiYz3}`ipMUw;=U)863(r6MxtE{&;!D5%`Om%Z^0UA7
z!k1qC8@l=V^KLHN`9|c%k7<A9%H13N;ePpSxWD*YFI*hRi(&82z7YO?=7s0K`0|Ud
z{FhI?{Q1wl_`5HB>8$xrpPb$AKKIgpdiIkqeepl{&+qSl_S3)dna}>_XFmC>;R%2C
z-~HyNKK*b1)vy1XPYw*+c;~@owH|&%{l(Q^4W3`j56cJZjqiQ=Ctt}u-2S0|b@M0h
z{6DTY!u#WcwbfK@vEFmv_xSt1a2`t@g>%+OdOH83^VoLsIDNboNiScR$HHe9K_a@F
zU2QKF5{XEzkln6CCi11>`eLb3J`U%#?MLRZ@ZK?%%S6(v;r-)yth%#z5N~cC?rkhb
z_hX0C3yp*6iNia43#FCmk@{358i{q*ld+ln;X?IZFHzX(B)YpBK|H%VA3l{B-5pNF
z$HyY0Q-#^NW;NRB9?pdGQFs@gT-iB3oS12i1|#dS!u;g&*5qWRG?Q7bq?4twcD>f#
ztc|Wj?zbl6^;&&1F|v0j+KRUi3(4K)Ml`)MA4~@M?fvM{=G;;@v7TP7g!AC>*3RVd
z`u6eI{(fXLy}3|KCRSDo!-?$dy{U<V+SJ<GZnUvjT&~XVN3)}y$no$|yt+9%b+ECW
znC+&z^-Qf2nNRM{miO+|w-Vv=n07e(tsfljMON-q?;O_0tM`&ehX=XzdTo3@IUgO)
z&2R4YI>l&Yy4Xk@jII=lTSw9RJN3%!W^8e0KDJV+EC=y?qp%R)tuOR;H`kUXAKd@^
z)WV1UyKR632oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
z0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+
z009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBly
zK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF
z5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk
z1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs
z0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZ
zfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&U
zAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C7
z2oNAZfB*pk1PBlyK!5-N0t5&UAV7cs0RjXF5FkK+009C72oNAZfB*pk1PBlyK!5-N
Y0t5&UAV7cs0RjXF5FkL{Z%g3+0Kz|a_W%F@

diff --git a/examples/route-examples/example-idscp-localloop.xml b/examples/route-examples/example-idscp-localloop.xml
deleted file mode 100644
index 047dde31d..000000000
--- a/examples/route-examples/example-idscp-localloop.xml
+++ /dev/null
@@ -1,47 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
-           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-           xmlns:camel="http://camel.apache.org/schema/blueprint" xsi:schemaLocation="
- http://www.osgi.org/xmlns/blueprint/v1.0.0 http://www.osgi.org/xmlns/blueprint/v1.0.0/blueprint.xsd
- http://camel.apache.org/schema/blueprint http://camel.apache.org/schema/blueprint/camel-blueprint.xsd">
-
-    <!-- Define TLS configuration for data consumer -->
-    <camel:sslContextParameters id="serverSslContext">
-        <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/consumer-keystore.p12" password="password"/>
-        </camel:keyManagers>
-        <camel:trustManagers>
-            <camel:keyStore resource="etc/truststore.p12" password="password"/>
-        </camel:trustManagers>
-    </camel:sslContextParameters>
-
-    <!-- Define TLS configuration for data provider -->
-    <camel:sslContextParameters id="clientSslContext">
-        <camel:keyManagers keyPassword="password">
-            <camel:keyStore resource="etc/provider-keystore.p12" password="password"/>
-        </camel:keyManagers>
-        <camel:trustManagers>
-            <camel:keyStore resource="etc/truststore.p12" password="password"/>
-        </camel:trustManagers>
-    </camel:sslContextParameters>
-
-    <!-- Routes -->
-    <camelContext xmlns="http://camel.apache.org/schema/blueprint">
-
-        <route id="sendTemp">
-            <from uri="timer://tempPerSecond?fixedRate=true&amp;period=10000"/>
-            <setBody>
-                <simple>Message at $simple{date:now:yyyy-MM-dd HH:mm:ss}</simple>
-            </setBody>
-            <log message="Sending message body &quot;${body}&quot;..."/>
-            <to uri="idsclient://consumer-core:9292/?sslContextParameters=#clientSslContext&amp;attestation=0" />
-        </route>
-
-        <route id="receiveTemp">
-            <from uri="idsserver://0.0.0.0:9292/?sslContextParameters=#serverSslContext&amp;attestation=0"/>
-            <log message="Received via IDS protocol: ${body}"/>
-        </route>
-
-    </camelContext>
-
-</blueprint>
diff --git a/examples/templates/example-idscp/.env b/examples/templates/example-idscp2-uc/.env
similarity index 100%
rename from examples/templates/example-idscp/.env
rename to examples/templates/example-idscp2-uc/.env
diff --git a/ids-api/build.gradle b/ids-api/build.gradle
index b9540dd1f..10d8fecd0 100644
--- a/ids-api/build.gradle
+++ b/ids-api/build.gradle
@@ -1,5 +1,3 @@
-version = libraryVersions.api
-
 apply plugin: 'com.google.protobuf'
 apply plugin: 'idea'
 
diff --git a/ids-comm/.gitignore b/ids-comm/.gitignore
deleted file mode 100644
index 180f3422a..000000000
--- a/ids-comm/.gitignore
+++ /dev/null
@@ -1,8 +0,0 @@
-/target/
-/bin/
-/generated/
-configuration.db
-/cp.txt
-*.pyc
-/.classpath
-/build.properties
diff --git a/ids-comm/LICENSE.txt b/ids-comm/LICENSE.txt
deleted file mode 100644
index 261eeb9e9..000000000
--- a/ids-comm/LICENSE.txt
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/ids-comm/README.md b/ids-comm/README.md
deleted file mode 100644
index 990171e66..000000000
--- a/ids-comm/README.md
+++ /dev/null
@@ -1 +0,0 @@
-The _ids-comm_ module wraps the IDSCP, providing secure communication and remote attestation between Connector instances.
diff --git a/ids-comm/bnd.bnd b/ids-comm/bnd.bnd
deleted file mode 100644
index 379857898..000000000
--- a/ids-comm/bnd.bnd
+++ /dev/null
@@ -1,7 +0,0 @@
-Bundle-Name: IDS :: IDS Communication Protocol
-Bundle-Description: IDS Communication Protocol
-Export-Package: \
-	de.fhg.aisec.ids.comm*
-Import-Package: \
-  !org.checkerframework.checker*,\
-	*
\ No newline at end of file
diff --git a/ids-comm/build.gradle b/ids-comm/build.gradle
deleted file mode 100644
index 20d3a4e61..000000000
--- a/ids-comm/build.gradle
+++ /dev/null
@@ -1,22 +0,0 @@
-version = libraryVersions.idscp
-
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-
-    providedByBundle(group: 'com.github.microsoft', name: 'TSS.Java', version: libraryVersions.tssJava) {
-        // JNA not needed, because we do not directly communicate with the TPM via this library
-        exclude group: 'net.java.dev.jna', module: 'jna'
-    }
-
-    providedByBundle group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
-    
-    publishCompile group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
-
-    providedByBundle group: 'org.asynchttpclient', name: 'async-http-client', version: libraryVersions.ahc
-
-    providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-server', version: libraryVersions.jetty
-    providedByFeature group: 'org.eclipse.jetty.websocket', name: 'websocket-client', version: libraryVersions.jetty
-
-    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-}
diff --git a/ids-comm/socket/.gitignore b/ids-comm/socket/.gitignore
deleted file mode 100644
index c74d68277..000000000
--- a/ids-comm/socket/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-*.sock
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ByteArrayUtil.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ByteArrayUtil.java
deleted file mode 100644
index 689951053..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ByteArrayUtil.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm;
-
-public class ByteArrayUtil {
-
-  private static final String[] lookup = new String[256];
-
-  static {
-    for (int i = 0; i < lookup.length; ++i) {
-      if (i < 16) {
-        lookup[i] = "0" + Integer.toHexString(i);
-      } else {
-        lookup[i] = Integer.toHexString(i);
-      }
-    }
-  }
-
-  public static String toPrintableHexString(byte[] bytes) {
-    StringBuilder s = new StringBuilder();
-    for (int i = 0; i < bytes.length; ++i) {
-      if (i > 0 && i % 16 == 0) {
-        s.append('\n');
-      } else {
-        s.append(' ');
-      }
-      s.append(lookup[bytes[i] & 0xff]);
-    }
-    return s.toString();
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/CertificatePair.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/CertificatePair.java
deleted file mode 100644
index 043632388..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/CertificatePair.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm;
-
-import java.security.cert.Certificate;
-
-public class CertificatePair {
-
-  private Certificate localCertificate = null;
-  private Certificate remoteCertificate = null;
-
-  public CertificatePair() {}
-
-  public CertificatePair(CertificatePair certificatePair) {
-    this.localCertificate = certificatePair.localCertificate;
-    this.remoteCertificate = certificatePair.remoteCertificate;
-  }
-
-  public Certificate getLocalCertificate() {
-    return localCertificate;
-  }
-
-  public void setLocalCertificate(Certificate localCertificate) {
-    this.localCertificate = localCertificate;
-  }
-
-  public Certificate getRemoteCertificate() {
-    return remoteCertificate;
-  }
-
-  public void setRemoteCertificate(Certificate remoteCertificate) {
-    this.remoteCertificate = remoteCertificate;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/DatVerifier.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/DatVerifier.java
deleted file mode 100644
index 9c3e032f3..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/DatVerifier.java
+++ /dev/null
@@ -1,8 +0,0 @@
-package de.fhg.aisec.ids.comm;
-
-import de.fhg.aisec.ids.api.tokenm.DatException;
-
-@FunctionalInterface
-public interface DatVerifier {
-  void verify(String dat) throws DatException;
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/IdscpConfiguration.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/IdscpConfiguration.java
deleted file mode 100644
index efcb611f5..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/IdscpConfiguration.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm;
-
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import java.net.URI;
-
-public interface IdscpConfiguration {
-  IdsAttestationType getAttestationType();
-
-  int getAttestationMask();
-
-  CertificatePair getCertificatePair();
-
-  URI getTrustedThirdPartyURI();
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/ClientConfiguration.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/ClientConfiguration.java
deleted file mode 100644
index 09136d367..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/ClientConfiguration.java
+++ /dev/null
@@ -1,140 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.client;
-
-import de.fhg.aisec.ids.comm.CertificatePair;
-import de.fhg.aisec.ids.comm.IdscpConfiguration;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import java.net.URI;
-import java.util.Collections;
-import java.util.List;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.nullness.qual.Nullable;
-
-/**
- * Configuration of a client-side (Consumer) IDSC endpoint.
- *
- * @author Julian Schütte (julian.schuette@aisec.fraunhofer.de)
- */
-public class ClientConfiguration implements IdscpConfiguration {
-  @NonNull private IdsAttestationType attestationType = IdsAttestationType.BASIC;
-  private int attestationMask = 0;
-  @NonNull private CertificatePair certificatePair = new CertificatePair();
-  @NonNull private String rdfDescription = "";
-  @NonNull private String dynamicAttributeToken = "";
-  @NonNull private String endpoint = "";
-  @NonNull private List<byte[]> sha256CertificateHashes = Collections.emptyList();
-  @Nullable protected URI ttpUri;
-
-  public static class Builder {
-    @NonNull private ClientConfiguration config = new ClientConfiguration();
-
-    public Builder attestationMask(int attestationMask) {
-      config.attestationMask = attestationMask;
-      return this;
-    }
-
-    @NonNull
-    public Builder attestationType(@NonNull IdsAttestationType attestationType) {
-      config.attestationType = attestationType;
-      return this;
-    }
-
-    @NonNull
-    public Builder certificatePair(@NonNull CertificatePair certificatePair) {
-      config.certificatePair = certificatePair;
-      return this;
-    }
-
-    @NonNull
-    public Builder ttpUrl(@NonNull URI ttpUri) {
-      config.ttpUri = ttpUri;
-      return this;
-    }
-
-    @NonNull
-    public Builder rdfDescription(@NonNull String rdfDescription) {
-      config.rdfDescription = rdfDescription;
-      return this;
-    }
-
-    @NonNull
-    public Builder dynamicAttributeToken(@NonNull String dynamicAttributeToken) {
-      config.dynamicAttributeToken = dynamicAttributeToken;
-      return this;
-    }
-
-    @NonNull
-    public Builder endpoint(@NonNull String endpoint) {
-      config.endpoint = endpoint;
-      return this;
-    }
-
-    @NonNull
-    public Builder setSha256CertificateHashes(@NonNull List<byte[]> hashes) {
-      config.sha256CertificateHashes = hashes;
-      return this;
-    }
-
-    @NonNull
-    public ClientConfiguration build() {
-      return config;
-    }
-  }
-
-  @NonNull
-  public IdsAttestationType getAttestationType() {
-    return attestationType;
-  }
-
-  public int getAttestationMask() {
-    return attestationMask;
-  }
-
-  @NonNull
-  public CertificatePair getCertificatePair() {
-    return certificatePair;
-  }
-
-  @NonNull
-  public String getDynamicAttributeToken() {
-    return dynamicAttributeToken;
-  }
-
-  @NonNull
-  public String getRDFDescription() {
-    return rdfDescription;
-  }
-
-  @Nullable
-  public URI getTrustedThirdPartyURI() {
-    return ttpUri;
-  }
-
-  @NonNull
-  public String getEndpoint() {
-    return endpoint;
-  }
-
-  @NonNull
-  public List<byte[]> getSha256CertificateHashes() {
-    return sha256CertificateHashes;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/IdscpClient.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/IdscpClient.java
deleted file mode 100644
index 53cf8634f..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/IdscpClient.java
+++ /dev/null
@@ -1,179 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.client;
-
-import static org.asynchttpclient.Dsl.asyncHttpClient;
-
-import de.fhg.aisec.ids.api.conm.RatResult;
-import io.netty.handler.ssl.ClientAuth;
-import io.netty.handler.ssl.JdkSslContext;
-import io.netty.handler.ssl.SslContext;
-import java.net.URI;
-import java.security.KeyManagementException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.concurrent.ExecutionException;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.X509TrustManager;
-import javax.xml.bind.DatatypeConverter;
-import org.asynchttpclient.AsyncHttpClient;
-import org.asynchttpclient.DefaultAsyncHttpClientConfig.Builder;
-import org.asynchttpclient.ws.WebSocket;
-import org.asynchttpclient.ws.WebSocketUpgradeHandler;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.nullness.qual.Nullable;
-
-/**
- * A standalone client implementation for the IDSCP protocol.
- *
- * <p>Simply call <code>connect()</code> and use the returned WebSocket object for bidirectional
- * text/binary web socket communication with the remote endpoint.
- *
- * <p>Make sure to check <code>handleAttestationResult()</code> and <code>getMetaData()</code> to
- * assess trustworthiness of the remote endpoint and the self description returned by it.
- */
-public class IdscpClient {
-
-  private ClientConfiguration config = new ClientConfiguration();
-  private RatResult attestationResult = null;
-  private String metaData = null;
-
-  /**
-   * Connects to a remote endpoint, executes the IDSCP handshake and returns the ready-to-use
-   * WebSocket object.
-   *
-   * @throws NoSuchAlgorithmException Use <code>connect(String host, int port)</code> instead.
-   */
-  @Deprecated
-  public WebSocket connect(URI uri)
-      throws InterruptedException, ExecutionException, KeyManagementException,
-          NoSuchAlgorithmException {
-    return connect(uri.getHost(), uri.getPort());
-  }
-
-  /**
-   * Connects to a remote endpoint, executes the IDSCP handshake and returns the ready-to-use
-   * WebSocket object.
-   */
-  public WebSocket connect(@NonNull String host, int port)
-      throws InterruptedException, ExecutionException, KeyManagementException,
-          NoSuchAlgorithmException {
-    final Builder builder = new Builder();
-    if (!this.config.getSha256CertificateHashes().isEmpty()) {
-      SSLContext ctx = SSLContext.getInstance("TLS");
-      ctx.init(
-          null,
-          new X509TrustManager[] {
-            new X509TrustManager() {
-              @Override
-              public void checkServerTrusted(X509Certificate[] certs, String str)
-                  throws CertificateException {
-                try {
-                  MessageDigest digest = MessageDigest.getInstance("SHA-256");
-                  byte[] digestBytes = digest.digest(certs[0].getEncoded());
-                  if (config
-                      .getSha256CertificateHashes()
-                      .stream()
-                      .noneMatch(hash -> Arrays.equals(digestBytes, hash))) {
-                    throw new CertificateException(
-                        "Did not find pinned SHA256 certificate hash: "
-                            + DatatypeConverter.printHexBinary(digestBytes));
-                  }
-                } catch (Exception x) {
-                  throw new CertificateException("Error during hash calculation", x);
-                }
-              }
-
-              @Override
-              public void checkClientTrusted(X509Certificate[] certs, String str)
-                  throws CertificateException {
-                throw new CertificateException("Must not be called by client implementation!");
-              }
-
-              @Override
-              public X509Certificate[] getAcceptedIssuers() {
-                return new X509Certificate[0];
-              }
-            }
-          },
-          null);
-      SslContext sslContext = new JdkSslContext(ctx, true, ClientAuth.NONE);
-      builder.setSslContext(sslContext);
-    }
-    final AsyncHttpClient c = asyncHttpClient(builder.build());
-
-    // Connect to web socket
-    IdspClientSocket wsListener = new IdspClientSocket(this.config);
-
-    WebSocket ws =
-        c.prepareGet("wss://" + host + ":" + port + "/" + this.config.getEndpoint())
-            .execute(new WebSocketUpgradeHandler.Builder().addWebSocketListener(wsListener).build())
-            .get();
-
-    // Block until ISCP has finished
-    wsListener.semaphore().lockInterruptibly();
-    try {
-      while (!wsListener.isTerminated()) {
-        wsListener.idscpInProgressCondition().await();
-      }
-    } finally {
-      this.attestationResult = wsListener.getAttestationResult();
-      this.metaData = wsListener.getMetaResult();
-      wsListener.semaphore().unlock();
-    }
-    return ws;
-  }
-
-  /**
-   * Sets the configuration of this client.
-   *
-   * <p>Use this method in a fluent API style before calling <code>connect()</code>:
-   *
-   * <pre>
-   * new IdscpClient().config(config).connect(url);
-   * </pre>
-   */
-  @NonNull
-  public IdscpClient config(@NonNull ClientConfiguration config) {
-    this.config = config;
-    return this;
-  }
-
-  /**
-   * Returns null if attestation has not yet finished, or status code of remote attestation
-   * otherwise.
-   */
-  @Nullable
-  public RatResult getAttestationResult() {
-    return this.attestationResult;
-  }
-
-  /**
-   * Returns meta data about the remote endpoint or <code>null</code> if no meta data has been
-   * exchanged.
-   */
-  @Nullable
-  public String getMetaData() {
-    return this.metaData;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/IdspClientSocket.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/IdspClientSocket.java
deleted file mode 100644
index 41c1d538b..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/client/IdspClientSocket.java
+++ /dev/null
@@ -1,145 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.client;
-
-import com.google.protobuf.InvalidProtocolBufferException;
-import de.fhg.aisec.ids.api.conm.RatResult;
-import de.fhg.aisec.ids.comm.DatVerifier;
-import de.fhg.aisec.ids.comm.ws.protocol.ClientProtocolMachine;
-import de.fhg.aisec.ids.comm.ws.protocol.ProtocolState;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.FSM;
-import de.fhg.aisec.ids.messages.Idscp;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import java.util.concurrent.locks.Condition;
-import java.util.concurrent.locks.ReentrantLock;
-import org.asynchttpclient.ws.WebSocket;
-import org.asynchttpclient.ws.WebSocketListener;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class IdspClientSocket implements WebSocketListener {
-  private static final Logger LOG = LoggerFactory.getLogger(IdspClientSocket.class);
-  private FSM fsm;
-  @NonNull private final ReentrantLock lock = new ReentrantLock();
-  private final Condition idscpInProgress = lock.newCondition();
-  private final ConnectorMessage startMsg =
-      Idscp.ConnectorMessage.newBuilder()
-          .setType(ConnectorMessage.Type.RAT_START)
-          .setId(new java.util.Random().nextLong())
-          .build();
-  private ClientConfiguration config;
-  private boolean isTerminated = false;
-  private DatVerifier datVerifier = dat -> {
-    if (LOG.isInfoEnabled()) {
-      LOG.info("Received DAT token: {}", dat);
-    }
-  };
-
-  public IdspClientSocket(ClientConfiguration config) {
-    this.config = config;
-  }
-
-  public void setDatVerifier(DatVerifier datVerifier) {
-    this.datVerifier = datVerifier;
-  }
-
-  @Override
-  public void onOpen(WebSocket websocket) {
-    LOG.debug("Websocket opened");
-
-    // create Finite State Machine for IDS protocol
-    this.fsm = new ClientProtocolMachine(websocket, this.config, this.datVerifier);
-    // start the protocol with the first message
-    this.fsm.feedEvent(new Event(startMsg.getType(), startMsg.toString(), startMsg));
-  }
-
-  @Override
-  public void onClose(WebSocket websocket, int code, String status) {
-    LOG.debug("websocket closed - reconnecting");
-    fsm.reset();
-  }
-
-  @Override
-  public void onError(Throwable t) {
-    LOG.debug("websocket on error", t);
-    if (fsm != null) {
-      fsm.reset();
-    }
-  }
-
-  @Override
-  public void onBinaryFrame(byte[] message, boolean finalFragment, int rsv) {
-    LOG.debug("Client websocket received binary message {}", new String(message));
-    try {
-      lock.lockInterruptibly();
-      try {
-        ConnectorMessage msg = ConnectorMessage.parseFrom(message);
-        LOG.debug("Received in state " + fsm.getState() + ": " + new String(message));
-        fsm.feedEvent(new Event(msg.getType(), new String(message), msg));
-      } catch (InvalidProtocolBufferException e) {
-        LOG.error(e.getMessage(), e);
-      }
-      if (fsm.getState().equals(ProtocolState.IDSCP_END.id())) {
-        LOG.debug("Client is now terminating IDSCP");
-        this.isTerminated = true;
-        idscpInProgress.signalAll();
-      }
-    } catch (InterruptedException e) {
-      LOG.warn(e.getMessage());
-      Thread.currentThread().interrupt();
-    } finally {
-      lock.unlock();
-      this.isTerminated = true;
-    }
-  }
-
-  @Override
-  public void onTextFrame(String message, boolean finalFragment, int rsv) {
-    LOG.debug("Client websocket received text message {}", message);
-    onBinaryFrame(message.getBytes(), finalFragment, rsv);
-  }
-
-  @NonNull
-  public ReentrantLock semaphore() {
-    return lock;
-  }
-
-  @NonNull
-  public Condition idscpInProgressCondition() {
-    return idscpInProgress;
-  }
-
-  public boolean isTerminated() {
-    return this.isTerminated;
-  }
-
-  // get the result of the remote attestation
-  @NonNull
-  public RatResult getAttestationResult() {
-    return fsm.getRatResult();
-  }
-
-  @NonNull
-  public String getMetaResult() {
-    return fsm.getMetaData();
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpServer.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpServer.java
deleted file mode 100644
index 7da134a99..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpServer.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.server;
-
-import org.eclipse.jetty.server.*;
-import org.eclipse.jetty.servlet.ServletContextHandler;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * A standalone server implementation for the IDSCP protocol.
- *
- * <p>Simply call <code>start()</code> and use the registered <code>SocketListener</code> to
- * handling incoming WebSocket connections.
- *
- * <p>Make sure to check <code>handleAttestationResult()</code> and <code>getMetaData()</code> to
- * assess trustworthiness of the remote endpoint and the self description returned by it.
- */
-public class IdscpServer {
-  private static final Logger LOG = LoggerFactory.getLogger(IdscpServer.class);
-
-  private ServerConfiguration config = new ServerConfiguration();
-  private Server server;
-  private SocketListener socketListener;
-
-  public IdscpServer config(ServerConfiguration config) {
-    this.config = config;
-    return this;
-  }
-
-  public IdscpServer setSocketListener(SocketListener socketListener) {
-    this.socketListener = socketListener;
-    return this;
-  }
-
-  public IdscpServer start() {
-    Server s = new Server();
-    HttpConfiguration https = new HttpConfiguration();
-    https.addCustomizer(new SecureRequestCustomizer());
-
-    SslContextFactory sslContextFactory = new SslContextFactory.Server();
-    sslContextFactory.setKeyStore(config.getKeyStore());
-    sslContextFactory.setKeyStorePassword(this.config.getKeyStorePassword());
-    sslContextFactory.setCertAlias(this.config.getCertAlias());
-    sslContextFactory.setKeyManagerPassword(this.config.getKeyManagerPassword());
-
-    ServerConnector sslConnector =
-        new ServerConnector(s, sslContextFactory, new HttpConnectionFactory(https));
-    sslConnector.setPort(this.config.getPort());
-    s.setConnectors(new Connector[] {sslConnector});
-
-    // Setup the basic application "context" for this application at "/"
-    // This is also known as the handler tree (in jetty speak)
-    ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
-    context.setContextPath("/");
-    s.setHandler(context);
-
-    // Add a websocket to a specific path spec
-    ServletHolder holderEvents =
-        new ServletHolder("ids", new ServerSocketServlet(this.config, this.socketListener));
-    context.addServlet(holderEvents, "/");
-
-    try {
-      s.start();
-      this.server = s;
-    } catch (Exception e) {
-      LOG.error(e.getMessage(), e);
-    }
-
-    return this;
-  }
-
-  /**
-   * Adds a ServletContextHandler to a (possibly running) server.
-   *
-   * @return Adds an IDSCP servlet to this server
-   */
-  public IdscpServer addServlet(String basePath) {
-    // TODO There should be one server per host/port, which is started at the first call to start().
-    // This method should be removed and instead start() should register new basePaths, if necessary
-    if (this.server == null) {
-      throw new IllegalArgumentException("Wrong order: must call start() before addServlet()");
-    }
-
-    ServletContextHandler context = new ServletContextHandler(ServletContextHandler.SESSIONS);
-    context.setContextPath("/");
-    this.server.setHandler(context);
-
-    // Add a websocket to a specific path spec
-    ServletHolder holderEvents =
-        new ServletHolder("ids", new ServerSocketServlet(this.config, this.socketListener));
-    context.addServlet(holderEvents, basePath);
-    return this;
-  }
-
-  public Server getServer() {
-    return this.server;
-  }
-
-  public boolean isRunning() {
-    Server s = this.server;
-    return s != null && s.isRunning();
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpServerSocket.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpServerSocket.java
deleted file mode 100644
index ae444112c..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpServerSocket.java
+++ /dev/null
@@ -1,168 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.server;
-
-import com.google.protobuf.InvalidProtocolBufferException;
-import de.fhg.aisec.ids.api.conm.RatResult;
-import de.fhg.aisec.ids.comm.DatVerifier;
-import de.fhg.aisec.ids.comm.ws.protocol.ProtocolState;
-import de.fhg.aisec.ids.comm.ws.protocol.ServerProtocolMachine;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.FSM;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import java.util.concurrent.locks.Condition;
-import java.util.concurrent.locks.ReentrantLock;
-import org.eclipse.jetty.websocket.api.Session;
-import org.eclipse.jetty.websocket.api.annotations.*;
-import org.eclipse.jetty.websocket.api.extensions.Frame;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * Handles messages for the IDS protocol.
- *
- * <p>Messages from and to the web socket are connected to the FSM implementing the actual protocol.
- *
- * @author Julian Schütte (julian.schuette@aisec.fraunhofer.de)
- */
-@WebSocket
-public class IdscpServerSocket {
-  private static final Logger LOG = LoggerFactory.getLogger(IdscpServerSocket.class);
-  private FSM fsm;
-  private final ReentrantLock lock = new ReentrantLock();
-  private final Condition isFinishedCond = lock.newCondition();
-
-  private ServerConfiguration config;
-  private SocketListener socketListener;
-  private Session session;
-  private DatVerifier datVerifier = dat -> {
-    if (LOG.isInfoEnabled()) {
-      LOG.info("Received DAT token: {}", dat);
-    }
-  };
-
-  public IdscpServerSocket(ServerConfiguration config, SocketListener socketListener) {
-    // Create provider socket
-    this.config = config;
-    this.socketListener = socketListener;
-  }
-
-  public void setDatVerifier(DatVerifier datVerifier) {
-    this.datVerifier = datVerifier;
-  }
-
-  /**
-   * Called upon incoming connection to server.
-   *
-   * @param session
-   */
-  @OnWebSocketConnect
-  public void onOpen(Session session) {
-    if (LOG.isDebugEnabled()) {
-      LOG.debug(
-          "Websocket opened {} from {} to {}",
-          this,
-          session.getRemoteAddress(),
-          session.getLocalAddress());
-    }
-
-    this.session = session;
-
-    // create Finite State Machine for IDS protocol
-    fsm = new ServerProtocolMachine(session, this.config, this.datVerifier);
-  }
-
-  @OnWebSocketClose
-  public void onClose(Session session, int statusCode, String reason) {
-    LOG.debug("websocket closed");
-    fsm.reset();
-    socketListener.notifyClosed(this);
-  }
-
-  @OnWebSocketError
-  public void onError(Throwable t) {
-    LOG.debug("websocket on error", t);
-    if (fsm != null) {
-      fsm.reset();
-    }
-  }
-
-  /**
-   * Handles incoming messages to server.
-   *
-   * @param session
-   * @param frame
-   */
-  @OnWebSocketFrame
-  public void onMessage(Session session, Frame frame) {
-    byte[] message = new byte[frame.getPayload().remaining()];
-    frame.getPayload().get(message);
-    LOG.debug("Received in state " + fsm.getState() + ": " + new String(message));
-    try {
-      lock.lockInterruptibly();
-      try {
-        if (fsm.getState().equals(ProtocolState.IDSCP_END.id())
-            || fsm.getState().equals(ProtocolState.IDSCP_ERROR.id())) {
-
-          LOG.debug("Passing through to web socket " + new String(message));
-          if (this.socketListener != null) {
-            this.socketListener.onMessage(session, message);
-          }
-          return;
-        }
-        ConnectorMessage msg = ConnectorMessage.parseFrom(message);
-        fsm.feedEvent(new Event(msg.getType(), new String(message), msg));
-      } catch (InvalidProtocolBufferException e) {
-        LOG.error(e.getMessage() + ": " + new String(message), e);
-        fsm.feedEvent(
-            new Event(
-                ConnectorMessage.Type.ERROR,
-                e.getMessage(),
-                ConnectorMessage.getDefaultInstance()));
-      }
-    } catch (InterruptedException e) {
-      LOG.warn(e.getMessage());
-      Thread.currentThread().interrupt();
-    } finally {
-      lock.unlock();
-    }
-  }
-
-  public ReentrantLock semaphore() {
-    return lock;
-  }
-
-  public Condition isFinished() {
-    return isFinishedCond;
-  }
-
-  // get the result of the remote attestation
-  public RatResult getAttestationResult() {
-    return fsm.getRatResult();
-  }
-
-  public String getMetaData() {
-    return fsm.getMetaData();
-  }
-
-  public Session getSession() {
-    return this.session;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpWebSocketCreator.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpWebSocketCreator.java
deleted file mode 100644
index f25f71317..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/IdscpWebSocketCreator.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.server;
-
-import org.eclipse.jetty.websocket.servlet.ServletUpgradeRequest;
-import org.eclipse.jetty.websocket.servlet.ServletUpgradeResponse;
-import org.eclipse.jetty.websocket.servlet.WebSocketCreator;
-
-/** Creates a configurable WebSocket for the IDSCP protocol. */
-public class IdscpWebSocketCreator implements WebSocketCreator {
-  private ServerConfiguration config;
-  private SocketListener socketListener;
-
-  public IdscpWebSocketCreator(ServerConfiguration config, SocketListener socketListener) {
-    this.config = config;
-    this.socketListener = socketListener;
-  }
-
-  @Override
-  public Object createWebSocket(ServletUpgradeRequest req, ServletUpgradeResponse resp) {
-    return new IdscpServerSocket(this.config, this.socketListener);
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerConfiguration.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerConfiguration.java
deleted file mode 100644
index df4943ec3..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerConfiguration.java
+++ /dev/null
@@ -1,179 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.server;
-
-import de.fhg.aisec.ids.comm.CertificatePair;
-import de.fhg.aisec.ids.comm.IdscpConfiguration;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.nullness.qual.Nullable;
-
-import java.net.URI;
-import java.security.KeyStore;
-
-/**
- * Configuration of the server-side (Provider) part of the IDSC protocol.
- *
- * @author Julian Schuette
- * @author Gerd Brost
- */
-public class ServerConfiguration implements IdscpConfiguration {
-  public static final int DEFAULT_PORT = 8080;
-
-  private int port = DEFAULT_PORT;
-  @NonNull private IdsAttestationType attestationType = IdsAttestationType.BASIC;
-  private int attestationMask;
-  @NonNull private CertificatePair certificatePair = new CertificatePair();
-  @Nullable private KeyStore keyStore = null;
-  @NonNull String rdfDescription = "";
-  @NonNull String dynamicAttributeToken = "";
-  @Nullable private URI ttpUri = null;
-  @NonNull private String keyStorePassword = "password";
-  @NonNull private String keyManagerPassword = "password";
-  @NonNull private String certAlias = "1";
-
-  public static class Builder {
-    @NonNull private ServerConfiguration config = new ServerConfiguration();
-
-    @NonNull
-    public Builder port(int port) {
-      config.port = port;
-      return this;
-    }
-
-    @NonNull
-    public Builder attestationType(@NonNull IdsAttestationType attestationType) {
-      config.attestationType = attestationType;
-      return this;
-    }
-
-    @NonNull
-    public Builder attestationMask(int attestationMask) {
-      config.attestationMask = attestationMask;
-      return this;
-    }
-
-    @NonNull
-    public Builder certificatePair(@NonNull CertificatePair certificatePair) {
-      config.certificatePair = certificatePair;
-      return this;
-    }
-
-    @NonNull
-    public Builder rdfDescription(@NonNull String rdfDescription) {
-      config.rdfDescription = rdfDescription;
-      return this;
-    }
-
-    @NonNull
-    public Builder dynamicAttributeToken(@NonNull String dynamicAttributeToken) {
-      config.dynamicAttributeToken = dynamicAttributeToken;
-      return this;
-    }
-
-    @NonNull
-    public Builder ttpUrl(@Nullable URI ttpUri) {
-      config.ttpUri = ttpUri;
-      return this;
-    }
-
-    @NonNull
-    public Builder setKeyStore(@NonNull KeyStore keyStore) {
-      config.keyStore = keyStore;
-      return this;
-    }
-
-    @NonNull
-    public Builder setKeyStorePassword(@NonNull String keyStorePassword) {
-      config.keyStorePassword = keyStorePassword;
-      return this;
-    }
-
-    @NonNull
-    public Builder setKeyPassword(@NonNull String keyPassword) {
-      config.keyManagerPassword = keyPassword;
-      return this;
-    }
-
-    @NonNull
-    public Builder setCertAlias(@NonNull String certAlias) {
-      config.certAlias = certAlias;
-      return this;
-    }
-
-    @NonNull
-    public ServerConfiguration build() {
-      return config;
-    }
-  }
-
-  public int getPort() {
-    return port;
-  }
-
-  @NonNull
-  public IdsAttestationType getAttestationType() {
-    return attestationType;
-  }
-
-  public int getAttestationMask() {
-    return attestationMask;
-  }
-
-  @NonNull
-  public CertificatePair getCertificatePair() {
-    return certificatePair;
-  }
-
-  @NonNull
-  public String getRDFDescription() {
-    return rdfDescription;
-  }
-
-  @NonNull
-  public String getDynamicAttributeToken() {
-    return dynamicAttributeToken;
-  }
-
-  @Nullable
-  public URI getTrustedThirdPartyURI() {
-    return ttpUri;
-  }
-
-  @Nullable
-  public KeyStore getKeyStore() {
-    return keyStore;
-  }
-
-  @NonNull
-  public String getKeyStorePassword() {
-    return keyStorePassword;
-  }
-
-  @NonNull
-  public String getKeyManagerPassword() {
-    return keyManagerPassword;
-  }
-
-  @NonNull
-  public String getCertAlias() {
-    return certAlias;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerSocketServlet.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerSocketServlet.java
deleted file mode 100644
index 24f3b302f..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/ServerSocketServlet.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.server;
-
-import org.eclipse.jetty.websocket.servlet.WebSocketServlet;
-import org.eclipse.jetty.websocket.servlet.WebSocketServletFactory;
-
-public class ServerSocketServlet extends WebSocketServlet {
-  public static final int MAX_MESSAGE_SIZE = 100 * 1024 * 1024;
-
-  private static final long serialVersionUID = -3504454673920877370L;
-  private final ServerConfiguration config;
-  private final SocketListener socketListener;
-
-  public ServerSocketServlet(ServerConfiguration config, SocketListener socketListener) {
-    this.config = config;
-    this.socketListener = socketListener;
-  }
-
-  @Override
-  public void configure(WebSocketServletFactory factory) {
-    factory.getPolicy().setMaxBinaryMessageSize(MAX_MESSAGE_SIZE);
-    factory.getPolicy().setMaxTextMessageSize(MAX_MESSAGE_SIZE);
-    factory.setCreator(new IdscpWebSocketCreator(this.config, this.socketListener));
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/SocketListener.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/SocketListener.java
deleted file mode 100644
index c6400e513..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/server/SocketListener.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.server;
-
-import org.eclipse.jetty.websocket.api.Session;
-
-public interface SocketListener {
-
-  /**
-   * This method is called on every incoming payload message.
-   *
-   * <p>Implementations of this interface should handle payloads here.
-   *
-   * @param session
-   * @param message
-   */
-  void onMessage(Session session, byte[] message);
-
-  void notifyClosed(IdscpServerSocket idscpServerSocket);
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ClientProtocolMachine.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ClientProtocolMachine.java
deleted file mode 100644
index f3933fc5a..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ClientProtocolMachine.java
+++ /dev/null
@@ -1,197 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol;
-
-import com.google.protobuf.MessageLite;
-import de.fhg.aisec.ids.api.tokenm.DatException;
-import de.fhg.aisec.ids.comm.DatVerifier;
-import de.fhg.aisec.ids.comm.client.ClientConfiguration;
-import de.fhg.aisec.ids.comm.ws.protocol.error.ErrorHandler;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.FSM;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Transition;
-import de.fhg.aisec.ids.comm.ws.protocol.metadata.MetadataConsumerHandler;
-import de.fhg.aisec.ids.comm.ws.protocol.rat.RemoteAttestationClientHandler;
-import de.fhg.aisec.ids.comm.ws.protocol.rat.RemoteAttestationHandler;
-import de.fhg.aisec.ids.messages.Idscp;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import java.net.URI;
-import java.util.Arrays;
-import org.asynchttpclient.ws.WebSocket;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * This class generates the Finite State Machine (FSM) for the IDS protocol.
- *
- * @author Julian Schütte
- * @author Georg Räß
- * @author Gerd Brost
- * @author Michael Lux
- */
-public class ClientProtocolMachine extends FSM {
-  private static final Logger LOG = LoggerFactory.getLogger(ClientProtocolMachine.class);
-
-  private WebSocket clientSocket;
-
-  /**
-   * Constructor of a finite state machine (FSM) implementing the IDSP protocol.
-   *
-   * <p>The FSM will be in its initial state and ready to accept messages via <code>FSM.feedEvent()
-   * </code>. It will send responses over the session according to its FSM definition.
-   */
-  public ClientProtocolMachine(WebSocket ws, ClientConfiguration clientConfiguration,
-                               DatVerifier datVerifier) {
-    this.clientSocket = ws;
-
-    // set trusted third party URL
-    URI ttp = clientConfiguration.getTrustedThirdPartyURI();
-    // all handler
-    RemoteAttestationClientHandler ratConsumerHandler =
-        new RemoteAttestationClientHandler(
-            clientConfiguration, ttp, RemoteAttestationHandler.CONTROL_SOCKET);
-    ErrorHandler errorHandler = new ErrorHandler();
-    MetadataConsumerHandler metaHandler =
-        new MetadataConsumerHandler(
-            clientConfiguration.getRDFDescription(),
-            clientConfiguration.getDynamicAttributeToken());
-
-    // Standard protocol states
-    this.addState(ProtocolState.IDSCP_START);
-    this.addState(ProtocolState.IDSCP_ERROR);
-    this.addState(ProtocolState.IDSCP_END);
-
-    // Remote attestation states
-    this.addState(ProtocolState.IDSCP_RAT_AWAIT_REQUEST);
-    this.addState(ProtocolState.IDSCP_RAT_AWAIT_RESPONSE);
-    this.addState(ProtocolState.IDSCP_RAT_AWAIT_RESULT);
-    this.addState(ProtocolState.IDSCP_RAT_AWAIT_LEAVE);
-
-    // Meta data exchange states
-    this.addState(ProtocolState.IDSCP_META_REQUEST);
-    this.addState(ProtocolState.IDSCP_META_RESPONSE);
-
-    // Remote Attestation Protocol
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.RAT_START,
-            ProtocolState.IDSCP_START,
-            ProtocolState.IDSCP_RAT_AWAIT_REQUEST,
-            e -> replyProto(ratConsumerHandler.enterRatRequest(e))));
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.RAT_REQUEST,
-            ProtocolState.IDSCP_RAT_AWAIT_REQUEST,
-            ProtocolState.IDSCP_RAT_AWAIT_RESPONSE,
-            e -> replyProto(ratConsumerHandler.sendTPM2Ddata(e))));
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.RAT_RESPONSE,
-            ProtocolState.IDSCP_RAT_AWAIT_RESPONSE,
-            ProtocolState.IDSCP_RAT_AWAIT_RESULT,
-            e -> replyProto(ratConsumerHandler.sendResult(e))));
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.RAT_RESULT,
-            ProtocolState.IDSCP_RAT_AWAIT_RESULT,
-            ProtocolState.IDSCP_RAT_AWAIT_LEAVE,
-            e -> {
-              MessageLite message = ratConsumerHandler.leaveRatRequest(e);
-              this.handleRatResult(
-                  ratConsumerHandler.handleAttestationResult(
-                      e.getMessage().getAttestationResult()));
-              return replyProto(message);
-            }));
-
-    // Metadata Exchange Protocol
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.RAT_LEAVE,
-            ProtocolState.IDSCP_RAT_AWAIT_LEAVE,
-            ProtocolState.IDSCP_META_REQUEST,
-            e -> replyProto(metaHandler.request(e))));
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.META_RESPONSE,
-            ProtocolState.IDSCP_META_REQUEST,
-            ProtocolState.IDSCP_END,
-            e -> {
-              var mex = e.getMessage().getMetadataExchange();
-              this.setMetaData(mex.getRdfdescription());
-              this.setDynamicAttributeToken(mex.getDynamicAttributeToken());
-              try {
-                datVerifier.verify(getDynamicAttributeToken());
-                LOG.info("DAT successfully verified.");
-                return true;
-              } catch (DatException de) {
-                LOG.warn("Error during DAT verification", de);
-                return false;
-              }
-            }));
-
-    // Error transitions
-    // in case of error, either fast forward to meta exchange (if in rat) or go to END
-    ProtocolState[] errorStartStates =
-        new ProtocolState[] {
-          ProtocolState.IDSCP_START,
-          ProtocolState.IDSCP_RAT_AWAIT_REQUEST,
-          ProtocolState.IDSCP_RAT_AWAIT_RESPONSE,
-          ProtocolState.IDSCP_RAT_AWAIT_RESULT,
-          ProtocolState.IDSCP_RAT_AWAIT_LEAVE,
-          ProtocolState.IDSCP_META_REQUEST,
-          ProtocolState.IDSCP_META_RESPONSE
-        };
-    Arrays.stream(errorStartStates)
-        .forEach(state -> this.addTransition(makeConsumerErrorTransition(state, errorHandler)));
-
-    // Add listener to log state transitions
-    this.addSuccessChangeListener(
-        (f, e) ->
-            LOG.debug(String.format("Consumer State change: %s -> %s", e.getKey(), f.getState())));
-
-    //        String graph = this.toDot();
-    //        System.out.println(graph);
-
-    /* Run the FSM */
-    this.setInitialState(ProtocolState.IDSCP_START);
-  }
-
-  protected Transition makeConsumerErrorTransition(ProtocolState state, ErrorHandler errorHandler) {
-    return new Transition(
-        ConnectorMessage.Type.ERROR,
-        state,
-        ProtocolState.IDSCP_END,
-        e -> errorHandler.handleError(e, state, true));
-  }
-
-  private boolean replyProto(MessageLite message) {
-    return reply(message.toByteArray());
-  }
-
-  /**
-   * Sends a response over the websocket session.
-   *
-   * @param text Bytes to send to client
-   * @return true if successful, false if not.
-   */
-  private boolean reply(byte[] text) {
-    this.clientSocket.sendBinaryFrame(text);
-    return true;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/IDSCPException.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/IDSCPException.java
deleted file mode 100644
index 36dcfce06..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/IDSCPException.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol;
-
-public class IDSCPException extends RuntimeException {
-  public IDSCPException(String message) {
-    super(message);
-  }
-
-  public IDSCPException(String message, Throwable cause) {
-    super(message, cause);
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ProtocolState.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ProtocolState.java
deleted file mode 100644
index a1d418560..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ProtocolState.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol;
-
-import java.util.concurrent.atomic.AtomicInteger;
-
-/**
- * Definition of FSM states for IDS protocol.
- *
- * @author Julian Schuette (julian.schuette@aisec.fraunhofer.de)
- * @author Georg Raess (georg.raess@aisec.fraunhofer.de)
- */
-public final class ProtocolState {
-  private String id;
-  private String description;
-  public final int ord;
-  private static AtomicInteger upperBound = new AtomicInteger(0);
-
-  /* -------------- States start here ------------ */
-  public static final ProtocolState IDSCP_START =
-      new ProtocolState("IDSCP:START", "Idscp: start of protocol.");
-  public static final ProtocolState IDSCP_ERROR =
-      new ProtocolState("IDSCP:ERROR", "Idscp: error in protocol.");
-  public static final ProtocolState IDSCP_END =
-      new ProtocolState("IDSCP:END", "Idscp: end of protocol.");
-  public static final ProtocolState IDSCP_RAT_AWAIT_RESPONSE =
-      new ProtocolState("IDSCP:RAT:AWAIT_RESPONSE", "Idscp/RemoteAttestation: awaiting response.");
-  public static final ProtocolState IDSCP_RAT_AWAIT_REQUEST =
-      new ProtocolState("IDSCP:RAT:AWAIT_REQUEST", "Idscp/RemoteAttestation: awaiting request.");
-  public static final ProtocolState IDSCP_RAT_AWAIT_RESULT =
-      new ProtocolState("IDSCP:RAT:AWAIT_RESULT", "Idscp/RemoteAttestation: awaiting result.");
-  public static final ProtocolState IDSCP_RAT_AWAIT_LEAVE =
-      new ProtocolState("IDSCP:RAT:AWAIT_LEAVE", "Idscp/RemoteAttestation: awaiting to leave.");
-  public static final ProtocolState IDSCP_META_REQUEST =
-      new ProtocolState("IDSCP:META:REQUEST", "Idscp/Metadataexchange: request.");
-  public static final ProtocolState IDSCP_META_RESPONSE =
-      new ProtocolState("IDSCP:META:RESPONSE", "Idscp/Metadataexchange: response.");
-  /* -------------- States end here ------------ */
-
-  private ProtocolState(String id, String description) {
-    this.id = id;
-    this.description = description;
-    this.ord = upperBound.getAndIncrement();
-  }
-
-  public String id() {
-    return this.id;
-  }
-
-  public String description() {
-    return this.description;
-  }
-
-  public static int size() {
-    return upperBound.get();
-  }
-
-  public String toString() {
-    return this.description() + " (id: " + this.id() + ")";
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ServerProtocolMachine.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ServerProtocolMachine.java
deleted file mode 100644
index b10a2cd6c..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/ServerProtocolMachine.java
+++ /dev/null
@@ -1,219 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol;
-
-import com.google.protobuf.MessageLite;
-import de.fhg.aisec.ids.api.tokenm.DatException;
-import de.fhg.aisec.ids.comm.DatVerifier;
-import de.fhg.aisec.ids.comm.server.ServerConfiguration;
-import de.fhg.aisec.ids.comm.ws.protocol.error.ErrorHandler;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.FSM;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Transition;
-import de.fhg.aisec.ids.comm.ws.protocol.metadata.MetadataProviderHandler;
-import de.fhg.aisec.ids.comm.ws.protocol.rat.RemoteAttestationHandler;
-import de.fhg.aisec.ids.comm.ws.protocol.rat.RemoteAttestationServerHandler;
-import de.fhg.aisec.ids.messages.Idscp.AttestationResult;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import de.fhg.aisec.ids.messages.Idscp.Error;
-import java.io.IOException;
-import java.net.URI;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import java.util.function.Function;
-
-import org.eclipse.jetty.websocket.api.Session;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * This class generates the Finite State Machine (FSM) for the IDS protocol.
- *
- * @author Julian Schütte
- * @author Georg Räß
- * @author Gerd Brost
- * @author Michael Lux
- */
-public class ServerProtocolMachine extends FSM {
-  private static final Logger LOG = LoggerFactory.getLogger(ServerProtocolMachine.class);
-
-  private Session serverSession;
-  private AttestationResult attestationResult;
-
-  public ServerProtocolMachine(Session sess, ServerConfiguration serverConfiguration,
-                               DatVerifier datVerifier) {
-    this.serverSession = sess;
-
-    // set trusted third party URL
-    URI ttp = serverConfiguration.getTrustedThirdPartyURI();
-
-    // all handler
-    RemoteAttestationServerHandler ratProviderHandler =
-        new RemoteAttestationServerHandler(
-            serverConfiguration, ttp, RemoteAttestationHandler.CONTROL_SOCKET);
-    ErrorHandler errorHandler = new ErrorHandler();
-    MetadataProviderHandler metaHandler =
-        new MetadataProviderHandler(
-            serverConfiguration.getRDFDescription(),
-            serverConfiguration.getDynamicAttributeToken());
-
-    // Standard protocol states
-    this.addState(ProtocolState.IDSCP_START);
-    this.addState(ProtocolState.IDSCP_ERROR);
-    this.addState(ProtocolState.IDSCP_END);
-
-    // Remote Attestation states
-    this.addState(ProtocolState.IDSCP_RAT_AWAIT_REQUEST);
-    this.addState(ProtocolState.IDSCP_RAT_AWAIT_RESPONSE);
-    this.addState(ProtocolState.IDSCP_RAT_AWAIT_RESULT);
-    this.addState(ProtocolState.IDSCP_RAT_AWAIT_LEAVE);
-
-    // Metadata exchange states
-    this.addState(ProtocolState.IDSCP_META_REQUEST);
-    this.addState(ProtocolState.IDSCP_META_RESPONSE);
-
-    // Remote Attestation Protocol
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.RAT_REQUEST,
-            ProtocolState.IDSCP_START,
-            ProtocolState.IDSCP_RAT_AWAIT_RESPONSE,
-            e -> replyProto(ratProviderHandler.enterRatRequest(e))));
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.RAT_RESPONSE,
-            ProtocolState.IDSCP_RAT_AWAIT_RESPONSE,
-            ProtocolState.IDSCP_RAT_AWAIT_RESULT,
-            e -> replyProto(ratProviderHandler.sendTPM2Ddata(e))));
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.RAT_RESULT,
-            ProtocolState.IDSCP_RAT_AWAIT_RESULT,
-            ProtocolState.IDSCP_RAT_AWAIT_LEAVE,
-            e -> {
-              attestationResult = e.getMessage().getAttestationResult();
-              return replyProto(ratProviderHandler.sendResult(e));
-            }));
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.RAT_LEAVE,
-            ProtocolState.IDSCP_RAT_AWAIT_LEAVE,
-            ProtocolState.IDSCP_META_REQUEST,
-            e -> {
-              MessageLite message = ratProviderHandler.leaveRatRequest(e);
-              this.handleRatResult(ratProviderHandler.handleAttestationResult(attestationResult));
-              return replyProto(message);
-            }));
-
-    // Metadata Exchange Protocol
-    this.addTransition(
-        new Transition(
-            ConnectorMessage.Type.META_REQUEST,
-            ProtocolState.IDSCP_META_REQUEST,
-            ProtocolState.IDSCP_END,
-            e -> {
-              var mex = e.getMessage().getMetadataExchange();
-              this.setMetaData(mex.getRdfdescription());
-              this.setDynamicAttributeToken(mex.getDynamicAttributeToken());
-              try {
-                datVerifier.verify(getDynamicAttributeToken());
-                LOG.info("DAT successfully verified.");
-                return replyProto(metaHandler.response(e));
-              } catch (Exception de) {
-                LOG.warn("Error during DAT verification", de);
-                replyProto(ConnectorMessage.newBuilder()
-                    .setId(-1)
-                    .setType(ConnectorMessage.Type.ERROR)
-                    .setError(Error.newBuilder()
-                        .setErrorCode("")
-                        .setErrorMessage("DAT verification failed: " + de.getMessage())
-                        .build())
-                    .build());
-                return false;
-              }
-            }));
-
-    // Error transitions
-    // in case of error, either fast forward to meta exchange (if in rat) or go to END
-    ProtocolState[] errorStartStates =
-        new ProtocolState[] {
-          ProtocolState.IDSCP_START,
-          ProtocolState.IDSCP_RAT_AWAIT_REQUEST,
-          ProtocolState.IDSCP_RAT_AWAIT_RESPONSE,
-          ProtocolState.IDSCP_RAT_AWAIT_RESULT,
-          ProtocolState.IDSCP_RAT_AWAIT_LEAVE,
-          ProtocolState.IDSCP_META_REQUEST,
-          ProtocolState.IDSCP_META_RESPONSE
-        };
-    Arrays.stream(errorStartStates)
-        .forEach(state -> this.addTransition(makeProviderErrorTransition(state, errorHandler)));
-
-    /* Add listener to log state transitions */
-    this.addSuccessChangeListener(
-        (f, e) ->
-            LOG.debug(String.format("Provider State change: %s -> %s", e.getKey(), f.getState())));
-
-    //        String graph = this.toDot();
-    //        System.out.println(graph);
-
-    /* Run the FSM */
-    this.setInitialState(ProtocolState.IDSCP_START);
-  }
-
-  private Transition makeProviderErrorTransition(ProtocolState state, ErrorHandler errorHandler) {
-    return new Transition(
-        ConnectorMessage.Type.ERROR,
-        state,
-        ProtocolState.IDSCP_END,
-        e -> {
-          errorHandler.handleError(e, state, false);
-          LOG.debug("Client sending abort");
-          MessageLite abortMessage =
-              ConnectorMessage.newBuilder()
-                  .setId(0)
-                  .setType(ConnectorMessage.Type.ERROR)
-                  .setError(Error.newBuilder().setErrorCode("").setErrorMessage("Abort").build())
-                  .build();
-          return reply(abortMessage.toByteArray());
-        });
-  }
-
-  private boolean replyProto(MessageLite message) {
-    return reply(message.toByteArray());
-  }
-
-  /**
-   * Sends a response over the websocket session.
-   *
-   * @param text Bytes to send to client
-   * @return true if successful, false if not.
-   */
-  private boolean reply(byte[] text) {
-    try {
-      ByteBuffer bb = ByteBuffer.wrap(text);
-      LOG.trace("Sending out ByteBuffer with {} bytes", bb.array().length);
-      serverSession.getRemote().sendBytes(bb);
-      serverSession.getRemote().flush();
-      return true;
-    } catch (IOException e) {
-      LOG.error(e.getMessage(), e);
-      return false;
-    }
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/error/ErrorHandler.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/error/ErrorHandler.java
deleted file mode 100644
index a7e3ecea7..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/error/ErrorHandler.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.error;
-
-import de.fhg.aisec.ids.comm.ws.protocol.ProtocolState;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings("unused")
-public class ErrorHandler {
-  private static final Logger LOG = LoggerFactory.getLogger(ErrorHandler.class);
-
-  public boolean handleError(Event e, ProtocolState state, boolean isConsumer) {
-    String entity = isConsumer ? "Consumer" : "Provider";
-
-    LOG.debug(
-        "**************************************************************************************************");
-    LOG.debug("*  error handler during rat protocol execution ");
-    LOG.debug("*  -> state: " + state.description());
-    LOG.debug("*  -> side: " + entity + "");
-    LOG.debug("*  -> error: " + e.getMessage().getError().getErrorMessage());
-    LOG.debug(
-        "**************************************************************************************************");
-
-    return true;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/ChangeListener.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/ChangeListener.java
deleted file mode 100644
index ba98eecc5..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/ChangeListener.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.fsm;
-
-/**
- * Functional interface for listeners which are notified whenever the state of a FSM changes.
- *
- * @author Julian Schuette (julian.schuette@aisec.fraunhofer.de)
- */
-public interface ChangeListener {
-
-  void stateChanged(FSM fsm, Event event);
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/Event.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/Event.java
deleted file mode 100644
index d711b140e..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/Event.java
+++ /dev/null
@@ -1,64 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.fsm;
-
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-
-/**
- * An FSM event which may trigger a transition.
- *
- * @author Julian Schuette (julian.schuette@aisec.fraunhofer.de)
- */
-public class Event {
-  private Object key;
-  private String payload;
-  private ConnectorMessage msg;
-
-  public Event(Object key, String payload, ConnectorMessage msg) {
-    super();
-    this.setKey(key);
-    this.setPayload(payload);
-    this.setMessage(msg);
-  }
-
-  public Object getKey() {
-    return key;
-  }
-
-  public void setKey(Object key) {
-    this.key = key;
-  }
-
-  public ConnectorMessage getMessage() {
-    return this.msg;
-  }
-
-  public void setMessage(ConnectorMessage evt) {
-    this.msg = evt;
-  }
-
-  public String getPayload() {
-    return this.payload;
-  }
-
-  public void setPayload(String payload) {
-    this.payload = payload;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/FSM.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/FSM.java
deleted file mode 100644
index 0421adba1..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/FSM.java
+++ /dev/null
@@ -1,213 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.fsm;
-
-import de.fhg.aisec.ids.api.conm.RatResult;
-import de.fhg.aisec.ids.comm.ws.protocol.ProtocolState;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Map.Entry;
-import java.util.NoSuchElementException;
-
-/**
- * Implementation of a finite state machine (FSM).
- *
- * @author Julian Schuette (julian.schuette@aisec.fraunhofer.de)
- */
-public class FSM {
-
-  protected String currentState = null;
-  protected Map<String, State> states;
-  protected HashSet<ChangeListener> successChangeListeners;
-  protected HashSet<ChangeListener> failChangeListeners;
-  private String initialState = null;
-  private RatResult ratResult;
-  private String metaData;
-  private String dynamicAttributeToken;
-
-  public FSM() {
-    this.states = new HashMap<>();
-    this.successChangeListeners = new HashSet<>();
-    this.failChangeListeners = new HashSet<>();
-  }
-
-  public String getState() {
-    return currentState;
-  }
-
-  public void addState(ProtocolState state) {
-    addState(state.id(), null, null, null);
-  }
-
-  /**
-   * Defines an additional state. A state is identified by a name and has three blocks of code
-   * assigned to it:
-   *
-   * <p>1) entryCode is executed when the state is entered from another state (after the
-   * transition's code has been executed)
-   *
-   * <p>2) exitCode is executed when the state is left for another state (before the transition's
-   * code is executed)
-   *
-   * <p>3) alwaysRunCode is always executed when the FSM enters this state (even if it has been in
-   * that state before)
-   *
-   * <p>All three Runnables may be null. Their result has no impact on the FSM's state, Exceptions
-   * thrown are ignored.
-   *
-   * @param state
-   * @param entryCode
-   * @param exitCode
-   * @param alwaysRunCode
-   */
-  public void addState(
-      String state, Runnable entryCode, Runnable exitCode, Runnable alwaysRunCode) {
-    if (states.size() == 0) {
-      this.initialState = state;
-      this.currentState = state;
-    }
-    if (!states.containsKey(state)) {
-      states.put(state, new State(entryCode, exitCode, alwaysRunCode));
-    } else {
-      throw new NoSuchElementException("Missing state: " + state);
-    }
-  }
-
-  /**
-   * Defines initial state of this FSM. If no initial state is defined explicitly, the first added
-   * state is the initial state.
-   *
-   * @param state The initial state of this FSM
-   */
-  public void setInitialState(ProtocolState state) {
-    if (!this.states.containsKey(state.id())) {
-      throw new NoSuchElementException("Missing state: " + state.id());
-    }
-    this.initialState = state.id();
-  }
-
-  /** Resets FSM to it initial state */
-  public void reset() {
-    this.currentState = this.initialState;
-  }
-
-  private void setState(String state) {
-    boolean runExtraCode = !state.equals(currentState);
-    if (runExtraCode && currentState != null) {
-      states.get(currentState).runExitCode();
-    }
-    currentState = state;
-    states.get(currentState).runAlwaysCode();
-    if (runExtraCode) {
-      states.get(currentState).runEntryCode();
-    }
-
-    // If event-less transition is defined for current node, trigger it immediately
-    if (states.get(currentState).transitions.containsKey(null)) {
-      feedEvent(null);
-    }
-  }
-
-  /**
-   * Add a new transition to this FSM.
-   *
-   * @param trans The transition to be added to this FSM
-   */
-  public void addTransition(Transition trans) {
-    State st = states.get(trans.startState);
-    if (st == null) {
-      throw new NoSuchElementException("Missing start state: " + trans.startState);
-    }
-    if (!states.containsKey(trans.endState)) {
-      throw new NoSuchElementException("Missing end state: " + trans.endState);
-    }
-    st.addTransition(trans);
-  }
-
-  public void addSuccessChangeListener(ChangeListener cl) {
-    successChangeListeners.add(cl);
-  }
-
-  public void addFailChangeListener(ChangeListener cl) {
-    failChangeListeners.add(cl);
-  }
-
-  public void feedEvent(Event event) {
-    Object evtKey = event.getKey();
-    State state = states.get(currentState);
-    Transition trans = state.transitions.get(evtKey);
-    if (trans != null) {
-      if (trans.doBeforeTransition(event)) {
-        setState(trans.endState);
-        successChangeListeners.forEach(l -> l.stateChanged(this, event));
-      } else {
-        failChangeListeners.forEach(l -> l.stateChanged(this, event));
-      }
-    }
-  }
-
-  public String toDot() {
-    StringBuilder sb = new StringBuilder();
-    sb.append("digraph finite_state_machine {\n");
-    sb.append("	rankdir=LR;\n");
-    sb.append("	node [shape = ellipse];\n");
-    for (Entry<String, State> from : states.entrySet()) {
-      for (Object t : from.getValue().transitions.keySet()) {
-        String to = from.getValue().transitions.get(t).endState;
-        Object eventKey = from.getValue().transitions.get(t).event;
-        sb.append(
-            "    "
-                + from.getKey().replace(':', '_')
-                + " -> "
-                + to.replace(':', '_')
-                + " [ label=\""
-                + eventKey
-                + "\" ];\n");
-      }
-    }
-    sb.append("			}");
-    return sb.toString();
-  }
-
-  public void handleRatResult(RatResult attestationResult) {
-    this.ratResult = attestationResult;
-  }
-
-  public RatResult getRatResult() {
-    return ratResult;
-  }
-
-  public void setMetaData(String metaData) {
-    this.metaData = metaData;
-  }
-
-  public String getMetaData() {
-    return this.metaData;
-  }
-
-  public void setDynamicAttributeToken(String dynamicAttributeToken) {
-    this.dynamicAttributeToken = dynamicAttributeToken;
-  }
-
-  public String getDynamicAttributeToken() {
-    return this.dynamicAttributeToken;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/State.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/State.java
deleted file mode 100644
index a79fcc964..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/State.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.fsm;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/** Represents a state with some number of associated transitions. */
-class State {
-  // map from event key to transition
-  Map<Object, Transition> transitions = new HashMap<>();
-  Runnable entryCode;
-  Runnable exitCode;
-  Runnable alwaysRunCode;
-
-  State(Runnable entryCode, Runnable exitCode, Runnable alwaysRunCode) {
-    this.entryCode = entryCode;
-    this.exitCode = exitCode;
-    this.alwaysRunCode = alwaysRunCode;
-  }
-
-  public void addTransition(Transition trans) {
-    // Fail fast for duplicate transitions
-    if (transitions.containsKey(trans.event)) {
-      throw new IllegalArgumentException(
-          "Transition for event " + trans.event + " already exists.");
-    }
-    transitions.put(trans.event, trans);
-  }
-
-  public void runEntryCode() {
-    if (entryCode != null) {
-      entryCode.run();
-    }
-  }
-
-  public void runExitCode() {
-    if (exitCode != null) {
-      exitCode.run();
-    }
-  }
-
-  public void runAlwaysCode() {
-    if (alwaysRunCode != null) {
-      alwaysRunCode.run();
-    }
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/Transition.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/Transition.java
deleted file mode 100644
index 5d5ecdda6..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/fsm/Transition.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.fsm;
-
-import de.fhg.aisec.ids.comm.ws.protocol.ProtocolState;
-import java.util.function.Function;
-import org.slf4j.LoggerFactory;
-
-/**
- * A Transition transfers the FSM from a start state to an end state and is triggered by an event.
- *
- * <p>Associated with a transition is code that is executed when the transition is taken.
- */
-public class Transition {
-  final Object event;
-  final String startState;
-  final String endState;
-  final Function<Event, Boolean> runBeforeTransition;
-
-  /**
-   * Creates a new transition.
-   *
-   * @param eventName the event triggering this transition.
-   * @param startState the start state of this transition.
-   * @param endState the end state of this transition.
-   * @param runBeforeTransition code executed when the transition is triggered. If the callable
-   *     returns true, the transition takes place, if the callable returns false, the transition
-   *     will not take place and the FSM remains in startState.
-   */
-  public Transition(
-      String eventName,
-      String startState,
-      String endState,
-      Function<Event, Boolean> runBeforeTransition) {
-    this.event = eventName;
-    this.startState = startState;
-    this.endState = endState;
-    this.runBeforeTransition = runBeforeTransition;
-  }
-
-  public Transition(
-      Object evtKey,
-      String startState,
-      String endState,
-      Function<Event, Boolean> runBeforeTransition) {
-    this.event = evtKey;
-    this.startState = startState;
-    this.endState = endState;
-    this.runBeforeTransition = runBeforeTransition;
-  }
-
-  public Transition(
-      Object evtKey,
-      ProtocolState startState,
-      ProtocolState endState,
-      Function<Event, Boolean> runBeforeTransition) {
-    this.event = evtKey;
-    this.startState = startState.id();
-    this.endState = endState.id();
-    this.runBeforeTransition = runBeforeTransition;
-  }
-
-  /**
-   * Executes code associated with this transition.
-   *
-   * <p>This method returns the result of the executed Callable (true or false) or false in case of
-   * any Exceptions. No exceptions will be thrown from this method.
-   *
-   * @return Whether
-   */
-  protected boolean doBeforeTransition(Event event) {
-    if (runBeforeTransition != null) {
-      try {
-        runBeforeTransition.apply(event);
-      } catch (Throwable t) {
-        LoggerFactory.getLogger(this.getClass().getName())
-            .warn("Error in before-transition-procedure", t);
-        return false;
-      }
-    }
-    return true;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataConsumerHandler.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataConsumerHandler.java
deleted file mode 100644
index 907080383..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataConsumerHandler.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.metadata;
-
-import com.google.protobuf.MessageLite;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import de.fhg.aisec.ids.messages.Idscp.MedadataExchange;
-
-public class MetadataConsumerHandler extends MetadataHandler {
-
-  public MetadataConsumerHandler(String rdfSelfDescription, String dynamicAttributeToken) {
-    super(rdfSelfDescription, dynamicAttributeToken);
-  }
-
-  public MessageLite request(Event e) {
-    this.sessionID = e.getMessage().getId();
-    return ConnectorMessage.newBuilder()
-        .setId(++this.sessionID)
-        .setType(ConnectorMessage.Type.META_REQUEST)
-        .setMetadataExchange(
-            MedadataExchange.newBuilder()
-                .setRdfdescription(getMetaData())
-                .setDynamicAttributeToken(getDynamicAttributeToken())
-                .build())
-        .build();
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataHandler.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataHandler.java
deleted file mode 100644
index 8fa558be8..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataHandler.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.metadata;
-
-import com.google.protobuf.MessageLite;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import de.fhg.aisec.ids.messages.Idscp.Error;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class MetadataHandler {
-  protected static Logger LOG = LoggerFactory.getLogger(MetadataHandler.class);
-  protected static String lastError = "";
-  protected long sessionID = -1;
-  protected String rdfSelfDescription = "THIS IS SOME META DATA";
-  protected String dynamicAttributeToken = "INVALID_TOKEN";
-
-  public MetadataHandler() {}
-
-  public MetadataHandler(String rdfSelfDescription, String dynamicAttributeToken) {
-    this.rdfSelfDescription = rdfSelfDescription;
-    this.dynamicAttributeToken = dynamicAttributeToken;
-  }
-
-  public String getMetaData() {
-
-    return this.rdfSelfDescription;
-  }
-
-  public String getDynamicAttributeToken() {
-    return this.dynamicAttributeToken;
-  }
-
-  public static MessageLite sendError(String lastError) {
-    return ConnectorMessage.newBuilder()
-        .setId(0)
-        .setType(ConnectorMessage.Type.ERROR)
-        .setError(Error.newBuilder().setErrorCode("").setErrorMessage(lastError).build())
-        .build();
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataProviderHandler.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataProviderHandler.java
deleted file mode 100644
index d1882502e..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/metadata/MetadataProviderHandler.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.metadata;
-
-import com.google.protobuf.MessageLite;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import de.fhg.aisec.ids.messages.Idscp.MedadataExchange;
-
-public class MetadataProviderHandler extends MetadataHandler {
-  public MetadataProviderHandler(String rdfSelfDescription, String dynamicAttributeToken) {
-    super(rdfSelfDescription, dynamicAttributeToken);
-  }
-
-  public MessageLite response(Event e) {
-    this.sessionID = e.getMessage().getId();
-
-    return ConnectorMessage.newBuilder()
-        .setId(++this.sessionID)
-        .setType(ConnectorMessage.Type.META_RESPONSE)
-        .setMetadataExchange(
-            MedadataExchange.newBuilder()
-                .setRdfdescription(getMetaData())
-                .setDynamicAttributeToken(getDynamicAttributeToken())
-                .build())
-        .build();
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/NonceGenerator.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/NonceGenerator.java
deleted file mode 100644
index 99fa9a2ca..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/NonceGenerator.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.rat;
-
-import java.security.SecureRandom;
-
-public final class NonceGenerator {
-  private static final SecureRandom sr = new SecureRandom();
-
-  private NonceGenerator() {}
-
-  /**
-   * Generate a crypto-secure random hex String of length numChars
-   *
-   * @param numBytes Desired String length
-   * @return The generated crypto-secure random hex String
-   */
-  public static byte[] generate(int numBytes) {
-    byte[] randBytes = new byte[numBytes];
-    sr.nextBytes(randBytes);
-    return randBytes;
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationClientHandler.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationClientHandler.java
deleted file mode 100644
index 1b1615dd8..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationClientHandler.java
+++ /dev/null
@@ -1,191 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.rat;
-
-import com.google.protobuf.ByteString;
-import com.google.protobuf.MessageLite;
-import de.fhg.aisec.ids.comm.CertificatePair;
-import de.fhg.aisec.ids.comm.IdscpConfiguration;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import de.fhg.aisec.ids.messages.AttestationProtos.Pcr;
-import de.fhg.aisec.ids.messages.AttestationProtos.RemoteToTpm2d;
-import de.fhg.aisec.ids.messages.AttestationProtos.RemoteToTpm2d.Code;
-import de.fhg.aisec.ids.messages.AttestationProtos.Tpm2dToRemote;
-import de.fhg.aisec.ids.messages.Idscp.*;
-import java.io.IOException;
-import java.net.URI;
-import java.util.Collections;
-import java.util.List;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.nullness.qual.Nullable;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class RemoteAttestationClientHandler extends RemoteAttestationHandler {
-  private static final Logger LOG = LoggerFactory.getLogger(RemoteAttestationClientHandler.class);
-  private byte[] myNonce;
-  private byte[] yourNonce;
-  private IdsAttestationType aType;
-  private long sessionID = 0; // used to count messages between ids connectors during attestation
-  private final URI ttpUri;
-  private final int attestationMask;
-  private final CertificatePair certificatePair;
-
-  public RemoteAttestationClientHandler(
-      @NonNull IdscpConfiguration clientConfiguration,
-      @Nullable URI ttpUri,
-      @Nullable String socket) {
-    // set ttp uri
-    this.ttpUri = ttpUri;
-    // set current attestation type and mask (see attestation.proto)
-    this.aType = clientConfiguration.getAttestationType();
-    this.attestationMask = clientConfiguration.getAttestationMask();
-    this.certificatePair = clientConfiguration.getCertificatePair();
-  }
-
-  public MessageLite enterRatRequest(@NonNull Event e) {
-    // generate a new software nonce on the client and send it to server
-    this.myNonce = NonceGenerator.generate(20);
-    // get starting session id
-    this.sessionID = e.getMessage().getId();
-    return ConnectorMessage.newBuilder()
-        .setId(++this.sessionID)
-        .setType(ConnectorMessage.Type.RAT_REQUEST)
-        .setAttestationRequest(
-            AttestationRequest.newBuilder()
-                .setAtype(this.aType)
-                .setNonce(ByteString.copyFrom(this.myNonce))
-                .build())
-        .build();
-  }
-
-  public MessageLite sendTPM2Ddata(@NonNull Event e) {
-    // get nonce from server msg
-    this.yourNonce = e.getMessage().getAttestationRequest().getNonce().toByteArray();
-    final byte[] hash = calculateHash(this.yourNonce, certificatePair.getRemoteCertificate());
-
-    if (++this.sessionID != e.getMessage().getId()) {
-      return RemoteAttestationHandler.sendError(
-          ++this.sessionID, "Invalid session ID " + e.getMessage().getId());
-    }
-
-    String halg = "";
-    ByteString quoted = ByteString.EMPTY;
-    ByteString signature = ByteString.EMPTY;
-    List<Pcr> pcrValues = Collections.emptyList();
-    ByteString certificate = ByteString.EMPTY;
-    if (tpm2dSocket != null) {
-      try {
-        RemoteToTpm2d.Builder msgBuilder =
-            RemoteToTpm2d.newBuilder()
-                .setAtype(this.aType)
-                .setQualifyingData(ByteString.copyFrom(hash))
-                .setCode(Code.ATTESTATION_REQ)
-                .setPcrs(this.attestationMask);
-        if (this.aType.equals(IdsAttestationType.ADVANCED)) {
-          // send msg to local unix socket with bitmask set
-          // construct protobuf message to send to local tpm2d via unix socket
-          msgBuilder.setPcrs(this.attestationMask);
-        }
-        Tpm2dToRemote response = tpm2dSocket.requestAttestation(msgBuilder.build());
-        halg = response.getHalg().name();
-        quoted = response.getQuoted();
-        signature = response.getSignature();
-        pcrValues = response.getPcrValuesList();
-        certificate = response.getCertificate();
-      } catch (IOException ex) {
-        lastError = "IOException during communication with tpm2d: " + ex.getMessage();
-        LOG.error(lastError, ex);
-      }
-    } else {
-      LOG.warn("Tpm2dSocket is not available. No TPM present?");
-    }
-    // now return values from answer to provider
-    return ConnectorMessage.newBuilder()
-        .setId(++this.sessionID)
-        .setType(ConnectorMessage.Type.RAT_RESPONSE)
-        .setAttestationResponse(
-            AttestationResponse.newBuilder()
-                .setAtype(this.aType)
-                .setHalg(halg)
-                .setQuoted(quoted)
-                .setSignature(signature)
-                .addAllPcrValues(pcrValues)
-                .setCertificate(certificate)
-                .build())
-        .build();
-  }
-
-  public MessageLite sendResult(@NonNull Event e) {
-    final byte[] hash = calculateHash(this.myNonce, certificatePair.getLocalCertificate());
-    AttestationResponse response = e.getMessage().getAttestationResponse();
-    assert response != null;
-
-    // Abort on wrong session ID
-    if (++this.sessionID != e.getMessage().getId()) {
-      lastError =
-          "error: sessionID not correct ! (is "
-              + e.getMessage().getId()
-              + " but should have been "
-              + (this.sessionID + 1)
-              + ")";
-      LOG.debug(lastError);
-      return RemoteAttestationHandler.sendError(
-          ++this.sessionID, RemoteAttestationHandler.lastError);
-    }
-
-    if (this.checkSignature(response, hash) && checkRepository(this.aType, response, ttpUri)) {
-      this.mySuccess = true;
-    } else {
-      LOG.warn(
-          "Could not verify signature or could not validate PCR values via trusted third party. "
-              + "Remote attestation failed.");
-    }
-
-    return ConnectorMessage.newBuilder()
-        .setId(++this.sessionID)
-        .setType(ConnectorMessage.Type.RAT_RESULT)
-        .setAttestationResult(
-            AttestationResult.newBuilder().setAtype(this.aType).setResult(this.mySuccess).build())
-        .build();
-  }
-
-  public MessageLite leaveRatRequest(@NonNull Event e) {
-    // Abort on wrong session ID
-    if (++this.sessionID != e.getMessage().getId()) {
-      lastError =
-          "error: sessionID not correct ! (is "
-              + e.getMessage().getId()
-              + " but should have been "
-              + (this.sessionID + 1)
-              + ")";
-      LOG.debug(lastError);
-      return RemoteAttestationHandler.sendError(
-          ++this.sessionID, RemoteAttestationHandler.lastError);
-    }
-
-    return ConnectorMessage.newBuilder()
-        .setId(++this.sessionID)
-        .setType(ConnectorMessage.Type.RAT_LEAVE)
-        .setAttestationLeave(AttestationLeave.newBuilder().setAtype(this.aType).build())
-        .build();
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationHandler.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationHandler.java
deleted file mode 100644
index 80f3527f5..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationHandler.java
+++ /dev/null
@@ -1,302 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.rat;
-
-import com.google.protobuf.MessageLite;
-import de.fhg.aisec.ids.api.conm.RatResult;
-import de.fhg.aisec.ids.comm.ByteArrayUtil;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import de.fhg.aisec.ids.messages.AttestationProtos.Pcr;
-import de.fhg.aisec.ids.messages.Idscp.*;
-import de.fhg.aisec.ids.messages.Idscp.Error;
-import java.io.BufferedReader;
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.net.URI;
-import java.net.URL;
-import java.nio.charset.StandardCharsets;
-import java.nio.file.FileSystems;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.security.GeneralSecurityException;
-import java.security.MessageDigest;
-import java.security.Signature;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.Base64;
-import java.util.List;
-import javax.net.ssl.HttpsURLConnection;
-import javax.net.ssl.SSLContext;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.checkerframework.checker.nullness.qual.Nullable;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import tss.tpm.*;
-
-public class RemoteAttestationHandler {
-  public static final String CONTROL_SOCKET = "/var/run/tpm2d/control.sock";
-  protected static final Logger LOG = LoggerFactory.getLogger(RemoteAttestationClientHandler.class);
-  static String lastError = "";
-  // used to count messages between ids connector and attestation repository
-  private static long privateID = new java.util.Random().nextLong();
-  boolean mySuccess = false;
-  boolean yourSuccess = false;
-  Tpm2dSocket tpm2dSocket;
-
-  RemoteAttestationHandler() {
-    // Tpm2dSocket used to communicate with local TPM2d
-    try {
-      String host = System.getenv("TPM_HOST") != null ? System.getenv("TPM_HOST") : "localhost";
-      tpm2dSocket = new Tpm2dSocket(host);
-    } catch (IOException e) {
-      lastError = "Could not create Tpm2dSocket. No TPM present?";
-      LOG.warn(lastError);
-    }
-  }
-
-  public RatResult handleAttestationResult(@NonNull AttestationResult result) {
-    this.yourSuccess = result.getResult();
-
-    LOG.debug("your success: {}    my success: {}", this.yourSuccess, this.mySuccess);
-    if (!this.mySuccess) {
-      return new RatResult(RatResult.Status.FAILED, "Could not verify");
-    }
-
-    if (!this.yourSuccess) {
-      return new RatResult(RatResult.Status.FAILED, "Remote party did not verify successfully");
-    }
-
-    return new RatResult(RatResult.Status.SUCCESS, null);
-  }
-
-  static boolean checkRepository(
-      @Nullable IdsAttestationType aType,
-      @Nullable AttestationResponse response,
-      @Nullable URI ttpUri) {
-    if (aType == null || response == null || ttpUri == null) {
-      return false;
-    }
-
-    List<Pcr> values = response.getPcrValuesList();
-    try {
-      @SuppressWarnings("null")
-      ConnectorMessage msgRepo =
-          RemoteAttestationHandler.readRepositoryResponse(
-              ConnectorMessage.newBuilder()
-                  .setId(privateID)
-                  .setType(ConnectorMessage.Type.RAT_REPO_REQUEST)
-                  .setAttestationRepositoryRequest(
-                      AttestationRepositoryRequest.newBuilder()
-                          .setAtype(aType)
-                          .addAllPcrValues(values)
-                          .build())
-                  .build(),
-              ttpUri.toURL());
-
-      LOG.debug("//Q///////////////////////////////////////////////////////////////////////////");
-      LOG.debug(response.toString());
-      LOG.debug("//A///////////////////////////////////////////////////////////////////////////");
-      LOG.debug(msgRepo.toString());
-      LOG.debug("/////////////////////////////////////////////////////////////////////////////");
-
-      // TODO : signature check of repo answer ... !
-      return (msgRepo.getAttestationRepositoryResponse().getResult()
-          && (msgRepo.getId() == privateID + 1)
-          && (msgRepo.getType().equals(ConnectorMessage.Type.RAT_REPO_RESPONSE)));
-
-    } catch (Exception ex) {
-      lastError = "Exception: " + ex.getMessage();
-      LOG.error("Exception in checkRepository(): ", ex);
-      return false;
-    }
-  }
-
-  /**
-   * Calculate SHA-1 hash of (nonce|certificate).
-   *
-   * @param nonce The plain, initial nonce
-   * @param certificate The certificate to hash-combine with the nonce
-   * @return The new nonce, updated with the given certificate using SHA-1
-   */
-  static byte[] calculateHash(byte[] nonce, @Nullable Certificate certificate) {
-    try {
-      MessageDigest digest = MessageDigest.getInstance("SHA-1");
-      digest.update(nonce);
-      if (certificate != null) {
-        digest.update(certificate.getEncoded());
-      } else {
-        LOG.warn(
-            "No client certificate available. Cannot bind nonce to public key to prevent masquerading attack. TLS misconfiguration!");
-      }
-      return digest.digest();
-    } catch (Exception e1) {
-      LOG.error("Could not create hash of own nonce and local certificate", e1);
-      return nonce;
-    }
-  }
-
-  boolean checkSignature(@NonNull AttestationResponse response, byte[] hash) {
-    byte[] byteSignature = response.getSignature().toByteArray();
-    byte[] byteCert = response.getCertificate().toByteArray();
-    byte[] byteQuoted = response.getQuoted().toByteArray();
-    if (LOG.isDebugEnabled()) {
-      LOG.debug("signature: {}", ByteArrayUtil.toPrintableHexString(byteSignature));
-      LOG.debug("cert: {}", ByteArrayUtil.toPrintableHexString(byteCert));
-      LOG.debug("quoted: {}", ByteArrayUtil.toPrintableHexString(byteQuoted));
-    }
-
-    if (byteSignature.length == 0 || byteCert.length == 0 || byteQuoted.length == 0) {
-      LOG.warn("Some required part (signature, cert or quoted) is empty!");
-      return false;
-    }
-
-    try {
-      CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
-
-      // Load trust anchor certificate
-      final X509Certificate rootCertificate;
-      Path rootCertPath = FileSystems.getDefault().getPath("etc", "rootca-cert.pem");
-      try (BufferedReader reader =
-          Files.newBufferedReader(rootCertPath, StandardCharsets.US_ASCII)) {
-        StringBuilder builder = new StringBuilder();
-        for (String line = reader.readLine(); line != null; line = reader.readLine()) {
-          if (!line.startsWith("-")) {
-            builder.append(line.trim());
-          }
-        }
-        byte[] rootCertBytes = Base64.getDecoder().decode(builder.toString());
-        rootCertificate =
-            (X509Certificate)
-                certFactory.generateCertificate(new ByteArrayInputStream(rootCertBytes));
-      } catch (Exception e) {
-        LOG.error("Error parsing root certificate", e);
-        return false;
-      }
-
-      // Create X509Certificate instance from certBytes
-      final X509Certificate certificate =
-          (X509Certificate) certFactory.generateCertificate(new ByteArrayInputStream(byteCert));
-      // Verify the TPM certificate
-      try {
-        certificate.verify(rootCertificate.getPublicKey());
-      } catch (Exception e) {
-        LOG.error("TPM certificate is invalid", e);
-        return false;
-      }
-
-      // Construct a new TPMT_SIGNATURE instance from byteSignature bytes
-      final TPMT_SIGNATURE tpmtSignature;
-      try {
-        tpmtSignature = TPMT_SIGNATURE.fromTpm(byteSignature);
-      } catch (Exception ex) {
-        LOG.warn(
-            "Could not create a TPMT_SIGNATURE from bytes:\n"
-                + ByteArrayUtil.toPrintableHexString(byteSignature),
-            ex);
-        return false;
-      }
-
-      // Construct a new TPMS_ATTEST instance from byteQuoted bytes
-      final TPMS_ATTEST tpmsAttest;
-      try {
-        tpmsAttest = TPMS_ATTEST.fromTpm(byteQuoted);
-      } catch (Exception ex) {
-        LOG.warn(
-            "Could not create a TPMS_ATTEST from bytes:\n"
-                + ByteArrayUtil.toPrintableHexString(byteQuoted),
-            ex);
-        return false;
-      }
-
-      // check hash value (extra data) against expected hash
-      byte[] extraBytes = tpmsAttest.extraData;
-      if (!Arrays.equals(extraBytes, hash)) {
-        if (LOG.isWarnEnabled()) {
-          LOG.warn(
-              "The hash (extra data) in TPMS_ATTEST structure is invalid!"
-                  + "\nextra data: {}\nhash: {}",
-              ByteArrayUtil.toPrintableHexString(extraBytes),
-              ByteArrayUtil.toPrintableHexString(hash));
-        }
-        return false;
-      }
-
-      // Check signature of attestation
-      final int tpmSigAlg = tpmtSignature.GetUnionSelector_signature();
-      final int tpmSigHashAlg;
-      final byte[] tpmSig;
-      if (tpmSigAlg == TPM_ALG_ID.RSAPSS.toInt()) {
-        tpmSigHashAlg = ((TPMS_SIGNATURE_RSAPSS) tpmtSignature.signature).hash.toInt();
-        tpmSig = ((TPMS_SIGNATURE_RSAPSS) tpmtSignature.signature).sig;
-      } else if (tpmSigAlg == TPM_ALG_ID.RSASSA.toInt()) {
-        tpmSigHashAlg = ((TPMS_SIGNATURE_RSASSA) tpmtSignature.signature).hash.toInt();
-        tpmSig = ((TPMS_SIGNATURE_RSASSA) tpmtSignature.signature).sig;
-      } else {
-        throw new Exception(
-            "Unknown or unimplemented signature scheme: " + tpmtSignature.signature.getClass());
-      }
-      if (tpmSigHashAlg != TPM_ALG_ID.SHA256.toInt()) {
-        throw new Exception("Only SHA256withRSA TPM signature hash algorithm is allowed!");
-      }
-      Signature sig = Signature.getInstance("SHA256withRSA");
-      sig.initVerify(certificate.getPublicKey());
-      sig.update(byteQuoted);
-      boolean result = sig.verify(tpmSig);
-      if (!result && LOG.isWarnEnabled()) {
-        LOG.warn("Attestation signature invalid!");
-      }
-      return result;
-    } catch (Exception ex) {
-      LOG.warn("Error during attestation validation", ex);
-      return false;
-    }
-  }
-
-  static MessageLite sendError(long id, @Nullable String error) {
-    if (error == null) {
-      error = "";
-    }
-    return ConnectorMessage.newBuilder()
-        .setId(id)
-        .setType(ConnectorMessage.Type.ERROR)
-        .setError(Error.newBuilder().setErrorCode("").setErrorMessage(error).build())
-        .build();
-  }
-
-  private static ConnectorMessage readRepositoryResponse(@NonNull ConnectorMessage msg, URL adr)
-      throws IOException, GeneralSecurityException {
-    HttpsURLConnection urlc = (HttpsURLConnection) adr.openConnection();
-    SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
-    sslContext.init(null, null, null);
-    urlc.setSSLSocketFactory(sslContext.getSocketFactory());
-    urlc.setUseCaches(false);
-    urlc.setDoInput(true);
-    urlc.setDoOutput(true);
-    urlc.setRequestMethod("POST");
-    urlc.setRequestProperty("Accept", "application/x-protobuf");
-    urlc.setRequestProperty("Content-Type", "application/x-protobuf");
-    urlc.setRequestProperty("User-Agent", "IDS-Connector");
-    urlc.setRequestProperty("Content-length", String.valueOf(msg.toByteArray().length));
-    msg.writeTo(urlc.getOutputStream());
-    return ConnectorMessage.newBuilder().mergeFrom(urlc.getInputStream()).build();
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationServerHandler.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationServerHandler.java
deleted file mode 100644
index 56312fec2..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/RemoteAttestationServerHandler.java
+++ /dev/null
@@ -1,189 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.rat;
-
-import com.google.protobuf.ByteString;
-import com.google.protobuf.MessageLite;
-import de.fhg.aisec.ids.comm.CertificatePair;
-import de.fhg.aisec.ids.comm.IdscpConfiguration;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import de.fhg.aisec.ids.messages.AttestationProtos.Pcr;
-import de.fhg.aisec.ids.messages.AttestationProtos.RemoteToTpm2d;
-import de.fhg.aisec.ids.messages.AttestationProtos.RemoteToTpm2d.Code;
-import de.fhg.aisec.ids.messages.AttestationProtos.Tpm2dToRemote;
-import de.fhg.aisec.ids.messages.Idscp.*;
-import java.io.IOException;
-import java.net.URI;
-import java.util.Collections;
-import java.util.List;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/** Implements the handling of individual protocol steps in the IDS remote attestation protocol. */
-public class RemoteAttestationServerHandler extends RemoteAttestationHandler {
-  private static final Logger LOG = LoggerFactory.getLogger(RemoteAttestationServerHandler.class);
-  private byte[] myNonce;
-  private byte[] yourNonce;
-  private long sessionID = 0; // used to count messages between ids connectors during attestation
-  private final URI ttpUri;
-  private final int attestationMask;
-  private final IdsAttestationType aType;
-  private final CertificatePair certificatePair;
-  private AttestationResponse resp;
-
-  public RemoteAttestationServerHandler(
-      IdscpConfiguration serverConfiguration, URI ttpUri, String socket) {
-    // set ttp uri
-    this.ttpUri = ttpUri;
-    // set current attestation type and mask (see attestation.proto)
-    this.aType = serverConfiguration.getAttestationType();
-    this.attestationMask = serverConfiguration.getAttestationMask();
-    this.certificatePair = serverConfiguration.getCertificatePair();
-  }
-
-  public MessageLite enterRatRequest(Event e) {
-    this.yourNonce = e.getMessage().getAttestationRequest().getNonce().toByteArray();
-    // generate a new software nonce on the client and send it to server
-    this.myNonce = NonceGenerator.generate(20);
-    // get starting session id
-    this.sessionID = e.getMessage().getId();
-    return ConnectorMessage.newBuilder()
-        .setId(++this.sessionID)
-        .setType(ConnectorMessage.Type.RAT_REQUEST)
-        .setAttestationRequest(
-            AttestationRequest.newBuilder()
-                .setAtype(this.aType)
-                .setNonce(ByteString.copyFrom(this.myNonce))
-                .build())
-        .build();
-  }
-
-  public MessageLite sendTPM2Ddata(Event e) {
-    // temporarily save attestation response in order to check it in the result phase
-    this.resp = e.getMessage().getAttestationResponse();
-    final byte[] hash = calculateHash(this.yourNonce, certificatePair.getRemoteCertificate());
-
-    if (++this.sessionID != e.getMessage().getId()) {
-      return RemoteAttestationHandler.sendError(
-          ++this.sessionID,
-          "error: sessionID not correct ! (is "
-              + e.getMessage().getId()
-              + " but should have been "
-              + (this.sessionID + 1)
-              + ")");
-    }
-
-    String halg = "";
-    ByteString quoted = ByteString.EMPTY;
-    ByteString signature = ByteString.EMPTY;
-    List<Pcr> pcrValues = Collections.emptyList();
-    ByteString certificate = ByteString.EMPTY;
-    if (tpm2dSocket != null) {
-      try {
-        RemoteToTpm2d.Builder msgBuilder =
-            RemoteToTpm2d.newBuilder()
-                .setAtype(this.aType)
-                .setQualifyingData(ByteString.copyFrom(hash))
-                .setCode(Code.ATTESTATION_REQ)
-                .setPcrs(this.attestationMask);
-        if (this.aType.equals(IdsAttestationType.ADVANCED)) {
-          // send msg to local unix socket with bitmask set
-          // construct protobuf message to send to local tpm2d via unix socket
-          msgBuilder.setPcrs(this.attestationMask);
-        }
-        Tpm2dToRemote response = tpm2dSocket.requestAttestation(msgBuilder.build());
-        LOG.debug("Tpm2dToRemote message: {}", response.toString());
-        halg = response.getHalg().name();
-        quoted = response.getQuoted();
-        signature = response.getSignature();
-        pcrValues = response.getPcrValuesList();
-        certificate = response.getCertificate();
-      } catch (IOException ex) {
-        lastError = "IOException during communication with tpm2d: " + ex.getMessage();
-        LOG.error(lastError, ex);
-      }
-    } else {
-      LOG.warn("Tpm2dSocket is not available. No TPM present?");
-    }
-
-    // now return values from answer to server
-    return ConnectorMessage.newBuilder()
-        .setId(++this.sessionID)
-        .setType(ConnectorMessage.Type.RAT_RESPONSE)
-        .setAttestationResponse(
-            AttestationResponse.newBuilder()
-                .setAtype(this.aType)
-                .setHalg(halg)
-                .setQuoted(quoted)
-                .setSignature(signature)
-                .addAllPcrValues(pcrValues)
-                .setCertificate(certificate)
-                .build())
-        .build();
-  }
-
-  public MessageLite sendResult(Event e) {
-    final byte[] hash = calculateHash(this.myNonce, certificatePair.getLocalCertificate());
-
-    if (++this.sessionID == e.getMessage().getId()) {
-      if (this.checkSignature(this.resp, hash) && checkRepository(this.aType, this.resp, ttpUri)) {
-        this.mySuccess = true;
-      } else {
-        lastError = "error: signature check not ok";
-      }
-      return ConnectorMessage.newBuilder()
-          .setId(++this.sessionID)
-          .setType(ConnectorMessage.Type.RAT_RESULT)
-          .setAttestationResult(
-              AttestationResult.newBuilder().setAtype(this.aType).setResult(this.mySuccess).build())
-          .build();
-    } else {
-      lastError =
-          "error: sessionID not correct ! (is "
-              + e.getMessage().getId()
-              + " but should have been "
-              + (this.sessionID + 1)
-              + ")";
-    }
-    LOG.debug(lastError);
-    return RemoteAttestationHandler.sendError(++this.sessionID, RemoteAttestationHandler.lastError);
-  }
-
-  public MessageLite leaveRatRequest(Event e) {
-    this.yourSuccess = e.getMessage().getAttestationResult().getResult();
-
-    if (++this.sessionID == e.getMessage().getId()) {
-      return ConnectorMessage.newBuilder()
-          .setId(++this.sessionID)
-          .setType(ConnectorMessage.Type.RAT_LEAVE)
-          .setAttestationLeave(AttestationLeave.newBuilder().setAtype(this.aType).build())
-          .build();
-    }
-    lastError =
-        "error: sessionID not correct ! (is "
-            + e.getMessage().getId()
-            + " but should have been "
-            + (this.sessionID + 1)
-            + ")";
-    LOG.debug(lastError);
-    return RemoteAttestationHandler.sendError(++this.sessionID, RemoteAttestationHandler.lastError);
-  }
-}
diff --git a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/Tpm2dSocket.java b/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/Tpm2dSocket.java
deleted file mode 100644
index e077eefc0..000000000
--- a/ids-comm/src/main/java/de/fhg/aisec/ids/comm/ws/protocol/rat/Tpm2dSocket.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm.ws.protocol.rat;
-
-import de.fhg.aisec.ids.messages.AttestationProtos.RemoteToTpm2d;
-import de.fhg.aisec.ids.messages.AttestationProtos.Tpm2dToRemote;
-import java.io.DataInputStream;
-import java.io.DataOutputStream;
-import java.io.IOException;
-import java.net.Socket;
-
-public class Tpm2dSocket extends Socket {
-
-  private final DataInputStream is;
-  private final DataOutputStream os;
-
-  public Tpm2dSocket(String host) throws IOException {
-    super(host, 9505);
-    is = new DataInputStream(this.getInputStream());
-    os = new DataOutputStream(this.getOutputStream());
-  }
-
-  public Tpm2dToRemote requestAttestation(RemoteToTpm2d request) throws IOException {
-    // Write attestation request message
-    byte[] requestBytes = request.toByteArray();
-    os.writeInt(requestBytes.length);
-    os.write(requestBytes);
-    // Read attestation result message
-    byte[] resultBytes = new byte[is.readInt()];
-    is.readFully(resultBytes);
-    return Tpm2dToRemote.parseFrom(resultBytes);
-  }
-}
diff --git a/ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/ADVANCEDAttestationIT.java b/ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/ADVANCEDAttestationIT.java
deleted file mode 100644
index a2646bea3..000000000
--- a/ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/ADVANCEDAttestationIT.java
+++ /dev/null
@@ -1,228 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.protocol;
-
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assume.assumeTrue;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-
-import de.fhg.aisec.ids.comm.CertificatePair;
-import de.fhg.aisec.ids.comm.client.ClientConfiguration;
-import de.fhg.aisec.ids.comm.server.ServerConfiguration;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import de.fhg.aisec.ids.comm.ws.protocol.rat.RemoteAttestationClientHandler;
-import de.fhg.aisec.ids.comm.ws.protocol.rat.RemoteAttestationServerHandler;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import java.io.File;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import org.junit.BeforeClass;
-import org.junit.FixMethodOrder;
-import org.junit.Test;
-import org.junit.runners.MethodSorters;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import tss.tpm.TPM_ALG_ID;
-
-@FixMethodOrder(MethodSorters.NAME_ASCENDING)
-// ADVANCED test with PCRS 0-19 i.e. bitmask is 20
-public class ADVANCEDAttestationIT {
-
-  private static final String TPMD_SOCKET = "socket/control.sock";
-  private static RemoteAttestationClientHandler consumer;
-  private static RemoteAttestationServerHandler provider;
-  private static Logger LOG = LoggerFactory.getLogger(ADVANCEDAttestationIT.class);
-  private long id = 87654321;
-  private static IdsAttestationType aType = IdsAttestationType.ADVANCED;
-  private static int bitmask = 20;
-
-  private TPM_ALG_ID hAlg = TPM_ALG_ID.SHA256;
-
-  private ConnectorMessage msg0 =
-      ConnectorMessage.newBuilder().setType(ConnectorMessage.Type.RAT_START).setId(id).build();
-
-  private static ConnectorMessage msg1;
-  private static ConnectorMessage msg2;
-  private static ConnectorMessage msg3;
-  private static ConnectorMessage msg4;
-  private static ConnectorMessage msg5;
-  private static ConnectorMessage msg6;
-  private static ConnectorMessage msg7;
-  private static ConnectorMessage msg8;
-
-  @BeforeClass
-  public static void initHandlers() throws URISyntaxException, CertificateEncodingException {
-    // Certificate mocks for server and client
-    Certificate clientDummyCert = mock(Certificate.class);
-    when(clientDummyCert.getEncoded()).thenReturn(new byte[] {0x0});
-    Certificate serverDummyCert = mock(Certificate.class);
-    when(serverDummyCert.getEncoded()).thenReturn(new byte[] {0x1});
-    // Client IDSCP configuration
-    CertificatePair clientPair = new CertificatePair();
-    clientPair.setLocalCertificate(clientDummyCert);
-    clientPair.setRemoteCertificate(serverDummyCert);
-    ClientConfiguration clientConfiguration =
-        new ClientConfiguration.Builder()
-            .attestationType(aType)
-            .certificatePair(clientPair)
-            .build();
-    // Server IDSCP configuration
-    CertificatePair serverPair = new CertificatePair();
-    serverPair.setLocalCertificate(serverDummyCert);
-    serverPair.setRemoteCertificate(clientDummyCert);
-    ServerConfiguration serverConfiguration =
-        new ServerConfiguration.Builder()
-            .attestationType(aType)
-            .certificatePair(serverPair)
-            .attestationMask(bitmask)
-            .build();
-    final String ratRepoUri = "https://127.0.0.1:31337/configurations/check";
-    consumer =
-        new RemoteAttestationClientHandler(clientConfiguration, new URI(ratRepoUri), TPMD_SOCKET);
-    provider =
-        new RemoteAttestationServerHandler(serverConfiguration, new URI(ratRepoUri), TPMD_SOCKET);
-  }
-
-  @Test
-  public void test1() throws Exception {
-    msg1 =
-        ConnectorMessage.parseFrom(
-            consumer
-                .enterRatRequest(new Event(msg0.getType(), msg0.toString(), msg0))
-                .toByteString());
-    LOG.debug(msg1.toString());
-    assertTrue(msg1.getId() == id + 1);
-    assertTrue(msg1.getType().equals(ConnectorMessage.Type.RAT_REQUEST));
-  }
-
-  @Test
-  public void test2() throws Exception {
-    msg2 =
-        ConnectorMessage.parseFrom(
-            provider
-                .enterRatRequest(new Event(msg1.getType(), msg1.toString(), msg1))
-                .toByteString());
-    LOG.debug(msg2.toString());
-    assertTrue(msg2.getId() == id + 2);
-    assertTrue(msg2.getType().equals(ConnectorMessage.Type.RAT_REQUEST));
-  }
-
-  @Test
-  public void test3() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg3 =
-        ConnectorMessage.parseFrom(
-            consumer
-                .sendTPM2Ddata(new Event(msg2.getType(), msg2.toString(), msg2))
-                .toByteString());
-    LOG.debug(msg3.toString());
-    assertTrue(msg3.getId() == id + 3);
-    assertTrue(msg3.getType().equals(ConnectorMessage.Type.RAT_RESPONSE));
-    assertTrue(msg3.getAttestationResponse().getAtype().equals(aType));
-    assertTrue(msg3.getAttestationResponse().getHalg().equals(hAlg.name()));
-    assertTrue(msg3.getAttestationResponse().getPcrValuesCount() == bitmask);
-  }
-
-  @Test
-  public void test4() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg4 =
-        ConnectorMessage.parseFrom(
-            provider
-                .sendTPM2Ddata(new Event(msg3.getType(), msg3.toString(), msg3))
-                .toByteString());
-    LOG.debug(msg4.toString());
-    assertTrue(msg4.getId() == id + 4);
-    assertTrue(msg4.getType().equals(ConnectorMessage.Type.RAT_RESPONSE));
-    assertTrue(msg4.getAttestationResponse().getAtype().equals(aType));
-    assertTrue(msg4.getAttestationResponse().getHalg().equals(hAlg.name()));
-    assertTrue(msg4.getAttestationResponse().getPcrValuesCount() == bitmask);
-  }
-
-  @Test
-  public void test5() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg5 =
-        ConnectorMessage.parseFrom(
-            consumer.sendResult(new Event(msg4.getType(), msg4.toString(), msg4)).toByteString());
-    LOG.debug(msg5.toString());
-    assertTrue(msg5.getId() == id + 5);
-    assertTrue(msg5.getType().equals(ConnectorMessage.Type.RAT_RESULT));
-    assertTrue(msg5.getAttestationResult().getResult());
-    assertTrue(msg5.getAttestationResult().getAtype().equals(aType));
-  }
-
-  @Test
-  public void test6() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg6 =
-        ConnectorMessage.parseFrom(
-            provider.sendResult(new Event(msg5.getType(), msg5.toString(), msg5)).toByteString());
-    LOG.debug(msg6.toString());
-    assertTrue(msg6.getId() == id + 6);
-    assertTrue(msg6.getType().equals(ConnectorMessage.Type.RAT_RESULT));
-    assertTrue(msg6.getAttestationResult().getResult());
-    assertTrue(msg6.getAttestationResult().getAtype().equals(aType));
-  }
-
-  @Test
-  public void test7() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg7 =
-        ConnectorMessage.parseFrom(
-            consumer
-                .leaveRatRequest(new Event(msg6.getType(), msg6.toString(), msg6))
-                .toByteString());
-    LOG.debug(msg7.toString());
-    assertTrue(msg7.getId() == id + 7);
-    assertTrue(msg7.getType().equals(ConnectorMessage.Type.RAT_LEAVE));
-    assertTrue(msg7.getAttestationLeave().getAtype().equals(aType));
-  }
-
-  @Test
-  public void test8() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg8 =
-        ConnectorMessage.parseFrom(
-            provider
-                .leaveRatRequest(new Event(msg7.getType(), msg7.toString(), msg7))
-                .toByteString());
-    LOG.debug(msg8.toString());
-    assertTrue(msg8.getId() == id + 8);
-    assertTrue(msg8.getType().equals(ConnectorMessage.Type.RAT_LEAVE));
-    assertTrue(msg8.getAttestationLeave().getAtype().equals(aType));
-  }
-}
diff --git a/ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/ALLAttestationIT.java b/ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/ALLAttestationIT.java
deleted file mode 100644
index cebbc8c8d..000000000
--- a/ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/ALLAttestationIT.java
+++ /dev/null
@@ -1,227 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.protocol;
-
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assume.assumeTrue;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-
-import de.fhg.aisec.ids.comm.CertificatePair;
-import de.fhg.aisec.ids.comm.client.ClientConfiguration;
-import de.fhg.aisec.ids.comm.server.ServerConfiguration;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import de.fhg.aisec.ids.comm.ws.protocol.rat.RemoteAttestationClientHandler;
-import de.fhg.aisec.ids.comm.ws.protocol.rat.RemoteAttestationServerHandler;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import java.io.File;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import org.junit.BeforeClass;
-import org.junit.FixMethodOrder;
-import org.junit.Test;
-import org.junit.runners.MethodSorters;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import tss.tpm.TPM_ALG_ID;
-
-@FixMethodOrder(MethodSorters.NAME_ASCENDING)
-// ALL test with PCRS 0-23
-public class ALLAttestationIT {
-
-  private static final String TPMD_SOCKET = "socket/control.sock";
-  private static RemoteAttestationClientHandler consumer;
-  private static RemoteAttestationServerHandler provider;
-  private static Logger LOG = LoggerFactory.getLogger(ALLAttestationIT.class);
-  private long id = 87654321;
-  private static IdsAttestationType aType = IdsAttestationType.ALL;
-
-  private TPM_ALG_ID hAlg = TPM_ALG_ID.SHA256;
-
-  private ConnectorMessage msg0 =
-      ConnectorMessage.newBuilder().setType(ConnectorMessage.Type.RAT_START).setId(id).build();
-  private static ConnectorMessage msg1;
-  private static ConnectorMessage msg2;
-  private static ConnectorMessage msg3;
-  private static ConnectorMessage msg4;
-  private static ConnectorMessage msg5;
-  private static ConnectorMessage msg6;
-  private static ConnectorMessage msg7;
-  private static ConnectorMessage msg8;
-
-  @BeforeClass
-  public static void initHandlers() throws URISyntaxException, CertificateEncodingException {
-    // Certificate mocks for server and client
-    Certificate clientDummyCert = mock(Certificate.class);
-    when(clientDummyCert.getEncoded()).thenReturn(new byte[] {0x0, 0x0, 0x0, 0x0});
-    Certificate serverDummyCert = mock(Certificate.class);
-    when(serverDummyCert.getEncoded()).thenReturn(new byte[] {0x1, 0x1, 0x1, 0x1});
-    // Client IDSCP configuration
-    CertificatePair clientPair = new CertificatePair();
-    clientPair.setLocalCertificate(clientDummyCert);
-    clientPair.setRemoteCertificate(serverDummyCert);
-    ClientConfiguration clientConfiguration =
-        new ClientConfiguration.Builder()
-            .attestationType(aType)
-            .certificatePair(clientPair)
-            .build();
-    // Server IDSCP configuration
-    CertificatePair serverPair = new CertificatePair();
-    serverPair.setLocalCertificate(serverDummyCert);
-    serverPair.setRemoteCertificate(clientDummyCert);
-    ServerConfiguration serverConfiguration =
-        new ServerConfiguration.Builder()
-            .attestationType(aType)
-            .certificatePair(serverPair)
-            .build();
-    final String ratRepoUri = "https://127.0.0.1:31337/configurations/check";
-    consumer =
-        new RemoteAttestationClientHandler(clientConfiguration, new URI(ratRepoUri), TPMD_SOCKET);
-    provider =
-        new RemoteAttestationServerHandler(serverConfiguration, new URI(ratRepoUri), TPMD_SOCKET);
-  }
-
-  @Test
-  public void test1() throws Exception {
-    msg1 =
-        ConnectorMessage.parseFrom(
-            consumer
-                .enterRatRequest(new Event(msg0.getType(), msg0.toString(), msg0))
-                .toByteString());
-    LOG.debug(msg1.toString());
-    assertTrue(msg1.getId() == id + 1);
-    assertTrue(msg1.getType().equals(ConnectorMessage.Type.RAT_REQUEST));
-  }
-
-  @Test
-  public void test2() throws Exception {
-    msg2 =
-        ConnectorMessage.parseFrom(
-            provider
-                .enterRatRequest(new Event(msg1.getType(), msg1.toString(), msg1))
-                .toByteString());
-    LOG.debug(msg2.toString());
-    assertTrue(msg2.getId() == id + 2);
-    assertTrue(msg2.getType().equals(ConnectorMessage.Type.RAT_REQUEST));
-  }
-
-  @Test
-  public void test3() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg3 =
-        ConnectorMessage.parseFrom(
-            consumer
-                .sendTPM2Ddata(new Event(msg2.getType(), msg2.toString(), msg2))
-                .toByteString());
-    LOG.debug(msg3.toString());
-    assertTrue(msg3.getId() == id + 3);
-    assertTrue(msg3.getType().equals(ConnectorMessage.Type.RAT_RESPONSE));
-    assertTrue(msg3.getAttestationResponse().getAtype().equals(aType));
-    assertTrue(msg3.getAttestationResponse().getHalg().equals(hAlg.name()));
-    assertTrue(msg3.getAttestationResponse().getPcrValuesCount() == 24);
-  }
-
-  @Test
-  public void test4() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg4 =
-        ConnectorMessage.parseFrom(
-            provider
-                .sendTPM2Ddata(new Event(msg3.getType(), msg3.toString(), msg3))
-                .toByteString());
-    LOG.debug(msg4.toString());
-    assertTrue(msg4.getId() == id + 4);
-    assertTrue(msg4.getType().equals(ConnectorMessage.Type.RAT_RESPONSE));
-    assertTrue(msg4.getAttestationResponse().getAtype().equals(aType));
-    assertTrue(msg4.getAttestationResponse().getHalg().equals(hAlg.name()));
-    assertTrue(msg4.getAttestationResponse().getPcrValuesCount() == 24);
-  }
-
-  @Test
-  public void test5() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg5 =
-        ConnectorMessage.parseFrom(
-            consumer.sendResult(new Event(msg4.getType(), msg4.toString(), msg4)).toByteString());
-    LOG.debug(msg5.toString());
-    assertTrue(msg5.getId() == id + 5);
-    assertTrue(msg5.getType().equals(ConnectorMessage.Type.RAT_RESULT));
-    //  commented out until tpm2d is fixed
-    assertTrue(msg5.getAttestationResult().getResult());
-    assertTrue(msg5.getAttestationResult().getAtype().equals(aType));
-  }
-
-  @Test
-  public void test6() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg6 =
-        ConnectorMessage.parseFrom(
-            provider.sendResult(new Event(msg5.getType(), msg5.toString(), msg5)).toByteString());
-    LOG.debug(msg6.toString());
-    assertTrue(msg6.getId() == id + 6);
-    assertTrue(msg6.getType().equals(ConnectorMessage.Type.RAT_RESULT));
-    //  commented out until tpm2d is fixed
-    assertTrue(msg6.getAttestationResult().getResult());
-    assertTrue(msg6.getAttestationResult().getAtype().equals(aType));
-  }
-
-  @Test
-  public void test7() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg7 =
-        ConnectorMessage.parseFrom(
-            consumer
-                .leaveRatRequest(new Event(msg6.getType(), msg6.toString(), msg6))
-                .toByteString());
-    LOG.debug(msg7.toString());
-    assertTrue(msg7.getId() == id + 7);
-    assertTrue(msg7.getType().equals(ConnectorMessage.Type.RAT_LEAVE));
-    assertTrue(msg7.getAttestationLeave().getAtype().equals(aType));
-  }
-
-  @Test
-  public void test8() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg8 =
-        ConnectorMessage.parseFrom(
-            provider
-                .leaveRatRequest(new Event(msg7.getType(), msg7.toString(), msg7))
-                .toByteString());
-    LOG.debug(msg8.toString());
-    assertTrue(msg8.getId() == id + 8);
-    assertTrue(msg8.getType().equals(ConnectorMessage.Type.RAT_LEAVE));
-    assertTrue(msg8.getAttestationLeave().getAtype().equals(aType));
-  }
-}
diff --git a/ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/BASICAttestationIT.java b/ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/BASICAttestationIT.java
deleted file mode 100644
index 1ebb4fe3a..000000000
--- a/ids-comm/src/test/java/de/fhg/aisec/ids/camel/ids/protocol/BASICAttestationIT.java
+++ /dev/null
@@ -1,225 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.camel.ids.protocol;
-
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assume.assumeTrue;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-
-import de.fhg.aisec.ids.comm.CertificatePair;
-import de.fhg.aisec.ids.comm.client.ClientConfiguration;
-import de.fhg.aisec.ids.comm.server.ServerConfiguration;
-import de.fhg.aisec.ids.comm.ws.protocol.fsm.Event;
-import de.fhg.aisec.ids.comm.ws.protocol.rat.RemoteAttestationClientHandler;
-import de.fhg.aisec.ids.comm.ws.protocol.rat.RemoteAttestationServerHandler;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import java.io.File;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import org.junit.BeforeClass;
-import org.junit.FixMethodOrder;
-import org.junit.Test;
-import org.junit.runners.MethodSorters;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import tss.tpm.TPM_ALG_ID;
-
-@FixMethodOrder(MethodSorters.NAME_ASCENDING)
-// BASIC test
-public class BASICAttestationIT {
-  private static final String TPMD_SOCKET = "socket/control.sock";
-  private static RemoteAttestationClientHandler consumer;
-  private static RemoteAttestationServerHandler provider;
-  private static Logger LOG = LoggerFactory.getLogger(BASICAttestationIT.class);
-  private long id = 87654321;
-  private static IdsAttestationType aType = IdsAttestationType.BASIC;
-
-  private TPM_ALG_ID hAlg = TPM_ALG_ID.SHA256;
-
-  private ConnectorMessage msg0 =
-      ConnectorMessage.newBuilder().setType(ConnectorMessage.Type.RAT_START).setId(id).build();
-
-  private static ConnectorMessage msg1;
-  private static ConnectorMessage msg2;
-  private static ConnectorMessage msg3;
-  private static ConnectorMessage msg4;
-  private static ConnectorMessage msg5;
-  private static ConnectorMessage msg6;
-  private static ConnectorMessage msg7;
-  private static ConnectorMessage msg8;
-
-  @BeforeClass
-  public static void initHandlers() throws URISyntaxException, CertificateEncodingException {
-    // Certificate mocks for server and client
-    Certificate clientDummyCert = mock(Certificate.class);
-    when(clientDummyCert.getEncoded()).thenReturn(new byte[] {0x0, 0x0, 0x0, 0x0});
-    Certificate serverDummyCert = mock(Certificate.class);
-    when(serverDummyCert.getEncoded()).thenReturn(new byte[] {0x1, 0x1, 0x1, 0x1});
-    // Client IDSCP configuration
-    CertificatePair clientPair = new CertificatePair();
-    clientPair.setLocalCertificate(clientDummyCert);
-    clientPair.setRemoteCertificate(serverDummyCert);
-    ClientConfiguration clientConfiguration =
-        new ClientConfiguration.Builder()
-            .attestationType(aType)
-            .certificatePair(clientPair)
-            .build();
-    // Server IDSCP configuration
-    CertificatePair serverPair = new CertificatePair();
-    serverPair.setLocalCertificate(serverDummyCert);
-    serverPair.setRemoteCertificate(clientDummyCert);
-    ServerConfiguration serverConfiguration =
-        new ServerConfiguration.Builder()
-            .attestationType(aType)
-            .certificatePair(serverPair)
-            .build();
-    final String ratRepoUri = "https://127.0.0.1:31337/configurations/check";
-    consumer =
-        new RemoteAttestationClientHandler(clientConfiguration, new URI(ratRepoUri), TPMD_SOCKET);
-    provider =
-        new RemoteAttestationServerHandler(serverConfiguration, new URI(ratRepoUri), TPMD_SOCKET);
-  }
-
-  @Test
-  public void test1() throws Exception {
-    msg1 =
-        ConnectorMessage.parseFrom(
-            consumer
-                .enterRatRequest(new Event(msg0.getType(), msg0.toString(), msg0))
-                .toByteString());
-    LOG.debug(msg1.toString());
-    assertTrue(msg1.getId() == id + 1);
-    assertTrue(msg1.getType().equals(ConnectorMessage.Type.RAT_REQUEST));
-  }
-
-  @Test
-  public void test2() throws Exception {
-    msg2 =
-        ConnectorMessage.parseFrom(
-            provider
-                .enterRatRequest(new Event(msg1.getType(), msg1.toString(), msg1))
-                .toByteString());
-    LOG.debug(msg2.toString());
-    assertTrue(msg2.getId() == id + 2);
-    assertTrue(msg2.getType().equals(ConnectorMessage.Type.RAT_REQUEST));
-  }
-
-  @Test
-  public void test3() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg3 =
-        ConnectorMessage.parseFrom(
-            consumer
-                .sendTPM2Ddata(new Event(msg2.getType(), msg2.toString(), msg2))
-                .toByteString());
-    LOG.debug(msg3.toString());
-    assertTrue(msg3.getId() == id + 3);
-    assertTrue(msg3.getType().equals(ConnectorMessage.Type.RAT_RESPONSE));
-    assertTrue(msg3.getAttestationResponse().getAtype().equals(aType));
-    assertTrue(msg3.getAttestationResponse().getHalg().equals(hAlg.name()));
-    assertTrue(msg3.getAttestationResponse().getPcrValuesCount() == 11);
-  }
-
-  @Test
-  public void test4() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg4 =
-        ConnectorMessage.parseFrom(
-            provider
-                .sendTPM2Ddata(new Event(msg3.getType(), msg3.toString(), msg3))
-                .toByteString());
-    LOG.debug(msg4.toString());
-    assertTrue(msg4.getId() == id + 4);
-    assertTrue(msg4.getType().equals(ConnectorMessage.Type.RAT_RESPONSE));
-    assertTrue(msg4.getAttestationResponse().getAtype().equals(aType));
-    assertTrue(msg4.getAttestationResponse().getHalg().equals(hAlg.name()));
-    assertTrue(msg4.getAttestationResponse().getPcrValuesCount() == 11);
-  }
-
-  @Test
-  public void test5() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg5 =
-        ConnectorMessage.parseFrom(
-            consumer.sendResult(new Event(msg4.getType(), msg4.toString(), msg4)).toByteString());
-    LOG.debug(msg5.toString());
-    assertTrue(msg5.getId() == id + 5);
-    assertTrue(msg5.getType().equals(ConnectorMessage.Type.RAT_RESULT));
-    assertTrue(msg5.getAttestationResult().getResult());
-    assertTrue(msg5.getAttestationResult().getAtype().equals(aType));
-  }
-
-  @Test
-  public void test6() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg6 =
-        ConnectorMessage.parseFrom(
-            provider.sendResult(new Event(msg5.getType(), msg5.toString(), msg5)).toByteString());
-    LOG.debug(msg6.toString());
-    assertTrue(msg6.getId() == id + 6);
-    assertTrue(msg6.getType().equals(ConnectorMessage.Type.RAT_RESULT));
-    assertTrue(msg6.getAttestationResult().getResult());
-    assertTrue(msg6.getAttestationResult().getAtype().equals(aType));
-  }
-
-  @Test
-  public void test7() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg7 =
-        ConnectorMessage.parseFrom(
-            consumer
-                .leaveRatRequest(new Event(msg6.getType(), msg6.toString(), msg6))
-                .toByteString());
-    LOG.debug(msg7.toString());
-    assertTrue(msg7.getId() == id + 7);
-    assertTrue(msg7.getType().equals(ConnectorMessage.Type.RAT_LEAVE));
-    assertTrue(msg7.getAttestationLeave().getAtype().equals(aType));
-  }
-
-  @Test
-  public void test8() throws Exception {
-    assumeTrue(
-        "tpmd socket not available. Skipping integration test", new File(TPMD_SOCKET).canWrite());
-
-    msg8 =
-        ConnectorMessage.parseFrom(
-            provider
-                .leaveRatRequest(new Event(msg7.getType(), msg7.toString(), msg7))
-                .toByteString());
-    LOG.debug(msg8.toString());
-    assertTrue(msg8.getId() == id + 8);
-    assertTrue(msg8.getType().equals(ConnectorMessage.Type.RAT_LEAVE));
-    assertTrue(msg8.getAttestationLeave().getAtype().equals(aType));
-  }
-}
diff --git a/ids-comm/src/test/java/de/fhg/aisec/ids/comm/EventSocket.java b/ids-comm/src/test/java/de/fhg/aisec/ids/comm/EventSocket.java
deleted file mode 100644
index 78918e453..000000000
--- a/ids-comm/src/test/java/de/fhg/aisec/ids/comm/EventSocket.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm;
-
-import org.eclipse.jetty.websocket.api.Session;
-import org.eclipse.jetty.websocket.api.WebSocketAdapter;
-
-public class EventSocket extends WebSocketAdapter {
-  @Override
-  public void onWebSocketConnect(Session sess) {
-    super.onWebSocketConnect(sess);
-    System.out.println("Socket Connected: " + sess);
-  }
-
-  @Override
-  public void onWebSocketText(String message) {
-    super.onWebSocketText(message);
-    System.out.println("Received TEXT message: " + message);
-  }
-
-  @Override
-  public void onWebSocketClose(int statusCode, String reason) {
-    super.onWebSocketClose(statusCode, reason);
-    System.out.println("Socket Closed: [" + statusCode + "] " + reason);
-  }
-
-  @Override
-  public void onWebSocketError(Throwable cause) {
-    super.onWebSocketError(cause);
-    cause.printStackTrace(System.err);
-  }
-}
diff --git a/ids-comm/src/test/java/de/fhg/aisec/ids/comm/MySocketListener.java b/ids-comm/src/test/java/de/fhg/aisec/ids/comm/MySocketListener.java
deleted file mode 100644
index 3be30390f..000000000
--- a/ids-comm/src/test/java/de/fhg/aisec/ids/comm/MySocketListener.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm;
-
-import de.fhg.aisec.ids.comm.server.IdscpServerSocket;
-import de.fhg.aisec.ids.comm.server.SocketListener;
-import org.eclipse.jetty.websocket.api.Session;
-
-class MySocketListener implements SocketListener {
-  private String lastMsg = null;
-
-  @Override
-  public synchronized void onMessage(Session session, byte[] msg) {
-    // Wake Thread(s) that called getLastMsg()
-    this.notifyAll();
-    this.lastMsg = new String(msg);
-  }
-
-  synchronized String getLastMsg() {
-    // If message is null, we wait for asynchronous delivery
-    if (this.lastMsg == null) {
-      try {
-        this.wait(1000);
-      } catch (InterruptedException e) {
-        e.printStackTrace();
-      }
-    }
-    return this.lastMsg;
-  }
-
-  @Override
-  public void notifyClosed(IdscpServerSocket idscpServerSocket) {
-    // Nothing to do here. Socket is already closed.
-  }
-}
diff --git a/ids-comm/src/test/java/de/fhg/aisec/ids/comm/ProtocolTest.java b/ids-comm/src/test/java/de/fhg/aisec/ids/comm/ProtocolTest.java
deleted file mode 100644
index e02efa5d5..000000000
--- a/ids-comm/src/test/java/de/fhg/aisec/ids/comm/ProtocolTest.java
+++ /dev/null
@@ -1,121 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-comm
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.comm;
-
-import static org.junit.Assert.*;
-
-import de.fhg.aisec.ids.api.conm.RatResult;
-import de.fhg.aisec.ids.comm.client.ClientConfiguration;
-import de.fhg.aisec.ids.comm.client.IdscpClient;
-import de.fhg.aisec.ids.comm.server.IdscpServer;
-import de.fhg.aisec.ids.comm.server.ServerConfiguration;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import java.io.IOException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.nio.file.FileSystems;
-import java.nio.file.Files;
-import java.nio.file.Path;
-import java.security.KeyManagementException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateException;
-import java.util.Collections;
-import java.util.concurrent.ExecutionException;
-import javax.xml.bind.DatatypeConverter;
-import org.asynchttpclient.ws.WebSocket;
-import org.junit.Test;
-
-public class ProtocolTest {
-
-  @Test
-  public void testFailureHandling()
-      throws InterruptedException, ExecutionException, URISyntaxException, NoSuchAlgorithmException,
-          KeyStoreException, CertificateException, IOException, KeyManagementException {
-    final MySocketListener listener = new MySocketListener();
-    final Path jssePath = FileSystems.getDefault().getPath("src/test/resources/jsse");
-
-    final KeyStore ks = KeyStore.getInstance("JKS");
-    ks.load(
-        Files.newInputStream(jssePath.resolve("server-keystore.jks")), "password".toCharArray());
-    // Configure and start Server in one fluent call chain and use NON-EXISTING TPM SOCKET.
-    @SuppressWarnings("unused")
-    IdscpServer server =
-        new IdscpServer()
-            .config(
-                new ServerConfiguration.Builder()
-                    .port(8081)
-                    .attestationType(IdsAttestationType.BASIC)
-                    .setKeyStore(ks)
-                    .ttpUrl(new URI("https://localhost/nonexistingdummy_ttp"))
-                    .build())
-            .setSocketListener(listener)
-            .start();
-
-    // Configure and start client (blocks until IDSCP has finished)
-    IdscpClient client =
-        new IdscpClient()
-            .config(
-                new ClientConfiguration.Builder()
-                    .setSha256CertificateHashes(
-                        Collections.singletonList(
-                            DatatypeConverter.parseHexBinary(
-                                "4439DA49F320E3786319A5CF8D69F3A0831C4801B5CE3A14570EA84E0ECD82B0")))
-                    .build());
-    WebSocket wsClient = client.connect("localhost", 8081);
-
-    // --- IDSC protocol will run automatically now ---
-
-    // Client web socket is now expected to be open
-    assertTrue(wsClient.isOpen());
-
-    // Attestation result is expected to be not null and FAIL (because we did not connect to proper
-    // TPM above)
-    RatResult attestationResult = client.getAttestationResult();
-    assertNotNull(attestationResult);
-    assertEquals(RatResult.Status.FAILED, attestationResult.getStatus());
-
-    // TODO Make server-side attestation result accessible
-    // AttestationResult serverAttestationRes = server.handleAttestationResult();
-
-    // Send some payload from client to server
-    wsClient.sendTextFrame("Hello");
-
-    // Expect server to receive our payload
-    String serverReceived = listener.getLastMsg();
-    assertNotNull(serverReceived);
-    assertEquals("Hello", serverReceived);
-
-    try {
-      wsClient.sendCloseFrame(200, "Shutdown");
-    } catch (Exception e) {
-      // ignore
-    }
-    try {
-      server.getServer().stop();
-    } catch (Exception e) {
-      // ignore
-    }
-
-    // This is how to let the server run forever:
-    // server.getServer().join();
-  }
-}
diff --git a/ids-comm/src/test/resources/jsse/client-keystore.jks b/ids-comm/src/test/resources/jsse/client-keystore.jks
deleted file mode 100644
index 1a296db9f9a1a905aab56457e5faa5aa0c55b332..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2495
zcmZuydpMNo8=i0G8^<wB4kJ=SA>#ARgpqQ}tWi0Jgqn<DM3d2&aY!|qU4u=Eu&Q;K
zhH_R8VJl;&mBK2uP92sJ(m^_B5j)!7?zO+`+CSdwdhX|azx%nL_qxC5U7TK=Mj#MK
z`2xN!fGCdw=Uu3K5C}917Jy4IRzYQh0ssQ$NE`s55ugBkxsFG{-+JtqYWmQ0{<lBc
zsqC>N>YHI?iYR*_B@Mmx!`ttg+W9?Dlb=!Z8xLu^rKg5U1@|%TMeLRVnTb>%(XEHC
z+iHMbZR0$e%5pJFBkc3EFBJPYo*9^a9nAi)Qf9lwE^M&b=6vNlyp^ZlE)Bg6Nko4E
zU631*>?2Ll40u1>uUW;`YfXr{HGDc*GH@r?VyjPH)LS1rrTpeT7InC*<!Tud<cf1v
zq96NDNPKaOFzLNDt&yx!dn1d0iYJ7k8H|?cVM^9a7P!uu;O<=CWJ=4Q(Nca?MtZBO
zF!;H*HDV-5&;z2yEAD#*tG<IawVHE$gUnC*Z4jO3&<rzu>%v5mOozTJ3f|FS{%0sz
z--dKVd4Ew$l=LMe6y5()EClCwP#-e%ks@k`#&%nBa7|76WwW?*Jk!O^=g50%Zv^4B
z5AhEyK6My5IV(CW>lzJI3yUBThfTUqTc6bXUbZXf0dG%i?v`KYH*2ec+!I=s{a7Po
zvcl?+IK*vpjH_1h1YXBUdeFGc<dSYy;jzJul|pja(o=hlO{W{NW<)*J<VKMb|A(dr
z8EWF~CfWT?%8#}eLF=Kz7YU28ZtD)>gM0UOyLhZu0gXjz#EvfovTo}XtM0xaSrU$9
zV;QP!7;2~_z#40{aCeV)(n#QVk^<th?v+&WVk|Y}Y(lkH#dgxbs$clgzGp&aL&}4V
z7jfk$2v3@#y3ejUTU30ded1K8+qg?wwVT7OngkQZYG-uKRHc7(W(JAZEIki7XFHGP
zNZBs}FA=n(bJI#|(`);$k2YL3Uhpb2^i0O5{2rH0p0XA|w|V!Kl7y<6k07|Sf4krk
z=i|_=7Nu8XHG|ar(9b)HCT&DS&TL?I7DtWG$F{A4<I^3H+O6riKGEx^=adfiPx)W^
zVjOhPO!zJ`J+n}PTSFFIj8gR*_3*CrV(&ezyy2D7_dJ2YxxnE;$AC!8in?=4&+?r*
zR5RzoW5+YjW&84nPVKwc8@MZbrGwza28{qkuOrv57cz1%({~2Sw|2Ffd1|&le^XgV
z?#=k2XT<g)Z@?qcAV|1lqN$1VYnB;ir@F_7qZvIWKD#Pezf0XqDY;MYz_comh8XLv
zrkLbiKk8j%J-s-g(<Uva<e1+;CSd8#V%0f^!UN);j@!qMO{{<TQ%m)FCCF!I<Ip}M
z!^qHWmSrj<CX5r3m8s-e*V|e*Qmom(<X9nEZfDl9sw6^-XBz|WUH!Bd5*;sB|4FTS
zS6@p>dREQCYm_6s$nlA|(_{Y1u-}+dWAyY;KtJ^k(n+JA^zEVMw_`v1w3^Efs4=UU
z^$Q6D{4ow=^Q@Wg0B)bqFwXE*1EQhey8hTjN6C+$>eqILCuLVMV>bq2ltVsrC0FWH
zG2>?fjA>cVN0+QaT5Ood72DJHSg?1M7Ch>X)4b+%w>44rgM@#iR4@P3$M7I}P~@?h
zw#OH9v3zP*)h!zDy<N$v6MV6K1s-EF7d~1(lGo6#58=m0ULP9<#_nBkxoU6U@w|C{
zx4W5Wskz<QNa>!gx5EfZiUFl$?dVSvQ$4lsoCcFSXn9$PxjSB>E64P^RZ@2d?LL@g
zx6Le09${MEOqQ*sxw^hpp2)_PIKQ}Z`=xH0uz+f`y~8Nx*~w4d!8=G0PnT6XOZz$%
z(YqlVcoPBv9+pqUcvyg<m7tIS5(xmXnu4;q&|Uah4FFWp2zWD56;@V21%L{gNXj=v
zO&GTfR4^)T96B#%KbslBA>v`}<s=G&-A3^v`0>JAT?izYXbZ2#s}XI9FiBp^2DY&d
zmP5OLLHN-BldH>%%XySA3R~$(5u6wz4pv`IC}Na6c@Z&;{Sh($EdUE+md~kT&@S8j
zzHue4gz<j~()fxA%d%WqQ4uj*SO6IPyG8l@M+pFRggmc;6aWC?asBR1AN=NXHMb1a
z)(Y_h2M=cirC^%poAy$Q?l6PduZJ}+opQklsmj)peLdkDqOek@`A0)B<Ob@t>hbyF
z2ATUIkMEY6y*QFCW40jA;MVLK%TNN_t8_5h-%!1Ex(zySCS6@;>=2bun|w3rl^^r&
z@H$QQM0{e>q0Xt;myHg2`QbOM0`i|&h~KCjP12!iKiwI0Eb%i5+eiVNb~^Tyn~FvE
zY2Wh`=5z^t@drE~d@OOTf023jyX5erSAF&2zUd-C+gym{&*BR{(buWElPa1USCJ`U
z^puI+El}Frcx0W3EAj9D<QQ*~n0VlnxbWp4{Q76C%3@j9Q6vgL0Ac~)DZi0zuz~y<
z4X~gNsD(Y-nPYplpV=jF|FQ1c2)$+Za|FC*d3!CW3+tq4y-)3+6l+{+tIJ~f$0-uK
z=e^^Oe|3(5CWwR)u<G(zbr3`$(Iqf>8LR<e7=kTI%uCh_P4;uSvG!J03=RvTN5w@j
zAm%^*g2E%LqQc`K`5x@Apd^30(P%{g0Nr6XnDRG<kwUxwafGuIVpwdt{EPo$;;`9V
z2AvVX;VxSgS`Pkd(-_o&wf?3<A^(X0*kxHQ4z!2u1j;NngU;H|j^hfHi6k;4ZvY|+
z2y%H0c1%nJgUjapSJi)8PX1TPEe9a{wI%}usOfD*QnKb|PR7vd<VnjTcMH5*Y)fRN
zE_%LpwF&2dfmVYp?nYbpO}Qa^a(M1xX}{E}oq3T<ESvYGv9vlHi;rf@7ScWTzB<rq
zsPsPix5>?6ij50vnOnyHfG@LnZ8^?sS7c0uwuVHiJiSMA;7;)sO-O0(A89A!Yo544
zE_sl5FnwnxM-=d;ckc9sV>cg!S*YYN3NreM>JM*p?=@XjF)ZPS5R}JfPIvZp9&Wgy
zeZ;dwZ|7u{wny~ueM7-&7pm*7;atnTCh%W$#XHQ_qFz8X75h0jS;4`eO-r@!Ayw-m
vzBj!eU8}##_KO;_e`T)owl{P|`L_lqUG?i05<5)mu+0@`1t|N}%b|Y)9u*Bp

diff --git a/ids-comm/src/test/resources/jsse/client-truststore.jks b/ids-comm/src/test/resources/jsse/client-truststore.jks
deleted file mode 100644
index eebd40f4c4da3ded8f6a3a60042f0812e1a3b4b1..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1954
zcmezO_TO6u1_mZLW=c+EU|<aY?WpyDfi*(U)WDK~fjQBji8<DwiOF>VGZP~d6DPw*
z#)ZZgw$)V{@Un4gwRyCC=VfGMWo0n1HRLwnWMd9xVH0L@aWxb+5Cn0!c(~k(5=-+k
z^3zg_3?&W3L4wRY0-i3x3PJh#B?``t3PuKoW(IQNyoP3m21Y<zO)O2!qr`cQL0khU
zmr~=K7?qG6%*e{X+{DPwV9><K#ni;e$Z+q=8s%Rn=ev9pjfhRjeDk4v>IbQ53xn&{
zeeaKbu+wmVuBJ0fL};VO;gva4Z@b++dT+b$;;*OX)!HjXDkL9CG?IDVRCS@>JAlD+
zQS1B*8l^wHH>KZpSRLCT%(83y;r`<OLdMIfCp%C2Kby1lV6@Vd9TUTBR!RT4>Xey1
zX-?8|%`1w__l344{FYAL%D(8+zth|+g7){`pFj7t*(BBGS0`Vqx<xYoJpYqbzk`|6
zVDU@Q$Q?T)l7xe_873wlnkpW~>J=a`|JCzdDJ5mXkD`xyeE7Hf4C}H7GT-kP?00S!
zUn_ZZe$Rz+^Rh>rZ}`QZ?%rveT5<MW)ieIwRT2*c7&1*nnV1<F7#AlP#2Lr}V@Q^d
zMT|wHdWP(#|BYL2-#8R6+tIaFDo8g$$3Pw=t;`}}Al86g0Y6BAFeBrC7FGjhAZ5S}
z65wZH0j3`}<TwB(8ekkSGQ{t?Kl8zYU+i1&2Kq-R*Qq<+o7r_=#Wl?QulV|;X_wdE
z+Ow81rCM2u!+wRb;q<L$s~>-Vc3@Svzn1d@mwsQVDx-U;=gzJO+&p)d{L&}ed8<o5
z1>U`Xv|J#?B;5Znv+J*;+hQk1?0mFAL*VBkhGn0oy6-JKaMx1zQjG6;y{mf5_U;oq
z=5xThx|sQrj_|6Pk9aRFozpT;dd|GS#?rYRr3)we=>9G}b5TZs??t0U<_qC&O_!~U
zGQQlsHBY5))7x$LFK@Z{fb*irqcd5KS-Oigk1de?SKU{eXzkPVXS#ULw+C%|H~h%?
zyypHt^*L(h7yH*`oQkgbvfbwmht@6W<9qtT&A|DOwYW41mi>$lBeLHMVD@_g%zkGe
z*^iMCIRv?Bk?o93fZ5I%mhG&G$kpNoqQEEy=4w7rt`06ug5_yKneJ6~!Vb}x`@eqN
zQCPSADgXLbaml@!`^sneB*$HN^6==AiD{RXP0df`5%u{K*ewvlx;MCTrEOz@gNwiD
z@1I{@IoA5{PVTyEQJ|=JqI+{#<Nx!o6c%p`?^E;4US;92FwZq3NTF)&o8#f;VegK%
ztXu4EwDC|zRL`7vi|QkDGBxLYFi4yA!aSpeseH0g%*G?Nwrvk$Zy)N`Pqg&-8eH9e
zNH=1tPPW~x9L@Zk2Ub^)X&5qBG5u8B?qt{66jAH>F(zj3fhglyE1tE#+^tn`Q8c@*
z>~(?bwvL<bH#2Wcdy?(#uCeu)McUCh{o9yky?H9$lIi~7+^u7>R~r--eo0>#U8oAl
zbd4Vj8s8#iyU(phUFHic-?zRmC#0C&@bqv0;zr7{U7LY9C=bfB7#Qdo=q%7$pwXt5
zQBqQ1rLUh{l%toJS)7`zmj*AU^-@yxGgFH7fN};QY#iEb!1A4)k&(s2z|Ft~#y4PU
zvw)hBl3$*elb;CGfz6~MU@4!Rn4DTv0xIYAKn%1r3@!!cuJ4(^`8iPfliCE?!s!nE
zG9S6pZ^Sh!d%j(@oM&Q5#<j_@8}#}^t)C>XFYD51=`u78&@%dR=X2lBHEjR%|Gxfq
zld(MM^Cp|32YnOo-8-zi=Z;LA*FuT!RzA)9k7if!PFvdZa>LW7C9kF&SjJTDRx`Kw
zNpFL<;!AFc$4_@Smj#L~+|;okV_k9cjra{8R<2ao)2g&_y-=oAo#OZUHvjx9J<}(o
z*nKLJxi*O}Zq>$kmbhR?g9$ltr;bl|-Ku4G>1SK|SG@!c=Q(i+MVGe9&Sh79EZwkm
z_PsrBqM|EXvr6uS@Y%gx!XY?sYiv*Z!4~nHT;H^*$E!}u96Zz4qxm$qaG`0!$_rC&
SIRsq4$r!~{@WDl3D?0!nu;#!3

diff --git a/ids-comm/src/test/resources/jsse/server-keystore.jks b/ids-comm/src/test/resources/jsse/server-keystore.jks
deleted file mode 100644
index 5e8f8003fce1cb4f166cd15a7a359cfbcbc20c16..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 4494
zcmaJ^c|25Y|DMe<w#kyE?7N6FjGeL<CHt<ijwL%2MigU<kiw&c?6OCQEXmenmnFMV
zWEUaX->K(ap7;GczuzC{^SQ5c-}iOC_xF6y_qxu>`pG&71cLnY0)xnIVX#;n2n2S1
z?D=yS1R?_ic-S#OM@}V54u*j*K<L3>G7t<8Tej|g@!<ph>d%$&@9Di+iZOxG9G!BW
zQMqk)RKwU^o_f6&^(orgd{=IiFL6cpf>9%NBCgMPcRYZiov7LTz1C8W%F}VM=A1Mv
zE;y~p;q_v)`%|n$%eJ$v*@D8Y$&x*vn~jJY`@U|f%ZfLndPei9w`JHxhl28~On&t4
z58{7n!yZW(ouSg=nak#qU6)~4yZyDUbtvkJn!n5Lroc`PZ`Hv^)0^mUELE;@h!i0{
z$F{biv65eJR^I<*wt2|om95KfQ~O8IYu_y$=jreB5O0XeFvMvTn(prf+&A{E(q-U3
zKo5x=vGE*gsIxDHcAg#yxnxC^HqM9SgXS9Vf91No^@UgqoUvi&B%?nZQS2%D1H=0r
zox-g6<bD)^>mW2g!`#35t^^)?Ze+S@2Q@dR@S^KXGTk>TTbxP$-E~pb$|8#Fi4(t;
zq7iNC`--YsbjzZ(X3px6JCj^AW|6Y>Yi-L1$A`2oI_7FQ(OcZq%`zCZrTw=a?@zWM
z6lGC2_4GZ2S(3D$;x2J=uZGp0>sbtZFUjXf_APHpDn#iG8`WG<e1nuf=Zs=+E)VtP
zpE6Y8$u6l9&qk}0B}Ec74E1_St#clzSAkpO4?_1pY2Vyt!S*s1ZO3lUy?KwLj`Z+I
z&W*^~=hNXOyzw{58_ft~?em@ss%sMn(ApP4e7@+od!QJ|cfBwAiivC7XUf8NFS=;u
zyqAXahr4fwvUW%hk{Nz1BDxP{eo*<`ieA%sNaV0F)GOm;y3$(J*Gq4JkBeyIVftyu
zshdPG@$y7x-76)<qRjrubIp-XYZUj)?dwPn)g<9U)h`#B<A#3vD9XjI#7KH~WtR2p
z>lnIhSb}`0RAY_mtZszSk_Y)+O9)cZv-Ev!#6%xH(#ZO;s+8pkS7jh(IW145aZP?}
z3sz}RuvK@#-9TA7SJA(N%$L4HNAG%jx4!Q5v{>P@*>&5GSG3}18(*?l%axpNSoWKa
z4BJ=O-#jlleh~F&K0czIn*D65fjWz0kdK-?P;v2khF4lw^}+G*B<mM-w62of^7!2s
z@J)p{H(fV@8)9p%@#TFVG$httmf2ILE-lBzzE7|Zi1qv#ejKCRdoX#fk#Cf7VSAV&
zD2V=~QImc4(-Qd5Q6wlfhN6E(L<PwfSr^a1a{ayeI_#;SE3O6^c|rW$Y@TcN)YGX*
zt8fjQrlbH4F~+j)A)!Y0mriFb^IexI-c&8xc0`a}<_t4JC1f<YyYk$s^~xi(C-3`U
zx(67Qn&{O1A*s(ZP9aN^j5<<}g~aoxSw{LxduFv?k1fOWpGFYrE6ZI#($8uCVD!w8
zh0U?+p|9)8t9Wx2E!Hit4hR%#R&dDnej?ypVj`U%@rIU}lf7c7s|s^Ihn=H_8{HFN
z7?nL-OL@G+?6OJvilFdV+a-dZ+K`&Ar=1kr6pfnoLt#-kBzTlb^r50=tunnbs>ig$
z$57*fPG*fMdnczSYNiyKWT}7eTh&1EX~6W1b0A?o>{!WZ)%rI7KKRhf3440_7V^kV
zT?=%;ciG5s^<9;~^Yr^V9y*J>EJsD-`?P|~S$&<%p2C^c7JNfl!3M`Oo}U+Y`8GFW
zd-vq>!kO&ig*jRIuQ!i9Npf6>zeLp36?sB<{Ob9w!IpVA^^A!uf%}|3zkZ(tsW+1P
zqPe&<AW!O)F919w55R-tvY-$!1Ol_BSt0<m<nRkoSEKf5!C-1K5Ws|F0M3v@O<+(O
zxVx8wox6*d9~R(bp+(9eB>{OP0HCC0EJ;xQFYy1^g$MKgm7dgmp?EL?M2dh4f(L^^
zaZ+|$)klUm^eQYXO-?JP3WIlWqXaeGQB4Xq-Q+3vdCxAt`=a-15R?Vw-rhs%#8!R)
zmz=h|@gw(Ivy-Qi<bm^)>nhimj@M@93dMw|UWr3kGN1TCxJiP@S+=yx<H3S5KIXNy
z!@`TBUy;)96ddn%ay&{vHjm5~qGkpu$m<vjh>6C_l+R_qTn*PHucVcxUvPiZ$v&dz
z^YXkADgbJ78z=dNaG`v$G@X5~AeRv>-qs-7G2G)FFFeb9i(aKa&V#}uc}~gREIM`Z
zdR@uFbVz5s-z&j<TGZ}n!8SrEn@A`P(`3^WWzxp*W<p~Z;+A%~uEr=OU*u@chCsm}
z@Lw}TdI6*ifk9&A2TVFoY91z9febQMLu2@i5ie{z!jqPc-Dsg1#D$H|fV|gUL}z7e
zAQ#WPW-)677dD&EXg!dlWRPbdffn~<ZFS@ZZeyRwr3E{GU?w1Vpeq@6o;m!>%H0<b
z?4qY>wrPwaYcyR{QkY@QYiY$sqxPG~s(8+0HRT;E5&!Rt8G?hF!Pi260GGBB33(dt
zeoknfAKTOdD!aKxi+9>47J4ONDDUfpN%w&cgyl=F-4Fhb2+Ne&`3?W(12ucfxz(TW
zvTrqg>1Ac67GzEG)u26^#9~@<8#^iJ+>zc}>lTxfB*e?;iI_LeZj;wai_qTIB{w9P
zA+@$GnVi4N7K|hnui2q0w1y<*P?D6N{*9Eco>Pw!o9DBj$*%v@n|PUSCDn2s!5`Xs
z;zQ%vM}bz6<mcOz(IQjlFHkW85^nh{FrG`RJX*BP^br)u|FRTvb}BNsX_8oae_^{O
zp5yd*@<d%<+4{|dYo*_n)U>ndN^=6%yO1A?j|B3uuC|});#=@%ZlUeAW~#EkZ7rc&
zhj;o$;>j`X*yp_;m<s~CYPKkrUP#<bu}AVgtaqwlsAaZ);C+S9;aa+l24@nx>HtA-
z<umqmu<u7i$}!uH>ZaaY+V;<ewI+s_86$Ri)E~O44My89^UvdMu}sEFsVcXnJeXlH
zJYSaq!z3+R#&6`MJ{d%RO1wB9&|YLGGnQApFSg$-mL=0vV<%0g`da+K*l-rX^!BqJ
zh}WlutnnmDUn{%ZcPIVM1v^6ghTF5~JFmFzRPa_7x9Ol%c^FIzgc4V=0ntw1+@CFB
zUd)PaJcO7Uu(?_on{HCBy4Gi{4>%Mm7_xo~>i}n&+qNN|NS~@hvXlsP=ExuYW2y3C
ze%Ef%8x2*RX&*l>FbZyr^)t=M*%(Wt|7`O4xNjt`0oMXk(3=8{-8-B$4(X#-FMCB^
z0eUu~6GYRIvk}`q!;cRxcA3k`UXesg6isCgbwJ-gy98cNHE%QKI!m}0W%w>Jv&!Qe
z2T$;7{5|6BhCM0%{u)O7hFKw%S4x)7;hT^EvY)Xo0gltjDPoB3^|A145^bx0Ja1Ou
z!yRdzV_N$va|iy^i7n>RgbI6s^uz5lIM{Yh^RSq|VronVWv~a=BmGeSmCG){Qy{5w
z^kEXUYj@lv`7pWMZ2dfYr>|nc6~TVL2Q!c?-B3}#QL0CrI7)#}tpV%~M#m+__6Oaw
zz2kG*Te%X>i8d~B$z9?-<?(hq$M#W%3%m=vN@W>xktyqIyE|rsJMmq@#fncV>W=g_
zjf=}z#g*yX$g6CJ6?n$K_c;0_pqV~FQy-+`Xtdv2mMjUip?aRN7E&KXD1Iz{xR{)W
z3U<)=bc5$1CZ+R?ueYRlf(6)(z*qWi*v=-o!Bo9(-=>%Wr5)$RZZj|;Fj(T~H_tHH
z6A}bqFlp#A=MF~g`#y_}(SuwRFQwycSky!x0r1>|XK=;U&Z#47v(7SWi_xncj!fqM
z)D`$NR$TL@+a8vwg@O=pf?G7KuLt46aN{xC2sv+l7V~N4{!SY@v53qoP4MU?BcJ(l
zTB@zDQRf>jsRm}Tm9+7`-c1!8-+N)<?cSy){5;7)0)F$sSZV&8v7&0XesQdm+-9en
zk~D{g-`X&|xaDP1^Dw4y);h_+Z6n~I?xOWjHPsGfw3G~AMY(WaJEf6`g=bEZ49C)(
zjJxg;=rf{r+I{asD;&6+c9=20<voBBdeCG5cMJbQzFPi~IO6cC7$GrZ?3hk%oY8Zd
z_za=0zoViwrAP5DEZ5+uP4m{vU5z_#+1?gHD_1&1ubbj^-$AMb6Qf1oS&mNV^o2N;
z@6q*@y-#t@%x0IU(=^K&LY;c<5DD~_YL0SUO<Vh(DsraXK|&%K5jKWC@Wks0uN*JB
zaNlNcllmUd+i-<Xm7yCwx-TOXP4y*rT0+?(U3OM{juD*mp$d(<q?(sa{oT+v_qB<#
zhSSw=qH*ca{0MG+)vmz}bDz}DKL&{q$oeujs7y~qdNtO|+2nYlrdp*2`d?xW3nFzy
ze*h0f|0(9+{}mEI5lIcee<?XRBSb?J$q3N@0#r0qTE2F-Jzcz<Fuq6@;Ow7TPp7S6
z#BFrjUR{-25<trQ7JL~bAW1R~(txDgFTt1l3j}=rn;bz>F%mf?4Y`^f4&&>Iqz4ec
zZcxxr>fXk9I=Emw|2_aZfacdaY8o<CZ6i%}Bpbl;XFz9uWA5K!VSN2Dz9iT1|GSA6
z**fiSy6})1BcfG&<jw_I;p7L-6O`PID1-)J|1^v|Axzh#8LdTQe$Q-%v4N2I<7*SX
zO$t9h8lt6jrU_ako%RFGEXB)xH8QEz_&np+8)>k9yGR|)gE~K$+TMD!SOfFdF_U#C
z@)TWvekgb~+VVN~`Uh9pqx$#LiY&!~^l(i?)A}cO7laI!vN<iz-*wr#Xe(7YY~49a
z+k1l=e`PJj53;ld(~PtpP0(tNVW|x5@VZwWbl<(*9KEp;0~$IHE$`&8U@h@iVo+{c
zRdLVt82F<rqGL^g_+*(?B<s$di}}07V-)jWEd@fuq@{_7<c&-dgWAI3z%K#6-9#=P
ztV_z2Ho!qjBL^Lf8OB7AH;BPXpO#R_G2mK?<5+ly!cYL$uW3FQE5IDev>n-@@%&6-
zb47x?u^$Dp`%up>?04mGFv1`J2%!G876F4nA!J#A>@UCt0|0SAEbBs+aFn167VE7b
zA>rWbE^g=Qhj9>h`geVaJ7OeU9sR^fbAT~9CFwVujEn*dhFt};0F8fP01_qlPYy?~
z08e)>JJOE7WAgR#!aCSFV0^K^N>u#U;Ll?Uz?cE1f6+l9{~mz>)nC!l!xR8H{D0gm
z9*&fh6(=1)9Es;9h3DYq>4|Z`dinm{Q~%DM`3s;kUN?*q7Qs0wwmkLH<elH&@y>L*
zma5c6o-efVE~Yg&OiQrtu`UdGB-6QDe<;0@HqaD!;!0C2q|N-y<8Ey}N^3;^jhH3h
zF4}i*FR;gz@o_shl<to#uOC^p7E6fQ;(CGIyi%jaiV2k}R@2~caFgZ7O_^1iYvqe|
zRufigAFwEck`_t}8K591Wo`MMX6fU}2r(h6k}VW3uWM>+REXbn;Q4OXTn@dYs)U3#
z4jbXtYJ>!5ku8WFx9SKl>oQ6z-&L%{QZo;v$7v8?nKXv#E3X<=N10LP+32D|Ul~q3
xTi2Z}@4K}q8t80BrK0L4(d_Gz*0VRpzE<O_#slAL@11?y7CZln$S;{9@eeUh$Xoyb

diff --git a/ids-comm/src/test/resources/jsse/server-truststore.jks b/ids-comm/src/test/resources/jsse/server-truststore.jks
deleted file mode 100644
index 83991552129b62a062ead9631d1d6dcf07038ef5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1954
zcmezO_TO6u1_mZLW=c+EU|<aY?eK(=fi*(U)WDK~fjQBji8<DwiOF>VGZP~d6DPw*
z#)ZZgw$)V{@Un4gwRyCC=VfGMWo0n1HRLwnWMd9xVH0L@aWxb+5Cn0!c(~k(5=-+k
z^3zg_3?&W3L4wRY0-i3x3PJh#B?``t3PuKoW(IQNyoP3m21Y<zO)O2!qr`cQL0khU
zmr~=K7?qG6%*e{X+{DPwV9><K#ni;e$Z+q=8s%Rn=ev9pjfhRjeDk4v>IbQ53xn&{
zeeaKbu+wmVuBJ0fL};VO;gva4Z@b++dT+b$;;*OX)!HjXDkL9CG?IDVRCS@>JAlD+
zQS1B*8l^wHH>KZpSRLCT%(83y;r`<OLdMIfCp%C2Kby1lV6@Vd9TUTBR!RT4>Xey1
zX-?8|%`1w__l344{FYAL%D(8+zth|+g7){`pFj7t*(BBGS0`Vqx<xYoJpYqbzk`|6
zVDU@Q$Q?T)l7xe_873wlnkpW~>J=a`|JCzdDJ5mXkD`xyeE7Hf4C}H7GT-kP?00S!
zUn_ZZe$Rz+^Rh>rZ}`QZ?%rveT5<MW)ieIwRT2*c7&1*nnV1<F7#AlP#2Lr}V@Q^d
zMT|wHdWP(#|BYL2-#8R6+tIaFDo8g$$3Pw=t;`}}Al86g0Y6BAFeBrC7FGjhAZ5S}
z65wZH0j3`}<TwB(8ekkSGQ{t?Kl8zYU+i1&2Kq-R*Qq<+o7r_=#Wl?QulV|;X_wdE
z+Ow81rCM2u!+wRb;q<L$s~>-Vc3@Svzn1d@mwsQVDx-U;=gzJO+&p)d{L&}ed8<o5
z1>U`Xv|J#?B;5Znv+J*;+hQk1?0mFAL*VBkhGn0oy6-JKaMx1zQjG6;y{mf5_U;oq
z=5xThx|sQrj_|6Pk9aRFozpT;dd|GS#?rYRr3)we=>9G}b5TZs??t0U<_qC&O_!~U
zGQQlsHBY5))7x$LFK@Z{fb*irqcd5KS-Oigk1de?SKU{eXzkPVXS#ULw+C%|H~h%?
zyypHt^*L(h7yH*`oQkgbvfbwmht@6W<9qtT&A|DOwYW41mi^vFA+p~KVD@_g%zkGe
z*^iMCIRv?Bk?o93fZ5I%mhG&G$kpNoqQEEy=4w7rt`06ug5_yKneJ6~!Vb}x`@eqN
zQCPSADgXLbaml@!`^sneB*$HN^6==AiD{RXP0df`5%u{K*ewvlx;MCTrEOz@gNwiD
z@1I{@IoA5{PVTyEQJ|=JqI+{#<Nx!o6c%p`?^E;4US;92FwZq3NTF)&o8#f;VegK%
ztXu4EwDC|zRL`7vi|QkDGBxLYFi4yA!aSpeseH0g%*G?Nwrvk$Zy)N`Pqg&-8eH9e
zNH=1tPPW~x9L@Zk2Ub^)X&5qBG5u8B?qt{66jAH>F(zj3fhglyE1tE#+^tn`Q8c@*
z>~(?bwvL<bH#2Wcdy?(#uCeu)McUCh{o9yky?H9$lIi~7+^u7>R~r--eo0>#U8oAl
zbd4Vj8s8#iyU(phUFHic-?zRmC#0C&@bqv0;zr7{U7LY9C=bfB7#Qdo=q%7$pwXt5
zQBqQ1rLUh{l%toJS)7`zmj*AU^-@yxGgFH7fN};QY#iEb!1A4)k&(s2z|Ft~#y4PU
zvw)hBl3$*elb;CGfz6~MU@4!Rn4DTv0xIYAKn%1r3@!!cuJ4(^`8iPfliCE?!s!nE
zG9S6pZ^Sh!d%j(@oM&Q5#<j_@8}#}^t)C>XFYD51=`u78&@%dR=X2lBHEjR%|Gxfq
zld(MM^Cp|32YnOo-8-zi=Z;LA*FuT!RzA)9k7if!PFvdZa>LW7C9kF&SjJTDRx`Kw
zNpFL<;!AFc$4_@Smj#L~+|;okV_k9cjra{8R<2ao)2g&_y-=oAo#OZUHvjx9J<}(o
z*nKLJxi*O}Zq>$kmbhR?g9$ltr;bl|-Ku4G>1SK|SG@!c=Q(i+MVGe9&Sh79EZwkm
z_PsrBqM|EXvr6uS@Y%gx!XY?sYiv*Z!4~nHT;H^*$E!}u96Zz4qxm$qFj`}+)3Qdx
Ss}t|%#;}DMPmB>*G!+0m<K|od

diff --git a/ids-comm/src/test/resources/log4j2-test.xml b/ids-comm/src/test/resources/log4j2-test.xml
deleted file mode 100644
index c160b2637..000000000
--- a/ids-comm/src/test/resources/log4j2-test.xml
+++ /dev/null
@@ -1,39 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  ========================LICENSE_START=================================
-  Camel IDS Component
-  %%
-  Copyright (C) 2017 Fraunhofer AISEC
-  %%
-  Licensed under the Apache License, Version 2.0 (the "License");
-  you may not use this file except in compliance with the License.
-  You may obtain a copy of the License at
-  
-       http://www.apache.org/licenses/LICENSE-2.0
-  
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
-  =========================LICENSE_END==================================
-  -->
-
-<Configuration package="log4j.test" status="WARN">
-<Appenders>
-    <Console name="Console" target="SYSTEM_OUT">
-        <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
-    </Console>
-</Appenders>
-<Loggers>
-    <Logger name="de.fhg" level="DEBUG" additivity="false">
-        <AppenderRef ref="Console" level="DEBUG" />
-    </Logger>
-    <Logger name="log4j.test.Log4jTest" level="INFO" additivity="false">
-        <AppenderRef ref="Console"/>
-    </Logger>
-    <Root level="INFO" additivity="false">
-        <AppenderRef ref="Console"/>
-    </Root>
-</Loggers>
-</Configuration>
diff --git a/ids-dataflow-control/build.gradle.kts b/ids-dataflow-control/build.gradle.kts
index eb7e320d3..50d1d6dce 100644
--- a/ids-dataflow-control/build.gradle.kts
+++ b/ids-dataflow-control/build.gradle.kts
@@ -6,9 +6,7 @@ dependencies {
 
     providedByBundle(project(":ids-api")) { isTransitive = false }
 
-    providedByBundle("com.google.guava", "guava", libraryVersions["guava"]) {
-        isTransitive = false  // Avoid pulling in of checker framework and other annotation stuff
-    }
+    providedByBundle("com.google.guava", "guava", libraryVersions["guava"])
 
 //    providedByBundle("it.unibo.alice.tuprolog", "tuprolog", libraryVersions["tuprolog"])
     implementation("it.unibo.alice.tuprolog", "2p-core", libraryVersions["2p"])
diff --git a/ids-route-manager/build.gradle.kts b/ids-route-manager/build.gradle.kts
index c7a458996..c831a33ea 100644
--- a/ids-route-manager/build.gradle.kts
+++ b/ids-route-manager/build.gradle.kts
@@ -5,7 +5,6 @@ dependencies {
     providedByBundle(project(":ids-api")) { isTransitive = false }
 
     implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
-    implementation("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodel"])
 
     providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
     providedByFeature("org.apache.camel", "camel-management", libraryVersions["camel"])
@@ -13,9 +12,7 @@ dependencies {
     osgiCore("org.apache.felix", "org.apache.felix.framework", libraryVersions["felixFramework"])
     osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
 
-    providedByBundle("com.google.guava", "guava", libraryVersions["guava"]) {
-        isTransitive = false  // Avoid pulling in of checker framework and other annotation stuff
-    }
+    providedByBundle("com.google.guava", "guava", libraryVersions["guava"])
 
     testImplementation("junit", "junit", libraryVersions["junit4"])
     testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
index eb0eba747..8f2d1c6bc 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
@@ -32,15 +32,15 @@ import org.apache.camel.model.EndpointRequiredDefinition
 import org.apache.camel.model.FromDefinition
 import org.apache.camel.model.RouteDefinition
 import org.apache.camel.model.ToDefinition
+import org.apache.camel.support.processor.DelegateAsyncProcessor
 import org.slf4j.LoggerFactory
 import java.net.InetAddress
 import java.net.URI
 import java.util.*
-import java.util.concurrent.CompletableFuture
 
 class PolicyEnforcementPoint internal constructor(
     private val destinationNode: NamedNode,
-    private val target: Processor) : AsyncProcessor {
+    target: Processor) : DelegateAsyncProcessor(target) {
     /**
      * The method performs flow control and calls Exchange.setException() when necessary
      * It iterates through nodes in CamelRoute (<from>, <log>, <choice>, <process>, <to>, ...)
@@ -210,32 +210,11 @@ class PolicyEnforcementPoint internal constructor(
     }
 
     @Throws(Exception::class)
-    override fun process(exchange: Exchange) {
+    override fun process(exchange: Exchange, asyncCallback: AsyncCallback): Boolean {
         if (processFlowControl(exchange)) {
-            target.process(exchange)
-        }
-    }
-
-    override fun process(exchange: Exchange, callback: AsyncCallback): Boolean {
-        if (processFlowControl(exchange)) {
-            try {
-                target.process(exchange)
-                callback.done(true)
-                return true
-            } catch (e: Exception) {
-                LOG.error(e.message, e)
-            }
-        }
-        callback.done(false)
-        return false
-    }
-
-    override fun processAsync(exchange: Exchange): CompletableFuture<Exchange> {
-        return try {
-            target.process(exchange)
-            CompletableFuture.completedFuture(exchange)
-        } catch (x: Exception) {
-            CompletableFuture.failedFuture(x)
+            return super.process(exchange, asyncCallback)
+        } else {
+            throw Exception("Exchange blocked by data flow policy")
         }
     }
 
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt
index 6e0b892e3..2fdac44db 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt
@@ -442,8 +442,6 @@ class RouteManagerService : RouteManager {
     override fun addRoute(routeRepresentation: String) {
         LOG.debug("Adding new route: $routeRepresentation")
         val existingRoutes = this.routes
-        // @todo: Need to verify that this or the call to CamelContext.start() below actually registers
-        // the route properly
         val cCtx: CamelContext = DefaultCamelContext()
         try {
             ByteArrayInputStream(routeRepresentation.toByteArray(StandardCharsets.UTF_8)).use { bis ->
diff --git a/ids-settings/build.gradle.kts b/ids-settings/build.gradle.kts
index a07b0682c..c355f44c6 100644
--- a/ids-settings/build.gradle.kts
+++ b/ids-settings/build.gradle.kts
@@ -1,13 +1,11 @@
-dependencies {
-    @Suppress("UNCHECKED_CAST") val libraryVersions =
-            rootProject.ext.get("libraryVersions") as Map<String, String>
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.ext.get("libraryVersions") as Map<String, String>
 
+dependencies {
     infomodelBundle(project(":ids-api")) { isTransitive = false }
 
     // Required by MapDB below
-    providedByBundle("com.google.guava", "guava", libraryVersions["guava"]) {
-        isTransitive = false  // Avoid pulling in of checker framework and other annotation stuff
-    }
+    providedByBundle("com.google.guava", "guava", libraryVersions["guava"])
     implementation ("org.mapdb", "mapdb", libraryVersions["mapdb"]) {
         // Exclude guava dependency, which is provided by bundle
         exclude("com.google.guava", "guava")
diff --git a/ids-token-manager/bnd.bnd b/ids-token-manager/bnd.bnd
index 91074f4d8..1b17796bc 100755
--- a/ids-token-manager/bnd.bnd
+++ b/ids-token-manager/bnd.bnd
@@ -1,4 +1,4 @@
 Bundle-Name: IDS :: Token Manager
 Import-Package: \
-  !com.android.org.conscrypt,\
-  *
\ No newline at end of file
+    !com.android.org.conscrypt,\
+    *
\ No newline at end of file
diff --git a/ids-token-manager/build.gradle b/ids-token-manager/build.gradle
deleted file mode 100755
index 8d8be6f02..000000000
--- a/ids-token-manager/build.gradle
+++ /dev/null
@@ -1,21 +0,0 @@
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-    providedByBundle(project(':idscp2')) { transitive = false }
-
-    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-
-    implementation group: 'io.jsonwebtoken', name: 'jjwt-impl', version: libraryVersions.jsonwebtoken
-    implementation group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: libraryVersions.jsonwebtoken
-    implementation group: 'io.jsonwebtoken', name: 'jjwt-api', version: libraryVersions.jsonwebtoken
-    providedByBundle group: 'com.squareup.okhttp3', name: 'okhttp', version: libraryVersions.okhttp
-    providedByBundle group: 'com.squareup.okio', name: 'okio', version: libraryVersions.okio
-    providedByBundle group: 'org.bitbucket.b_c', name: 'jose4j', version: libraryVersions.jose4j
-    providedByBundle group: 'org.json', name: 'json', version: libraryVersions.orgJson
-    providedByBundle group: 'org.bouncycastle', name: 'bcprov-jdk15on', version: libraryVersions.bouncycastle
-
-    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-}
-
-
-
diff --git a/ids-token-manager/build.gradle.kts b/ids-token-manager/build.gradle.kts
new file mode 100644
index 000000000..79d914291
--- /dev/null
+++ b/ids-token-manager/build.gradle.kts
@@ -0,0 +1,13 @@
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.ext.get("libraryVersions") as Map<String, String>
+
+dependencies {
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+
+    implementation("de.fhg.aisec.ids", "idscp2", libraryVersions["idscp2"])
+
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+}
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
index eb09d2003..b25b2a446 100755
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
@@ -22,7 +22,6 @@
 import de.fhg.aisec.ids.api.settings.ConnectionSettings;
 import de.fhg.aisec.ids.api.settings.ConnectorConfig;
 import de.fhg.aisec.ids.api.settings.Settings;
-import de.fhg.aisec.ids.api.tokenm.DatException;
 import de.fhg.aisec.ids.api.tokenm.TokenManager;
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver;
 import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig;
@@ -101,38 +100,6 @@ public void verifyJWT(
     }
   }
 
-//  /**
-//   * Convert byte to hexadecimal chars without any dependencies to libraries.
-//   * @param num Byte to get hexadecimal representation for
-//   * @return The hexadecimal representation of the given byte value
-//   */
-//  private char[] byteToHex(byte num) {
-//    char[] hexDigits = new char[2];
-//    hexDigits[0] = Character.forDigit((num >> 4) & 0xF, 16);
-//    hexDigits[1] = Character.forDigit((num & 0xF), 16);
-//    return hexDigits;
-//  }
-//
-//  /**
-//   * Lookup table for encodeHexString()
-//   */
-//  private final HashMap<Byte, char[]> hexLookup = new HashMap<>();
-//  /**
-//   * Encode a byte array to a hex string
-//   * @param byteArray Byte array to get hexadecimal representation for
-//   * @return Hexadecimal representation of the given bytes
-//   */
-//  private String encodeHexString(byte[] byteArray, @SuppressWarnings("SameParameterValue") boolean beautify) {
-//    StringBuilder sb = new StringBuilder();
-//    for (byte b : byteArray) {
-//      sb.append(hexLookup.computeIfAbsent(b, this::byteToHex));
-//      if (beautify) {
-//        sb.append(':');
-//      }
-//    }
-//    return sb.toString();
-//  }
-
   @Activate
   public void run() {
     LOG.info("Token renewal triggered.");
diff --git a/ids-webconsole/build.gradle b/ids-webconsole/build.gradle
index fd0101bf8..0c1e9dea7 100644
--- a/ids-webconsole/build.gradle
+++ b/ids-webconsole/build.gradle
@@ -62,7 +62,6 @@ dependencies {
     providedByFeature group: 'javax.servlet', name: 'javax.servlet-api', version: libraryVersions.javaxServlet
 
     providedByFeature group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
-    providedByFeature group: 'org.apache.camel', name: 'camel-core-osgi', version: libraryVersions.camel
 
     providedByFeature group: 'org.apache.cxf', name: 'cxf-rt-frontend-jaxrs', version: libraryVersions.cxf
     providedByFeature group: 'org.apache.cxf', name: 'cxf-rt-rs-extension-providers', version: libraryVersions.cxf
diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/RouteApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/RouteApi.java
index 1d9297756..e947c0415 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/RouteApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/RouteApi.java
@@ -20,7 +20,6 @@
 package de.fhg.aisec.ids.webconsole.api;
 
 import de.fhg.aisec.ids.api.Result;
-import de.fhg.aisec.ids.api.internal.ComponentNotAvailableException;
 import de.fhg.aisec.ids.api.policy.PAP;
 import de.fhg.aisec.ids.api.router.*;
 import de.fhg.aisec.ids.webconsole.WebConsoleComponent;
@@ -29,15 +28,16 @@
 import io.swagger.annotations.ApiOperation;
 import io.swagger.annotations.ApiParam;
 import io.swagger.annotations.Authorization;
+import org.checkerframework.checker.nullness.qual.NonNull;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.ws.rs.*;
+import javax.ws.rs.core.MediaType;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;
 import java.util.Map;
-import javax.ws.rs.*;
-import javax.ws.rs.core.MediaType;
-import org.checkerframework.checker.nullness.qual.NonNull;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 /**
  * REST API interface for "data pipes" in the connector.
@@ -92,7 +92,7 @@ public List<RouteObject> list() {
   public RouteObject get(@ApiParam(value = "Route ID") @PathParam("id") @NonNull String id) {
     RouteManager rm = WebConsoleComponent.getRouteManager();
     if (rm == null) {
-      throw new ComponentNotAvailableException();
+      throw new InternalServerErrorException();
     }
     RouteObject oRoute = rm.getRoute(id);
     if (oRoute == null) {
@@ -109,7 +109,7 @@ public RouteObject get(@ApiParam(value = "Route ID") @PathParam("id") @NonNull S
   public String getAsString(@ApiParam(value = "Route ID") @PathParam("id") String id) {
     RouteManager rm = WebConsoleComponent.getRouteManager();
     if (rm == null) {
-      throw new ComponentNotAvailableException();
+      throw new InternalServerErrorException();
     }
     String routeAsString = rm.getRouteAsString(id);
     if (routeAsString == null) {
@@ -128,7 +128,7 @@ public Result startRoute(@PathParam("id") String id) {
     try {
       RouteManager rm = WebConsoleComponent.getRouteManager();
       if (rm == null) {
-        throw new ComponentNotAvailableException();
+        throw new InternalServerErrorException();
       }
       rm.startRoute(id);
       return new Result();
@@ -148,7 +148,7 @@ public Result saveRoute(@PathParam("id") @NonNull String id, @NonNull String rou
     try {
       RouteManager rm = WebConsoleComponent.getRouteManager();
       if (rm == null) {
-        throw new ComponentNotAvailableException();
+        throw new InternalServerErrorException();
       }
       rm.saveRoute(id, routeDefinition);
       return new Result();
@@ -168,7 +168,7 @@ public Result addRoute(@NonNull String routeDefinition) {
     try {
       RouteManager rm = WebConsoleComponent.getRouteManager();
       if (rm == null) {
-        throw new ComponentNotAvailableException();
+        throw new InternalServerErrorException();
       }
       rm.addRoute(routeDefinition);
       return new Result();
@@ -191,7 +191,7 @@ public Result stopRoute(@PathParam("id") String id) {
     try {
       RouteManager rm = WebConsoleComponent.getRouteManager();
       if (rm == null) {
-        throw new ComponentNotAvailableException();
+        throw new InternalServerErrorException();
       }
       rm.stopRoute(id);
       return new Result();
@@ -209,7 +209,7 @@ public Result stopRoute(@PathParam("id") String id) {
   public RouteMetrics getMetrics(@PathParam("id") String routeId) {
     RouteManager rm = WebConsoleComponent.getRouteManager();
     if (rm == null) {
-      throw new ComponentNotAvailableException();
+      throw new InternalServerErrorException();
     }
     return rm.getRouteMetrics().get(routeId);
   }
@@ -225,7 +225,7 @@ public RouteMetrics getMetrics(@PathParam("id") String routeId) {
   public RouteMetrics getMetrics() {
     RouteManager rm = WebConsoleComponent.getRouteManager();
     if (rm == null) {
-      throw new ComponentNotAvailableException();
+      throw new InternalServerErrorException();
     }
     return aggregateMetrics(rm.getRouteMetrics().values());
   }
@@ -273,7 +273,7 @@ private RouteMetrics aggregateMetrics(Collection<RouteMetrics> currentMetrics) {
   public List<RouteComponent> getComponents() {
     RouteManager rm = WebConsoleComponent.getRouteManager();
     if (rm == null) {
-      throw new ComponentNotAvailableException();
+      throw new InternalServerErrorException();
     }
     return rm.listComponents();
   }
@@ -285,7 +285,7 @@ public List<RouteComponent> getComponents() {
   public Map<String, String> listEndpoints() {
     RouteManager rm = WebConsoleComponent.getRouteManager();
     if (rm == null) {
-      throw new ComponentNotAvailableException();
+      throw new InternalServerErrorException();
     }
     return rm.listEndpoints();
   }
@@ -297,9 +297,12 @@ public Map<String, String> listEndpoints() {
   public ValidationInfo validate(@PathParam("routeId") String routeId) {
     PAP pap = WebConsoleComponent.getPolicyAdministrationPoint();
     if (pap == null) {
-      throw new ComponentNotAvailableException();
+      throw new InternalServerErrorException();
     }
     RouteVerificationProof rvp = pap.verifyRoute(routeId);
+    if (rvp == null) {
+      throw new InternalServerErrorException();
+    }
     ValidationInfo vi = new ValidationInfo();
     vi.valid = rvp.isValid();
     if (!rvp.isValid()) {
@@ -315,7 +318,7 @@ public ValidationInfo validate(@PathParam("routeId") String routeId) {
   public String getRouteProlog(@PathParam("routeId") @NonNull String routeId) {
     RouteManager rm = WebConsoleComponent.getRouteManager();
     if (rm == null) {
-      throw new ComponentNotAvailableException();
+      throw new InternalServerErrorException();
     }
     return rm.getRouteAsProlog(routeId);
   }
diff --git a/idscp2-app-layer/LICENSE.txt b/idscp2-app-layer/LICENSE.txt
deleted file mode 100644
index 261eeb9e9..000000000
--- a/idscp2-app-layer/LICENSE.txt
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/idscp2-app-layer/README.md b/idscp2-app-layer/README.md
deleted file mode 100644
index 9874e883f..000000000
--- a/idscp2-app-layer/README.md
+++ /dev/null
@@ -1 +0,0 @@
-The _idscp2_ implements the second version of the IDS Communication Protocol
diff --git a/idscp2-app-layer/bnd.bnd b/idscp2-app-layer/bnd.bnd
deleted file mode 100644
index bb5171797..000000000
--- a/idscp2-app-layer/bnd.bnd
+++ /dev/null
@@ -1,6 +0,0 @@
-Bundle-Name: IDS :: IDSCP2
-Bundle-Description: IDSCP2 protocol implementation
-Export-Package: \
-  de.fhg.aisec.ids.idscp2.app_layer*
-Import-Package: \
-  *
\ No newline at end of file
diff --git a/idscp2-app-layer/build.gradle.kts b/idscp2-app-layer/build.gradle.kts
deleted file mode 100644
index 7ccb6d48e..000000000
--- a/idscp2-app-layer/build.gradle.kts
+++ /dev/null
@@ -1,39 +0,0 @@
-import com.google.protobuf.gradle.protobuf
-import org.gradle.plugins.ide.idea.model.IdeaModel
-
-@Suppress("UNCHECKED_CAST") val libraryVersions =
-        rootProject.ext.get("libraryVersions") as Map<String, String>
-
-version = libraryVersions["idscp2"] ?: error("IDSCP2 version not specified")
-
-apply(plugin = "com.google.protobuf")
-apply(plugin = "idea")
-
-val generatedProtoBaseDir = "${projectDir}/generated"
-
-protobuf {
-    generatedFilesBaseDir = generatedProtoBaseDir
-}
-
-tasks.named("clean") {
-    doLast {
-        delete(generatedProtoBaseDir)
-    }
-}
-
-configure<IdeaModel> {
-    module {
-        // mark as generated sources for IDEA
-        generatedSourceDirs.add(File("${generatedProtoBaseDir}/main/java"))
-    }
-}
-
-dependencies {
-    providedByBundle(project(":idscp2"))
-
-    providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
-
-    // Supplied by ids-infomodel-manager
-    publishCompile("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
-    publishCompile("de.fraunhofer.iais.eis.ids", "infomodel-serializer", libraryVersions["infomodel"])
-}
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
deleted file mode 100644
index b6de93aed..000000000
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/AppLayerConnection.kt
+++ /dev/null
@@ -1,130 +0,0 @@
-package de.fhg.aisec.ids.idscp2.app_layer
-
-import com.google.protobuf.ByteString
-import de.fhg.aisec.ids.idscp2.app_layer.listeners.GenericMessageListener
-import de.fhg.aisec.ids.idscp2.app_layer.listeners.IdsMessageListener
-import de.fhg.aisec.ids.idscp2.app_layer.messages.AppLayer
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2MessageListener
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fraunhofer.iais.eis.Message
-import org.slf4j.LoggerFactory
-import java.util.*
-
-class AppLayerConnection private constructor(private val idscp2Connection: Idscp2Connection) :
-        Idscp2Connection by idscp2Connection {
-    private val idscp2MessageListener: Idscp2MessageListener = Idscp2MessageListener { _, data ->
-        try {
-            val appLayerMessage = AppLayer.AppLayerMessage.parseFrom(data)
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received AppLayerMessage ${appLayerMessage.messageCase}")
-            }
-            when (appLayerMessage.messageCase) {
-                AppLayer.AppLayerMessage.MessageCase.GENERICMESSAGE -> {
-                    genericMessageListeners.forEach { listener ->
-                        val genericMessage = appLayerMessage.genericMessage
-                        listener.onMessage(
-                                this,
-                                genericMessage.header,
-                                genericMessage.payload?.toByteArray())
-                    }
-                }
-                AppLayer.AppLayerMessage.MessageCase.IDSMESSAGE -> {
-                    idsMessageListeners.forEach { listener ->
-                        val idsMessage = appLayerMessage.idsMessage
-                        listener.onMessage(
-                                this,
-                                idsMessage.header?.let {
-                                    Utils.SERIALIZER.deserialize(it, Message::class.java)
-                                },
-                                idsMessage.payload?.toByteArray())
-                    }
-                }
-                else -> LOG.warn("Unknown IDSCP2 app layer message type encountered.")
-            }
-        } catch (e: Exception) {
-            LOG.error("Error processing AppLayerMessage", e)
-        }
-    }
-    private val genericMessageListeners: MutableSet<GenericMessageListener> =
-            Collections.synchronizedSet(LinkedHashSet())
-    private val idsMessageListeners: MutableSet<IdsMessageListener> =
-            Collections.synchronizedSet(LinkedHashSet())
-
-    constructor(secureChannel: SecureChannel, settings: Idscp2Configuration) :
-            this(Idscp2ConnectionImpl(secureChannel, settings)) {
-        idscp2Connection.addMessageListener(idscp2MessageListener)
-    }
-
-    fun sendGenericMessage(header: String?, payload: ByteArray?) {
-        val message = AppLayer.AppLayerMessage.newBuilder()
-                .setGenericMessage(AppLayer.GenericMessage.newBuilder()
-                        .also {
-                            if (header != null) {
-                                it.header = header
-                            }
-                            if (payload != null) {
-                                it.payload = ByteString.copyFrom(payload)
-                            }
-                        }
-                        .build())
-                .build()
-        idscp2Connection.nonBlockingSend(message.toByteArray())
-    }
-
-    fun addGenericMessageListener(listener: GenericMessageListener) {
-        genericMessageListeners += listener
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Added GenericMessageListener $listener for connection {}", idscp2Connection.id)
-        }
-    }
-
-    fun removeGenericMessageListener(listener: GenericMessageListener) = genericMessageListeners.remove(listener)
-
-    fun sendIdsMessage(header: Message?, payload: ByteArray?, sendTimeout: Long = DEFAULT_TIMEOUT) {
-        val message = AppLayer.AppLayerMessage.newBuilder()
-                .setIdsMessage(AppLayer.IdsMessage.newBuilder()
-                        .also {
-                            if (header != null) {
-                                it.header = Utils.SERIALIZER.serialize(header)
-                            }
-                            if (payload != null) {
-                                it.payload = ByteString.copyFrom(payload)
-                            }
-                        }
-                        .build())
-                .build()
-        idscp2Connection.blockingSend(message.toByteArray(), sendTimeout)
-    }
-
-    fun addIdsMessageListener(listener: IdsMessageListener) {
-        idsMessageListeners += listener
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Added IdsMessageListener $listener for connection {}", idscp2Connection.id)
-        }
-    }
-
-    fun removeIdsMessageListener(listener: IdsMessageListener) = idsMessageListeners.remove(listener)
-
-    override fun toString(): String {
-        return "AppLayerConnection($id)"
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(AppLayerConnection::class.java)
-        private val appLayerConnections = Collections.synchronizedMap(
-                WeakHashMap<Idscp2Connection, AppLayerConnection>())
-        private const val DEFAULT_TIMEOUT = 10000L
-
-        fun from(idscp2Connection: Idscp2Connection): AppLayerConnection {
-            return if (idscp2Connection is AppLayerConnection) {
-                idscp2Connection
-            } else {
-                appLayerConnections.computeIfAbsent(idscp2Connection) { AppLayerConnection(it) }
-            }
-        }
-    }
-
-}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/Utils.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/Utils.kt
deleted file mode 100644
index b44752372..000000000
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/Utils.kt
+++ /dev/null
@@ -1,7 +0,0 @@
-package de.fhg.aisec.ids.idscp2.app_layer
-
-import de.fraunhofer.iais.eis.ids.jsonld.Serializer
-
-object Utils {
-    val SERIALIZER: Serializer by lazy { Serializer() }
-}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
deleted file mode 100644
index 1cab320d1..000000000
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/GenericMessageListener.kt
+++ /dev/null
@@ -1,7 +0,0 @@
-package de.fhg.aisec.ids.idscp2.app_layer.listeners
-
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-
-fun interface GenericMessageListener {
-    fun onMessage(connection: AppLayerConnection, header: String?, payload: ByteArray?)
-}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/IdsMessageListener.kt b/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/IdsMessageListener.kt
deleted file mode 100644
index 86b8ab1e6..000000000
--- a/idscp2-app-layer/src/main/kotlin/de/fhg/aisec/ids/idscp2/app_layer/listeners/IdsMessageListener.kt
+++ /dev/null
@@ -1,8 +0,0 @@
-package de.fhg.aisec.ids.idscp2.app_layer.listeners
-
-import de.fhg.aisec.ids.idscp2.app_layer.AppLayerConnection
-import de.fraunhofer.iais.eis.Message
-
-fun interface IdsMessageListener {
-    fun onMessage(connection: AppLayerConnection, header: Message?, payload: ByteArray?)
-}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/proto/idscp2-app.proto b/idscp2-app-layer/src/main/proto/idscp2-app.proto
deleted file mode 100644
index ed39d755b..000000000
--- a/idscp2-app-layer/src/main/proto/idscp2-app.proto
+++ /dev/null
@@ -1,24 +0,0 @@
-syntax = "proto3";
-option java_package = "de.fhg.aisec.ids.idscp2.app_layer.messages";
-option java_outer_classname = "AppLayer";
-
-message AppLayerMessage {
-  oneof message {
-    GenericMessage genericMessage = 1;
-    IdsMessage idsMessage = 2;
-  }
-}
-
-message GenericMessage {
-  // Arbitrary header string
-  string header = 1;
-  // The actual, generic message payload
-  bytes payload = 2;
-}
-
-message IdsMessage {
-  // Arbitrary header string
-  string header = 1;
-  // The actual, generic message payload
-  bytes payload = 2;
-}
\ No newline at end of file
diff --git a/idscp2-app-layer/src/main/resources/simplelogger.properties b/idscp2-app-layer/src/main/resources/simplelogger.properties
deleted file mode 100644
index eafa2b0f4..000000000
--- a/idscp2-app-layer/src/main/resources/simplelogger.properties
+++ /dev/null
@@ -1 +0,0 @@
-org.slf4j.simpleLogger.defaultLogLevel=debug
\ No newline at end of file
diff --git a/idscp2/LICENSE.txt b/idscp2/LICENSE.txt
deleted file mode 100644
index 261eeb9e9..000000000
--- a/idscp2/LICENSE.txt
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/idscp2/README.md b/idscp2/README.md
deleted file mode 100644
index 9874e883f..000000000
--- a/idscp2/README.md
+++ /dev/null
@@ -1 +0,0 @@
-The _idscp2_ implements the second version of the IDS Communication Protocol
diff --git a/idscp2/bnd.bnd b/idscp2/bnd.bnd
deleted file mode 100644
index 5d2814ee7..000000000
--- a/idscp2/bnd.bnd
+++ /dev/null
@@ -1,8 +0,0 @@
-Bundle-Name: IDS :: IDSCP2 App Layer
-Bundle-Description: IDSCP2 application layer implementation
-Export-Package:\
-    kotlinx.coroutines*,\
-    de.fhg.aisec.ids.idscp2*
-Import-Package:\
-    !android.os*,\
-    *
\ No newline at end of file
diff --git a/idscp2/build.gradle.kts b/idscp2/build.gradle.kts
deleted file mode 100644
index b2819336d..000000000
--- a/idscp2/build.gradle.kts
+++ /dev/null
@@ -1,49 +0,0 @@
-import com.google.protobuf.gradle.protobuf
-import org.gradle.plugins.ide.idea.model.IdeaModel
-
-@Suppress("UNCHECKED_CAST") val libraryVersions =
-        rootProject.ext.get("libraryVersions") as Map<String, String>
-
-version = libraryVersions["idscp2"] ?: error("IDSCP2 version not specified")
-
-apply(plugin = "com.google.protobuf")
-apply(plugin = "idea")
-
-val generatedProtoBaseDir = "${projectDir}/generated"
-
-protobuf {
-    generatedFilesBaseDir = generatedProtoBaseDir
-}
-
-tasks.named("clean") {
-    doLast {
-        delete(generatedProtoBaseDir)
-    }
-}
-
-configure<IdeaModel> {
-    module {
-        // mark as generated sources for IDEA
-        generatedSourceDirs.add(File("${generatedProtoBaseDir}/main/java"))
-    }
-}
-
-dependencies {
-    // For standalone running of examples
-    publishCompile("org.jetbrains.kotlin", "kotlin-stdlib-jdk8", libraryVersions["kotlin"])
-    publishCompile("org.jetbrains.kotlinx", "kotlinx-coroutines-core", libraryVersions["kotlinxCoroutines"])
-
-    providedByBundle("com.github.microsoft", "TSS.Java", libraryVersions["tssJava"])
-
-    providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
-
-    providedByBundle("io.jsonwebtoken", "jjwt-impl", libraryVersions["jsonwebtoken"])
-    providedByBundle("io.jsonwebtoken", "jjwt-jackson", libraryVersions["jsonwebtoken"])
-    providedByBundle("io.jsonwebtoken", "jjwt-api", libraryVersions["jsonwebtoken"])
-    providedByBundle("org.json", "json", libraryVersions["orgJson"])
-    providedByBundle("org.bitbucket.b_c", "jose4j", libraryVersions["jose4j"])
-    providedByBundle("com.squareup.okhttp3", "okhttp", libraryVersions["okhttp"])
-
-    testImplementation("junit", "junit", libraryVersions["junit4"])
-    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
-}
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
deleted file mode 100644
index 2c9e9e870..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriver.kt
+++ /dev/null
@@ -1,358 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.daps
-
-import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.error.DatException
-import io.jsonwebtoken.Jwts
-import io.jsonwebtoken.SignatureAlgorithm
-import okhttp3.FormBody
-import okhttp3.OkHttpClient
-import okhttp3.Request
-import okhttp3.RequestBody
-import org.bouncycastle.asn1.ASN1OctetString
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier
-import org.bouncycastle.asn1.x509.Extension
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier
-import org.jose4j.http.Get
-import org.jose4j.jwa.AlgorithmConstraints
-import org.jose4j.jwk.HttpsJwks
-import org.jose4j.jws.AlgorithmIdentifiers
-import org.jose4j.jwt.JwtClaims
-import org.jose4j.jwt.NumericDate
-import org.jose4j.jwt.consumer.JwtConsumerBuilder
-import org.jose4j.keys.resolvers.HttpsJwksVerificationKeyResolver
-import org.json.JSONObject
-import org.slf4j.LoggerFactory
-import java.io.IOException
-import java.nio.charset.StandardCharsets
-import java.security.Key
-import java.security.KeyManagementException
-import java.security.NoSuchAlgorithmException
-import java.security.cert.X509Certificate
-import java.time.Instant
-import java.util.*
-import java.util.concurrent.TimeUnit
-import javax.net.ssl.SSLContext
-import javax.net.ssl.SSLSocketFactory
-import javax.net.ssl.X509ExtendedTrustManager
-
-/**
- * Default DAPS Driver Implementation for requesting valid dynamicAttributeToken and verifying DAT
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- * @author Gerd Brost (gerd.brost@aisec.fraunhofer.de)
- */
-class DefaultDapsDriver(config: DefaultDapsDriverConfig) : DapsDriver {
-    private var sslSocketFactory: SSLSocketFactory
-    private var securityRequirements: SecurityRequirements? = config.securityRequirements
-    private val trustManager: X509ExtendedTrustManager
-    private val privateKey: Key = PreConfiguration.getKey(
-                    config.keyStorePath,
-                    config.keyStorePassword,
-                    config.keyAlias,
-                    config.keyPassword
-            )
-    private val dapsUrl: String = config.dapsUrl
-    private val cert: X509Certificate = PreConfiguration.getCertificate(
-            config.keyStorePath,
-            config.keyStorePassword,
-            config.keyAlias)  //get http response from DAPS
-
-    init {
-        //create ssl socket factory for secure
-        val trustManagers = PreConfiguration.getX509ExtTrustManager(
-                config.trustStorePath,
-                config.trustStorePassword
-        )
-        trustManager = trustManagers[0] as X509ExtendedTrustManager
-        sslSocketFactory = try {
-            val sslContext = SSLContext.getInstance("TLS")
-            sslContext.init(null, trustManagers, null)
-            sslContext.socketFactory
-        } catch (e: NoSuchAlgorithmException) {
-            LOG.error("Cannot init DefaultDapsDriver: {}", e.toString())
-            throw RuntimeException(e)
-        } catch (e: KeyManagementException) {
-            LOG.error("Cannot init DefaultDapsDriver: {}", e.toString())
-            throw RuntimeException(e)
-        }
-    }
-
-    /**
-     * Receive the signed and valid dynamic attribute token from the DAPS
-     *
-     * @throws DatException
-     */
-    override val token: ByteArray
-        get() {
-            val token: String
-            LOG.info("Retrieving Dynamic Attribute Token from Daps ...")
-
-            //Create connectorUUID
-            // Get AKI
-            //GET 2.5.29.14	SubjectKeyIdentifier / 2.5.29.35	AuthorityKeyIdentifier
-            val akiOid = Extension.authorityKeyIdentifier.id
-            val rawAuthorityKeyIdentifier = cert.getExtensionValue(akiOid)
-            val akiOc = ASN1OctetString.getInstance(rawAuthorityKeyIdentifier)
-            val aki = AuthorityKeyIdentifier.getInstance(akiOc.octets)
-            val authorityKeyIdentifier = aki.keyIdentifier
-
-            //GET SKI
-            val skiOid = Extension.subjectKeyIdentifier.id
-            val rawSubjectKeyIdentifier = cert.getExtensionValue(skiOid)
-            val ski0c = ASN1OctetString.getInstance(rawSubjectKeyIdentifier)
-            val ski = SubjectKeyIdentifier.getInstance(ski0c.octets)
-            val subjectKeyIdentifier = ski.keyIdentifier
-            val akiResult = encodeHexString(authorityKeyIdentifier, true).toUpperCase()
-            val skiResult = encodeHexString(subjectKeyIdentifier, true).toUpperCase()
-            if (LOG.isDebugEnabled) {
-                LOG.debug("AKI: $akiResult")
-                LOG.debug("SKI: $skiResult")
-            }
-            val connectorUUID = skiResult + "keyid:" + akiResult.substring(0, akiResult.length - 1)
-            if (LOG.isDebugEnabled) {
-                LOG.debug("ConnectorUUID: $connectorUUID")
-                LOG.debug("Retrieving Dynamic Attribute Token...")
-            }
-
-            //create signed JWT
-            val expiration = Date.from(Instant.now().plusSeconds(86400))
-            val issuedAt = Date.from(Instant.now())
-            val notBefore = Date.from(Instant.now())
-
-            val jwt = Jwts.builder()
-                    .setIssuer(connectorUUID)
-                    .setSubject(connectorUUID)
-                    .claim("@context", "https://w3id.org/idsa/contexts/context.jsonld")
-                    .claim("@type", "ids:DatRequestToken")
-                    .setExpiration(expiration)
-                    .setIssuedAt(issuedAt)
-                    .setNotBefore(notBefore)
-                    .setAudience(TARGET_AUDIENCE)
-                    .signWith(privateKey, SignatureAlgorithm.RS256)
-                    .compact()
-
-            //build http client and request for DAPS
-            val formBody: RequestBody = FormBody.Builder()
-                    .add("grant_type", "client_credentials")
-                    .add(
-                            "client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
-                    .add("client_assertion", jwt)
-                    .add("scope", "idsc:IDS_CONNECTOR_ATTRIBUTES_ALL")
-                    .build()
-            val client = OkHttpClient.Builder()
-                    .sslSocketFactory(sslSocketFactory, trustManager)
-                    .connectTimeout(15, TimeUnit.SECONDS)
-                    .writeTimeout(15, TimeUnit.SECONDS)
-                    .readTimeout(15, TimeUnit.SECONDS)
-                    .build()
-            val request = Request.Builder()
-                    .url("$dapsUrl/v2/token")
-                    .post(formBody)
-                    .build()
-            return try {
-                //get http response from DAPS
-                val response = client.newCall(request).execute()
-
-                //check for valid response
-                if (!response.isSuccessful) {
-                    LOG.error("Failed to request token issued with parameters: Issuer: {}, Subject: {}, " +
-                            "Expiration: {}, IssuedAt: {}, NotBefore: {}, Audience: {}",
-                            connectorUUID,
-                            connectorUUID,
-                            expiration,
-                            issuedAt,
-                            notBefore,
-                            TARGET_AUDIENCE)
-                    throw DatException("Received non-200 http response: " + response.code())
-                }
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Acquired DAT from {}/v2/token", dapsUrl)
-                }
-                val json = JSONObject(response.body()?.string()
-                    ?: throw DatException("Received empty DAPS response"))
-                if (json.has("access_token")) {
-                    token = json.getString("access_token")
-                    if (LOG.isDebugEnabled) {
-                        LOG.debug("Received DAT from DAPS: {}", token)
-                    }
-                } else if (json.has("error")) {
-                    throw DatException("DAPS reported error: " + json.getString("error"))
-                } else {
-                    throw DatException("DAPS response does not contain \"access_token\" or \"error\" field.")
-                }
-                verifyTokenSecurityAttributes(token.toByteArray(StandardCharsets.UTF_8), null)
-                token.toByteArray(StandardCharsets.UTF_8)
-            } catch (e: IOException) {
-                throw DatException("Error whilst retrieving DAT", e)
-            }
-        }
-
-    /**
-     * Update the security requirements of the DAPS (This might be caused by changes in the connector configuration)
-     */
-    fun updateSecurityRequirements(securityRequirements: SecurityRequirements?) {
-        this.securityRequirements = securityRequirements
-    }
-
-    /**
-     * Public verifyToken API, used from the IDSCPv2 protocol. Security requirements are used from the DAPS config
-     *
-     * @return The number of seconds this DAT is valid
-     * @throws DatException
-     */
-    override fun verifyToken(dat: ByteArray): Long {
-        return verifyTokenSecurityAttributes(dat, securityRequirements)
-    }
-
-    /**
-     * Verify a given dynamic attribute token, given the security attributes as parameter. This is used for IDSCPv1
-     * legacy implementation and for internal purpose
-     *
-     * If the security requirements is not null and an instance of the SecurityRequirements class
-     * the method will also check the provided security attributes of the connector that belongs
-     * to the provided DAT
-     *
-     * @return The number of seconds this DAT is valid
-     * @throws DatException
-     */
-    fun verifyTokenSecurityAttributes(dat: ByteArray, securityRequirements: Any?): Long {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Verifying dynamic attribute token...")
-        }
-
-        // Get JsonWebKey JWK from JsonWebKeyStore JWKS using DAPS JWKS endpoint
-        val httpsJwks = HttpsJwks("$dapsUrl/.well-known/jwks.json")
-        val getInstance = Get()
-        getInstance.setSslSocketFactory(sslSocketFactory)
-        httpsJwks.setSimpleHttpGet(getInstance)
-
-        // create new jwks key resolver, selects jwk based on key ID in jwt header
-        val jwksKeyResolver = HttpsJwksVerificationKeyResolver(httpsJwks)
-
-        //create validation requirements
-        val jwtConsumer = JwtConsumerBuilder()
-                .setRequireExpirationTime() // has expiration time
-                .setAllowedClockSkewInSeconds(30) // leeway in validation time
-                .setRequireSubject() // has subject
-                .setExpectedAudience(true, "IDS_Connector", TARGET_AUDIENCE)
-                .setExpectedIssuer(dapsUrl) // e.g. https://daps.aisec.fraunhofer.de
-                .setVerificationKeyResolver(jwksKeyResolver) //get decryption key from jwks
-                .setJweAlgorithmConstraints(
-                        AlgorithmConstraints(
-                                AlgorithmConstraints.ConstraintType.WHITELIST,
-                                AlgorithmIdentifiers.RSA_USING_SHA256
-                        )
-                )
-                .build()
-        val validityTime: Long
-        val claims: JwtClaims
-        try {
-            claims = jwtConsumer.processToClaims(String(dat, StandardCharsets.UTF_8))
-            val expTime = claims.expirationTime
-            validityTime = expTime.value - NumericDate.now().value
-        } catch (e: Exception) {
-            throw DatException("Error during claims processing", e)
-        }
-
-        //check security requirements
-        if (securityRequirements != null) {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Validate security attributes")
-            }
-            if (securityRequirements !is SecurityRequirements) {
-                throw DatException("Invalid security requirements format. Expected " +
-                        SecurityRequirements::class.java.name)
-            }
-            val securityLevel = parseSecurityRequirements(claims.toJson()).requiredSecurityLevel
-                    ?: throw DatException("No security profile provided")
-            when (securityRequirements.requiredSecurityLevel) {
-                "idsc:BASE_CONNECTOR_SECURITY_PROFILE" -> {
-                    if (securityLevel != "idsc:BASE_CONNECTOR_SECURITY_PROFILE"
-                            && securityLevel != "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE"
-                            && securityLevel != "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE") {
-                        throw DatException(
-                                "Client does not support any valid trust profile: Required: "
-                                        + securityRequirements.requiredSecurityLevel
-                                        + " given: "
-                                        + securityLevel)
-                    }
-                }
-                "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE" -> {
-                    if (securityLevel != "idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE"
-                            && securityLevel != "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE") {
-                        throw DatException(
-                                "Client does not support any valid trust profile: Required: "
-                                        + securityRequirements.requiredSecurityLevel
-                                        + " given: "
-                                        + securityLevel)
-                    }
-                }
-                "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE" -> {
-                    if (securityLevel != "idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE") {
-                        throw DatException(
-                                "Client does not support any valid trust profile: Required: "
-                                        + securityRequirements.requiredSecurityLevel
-                                        + " given: "
-                                        + securityLevel)
-                    }
-                }
-                else -> throw DatException(
-                        "Client does not support any valid trust profile: Required: "
-                                + securityRequirements.requiredSecurityLevel
-                                + " given: "
-                                + securityLevel)
-            }
-        }
-        LOG.debug("DAT is valid")
-        return validityTime
-    }
-
-    private fun parseSecurityRequirements(dat: String): SecurityRequirements {
-        val asJson = JSONObject(dat)
-        if (!asJson.has("securityProfile")) {
-            throw DatException("DAT does not contain securityProfile")
-        }
-        return SecurityRequirements.Builder()
-                .setRequiredSecurityLevel(asJson.getString("securityProfile"))
-                .build()
-    }
-
-    /**
-     * Convert byte to hexadecimal chars without any dependencies to libraries.
-     * @param num Byte to get hexadecimal representation for
-     * @return The hexadecimal representation of the given byte value
-     */
-    private fun byteToHex(num: Int): CharArray {
-        val hexDigits = CharArray(2)
-        hexDigits[0] = Character.forDigit(num shr 4 and 0xF, 16)
-        hexDigits[1] = Character.forDigit(num and 0xF, 16)
-        return hexDigits
-    }
-
-    /**
-     * Lookup table for encodeHexString()
-     */
-    private val hexLookup = HashMap<Byte, CharArray>()
-
-    /**
-     * Encode a byte array to a hex string
-     * @param byteArray Byte array to get hexadecimal representation for
-     * @return Hexadecimal representation of the given bytes
-     */
-    private fun encodeHexString(byteArray: ByteArray, beautify: Boolean): String {
-        val sb = StringBuilder()
-        for (b in byteArray) {
-            sb.append(hexLookup.computeIfAbsent(b) { num: Byte -> byteToHex(num.toInt()) })
-            if (beautify) {
-                sb.append(':')
-            }
-        }
-        return sb.toString()
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(DefaultDapsDriver::class.java)
-        private const val TARGET_AUDIENCE = "idsc:IDS_CONNECTORS_ALL"
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt
deleted file mode 100644
index 6cd372475..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/DefaultDapsDriverConfig.kt
+++ /dev/null
@@ -1,74 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.daps
-
-import java.nio.file.Path
-import java.nio.file.Paths
-
-/**
- * A Configuration class for the DefaultDapsDriver
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class DefaultDapsDriverConfig {
-    var dapsUrl = "https://daps.aisec.fraunhofer.de"
-        private set
-    var keyStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
-        private set
-    var keyStorePassword: CharArray = "password".toCharArray()
-        private set
-    var keyAlias = "1"
-        private set
-    var keyPassword: CharArray = "password".toCharArray()
-        private set
-    var trustStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
-        private set
-    var trustStorePassword: CharArray = "password".toCharArray()
-        private set
-    var securityRequirements: SecurityRequirements? = null
-
-    class Builder {
-        private val config = DefaultDapsDriverConfig()
-        fun setDapsUrl(dapsUrl: String): Builder {
-            config.dapsUrl = dapsUrl
-            return this
-        }
-
-        fun setKeyStorePath(path: Path): Builder {
-            config.keyStorePath = path
-            return this
-        }
-
-        fun setKeyStorePassword(password: CharArray): Builder {
-            config.keyStorePassword = password
-            return this
-        }
-
-        fun setKeyAlias(alias: String): Builder {
-            config.keyAlias = alias
-            return this
-        }
-
-        fun setKeyPassword(password: CharArray): Builder {
-            config.keyPassword = password
-            return this
-        }
-
-        fun setTrustStorePath(path: Path): Builder {
-            config.trustStorePath = path
-            return this
-        }
-
-        fun setTrustStorePassword(password: CharArray): Builder {
-            config.trustStorePassword = password
-            return this
-        }
-
-        fun setSecurityRequirements(securityRequirements: SecurityRequirements): Builder {
-            config.securityRequirements = securityRequirements
-            return this
-        }
-
-        fun build(): DefaultDapsDriverConfig {
-            return config
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
deleted file mode 100644
index 90fecf055..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/NullDaps.kt
+++ /dev/null
@@ -1,16 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.daps
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-
-/**
- * NullDaps for testing purpose only
- */
-class NullDaps : DapsDriver {
-
-    override val token: ByteArray
-        get() =  "This dummy token is generated by 'NullDAPS' driver! Do not depend on it!".toByteArray()
-
-    override fun verifyToken(dat: ByteArray): Long {
-        return 100 // DA is always valid for 100 seconds
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/SecurityRequirements.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/SecurityRequirements.kt
deleted file mode 100644
index 95dc5579d..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/daps/SecurityRequirements.kt
+++ /dev/null
@@ -1,24 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.daps
-
-/**
- * A Security-Requirements class using Builder pattern to store the connectors expected
- * security attributes e.g. Audit Logging
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class SecurityRequirements {
-    var requiredSecurityLevel: String? = null
-        private set
-
-    class Builder {
-        private val requirements = SecurityRequirements()
-        fun setRequiredSecurityLevel(requiredSecurityLevel: String?): Builder {
-            requirements.requiredSecurityLevel = requiredSecurityLevel
-            return this
-        }
-
-        fun build(): SecurityRequirements {
-            return requirements
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt
deleted file mode 100644
index 0a10fc2e9..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/CustomX509ExtendedKeyManager.kt
+++ /dev/null
@@ -1,157 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.keystores
-
-import org.slf4j.LoggerFactory
-import java.net.Socket
-import java.security.Principal
-import java.security.PrivateKey
-import java.security.cert.X509Certificate
-import java.util.*
-import javax.net.ssl.SSLEngine
-import javax.net.ssl.X509ExtendedKeyManager
-
-/**
- * A custom X590ExtendedKeyManager, that allows to choose a TrustStore entry by a given certificate alias and
- * delegates all other function calls to given default X509ExtendedKeyManager
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class CustomX509ExtendedKeyManager internal constructor(
-        private val certAlias: String,
-        private val keyType: String,
-        private val delegate: X509ExtendedKeyManager) : X509ExtendedKeyManager() {
-    // server and client aliases are cached in a private context (in entryCacheMap) by the X509ExtendedKeyManager
-    // implementation. Therefore, getServerAliases() / getClientAliases() returns only uncached aliases since the
-    // update on java 11. As we have to check in chooseClientAliases() and chooseServerAlias() if the alias exists in
-    // the keystore and we cannot access the cached aliases without an overwritten X509KeyManagerImpl instance, we will
-    // also cache the aliases and its properties in the following HashMap.
-    private val cachedAliases = HashMap<String, CachedAliasValue?>()
-
-    override fun getClientAliases(keyType: String, issuers: Array<Principal>?): Array<String> {
-        val clientAliases = delegate.getClientAliases(keyType, issuers)
-        for (alias in clientAliases) {
-            // TODO get issuer
-            cachedAliases.putIfAbsent(alias, CachedAliasValue(keyType, null))
-        }
-        return clientAliases
-    }
-
-    /** returns an existing certAlias that matches one of the given KeyTypes, or null;
-    called only by client in TLS handshake */
-    override fun chooseClientAlias(keyTypes: Array<String>, issuers: Array<Principal>?, socket: Socket): String? {
-        if (listOf(*keyTypes).contains(keyType)) {
-            if (cachedAliases[certAlias]?.match(keyType, issuers) == true
-                    || listOf(*getClientAliases(keyType, issuers)).contains(certAlias)) {
-                if (LOG.isTraceEnabled) {
-                    LOG.trace("CertificateAlias is {}", certAlias)
-                }
-                return certAlias
-            } else {
-                if (LOG.isTraceEnabled) {
-                    LOG.trace("certAlias '{}' was not found in keystore", certAlias)
-                }
-            }
-        } else if (LOG.isTraceEnabled) {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Different keyType '{}' in chooseClientAlias() in CustomX509ExtendedKeyManager, expected '{}'",
-                        keyType, this.keyType)
-            }
-        }
-        return null
-    }
-
-    override fun getServerAliases(keyType: String, issuers: Array<Principal>?): Array<String> {
-        val serverAliases = delegate.getServerAliases(keyType, issuers)
-        for (alias in serverAliases) {
-            // TODO get issuer
-            cachedAliases.putIfAbsent(alias, CachedAliasValue(keyType, null))
-        }
-        return serverAliases
-    }
-
-    /**
-     * returns an existing certAlias that matches the given KeyType, or null;
-     * called only by server in TLS handshake
-     */
-    override fun chooseServerAlias(keyType: String, issuers: Array<Principal>?, socket: Socket): String? {
-        if (keyType == this.keyType) {
-            if (cachedAliases[certAlias]?.match(keyType, issuers) == true
-                    || listOf(*getServerAliases(keyType, issuers)).contains(certAlias)) {
-                if (LOG.isTraceEnabled) {
-                    LOG.trace("CertificateAlias is {}", certAlias)
-                }
-                return certAlias
-            } else {
-                if (LOG.isTraceEnabled) {
-                    LOG.trace("certAlias '{}' was not found in keystore", certAlias)
-                }
-            }
-        } else if (LOG.isTraceEnabled) {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Different keyType '{}' in chooseServerAlias() in CustomX509ExtendedKeyManager, expected '{}'",
-                        keyType, this.keyType)
-            }
-        }
-        return null
-    }
-
-    /** returns the certificate chain of a given certificateAlias;
-     * called by client and server in TLS Handshake after alias was chosen
-     */
-    override fun getCertificateChain(certAlias: String): Array<X509Certificate>? {
-        return if (certAlias == this.certAlias) {
-            delegate.getCertificateChain(certAlias)
-        } else {
-                LOG.warn("Different certAlias '{}' in getCertificateChain() in class X509ExtendedKeyManager, " +
-                        "expected: '{}'", certAlias, this.certAlias)
-            null
-        }
-    }
-
-    /** returns a privateKey of a given certificateAlias;
-     *  called by client and server in TLS Handshake after alias was chosen */
-    override fun getPrivateKey(certAlias: String): PrivateKey? {
-        return if (certAlias == this.certAlias) {
-            delegate.getPrivateKey(certAlias)
-        } else {
-                LOG.warn("Different certAlias '{}' in getPrivateKey() in class X509ExtendedKeyManager, expected '{}'",
-                        certAlias, this.certAlias)
-
-            null
-        }
-    }
-
-    override fun chooseEngineClientAlias(keyType: Array<String>, issuers: Array<Principal>, sslEngine: SSLEngine): String {
-        return delegate.chooseEngineClientAlias(keyType, issuers, sslEngine)
-    }
-
-    override fun chooseEngineServerAlias(keyType: String, issuers: Array<Principal>, sslEngine: SSLEngine): String {
-        return delegate.chooseEngineServerAlias(keyType, issuers, sslEngine)
-    }
-
-    /**
-     * @param keyType Name of the algorithm associated with the key
-     * @param issuer The certificate issuer
-     */
-    private class CachedAliasValue(
-            private val keyType: String,
-            private val issuer: Principal?) {
-        /**
-         * This method is called for a given certificate alias and checks if the corresponding
-         * cached alias entry (contains keytype for certAlias and issuer of thee certificate)
-         * matches the requested conditions in the TLS handshake.
-         *
-         * It must enforce checking if the certAlias belongs to a valid key algorithm type name,
-         * e.g. 'RSA' or 'EC' and it must check if the certificate issuer is one of the accepted
-         * issuer from the given principals list.
-         *
-         * returns true, if the keyAlias fulfills the requirements
-         */
-        // FIXME currently all issuers are allowed
-        fun match(keyType: String, issuers: Array<Principal>?) =
-                this.keyType == keyType && (issuers == null || listOf(*issuers).contains(issuer))
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(CustomX509ExtendedKeyManager::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
deleted file mode 100644
index 64669030d..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/keystores/PreConfiguration.kt
+++ /dev/null
@@ -1,211 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.keystores
-
-import org.slf4j.LoggerFactory
-import java.io.IOException
-import java.nio.file.Files
-import java.nio.file.Path
-import java.security.*
-import java.security.cert.CertificateException
-import java.security.cert.X509Certificate
-import javax.net.ssl.*
-
-/**
- * A class for creating pre-configured TrustManagers and KeyManagers for TLS Server and TLS Client
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-object PreConfiguration {
-    private val LOG = LoggerFactory.getLogger(PreConfiguration::class.java)
-    @Throws(KeyStoreException::class, IOException::class, CertificateException::class, NoSuchAlgorithmException::class)
-    fun loadKeyStore(keyStorePath: Path, keyStorePassword: CharArray): KeyStore {
-        val ks: KeyStore
-        val pathString = keyStorePath.toString()
-        ks = when {
-            pathString.endsWith(".jks") -> {
-                KeyStore.getInstance("JKS")
-            }
-            pathString.endsWith(".p12") -> {
-                KeyStore.getInstance("PKCS12")
-            }
-            else -> {
-                throw KeyStoreException("Unknown file extension \"" +
-                        pathString.substring(pathString.lastIndexOf('.')) +
-                        "\", only JKS (.jks) and PKCS12 (.p12) are supported.")
-            }
-        }
-        Files.newInputStream(keyStorePath).use { keyStoreInputStream ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Loading key store: $pathString")
-            }
-            ks.load(keyStoreInputStream, keyStorePassword)
-        }
-        return ks
-    }
-
-    /*
-     * Get a secure X509ExtendedTrustManager for the SslContext
-     *
-     * throws IllegalStateException if number of available X509TrustManager is not one
-     * throws RuntimeException of creating TrustManager fails
-     */
-    fun getX509ExtTrustManager(
-            trustStorePath: Path,
-            trustStorePassword: CharArray
-    ): Array<TrustManager> {
-        return try {
-            /* create TrustManager */
-            val myTrustManager: Array<TrustManager>
-            val trustStore = loadKeyStore(trustStorePath, trustStorePassword)
-            val trustManagerFactory = TrustManagerFactory.getInstance("PKIX") //PKIX from SunJSSE
-            trustManagerFactory.init(trustStore)
-            myTrustManager = trustManagerFactory.trustManagers
-
-            /* set up TrustManager config */
-            //allow only X509 Authentication
-            if (myTrustManager.size == 1 && myTrustManager[0] is X509ExtendedTrustManager) {
-                //toDo algorithm constraints
-                myTrustManager
-            } else {
-                throw IllegalStateException("Unexpected default trust managers:" + myTrustManager.contentToString())
-            }
-        } catch (e: KeyStoreException) {
-            throw RuntimeException(e)
-        } catch (e: IOException) {
-            throw RuntimeException(e)
-        } catch (e: NoSuchAlgorithmException) {
-            throw RuntimeException(e)
-        } catch (e: CertificateException) {
-            throw RuntimeException(e)
-        }
-    }
-
-    /*
-     * Get a secure X509ExtendedKeyManager for the SslContext
-     *
-     * throws IllegalStateException if number of available X509KeyManager is not one
-     * throws RuntimeException of creating KeyManager fails
-     */
-    fun getX509ExtKeyManager(
-            keyPassword: CharArray,
-            keyStorePath: Path,
-            keyStorePassword: CharArray,
-            certAlias: String,
-            keyType: String
-    ): Array<KeyManager> {
-        return try {
-            /* create KeyManager for remote authentication */
-            val myKeyManager: Array<KeyManager>
-            val keystore = loadKeyStore(keyStorePath, keyStorePassword)
-            val keyManagerFactory = KeyManagerFactory.getInstance("PKIX") //PKIX from SunJSSE
-            keyManagerFactory.init(keystore, keyPassword)
-            myKeyManager = keyManagerFactory.keyManagers
-
-
-            /* set up keyManager config */
-            //allow only X509 Authentication
-            if (myKeyManager.size == 1 && myKeyManager[0] is X509ExtendedKeyManager) {
-                //select certificate alias
-                myKeyManager[0] = CustomX509ExtendedKeyManager(certAlias, keyType, myKeyManager[0] as X509ExtendedKeyManager)
-                myKeyManager
-            } else {
-                throw IllegalStateException(
-                        "Unexpected default key managers:" + myKeyManager.contentToString())
-            }
-        } catch (e: IOException) {
-            throw RuntimeException(e)
-        } catch (e: KeyStoreException) {
-            throw RuntimeException(e)
-        } catch (e: NoSuchAlgorithmException) {
-            throw RuntimeException(e)
-        } catch (e: UnrecoverableKeyException) {
-            throw RuntimeException(e)
-        } catch (e: CertificateException) {
-            throw RuntimeException(e)
-        }
-    }
-
-    /*
-     * Get a private key from a JKS Keystore
-     *
-     * throws RuntimeException if key is not available or key access was not permitted
-     */
-    fun getKey(
-            keyStorePath: Path,
-            keyStorePassword: CharArray,
-            keyAlias: String,
-            keyPassword: CharArray
-    ): Key {
-        return try {
-            val keyStore = loadKeyStore(keyStorePath, keyStorePassword)
-
-            // get private key
-            val key = keyStore.getKey(keyAlias, keyPassword)
-            key ?: throw RuntimeException("No key was found in keystore for given alias")
-        } catch (e: IOException) {
-            throw RuntimeException(e)
-        } catch (e: KeyStoreException) {
-            throw RuntimeException(e)
-        } catch (e: NoSuchAlgorithmException) {
-            throw RuntimeException(e)
-        } catch (e: CertificateException) {
-            throw RuntimeException(e)
-        } catch (e: UnrecoverableKeyException) {
-            throw RuntimeException(e)
-        }
-    }
-
-    /*
-     * Get the certificate from the key store
-     *
-     * throws RuntimeException if key is not available or key access was not permitted
-     */
-    fun getCertificate(
-            keyStorePath: Path,
-            keyStorePassword: CharArray,
-            keyAlias: String
-    ): X509Certificate {
-        return try {
-            val keystore = loadKeyStore(keyStorePath, keyStorePassword)
-            // get private key
-            val cert = keystore.getCertificate(keyAlias) as X509Certificate
-            // Probe key alias
-            keystore.getKey(keyAlias, keyStorePassword)
-            cert
-        } catch (e: IOException) {
-            throw RuntimeException(e)
-        } catch (e: KeyStoreException) {
-            throw RuntimeException(e)
-        } catch (e: NoSuchAlgorithmException) {
-            throw RuntimeException(e)
-        } catch (e: CertificateException) {
-            throw RuntimeException(e)
-        } catch (e: UnrecoverableKeyException) {
-            throw RuntimeException(e)
-        }
-    } /*
-     * This method can be used for filtering certificates in the trust store
-     * to avoid expired certificates
-     */
-    //    private static PKIXBuilderParameters filterTrustAnchors(KeyStore keyStore, Date validityUntilDate)
-    //            throws KeyStoreException, InvalidAlgorithmParameterException {
-    //        PKIXParameters params = new PKIXParameters(keyStore);
-    //
-    //        // Obtain CA root certificates
-    //        Set<TrustAnchor> myTrustAnchors = params.getTrustAnchors();
-    //
-    //        // Create new set of CA certificates that are still valid for specified date
-    //        Set<TrustAnchor> validTrustAnchors =
-    //                myTrustAnchors.stream().filter(
-    //                        ta -> {
-    //                            try {
-    //                                ta.getTrustedCert().checkValidity(validityUntilDate);
-    //                            } catch (CertificateException e) {
-    //                                return false;
-    //                            }
-    //                            return true;
-    //                        }).collect(Collectors.toSet());
-    //
-    //        // Create PKIXBuilderParameters parameters
-    //        return new PKIXBuilderParameters(validTrustAnchors, new X509CertSelector());
-    //    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
deleted file mode 100644
index 83dbe3bd8..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatProverDummy.kt
+++ /dev/null
@@ -1,53 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
-import org.slf4j.LoggerFactory
-import java.util.concurrent.BlockingQueue
-import java.util.concurrent.LinkedBlockingQueue
-
-/**
- * A RatProver dummy that exchanges rat messages with a remote RatVerifier
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class RatProverDummy(fsmListener: RatProverFsmListener) : RatProverDriver<Unit>(fsmListener) {
-    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
-    override fun delegate(message: ByteArray) {
-        queue.add(message)
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Delegated to prover")
-        }
-    }
-
-    override fun run() {
-        var countDown = 2
-        while (running) {
-            try {
-                sleep(1000)
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG,
-                        "test".toByteArray())
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Prover waits")
-                }
-                queue.take()
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Prover receives, send something")
-                }
-                if (--countDown == 0) break
-            } catch (e: InterruptedException) {
-                if (running) {
-                    fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
-                }
-                return
-            }
-        }
-        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK)
-    }
-
-    companion object {
-        const val RAT_PROVER_DUMMY_ID = "Dummy"
-        private val LOG = LoggerFactory.getLogger(RatProverDummy::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
deleted file mode 100644
index 9ca309df4..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/dummy/RatVerifierDummy.kt
+++ /dev/null
@@ -1,53 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
-import org.slf4j.LoggerFactory
-import java.util.concurrent.BlockingQueue
-import java.util.concurrent.LinkedBlockingQueue
-
-/**
- * A RatVerifier dummy that exchanges messages with a remote RatProver dummy
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class RatVerifierDummy(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<Unit>(fsmListener) {
-    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
-    override fun delegate(message: ByteArray) {
-        queue.add(message)
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Delegated to Verifier")
-        }
-    }
-
-    override fun run() {
-        var countDown = 2
-        while (running) {
-            try {
-                sleep(1000)
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Verifier waits")
-                }
-                queue.take()
-                if (LOG.isDebugEnabled) {
-                    LOG.debug("Verifier receives, send something")
-                }
-                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG,
-                        "test".toByteArray())
-                if (--countDown == 0) break
-            } catch (e: InterruptedException) {
-                if (running) {
-                    fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
-                }
-                return
-            }
-        }
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK)
-    }
-
-    companion object {
-        const val RAT_VERIFIER_DUMMY_ID = "Dummy"
-        private val LOG = LoggerFactory.getLogger(RatVerifierDummy::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
deleted file mode 100644
index ba1cddf3e..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatProver.kt
+++ /dev/null
@@ -1,43 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.`null`
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
-import org.slf4j.LoggerFactory
-import java.util.concurrent.BlockingQueue
-import java.util.concurrent.LinkedBlockingQueue
-
-/**
- * A RatProver that exchanges rat messages with a remote RatVerifier
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class NullRatProver(fsmListener: RatProverFsmListener) : RatProverDriver<Unit>(fsmListener) {
-    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
-
-    override fun delegate(message: ByteArray) {
-        queue.add(message)
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Delegated to prover")
-        }
-    }
-
-    override fun run() {
-        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG, "".toByteArray())
-        try {
-            queue.take()
-        } catch (e: InterruptedException) {
-            if (running) {
-                LOG.warn("NullRatProver failed")
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
-            }
-            return
-        }
-        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK)
-    }
-
-    companion object {
-        const val NULL_RAT_PROVER_ID = "NullRat"
-        private val LOG = LoggerFactory.getLogger(NullRatProver::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
deleted file mode 100644
index 1c216c985..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/null/NullRatVerifier.kt
+++ /dev/null
@@ -1,42 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.`null`
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
-import org.slf4j.LoggerFactory
-import java.util.concurrent.BlockingQueue
-import java.util.concurrent.LinkedBlockingQueue
-
-/**
- * A RatVerifier that exchanges messages with a remote RatProver dummy
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class NullRatVerifier(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<Unit>(fsmListener) {
-    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
-    override fun delegate(message: ByteArray) {
-        queue.add(message)
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Delegated to verifier")
-        }
-    }
-
-    override fun run() {
-        try {
-            queue.take()
-        } catch (e: InterruptedException) {
-            if (running) {
-                LOG.warn("NullRatVerifier failed")
-                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
-            }
-            return
-        }
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, "".toByteArray())
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK)
-    }
-
-    companion object {
-        const val NULL_RAT_VERIFIER_ID = "NullRat"
-        private val LOG = LoggerFactory.getLogger(NullRatVerifier::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dHelper.kt
deleted file mode 100644
index 7b69887b9..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dHelper.kt
+++ /dev/null
@@ -1,75 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
-
-import org.slf4j.LoggerFactory
-import java.security.MessageDigest
-import java.security.SecureRandom
-import java.security.cert.Certificate
-
-object TPM2dHelper {
-    private val LOG = LoggerFactory.getLogger(TPM2dHelper::class.java)
-    private val sr = SecureRandom()
-
-    /**
-     * Generate a crypto-secure random hex String of length numChars
-     *
-     * @param numBytes Desired String length
-     * @return The generated crypto-secure random hex String
-     */
-    fun generateNonce(numBytes: Int): ByteArray {
-        val randBytes = ByteArray(numBytes)
-        sr.nextBytes(randBytes)
-        return randBytes
-    }
-
-    /**
-     * Calculate SHA-1 hash of (nonce|certificate).
-     *
-     * @param nonce       The plain, initial nonce
-     * @param certificate The certificate to hash-combine with the nonce
-     * @return The new nonce, updated with the given certificate using SHA-1
-     */
-    fun calculateHash(nonce: ByteArray, certificate: Certificate?): ByteArray {
-        return try {
-            val digest = MessageDigest.getInstance("SHA-1")
-            digest.update(nonce)
-            if (certificate != null) {
-                digest.update(certificate.encoded)
-            } else {
-                if (LOG.isWarnEnabled) {
-                    LOG.warn(
-                            "No client certificate available. Cannot bind nonce to public key to prevent masquerading attack. TLS misconfiguration!")
-                }
-            }
-            digest.digest()
-        } catch (e1: Exception) {
-            LOG.error("Could not create hash of own nonce and local certificate", e1)
-            nonce
-        }
-    }
-
-    internal object ByteArrayUtil {
-        private val lookup = arrayOfNulls<String>(256)
-        fun toPrintableHexString(bytes: ByteArray): String {
-            val s = StringBuilder()
-            for (i in bytes.indices) {
-                if (i > 0 && i % 16 == 0) {
-                    s.append('\n')
-                } else {
-                    s.append(' ')
-                }
-                s.append(lookup[bytes[i].toInt() and 0xff])
-            }
-            return s.toString()
-        }
-
-        init {
-            for (i in lookup.indices) {
-                if (i < 16) {
-                    lookup[i] = "0" + Integer.toHexString(i)
-                } else {
-                    lookup[i] = Integer.toHexString(i)
-                }
-            }
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dMessageFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dMessageFactory.kt
deleted file mode 100644
index 1a4ec1b8a..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dMessageFactory.kt
+++ /dev/null
@@ -1,83 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
-
-import com.google.protobuf.ByteString
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.*
-
-/**
- * A message factory for creating TPM2d RAT messages
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-object TPM2dMessageFactory {
-    fun getAttestationChallengeMessage(
-            nonce: ByteArray,
-            aType: IdsAttestationType,
-            pcrIndices: Int
-    ): Tpm2dMessageWrapper {
-        return Tpm2dMessageWrapper.newBuilder().setRatChallenge(
-                Tpm2dRatChallenge.newBuilder()
-                        .setAtype(aType)
-                        .setNonce(ByteString.copyFrom(nonce))
-                        .setPcrIndices(pcrIndices)
-                        .build()
-        ).build()
-    }
-
-    fun getAttestationResponseMessage(
-            aType: IdsAttestationType,
-            hash_alg: String,
-            quoted: ByteString,
-            signature: ByteString,
-            pcrValues: List<Pcr>,
-            certificate: ByteString
-    ): Tpm2dMessageWrapper {
-        return Tpm2dMessageWrapper.newBuilder().setRatResponse(
-                Tpm2dRatResponse.newBuilder()
-                        .setAtype(aType)
-                        .setHashAlg(hash_alg)
-                        .setQuoted(quoted)
-                        .setSignature(signature)
-                        .addAllPcrValues(pcrValues)
-                        .setCertificate(certificate)
-                        .build()
-        ).build()
-    }
-
-    fun getAttestationResponseMessage(
-            response: Tpm2dToRemote
-    ): Tpm2dMessageWrapper {
-        return Tpm2dMessageWrapper.newBuilder().setRatResponse(
-                Tpm2dRatResponse.newBuilder()
-                        .setAtype(response.atype)
-                        .setHashAlg(response.halg.name)
-                        .setQuoted(response.quoted)
-                        .setSignature(response.signature)
-                        .addAllPcrValues(response.pcrValuesList)
-                        .setCertificate(response.certificate)
-                        .build()
-        ).build()
-    }
-
-    fun getAttestationResultMessage( //IdsAttestationType aType,
-            result: Boolean
-    ): Tpm2dMessageWrapper {
-        return Tpm2dMessageWrapper.newBuilder().setRatResult(
-                Tpm2dRatResult.newBuilder() //.setAtype(aType)
-                        .setResult(result)
-                        .build()
-        ).build()
-    }
-
-    fun getRemoteToTPM2dMessage(
-            aType: IdsAttestationType,
-            hash: ByteArray,
-            pcrIndices: Int
-    ): RemoteToTpm2d {
-        return RemoteToTpm2d.newBuilder()
-                .setAtype(aType)
-                .setQualifyingData(ByteString.copyFrom(hash))
-                .setCode(RemoteToTpm2d.Code.ATTESTATION_REQ)
-                .setPcrs(pcrIndices)
-                .build()
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
deleted file mode 100644
index e9856ec44..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProver.kt
+++ /dev/null
@@ -1,195 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
-
-import com.google.protobuf.InvalidProtocolBufferException
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dMessageWrapper
-import org.slf4j.LoggerFactory
-import java.io.IOException
-import java.util.concurrent.BlockingQueue
-import java.util.concurrent.LinkedBlockingQueue
-
-/**
- * A TPM2d RatProver Driver implementation that proves its identity to a remote peer using TPM2d
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class TPM2dProver(fsmListener: RatProverFsmListener) : RatProverDriver<TPM2dProverConfig>(fsmListener) {
-    /*
-     * ******************* Protocol *******************
-     *
-     * Verifier: (Challenger)
-     * -------------------------
-     * Generate NonceV
-     * create RatChallenge (NonceV, aType, pcr_mask)
-     * -------------------------
-     *
-     * Prover: (Responder)
-     * -------------------------
-     * get RatChallenge (NonceV, aType, pcr_mask)
-     * hash = calculateHash(nonceV, certV)
-     * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
-     * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
-     * create AttestationResponse from tpm response
-     * -------------------------
-     *
-     * Verifier: (Responder)
-     * -------------------------
-     * get AttestationResponse
-     * hash = calculateHash(nonceV, certV)
-     * check signature(response, hash)
-     * check repo(aType, response, ttpUri)
-     * create RatResult
-     * -------------------------
-     *
-     * Prover: (Requester)
-     * -------------------------
-     * get AttestationResult
-     * -------------------------
-     *
-     */
-    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
-    private var config = TPM2dProverConfig.Builder().build()
-    override fun setConfig(config: TPM2dProverConfig) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Set rat prover config")
-        }
-        this.config = config
-    }
-
-    override fun delegate(message: ByteArray) {
-        queue.add(message)
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Delegated to prover")
-        }
-    }
-
-    override fun run() {
-        //TPM2d Challenge-Response Protocol
-
-        // wait for RatChallenge from Verifier
-        var msg: ByteArray?
-        try {
-            msg = queue.take()
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Prover receives new message")
-            }
-        } catch (e: InterruptedException) {
-            if (running) {
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
-            }
-            return
-        }
-
-        // parse body to expected tpm2d message wrapper
-        var tpm2dMessageWrapper: Tpm2dMessageWrapper = try {
-            Tpm2dMessageWrapper.parseFrom(msg)
-        } catch (e: InvalidProtocolBufferException) {
-            LOG.error("Cannot parse IdscpRatVerifier body", e)
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
-            return
-        }
-
-        // check if wrapper contains expected rat challenge
-        if (!tpm2dMessageWrapper.hasRatChallenge()) {
-            //unexpected message
-            if (LOG.isWarnEnabled) {
-                LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatChallenge")
-            }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
-            return
-        }
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Get rat challenge from rat verifier")
-        }
-        val challenge = tpm2dMessageWrapper.ratChallenge
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Requesting attestation from TPM ...")
-        }
-
-        // hash
-        val hash = TPM2dHelper.calculateHash(challenge.nonce.toByteArray(),
-                config.remoteCertificate)
-
-        // generate RemoteToTPM2dRequest
-        val tpmRequest = TPM2dMessageFactory.getRemoteToTPM2dMessage(
-                challenge.atype,
-                hash,
-                if (challenge.hasPcrIndices()) challenge.pcrIndices else 0
-        )
-
-        // get TPM response
-        val tpmResponse: Tpm2dAttestation.Tpm2dToRemote = try {
-            val tpmSocket = TPM2dSocket(config.tpm2dHost)
-            tpmSocket.requestAttestation(tpmRequest)
-        } catch (e: IOException) {
-            LOG.error("Cannot access TPM", e)
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
-            return
-        }
-
-        // create Tpm2dResponse
-        val response = TPM2dMessageFactory.getAttestationResponseMessage(tpmResponse)
-                .toByteArray()
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Send rat response to verifier")
-        }
-        fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_MSG, response)
-
-        // wait for result
-        try {
-            msg = queue.take()
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Prover receives new message")
-            }
-        } catch (e: InterruptedException) {
-            if (running) {
-                fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
-            }
-            return
-        }
-
-        // parse body to expected tpm2d message wrapper
-        tpm2dMessageWrapper = try {
-            Tpm2dMessageWrapper.parseFrom(msg)
-        } catch (e: InvalidProtocolBufferException) {
-            LOG.error("Cannot parse IdscpRatVerifier body", e)
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
-            return
-        }
-
-        // check if wrapper contains expected rat result
-        if (!tpm2dMessageWrapper.hasRatResult()) {
-            //unexpected message
-            if (LOG.isWarnEnabled) {
-                LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResult")
-            }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
-            return
-        }
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Get rat challenge from rat verifier")
-        }
-        val result = tpm2dMessageWrapper.ratResult
-
-        // notify fsm
-        if (result.result) {
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Attestation succeed")
-            }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_OK)
-        } else {
-            if (LOG.isWarnEnabled) {
-                LOG.warn("Attestation failed")
-            }
-            fsmListener.onRatProverMessage(InternalControlMessage.RAT_PROVER_FAILED)
-        }
-    }
-
-    companion object {
-        const val TPM_RAT_PROVER_ID = "TPM2d"
-        private val LOG = LoggerFactory.getLogger(TPM2dProver::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProverConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProverConfig.kt
deleted file mode 100644
index 097bfc70e..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dProverConfig.kt
+++ /dev/null
@@ -1,39 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
-
-import java.security.cert.Certificate
-
-/**
- * A configuration class for TPM2d RatPriver driver
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class TPM2dProverConfig private constructor() {
-    var remoteCertificate: Certificate? = null
-        private set
-    var tpm2dHost: String
-        private set
-
-    class Builder {
-        fun setRemoteCertificate(remoteCert: Certificate?): Builder {
-            config.remoteCertificate = remoteCert
-            return this
-        }
-
-        fun setTpmHost(host: String): Builder {
-            config.tpm2dHost = host
-            return this
-        }
-
-        fun build(): TPM2dProverConfig {
-            return config
-        }
-
-        companion object {
-            private val config = TPM2dProverConfig()
-        }
-    }
-
-    init {
-        tpm2dHost = if (System.getenv("TPM_HOST") != null) System.getenv("TPM_HOST") else "localhost"
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt
deleted file mode 100644
index 760f4b3cc..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dSocket.kt
+++ /dev/null
@@ -1,28 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
-
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation
-import java.io.DataInputStream
-import java.io.DataOutputStream
-import java.io.IOException
-import java.net.Socket
-
-/**
- * A TPM2d Socket for communication with the Trusted Platform Module
- */
-class TPM2dSocket(host: String?) : Socket(host, 9505) {
-    private val `is`: DataInputStream = DataInputStream(this.inputStream)
-    private val os: DataOutputStream = DataOutputStream(this.outputStream)
-
-    @Throws(IOException::class)
-    fun requestAttestation(request: Tpm2dAttestation.RemoteToTpm2d): Tpm2dAttestation.Tpm2dToRemote {
-        // Write attestation request message
-        val requestBytes = request.toByteArray()
-        os.writeInt(requestBytes.size)
-        os.write(requestBytes)
-        // Read attestation result message
-        val resultBytes = ByteArray(`is`.readInt())
-        `is`.readFully(resultBytes)
-        return Tpm2dAttestation.Tpm2dToRemote.parseFrom(resultBytes)
-    }
-
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
deleted file mode 100644
index 96495663e..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifier.kt
+++ /dev/null
@@ -1,260 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
-
-import com.google.protobuf.InvalidProtocolBufferException
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dMessageWrapper
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation.Tpm2dRatResponse
-import org.slf4j.LoggerFactory
-import tss.tpm.*
-import java.io.ByteArrayInputStream
-import java.nio.charset.StandardCharsets
-import java.nio.file.FileSystems
-import java.nio.file.Files
-import java.security.Signature
-import java.security.cert.CertificateFactory
-import java.security.cert.X509Certificate
-import java.util.*
-import java.util.concurrent.BlockingQueue
-import java.util.concurrent.LinkedBlockingQueue
-
-/**
- * A TPM2d RatVerifier driver that verifies the remote peer's identity using TPM2d
- */
-class TPM2dVerifier(fsmListener: RatVerifierFsmListener) : RatVerifierDriver<TPM2dVerifierConfig>(fsmListener) {
-    /*
-     * ******************* Protocol *******************
-     *
-     * Verifier: (Challenger)
-     * -------------------------
-     * Generate NonceV
-     * create RatChallenge (NonceV, aType, pcr_mask)
-     * -------------------------
-     *
-     * Prover: (Responder)
-     * -------------------------
-     * get RatChallenge (NonceV, aType, pcr_mask)
-     * hash = calculateHash(nonceV, certV)
-     * req = generate RemoteToTPM2dRequest(hash, aType, pcr_mask)
-     * response = TPM2dToRemote = tpmSocket.attestationRequest(req)
-     * create AttestationResponse from tpm response
-     * -------------------------
-     *
-     * Verifier: (Responder)
-     * -------------------------
-     * get AttestationResponse
-     * hash = calculateHash(nonceV, certV)
-     * check signature(response, hash)
-     * check repo(aType, response, ttpUri)
-     * create RatResult
-     * -------------------------
-     *
-     * Prover: (Requester)
-     * -------------------------
-     * get AttestationResult
-     * -------------------------
-     *
-     */
-    private val queue: BlockingQueue<ByteArray> = LinkedBlockingQueue()
-    private var config = TPM2dVerifierConfig.Builder().build()
-    override fun setConfig(config: TPM2dVerifierConfig) {
-        LOG.debug("Set rat verifier config")
-        this.config = config
-    }
-
-    override fun delegate(message: ByteArray) {
-        queue.add(message)
-        LOG.debug("Delegated to Verifier")
-    }
-
-    override fun run() {
-        //TPM2d Challenge-Response Protocol
-
-        // create rat challenge with fresh nonce
-        LOG.debug("Generate and send rat challenge for rat prover")
-        val nonce = TPM2dHelper.generateNonce(20)
-
-        // send challenge as RAT Verifier Message
-        val ratChallenge = TPM2dMessageFactory.getAttestationChallengeMessage(
-                nonce, config.expectedAType, config.expectedAttestationMask).toByteArray()
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratChallenge)
-
-        // wait for attestation response
-        val msg: ByteArray
-        try {
-            msg = queue.take()
-            LOG.debug("Verifier receives new message")
-        } catch (e: InterruptedException) {
-            if (running) {
-                fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
-            }
-            return
-        }
-
-        // parse body to expected tpm2d message wrapper
-        val tpm2dMessageWrapper: Tpm2dMessageWrapper = try {
-            Tpm2dMessageWrapper.parseFrom(msg)
-        } catch (e: InvalidProtocolBufferException) {
-            LOG.error("Cannot parse IdscpRatProver body", e)
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
-            return
-        }
-
-        // check if wrapper contains expected rat response
-        if (!tpm2dMessageWrapper.hasRatResponse()) {
-            //unexpected message
-            LOG.warn("Unexpected message from RatProver: Expected Tpm2dRatResponse")
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
-            return
-        }
-        LOG.debug("Get rat response from remote prover")
-        //validate rat response
-        val resp = tpm2dMessageWrapper.ratResponse
-        LOG.debug("Validate rat response: signature and rat repository checks")
-
-        // validate signature
-        var result = true
-        val hash = TPM2dHelper.calculateHash(nonce, config.localCertificate)
-        if (!checkSignature(resp, hash)) {
-            result = false
-            LOG.warn("Invalid rat signature")
-        }
-
-        // toDo check rat repo!!!!!!!!! --> Problems with current Rat Repo Protobuf format
-
-        // create and send rat result
-        LOG.debug("Send rat result to remote prover")
-        val ratResult = TPM2dMessageFactory.getAttestationResultMessage(result).toByteArray()
-        fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_MSG, ratResult)
-
-        // notify fsm about result
-        if (result) {
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_OK)
-        } else {
-            fsmListener.onRatVerifierMessage(InternalControlMessage.RAT_VERIFIER_FAILED)
-        }
-    }
-
-    private fun checkSignature(response: Tpm2dRatResponse, hash: ByteArray): Boolean {
-        val byteSignature = response.signature.toByteArray()
-        val byteCert = response.certificate.toByteArray()
-        val byteQuoted = response.quoted.toByteArray()
-        if (LOG.isDebugEnabled) {
-            LOG.debug("signature: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature))
-            LOG.debug("cert: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteCert))
-            LOG.debug("quoted: {}", TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted))
-        }
-        if (byteSignature.isEmpty() || byteCert.isEmpty() || byteQuoted.isEmpty()) {
-            LOG.warn("Some required part (signature, cert or quoted) is empty!")
-            return false
-        }
-        return try {
-            val certFactory = CertificateFactory.getInstance("X.509")
-
-            // Load trust anchor certificate
-            var rootCertificate: X509Certificate
-            val rootCertPath = FileSystems.getDefault().getPath("etc", "rootca-cert.pem")
-            try {
-                Files.newBufferedReader(rootCertPath, StandardCharsets.US_ASCII).use { reader ->
-                    val builder = StringBuilder()
-                    var line = reader.readLine()
-                    while (line != null) {
-                        if (!line.startsWith("-")) {
-                            builder.append(line.trim { it <= ' ' })
-                        }
-                        line = reader.readLine()
-                    }
-                    val rootCertBytes = Base64.getDecoder().decode(builder.toString())
-                    rootCertificate = certFactory.generateCertificate(ByteArrayInputStream(rootCertBytes)) as X509Certificate
-                }
-            } catch (e: Exception) {
-                LOG.error("Error parsing root certificate", e)
-                return false
-            }
-
-            // Create X509Certificate instance from certBytes
-            val certificate = certFactory.generateCertificate(ByteArrayInputStream(byteCert)) as X509Certificate
-            // Verify the TPM certificate
-            try {
-                certificate.verify(rootCertificate.publicKey)
-            } catch (e: Exception) {
-                LOG.error("TPM certificate is invalid", e)
-                return false
-            }
-
-            // Construct a new TPMT_SIGNATURE instance from byteSignature bytes
-            val tpmtSignature: TPMT_SIGNATURE = try {
-                TPMT_SIGNATURE.fromTpm(byteSignature)
-            } catch (ex: Exception) {
-                LOG.warn("""
-                Could not create a TPMT_SIGNATURE from bytes:
-                ${TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteSignature)}
-                """.trimIndent(),
-                        ex)
-                return false
-            }
-
-            // Construct a new TPMS_ATTEST instance from byteQuoted bytes
-            val tpmsAttest: TPMS_ATTEST = try {
-                TPMS_ATTEST.fromTpm(byteQuoted)
-            } catch (ex: Exception) {
-                LOG.warn("""
-                Could not create a TPMS_ATTEST from bytes:
-                ${TPM2dHelper.ByteArrayUtil.toPrintableHexString(byteQuoted)}
-                """.trimIndent(),
-                        ex)
-                return false
-            }
-
-            // check hash value (extra data) against expected hash
-            val extraBytes = tpmsAttest.extraData
-            if (!Arrays.equals(extraBytes, hash)) {
-                if (LOG.isWarnEnabled) {
-                    LOG.warn("""
-                    The hash (extra data) in TPMS_ATTEST structure is invalid!
-                    extra data: {}
-                    hash: {}
-                    """.trimIndent(),
-                            TPM2dHelper.ByteArrayUtil.toPrintableHexString(extraBytes),
-                            TPM2dHelper.ByteArrayUtil.toPrintableHexString(hash))
-                }
-                return false
-            }
-
-            // Check signature of attestation
-            val tpmSigAlg = tpmtSignature.GetUnionSelector_signature()
-            val tpmSigHashAlg: Int
-            val tpmSig: ByteArray
-            if (tpmSigAlg == TPM_ALG_ID.RSAPSS.toInt()) {
-                tpmSigHashAlg = (tpmtSignature.signature as TPMS_SIGNATURE_RSAPSS).hash.toInt()
-                tpmSig = (tpmtSignature.signature as TPMS_SIGNATURE_RSAPSS).sig
-            } else if (tpmSigAlg == TPM_ALG_ID.RSASSA.toInt()) {
-                tpmSigHashAlg = (tpmtSignature.signature as TPMS_SIGNATURE_RSASSA).hash.toInt()
-                tpmSig = (tpmtSignature.signature as TPMS_SIGNATURE_RSASSA).sig
-            } else {
-                throw Exception(
-                        "Unknown or unimplemented signature scheme: " + tpmtSignature.signature.javaClass)
-            }
-            if (tpmSigHashAlg != TPM_ALG_ID.SHA256.toInt()) {
-                throw Exception("Only SHA256withRSA TPM signature hash algorithm is allowed!")
-            }
-            val sig = Signature.getInstance("SHA256withRSA")
-            sig.initVerify(certificate.publicKey)
-            sig.update(byteQuoted)
-            val result = sig.verify(tpmSig)
-            if (!result && LOG.isWarnEnabled) {
-                LOG.warn("Attestation signature invalid!")
-            }
-            result
-        } catch (ex: Exception) {
-            LOG.warn("Error during attestation validation", ex)
-            false
-        }
-    }
-
-    companion object {
-        const val TPM_RAT_VERIFIER_ID = "TPM2d"
-        private val LOG = LoggerFactory.getLogger(TPM2dVerifier::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifierConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifierConfig.kt
deleted file mode 100644
index e65730e54..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/rat/tpm2d/TPM2dVerifierConfig.kt
+++ /dev/null
@@ -1,60 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.rat.tpm2d
-
-import de.fhg.aisec.ids.idscp2.messages.Tpm2dAttestation
-import java.net.URI
-import java.net.URISyntaxException
-import java.security.cert.Certificate
-
-/**
- * A configuration class for TPM2d RatVerifier Driver
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class TPM2dVerifierConfig private constructor() {
-    var localCertificate: Certificate? = null
-        private set
-    var ttpUri: URI? = null
-        private set
-    var expectedAType = Tpm2dAttestation.IdsAttestationType.BASIC
-        private set
-    var expectedAttestationMask = 0
-        private set
-
-    class Builder {
-        fun setTtpUri(ttpUri: URI): Builder {
-            config.ttpUri = ttpUri
-            return this
-        }
-
-        fun setLocalCertificate(localCert: Certificate): Builder {
-            config.localCertificate = localCert
-            return this
-        }
-
-        fun setExpectedAttestationType(aType: Tpm2dAttestation.IdsAttestationType): Builder {
-            config.expectedAType = aType
-            return this
-        }
-
-        fun setExpectedAttestationMask(mask: Int): Builder {
-            config.expectedAttestationMask = mask
-            return this
-        }
-
-        fun build(): TPM2dVerifierConfig {
-            return config
-        }
-
-        companion object {
-            private val config = TPM2dVerifierConfig()
-        }
-    }
-
-    init {
-        ttpUri = try {
-            URI("https://invalid-ttp-uri/rat-verify")
-        } catch (e: URISyntaxException) {
-            throw RuntimeException(e)
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/README.md b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/README.md
deleted file mode 100644
index e9dd5a9be..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/README.md
+++ /dev/null
@@ -1 +0,0 @@
-Default SecureChannel Driver Implementations for the IDSCPv2
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTLSDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTLSDriver.kt
deleted file mode 100644
index ff0563de4..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTLSDriver.kt
+++ /dev/null
@@ -1,52 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3
-
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client.TLSClient
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.server.TLSServer
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import java.util.concurrent.CompletableFuture
-
-/**
- * An implementation of SecureChannelDriver interface on TLSv1.3
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class NativeTLSDriver<CC: Idscp2Connection> : SecureChannelDriver<CC, NativeTlsConfiguration> {
-    /**
-     * Performs an asynchronous client connect to a TLS server.
-     */
-    override fun connect(connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
-                         configuration: Idscp2Configuration,
-                         secureChannelConfig: NativeTlsConfiguration): CompletableFuture<CC> {
-        val connectionFuture = CompletableFuture<CC>()
-        try {
-            val tlsClient = TLSClient(connectionFactory, configuration, secureChannelConfig, connectionFuture)
-            tlsClient.connect(secureChannelConfig.host, secureChannelConfig.serverPort)
-        } catch (e: Exception) {
-            connectionFuture.completeExceptionally(Idscp2Exception("Call to connect() has failed", e))
-        }
-        return connectionFuture
-    }
-
-    /**
-     * Creates and starts a new TLS Server instance.
-     *
-     * @return The SecureServer instance
-     * @throws Idscp2Exception If any error occurred during server creation/start
-     */
-    override fun listen(channelInitListener: SecureChannelInitListener<CC>,
-                        serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>,
-                        secureChannelConfig: NativeTlsConfiguration): SecureServer {
-        return try {
-            TLSServer(secureChannelConfig, channelInitListener, serverListenerPromise)
-        } catch (e: Exception) {
-            throw Idscp2Exception("Error while trying to to start SecureServer", e)
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTlsConfiguration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTlsConfiguration.kt
deleted file mode 100644
index 1330260a9..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/NativeTlsConfiguration.kt
+++ /dev/null
@@ -1,126 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3
-
-import java.nio.file.Path
-import java.nio.file.Paths
-
-/**
- * NativeTLS SecureChannel configuration class, contains information about NativeTLS stuff
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class NativeTlsConfiguration {
-    var serverPort = DEFAULT_SERVER_PORT
-        private set
-    var host = "localhost"
-        private set
-    var trustStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
-        private set
-    var trustStorePassword = "password".toCharArray()
-        private set
-    var keyPassword = "password".toCharArray()
-        private set
-    var keyStorePath: Path = Paths.get("DUMMY-FILENAME.p12")
-        private set
-    var keyStorePassword = "password".toCharArray()
-        private set
-    var certificateAlias = "1.0.1"
-        private set
-    var keyStoreKeyType = "RSA"
-        private set
-
-    class Builder {
-        private val config = NativeTlsConfiguration()
-        fun setHost(host: String): Builder {
-            config.host = host
-            return this
-        }
-
-        fun setServerPort(serverPort: Int): Builder {
-            config.serverPort = serverPort
-            return this
-        }
-
-        fun setKeyPassword(pwd: CharArray): Builder {
-            config.keyPassword = pwd
-            return this
-        }
-
-        fun setTrustStorePath(path: Path): Builder {
-            config.trustStorePath = path
-            return this
-        }
-
-        fun setKeyStorePath(path: Path): Builder {
-            config.keyStorePath = path
-            return this
-        }
-
-        fun setTrustStorePassword(pwd: CharArray): Builder {
-            config.trustStorePassword = pwd
-            return this
-        }
-
-        fun setKeyStorePassword(pwd: CharArray): Builder {
-            config.keyStorePassword = pwd
-            return this
-        }
-
-        fun setCertificateAlias(alias: String): Builder {
-            config.certificateAlias = alias
-            return this
-        }
-
-        fun setKeyStoreKeyType(keyType: String): Builder {
-            config.keyStoreKeyType = keyType
-            return this
-        }
-
-        fun build(): NativeTlsConfiguration {
-            return config
-        }
-    }
-
-    override fun equals(other: Any?): Boolean {
-        if (this === other) return true
-        if (javaClass != other?.javaClass) return false
-
-        other as NativeTlsConfiguration
-
-        if (serverPort != other.serverPort) return false
-        if (host != other.host) return false
-        if (trustStorePath != other.trustStorePath) return false
-        if (!trustStorePassword.contentEquals(other.trustStorePassword)) return false
-        if (!keyPassword.contentEquals(other.keyPassword)) return false
-        if (keyStorePath != other.keyStorePath) return false
-        if (!keyStorePassword.contentEquals(other.keyStorePassword)) return false
-        if (certificateAlias != other.certificateAlias) return false
-        if (keyStoreKeyType != other.keyStoreKeyType) return false
-
-        return true
-    }
-
-    override fun hashCode(): Int {
-        var result = serverPort
-        result = 31 * result + host.hashCode()
-        result = 31 * result + trustStorePath.hashCode()
-        result = 31 * result + trustStorePassword.contentHashCode()
-        result = 31 * result + keyPassword.contentHashCode()
-        result = 31 * result + keyStorePath.hashCode()
-        result = 31 * result + keyStorePassword.contentHashCode()
-        result = 31 * result + certificateAlias.hashCode()
-        result = 31 * result + keyStoreKeyType.hashCode()
-        return result
-    }
-
-    override fun toString(): String {
-        return "Idscp2Configuration(serverPort=$serverPort, host='$host', trustStorePath=$trustStorePath, " +
-                "trustStorePassword=${trustStorePassword.contentToString()}, " +
-                "keyStorePath=$keyStorePath, keyStorePassword=${keyStorePassword.contentToString()}, " +
-                "certificateAlias='$certificateAlias', " +
-                "keyStoreKeyType='$keyStoreKeyType'"
-    }
-
-    companion object {
-        const val DEFAULT_SERVER_PORT = 29292
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSConstants.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSConstants.kt
deleted file mode 100644
index 3fa599e49..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSConstants.kt
+++ /dev/null
@@ -1,23 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3
-
-/**
- * TLS Constants
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-object TLSConstants {
-    // Used TLS version
-    const val TLS_INSTANCE = "TLSv1.3"
-
-    // Enabled encryption protocols
-    val TLS_ENABLED_PROTOCOLS = arrayOf(TLS_INSTANCE)
-
-    // Acceptable TLS ciphers
-    val TLS_ENABLED_CIPHERS = arrayOf( //            "TLS_AES_128_GCM_SHA256",
-            "TLS_AES_256_GCM_SHA384",
-            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",  //            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
-            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",  //            "TLS_RSA_WITH_AES_256_GCM_SHA384",
-            //            "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
-            //            "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384",
-            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384")
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSSessionVerificationHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSSessionVerificationHelper.kt
deleted file mode 100644
index f744a1fd1..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/TLSSessionVerificationHelper.kt
+++ /dev/null
@@ -1,189 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3
-
-import org.slf4j.LoggerFactory
-import java.net.InetAddress
-import java.security.cert.CertificateExpiredException
-import java.security.cert.CertificateNotYetValidException
-import java.security.cert.CertificateParsingException
-import java.security.cert.X509Certificate
-import java.util.*
-import java.util.regex.Pattern
-import javax.net.ssl.SSLPeerUnverifiedException
-import javax.net.ssl.SSLSession
-
-/**
- * A class for verifying an established TLS Session on application layer
- * (application level security)
- *
- * @author Leon Beckmann (leon.beckmannn@aisec.fraunhofer.de)
- */
-object TLSSessionVerificationHelper {
-    private val LOG = LoggerFactory.getLogger(TLSSessionVerificationHelper::class.java)
-    private const val ipv4Pattern = "(([01]?\\d\\d?|2[0-4]\\d|25[0-5])\\.){3}([01]?\\d\\d?|2[0-4]\\d|25[0-5])"
-    private const val ipv6Pattern = "([0-9a-f]{1,4}:){7}([0-9a-f]){1,4}"
-
-    /*
-     * Checks if the ssl session is valid and the remote host can be trusted
-     *
-     * Due to the fact, that hostname verification is not specified in the secure socket layer,
-     * we have to check if the connected hostname matches to the subject of the peer certificate to
-     * avoid Man-In-The-Middle Attacks. This is required for every raw tls!
-     *
-     * Further we check the peer certificate validity to avoid the case that some of the certificates
-     * in our local trust_store are not valid anymore and allow a peer connector to connect with an
-     * expired certificate
-     *
-     * Throws SSlPeerUnverifiedException if peer certificate is not secure for this peer
-     */
-    @Throws(SSLPeerUnverifiedException::class)
-    fun verifyTlsSession(sslSession: SSLSession) {
-        val host = sslSession.peerHost
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Connected to {}:{}", host, sslSession.peerPort)
-        }
-        try {
-
-            //get certificate
-            val certificates = sslSession.peerCertificates
-            if (certificates.size != 1) {
-                throw SSLPeerUnverifiedException("Unexpected number of certificates")
-            }
-            val peerCert = certificates[0] as X509Certificate
-
-            /*
-             * According to RFC6125, hostname verification should be done against the certificate's
-             * subject alternative name's (SANs) DNSName field or the SANs IPAddress. In some legacy
-             * implementations, the check is done against the certificate's commonName, but this is
-             * deprecated for quite a while and is therefore not supported anymore in the IDSCP2 protocol.
-             */
-            val sans = peerCert.subjectAlternativeNames
-                    ?: throw SSLPeerUnverifiedException("No Subject alternative names for hostname "
-                            + "verification provided")
-            val acceptedDnsNames = ArrayList<String>()
-            val acceptedIpAddresses = ArrayList<String>()
-            for (subjectAltName in sans) {
-                if (subjectAltName.size != 2) {
-                    continue
-                }
-                val value = subjectAltName[1]
-                when (subjectAltName[0] as Int?) {
-                    2 -> if (value is String) {
-                        acceptedDnsNames.add(value)
-                    } else if (value is ByteArray) {
-                        acceptedDnsNames.add(String(value))
-                    }
-                    7 -> if (value is String) {
-                        acceptedIpAddresses.add(value)
-                    } else if (value is ByteArray) {
-                        acceptedIpAddresses.add(String(value))
-                    }
-                    else -> {
-                        if (LOG.isTraceEnabled) {
-                            LOG.trace("Unhandled SAN type \"{}\" with value \"{}\"", subjectAltName[0], value)
-                        }
-                    }
-                }
-            }
-
-            if (isIpAddress(host)) {
-                // First, check IP addresses directly given by type-7-SANs
-                if (!acceptedIpAddresses.contains(host)) {
-                    // Check IP addresses using DNS resolving
-                    // This check is *weak* and should be accompanied by DAT fingerprint checking later on
-                    val resolvedIps = acceptedDnsNames.flatMap {
-                        try {
-                            InetAddress.getAllByName(it).toList()
-                        } catch (e: Throwable) {
-                            emptyList()
-                        }
-                    }.map { it.hostAddress }
-                    if (LOG.isTraceEnabled) {
-                        LOG.trace("Resolved IPs: {}", resolvedIps.toSet().joinToString())
-                    }
-                    if (!resolvedIps.contains(host)) {
-                        throw SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
-                                + "not belong to peer host")
-                    }
-                }
-            } else {
-                // Check hostname
-                val hostLabels = host.split(".")
-                var found = false
-                for (entry in acceptedDnsNames) {
-                    if (checkHostname(entry.trimEnd('.').split("."), hostLabels)) {
-                        found = true
-                        break
-                    }
-                }
-                if (!found) {
-                    throw SSLPeerUnverifiedException("Hostname verification failed. Peer certificate does "
-                            + "not belong to peer host")
-                }
-            }
-
-
-            //check certificate validity for now and at least one day
-            val oneDay = Date()
-            oneDay.time = oneDay.time + 86400000
-            peerCert.checkValidity()
-            peerCert.checkValidity(oneDay)
-        } catch (e: CertificateParsingException) {
-            throw SSLPeerUnverifiedException("TLS Session Verification failed $e")
-        } catch (e: CertificateNotYetValidException) {
-            throw SSLPeerUnverifiedException("TLS Session Verification failed $e")
-        } catch (e: CertificateExpiredException) {
-            throw SSLPeerUnverifiedException("TLS Session Verification failed $e")
-        }
-    }
-
-    /*
-     * check if host is an IP Address
-     */
-    private fun isIpAddress(host: String): Boolean {
-        val ip4 = Pattern.compile(ipv4Pattern, Pattern.CASE_INSENSITIVE).matcher(host)
-        if (ip4.matches()) {
-            return true
-        }
-        val ip6 = Pattern.compile(ipv6Pattern, Pattern.CASE_INSENSITIVE).matcher(host)
-        return ip6.matches()
-    }
-
-    /*
-     * match dNS Name
-     */
-    private fun checkHostname(dnsNameLabels: List<String>, hostNameLabels: List<String>): Boolean {
-
-        /*
-         * support wildcard matching of DNS names as described in RFC6125 Section 6.4.3
-         *
-         * Rules:
-         * 1. The client SHOULD NOT attempt to match a presented identifier in which the wildcard
-         * character comprises a label other than the left-most label
-         * (e.g., do not match bar.*.example.net).
-         *
-         * 2. If the wildcard character is the only character of the left-most label in the
-         * presented identifier, the client SHOULD NOT compare against anything but the left-most
-         * label of the reference identifier (e.g., *.example.com would match foo.example.com but
-         * not bar.foo.example.com or example.com).
-         *
-         * 3. The client MAY match a presented identifier in which the wildcard character is not the
-         * only character of the label (e.g., baz*.example.net and *baz.example.net and
-         * b*z.example.net would be taken to match baz1.example.net and foobaz.example.net and
-         * buzz.example.net, respectively).  However, the client SHOULD NOT attempt to match a
-         * presented identifier where the wildcard character is embedded within an A-label or
-         * U-label of an internationalized domain name.
-         */
-        if (dnsNameLabels.size == hostNameLabels.size) { //include rule 2
-            //all labels without the first one must match completely (rule 1)
-            for (i in 1 until dnsNameLabels.size) {
-                if (dnsNameLabels[i] != hostNameLabels[i]) {
-                    return false
-                }
-            }
-
-            //first label could include wildcard character '*' (rule 1+3)
-            return hostNameLabels[0].matches(Regex(dnsNameLabels[0].replace("*", ".*")))
-        }
-        return false
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/DataAvailableListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/DataAvailableListener.kt
deleted file mode 100644
index 237f4b0cf..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/DataAvailableListener.kt
+++ /dev/null
@@ -1,24 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client
-
-/**
- * An interface for DataAvailableListeners, that will be notified when new data has been received
- * at the sslSocket
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface DataAvailableListener {
-    /*
-     * Provide incoming data to listener
-     */
-    fun onMessage(bytes: ByteArray)
-
-    /*
-     * Notify listener that an error has occurred
-     */
-    fun onError(e: Throwable)
-
-    /*
-     * Notify listener that the socket has been closed
-     */
-    fun onClose()
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/InputListenerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/InputListenerThread.kt
deleted file mode 100644
index 291c7e7d9..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/InputListenerThread.kt
+++ /dev/null
@@ -1,51 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client
-
-import java.io.DataInputStream
-import java.io.EOFException
-import java.io.IOException
-import java.io.InputStream
-import java.net.SocketTimeoutException
-
-/**
- * A simple Listener thread that listens to an input stream and notifies a listeners
- * when new data has been received
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class InputListenerThread(inputStream: InputStream, private var listener: DataAvailableListener) : Thread() {
-    private val dataInputStream: DataInputStream = DataInputStream(inputStream)
-
-    @Volatile
-    private var running = true
-
-    /*
-     * Run the input listener thread that reads from wire and provides data to upper layer
-     */
-    override fun run() {
-        var buf: ByteArray
-        while (running) {
-            try {
-                //first read the length
-                val len = dataInputStream.readInt()
-                buf = ByteArray(len)
-                //then read the data
-                dataInputStream.readFully(buf, 0, len)
-                //provide to listener
-                listener.onMessage(buf)
-            } catch (ignore: SocketTimeoutException) {
-                //timeout to catch safeStop() call
-            } catch (e: EOFException) {
-                listener.onClose()
-                running = false
-            } catch (e: IOException) {
-                listener.onError(e)
-                running = false
-            }
-        }
-    }
-
-    fun safeStop() {
-        running = false
-    }
-
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient.kt
deleted file mode 100644
index a33372f21..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/client/TLSClient.kt
+++ /dev/null
@@ -1,214 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.client
-
-import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.TLSConstants
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.TLSSessionVerificationHelper
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener
-import org.slf4j.LoggerFactory
-import java.io.DataOutputStream
-import java.io.IOException
-import java.net.InetSocketAddress
-import java.net.Socket
-import java.util.concurrent.CompletableFuture
-import javax.net.ssl.*
-
-/**
- * A TLS Client that notifies an Idscp2ServerFactory when a secure channel was created and the
- * TLS handshake is done. The client is notified from an InputListenerThread when new data are
- * available and transfer it to the SecureChannelListener
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class TLSClient<CC: Idscp2Connection>(
-        private val connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
-        private val clientConfiguration: Idscp2Configuration,
-        nativeTlsConfiguration: NativeTlsConfiguration,
-        private val connectionFuture: CompletableFuture<CC>
-) : HandshakeCompletedListener, DataAvailableListener, SecureChannelEndpoint {
-    private val clientSocket: Socket
-    private var dataOutputStream: DataOutputStream? = null
-    private lateinit var inputListenerThread: InputListenerThread
-    private val listenerPromise = CompletableFuture<SecureChannelListener>()
-
-    /**
-     * Connect to TLS server and start TLS Handshake
-     */
-    fun connect(hostname: String?, port: Int) {
-        val sslSocket = clientSocket as SSLSocket?
-        if (sslSocket == null || sslSocket.isClosed) {
-            throw Idscp2Exception("Client socket is not available")
-        }
-        try {
-            sslSocket.connect(InetSocketAddress(hostname, port))
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Client is connected to server {}:{}", hostname, port)
-            }
-
-            //set clientSocket timeout to allow safeStop()
-            clientSocket.soTimeout = 5000
-            dataOutputStream = DataOutputStream(clientSocket.getOutputStream())
-
-            // Add inputListener but start it not before handshake is complete
-            inputListenerThread = InputListenerThread(clientSocket.getInputStream(), this)
-            sslSocket.addHandshakeCompletedListener(this)
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Start TLS Handshake")
-            }
-            sslSocket.startHandshake()
-        } catch (e: SSLHandshakeException) {
-            // FIXME: Any such disconnect makes the server maintain a broken connection
-            disconnect()
-            throw Idscp2Exception("TLS Handshake failed", e)
-        } catch (e: SSLProtocolException) {
-            disconnect()
-            throw Idscp2Exception("TLS Handshake failed", e)
-        } catch (e: IOException) {
-            // FIXME: Any such disconnect makes the server maintain a broken connection
-            disconnect()
-            throw Idscp2Exception("Connecting TLS client to server failed", e)
-        }
-    }
-
-    private fun disconnect() {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Disconnecting from TLS server...")
-        }
-        if (::inputListenerThread.isInitialized) {
-            inputListenerThread.safeStop()
-        }
-        if (!clientSocket.isClosed) {
-            try {
-                clientSocket.close()
-            } catch (e: IOException) {
-                onError(e)
-            }
-        }
-    }
-
-    override fun onClose() {
-        listenerPromise.thenAccept { obj: SecureChannelListener -> obj.onClose() }
-    }
-
-    override fun onError(e: Throwable) {
-        listenerPromise.thenAccept { listener: SecureChannelListener -> listener.onError(e) }
-    }
-
-    override fun close() {
-        disconnect()
-    }
-
-    override fun send(bytes: ByteArray): Boolean {
-        return if (!isConnected) {
-            LOG.warn("Client cannot send data because socket is not connected")
-            false
-        } else {
-            try {
-                dataOutputStream?.let {
-                    it.writeInt(bytes.size)
-                    it.write(bytes)
-                    it.flush()
-                } ?: throw IOException("DataOutputStream not available")
-                if (LOG.isTraceEnabled) {
-                    LOG.trace("Sending message...")
-                }
-                true
-            } catch (e: IOException) {
-                LOG.warn("Client cannot send data", e)
-                false
-            }
-        }
-    }
-
-    override val isConnected: Boolean
-        get() = clientSocket.isConnected
-
-    override fun handshakeCompleted(handshakeCompletedEvent: HandshakeCompletedEvent) {
-        //start receiving listener after TLS Handshake was successful
-        if (LOG.isTraceEnabled) {
-            LOG.trace("TLS Handshake was successful")
-        }
-        // TODO: When server behavior fixed, disconnect and return here instantly
-//        if (!connectionFuture.isCancelled) {
-//            disconnect()
-//            return
-//        }
-
-        // verify tls session on application layer: hostname verification, certificate validity
-        try {
-            TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.session)
-            if (LOG.isTraceEnabled) {
-                LOG.trace("TLS session is valid")
-            }
-            // Create secure channel, register secure channel as message listener and notify IDSCP2 Configuration.
-            val secureChannel = SecureChannel(this)
-            // Try to complete, won't do anything if promise has been cancelled
-            listenerPromise.complete(secureChannel)
-            val connection = connectionFactory(secureChannel, clientConfiguration)
-            inputListenerThread.start()
-            // Try to complete, won't do anything if promise has been cancelled
-            connectionFuture.complete(connection)
-            if (connectionFuture.isCancelled) {
-                connection.close()
-            }
-        } catch (e: SSLPeerUnverifiedException) {
-            // FIXME: Any such disconnect makes the server maintain a broken connection
-            disconnect()
-            connectionFuture.completeExceptionally(
-                    Idscp2Exception("TLS session is not valid. Close TLS connection", e))
-        }
-    }
-
-    override fun onMessage(bytes: ByteArray) {
-        listenerPromise.thenAccept { listener: SecureChannelListener -> listener.onMessage(bytes) }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(TLSClient::class.java)
-    }
-
-    init {
-        // init TLS Client
-
-        // get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager, which enables
-        // hostVerification and algorithm constraints
-        val myTrustManager = PreConfiguration.getX509ExtTrustManager(
-                nativeTlsConfiguration.trustStorePath,
-                nativeTlsConfiguration.trustStorePassword
-        )
-
-        // get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager, which enables
-        // connection specific key selection via key alias
-        val myKeyManager = PreConfiguration.getX509ExtKeyManager(
-                nativeTlsConfiguration.keyPassword,
-                nativeTlsConfiguration.keyStorePath,
-                nativeTlsConfiguration.keyStorePassword,
-                nativeTlsConfiguration.certificateAlias,
-                nativeTlsConfiguration.keyStoreKeyType
-        )
-        val sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE)
-        sslContext.init(myKeyManager, myTrustManager, null)
-        val socketFactory = sslContext.socketFactory
-
-        // create server socket
-        clientSocket = socketFactory.createSocket()
-        val sslSocket = clientSocket as SSLSocket
-
-        // set TLS constraints
-        val sslParameters = sslSocket.sslParameters
-        sslParameters.useCipherSuitesOrder = false // use server priority order
-        sslParameters.needClientAuth = true
-        sslParameters.protocols = TLSConstants.TLS_ENABLED_PROTOCOLS // only TLSv1.3
-        sslParameters.cipherSuites = TLSConstants.TLS_ENABLED_CIPHERS // only allow strong cipher
-//        sslParameters.endpointIdentificationAlgorithm = "HTTPS";  // is done in application layer
-        sslSocket.sslParameters = sslParameters
-        if (LOG.isTraceEnabled) {
-            LOG.trace("TLS Client was initialized successfully")
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServer.kt
deleted file mode 100644
index d9a85f0ac..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServer.kt
+++ /dev/null
@@ -1,170 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.server
-
-import de.fhg.aisec.ids.idscp2.default_drivers.keystores.PreConfiguration
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.TLSConstants
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
-import org.slf4j.LoggerFactory
-import java.io.IOException
-import java.net.ServerSocket
-import java.net.SocketException
-import java.net.SocketTimeoutException
-import java.util.concurrent.CompletableFuture
-import javax.net.ssl.SSLContext
-import javax.net.ssl.SSLServerSocket
-import javax.net.ssl.SSLSocket
-
-/**
- * A TLS Server that listens on a given port from the Idscp2Settings and create new
- * TLSServerThreads for incoming connections
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class TLSServer<CC: Idscp2Connection>(nativeTlsConfiguration: NativeTlsConfiguration,
-                                      private val secureChannelInitListener: SecureChannelInitListener<CC>,
-                                      private val serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>):
-        Runnable, SecureServer {
-    @Volatile
-    override var isRunning = false
-        private set
-    private val serverSocket: ServerSocket
-    private val serverThread: Thread
-    override fun run() {
-        if (serverSocket.isClosed) {
-            LOG.warn("ServerSocket has been closed, server thread is stopping now.")
-            return
-        }
-        isRunning = true
-        if (LOG.isTraceEnabled) {
-            LOG.trace("TLS server started, entering accept() loop...")
-        }
-        while (isRunning) {
-            try {
-                /*
-                 * accept for new (incoming) ssl sockets. A timeout exception is thrown
-                 * after 5 seconds of inactivity to allow a clean stop via the safeStop() method
-                 */
-                val sslSocket = serverSocket.accept() as SSLSocket
-                try {
-                    // Start new server thread
-                    if (LOG.isTraceEnabled) {
-                        LOG.trace("New TLS client has connected. Creating new server thread...")
-                    }
-                    val serverThread = TLSServerThread(sslSocket, secureChannelInitListener, serverListenerPromise)
-                    sslSocket.addHandshakeCompletedListener(serverThread)
-                    serverThread.start()
-                } catch (serverThreadException: Exception) {
-                    LOG.warn("Error whilst creating/starting TLSServerThread", serverThreadException)
-                }
-            } catch (e: SocketTimeoutException) {
-                //timeout on serverSocket blocking functions was reached
-                //in this way we can catch safeStop() function, that makes isRunning false
-                //without closing the serverSocket, so we can stop and restart the server
-                //alternative: close serverSocket. But then we cannot reuse it
-            } catch (e: SocketException) {
-                if (LOG.isTraceEnabled) {
-                    LOG.trace("Server socket has been closed.")
-                }
-                isRunning = false
-            } catch (e: IOException) {
-                LOG.warn("Error during TLS server socket accept, notifying error handlers...")
-                secureChannelInitListener.onError(e)
-                isRunning = false
-            }
-        }
-        if (!serverSocket.isClosed) {
-            try {
-                serverSocket.close()
-            } catch (e: IOException) {
-                LOG.warn("Could not close TLS server socket", e)
-            }
-        }
-    }
-
-    override fun safeStop() {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Stopping tls server")
-        }
-        /*
-         * Set the volatile running variable to false. The serverSocket will receive
-         * a socket timeout after at least 5 seconds while it is blocked in accept()
-         * and will then check again if isRunning is still true
-         */
-        isRunning = false
-
-//        try {
-//            serverSocket.close();
-//        } catch (IOException e) {
-//            LOG.warn("Trying to close server socket failed!", e);
-//        }
-
-        try {
-            serverThread.join()
-        } catch (e: InterruptedException) {
-            LOG.warn("InterruptedException whilst waiting for server stop", e)
-            Thread.currentThread().interrupt()
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(TLSServer::class.java)
-    }
-
-    init {
-
-        /* init server for TCP/TLS communication */
-
-        // Get array of TrustManagers, that contains only one instance of X509ExtendedTrustManager,
-        // which enables host verification and algorithm constraints
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Creating trust manager for TLS server...")
-        }
-        val myTrustManager = PreConfiguration.getX509ExtTrustManager(
-                nativeTlsConfiguration.trustStorePath,
-                nativeTlsConfiguration.trustStorePassword
-        )
-
-        // Get array of KeyManagers, that contains only one instance of X509ExtendedKeyManager,
-        // which enables connection specific key selection via key alias
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Creating key manager for TLS server...")
-        }
-        val myKeyManager = PreConfiguration.getX509ExtKeyManager(
-                nativeTlsConfiguration.keyPassword,
-                nativeTlsConfiguration.keyStorePath,
-                nativeTlsConfiguration.keyStorePassword,
-                nativeTlsConfiguration.certificateAlias,
-                nativeTlsConfiguration.keyStoreKeyType
-        )
-
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Setting TLS security attributes and creating TLS server socket...")
-        }
-        // Create TLS context based on keyManager and trustManager
-        val sslContext = SSLContext.getInstance(TLSConstants.TLS_INSTANCE)
-        sslContext.init(myKeyManager, myTrustManager, null)
-        val socketFactory = sslContext.serverSocketFactory
-        serverSocket = socketFactory.createServerSocket(nativeTlsConfiguration.serverPort)
-        // Set timeout for serverSocket.accept()
-        serverSocket.soTimeout = 5000
-        val sslServerSocket = serverSocket as SSLServerSocket
-
-        // Set TLS constraints
-        val sslParameters = sslServerSocket.sslParameters
-        sslParameters.useCipherSuitesOrder = true //server determines priority-order of algorithms in CipherSuite
-        sslParameters.needClientAuth = true //client must authenticate
-        sslParameters.protocols = TLSConstants.TLS_ENABLED_PROTOCOLS //only TLSv1.3
-        sslParameters.cipherSuites = TLSConstants.TLS_ENABLED_CIPHERS //only allow strong cipher suite
-        sslServerSocket.sslParameters = sslParameters
-
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Starting TLS server...")
-        }
-        serverThread = Thread(this, "TLS Server Thread "
-                + nativeTlsConfiguration.host + ":" + nativeTlsConfiguration.serverPort)
-        serverThread.start()
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServerThread.kt
deleted file mode 100644
index 7c7a8d99b..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/default_drivers/secure_channel/tlsv1_3/server/TLSServerThread.kt
+++ /dev/null
@@ -1,162 +0,0 @@
-package de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.server
-
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.TLSSessionVerificationHelper
-import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannelListener
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
-import org.slf4j.LoggerFactory
-import java.io.*
-import java.net.SocketTimeoutException
-import java.util.concurrent.CompletableFuture
-import javax.net.ssl.HandshakeCompletedEvent
-import javax.net.ssl.HandshakeCompletedListener
-import javax.net.ssl.SSLPeerUnverifiedException
-import javax.net.ssl.SSLSocket
-
-/**
- * A TLSServerThread that notifies an IDSCP2Config when a secure channel was created and the
- * TLS handshake is done
- *
- *
- * When new data are available the serverThread transfers it to the SecureChannelListener
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class TLSServerThread<CC : Idscp2Connection> internal constructor(
-        private val sslSocket: SSLSocket,
-        private val configCallback: SecureChannelInitListener<CC>,
-        private val serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>) :
-        Thread(), HandshakeCompletedListener, SecureChannelEndpoint, Closeable
-{
-    @Volatile
-    private var running = true
-    private val `in`: DataInputStream
-    private val out: DataOutputStream
-    private val channelListenerPromise = CompletableFuture<SecureChannelListener>()
-    private val tlsVerificationLatch = FastLatch()
-    override fun run() {
-        // first run the tls handshake to enforce catching every error occurred during the handshake
-        // before reading from buffer. Else if there exists any non-catched exception during handshake
-        // the thread would wait forever in onError() until handshakeCompleteListener is called
-        try {
-            sslSocket.startHandshake()
-            // Wait for TLS session verification
-            tlsVerificationLatch.await()
-        } catch (e: Exception) {
-            LOG.warn("Exception occurred during SSL handshake. Quiting server thread...", e)
-            onError(e)
-            running = false
-        }
-
-        //wait for new data while running
-        var buf: ByteArray
-        while (running) {
-            try {
-                val len = `in`.readInt()
-                buf = ByteArray(len)
-                `in`.readFully(buf, 0, len)
-                onMessage(buf)
-            } catch (ignore: SocketTimeoutException) {
-                // Timeout catches safeStop() call and allows to send server_goodbye
-            } catch (e: EOFException) {
-                onClose()
-                running = false
-            } catch (e: IOException) {
-                onError(e)
-                running = false
-            }
-        }
-        closeSockets()
-    }
-
-    private fun closeSockets() {
-        try {
-            out.close()
-            `in`.close()
-            sslSocket.close()
-        } catch (ignore: IOException) {
-        }
-    }
-
-    override fun send(bytes: ByteArray): Boolean {
-        return if (!isConnected) {
-            LOG.warn("Server cannot send data because socket is not connected")
-            closeSockets()
-            false
-        } else {
-            try {
-                out.writeInt(bytes.size)
-                out.write(bytes)
-                out.flush()
-                true
-            } catch (e: IOException) {
-                LOG.warn("Server could not send data", e)
-                closeSockets()
-                false
-            }
-        }
-    }
-
-    private fun onClose() {
-        channelListenerPromise.thenAccept { obj: SecureChannelListener -> obj.onClose() }
-    }
-
-    private fun onError(t: Throwable) {
-        channelListenerPromise.thenAccept { secureChannelListener: SecureChannelListener -> secureChannelListener.onError(t) }
-    }
-
-    override fun close() {
-        safeStop()
-    }
-
-    fun onMessage(bytes: ByteArray) {
-        channelListenerPromise.thenAccept { listener: SecureChannelListener -> listener.onMessage(bytes) }
-    }
-
-    private fun safeStop() {
-        running = false
-    }
-
-    override val isConnected: Boolean
-        get() = sslSocket.isConnected
-
-    override fun handshakeCompleted(handshakeCompletedEvent: HandshakeCompletedEvent) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("TLS Handshake was successful")
-        }
-
-        // verify tls session on application layer: hostname verification, certificate validity
-        try {
-            TLSSessionVerificationHelper.verifyTlsSession(handshakeCompletedEvent.session)
-            if (LOG.isTraceEnabled) {
-                LOG.trace("TLS session is valid")
-            }
-        } catch (e: SSLPeerUnverifiedException) {
-            LOG.warn("TLS session is not valid. Close TLS connection", e)
-            running = false // set running false before tlsVerificationLatch is decremented
-            return
-        } finally {
-            tlsVerificationLatch.unlock()
-        }
-
-        //provide secure channel to IDSCP2 Config and register secure channel as listener
-        val secureChannel = SecureChannel(this)
-        channelListenerPromise.complete(secureChannel)
-        configCallback.onSecureChannel(secureChannel, serverListenerPromise)
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(TLSServerThread::class.java)
-    }
-
-    init {
-        // Set timeout for blocking read
-        sslSocket.soTimeout = 5000
-        `in` = DataInputStream(sslSocket.inputStream)
-        out = DataOutputStream(sslSocket.outputStream)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
deleted file mode 100644
index b64eb9dbc..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelClient.kt
+++ /dev/null
@@ -1,90 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example
-
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
-import org.slf4j.LoggerFactory
-import java.util.concurrent.CompletableFuture
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
-import java.nio.charset.StandardCharsets
-import kotlin.concurrent.thread
-
-class CommandlineTunnelClient {
-    private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
-
-    fun init(configuration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) {
-        LOG.info("Setting up IDSCP connection")
-
-        // create secure channel driver
-        val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
-
-        // register rat drivers
-        RatProverDriverRegistry.registerDriver(
-                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
-
-        RatVerifierDriverRegistry.registerDriver(
-                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
-
-        // connect to idscp2 server
-        LOG.info("connecting to {}:{}", nativeTlsConfiguration.host, nativeTlsConfiguration.serverPort)
-        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration, nativeTlsConfiguration)
-
-        connectionFuture.thenAccept { connection: Idscp2Connection ->
-            LOG.info("Client: New connection with id " + connection.id)
-            var runningUserJob = true
-
-            connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
-                override fun onError(t: Throwable) {
-                    LOG.error("Client connection error occurred", t)
-                    runningUserJob = false
-                }
-
-                override fun onClose() {
-                    LOG.info("Client: Connection with id " + connection.id + " has been closed")
-                    runningUserJob = false
-                }
-            })
-
-            connection.addMessageListener { _: Idscp2Connection, data: ByteArray ->
-                LOG.info("Received message: " + String(data, StandardCharsets.UTF_8))
-            }
-
-            connection.unlockMessaging()
-
-            thread {
-                // wait until connected
-                while (!connection.isConnected) {
-                    Thread.sleep(1000L)
-                }
-
-                while (runningUserJob) {
-                    // read from stdin
-                    println("You can now type in your message")
-                    val data = readLine()
-
-                    if (data.isNullOrBlank()) {
-                        // close connection EOF
-                        connection.close()
-                    } else {
-                        // send data to connection
-                        connection.blockingSend(data.toByteArray(StandardCharsets.UTF_8), 1000 * 2, 100)
-                    }
-                }
-            }
-
-        }.exceptionally { t: Throwable? ->
-            LOG.error("Client endpoint error occurred", t)
-            null
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(CommandlineTunnelClient::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
deleted file mode 100644
index 7c3a4fbe1..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/CommandlineTunnelServer.kt
+++ /dev/null
@@ -1,69 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example
-
-import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2ServerFactory
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
-import org.slf4j.LoggerFactory
-import java.nio.charset.StandardCharsets
-
-class CommandlineTunnelServer : Idscp2EndpointListener<Idscp2Connection> {
-    fun init(configuration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) {
-        LOG.info("setting up IDSCP listener")
-        // create secure channel driver
-        val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
-
-        // register rat drivers
-        RatProverDriverRegistry.registerDriver(
-                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
-
-        RatVerifierDriverRegistry.registerDriver(
-                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
-
-        // create server config
-        val serverConfig = Idscp2ServerFactory(
-                ::Idscp2ConnectionImpl,
-                this,
-                configuration,
-                secureChannelDriver,
-                nativeTlsConfiguration
-        )
-
-        @Suppress("UNUSED_VARIABLE") val idscp2Server = serverConfig.listen()
-    }
-
-    override fun onConnection(connection: Idscp2Connection) {
-        LOG.info("Server: New connection with id " + connection.id)
-
-        connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
-            override fun onError(t: Throwable) {
-                LOG.error("Server connection error occurred", t)
-            }
-
-            override fun onClose() {
-                LOG.info("Server: Connection with id " + connection.id + " has been closed")
-            }
-        })
-
-        connection.addMessageListener { _: Idscp2Connection, data: ByteArray ->
-            LOG.info("Received message: ${String(data, StandardCharsets.UTF_8)}".trimIndent())
-        }
-
-    }
-
-    override fun onError(t: Throwable) {
-        LOG.error("Server endpoint error occurred", t)
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(CommandlineTunnelServer::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
deleted file mode 100644
index 19c509dbb..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ClientInitiator.kt
+++ /dev/null
@@ -1,62 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example
-
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
-import org.slf4j.LoggerFactory
-import java.nio.charset.StandardCharsets
-import java.util.concurrent.CompletableFuture
-
-class Idscp2ClientInitiator {
-    private lateinit var connectionFuture: CompletableFuture<Idscp2Connection>
-
-    fun init(configuration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) {
-
-        // create secure channel driver
-        val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
-
-        // register rat drivers
-        RatProverDriverRegistry.registerDriver(
-                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
-
-        RatVerifierDriverRegistry.registerDriver(
-                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
-
-        // connect to idscp2 server
-        connectionFuture = secureChannelDriver.connect(::Idscp2ConnectionImpl, configuration, nativeTlsConfiguration)
-        connectionFuture.thenAccept { connection: Idscp2Connection ->
-            LOG.info("Client: New connection with id " + connection.id)
-            connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
-                override fun onError(t: Throwable) {
-                    LOG.error("Client connection error occurred", t)
-                }
-
-                override fun onClose() {
-                    LOG.info("Client: Connection with id " + connection.id + " has been closed")
-                }
-            })
-            connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
-                LOG.info("Received ping message: " + String(data, StandardCharsets.UTF_8))
-
-                c.close()
-            }
-            connection.unlockMessaging()
-            LOG.info("Send PING ...")
-            connection.nonBlockingSend("PING".toByteArray(StandardCharsets.UTF_8))
-        }.exceptionally { t: Throwable? ->
-            LOG.error("Client endpoint error occurred", t)
-            null
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ClientInitiator::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
deleted file mode 100644
index dc5110ac6..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/Idscp2ServerInitiator.kt
+++ /dev/null
@@ -1,69 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example
-
-import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTLSDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionImpl
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.Idscp2ServerFactory
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
-import org.slf4j.LoggerFactory
-import java.nio.charset.StandardCharsets
-
-class Idscp2ServerInitiator : Idscp2EndpointListener<Idscp2Connection> {
-    fun init(configuration: Idscp2Configuration, nativeTlsConfiguration: NativeTlsConfiguration) {
-
-        // create secure channel driver
-        val secureChannelDriver = NativeTLSDriver<Idscp2Connection>()
-
-        // register rat drivers
-        RatProverDriverRegistry.registerDriver(
-                RatProverDummy.RAT_PROVER_DUMMY_ID, ::RatProverDummy, null)
-
-        RatVerifierDriverRegistry.registerDriver(
-                RatVerifierDummy.RAT_VERIFIER_DUMMY_ID, ::RatVerifierDummy, null)
-
-        // create server config
-        val serverConfig = Idscp2ServerFactory(
-                ::Idscp2ConnectionImpl,
-                this,
-                configuration,
-                secureChannelDriver,
-                nativeTlsConfiguration
-        )
-        // run idscp2 server
-        @Suppress("UNUSED_VARIABLE") val idscp2Server = serverConfig.listen()
-    }
-
-    override fun onConnection(connection: Idscp2Connection) {
-        LOG.info("Server: New connection with id " + connection.id)
-        connection.addConnectionListener(object : Idscp2ConnectionAdapter() {
-            override fun onError(t: Throwable) {
-                LOG.error("Server connection error occurred", t)
-            }
-
-            override fun onClose() {
-                LOG.info("Server: Connection with id " + connection.id + " has been closed")
-            }
-        })
-        connection.addMessageListener { c: Idscp2Connection, data: ByteArray ->
-            LOG.info("Received ping message: ${String(data, StandardCharsets.UTF_8)}".trimIndent())
-
-            LOG.info("Sending PONG...")
-            c.nonBlockingSend("PONG".toByteArray(StandardCharsets.UTF_8))
-        }
-    }
-
-    override fun onError(t: Throwable) {
-        LOG.error("Server endpoint error occurred", t)
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ServerInitiator::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
deleted file mode 100644
index 0417deed3..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSClient.kt
+++ /dev/null
@@ -1,55 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example
-
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import java.nio.file.Paths
-import java.util.*
-
-object RunTLSClient {
-    @JvmStatic
-    fun main(args: Array<String>) {
-
-        val keyStorePath = Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader
-                .getResource("ssl/consumer-keystore.p12")).path)
-
-        val trustStorePath = Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader
-                .getResource("ssl/truststore.p12")).path)
-
-        val localAttestationConfig = AttestationConfig.Builder()
-                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
-                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID))
-                .setRatTimeoutDelay(300 * 1000) // 300 seconds
-                .build()
-
-        // create daps driver
-        val dapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
-                .setKeyStorePath(keyStorePath)
-                .setTrustStorePath(trustStorePath)
-                .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                .build())
-
-        // create idscp2 config
-        val settings = Idscp2Configuration.Builder()
-                .setAckTimeoutDelay(500) //  500 ms
-                .setHandshakeTimeoutDelay(5 * 1000) // 5 seconds
-                .setAttestationConfig(localAttestationConfig)
-                .setDapsDriver(dapsDriver)
-                .build()
-
-        // create secureChannel config
-        val nativeTlsConfiguration = NativeTlsConfiguration.Builder()
-                .setKeyStorePath(keyStorePath)
-                .setTrustStorePath(trustStorePath)
-                .setCertificateAlias("1.0.1")
-                .setHost("provider-core")
-                .build()
-
-        val initiator = Idscp2ClientInitiator()
-        initiator.init(settings, nativeTlsConfiguration)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
deleted file mode 100644
index 100436351..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTLSServer.kt
+++ /dev/null
@@ -1,52 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example
-
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import java.nio.file.Paths
-import java.util.*
-
-object RunTLSServer {
-    @JvmStatic
-    fun main(argv: Array<String>) {
-
-        val keyStorePath = Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader
-                .getResource("ssl/provider-keystore.p12")).path)
-
-        val trustStorePath = Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader
-                .getResource("ssl/truststore.p12")).path)
-
-        val localAttestationConfig = AttestationConfig.Builder()
-                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
-                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID))
-                .setRatTimeoutDelay(300 * 1000) // 300 seconds
-                .build()
-
-        // create daps config
-        val dapsDriver: DapsDriver = DefaultDapsDriver(DefaultDapsDriverConfig.Builder()
-                .setKeyStorePath(keyStorePath)
-                .setTrustStorePath(trustStorePath)
-                .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                .build())
-
-        val settings = Idscp2Configuration.Builder()
-                .setAttestationConfig(localAttestationConfig)
-                .setDapsDriver(dapsDriver)
-                .build()
-
-        val nativeTlsConfiguration = NativeTlsConfiguration.Builder()
-                .setKeyStorePath(keyStorePath)
-                .setTrustStorePath(trustStorePath)
-                .setCertificateAlias("1.0.1")
-                .setHost("consumer-core")
-                .build()
-
-        val initiator = Idscp2ServerInitiator()
-        initiator.init(settings, nativeTlsConfiguration)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
deleted file mode 100644
index e13cc6af6..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelClient.kt
+++ /dev/null
@@ -1,43 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example
-
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import java.nio.file.Paths
-import java.util.*
-
-object RunTunnelClient {
-    @JvmStatic
-    fun main(args: Array<String>) {
-
-        val localAttestationConfig = AttestationConfig.Builder()
-                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
-                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID))
-                .setRatTimeoutDelay(70 * 1000) // 70 seconds
-                .build()
-
-        // create daps driver
-        val dapsDriver = NullDaps()
-
-        val config = Idscp2Configuration.Builder()
-                .setAckTimeoutDelay(500) //  500 ms
-                .setHandshakeTimeoutDelay(5 * 1000) // 5 seconds
-                .setAttestationConfig(localAttestationConfig)
-                .setDapsDriver(dapsDriver)
-                .build()
-
-        val nativeTlsConfiguration = NativeTlsConfiguration.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/consumer-keystore.p12")).path))
-                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSClient::class.java.classLoader.getResource("ssl/truststore.p12")).path))
-                .setCertificateAlias("1.0.1")
-                .setServerPort(12345)
-                .setHost("provider-core")
-                .build()
-
-        val initiator = CommandlineTunnelClient()
-        initiator.init(config, nativeTlsConfiguration)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
deleted file mode 100644
index 9abf06380..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/example/RunTunnelServer.kt
+++ /dev/null
@@ -1,41 +0,0 @@
-package de.fhg.aisec.ids.idscp2.example
-
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.NullDaps
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatProverDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.rat.dummy.RatVerifierDummy
-import de.fhg.aisec.ids.idscp2.default_drivers.secure_channel.tlsv1_3.NativeTlsConfiguration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import java.nio.file.Paths
-import java.util.*
-
-object RunTunnelServer {
-    @JvmStatic
-    fun main(argv: Array<String>) {
-
-        val localAttestationConfig = AttestationConfig.Builder()
-                .setSupportedRatSuite(arrayOf(RatProverDummy.RAT_PROVER_DUMMY_ID))
-                .setExpectedRatSuite(arrayOf(RatVerifierDummy.RAT_VERIFIER_DUMMY_ID))
-                .setRatTimeoutDelay(60 * 1000) // 60 seconds
-                .build()
-
-        val dapsDriver: DapsDriver = NullDaps()
-
-        val settings = Idscp2Configuration.Builder()
-                .setAttestationConfig(localAttestationConfig)
-                .setDapsDriver(dapsDriver)
-                .build()
-
-        val nativeTlsConfiguration = NativeTlsConfiguration.Builder()
-                .setKeyStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/provider-keystore.p12")).path))
-                .setTrustStorePath(Paths.get(Objects.requireNonNull(RunTLSServer::class.java.classLoader.getResource("ssl/truststore.p12")).path))
-                .setCertificateAlias("1.0.1")
-                .setServerPort(12345)
-                .setHost("consumer-core")
-                .build()
-
-        val initiator = CommandlineTunnelServer()
-        initiator.init(settings, nativeTlsConfiguration)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.kt
deleted file mode 100644
index 4c60f1807..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/FastLatch.kt
+++ /dev/null
@@ -1,52 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core
-
-import org.slf4j.LoggerFactory
-
-/**
- * This latch implementation uses double-checked-locking, a concept that is mostly broken.
- * However, double-checked locking **does** work for primitives that are atomic w.r.t. the memory model,
- * see https://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html
- * It is assumed that the JVM implementation always handles byte vars atomically,
- * otherwise the correctness of this code may be broken!
- *
- * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
- */
-@Suppress("PLATFORM_CLASS_MAPPED_TO_KOTLIN")
-class FastLatch {
-    private var locked: Byte = 1
-
-    /**
-     * Wait for this latch to be unlocked.
-     */
-    fun await() {
-        // Check locked flag without synchronization, such that method returns immediately
-        // without synchronization overhead if unlocked.
-        while (locked.toInt() != 0) {
-            synchronized(this) {
-                // Check the locked flag again to prevent eternal waiting if notifyAll() has been called
-                // before this critical section.
-                if (locked.toInt() != 0) {
-                    try {
-                        (this as Object).wait()
-                    } catch (ie: InterruptedException) {
-                        LOG.warn("Ignored InterruptException, awaiting unlock...", ie)
-                    }
-                }
-            }
-        }
-    }
-
-    /**
-     * Unlocks this latch instance.
-     */
-    fun unlock() {
-        synchronized(this) {
-            locked = 0
-            (this as Object).notifyAll()
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(FastLatch::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/Idscp2EndpointListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/Idscp2EndpointListener.kt
deleted file mode 100644
index fb7be99cb..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/Idscp2EndpointListener.kt
+++ /dev/null
@@ -1,21 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api
-
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-
-/**
- * An interface for the Idscp2EndpointListener class, that implements callback functions that notifies
- * the user about new connections, errors and closed connections
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface Idscp2EndpointListener<T: Idscp2Connection> {
-    /*
-     * Called when a new connection is established
-     */
-    fun onConnection(connection: T)
-
-    /*
-     * Called when an error occurred in the underlying IDSCP2 protocol
-     */
-    fun onError(t: Throwable)
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt
deleted file mode 100644
index 0aced58cd..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/AttestationConfig.kt
+++ /dev/null
@@ -1,59 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.configuration
-
-import java.util.*
-
-/**
- * Attestation configuration class, containing attestation suite for supported / expected
- * attestation types
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class AttestationConfig {
-    lateinit var supportedAttestationSuite: Array<String>
-        private set
-    lateinit var expectedAttestationSuite: Array<String>
-        private set
-    var ratTimeoutDelay = DEFAULT_RAT_TIMEOUT_DELAY.toInt().toLong() // in ms
-        private set
-
-    class Builder {
-        private val config = AttestationConfig()
-
-        fun setSupportedRatSuite(suite: Array<String>): Builder {
-            config.supportedAttestationSuite = suite
-            return this
-        }
-
-        fun setExpectedRatSuite(suite: Array<String>): Builder {
-            config.expectedAttestationSuite = suite
-            return this
-        }
-
-        fun setRatTimeoutDelay(delay: Long): Builder {
-            config.ratTimeoutDelay = delay
-            return this
-        }
-
-        fun build(): AttestationConfig {
-            return config
-        }
-    }
-
-    override fun equals(other: Any?): Boolean {
-        if (this === other) return true
-        if (other == null || javaClass != other.javaClass) return false
-        val that = other as AttestationConfig
-        return supportedAttestationSuite.contentEquals(that.supportedAttestationSuite) &&
-                expectedAttestationSuite.contentEquals(that.expectedAttestationSuite) &&
-                ratTimeoutDelay == that.ratTimeoutDelay
-    }
-
-    override fun hashCode(): Int {
-        return Objects.hash(supportedAttestationSuite.contentHashCode(),
-                expectedAttestationSuite.contentHashCode(), ratTimeoutDelay)
-    }
-
-    companion object {
-        const val DEFAULT_RAT_TIMEOUT_DELAY = "3600000" // in ms: 1 hour
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
deleted file mode 100644
index 14e273bd1..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/configuration/Idscp2Configuration.kt
+++ /dev/null
@@ -1,82 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.configuration
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import java.nio.file.Path
-import java.nio.file.Paths
-
-/**
- * IDSCP2 configuration class, contains information about Attestation Types, DAPS, Timeouts,
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Idscp2Configuration {
-    lateinit var attestationConfig: AttestationConfig
-        private set
-    lateinit var dapsDriver: DapsDriver
-        private set
-    var handshakeTimeoutDelay = DEFAULT_HANDSHAKE_TIMEOUT_DELAY.toInt().toLong() //in ms
-        private set
-    var ackTimeoutDelay = DEFAULT_ACK_TIMEOUT_DELAY.toInt().toLong() //in ms
-        private set
-
-    class Builder {
-        private val settings = Idscp2Configuration()
-
-        fun setAttestationConfig(config: AttestationConfig): Builder {
-            settings.attestationConfig = config
-            return this
-        }
-
-        fun setDapsDriver(dapsDriver: DapsDriver): Builder {
-            settings.dapsDriver = dapsDriver
-            return this
-        }
-
-        fun setHandshakeTimeoutDelay(delay: Long): Builder {
-            settings.handshakeTimeoutDelay = delay
-            return this
-        }
-
-        fun setAckTimeoutDelay(delay: Long): Builder {
-            settings.ackTimeoutDelay = delay
-            return this
-        }
-
-        fun build(): Idscp2Configuration {
-            return settings
-        }
-    }
-
-    override fun equals(other: Any?): Boolean {
-        if (this === other) return true
-        if (javaClass != other?.javaClass) return false
-
-        other as Idscp2Configuration
-
-        if (attestationConfig != other.attestationConfig) return false
-        if (dapsDriver != other.dapsDriver) return false
-        if (handshakeTimeoutDelay != other.handshakeTimeoutDelay) return false
-        if (ackTimeoutDelay != other.ackTimeoutDelay) return false
-
-        return true
-    }
-
-    override fun hashCode(): Int {
-        var result = attestationConfig.hashCode()
-        result = 31 *  result + dapsDriver.hashCode()
-        result = 31 * result + handshakeTimeoutDelay.hashCode()
-        result = 31 * result + ackTimeoutDelay.hashCode()
-        return result
-    }
-
-    override fun toString(): String {
-        return "Idscp2Configuration(attestationConfig=$attestationConfig, " +
-                "dapsDriver=$dapsDriver, handshakeTimeoutDelay=$handshakeTimeoutDelay, " +
-                "ackTimeoutDelay=$ackTimeoutDelay)"
-    }
-
-    companion object {
-        const val DEFAULT_ACK_TIMEOUT_DELAY = "200" // (in ms)
-        const val DEFAULT_HANDSHAKE_TIMEOUT_DELAY = "5000" // (in ms)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
deleted file mode 100644
index b1b7ae533..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2Connection.kt
+++ /dev/null
@@ -1,68 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
-
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2TimeoutException
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2WouldBlockException
-import kotlin.jvm.Throws
-
-/**
- * The IDSCP2 Connection class holds connections between connectors
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
- */
-interface Idscp2Connection {
-    val id: String
-
-    /**
-     * Unlock messaging when a message listener is registered, to avoid race conditions
-     * and messages loss
-     */
-    fun unlockMessaging()
-
-    /**
-     * Close the idscp connection
-     */
-    @Throws(Idscp2Exception::class)
-    fun close()
-
-    /**
-     * Send data to the peer IDSCP2 connector without timeout and retry interval when
-     * connection is currently not available
-     */
-    @Throws(Idscp2Exception::class, Idscp2WouldBlockException::class)
-    fun nonBlockingSend(msg: ByteArray)
-
-    /**
-     * Send data to the peer IDSCP2 connector and block until done
-     */
-    @Throws(Idscp2Exception::class, Idscp2TimeoutException::class)
-    fun blockingSend(msg: ByteArray, timeout: Long, retryInterval: Long = 0)
-
-    /**
-     * Repeat remote attestation verification of remote peer
-     */
-    @Throws(Idscp2Exception::class)
-    fun repeatRat()
-
-    fun onMessage(msg: ByteArray)
-
-    fun onError(t: Throwable)
-
-    fun onClose()
-
-    /**
-     * Check if the idscp connection is currently established
-     *
-     * @return Connection established state
-     */
-    val isConnected: Boolean
-
-    fun addConnectionListener(listener: Idscp2ConnectionListener)
-
-    fun removeConnectionListener(listener: Idscp2ConnectionListener): Boolean
-
-    fun addMessageListener(listener: Idscp2MessageListener)
-
-    fun removeMessageListener(listener: Idscp2MessageListener): Boolean
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionAdapter.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionAdapter.kt
deleted file mode 100644
index 80109b2c4..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionAdapter.kt
+++ /dev/null
@@ -1,15 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
-
-import org.slf4j.LoggerFactory
-
-open class Idscp2ConnectionAdapter : Idscp2ConnectionListener {
-    override fun onError(t: Throwable) {
-        LOG.error("Error received in Idscp2ConnectionAdapter", t)
-    }
-
-    override fun onClose() {}
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ConnectionAdapter::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
deleted file mode 100644
index ea2ce4363..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionImpl.kt
+++ /dev/null
@@ -1,181 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
-
-import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2TimeoutException
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2WouldBlockException
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import org.slf4j.LoggerFactory
-import java.util.*
-import java.util.concurrent.CompletableFuture
-
-/**
- * The IDSCP2 Connection class holds connections between connectors
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
- */
-class Idscp2ConnectionImpl(secureChannel: SecureChannel,
-                           configuration: Idscp2Configuration): Idscp2Connection {
-    private val fsm: FSM = FSM(
-            this,
-            secureChannel,
-            configuration.dapsDriver,
-            configuration.attestationConfig,
-            configuration.ackTimeoutDelay,
-            configuration.handshakeTimeoutDelay
-    )
-    override val id: String = UUID.randomUUID().toString()
-    private val connectionListeners = Collections.synchronizedSet(HashSet<Idscp2ConnectionListener>())
-    private val messageListeners = Collections.synchronizedSet(HashSet<Idscp2MessageListener>())
-    private val messageLatch = FastLatch()
-    override fun unlockMessaging() {
-        messageLatch.unlock()
-    }
-
-    /**
-     * Close the idscp connection
-     */
-    override fun close() {
-        if (LOG.isInfoEnabled) {
-            LOG.info("Closing connection {}...", id)
-        }
-
-        when (val res = fsm.closeConnection()) {
-            FSM.FsmResultCode.FSM_NOT_STARTED -> throw Idscp2Exception("Handshake not started: " + res.value)
-            else -> if (LOG.isDebugEnabled) {
-                LOG.debug("IDSCP2 connection {} closed", id)
-            }
-        }
-    }
-
-    /**
-     * Send data to the peer IDSCP2 connector
-     */
-
-    override fun nonBlockingSend(msg: ByteArray) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Sending data via connection {}...", id)
-        }
-
-        when (val res = fsm.send(msg)) {
-            FSM.FsmResultCode.OK -> return
-            FSM.FsmResultCode.WOULD_BLOCK -> throw Idscp2WouldBlockException("Idscp2 connection still waiting for ack")
-            FSM.FsmResultCode.IO_ERROR, FSM.FsmResultCode.FSM_LOCKED ->
-                throw Idscp2Exception("Connection aborted: " + res.value)
-            FSM.FsmResultCode.NOT_CONNECTED -> throw Idscp2Exception("Idscp2 connection temporarily not available")
-            else -> throw Idscp2Exception("Idscp2 error occurred while sending data: " + res.value)
-        }
-
-    }
-
-    override fun blockingSend(msg: ByteArray, timeout: Long, retryInterval: Long) {
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Sending data via connection {}...", id)
-        }
-
-        val start = System.currentTimeMillis()
-
-        while (true) {
-            val now = System.currentTimeMillis()
-            if (now >= start + timeout) {
-                throw Idscp2TimeoutException("Idscp2 connection temporarily not available")
-            }
-
-            when (val res = fsm.send(msg)) {
-                FSM.FsmResultCode.OK -> return
-                FSM.FsmResultCode.WOULD_BLOCK -> {
-                    // wait and repeat, fsm currently in wait_for_ack state
-                    if (retryInterval > 0)
-                        Thread.sleep(retryInterval)
-                    continue
-                }
-                FSM.FsmResultCode.IO_ERROR, FSM.FsmResultCode.FSM_LOCKED ->
-                    throw Idscp2Exception("Connection aborted: " + res.value)
-                FSM.FsmResultCode.NOT_CONNECTED -> throw Idscp2Exception("Idscp2 connection temporarily not available")
-                else -> throw Idscp2Exception("Idscp2 error occurred while sending data: " + res.value)
-            }
-        }
-    }
-
-    override fun repeatRat() {
-        if (LOG.isInfoEnabled) {
-            LOG.info("Repeat Rat for connection {}...", id)
-        }
-
-        // match result
-        when(val res = fsm.repeatRat()) {
-            FSM.FsmResultCode.OK -> return
-            FSM.FsmResultCode.FSM_LOCKED, FSM.FsmResultCode.IO_ERROR ->
-                throw Idscp2Exception("Connection aborted: " + res.value)
-            FSM.FsmResultCode.RAT_ERROR ->
-                throw Idscp2Exception("RAT action failed: " + res.value)
-            else -> throw Idscp2Exception("Error occurred: " + res.value)
-        }
-    }
-
-    override fun onMessage(msg: ByteArray) {
-        // When unlock is called, although not synchronized, this will eventually stop blocking.
-        messageLatch.await()
-        if (LOG.isDebugEnabled) {
-            LOG.debug("Received new IDSCP Message")
-        }
-        messageListeners.forEach { l: Idscp2MessageListener -> l.onMessage(this, msg) }
-    }
-
-    override fun onError(t: Throwable) {
-        connectionListeners.forEach { idscp2ConnectionListener: Idscp2ConnectionListener ->
-            idscp2ConnectionListener.onError(t) }
-    }
-
-    override fun onClose() {
-        if (LOG.isInfoEnabled) {
-            LOG.info("Connection with id {} is closing, notify listeners...", id)
-        }
-        connectionListeners.forEach { l: Idscp2ConnectionListener -> l.onClose() }
-    }
-
-    /**
-     * Check if the idscp connection is currently established
-     *
-     * @return Connection established state
-     */
-    override val isConnected: Boolean
-        get() = fsm.isConnected
-
-    override fun addConnectionListener(listener: Idscp2ConnectionListener) {
-        connectionListeners.add(listener)
-    }
-
-    override fun removeConnectionListener(listener: Idscp2ConnectionListener): Boolean {
-        return connectionListeners.remove(listener)
-    }
-
-    override fun addMessageListener(listener: Idscp2MessageListener) {
-        messageListeners.add(listener)
-    }
-
-    override fun removeMessageListener(listener: Idscp2MessageListener): Boolean {
-        return messageListeners.remove(listener)
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ConnectionImpl::class.java)
-    }
-
-    init {
-        secureChannel.setFsm(fsm)
-        if (LOG.isDebugEnabled) {
-            LOG.debug("A new IDSCP2 connection with id {} was created, starting handshake...", id)
-        }
-//        if (LOG.isTraceEnabled) {
-//            LOG.trace("Stack Trace of Idscp2Connection {} constructor:\n"
-//                    + Arrays.stream(Thread.currentThread().stackTrace)
-//                    .skip(1).map { obj: StackTraceElement -> obj.toString() }.collect(Collectors.joining("\n")), id)
-//        }
-        // Schedule IDSCP handshake asynchronously
-        CompletableFuture.runAsync { fsm.startIdscpHandshake() }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionListener.kt
deleted file mode 100644
index 6cdeb72cc..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2ConnectionListener.kt
+++ /dev/null
@@ -1,10 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
-
-/**
- * An IDSCP Connection Listener interface that is implemented by the IDSCP2 Server to notify the
- * server about lifetimes of IDSCP connections. The server caches all active connections.
- */
-interface Idscp2ConnectionListener {
-    fun onError(t: Throwable)
-    fun onClose()
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt
deleted file mode 100644
index e86a3aba3..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_connection/Idscp2MessageListener.kt
+++ /dev/null
@@ -1,11 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection
-
-/**
- * An interface for an IDSCP message listener
- */
-fun interface Idscp2MessageListener {
-    /*
-     * notify the listener about new data
-     */
-    fun onMessage(connection: Idscp2Connection, data: ByteArray)
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt
deleted file mode 100644
index b361fdc18..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2Server.kt
+++ /dev/null
@@ -1,58 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureServer
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import org.slf4j.LoggerFactory
-import java.util.*
-
-/**
- * An IDSCP2 Server that has the control about the underlying secure server and caches all active
- * connections that belong to the secure server
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Idscp2Server<CC: Idscp2Connection>(private val secureServer: SecureServer): ServerConnectionListener<CC> {
-    private val connections = Collections.synchronizedSet(HashSet<CC>())
-
-    /**
-     * Terminate the IDSCP2 server, the secure server and close all connections
-     */
-    fun terminate() {
-        if (LOG.isInfoEnabled) {
-            LOG.info("Terminating IDSCP2 server {}", this.toString())
-        }
-
-        for (connection in connections) {
-            connection.close()
-            if (LOG.isDebugEnabled) {
-                LOG.debug("Idscp connection with id {} has been closed", connection.id)
-            }
-            connections.remove(connection)
-        }
-        secureServer.safeStop()
-    }
-
-    override fun onConnectionCreated(connection: CC) {
-        connections.add(connection)
-    }
-
-    override fun onConnectionClose(connection: CC) {
-        connections.remove(connection)
-    }
-
-    /**
-     * If the server is running
-     */
-    val isRunning: Boolean
-        get() = secureServer.isRunning
-
-    /**
-     * List of all open IDSCP2 connections of this server
-     */
-    val allConnections: Set<CC>
-        get() = Collections.unmodifiableSet(connections)
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2Server::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
deleted file mode 100644
index c50cedfb7..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/Idscp2ServerFactory.kt
+++ /dev/null
@@ -1,81 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server
-
-import de.fhg.aisec.ids.idscp2.idscp_core.api.Idscp2EndpointListener
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2Exception
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2ConnectionAdapter
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import org.slf4j.LoggerFactory
-import java.util.concurrent.CompletableFuture
-
-/**
- * Idscp2ServerFactory class, provides IDSCP2 API to the User (Idscp2EndpointListener)
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Idscp2ServerFactory<CC: Idscp2Connection, SecureChannelConfiguration>(
-        private val connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
-        private val endpointListener: Idscp2EndpointListener<CC>,
-        private val configuration: Idscp2Configuration,
-        private val secureChannelDriver: SecureChannelDriver<CC, SecureChannelConfiguration>,
-        private val secureChannelConfig: SecureChannelConfiguration
-) : SecureChannelInitListener<CC> {
-
-    /**
-     * User API to create a new IDSCP2 Server that starts a Secure Server that listens to new
-     * secure channels
-     */
-    @Throws(Idscp2Exception::class)
-    fun listen(): Idscp2Server<CC> {
-        if (LOG.isInfoEnabled) {
-            LOG.info("Starting new IDSCP2 server")
-        }
-        val serverListenerPromise = CompletableFuture<ServerConnectionListener<CC>>()
-        val secureServer = secureChannelDriver.listen(this, serverListenerPromise, secureChannelConfig)
-        val server = Idscp2Server<CC>(secureServer)
-        serverListenerPromise.complete(server)
-        return server
-    }
-
-    /**
-     * A callback implementation to receive a new established secure channel from an Secure client/server.
-     *
-     * If the secure channel is null, no secure channel was established and an error is provided
-     * to the user (or the error is ignored, in server case).
-     *
-     * If the secure channel was established, a new FSM is created for this connection and the
-     * IDSCP2 handshake is started. After a successful handshake, a new Idscp2Connection is
-     * created and provided to the user (and the IDSCP2 server).
-     */
-    @Synchronized
-    override fun onSecureChannel(secureChannel: SecureChannel,
-                                 serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("A new secure channel for an IDSCP2 connection was established")
-        }
-        // Threads calling onMessage() will be blocked until all listeners have been registered, see below
-        val newConnection = connectionFactory(secureChannel, configuration)
-        // Complete the connection promise for the IDSCP server
-        serverListenerPromise.thenAccept { serverListener: ServerConnectionListener<CC> ->
-            serverListener.onConnectionCreated(newConnection)
-            newConnection.addConnectionListener(object : Idscp2ConnectionAdapter() {
-                override fun onClose() {
-                    serverListener.onConnectionClose(newConnection)
-                }
-            })
-        }
-        endpointListener.onConnection(newConnection)
-        // Listeners have been applied in onConnection() callback above, so we can safely unlock messaging now
-        newConnection.unlockMessaging()
-    }
-
-    override fun onError(t: Throwable) {
-        endpointListener.onError(t)
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(Idscp2ServerFactory::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/SecureChannelInitListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/SecureChannelInitListener.kt
deleted file mode 100644
index 9c0cb2cc4..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/SecureChannelInitListener.kt
+++ /dev/null
@@ -1,23 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server
-
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import java.util.concurrent.CompletableFuture
-
-/**
- * An callback interface that implements callback functions that notify about new
- * SecureChannels
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface SecureChannelInitListener<CC: Idscp2Connection> {
-    /**
-     * Notify the server about new secureChannel
-     */
-    fun onSecureChannel(
-            secureChannel: SecureChannel,
-            serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>
-    )
-
-    fun onError(t: Throwable)
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/ServerConnectionListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/ServerConnectionListener.kt
deleted file mode 100644
index acd2af1dd..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/api/idscp_server/ServerConnectionListener.kt
+++ /dev/null
@@ -1,14 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server
-
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-
-/**
- * A ServerConnectionListener interface for the Idscp2Server to get notification about
- * Idscp2Connection lifetimes in an isolated way
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface ServerConnectionListener<CC: Idscp2Connection> {
-    fun onConnectionCreated(connection: CC)
-    fun onConnectionClose(connection: CC)
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt
deleted file mode 100644
index 058f51c5c..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/DapsDriver.kt
+++ /dev/null
@@ -1,20 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.drivers
-
-/**
- * An interface for the DAPS driver, which is used to verify and request dynamicAttributeTokens
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface DapsDriver {
-    /*
-     * Receive a token from the DapsDriver
-     */
-    val token: ByteArray
-
-    /*
-     * Verify a Daps token
-     *
-     * Return the number of seconds, the DAT is valid
-     */
-    fun verifyToken(dat: ByteArray): Long
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt
deleted file mode 100644
index 14ac636f5..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatProverDriver.kt
+++ /dev/null
@@ -1,35 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.drivers
-
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
-import org.slf4j.LoggerFactory
-
-/**
- * An abstract RatProverDriver class that creates a rat prover driver thread and proves itself to
- * the peer connector using remote attestation
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-abstract class RatProverDriver<in PC>(protected val fsmListener: RatProverFsmListener) : Thread() {
-    protected var running = true
-
-    /*
-     * Delegate an IDSCP2 message to the RatProver driver
-     */
-    open fun delegate(message: ByteArray) {}
-
-    /*
-     * Terminate and cancel the RatProver driver
-     */
-    fun terminate() {
-        running = false
-        interrupt()
-    }
-
-    open fun setConfig(config: PC) {
-        LOG.warn("Method 'setConfig' for RatProverDriver is not implemented")
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(RatProverDriver::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt
deleted file mode 100644
index b09765a7c..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/RatVerifierDriver.kt
+++ /dev/null
@@ -1,35 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.drivers
-
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
-import org.slf4j.LoggerFactory
-
-/**
- * An abstract RatVerifierDriver class that creates a rat verifier driver thread and verifier the
- * peer connector using remote attestation
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-abstract class RatVerifierDriver<in VC>(protected val fsmListener: RatVerifierFsmListener) : Thread() {
-    protected var running = true
-
-    /*
-     * Delegate the IDSCP2 message to the RatVerifier driver
-     */
-    open fun delegate(message: ByteArray) {}
-
-    /*
-     * Terminate and cancel the RatVerifier driver
-     */
-    fun terminate() {
-        running = false
-        interrupt()
-    }
-
-    open fun setConfig(config: VC) {
-        LOG.warn("Method 'setConfig' for RatVerifierDriver is not implemented")
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(RatVerifierDriver::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
deleted file mode 100644
index 9a68f6f62..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelDriver.kt
+++ /dev/null
@@ -1,34 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.drivers
-
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.Idscp2Configuration
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.SecureChannelInitListener
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_server.ServerConnectionListener
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import java.util.concurrent.CompletableFuture
-
-/**
- * An interface for the IDSCP2 SecureChannelDriver class, that implements a connect() function
- * for IDSCP2 clients and a listen() function for IDSCP2 servers to connect the underlying layer
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface SecureChannelDriver<CC : Idscp2Connection, SecureChannelConfiguration> {
-    /*
-     * Asynchronous method to create a secure connection to a secure server
-     */
-    fun connect(
-        connectionFactory: (SecureChannel, Idscp2Configuration) -> CC,
-        configuration: Idscp2Configuration,
-        secureChannelConfig: SecureChannelConfiguration
-    ): CompletableFuture<CC>
-
-    /*
-     * Starting a secure server
-     */
-    fun listen(
-        channelInitListener: SecureChannelInitListener<CC>,
-        serverListenerPromise: CompletableFuture<ServerConnectionListener<CC>>,
-        secureChannelConfig: SecureChannelConfiguration
-    ): SecureServer
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
deleted file mode 100644
index 35509957f..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureChannelEndpoint.kt
+++ /dev/null
@@ -1,37 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.drivers
-
-/**
- * An interface for a secureChannelEndpoint e.g. TLS Client and TLS Server Thread
- * Used to delegate functions and messages between secure channel and its endpoints
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface SecureChannelEndpoint {
-
-    /**
-     * API to close the secure channel endpoint
-     */
-    fun close()
-
-    /**
-     * Send data from the secure channel endpoint to the peer connector
-     *
-     * ATTENTION: The developer must ensure not to trigger the FSM by another event from the thread
-     * that actually executes the SecureChannelEndpoint.send(bytes) method, but must simply return
-     * true or false, regarding the success of this method. The issue which occurs by using the thread
-     * of the send() method is that the FSM is blocked within a transition until send() returns
-     * and the the following state of the FSM depends on the return value. When this thread would trigger
-     * the FSM again within the current transition then first the new transition would be executed
-     * but than it would be overwritten by the current one. To avoid this case of misuse, the FSM
-     * will throw a Runtime Exception to let the driver developer know, that this is not a good idea.
-     * For more information, see the checkForFsmCycles() method within the FSM
-     *
-     * return true when data has been sent, else false
-     */
-    fun send(bytes: ByteArray): Boolean
-
-    /**
-     * check if the endpoint is connected
-     */
-    val isConnected: Boolean
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureServer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureServer.kt
deleted file mode 100644
index bf31db705..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/drivers/SecureServer.kt
+++ /dev/null
@@ -1,18 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.drivers
-
-/**
- * An interface for the IDSCP2 Secure Server which is used by the Idscp2Server
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface SecureServer {
-    /*
-     * Terminate the secure server
-     */
-    fun safeStop()
-
-    /*
-     * Check if the secure server is running
-     */
-    val isRunning: Boolean
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt
deleted file mode 100644
index a1e1eca3f..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/DatException.kt
+++ /dev/null
@@ -1,6 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.error
-
-class DatException : RuntimeException {
-    constructor(s: String?) : super(s)
-    constructor(s: String?, e: Exception?) : super(s, e)
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt
deleted file mode 100644
index 92c41dfa6..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2Exception.kt
+++ /dev/null
@@ -1,11 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.error
-
-/**
- * IDSCP2 Exception
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Idscp2Exception : RuntimeException {
-    constructor(message: String?) : super(message)
-    constructor(message: String?, cause: Throwable?) : super(message, cause)
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt
deleted file mode 100644
index aa18130f0..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2HandshakeException.kt
+++ /dev/null
@@ -1,10 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.error
-
-/**
- * IDSCP2 Exception
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Idscp2HandshakeException : RuntimeException {
-    constructor(message: String?) : super(message)
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt
deleted file mode 100644
index 35ec76ff6..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2TimeoutException.kt
+++ /dev/null
@@ -1,8 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.error
-
-/**
- * IDSCP2 Exception
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Idscp2TimeoutException(message: String?) : RuntimeException(message)
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt
deleted file mode 100644
index 070b26c2e..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/error/Idscp2WouldBlockException.kt
+++ /dev/null
@@ -1,8 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.error
-
-/**
- * IDSCP2 Exception
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Idscp2WouldBlockException(message: String?) : RuntimeException(message)
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt
deleted file mode 100644
index 9485e76b4..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/AlternatingBit.kt
+++ /dev/null
@@ -1,38 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-/**
- * Implementation of an alternating bit protocol for reliability
- * see (https://en.wikipedia.org/wiki/Alternating_bit_protocol)
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-
-class AlternatingBit(value: Boolean = false) {
-    enum class Bit {
-        ZERO, ONE
-    }
-
-    private var bit: Bit
-
-    init {
-        if (value) {
-            this.bit = Bit.ONE
-        } else {
-            this.bit = Bit.ZERO
-        }
-    }
-
-
-    fun alternate() {
-        bit = if (bit == Bit.ZERO) {
-            Bit.ONE
-        } else {
-            Bit.ZERO
-        }
-    }
-
-    fun asBoolean(): Boolean {
-        return this.bit != Bit.ZERO
-    }
-
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt
deleted file mode 100644
index 27972c232..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/DynamicTimer.kt
+++ /dev/null
@@ -1,38 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import java.util.concurrent.locks.ReentrantLock
-
-/**
- * A DynamicTimer class that provides an API to the FSM to start and cancel timeout threads
- * without a fixed timeout delay (in ms)
- * The timer ensures that no canceled timer is able to trigger a timeout transitions
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class DynamicTimer internal constructor(private val fsmIsBusy: ReentrantLock, private val timeoutHandler: Runnable) {
-    private var thread: TimerThread? = null
-    private val mutex = ReentrantLock(true)
-    fun resetTimeout(delay: Long) {
-        cancelTimeout()
-        start(delay)
-    }
-
-    /*
-     * Start a timer thread that triggers the timeout handler routine after a given timout delay
-     */
-    fun start(delay: Long) {
-        mutex.lock()
-        thread = TimerThread(delay, timeoutHandler, fsmIsBusy).also { it.start() }
-        mutex.unlock()
-    }
-
-    /*
-     * Cancel the current timer thread
-     */
-    fun cancelTimeout() {
-        mutex.lock()
-        thread?.safeStop()
-        thread = null
-        mutex.unlock()
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
deleted file mode 100644
index 12903e8d3..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Event.kt
+++ /dev/null
@@ -1,67 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
-
-/**
- * An Event class for the Finite State Machine. Triggers a transition and holds
- * either an IdscpMessage or an InternalControlMessage, or both in special cases.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Event {
-    enum class EventType {
-        IDSCP_MESSAGE, INTERNAL_CONTROL_MESSAGE
-    }
-
-    val key: Any?
-    val type: EventType
-    lateinit var idscpMessage: IdscpMessage
-        private set
-    private lateinit var controlMessage: InternalControlMessage
-
-    /**
-     * Create an event with an Internal Control Message
-     */
-    constructor(controlMessage: InternalControlMessage) {
-        key = controlMessage.value
-        type = EventType.INTERNAL_CONTROL_MESSAGE
-        this.controlMessage = controlMessage
-    }
-
-    /**
-     * Create an event with an Idscpv2 Message
-     */
-    constructor(idscpMessage: IdscpMessage) {
-        key = idscpMessage.messageCase.number
-        type = EventType.IDSCP_MESSAGE
-        this.idscpMessage = idscpMessage
-    }
-
-    /**
-     * Create an event for outgoing RatProver, RatVerifier, IdscpData messages
-     *
-     * throws an IllegalStateException if this event is requested for other purposes
-     */
-    constructor(controlMessage: InternalControlMessage, idscpMessage: IdscpMessage) {
-        if (controlMessage == InternalControlMessage.RAT_PROVER_MSG
-                || controlMessage == InternalControlMessage.RAT_VERIFIER_MSG
-                || controlMessage == InternalControlMessage.SEND_DATA) {
-            key = controlMessage.value
-            type = EventType.INTERNAL_CONTROL_MESSAGE
-            this.idscpMessage = idscpMessage
-            this.controlMessage = controlMessage
-        } else {
-            throw IllegalStateException("This constructor must only be used by RAT_PROVER, " +
-                    "RAT_VERIFIER for message passing and for SEND_DATA, encountered $controlMessage")
-        }
-    }
-
-    override fun toString(): String {
-        return "Event{" +
-                "key=" + key +
-                ", type=" + type +
-                ", idscpMessage=" + if(::idscpMessage.isInitialized) idscpMessage else null +
-                ", controlMessage=" + if(::controlMessage.isInitialized) controlMessage else null +
-                '}'
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
deleted file mode 100644
index 49e1dcdd5..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/FSM.kt
+++ /dev/null
@@ -1,857 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import com.google.protobuf.InvalidProtocolBufferException
-import de.fhg.aisec.ids.idscp2.idscp_core.FastLatch
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.api.idscp_connection.Idscp2Connection
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.error.Idscp2HandshakeException
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.ScFsmListener
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatProverDriverRegistry
-import de.fhg.aisec.ids.idscp2.idscp_core.rat_registry.RatVerifierDriverRegistry
-import de.fhg.aisec.ids.idscp2.idscp_core.secure_channel.SecureChannel
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.*
-import kotlinx.coroutines.GlobalScope
-import kotlinx.coroutines.launch
-import org.slf4j.LoggerFactory
-import java.nio.charset.StandardCharsets
-import java.util.*
-import java.util.concurrent.locks.ReentrantLock
-import kotlin.NoSuchElementException
-import kotlin.collections.ArrayList
-
-/**
- * The finite state machine FSM of the IDSCP2 protocol
- *
- *
- * Manages IDSCP2 Handshake, Re-Attestation, DAT-ReRequest and DAT-Re-Validation. Delivers
- * Internal Control Messages and Idscpv2Messages to the target receivers,
- * creates and manages the states and its transitions and implements security restriction to protect
- * the protocol against misuse and faulty, insecure or evil driver implementations.
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class FSM(connection: Idscp2Connection, secureChannel: SecureChannel,
-    /**
-     * Daps Driver instance
-     */
-          private val dapsDriver: DapsDriver,
-          attestationConfig: AttestationConfig, ackTimeoutDelay: Long, handshakeTimeoutDelay: Long)
-    : RatProverFsmListener, RatVerifierFsmListener, ScFsmListener {
-    /*  -----------   IDSCP2 Protocol States   ---------- */
-    private val states = HashMap<FsmState, State>()
-
-    enum class FsmState {
-        STATE_CLOSED,
-        STATE_WAIT_FOR_HELLO,
-        STATE_WAIT_FOR_RAT,
-        STATE_WAIT_FOR_RAT_VERIFIER,
-        STATE_WAIT_FOR_RAT_PROVER,
-        STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER,
-        STATE_WAIT_FOR_DAT_AND_RAT,
-        STATE_ESTABLISHED,
-        STATE_WAIT_FOR_ACK
-    }
-
-    /* FSM transition result */
-    enum class FsmResultCode (val value: String) {
-        UNKNOWN_TRANSITION("No transition available for given event in current state."),
-        FSM_LOCKED("FSM is locked forever."),
-        FSM_NOT_STARTED("Handshake was never started."),
-        MISSING_DAT("DAT is missing."),
-        INVALID_DAT("DAT is invalid."),
-        IO_ERROR("Secure channel not available."),
-        RAT_ERROR("RAT error occurred."),
-        RAT_NEGOTIATION_ERROR("Error during negotiation of RAT mechanisms."),
-        WOULD_BLOCK("Operation would block until FSM is in state 'ESTABLISHED'"),
-        NOT_CONNECTED("Protocol is not in a connected state at the moment."),
-        IDSCP_DATA_NOT_CACHED("IdscpData must be buffered in the 'WAIT_FOR_ACK' state."),
-        OK("Action succeed.")
-    }
-
-    // return type for function, hold the return code and the next state of the transition
-    data class FsmResult(val code: FsmResultCode, val nextState: State)
-
-    private var currentState: State
-
-    /*  ----------------   end of states   --------------- */
-    private val connection: Idscp2Connection
-    private val secureChannel: SecureChannel
-    var ratProverDriver: RatProverDriver<*>? = null
-        private set
-    var ratVerifierDriver: RatVerifierDriver<*>? = null
-        private set
-
-    /**
-     * RAT Driver Thread ID to identify the driver threads and check if messages are provided by
-     * the current active driver or by any old driver, whose lifetime is already over
-     *
-     * Only one driver can be valid at a time
-     */
-    private var currentRatProverId //avoid messages from old prover drivers
-            : String? = null
-    private var currentRatVerifierId //avoid messages from old verifier drivers
-            : String? = null
-
-    /**
-     * RAT Mechanisms, calculated during handshake in WAIT_FOR_HELLO_STATE
-     */
-    private lateinit var proverMechanism: String //RAT prover mechanism
-    private lateinit var verifierMechanism: String //RAT Verifier mechanism
-
-    /**
-     * A FIFO-fair synchronization lock for the finite state machine
-     */
-    private val fsmIsBusy = ReentrantLock(true)
-
-    /**
-     * A condition to ensure no idscp messages can be provided by the secure channel to the fsm
-     * before the handshake was started
-     */
-    private val onMessageBlock = fsmIsBusy.newCondition()
-
-    /**
-     * A condition for the idscpv2 handshake to wait until the handshake was successful and the
-     * connection is established or the handshake failed and the fsm is locked forever
-     */
-    private val idscpHandshakeLock = fsmIsBusy.newCondition()
-    private var handshakeResultAvailable = false
-    private val idscpHandshakeCompletedLatch = FastLatch()
-
-    /**
-     * Check if FSM is closed forever
-     */
-    private var isLocked = false
-
-    /**
-     * Check if AckFlag is set
-     */
-    var ackFlag = false
-        set(value) {
-            field = value
-            if (!value) {
-                this.bufferedIdscpData = null
-            }
-        }
-    private var bufferedIdscpData: IdscpMessage? = null
-
-    /**
-     * Alternating Bit
-     */
-    private var expectedAlternatingBit = AlternatingBit()
-    private var nextSendAlternatingBit = AlternatingBit()
-
-    /* ---------------------- Timers ---------------------- */
-    private val datTimer: DynamicTimer
-    private val ratTimer: StaticTimer
-    private val handshakeTimer: StaticTimer
-    private val proverHandshakeTimer: StaticTimer
-    private val verifierHandshakeTimer: StaticTimer
-    private val ackTimer: StaticTimer
-
-    private fun checkForFsmCycles() {
-        // check if current thread holds already the fsm lock, then we have a circle
-        // this runs into an issue: onControlMessage must be called only from other threads!
-        // if the current thread currently stuck within a fsm transition it will trigger another
-        // transition on the old state and undefined behaviour occurred
-        //
-        // The IDSCP2 core and default driver will not run into this issue. It's a protection for
-        // avoiding incorrect usage of the IDSCP2 library from further driver implementations
-        //
-        // Example:
-        // Thread A stuck within a transition t1 that calls a function that calls
-        // onControlMessage(InternalError). Then the error is handled in the current
-        // state and the fsm will switch into state STATE_CLOSED and close all resources.
-        //
-        // Afterwards, the thread will continue the old transition t1 that might use some of the
-        // closed resources and switch in a non-closed STATE, e.g. STATE_ESTABLISHED.
-        // So our fsm would be broken and the behaviour is undefined and could leak security
-        // vulnerabilities
-        //
-        if (fsmIsBusy.isHeldByCurrentThread) {
-            val e = RuntimeException("The current thread holds the fsm lock already. "
-                    + "A circle might occur that could lead to undefined behaviour within the fsm")
-            // Log exception before throwing, since some threads swallow the exception without any notification
-            LOG.error(e.message, e)
-            throw e
-        }
-    }
-
-    /**
-     * Get a new IDSCP2 Message from the secure channel and provide it as an event to the fsm
-     *
-     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
-     * driver implementations
-     */
-    override fun onMessage(data: ByteArray) {
-
-        //check for incorrect usage
-        checkForFsmCycles()
-
-        //parse message and create new IDSCP Message event, then pass it to current state and
-        // update new state
-        val message: IdscpMessage = try {
-            IdscpMessage.parseFrom(data)
-        } catch (e: InvalidProtocolBufferException) {
-            LOG.warn("Cannot parse raw data into IdscpMessage {}", data)
-            return
-        }
-        val event = Event(message)
-        //must wait when fsm is in state STATE_CLOSED --> wait() will be notified when fsm is
-        // leaving STATE_CLOSED
-        fsmIsBusy.lock()
-        try {
-            while (currentState == states[FsmState.STATE_CLOSED]) {
-                if (isLocked) {
-                    return
-                }
-                try {
-                    onMessageBlock.await() // while waiting the fsmIsBusy lock is free for other threads
-                } catch (e: InterruptedException) {
-                    Thread.currentThread().interrupt()
-                }
-            }
-            feedEvent(event)
-        } finally {
-            fsmIsBusy.unlock()
-        }
-    }
-
-    /**
-     * An internal control message (ICM) occurred, provide it to the fsm as an event
-     */
-    private fun onControlMessage(controlMessage: InternalControlMessage) {
-        //create Internal Control Message Event and pass it to current state and update new state
-        val e = Event(controlMessage)
-        fsmIsBusy.lock()
-        try {
-            feedEvent(e)
-        } finally {
-            fsmIsBusy.unlock()
-        }
-    }
-
-    override fun onRatProverMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray) {
-        processRatProverEvent(Event(controlMessage, Idscp2MessageHelper.createIdscpRatProverMessage(ratMessage)))
-    }
-
-    override fun onRatProverMessage(controlMessage: InternalControlMessage) {
-        processRatProverEvent(Event(controlMessage))
-    }
-
-
-
-    /**
-     * API for RatProver to provide Prover Messages to the fsm
-     *
-     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
-     * driver implementations
-     *
-     * Afterwards the fsm lock is requested
-     *
-     * When the RatProverThread does not match the active prover tread id, the event will be
-     * ignored, else the event is provided to the fsm
-     */
-    private fun processRatProverEvent(e: Event) {
-        //check for incorrect usage
-        checkForFsmCycles()
-
-        fsmIsBusy.lock()
-        try {
-            if (Thread.currentThread().id.toString() == currentRatProverId) {
-                feedEvent(e)
-            } else {
-                LOG.warn("An old or unknown Thread (${Thread.currentThread().id}) calls onRatProverMessage()")
-            }
-        } finally {
-            fsmIsBusy.unlock()
-        }
-    }
-
-    override fun onRatVerifierMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray) {
-        processRatVerifierEvent(Event(controlMessage, Idscp2MessageHelper.createIdscpRatVerifierMessage(ratMessage)))
-    }
-
-    override fun onRatVerifierMessage(controlMessage: InternalControlMessage) {
-        processRatVerifierEvent(Event(controlMessage))
-    }
-
-    /**
-     * API for RatVerifier to provide Verifier Messages to the fsm
-     *
-     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
-     * driver implementations
-     *
-     * Afterwards the fsm lock is requested
-     *
-     * When the RatVerifierDriver does not match the active verifier thread id, the event will be
-     * ignored, else the event is provided to the fsm
-     */
-    private fun processRatVerifierEvent(e: Event) {
-        //check for incorrect usage
-        checkForFsmCycles()
-
-        fsmIsBusy.lock()
-        try {
-            if (Thread.currentThread().id.toString() == currentRatVerifierId) {
-                feedEvent(e)
-            } else {
-                LOG.warn("An old or unknown Thread (${Thread.currentThread().id}) calls onRatVerifierMessage()")
-            }
-        } finally {
-            fsmIsBusy.unlock()
-        }
-    }
-
-    private fun onUpperEvent(event: Event) : FsmResultCode {
-        // check for incorrect usage
-        checkForFsmCycles()
-        fsmIsBusy.lock()
-        try {
-            return feedEvent(event)
-        } finally {
-            fsmIsBusy.unlock()
-        }
-    }
-
-    /**
-     * Feed the event to the current state and execute the runEntry method if the state has changed
-     *
-     * @return FsmResultCode, the result of the success of the triggered transition
-     */
-    private fun feedEvent(event: Event) : FsmResultCode {
-        val prevState = currentState
-        val result = currentState.feedEvent(event)
-        currentState = result.nextState
-        if (prevState != currentState) {
-            currentState.runEntryCode(this)
-        }
-        return result.code
-    }
-
-    /**
-     * API to terminate the idscp connection by the user
-     *
-     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
-     * driver implementations
-     */
-    fun closeConnection() : FsmResultCode {
-        //check for incorrect usage
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Sending stop message to connection peer...")
-        }
-        return onUpperEvent(Event(InternalControlMessage.IDSCP_STOP))
-    }
-
-    /**
-     * API for the user to start the IDSCP2 handshake
-     *
-     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
-     * driver implementations
-     */
-    @Throws(Idscp2HandshakeException::class)
-    fun startIdscpHandshake() {
-        //check for incorrect usage
-        checkForFsmCycles()
-        fsmIsBusy.lock()
-        try {
-            if (currentState == states[FsmState.STATE_CLOSED]) {
-                if (isLocked) {
-                    throw Idscp2HandshakeException("FSM is in a final closed state forever")
-                }
-
-                // trigger handshake init
-                onControlMessage(InternalControlMessage.START_IDSCP_HANDSHAKE)
-
-                // wait until handshake was successful or failed
-                while (!handshakeResultAvailable) {
-                    idscpHandshakeLock.await()
-                }
-
-                // check if not  connected and locked forever, then the handshake has failed
-                if (!isConnected && isLocked) {
-                    //handshake failed, throw exception
-                    throw Idscp2HandshakeException("Handshake failed")
-                }
-            } else {
-                throw Idscp2HandshakeException("Handshake has already been started")
-            }
-        } catch (e: InterruptedException) {
-            throw Idscp2HandshakeException("Handshake failed because thread was interrupted")
-        } finally {
-            fsmIsBusy.unlock()
-        }
-    }
-
-    /**
-     * Send idscp data from the fsm via the secure channel to the peer
-     */
-    fun sendFromFSM(msg: IdscpMessage): Boolean {
-        //send messages from fsm
-        return try {
-            secureChannel.send(msg.toByteArray())
-        } catch (e: Exception) {
-            // catch secure channel exception within an FSM transition to avoid transition cancellation
-            LOG.error("Exception occurred during sending data via the secure channel: {}", e)
-            false
-        }
-    }
-
-    /**
-     * Provide an Internal Control Message to the FSM
-     *
-     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
-     * driver implementations
-     */
-    override fun onError(t: Throwable) {
-        // Broadcast the error to the respective listeners
-
-        // run in async fire-and-forget coroutine to avoid cycles cause by protocol misuse
-        GlobalScope.launch {
-            connection.onError(t)
-        }
-
-        // Check for incorrect usage
-        checkForFsmCycles()
-        onControlMessage(InternalControlMessage.ERROR)
-    }
-
-    /**
-     * Provide an Internal Control Message to the FSM, caused by a secure channel closure
-     *
-     * The checkForFsmCycles method first checks for risky thread cycles that occur by incorrect
-     * driver implementations
-     */
-    override fun onClose() {
-        onUpperEvent(Event(InternalControlMessage.IDSCP_STOP))
-    }
-
-    /**
-     * Send idscp message from the User via the secure channel
-     */
-    fun send(msg: ByteArray?) : FsmResultCode {
-        //Send messages from user only when idscp connection is established
-        idscpHandshakeCompletedLatch.await()
-        val idscpMessage = Idscp2MessageHelper.createIdscpDataMessage(msg)
-        return onUpperEvent(Event(InternalControlMessage.SEND_DATA, idscpMessage))
-    }
-
-    /**
-     * Repeat RAT Verification if remote peer, triggered by User
-     */
-    fun repeatRat() : FsmResultCode {
-        //repeat rat only when idscp connection is established
-        idscpHandshakeCompletedLatch.await()
-        return onUpperEvent(Event(InternalControlMessage.REPEAT_RAT))
-    }
-
-    /**
-     * Get Dat
-     */
-    val getDynamicAttributeToken: ByteArray
-        get() {
-            return try {
-                dapsDriver.token
-            } catch (e: Exception) {
-                LOG.error("Exception occurred during requesting DAT from DAPS: {}", e)
-                "INVALID_DAT".toByteArray(StandardCharsets.UTF_8)
-            }
-        }
-
-    /**
-     * Check if FSM is in STATE ESTABLISHED
-     */
-    val isConnected: Boolean
-        get() = currentState == states[FsmState.STATE_ESTABLISHED] ||
-                currentState == states[FsmState.STATE_WAIT_FOR_ACK]
-
-    /**
-     * Notify handshake lock about result
-     */
-    fun notifyHandshakeCompleteLock() {
-        fsmIsBusy.lock()
-        try {
-            handshakeResultAvailable = true
-            idscpHandshakeLock.signal()
-            idscpHandshakeCompletedLatch.unlock()
-        } finally {
-            fsmIsBusy.unlock()
-        }
-    }
-
-    /**
-     * Calculate the RatProver mechanism
-     *
-     * The remote peer decides about its verifier mechanism, so we have to prefer remoteExpected list
-     *
-     * @return The String of the cipher or null if no match was found
-     */
-    fun getRatProverMechanism(localSupportedProver: Array<String>, remoteExpectedVerifier: Array<String>): String? {
-        if (localSupportedProver.isEmpty()) {
-            LOG.warn("Got empty RAT localSupportedProver suite")
-            return null
-        }
-
-        if (remoteExpectedVerifier.isEmpty()) {
-            LOG.warn("Got empty RAT remoteExpectedVerifier suite")
-            return null
-        }
-
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Calculate RAT prover mechanism for given local provers: {} " +
-                    "and remote verifiers: {}", localSupportedProver.contentToString(),
-                    remoteExpectedVerifier.contentToString())
-        }
-
-        return matchRatMechanisms(remoteExpectedVerifier, localSupportedProver)
-    }
-
-    /**
-     * Calculate the RatVerifier mechanism
-     *
-     * We have to decide our verifier mechanism, so we have to prefer localExpected list
-     *
-     * @return The String of the cipher or null if no match was found
-     */
-    fun getRatVerifierMechanism(localExpectedVerifier: Array<String>, remoteSupportedProver: Array<String>): String? {
-        if (localExpectedVerifier.isEmpty()) {
-            LOG.warn("Got empty RAT localExpectedVerifier suite")
-            return null
-        }
-
-        if (remoteSupportedProver.isEmpty()) {
-            LOG.warn("Got empty RAT remoteSupportedProver suite")
-            return null
-        }
-
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Calculate RAT verifier mechanism for given local verifiers: {} " +
-                    "and remote provers: {}", localExpectedVerifier.contentToString(),
-                    remoteSupportedProver.contentToString())
-        }
-
-        return matchRatMechanisms(localExpectedVerifier, remoteSupportedProver)
-    }
-
-    fun matchRatMechanisms(primary: Array<String>, secondary: Array<String>): String? {
-        for (p in primary) {
-            for (s in secondary) {
-                if (p == s) {
-                    if (LOG.isDebugEnabled) {
-                        LOG.debug("RAT mechanism is {}", p)
-                    }
-                    return p
-                }
-            }
-        }
-        // no match
-        return null
-    }
-
-    /**
-     * Stop current RatVerifier if active and start the RatVerifier from the
-     * RatVerifierDriver Registry that matches the verifier mechanism
-     *
-     * @return false if no match was found
-     */
-    fun restartRatVerifierDriver(): Boolean {
-        //assume verifier mechanism is set
-        stopRatVerifierDriver()
-        ratVerifierDriver = RatVerifierDriverRegistry.startRatVerifierDriver(verifierMechanism, this)
-        return ratVerifierDriver?.let {
-            //safe the thread ID
-            currentRatVerifierId = it.id.toString()
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Start verifier_handshake timeout")
-            }
-            verifierHandshakeTimer.resetTimeout()
-            true
-        } ?: run {
-            LOG.error("Cannot create instance of RAT_VERIFIER_DRIVER")
-            currentRatVerifierId = ""
-            false
-        }
-    }
-
-    /**
-     * Terminate the RatVerifierDriver
-     */
-    fun stopRatVerifierDriver() {
-        verifierHandshakeTimer.cancelTimeout()
-        ratVerifierDriver?.let {
-            if (it.isAlive) {
-                it.interrupt()
-
-                // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                GlobalScope.launch {
-                    it.terminate()
-                }
-            }
-        }
-    }
-
-    /**
-     * Stop current RatProver if active and start the RatProver from the
-     * RatProverDriver Registry that matches the prover mechanism
-     *
-     * @return false if no match was found
-     */
-    fun restartRatProverDriver(): Boolean {
-        //assume prover mechanism is set
-        stopRatProverDriver()
-        ratProverDriver = RatProverDriverRegistry.startRatProverDriver(proverMechanism, this)
-        return ratProverDriver?.let {
-            // Save the thread ID
-            currentRatProverId = it.id.toString()
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Start prover_handshake timeout")
-            }
-            proverHandshakeTimer.resetTimeout()
-            true
-        } ?: run {
-            LOG.error("Cannot create instance of RAT_PROVER_DRIVER")
-            currentRatProverId = ""
-            false
-        }
-    }
-
-    /**
-     * Terminate the RatProverDriver
-     */
-    private fun stopRatProverDriver() {
-        proverHandshakeTimer.cancelTimeout()
-        ratProverDriver?.let {
-            if (it.isAlive) {
-                it.interrupt()
-
-                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                GlobalScope.launch {
-                    it.terminate()
-                }
-            }
-        }
-    }
-
-    /**
-     * Lock the fsm forever, terminate the timers and drivers, close the secure channel
-     * and notify handshake lock if necessary
-     */
-    fun shutdownFsm() {
-
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Shutting down FSM of connection {}...", connection.id)
-            LOG.trace("Running close handlers of connection {}...", connection.id)
-        }
-
-        // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-        GlobalScope.launch {
-            connection.onClose()
-        }
-
-        // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-        GlobalScope.launch {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Closing secure channel of connection {}...", connection.id)
-            }
-            secureChannel.close()
-        }
-
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Clearing timeouts...")
-        }
-        datTimer.cancelTimeout()
-        ratTimer.cancelTimeout()
-        handshakeTimer.cancelTimeout()
-        ackTimer.cancelTimeout()
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Stopping RAT components...")
-        }
-        // Cancels proverHandshakeTimer
-        stopRatProverDriver()
-        // Cancels verifierHandshakeTimer
-        stopRatVerifierDriver()
-
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Mark FSM as terminated...")
-        }
-        isLocked = true
-
-        // Notify upper layer via handshake or closeListener
-        if (!handshakeResultAvailable) {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Notify handshake lock...")
-            }
-            notifyHandshakeCompleteLock()
-        }
-    }
-
-    /**
-     * Provide IDSCP2 message to the message listener
-     */
-    private fun notifyIdscpMsgListener(data: ByteArray) {
-        // run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-        GlobalScope.launch {
-            connection.onMessage(data)
-
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Idscp data has been passed to connection listener")
-            }
-        }
-    }
-
-    val isFsmLocked: Boolean
-        get() = isLocked
-
-    fun getState(state: FsmState): State {
-        return states[state] ?: throw NoSuchElementException("State unknown")
-    }
-
-    val isNotClosed: Boolean
-        get() = currentState == getState(FsmState.STATE_CLOSED)
-
-    fun setRatMechanisms(proverMechanism: String, verifierMechanism: String) {
-        this.proverMechanism = proverMechanism
-        this.verifierMechanism = verifierMechanism
-    }
-
-    val getBufferedIdscpMessage: IdscpMessage?
-        get() = bufferedIdscpData
-
-    /**
-     * Handle IdscpAck
-     * @return true if everything if ack flag was cleared correctly, else false
-     */
-    fun recvAck(ack: IdscpAck): Boolean {
-        if (ackFlag) {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IdscpAck with alternating bit {}, cancel flag in fsm", ack.alternatingBit)
-            }
-            if (nextSendAlternatingBit.asBoolean() != ack.alternatingBit) {
-                if (LOG.isTraceEnabled) {
-                    LOG.trace("Received IdscpAck with wrong alternating bit. Ignoring")
-                }
-            } else {
-                ackFlag = false
-                ackTimer.cancelTimeout()
-                if (LOG.isTraceEnabled) {
-                    LOG.trace("Alternate nextSend bit from {}", nextSendAlternatingBit.asBoolean())
-                }
-                nextSendAlternatingBit.alternate()
-                return true
-            }
-        } else {
-            LOG.warn("Received unexpected IdscpAck")
-        }
-        return false
-    }
-
-    fun recvData(data: IdscpData) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Received IdscpData with alternating bit {}", data.alternatingBit)
-        }
-
-        if (data.alternatingBit != expectedAlternatingBit.asBoolean()) {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IdscpData with unexpected alternating bit. Could be an old packet replayed. Ignore it.")
-            }
-        } else {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IdscpAck with received alternating bit {}", data.alternatingBit)
-            }
-            if (!sendFromFSM(Idscp2MessageHelper.createIdscpAckMessage(data.alternatingBit))) {
-                LOG.error("Cannot send ACK")
-            }
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Alternate expected bit from {}", expectedAlternatingBit.asBoolean())
-            }
-            expectedAlternatingBit.alternate()
-
-            // forward payload data to upper layer
-            notifyIdscpMsgListener(data.data.toByteArray())
-        }
-    }
-
-    fun setBufferedIdscpData(msg: IdscpMessage) {
-        this.bufferedIdscpData = msg
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(FSM::class.java)
-    }
-
-    init {
-        val handshakeTimeoutHandler = Runnable {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("HANDSHAKE_TIMER_EXPIRED")
-            }
-            onControlMessage(InternalControlMessage.TIMEOUT)
-        }
-        val datTimeoutHandler = Runnable {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("DAT_TIMER_EXPIRED")
-            }
-            onControlMessage(InternalControlMessage.DAT_TIMER_EXPIRED)
-        }
-        val ratTimeoutHandler = Runnable {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("RAT_TIMER_EXPIRED")
-            }
-            onControlMessage(InternalControlMessage.REPEAT_RAT)
-        }
-        val proverTimeoutHandler = Runnable {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("RAT_PROVER_HANDSHAKE_TIMER_EXPIRED")
-            }
-            onControlMessage(InternalControlMessage.TIMEOUT)
-        }
-        val verifierTimeoutHandler = Runnable {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("RAT_VERIFIER_HANDSHAKE_TIMER_EXPIRED")
-            }
-            onControlMessage(InternalControlMessage.TIMEOUT)
-        }
-        val ackTimeoutHandler = Runnable {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("ACK_TIMER_EXPIRED")
-            }
-            onControlMessage(InternalControlMessage.ACK_TIMER_EXPIRED)
-        }
-
-        datTimer = DynamicTimer(fsmIsBusy, datTimeoutHandler)
-        handshakeTimer = StaticTimer(fsmIsBusy, handshakeTimeoutHandler, handshakeTimeoutDelay)
-        proverHandshakeTimer = StaticTimer(fsmIsBusy, proverTimeoutHandler, handshakeTimeoutDelay)
-        verifierHandshakeTimer = StaticTimer(fsmIsBusy, verifierTimeoutHandler, handshakeTimeoutDelay)
-        ratTimer = StaticTimer(fsmIsBusy, ratTimeoutHandler, attestationConfig.ratTimeoutDelay)
-        ackTimer = StaticTimer(fsmIsBusy, ackTimeoutHandler, ackTimeoutDelay)
-
-        /* ------------- FSM STATE Initialization -------------*/
-        states[FsmState.STATE_CLOSED] = StateClosed(
-                this, onMessageBlock, attestationConfig)
-        states[FsmState.STATE_WAIT_FOR_HELLO] = StateWaitForHello(
-                this, handshakeTimer, datTimer, dapsDriver, attestationConfig)
-        states[FsmState.STATE_WAIT_FOR_RAT] = StateWaitForRat(
-                this, handshakeTimer, verifierHandshakeTimer, proverHandshakeTimer, ratTimer)
-        states[FsmState.STATE_WAIT_FOR_RAT_PROVER] = StateWaitForRatProver(
-                this, ratTimer, handshakeTimer, proverHandshakeTimer, ackTimer)
-        states[FsmState.STATE_WAIT_FOR_RAT_VERIFIER] = StateWaitForRatVerifier(
-                this, ratTimer, handshakeTimer, verifierHandshakeTimer, ackTimer)
-        states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT] = StateWaitForDatAndRat(
-                this, handshakeTimer, proverHandshakeTimer, datTimer, dapsDriver)
-        states[FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER] = StateWaitForDatAndRatVerifier(
-                this, handshakeTimer, datTimer, dapsDriver)
-        states[FsmState.STATE_ESTABLISHED] = StateEstablished(
-                this, ratTimer, handshakeTimer, ackTimer, nextSendAlternatingBit)
-        states[FsmState.STATE_WAIT_FOR_ACK] = StateWaitForAck(
-                this, ratTimer, handshakeTimer, ackTimer)
-
-        // Set initial state
-        currentState = states[FsmState.STATE_CLOSED] ?: throw NoSuchElementException("State unknown")
-        this.connection = connection
-        this.secureChannel = secureChannel
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
deleted file mode 100644
index 3d88dec60..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/InternalControlMessage.kt
+++ /dev/null
@@ -1,26 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-/**
- * An enum that wraps the internal control messages of the IDSCP2 protocol to trigger transitions
- * by non-IDSCP2-message-events
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-enum class InternalControlMessage(
-        val value: String) {
-    // Using unique values that are different from IdscpMessage.MessageCase to identify event.key
-    START_IDSCP_HANDSHAKE("ICM_START"),
-    IDSCP_STOP("ICM_STOP"),
-    DAT_TIMER_EXPIRED("ICM_DAT_TIMER_EXPIRED"),
-    REPEAT_RAT("ICM_REPEAT_RAT"),
-    SEND_DATA("ICM_SEND_DATA"),
-    RAT_VERIFIER_OK("ICM_RAT_V_OK"),
-    RAT_VERIFIER_FAILED("ICM_RAT_V_FAILED"),
-    RAT_PROVER_OK("ICM_RAT_P_OK"),
-    RAT_PROVER_FAILED("ICM_RAT_P_FAILED"),
-    RAT_PROVER_MSG("ICM_RAT_PROVER_MSG"),
-    RAT_VERIFIER_MSG("ICM_RAT_VERIFIER_MSG"),
-    ERROR("ICM_ERROR"),
-    TIMEOUT("ICM_TIMEOUT"),
-    ACK_TIMER_EXPIRED("ICM_ACK_TIMER_EXPIRED");
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt
deleted file mode 100644
index 2c00dd89c..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/State.kt
+++ /dev/null
@@ -1,48 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import java.util.concurrent.ConcurrentHashMap
-import java.util.function.Function
-
-/**
- * A State class for the Finite State Machine.
- * A state holds all outgoing transitions and a noTransitionHandler for events, that do not trigger
- * any outgoing available transition. Transitions are mapped with the event key.
- *
- * @author Leon Beckmann leon.beckmann@aisec.fraunhofer.de
- */
-open class State {
-    private val transitions = ConcurrentHashMap<Any, Transition>()
-    private lateinit var noTransitionHandler: Function<Event, FSM.FsmResult>
-
-    /*
-     * A method for triggering a transition of the current state by a given event
-     *
-     * If no transition exists for the given event, the noTransitionHandler is triggered
-     *
-     * Returns a FSM result that contains the target state of the triggered transition (new current state of the fsm),
-     * as well as the resulting code of the transition
-     */
-    fun feedEvent(e: Event): FSM.FsmResult {
-        val t = transitions[e.key]
-        return t?.doTransition(e) ?: noTransitionHandler.apply(e)
-    }
-
-    /*
-     * Add an outgoing transition to the state
-     */
-    fun addTransition(k: Any, t: Transition) {
-        transitions[k] = t
-    }
-
-    /*
-     * Set the 'no transition available for this event' handler
-     */
-    fun setNoTransitionHandler(noTransitionHandler: Function<Event, FSM.FsmResult>) {
-        this.noTransitionHandler = noTransitionHandler
-    }
-
-    /*
-     * run a sequence of code when the state is entered
-     */
-    open fun runEntryCode(fsm: FSM) {}
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
deleted file mode 100644
index 777e41234..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateClosed.kt
+++ /dev/null
@@ -1,138 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import org.slf4j.LoggerFactory
-import java.util.*
-import java.util.concurrent.locks.Condition
-import java.util.stream.Collectors
-
-/**
- * The Closed State of the FSM of the IDSCP2 protocol.
- * The FSM is in the Closed state either before any transition was triggered (in this case, the
- * Closed State is the FSM Start state) or after the connection was closed (in this case, the
- * Closed State is the FSM final state without any outgoing transitions)
- *
- *
- * When the FSM go from any State into the Closed State again, the FSM is locked forever and all
- * involved actors like RatDrivers and Timers will be terminated
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-internal class StateClosed(fsm: FSM,
-                           onMessageLock: Condition,
-                           attestationConfig: AttestationConfig) : State() {
-
-    private fun runExitCode(onMessageLock: Condition) {
-        //State Closed exit code
-        onMessageLock.signalAll() //enables fsm.onMessage()
-    }
-
-    override fun runEntryCode(fsm: FSM) {
-        //State Closed entry code
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Switched to state STATE_CLOSED")
-        }
-        fsm.shutdownFsm()
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(StateClosed::class.java)
-    }
-
-    init {
-
-
-        /*---------------------------------------------------
-         * STATE_CLOSED - Transition Description
-         * ---------------------------------------------------
-         * onICM: start_handshake --> {send IDSCP_HELLO, set handshake_timeout} --> STATE_WAIT_FOR_HELLO
-         * ALL_OTHER_MESSAGES ---> STATE_CLOSED
-         * --------------------------------------------------- */
-        addTransition(InternalControlMessage.START_IDSCP_HANDSHAKE.value, Transition {
-            if (fsm.isFsmLocked) {
-                if (LOG.isTraceEnabled) {
-                    LOG.trace("Cannot start handshake, because FSM is locked forever. Ignored.")
-                }
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
-            }
-
-            // FSM not locked, start handshake
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Get DAT Token vom DAT_DRIVER")
-            }
-            val dat = fsm.getDynamicAttributeToken
-
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSCP_HELLO")
-            }
-            val idscpHello = Idscp2MessageHelper.createIdscpHelloMessage(
-                dat,
-                attestationConfig.supportedAttestationSuite,
-                attestationConfig.expectedAttestationSuite
-            )
-            if (!fsm.sendFromFSM(idscpHello)) {
-                LOG.warn("Cannot send IdscpHello. Close connection")
-                runEntryCode(fsm)
-                onMessageLock.signalAll()
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, this)
-            }
-            runExitCode(onMessageLock)
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_HELLO))
-        })
-
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received RepeatRat in STATE_CLOSED, ignored.")
-            }
-
-            // return either FSM_LOCKED or FSM_NOT_STARTED
-            if (fsm.isFsmLocked) {
-                FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
-            } else {
-                FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
-            }
-        })
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received SEND in STATE_CLOSED, ignored.")
-            }
-
-            // return either FSM_LOCKED or FSM_NOT_STARTED
-            if (fsm.isFsmLocked) {
-                FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
-            } else {
-                FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
-            }
-        })
-
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received STOP in STATE_CLOSED, ignored.")
-            }
-
-            // return either FSM_LOCKED or FSM_NOT_STARTED
-            if (fsm.isFsmLocked) {
-                FSM.FsmResult(FSM.FsmResultCode.FSM_LOCKED, this)
-            } else {
-                FSM.FsmResult(FSM.FsmResultCode.FSM_NOT_STARTED, this)
-            }
-        })
-
-        setNoTransitionHandler {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("No transition available for given event {}, stack trace for analysis:\n{}",
-                    it,
-                    Arrays.stream(Thread.currentThread().stackTrace)
-                        .skip(1)
-                        .map { obj: StackTraceElement -> obj.toString() }
-                        .collect(Collectors.joining("\n")))
-                LOG.trace("Stay in state STATE_CLOSED")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
deleted file mode 100644
index 61a62dfe7..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateEstablished.kt
+++ /dev/null
@@ -1,164 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
-import org.slf4j.LoggerFactory
-
-/**
- * The Established State of the FSM of the IDSCP2 protocol.
- * Allows message exchange over the IDSCP2 protocol between two connectors
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class StateEstablished(
-    fsm: FSM,
-    ratTimer: StaticTimer,
-    handshakeTimer: StaticTimer,
-    ackTimer: StaticTimer,
-    alternatingBit: AlternatingBit
-) : State() {
-
-    override fun runEntryCode(fsm: FSM) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Switched to state STATE_ESTABLISHED")
-        }
-        fsm.notifyHandshakeCompleteLock()
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(StateEstablished::class.java)
-    }
-
-    init {
-
-
-        /*---------------------------------------------------
-         * STATE_ESTABLISHED - Transition Description
-         * ---------------------------------------------------
-         * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
-         * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onICM: send_data ---> {send IDS_DATA} ---> STATE_WAIT_FOR_ACK / STATE_CLOSED
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_ESTABLISHED
-         * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
-         * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.warn("Error occurred, close idscp connection")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSCP_CLOSE")
-            }
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "User close",
-                    CloseCause.USER_SHUTDOWN
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            // repack data, include alternating bit
-            val idscpMessage = Idscp2MessageHelper.createIdscpDataMessageWithAltBit(
-                it.idscpMessage.idscpData.data.toByteArray(), alternatingBit
-            )
-
-            // send repacked data
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IdscpData")
-            }
-            if (fsm.sendFromFSM(idscpMessage)) {
-                //Set Ack Flag
-                fsm.ackFlag = true
-                fsm.setBufferedIdscpData(idscpMessage)
-                ackTimer.start()
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK))
-            } else {
-                LOG.warn("Cannot send IdscpData, shutdown FSM")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-        })
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
-            }
-            ratTimer.cancelTimeout()
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                LOG.warn("Cannot send ReRat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (!fsm.restartRatVerifierDriver()) {
-                LOG.warn("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
-        })
-        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
-            ratTimer.cancelTimeout()
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
-            }
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                LOG.warn("Cannot send DatExpired message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Set handshake timeout")
-            }
-            handshakeTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
-        })
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_RERAT. Start RAT_PROVER")
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
-        })
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("DAT expired. Send new DAT and repeat RAT")
-            }
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.warn("Cannot send Dat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
-        })
-
-        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition {
-            fsm.recvData(it.idscpMessage.idscpData)
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Receive IDSCP_CLOSED")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        setNoTransitionHandler {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("No transition available for given event $it, stay in state STATE_ESTABLISHED")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
deleted file mode 100644
index 2c3eb7cc3..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForAck.kt
+++ /dev/null
@@ -1,185 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
-import org.slf4j.LoggerFactory
-
-/**
- * The Established State of the FSM of the IDSCP2 protocol.
- * Allows message exchange over the IDSCP2 protocol between two connectors
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class StateWaitForAck(fsm: FSM,
-                      ratTimer: StaticTimer,
-                      handshakeTimer: StaticTimer,
-                      ackTimer: StaticTimer) : State() {
-
-    override fun runEntryCode(fsm: FSM) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Switched to state STATE_WAIT_FOR_ACK")
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(StateWaitForAck::class.java)
-    }
-
-    init {
-
-
-        /*---------------------------------------------------
-         * STATW_WAIT_FOR_ACK - Transition Description
-         * ---------------------------------------------------
-         * onICM: error ---> {timeouts.cancel(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: stop ---> {timeouts.cancel()} ---> STATE_CLOSED
-         * onICM: re_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onICM: send_data ---> {send IDS_DATA} ---> STATE_WAIT_FOR_ACK
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * onICM. ackTimeout --> {send IDSCP_DATA again} --> STATE_WAIT_FOR_ACK
-         * onMessage: IDSCP_DATA ---> {delegate to connection} ---> STATE_WAIT_FOR_ACK
-         * onMessage: IDSCP_ACK ---> {clear ACK flag} ---> STATE_ESTABLISHED
-         * onMessage: IDSCP_RERAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_CLOSE ---> {timeouts.cancel()} ---> STATE_CLOSED
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
-         * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.warn("Error occurred, close idscp connection")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSCP_CLOSE")
-            }
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "User close",
-                    CloseCause.USER_SHUTDOWN
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Request RAT repeat. Send IDSCP_RERAT, start RAT_VERIFIER")
-            }
-            ratTimer.cancelTimeout()
-            ackTimer.cancelTimeout()
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                LOG.warn("Cannot send ReRat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (!fsm.restartRatVerifierDriver()) {
-                LOG.warn("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
-        })
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            LOG.warn("Cannot send data in STATE_WAIT_FOR_ACK")
-            FSM.FsmResult(FSM.FsmResultCode.WOULD_BLOCK, this)
-        })
-
-        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
-            ratTimer.cancelTimeout()
-            ackTimer.cancelTimeout()
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Remote DAT expired. Send IDSCP_DAT_EXPIRED")
-            }
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                LOG.warn("Cannot send DatExpired message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Set handshake timeout")
-            }
-            handshakeTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
-        })
-
-        addTransition(InternalControlMessage.ACK_TIMER_EXPIRED.value, Transition {
-            if (fsm.ackFlag) {
-                fsm.getBufferedIdscpMessage?.let {
-                    if (LOG.isTraceEnabled) {
-                        LOG.trace("ACK_timeout occurred. Sending buffered IdscpData again...")
-                    }
-                    return@Transition if (!fsm.sendFromFSM(it)) {
-                        LOG.warn("Cannot send IdscpData, shutdown FSM")
-                        FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-                    } else {
-                        ackTimer.start()
-                        FSM.FsmResult(FSM.FsmResultCode.OK, this)
-                    }
-                }
-            }
-            LOG.warn("No IdscpData message buffered in state WAIT_FOR_ACK. Shutdown")
-            return@Transition FSM.FsmResult(
-                FSM.FsmResultCode.IDSCP_DATA_NOT_CACHED,
-                fsm.getState(FsmState.STATE_CLOSED)
-            )
-        })
-
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_RERAT. Start RAT_PROVER")
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            ackTimer.cancelTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
-        })
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("DAT expired. Send new DAT and repeat RAT")
-            }
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.warn("Cannot send Dat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            ackTimer.cancelTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
-        })
-
-        addTransition(IdscpMessage.IDSCPDATA_FIELD_NUMBER, Transition {
-            fsm.recvData(it.idscpMessage.idscpData)
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
-            if (fsm.recvAck(it.idscpMessage.idscpAck)) {
-                FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED))
-            } else {
-                FSM.FsmResult(FSM.FsmResultCode.OK, this)
-            }
-        })
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Receive IDSCP_CLOSED")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        setNoTransitionHandler {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("No transition available for given event $it")
-                LOG.trace("Stay in state STATE_WAIT_FOR_ACK")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-        }
-
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
deleted file mode 100644
index eafbe3ff0..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRat.kt
+++ /dev/null
@@ -1,241 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
-import kotlinx.coroutines.GlobalScope
-import kotlinx.coroutines.launch
-import org.slf4j.LoggerFactory
-
-/**
- * The Wait_For_Dat_And_Rat State of the FSM of the IDSCP2 protocol.
- * Waits for a new valid dynamic attribute token from the peer as well as for the RatProver and
- * RatVerifier to decide whether the connection will be established or not
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class StateWaitForDatAndRat(fsm: FSM,
-                            handshakeTimer: StaticTimer,
-                            proverHandshakeTimer: StaticTimer,
-                            datTimer: DynamicTimer,
-                            dapsDriver: DapsDriver
-) : State() {
-    override fun runEntryCode(fsm: FSM) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Switched to state STATE_WAIT_FOR_DAT_AND_RAT")
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(StateWaitForDatAndRat::class.java)
-    }
-
-    init {
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_DAT_AND_RAT - Transition Description
-         * ---------------------------------------------------
-         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_ACK ---> {cancel Ack flag} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), timeouts.stop()} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT(success) ---> {verify dat, start dat_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_DAT(failed) ---> {verify dat, send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_ESTABLISHED
-         * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSC_CLOSE")
-            }
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "User close",
-                    CloseCause.USER_SHUTDOWN
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.warn("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-        })
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.warn("Handshake timeout occurred. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "Handshake timeout",
-                    CloseCause.TIMEOUT
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received RAT_PROVER OK")
-            }
-            proverHandshakeTimer.cancelTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
-        })
-
-        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
-            LOG.warn("RAT_PROVER failed. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "RAT_PROVER failed",
-                    CloseCause.RAT_PROVER_FAILED
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSCP_RAT_PROVER")
-            }
-            if (!fsm.sendFromFSM(event.idscpMessage)) {
-                LOG.warn("Cannot send rat prover message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_CLOSE")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition { event: Event ->
-
-            handshakeTimer.cancelTimeout()
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Verify received DAT")
-            }
-
-            //check if Dat is available and verify dat
-            val dat = event.idscpMessage.idscpDat.token.toByteArray()
-            var datValidityPeriod: Long
-
-            try {
-                if (0 > dapsDriver.verifyToken(dat).also { datValidityPeriod = it }) {
-                    if (LOG.isTraceEnabled) {
-                        LOG.trace("No valid remote DAT is available. Send IDSCP_CLOSE")
-                    }
-                    fsm.sendFromFSM(
-                        Idscp2MessageHelper.createIdscpCloseMessage(
-                            "No valid DAT", CloseCause.NO_VALID_DAT
-                        )
-                    )
-                    return@Transition FSM.FsmResult(
-                        FSM.FsmResultCode.INVALID_DAT,
-                        fsm.getState(FsmState.STATE_CLOSED)
-                    )
-                }
-            } catch (e: Exception) {
-                LOG.warn("DapsDriver has thrown Exception while validating remote DAT. Send IDSCP_CLOSE: {}", e)
-                fsm.sendFromFSM(
-                    Idscp2MessageHelper.createIdscpCloseMessage(
-                        "No valid DAT", CloseCause.NO_VALID_DAT
-                    )
-                )
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Remote DAT is valid. Set dat timeout")
-            }
-            datTimer.resetTimeout(datValidityPeriod * 1000)
-
-            //start RAT Verifier
-            if (!fsm.restartRatVerifierDriver()) {
-                LOG.warn("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
-        })
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
-            }
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.warn("Cannot send Dat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-            }
-
-            if (!event.idscpMessage.hasIdscpRatVerifier()) {
-                // this should never happen
-                LOG.warn("IDSCP_RAT_VERIFIER Message not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            fsm.ratProverDriver?.let {
-                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                GlobalScope.launch {
-                    it.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                }
-            } ?: run {
-                LOG.warn("RatProverDriver not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_RE_RAT. Restart RAT_PROVER")
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
-            fsm.recvAck(it.idscpMessage.idscpAck)
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        setNoTransitionHandler {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("No transition available for given event $it")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
deleted file mode 100644
index f6084b93f..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForDatAndRatVerifier.kt
+++ /dev/null
@@ -1,179 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
-import org.slf4j.LoggerFactory
-
-/**
- * The Wait_For_Dat_And_Rat_Verifier State of the FSM of the IDSCP2 protocol.
- * Wait for a new dynamic attribute token from the peer, since the old one is not valid anymore
- * and waits for the RatVerifier after successful verification of the Dat to decide if the IDSCP2
- * connection will be established
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class StateWaitForDatAndRatVerifier(fsm: FSM,
-                                    handshakeTimer: StaticTimer,
-                                    datTimer: DynamicTimer,
-                                    dapsDriver: DapsDriver) : State() {
-    override fun runEntryCode(fsm: FSM) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Set handshake timeout")
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(StateWaitForDatAndRatVerifier::class.java)
-    }
-
-    init {
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER - Transition Description
-         * ---------------------------------------------------
-         * onICM: stop ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: error ---> {} ---> STATE_CLOSED
-         * onICM: timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_ACK ---> {cancel Ack flag} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT(success) --> {verify DAT, set det_timeout, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFEIER
-         * onMessage: IDSCP_DAT(failed) --> {verify DAT, send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onMessage: IDSCP_RE_RAT ---> {start IDSCP_PROVER} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSC_CLOSE")
-            }
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "User close",
-                    CloseCause.USER_SHUTDOWN
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.warn("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-        })
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.warn("Handshake timeout occurred. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "Handshake timeout",
-                    CloseCause.TIMEOUT
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_CLOSE")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(IdscpMessage.IDSCPDAT_FIELD_NUMBER, Transition { event: Event ->
-
-            handshakeTimer.cancelTimeout()
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Verify received DAT")
-            }
-
-            //check if Dat is available and verify dat
-            val dat = event.idscpMessage.idscpDat.token.toByteArray()
-            var datValidityPeriod: Long
-
-            try {
-                if (0 > dapsDriver.verifyToken(dat).also { datValidityPeriod = it }) {
-                    LOG.warn("No valid remote DAT is available. Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(
-                        Idscp2MessageHelper.createIdscpCloseMessage(
-                            "No valid DAT", CloseCause.NO_VALID_DAT
-                        )
-                    )
-                    return@Transition FSM.FsmResult(
-                        FSM.FsmResultCode.INVALID_DAT,
-                        fsm.getState(FsmState.STATE_CLOSED)
-                    )
-                }
-            } catch (e: Exception) {
-                LOG.warn("DapsDriver has thrown Exception while validating remote DAT. Send IDSCP_CLOSE: {}", e)
-                fsm.sendFromFSM(
-                    Idscp2MessageHelper.createIdscpCloseMessage(
-                        "No valid DAT", CloseCause.NO_VALID_DAT
-                    )
-                )
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Remote DAT is valid. Set dat timeout")
-            }
-            datTimer.resetTimeout(datValidityPeriod * 1000)
-
-            //start RAT Verifier
-            if (!fsm.restartRatVerifierDriver()) {
-                LOG.warn("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
-        })
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
-            }
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.warn("Cannot send DAT message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
-        })
-
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_RE_RAT. Start RAT_PROVER")
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
-        })
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
-            fsm.recvAck(it.idscpMessage.idscpAck)
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        setNoTransitionHandler { event: Event? ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("No transition available for given event " + event.toString())
-            }
-            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-        }
-
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
deleted file mode 100644
index 4010bb084..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForHello.kt
+++ /dev/null
@@ -1,212 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import de.fhg.aisec.ids.idscp2.idscp_core.api.configuration.AttestationConfig
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
-import org.slf4j.LoggerFactory
-
-/**
- * The Wait_For_Hello State of the FSM of the IDSCP2 protocol.
- * Waits for the Idscpv2 Hellp Message that contains the protocol version, the supported and
- * expected remote attestation cipher suites and the dynamic attribute token (DAT) of the peer.
- *
- *
- * Goes into the WAIT_FOR_RAT State when valid Rat mechanisms were found and the DAT is valid
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class StateWaitForHello(fsm: FSM,
-                        private val handshakeTimer: StaticTimer,
-                        datTimer: DynamicTimer,
-                        dapsDriver: DapsDriver,
-                        attestationConfig: AttestationConfig) : State() {
-    override fun runEntryCode(fsm: FSM) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Switched to state STATE_WAIT_FOR_HELLO")
-            LOG.trace("Set handshake timeout to 5 seconds")
-        }
-        handshakeTimer.resetTimeout()
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(StateWaitForHello::class.java)
-    }
-
-    init {
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_HELLO - Transition Description
-         * ---------------------------------------------------
-         * onICM: error --> {} ---> STATE_CLOSED
-         * onICM: stop --> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: timeout --> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_CLOSE---> {} ---> STATE_CLOSED
-         * onMessage: IDSCP_HELLO (no rat match) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_HELLO (invalid DAT) ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_HELLO (SUCCESS) ---> {verify DAT, match RAT, set DAT Timeout, start RAT P&V,
-         *                                        set handshake_timeout} ---> STATE_WAIT_FOR_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_HELLO
-         * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.warn("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received stop signal from user. Send IDSCP_CLOSE")
-            }
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "User close",
-                    CloseCause.USER_SHUTDOWN
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received SEND signal from user, but FSM is not connected yet")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-        })
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            // nothing to to, result should be okay since RAT will be done in the next
-            // state for the first time
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received REPEAT_RAT signal from user")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.warn("STATE_WAIT_FOR_HELLO timeout. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "Handshake Timeout",
-                    CloseCause.TIMEOUT
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_CLOSE. Close connection")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(IdscpMessage.IDSCPHELLO_FIELD_NUMBER, Transition { event: Event ->
-            handshakeTimer.cancelTimeout()
-
-            val idscpHello = event.idscpMessage.idscpHello
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_HELLO")
-            }
-
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Calculate Rat mechanisms")
-            }
-            val proverMechanism = fsm.getRatProverMechanism(
-                attestationConfig.supportedAttestationSuite,
-                idscpHello.expectedRatSuiteList.toTypedArray()
-            )
-
-            if (proverMechanism == null) {
-                LOG.warn("No match for RAT prover mechanism")
-                return@Transition FSM.FsmResult(
-                        FSM.FsmResultCode.RAT_NEGOTIATION_ERROR,
-                        fsm.getState(FsmState.STATE_CLOSED)
-                )
-            }
-
-            val verifierMechanism = fsm.getRatVerifierMechanism(
-                attestationConfig.expectedAttestationSuite,
-                idscpHello.supportedRatSuiteList.toTypedArray()
-            )
-
-            if (verifierMechanism == null) {
-                LOG.warn("No match for RAT verifier mechanism")
-                return@Transition FSM.FsmResult(
-                        FSM.FsmResultCode.RAT_NEGOTIATION_ERROR,
-                        fsm.getState(FsmState.STATE_CLOSED)
-                )
-            }
-
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Verify received DAT")
-            }
-            //check if Dat is available and verify dat
-            var datValidityPeriod: Long
-
-            if (!idscpHello.hasDynamicAttributeToken()) {
-                LOG.warn("No remote DAT is available. Send IDSCP_CLOSE")
-                fsm.sendFromFSM(
-                    Idscp2MessageHelper.createIdscpCloseMessage(
-                        "No valid DAT", CloseCause.NO_VALID_DAT
-                    )
-                )
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.MISSING_DAT, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            try {
-                if (0 > dapsDriver.verifyToken(idscpHello.dynamicAttributeToken.token.toByteArray())
-                        .also { datValidityPeriod = it }
-                ) {
-                    LOG.warn("No valid remote DAT is available. Send IDSCP_CLOSE")
-                    fsm.sendFromFSM(
-                        Idscp2MessageHelper.createIdscpCloseMessage(
-                            "No valid DAT", CloseCause.NO_VALID_DAT
-                        )
-                    )
-                    return@Transition FSM.FsmResult(
-                        FSM.FsmResultCode.INVALID_DAT,
-                        fsm.getState(FsmState.STATE_CLOSED)
-                    )
-                }
-            } catch (e: Exception) {
-                LOG.warn("DapsDriver throws Exception while validating remote DAT. Send IDSCP_CLOSE {}", e)
-                fsm.sendFromFSM(
-                    Idscp2MessageHelper.createIdscpCloseMessage(
-                        "No valid DAT", CloseCause.NO_VALID_DAT
-                    )
-                )
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.INVALID_DAT, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Remote DAT is valid. Set dat timeout to its validity period")
-            }
-            datTimer.resetTimeout(datValidityPeriod * 1000)
-            fsm.setRatMechanisms(proverMechanism, verifierMechanism)
-
-            if (LOG.isTraceEnabled) {
-                LOG.debug("Start RAT Prover and Verifier")
-            }
-            if (!fsm.restartRatVerifierDriver()) {
-                LOG.warn("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
-        })
-
-        setNoTransitionHandler {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("No transition available for given event $it")
-                LOG.trace("Stay in state STATE_WAIT_FOR_HELLO")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
deleted file mode 100644
index 4b2afb227..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRat.kt
+++ /dev/null
@@ -1,255 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
-import kotlinx.coroutines.GlobalScope
-import kotlinx.coroutines.launch
-import org.slf4j.LoggerFactory
-
-/**
- * The Wait_For_Rat State of the FSM of the IDSCP2 protocol.
- * Waits for the RatProver and RatVerifier Result to decide whether the connection will be
- * established
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class StateWaitForRat(fsm: FSM,
-                      handshakeTimer: StaticTimer,
-                      verifierHandshakeTimer: StaticTimer,
-                      proverHandshakeTimer: StaticTimer,
-                      ratTimer: StaticTimer) : State() {
-    override fun runEntryCode(fsm: FSM) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Switched to state STATE_WAIT_FOR_RAT")
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(StateWaitForRat::class.java)
-    }
-
-    init {
-
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_RAT - Transition Description
-         * ---------------------------------------------------
-         * onICM: error ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
-         * onICM: stop ---> {ratP.stop(), ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> IDSCP_CLOSED
-         * onICM: rat_prover_ok ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onICM: rat_prover_failed ---> {ratV.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_verifier_failed ---> {ratP.stop(), timeouts.stop(), send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onICM: dat_timeout ---> {send DAT_EXPIRED, ratV.cancel()} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onICM: handshake_timeout ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onMessage: IDSCP_ACK ---> {cancel Ack flag} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_RAT_PROVER ---> {delegate to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send DAT, ratP.restart()} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {ratP.stop(), ratV.stop(), timeouts.stop()} ---> IDSCP_CLOSED
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT
-         * --------------------------------------------------- */
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.warn("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSCP_CLOSE")
-            }
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "User close",
-                    CloseCause.USER_SHUTDOWN
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-        })
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            // nothing to do, currently attestating
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received RAT_PROVER OK")
-            }
-            proverHandshakeTimer.cancelTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_VERIFIER))
-        })
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received RAT_VERIFIER OK")
-            }
-            verifierHandshakeTimer.cancelTimeout()
-            ratTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT_PROVER))
-        })
-
-        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
-            LOG.warn("RAT_PROVER failed. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "RAT_PROVER failed",
-                    CloseCause.RAT_PROVER_FAILED
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
-            LOG.warn("RAT_VERIFIER failed. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "RAT_VERIFIER failed",
-                    CloseCause.RAT_VERIFIER_FAILED
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSCP_RAT_PROVER")
-            }
-            if (!fsm.sendFromFSM(event.idscpMessage)) {
-                LOG.warn("Cannot send rat prover message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition { event: Event ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSCP_RAT_VERIFIER")
-            }
-            if (!fsm.sendFromFSM(event.idscpMessage)) {
-                LOG.warn("Cannot send rat verifier message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("DAT timeout, send IDSCP_DAT_EXPIRED and cancel RAT_VERIFIER")
-            }
-            fsm.stopRatVerifierDriver()
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                LOG.warn("Cannot send DatExpired message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Start Handshake Timer")
-            }
-            handshakeTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
-        })
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.warn("Handshake timeout occurred. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "Handshake timeout",
-                    CloseCause.TIMEOUT
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
-            fsm.recvAck(it.idscpMessage.idscpAck)
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-            }
-
-            if (!event.idscpMessage.hasIdscpRatVerifier()) {
-                // this should never happen
-                LOG.warn("IDSCP_RAT_Verifier message not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            fsm.ratProverDriver?.let {
-                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                GlobalScope.launch {
-                    it.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                }
-            } ?: run {
-                LOG.warn("RatProverDriver not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
-            }
-
-            if (!event.idscpMessage.hasIdscpRatProver()) {
-                // this should never happen
-                LOG.warn("IDSCP_RAT_PROVER message not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            fsm.ratVerifierDriver?.let {
-                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                GlobalScope.launch {
-                    it.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
-                }
-            } ?: run {
-                LOG.warn("RatVerifierDriver not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
-            }
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.warn("Cannot send DAT message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_CLOSE")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        setNoTransitionHandler { event: Event? ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("No transition available for given event " + event.toString())
-                LOG.trace("Stay in state STATE_WAIT_FOR_RAT")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
deleted file mode 100644
index b883ea0e3..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatProver.kt
+++ /dev/null
@@ -1,218 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
-import kotlinx.coroutines.GlobalScope
-import kotlinx.coroutines.launch
-import org.slf4j.LoggerFactory
-
-/**
- * The Wait_For_Rat_Prover State of the FSM of the IDSCP2 protocol.
- * Waits only for the RatProver Result to decide whether the connection will be established
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class StateWaitForRatProver(fsm: FSM,
-                            ratTimer: StaticTimer,
-                            handshakeTimer: StaticTimer,
-                            proverHandshakeTimer: StaticTimer,
-                            ackTimer: StaticTimer) : State() {
-    override fun runEntryCode(fsm: FSM) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Switched to state STATE_WAIT_FOR_RAT_PROVER")
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(StateWaitForRatProver::class.java)
-    }
-
-    init {
-
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_RAT_PROVER - Transition Description
-         * ---------------------------------------------------
-         * onICM: stop ---> {send IDSCP_CLOSE, stop RAT_PROVER, timeouts.terminate()} ---> STATE_CLOSED
-         * onICM: error ---> {stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_PROVER} ---> STATE_CLOSED
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED} ---> STATE_WAIT_FOR_DAT_AND_RAT
-         * onICM: rat_prover_ok ---> {} ---> STATE_ESTABLISHED / STATE_WAIT_FOR_ACK
-         * onICM: rat_prover_failed ---> {send IDSCP_CLOSE, terminate ratP, cancel timeouts} ---> STATE_CLOSED
-         * onICM: rat_prover_msg ---> {send IDSCP_RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onICM: repeat_rat ---> {send IDSCP_RE_RAT, start RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_ACK ---> {cancel Ack flag} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {} ---> STATE_CLOSED
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_RAT_VERIFIER ---> {delegate to RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * onMessage: IDSCP_RE_RAT ---> {restart RAT_PROVER} ---> STATE_WAIT_FOR_RAT_PROVER
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_PROVER
-         * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSC_CLOSE")
-            }
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("User close", CloseCause.USER_SHUTDOWN))
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.warn("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-        })
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.warn("Handshake timeout occurred. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "Handshake timeout",
-                    CloseCause.TIMEOUT
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("DAT timeout occurred. Send IDSCP_DAT_EXPIRED")
-            }
-            ratTimer.cancelTimeout()
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                LOG.warn("Cannot send DatExpired message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Start Handshake Timer")
-            }
-            handshakeTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT))
-        })
-
-        addTransition(InternalControlMessage.RAT_PROVER_OK.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received RAT_PROVER OK")
-            }
-            proverHandshakeTimer.cancelTimeout()
-            if (fsm.ackFlag) {
-                ackTimer.start()
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK))
-            } else {
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED))
-            }
-        })
-
-        addTransition(InternalControlMessage.RAT_PROVER_FAILED.value, Transition {
-            LOG.warn("RAT_PROVER failed. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "RAT_PROVER failed",
-                    CloseCause.RAT_PROVER_FAILED
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.RAT_PROVER_MSG.value, Transition { event: Event ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSCP_RAT_PROVER")
-            }
-            if (!fsm.sendFromFSM(event.idscpMessage)) {
-                LOG.warn("Cannot send rat prover message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Request RAT repeat. Send IDSCP_RE_RAT, start RAT_VERIFIER")
-            }
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpReRatMessage(""))) {
-                LOG.warn("Cannot send ReRat message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            ratTimer.cancelTimeout()
-            if (!fsm.restartRatVerifierDriver()) {
-                LOG.warn("Cannot run Rat verifier, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
-        })
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_CLOSE")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, restart RAT_PROVER")
-            }
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.warn("Cannot send DAT message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPRATVERIFIER_FIELD_NUMBER, Transition { event: Event ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Delegate received IDSCP_RAT_VERIFIER to RAT_PROVER")
-            }
-
-            if (!event.idscpMessage.hasIdscpRatVerifier()) {
-                // this should never happen
-                LOG.warn("IDSCP_RAT_VERIFIER Message not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            fsm.ratProverDriver?.let {
-                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                GlobalScope.launch {
-                    it.delegate(event.idscpMessage.idscpRatVerifier.data.toByteArray())
-                }
-            } ?: run {
-                LOG.warn("RatProverDriver not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_RE_RAT. Restart RAT_PROVER")
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
-            fsm.recvAck(it.idscpMessage.idscpAck)
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        setNoTransitionHandler {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("No transition available for given event $it")
-                LOG.trace("Stay in state STATE_WAIT_FOR_RAT_PROVER")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
deleted file mode 100644
index c99843db6..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StateWaitForRatVerifier.kt
+++ /dev/null
@@ -1,206 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.FSM.FsmState
-import de.fhg.aisec.ids.idscp2.idscp_core.messages.Idscp2MessageHelper
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpMessage
-import kotlinx.coroutines.GlobalScope
-import kotlinx.coroutines.launch
-import org.slf4j.LoggerFactory
-
-/**
- * The Wait_For_Rat_Verifier State of the FSM of the IDSCP2 protocol.
- * Waits only for the RatVerifier Result to decide whether the connection will be established
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class StateWaitForRatVerifier(fsm: FSM,
-                              ratTimer: StaticTimer,
-                              handshakeTimer: StaticTimer,
-                              verifierHandshakeTimer: StaticTimer,
-                              ackTimer: StaticTimer) : State() {
-    override fun runEntryCode(fsm: FSM) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Switched to state STATE_WAIT_FOR_RAT_VERIFIER")
-        }
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(StateWaitForRatVerifier::class.java)
-    }
-
-    init {
-
-        /*---------------------------------------------------
-         * STATE_WAIT_FOR_RAT_VERIFIER - Transition Description
-         * ---------------------------------------------------
-         * onICM: error ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onICM: close ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onICM: dat_timeout ---> {send IDSCP_DAT_EXPIRED, cancel ratV} ---> STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER
-         * onICM: timeout ---> {send IDSCP_CLOSE, stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onICM: rat_verifier_ok ---> {set rat timeout} ---> STATE_ESTABLISHED / STATE_WAIT_FOR_ACK
-         * onICM: rat_verifier_failed ---> {send IDSCP_CLOSE} ---> STATE_CLOSED
-         * onICM: rat_verifier_msg ---> {send IDSCP_RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onMessage: IDSCP_ACK ---> {cancel Ack flag} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_DAT_EXPIRED ---> {send IDSCP_DAT, start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * onMessage: IDSCP_CLOSE ---> {stop RAT_VERIFIER} ---> STATE_CLOSED
-         * onMessage: IDSCP_RAT_PROVER ---> {delegat to RAT_VERIFIER} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * onMessage: IDSCP_RE_RAT ---> {start RAT_PROVER} ---> STATE_WAIT_FOR_RAT
-         * ALL_OTHER_MESSAGES ---> {} ---> STATE_WAIT_FOR_RAT_VERIFIER
-         * --------------------------------------------------- */
-        addTransition(InternalControlMessage.IDSCP_STOP.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSC_CLOSE")
-            }
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "User close",
-                    CloseCause.USER_SHUTDOWN
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.ERROR.value, Transition {
-            LOG.warn("An internal control error occurred")
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.REPEAT_RAT.value, Transition {
-            // already re-attestating
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(InternalControlMessage.SEND_DATA.value, Transition {
-            FSM.FsmResult(FSM.FsmResultCode.NOT_CONNECTED, this)
-        })
-
-        addTransition(InternalControlMessage.TIMEOUT.value, Transition {
-            LOG.warn("Handshake timeout occurred. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(Idscp2MessageHelper.createIdscpCloseMessage("Handshake timeout", CloseCause.TIMEOUT))
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.DAT_TIMER_EXPIRED.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("DAT timeout occurred. Send IDSCP_DAT_EXPIRED and stop RAT_VERIFIER")
-            }
-            fsm.stopRatVerifierDriver()
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatExpiredMessage())) {
-                LOG.warn("Cannot send DatExpired message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Start Handshake Timer")
-            }
-            handshakeTimer.resetTimeout()
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_DAT_AND_RAT_VERIFIER))
-        })
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_OK.value, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received RAT_VERIFIER OK. Start RAT Timer")
-            }
-            verifierHandshakeTimer.cancelTimeout()
-            ratTimer.resetTimeout()
-            if (fsm.ackFlag) {
-                ackTimer.start()
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_ACK))
-            } else {
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_ESTABLISHED))
-            }
-        })
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_FAILED.value, Transition {
-            LOG.warn("RAT_VERIFIER failed. Send IDSCP_CLOSE")
-            fsm.sendFromFSM(
-                Idscp2MessageHelper.createIdscpCloseMessage(
-                    "RAT_VERIFIER failed",
-                    CloseCause.RAT_VERIFIER_FAILED
-                )
-            )
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(InternalControlMessage.RAT_VERIFIER_MSG.value, Transition { event: Event ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Send IDSCP_RAT_VERIFIER")
-            }
-            if (!fsm.sendFromFSM(event.idscpMessage)) {
-                LOG.warn("Cannot send rat verifier message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPCLOSE_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_CLOSE")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_CLOSED))
-        })
-
-        addTransition(IdscpMessage.IDSCPDATEXPIRED_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_DAT_EXPIRED. Send new DAT from DAT_DRIVER, start RAT_PROVER")
-            }
-            if (!fsm.sendFromFSM(Idscp2MessageHelper.createIdscpDatMessage(fsm.getDynamicAttributeToken))) {
-                LOG.warn("Cannot send DAT message")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.IO_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
-        })
-
-        addTransition(IdscpMessage.IDSCPRATPROVER_FIELD_NUMBER, Transition { event: Event ->
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Delegate received IDSCP_RAT_PROVER to RAT_VERIFIER")
-            }
-
-            if (!event.idscpMessage.hasIdscpRatProver()) {
-                // this should never happen
-                LOG.warn("IDSCP_RAT_PROVER Message not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            fsm.ratVerifierDriver?.let {
-                // Run in async fire-and-forget coroutine to avoid cycles caused by protocol misuse
-                GlobalScope.launch {
-                    it.delegate(event.idscpMessage.idscpRatProver.data.toByteArray())
-                }
-            } ?: run {
-                LOG.warn("RatProverDriver not available")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        addTransition(IdscpMessage.IDSCPRERAT_FIELD_NUMBER, Transition {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("Received IDSCP_RE_RAT. Start RAT_PROVER")
-            }
-            if (!fsm.restartRatProverDriver()) {
-                LOG.warn("Cannot run Rat prover, close idscp connection")
-                return@Transition FSM.FsmResult(FSM.FsmResultCode.RAT_ERROR, fsm.getState(FsmState.STATE_CLOSED))
-            }
-            FSM.FsmResult(FSM.FsmResultCode.OK, fsm.getState(FsmState.STATE_WAIT_FOR_RAT))
-        })
-
-        addTransition(IdscpMessage.IDSCPACK_FIELD_NUMBER, Transition {
-            fsm.recvAck(it.idscpMessage.idscpAck)
-            FSM.FsmResult(FSM.FsmResultCode.OK, this)
-        })
-
-        setNoTransitionHandler {
-            if (LOG.isTraceEnabled) {
-                LOG.trace("No transition available for given event $it")
-                LOG.trace("Stay in state STATE_WAIT_FOR_RAT_VERIFIER")
-            }
-            FSM.FsmResult(FSM.FsmResultCode.UNKNOWN_TRANSITION, this)
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt
deleted file mode 100644
index f90a41ab9..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/StaticTimer.kt
+++ /dev/null
@@ -1,41 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import java.util.concurrent.locks.ReentrantLock
-
-/**
- * A StaticTimer class that provides an API to the FSM to start and cancel timeout threads
- * with a fixed timeout delay (in ms)
- * The timer ensures that no canceled timer is able to trigger a timeout transitions
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class StaticTimer internal constructor(private val fsmIsBusy: ReentrantLock,
-                                       private val timeoutHandler: Runnable,
-                                       private val delay: Long) {
-    private var thread: TimerThread? = null
-    private val mutex = ReentrantLock(true)
-
-    fun resetTimeout() {
-        cancelTimeout()
-        start()
-    }
-
-    /*
-     * Start a timer thread that triggers the timeout handler routine after the static delay
-     */
-    fun start() {
-        mutex.lock()
-        thread = TimerThread(delay, timeoutHandler, fsmIsBusy).also { it.start() }
-        mutex.unlock()
-    }
-
-    /*
-     * Cancel the current timer thread
-     */
-    fun cancelTimeout() {
-        mutex.lock()
-        thread?.safeStop()
-        thread = null
-        mutex.unlock()
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt
deleted file mode 100644
index 7f34a4aa0..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/TimerThread.kt
+++ /dev/null
@@ -1,56 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-import java.util.concurrent.locks.ReentrantLock
-
-/**
- * A Timer Thread that triggers timeouts (ms) in the fsm
- * The thread will only trigger the fsm if it has the fsm lock and the timeout
- * was not canceled before
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class TimerThread internal constructor(//timeout delay in milliseconds
-        private val delay: Long, //timeout handler routine
-        private val timeoutHandler: Runnable, //lock for the fsm
-        private val fsmIsBusy: ReentrantLock) : Thread() {
-    @Volatile
-    private var canceled = false
-
-    /*
-     * Run the timer thread that sleeps the number of timeout delay in ms
-     * if the timeout was not canceled during the sleep, the thread will request
-     * the fsm lock and will then check once again, if the timeout was canceled
-     * by another transition during this process to avoid triggering timeout
-     * transitions for canceled timers.
-     * If the timout was not canceled so far, the timer thread calls a timeout handler
-     * routine, that triggers the timeout transition in the fsm
-     */
-    override fun run() {
-        try {
-            sleep(delay)
-        } catch (e: InterruptedException) {
-            if (!canceled) {
-                currentThread().interrupt()
-            }
-        }
-        if (canceled) {
-            return
-        }
-        fsmIsBusy.lock()
-        try {
-            if (!canceled) {
-                timeoutHandler.run()
-            }
-        } finally {
-            fsmIsBusy.unlock()
-        }
-    }
-
-    /*
-     * A method to stop the execution of the timer thread and cancel the timeout
-     */
-    fun safeStop() {
-        canceled = true
-        interrupt()
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
deleted file mode 100644
index 09dca80e2..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/Transition.kt
+++ /dev/null
@@ -1,13 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm
-
-/**
- * Transition class for State machine, provides a doTransition method
- * that returns the fsm result containing of the next state for a given event and the result code
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class Transition(private val eventHandler: (Event) -> FSM.FsmResult) {
-    fun doTransition(e: Event): FSM.FsmResult {
-        return eventHandler(e)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatProverFsmListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatProverFsmListener.kt
deleted file mode 100644
index 1d3ab5c06..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatProverFsmListener.kt
+++ /dev/null
@@ -1,18 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners
-
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
-
-/**
- * An FSM Listener Interface for the RatProver driver implemented by the FSM to restrict FSM API to
- * the RatProver drivers class of the IDSCP2
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface RatProverFsmListener {
-
-    /**
-     * A method for providing RatProver messages from the RatProverDriver implementation to the FSM
-     */
-    fun onRatProverMessage(controlMessage: InternalControlMessage)
-    fun onRatProverMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray)
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatVerifierFsmListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatVerifierFsmListener.kt
deleted file mode 100644
index 07d09d022..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/RatVerifierFsmListener.kt
+++ /dev/null
@@ -1,19 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners
-
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.InternalControlMessage
-
-/**
- * An FSM Listener Interface for the RatVerifier driver implemented by the FSM to restrict FSM API to
- * the RatVerifier drivers class of the IDSCP2
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface RatVerifierFsmListener {
-
-    /**
-     * A method for providing RatVerifier messages from the RatVerifierDriver implementation to the
-     * FSM
-     */
-    fun onRatVerifierMessage(controlMessage: InternalControlMessage)
-    fun onRatVerifierMessage(controlMessage: InternalControlMessage, ratMessage: ByteArray)
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/ScFsmListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/ScFsmListener.kt
deleted file mode 100644
index b3be103ef..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/fsm/fsmListeners/ScFsmListener.kt
+++ /dev/null
@@ -1,25 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners
-
-/**
- * An FSM Listener Interface for the SecureChannel driver implemented by the FSM to restrict FSM API to
- * the SecureChannel drivers class of the IDSCP2
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-interface ScFsmListener {
-
-    /**
-     * A method for providing IDSCP2 data from the secure channel to the FSM
-     */
-    fun onMessage(data: ByteArray)
-
-    /**
-     * A method for providing internal SC errors to the fsm
-     */
-    fun onError(t: Throwable)
-
-    /**
-     * A method for notifying the fsm about closure of the secure channel
-     */
-    fun onClose()
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/messages/Idscp2MessageHelper.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/messages/Idscp2MessageHelper.kt
deleted file mode 100644
index 2818ec100..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/messages/Idscp2MessageHelper.kt
+++ /dev/null
@@ -1,106 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.messages
-
-import com.google.protobuf.ByteString
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.AlternatingBit
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.*
-import de.fhg.aisec.ids.idscp2.messages.IDSCP2.IdscpClose.CloseCause
-
-/**
- * A factory for creating IDSCP2 messages
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-object Idscp2MessageHelper {
-    fun createIdscpHelloMessage(dat: ByteArray, supportedRatSuite: Array<String>, expectedRatSuite: Array<String>): IdscpMessage {
-        val idscpDat = IdscpDat.newBuilder()
-                .setToken(ByteString.copyFrom(dat))
-                .build()
-        val idscpHello = IdscpHello.newBuilder()
-                .setVersion(2)
-                .setDynamicAttributeToken(idscpDat)
-                .addAllExpectedRatSuite(listOf(*expectedRatSuite))
-                .addAllSupportedRatSuite(listOf(*supportedRatSuite))
-                .build()
-        return IdscpMessage.newBuilder()
-                .setIdscpHello(idscpHello)
-                .build()
-    }
-
-    fun createIdscpCloseMessage(closeMsg: String?, causeCode: CloseCause?): IdscpMessage {
-        val idscpClose = IdscpClose.newBuilder()
-                .setCauseCode(causeCode)
-                .setCauseMsg(closeMsg)
-                .build()
-        return IdscpMessage.newBuilder()
-                .setIdscpClose(idscpClose)
-                .build()
-    }
-
-    fun createIdscpDatExpiredMessage(): IdscpMessage {
-        return IdscpMessage.newBuilder()
-                .setIdscpDatExpired(IdscpDatExpired.newBuilder().build())
-                .build()
-    }
-
-    fun createIdscpDatMessage(dat: ByteArray?): IdscpMessage {
-        val idscpDat = IdscpDat.newBuilder()
-                .setToken(ByteString.copyFrom(dat))
-                .build()
-        return IdscpMessage.newBuilder()
-                .setIdscpDat(idscpDat)
-                .build()
-    }
-
-    fun createIdscpReRatMessage(cause: String?): IdscpMessage {
-        val idscpReRat = IdscpReRat.newBuilder()
-                .setCause(cause)
-                .build()
-        return IdscpMessage.newBuilder()
-                .setIdscpReRat(idscpReRat)
-                .build()
-    }
-
-    fun createIdscpDataMessage(data: ByteArray?): IdscpMessage {
-        val idscpData = IdscpData.newBuilder()
-                .setData(ByteString.copyFrom(data))
-                .build()
-        return IdscpMessage.newBuilder()
-                .setIdscpData(idscpData)
-                .build()
-    }
-
-    fun createIdscpDataMessageWithAltBit(data: ByteArray?, alternatingBit: AlternatingBit): IdscpMessage {
-        val idscpData = IdscpData.newBuilder()
-                .setData(ByteString.copyFrom(data))
-                .setAlternatingBit(alternatingBit.asBoolean())
-                .build()
-        return IdscpMessage.newBuilder()
-                .setIdscpData(idscpData)
-                .build()
-    }
-
-    fun createIdscpRatProverMessage(body: ByteArray?): IdscpMessage {
-        val idscpRatProver = IdscpRatProver.newBuilder()
-                .setData(ByteString.copyFrom(body))
-                .build()
-        return IdscpMessage.newBuilder()
-                .setIdscpRatProver(idscpRatProver)
-                .build()
-    }
-
-    fun createIdscpRatVerifierMessage(body: ByteArray?): IdscpMessage {
-        val idscpRatVerifier = IdscpRatVerifier.newBuilder()
-                .setData(ByteString.copyFrom(body))
-                .build()
-        return IdscpMessage.newBuilder()
-                .setIdscpRatVerifier(idscpRatVerifier)
-                .build()
-    }
-
-    fun createIdscpAckMessage(alternatingBit: Boolean): IdscpMessage {
-        return IdscpMessage.newBuilder()
-                .setIdscpAck(
-                        IdscpAck.newBuilder().setAlternatingBit(alternatingBit).build()
-                ).build()
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
deleted file mode 100644
index abd382012..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatProverDriverRegistry.kt
+++ /dev/null
@@ -1,72 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatProverDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatProverFsmListener
-import org.slf4j.LoggerFactory
-import java.util.concurrent.ConcurrentHashMap
-
-/**
- * A Rat Prover Driver Registry
- * The User can register Driver implementation instances and its configurations to the registry
- *
- *
- * The Idscpv2 protocol will select during the idscp handshake a Rat Prover mechanism and will
- * check for this RatProver in this registry
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-object RatProverDriverRegistry {
-    private val LOG by lazy { LoggerFactory.getLogger(RatProverDriverRegistry::class.java) }
-
-    /**
-     * An inner static wrapper class, that wraps driver config and driver class
-     */
-    private class DriverWrapper<PC>(
-            val driverFactory: (RatProverFsmListener) -> RatProverDriver<PC>,
-            val driverConfig: PC?
-    ) {
-        fun getInstance(listener: RatProverFsmListener) = driverFactory.invoke(listener).also { d ->
-            driverConfig?.let { d.setConfig(it) }
-        }
-    }
-
-    private val drivers = ConcurrentHashMap<String, DriverWrapper<*>>()
-
-    /**
-     * Register Rat Prover driver and an optional configuration in the registry
-     */
-    fun <PC> registerDriver(
-            instance: String,
-            driverFactory: (RatProverFsmListener) -> RatProverDriver<PC>,
-            driverConfig: PC?
-    ) {
-        drivers[instance] = DriverWrapper(driverFactory, driverConfig)
-    }
-
-    /**
-     * Unregister the driver from the registry
-     */
-    fun unregisterDriver(instance: String) {
-        drivers.remove(instance)
-    }
-
-    /**
-     * To start a Rat Prover from the finite state machine
-     *
-     * First we check if the registry contains the RatProver instance, then we create a new
-     * RatProverDriver from the driver wrapper that holds the corresponding RatProverDriver class.
-     *
-     * The finite state machine is registered as the communication partner for the RatProver.
-     * The RatProver will be initialized with a configuration, if present. Then it is started.
-     */
-    fun startRatProverDriver(instance: String, listener: RatProverFsmListener): RatProverDriver<*>? {
-        return drivers[instance]?.let { driverWrapper ->
-            return try {
-                driverWrapper.getInstance(listener).also { it.start() }
-            } catch (e: Exception) {
-                LOG.error("Error during RAT prover start", e)
-                null
-            }
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
deleted file mode 100644
index dfe5da545..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/rat_registry/RatVerifierDriverRegistry.kt
+++ /dev/null
@@ -1,72 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.rat_registry
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.RatVerifierDriver
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.RatVerifierFsmListener
-import org.slf4j.LoggerFactory
-import java.util.concurrent.ConcurrentHashMap
-
-/**
- * A Rat Verifier Driver Registry
- * The User can register Driver implementation instances and its configurations to the registry
- *
- *
- * The Idscpv2 protocol will select during the idscp handshake a Rat Verifier mechanism and will
- * check for this RatVerifier in this registry
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-object RatVerifierDriverRegistry {
-    private val LOG by lazy { LoggerFactory.getLogger(RatVerifierDriverRegistry::class.java) }
-
-    /**
-     * An inner static wrapper class, that wraps driver config and driver class
-     */
-    private class DriverWrapper<VC>(
-            val driverFactory: (RatVerifierFsmListener) -> RatVerifierDriver<VC>,
-            val driverConfig: VC?
-    ) {
-        fun getInstance(listener: RatVerifierFsmListener) = driverFactory.invoke(listener).also {d ->
-            driverConfig?.let { d.setConfig(it) }
-        }
-    }
-    private val drivers = ConcurrentHashMap<String, DriverWrapper<*>>()
-
-    /**
-     * Register Rat Verifier driver and an optional configuration in the registry
-     */
-    fun <VC> registerDriver(
-            mechanism: String,
-            driverFactory: (RatVerifierFsmListener) -> RatVerifierDriver<VC>,
-            driverConfig: VC?
-    ) {
-        drivers[mechanism] = DriverWrapper(driverFactory, driverConfig)
-    }
-
-    /**
-     * Unregister the driver from the registry
-     */
-    fun unregisterDriver(instance: String) {
-        drivers.remove(instance)
-    }
-
-    /**
-     * To start a Rat Verifier from the finite state machine
-     *
-     * First we check if the registry contains the RatVerifier instance, then we create a new
-     * RatVerifierDriver from the driver wrapper that holds the corresponding
-     * RatVerifierDriver class.
-     *
-     * The finite state machine is registered as the communication partner for the RatVerifier.
-     * The RatVerifier will be initialized with a configuration, if present. Then it is started.
-     */
-    fun startRatVerifierDriver(mechanism: String?, listener: RatVerifierFsmListener): RatVerifierDriver<*>? {
-        return drivers[mechanism]?.let { driverWrapper ->
-            return try {
-                driverWrapper.getInstance(listener).also { it.start() }
-            } catch (e: Exception) {
-                LOG.error("Error during RAT verifier start", e)
-                null
-            }
-        }
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
deleted file mode 100644
index 56956b1d0..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannel.kt
+++ /dev/null
@@ -1,69 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel
-
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.SecureChannelEndpoint
-import de.fhg.aisec.ids.idscp2.idscp_core.fsm.fsmListeners.ScFsmListener
-import org.slf4j.LoggerFactory
-import java.util.concurrent.CompletableFuture
-
-/**
- * A secureChannel which is the secure underlying basis of the IDSCP2 protocol,
- * that implements a secureChannelListener
- *
- * @author Leon Beckmann (leon.beckmann@aisec.fraunhofer.de)
- */
-class SecureChannel(private val endpoint: SecureChannelEndpoint) : SecureChannelListener {
-    private val fsmPromise = CompletableFuture<ScFsmListener>()
-
-    /*
-     * close the secure channel forever
-     */
-    fun close() {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Close secure channel")
-        }
-        endpoint.close()
-    }
-
-    /*
-     * Send data via the secure channel endpoint to the peer connector
-     *
-     * return true if the data has been sent successfully, else false
-     */
-    fun send(msg: ByteArray): Boolean {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("Send message via secure channel")
-        }
-        return endpoint.send(msg)
-    }
-
-    override fun onMessage(data: ByteArray) {
-        if (LOG.isTraceEnabled) {
-            LOG.trace("New raw data has been received via the secure channel")
-        }
-        fsmPromise.thenAccept { fsmListener: ScFsmListener -> fsmListener.onMessage(data) }
-    }
-
-    override fun onError(t: Throwable) {
-        // Tell fsm an error occurred in secure channel
-        fsmPromise.thenAccept { fsmListener: ScFsmListener -> fsmListener.onError(t) }
-    }
-
-    override fun onClose() {
-        // Tell fsm secure channel received EOF
-        fsmPromise.thenAccept { obj: ScFsmListener -> obj.onClose() }
-    }
-
-    val isConnected: Boolean
-        get() = endpoint.isConnected
-
-    /*
-     * set the corresponding finite state machine
-     */
-    fun setFsm(fsm: ScFsmListener) {
-        fsmPromise.complete(fsm)
-    }
-
-    companion object {
-        private val LOG = LoggerFactory.getLogger(SecureChannel::class.java)
-    }
-}
\ No newline at end of file
diff --git a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.kt b/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.kt
deleted file mode 100644
index b833fac0f..000000000
--- a/idscp2/src/main/kotlin/de/fhg/aisec/ids/idscp2/idscp_core/secure_channel/SecureChannelListener.kt
+++ /dev/null
@@ -1,21 +0,0 @@
-package de.fhg.aisec.ids.idscp2.idscp_core.secure_channel
-
-/**
- * An interface for a secure channel listener, implemented by the secure channel
- */
-interface SecureChannelListener {
-    /*
-     * Delegate data from secure channel endpoint to the secure channel
-     */
-    fun onMessage(data: ByteArray)
-
-    /*
-     * Delegate an error from an secure channel endpoint to the secure channel
-     */
-    fun onError(t: Throwable)
-
-    /*
-     * Notify secure channel that secure channel endpoint has been closed
-     */
-    fun onClose()
-}
\ No newline at end of file
diff --git a/idscp2/src/main/proto/idscpv2.proto b/idscp2/src/main/proto/idscpv2.proto
deleted file mode 100644
index 704e3dcff..000000000
--- a/idscp2/src/main/proto/idscpv2.proto
+++ /dev/null
@@ -1,80 +0,0 @@
-syntax = "proto3";
-option java_package = "de.fhg.aisec.ids.idscp2.messages";
-option java_outer_classname = "IDSCP2";
-
-//IDSCP message frame
-message IdscpMessage {
-  // One of the following will be filled in.
-  oneof message {
-    IdscpHello idscpHello = 1;
-    IdscpClose idscpClose = 2;
-    IdscpDatExpired idscpDatExpired = 3;
-    IdscpDat idscpDat = 4;
-    IdscpReRat idscpReRat = 5;
-    IdscpRatProver idscpRatProver = 6;
-    IdscpRatVerifier idscpRatVerifier = 7;
-    IdscpData idscpData = 8;
-    IdscpAck idscpAck = 9;
-  }
-}
-
-// IDSCP messages
-
-message IdscpHello {
-  // IDSCP protocol version
-  int32 version = 1;
-  // Initial dynamic attribute token (DAT)
-  IdscpDat dynamicAttributeToken = 2;
-  // Set of supported remote attestation (RAT) methods (prover role)
-  repeated string supportedRatSuite = 3;
-  // Set of accepted RAT methods (verifier role)
-  repeated string expectedRatSuite = 4;
-}
-
-message IdscpClose {
-
-  enum CloseCause {
-    USER_SHUTDOWN = 0;
-    TIMEOUT = 1;
-    ERROR = 2;
-    NO_VALID_DAT = 3;
-    NO_RAT_MECHANISM_MATCH_PROVER = 4;
-    NO_RAT_MECHANISM_MATCH_VERIFIER = 5;
-    RAT_PROVER_FAILED = 6;
-    RAT_VERIFIER_FAILED = 7;
-  }
-
-  CloseCause cause_code = 1;
-  string cause_msg = 2;
-}
-
-// For requesting new DAT
-message IdscpDatExpired {
-}
-
-message IdscpDat {
-  bytes token = 1;
-}
-
-// For requesting new RAT
-message IdscpReRat {
-  string cause = 1;
-}
-
-message IdscpRatProver {
-  bytes data = 1;
-}
-
-message IdscpRatVerifier {
-  bytes data = 1;
-}
-
-message IdscpData {
-  // Payload
-  bytes data = 1;
-  bool alternatingBit = 2;
-}
-
-message IdscpAck {
-  bool alternatingBit = 1;
-}
\ No newline at end of file
diff --git a/idscp2/src/main/proto/tpm2dAttestation.proto b/idscp2/src/main/proto/tpm2dAttestation.proto
deleted file mode 100644
index a35025346..000000000
--- a/idscp2/src/main/proto/tpm2dAttestation.proto
+++ /dev/null
@@ -1,147 +0,0 @@
-syntax = "proto2";
-option java_package = "de.fhg.aisec.ids.idscp2.messages";
-option java_outer_classname = "Tpm2dAttestation";
-
-// protobuf messages for communicating with TPM
-
-// type of attestation in the IDS context
-enum IdsAttestationType {
-  // kernel + core container (PCR 0 to 11)
-  BASIC = 0;
-
-  // everything (PCRs 0 to 23)
-  ALL = 1;
-
-  // PCRs must be specified manually
-  ADVANCED = 2;
-}
-
-enum HashAlgLen {
-  SHA1   = 20;
-  SHA256 = 32;
-  SHA384 = 48;
-}
-
-message Pcr {
-  // the PCR number (usually between 0 and 23)
-  optional int32 number = 1;
-
-  // the value of PCR<number>
-  optional bytes value = 2;
-}
-
-message RemoteToTpm2d {
-  enum Code {
-    ATTESTATION_REQ = 1;
-  }
-
-  required Code code = 1;
-
-  // type of attestation in the IDS context
-  optional IdsAttestationType atype = 2 [default = BASIC];
-
-  // qualifingData (i.e. external data provided by the caller, such as a nonce)
-  optional bytes qualifyingData = 3;
-
-  // pcr bitmask for AttestationType ADVANCED only
-  //  - for BASIC, the default PCRs are PCRs 0 to 11
-  //  - for ALL  , the default PCRs are PCRs 0 to 23
-  optional int32 pcrs = 4;
-}
-
-message Tpm2dToRemote {
-  enum Code {
-    ATTESTATION_RES = 1;
-  }
-
-  required Code code = 1;
-
-  // type of attestation in the IDS context
-  optional IdsAttestationType atype = 2 [default = BASIC];
-
-  // the hash algorith used to sign the quoted information
-  optional HashAlgLen halg = 3;
-
-  // the quoted information (a TPM2B_ATTEST data structure)
-  optional bytes quoted = 4;
-
-  // the signature over 'quoted' (a TPMT_SIGNATURE data structure)
-  optional bytes signature = 5;
-
-  // the explicit PCR values
-  repeated Pcr pcr_values = 6;
-
-  // an _optional_ certificate that includes the public key
-  optional bytes certificate = 7;
-
-  // the measurement list in ima style hex strings
-  repeated string ml_entry = 11;
-}
-
-
-// ******* Message Wrapper ********
-message Tpm2dMessageWrapper {
-  oneof body {
-    // RAT Repository
-    Tpm2dRepositoryRequest repositoryRequest = 1;
-    Tpm2dRepositoryResponse repositoryResponse = 2;
-
-    // RAT Exchange
-    Tpm2dRatChallenge ratChallenge = 3;
-    Tpm2dRatResponse ratResponse = 4;
-    Tpm2dRatResult ratResult = 5;
-  }
-}
-
-// ******** Rat Repository *********
-message Tpm2dRepositoryRequest {
-  required IdsAttestationType atype = 1;
-  // the explicit PCR values
-  repeated Pcr pcr_values = 2;
-}
-
-message Tpm2dRepositoryResponse {
-  required IdsAttestationType atype = 1;
-  //boolean for result
-  required bool result = 2;
-}
-
-// ******** RAT Exchange *********
-//Attestation Request, sent to other connector (from Verifier to Prover)
-message Tpm2dRatChallenge {
-  required IdsAttestationType atype = 1;
-  // nonce for attestation request
-  required bytes nonce = 2;
-  // optional PCR indices for aType = ADVANCED
-  optional fixed32 pcr_indices = 3;
-}
-
-//Attestation Response, coming from other connector (from Prover to Verifier)
-message Tpm2dRatResponse {
-  // type of attestation in the IDS context
-  required IdsAttestationType atype = 1;
-
-  // the hash algorithm used to sign the quoted information
-  optional string hash_alg = 2;
-
-  // the quoted information (a TPM2B_ATTEST data structure)
-  required bytes quoted = 3;
-
-  // the signature over 'quoted' (a TPMT_SIGNATURE data structure)
-  required bytes signature = 4;
-
-  // the explicit PCR values
-  repeated Pcr pcr_values = 5;
-
-  // AIK certificate that includes the public key
-  required bytes certificate = 6;
-
-  // Measurement list
-  optional bytes measurement_list = 7;
-}
-
-//Attestation Request, sent to other connector (Verifier to Prover)
-message Tpm2dRatResult {
-  //required IdsAttestationType atype = 1;
-  required bool result = 1;
-}
\ No newline at end of file
diff --git a/idscp2/src/main/resources/simplelogger.properties b/idscp2/src/main/resources/simplelogger.properties
deleted file mode 100644
index eafa2b0f4..000000000
--- a/idscp2/src/main/resources/simplelogger.properties
+++ /dev/null
@@ -1 +0,0 @@
-org.slf4j.simpleLogger.defaultLogLevel=debug
\ No newline at end of file
diff --git a/idscp2/src/main/resources/ssl/aisecconnector1-keystore.p12 b/idscp2/src/main/resources/ssl/aisecconnector1-keystore.p12
deleted file mode 100644
index 62fc410c929ce1ebfa7aa8b7faf24d008c523253..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2853
zcmY+EcQ71^7Kd%o7FnIEL<!N^MG&G(LJ++~)F4=0a7DLzFJbi(LA2-zLUg-Ah~A<_
zS*)n5bF<HT^WMGlX3m*2^PO{ke||6|1s4zif*~REB;<lo>QQG@08&5^5;6ovLNGVD
z7ltIZ`o9&iE*MFyb%WJ!T8)I_zh9IP0I&!NzJejaXD|U0$p7$7I4hW*VPYdsOIB6l
zMQx2EoNjPcOH~F31QGS#WPt~4qc&19A0cc)(l!mc*-rU2S|k1l_O&!=N5jB(wJls6
zWMH@G_CLuftQ@lB@b76BiR_h(^=L?kX~Ba5%@vx74XO$fF%Jx_YkRi+h17Y+x#~Q$
zp8hC&Ro$vG0hzT?|Loa$zP)pCXSChNq7B3PBRNt(xikMl>0nNt&&ECvRn5$|srGBf
z`~xmR(r)j*`<I1~0KQyIF$X8^mVItFyL84f?YJ8ETJL)LA;3zWk@o4wSBsdTd{j@2
zCn5MqUXY$TK~~smYNOof)}J<Re>7}m9rh)qM6*%bP5av5FoE^`^_egpWkO_oqA=4y
z8ZSXAk?SkNvHQTYnhV<8uFj^^8q5@tasEmYyjD&+0K^LvVtA~1ZjK%pM8|N6AAIBS
zd{?-~Bgq+&?wS&v#S-AN`oYx++F)Kq>S_`{BXuH9_ReReZmFl4J;**OB>DSvm{2$+
z-lE(^Tb+<sJ{Pxzo2qtNt+CZ?xOY^Vbm*WU`qN2}V?NsD&gMS<AW)&N>8kh2Ol(zh
zRRF>;$GLk^2y&E`PZ@u{e8{(?hJE9GUs>vFWH{0B(((xk(&5peYTE<Bwr@itTIt9Y
zx2umn9FKgpTexP_AQ7GQcKa#DpZljj|D>|~c%)xnWmOWNu$q+pha?1NLhp2AzeJ3=
zKV30Q{I<!dE`EidH0R){Pv%{=1Le4mkrF)@tClc?-$aF&m{)z;VYhd$ZXi2wSk|VD
z(jfA{%z6y_hGBKsur-Xbuc2K<MS<&;|Ll<aeEo?<x}q4B&u#0T3ggeyYvb>z|LV)h
zz1KZ2T0WT}VmaRyCMZxiY1Nn_;>KF5pmEUIrSUu@oV9c~>luvJ<Qn|2u8OKyXPZM@
zw6kEv2-n)jsOR4?x~>G(R+dQN4}B57wKHO|SLa=BEljn#Jp^DjgsF}pNJS}82EU~|
zMM?f7KgYje|JEKp+%>X}5WQ7&!W6Q&`^|0Wiko_3c~{EHo9O!W0}q6yPhLyHHa4Hh
zQ>Hnz<rlKQ5cHBIV!m-dqmUfEV@`M0!G7$w6kFW3GuQht(dF1{QFn_YyiHs~&>O3a
z;T=xxUK3`_SWUFNu6Om)uRJyD4zWdA&50ucxKmBaEYVpR@LZ54l`!^Lj^D0Bi=)qQ
zs&C!ns@8ZsF5SP8K(C{@iOLU@D_N5jbx-z7Uh|42;#J<d*6d((h0)VOHJTS%T8Upm
zCuEMN{_=y`f1J&>O8@W!GDlkRE`G=k<0;f7PSL4Z)L#JlBZVRR{bR@DrZV}e{=lS1
zo22xIf+!nWH;oh(Duuw7xJ8(@lZz(JT-Km&%2x)wUE{!2D;2feEQ)5<h>|NaFmtO@
z(N#khTp1!^539-ZEDH=3vCl@QV84WLhWf+9xJQlWEE!wCU|;h)bYCtB8%>TKRQ+V`
z1UuPUzB9X#U<&pwhVfE&z}h@@!QSncJk0O$jtU`qfeLIf6cl|Mdp=j=2^clmFCXe<
zNeKB8M%$9cLvifGPp2Umku)(<NTdmFGH?2Is9>dXuW`l!NVn&<j*$ziO)^wxm$_cS
zVK(go{QaZH*@JuGZW}s8FBLg{MjFFdMNt%A>vu&f%Z0e`5>+MVol5~Wq(OynDHzS)
zswAg}gKq<g;4rR#5CfbZOl#=mYR?J3cV9+I9DY;c5>huFHUImFl%xnrtbKztfB>SK
zq4LiL@PA$<`L|aE<0*f`p&kuPbj5L9#_#2!&tjGS<JC|kF&TwkCWOfj-D|125hp(Q
zQ+z!3q;El@lGho*=T3!w+^U4#qsFsJ;?#XS6Bcm}CO*EKigTvG$*4f$f=}OV>fWTz
z=)I_pr*1;-^=v*pL7^gAv|{AIjHEe7zkfKCy%_=vHGsy$@)2y-hvx>B$Gj)K0iH6x
zoeQK1Eztt&IkZOX6>!Srs>B+J?&wxAgspiw#&7QI{hq4=$3D7(P<v@3|1E-G?hLTL
zaJ6+>+N_#>*95&Zl9>bCrSd*y@>+7wP8C*8B4&-ZSBv(q=nT(qteXJ(e8GD>tDuOY
zyCf|=mV@dB63vZJa#EBka3^0kaCxTSr}c5_hSJxRZEoiVJ6~d*q1J3~Tga4Ecg;*s
z^C2pjsZkuF`8-p@-_)RylBwT<!U_u8b<P<@)X@xnvxe-R#9w(vSmB~a{yGhw8I=|#
zCnkSBpIw1g3KUIIrs<9MUog9u6$5Bk9JPJm$ggh<(q^<}+vG2;TTdkPZgRgR9$YQZ
z-IqiEg0|B~N|y=c3B;mQN}ayV4Ho+?SzG#s3GpvCx3~(NO^6^nFXE%KawoAni(e{Y
zTJ%<@q<ims#=i#DiMWU(c?h@r&eig4xte}&N*Mp_ev(x%;b1G4a3AK|@0DRQjAKB1
zp?&PWpQKUwl+o>*GtjPu%g`_kb}wP^S1&&0oJ)E~90MNH*E)uo%C@6V(pVm{-Qv)^
z%ouN0{_gpJt)yY4{)xWMY%9h{-93=Pnm6#1RaN5@ScB}vvx&EvhGdw+h5OYbFRy%-
zE^&`%^~U4Xbqw3&b7>buif8QJnhu$)STe5Rc0_Vk>Szv9xl^;@$Ddy9N1-rcPC|?`
zi&)!@fbs#h6|xdf)6@n2PU~Mp_2^w-EV3_PA}1-?xXp&njQJrAW-Q(L?heztaMMdY
zfzjra3IyupJ2sI3C5`Q?fFoX$sbn7oC6}+0ot?wUNxE4G>{^;KPby*%cGTK!?IR=g
zp8=~@eQAklcl|kX*B!RE(p%)7Z0X;jQ(l-k3b<l|t&J7usg|e&BR&ETxg@mlzz6l(
zXvfyK458gpTWW3#APv<=af=P<ynYUcwW#iz;vZEs-!6}~f9%-q)pDs%wz9vTzO`my
zA*x@AcJzvkO1?#`TECI&9tKI*dFvF_^eYcn9i>wtbU43Z@YF<DZG?+~W~qpM*c?cm
zsboGd-$9>$l&A8P_F<PBs&n7T3l)>lL+Bnzvy5@W|7q$Gow*~sVYbiV3<Mn?CgaD7
zsf%Sj3M9#c5!4+#Lqfj{C*M;)Onkyx()|*6P+3MV>6XVI0z^yLg)$FexeM>rw#!7Q
z#mxjcKcmX_9^dtt7R>>GT!#1@GDysdXt5TOWA^MKTA3l@<c7JixUJcx<;XLmRFxD7
zN%z9>E&&a5@mXOdyWPdfpk4AJrku~LqjpNYZ2G@9G;_+MMh=xw3MSXq%I4GL_c)Rs
zDh4#bG*vFR#{t~8p*9wD!Ql{<21Py#jgd>Z|N1GugN689-u>r65EqL=d^=WAENtd?
zXC8P>g_S6?0T_tMI`f%-^z#!2j^Aq^c;rGIks(#AYJYb|$ayUHS?Nl`OCWF44gvey
z?NIdo(Qec7+H-Y0QN!~J=A3=d6si`%6UW!5Y!Gz1zcNvu6(g)`xZZmG;*E!nZQGOO
zx@gX759W8p%`|82UXS>DAmIgO#In3F1sE5MoP=2D76`~fOa!L){b3MV++vH>daSz>
n*n7Tw&C^r^rk@m7`cQ6Mj>#CEW*-X3DLcpvm<56WQAPg(!sS~c

diff --git a/idscp2/src/main/resources/ssl/aisecconnector2-keystore.p12 b/idscp2/src/main/resources/ssl/aisecconnector2-keystore.p12
deleted file mode 100644
index aee655d146f41bbfb45af4cf45d0cde079cc45cc..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2853
zcmY+EXE+;*8plJH5Ho0S?5Z76yLPH*t7=tI8hcmmJ%iYzYOktMyJl%Aszi-c(ONZP
z)CuaKX6@_V=iYOk`{8}w=lT8L_y6&S#?kOnQUK97>hBPk2woe1NJ{~wD8f+>fpFBH
zE^!YU2gd$i1l9xLz&e*$`*JiOH2?jAQ&UhD;Xo&79Ow`&459uXzAWbeF`oxb@)qBd
zq&fQN-yApVtVNyR9!?1a^jvm<`uk?z{c!9I9{{szAC*R?7^VU@URf^GpN(J5`=jgy
z!cC<SkpUZQ?Z}N-=jLO7^6jPfhTNVV%Cwh_Yt*dwG=F{tS*X-!fJ|g%?U&%At&3n=
zR~F{aSZGZxG9&6)xL#Yj((7Os%JitHUp4Lz)!P@p8+65uc?1+9&FgtktlCX_vdGz$
zz?#IK`kV5GI@r!}fhytKX4|Gx!_B+UK%O@fr09y7(?8-Frz^`p_B#$UV4?{S+kG+P
zIUnr2y%~K2tv#=-Nv25Id~T98(snF0M91|k)qS?^V~#V=_vZtMABIAuK*0n^QgxTz
zDET=ITdWJ6rF5o;9)+6|tU?s}m@FShiVC##eF%zPd9KF=d`C3Xbb;HZd*r;{c^{fH
zX1DM%XP0p6^I}<^&ot3aTLk>4Pxp{jae_d;r7O7ZDR4aNTts4M-K!w1Ra^&0B0A7~
zfA-#bRt5JnX%oOXD#2a@rNrG6cJ+2X7Gh;=4cUB`hen<(5xQ0M@>2Su!^@s=*Iul>
z3^h`|a`9I*jdp?oOEaEM?}+nuYMS&;b$^&#i+OufS|a21#*R9hkMlhtClh8=aK5D&
zuY|dQSf*LA>FuOYQWRg8X?1BxwmoF$Y;E^h|E5B47fNyFZ16p6(c<AL-|-2}KyJ96
z1jtopTy6Gn#2jUeidTN7;6mrHSqV3!VCU5Zm4068<o0)nYh&-%4uw9nn5cf@%5cj%
zdoolKAr+MDA*HT*y?op9tsg^*`;Uioq+ch&KaGQW!e>>iUL4zo`Rzo5C}o?KhL48V
zu2uRzmK>quxrT#2GzAEjkLmBRFsSOEd?Q#8p7D@WtVgfig)Vozc?H8et;-=J^L;sb
z@9c6a!FON0iVcjYPy4z_#|0D=j-P$oaHsaJ(NO2!cUitqWLEv6`@a~<&Zx9*&Gc(t
z%PJ+SKI$}1?cSV@vwS;h(c5WR$;5$WAvYq3Ji`(dGka0wlQ;S{;AG#RnTpXC13ER2
z=$)ppZC4?dl~o%TgC{*yd6^Z8K5a6qdkL?7JUl4g+PdX3vbFMemTz<V606t(2AzAo
zT6|0C>PSy-S(`fd4+N?mT`z>I4l2_$v(1fmtaL-&ozm@<S(R6icl{_b3OO}#fSG)_
zI7=<n_N0wRi*tpYPD8H~f_`x{q8LzR?Xmd;`>5^P%3_<NC-$bN;N&SssC;0@LPTy8
zLR1WZelceExJMsb3Km%|UhvhOK^TD`5P(F^a-VL81W{V=Cze}gNFJxD71wbZuFd^d
zRT?0ZygSLS8Cw-i5HlKPKuwXF#H&G^^@_G8ZeKzI#_DEWqC`)ihAtd|`>uUc_ujAe
zz+rq$;(PD(M(W?VpD$7^8?5XxY<3Z#MworlwA+qOjO5x!n24%()L&-IEm5by^1Hj-
ztPC-vkptq$4S&rM<%<#harCcA65NVbdR2gmBR33YcQj2fC|iS*5|J*VvG^I`1E+rS
z;nW5zDQD@J7KSARdHEpy#1KOF#0t%mF+ujs5@bHexyY)W2D;U*Oh-HjWY2K+p7D^p
zGI!r`!lonUvEl92(m(HQc2T_Kwp0>hmExe9IR*DPxK?$G%q!<M>WyZnj8{}j%Ay(n
zRwayC62wIbkVNzTgIFY)K}<$YPwaRkWfbIPuS?2G$xF*CTzb^}?;|Lr2nW7*iEdL;
z04^8ipM>K7ybAfZSLsXQmoRb?C&;?WP4q7bR4F%d^*>$>$APIZCq$b@L-q+Zn~qEZ
zwRXgH(-F<mCH=s;!T632t3@|!VL|iIn;)tX6(+wI@Y1=(Jfyg**;evyLNZc&m49X4
zS&=ug4X3|4VFoMr#LU=-y7zwAZpuh-N%)3HAZ!n*)E`EuSsTG)&NGX00BWi>cMt%_
z$O2Gt1NpZDq?V^N@#>k8#3Qs+7BXJ(Q_{&>JV_1p9$!hRE?}T!a@zigZJM9k3&*G7
z*R_~^^?}llDQRoZ?0vUa{SO>#lPm{FMB#Mmfg2|6TM0ESd9y%QF0pi$7$LwIwUz5w
zVhx{CpvQ2h(1HQgHkq3lRVYg*N-Ml7o7(M}eQT+mCl~n8%RiNT(Nla>TRxU1Y8zCd
z9$-;t+L3|R(W2yqDu*YY#!s${ob#tt$juYEyKdH|)wV`3%NA=COq&Avn*%-9VyA@e
z-1unAvXlA1L8b)zq>%k3d_c7U)l?;aK%O@<)anW?uPXTM1HKO7&xjZ(m@Kb6ngGXP
zmVd-61x$wTVMbfNr$6F~*@8yt(#KGr3h9g~ob+W4x3rJp*$oT6c|48P6%Tm^tA!B-
zy#@WfwEDO<Y|4VCgHcmX`QojN*3!YT%ExV4CCl%KIu|k>H{Ou@J2aY8$LpiUgV*C+
zHRdQ0Ze%g6+VXv^BM7Pi$`%}GXH3OH7$_Ml_~o<sLiIP@WIzbz@xE4P<;^D*oQue%
z$-BlLcT8B`jp5!kD>rX%{cd20plIIOX0%Xi8zW3Um3u*f?VR%nU8K7k?{$P%q<d+V
zH4SJ;lI@;J79ps2VL0};(t9U`%fv25R?3|_)qCEaFYq3N+f2+bCp_-%+Vrm}DvWR7
z^}kHrBsdn8Xaq!B`xxzSr1St%@G}xm9X}{>CTp1+Z{6-`PSgR`_t7jzJ)AUe2^T^G
z4<;IMoeL=H^XFh?!S7#(a*A4P#rK|V+{2uXR*D8OskoWdhL!!whs}Q6NtkEP>qv_z
zEz?JIwH3GcsuK@9(`Xf`ti6XwbMp-&vU@4e9A~4`8lQSKX5G;Fz>PHZGxBR-ByH>K
zfX}wCQo9<Q*lQ71yaN~^nR3Q*hYv-2`UM<a6)6+t9mnY~MxcGGx#$5LvN9Mul#pYj
z6xe-5EB#L%aL>b_LGF#yCOSripWU0C`xx8LxGQU}X+-a?fihu3b!ESjuDsyD+Sug0
zoU(q65xfO|9q&|4zV}@5lAMEF#$zMAUv|tECp)6^;mes6Nq*jn9gcCB_=z8<ZxUMc
zZt|g`i$7vtqxeiyu&qbO-pcNd0?WZzp*+arIhOoBET(-p%1XfiYoX)-4KozxRy+#A
zD7FNn*2w`=tX7;2!bNYu4-lRjtY2E=XQf01=n4wITKfaO#v*a>z^7UHz)h22CA;=8
z7OEV}vx=?xDXzYyo3f$@hM6@;kKf+c;&d2itD#9*CME=ojF;DRB=W;6s6UNQrSdR<
zuAUD)IoNj~!&X#YnfNmaCa?;WXvDJfuU#+^7pmVh@pa#DFX6QQ@d^2y?`KJ|dP@j=
zm))sG^RrQ;E9ekelFh%mK1gKrcHYjTH`}D|URdPaE-rr1`Baw&nVtIe{u<npOiOf2
z=g-g<$9+3<iW>c#e^MEs;el-G4NfLrOawG)wGLfhN1013xFusgv(*&4N*~$#Fp!So
zzQm$3{VP5^_L64RwL~iLe`>$-GjfYo7p;QkMZ+LqQ92+cI~V|BJ^%)l$X{(V`uaR@
oS!}CL+@rwp1jM}5LIb3v@M2pFR^ZN0qhs)H%2%TVQs9gJ1+x`I#{d8T

diff --git a/idscp2/src/main/resources/ssl/client-truststore_new.p12 b/idscp2/src/main/resources/ssl/client-truststore_new.p12
deleted file mode 100644
index 3eb864bcd6bc350928b2d0f812edad3e18af58c8..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2266
zcmV<02qpJ0f(X_E0Ru3C2#*E{Duzgg_YDCD0ic2ifCPdFd@zCtcrbzpbOs43hDe6@
z4FLxRpn?cxFoFnS0s#Opf(Tj$2`Yw2hW8Bt2LUiC1_~;MNQU<f0So~KFdGCED^tB?
z3s0`SMCu2BK)~G&*9n4{0s{cUP=JC6APZuA_c5rxyd$gn@|^rZlqvFQmEOb2`IH>L
zS;N;R&D&T3l~f{;t2E8({}$!tUbX}xxzC`hh2v{(4nLa4ZU41amD-|qRIxn`W~xtn
zXdx1nI%9vt3a*Vd&FJ^>a0f=9(tg;B*WGR{Eq;tC$;l?WS;!r8Y(PPT;$F~d(=gtB
z)W%u4qo_{ERR%6ZVKbpRN{fxm)obj7zT!F##|B@4RUL3%ymrH*BK6i}&d#}WGQJlu
zLjAp(djMT&r5R$Di%YbTU7rn;CfIRJNF(SGP|o()2S}>%DFehqPG_iWK>lU4PcO^O
zLOjDyu;gAu#4%HG2M&q*g$gHAX-GvF$&4TBS6U*kklo{>8<Fp#e1GOfjTUEV_~6Fd
z9DH~L#o7GTh>$XVE{KG?FG9<V(E<??@YFm1o)@3QAO__;mitoYx47JEvJUhy^Q@qD
zC0AoNjS@|}k<No$ppx7haQ6A+nbu1xuQ-a7{$gCN_Nlb!;;Xijp>W9UoaE@ZS~k@R
zTenku>r4FkZwRURpLVmeh9)d(wVzkMhgj<$cMLIeTyLurM9RFWHn~^aSGu9B`l5u{
z<k!WMs$DT#z#^~sN-?5VL(AeNE-Diq5%~wM%&Z6>I69Uk{>`*9|A8DW=~gmYKpUEM
zb_AchmYjQ1mM>fw`1JwBSU|X;uxA<KkTfaF(%O$>XOOW`^Rf*8D!;uQjOljAnO|%{
z5coN~h&0bFXg9%`uUW+XgiCp*^4L|!bpGQW^6lNS&X(rMr!H4C(!!q@pG_TVY3Ikq
znPgbU_8hou#6f}uXZoJq|BMj#5xp|kk-LbGwq(@5C?&7g6|k2t8?BF`6dJz_c@f~b
zamk-c5Trd;?t21w4?31`@k+sOt|pMa@*H+&x{4RZ`V64ci#bMcmb<>0?mxConbF^W
z9y~{eDm)hiV^i+!CrX1Tnork_$IhXUsT|b_|Hfo@=r*aR1fKMhH(W7pJtfX%^E0!5
zu<ENMUZBnU^<xi>COMQRO1I8@LBx-RX%FJ}Xr()kB1ptDef-~qE+eQdpXC5#8MK~<
ztYK**Qjq^*`+{l^4&=M35J4*wH8;wvB7<GP6oDdV@LTr4DqS`tdj$X5P1W@aHn{BQ
zTgDv*Vj4wR=*A0Hqtb=L;aROr6QCpbAj?+=*fle!f#G3xcn?$|U@1g(p#M{PUwD%E
zcjB`{0Z%xLU!aH+*5zXF=-4;{qL(~SdCi~H`AL`jK;|f8)?(^3QobzYI*?O%7;0x~
zp}FTpMbrI%^uTL8!SlcQQ}j9Kc0D$&AF5l!NvMl6t7ykTcm2eQks+kns_@P)cy8W!
z37x>+rVRS(HFsjT2jHmA$r8{(lirasXRuTvS-S3fsM71pus%zF@wdVXEZ}i*U(G)N
zGD7i@lYz^eh{m)p%b=&Ts?Y+R5W$}|edEKWZ0e~OoH#sviE5+?m`Ps}x|xwQzB`Zx
zghJ?=Dx3$TaQF!87nBugc1Et8?jiYM2{ZXR=gFsSX3ML?99g5z%v*$^KX*`ldN;7U
zHL|BV*kA%6QSok)#4T8RE@0<^wlM(hLUb$z;+gtsIs-OUDl)=!iXze`D4bQa_z{A5
z8ygdO&)-3wpG+aKi&c>$fVT&@uMiNUEuLoIS~&P^rGcHT5rA2|%iyUI=a(|^AC3W<
z1W%cdLT<f%$xHhghWz;~`sdavb!3_P>n!fqpb|f@B5c(;tW%x$F9obhh24K`o!+wG
z{g$;=f+mV~zWwD^ITPuntuew-0qVl#4Plw=VF_FEB(R(PpET(Y*>Vj+L?{oY<1Bn3
zrAZH;D!Evxobjia4C0Xu00RF3mVnMbphS7W{`5fj`kfe3R1Gx_!a1y-NzS59nf)Lk
zj&sF+Lnn63<5E;yNLhD?RoSdex!?Nnv-@(nsGzO~J0$jzf&Aznu`!Tm-ZPLFMAHlC
z8eEE;5ccQ+pqw?5yS5jy1v;eGC)@Hp7QUDu+`0Fn%=4pe^f95%RqmMfL)Em*LR_C*
z%O9si`H^4>Y!8DlFJ#XJkMt9+N4b+5K!D3iN?Y)87CSL<aG3$=GLC{G7TyNQCtTfh
zITZ4{ygqp8w%Ww!PcV;_08|eZ%d67F;PTi97Ndm7(8Lr#nmf~t6OJp~-Dr}Ew@J=O
z9N-DlFkK{QYy49yY4ApecOxy^MP>e?1bv@O?e7Kxs@+x+<J3@H?R38n&E9&1&c1nQ
zD+x@if>&Yoqcua>+!YR54k#o|J2eVJa>QrJ!La!h6FiM8>9Q&rm>U$BK346{4)?p4
z`of(RrmN_k()Czx+unqp_6XqenTSF)GP^#BaohSk3&}=8pPg3&Tt$^eU&Q#t6UGHC
znD+W?GERQR$ZA^omOE7p6pS+6V4F8!<Z6>9z}B@q<WRcu{2+wqgWQoRZ(twJu(i+x
zH<@j!LJ_M}&N_IrA&*P{8x5&67pjQ|2lvsNqhtfFb1hz#o0}#Y!^#LYMFgxjkwy<*
zQ$i6NxnYBzvgQHGJ&%IcS{fdy>-V9Qm_udCvY1^;7s0MDs#+%%p0FPl7Li760IIa7
zyiCXRA)oHVUnPxev?Focp`%Mnh^^nr+n^GXYAQgFMtd~af|znt=Xa#n+NqKak*vhn
z(i$|VI(|2z*(DXU{<4%{yz_b7LB`ot_eF9iIsM3^BjHtoOihEsJ~Oz8K#r&GO;GX=
zy&V~nnyd)&E4Jns&+a3%!oB)+Pcya-h%i1dAutIB1uG5%0vZJX1Qb3?)~0Q}9Ipsu
oRs~uk{^L<ialHf-v&!?)z}^Ele6^!UVF#w4zFz1(0s{etpidH0I{*Lx

diff --git a/idscp2/src/main/resources/ssl/consumer-core-keystore.p12 b/idscp2/src/main/resources/ssl/consumer-core-keystore.p12
deleted file mode 100644
index c1fb9610a86bd9bd3ad5130f327116c78684dd2b..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2765
zcmY+EXEYlM8^;rgAV^!K)LtD{C8?OPwe|{XHCCy;irOo6jg*QSRn)Cfd#gQb@1QDf
z?Qm7qs#V+dzUO`KJ@><No^yWx=lOs9!Ew-j3LprMgW@1Gf{|*GzvzKf!1p+)7Z?Y1
zzr@aP9Hr&IB1%0lj#BFqt6h!?g!X@5bWkA0dmQ)#jsyRK3qYX%$Cu@7V8#l7b)JIQ
zNr9#zVl|yusrWiXjD-RO=)CL#_aPyV56PAn6j?*9Fe=9^uc`pu`I^=i(`ivNsjZ<a
z(Ev=q))vfNx>j)53izl)7{?^Y>bm${{N4dRod8~?4EbQ9gqSEGIIu2kBD}25$VHHp
z9OJAzs;l#KW~+VKrFUxwxEfbC(ud{9QZsH`GGnRgtzi)pG+Fm1bH@pF-j7P9qqxt#
zb4cXP3G!KcJN9WzMrq$tHV~@)<$(#S<Z#!dEHZmkQIm0f+4TwVtpDjd1sAap0}qZU
zF1hP$H9hRRrh4H+TvR1b;{9n%uZ`^Twb1hSh$*gFPNsdhh2DDRjK~iLIv_mJBR^B5
zr^W^*gJ#hbI=}PYDBSW0(VBj4aN03))yptz=1y{QVvF}$;gg-Y1C2$q>9frZ!I)mL
zKMY-l;u5P`)BsQK!}aJsu!wL*lfhzt)XOZ)MFJm*lM3wbo>oq?J~IwyR$tJA5Di5D
zOUsexPRjX*ncX+HHDUwtEX<`0KB{y2W@O<$JM`EQRD!t8r2VoXyct+T9ngqcOUm9e
zO7;7dGYx)#tEQ-Np(0SzU8L$A;d2?zox{$b0$riO&we?5+102c*;x}jQW<8{OGQVe
zEN#rURL9vzv>A4eXM^@Q9!F)kumu>@q}?a*%5a-D-Re?=wD6wxCpQUJfi3ETr%%gj
z_00f0x3@oWO8XB>egg=e`|g&&mT6#(+?<h^^M+Ly(Vm{}N2dbM`KM21;|<fs`55yu
zG6Xce=Y?M3`s%6+EAZuNh%re{VH#iQZ40xY#NgQ`E+vbtftjtPRDBw~n&axP*=qBy
zH_LEt<@9p5c@G|fi|GVV8EUGT!cZRu_TiXh6xHbAY_Hc&d{RSI&}JB#@0x!|XZ>rf
zq@T_dA9p-Q1jHb3kqf@XQ}NyV&mYqrcuysu8`Qhx9xuW=KR1dUf3B`rh!;NXWtW)s
zdS)3GKCVvSAz{u+J`N5`d7GMC`y&3Coh1SxV9f7#10!Rz(t@Nu`174e@Y)v{cD9&6
z!ZSjMt-eEdmG!71HhZ8z%2#lzD`2B^e#8vKip?R1qm+|ug0|yG)W6dMyYHJ@@8Yvc
zGC2yiIiuqkbO2E=);yc3y&i6P2N~Zp4UQA?(iFDHiR@AtO?w}yg5(nT5pjK8v+_tz
zH&&@A!Q&-$%m8TMv9;Tk>OHZhV+2kI6SeLzKiqAF!hb{v1}c1d4kHnx>aI5MJkqJt
z>EuaVm)A_}agGKJ_nsT>j;}v)x{$>a3QSUCSl5>GkBfRoYaiCe?HSUFW-;~0NIuuh
z%j?kRny<K%tGQ%TEC=Gu!{=?1YozQ|6XrGqO?uo)Gt8*ye|DA{S?6LkSL!=-SZdL}
zqPy^u>jNijs_{JTB`c#WNwFCf;Dvi^$1;@~Z%Ji*0I+SzTW~fD5qPV`Xs~p?pl`+5
z<!AsV^Q&*Y5FU-T{<MZ6hX)GqnqX;*bq--xd4kYSWVTWr2GOaPF0@uNU=i9e^_5JD
zT)MJvKp(2Gdlt*<ACKJBRfo*uha}x6Cb2nlkeBI2y6^1|v=|p15;I$nuG-TJKa#bt
zTxiNRK1%oa%oYY&O03LXH}t&wHl3g&5Z)5-UL+FZd!g%ZJ5D4D+>r9sq+^{xh{Lb_
ztx6h31elWofPnM-gP0JEU<N}+S37P5N=i~3iI6~|;1cjlkAnX`qJmsnbpO(#KPiBK
z%eD4T0{oX(A^-8}v`5PI{gXj}N`J<9`kVwY2CGx`U$2JYz!edMF`gLd)5>swZDm;V
zG;1Pf0ACvKEHm%LPHWYnqZ$vBLh17iE$+(nLH_Ft_B8WFRD?~N@h@QknHsjg(dHTj
zw0+25Rfa`+_6dnf{V~uc%B4X~N+gTCPT-Jqzb}3hmU2Uqup0ZceTp+qlsWsYdX40q
z71#PUQG-1kxwo$Gu%1XPw0C4OL4u!xjNH4bi~S6Kp>Cr|*US;2aB&~S#6e@ED%EuL
zT>^HZC-_H>rrBs1x)^f!K>ZubL`zis7GIIMQ-nx(2~;4VZD)?FR!KJOj(5X5vs&|K
z?8<)4J>)@PQ`^nGsZ;v6NTv0LkN3Mo$`~Z9Q9S+FnyX8S-P-lpncNCP420l24xUn$
zVhBvaK>4~euim$#=p7#ym0k)nJ0}g>qzww&W+iO+_$MRLeW1)<Z;-idS8Vp7uh!x#
zjymmd(Ka`KSU)UjGo`9Hns@jzSWRuUe3)$ia<3dO@UDn3jw)jqF<Db!snV|3r}7j+
z$Dco8q!Kx)AMBU~g@4Y9mSWnfFhJH^<!QwpQp+PDML8pYG`QnzE>hgY&*ApLsWN43
z6AATFi<o2CUymPS-;U@|WTrs9bMp=I^K^wd0B`uc3+i7gwmZT!)-t7jCAYbCSiKHL
zJvk0;S9zbX&L<F9<Pd4!?32Ger6})<WcGrvlRgD@`#a|=KxQH!%0W^#H3uzzikmdC
zi=SjI%tI^c*lk^RtAl&nPgcGoZ;$j|3oe6p%d1bQr%QIliT=2Kp9$;j`=j%^-nicj
zRv_|jn;_zOo73b`Nu|<La}|5A-%)_a#vpFN>}0W7*5$Y{gx)Eoo8!Jwa$dA9Z{v%Z
zh~4NV>UTdjzReW*tt^bn?PG<_=|Xv}Z|e7RVkd9id?f~ZvC2-rq;jj7iBb&v{YgT(
zX;h{2(C9uxR!1pe+^3s(&)sQxOWe!U+!^B{uPcc4(KM25J@33$X5Iam&|S5%DTbF!
z-2EBSKGRE?Re$yh$}2l?8q)sKJuNnxeJCx#j=z!5=_|9fuOFbLg%>i&#3`*(&Gd~X
z0TfD-hunoy#acO7kyt0&J@y}2NMg!rLwpx3W0}A<Q=`=iSM0y5W!iI73o>&Uhc3N_
zbS}0Ye=QG<s+Z!s&|01{2+b#rvYy`nWUi$z_y6gFKj{{=b%MYnkmfdeBFgxh%=v6g
zBoLI5(0J~fT6eNEC)5TaR<c#?1z-sel4j|fO5)j(c2~Jg_PxuoFMjhe@fa$>`g<3E
zQr^z4^!`$aK(~agE~!&n)V<&#$!nY`n7<K|k+(xw=OUBH5h@>FF*xJjC?ztS(U#VZ
z+Z79i?_4Qd%a%^df5Y6LD#QUpjA0FP=&RjRKh9uQw`&0&+pMXYEG&f*!FQAnM6Mp{
zf|X3VV|)FeX4H<YjG=y#@JQC;;oJo@7jK4w;u*d$1%p~bAq?*HMaL3tni<-#S47>u
zIQ9n{7b!S9bxm9eZZ68-5I&Ch;G<R;=w58$s2uvGZ=Z6!YHlxP;(&I!fm8+(KaEev
z@Re1!Mo1jKc!RVqF9Qh^`}mKl@=>~+=6H1AC}X4)e_@g3IRGvP=Yi8eD1~4k3RX%0
zn9(1q1C7XPYA|+5_IvPk*U_vu_fIgRr9q(NA^+VpZXR2-a~B%0d=aHZ0Rl$8{|h%%
B6F>j}

diff --git a/idscp2/src/main/resources/ssl/consumer-core.cert b/idscp2/src/main/resources/ssl/consumer-core.cert
deleted file mode 100644
index 894a5c1c0..000000000
--- a/idscp2/src/main/resources/ssl/consumer-core.cert
+++ /dev/null
@@ -1,96 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 53 (0x35)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS Test SubCA 2018
-        Validity
-            Not Before: Dec 10 14:59:11 2019 GMT
-            Not After : Dec  9 14:59:11 2021 GMT
-        Subject: C=DE, O=Fraunhofer, OU=AISEC, CN=181ee43a-e0f5-4e1b-84ac-6eeb993e187f
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:bf:3c:7c:1f:0f:82:56:9c:b1:bd:37:73:f3:43:
-                    7a:bf:6c:3c:63:d2:0b:36:7d:c4:bf:27:bb:88:cc:
-                    77:03:89:3c:bb:b3:3c:3e:29:98:42:a6:38:f5:b6:
-                    70:44:ca:b0:0b:ed:ed:96:74:62:05:fd:0f:20:f1:
-                    2a:d2:65:b3:91:33:9a:2d:af:8f:0f:03:20:bb:51:
-                    ed:b5:77:9f:9e:c7:db:09:44:6b:e2:6a:96:b1:bf:
-                    f2:fc:ff:95:ce:5c:bd:2d:60:56:e0:f7:8f:cb:0c:
-                    b0:fb:01:5f:96:d1:35:d5:24:e8:ab:d8:ea:c4:7a:
-                    ac:3a:f4:62:4e:e3:de:a4:2a:48:e2:ce:e4:7b:58:
-                    68:53:b7:fe:20:db:07:be:3e:52:e1:16:de:b9:25:
-                    08:04:28:71:40:19:29:c6:6e:a3:76:75:14:5a:8b:
-                    1e:62:8c:c0:59:f3:b0:ee:d7:6b:a9:13:45:09:75:
-                    e7:02:d6:a4:18:a8:99:93:68:7e:46:9d:c0:ea:6d:
-                    bb:e4:83:da:7f:0d:61:e1:03:8f:58:48:80:2b:64:
-                    7e:81:2a:a0:d0:3d:c5:c9:6c:73:62:77:53:21:e8:
-                    19:10:cb:ef:eb:6c:c6:54:4d:6e:30:37:0e:80:d9:
-                    4f:85:da:72:ce:15:2e:00:76:4b:a5:cf:72:96:07:
-                    ff:0b
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                14:7F:AA:8D:65:9B:0B:25:6F:BC:A6:F5:FC:BC:3B:6D:3E:D5:A1:E3
-            X509v3 Authority Key Identifier: 
-                keyid:CB:8C:C7:B6:85:79:A8:23:A6:CB:15:AB:17:50:2F:E6:65:43:5D:E8
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:consumer-core
-    Signature Algorithm: sha256WithRSAEncryption
-         7d:aa:05:25:57:b8:fd:bb:54:88:06:1a:2a:ac:76:32:cd:6e:
-         9f:93:21:3a:29:4b:07:02:28:b5:55:85:22:6c:7b:d7:b4:93:
-         41:a1:ae:9c:e2:b9:61:66:af:da:51:08:4a:3b:df:73:30:2a:
-         bd:68:1d:66:8c:ca:10:64:82:6e:69:1e:93:cd:ba:f4:2f:cb:
-         ee:87:e6:d2:ea:b3:ad:a2:08:38:ac:a7:c3:a4:ae:e3:ba:a8:
-         42:1e:e0:d6:8a:24:7c:23:c4:49:dc:4d:81:fa:8f:dc:86:26:
-         7a:23:5d:d6:04:1c:2d:c3:fc:52:34:f6:21:8d:31:9c:2b:6e:
-         f7:a1:dc:03:3f:17:f6:6c:1c:ca:0e:7c:d0:21:0c:91:8c:56:
-         0a:f4:2e:c2:68:90:f3:fe:f9:be:13:bd:49:07:95:e8:88:cc:
-         f2:36:2d:fb:27:2b:47:17:3b:ae:b8:2c:3d:d6:86:0e:da:df:
-         3f:37:7a:ef:13:bf:06:9a:98:53:98:19:5a:1c:06:88:a2:45:
-         8e:77:8a:ee:29:a8:fe:da:83:87:7a:0c:77:5e:c9:7b:42:19:
-         cb:8e:36:c7:4a:56:f3:28:4a:3a:a2:cf:ba:79:3b:a4:3b:a6:
-         ac:3b:c3:ee:8d:44:bb:08:24:c1:9a:20:65:46:96:47:37:55:
-         9d:01:25:71
------BEGIN CERTIFICATE-----
-MIIEQjCCAyqgAwIBAgIBNTANBgkqhkiG9w0BAQsFADBAMQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEcMBoGA1UEAwwTSURTIFRlc3QgU3ViQ0EgMjAx
-ODAeFw0xOTEyMTAxNDU5MTFaFw0yMTEyMDkxNDU5MTFaMGExCzAJBgNVBAYTAkRF
-MRMwEQYDVQQKDApGcmF1bmhvZmVyMQ4wDAYDVQQLDAVBSVNFQzEtMCsGA1UEAwwk
-MTgxZWU0M2EtZTBmNS00ZTFiLTg0YWMtNmVlYjk5M2UxODdmMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzx8Hw+CVpyxvTdz80N6v2w8Y9ILNn3Evye7
-iMx3A4k8u7M8PimYQqY49bZwRMqwC+3tlnRiBf0PIPEq0mWzkTOaLa+PDwMgu1Ht
-tXefnsfbCURr4mqWsb/y/P+Vzly9LWBW4PePywyw+wFfltE11SToq9jqxHqsOvRi
-TuPepCpI4s7ke1hoU7f+INsHvj5S4RbeuSUIBChxQBkpxm6jdnUUWoseYozAWfOw
-7tdrqRNFCXXnAtakGKiZk2h+Rp3A6m275IPafw1h4QOPWEiAK2R+gSqg0D3FyWxz
-YndTIegZEMvv62zGVE1uMDcOgNlPhdpyzhUuAHZLpc9ylgf/CwIDAQABo4IBJDCC
-ASAwHQYDVR0OBBYEFBR/qo1lmwslb7ym9fy8O20+1aHjMB8GA1UdIwQYMBaAFMuM
-x7aFeagjpssVqxdQL+ZlQ13oMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMDcGA1Ud
-HwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuYWlzZWMuZnJhdW5ob2Zlci5kZS9pZHMu
-Y3JsMFQGCCsGAQUFBwEBBEgwRjBEBggrBgEFBQcwAoY4aHR0cDovL2Rvd25sb2Fk
-cy5haXNlYy5mcmF1bmhvZmVyLmRlL3Jvb3RjYWNlcnQyMDE2LmNlcnQwHQYDVR0l
-BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBgGA1UdEQQRMA+CDWNvbnN1bWVyLWNv
-cmUwDQYJKoZIhvcNAQELBQADggEBAH2qBSVXuP27VIgGGiqsdjLNbp+TITopSwcC
-KLVVhSJse9e0k0GhrpziuWFmr9pRCEo733MwKr1oHWaMyhBkgm5pHpPNuvQvy+6H
-5tLqs62iCDisp8OkruO6qEIe4NaKJHwjxEncTYH6j9yGJnojXdYEHC3D/FI09iGN
-MZwrbveh3AM/F/ZsHMoOfNAhDJGMVgr0LsJokPP++b4TvUkHleiIzPI2LfsnK0cX
-O664LD3Whg7a3z83eu8TvwaamFOYGVocBoiiRY53iu4pqP7ag4d6DHdeyXtCGcuO
-NsdKVvMoSjqiz7p5O6Q7pqw7w+6NRLsIJMGaIGVGlkc3VZ0BJXE=
------END CERTIFICATE-----
diff --git a/idscp2/src/main/resources/ssl/consumer-keystore.p12 b/idscp2/src/main/resources/ssl/consumer-keystore.p12
deleted file mode 100644
index 6607767d644aea4ea7a11e98ac540c623b80283e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2693
zcmY+^c{me}9|v%oZEjNTkejgC%rV#ZtNNm(CKKhpG734SAy+F$TXQXP--^vdu`x%k
zkXx=UBv;PlOvtbA^Zb6l@9+1==lML(`~5ucKVNVH_dOth9ZujjgK(+Fo{!z-18@NH
z3EU_Ufm`c$42Kgy3;$G*d;;j*?`Q-FVEg_0{%HVkNeK797kB{>I6sK9JVi88`A7=|
z1ah)P6F~VZywpW&3z4n6S^2p{Kk$V%E=f<@tZGQd-P=J8Hk|AIlG1>yU0>xCvxy@*
z72iX0<MIOefUNp&&$JM;961h+{cg|@_u!jcYnmQriu!MBv7?C;peo0T2%TybEVl_d
zEJ=tNTPbGq=}&eh?I591@6lwCN|7l-RHEglMCu{Dw4|yoVe6osk#U1_NT5wVlp_%<
zbLUafGQ)k@tA6F|uR#xIE`b(okJy1PxZ=sU7Hxd=G|UA*!IE_wIc@PeJ%7gg0O5I`
zo)v0;OZkM1Q4-jo%*85{*-+nSn6~+T`-8H(cf;k#?*2{oeW}g~Bj=_^D?bnM%as>B
z^iNOOYZnWAA17!za&dVjSl|0p{BTpRI7}087_@ATLFmf_szlX=%EBu2{)pmvw&aJx
zG6#b{-am5m!=QAl{S4&x>Mb)z5*-oub}-w+acmngdOgJ$qpu{_qK;afIiH=4fT0dv
zNAG?Q*OEFm!#bpEeQa>jv&y9hxDw;TSjy=FZ{}(a5pzSxiIT=yj%fvu#`m%BZ09m_
zABR8-G<rK_W(&wIPgdJ&N}a}|-3x=#b7>2y_w6^$79uhophGzE4&(>1$(|D;UF)i$
z{*NqRf9&PtUYvuAHQHGCyKM@yxV~SE){sbW40>n@)%*)61=3!ny(OLjxUa>2!IoK0
znXUnu=C1Qy;hskX3utTp)SU~Hrj+#54C_ddr(fD0x3AlknVEjGmqTmVekc@oLI`68
zK1+t0bc<oZirFdCVKOe%O5a=T;g1%tC?o&O$pq9opS62x=3q?fqt!7oFP^Okrvpb6
z&|cdiDn-q|4EXAr?~cb#Cj8>N@aEZyisINyA$LE`vT(z>Z0fq3?+E`@;tcaa@5Rr3
zDaeeIVB_@uC`Nkfa0*$0Zj<D|Vl-YGlK<;7N&#m?kIU6MCsczoIC^SQM--f&blng3
zj!$beE#qIW<yewVJSL_$O8J;9HPC;+nTu0<-ahZW*On)2qM+pHLl0m(N{Si4ZG0t%
z#x9D7eF_7+$tqHlkw`)9=QsTgCC~=OOd|`Id1sw;^sT^s*Td(Uqi2q^B=1$(T&l~e
zR3J%~zIc>5upWWjWzgmqC8h@gfy&tULFrOE9jMxCrxyD07OQ(2>W^QkYMmZrbM((0
zctCIT{255Lfk%t;1j+&v>#Kt{&uPcSpZCIJIVUufon9=&wyH~_R9W&N$kGg+z@{PL
zY(*<if?&i|T$kl|<V$}3-J_PYliF&HTTm-=yvYF`pfajpa)MX%Ozm<<a1)1aqTBs}
zdc-L^|2E#8Dq8PyfY{Hewvn&&^ky2JWl|-7V#3^gF4q0bYmbMteLk0rHm5&YhrRN0
zcUdrziI;5k`^h@R(I;6&MoI<LEv!!xqM|3AZ!a0C{L^Z_olk8@#O%6tYO%kYVOhf6
zJuFq0)`K@BUmgV*L7+oon4pX)d`}1Q+{?aryRHI3-N72&u*nK3Uys8ogvu}7V=mO<
z<ynS`?P06D&||)Q{XS8P72Yf60Z$5Dau8+GdafKNHfIW({g_+6s1b=UI01a-e?ZG8
zfHgq`Fzk1%`umh1JpbX18vy+6;M#8hm;O&Z_P^CD&4=j4Jk31yw|XD~s7p^Uqvrf)
z;_>5K;}aUBm)tJPzh0H|s}Dy~vKQ_UI>E+cr0q;n63IIU+Yk#YA`&h8BlimIKJQO*
z!>${8(V*eS_X{sYHoMBdpCcd3E=#aCNmC*5fQBOZ%(*3Xfll1AzPb<Z;{bhVOb52Q
zg?IeJ!A#y33tg5|zP2dE@^N<KU6xZ@uM&raJk=&H(}HK(-Z^ofiXk=1G4V`k)b#%M
ziS=`@k2AxG8lOxUm^WrOa6hdl0Z(-Dhd5;PHGX|jx8BE92*}IW!<bJgYDMlYf*2&G
zjJ#`L8)*G$T84dQR+Q-*TDJ1cH;}hHNXr;BFFW^QX(Q`8gmL(4mKdipM+-xpv@D2w
zuG`PE!Atpq(~t3OnKrd5RiB#wG`M$4il9SjaJl`qW+@F+F1FUpMLXk>R~TGUrc)nT
zGo*-VxZR358&I5M)MfLluG;rccK;s@j#tzcy*M-`Sa%a5lIh!Fs9wlw)bo<ZqBj}o
z__1|D3OOq-e$fH;08g$?+iLzW-z1Kmfhisj{?2imWs0I!tTC1XUs1KEic{>p)-<Ec
zuM6ySLuvTFn-vcrYE50o-UQy%KIa>bx++A>y3?OEjjAaxCa)^L!NG(rEE1#5k&`I5
z6jxwSFKq4RaIU#3b1T1)r~KLj=Wg7+<(_fk?xjKb9y*tnDN$rT0-YT{d+*5Pby|}J
zrD^GNQ<VU4lmWcenN!$&YSrx8i*eenJsLgCbO^|F?<Gg#<o3XmdWLFLz3@ewUEbxn
z!bTa(m4$}*nFSf%=3waJU)K^Q(5XS&nfMZ9ElTA&gle*E&N>bwHq_T$;Beg66qdG8
zO;2vL4nn~8uo;P`G2h1$nbFagdwVHS@XIKp8kbHi?kGryS*cQ0Ng6Y>;Lri{{K%n6
z!2k3N3*RC44)xH9!K&C-ZLMJM>Arm@q*@f9*Dt7R$B1gavI(*799D7w9`PA@B8)Q?
zWfkS~_9YLpKjw{9e`Rimmr#@zNP_Y!!}`4kvuGV+-lc$c^-qN4{i)d>Fg}m+LD<97
zg$ELBiTJa(Vp*$6OEGE)e69OoBHnUlbIgoYX)7dTv-Y-h?qule3m<bEnv(70HtU`_
z$w~?89YTAGWm~?vn~0~Ibk->J(NX}H>gXT?0gKHAc5m4GP9-ld#v3ha=8)GL&M@z(
ztjZ7TM${6Iw0NtV0S=eDj|RGCg`L>dgF~<4NvDjjK}SQv$kJ2h3Dyz*i9T!<E9I-z
zPuP(M3C&52vuC&blH0+@!d3<CC^ZOCkm^J>{lb-R!&|MzClh?;^W+@-tW{05F?w<5
z(z}Ip4kPmN2kYC|Z^v}BRDL0=UhcO^dNFA^chxakzg}Gh@wjfTfWL5H_6)4MskT6|
zLM`|XL*e`eByU^Vuv%KU{vz7{J;8S<ujOZMjf>p76@$k;+mo}~m6Um+61^<X7b?`N
zC9o0jjWtlJQ{<U_Wg{?tVT4Z65a<TFrQWI-#{NhT^6?dYsZ~XXkBX->@$*YdK72rK
z<3^vjq&E$`h^9B*&bu#RLLd2}EC>g~>`X%F+s?MRGpX;DG~T^dInUj$FsV07dbPG=
zCVK7(#`e^P#jKik9~GUCP=w3>S4S>kga}CJeMEJi#7poF&yM-m$u)bS(k-btI07yU
x=YoLM_}PIHU^bADxShH5uH&M#q<dn(n2|6+$>zmn5a<0*Q!>&8%Qya3@?X+^2G#%o

diff --git a/idscp2/src/main/resources/ssl/provider-core-keystore.p12 b/idscp2/src/main/resources/ssl/provider-core-keystore.p12
deleted file mode 100644
index 952cab5148316e5460966b80d5bfa9b18d8808d0..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2765
zcmY+EX*3j!8pmhG*i)9VPWC;?7&48eA^TXeC1jZ}3fT#fdIv*PQrWUILu3nCGxoAg
zvXiYL%aASmNUnR&z3+SOhvz)!{Ql4L|M-L9Sh_(#Iv9=x$H066Z-C!t12O`0a4Z2}
z9E;B>_JrZ+o&GPPHv{A7jZd+`>F6-9{`cz)3lNlp10TU~;C+}Z1Iz#LX*m=OX{QR0
zG1@qGyTiq~TdGSV<+Y1TL3Duj(=Kq=fWdeE4({gluTmP>od$<1me*C?hA37RsHU%7
z54#Rn-f-0l1;MI?4EyeE#?HuOlM2=O7Rh+HaDTpSqYF+jm9<t1;bS+S8JhpgiQiOp
zeL)~#iNN!O!>m0pN#Ay>!6aHPNHmO;|GQd9nb8!#?0VB)0u@)RgJ@JGD}I;`W~-aA
zuH(9}cYR5aJ#F^tC1_MA8byx`g*?C~q62(;Zq$m6H~JF&o+`++R(O9Mc8$4b8X=%b
z;z$WP+z)Q3*8HJNx6@m=KF2>Aru`=Kg|TJsBw=_wGk}a;s!cACf75V4QLLHi(!+iY
zSKnZ&wP1wuhPm1gLW_N77kWuc7eQ?UD-9+}k&gsHiBl;Ov7oFZTESAxa(=ug0wI(~
zY?8({KfqPrJ{ZP)h}!1Oj#MHJt#Z{ItV;}Knn#TIk@_V<sq-b?y?;ptGrCZ7N6+Tl
zlfN{-WdbH6J!5@6vHPO;p}I7&D#|Z8-($JBh+>xBk$~qDHf!Ux<iL04w)bjZ+pLk@
zA;=uhzs}_<bP#`4N`0b{DiX{BdpRS=Rq$L~{f~H^OA583uNn5sB&d_?UA<58W;PO;
zWOwM@TI)hTa0)tghvo~s{brpjQyh{KqWxMhsl!v@@WR@P)=hK5aKrU<3ujsnu?+LZ
zP8iVf`d1dfOG2IF>v`i(d`B{W?rqxFM%fE4ELm?ldI=NQN6yeekTbVP^E>IhH~oq>
z^wVY-4C3Ut>sw#|1HN*t>kPY3e?ZjMX}vE!p2yQ#Q^&T=H=?nRO!wCylRd2Ij@{*d
z(XTc-eqm(}U~M}XRwpLFyfLcqX);lpSMQKbONaKv8j=(Khfp}7xbx+1)MBBEwpSJB
z27zeI858-%d7!UNGVGjlC-8mVcV9~1nTuf155D{s?>)=Sh=8`Ex^w5tXn=>a!?}Cz
zO^uZy6Ca}^rO}F8<hVcSZFDKol00i3115#9t5uIdN}_#{6wpPM!z(1a$x$o+7+V+Z
zeW`(62mjLBP#j#sbD)FgbMc(rYidUz!m*3HKQ-_b-&>=f6m9r9`K#OZ;|)whqG|_2
zm*xGQqOn6Z@ya8iKTFIKq2K0%cxUgteI;fjT!HdBc0m5t&3a{oo=JU^i~h`wczkyb
z0mz%g3)+l4h_lv5$!HFSGv31p@kz~R6!G`aD7Q+P!rXAXQ&-`}pUX!=z{EoMxhG@4
zKzyl1>{}F~E`>L3iYaPRUWWh7u@;l7qBOQP<e9PGU_s2X_VxO*YlKisRHGR-+GwL9
zM-=L@+RGu-AlCdIJ5lQ#-cscFo*86NE7ERcS7?}+V^FU@X)-(4ZV27cvHsJ|!~e|C
zR8F@;Z|yjjUWS)h>a)TIT5OFcuV4^TDbL+J%PtV_Nk`1cTxMc#lE<Q{9+k}b$cqP<
zmtN+w%7*vm`Ob3c19aFYJL&{EB>Hc89jtPkH{xzBcUN_t9$!3$$QpKV26AUmcl0Fn
zmNw@kw>E)Z`Xc?^4U8#vNOIyyuKzo;!3@maVdf{z$kk<%iZ6P~pEqFB!edRuqEqjJ
zMKZ>7ESYe9>%rlGly=0}K)K5AP!a-Qd^5vaRwvj9TBDnJM?U>~Rf=VQ`inV4{iLD_
zjN@-rGD8%>LLh)5O!Obbtq1{gTDf~+MHDY1uc*Kk5lCevnBu8N!G9kyGMrj;_tc_W
zARyp$t^AV!|Ie!o|MqImJ`P{{WO+wEZN@2qKfoa*D4P90UVV%MS8S5*r!3_7bAfXT
zz8!CCGyznuL_?dLZCuEY@~V6`c{WQ_Wsjb>dS~h=SP)c4y&LGL2+U}Z&_qbn_j-lB
zt59>Tj0|wuCo{C6J7Y<kQbvmdyZY9W!89Rao>d7``7wVs@PoSwo3#OIY8bMZ{ORYR
zbdGJ(?_kZXQcCDSqZ$BQk!sYs@;p1fJpIB+yZE$IYpG*Eq#y4H1zjmJx&{BP%UXZy
z<%6P@oix{0O<34?M~Nfc>cG#)c7q|PR_#is=~H2_TnB5szw}BYO?Boy_GDo`GwQxt
z=l1d9=bT$lVvb0Dvdf{!!SdJEh&RO@C?vN=Om}#ZI}|Nr-bK3F>D#WJCOv+~_`cHb
zA!m-Mm;L(c<qu<Tk1svY{poXvC(AGoMg;-n80Sm0E!>*d8g{k9j}`-78wI7Sj@Yb_
z_6*so0*hBIx3F}Qyf)tWu>yU&@a4IU{VUGV;&3I58<yPxyxusd!n3zl$KIY|{Zz&^
zwq^Ve_xTKQE)+HXGrL>t`}+gmR$aK-@jkn|E{SPkrAF#bdw#0z{xy<S1h)mR6%)cN
zUnG&YkV<Xs)yq1XPUL(Ax%7#{$JOFwHjFAT>mU+*qcJ{#oNVO#LT27u1Nv(%PL*$W
zp{+2m&kN+5#kL{`MjXcS1d6}2O=d9Ux3<S=JX32Uh|^Q=bTZCa`i-Vj@I#=IK2Cno
zZId2kY?F&m+t9(AqE8Dc7&?t;y)$_;B}?w;r_R4Z+cZ=yLd1naPJ)4oCwIj(7q1!L
z&GVmlTM<6*fDW1}jQRkV_LjK(5V-~H^DyR#>9kq<IM;bHWVf$POI1Jb`$yela~Ui7
zO-o_(B;i@paJ`2;|2MJ2q_MHG{srd<2D#`f4!?I%rJn8*`A(kA%*-FZCC{C0?_9ws
z8{Nthh|m_Q?D5=7KsQoT{MGWRzWSNoNZ<+N+b`mWHocGGRS|G?jwn{nQ0xA}+Z!<r
zcC>sZS!^87IxoFy3Zc{yM&m{{hr=Iw{7_H{7dk^*KIR#$c$}nJNx{rdainEQQfW&E
z&(HS*?L(y492<I}Soug*RJDdc!^w*5?oHly<i#lJVL_^zJiq-;T2Sq<auU~?MN(Q2
zzO7FbPxT(6Ot4wu8~aCc9;15I{47WIO`7|cO?E`D>EvH7OPS~+ew+elliQxB>fQ-H
z3hzV3+1sBF^jE5VMY#fO8zvwIAwJ=^=R8pw9<y=WSpBi^OeMYDNAE$C$24rT2<$%T
zoql|k=FMzcZfChkf~*ts7-rGV*hHb!qo#{sk)m5>F0jpy>xz}|)4;Svj82Pag)t-p
zMv__tRp7y^-s4^w!e(?bHe0{_ARiW-^3<ZT>HD;H?m*A^m{k|@G30K)RNL+`n|znB
z{?g^+1(Gz=qox<moHi&EDeUYPlP1$oe%CXpkqZ%BDh_Nf6Pjv>@Igk~=F74?etox&
zk(bif?@Hc0%M^C*&{0Y^EZGW(x<NFQ*AnmCpp(nS?>&a^XVlE%`dk%C-C9`%qKDu_
z=Vw0TNSR1+c(GF9rq$5!?y*&mW5reW(KIui)Q2hAWzmZ96yP(sag6pb>?%wY#>_x3
zca{z$Ko0;z0_!b!YU+QyV9jOX5jdEpoIK6&1w%Y@)ZGQW3i#5q)(qyYWM}Ixr653b
IKzz=>024wh_5c6?

diff --git a/idscp2/src/main/resources/ssl/provider-core.cert b/idscp2/src/main/resources/ssl/provider-core.cert
deleted file mode 100644
index 8f4f2bd5b..000000000
--- a/idscp2/src/main/resources/ssl/provider-core.cert
+++ /dev/null
@@ -1,96 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 52 (0x34)
-    Signature Algorithm: sha256WithRSAEncryption
-        Issuer: C=DE, O=Fraunhofer, CN=IDS Test SubCA 2018
-        Validity
-            Not Before: Dec 10 14:55:24 2019 GMT
-            Not After : Dec  9 14:55:24 2021 GMT
-        Subject: C=DE, O=Fraunhofer, OU=AISEC, CN=8fda8b4e-250a-4b43-a744-d9a4cdee3c06
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (2048 bit)
-                Modulus:
-                    00:f0:a9:bc:ce:14:96:e5:fc:8e:ac:75:b1:6e:49:
-                    ce:b3:9c:15:fa:ca:ef:6a:03:de:7f:2a:04:e6:6f:
-                    7b:4c:5f:83:77:f4:00:4d:88:ff:30:7a:14:ad:62:
-                    2d:c9:dd:71:1a:69:4d:39:aa:18:a4:4a:87:25:be:
-                    b9:93:8d:58:67:41:49:20:fc:97:14:16:25:8c:03:
-                    a5:09:9a:3f:56:23:a1:f4:4a:2a:69:d1:61:28:44:
-                    19:4e:0c:ab:07:68:1f:d9:42:11:15:45:66:f4:03:
-                    8b:54:a6:30:81:b5:84:52:df:ef:f5:b5:e9:6f:9c:
-                    45:6b:78:4d:e3:59:62:bb:f2:c1:3a:dc:8b:0a:df:
-                    e6:68:72:08:8a:33:26:52:e6:0c:80:a9:62:de:46:
-                    5c:21:be:7b:4e:3d:63:dc:b3:5a:35:79:ed:cd:c9:
-                    a0:46:d6:c5:e6:b8:21:78:62:48:27:a6:c8:e2:22:
-                    38:09:a2:e3:30:c5:ba:77:95:16:99:c8:93:98:ab:
-                    28:59:06:ae:67:66:09:0d:1d:7f:ab:eb:98:b9:de:
-                    da:d8:a7:ec:56:af:3d:cd:6b:50:7a:33:4e:58:40:
-                    f7:dc:bd:0f:4f:5a:41:46:2e:2e:ce:c1:b8:8a:40:
-                    c2:a0:7b:85:60:26:1f:b2:c4:55:cf:72:58:54:22:
-                    66:17
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Subject Key Identifier: 
-                B0:88:A0:81:1D:CF:C2:B2:A5:88:62:37:8B:50:3A:28:0B:19:59:69
-            X509v3 Authority Key Identifier: 
-                keyid:CB:8C:C7:B6:85:79:A8:23:A6:CB:15:AB:17:50:2F:E6:65:43:5D:E8
-
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Key Encipherment
-            X509v3 CRL Distribution Points: 
-
-                Full Name:
-                  URI:http://crl.aisec.fraunhofer.de/ids.crl
-
-            Authority Information Access: 
-                CA Issuers - URI:http://downloads.aisec.fraunhofer.de/rootcacert2016.cert
-
-            X509v3 Extended Key Usage: 
-                TLS Web Client Authentication, TLS Web Server Authentication
-            X509v3 Subject Alternative Name: 
-                DNS:provider-core
-    Signature Algorithm: sha256WithRSAEncryption
-         a4:f1:bc:41:bc:72:3a:ab:94:88:8c:f1:ad:4c:a7:b1:ab:18:
-         9b:a7:94:3d:7b:d7:5e:e2:9c:4b:71:c6:4a:95:8d:d8:76:a7:
-         ed:71:e9:1d:eb:7c:73:bf:9b:2d:9c:3d:da:5e:41:6a:02:2f:
-         e3:63:4d:3d:11:74:d6:78:e7:6b:67:15:d2:cb:77:83:a7:45:
-         48:18:19:85:a2:52:72:43:5a:29:02:93:8b:e1:f6:2e:c1:ae:
-         0b:0e:50:54:96:83:47:60:c7:ac:43:42:29:a9:5a:9f:bf:7e:
-         ba:5f:b8:74:87:85:19:43:30:27:f4:b6:e2:72:30:5f:0b:50:
-         db:47:28:5c:73:84:7d:24:2c:42:76:5f:cc:65:d6:cd:d2:8a:
-         3e:f5:6f:02:d7:1e:17:6c:b7:db:34:4f:56:22:ab:50:e3:89:
-         e5:cb:1f:1a:04:7a:e3:48:da:ec:e5:de:a3:f5:88:9f:d6:93:
-         88:aa:2f:29:e3:e5:35:75:5f:b9:35:5e:1b:15:5f:70:69:bc:
-         7e:89:04:de:ef:a9:b4:8b:86:d2:8f:0c:37:63:eb:e8:44:e8:
-         b5:e4:bd:e4:a4:5a:07:25:fd:39:ef:19:fc:b6:3d:05:f3:bf:
-         4c:a8:86:a7:54:e8:b6:45:3d:e8:e0:29:63:9f:28:6d:f6:f3:
-         fc:03:0c:70
------BEGIN CERTIFICATE-----
-MIIEQjCCAyqgAwIBAgIBNDANBgkqhkiG9w0BAQsFADBAMQswCQYDVQQGEwJERTET
-MBEGA1UECgwKRnJhdW5ob2ZlcjEcMBoGA1UEAwwTSURTIFRlc3QgU3ViQ0EgMjAx
-ODAeFw0xOTEyMTAxNDU1MjRaFw0yMTEyMDkxNDU1MjRaMGExCzAJBgNVBAYTAkRF
-MRMwEQYDVQQKDApGcmF1bmhvZmVyMQ4wDAYDVQQLDAVBSVNFQzEtMCsGA1UEAwwk
-OGZkYThiNGUtMjUwYS00YjQzLWE3NDQtZDlhNGNkZWUzYzA2MIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Km8zhSW5fyOrHWxbknOs5wV+srvagPefyoE
-5m97TF+Dd/QATYj/MHoUrWItyd1xGmlNOaoYpEqHJb65k41YZ0FJIPyXFBYljAOl
-CZo/ViOh9EoqadFhKEQZTgyrB2gf2UIRFUVm9AOLVKYwgbWEUt/v9bXpb5xFa3hN
-41liu/LBOtyLCt/maHIIijMmUuYMgKli3kZcIb57Tj1j3LNaNXntzcmgRtbF5rgh
-eGJIJ6bI4iI4CaLjMMW6d5UWmciTmKsoWQauZ2YJDR1/q+uYud7a2KfsVq89zWtQ
-ejNOWED33L0PT1pBRi4uzsG4ikDCoHuFYCYfssRVz3JYVCJmFwIDAQABo4IBJDCC
-ASAwHQYDVR0OBBYEFLCIoIEdz8KypYhiN4tQOigLGVlpMB8GA1UdIwQYMBaAFMuM
-x7aFeagjpssVqxdQL+ZlQ13oMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMDcGA1Ud
-HwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuYWlzZWMuZnJhdW5ob2Zlci5kZS9pZHMu
-Y3JsMFQGCCsGAQUFBwEBBEgwRjBEBggrBgEFBQcwAoY4aHR0cDovL2Rvd25sb2Fk
-cy5haXNlYy5mcmF1bmhvZmVyLmRlL3Jvb3RjYWNlcnQyMDE2LmNlcnQwHQYDVR0l
-BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBgGA1UdEQQRMA+CDXByb3ZpZGVyLWNv
-cmUwDQYJKoZIhvcNAQELBQADggEBAKTxvEG8cjqrlIiM8a1Mp7GrGJunlD17117i
-nEtxxkqVjdh2p+1x6R3rfHO/my2cPdpeQWoCL+NjTT0RdNZ452tnFdLLd4OnRUgY
-GYWiUnJDWikCk4vh9i7BrgsOUFSWg0dgx6xDQimpWp+/frpfuHSHhRlDMCf0tuJy
-MF8LUNtHKFxzhH0kLEJ2X8xl1s3Sij71bwLXHhdst9s0T1Yiq1DjieXLHxoEeuNI
-2uzl3qP1iJ/Wk4iqLynj5TV1X7k1XhsVX3BpvH6JBN7vqbSLhtKPDDdj6+hE6LXk
-veSkWgcl/TnvGfy2PQXzv0yohqdU6LZFPejgKWOfKG328/wDDHA=
------END CERTIFICATE-----
diff --git a/idscp2/src/main/resources/ssl/provider-keystore.p12 b/idscp2/src/main/resources/ssl/provider-keystore.p12
deleted file mode 100644
index 830797f6993b334c9886c6aae7031b06a96bcb4d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2693
zcmV;03VQW0f(n5G0Ru3C3P%PBDuzgg_YDCD0ic2kI0S+UG%$h+Fff7y=LQKXhDe6@
z4FLxRpn?S0FoFcs0s#Opf&|S52`Yw2hW8Bt2LUh~1_~;MNQU<f0So~KFb)I=Vvy#5
zT{2-d0s;sCfPw^|?tC<TC?UZ;9eDHOfZFxQ3Y%}jQ2TqNDPQHSB!;RPNAlP`<aX~1
zJcw@u5zD^m_8gqGq@OI@p>C=P4`0diku|3S-viqdC5RvVs(UOdNUl56m%D<=xme)b
z(Lj`prw;QCn^QG)H!EQa>LfG5&oVGnDs>tfBcWZd-R(=P+%N^V#o#daU^6#NN1ZHO
zd6fw@D&3T~1o5)A!QA0DcoJ^mPa>I11jI9?7#8xD0u?uotnIAw0y4xS?ZQdfu0+>&
z;V5@m@Rgv4GCaPVqDD)Uz;|k@{HEdy7b-Ij6IS#c5+#+3gxAB*#T7GE87ioc>Lqt)
zJoG-$y!;$|KQ)BNKz&XsI>$0XVMe0A26znjv@ym(9nbKeTnUS=283=deM)@-h`TO>
zsc(s?w8aXfjRaoOo{aY*Q&S+ZhK_QE)I&c@uHLTwiHmB=3So(?W|8)A#`l77{~Qjg
z`_Ta_lpnr}#0)dDN%Tr*WDb@c4#w!=12LJ906C|_nFyU|C1cDscx7ZI*uy)~qTtAF
zSGSN=Jlzv~qBQd|8qJPr+V17BLKCB7-<Ly10Ov1byDB}6GL2hKOsZ^iCW0AWp~`Nr
z6~ciL!K%aZcKsIH7D33E0dB(Mv?TH-p|eHZW>)HQJpN_NOQgAz*m;d(2fs_#rOaia
zS=GZKXH$Fs5YUi1tjIhJsv((G@qQRSNImd$K%&}BbiA3mY};mB?nJL8J`N5iq%1N9
zv)QPr8@UWg?^2#DE0^lB7te=4t%`s}a}z<59{um^f$gabq&O@GC1U03qP!Q;bh|$D
zydu^7oo>sL25~rGnWl=$)L(K2o>3B$)&}Mm%0@9$YIn7iZt_?MN2IFAB<T2^Ppi^Q
z?_#ZT`DKn6{`IOD9~yk)(tIRPCh`-x9@}|Uk=F=<2m?qifHKEo2ouKtA~L;%mMkY^
z6>&66jyZna_N`}IO0|j8=uIaGn)<Ouas{2#+JwC<2z@hsR^fDHUXF+ml$)rj8UC@6
zS<dFih=&aQjgOP(Esa&+!h{*YQ2x3a;1$pP$trc_$!GRRvQDll$o<|?+rYh^iFyNN
zuQhT#V>_Cr@UTJ5Tvs|X4NfH2=B+gxn^lavqNCSqvnynm4MoJS45G&@y!~wosRZ(L
z(-okxDS-KLrMabk)klbB98!w1Hwcj+YAhOOIWd{9F3UrD7=vR))WS@Q{gNin9<6E~
zY2uq(GWfY0_Zq<RyCVq=UTGsgx>y*{2c5L8*bGfk9S?+G76kK8LXoWC_O`d|fhmm9
z-i0MoDOJShVV(KE4Mf}cPFF9f4B;PCkLOPY6CsW&LrYYU#RUMZImHx}>&N+M;#}<%
zh#=Z3AA)4xP{hcoBk3M9aDF#`Iwt#rie-1JlCB|%$f5V-lNsw%+_pZ)Rz3e5X6uR3
zYR8YJs40ylQ<$28U3TJ3_e)bvXvF}urqm-!^@L1-uO|k)7LcmyDvdq(i6OkE?(e5G
z{A+njhF>&SMnJRC01AFo29F3z^lR0`cLgtZ0#X`C-E6JP?5sRF5RkG;%4Dyy?@pQf
zFoFd^1_>&LNQU<f0S5t~f(0@Jf(0%xf(0rtf(0f93o3?4hW8Bt3<?1Ppn?SMFoFc?
zFdPO7Duzgg_YDCI0Ru1&1PDnN3itLn_?Q9$2ml0v1jualuo5@V015%iOrUAAp9#S&
zT@GJOm771f%+z#i#->p$?v0_$$Vh(@(gh%^<r1^jHP3LJ!0jo{4gYpEW=z($c4Un$
znXs&lKLCMUM8ErrT;WzPn@mpMzJ@5re4VJm5`m^hq2!(=zyhuWEYbHDCF0iRMkVZs
zBrJZSNa@~sfFeO+piruaoDH(<!O^}8JBaR*q1f<S6X2}kA)qVkip$<OuOG52qa9Mk
zAjf88pEy7YYQuO`-O2m=NNG-Bc+5w~M#x1($4|1QKLYjB7$kaoN_A;oV7T_6z}+EC
zF7-P3D?WmZfc=f`TA{I%sNNr}KijoX<da-toW(r$n0<;ia=%d>dOXv5Exv4LOzZEQ
z$6nkDS$@L&5#ga-1@-n!IEgNgXi$MCq*T1FIR>+4UrE_iQ+vBTa|i`dh*UGUf}~b)
z+S$2a%k)07^pPXPghmATr+0d=4wFZU(@NfpL(tj53Ry7*^0xk2_bMyo^TuetHP)Li
z%o$a1ch@Rsv1|@de>@ZEyH*l-CBN)|n9OUFk*<Hs^^c1k1}IKeEI_O}l!6%-#$orP
zEJ&!l#uW)m+%O|dqPk3;QzAa~0%sAckHy@(Gpq-S_M`Vm{I>Qd%MLGQh3untshR5-
zG~Hfmr5t_L_?$_M^x`H$noAaze^A-Ivmz@%(X98RR50mbYrIW_rRA)J1Ad8F?g9=v
zsf)k3#@<zecpUZGmP3k~3}W@gL4ykFO<Qm>bytCBrDkI~pd&j|X*)yrXqeQ=`Aym1
z;)=pCX2b<Rxey1D<_JL??cSUGZL5Nv<A&mMz&{#o2J}K^(@4Yjf#2YvEx&z&>+?-@
ztZy|hKFyb1vrv$%FjPNAR$>It#DUEbQz0p!v<p0))Dpz#(%;-wV(nUG-ecX}hP`xf
zVXuC!gGqXsMPrU@_z;`acf&kya+mXz0^nU}>UB`=nh1p#oJ(O6+~Dy_UDL({job8=
zYbUQS$|ZU5kpU}NoBsd9q6ajj+>(Ib<&E-Xjc+xl=7ng@x?PPJY<^|<GwH>6V_%J?
zhJoyaO9FsPkzPK^KjJ`vGg=gs1w_N%qt^si`-pX5XtyvJWsanz%TfHOH)$nW(2{4h
zj{sJOISE!j8QiDembWVq4Y{<%g+(!e!DrCIE+AdU(H2uwTgv*zQ~aP2H_;}>h&d}_
ztRYHVLo?=g(Uxh46%4h%g0Tbs#Ac`vo*5VY$B;bMXYuS&9$boLcn+EUt#Xb&K*!ur
zRs&HrtJ20j5mXCv!eD(nIyLENrD1@|XF6jV9l&eCJV-j<z0vB{dBxx0GqAxbB8=30
zk;d1C<s{RijnsSYCxrmn6FF@2zX?pU@0N@b!BDQFKR&-BXarmyX&wReL5jK6=QRtG
zz4N`=xn)B5w;H%edj){p>VJkeKD-5)V{F{D@r=T!eZ*5`;G6J19mmKanB^r;Y=cVR
zFLH3isFZcvw3VhE(y?CE9-znszOAs5iq>U&VtA#XQD!rT01QUYfySIA?jmRM=_Bv`
z3O?zFPy#mXoJ?bXeCW%!1CW)Ip9o7(u;tvB7X_W%Ct-xR7m%d0x}BT<TvIXAG{2#H
zaOYyc!6yNDOvN!JFe3&DDuzgg_YDCF6)_eB6vbXL?22j=Lp9k6J?iOsIzzkldN46C
zAutIB1uG5%0vZJX1QbU}8;WOzT&}LIy(BW#<3QlwJ;($I-FzHzECO!O0s;sCi+B4r

diff --git a/idscp2/src/main/resources/ssl/truststore.p12 b/idscp2/src/main/resources/ssl/truststore.p12
deleted file mode 100644
index aa430cd6cea20b45cab4ee93b93ddb5bfa565792..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2266
zcmV<02qpJ0f(X_E0Ru3C2#*E{Duzgg_YDCD0ic2ifCPdFd@zCtcrbzpbOs43hDe6@
z4FLxRpn?cxFoFnS0s#Opf(Tj$2`Yw2hW8Bt2LUiC1_~;MNQU<f0So~KFdGCE_36Ya
zczgI;K&GhWQwt~?3?38Z0s{cUP=JC6Ah4OOG_z4f+DDNe9|M><HIXW^6acL}6(g0U
zPL!ra3<ycM3+|1I6+_y4yL+w>6_}Q(yvfcC^&_cW>yQk#7^I_Wt0KctQ=k1`yr(d#
zb;{`+63xwPvoOWD9ETRg$o}Djc(-5VqqNAi(~e`$Jssy-<S9k!hg{F-Mcdp*eupZ!
zg;!FoF{B>(RDqQX(jg7`kr&|?5$;7qey&L;K<Tglw64WfU4F?OaPI#$>;G+Ywjj}N
zyBSX-knuHx5!^vju>gYVJS$SiB<3PylUj5JN$Oge=LS6)uZ^fpdXX|LY=6Rt9DQ04
zV`FUftPZ7LtfP>ly7142kK=tPtclXZt`W9mw?tUxQ~&@{9*sm@c~RQ-EPtNxmc@6n
zNYN4id|h3hz66q~-rawCg6x+>bZV;ocRNT`p7V7!Qou70Y=6L0PphATL1)#C=iQz6
zOD3evIJ2?$EccK66fL11J|BHT$PEtY+(3L{RcW||w@38yKMMk}<Y1h|`!I$zjdeHG
zu+G*}M^b^c0c>O(b^P0iic6jq>M>3mG6<yPA1(_$TiDeXZCQZ}zGo)xk-WuDJF|x!
zFiRkH<le=5PfLa+?b49Eb*chVuwvKIBAed?13tjfGiZo<f(DNn)~<X!=f@V@l2cPE
zqC`Yie_M-A%<i{Io7XXSMnpB_PvOyl=x*}%CaNbC=kgiTZmylR-LVRDAujh8lktWo
zb?L;+QiMv$QP1-vg+@kNAg*4Efmn5md_KMA<@KRioQ(Wc=kfq4J&W4F6oZNc)k=<K
zWj`~_(f<5(Cu?klyEvKsrS&BJsX01EVhUpu+|`7&vV*_L&hTJhWBBU7<6h3-jYyZG
zOMg>ysV;)*j6`OQ0GsWw>aN^MJ2x=0Ki2mw5yw-34ZHFA2V8}mPov2wN;{VLJuK&;
zP1?@ngT_;Ep1~sA+dFa9u4axP`JwJV3PmfBYlvtO=}Gi%eHY#d7{d`l`=6dMcM@7v
zWu&2v*Gt+agxuPlQ9F;83GAOfPB2K_i9)v%b6Xh|oeZ|sM;Sht&S{v0L_)%A@_VmM
z-$B<S_T!r)C$x%hCMAdKVpK|K)D_;0F~maS5BqE-CRmvxZh({pf^n!F8t_bPw_kJB
z$U|BuB#B2*6U<VFkV0kCAXNzo@tUHM2=jH}5R%dZbg2bRw3J^*?_Z9e+SwWz9QB5x
zSL_;u=gB(V&R^tf*$4Lzb->-p4lb?sOC3vPa+XpxB3^8#)HMa*ay(fD2%|IiNz!<6
zmk>&2z<ZX;#q1?0G^oMjR{5>Ry9ujZK5|V-VlNy!Cn|pK$UIA1NbF1Se;XjBz=s(z
zV^V@==Qqs7q<|>BDUF1}teO2ER#Om~g;RBr;tx!6wS)G(ZZg4P#45d;`SLSaDev7c
zA;y^Yx(dfE0+>3&jJ@D|*m#+fFIQG<!!{6d)ubtFbj%4Nq)VSHa{g!oV6!lDZg(fH
zL2}Ow$Qb0zJ1rBzJJe8Y2$8`w0`m}9VbxQtG=d7G-`LQ#7@ghTIM$?hn~g*2WNes|
zyqCTQEk?2G>HmFs@B)oU9iCc>Ny3w$oKRSM`D@s#F3d?fmA*Gi6kO=F0`!4y1O<fq
zlrS^2n_v9DIm({G-!z@*T8EXn(^VO5dwU}YT=ypCzSJ0?c$*&j+rQaV04V^Je*4}V
zCgPXf28A!Kp*8Pso=49g#~QQEDXQ`!p03E;!*gPZPf^u97a!U$5jLT%;5)vxk$tG)
zffaqF_ZI#P&CCgapV~#fVJA<sQrQ1}*@<@j%1F0v{-&Z;g-hTI*Or>KyUr|(u2g+l
z771#owy3aSd-kkXZ=&`kr$gB*P@Pml5JwK$C8ghMXT+?zfjtR&dW3`?#n86oI`~#)
z*<w$g(7su80a1-8a4QF;_85vM?%4NhA|&@SdhXNu!-`1luNfW?mc1p08Q@mO5H^}(
z5vEG`ps(5@3p-yI@ulUE)ivYr^M+sKY>7!By8c#@`#xb#77z0BEbZON;L*1f)Z$VF
z|6;XpQE3sou*&^%u#v@oBtU)SASL-^RB<jukXCqR)C-$2#uKlM&5%3xJ9$0?s15pR
zeuXHSuJSvexm99m#<HC`)f7~&v}@baCne$<+c?q{GBl|2^@;eVuC_U-)k>+rd^yTi
z@q{o;j4Ka_+`if-%mT{3vy>OaSJmx?i(1=>p6qr?8xWhl=7xD7?KX6aYADM6K8_0B
zr+6l(!2Q^^5_nl!Efb`tbMl1<1z1x;-xb2ensA-Fk{P!8Ca*I8BWfkTK~bkue#Wb&
zdd38WlkgkZ!WU}-d{9c+E>}MY&ISqAY{ph!foUms&aOjgYR4%#Dh21F0c(H<)OkVI
z8?3lc+Ha#&8&2bqKo~3GH;N8ej3HD%8;!k+ZNMl1>7#^3lb!VoL?#o0VrZuT9Zdzf
zK4;)R7!CsL6bcrh^tel4il$0nPl5U1209G^rJ~sqx~kcod%Bvw17L3X@Wd^X&<i8g
zSMk{ir5EC7Iegz%(IA#fkhJ_SmX58(aa~Y_FYnEa1Do5NZ@$j0-q?})%BgG{xk5`A
zYHML!{NLY6M<opaNnhqr6WJ7<Vc5#)jQaKpi^)QHbRY+>J-F}B;tFlBx)wXUx6r`4
z)nc_2q~%*k1a4t56^Ldi01ZJ;v&NO)8(T5(2WJFuF8(18!kk)al}*tB_KY{^-qBte
z%wvOgf>hFgG4w>LJbeEp=LET#9k%K)EHFMWAutIB1uG5%0vZJX1QaB+4I|w6w3iur
oMHiK}SS7VKy59s8_s+sV^Tu!qIt)hP^g8I#Y)O}U0s{etp!Rk@DF6Tf

diff --git a/idscp2/src/test/java/DapsDriverTest.java b/idscp2/src/test/java/DapsDriverTest.java
deleted file mode 100644
index d9fb7ce61..000000000
--- a/idscp2/src/test/java/DapsDriverTest.java
+++ /dev/null
@@ -1,224 +0,0 @@
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver;
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.SecurityRequirements;
-import de.fhg.aisec.ids.idscp2.idscp_core.drivers.DapsDriver;
-import org.junit.Ignore;
-import org.junit.Test;
-
-import java.nio.file.Paths;
-
-import static org.junit.Assert.*;
-
-@Ignore("Some test rely on external server resources and are somewhat unreliable right now.")
-public class DapsDriverTest {
-
-    @Test
-    public void testValidToken() {
-
-        SecurityRequirements requirements = new SecurityRequirements.Builder()
-                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
-                .build();
-
-        SecurityRequirements requirements2 = new SecurityRequirements.Builder()
-                .setRequiredSecurityLevel("idsc:BASE_CONNECTOR_SECURITY_PROFILE")
-                .build();
-
-        DefaultDapsDriverConfig config =
-                new DefaultDapsDriverConfig.Builder()
-                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
-                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/client-truststore_new.p12").getPath()))
-                        .setKeyStorePassword("password".toCharArray())
-                        .setTrustStorePassword("password".toCharArray())
-                        .setKeyAlias("1")
-                        .setKeyPassword("password".toCharArray())
-                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                        .build();
-
-        DefaultDapsDriver dapsDriver = new DefaultDapsDriver(config);
-        String token = new String(dapsDriver.getToken());
-        assertNotEquals(token, "INVALID_TOKEN");
-
-
-        assertTrue(dapsDriver.verifyTokenSecurityAttributes(token.getBytes(), requirements) >= 0);
-
-
-        assertFalse(dapsDriver.verifyTokenSecurityAttributes(token.getBytes(), requirements2) >= 0);
-    }
-
-    /****
-     @Test public void testInvalidClient() {
-     DefaultDapsDriverConfig config =
-     new DefaultDapsDriverConfig.Builder()
-     .setKeyStorePath(DapsDriverTest.class.getClassLoader().
-     getResource("ssl/aisecconnector1-keystore.p12").getPath())
-     .setTrustStorePath(DapsDriverTest.class.getClassLoader().
-     getResource("ssl/client-truststore_new.p12").getPath())
-     .setKeyStorePassword("password")
-     .setTrustStorePassword("password")
-     .setKeyAlias("1")
-     .setDapsUrl("https://daps.aisec.fraunhofer.de")
-     .build();
-
-     DapsDriver dapsDriver = new DefaultDapsDriver(config);
-     String token = new String(dapsDriver.getToken());
-     assertEquals(token, "INVALID_TOKEN");
-     }
-     **/
-
-    @Test
-    public void testInvalidUrlNonSecure() {
-        DefaultDapsDriverConfig config =
-                new DefaultDapsDriverConfig.Builder()
-                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
-                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/client-truststore_new.p12").getPath()))
-                        .setKeyStorePassword("password".toCharArray())
-                        .setTrustStorePassword("password".toCharArray())
-                        .setKeyAlias("1")
-                        .setKeyPassword("password".toCharArray())
-                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                        .build();
-
-        DapsDriver dapsDriver = new DefaultDapsDriver(config);
-        String token = new String(dapsDriver.getToken());
-        assertEquals(token, "INVALID_TOKEN");
-    }
-
-    @Test
-    public void testInvalidUrl404() {
-        DefaultDapsDriverConfig config =
-                new DefaultDapsDriverConfig.Builder()
-                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
-                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/client-truststore_new.p12").getPath()))
-                        .setKeyStorePassword("password".toCharArray())
-                        .setTrustStorePassword("password".toCharArray())
-                        .setKeyAlias("1")
-                        .setKeyPassword("password".toCharArray())
-                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                        .build();
-
-        DapsDriver dapsDriver = new DefaultDapsDriver(config);
-        String token = new String(dapsDriver.getToken());
-        assertEquals(token, "INVALID_TOKEN");
-    }
-
-    @Test(expected = RuntimeException.class)
-    public void testInvalidPassword1() {
-        DefaultDapsDriverConfig config =
-                new DefaultDapsDriverConfig.Builder()
-                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
-                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/client-truststore_new.p12").getPath()))
-                        .setKeyStorePassword("INVALID_PASSWORD".toCharArray())
-                        .setTrustStorePassword("password".toCharArray())
-                        .setKeyAlias("1")
-                        .setKeyPassword("password".toCharArray())
-                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                        .build();
-
-        new DefaultDapsDriver(config);
-    }
-
-    @Test(expected = RuntimeException.class)
-    public void testInvalidPassword2() {
-        DefaultDapsDriverConfig config =
-                new DefaultDapsDriverConfig.Builder()
-                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
-                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/client-truststore_new.p12").getPath()))
-                        .setKeyStorePassword("password".toCharArray())
-                        .setTrustStorePassword("INVALID_PASSWORD".toCharArray())
-                        .setKeyAlias("1")
-                        .setKeyPassword("password".toCharArray())
-                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                        .build();
-
-        new DefaultDapsDriver(config);
-    }
-
-    @Test(expected = RuntimeException.class)
-    public void testInvalidKeyAlias() {
-        DefaultDapsDriverConfig config =
-                new DefaultDapsDriverConfig.Builder()
-                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
-                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/client-truststore_new.p12").getPath()))
-                        .setKeyStorePassword("password".toCharArray())
-                        .setTrustStorePassword("password".toCharArray())
-                        .setKeyAlias("INVALID_ALIAS")
-                        .setKeyPassword("password".toCharArray())
-                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                        .build();
-
-        new DefaultDapsDriver(config);
-    }
-
-    @Test
-    public void testInvalidAuditLogging() {
-
-        SecurityRequirements requirements = new SecurityRequirements.Builder()
-                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_PLUS_SECURITY_PROFILE")
-                .build();
-
-        DefaultDapsDriverConfig config =
-                new DefaultDapsDriverConfig.Builder()
-                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
-                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/client-truststore_new.p12").getPath()))
-                        .setKeyStorePassword("password".toCharArray())
-                        .setTrustStorePassword("password".toCharArray())
-                        .setKeyAlias("1")
-                        .setKeyPassword("password".toCharArray())
-                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                        .setSecurityRequirements(requirements)
-                        .build();
-
-        DapsDriver dapsDriver = new DefaultDapsDriver(config);
-        String token = new String(dapsDriver.getToken());
-        assertNotEquals(token, "INVALID_TOKEN");
-
-        assertTrue(dapsDriver.verifyToken(token.getBytes()) < 0);
-    }
-
-    public static void main(String[] args) {
-
-        SecurityRequirements requirements = new SecurityRequirements.Builder()
-                .setRequiredSecurityLevel("idsc:TRUSTED_CONNECTOR_SECURITY_PROFILE")
-                .build();
-
-        //get token
-        DefaultDapsDriverConfig config =
-                new DefaultDapsDriverConfig.Builder()
-                        .setKeyStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/aisecconnector1-keystore.p12").getPath()))
-                        .setTrustStorePath(Paths.get(DapsDriverTest.class.getClassLoader().
-                                getResource("ssl/client-truststore_new.p12").getPath()))
-                        .setKeyStorePassword("password".toCharArray())
-                        .setTrustStorePassword("password".toCharArray())
-                        .setKeyAlias("1")
-                        .setKeyPassword("password".toCharArray())
-                        .setDapsUrl("https://daps.aisec.fraunhofer.de")
-                        .setSecurityRequirements(requirements)
-                        .build();
-
-        DapsDriver dapsDriver = new DefaultDapsDriver(config);
-        String token = new String(dapsDriver.getToken());
-        System.out.println(token);
-
-        long ret;
-        if (0 > (ret = dapsDriver.verifyToken(token.getBytes()))) {
-            System.out.println("failed");
-        } else {
-            System.out.println("success: " + ret);
-        }
-    }
-}
diff --git a/idscp2/src/test/java/RatDriverTest.java b/idscp2/src/test/java/RatDriverTest.java
deleted file mode 100644
index 599a6bb89..000000000
--- a/idscp2/src/test/java/RatDriverTest.java
+++ /dev/null
@@ -1,12 +0,0 @@
-import org.junit.Test;
-
-import static org.junit.Assert.assertTrue;
-
-public class RatDriverTest {
-
-  @Test
-  public void basisTest() {
-    System.out.println("Basis Test");
-    assertTrue(true);
-  }
-}
diff --git a/idscp2/src/test/resources/log4j2-test.xml b/idscp2/src/test/resources/log4j2-test.xml
deleted file mode 100644
index c160b2637..000000000
--- a/idscp2/src/test/resources/log4j2-test.xml
+++ /dev/null
@@ -1,39 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  ========================LICENSE_START=================================
-  Camel IDS Component
-  %%
-  Copyright (C) 2017 Fraunhofer AISEC
-  %%
-  Licensed under the Apache License, Version 2.0 (the "License");
-  you may not use this file except in compliance with the License.
-  You may obtain a copy of the License at
-  
-       http://www.apache.org/licenses/LICENSE-2.0
-  
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
-  =========================LICENSE_END==================================
-  -->
-
-<Configuration package="log4j.test" status="WARN">
-<Appenders>
-    <Console name="Console" target="SYSTEM_OUT">
-        <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
-    </Console>
-</Appenders>
-<Loggers>
-    <Logger name="de.fhg" level="DEBUG" additivity="false">
-        <AppenderRef ref="Console" level="DEBUG" />
-    </Logger>
-    <Logger name="log4j.test.Log4jTest" level="INFO" additivity="false">
-        <AppenderRef ref="Console"/>
-    </Logger>
-    <Root level="INFO" additivity="false">
-        <AppenderRef ref="Console"/>
-    </Root>
-</Loggers>
-</Configuration>
diff --git a/javax-xml-bind-patch/.gitignore b/javax-xml-bind-patch/.gitignore
deleted file mode 100644
index 9773bdd32..000000000
--- a/javax-xml-bind-patch/.gitignore
+++ /dev/null
@@ -1,5 +0,0 @@
-/bin/
-/build/
-/generated/
-/generated-sources/
-/target/
diff --git a/javax-xml-bind-patch/LICENSE.txt b/javax-xml-bind-patch/LICENSE.txt
deleted file mode 100644
index 261eeb9e9..000000000
--- a/javax-xml-bind-patch/LICENSE.txt
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/javax-xml-bind-patch/README.md b/javax-xml-bind-patch/README.md
deleted file mode 100644
index ecbd23554..000000000
--- a/javax-xml-bind-patch/README.md
+++ /dev/null
@@ -1,4 +0,0 @@
-The _javax-xml-bind-patch_ module provides the javax.xml.bind* packages
-that are not available anymore in JDK 11.
-In contrast to inclusion via "providedByBundle", this module provides the packages
-in the context of the ids feature so integration test can also use them.
\ No newline at end of file
diff --git a/javax-xml-bind-patch/bnd.bnd b/javax-xml-bind-patch/bnd.bnd
deleted file mode 100644
index 4a65bbc45..000000000
--- a/javax-xml-bind-patch/bnd.bnd
+++ /dev/null
@@ -1,3 +0,0 @@
-Bundle-Name: IDS :: javax.xml.bind patch for Bundles on JDK 11
-Import-Package: *
-Export-Package: javax.xml.bind*
\ No newline at end of file
diff --git a/javax-xml-bind-patch/build.gradle b/javax-xml-bind-patch/build.gradle
deleted file mode 100644
index da2611049..000000000
--- a/javax-xml-bind-patch/build.gradle
+++ /dev/null
@@ -1,8 +0,0 @@
-dependencies {
-    // APIs removed in Java 9 upwards
-    implementation group: "javax.xml.bind", name: "jaxb-api", version: libraryVersions.jaxb
-    implementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
-    implementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
-
-    implementation group: 'javax.xml.ws', name: 'jaxws-api', version: libraryVersions.jaxwsApi
-}
diff --git a/jsonwebtoken-wrapper/LICENSE.txt b/jsonwebtoken-wrapper/LICENSE.txt
deleted file mode 100644
index 261eeb9e9..000000000
--- a/jsonwebtoken-wrapper/LICENSE.txt
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/jsonwebtoken-wrapper/README.md b/jsonwebtoken-wrapper/README.md
deleted file mode 100644
index 94bec9404..000000000
--- a/jsonwebtoken-wrapper/README.md
+++ /dev/null
@@ -1 +0,0 @@
-The _jsonwebtoken-wrapper_ module wraps the io.jsonwebsocket package to make it available to the OSGi layer. This is needed for idscp2 and ids-token-manager.
diff --git a/jsonwebtoken-wrapper/bnd.bnd b/jsonwebtoken-wrapper/bnd.bnd
deleted file mode 100644
index 2d384e18d..000000000
--- a/jsonwebtoken-wrapper/bnd.bnd
+++ /dev/null
@@ -1,8 +0,0 @@
-Bundle-Name: JWT (JSON web token) Wrapper
-Bundle-Description: JWT (JSON web token) Wrapper Bundle
-Import-Package: \
-  !io.jsonwebtoken*,\
-  *
-# Merge split-package io.jsonwebtoken
-Export-Package: \
-  io.jsonwebtoken*;-split-package:=merge-last
diff --git a/jsonwebtoken-wrapper/build.gradle.kts b/jsonwebtoken-wrapper/build.gradle.kts
deleted file mode 100644
index 5cb1bfa31..000000000
--- a/jsonwebtoken-wrapper/build.gradle.kts
+++ /dev/null
@@ -1,8 +0,0 @@
-@Suppress("UNCHECKED_CAST") val libraryVersions =
-        rootProject.ext.get("libraryVersions") as Map<String, String>
-
-dependencies {
-    providedByBundle("io.jsonwebtoken", "jjwt-impl", libraryVersions["jsonwebtoken"])
-    providedByBundle("io.jsonwebtoken", "jjwt-jackson", libraryVersions["jsonwebtoken"])
-    providedByBundle("io.jsonwebtoken", "jjwt-api", libraryVersions["jsonwebtoken"])
-}
diff --git a/karaf-assembly/build.gradle b/karaf-assembly/build.gradle
index f05178224..a707d0836 100644
--- a/karaf-assembly/build.gradle
+++ b/karaf-assembly/build.gradle
@@ -66,7 +66,7 @@ rootProject.subprojects.findAll() {
     if (it.name.startsWith("ids") || it.name.startsWith("camel-")
             || it.name.endsWith("-patch") || it.name.endsWith("-wrapper")
             || it.name == "karaf-features-ids") {
-        assembleKaraf.dependsOn(it.tasks.install)
+        assembleKaraf.dependsOn(it.tasks.named("install"))
     }
 }
 
diff --git a/karaf-assembly/src/main/resources/etc/system.properties b/karaf-assembly/src/main/resources/etc/system.properties
index 3c042fc0d..3d2998b72 100644
--- a/karaf-assembly/src/main/resources/etc/system.properties
+++ b/karaf-assembly/src/main/resources/etc/system.properties
@@ -129,7 +129,7 @@ karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
 #
 #java.security.policy=${karaf.etc}/all.policy
 #org.osgi.framework.security=osgi
-#org.osgi.framework.trust.repositories=${karaf.etc}/trustStore.ks
+#org.osgi.framework.trust.repositories=${karaf.etc}/truststore.ks
 
 #
 # HA/Lock configuration
@@ -148,8 +148,8 @@ karaf.secured.services = (&(osgi.command.scope=*)(osgi.command.function=*))
 # the karaf.lock.slave.block property (false by default):
 # karaf.lock.slave.block=true
 
-javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
-javax.net.ssl.keyStorePassword=password
-javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
-javax.net.ssl-trustStorePassword=password
+#javax.net.ssl.keyStore=${karaf.etc}/provider-keystore.p12
+#javax.net.ssl.keyStorePassword=password
+#javax.net.ssl.trustStore=${karaf.etc}/truststore.p12
+#javax.net.ssl.trustStorePassword=password
 
diff --git a/karaf-features-ids/build.gradle b/karaf-features-ids/build.gradle
index 2ec310bce..9fc789d40 100644
--- a/karaf-features-ids/build.gradle
+++ b/karaf-features-ids/build.gradle
@@ -7,9 +7,9 @@ ext {
     bundleConfigurations = []
 }
 
-rootProject.configurations.findAll { it.name.endsWith('Bundle') }.each { project.ext.bundleConfigurations.add(it.name) }
+configurations.findAll { it.name.endsWith('Bundle') }.each { project.ext.bundleConfigurations.add(it.name) }
 
-rootProject.subprojects.findAll { it.name.matches("(^camel-(?!idscp2\$).*|ids-.*|.*-(patch|wrapper)\$)") }.each { p ->
+rootProject.subprojects.findAll { it.name.matches("(^camel-.*|ids-.*|.*-(patch|wrapper)\$)") }.each { p ->
     Boolean included = false
     // Include each sub-project declaring dependencies with a configuration ending on "Bundle",
     // using exactly that configuration for the dependency itself and selection of additional recursive dependencies.
@@ -34,6 +34,7 @@ dependencies {
     }
     zmqFeature group: 'org.apache-extras.camel-extra', name: 'camel-zeromq', version: libraryVersions.camelZeroMQ
     providedByBundle group: 'org.jetbrains.kotlin', name: 'kotlin-osgi-bundle', version: libraryVersions.kotlin
+    providedByBundle("jakarta.activation:jakarta.activation-api:1.2.2")
 }
 
 karaf {
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index fac8718f8..803b9583a 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -1,11 +1,8 @@
-# Versions for modules that will be released as libraries
-api: "2.1.0"
-idscp: "1.1.0"
-idscp2: "0.2.0"
+idscp2: "0.3.2"
 
 # Kotlin library/compiler version
-kotlin: "1.4.20"
-kotlinxCoroutines: "1.4.1"
+kotlin: "1.4.31"
+kotlinxCoroutines: "1.4.3"
 # basically, the first requirement, all other libraries depend on this version
 karaf: "4.2.10"
 # Jetty version should fit bundled version in karaf
@@ -14,19 +11,14 @@ jetty: "9.4.30.v20200611"
 # The used version of the infomodel from IESE
 infomodel: "4.0.0"
 
-# For javax.xml.bind support in newer java versions
-jaxb: "2.2.11"
-jaxActivation: "1.2.0"
-
 pax: "7.2.14"
 
-camel: "3.0.0"
+# Starting with camel 3.1.0, XML dump features and metrics have been removed!
+camel: "3.0.1"
 camelHttp4: "3.0.0-M4"
 camelZeroMQ: "2.22.0"
 influxDB: "2.14"
 
-tssJava: "0.3.0"
-
 # Camel ships with cxf, however it is slightly older so we want a newer version
 cxf: "3.3.4"
 
@@ -37,15 +29,15 @@ felixFramework: "5.6.10"
 
 ahc: "2.4.9"
 checkerQual: "2.5.2"
-guava: "27.0-jre"
+guava: "30.1-jre"
 slf4j: "1.7.30"
-junit4: "4.12"
-mockito: "3.2.0"
+junit4: "4.13.2"
+mockito: "3.8.0"
 mapdb: "3.0.7"
 # jnrunix and jnrffi must be consistent
 jnrunix: "0.22"
 jnrffi: "2.1.5"
-protobuf: "3.13.0"
+protobuf: "3.15.5"
 httpcore: "4.4.11"
 httpclient: "4.5.7"
 jaxwsApi: "2.3.1"
@@ -80,12 +72,8 @@ commonsCli: "1.4"
 javaxValidation: "2.0.1.Final"
 
 # Needed for token manager to assemble JWTs
-jsonwebtoken: "0.10.5"
-okhttp: "3.11.0"
-okio: "1.15.0"
-orgJson: "20180813"
-jose4j: "0.6.5"
-bouncycastle: "1.66"
+jsonwebtoken: "0.11.2"
+jose4j: "0.7.6"
 
 # Needed for web console
 javaxServlet: "4.0.1"
diff --git a/rat-repository/.gitignore b/rat-repository/.gitignore
deleted file mode 100644
index 04f7cca7c..000000000
--- a/rat-repository/.gitignore
+++ /dev/null
@@ -1,5 +0,0 @@
-target/
-/bin/
-*.jar
-configuration.db
-/generated/
diff --git a/rat-repository/Dockerfile b/rat-repository/Dockerfile
deleted file mode 100644
index 1df0f111c..000000000
--- a/rat-repository/Dockerfile
+++ /dev/null
@@ -1,28 +0,0 @@
-ARG JDK_BASE_IMAGE=fraunhoferaisec/jdk-base:develop
-FROM $JDK_BASE_IMAGE
-
-LABEL AUTHOR="Michael Lux (michael.lux@aisec.fraunhofer.de)"
-
-ARG VERSION
-ENV FILENAME="rat-repository-${VERSION}.jar"
-
-# Install binutils, recommended for platform detection (readelf)
-RUN apt-get update -qq && apt-get install -qq binutils
-
-# Optional: Install oh-my-zsh for a better shell (~ 20 MiB overhead)
-#RUN apt-get update && apt-get install -y wget git zsh fonts-powerline \
-#  && wget https://github.com/robbyrussell/oh-my-zsh/raw/master/tools/install.sh -O - | zsh || true \
-#  # Set nice theme
-#  && sed -ie 's/^ZSH_THEME=".*"$/ZSH_THEME="agnoster"/' ~/.zshrc \
-#  # Disable automatic update
-#  && sed -ie 's/^# DISABLE_AUTO_UPDATE$/DISABLE_AUTO_UPDATE/' ~/.zshrc \
-#  # Remove wget and git, Cleanup
-#  && apt-get remove --purge -y wget git && apt-get autoremove --purge -y
-
-ADD build/libs/rat-repository-${VERSION}.jar /root/
-
-WORKDIR "/root"
-
-EXPOSE 31337
-
-CMD java -jar ${FILENAME} -p 31337 -h 0.0.0.0
diff --git a/rat-repository/LICENSE.txt b/rat-repository/LICENSE.txt
deleted file mode 100644
index 261eeb9e9..000000000
--- a/rat-repository/LICENSE.txt
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/rat-repository/README.md b/rat-repository/README.md
deleted file mode 100644
index b363bfe68..000000000
--- a/rat-repository/README.md
+++ /dev/null
@@ -1 +0,0 @@
-The _rat-repository_ module contains the a service that serves as a Remote Attestation (RAT) repository. This is an exemplary infrastructural service that serves valid TPM signatures to Connector instances.
diff --git a/rat-repository/bnd.bnd b/rat-repository/bnd.bnd
deleted file mode 100644
index 26222a248..000000000
--- a/rat-repository/bnd.bnd
+++ /dev/null
@@ -1,6 +0,0 @@
-Bundle-Name: rat-repository
-Bundle-Description: attestation repository for the IDS protocol
-Import-Package: \
-	de.fhg.aisec.ids.messages, \
-	*
--fixupmessages: "Classes found in the wrong directory*"; is:=warning
\ No newline at end of file
diff --git a/rat-repository/build.gradle b/rat-repository/build.gradle
deleted file mode 100644
index 57bdaabdd..000000000
--- a/rat-repository/build.gradle
+++ /dev/null
@@ -1,36 +0,0 @@
-description = 'rat-repository'
-
-dependencies {
-    implementation(project(':ids-api')) { transitive = false }
-
-    // Java 11 javax.xml.bind polyfills
-    implementation group: "javax.xml.bind", name: "jaxb-api", version: libraryVersions.jaxb
-    implementation group: "com.sun.xml.bind", name: "jaxb-core", version: libraryVersions.jaxb
-    implementation group: "com.sun.xml.bind", name: "jaxb-impl", version: libraryVersions.jaxb
-    implementation group: 'com.sun.activation', name: 'javax.activation', version: libraryVersions.jaxActivation
-    
-    implementation group: 'org.xerial', name: 'sqlite-jdbc', version: libraryVersions.sqliteJdbc
-    implementation group: 'org.eclipse.jetty', name: 'jetty-server', version: libraryVersions.jetty
-    implementation group: 'org.eclipse.jetty', name: 'jetty-servlet', version: libraryVersions.jetty
-
-    implementation group: 'org.glassfish.jersey.core', name: 'jersey-server', version: libraryVersions.jersey
-    implementation group: 'org.glassfish.jersey.containers', name: 'jersey-container-servlet-core', version: libraryVersions.jersey
-    implementation group: 'org.glassfish.jersey.media', name: 'jersey-media-json-jackson', version: libraryVersions.jersey
-    implementation group: 'org.glassfish.jersey.inject', name: 'jersey-hk2', version: libraryVersions.jersey
-
-    implementation group: 'com.google.code.gson', name: 'gson', version: libraryVersions.gson
-
-    implementation group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
-
-    testCompile group: 'org.apache.camel', name: 'camel-test', version: libraryVersions.camel
-    testCompile group: 'junit', name: 'junit', version: libraryVersions.junit4
-}
-
-jar {
-    manifest {
-        attributes('Main-Class': 'de.fhg.aisec.ids.attestation.Start')
-    }
-    from {
-        configurations.runtimeClasspath.collect { it.isDirectory() ? it : zipTree(it) }
-    }
-}
diff --git a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Configuration.java b/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Configuration.java
deleted file mode 100644
index 046123bff..000000000
--- a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Configuration.java
+++ /dev/null
@@ -1,98 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-import de.fhg.aisec.ids.messages.AttestationProtos.Pcr;
-import java.util.Arrays;
-import java.util.Objects;
-
-public class Configuration {
-  private long id;
-  private String name;
-  private String type;
-  private Pcr[] values;
-
-  public Configuration(long id, String name, String type, Pcr[] values) {
-    this.id = id;
-    this.name = name;
-    this.type = type;
-    this.values = values.clone();
-  }
-
-  public Configuration(long id, String name, String type) {
-    this.id = id;
-    this.name = name;
-    this.type = type;
-  }
-
-  public Pcr[] getValues() {
-    return values.clone();
-  }
-
-  public void setValues(Pcr[] values) {
-    this.values = values.clone();
-  }
-
-  public long getId() {
-    return id;
-  }
-
-  public void setId(long id) {
-    this.id = id;
-  }
-
-  public String getName() {
-    return name;
-  }
-
-  public void setName(String name) {
-    this.name = name;
-  }
-
-  public String getType() {
-    return type;
-  }
-
-  public void setType(String type) {
-    this.type = type;
-  }
-
-  @Override
-  public boolean equals(Object o) {
-    if (this == o) {
-      return true;
-    }
-    if (o == null || getClass() != o.getClass()) {
-      return false;
-    }
-    Configuration that = (Configuration) o;
-    return id == that.id
-        && Objects.equals(name, that.name)
-        && Objects.equals(type, that.type)
-        && Arrays.equals(values, that.values);
-  }
-
-  @Override
-  public int hashCode() {
-    int result = Objects.hash(id, name, type);
-    result = 31 * result + Arrays.hashCode(values);
-    return result;
-  }
-}
diff --git a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Database.java b/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Database.java
deleted file mode 100644
index e754f797c..000000000
--- a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Database.java
+++ /dev/null
@@ -1,293 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-import com.google.protobuf.ByteString;
-import de.fhg.aisec.ids.messages.AttestationProtos.Pcr;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import java.sql.*;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.LinkedList;
-import java.util.List;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class Database {
-
-  private static final Logger LOG = LoggerFactory.getLogger(Database.class);
-  private static final int SHA256_BYTES_LEN = 32;
-  private static final int PCRS_BASIC = 11;
-  private static final int PCRS_ADVANCED = 17;
-  private static final int PCRS_ALL = 24;
-  private static final ByteString ZERO;
-  private static final ByteString FFFF;
-
-  static {
-    // Initialize example PCR constants
-    byte[] bytes = new byte[SHA256_BYTES_LEN];
-    Arrays.fill(bytes, (byte) 0x00);
-    ZERO = ByteString.copyFrom(bytes);
-    Arrays.fill(bytes, (byte) 0xff);
-    FFFF = ByteString.copyFrom(bytes);
-  }
-
-  private Connection connection;
-
-  public Database() {
-    try {
-      makeJDBCConnection();
-      createTables();
-      insertDefaultConfiguration();
-    } catch (SQLException e) {
-      throw new IllegalStateException(e);
-    }
-  }
-
-  private void insertDefaultConfiguration() throws SQLException {
-    Pcr[] basic = new Pcr[PCRS_BASIC];
-    Pcr[] advanced = new Pcr[PCRS_ADVANCED];
-    Pcr[] all = new Pcr[PCRS_ALL];
-
-    for (int i = 0; i < PCRS_BASIC; i++) {
-      basic[i] = Pcr.newBuilder().setNumber(i).setValue(ZERO).build();
-    }
-    for (int i = 0; i < PCRS_ADVANCED; i++) {
-      advanced[i] = Pcr.newBuilder().setNumber(i).setValue(ZERO).build();
-      all[i] = Pcr.newBuilder().setNumber(i).setValue(ZERO).build();
-    }
-    for (int i = PCRS_ADVANCED; i < PCRS_ALL; i++) {
-      all[i] = Pcr.newBuilder().setNumber(i).setValue(FFFF).build();
-    }
-    all[PCRS_ALL - 1] = Pcr.newBuilder().setNumber(PCRS_ALL - 1).setValue(ZERO).build();
-    this.insertConfiguration("default_basic", "BASIC", basic);
-    this.insertConfiguration("default_advanced", "ADVANCED", advanced);
-    this.insertConfiguration("default_all", "ALL", all);
-  }
-
-  private void makeJDBCConnection() {
-    try {
-      Class.forName("org.sqlite.JDBC");
-    } catch (ClassNotFoundException e) {
-      LOG.error(
-          "Sorry, couldn't found JDBC driver. Make sure you have added JDBC Maven Dependency Correctly",
-          e);
-      return;
-    }
-    try {
-      connection = DriverManager.getConnection("jdbc:sqlite:configuration.db");
-      LOG.trace("connection to sqlite db successful!");
-    } catch (SQLException e) {
-      LOG.error("Failed to make connection to mysql db!", e);
-    }
-  }
-
-  public Connection getConnection() {
-    return connection;
-  }
-
-  public void createTables() throws SQLException {
-    try (Statement statement = connection.createStatement()) {
-      String sql =
-          "DROP TABLE IF EXISTS CONFIG; CREATE TABLE CONFIG ("
-              + "'ID' INTEGER PRIMARY KEY AUTOINCREMENT,"
-              + "'NAME' VARCHAR(255) NULL DEFAULT 'Configuration Name',"
-              + "'TYPE' VARCHAR(255) NULL DEFAULT 'BASIC');";
-      statement.executeUpdate(sql);
-    }
-
-    try (Statement statement = connection.createStatement()) {
-      String sql =
-          "DROP TABLE IF EXISTS PCR; CREATE TABLE PCR ("
-              + "'ID' INTEGER PRIMARY KEY AUTOINCREMENT,"
-              + "'SEQ' INTEGER DEFAULT '0',"
-              + "'VALUE' BLOB NOT NULL,"
-              + "'CID' INTEGER NOT NULL,"
-              + "FOREIGN KEY (CID) REFERENCES 'CONFIG' ('ID'));";
-      statement.executeUpdate(sql);
-    }
-  }
-
-  public long insertConfiguration(String name, String type, Pcr[] values) throws SQLException {
-    String sql = "INSERT INTO CONFIG (NAME, TYPE) VALUES (?,?)";
-    try (PreparedStatement pStatement =
-        connection.prepareStatement(sql, Statement.RETURN_GENERATED_KEYS)) {
-      pStatement.setString(1, name);
-      pStatement.setString(2, type);
-      pStatement.executeUpdate();
-      try (ResultSet keySet = pStatement.getGeneratedKeys()) {
-        long key = keySet.getLong(1);
-        this.insertPcrs(values, key);
-        return key;
-      }
-    }
-  }
-
-  private void insertPcrs(Pcr[] values, long key) throws SQLException {
-    String sql = "INSERT INTO PCR (SEQ, VALUE, CID) VALUES  (?,?,?)";
-    try (PreparedStatement pStatement = connection.prepareStatement(sql)) {
-      for (Pcr value : values) {
-        LOG.debug("INSERT PCR order: {} value {}", value.getNumber(), value.getValue());
-        pStatement.setInt(1, value.getNumber());
-        pStatement.setBytes(2, value.getValue().toByteArray());
-        pStatement.setLong(3, key);
-        pStatement.executeUpdate();
-      }
-    }
-  }
-
-  private List<Long> getConfigurationIdSingle(Pcr value) throws SQLException {
-    String sql =
-        "SELECT * FROM CONFIG INNER JOIN PCR ON PCR.CID = CONFIG.ID "
-            + "WHERE PCR.SEQ = ? AND PCR.VALUE = ? ORDER BY CONFIG.ID";
-    try (PreparedStatement pStatement = connection.prepareStatement(sql)) {
-      pStatement.setInt(1, value.getNumber());
-      pStatement.setBytes(2, value.getValue().toByteArray());
-      List<Long> result = new ArrayList<>();
-      try (ResultSet rs = pStatement.executeQuery()) {
-        while (rs.next()) {
-          result.add(rs.getLong("ID"));
-        }
-      }
-      return result;
-    }
-  }
-
-  public List<Long> getConfigurationId(List<Pcr> values) throws SQLException {
-    List<Long> start = this.getConfigurationIdSingle(values.get(0));
-    values = values.subList(1, values.size());
-    if (LOG.isDebugEnabled()) {
-      LOG.debug(
-          "\n#################################\nstart:{}\n#################################\n",
-          Arrays.toString(start.toArray()));
-    }
-    for (Pcr value : values) {
-      List<Long> now = this.getConfigurationIdSingle(value);
-      if (LOG.isDebugEnabled()) {
-        LOG.debug(
-            "\n#################################\nnow:{}\n#################################\n",
-            Arrays.toString(now.toArray()));
-      }
-      start = intersection(start, now);
-    }
-    if (LOG.isDebugEnabled()) {
-      LOG.debug(
-          "\n#################################\nfinal:{}\n#################################\n",
-          Arrays.toString(start.toArray()));
-    }
-    return start;
-  }
-
-  private List<Long> intersection(List<Long> a, List<Long> b) {
-    ArrayList<Long> result = new ArrayList<>(a);
-    result.retainAll(b);
-    return result;
-  }
-
-  public boolean deleteConfigurationById(long id) throws SQLException {
-    String sql = "DELETE FROM CONFIG WHERE ID = ?";
-    int rowCount;
-    try (PreparedStatement pStatement = connection.prepareStatement(sql)) {
-      pStatement.setLong(1, id);
-      rowCount = pStatement.executeUpdate();
-    }
-    if (rowCount == 1) {
-      sql = "DELETE FROM PCR WHERE CID = ?";
-      try (PreparedStatement pStatement = connection.prepareStatement(sql)) {
-        pStatement.setLong(1, id);
-        pStatement.executeUpdate();
-      }
-    }
-    return rowCount == 1;
-  }
-
-  public List<Configuration> getConfigurationList() throws SQLException {
-    List<Configuration> ll = new LinkedList<>();
-    try (Statement stmt = connection.createStatement();
-        ResultSet rs = stmt.executeQuery("SELECT * FROM CONFIG")) {
-      while (rs.next()) {
-        long id = rs.getLong("ID");
-        ll.add(this.getConfiguration(id));
-      }
-    }
-    return ll;
-  }
-
-  public Configuration getConfiguration(long id) {
-    Configuration c;
-    List<Pcr> values = new ArrayList<>();
-    String sql1 = "select * from CONFIG where ID = ?;";
-    String sql2 = "select * from PCR where CID = ?;";
-    try (PreparedStatement pStatement1 = connection.prepareStatement(sql1);
-        PreparedStatement pStatement2 = connection.prepareStatement(sql2)) {
-      pStatement1.setLong(1, id);
-      pStatement2.setLong(1, id);
-      try (ResultSet rs1 = pStatement1.executeQuery();
-          ResultSet rs2 = pStatement2.executeQuery()) {
-        if (rs1.next()) {
-          while (rs2.next()) {
-            values.add(
-                Pcr.newBuilder()
-                    .setNumber(rs2.getInt("SEQ"))
-                    .setValue(ByteString.copyFrom(rs2.getBytes("VALUE")))
-                    .build());
-          }
-          if (!values.isEmpty()) {
-            c =
-                new Configuration(
-                    rs1.getLong("ID"),
-                    rs1.getString("NAME"),
-                    rs1.getString("TYPE"),
-                    values.toArray(new Pcr[0]));
-          } else {
-            c = new Configuration(rs1.getLong("ID"), rs1.getString("NAME"), rs1.getString("TYPE"));
-          }
-          return c;
-        } else {
-          return null;
-        }
-      }
-    } catch (SQLException e) {
-      LOG.error("Error in getConfiguration()", e);
-      return null;
-    }
-  }
-
-  public boolean checkMessage(ConnectorMessage message) {
-    try {
-      List<Pcr> pcrList = message.getAttestationRepositoryRequest().getPcrValuesList();
-      List<Long> configIds = this.getConfigurationId(pcrList);
-      if (configIds.size() == 1) {
-        return true;
-      } else if (configIds.size() > 1) {
-        if (LOG.isDebugEnabled()) {
-          LOG.debug(
-              "found more than one matching configuration ({}) =( this shouldn't happen!",
-              Arrays.toString(configIds.toArray()));
-        }
-        return true;
-      } else {
-        return false;
-      }
-    } catch (Exception ex) {
-      return false;
-    }
-  }
-}
diff --git a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/MediaTypeExt.java b/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/MediaTypeExt.java
deleted file mode 100644
index 3efb87712..000000000
--- a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/MediaTypeExt.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-import javax.ws.rs.core.MediaType;
-
-public class MediaTypeExt extends MediaType {
-  /** A {@code String} constant representing "{@value #APPLICATION_PROTOBUF}" media type. */
-  public static final String APPLICATION_PROTOBUF = "application/x-protobuf";
-  /**
-   * A {@link javax.ws.rs.core.MediaType} constant representing "{@value #APPLICATION_PROTOBUF}"
-   * media type.
-   */
-  public static final MediaType APPLICATION_PROTOBUF_TYPE =
-      new MediaType("application", "x-protobuf");
-}
diff --git a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufAutoDiscoverable.java b/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufAutoDiscoverable.java
deleted file mode 100644
index 30ad249bf..000000000
--- a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufAutoDiscoverable.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-import javax.annotation.Priority;
-import javax.ws.rs.Priorities;
-import javax.ws.rs.core.FeatureContext;
-import org.glassfish.jersey.internal.spi.AutoDiscoverable;
-
-@Priority(Priorities.ENTITY_CODER)
-public class ProtobufAutoDiscoverable implements AutoDiscoverable {
-
-  public void configure(FeatureContext context) {
-    if (!context.getConfiguration().isRegistered(ProtobufFeature.class)) {
-      context.register(ProtobufFeature.class);
-    }
-  }
-}
diff --git a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufFeature.java b/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufFeature.java
deleted file mode 100644
index 06e2c7168..000000000
--- a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufFeature.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-import javax.ws.rs.core.Configuration;
-import javax.ws.rs.core.Feature;
-import javax.ws.rs.core.FeatureContext;
-import javax.ws.rs.ext.MessageBodyReader;
-import javax.ws.rs.ext.MessageBodyWriter;
-
-public class ProtobufFeature implements Feature {
-
-  public boolean configure(final FeatureContext context) {
-    final Configuration config = context.getConfiguration();
-
-    if (!config.isRegistered(ProtobufProvider.class)) {
-      context.register(ProtobufProvider.class, MessageBodyReader.class, MessageBodyWriter.class);
-    }
-    return true;
-  }
-}
diff --git a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufMessageException.java b/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufMessageException.java
deleted file mode 100644
index 8b62301e0..000000000
--- a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufMessageException.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-
-public class ProtobufMessageException extends WebApplicationException {
-
-  private static final long serialVersionUID = 5346755086120085544L;
-
-  public ProtobufMessageException(Throwable cause) {
-    super(cause);
-  }
-
-  @Override
-  public Response getResponse() {
-    return Response.status(Response.Status.BAD_REQUEST)
-        .entity(getCause().getMessage())
-        .type(MediaType.TEXT_PLAIN)
-        .build();
-  }
-}
diff --git a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufProvider.java b/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufProvider.java
deleted file mode 100644
index 7ca2859ed..000000000
--- a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/ProtobufProvider.java
+++ /dev/null
@@ -1,100 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-import com.google.protobuf.AbstractMessage;
-import com.google.protobuf.Message;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.lang.annotation.Annotation;
-import java.lang.reflect.Method;
-import java.lang.reflect.Type;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.Produces;
-import javax.ws.rs.WebApplicationException;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.ext.MessageBodyReader;
-import javax.ws.rs.ext.MessageBodyWriter;
-import javax.ws.rs.ext.Provider;
-
-@Provider
-@Produces(MediaTypeExt.APPLICATION_PROTOBUF)
-@Consumes(MediaTypeExt.APPLICATION_PROTOBUF)
-public class ProtobufProvider implements MessageBodyReader<Message>, MessageBodyWriter<Message> {
-
-  public boolean isReadable(
-      Class<?> type, Type genericType, Annotation[] annotations, MediaType mediaType) {
-    return isAssignableFrom(type);
-  }
-
-  public Message readFrom(
-      Class<Message> type,
-      Type genericType,
-      Annotation[] annotations,
-      MediaType mediaType,
-      MultivaluedMap<String, String> httpHeaders,
-      InputStream entityStream)
-      throws IOException, WebApplicationException {
-    try {
-      Method newBuilder = type.getMethod("newBuilder");
-      AbstractMessage.Builder<?> messageBuilder =
-          (AbstractMessage.Builder<?>) newBuilder.invoke(type);
-      return messageBuilder.mergeFrom(entityStream).build();
-    } catch (Exception e) {
-      throw new ProtobufMessageException(e);
-    }
-  }
-
-  public boolean isWriteable(
-      Class<?> type, Type genericType, Annotation[] annotations, MediaType mediaType) {
-    return isAssignableFrom(type);
-  }
-
-  public long getSize(
-      Message message,
-      Class<?> type,
-      Type genericType,
-      Annotation[] annotations,
-      MediaType mediaType) {
-    return message.getSerializedSize();
-  }
-
-  public void writeTo(
-      Message message,
-      Class<?> type,
-      Type genericType,
-      Annotation[] annotations,
-      MediaType mediaType,
-      MultivaluedMap<String, Object> httpHeaders,
-      OutputStream entityStream)
-      throws IOException, WebApplicationException {
-    try {
-      entityStream.write(message.toByteArray());
-    } catch (Exception e) {
-      throw new ProtobufMessageException(e);
-    }
-  }
-
-  private boolean isAssignableFrom(Class<?> type) {
-    return Message.class.isAssignableFrom(type);
-  }
-}
diff --git a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/REST.java b/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/REST.java
deleted file mode 100644
index fafde94a9..000000000
--- a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/REST.java
+++ /dev/null
@@ -1,214 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-import com.google.gson.Gson;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import de.fhg.aisec.ids.messages.Idscp.AttestationRepositoryRequest;
-import de.fhg.aisec.ids.messages.Idscp.AttestationRepositoryResponse;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import de.fhg.aisec.ids.messages.Idscp.Error;
-import java.sql.SQLException;
-import java.util.Arrays;
-import java.util.List;
-import javax.servlet.http.HttpServletResponse;
-import javax.ws.rs.*;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.MediaType;
-
-@Path("/")
-public class REST {
-
-  private Database db;
-  private Gson gson = new Gson();
-  private static final String PROTOBUF_URL = "/rat-verify";
-  private boolean corsEnabled = true;
-  protected @Context HttpServletResponse response;
-
-  public REST(Database db) {
-    this.db = db;
-  }
-
-  @POST
-  @Path(PROTOBUF_URL)
-  @Produces(MediaTypeExt.APPLICATION_PROTOBUF)
-  @Consumes(MediaTypeExt.APPLICATION_PROTOBUF)
-  public ConnectorMessage checkConfiguration(ConnectorMessage msg) {
-    if (msg.getType().equals(ConnectorMessage.Type.RAT_REPO_REQUEST)) {
-      try {
-        AttestationRepositoryRequest request = msg.getAttestationRepositoryRequest();
-        int numPcrValues = request.getPcrValuesCount();
-        IdsAttestationType type = request.getAtype();
-        // check if attestation type matches # opf pcr values
-        if (numPcrValues > 0) {
-          switch (type) {
-            case BASIC:
-              if (numPcrValues == 12) {
-                return this.checkMessage(msg);
-              } else {
-                return this.sendError(
-                    "error: IdsAttestationType is BASIC, "
-                        + "but number of PCR values (\""
-                        + numPcrValues
-                        + "\") send is not 12",
-                    msg.getId());
-              }
-            case ADVANCED:
-              return this.checkMessage(msg);
-            case ALL:
-              if (numPcrValues == 24) {
-                return this.checkMessage(msg);
-              } else {
-                return this.sendError(
-                    "error: IdsAttestationType is ALL, "
-                        + "but number of PCR values (\""
-                        + numPcrValues
-                        + "\") send is not 24",
-                    msg.getId());
-              }
-            default:
-              return this.sendError("error: unknown IdsAttestationType", msg.getId());
-          }
-        } else {
-          return this.sendError("there were no PCR values in the request", msg.getId());
-        }
-      } catch (Exception e) {
-        return this.sendError(e.getMessage(), msg.getId());
-      }
-    } else {
-      return this.sendError("request was not of type RAT_REPO_REQUEST", msg.getId());
-    }
-  }
-
-  // get all configurations using json
-  @GET
-  @Path("/json/configurations/")
-  @Produces(MediaType.APPLICATION_JSON)
-  public String getConfigurationList() {
-    this.setCORSHeader(response, corsEnabled);
-    String ret;
-    try {
-      ret = gson.toJson(this.db.getConfigurationList());
-    } catch (Exception e) {
-      ret = e.getMessage();
-    }
-    return ret;
-  }
-
-  // get a single configuration with id {cid} using json
-  @GET
-  @Path("/json/configurations/{cid}")
-  @Produces(MediaType.APPLICATION_JSON)
-  public String getConfiguration(@PathParam("cid") String cid) {
-    this.setCORSHeader(response, corsEnabled);
-    if (isInteger(cid)) {
-      return gson.toJson(this.db.getConfiguration(Long.parseLong(cid)));
-    } else {
-      throw new BadRequestException("id " + cid + " is not an Integer!");
-    }
-  }
-
-  // post a new configuration
-  @POST
-  @Path("/json/configurations/new")
-  @Consumes(MediaType.APPLICATION_JSON)
-  @Produces(MediaType.APPLICATION_JSON)
-  public long addConfiguration(Configuration config) {
-    this.setCORSHeader(response, corsEnabled);
-    try {
-      List<Long> existing = this.db.getConfigurationId(Arrays.asList(config.getValues()));
-      if (existing.isEmpty()) {
-        return this.db.insertConfiguration(config.getName(), config.getType(), config.getValues());
-      } else {
-        throw new InternalServerErrorException();
-      }
-    } catch (Exception e) {
-      throw new InternalServerErrorException(e);
-    }
-  }
-
-  // delete a single configuration with id {cid} using json
-  @DELETE
-  @Path("/json/configurations/{cid}")
-  @Produces(MediaType.APPLICATION_JSON)
-  public String deleteConfiguration(@PathParam("cid") String cid) throws SQLException {
-    this.setCORSHeader(response, corsEnabled);
-    if (isInteger(cid)) {
-      if (this.db.deleteConfigurationById(Integer.parseInt(cid))) {
-        return cid;
-      } else {
-        throw new InternalServerErrorException();
-      }
-    } else {
-      throw new InternalServerErrorException();
-    }
-  }
-
-  private static boolean isInteger(String s) {
-    if (s.isEmpty()) {
-      return false;
-    }
-    for (int i = 0; i < s.length(); i++) {
-      if (i == 0 && s.charAt(i) == '-') {
-        if (s.length() == 1) {
-          return false;
-        } else {
-          continue;
-        }
-      }
-      if (Character.digit(s.charAt(i), 10) < 0) {
-        return false;
-      }
-    }
-    return true;
-  }
-
-  private void setCORSHeader(HttpServletResponse response, boolean enable) {
-    response.setCharacterEncoding("utf-8");
-    if (enable) {
-      response.setHeader("Access-Control-Allow-Origin", "*");
-      response.setHeader(
-          "Access-Control-Allow-Headers", "origin, content-type, accept, authorization");
-      response.setHeader("Access-Control-Allow-Credentials", "true");
-      response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");
-      response.setHeader("Access-Control-Max-Age", "1209600");
-    }
-  }
-
-  private ConnectorMessage checkMessage(ConnectorMessage msg) {
-    return ConnectorMessage.newBuilder()
-        .setId(msg.getId() + 1)
-        .setType(ConnectorMessage.Type.RAT_REPO_RESPONSE)
-        .setAttestationRepositoryResponse(
-            AttestationRepositoryResponse.newBuilder()
-                .setAtype(msg.getAttestationRepositoryRequest().getAtype())
-                .setResult(this.db.checkMessage(msg))
-                .build())
-        .build();
-  }
-
-  private ConnectorMessage sendError(String error, long id) {
-    return ConnectorMessage.newBuilder()
-        .setId(id + 1)
-        .setType(ConnectorMessage.Type.ERROR)
-        .setError(Error.newBuilder().setErrorCode("").setErrorMessage(error).build())
-        .build();
-  }
-}
diff --git a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/RemoteAttestationServer.java b/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/RemoteAttestationServer.java
deleted file mode 100644
index 617476311..000000000
--- a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/RemoteAttestationServer.java
+++ /dev/null
@@ -1,140 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-import java.net.MalformedURLException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import org.eclipse.jetty.http.HttpVersion;
-import org.eclipse.jetty.server.*;
-import org.eclipse.jetty.servlet.ServletContextHandler;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-import org.glassfish.jersey.server.ResourceConfig;
-import org.glassfish.jersey.servlet.ServletContainer;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class RemoteAttestationServer {
-  private Server server;
-  private Database database;
-  private URI uri;
-  private static final Logger LOG = LoggerFactory.getLogger(Database.class);
-
-  public RemoteAttestationServer(String host, String path, int port) {
-    this.database = new Database();
-    try {
-      this.uri = new URI(String.format("https://%s:%d/%s", host, port, path));
-      LOG.debug("Remote Attestation Repository starting on : " + this.uri.toURL().toString());
-      server = new Server();
-
-      // HTTP Configuration
-      HttpConfiguration http_config = new HttpConfiguration();
-      http_config.setSecureScheme("https");
-      http_config.setSecurePort(port);
-
-      // === jetty-https.xml ===
-      // SSL Context Factory
-      SslContextFactory sslContextFactory = new SslContextFactory.Server();
-      sslContextFactory.setKeyStorePath(
-          Thread.currentThread()
-              .getContextClassLoader()
-              .getResource("repository-keystore.jks")
-              .toString());
-      sslContextFactory.setKeyStorePassword("OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v");
-      sslContextFactory.setKeyManagerPassword("OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v");
-      sslContextFactory.setTrustStorePath(
-          Thread.currentThread()
-              .getContextClassLoader()
-              .getResource("repository-truststore.jks")
-              .toString());
-      sslContextFactory.setTrustStorePassword("OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v");
-      sslContextFactory.setExcludeCipherSuites(
-          "SSL_RSA_WITH_DES_CBC_SHA",
-          "SSL_DHE_RSA_WITH_DES_CBC_SHA",
-          "SSL_DHE_DSS_WITH_DES_CBC_SHA",
-          "SSL_RSA_EXPORT_WITH_RC4_40_MD5",
-          "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA",
-          "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA",
-          "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA");
-
-      // SSL HTTP Configuration
-      HttpConfiguration https_config = new HttpConfiguration(http_config);
-      https_config.addCustomizer(new SecureRequestCustomizer());
-
-      // SSL Connector
-      ServerConnector serverConnector =
-          new ServerConnector(
-              server,
-              new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()),
-              new HttpConnectionFactory(https_config));
-      //      ServerConnector serverConnector = new ServerConnector(server);
-      serverConnector.setPort(port);
-      server.addConnector(serverConnector);
-      ServletContextHandler handler = new ServletContextHandler();
-      handler.setContextPath("");
-      handler.addServlet(new ServletHolder(new ServletContainer(resourceConfig())), "/*");
-      server.setHandler(handler);
-    } catch (URISyntaxException | MalformedURLException e) {
-      LOG.debug("could not format URI !");
-      e.printStackTrace();
-    }
-  }
-
-  public void start() {
-    try {
-      server.start();
-    } catch (Exception e) {
-      throw new RuntimeException("Could not start the server", e);
-    }
-  }
-
-  private ResourceConfig resourceConfig() {
-    return new ResourceConfig().register(ProtobufProvider.class).register(new REST(this.database));
-  }
-
-  void stop() {
-    try {
-      server.stop();
-    } catch (Exception e) {
-      throw new RuntimeException("Could not stop the server", e);
-    }
-  }
-
-  void join() {
-    try {
-      server.join();
-    } catch (InterruptedException e) {
-      throw new RuntimeException("Could not join the thread", e);
-    }
-  }
-
-  public URI getURI() {
-    return this.uri;
-  }
-
-  public Database getDatabase() {
-    return this.database;
-  }
-
-  public void destroy() {
-    server.destroy();
-  }
-}
diff --git a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Start.java b/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Start.java
deleted file mode 100644
index 917cab520..000000000
--- a/rat-repository/src/main/java/de/fhg/aisec/ids/attestation/Start.java
+++ /dev/null
@@ -1,98 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-public class Start {
-  private static final String VERSION = "3.0.2";
-  private static final String URL = "rat-verify";
-
-  private static String host = "127.0.0.1";
-  private static int port = 31337;
-
-  public static void main(String[] args) {
-    switch (args.length) {
-      case 2:
-        firstArg(args);
-        run();
-        break;
-      case 4:
-        firstArg(args);
-        secondArg(args);
-        run();
-        break;
-      default:
-        System.out.println("IDS: Remote Attestation Repository v" + VERSION);
-        System.out.println("-----------------------------------------");
-        System.out.println(
-            "usage:\n\tjava -jar rat-repository-" + VERSION + ".jar [-p Port] [-h Host]");
-        System.out.println(
-            "example:\n\tjava -jar rat-repository-" + VERSION + ".jar -p 31337 -h 127.0.0.1");
-        System.out.println();
-        break;
-    }
-  }
-
-  private static void firstArg(String[] args) {
-    if (args[0].equals("-p")) {
-      if (isInteger(args[1])) {
-        port = Integer.parseInt(args[1]);
-      } else {
-        System.out.println("error: " + args[1] + " is not a port number!");
-      }
-    } else if (args[0].equals("-h")) {
-      host = args[1];
-    } else {
-      System.out.println("error: " + args[1] + " is not a valid option!");
-    }
-  }
-
-  private static void secondArg(String[] args) {
-    if (args[2].equals("-p")) {
-      if (isInteger(args[3])) {
-        port = Integer.parseInt(args[3]);
-      } else {
-        System.out.println("error: " + args[3] + " is not a port number!");
-      }
-    } else if (args[2].equals("-h")) {
-      host = args[3];
-    } else {
-      System.out.println("error: " + args[3] + " is not a valid option!");
-    }
-  }
-
-  private static boolean isInteger(String s) {
-    try {
-      Integer.parseInt(s);
-    } catch (NumberFormatException | NullPointerException e) {
-      return false;
-    }
-    return true;
-  }
-
-  private static void run() {
-    RemoteAttestationServer ratServer = new RemoteAttestationServer(host, URL, port);
-    try {
-      ratServer.start();
-      ratServer.join();
-    } finally {
-      ratServer.stop();
-    }
-  }
-}
diff --git a/rat-repository/src/main/resources/log4j2.xml b/rat-repository/src/main/resources/log4j2.xml
deleted file mode 100644
index 1ec792ce7..000000000
--- a/rat-repository/src/main/resources/log4j2.xml
+++ /dev/null
@@ -1,17 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<Configuration package="log4j.test"
-status="WARN">
-<Appenders>
-    <Console name="Console" target="SYSTEM_OUT">
-        <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
-    </Console>
-</Appenders>
-<Loggers>
-    <Logger name="log4j.test.Log4jTest" level="debug">
-        <AppenderRef ref="Console"/>
-    </Logger>
-    <Root level="trace">
-        <AppenderRef ref="Console"/>
-    </Root>
-</Loggers>
-</Configuration>
diff --git a/rat-repository/src/main/resources/repository-keystore.jks b/rat-repository/src/main/resources/repository-keystore.jks
deleted file mode 100644
index 26265d872322862dcd293d7c02fff2583fa97af5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 2481
zcma)8dpOkT7oYEU#w3?<-9Z?)vP_KcXbe+f<i2cZh>~S?2E#HFGp?yY8nzv_NJKO$
zT~I`Bk<GO&p^Kzq+(mMUEw}I+?d91&_K)8m=XuWOocBHFJ?Htn=Y7|w*Qa4H7$_3p
zs{nYB7R;~k<icQL0F;PWgHT9`ok#!yU_m(m5Q8BS5t9bO9fw$EdV=?P60NTW!*U)U
z4u?EDj6+YB*>hLIhMCTJVd>1-Q*pEEEr#3o+&~($5!@DmnyDu`cWkUF=X0*7^L;WV
zC4P=*&hX7mwc4BRsYLJKOtt#F#?4I96$ed;RXQ^>-b!rS0-2T4e%q?0Mf{N0{LP;k
zgfCnI)}z^F%MaY;Gc#9%00)hy@JvBZaz1=sdz_g7HyV%qse!NT|FpQo`~3+y5|%WQ
zfjh4Lc%h7P{vGz#7c~ogkJN#V6#k1Tr!G3SYCXwh53<WVD{#`Uv{vZhKK=a}AH*YV
zbMeEUz={WA6~|oK=kJ5)$bAy;AAInGHVSTtb21ZTBTrCeY`^`0x&0_@mu7F3F}-J0
zh`8CZ69V{a5A22JZm6279{bORsXYR*e#&ajtvhXaLH1JG9@%r%w~{LcH=3vgT$SHH
zj<#(ZiE4<Rx2g$1JKwS|ysY~<-9iePG4}b&#&XfgwBPiP5h<0|W!*!_)u_B(qz{dg
zzFW>^PD!t;cGoj%?oBoNDTx!a$ueCh&3}4E3R>)G*B`=C(8l^{6PUh=Le{ytF7|+A
zG*<V6|2_w|)tC7yQ*URQH;g@!G8YeA`<~g|r&&1_#?OpN`Eq?)PFCH>OG8rVETdn6
zc512VTRgoyRPN~9)ve9OYP_GL@QzL8%(<0YaK6D|g_tt_eCP4d)kPCkHH;CI<*~H<
zK!J9+<D8B?Yf|j#O-jVJB-H81_D|#7f;STHW@P$P_tOVIwx>+obG??|dTExHuDn8Q
zZrN4BY+WPNfzP@VT)N%bv>(YLOtZ&7Y2p^!Leks9+lbW6T9!|hN0j%#2t^ujy-n^N
znH9DiO;K7QdxrE#_SeVeosMxWeSNoB=MroE9jG*4<z15W#BB&|QR2FnYrEB6`e&<v
zM%m+DPRH$)W~K*b;gtNkFTl!JXK%d4^w#1!iL`#NpXzRnX`rv}Jl!HLW!CplyV5*b
zy(LJ}CUP9qz<JZ6W}33~8qS{_gB{e91{b0-t5McHmA`l_^!An)&@*4Xlr>Y%nUzMy
zzsu)^M$N@s%cXX>D!*RNt_;_^?O>a|JEyBrtLICI8vN`Q+Ue(gmj-I+q3;QVHYe>2
zzRu?}@vXI%4|yTA!G|)d_CUW2o@cG+R!>!s^7{r-vh=+k_heeBjhL)jp)9Qp@`r4?
z<BAlWWUs5Pe6%I*KXI0(RVS_$()DZM*?3%n`${O)F=OB!M#14FGRm#pIk|bze(Zv~
zR@yJk%3Oyxqse!Rxf5_3vQZot&o=GoAhPyO2<`=I#yIxxONqNxySC4@JSo7-(V($c
zy=yMUnm6krN4H770wd)Zuq(&yysopVtFw;WJcF<tl)u)v<HeWyz`4Cn(^Wx#bn<;K
zF@lHvM_$7;8ozTIX6P0s$Gvi_%>g3vfb|10KM;e_dmOuU?@-vOC%E;Pwg;E5P`0J}
zyG!(t*ACz!zL{{HFY=jq>%Dx=r{QT61AOJJTclfi<5}=LY?||=zk}dDV1?Bh%7bw*
zsK+DRXrZ|F!2S!B76JJ?xB47mF{Vl{dL|uXUzOLB*C&$dO=i4qJf*d(Oor{uYqy+@
zE}e)kPQBllWR}GHC3e^@;_kjU!JTjeHT>aZy@uGh3m?s1nghAUommO_Y2>dnQOpZx
z0+C=a1XDB*gP}zD0RbEYKoHP?q>)>(JO|#QGyq77!5}hT655J{dmxYspp7kF0g~GU
z5>gU&;nWBwgB9Q(j#q=WZ5rWH3XV1uO?Q7bN0SoqqqUW$F@!gRFiO&R5@Z4q@z5^3
zvDslIX=A(yn*0SJ>i>}e1xamYkdzX$a-`T=;|-yme`efHpyC7Qre*{~I*~v%BtW}J
zhCdQ$CWa8+ga++0F{9FmBq$Nk{&!uXkq=J<WMCq@1egc_us7~Hc&5_o;jR>cW!G+=
zP!Ukcx3N7*?r}Nvw97Z_o^y@ya4c`PpYXuiDf56+4?isZwsg_=X!XUCh%FnTR|lqO
zPAY!!IZ5*%W<D_NJ3HpQw=6c@Hmt(1Wenr6vRqg3Xtr#z|FYW{X0WvKP>;fN2F~kz
z|6Ashk`_+_=g3ANDl3^j-<;<0Ot;Jdw(zP+)hB4tMaT?%ElquXnReCpZAz+8KH42*
zWL-Ezjgm(lJQV4g&>7sQa%?GZ_(g7coQsmYa&U241URbGdG8c#)JQ)Nm*bIbZ+F?o
zc2f6}ux?s?e0p##sDp2(4fU)35v88_@H0K}?4v``4GAC|fB{z$0cTN193XX3Yt>N*
zG(vHzRVZ!o18lUsDPU}Jd35pHqrXN%8k=q%gffJVS8V4$tU48QL+4uiH^oY>M&th0
zJ`-Q*qOO1dAs8gNxmE^&fP-QJ$aE8EARq__83?cfJ)SOu!#TR!$cPpmf};kp{b{&>
ze@KO+`x^z(**K98az~1bo@+6&EdYRUfb1ZfzcB>z%>If&XGJkXSX9xD|B4jOVsU6x
zntwP)L`foUQ~9&Z9SAg}_;)xs_>Tra<jvE{AxMyE;?@urjT*vWu{nvDaQ~w$b`XaZ
z9`j#`k`ba$29S&pT{76e87I0)BE|u*!W}i3Bg_V_&IkNnQu>Q*vf6?fBi2ZJ`vcV`
z_a}9?sp_A6T{JJ}G51$&_p-`lhTiuWDcZ7e?Txlp-)XR(QO5B>5Jz-=3>@l~y%-xp
z@+m-yiwP{13p47ro#1r_+w7P#Q9h1WC0|k~<J|<U{8|-1CGLK%_5979EUkW7pU{K9
z^%;8TSoR_p6VWHFT{c>zQye0ZNlh#X`{7qoWi!QRGlJJ2UOl&ie`+b%aa9fph6c8%
zo_SY*qQ|I2n|7&rN{s0lFPvXHvA3|mF=!!P9$i|(=bvpZEV?lf#*D_iaE{!*@T&pJ
u&o8$AMND~-f7lzF0VX%WPM?5NxD&g5RnO}Yv6~ec@v&U6s72B(t^6MZZzC1}

diff --git a/rat-repository/src/main/resources/repository-truststore.jks b/rat-repository/src/main/resources/repository-truststore.jks
deleted file mode 100644
index 8c39e824c3c577a6d188239309749dd93aef6bf1..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 934
zcmezO_TO6u1_mY|W(3nr$%#N_R?lX;at782JyQcq1_tJAgC^#5gC-{b1<Xv0OiY{%
zn;75g9ZkE@ZotdNsnzDu_MMlJk(HIfz{!x?fRl|ml!Z;0$;H)B*gz1(;o{+PD@rWQ
z%g9elEi#ldkO2uY^N4!71S<sP=a(piq!yPbI6EpB85mj^$cghBS{ND_8ycD!8W|Wx
ziSrr*xkhGCE>-MkVpKwQIwLCsa}y&!gFzD`7gG}>Bf}=yR^{Gr6M7vJ6V_Z&@Nby5
z#7A0S`v?CwCY-lIxu*y%+%n74_*^c3cz8pH_X5GBr-ub>RR2uy+3m}8#6nKf?$`Pt
z|H;Mu(k8rr#k<PqJi2)<Oi*yi@m>1aKLXy%>pk|FxX$gtS<TIVRy<%RKd|U^`QFZD
zmwfgX#O$6aR>>kzv^qma#7XAP<OxsSMOKED8+hGV)6&0ra^E{EW%K<$J=QIk+;v>{
zGtHNgwQX5+TaR!4`ghxu79DX+wO{YG;+wqOgS%C-S5GgpnVgmTOXb6TVS%y}H9U;(
z;#b}IFsXFY#qcL<diQA=mt1aC>yu{wcIivWl6{6M4lX7VJIa@PP23gB#LURRxH!Qe
z&OjCzSF(I8Vk{!lpT7zBWa;inOMe``vy8uN!H47t2J#?jWflnou?Fl4_(2MU85#ex
zuo^G}DFbeh06z;0FeSMm#{n?;0ONp>p@Ug@TGp{&CoX9eZeveh|Et<u?rT>Ti_+>g
z-jurN+iGVW=OoX0!dM@A+j9SYb>CL01NW5E|37=S;rz$IP7C$Li+3M4PVjYc{%3CK
zP~P$2bGf-g(5a~GW&ulyEh`t^YuR<~?B6}E0q4)`NIbnx@?G}&Hl?LeF{(PJIz1L?
zt4(k6Y`Ks!(Od8Lwyc}F3xYBx_x(N}E}k~E%s#j|Sk=WZz$|L=lKcoe)@QR9nDg<*
zK0Q!iGSP~8p257Z-t2Sd6WWY4kNsTGm@Mk`=}JS%tDv>nyR{a4y;MEnp7ybslM^ID
z&vwrXQNQJK#csk%5o=`^1;)RB&n}pj^6V)~+_clD=k7eT@9du)n@%uhFEwgk&CYl0
IsmR8&066DhoB#j-

diff --git a/rat-repository/src/test/java/de/fhg/aisec/ids/attestation/RatRepositoryTest.java b/rat-repository/src/test/java/de/fhg/aisec/ids/attestation/RatRepositoryTest.java
deleted file mode 100644
index b269842d0..000000000
--- a/rat-repository/src/test/java/de/fhg/aisec/ids/attestation/RatRepositoryTest.java
+++ /dev/null
@@ -1,285 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * rat-repository
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.attestation;
-
-import static org.junit.Assert.*;
-
-import com.google.gson.Gson;
-import com.google.gson.GsonBuilder;
-import com.google.gson.JsonDeserializer;
-import com.google.gson.JsonObject;
-import com.google.gson.reflect.TypeToken;
-import com.google.protobuf.ByteString;
-import de.fhg.aisec.ids.messages.AttestationProtos.IdsAttestationType;
-import de.fhg.aisec.ids.messages.AttestationProtos.Pcr;
-import de.fhg.aisec.ids.messages.Idscp.AttestationRepositoryRequest;
-import de.fhg.aisec.ids.messages.Idscp.ConnectorMessage;
-import java.io.IOException;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.nio.charset.StandardCharsets;
-import java.nio.file.FileSystems;
-import java.nio.file.Files;
-import java.sql.SQLException;
-import java.util.Arrays;
-import java.util.List;
-import javax.net.ssl.*;
-import org.apache.camel.test.AvailablePortFinder;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/** Unit test for ratRepositoryTest */
-public class RatRepositoryTest {
-
-  private static RemoteAttestationServer ratServer;
-  private static Pcr[] values;
-  private static final int PORT = AvailablePortFinder.getNextAvailable();
-  private static final String PATH = "rat-verify";
-  private static HostnameVerifier hv;
-  private static final Logger LOG = LoggerFactory.getLogger(RatRepositoryTest.class);
-  private static final String sURL = "https://127.0.0.1:" + PORT + "/" + PATH;
-  private static final int SHA256_BYTES_LEN = 32;
-  private static final ByteString ZERO;
-  private static final ByteString FFFF;
-
-  static {
-    // Initialize example PCR constants
-    byte[] bytes = new byte[SHA256_BYTES_LEN];
-    Arrays.fill(bytes, (byte) 0x00);
-    ZERO = ByteString.copyFrom(bytes);
-    Arrays.fill(bytes, (byte) 0xff);
-    FFFF = ByteString.copyFrom(bytes);
-  }
-
-  @BeforeClass
-  public static void initRepo() {
-    ratServer = new RemoteAttestationServer("127.0.0.1", PATH, PORT);
-    ratServer.start();
-
-    // Create a trust manager that does not validate certificate chains
-    TrustManager[] trustAllCerts =
-        new TrustManager[] {
-          new X509TrustManager() {
-            public java.security.cert.X509Certificate[] getAcceptedIssuers() {
-              return null;
-            }
-
-            public void checkClientTrusted(
-                java.security.cert.X509Certificate[] certs, String authType) {}
-
-            public void checkServerTrusted(
-                java.security.cert.X509Certificate[] certs, String authType) {}
-          }
-        };
-    try {
-      SSLContext sc = SSLContext.getInstance("SSL");
-      sc.init(null, trustAllCerts, null);
-      HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
-    } catch (Exception e) {
-      System.out.println("Error" + e);
-    }
-    hv =
-        (urlHostName, session) -> {
-          System.out.println("Warning: URL Host: " + urlHostName + " vs. " + session.getPeerHost());
-          return true;
-        };
-  }
-
-  @AfterClass
-  public static void closeRepo() {
-    ratServer = null;
-  }
-
-  @Test
-  public void testURL() throws MalformedURLException {
-    assertEquals(sURL, ratServer.getURI().toURL().toString());
-  }
-
-  @Test
-  public void testDatabaseIsRunning() throws SQLException {
-    assertFalse(ratServer.getDatabase().getConnection().isClosed());
-  }
-
-  @Test
-  public void testDefaultConfiguration() throws SQLException, IOException {
-    Gson gson =
-        new GsonBuilder()
-            .registerTypeAdapter(
-                ByteString.class,
-                (JsonDeserializer<ByteString>)
-                    (json, typeOfT, context) -> {
-                      JsonObject jsonObject = json.getAsJsonObject();
-                      byte[] bytes = context.deserialize(jsonObject.get("bytes"), byte[].class);
-                      return ByteString.copyFrom(bytes);
-                    })
-            .create();
-    List<Configuration> config =
-        gson.fromJson(
-            Files.newBufferedReader(
-                FileSystems.getDefault().getPath("src/test/resources/configurationList.json"),
-                StandardCharsets.UTF_8),
-            new TypeToken<List<Configuration>>() {}.getType());
-    assertEquals(config, ratServer.getDatabase().getConfigurationList());
-  }
-
-  @Test
-  public void testBASICConfiguration() {
-    // this tests the BASIC pcr values configuration 0-10
-    long id = new java.util.Random().nextLong();
-    values = new Pcr[12];
-    for (int i = 0; i < 12; i++) {
-      values[i] = Pcr.newBuilder().setNumber(i).setValue(ZERO).build();
-    }
-    ConnectorMessage msg =
-        ConnectorMessage.newBuilder()
-            .setId(id)
-            .setType(ConnectorMessage.Type.RAT_REPO_REQUEST)
-            .setAttestationRepositoryRequest(
-                AttestationRepositoryRequest.newBuilder()
-                    .setAtype(IdsAttestationType.BASIC)
-                    .addAllPcrValues(Arrays.asList(values))
-                    .build())
-            .build();
-    ConnectorMessage result = this.send(msg);
-
-    assertNotNull(result);
-    assertEquals(id + 1, result.getId());
-    assertEquals(ConnectorMessage.Type.RAT_REPO_RESPONSE, result.getType());
-    assertEquals(IdsAttestationType.BASIC, result.getAttestationRepositoryResponse().getAtype());
-    assertTrue(result.getAttestationRepositoryResponse().getResult());
-  }
-
-  @Test
-  public void testADVANCEDConfiguration() {
-    // this tests the ADVANCED pcr values configuration in this case with 5 values: PCR0, PCR2,
-    // PCR4, PCR6, PCR8
-    long id = new java.util.Random().nextLong();
-    values = new Pcr[17];
-    for (int i = 0; i < 17; i++) {
-      values[i] = Pcr.newBuilder().setNumber(i).setValue(ZERO).build();
-    }
-    ConnectorMessage msg =
-        ConnectorMessage.newBuilder()
-            .setId(id)
-            .setType(ConnectorMessage.Type.RAT_REPO_REQUEST)
-            .setAttestationRepositoryRequest(
-                AttestationRepositoryRequest.newBuilder()
-                    .setAtype(IdsAttestationType.ADVANCED)
-                    .addAllPcrValues(Arrays.asList(values))
-                    .build())
-            .build();
-    ConnectorMessage result = this.send(msg);
-
-    assertNotNull(result);
-    assertEquals(id + 1, result.getId());
-    assertEquals(ConnectorMessage.Type.RAT_REPO_RESPONSE, result.getType());
-    assertEquals(IdsAttestationType.ADVANCED, result.getAttestationRepositoryResponse().getAtype());
-    assertTrue(result.getAttestationRepositoryResponse().getResult());
-  }
-
-  @Test
-  public void testInvalidALLConfiguration() {
-    // this tests ALL pcr values
-    long id = new java.util.Random().nextLong();
-    values = new Pcr[24];
-    for (int i = 0; i < 24; i++) {
-      values[i] = Pcr.newBuilder().setNumber(i).setValue(ZERO).build();
-    }
-    ConnectorMessage msg =
-        ConnectorMessage.newBuilder()
-            .setId(id)
-            .setType(ConnectorMessage.Type.RAT_REPO_REQUEST)
-            .setAttestationRepositoryRequest(
-                AttestationRepositoryRequest.newBuilder()
-                    .setAtype(IdsAttestationType.ALL)
-                    .addAllPcrValues(Arrays.asList(values))
-                    .build())
-            .build();
-    ConnectorMessage result = this.send(msg);
-
-    assertNotNull(result);
-    assertEquals(id + 1, result.getId());
-    assertEquals(ConnectorMessage.Type.RAT_REPO_RESPONSE, result.getType());
-    assertEquals(IdsAttestationType.ALL, result.getAttestationRepositoryResponse().getAtype());
-    assertFalse(result.getAttestationRepositoryResponse().getResult());
-  }
-
-  @Test
-  public void testValidALLConfiguration() {
-    // this tests ALL pcr values
-    int numAll = 24;
-    long id = new java.util.Random().nextLong();
-    values = new Pcr[numAll];
-    for (int i = 0; i < numAll; i++) {
-      if (i < 17 || i == numAll - 1) {
-        values[i] = Pcr.newBuilder().setNumber(i).setValue(ZERO).build();
-      } else {
-        values[i] = Pcr.newBuilder().setNumber(i).setValue(FFFF).build();
-      }
-    }
-    ConnectorMessage msg =
-        ConnectorMessage.newBuilder()
-            .setId(id)
-            .setType(ConnectorMessage.Type.RAT_REPO_REQUEST)
-            .setAttestationRepositoryRequest(
-                AttestationRepositoryRequest.newBuilder()
-                    .setAtype(IdsAttestationType.ALL)
-                    .addAllPcrValues(Arrays.asList(values))
-                    .build())
-            .build();
-    ConnectorMessage result = this.send(msg);
-
-    assertNotNull(result);
-    assertEquals(id + 1, result.getId());
-    assertEquals(ConnectorMessage.Type.RAT_REPO_RESPONSE, result.getType());
-    assertEquals(IdsAttestationType.ALL, result.getAttestationRepositoryResponse().getAtype());
-    assertTrue(result.getAttestationRepositoryResponse().getResult());
-  }
-
-  private ConnectorMessage send(ConnectorMessage msg) {
-    try {
-      HttpsURLConnection urlc = (HttpsURLConnection) new URL(sURL).openConnection();
-      urlc.setHostnameVerifier(hv);
-      urlc.setDoInput(true);
-      urlc.setDoOutput(true);
-      urlc.setRequestMethod("POST");
-      urlc.setRequestProperty("Accept", "application/x-protobuf");
-      urlc.setRequestProperty("Content-Type", "application/x-protobuf");
-      msg.writeTo(urlc.getOutputStream());
-      LOG.debug(
-          "\n######################################\n"
-              + msg.toString()
-              + "######################################\n");
-      ConnectorMessage result =
-          ConnectorMessage.newBuilder().mergeFrom(urlc.getInputStream()).build();
-      LOG.debug(
-          "\n######################################\n"
-              + result.toString()
-              + "######################################\n");
-      return result;
-    } catch (Exception e) {
-      LOG.debug("Exception : " + e.toString());
-    }
-    return null;
-  }
-}
diff --git a/rat-repository/src/test/resources/configurationList.json b/rat-repository/src/test/resources/configurationList.json
deleted file mode 100644
index 22387541a..000000000
--- a/rat-repository/src/test/resources/configurationList.json
+++ /dev/null
@@ -1 +0,0 @@
-[{"id":1,"name":"default_basic","type":"BASIC","values":[{"bitField0_":3,"number_":0,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":1,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":2,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":3,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":4,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":5,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":6,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":7,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":8,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":9,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":10,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0}]},{"id":2,"name":"default_advanced","type":"ADVANCED","values":[{"bitField0_":3,"number_":0,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":1,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":2,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":3,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":4,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":5,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":6,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":7,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":8,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":9,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":10,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":11,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":12,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":13,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":14,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":15,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":16,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0}]},{"id":3,"name":"default_all","type":"ALL","values":[{"bitField0_":3,"number_":0,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":1,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":2,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":3,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":4,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":5,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":6,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":7,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":8,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":9,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":10,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":11,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":12,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":13,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":14,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":15,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":16,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":17,"value_":{"bytes":[-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":18,"value_":{"bytes":[-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":19,"value_":{"bytes":[-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":20,"value_":{"bytes":[-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":21,"value_":{"bytes":[-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":22,"value_":{"bytes":[-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0},{"bitField0_":3,"number_":23,"value_":{"bytes":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"hash":0},"memoizedIsInitialized":1,"unknownFields":{"fields":{}},"memoizedSize":-1,"memoizedHashCode":0}]}]
\ No newline at end of file
diff --git a/rat-repository/src/test/resources/log4j2.xml b/rat-repository/src/test/resources/log4j2.xml
deleted file mode 100644
index 251443db3..000000000
--- a/rat-repository/src/test/resources/log4j2.xml
+++ /dev/null
@@ -1,37 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-  ========================LICENSE_START=================================
-  rat-repository
-  %%
-  Copyright (C) 2017 Fraunhofer AISEC
-  %%
-  Licensed under the Apache License, Version 2.0 (the "License");
-  you may not use this file except in compliance with the License.
-  You may obtain a copy of the License at
-  
-       http://www.apache.org/licenses/LICENSE-2.0
-  
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
-  =========================LICENSE_END==================================
-  -->
-
-<Configuration package="log4j.test"
-status="WARN">
-<Appenders>
-    <Console name="Console" target="SYSTEM_OUT">
-        <PatternLayout pattern="%d{HH:mm:ss.SSS} [%t] %-5level %logger{36} - %msg%n"/>
-    </Console>
-</Appenders>
-<Loggers>
-    <Logger name="log4j.test.Log4jTest" level="trace">
-        <AppenderRef ref="Console"/>
-    </Logger>
-    <Root level="trace">
-        <AppenderRef ref="Console"/>
-    </Root>
-</Loggers>
-</Configuration>
diff --git a/settings.gradle b/settings.gradle
deleted file mode 100644
index 3a49b1a8c..000000000
--- a/settings.gradle
+++ /dev/null
@@ -1,29 +0,0 @@
-rootProject.name = 'trusted-connector-core'
-
-include ':camel-ids'
-include ':camel-idscp2'
-include ':camel-idscp2-osgi'
-include ':camel-influxdb'
-include ':camel-multipart-processor'
-include ':cxf-jaxws-patch'
-include ':examples'
-include ':ids-acme'
-include ':ids-api'
-include ':ids-comm'
-include ':ids-container-manager'
-include ':ids-dataflow-control'
-include ':ids-dynamic-tls'
-include ':ids-endpoint-config'
-include ':ids-infomodel-manager'
-include ':ids-route-manager'
-include ':ids-settings'
-include ':ids-token-manager'
-include ':ids-webconsole'
-include ':idscp2'
-include ':idscp2-app-layer'
-include ':javax-xml-bind-patch'
-include ':jnr-unixsocket-wrapper'
-include ':jsonwebtoken-wrapper'
-include ':karaf-assembly'
-include ':karaf-features-ids'
-include ':rat-repository'
diff --git a/settings.gradle.kts b/settings.gradle.kts
new file mode 100644
index 000000000..d670d4883
--- /dev/null
+++ b/settings.gradle.kts
@@ -0,0 +1,21 @@
+rootProject.name = "trusted-connector-core"
+
+include(":camel-idscp2-osgi")
+include(":camel-influxdb")
+include(":camel-multipart-processor")
+include(":cxf-jaxws-patch")
+include(":examples")
+include(":ids-acme")
+include(":ids-api")
+include(":ids-container-manager")
+include(":ids-dataflow-control")
+include(":ids-dynamic-tls")
+include(":ids-endpoint-config")
+include(":ids-infomodel-manager")
+include(":ids-route-manager")
+include(":ids-settings")
+include(":ids-token-manager")
+include(":ids-webconsole")
+include(":jnr-unixsocket-wrapper")
+include(":karaf-assembly")
+include(":karaf-features-ids")

From a0a64974941201a3c4e7c069f34dbd6f2df0a387 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 11 Mar 2021 11:48:16 +0100
Subject: [PATCH 225/237] Disabled mavenLocal

---
 build.gradle.kts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index 9381970d0..ef2f98ddc 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -45,7 +45,7 @@ allprojects {
 subprojects {
     repositories {
         mavenCentral()
-        mavenLocal()
+//        mavenLocal()
 
         // References IAIS repository that contains the infomodel artifacts
         maven("https://maven.iais.fraunhofer.de/artifactory/eis-ids-public/")

From 2933fe0323f9f01ef5453617875ab7edf73ff726 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 12 Mar 2021 12:45:39 +0100
Subject: [PATCH 226/237] Fully migrated to Gradle Kotlin DSL, minor fixes

---
 build.gradle.kts                              |  15 +-
 camel-idscp2-osgi/build.gradle.kts            |   2 +-
 camel-influxdb/build.gradle.kts               |   2 +-
 camel-multipart-processor/build.gradle.kts    |   2 +-
 cxf-jaxws-patch/build.gradle                  |   3 -
 cxf-jaxws-patch/build.gradle.kts              |   6 +
 .../docker-compose.yaml                       |   2 +-
 ...lloop.xml => example-idscp2-localloop.xml} |   0
 ids-acme/build.gradle.kts                     |   2 +-
 ids-api/build.gradle                          |  37 -----
 ids-api/build.gradle.kts                      |  47 ++++++
 ids-container-manager/build.gradle            |  37 -----
 ids-container-manager/build.gradle.kts        |  51 ++++++
 ids-dataflow-control/build.gradle.kts         |   3 +-
 ids-dynamic-tls/build.gradle                  |   7 -
 ids-dynamic-tls/build.gradle.kts              |  10 ++
 ids-endpoint-config/build.gradle              |  11 --
 ids-endpoint-config/build.gradle.kts          |  11 ++
 ids-infomodel-manager/build.gradle.kts        |   4 +-
 ids-route-manager/build.gradle.kts            |   3 +-
 ids-settings/build.gradle.kts                 |   2 +-
 ids-token-manager/build.gradle.kts            |   2 +-
 ids-webconsole/build.gradle                   | 137 ----------------
 ids-webconsole/build.gradle.kts               | 150 ++++++++++++++++++
 jnr-unixsocket-wrapper/build.gradle           |   6 -
 jnr-unixsocket-wrapper/build.gradle.kts       |   9 ++
 karaf-assembly/build.gradle                   | 105 ------------
 karaf-assembly/build.gradle.kts               | 127 +++++++++++++++
 karaf-features-ids/build.gradle               | 113 -------------
 karaf-features-ids/build.gradle.kts           | 122 ++++++++++++++
 libraryVersions.yaml                          |   2 +
 31 files changed, 559 insertions(+), 471 deletions(-)
 delete mode 100644 cxf-jaxws-patch/build.gradle
 create mode 100644 cxf-jaxws-patch/build.gradle.kts
 rename examples/example-getting-started/{example-idscp-localloop.xml => example-idscp2-localloop.xml} (100%)
 delete mode 100644 ids-api/build.gradle
 create mode 100644 ids-api/build.gradle.kts
 delete mode 100644 ids-container-manager/build.gradle
 create mode 100644 ids-container-manager/build.gradle.kts
 delete mode 100644 ids-dynamic-tls/build.gradle
 create mode 100644 ids-dynamic-tls/build.gradle.kts
 delete mode 100644 ids-endpoint-config/build.gradle
 create mode 100644 ids-endpoint-config/build.gradle.kts
 delete mode 100644 ids-webconsole/build.gradle
 create mode 100644 ids-webconsole/build.gradle.kts
 delete mode 100644 jnr-unixsocket-wrapper/build.gradle
 create mode 100644 jnr-unixsocket-wrapper/build.gradle.kts
 delete mode 100644 karaf-assembly/build.gradle
 create mode 100644 karaf-assembly/build.gradle.kts
 delete mode 100644 karaf-features-ids/build.gradle
 create mode 100644 karaf-features-ids/build.gradle.kts

diff --git a/build.gradle.kts b/build.gradle.kts
index ef2f98ddc..72b3d59a4 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -16,14 +16,11 @@ plugins {
     java
     maven
     id("com.google.protobuf") version "0.8.15"
-    id("com.moowork.node") version "1.3.1"
     // WARNING: Versions 5.2.x onwards export java.* packages, which is not allowed in Felix OSGi Resolver!
     // See http://karaf.922171.n3.nabble.com/Manifest-import-problems-td4059042.html
     id("biz.aQute.bnd") version "5.1.2" apply false
-    id("com.github.lburgazzoli.karaf") version "0.5.1"
     id("org.jetbrains.kotlin.jvm") version "1.4.31"
     id("com.github.jlouns.cpe") version "0.5.0"
-    id("com.benjaminsproule.swagger") version "1.0.14"
     id("com.diffplug.spotless") version "5.11.0"
     id("com.github.jk1.dependency-license-report") version "1.16"
 }
@@ -42,6 +39,18 @@ allprojects {
     version = "4.0.0"
 }
 
+tasks.clean {
+    subprojects.forEach {
+        dependsOn(it.tasks.clean)
+    }
+}
+
+tasks.build {
+    subprojects.filter { it.name == "karaf-assembly" }.forEach {
+        dependsOn(it.tasks.build)
+    }
+}
+
 subprojects {
     repositories {
         mavenCentral()
diff --git a/camel-idscp2-osgi/build.gradle.kts b/camel-idscp2-osgi/build.gradle.kts
index 8900785e8..daa9bd266 100644
--- a/camel-idscp2-osgi/build.gradle.kts
+++ b/camel-idscp2-osgi/build.gradle.kts
@@ -1,7 +1,7 @@
 import org.gradle.plugins.ide.idea.model.IdeaModel
 
 @Suppress("UNCHECKED_CAST")
-val libraryVersions = rootProject.ext.get("libraryVersions") as Map<String, String>
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
 
 description = "Camel IDSCP2 Component"
 version = libraryVersions["idscp2"] ?: error("IDSCP2 version not specified")
diff --git a/camel-influxdb/build.gradle.kts b/camel-influxdb/build.gradle.kts
index 6f7ed37a5..f19712029 100644
--- a/camel-influxdb/build.gradle.kts
+++ b/camel-influxdb/build.gradle.kts
@@ -1,5 +1,5 @@
 @Suppress("UNCHECKED_CAST")
-val libraryVersions = rootProject.ext.get("libraryVersions") as Map<String, String>
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
 
 dependencies {
     val influxFeature by configurations
diff --git a/camel-multipart-processor/build.gradle.kts b/camel-multipart-processor/build.gradle.kts
index 3229a078d..5b2eebf2c 100644
--- a/camel-multipart-processor/build.gradle.kts
+++ b/camel-multipart-processor/build.gradle.kts
@@ -1,6 +1,6 @@
 dependencies {
     @Suppress("UNCHECKED_CAST") val libraryVersions =
-            rootProject.ext.get("libraryVersions") as Map<String, String>
+            rootProject.extra.get("libraryVersions") as Map<String, String>
 
     providedByBundle(project(":ids-api")) { isTransitive = false }
 
diff --git a/cxf-jaxws-patch/build.gradle b/cxf-jaxws-patch/build.gradle
deleted file mode 100644
index 355e19e79..000000000
--- a/cxf-jaxws-patch/build.gradle
+++ /dev/null
@@ -1,3 +0,0 @@
-dependencies {
-    implementation group: 'javax.xml.ws', name: 'jaxws-api', version: libraryVersions.jaxwsApi
-}
diff --git a/cxf-jaxws-patch/build.gradle.kts b/cxf-jaxws-patch/build.gradle.kts
new file mode 100644
index 000000000..faa04f48b
--- /dev/null
+++ b/cxf-jaxws-patch/build.gradle.kts
@@ -0,0 +1,6 @@
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
+
+dependencies {
+    implementation("javax.xml.ws", "jaxws-api", libraryVersions["jaxwsApi"])
+}
diff --git a/examples/example-getting-started/docker-compose.yaml b/examples/example-getting-started/docker-compose.yaml
index 14c7af5b7..c50db6cd0 100644
--- a/examples/example-getting-started/docker-compose.yaml
+++ b/examples/example-getting-started/docker-compose.yaml
@@ -13,7 +13,7 @@ services:
       - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
       - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
-      - ./example-idscp-localloop.xml:/root/deploy/example-idscp-localloop.xml
+      - ./example-idscp2-localloop.xml:/root/deploy/example-idscp2-localloop.xml
     environment:
       - TPM_HOST=ids-tpmsim
     ports:
diff --git a/examples/example-getting-started/example-idscp-localloop.xml b/examples/example-getting-started/example-idscp2-localloop.xml
similarity index 100%
rename from examples/example-getting-started/example-idscp-localloop.xml
rename to examples/example-getting-started/example-idscp2-localloop.xml
diff --git a/ids-acme/build.gradle.kts b/ids-acme/build.gradle.kts
index f8ad8680f..cfc2a0b97 100644
--- a/ids-acme/build.gradle.kts
+++ b/ids-acme/build.gradle.kts
@@ -1,6 +1,6 @@
 dependencies {
     @Suppress("UNCHECKED_CAST") val libraryVersions =
-            rootProject.ext.get("libraryVersions") as Map<String, String>
+            rootProject.extra.get("libraryVersions") as Map<String, String>
 
     providedByBundle(project(":ids-api")) { isTransitive = false }
 
diff --git a/ids-api/build.gradle b/ids-api/build.gradle
deleted file mode 100644
index 10d8fecd0..000000000
--- a/ids-api/build.gradle
+++ /dev/null
@@ -1,37 +0,0 @@
-apply plugin: 'com.google.protobuf'
-apply plugin: 'idea'
-
-protobuf {
-    generatedFilesBaseDir = "$projectDir/generated"
-}
-
-clean {
-    delete protobuf.generatedFilesBaseDir
-}
-// Sometimes required to fix an error caused by a non-existing folder
-clean.doLast {
-    mkdir("${project.buildDir}/classes/kotlin/main")
-}
-
-idea {
-  module {
-    // mark as generated sources for IDEA
-    generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")
-  }
-}
-
-dependencies {
-    providedByBundle group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
-
-    providedByBundle group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version: libraryVersions.jackson
-
-    publishCompile group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
-
-    // Actual implementation must be provided by ids-infomodel-manager
-    publishCompile group: 'de.fraunhofer.iais.eis.ids.infomodel', name: 'java', version: libraryVersions.infomodel
-
-    publishCompile group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
-
-    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-}
diff --git a/ids-api/build.gradle.kts b/ids-api/build.gradle.kts
new file mode 100644
index 000000000..78836c855
--- /dev/null
+++ b/ids-api/build.gradle.kts
@@ -0,0 +1,47 @@
+import com.google.protobuf.gradle.protobuf
+import org.gradle.plugins.ide.idea.model.IdeaModel
+
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
+
+apply(plugin = "com.google.protobuf")
+apply(plugin = "idea")
+
+val protobufGeneratedDir = "$projectDir/generated"
+
+protobuf {
+    generatedFilesBaseDir = protobufGeneratedDir
+}
+
+tasks.named("clean") {
+    doFirst {
+        delete(protobufGeneratedDir)
+    }
+    // Sometimes required to fix an error caused by a non-existing folder
+    doLast {
+        mkdir("${project.buildDir}/classes/kotlin/main")
+    }
+}
+
+configure<IdeaModel> {
+    module {
+        // mark as generated sources for IDEA
+        generatedSourceDirs.add(File("${protobufGeneratedDir}/main/java"))
+    }
+}
+
+dependencies {
+    providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
+
+    providedByBundle("com.fasterxml.jackson.core", "jackson-annotations", libraryVersions["jackson"])
+
+    publishCompile("org.checkerframework", "checker-qual", libraryVersions["checkerQual"])
+
+    // Actual implementation must be provided by ids-infomodel-manager
+    publishCompile("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
+
+    publishCompile("org.apache.camel", "camel-core", libraryVersions["camel"])
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+}
diff --git a/ids-container-manager/build.gradle b/ids-container-manager/build.gradle
deleted file mode 100644
index af8f3ca97..000000000
--- a/ids-container-manager/build.gradle
+++ /dev/null
@@ -1,37 +0,0 @@
-apply plugin: 'com.google.protobuf'
-apply plugin: 'idea'
-
-protobuf {
-    generatedFilesBaseDir = "$projectDir/generated"
-}
-
-clean {
-    delete protobuf.generatedFilesBaseDir
-}
-
-idea {
-    module {
-        // mark as generated sources for IDEA
-        generatedSourceDirs += file("${protobuf.generatedFilesBaseDir}/main/java")
-    }
-}
-
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-
-    // Provided dependency of docker-java-api
-    providedByBundle group: 'org.glassfish', name: 'javax.json', version: libraryVersions.javaxJson
-    // Required until our library PR has been accepted
-    providedByBundle(group: 'com.amihaiemil.web', name: 'docker-java-api', version: libraryVersions.dockerJavaApi) {
-        exclude group: 'com.github.jnr', module: 'jnr-unixsocket'
-    }
-
-    compileOnly project(":jnr-unixsocket-wrapper")
-
-    providedByBundle group: 'com.google.protobuf', name: 'protobuf-java', version: libraryVersions.protobuf
-
-    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-
-    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-}
diff --git a/ids-container-manager/build.gradle.kts b/ids-container-manager/build.gradle.kts
new file mode 100644
index 000000000..f53746183
--- /dev/null
+++ b/ids-container-manager/build.gradle.kts
@@ -0,0 +1,51 @@
+import com.google.protobuf.gradle.protobuf
+import org.gradle.plugins.ide.idea.model.IdeaModel
+
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
+
+apply(plugin = "com.google.protobuf")
+apply(plugin = "idea")
+
+val protobufGeneratedDir = "$projectDir/generated"
+
+protobuf {
+    generatedFilesBaseDir = protobufGeneratedDir
+}
+
+tasks.named("clean") {
+    doFirst {
+        delete(protobufGeneratedDir)
+    }
+    // Sometimes required to fix an error caused by a non-existing folder
+    doLast {
+        mkdir("${project.buildDir}/classes/kotlin/main")
+    }
+}
+
+configure<IdeaModel> {
+    module {
+        // mark as generated sources for IDEA
+        generatedSourceDirs.add(File("${protobufGeneratedDir}/main/java"))
+    }
+}
+
+dependencies {
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+
+    // Provided dependency of docker-java-api
+    providedByBundle("org.glassfish", "javax.json", libraryVersions["javaxJson"])
+    // Required until our library PR has been accepted
+    providedByBundle("com.amihaiemil.web", "docker-java-api", libraryVersions["dockerJavaApi"]) {
+        exclude("com.github.jnr", "jnr-unixsocket")
+    }
+
+    compileOnly(project(":jnr-unixsocket-wrapper"))
+
+    providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
+
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+}
diff --git a/ids-dataflow-control/build.gradle.kts b/ids-dataflow-control/build.gradle.kts
index 50d1d6dce..610ecd901 100644
--- a/ids-dataflow-control/build.gradle.kts
+++ b/ids-dataflow-control/build.gradle.kts
@@ -2,13 +2,12 @@ description = "Camel IDS Component"
 
 dependencies {
     @Suppress("UNCHECKED_CAST") val libraryVersions =
-            rootProject.ext.get("libraryVersions") as Map<String, String>
+            rootProject.extra.get("libraryVersions") as Map<String, String>
 
     providedByBundle(project(":ids-api")) { isTransitive = false }
 
     providedByBundle("com.google.guava", "guava", libraryVersions["guava"])
 
-//    providedByBundle("it.unibo.alice.tuprolog", "tuprolog", libraryVersions["tuprolog"])
     implementation("it.unibo.alice.tuprolog", "2p-core", libraryVersions["2p"])
     implementation("it.unibo.alice.tuprolog", "2p-parser", libraryVersions["2p"])
 //    implementation("it.unibo.alice.tuprolog", "2p-presentation", libraryVersions["2p"])
diff --git a/ids-dynamic-tls/build.gradle b/ids-dynamic-tls/build.gradle
deleted file mode 100644
index 93e35455b..000000000
--- a/ids-dynamic-tls/build.gradle
+++ /dev/null
@@ -1,7 +0,0 @@
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-
-    osgiCore group: 'org.osgi', name: 'org.osgi.core', version: libraryVersions.osgi
-
-    providedByFeature group: 'org.eclipse.jetty', name: 'jetty-util', version: libraryVersions.jetty
-}
diff --git a/ids-dynamic-tls/build.gradle.kts b/ids-dynamic-tls/build.gradle.kts
new file mode 100644
index 000000000..e5e6bb3c5
--- /dev/null
+++ b/ids-dynamic-tls/build.gradle.kts
@@ -0,0 +1,10 @@
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
+
+dependencies {
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+
+    osgiCore("org.osgi", "org.osgi.core", libraryVersions["osgi"])
+
+    providedByFeature("org.eclipse.jetty", "jetty-util", libraryVersions["jetty"])
+}
diff --git a/ids-endpoint-config/build.gradle b/ids-endpoint-config/build.gradle
deleted file mode 100644
index fa2ef315e..000000000
--- a/ids-endpoint-config/build.gradle
+++ /dev/null
@@ -1,11 +0,0 @@
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-
-    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-
-    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-}
-
-
-
diff --git a/ids-endpoint-config/build.gradle.kts b/ids-endpoint-config/build.gradle.kts
new file mode 100644
index 000000000..1799fe472
--- /dev/null
+++ b/ids-endpoint-config/build.gradle.kts
@@ -0,0 +1,11 @@
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
+
+dependencies {
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+}
diff --git a/ids-infomodel-manager/build.gradle.kts b/ids-infomodel-manager/build.gradle.kts
index 25a498c9b..65e5c4f76 100644
--- a/ids-infomodel-manager/build.gradle.kts
+++ b/ids-infomodel-manager/build.gradle.kts
@@ -4,8 +4,8 @@ plugins {
     id("com.github.gmazzo.buildconfig") version "2.0.2"
 }
 
-@Suppress("UNCHECKED_CAST") val libraryVersions =
-        rootProject.ext.get("libraryVersions") as Map<String, String>
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
 
 apply(plugin = "idea")
 
diff --git a/ids-route-manager/build.gradle.kts b/ids-route-manager/build.gradle.kts
index c831a33ea..7e841c94c 100644
--- a/ids-route-manager/build.gradle.kts
+++ b/ids-route-manager/build.gradle.kts
@@ -1,11 +1,12 @@
 dependencies {
     @Suppress("UNCHECKED_CAST") val libraryVersions =
-            rootProject.ext.get("libraryVersions") as Map<String, String>
+            rootProject.extra.get("libraryVersions") as Map<String, String>
 
     providedByBundle(project(":ids-api")) { isTransitive = false }
 
     implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
 
+    providedByFeature("javax.xml.bind", "jaxb-api", libraryVersions["jaxb"])
     providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
     providedByFeature("org.apache.camel", "camel-management", libraryVersions["camel"])
 
diff --git a/ids-settings/build.gradle.kts b/ids-settings/build.gradle.kts
index c355f44c6..608e13049 100644
--- a/ids-settings/build.gradle.kts
+++ b/ids-settings/build.gradle.kts
@@ -1,5 +1,5 @@
 @Suppress("UNCHECKED_CAST")
-val libraryVersions = rootProject.ext.get("libraryVersions") as Map<String, String>
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
 
 dependencies {
     infomodelBundle(project(":ids-api")) { isTransitive = false }
diff --git a/ids-token-manager/build.gradle.kts b/ids-token-manager/build.gradle.kts
index 79d914291..056d6ef6d 100644
--- a/ids-token-manager/build.gradle.kts
+++ b/ids-token-manager/build.gradle.kts
@@ -1,5 +1,5 @@
 @Suppress("UNCHECKED_CAST")
-val libraryVersions = rootProject.ext.get("libraryVersions") as Map<String, String>
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
 
 dependencies {
     providedByBundle(project(":ids-api")) { isTransitive = false }
diff --git a/ids-webconsole/build.gradle b/ids-webconsole/build.gradle
deleted file mode 100644
index 0c1e9dea7..000000000
--- a/ids-webconsole/build.gradle
+++ /dev/null
@@ -1,137 +0,0 @@
-apply plugin: 'com.moowork.node'
-apply plugin: 'com.benjaminsproule.swagger'
-
-description = 'IDS Core Platform Webconsole'
-
-sourceSets {
-    main {
-        // only include the OSGI blueprint and the built angular app
-        resources {
-            include 'OSGI-INF/blueprint/*'
-        }
-    }
-}
-
-swagger {    
-    apiSource {
-        springmvc = false
-        locations = [ 'de.fhg.aisec.ids.webconsole.api' ]
-        schemes = ['http']
-        host = 'localhost:8181'
-        basePath = '/'
-        info {
-            title = 'Trusted Connector API'
-            version = project.version
-            license {
-                url = 'http://www.apache.org/licenses/LICENSE-2.0.html'
-                name = 'Apache 2.0'
-            }
-            description ='''This is the administrative REST API of the Trusted Connector.
-
-The API provides an administrative interface to manage the Trusted Connector at runtime
-and is used by the default administration dashboard ("web console").
-'''
-        }
-        swaggerDirectory = "${project.projectDir}/generated/swagger-ui"
-        outputFormats = ['json','yaml']
-        securityDefinition {
-            // `name` can be used refer to this security schemes from elsewhere
-            name = 'oauth2'
-            type = 'oauth2'
-            // The flow used by the OAuth2 security scheme
-            flow = 'password'
-            tokenUrl = 'https://localhost:8181/user/login'
-            scope {
-                name = 'write:api'
-                description = 'Read and write access to the API'
-            }
-        }        
-        /* the plugin could theoretically also generate the html files, however it currently only allows 
-        for the generation of html OR swagger.json, not both. Therefore we still need to use spectacle using yarn */
-        // templatePath = "${project.projectDir}/src/test/resources/strapdown.html.hbs"
-        // outputPath = "${project.projectDir}/generated/document.html"   
-    }
-}
-
-dependencies {
-    providedByBundle(project(':ids-api')) { transitive = false }
-
-    // Actual implementation must be provided by ids-infomodel-manager
-    compileOnly group: 'de.fraunhofer.iais.eis.ids.infomodel', name: 'java', version: libraryVersions.infomodel
-
-    providedByFeature group: 'javax.servlet', name: 'javax.servlet-api', version: libraryVersions.javaxServlet
-
-    providedByFeature group: 'org.apache.camel', name: 'camel-core', version: libraryVersions.camel
-
-    providedByFeature group: 'org.apache.cxf', name: 'cxf-rt-frontend-jaxrs', version: libraryVersions.cxf
-    providedByFeature group: 'org.apache.cxf', name: 'cxf-rt-rs-extension-providers', version: libraryVersions.cxf
-
-    // This is required for compilation only, and provided by karaf automatically, likely by some included feature
-    compileOnly group: 'javax.ws.rs', name: 'javax.ws.rs-api', version: libraryVersions.wsRsApi
-
-    compileOnly group: 'org.checkerframework', name: 'checker-qual', version: libraryVersions.checkerQual
-
-    // use our specified version of jackson instead of the cxf-jackson feature
-    providedByBundle group: 'com.fasterxml.jackson.core', name: 'jackson-core', version: libraryVersions.jackson
-    providedByBundle group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: libraryVersions.jackson
-    providedByBundle group: 'com.fasterxml.jackson.core', name: 'jackson-annotations', version: libraryVersions.jackson
-    providedByBundle group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-yaml', version: libraryVersions.jackson
-    providedByBundle group: 'com.fasterxml.jackson.jaxrs', name: 'jackson-jaxrs-json-provider', version: libraryVersions.jackson
-
-    providedByBundle group: 'org.bitbucket.b_c', name: 'jose4j', version: libraryVersions.jose4j
-    implementation group: 'com.auth0', name: 'java-jwt', version: libraryVersions.auth0Jwt
-    osgiCore group: 'org.apache.felix', name: 'org.apache.felix.framework', version: libraryVersions.felixFramework
-    osgiCore group: 'org.osgi', name: 'osgi.cmpn', version: libraryVersions.osgiCompendium
-
-    compileOnly group: 'io.swagger', name: 'swagger-jaxrs', version: libraryVersions.swagger
-
-    testImplementation group: 'junit', name: 'junit', version: libraryVersions.junit4
-    testImplementation group: 'org.mockito', name: 'mockito-core', version: libraryVersions.mockito
-
-    testImplementation group: 'org.apache.cxf', name: 'cxf-rt-transports-local', version: libraryVersions.cxf
-    testImplementation group: 'org.apache.cxf', name: 'cxf-rt-rs-client', version: libraryVersions.cxf
-}
-
-task yarnInstall(type: YarnTask) {
-    inputs.file('src/main/resources/www/package.json').withPathSensitivity(PathSensitivity.RELATIVE)
-    inputs.file('src/main/resources/www/yarn.lock').withPathSensitivity(PathSensitivity.RELATIVE)
-    outputs.dir('src/main/resources/www/node_modules')
-    outputs.cacheIf { true }
-
-    workingDir = file('src/main/resources/www')
-    args = ['install', '--ignore-optional']
-}
-
-task yarnBuild(type: YarnTask) {
-    inputs.file('src/main/resources/www/package.json').withPathSensitivity(PathSensitivity.RELATIVE)
-    inputs.file('src/main/resources/www/yarn.lock').withPathSensitivity(PathSensitivity.RELATIVE)
-    inputs.file('src/main/resources/www/angular.json').withPathSensitivity(PathSensitivity.RELATIVE)
-    inputs.dir('src/main/resources/www/src').withPathSensitivity(PathSensitivity.RELATIVE)
-    outputs.dir('build/resources/main/www')
-    outputs.cacheIf { true }
-    
-    workingDir = file('src/main/resources/www')
-    args = ['bundle']
-    onlyIf { !rootProject.hasProperty("skipAngular") }
-}
-
-task yarnLint(type: YarnTask) {
-    inputs.file('src/main/resources/www/package.json').withPathSensitivity(PathSensitivity.RELATIVE)
-    inputs.file('src/main/resources/www/yarn.lock').withPathSensitivity(PathSensitivity.RELATIVE)
-    inputs.file('src/main/resources/www/tslint.json').withPathSensitivity(PathSensitivity.RELATIVE)
-    inputs.dir('src/main/resources/www/src').withPathSensitivity(PathSensitivity.RELATIVE)
-    outputs.upToDateWhen { true }
-    outputs.cacheIf { true }
-    
-    workingDir = file('src/main/resources/www')
-    args = ['lint']
-    onlyIf { !rootProject.hasProperty("skipAngular") }
-}
-
-yarnBuild.dependsOn(yarnLint)
-
-// make sure, yarn install is executed first
-yarnBuild.dependsOn(yarnInstall)
-
-processResources.dependsOn(yarnBuild)
-
diff --git a/ids-webconsole/build.gradle.kts b/ids-webconsole/build.gradle.kts
new file mode 100644
index 000000000..6f187fb38
--- /dev/null
+++ b/ids-webconsole/build.gradle.kts
@@ -0,0 +1,150 @@
+import com.benjaminsproule.swagger.gradleplugin.model.*
+import com.github.gradle.node.yarn.task.YarnTask
+
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
+
+plugins {
+    id("com.github.node-gradle.node") version "3.0.1"
+    id("com.benjaminsproule.swagger") version "1.0.14"
+}
+
+description = "IDS Core Platform Webconsole"
+
+sourceSets {
+    main {
+        // only include the OSGI blueprint and the built angular app
+        resources {
+            include("OSGI-INF/blueprint/*")
+        }
+    }
+}
+
+swagger {
+    apiSource(closureOf<ApiSourceExtension> {
+        springmvc = false
+        locations = listOf("de.fhg.aisec.ids.webconsole.api")
+        schemes = listOf("http")
+        host = "localhost:8181"
+        basePath = "/"
+        info(closureOf<InfoExtension> {
+            title = "Trusted Connector API"
+            version = project.version as String
+            license(closureOf<LicenseExtension> {
+                url = "http://www.apache.org/licenses/LICENSE-2.0.html"
+                name = "Apache 2.0"
+            })
+            description ="""This is the administrative REST API of the Trusted Connector.
+
+The API provides an administrative interface to manage the Trusted Connector at runtime
+and is used by the default administration dashboard ("web console").
+"""
+        })
+        swaggerDirectory = "${project.projectDir}/generated/swagger-ui"
+        outputFormats = listOf("json","yaml")
+        securityDefinition(closureOf<SecurityDefinitionExtension> {
+            // `name` can be used refer to this security schemes from elsewhere
+            name = "oauth2"
+            type = "oauth2"
+            // The flow used by the OAuth2 security scheme
+            flow = "password"
+            tokenUrl = "https://localhost:8181/user/login"
+            scope(closureOf<ScopeExtension> {
+                name = "write:api"
+                description = "Read and write access to the API"
+            })
+        })
+        /* the plugin could theoretically also generate the html files, however it currently only allows 
+        for the generation of html OR swagger.json, not both. Therefore we still need to use spectacle using yarn */
+        // templatePath = "${project.projectDir}/src/test/resources/strapdown.html.hbs"
+        // outputPath = "${project.projectDir}/generated/document.html"   
+    })
+}
+
+dependencies {
+    providedByBundle(project(":ids-api")) { isTransitive = false }
+
+    // Actual implementation must be provided by ids-infomodel-manager
+    compileOnly("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
+
+    providedByFeature("javax.servlet", "javax.servlet-api", libraryVersions["javaxServlet"])
+
+    providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
+
+    providedByFeature("org.apache.cxf", "cxf-rt-frontend-jaxrs", libraryVersions["cxf"])
+    providedByFeature("org.apache.cxf", "cxf-rt-rs-extension-providers", libraryVersions["cxf"])
+
+    // This is required for compilation only, and provided by karaf automatically, likely by some included feature
+    compileOnly("javax.ws.rs", "javax.ws.rs-api", libraryVersions["wsRsApi"])
+
+    compileOnly("org.checkerframework", "checker-qual", libraryVersions["checkerQual"])
+
+    // use our specified version of jackson instead of the cxf-jackson feature
+    providedByBundle("com.fasterxml.jackson.core", "jackson-core", libraryVersions["jackson"])
+    providedByBundle("com.fasterxml.jackson.core", "jackson-databind", libraryVersions["jackson"])
+    providedByBundle("com.fasterxml.jackson.core", "jackson-annotations", libraryVersions["jackson"])
+    providedByBundle("com.fasterxml.jackson.dataformat", "jackson-dataformat-yaml", libraryVersions["jackson"])
+    providedByBundle("com.fasterxml.jackson.jaxrs", "jackson-jaxrs-json-provider", libraryVersions["jackson"])
+
+    providedByBundle("org.bitbucket.b_c", "jose4j", libraryVersions["jose4j"])
+    implementation("com.auth0", "java-jwt", libraryVersions["auth0Jwt"])
+    osgiCore("org.apache.felix", "org.apache.felix.framework", libraryVersions["felixFramework"])
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
+
+    compileOnly("io.swagger", "swagger-jaxrs", libraryVersions["swagger"])
+
+    testImplementation("junit", "junit", libraryVersions["junit4"])
+    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
+
+    testImplementation("org.apache.cxf", "cxf-rt-transports-local", libraryVersions["cxf"])
+    testImplementation("org.apache.cxf", "cxf-rt-rs-client", libraryVersions["cxf"])
+}
+
+node {
+    download.set(true)
+}
+
+val yarnInstall by tasks.registering(YarnTask::class) {
+    inputs.file("src/main/resources/www/package.json").withPathSensitivity(PathSensitivity.RELATIVE)
+    inputs.file("src/main/resources/www/yarn.lock").withPathSensitivity(PathSensitivity.RELATIVE)
+    outputs.dir("src/main/resources/www/node_modules")
+    outputs.cacheIf { true }
+
+    workingDir.set(file("src/main/resources/www"))
+    yarnCommand.set(listOf("install", "--ignore-optional"))
+    onlyIf { !rootProject.hasProperty("skipAngular") }
+}
+
+val yarnLint by tasks.registering(YarnTask::class) {
+    inputs.file("src/main/resources/www/package.json").withPathSensitivity(PathSensitivity.RELATIVE)
+    inputs.file("src/main/resources/www/yarn.lock").withPathSensitivity(PathSensitivity.RELATIVE)
+    inputs.file("src/main/resources/www/tslint.json").withPathSensitivity(PathSensitivity.RELATIVE)
+    inputs.dir("src/main/resources/www/src").withPathSensitivity(PathSensitivity.RELATIVE)
+    outputs.upToDateWhen { true }
+    outputs.cacheIf { true }
+
+    workingDir.set(file("src/main/resources/www"))
+    yarnCommand.set(listOf("lint"))
+    onlyIf { !rootProject.hasProperty("skipAngular") }
+}
+
+val yarnBuild by tasks.registering(YarnTask::class) {
+    inputs.file("src/main/resources/www/package.json").withPathSensitivity(PathSensitivity.RELATIVE)
+    inputs.file("src/main/resources/www/yarn.lock").withPathSensitivity(PathSensitivity.RELATIVE)
+    inputs.file("src/main/resources/www/angular.json").withPathSensitivity(PathSensitivity.RELATIVE)
+    inputs.dir("src/main/resources/www/src").withPathSensitivity(PathSensitivity.RELATIVE)
+    outputs.dir("build/resources/main/www")
+    outputs.cacheIf { true }
+
+    workingDir.set(file("src/main/resources/www"))
+    yarnCommand.set(listOf("bundle"))
+    onlyIf { !rootProject.hasProperty("skipAngular") }
+
+    dependsOn(yarnLint)
+    // make sure yarn install is executed first
+    dependsOn(yarnInstall)
+}
+
+tasks.named("processResources")<Task> {
+    dependsOn(yarnBuild)
+}
diff --git a/jnr-unixsocket-wrapper/build.gradle b/jnr-unixsocket-wrapper/build.gradle
deleted file mode 100644
index 9829634af..000000000
--- a/jnr-unixsocket-wrapper/build.gradle
+++ /dev/null
@@ -1,6 +0,0 @@
-dependencies {
-    implementation group: 'com.github.jnr', name: 'jnr-unixsocket', version: libraryVersions.jnrunix
-    // Only jnr-ffi is provided by bundle, because it contains native libraries
-    // Versions above 2.1.5 fail with a wiring exception for package com.github.jnr.jffi.native
-    unixSocketBundle group: 'com.github.jnr', name: 'jnr-ffi', version: libraryVersions.jnrffi
-}
\ No newline at end of file
diff --git a/jnr-unixsocket-wrapper/build.gradle.kts b/jnr-unixsocket-wrapper/build.gradle.kts
new file mode 100644
index 000000000..a135fc9e3
--- /dev/null
+++ b/jnr-unixsocket-wrapper/build.gradle.kts
@@ -0,0 +1,9 @@
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
+
+dependencies {
+    implementation("com.github.jnr", "jnr-unixsocket", libraryVersions["jnrunix"])
+    // Only jnr-ffi is provided by bundle, because it contains native libraries
+    // Versions above 2.1.5 fail with a wiring exception for package com.github.jnr.jffi.native
+    unixSocketBundle("com.github.jnr", "jnr-ffi", libraryVersions["jnrffi"])
+}
\ No newline at end of file
diff --git a/karaf-assembly/build.gradle b/karaf-assembly/build.gradle
deleted file mode 100644
index a707d0836..000000000
--- a/karaf-assembly/build.gradle
+++ /dev/null
@@ -1,105 +0,0 @@
-dependencies {
-    testImplementation(project(":ids-api")) { transitive = false }
-
-    osgiCore group: "org.apache.felix", name: "org.apache.felix.framework", version: libraryVersions.felixFramework
-    osgiCore group: "org.osgi", name: "osgi.cmpn", version: libraryVersions.osgiCompendium
-
-    testImplementation group: "org.ops4j.pax.exam", name: "pax-exam", version: libraryVersions.paxExam
-    testImplementation group: "org.ops4j.pax.exam", name: "pax-exam-junit4", version: libraryVersions.paxExam
-    testImplementation group: "org.ops4j.pax.exam", name: "pax-exam-container-karaf",
-            version: libraryVersions.paxExam
-    testImplementation group: "org.apache.karaf.itests", name: "common", version: libraryVersions.karaf
-
-    testImplementation group: "org.apache.karaf", name: "apache-karaf", version: libraryVersions.karaf, ext: "pom"
-    testImplementation group: "org.awaitility", name: "awaitility", version: libraryVersions.awaitility
-    testImplementation group: "org.apache.servicemix.bundles", name: "org.apache.servicemix.bundles.hamcrest",
-            version: libraryVersions.servicemixHamcrest
-    testImplementation group: "javax.annotation", name: "javax.annotation-api",
-            version: libraryVersions.javaxAnnotation
-}
-
-static def getBrandingAligned(String branding, String space = "\\u0020") {
-    int BRANDING_WIDTH = 84
-    def sb = new StringBuilder()
-    def spaces = (BRANDING_WIDTH - branding.length()) / 2
-    for (int i = 0; i < spaces; ++i) {
-        sb.append(space)
-    }
-    sb.append(branding)
-    return sb.toString()
-}
-
-task parsePom(type: Copy) {
-    from (project.projectDir) {
-        include "pom.template.xml"
-    }
-    expand("projectVersion": project.version, "karafVersion": libraryVersions.karaf, "paxVersion": libraryVersions.pax,
-        "brandingFirst": getBrandingAligned("Trusted Connector Console (${project.version}), " +
-                "Apache Karaf (${libraryVersions.karaf})"),
-        "brandingSecond": getBrandingAligned("Fraunhofer AISEC ${new Date()[Calendar.YEAR].toString()}"))
-    rename "pom.template.xml", "pom.xml"
-    into project.projectDir
-}
-parsePom.inputs.property("projectVersion", project.version)
-parsePom.inputs.property("karafVersion", libraryVersions.karaf)
-
-/*
-Now this is tricky. We need to build a custom distribution of karaf with a few features:
-- included ids feature
-- a bunch of configuration files in etc
-
-Since gradle still has no karaf-assembly plugin we need to do this using maven (meh!)
-*/
-task assembleKaraf(type: CrossPlatformExec) {
-    commandLine "./mvnw", "--no-transfer-progress", "clean", "package"
-}
-// Sometimes required to fix an error caused by a non-existing folder (maybe caused by mvn clean)
-mkdir("${project.buildDir}/classes/kotlin/test")
-assembleKaraf.doLast {
-    mkdir("${project.buildDir}/classes/kotlin/test")
-}
-assembleKaraf.dependsOn(parsePom)
-jar.dependsOn(assembleKaraf)
-
-// Wait for all relevant sub projects before executing assembly process
-rootProject.subprojects.findAll() {
-    if (it.name.startsWith("ids") || it.name.startsWith("camel-")
-            || it.name.endsWith("-patch") || it.name.endsWith("-wrapper")
-            || it.name == "karaf-features-ids") {
-        assembleKaraf.dependsOn(it.tasks.named("install"))
-    }
-}
-
-// The PaxExam config of KarafTestSupport requires the maven dependency meta information generated here
-task makeMavenDependencies {
-    File outputFileDir = project.file("build/classes/java/test/META-INF/maven/")
-    File outputFile = new File(outputFileDir, "dependencies.properties")
-    outputs.file(outputFile)
-
-    doFirst {
-        Properties properties = new Properties()
-
-        // information of the project itself
-        properties.setProperty("groupId", "${project.group}")
-        properties.setProperty("artifactId", project.name)
-        properties.setProperty("version", "${project.version}")
-        properties.setProperty("${project.group}/${project.name}/version", "${project.version}")
-
-        // information of all test runtime dependencies
-        project.configurations.testCompileClasspath.resolvedConfiguration.resolvedArtifacts.each {
-            final String keyBase = it.moduleVersion.id.group + "/" + it.moduleVersion.id.name
-            properties.setProperty("${keyBase}/scope", "compile")
-            properties.setProperty("${keyBase}/type", it.extension)
-            properties.setProperty("${keyBase}/version", it.moduleVersion.id.version)
-        }
-
-        outputFileDir.mkdirs()
-        new FileOutputStream(outputFile).withStream {
-            properties.store(it, "Generated from Gradle for PaxExam integration tests")
-        }
-    }
-}
-
-integrationTest.dependsOn(makeMavenDependencies)
-integrationTest.dependsOn(assembleKaraf)
-integrationTest.outputs.upToDateWhen { false }
\ No newline at end of file
diff --git a/karaf-assembly/build.gradle.kts b/karaf-assembly/build.gradle.kts
new file mode 100644
index 000000000..8c3fd107c
--- /dev/null
+++ b/karaf-assembly/build.gradle.kts
@@ -0,0 +1,127 @@
+@file:Suppress("PropertyName")
+
+import com.github.jlouns.gradle.cpe.tasks.CrossPlatformExec
+import java.util.*
+
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
+
+dependencies {
+    testImplementation(project(":ids-api")) { isTransitive = false }
+
+    osgiCore("org.apache.felix", "org.apache.felix.framework", libraryVersions["felixFramework"])
+    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
+
+    testImplementation("org.ops4j.pax.exam", "pax-exam", libraryVersions["paxExam"])
+    testImplementation("org.ops4j.pax.exam", "pax-exam-junit4", libraryVersions["paxExam"])
+    testImplementation("org.ops4j.pax.exam", "pax-exam-container-karaf", libraryVersions["paxExam"])
+    testImplementation("org.apache.karaf.itests", "common", libraryVersions["karaf"])
+
+    testImplementation("org.apache.karaf", "apache-karaf", libraryVersions["karaf"], ext = "pom")
+    testImplementation("org.awaitility", "awaitility", libraryVersions["awaitility"])
+    testImplementation("org.apache.servicemix.bundles", "org.apache.servicemix.bundles.hamcrest",
+        libraryVersions["servicemixHamcrest"])
+    testImplementation("javax.annotation", "javax.annotation-api", libraryVersions["javaxAnnotation"])
+}
+
+val BRANDING_WIDTH = 84
+
+fun getBrandingAligned(branding: String, space: String = "\\u0020"): String {
+    val sb = StringBuilder()
+    val spaces = (BRANDING_WIDTH - branding.length) / 2
+    for (i in 0 until spaces) {
+        sb.append(space)
+    }
+    sb.append(branding)
+    return sb.toString()
+}
+
+val parsePom = tasks.register<Copy>("parsePom") {
+    from(project.projectDir) {
+        include("pom.template.xml")
+    }
+    expand(
+        mapOf(
+            "projectVersion" to project.version as String,
+            "karafVersion" to libraryVersions["karaf"],
+            "paxVersion" to libraryVersions["pax"],
+            "brandingFirst" to getBrandingAligned(
+                "Trusted Connector Console (${project.version}), Apache Karaf (${libraryVersions["karaf"]})"
+            ),
+            "brandingSecond" to getBrandingAligned(
+                "Fraunhofer AISEC ${Calendar.getInstance().get(Calendar.YEAR)}"
+            )
+        )
+    )
+    rename("pom.template.xml", "pom.xml")
+    into(project.projectDir)
+
+    inputs.property("projectVersion", project.version)
+    inputs.property("karafVersion", libraryVersions["karaf"])
+}
+
+/*
+Now this is tricky. We need to build a custom distribution of karaf with a few features:
+- included ids feature
+- a bunch of configuration files in etc
+
+Since gradle still has no karaf-assembly plugin we need to do this using maven (meh!)
+*/
+val assembleKaraf by tasks.registering(CrossPlatformExec::class) {
+    commandLine(listOf("./mvnw", "--no-transfer-progress", "clean", "package"))
+    doLast {
+        mkdir("${project.buildDir}/classes/kotlin/test")
+    }
+    dependsOn(parsePom)
+    // Wait for all relevant sub projects before executing assembly process
+    rootProject.subprojects.forEach {
+        if (it.name.startsWith("ids") || it.name.startsWith("camel-")
+            || it.name.endsWith("-patch") || it.name.endsWith("-wrapper")
+            || it.name == "karaf-features-ids"
+        ) {
+            dependsOn(it.tasks.named("install"))
+        }
+    }
+}
+// Sometimes required to fix an error caused by a non-existing folder (maybe caused by mvn clean)
+mkdir("${project.buildDir}/classes/kotlin/test")
+
+tasks.named("jar") {
+    dependsOn(assembleKaraf)
+}
+
+// The PaxExam config of KarafTestSupport requires the maven dependency meta information generated here
+val makeMavenDependencies by tasks.registering {
+    val outputFileDir = project.file("build/classes/java/test/META-INF/maven/")
+    val outputFile = file(outputFileDir).resolve("dependencies.properties")
+    outputs.file(outputFile)
+
+    doFirst {
+        val properties = Properties()
+
+        // information of the project itself
+        properties.setProperty("groupId", "${project.group}")
+        properties.setProperty("artifactId", project.name)
+        properties.setProperty("version", "${project.version}")
+        properties.setProperty("${project.group}/${project.name}/version", "${project.version}")
+
+        // information of all test runtime dependencies
+        project.configurations.testCompileClasspath.get().resolvedConfiguration.resolvedArtifacts.forEach {
+            val keyBase = it.moduleVersion.id.group + "/" + it.moduleVersion.id.name
+            properties.setProperty("${keyBase}/scope", "compile")
+            properties.setProperty("${keyBase}/type", it.extension)
+            properties.setProperty("${keyBase}/version", it.moduleVersion.id.version)
+        }
+
+        outputFileDir.mkdirs()
+        outputFile.outputStream().use {
+            properties.store(it, "Generated from Gradle for PaxExam integration tests")
+        }
+    }
+}
+
+tasks.named("integrationTest") {
+    dependsOn(makeMavenDependencies)
+    dependsOn(assembleKaraf)
+    outputs.upToDateWhen { false }
+}
diff --git a/karaf-features-ids/build.gradle b/karaf-features-ids/build.gradle
deleted file mode 100644
index 9fc789d40..000000000
--- a/karaf-features-ids/build.gradle
+++ /dev/null
@@ -1,113 +0,0 @@
-apply plugin: 'com.github.lburgazzoli.karaf'
-
-description = 'IDS Karaf Feature'
-
-ext {
-    bundleDependencies = []
-    bundleConfigurations = []
-}
-
-configurations.findAll { it.name.endsWith('Bundle') }.each { project.ext.bundleConfigurations.add(it.name) }
-
-rootProject.subprojects.findAll { it.name.matches("(^camel-.*|ids-.*|.*-(patch|wrapper)\$)") }.each { p ->
-    Boolean included = false
-    // Include each sub-project declaring dependencies with a configuration ending on "Bundle",
-    // using exactly that configuration for the dependency itself and selection of additional recursive dependencies.
-    p.configurations.findAll { it.name.endsWith("Bundle") || it.name.endsWith("Feature") }.each { c ->
-        // Resolve the configuration to obtain dependencies
-        c.resolve()
-        if (c.dependencies.size() > 0) {
-            included = true
-            project.ext.bundleDependencies.add([configuration: c.name, subproject: p.name])
-        }
-    }
-    // If project has not been included, include it using "providedByBundle"
-    if (!included) {
-        project.ext.bundleDependencies.add([configuration: 'providedByBundle', subproject: p.name])
-    }
-}
-
-dependencies {
-    // Include the dependencies calculated above
-    project.ext.bundleDependencies.each {
-        add("$it.configuration", project(path: ":$it.subproject", configuration: it.configuration))
-    }
-    zmqFeature group: 'org.apache-extras.camel-extra', name: 'camel-zeromq', version: libraryVersions.camelZeroMQ
-    providedByBundle group: 'org.jetbrains.kotlin', name: 'kotlin-osgi-bundle', version: libraryVersions.kotlin
-    providedByBundle("jakarta.activation:jakarta.activation-api:1.2.2")
-}
-
-karaf {
-    features {
-        xsdVersion  = '1.3.0'
-        // it seems to be best practice to include the version in the feature repository as well
-        name = "ids-${project.version}"
-        version = project.version
-
-        // the camel repository
-        repository "mvn:org.apache.camel.karaf/apache-camel/${libraryVersions.camel}/xml/features"
-
-        // include cxf repository, since the camel one is slightly outdated
-//        repository "mvn:org.apache.cxf.karaf/apache-cxf/${libraryVersions.cxf}/xml/features"
-        
-        feature {
-            name = 'ids'
-            description = 'IDS Feature'
-
-            // only specifiy the dependencies that will be provided by bundles, the rest will be specified via features
-            configurations(*project.ext.bundleConfigurations)
-
-            // standard feature, but we need to explicitly state it here so that it gets installed in our bare Karaf
-            feature 'jetty'
-
-            // CXF for REST APIs
-            feature 'cxf-jaxrs'
-            feature 'cxf-jackson'
-
-            // CXF commands for the shell
-            /*
-             Notice: This should actually be a conditional dependency, only if shell is available.
-             however the karaf assemble plugin does not seem to resolve these conditions during packaging.
-            */
-            feature 'cxf-commands'
-
-		    // For Web Application Bundles, such as our WebConsole
-            feature 'war'
-
-            // Features for Apache Camel routing
-            feature 'camel-jackson'
-            feature 'camel-milo'
-            feature 'camel-cxf'
-            feature 'camel-ahc'
-            feature 'camel-http'
-            feature 'camel-jetty'
-            feature 'camel-paho'
-            //feature 'camel-mqtt'
-            feature 'camel-jsonpath'
-            feature 'camel-csv'
-
-            // start our bundles a lit bit later
-            bundle ('de.fhg.aisec.ids') {
-                attribute 'start-level', '90'
-            }
-        }
-
-        feature {
-            name = 'camel-influxdb-aisec'
-            description = 'Correctly packed version of camel-influxdb feature'
-            version = libraryVersions.camel
-
-            //noinspection GroovyAssignabilityCheck
-            configurations 'influxFeature'
-        }
-
-        feature {
-            name = 'camel-zeromq-aisec'
-            description = 'Camel ZeroMQ feature'
-            version = libraryVersions.camelZeroMQ
-
-            //noinspection GroovyAssignabilityCheck
-            configurations 'zmqFeature'
-        }
-    }
-}
diff --git a/karaf-features-ids/build.gradle.kts b/karaf-features-ids/build.gradle.kts
new file mode 100644
index 000000000..3aa4dec45
--- /dev/null
+++ b/karaf-features-ids/build.gradle.kts
@@ -0,0 +1,122 @@
+import com.github.lburgazzoli.gradle.plugin.karaf.features.KarafFeaturesExtension
+import com.github.lburgazzoli.gradle.plugin.karaf.features.model.BundleDescriptor
+import com.github.lburgazzoli.gradle.plugin.karaf.features.model.FeatureDescriptor
+
+@Suppress("UNCHECKED_CAST")
+val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
+
+plugins {
+    id("com.github.lburgazzoli.karaf") version "0.5.1"
+}
+
+description = "IDS Karaf Feature"
+
+val bundleDependencies = ArrayList<Pair<String, String>>()
+val bundleConfigurations = ArrayList<String>()
+
+configurations.filter { it.name.endsWith("Bundle") }.forEach { bundleConfigurations.add(it.name) }
+
+rootProject.subprojects
+    .filter { it.name.matches(Regex("(^camel-.*|ids-.*|.*-(patch|wrapper)\$)")) }
+    .forEach { p ->
+        var included = false
+        // Include each sub-project declaring dependencies with a configuration ending on "Bundle",
+        // using exactly that configuration for the dependency itself and selection of additional recursive dependencies.
+        p.configurations.filter { it.name.endsWith("Bundle") || it.name.endsWith("Feature") }.forEach { c ->
+            // Resolve the configuration to obtain dependencies
+            c.resolve()
+            if (c.dependencies.size > 0) {
+                included = true
+                bundleDependencies += c.name to p.name
+            }
+        }
+        // If project has not been included, include it using "providedByBundle"
+        if (!included) {
+            bundleDependencies += "providedByBundle" to p.name
+        }
+    }
+
+dependencies {
+    // Include the dependencies calculated above
+    bundleDependencies.forEach {
+        add(it.first, project(path = ":${it.second}", configuration = it.first))
+    }
+    zmqFeature("org.apache-extras.camel-extra", "camel-zeromq", libraryVersions["camelZeroMQ"])
+    providedByBundle("org.jetbrains.kotlin", "kotlin-osgi-bundle", libraryVersions["kotlin"])
+    providedByBundle("jakarta.activation:jakarta.activation-api:1.2.2")
+}
+
+karaf {
+    features(closureOf<KarafFeaturesExtension> {
+        xsdVersion = "1.3.0"
+        // it seems to be best practice to include the version in the feature repository as well
+        name = "ids-${project.version}"
+        version = project.version as String
+
+        // the camel repository
+        repository("mvn:org.apache.camel.karaf/apache-camel/${libraryVersions["camel"]}/xml/features")
+
+        // include cxf repository, since the camel one is slightly outdated
+//        repository "mvn:org.apache.cxf.karaf/apache-cxf/${libraryVersions.cxf}/xml/features"
+        
+        feature(closureOf<FeatureDescriptor> {
+            name = "ids"
+            description = "IDS Feature"
+
+            // only specifiy the dependencies that will be provided by bundles, the rest will be specified via features
+            configurations(*bundleConfigurations.toTypedArray())
+
+            // standard feature, but we need to explicitly state it here so that it gets installed in our bare Karaf
+            feature("jetty")
+
+            // CXF for REST APIs
+            feature("cxf-jaxrs")
+            feature("cxf-jackson")
+
+            // CXF commands for the shell
+            /*
+             Notice: This should actually be a conditional dependency, only if shell is available.
+             however the karaf assemble plugin does not seem to resolve these conditions during packaging.
+            */
+            feature("cxf-commands")
+
+		    // For Web Application Bundles, such as our WebConsole
+            feature("war")
+
+            // Features for Apache Camel routing
+            feature("camel-jackson")
+            feature("camel-milo")
+            feature("camel-cxf")
+            feature("camel-ahc")
+            feature("camel-http")
+            feature("camel-jetty")
+            feature("camel-paho")
+            //feature("camel-mqtt")
+            feature("camel-jsonpath")
+            feature("camel-csv")
+
+            // start our bundles a lit bit later
+            bundle ("de.fhg.aisec.ids", closureOf<BundleDescriptor> {
+                attribute("start-level", "90")
+            })
+        })
+
+        feature(closureOf<FeatureDescriptor> {
+            name = "camel-influxdb-aisec"
+            description = "Correctly packed version of camel-influxdb feature"
+            version = libraryVersions["camel"]
+
+            //noinspection GroovyAssignabilityCheck
+            configurations("influxFeature")
+        })
+
+        feature(closureOf<FeatureDescriptor> {
+            name = "camel-zeromq-aisec"
+            description = "Camel ZeroMQ feature"
+            version = libraryVersions["camelZeroMQ"]
+
+            //noinspection GroovyAssignabilityCheck
+            configurations("zmqFeature")
+        })
+    })
+}
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index 803b9583a..b6d22cc38 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -12,6 +12,8 @@ jetty: "9.4.30.v20200611"
 infomodel: "4.0.0"
 
 pax: "7.2.14"
+# Provided by feature, but required for compilation
+jaxb: "2.3.1"
 
 # Starting with camel 3.1.0, XML dump features and metrics have been removed!
 camel: "3.0.1"

From 335b530414049b52ecc108ae0104d2617c37c704 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 12 Mar 2021 12:51:45 +0100
Subject: [PATCH 227/237] Fully migrated to Gradle Kotlin DSL, example fixes

---
 build.gradle.kts                              | 22 ++++++++-----------
 docker-build/Dockerfile                       |  8 +------
 .../docker-compose.yaml                       |  1 +
 ids-api/build.gradle.kts                      |  2 +-
 ids-container-manager/build.gradle.kts        |  4 ++--
 ids-route-manager/build.gradle.kts            |  6 ++++-
 ids-webconsole/build.gradle.kts               |  2 +-
 karaf-assembly/build.gradle.kts               |  6 ++---
 libraryVersions.yaml                          |  6 ++++-
 9 files changed, 28 insertions(+), 29 deletions(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index 72b3d59a4..0749cff2f 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -39,12 +39,6 @@ allprojects {
     version = "4.0.0"
 }
 
-tasks.clean {
-    subprojects.forEach {
-        dependsOn(it.tasks.clean)
-    }
-}
-
 tasks.build {
     subprojects.filter { it.name == "karaf-assembly" }.forEach {
         dependsOn(it.tasks.build)
@@ -79,6 +73,10 @@ subprojects {
         systemProperty("project.version", "$project.version")
     }
 
+    tasks.check {
+        dependsOn(integrationTest)
+    }
+
     tasks.withType<Test> {
         testLogging {
             events("failed")
@@ -86,10 +84,6 @@ subprojects {
         }
     }
 
-    tasks.check {
-        dependsOn(integrationTest)
-    }
-
     // Configuration for dependencies that will be provided through features in the OSGi environment
     val providedByFeature by configurations.creating
 
@@ -175,8 +169,10 @@ configure(subprojects.filter { it.name != "examples" }) {
 }
 
 // Always write project version to version.txt after build/install
-tasks.register<Task>("dumpVersion") {
-    file(project.projectDir).resolve("version.txt").bufferedWriter().use {
-        it.write(project.version.toString())
+tasks.build {
+    doLast {
+        file(project.projectDir).resolve("version.txt").bufferedWriter().use {
+            it.write(project.version.toString())
+        }
     }
 }
\ No newline at end of file
diff --git a/docker-build/Dockerfile b/docker-build/Dockerfile
index 4f392745f..89f3950dd 100644
--- a/docker-build/Dockerfile
+++ b/docker-build/Dockerfile
@@ -5,15 +5,9 @@ LABEL AUTHOR="Michael Lux (michael.lux@aisec.fraunhofer.de)"
 
 # Install tools for nodejs/yarn setup and protobuf compiler
 RUN apt-get update -qq && apt-get install -qq bash sudo wget gnupg protobuf-compiler
-# Install nodejs 12.x
-RUN wget -O - https://deb.nodesource.com/setup_12.x | bash - && apt-get install -qq nodejs
-# Install yarn
-RUN wget -O - https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
-    && echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list \
-    && apt-get update -qq && apt-get -qq install yarn
 
 COPY run.sh .
 RUN chmod +x run.sh
 
 ENTRYPOINT ["/run.sh"]
-CMD ["build", "check", "--parallel"]
\ No newline at end of file
+CMD ["yarnBuild", "check", ":build", "--parallel"]
\ No newline at end of file
diff --git a/examples/example-getting-started/docker-compose.yaml b/examples/example-getting-started/docker-compose.yaml
index c50db6cd0..24b877523 100644
--- a/examples/example-getting-started/docker-compose.yaml
+++ b/examples/example-getting-started/docker-compose.yaml
@@ -25,6 +25,7 @@ services:
       example-internal:
         aliases:
           - consumer-core
+          - provider-core
 
 networks:
   example-internal:
diff --git a/ids-api/build.gradle.kts b/ids-api/build.gradle.kts
index 78836c855..c9150b579 100644
--- a/ids-api/build.gradle.kts
+++ b/ids-api/build.gradle.kts
@@ -13,7 +13,7 @@ protobuf {
     generatedFilesBaseDir = protobufGeneratedDir
 }
 
-tasks.named("clean") {
+tasks.clean {
     doFirst {
         delete(protobufGeneratedDir)
     }
diff --git a/ids-container-manager/build.gradle.kts b/ids-container-manager/build.gradle.kts
index f53746183..92875d3fd 100644
--- a/ids-container-manager/build.gradle.kts
+++ b/ids-container-manager/build.gradle.kts
@@ -13,7 +13,7 @@ protobuf {
     generatedFilesBaseDir = protobufGeneratedDir
 }
 
-tasks.named("clean") {
+tasks.clean {
     doFirst {
         delete(protobufGeneratedDir)
     }
@@ -40,7 +40,7 @@ dependencies {
         exclude("com.github.jnr", "jnr-unixsocket")
     }
 
-    compileOnly(project(":jnr-unixsocket-wrapper"))
+    implementation(project(":jnr-unixsocket-wrapper"))
 
     providedByBundle("com.google.protobuf", "protobuf-java", libraryVersions["protobuf"])
 
diff --git a/ids-route-manager/build.gradle.kts b/ids-route-manager/build.gradle.kts
index 7e841c94c..9a7aad96d 100644
--- a/ids-route-manager/build.gradle.kts
+++ b/ids-route-manager/build.gradle.kts
@@ -6,7 +6,7 @@ dependencies {
 
     implementation("de.fraunhofer.iais.eis.ids.infomodel", "java", libraryVersions["infomodel"])
 
-    providedByFeature("javax.xml.bind", "jaxb-api", libraryVersions["jaxb"])
+    providedByFeature("javax.xml.bind", "jaxb-api", libraryVersions["jaxbApi"])
     providedByFeature("org.apache.camel", "camel-core", libraryVersions["camel"])
     providedByFeature("org.apache.camel", "camel-management", libraryVersions["camel"])
 
@@ -15,6 +15,10 @@ dependencies {
 
     providedByBundle("com.google.guava", "guava", libraryVersions["guava"])
 
+    testImplementation("com.sun.xml.bind", "jaxb-core", libraryVersions["jaxbCore"])
+    testImplementation("com.sun.xml.bind", "jaxb-impl", libraryVersions["jaxbImpl"])
+    testImplementation("com.sun.activation", "javax.activation", libraryVersions["jaxActivation"])
+
     testImplementation("junit", "junit", libraryVersions["junit4"])
     testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
     testImplementation("org.apache.camel", "camel-test", libraryVersions["camel"])
diff --git a/ids-webconsole/build.gradle.kts b/ids-webconsole/build.gradle.kts
index 6f187fb38..f8dc46d06 100644
--- a/ids-webconsole/build.gradle.kts
+++ b/ids-webconsole/build.gradle.kts
@@ -145,6 +145,6 @@ val yarnBuild by tasks.registering(YarnTask::class) {
     dependsOn(yarnInstall)
 }
 
-tasks.named("processResources")<Task> {
+tasks.processResources {
     dependsOn(yarnBuild)
 }
diff --git a/karaf-assembly/build.gradle.kts b/karaf-assembly/build.gradle.kts
index 8c3fd107c..2b3e8601a 100644
--- a/karaf-assembly/build.gradle.kts
+++ b/karaf-assembly/build.gradle.kts
@@ -79,14 +79,14 @@ val assembleKaraf by tasks.registering(CrossPlatformExec::class) {
             || it.name.endsWith("-patch") || it.name.endsWith("-wrapper")
             || it.name == "karaf-features-ids"
         ) {
-            dependsOn(it.tasks.named("install"))
+            dependsOn(it.tasks.install)
         }
     }
 }
 // Sometimes required to fix an error caused by a non-existing folder (maybe caused by mvn clean)
 mkdir("${project.buildDir}/classes/kotlin/test")
 
-tasks.named("jar") {
+tasks.jar {
     dependsOn(assembleKaraf)
 }
 
@@ -120,7 +120,7 @@ val makeMavenDependencies by tasks.registering {
     }
 }
 
-tasks.named("integrationTest") {
+tasks.integrationTest {
     dependsOn(makeMavenDependencies)
     dependsOn(assembleKaraf)
     outputs.upToDateWhen { false }
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index b6d22cc38..750220790 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -13,7 +13,11 @@ infomodel: "4.0.0"
 
 pax: "7.2.14"
 # Provided by feature, but required for compilation
-jaxb: "2.3.1"
+jaxbApi: "2.3.1"
+# Required for RouteManager metrics tests
+jaxbCore: "2.3.0.1"
+jaxbImpl: "2.3.3"
+jaxActivation: "1.2.0"
 
 # Starting with camel 3.1.0, XML dump features and metrics have been removed!
 camel: "3.0.1"

From df21af4f84fa36832e8f18e50cac4405e4f6e164 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Fri, 12 Mar 2021 14:32:14 +0100
Subject: [PATCH 228/237] Removed GitLab CI/CD file

---
 .gitlab-ci.yml | 62 --------------------------------------------------
 1 file changed, 62 deletions(-)
 delete mode 100644 .gitlab-ci.yml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
deleted file mode 100644
index 34dcad8c4..000000000
--- a/.gitlab-ci.yml
+++ /dev/null
@@ -1,62 +0,0 @@
-# make sure to use a Debian-based image, because otherwise you will run into issue with protoc because of missing glibc on alpine
-image: docker
-
-stages:
-  - build
-  - push
-
-build:
-  stage: build
-  image:
-    name: fraunhoferaisec/docker-build:develop
-    entrypoint: [""]
-  before_script:
-    # defined here because of https://gitlab.com/gitlab-org/gitlab-runner/issues/1809
-    - export PROJECT_DIR="${CI_PROJECT_DIR}"
-    # caching for gradle
-    - export GRADLE_DIR="${CI_PROJECT_DIR}/cache/.gradle"
-    - mkdir -p "$GRADLE_DIR"
-    # caching for mvn (used for karaf-assembly)
-    - export M2_DIR="${CI_PROJECT_DIR}/cache/.m2"
-    - mkdir -p "$M2_DIR"
-  script:
-    # yarnBuild is part of build, but we try to speed up the process a bit by prioritizing that long-running task
-    - /run.sh yarnBuild build check dumpVersion --parallel
-  artifacts:
-    when: always
-    paths:
-      - "*/build/reports"
-      - "karaf-assembly/build/assembly"
-      - "rat-repository/build/libs"
-      - "version.txt"
-  cache:
-    key: tc-build
-    paths:
-      - "cache"
-      - "ids-webconsole/src/main/resources/www/node_modules"
-
-push:
-  image: jonoh/docker-buildx-qemu
-  stage: push
-  dependencies:
-    - build
-  before_script:
-    # Use docker-container driver to allow useful features (push/multi-platform)
-    - docker buildx create --driver docker-container --use --name tc_builder
-    - docker buildx inspect --bootstrap
-    - export TAG_NAME=$(if [ "${CI_COMMIT_REF_NAME}" = "master" ]; then echo "latest"; else echo "${CI_COMMIT_REF_NAME}"; fi)
-    # Remove the prefixing "v" of version tags for docker registry
-    - if [[ "$TAG_NAME" =~ v[0-9]+\.[0-9]+\.[0-9]+ ]]; then export TAG_NAME=${TAG_NAME:1}; fi
-  script:
-    - echo "$DOCKER_PASS" | docker login --username "$DOCKER_USER" --password-stdin
-    # Execute buildx script
-    - chmod +x ./buildx/docker-buildx.sh
-    - echo "Using image tag ${TAG_NAME}"
-    - ./buildx/docker-buildx.sh -t ${TAG_NAME} -f docker-compose.yml -f docker-bake-multi.hcl
-  after_script:
-    # Remove the buildx builder
-    - docker buildx rm tc_builder
-  only:
-    - develop
-    - master
-    - /^v[0-9]+\.[0-9]+\.[0-9]+$/
\ No newline at end of file

From f3ad666f9c6b1ca9963504297497f43c40217d0a Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Wed, 24 Mar 2021 20:58:58 +0100
Subject: [PATCH 229/237] Simplified buildx setup

---
 buildx/docker-bake-multi.hcl | 6 ------
 buildx/docker-bake.hcl       | 4 ----
 buildx/docker-buildx.sh      | 2 --
 buildx/docker-compose.yml    | 8 --------
 docker-build/Dockerfile      | 4 ++--
 docker-jdk-base/Dockerfile   | 4 ----
 karaf-assembly/Dockerfile    | 6 +++---
 7 files changed, 5 insertions(+), 29 deletions(-)
 delete mode 100644 docker-jdk-base/Dockerfile

diff --git a/buildx/docker-bake-multi.hcl b/buildx/docker-bake-multi.hcl
index 660b5f6b4..96468d507 100644
--- a/buildx/docker-bake-multi.hcl
+++ b/buildx/docker-bake-multi.hcl
@@ -1,9 +1,3 @@
-# Caching not practical here, since build from base image is trivial
-target "jdk-base" {
-  output = ["type=registry"]
-  platforms = ["linux/amd64", "linux/arm64/v8", "linux/arm/v7"]
-}
-
 target "build-container" {
   output = ["type=registry"]
 //  cache-to = ["registry.netsec.aisec.fraunhofer.de/tc-build-container:cache"]
diff --git a/buildx/docker-bake.hcl b/buildx/docker-bake.hcl
index 762c7eb3d..4fe757424 100644
--- a/buildx/docker-bake.hcl
+++ b/buildx/docker-bake.hcl
@@ -1,7 +1,3 @@
-target "jdk-base" {
-  output = ["type=docker"]
-}
-
 target "build-container" {
   output = ["type=docker"]
 }
diff --git a/buildx/docker-buildx.sh b/buildx/docker-buildx.sh
index 397cd9a97..b241a7e52 100755
--- a/buildx/docker-buildx.sh
+++ b/buildx/docker-buildx.sh
@@ -86,8 +86,6 @@ export BASE_IMAGE="$BASE_IMAGE_ARG"
 printf "######################################################################\n"
 printf "Using build tag \"%s\" and base image \"%s\"\n" "$EXAMPLE_TAG" "$BASE_IMAGE"
 printf "######################################################################\n\n"
-echo "Building jdk-base via \"docker buildx bake jdk-base ${FILES}$*\"..."
-eval "docker buildx bake jdk-base ${FILES}$*"
 
 if [ $BUILD_CONTAINER = 1 ]; then
   echo "Building build-container via \"docker buildx bake build-container $*\"..."
diff --git a/buildx/docker-compose.yml b/buildx/docker-compose.yml
index b60d95b99..9c6e4061f 100644
--- a/buildx/docker-compose.yml
+++ b/buildx/docker-compose.yml
@@ -1,14 +1,6 @@
 version: '3'
 services:
 
-  # Base image for other JDK-based images
-  jdk-base:
-    image: fraunhoferaisec/jdk-base:${DOCKER_BUILD_TAG:-develop}
-    build:
-      context: '../docker-jdk-base'
-      args:
-        BASE_IMAGE: ${BASE_IMAGE:-adoptopenjdk:11-jdk-hotspot}
-
   # Trusted Connector build container
   build-container:
     image: fraunhoferaisec/docker-build:${DOCKER_BUILD_TAG:-develop}
diff --git a/docker-build/Dockerfile b/docker-build/Dockerfile
index 89f3950dd..94765b54f 100644
--- a/docker-build/Dockerfile
+++ b/docker-build/Dockerfile
@@ -1,5 +1,5 @@
-ARG JDK_BASE_IMAGE=fraunhoferaisec/jdk-base:develop
-FROM $JDK_BASE_IMAGE
+ARG BASE_IMAGE=adoptopenjdk:11-jdk-hotspot-focal
+FROM $BASE_IMAGE
 
 LABEL AUTHOR="Michael Lux (michael.lux@aisec.fraunhofer.de)"
 
diff --git a/docker-jdk-base/Dockerfile b/docker-jdk-base/Dockerfile
deleted file mode 100644
index a1dcadfc4..000000000
--- a/docker-jdk-base/Dockerfile
+++ /dev/null
@@ -1,4 +0,0 @@
-ARG BASE_IMAGE
-FROM $BASE_IMAGE
-
-LABEL AUTHOR="Michael Lux (michael.lux@aisec.fraunhofer.de)"
\ No newline at end of file
diff --git a/karaf-assembly/Dockerfile b/karaf-assembly/Dockerfile
index b5b2030e9..201248061 100644
--- a/karaf-assembly/Dockerfile
+++ b/karaf-assembly/Dockerfile
@@ -1,5 +1,5 @@
-ARG JDK_BASE_IMAGE=fraunhoferaisec/jdk-base:develop
-FROM $JDK_BASE_IMAGE
+ARG BASE_IMAGE=adoptopenjdk:11-jdk-hotspot-focal
+FROM $BASE_IMAGE
 
 LABEL AUTHOR="Michael Lux (michael.lux@aisec.fraunhofer.de)"
 
@@ -27,6 +27,6 @@ RUN chmod 0755 /root/bin/karaf
 WORKDIR "/root"
 
 # Ports to expose
-EXPOSE 8181 8443 29998 5005 1099 1098 9292
+EXPOSE 8181 8443 29998 5005 1099 1098 9292 29292
 
 ENTRYPOINT ["/root/bin/karaf"]

From b537f6b5a5095bcaa79e601fc5507ce7f825fbce Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 25 Mar 2021 11:31:33 +0100
Subject: [PATCH 230/237] Replaced TokenManager by IDSCP2-internal handling

---
 .../camel/idscp2/osgi/Idscp2OsgiComponent.kt  |   1 -
 .../docker-compose.yaml                       |   3 -
 .../aisec/ids/api/tokenm/DatException.java    |  11 -
 .../ids/api/tokenm/DynamicAttributeToken.java |  37 ----
 .../aisec/ids/api/tokenm/TokenManager.java    |  49 -----
 .../aisec/ids/api/tokenm/package-info.java    |  21 --
 ids-token-manager/LICENSE.txt                 | 201 ------------------
 ids-token-manager/bnd.bnd                     |   4 -
 ids-token-manager/build.gradle.kts            |  13 --
 .../ids/tokenmanager/TokenManagerService.java | 123 -----------
 .../ids/webconsole/WebConsoleComponent.java   |  13 --
 .../aisec/ids/webconsole/api/ConfigApi.java   |  21 --
 libraryVersions.yaml                          |   2 +-
 settings.gradle.kts                           |   1 -
 14 files changed, 1 insertion(+), 499 deletions(-)
 delete mode 100644 ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/DatException.java
 delete mode 100755 ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/DynamicAttributeToken.java
 delete mode 100755 ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
 delete mode 100755 ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/package-info.java
 delete mode 100755 ids-token-manager/LICENSE.txt
 delete mode 100755 ids-token-manager/bnd.bnd
 delete mode 100644 ids-token-manager/build.gradle.kts
 delete mode 100755 ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java

diff --git a/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt b/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
index 58d6b9502..25e7c039b 100644
--- a/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
+++ b/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
@@ -40,7 +40,6 @@ class Idscp2OsgiComponent : Idscp2UsageControlInterface {
     init {
         Utils.connectorUrlProducer = { settings.connectorProfile.connectorUrl }
         Utils.maintainerUrlProducer = { settings.connectorProfile.maintainerUrl }
-        Utils.dynamicAttributeTokenProducer = { settings.dynamicAttributeToken }
         Utils.dapsUrlProducer = { settings.connectorConfig.dapsUrl }
         Utils.infomodelVersion = BuildConfig.INFOMODEL_VERSION
     }
diff --git a/examples/example-getting-started/docker-compose.yaml b/examples/example-getting-started/docker-compose.yaml
index 24b877523..04b93c3e9 100644
--- a/examples/example-getting-started/docker-compose.yaml
+++ b/examples/example-getting-started/docker-compose.yaml
@@ -9,13 +9,10 @@ services:
     volumes:
       - ../log/:/root/log/
       - /var/run/docker.sock:/var/run/docker.sock
-      - ../tpmsim/rootCA.crt:/root/etc/rootca-cert.pem
       - ../cert-stores/consumer-keystore.p12:/root/etc/consumer-keystore.p12
       - ../cert-stores/provider-keystore.p12:/root/etc/provider-keystore.p12
       - ../cert-stores/truststore.p12:/root/etc/truststore.p12
       - ./example-idscp2-localloop.xml:/root/deploy/example-idscp2-localloop.xml
-    environment:
-      - TPM_HOST=ids-tpmsim
     ports:
       - "5005:5005"
       - "9292:9292"
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/DatException.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/DatException.java
deleted file mode 100644
index 241503ade..000000000
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/DatException.java
+++ /dev/null
@@ -1,11 +0,0 @@
-package de.fhg.aisec.ids.api.tokenm;
-
-public class DatException extends Exception {
-  public DatException(String message) {
-    super(message);
-  }
-
-  public DatException(String message, Throwable cause) {
-    super(message, cause);
-  }
-}
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/DynamicAttributeToken.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/DynamicAttributeToken.java
deleted file mode 100755
index 339fe6a9b..000000000
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/DynamicAttributeToken.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-api
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.api.tokenm;
-
-/**
- * Dynamic Attribute Token. Wraps the token acquired from the DAPS.
- *
- * @author Gerd Brost (gerd.brost@aisec.fraunhofer.de)
- */
-public final class DynamicAttributeToken {
-  final String token;
-
-  public DynamicAttributeToken(String token) {
-    this.token = token;
-  }
-
-  public String getToken() {
-    return token;
-  }
-}
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
deleted file mode 100755
index 5835d1e99..000000000
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/TokenManager.java
+++ /dev/null
@@ -1,49 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-api
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- * 
- *      http://www.apache.org/licenses/LICENSE-2.0
- * 
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.api.tokenm;
-
-import de.fhg.aisec.ids.api.settings.ConnectionSettings;
-
-import java.nio.file.Path;
-
-/**
- * Interface of the Token Manager.
- *
- * <p>TThe Token Manager takes care of identity tokens (such as the Dynamic Attribute Token,
- * acquired by the Dynamic Attribute Provisioning Service.
- *
- * @author Gerd Brost (gerd.brost@aisec.fraunhofer.de)
- */
-public interface TokenManager {
-
-  void acquireToken(
-          String dapsUrl,
-          Path keyStorePath,
-          char[] keyStorePassword,
-          String keystoreAliasName,
-          char[] keyPassword,
-          Path trustStorePath,
-          char[] trustStorePassword);
-
-  void verifyJWT(
-      String dynamicAttributeToken,
-      ConnectionSettings connectionSettings) throws Exception;
-
-}
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/package-info.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/package-info.java
deleted file mode 100755
index 9bb42794e..000000000
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/tokenm/package-info.java
+++ /dev/null
@@ -1,21 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * IDS Core Platform API
- * %%
- * Copyright (C) 2017 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-/** APIs for accessing token services. */
-package de.fhg.aisec.ids.api.tokenm;
diff --git a/ids-token-manager/LICENSE.txt b/ids-token-manager/LICENSE.txt
deleted file mode 100755
index 261eeb9e9..000000000
--- a/ids-token-manager/LICENSE.txt
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright [yyyy] [name of copyright owner]
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/ids-token-manager/bnd.bnd b/ids-token-manager/bnd.bnd
deleted file mode 100755
index 1b17796bc..000000000
--- a/ids-token-manager/bnd.bnd
+++ /dev/null
@@ -1,4 +0,0 @@
-Bundle-Name: IDS :: Token Manager
-Import-Package: \
-    !com.android.org.conscrypt,\
-    *
\ No newline at end of file
diff --git a/ids-token-manager/build.gradle.kts b/ids-token-manager/build.gradle.kts
deleted file mode 100644
index 056d6ef6d..000000000
--- a/ids-token-manager/build.gradle.kts
+++ /dev/null
@@ -1,13 +0,0 @@
-@Suppress("UNCHECKED_CAST")
-val libraryVersions = rootProject.extra.get("libraryVersions") as Map<String, String>
-
-dependencies {
-    providedByBundle(project(":ids-api")) { isTransitive = false }
-
-    implementation("de.fhg.aisec.ids", "idscp2", libraryVersions["idscp2"])
-
-    osgiCore("org.osgi", "osgi.cmpn", libraryVersions["osgiCompendium"])
-
-    testImplementation("junit", "junit", libraryVersions["junit4"])
-    testImplementation("org.mockito", "mockito-core", libraryVersions["mockito"])
-}
diff --git a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java b/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
deleted file mode 100755
index b25b2a446..000000000
--- a/ids-token-manager/src/main/java/de/fhg/aisec/ids/tokenmanager/TokenManagerService.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/*-
- * ========================LICENSE_START=================================
- * ids-token-manager
- * %%
- * Copyright (C) 2019 Fraunhofer AISEC
- * %%
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- * =========================LICENSE_END==================================
- */
-package de.fhg.aisec.ids.tokenmanager;
-
-import de.fhg.aisec.ids.api.settings.ConnectionSettings;
-import de.fhg.aisec.ids.api.settings.ConnectorConfig;
-import de.fhg.aisec.ids.api.settings.Settings;
-import de.fhg.aisec.ids.api.tokenm.TokenManager;
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriver;
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.DefaultDapsDriverConfig;
-import de.fhg.aisec.ids.idscp2.default_drivers.daps.SecurityRequirements;
-import org.osgi.service.component.annotations.Activate;
-import org.osgi.service.component.annotations.Component;
-import org.osgi.service.component.annotations.Reference;
-import org.osgi.service.component.annotations.ReferenceCardinality;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.nio.charset.StandardCharsets;
-import java.nio.file.FileSystems;
-import java.nio.file.Path;
-
-
-/**
- * Manages Dynamic Attribute Tokens.
- *
- * @author Gerd Brost (gerd.brost@aisec.fraunhofer.de)
- */
-@Component(immediate = true, name = "ids-tokenmanager")
-public class TokenManagerService implements TokenManager {
-  private static final Logger LOG = LoggerFactory.getLogger(TokenManagerService.class);
-
-  @SuppressWarnings("FieldMayBeFinal")
-  @Reference(cardinality = ReferenceCardinality.MANDATORY)
-  private Settings settings = null;
-  private DefaultDapsDriver driver;
-
-  /**
-   * Method to acquire a Dynamic Attribute Token (DAT) from a Dynamic Attribute Provisioning Service
-   * (DAPS)
-   * @param dapsUrl            The token aquiry URL (e.g., http://daps.aisec.fraunhofer.de
-   * @param keyStorePath       Name of the keystore file (e.g., server-keystore.p12)
-   * @param keyStorePassword   Password of keystore
-   * @param keystoreAliasName  Alias of the connector's key entry.
-   *                           For default keystores with only one entry, this is '1'
-   * @param trustStorePath     Name of the truststore file
-   * @param trustStorePassword Password of truststore
-   */
-  @Override
-  public void acquireToken(
-          String dapsUrl,
-          Path keyStorePath,
-          char[] keyStorePassword,
-          String keystoreAliasName,
-          char[] keyPassword,
-          Path trustStorePath,
-          char[] trustStorePassword) {
-
-    final var dapsConfig = new DefaultDapsDriverConfig.Builder()
-            .setDapsUrl(dapsUrl)
-            .setKeyStorePath(keyStorePath)
-            .setKeyStorePassword(keyStorePassword)
-            .setKeyAlias(keystoreAliasName)
-            .setKeyPassword(keyPassword)
-            .setTrustStorePath(trustStorePath)
-            .setTrustStorePassword(trustStorePassword)
-            .build();
-    this.driver = new DefaultDapsDriver(dapsConfig);
-    settings.setDynamicAttributeToken(new String(driver.getToken(), StandardCharsets.UTF_8));
-  }
-
-  @Override
-  public void verifyJWT(
-      String dynamicAttributeToken,
-      ConnectionSettings connectionSettings) {
-    if (connectionSettings == null) {
-      this.driver.verifyTokenSecurityAttributes(dynamicAttributeToken.getBytes(StandardCharsets.UTF_8), null);
-    } else {
-      SecurityRequirements securityRequirements = new SecurityRequirements.Builder()
-              .setRequiredSecurityLevel(connectionSettings.getRequiredSecurityProfile())
-              .build();
-      this.driver.verifyTokenSecurityAttributes(dynamicAttributeToken.getBytes(StandardCharsets.UTF_8), securityRequirements);
-    }
-  }
-
-  @Activate
-  public void run() {
-    LOG.info("Token renewal triggered.");
-    try {
-      ConnectorConfig config = settings.getConnectorConfig();
-      var ksRoot = FileSystems.getDefault().getPath("etc");
-      char[] ksPassword = config.getKeystorePassword().toCharArray();
-      acquireToken(
-              config.getDapsUrl(),
-              ksRoot.resolve(config.getKeystoreName()),
-              ksPassword,
-              config.getKeystoreAliasName(),
-              ksPassword,
-              ksRoot.resolve(config.getTruststoreName()),
-              ksPassword);
-
-    } catch (Exception e) {
-      LOG.error("Token renewal failed", e);
-    }
-  }
-}
diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/WebConsoleComponent.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/WebConsoleComponent.java
index 97e2997b7..29527f3f8 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/WebConsoleComponent.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/WebConsoleComponent.java
@@ -27,7 +27,6 @@
 import de.fhg.aisec.ids.api.policy.PAP;
 import de.fhg.aisec.ids.api.router.RouteManager;
 import de.fhg.aisec.ids.api.settings.Settings;
-import de.fhg.aisec.ids.api.tokenm.TokenManager;
 import org.checkerframework.checker.nullness.qual.Nullable;
 import org.osgi.service.component.annotations.*;
 
@@ -51,9 +50,6 @@ public class WebConsoleComponent {
   @Reference(cardinality = ReferenceCardinality.OPTIONAL)
   private EndpointConfigManager dynEndConManager = null;
 
-  @Reference(cardinality = ReferenceCardinality.OPTIONAL)
-  private TokenManager tokenManager = null;
-
   @Reference(cardinality = ReferenceCardinality.OPTIONAL)
   private Settings settings = null;
 
@@ -116,15 +112,6 @@ public static ConnectionManager getConnectionManager() {
     return null;
   }
 
-  @Nullable
-  public static TokenManager getTokenManager() {
-    WebConsoleComponent in = instance;
-    if (in != null) {
-      return in.tokenManager;
-    }
-    return null;
-  }
-
   @Nullable
   public static Settings getSettings() {
     WebConsoleComponent in = instance;
diff --git a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
index 6e057d6fe..0eb4e5127 100644
--- a/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
+++ b/ids-webconsole/src/main/java/de/fhg/aisec/ids/webconsole/api/ConfigApi.java
@@ -28,14 +28,12 @@
 import de.fhg.aisec.ids.api.settings.ConnectionSettings;
 import de.fhg.aisec.ids.api.settings.ConnectorConfig;
 import de.fhg.aisec.ids.api.settings.Settings;
-import de.fhg.aisec.ids.api.tokenm.TokenManager;
 import de.fhg.aisec.ids.webconsole.WebConsoleComponent;
 import io.swagger.annotations.*;
 
 import javax.ws.rs.*;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
-import java.nio.file.FileSystems;
 import java.util.*;
 import java.util.function.Function;
 import java.util.regex.Matcher;
@@ -94,25 +92,6 @@ public String set(ConnectorConfig config) {
       return "No settings available";
     }
     settings.setConnectorConfig(config);
-    TokenManager tokenManager = WebConsoleComponent.getTokenManager();
-    if (tokenManager == null) {
-      return "No TokenManager available";
-    }
-
-    try {
-      var ksPath = FileSystems.getDefault().getPath("etc");
-      var password = config.getKeystorePassword().toCharArray();
-      tokenManager.acquireToken(
-              config.getDapsUrl(),
-              ksPath.resolve(config.getKeystoreName()),
-              password,
-              config.getKeystoreAliasName(),
-              password,
-              ksPath.resolve(config.getTruststoreName()),
-              password);
-    } catch (Exception e) {
-      e.printStackTrace();
-    }
 
     return "OK";
   }
diff --git a/libraryVersions.yaml b/libraryVersions.yaml
index 750220790..398ad515a 100644
--- a/libraryVersions.yaml
+++ b/libraryVersions.yaml
@@ -1,4 +1,4 @@
-idscp2: "0.3.2"
+idscp2: "0.4.0"
 
 # Kotlin library/compiler version
 kotlin: "1.4.31"
diff --git a/settings.gradle.kts b/settings.gradle.kts
index d670d4883..f4ad49b49 100644
--- a/settings.gradle.kts
+++ b/settings.gradle.kts
@@ -14,7 +14,6 @@ include(":ids-endpoint-config")
 include(":ids-infomodel-manager")
 include(":ids-route-manager")
 include(":ids-settings")
-include(":ids-token-manager")
 include(":ids-webconsole")
 include(":jnr-unixsocket-wrapper")
 include(":karaf-assembly")

From d7fce028d050960d3944a8f5a9655e63ffba50be Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Thu, 25 Mar 2021 14:05:21 +0100
Subject: [PATCH 231/237] Removed DAT from settings DB

---
 .../fhg/aisec/ids/api/infomodel/InfoModel.kt  | 22 -----------
 .../fhg/aisec/ids/api/settings/Settings.java  |  5 +--
 .../InfoModelService.kt                       | 38 -------------------
 .../aisec/ids/settings/SettingsComponent.kt   | 19 +++-------
 4 files changed, 7 insertions(+), 77 deletions(-)

diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt
index 2e3cb5cd5..792750c4b 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt
@@ -51,21 +51,6 @@ interface InfoModel {
      */
     fun setConnectorByJsonLd(jsonLd: String?)
 
-    /**
-     * Get connector Dynamic Attribute Token
-     *
-     * @return DAT
-     */
-    val dynamicAttributeToken: String
-
-    /**
-     * Set Dynamic Attribute Token or remove if "null" is passed
-     *
-     * @param dynamicAttributeToken The DAT to use for this connector
-     * @return Whether storing the DAT has been successful
-     */
-    fun setDynamicAttributeToken(dynamicAttributeToken: String?)
-
     /**
      * Get version of implemented infomodel
      *
@@ -73,11 +58,4 @@ interface InfoModel {
      */
     val modelVersion: String
 
-    /**
-     * Initializes an infomodel *MessageBuilder with required fields,
-     * using reflection
-     *
-     * @return Populated *MessageBuilder
-     */
-    fun <T: Any> initMessageBuilder(builder: T): T
 }
\ No newline at end of file
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/Settings.java b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/Settings.java
index 053674ee1..a1ef03180 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/Settings.java
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/settings/Settings.java
@@ -20,6 +20,7 @@
 package de.fhg.aisec.ids.api.settings;
 
 import de.fhg.aisec.ids.api.infomodel.ConnectorProfile;
+
 import java.util.Map;
 
 public interface Settings {
@@ -36,10 +37,6 @@ public interface Settings {
 
   void setConnectorJsonLd(String jsonLd);
 
-  String getDynamicAttributeToken();
-
-  void setDynamicAttributeToken(String dynamicAttributeToken);
-
   ConnectionSettings getConnectionSettings(String connection);
 
   void setConnectionSettings(String connection, ConnectionSettings connectionSettings);
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
index 6b406bca5..8f36db5c6 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
@@ -15,8 +15,6 @@ import org.slf4j.LoggerFactory
 import java.net.URI
 import java.net.URISyntaxException
 import java.util.*
-import javax.xml.datatype.DatatypeFactory
-import javax.xml.datatype.XMLGregorianCalendar
 
 
 /**
@@ -35,34 +33,6 @@ class InfoModelService : InfoModel {
 
     override val modelVersion = BuildConfig.INFOMODEL_VERSION
 
-    override fun <T: Any> initMessageBuilder(builder: T): T {
-        val builderClass = builder::class.java
-        builderClass.getMethod("_securityToken_", DynamicAttributeToken::class.java)
-                .invoke(builder, DynamicAttributeTokenBuilder()
-                        ._tokenFormat_(TokenFormat.JWT)
-                        ._tokenValue_(settings.dynamicAttributeToken)
-                        .build())
-        builderClass.getMethod("_senderAgent_", URI::class.java)
-                .invoke(builder, settings.connectorProfile.maintainerUrl)
-        builderClass.getMethod("_issuerConnector_", URI::class.java)
-                .invoke(builder, settings.connectorProfile.connectorUrl)
-        builderClass.getMethod("_issued_", XMLGregorianCalendar::class.java)
-                .invoke(builder, DatatypeFactory.newInstance().newXMLGregorianCalendar(
-                        GregorianCalendar().apply { timeInMillis = System.currentTimeMillis() }))
-        builderClass.getMethod("_modelVersion_", String::class.java)
-                .invoke(builder, modelVersion)
-        return builder
-    }
-
-    /**
-     * Build ConnectorAvailableMessage for IDS message headers
-     */
-    fun getConnectorAvailableMessage(): ConnectorUpdateMessage {
-        val builder = ConnectorUpdateMessageBuilder()
-        initMessageBuilder(builder)
-        return builder.build()
-    }
-
     /**
      * Build Connector Entity Names from preferences
      */
@@ -183,14 +153,6 @@ class InfoModelService : InfoModel {
         }
     }
 
-    override val dynamicAttributeToken: String
-        get() = settings.dynamicAttributeToken
-                ?: throw NullPointerException("DAPS token is not available")
-
-    override fun setDynamicAttributeToken(dynamicAttributeToken: String?) {
-        settings.dynamicAttributeToken = dynamicAttributeToken
-    }
-
     companion object {
         private val LOG = LoggerFactory.getLogger(InfoModelService::class.java)
         private val serializer: Serializer by lazy { Serializer() }
diff --git a/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt b/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt
index b2864d478..58934a9ef 100644
--- a/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt
+++ b/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt
@@ -50,6 +50,10 @@ class SettingsComponent : Settings {
                     }
                     dbVersion = 2
                 }
+                2 -> {
+                    settingsStore -= DAT_KEY
+                    dbVersion = 3
+                }
             }
             settingsStore[DB_VERSION_KEY] = dbVersion
             mapDB.commit()
@@ -81,17 +85,6 @@ class SettingsComponent : Settings {
 
     override fun getConnectorJsonLd() = settingsStore[CONNECTOR_JSON_LD_KEY] as String?
 
-    override fun getDynamicAttributeToken() = settingsStore[DAT_KEY] as String?
-
-    override fun setDynamicAttributeToken(dynamicAttributeToken: String?) {
-        if (dynamicAttributeToken == null) {
-            settingsStore -= DAT_KEY
-        } else {
-            settingsStore[DAT_KEY] = dynamicAttributeToken
-        }
-        mapDB.commit()
-    }
-
     override fun setConnectorJsonLd(jsonLd: String?) {
         if (jsonLd == null) {
             settingsStore -= CONNECTOR_JSON_LD_KEY
@@ -105,7 +98,7 @@ class SettingsComponent : Settings {
         if (connection == Constants.GENERAL_CONFIG) {
             connectionSettings.getOrElse(connection) { ConnectionSettings() }
         } else {
-            connectionSettings.getOrPut(connection) {getConnectionSettings(Constants.GENERAL_CONFIG)}
+            connectionSettings.getOrPut(connection) { getConnectionSettings(Constants.GENERAL_CONFIG) }
         }
 
     override fun setConnectionSettings(connection: String, conSettings: ConnectionSettings) {
@@ -118,7 +111,7 @@ class SettingsComponent : Settings {
 
     companion object {
         internal const val DB_VERSION_KEY = "db_version"
-        internal const val CURRENT_DB_VERSION = 2
+        internal const val CURRENT_DB_VERSION = 3
         internal const val CONNECTOR_SETTINGS_KEY = "main_config"
         internal const val CONNECTOR_PROFILE_KEY = "connector_profile"
         internal const val CONNECTOR_JSON_LD_KEY = "connector_json_ld"

From 6073e805c6d09458f8d579931efbe8fa044ae164 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 30 Mar 2021 17:55:50 +0200
Subject: [PATCH 232/237] Bump y18n from 4.0.0 to 4.0.1 in
 /ids-webconsole/src/main/resources/www (#35)

Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 ids-webconsole/src/main/resources/www/yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index 5c11cd3ce..cc728ed5b 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -8496,9 +8496,9 @@ xtend@^4.0.0, xtend@~4.0.1:
   integrity sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ==
 
 y18n@^4.0.0:
-  version "4.0.0"
-  resolved "https://registry.yarnpkg.com/y18n/-/y18n-4.0.0.tgz#95ef94f85ecc81d007c264e190a120f0a3c8566b"
-  integrity sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w==
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/y18n/-/y18n-4.0.1.tgz#8db2b83c31c5d75099bb890b23f3094891e247d4"
+  integrity sha512-wNcy4NvjMYL8gogWWYAO7ZFWFfHcbdbE57tZO8e4cbpj8tfUcwrwqSl3ad8HxpYWCdXcJUCeKKZS62Av1affwQ==
 
 yallist@^3.0.0, yallist@^3.0.2, yallist@^3.0.3:
   version "3.1.1"

From 5340832b0c648b66662ed9423286aea5d793edc3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 30 Mar 2021 17:56:00 +0200
Subject: [PATCH 233/237] Bump elliptic in
 /ids-webconsole/src/main/resources/www (#33)

Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.3 to 6.5.4.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.3...v6.5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .../src/main/resources/www/yarn.lock          | 32 +++++++++----------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index cc728ed5b..7ccfe35fe 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -1839,10 +1839,10 @@ bluebird@^3.5.1, bluebird@^3.5.3, bluebird@^3.5.5:
   resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f"
   integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg==
 
-bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.4.0:
-  version "4.11.9"
-  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.9.tgz#26d556829458f9d1e81fc48952493d0ba3507828"
-  integrity sha512-E6QoYqCKZfgatHTdHzs1RRKP7ip4vvm+EyRUeE2RF0NblwVvb0p6jSVeNTOFxPn26QXN2o6SMfNxKp6kU8zQaw==
+bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.11.9:
+  version "4.12.0"
+  resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.12.0.tgz#775b3f278efbb9718eec7361f483fb36fbbfea88"
+  integrity sha512-c98Bf3tPniI+scsdk237ku1Dc3ujXQTSgyiPUDEOe7tRkhrqridvh8klBv0HCEso1OLOYcHuCv/cS6DNxKH+ZA==
 
 bn.js@^5.1.1:
   version "5.1.3"
@@ -1923,7 +1923,7 @@ braces@^3.0.1, braces@~3.0.2:
   dependencies:
     fill-range "^7.0.1"
 
-brorand@^1.0.1:
+brorand@^1.0.1, brorand@^1.1.0:
   version "1.1.0"
   resolved "https://registry.yarnpkg.com/brorand/-/brorand-1.1.0.tgz#12c25efe40a45e3c323eb8675a0a0ce57b22371f"
   integrity sha1-EsJe/kCkXjwyPrhnWgoM5XsiNx8=
@@ -3129,17 +3129,17 @@ electron-to-chromium@^1.3.571:
   integrity sha512-NB3DzrTzJFhWkUp+nl2KtUtoFzrfGXTir2S+BU4tXGyXH9vlluPuFpE3pTKeH7+PY460tHLjKzh6K2+TWwW+Ww==
 
 elliptic@^6.5.3:
-  version "6.5.3"
-  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.3.tgz#cb59eb2efdaf73a0bd78ccd7015a62ad6e0f93d6"
-  integrity sha512-IMqzv5wNQf+E6aHeIqATs0tOLeOTwj1QKbRcS3jBbYkl5oLAserA8yJTT7/VyHUYG91PRmPyeQDObKLPpeS4dw==
+  version "6.5.4"
+  resolved "https://registry.yarnpkg.com/elliptic/-/elliptic-6.5.4.tgz#da37cebd31e79a1367e941b592ed1fbebd58abbb"
+  integrity sha512-iLhC6ULemrljPZb+QutR5TQGB+pdW6KGD5RSegS+8sorOZT+rdQFbsQFJgvN3eRqNALqJer4oQ16YvJHlU8hzQ==
   dependencies:
-    bn.js "^4.4.0"
-    brorand "^1.0.1"
+    bn.js "^4.11.9"
+    brorand "^1.1.0"
     hash.js "^1.0.0"
-    hmac-drbg "^1.0.0"
-    inherits "^2.0.1"
-    minimalistic-assert "^1.0.0"
-    minimalistic-crypto-utils "^1.0.0"
+    hmac-drbg "^1.0.1"
+    inherits "^2.0.4"
+    minimalistic-assert "^1.0.1"
+    minimalistic-crypto-utils "^1.0.1"
 
 emitter-component@^1.1.1:
   version "1.1.1"
@@ -3961,7 +3961,7 @@ hex-color-regex@^1.1.0:
   resolved "https://registry.yarnpkg.com/hex-color-regex/-/hex-color-regex-1.1.0.tgz#4c06fccb4602fe2602b3c93df82d7e7dbf1a8a8e"
   integrity sha512-l9sfDFsuqtOqKDsQdqrMRk0U85RZc0RtOR9yPI7mRVOa4FsR/BVnZ0shmQRM96Ji99kYZP/7hn1cedc1+ApsTQ==
 
-hmac-drbg@^1.0.0:
+hmac-drbg@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/hmac-drbg/-/hmac-drbg-1.0.1.tgz#d2745701025a6c775a6c545793ed502fc0c649a1"
   integrity sha1-0nRXAQJabHdabFRXk+1QL8DGSaE=
@@ -5191,7 +5191,7 @@ minimalistic-assert@^1.0.0, minimalistic-assert@^1.0.1:
   resolved "https://registry.yarnpkg.com/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz#2e194de044626d4a10e7f7fbc00ce73e83e4d5c7"
   integrity sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==
 
-minimalistic-crypto-utils@^1.0.0, minimalistic-crypto-utils@^1.0.1:
+minimalistic-crypto-utils@^1.0.1:
   version "1.0.1"
   resolved "https://registry.yarnpkg.com/minimalistic-crypto-utils/-/minimalistic-crypto-utils-1.0.1.tgz#f6c00c1c0b082246e5c4d99dfb8c7c083b2b582a"
   integrity sha1-9sAMHAsIIkblxNmd+4x8CDsrWCo=

From 7ec9b51f614e8a72165c7aee7c89fddc118d7038 Mon Sep 17 00:00:00 2001
From: Christian Banse <christian.banse@aisec.fraunhofer.de>
Date: Tue, 30 Mar 2021 18:07:29 +0200
Subject: [PATCH 234/237] Spotless w/ license

---
 build.gradle.kts                              |  2 +-
 .../camel/idscp2/osgi/Idscp2OsgiComponent.kt  |  2 +-
 .../fhg/aisec/ids/api/ExtensionFunctions.kt   | 19 +++++++++++++++++++
 .../api/idscp2/Idscp2UsageControlInterface.kt | 19 +++++++++++++++++++
 .../InfoModelService.kt                       | 19 +++++++++++++++++++
 .../deserializer/CustomModule.kt              |  6 +++---
 .../deserializer/CustomObjectMapper.kt        |  2 +-
 .../aisec/ids/rm/PolicyEnforcementPoint.kt    |  4 ++--
 .../aisec/ids/settings/OsgiElsaSerializer.kt  | 19 +++++++++++++++++++
 .../aisec/ids/settings/SettingsComponent.kt   | 19 +++++++++++++++++++
 10 files changed, 103 insertions(+), 8 deletions(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index 0749cff2f..e116d1247 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -149,7 +149,7 @@ configure(subprojects.filter { it.name != "examples" }) {
  * ========================LICENSE_START=================================
  * ${project.name}
  * %%
- * Copyright (C) \${"$"}YEAR Fraunhofer AISEC
+ * Copyright (C) ${"$"}YEAR Fraunhofer AISEC
  * %%
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
diff --git a/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt b/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
index 25e7c039b..4091651e8 100644
--- a/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
+++ b/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
@@ -1,6 +1,6 @@
 /*-
  * ========================LICENSE_START=================================
- * camel-ids
+ * camel-idscp2-osgi
  * %%
  * Copyright (C) 2019 Fraunhofer AISEC
  * %%
diff --git a/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt
index 23a79e10a..b668859e3 100644
--- a/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt
+++ b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt
@@ -1,3 +1,22 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-api
+ * %%
+ * Copyright (C) 2021 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
 package de.fhg.aisec.ids.api
 
 import java.io.IOException
diff --git a/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt
index 0f1db9700..c505fa53e 100644
--- a/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt
+++ b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt
@@ -1,3 +1,22 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-api
+ * %%
+ * Copyright (C) 2021 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
 package de.fhg.aisec.ids.api.idscp2
 
 import de.fraunhofer.iais.eis.ContractAgreement
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
index 8f36db5c6..02911e321 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
@@ -1,3 +1,22 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-infomodel-manager
+ * %%
+ * Copyright (C) 2021 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
 package de.fhg.aisec.ids.informationmodelmanager
 
 import de.fhg.aisec.ids.api.conm.ConnectionManager
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomModule.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomModule.kt
index 2d4a1dc67..56a51cfe5 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomModule.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomModule.kt
@@ -1,15 +1,15 @@
 /*-
  * ========================LICENSE_START=================================
- * IDS Core Platform Webconsole
+ * ids-infomodel-manager
  * %%
  * Copyright (C) 2017 - 2018 Fraunhofer AISEC
  * %%
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- *
+ * 
  *      http://www.apache.org/licenses/LICENSE-2.0
- *
+ * 
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomObjectMapper.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomObjectMapper.kt
index e2a9f4d91..c354bab82 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomObjectMapper.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomObjectMapper.kt
@@ -1,6 +1,6 @@
 /*-
  * ========================LICENSE_START=================================
- * IDS Core Platform Webconsole
+ * ids-infomodel-manager
  * %%
  * Copyright (C) 2017 - 2018 Fraunhofer AISEC
  * %%
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
index 8f2d1c6bc..2272a0af0 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
@@ -7,9 +7,9 @@
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- *
+ * 
  *      http://www.apache.org/licenses/LICENSE-2.0
- *
+ * 
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
diff --git a/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/OsgiElsaSerializer.kt b/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/OsgiElsaSerializer.kt
index 47917337c..26abb0019 100644
--- a/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/OsgiElsaSerializer.kt
+++ b/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/OsgiElsaSerializer.kt
@@ -1,3 +1,22 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-settings
+ * %%
+ * Copyright (C) 2021 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
 package de.fhg.aisec.ids.settings
 
 import org.mapdb.DataInput2
diff --git a/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt b/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt
index 58934a9ef..f1d5175d3 100644
--- a/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt
+++ b/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt
@@ -1,3 +1,22 @@
+/*-
+ * ========================LICENSE_START=================================
+ * ids-settings
+ * %%
+ * Copyright (C) 2021 Fraunhofer AISEC
+ * %%
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * =========================LICENSE_END==================================
+ */
 package de.fhg.aisec.ids.settings
 
 import de.fhg.aisec.ids.api.Constants

From b526a17e84bdb3bb406d17539fd3e1e176991fb5 Mon Sep 17 00:00:00 2001
From: Christian Banse <christian.banse@aisec.fraunhofer.de>
Date: Tue, 30 Mar 2021 18:17:07 +0200
Subject: [PATCH 235/237] Added spotless for Kotlin for easier merging

---
 build.gradle.kts                              |   1 +
 .../camel/idscp2/osgi/Idscp2OsgiComponent.kt  |  11 +-
 .../ids/camel/multipart/MultiPartComponent.kt |  10 +-
 .../ids/camel/multipart/MultiPartConstants.kt |   2 +-
 .../multipart/MultiPartInputProcessor.kt      |   4 +-
 .../multipart/MultiPartOutputProcessor.kt     | 122 +++---
 .../camel/multipart/MultiPartStringParser.kt  |  20 +-
 .../fhg/aisec/ids/acme/AcmeChallengeServer.kt |  52 +--
 .../fhg/aisec/ids/acme/AcmeClientService.kt   | 348 ++++++++++--------
 .../ids/acme/provider/BoulderAcmeProvider.kt  |   5 +-
 .../fhg/aisec/ids/api/infomodel/InfoModel.kt  |   3 +-
 .../fhg/aisec/ids/api/ExtensionFunctions.kt   |   5 +-
 .../api/idscp2/Idscp2UsageControlInterface.kt |  14 +-
 .../fhg/aisec/ids/cm/impl/docker/DockerCM.kt  | 252 +++++++------
 .../aisec/ids/cm/impl/docker/DockerCmIT.kt    |   7 +-
 .../dataflowcontrol/PolicyDecisionPoint.kt    |  95 ++---
 .../lucon/CounterExampleImpl.kt               |  21 +-
 .../ids/dataflowcontrol/lucon/LuconEngine.kt  |  37 +-
 .../ids/dataflowcontrol/lucon/LuconLibrary.kt |  47 +--
 .../dataflowcontrol/lucon/TuPrologHelper.kt   |   6 +-
 .../ids/dataflowcontrol/LuconEngineTest.kt    | 340 +++++++++--------
 .../InfoModelService.kt                       | 116 +++---
 .../deserializer/CustomModule.kt              |   4 +-
 .../de/fhg/aisec/ids/rm/CamelInterceptor.kt   |  20 +-
 .../aisec/ids/rm/PolicyEnforcementPoint.kt    | 263 ++++++++-----
 .../fhg/aisec/ids/rm/RouteManagerService.kt   | 150 +++++---
 .../fhg/aisec/ids/rm/util/CamelRouteToDot.kt  |  30 +-
 .../fhg/aisec/ids/rm/util/GraphProcessor.kt   |  30 +-
 .../de/fhg/aisec/ids/rm/util/NodeData.kt      |  30 +-
 .../de/fhg/aisec/ids/rm/util/PrologNode.kt    |   6 +-
 .../de/fhg/aisec/ids/rm/util/PrologPrinter.kt |  21 +-
 .../de/fhg/aisec/ids/rm/RouteMetricsTest.kt   |  19 +-
 .../aisec/ids/settings/OsgiElsaSerializer.kt  |   4 +-
 .../aisec/ids/settings/SettingsComponent.kt   |  47 ++-
 34 files changed, 1191 insertions(+), 951 deletions(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index e116d1247..901c34f3c 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -145,6 +145,7 @@ configure(subprojects.filter { it.name != "examples" }) {
         isEnforceCheck = false
 
         kotlin {
+            ktfmt().kotlinlangStyle()
             licenseHeader("""/*-
  * ========================LICENSE_START=================================
  * ${project.name}
diff --git a/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt b/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
index 4091651e8..bf40cb9c0 100644
--- a/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
+++ b/camel-idscp2-osgi/src/main/kotlin/de/fhg/aisec/ids/camel/idscp2/osgi/Idscp2OsgiComponent.kt
@@ -24,18 +24,17 @@ import de.fhg.aisec.ids.api.settings.Settings
 import de.fhg.aisec.ids.camel.idscp2.UsageControlMaps
 import de.fhg.aisec.ids.camel.idscp2.Utils
 import de.fhg.aisec.ids.informationmodelmanager.BuildConfig
+import java.net.URI
 import org.apache.camel.Exchange
 import org.osgi.service.component.annotations.Activate
 import org.osgi.service.component.annotations.Component
 import org.osgi.service.component.annotations.Reference
 import org.osgi.service.component.annotations.ReferenceCardinality
-import java.net.URI
 
 @Suppress("unused")
 @Component
 class Idscp2OsgiComponent : Idscp2UsageControlInterface {
-    @Reference(cardinality = ReferenceCardinality.MANDATORY)
-    private lateinit var settings: Settings
+    @Reference(cardinality = ReferenceCardinality.MANDATORY) private lateinit var settings: Settings
 
     init {
         Utils.connectorUrlProducer = { settings.connectorProfile.connectorUrl }
@@ -54,12 +53,12 @@ class Idscp2OsgiComponent : Idscp2UsageControlInterface {
     }
 
     override fun getExchangeContract(exchange: Exchange) =
-            UsageControlMaps.getExchangeContract(exchange)
+        UsageControlMaps.getExchangeContract(exchange)
 
     override fun isProtected(exchange: Exchange) = UsageControlMaps.isProtected(exchange)
 
     override fun protectBody(exchange: Exchange, contractUri: URI) =
-            UsageControlMaps.protectBody(exchange, contractUri)
+        UsageControlMaps.protectBody(exchange, contractUri)
 
     override fun unprotectBody(exchange: Exchange) = UsageControlMaps.unprotectBody(exchange)
 
@@ -70,4 +69,4 @@ class Idscp2OsgiComponent : Idscp2UsageControlInterface {
             Companion.instance = instance
         }
     }
-}
\ No newline at end of file
+}
diff --git a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.kt b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.kt
index 76a1c5aa1..598833d25 100644
--- a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.kt
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartComponent.kt
@@ -28,9 +28,8 @@ import org.osgi.service.component.annotations.ReferenceCardinality
 /**
  * The only purpose of this OSGi component is to connect to the InfoModelManager.
  *
- *
- * This is required for the MultiPartComponent to use a proper IDS self description in the
- * multipart messages.
+ * This is required for the MultiPartComponent to use a proper IDS self description in the multipart
+ * messages.
  *
  * @author Julian Schütte (julian.schuette@aisec.fraunhofer.de)
  */
@@ -47,6 +46,7 @@ class MultiPartComponent {
     companion object {
         private lateinit var instance: MultiPartComponent
 
-        val infoModelManager get() = instance.infoModelManager
+        val infoModelManager
+            get() = instance.infoModelManager
     }
-}
\ No newline at end of file
+}
diff --git a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.kt b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.kt
index 42624f778..f55dc24df 100644
--- a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.kt
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartConstants.kt
@@ -22,4 +22,4 @@ package de.fhg.aisec.ids.camel.multipart
 internal object MultiPartConstants {
     const val MULTIPART_HEADER = "header"
     const val MULTIPART_PAYLOAD = "payload"
-}
\ No newline at end of file
+}
diff --git a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt
index b765fc040..3df70d2df 100644
--- a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartInputProcessor.kt
@@ -19,9 +19,9 @@
  */
 package de.fhg.aisec.ids.camel.multipart
 
+import java.io.InputStream
 import org.apache.camel.Exchange
 import org.apache.camel.Processor
-import java.io.InputStream
 
 class MultiPartInputProcessor : Processor {
     @Throws(Exception::class)
@@ -39,4 +39,4 @@ class MultiPartInputProcessor : Processor {
             it.body = parser.payload
         }
     }
-}
\ No newline at end of file
+}
diff --git a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
index f57d8ba97..494c34a49 100644
--- a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartOutputProcessor.kt
@@ -20,6 +20,9 @@
 package de.fhg.aisec.ids.camel.multipart
 
 import de.fhg.aisec.ids.api.infomodel.InfoModel
+import java.io.InputStream
+import java.nio.charset.StandardCharsets
+import java.util.*
 import org.apache.camel.Exchange
 import org.apache.camel.Processor
 import org.apache.http.entity.ContentType
@@ -27,9 +30,6 @@ import org.apache.http.entity.mime.HttpMultipartMode
 import org.apache.http.entity.mime.MultipartEntityBuilder
 import org.apache.http.entity.mime.content.InputStreamBody
 import org.apache.http.entity.mime.content.StringBody
-import java.io.InputStream
-import java.nio.charset.StandardCharsets
-import java.util.*
 
 /**
  * The MultiPartOutputProcessor will read the Exchange's header "ids" (if present) and the
@@ -37,65 +37,36 @@ import java.util.*
  * content-type application/json: a "header" part containing the "ids" header and a "payload" part
  * containing the body.
  *
- * <p>The whole message is supposed to look like this: <code>
- * --msgpart
- * Content-Type: application/json; charset=utf-8
- * Content-Disposition: form-data; name="header"
+ * <p>The whole message is supposed to look like this: <code> --msgpart Content-Type:
+ * application/json; charset=utf-8 Content-Disposition: form-data; name="header"
  *
- * {
- * "@type" : "ids:ConnectorAvailableMessage",
- * "id" : "http://industrialdataspace.org/connectorAvailableMessage/34d761cf-5ca4-4a77-a7f4-b14d8f75636a",
- * "issued" : "2018-10-25T11:37:08.245Z",
- * "modelVersion" : "1.0.1-SNAPSHOT",
- * "issuerConnector" : "https://companyA.com/connector/59a68243-dd96-4c8d-88a9-0f0e03e13b1b",
- * "securityToken" : {
- * "@type" : "ids:Token",
- * "id" : "http://industrialdataspace.org/token/e43c08e1-157b-4207-94a8-754e53f48839",
- * "tokenFormat" : "https://w3id.org/idsa/code/tokenformat/JWT",
- * "tokenValue" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJEQVBTIERDIiwiYXVkIjoiSURTX0RDX0FTIiwic3ViIjoiREFQUyByZXNwb25zZSB0b2tlbiIsIm5hbWUiOiJEeW5hbWljIEF0dHJpYnV0ZXMgUHJvdmlzaW9uIFNlcnZpY2UgJ0RBUFMnIChlZGl0aW9uICdEZXZlbG9wZXJzIENvbW11bml0eScpIiwiZXhwIjoxNTQwMzkyMzU1MDI2LCJASURTIjp7IkBjb250ZXh0Ijp7IlNlY3VyaXR5UHJvZmlsZSI6Imh0dHBzOi8vc2NoZW1hLmluZHVzdHJpYWxkYXRhc3BhY2Uub3JnL3NlY3VyaXR5UHJvZmlsZS8iLCJEYXRhVXNhZ2VDb250cm9sIjoiaHR0cHM6Ly9zY2hlbWEuaW5kdXN0cmlhbGRhdGFzcGFjZS5vcmcvc2VjdXJpdHlQcm9maWxlL2RhdGFVc2FnZUNvbnRyb2xTdXBwb3J0In0sIkB0eXBlIjoicHJvZmlsZSIsInByb2ZpbGUiOnsiaWRzaWQiOiJodHRwOi8vd3d3Lm5pY29zLXJkLmNvbS9JRFMvQ29ubmVjdG9ycy9icm8tZGMiLCJAdHlwZSI6IlNlY3VyaXR5UHJvZmlsZSIsIlNlY3VyaXR5UHJvZmlsZSI6eyJpbnRlZ3JpdHlQcm90ZWN0aW9uQW5kVmVyaWZpY2F0aW9uU3VwcG9ydCI6Ik5PTkUiLCJhdXRoZW50aWNhdGlvblN1cHBvcnQiOiJOT05FIiwic2VydmljZUlzb2xhdGlvblN1cHBvcnQiOiJOT05FIiwiaW50ZWdyaXR5UHJvdGVjdGlvblNjb3BlIjoiTk9ORSIsImFwcEV4ZWN1dGlvblJlc291cmNlcyI6Ik5PTkUiLCJkYXRhVXNhZ2VDb250cm9sU3VwcG9ydCI6Ik5PTkUiLCJhdWRpdExvZ2dpbmciOiJOT05FIiwibG9jYWxEYXRhQ29uZmlkZW50aWFsaXR5IjoiTk9ORSJ9fX0sImlhdCI6MTU0MDM4ODc1NX0.3gEV3OB-Gf_Z4Hv6H5iQpC7OEoBvcEV887uOFjgC7jb1vBujT_qyVk3ETtZSEKUd2izChlE4MjskbhW-7I6dNvYfZz_6Hif9iH0dMsncPair5aph7vsPpH4V0AjiKXBqJrDqDGZeZxZuqcD6RmQjTvSDpVKj120xRbG_GgQg5jVJa427fkIS792vg078d7BlBfWUeYT3HBLE-fFNpQ6FIGA559O70TyXbxk-POkUWDE2cRm_fk-qvpTVDr79YYpPNuLc_0HgSzZJtXuT_Hn2hScrkYKCFJivsqI6f3Z1SvsGGIX5aTE_YSIEULScaRcq5M0u4ze1ynnnbtL4r59tig"
- * }
- * }
- * --msgpart
- * Content-Type: application/json
- * Content-Disposition: form-data; name="payload"
+ * { "@type" : "ids:ConnectorAvailableMessage", "id" :
+ * "http://industrialdataspace.org/connectorAvailableMessage/34d761cf-5ca4-4a77-a7f4-b14d8f75636a",
+ * "issued" : "2018-10-25T11:37:08.245Z", "modelVersion" : "1.0.1-SNAPSHOT", "issuerConnector" :
+ * "https://companyA.com/connector/59a68243-dd96-4c8d-88a9-0f0e03e13b1b", "securityToken" : {
+ * "@type" : "ids:Token", "id" :
+ * "http://industrialdataspace.org/token/e43c08e1-157b-4207-94a8-754e53f48839", "tokenFormat" :
+ * "https://w3id.org/idsa/code/tokenformat/JWT", "tokenValue" :
+ * "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJEQVBTIERDIiwiYXVkIjoiSURTX0RDX0FTIiwic3ViIjoiREFQUyByZXNwb25zZSB0b2tlbiIsIm5hbWUiOiJEeW5hbWljIEF0dHJpYnV0ZXMgUHJvdmlzaW9uIFNlcnZpY2UgJ0RBUFMnIChlZGl0aW9uICdEZXZlbG9wZXJzIENvbW11bml0eScpIiwiZXhwIjoxNTQwMzkyMzU1MDI2LCJASURTIjp7IkBjb250ZXh0Ijp7IlNlY3VyaXR5UHJvZmlsZSI6Imh0dHBzOi8vc2NoZW1hLmluZHVzdHJpYWxkYXRhc3BhY2Uub3JnL3NlY3VyaXR5UHJvZmlsZS8iLCJEYXRhVXNhZ2VDb250cm9sIjoiaHR0cHM6Ly9zY2hlbWEuaW5kdXN0cmlhbGRhdGFzcGFjZS5vcmcvc2VjdXJpdHlQcm9maWxlL2RhdGFVc2FnZUNvbnRyb2xTdXBwb3J0In0sIkB0eXBlIjoicHJvZmlsZSIsInByb2ZpbGUiOnsiaWRzaWQiOiJodHRwOi8vd3d3Lm5pY29zLXJkLmNvbS9JRFMvQ29ubmVjdG9ycy9icm8tZGMiLCJAdHlwZSI6IlNlY3VyaXR5UHJvZmlsZSIsIlNlY3VyaXR5UHJvZmlsZSI6eyJpbnRlZ3JpdHlQcm90ZWN0aW9uQW5kVmVyaWZpY2F0aW9uU3VwcG9ydCI6Ik5PTkUiLCJhdXRoZW50aWNhdGlvblN1cHBvcnQiOiJOT05FIiwic2VydmljZUlzb2xhdGlvblN1cHBvcnQiOiJOT05FIiwiaW50ZWdyaXR5UHJvdGVjdGlvblNjb3BlIjoiTk9ORSIsImFwcEV4ZWN1dGlvblJlc291cmNlcyI6Ik5PTkUiLCJkYXRhVXNhZ2VDb250cm9sU3VwcG9ydCI6Ik5PTkUiLCJhdWRpdExvZ2dpbmciOiJOT05FIiwibG9jYWxEYXRhQ29uZmlkZW50aWFsaXR5IjoiTk9ORSJ9fX0sImlhdCI6MTU0MDM4ODc1NX0.3gEV3OB-Gf_Z4Hv6H5iQpC7OEoBvcEV887uOFjgC7jb1vBujT_qyVk3ETtZSEKUd2izChlE4MjskbhW-7I6dNvYfZz_6Hif9iH0dMsncPair5aph7vsPpH4V0AjiKXBqJrDqDGZeZxZuqcD6RmQjTvSDpVKj120xRbG_GgQg5jVJa427fkIS792vg078d7BlBfWUeYT3HBLE-fFNpQ6FIGA559O70TyXbxk-POkUWDE2cRm_fk-qvpTVDr79YYpPNuLc_0HgSzZJtXuT_Hn2hScrkYKCFJivsqI6f3Z1SvsGGIX5aTE_YSIEULScaRcq5M0u4ze1ynnnbtL4r59tig"
+ * } } --msgpart Content-Type: application/json Content-Disposition: form-data; name="payload"
  *
- * {
- * "@type" : "ids:BaseConnector",
- * "id" : "https://companyA.com/connector/59a68243-dd96-4c8d-88a9-0f0e03e13b1b",
- * "defaultHost" : {
- * "@type" : "ids:Host",
- * "id" : "http://industrialdataspace.org/host/73171c77-10d1-4e12-b04e-f696c467897e",
- * "protocol" : "https://w3id.org/idsa/code/protocol/HTTP",
- * "accessUrl" : "http://companyA.com/ids/connector"
- * },
- * "curator" : "http://companyB.com/ids/participant",
- * "maintainer" : "http://companyA.com/ids/participant",
- * "securityProfile" : {
- * "@type" : "ids:SecurityProfile",
- * "id" : "http://industrialdataspace.org/securityProfile/75f722e4-4165-4d06-b296-2cdfef39dca9",
- * "basedOn" : [ "PredefinedSecurityProfile", "https://w3id.org/idsa/core/Level0SecurityProfile" ]
- * },
- * "inboundModelVersions" : [ "1.0.1-SNAPSHOT" ],
- * "outboundModelVersion" : "1.0.1-SNAPSHOT",
- * "catalog" : {
- * "@type" : "ids:Catalog",
- * "id" : "http://industrialdataspace.org/catalog/04b84cfd-b28c-4d22-b936-ee899900294a",
- * "offers" : [ {
- * "@type" : "ids:Resource",
- * "id" : "http://industrialdataspace.org/resource/2e8ceebd-43f8-41c9-8225-a763fe83931a",
- * "titles" : [ {
- * "@value" : "Quarterly Business Report",
- * "@language" : "en"
- * } ],
- * "descriptions" : [ {
- * "@value" : "Dataset without retrieval interface and further description.",
- * "@language" : "en"
- * } ]
- * } ]
- * }
- * }
- * --msgpart--
- * </code>
+ * { "@type" : "ids:BaseConnector", "id" :
+ * "https://companyA.com/connector/59a68243-dd96-4c8d-88a9-0f0e03e13b1b", "defaultHost" : { "@type"
+ * : "ids:Host", "id" : "http://industrialdataspace.org/host/73171c77-10d1-4e12-b04e-f696c467897e",
+ * "protocol" : "https://w3id.org/idsa/code/protocol/HTTP", "accessUrl" :
+ * "http://companyA.com/ids/connector" }, "curator" : "http://companyB.com/ids/participant",
+ * "maintainer" : "http://companyA.com/ids/participant", "securityProfile" : { "@type" :
+ * "ids:SecurityProfile", "id" :
+ * "http://industrialdataspace.org/securityProfile/75f722e4-4165-4d06-b296-2cdfef39dca9", "basedOn"
+ * : [ "PredefinedSecurityProfile", "https://w3id.org/idsa/core/Level0SecurityProfile" ] },
+ * "inboundModelVersions" : [ "1.0.1-SNAPSHOT" ], "outboundModelVersion" : "1.0.1-SNAPSHOT",
+ * "catalog" : { "@type" : "ids:Catalog", "id" :
+ * "http://industrialdataspace.org/catalog/04b84cfd-b28c-4d22-b936-ee899900294a", "offers" : [ {
+ * "@type" : "ids:Resource", "id" :
+ * "http://industrialdataspace.org/resource/2e8ceebd-43f8-41c9-8225-a763fe83931a", "titles" : [ {
+ * "@value" : "Quarterly Business Report", "@language" : "en" } ], "descriptions" : [ { "@value" :
+ * "Dataset without retrieval interface and further description.", "@language" : "en" } ] } ] } }
+ * --msgpart-- </code>
  *
  * @author Julian Schütte (julian.schuette@aisec.fraunhofer.de)
  * @author Michael Lux (michael.lux@aisec.fraunhofer.de)
@@ -115,8 +86,9 @@ class MultiPartOutputProcessor : Processor {
 
         // Use the self-description provided by the InfoModelManager as "header"
         multipartEntityBuilder.addPart(
-                MultiPartConstants.MULTIPART_HEADER,
-                StringBody(rdfHeader, ContentType.APPLICATION_JSON))
+            MultiPartConstants.MULTIPART_HEADER,
+            StringBody(rdfHeader, ContentType.APPLICATION_JSON)
+        )
 
         exchange.message.let {
             // Get the Exchange body and turn it into the second part named "payload"
@@ -125,20 +97,26 @@ class MultiPartOutputProcessor : Processor {
                 val payload = it.getBody(InputStream::class.java)
                 if (payload != null) {
                     multipartEntityBuilder.addPart(
-                            MultiPartConstants.MULTIPART_PAYLOAD,
-                            InputStreamBody(
-                                    payload,
-                                    ContentType.create(contentTypeString.toString()
-                                            .split(";").first())))
+                        MultiPartConstants.MULTIPART_PAYLOAD,
+                        InputStreamBody(
+                            payload,
+                            ContentType.create(contentTypeString.toString().split(";").first())
+                        )
+                    )
                 }
             } else {
                 val payload = it.getBody(String::class.java)
                 if (payload != null) {
                     multipartEntityBuilder.addPart(
-                            MultiPartConstants.MULTIPART_PAYLOAD,
-                            StringBody(payload, ContentType.create(
-                                    ContentType.TEXT_PLAIN.mimeType,
-                                    StandardCharsets.UTF_8)))
+                        MultiPartConstants.MULTIPART_PAYLOAD,
+                        StringBody(
+                            payload,
+                            ContentType.create(
+                                ContentType.TEXT_PLAIN.mimeType,
+                                StandardCharsets.UTF_8
+                            )
+                        )
+                    )
                 }
             }
 
@@ -150,4 +128,4 @@ class MultiPartOutputProcessor : Processor {
             it.body = multipartEntityBuilder.build().content
         }
     }
-}
\ No newline at end of file
+}
diff --git a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.kt b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.kt
index e12e61f1a..ad545312c 100644
--- a/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.kt
+++ b/camel-multipart-processor/src/main/kotlin/de/fhg/aisec/ids/camel/multipart/MultiPartStringParser.kt
@@ -19,17 +19,18 @@
  */
 package de.fhg.aisec.ids.camel.multipart
 
-import org.apache.commons.fileupload.FileUpload
-import org.apache.commons.fileupload.UploadContext
-import org.apache.commons.fileupload.disk.DiskFileItemFactory
-import org.slf4j.LoggerFactory
 import java.io.BufferedReader
 import java.io.IOException
 import java.io.InputStream
 import java.io.InputStreamReader
 import java.nio.charset.StandardCharsets
+import org.apache.commons.fileupload.FileUpload
+import org.apache.commons.fileupload.UploadContext
+import org.apache.commons.fileupload.disk.DiskFileItemFactory
+import org.slf4j.LoggerFactory
 
-class MultiPartStringParser internal constructor(private val multipartInput: InputStream) : UploadContext {
+class MultiPartStringParser internal constructor(private val multipartInput: InputStream) :
+    UploadContext {
     private var boundary: String? = null
     var header: String? = null
     var payload: InputStream? = null
@@ -52,8 +53,11 @@ class MultiPartStringParser internal constructor(private val multipartInput: Inp
     init {
         multipartInput.mark(10240)
         BufferedReader(InputStreamReader(multipartInput, StandardCharsets.UTF_8)).use { reader ->
-            val boundaryLine = reader.readLine()
-                    ?: throw IOException("Message body appears to be empty, expected multipart boundary.")
+            val boundaryLine =
+                reader.readLine()
+                    ?: throw IOException(
+                        "Message body appears to be empty, expected multipart boundary."
+                    )
             boundary = boundaryLine.substring(2).trim { it <= ' ' }
             multipartInput.reset()
             for (i in FileUpload(DiskFileItemFactory()).parseRequest(this)) {
@@ -78,4 +82,4 @@ class MultiPartStringParser internal constructor(private val multipartInput: Inp
             }
         }
     }
-}
\ No newline at end of file
+}
diff --git a/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeChallengeServer.kt b/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeChallengeServer.kt
index b1251c6fe..d2323bce0 100644
--- a/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeChallengeServer.kt
+++ b/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeChallengeServer.kt
@@ -21,11 +21,11 @@ package de.fhg.aisec.ids.acme
 
 import de.fhg.aisec.ids.api.acme.AcmeClient
 import fi.iki.elonen.NanoHTTPD
-import org.slf4j.LoggerFactory
 import java.io.ByteArrayInputStream
 import java.io.IOException
 import java.nio.charset.StandardCharsets
 import java.util.regex.Pattern
+import org.slf4j.LoggerFactory
 
 object AcmeChallengeServer {
     const val TEXT_PLAIN = "text/plain"
@@ -35,32 +35,40 @@ object AcmeChallengeServer {
 
     @Throws(IOException::class)
     fun startServer(acmeClient: AcmeClient, challengePort: Int) {
-        server = object : NanoHTTPD(challengePort) {
-            override fun serve(session: NanoHTTPD.IHTTPSession): NanoHTTPD.Response {
-                val tokenMatcher = ACME_REGEX.matcher(session.uri)
-                if (!tokenMatcher.matches()) {
-                    LOG.error("Received invalid ACME challenge {} ", session.uri)
-                    return NanoHTTPD.newFixedLengthResponse(
-                            NanoHTTPD.Response.Status.BAD_REQUEST, TEXT_PLAIN, null)
-                }
-                val token = tokenMatcher.group(1)
-                LOG.info("Received ACME challenge: {}", token)
-                val response = acmeClient.getChallengeAuthorization(token)
-                return if (response == null) {
-                    LOG.warn("ACME challenge is unknown")
-                    NanoHTTPD.newFixedLengthResponse(
-                            NanoHTTPD.Response.Status.NOT_FOUND, TEXT_PLAIN, null)
-                } else {
-                    LOG.info("ACME challenge response: {}", response)
-                    val responseBytes = response.toByteArray(StandardCharsets.UTF_8)
-                    NanoHTTPD.newFixedLengthResponse(
+        server =
+            object : NanoHTTPD(challengePort) {
+                override fun serve(session: NanoHTTPD.IHTTPSession): NanoHTTPD.Response {
+                    val tokenMatcher = ACME_REGEX.matcher(session.uri)
+                    if (!tokenMatcher.matches()) {
+                        LOG.error("Received invalid ACME challenge {} ", session.uri)
+                        return NanoHTTPD.newFixedLengthResponse(
+                            NanoHTTPD.Response.Status.BAD_REQUEST,
+                            TEXT_PLAIN,
+                            null
+                        )
+                    }
+                    val token = tokenMatcher.group(1)
+                    LOG.info("Received ACME challenge: {}", token)
+                    val response = acmeClient.getChallengeAuthorization(token)
+                    return if (response == null) {
+                        LOG.warn("ACME challenge is unknown")
+                        NanoHTTPD.newFixedLengthResponse(
+                            NanoHTTPD.Response.Status.NOT_FOUND,
+                            TEXT_PLAIN,
+                            null
+                        )
+                    } else {
+                        LOG.info("ACME challenge response: {}", response)
+                        val responseBytes = response.toByteArray(StandardCharsets.UTF_8)
+                        NanoHTTPD.newFixedLengthResponse(
                             NanoHTTPD.Response.Status.OK,
                             TEXT_PLAIN,
                             ByteArrayInputStream(responseBytes),
-                            responseBytes.size.toLong())
+                            responseBytes.size.toLong()
+                        )
+                    }
                 }
             }
-        }
         server?.let {
             it.start(NanoHTTPD.SOCKET_READ_TIMEOUT, true)
             LOG.debug("NanoHTTPD started")
diff --git a/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeClientService.kt b/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeClientService.kt
index 1a4d00203..114bbdbf6 100644
--- a/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeClientService.kt
+++ b/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/AcmeClientService.kt
@@ -23,18 +23,6 @@ import de.fhg.aisec.ids.api.acme.AcmeClient
 import de.fhg.aisec.ids.api.acme.AcmeTermsOfService
 import de.fhg.aisec.ids.api.acme.SslContextFactoryReloadable
 import de.fhg.aisec.ids.api.settings.Settings
-import org.apache.karaf.scheduler.Scheduler
-import org.osgi.service.component.annotations.Activate
-import org.osgi.service.component.annotations.Component
-import org.osgi.service.component.annotations.Reference
-import org.osgi.service.component.annotations.ReferenceCardinality
-import org.shredzone.acme4j.*
-import org.shredzone.acme4j.challenge.Http01Challenge
-import org.shredzone.acme4j.exception.AcmeException
-import org.shredzone.acme4j.exception.AcmeNetworkException
-import org.shredzone.acme4j.util.CSRBuilder
-import org.shredzone.acme4j.util.KeyPairUtils
-import org.slf4j.LoggerFactory
 import java.io.IOException
 import java.io.InputStreamReader
 import java.net.URI
@@ -49,29 +37,45 @@ import java.security.cert.X509Certificate
 import java.time.LocalDateTime
 import java.time.format.DateTimeFormatter
 import java.util.*
+import org.apache.karaf.scheduler.Scheduler
+import org.osgi.service.component.annotations.Activate
+import org.osgi.service.component.annotations.Component
+import org.osgi.service.component.annotations.Reference
+import org.osgi.service.component.annotations.ReferenceCardinality
+import org.shredzone.acme4j.*
+import org.shredzone.acme4j.challenge.Http01Challenge
+import org.shredzone.acme4j.exception.AcmeException
+import org.shredzone.acme4j.exception.AcmeNetworkException
+import org.shredzone.acme4j.util.CSRBuilder
+import org.shredzone.acme4j.util.KeyPairUtils
+import org.slf4j.LoggerFactory
 
-@Component(immediate = true, name = "ids-acme-client",
-        // Every day at 3:00 (3 am)
-        property = [Scheduler.PROPERTY_SCHEDULER_EXPRESSION + "=0 0 3 * * ?"])
+@Component(
+    immediate = true,
+    name = "ids-acme-client",
+    // Every day at 3:00 (3 am)
+    property = [Scheduler.PROPERTY_SCHEDULER_EXPRESSION + "=0 0 3 * * ?"]
+)
 class AcmeClientService : AcmeClient, Runnable {
 
     /*
-   * The following block subscribes this component to the Settings Service
-   */
-    @Reference(cardinality = ReferenceCardinality.OPTIONAL)
-    private var settings: Settings? = null
+     * The following block subscribes this component to the Settings Service
+     */
+    @Reference(cardinality = ReferenceCardinality.OPTIONAL) private var settings: Settings? = null
 
     private val sslReloadables = Collections.synchronizedSet(HashSet<SslContextFactoryReloadable>())
     /*
-   * The following block subscribes this component to any SslContextFactoryReloader.
-   *
-   * A SslContextFactoryReloader is expected to refresh all TLS connections with new
-   * certificates from the key store.
-   */
-    @Reference(name = "dynamic-tls-reload-service",
-            service = SslContextFactoryReloadable::class,
-            cardinality = ReferenceCardinality.MULTIPLE,
-            unbind = "unbindSslContextFactoryReloadable")
+     * The following block subscribes this component to any SslContextFactoryReloader.
+     *
+     * A SslContextFactoryReloader is expected to refresh all TLS connections with new
+     * certificates from the key store.
+     */
+    @Reference(
+        name = "dynamic-tls-reload-service",
+        service = SslContextFactoryReloadable::class,
+        cardinality = ReferenceCardinality.MULTIPLE,
+        unbind = "unbindSslContextFactoryReloadable"
+    )
     private fun bindSslContextFactoryReloadable(reloadable: SslContextFactoryReloadable) {
         LOG.info("Bound SslContextFactoryReloadable in AcmeClientService")
         this.sslReloadables.add(reloadable)
@@ -94,13 +98,10 @@ class AcmeClientService : AcmeClient, Runnable {
             } catch (ioe: IOException) {
                 return AcmeTermsOfService(tosUri!!.toString(), true, null)
             }
-
         } catch (e: Exception) {
             LOG.error("ACME ToS retrieval error", e)
-            return AcmeTermsOfService(null, false,
-                    e.javaClass.simpleName + ": " + e.message)
+            return AcmeTermsOfService(null, false, e.javaClass.simpleName + ": " + e.message)
         }
-
     }
 
     override fun getChallengeAuthorization(challenge: String): String? {
@@ -108,35 +109,32 @@ class AcmeClientService : AcmeClient, Runnable {
     }
 
     private fun ensureKeys(targetDirectory: Path) {
-        Arrays.asList("acme.key", "domain.key")
-                .forEach { keyFile ->
-                    val keyFilePath = targetDirectory.resolve(keyFile)
-                    if (!keyFilePath.toFile().exists()) {
-                        val keyPair = KeyPairUtils.createKeyPair(4096)
-                        try {
-                            Files.newBufferedWriter(keyFilePath, StandardCharsets.UTF_8)
-                                    .use { fileWriter ->
-                                        KeyPairUtils.writeKeyPair(keyPair, fileWriter)
-                                        LOG.info(
-                                                "Successfully created RSA KeyPair: {}",
-                                                targetDirectory.resolve(keyFile)
-                                                        .toAbsolutePath())
-                                    }
-                        } catch (e: IOException) {
-                            LOG.error("Could not write key pair", e)
-                            throw AcmeClientException(e)
-                        }
-
+        Arrays.asList("acme.key", "domain.key").forEach { keyFile ->
+            val keyFilePath = targetDirectory.resolve(keyFile)
+            if (!keyFilePath.toFile().exists()) {
+                val keyPair = KeyPairUtils.createKeyPair(4096)
+                try {
+                    Files.newBufferedWriter(keyFilePath, StandardCharsets.UTF_8).use { fileWriter ->
+                        KeyPairUtils.writeKeyPair(keyPair, fileWriter)
+                        LOG.info(
+                            "Successfully created RSA KeyPair: {}",
+                            targetDirectory.resolve(keyFile).toAbsolutePath()
+                        )
                     }
+                } catch (e: IOException) {
+                    LOG.error("Could not write key pair", e)
+                    throw AcmeClientException(e)
                 }
+            }
+        }
     }
 
     private fun getACMEKeyPair(targetDirectory: Path): KeyPair {
         try {
-            Files.newBufferedReader(
-                    targetDirectory.resolve("acme.key"),
-                    StandardCharsets.UTF_8).use {
-                fileReader -> return KeyPairUtils.readKeyPair(fileReader) }
+            Files.newBufferedReader(targetDirectory.resolve("acme.key"), StandardCharsets.UTF_8)
+                .use { fileReader ->
+                    return KeyPairUtils.readKeyPair(fileReader)
+                }
         } catch (e: IOException) {
             LOG.error("Could not read ACME key pair", e)
             throw AcmeClientException(e)
@@ -144,7 +142,11 @@ class AcmeClientService : AcmeClient, Runnable {
     }
 
     override fun renewCertificate(
-            targetDirectory: Path, acmeServerUri: URI, domains: Array<String>, challengePort: Int) {
+        targetDirectory: Path,
+        acmeServerUri: URI,
+        domains: Array<String>,
+        challengePort: Int
+    ) {
         try {
             ensureKeys(targetDirectory)
 
@@ -158,7 +160,8 @@ class AcmeClientService : AcmeClient, Runnable {
             while (true) {
                 try {
                     val session = Session(acmeServerUri)
-                    account = AccountBuilder()
+                    account =
+                        AccountBuilder()
                             .agreeToTermsOfService()
                             .useKeyPair(getACMEKeyPair(targetDirectory))
                             .create(session)
@@ -168,8 +171,10 @@ class AcmeClientService : AcmeClient, Runnable {
                     break
                 } catch (e: AcmeNetworkException) {
                     // In case of ACME error, session creation has failed; return immediately.
-                    LOG.warn("Could not connect to ACME server {}. Will not create certificate.",
-                            acmeServerUri)
+                    LOG.warn(
+                        "Could not connect to ACME server {}. Will not create certificate.",
+                        acmeServerUri
+                    )
                     return
                 } catch (e: AcmeException) {
                     // In case of ACME error, session creation has failed; return immediately.
@@ -181,8 +186,10 @@ class AcmeClientService : AcmeClient, Runnable {
                         return
                     } else {
                         LOG.error(
-                                "Got an IllegalArgumentException, maybe the ACME protocol handler "
-                                        + "is not available yet. Retry in 10 seconds...", iae)
+                            "Got an IllegalArgumentException, maybe the ACME protocol handler " +
+                                "is not available yet. Retry in 10 seconds...",
+                            iae
+                        )
                         // Wait 10 seconds before trying again
                         try {
                             Thread.sleep(10000)
@@ -190,10 +197,8 @@ class AcmeClientService : AcmeClient, Runnable {
                             LOG.error("Interrupt during 10-seconds-delay", ie)
                             Thread.currentThread().interrupt()
                         }
-
                     }
                 }
-
             }
 
             // Start ACME challenge responder
@@ -203,91 +208,111 @@ class AcmeClientService : AcmeClient, Runnable {
             try {
                 order = account.newOrder().domains(*domains).create()
                 order
-                        .authorizations
-                        .parallelStream()
-                        .map<Http01Challenge> { authorization ->
-                            authorization.findChallenge(Http01Challenge.TYPE)}
-                        .forEach { challenge ->
-                            challengeMap[challenge.token] = challenge.authorization
-                            try {
-                                // solve the challenge
-                                challenge.trigger()
-                                do {
-                                    try {
-                                        Thread.sleep(1000L)
-                                    } catch (ie: InterruptedException) {
-                                        LOG.error("Error while doing 1 second sleep")
-                                        Thread.currentThread().interrupt()
-                                    }
-
-                                    challenge.update()
-                                    LOG.info(challenge.status.toString())
-                                } while (challenge.status == Status.PENDING)
-                                if (challenge.status != Status.VALID) {
-                                    throw AcmeClientException("Failed to successfully solve challenge")
+                    .authorizations
+                    .parallelStream()
+                    .map<Http01Challenge> { authorization ->
+                        authorization.findChallenge(Http01Challenge.TYPE)
+                    }
+                    .forEach { challenge ->
+                        challengeMap[challenge.token] = challenge.authorization
+                        try {
+                            // solve the challenge
+                            challenge.trigger()
+                            do {
+                                try {
+                                    Thread.sleep(1000L)
+                                } catch (ie: InterruptedException) {
+                                    LOG.error("Error while doing 1 second sleep")
+                                    Thread.currentThread().interrupt()
                                 }
-                            } catch (e: AcmeException) {
-                                throw AcmeClientException(e)
+
+                                challenge.update()
+                                LOG.info(challenge.status.toString())
+                            } while (challenge.status == Status.PENDING)
+                            if (challenge.status != Status.VALID) {
+                                throw AcmeClientException("Failed to successfully solve challenge")
                             }
+                        } catch (e: AcmeException) {
+                            throw AcmeClientException(e)
                         }
+                    }
             } catch (e: AcmeException) {
                 LOG.error("Error while placing certificate order", e)
                 throw AcmeClientException(e)
             }
 
-            val timestamp = LocalDateTime.now().format(DateTimeFormatter
-                    .ofPattern("yyyy-MM-dd_HH:mm:ss.SSS"))
+            val timestamp =
+                LocalDateTime.now().format(DateTimeFormatter.ofPattern("yyyy-MM-dd_HH:mm:ss.SSS"))
             try {
                 Files.newBufferedReader(
-                        targetDirectory.resolve("domain.key"), StandardCharsets.UTF_8).use { keyReader ->
-                    Files.newBufferedWriter(
-                            targetDirectory.resolve("csr_ $timestamp.csr"),
-                            StandardCharsets.UTF_8).use { csrWriter ->
+                        targetDirectory.resolve("domain.key"),
+                        StandardCharsets.UTF_8
+                    )
+                    .use { keyReader ->
                         Files.newBufferedWriter(
-                                targetDirectory.resolve("cert-chain_$timestamp.crt"),
-                                StandardCharsets.UTF_8).use { chainWriter ->
-                            val domainKeyPair = KeyPairUtils.readKeyPair(keyReader)
+                                targetDirectory.resolve("csr_ $timestamp.csr"),
+                                StandardCharsets.UTF_8
+                            )
+                            .use { csrWriter ->
+                                Files.newBufferedWriter(
+                                        targetDirectory.resolve("cert-chain_$timestamp.crt"),
+                                        StandardCharsets.UTF_8
+                                    )
+                                    .use { chainWriter ->
+                                        val domainKeyPair = KeyPairUtils.readKeyPair(keyReader)
 
-                            val csrb = CSRBuilder()
-                            csrb.addDomains(*domains)
-                            // TODO: Retrieve such information from settings/info-model
-                            csrb.setOrganization("Trusted Connector")
-                            csrb.sign(domainKeyPair)
-                            csrb.write(csrWriter)
-                            order.execute(csrb.encoded)
+                                        val csrb = CSRBuilder()
+                                        csrb.addDomains(*domains)
+                                        // TODO: Retrieve such information from settings/info-model
+                                        csrb.setOrganization("Trusted Connector")
+                                        csrb.sign(domainKeyPair)
+                                        csrb.write(csrWriter)
+                                        order.execute(csrb.encoded)
 
-                            // Download and save certificate
-                            val certificate = order.certificate
-                            certificate!!.writeCertificate(chainWriter)
-                            // Create PKCS12 keystore from key and certificate chain
-                            val keyStorePath = targetDirectory.resolve("keystore_$timestamp.p12")
-                            try {
-                                Files.newOutputStream(keyStorePath).use { ksOutputStream ->
-                                    val store = KeyStore.getInstance("PKCS12")
-                                    store.load(null)
-                                    store.setKeyEntry(
-                                            "ids",
-                                            domainKeyPair.private,
-                                            "password".toCharArray(),
-                                            certificate.certificateChain.toTypedArray<X509Certificate>())
-                                    store.store(ksOutputStream, "password".toCharArray())
-                                    // If there is a SslContextFactoryReloader, make it refresh the TLS connections.
-                                    LOG.info(
-                                            "Reloading of {} SslContextFactoryReloadable implementations...",
-                                            sslReloadables.size)
-                                    sslReloadables.forEach { r -> r.reload(keyStorePath.toString()) }
-                                }
-                            } catch (e: Exception) {
-                                LOG.error("Error whilst creating new KeyStore!", e)
-                            }
+                                        // Download and save certificate
+                                        val certificate = order.certificate
+                                        certificate!!.writeCertificate(chainWriter)
+                                        // Create PKCS12 keystore from key and certificate chain
+                                        val keyStorePath =
+                                            targetDirectory.resolve("keystore_$timestamp.p12")
+                                        try {
+                                            Files.newOutputStream(keyStorePath).use { ksOutputStream
+                                                ->
+                                                val store = KeyStore.getInstance("PKCS12")
+                                                store.load(null)
+                                                store.setKeyEntry(
+                                                    "ids",
+                                                    domainKeyPair.private,
+                                                    "password".toCharArray(),
+                                                    certificate.certificateChain.toTypedArray<
+                                                        X509Certificate>()
+                                                )
+                                                store.store(
+                                                    ksOutputStream,
+                                                    "password".toCharArray()
+                                                )
+                                                // If there is a SslContextFactoryReloader, make it
+                                                // refresh the TLS connections.
+                                                LOG.info(
+                                                    "Reloading of {} SslContextFactoryReloadable implementations...",
+                                                    sslReloadables.size
+                                                )
+                                                sslReloadables.forEach { r ->
+                                                    r.reload(keyStorePath.toString())
+                                                }
+                                            }
+                                        } catch (e: Exception) {
+                                            LOG.error("Error whilst creating new KeyStore!", e)
+                                        }
 
-                            Files.copy(
-                                    keyStorePath,
-                                    targetDirectory.resolve(KEYSTORE_LATEST),
-                                    StandardCopyOption.REPLACE_EXISTING)
-                        }
+                                        Files.copy(
+                                            keyStorePath,
+                                            targetDirectory.resolve(KEYSTORE_LATEST),
+                                            StandardCopyOption.REPLACE_EXISTING
+                                        )
+                                    }
+                            }
                     }
-                }
             } catch (e: IOException) {
                 LOG.error("Could not read ACME key pair", e)
                 throw AcmeClientException(e)
@@ -295,7 +320,6 @@ class AcmeClientService : AcmeClient, Runnable {
                 LOG.error("Error while retrieving certificate", e)
                 throw AcmeClientException(e)
             }
-
         } catch (e: IOException) {
             LOG.error("Failed to start HTTP server", e)
             throw AcmeClientException(e)
@@ -306,7 +330,11 @@ class AcmeClientService : AcmeClient, Runnable {
     }
 
     fun renewalCheck(
-            targetDirectory: Path, acmeServerUrl: String, domains: Array<String>, challengePort: Int) {
+        targetDirectory: Path,
+        acmeServerUrl: String,
+        domains: Array<String>,
+        challengePort: Int
+    ) {
         if (acmeServerUrl.isEmpty()) {
             LOG.info("ACME server URL is empty, skipping renewal check.")
             return
@@ -319,26 +347,39 @@ class AcmeClientService : AcmeClient, Runnable {
                 val now = Date().time
                 val notBeforeTime = cert.notBefore.time
                 val notAfterTime = cert.notAfter.time
-                val validityPercentile = 100.0 * (notAfterTime - now).toDouble() /
+                val validityPercentile =
+                    100.0 * (notAfterTime - now).toDouble() /
                         (notAfterTime - notBeforeTime).toDouble()
                 if (LOG.isInfoEnabled) {
                     LOG.info(
-                            String.format(
-                                    "Remaining relative validity span (%s): %.2f%%",
-                                    targetDirectory.toString(), validityPercentile))
+                        String.format(
+                            "Remaining relative validity span (%s): %.2f%%",
+                            targetDirectory.toString(),
+                            validityPercentile
+                        )
+                    )
                 }
                 if (validityPercentile < RENEWAL_THRESHOLD) {
                     if (LOG.isInfoEnabled) {
                         LOG.info(
-                                String.format(
-                                        "%.2f < %.2f, requesting renewal",
-                                        validityPercentile, RENEWAL_THRESHOLD))
+                            String.format(
+                                "%.2f < %.2f, requesting renewal",
+                                validityPercentile,
+                                RENEWAL_THRESHOLD
+                            )
+                        )
                     }
-                    // Do the renewal in a separate Thread such that other stuff can be executed in parallel.
-                    // This is especially important if the ACME protocol implementations are missing upon boot.
+                    // Do the renewal in a separate Thread such that other stuff can be executed in
+                    // parallel.
+                    // This is especially important if the ACME protocol implementations are missing
+                    // upon boot.
                     val t = Thread {
                         renewCertificate(
-                                targetDirectory, URI.create(acmeServerUrl), domains, challengePort)
+                            targetDirectory,
+                            URI.create(acmeServerUrl),
+                            domains,
+                            challengePort
+                        )
                     }
                     t.name = "ACME Renewal Thread"
                     t.isDaemon = true
@@ -348,7 +389,6 @@ class AcmeClientService : AcmeClient, Runnable {
         } catch (e: Exception) {
             LOG.error("Error in web console keystore renewal check", e)
         }
-
     }
 
     @Activate
@@ -357,15 +397,19 @@ class AcmeClientService : AcmeClient, Runnable {
         try {
             val config = settings!!.connectorConfig
             renewalCheck(
-                    FileSystems.getDefault().getPath("etc", "tls-webconsole"),
-                    config.acmeServerWebcon,
-                    config.acmeDnsWebcon.trim { it <= ' ' }.split("\\s*,\\s*".toRegex())
-                            .dropLastWhile { it.isEmpty() }.toTypedArray(),
-                    config.acmePortWebcon)
+                FileSystems.getDefault().getPath("etc", "tls-webconsole"),
+                config.acmeServerWebcon,
+                config
+                    .acmeDnsWebcon
+                    .trim { it <= ' ' }
+                    .split("\\s*,\\s*".toRegex())
+                    .dropLastWhile { it.isEmpty() }
+                    .toTypedArray(),
+                config.acmePortWebcon
+            )
         } catch (e: Exception) {
             LOG.error("ACME Renewal task failed", e)
         }
-
     }
 
     companion object {
diff --git a/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/provider/BoulderAcmeProvider.kt b/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/provider/BoulderAcmeProvider.kt
index 152caff99..50acfea23 100644
--- a/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/provider/BoulderAcmeProvider.kt
+++ b/ids-acme/src/main/kotlin/de/fhg/aisec/ids/acme/provider/BoulderAcmeProvider.kt
@@ -19,12 +19,12 @@
  */
 package de.fhg.aisec.ids.acme.provider
 
-import org.shredzone.acme4j.provider.AbstractAcmeProvider
-import org.shredzone.acme4j.provider.AcmeProvider
 import java.net.MalformedURLException
 import java.net.URI
 import java.net.URL
 import java.util.regex.Pattern
+import org.shredzone.acme4j.provider.AbstractAcmeProvider
+import org.shredzone.acme4j.provider.AcmeProvider
 
 /**
  * An [AcmeProvider] for *Boulder*.
@@ -51,7 +51,6 @@ class BoulderAcmeProvider : AbstractAcmeProvider() {
         } catch (ex: MalformedURLException) {
             throw IllegalArgumentException("Bad server URI $serverUri", ex)
         }
-
     }
 
     /**
diff --git a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt
index 792750c4b..e55d10672 100644
--- a/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt
+++ b/ids-api/src/main/java/de/fhg/aisec/ids/api/infomodel/InfoModel.kt
@@ -57,5 +57,4 @@ interface InfoModel {
      * @return Version of infomodel
      */
     val modelVersion: String
-
-}
\ No newline at end of file
+}
diff --git a/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt
index b668859e3..63c1f131c 100644
--- a/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt
+++ b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/ExtensionFunctions.kt
@@ -25,13 +25,14 @@ import java.util.concurrent.TimeUnit
 fun String.runCommand(): String? {
     return try {
         val parts = this.split("\\s".toRegex())
-        val proc = ProcessBuilder(*parts.toTypedArray())
+        val proc =
+            ProcessBuilder(*parts.toTypedArray())
                 .redirectOutput(ProcessBuilder.Redirect.PIPE)
                 .redirectError(ProcessBuilder.Redirect.PIPE)
                 .start()
         proc.waitFor(10, TimeUnit.SECONDS)
         proc.inputStream.bufferedReader().readText()
-    } catch(e: IOException) {
+    } catch (e: IOException) {
         e.printStackTrace()
         null
     }
diff --git a/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt
index c505fa53e..37d7e6e62 100644
--- a/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt
+++ b/ids-api/src/main/kotlin/de/fhg/aisec/ids/api/idscp2/Idscp2UsageControlInterface.kt
@@ -20,18 +20,18 @@
 package de.fhg.aisec.ids.api.idscp2
 
 import de.fraunhofer.iais.eis.ContractAgreement
-import org.apache.camel.Exchange
 import java.net.URI
+import org.apache.camel.Exchange
 
 /**
- * This interface has to be parameterized with the type of the connection objects handled,
- * e.g. AppLayerConnection objects.
- * This avoids the necessity of library dependencies to the module defining this class.
+ * This interface has to be parameterized with the type of the connection objects handled, e.g.
+ * AppLayerConnection objects. This avoids the necessity of library dependencies to the module
+ * defining this class.
  */
 interface Idscp2UsageControlInterface {
     /**
-     * Provides the (Idscp2)Connection object that is linked with the Apache Camel Consumer
-     * which created the particular Exchange object.
+     * Provides the (Idscp2)Connection object that is linked with the Apache Camel Consumer which
+     * created the particular Exchange object.
      */
     fun getExchangeContract(exchange: Exchange): ContractAgreement?
 
@@ -40,4 +40,4 @@ interface Idscp2UsageControlInterface {
     fun protectBody(exchange: Exchange, contractUri: URI)
 
     fun unprotectBody(exchange: Exchange)
-}
\ No newline at end of file
+}
diff --git a/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt b/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt
index 47495e62c..4e83dc66a 100644
--- a/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt
+++ b/ids-container-manager/src/main/java/de/fhg/aisec/ids/cm/impl/docker/DockerCM.kt
@@ -24,7 +24,6 @@ import com.amihaiemil.docker.Docker
 import com.amihaiemil.docker.Images
 import com.amihaiemil.docker.LocalDocker
 import de.fhg.aisec.ids.api.cm.*
-import org.slf4j.LoggerFactory
 import java.io.File
 import java.io.IOException
 import java.net.InetAddress
@@ -35,7 +34,7 @@ import java.util.*
 import java.util.stream.Collectors
 import javax.json.*
 import kotlin.math.abs
-
+import org.slf4j.LoggerFactory
 
 /**
  * ContainerManager implementation for Docker containers.
@@ -47,8 +46,10 @@ class DockerCM : ContainerManager {
     companion object {
         private val LOG = LoggerFactory.getLogger(DockerCM::class.java)
         private lateinit var DOCKER_CLIENT: Docker
-        private val PERIOD_UNITS = listOf<TemporalUnit>(ChronoUnit.YEARS, ChronoUnit.MONTHS, ChronoUnit.DAYS)
-        private val DURATION_UNITS = listOf<TemporalUnit>(ChronoUnit.HOURS, ChronoUnit.MINUTES, ChronoUnit.SECONDS)
+        private val PERIOD_UNITS =
+            listOf<TemporalUnit>(ChronoUnit.YEARS, ChronoUnit.MONTHS, ChronoUnit.DAYS)
+        private val DURATION_UNITS =
+            listOf<TemporalUnit>(ChronoUnit.HOURS, ChronoUnit.MINUTES, ChronoUnit.SECONDS)
         /**
          * Returns true if Docker is supported.
          *
@@ -59,8 +60,9 @@ class DockerCM : ContainerManager {
                 return try {
                     DOCKER_CLIENT.ping()
                 } catch (e: Exception) {
-                    when(e) {
-                        is UninitializedPropertyAccessException -> LOG.warn("Docker client is not available")
+                    when (e) {
+                        is UninitializedPropertyAccessException ->
+                            LOG.warn("Docker client is not available")
                         else -> LOG.error(e.message, e)
                     }
                     false
@@ -68,7 +70,8 @@ class DockerCM : ContainerManager {
             }
 
         init {
-            try { // We have to modify the thread class loader for docker-java-api to find its config
+            try { // We have to modify the thread class loader for docker-java-api to find its
+                // config
                 val threadContextClassLoader = Thread.currentThread().contextClassLoader
                 Thread.currentThread().contextClassLoader = LocalDocker::class.java.classLoader
                 DOCKER_CLIENT = LocalDocker(File("/var/run/docker.sock"))
@@ -79,8 +82,7 @@ class DockerCM : ContainerManager {
         }
 
         /**
-         * Human readable memory sizes
-         * Credits: aioobe, https://stackoverflow.com/questions
+         * Human readable memory sizes Credits: aioobe, https://stackoverflow.com/questions
          * /3758606/how-to-convert-byte-size-into-human-readable-format-in-java
          */
         private fun humanReadableByteCount(bytes: Long): String? {
@@ -133,13 +135,12 @@ class DockerCM : ContainerManager {
     }
 
     private fun getContainerSequence(
-            all: Boolean = false,
-            filters: Map<String, Iterable<String>>? = null,
-            withSize: Boolean = false): Sequence<Container> {
-        val filteredContainers = DOCKER_CLIENT
-                .containers()
-                .filter(filters ?: emptyMap())
-                .withSize(withSize)
+        all: Boolean = false,
+        filters: Map<String, Iterable<String>>? = null,
+        withSize: Boolean = false
+    ): Sequence<Container> {
+        val filteredContainers =
+            DOCKER_CLIENT.containers().filter(filters ?: emptyMap()).withSize(withSize)
         return if (all) {
             filteredContainers.all().asSequence()
         } else {
@@ -148,86 +149,112 @@ class DockerCM : ContainerManager {
     }
 
     private fun getImages(filters: Map<String, Iterable<String>>?): Images {
-        return DOCKER_CLIENT
-                .images()
-                .filter(filters ?: emptyMap())
+        return DOCKER_CLIENT.images().filter(filters ?: emptyMap())
     }
 
     override fun list(onlyRunning: Boolean): List<ApplicationContainer> {
-        return getContainerSequence(!onlyRunning, withSize = true).map { c: Container ->
-            try {
-                val info = c.inspect()
-                val imageInfo = getImage(c)?.inspect()
-                val state = info.getJsonObject("State")
-                val config = info.getJsonObject("Config")
-                val running = state.getBoolean("Running")
-                val startedAt = state.getString("StartedAt")
-                val name = info.getString("Name").substring(1)
-                val networkSettings = info.getJsonObject("NetworkSettings")
-                val networks = networkSettings.getJsonObject("Networks")
-                val ports = networkSettings.getJsonObject("Ports")
-                val labels = config.getJsonObject("Labels")
-                val app = ApplicationContainer()
-                app.id = c.containerId()
-                app.image = config.getString("Image")
-                app.imageId = imageInfo?.getString("Id")
-                app.imageDigests = imageInfo?.getJsonArray("RepoDigests")
-                        ?.map { (it as JsonString).string } ?: emptyList()
-                app.ipAddresses = networks.values.mapNotNull {
-                    val ip = (it as JsonObject).getString("IPAddress")
-                    try {
-                        if (ip != null && ip.isNotEmpty()) {
-                            InetAddress.getByName(ip)
-                        } else {
-                            null
-                        }
-                    } catch (x: Exception) {
-                        LOG.warn("Error while resolving ip address \"$ip\"", x)
-                        null
-                    }
-                }.toList()
-                app.size = "${humanReadableByteCount((c["SizeRw"] ?: 0).toString().toLong())} RW (data), " +
-                        "${humanReadableByteCount((c["SizeRootFs"] ?: 0).toString().toLong())} RO (layers)"
-                app.created = info.getString("Created")
-                app.status = ContainerStatus.valueOf(state.getString("Status").toUpperCase())
-                app.ports = ports.entries
-                        .map { e: Map.Entry<String, JsonValue> ->
-                            if (e.value is JsonArray) {
-                                e.key + " -> " + e.value.asJsonArray()[0].asJsonObject().let {
-                                    (it["HostIp"] as JsonString).string + ":" + (it["HostPort"] as JsonString).string
+        return getContainerSequence(!onlyRunning, withSize = true)
+            .map { c: Container ->
+                try {
+                    val info = c.inspect()
+                    val imageInfo = getImage(c)?.inspect()
+                    val state = info.getJsonObject("State")
+                    val config = info.getJsonObject("Config")
+                    val running = state.getBoolean("Running")
+                    val startedAt = state.getString("StartedAt")
+                    val name = info.getString("Name").substring(1)
+                    val networkSettings = info.getJsonObject("NetworkSettings")
+                    val networks = networkSettings.getJsonObject("Networks")
+                    val ports = networkSettings.getJsonObject("Ports")
+                    val labels = config.getJsonObject("Labels")
+                    val app = ApplicationContainer()
+                    app.id = c.containerId()
+                    app.image = config.getString("Image")
+                    app.imageId = imageInfo?.getString("Id")
+                    app.imageDigests =
+                        imageInfo?.getJsonArray("RepoDigests")?.map { (it as JsonString).string }
+                            ?: emptyList()
+                    app.ipAddresses =
+                        networks
+                            .values
+                            .mapNotNull {
+                                val ip = (it as JsonObject).getString("IPAddress")
+                                try {
+                                    if (ip != null && ip.isNotEmpty()) {
+                                        InetAddress.getByName(ip)
+                                    } else {
+                                        null
+                                    }
+                                } catch (x: Exception) {
+                                    LOG.warn("Error while resolving ip address \"$ip\"", x)
+                                    null
                                 }
-                            } else {
-                                e.key
                             }
-                        }
-                        .toList()
-                app.names = name
-                if (running) {
-                    app.uptime = formatDuration(
-                            ZonedDateTime.parse(startedAt), OffsetDateTime.now(ZoneId.of("Z")).toZonedDateTime())
-                } else {
-                    app.uptime = "-"
+                            .toList()
+                    app.size =
+                        "${humanReadableByteCount((c["SizeRw"] ?: 0).toString().toLong())} RW (data), " +
+                            "${humanReadableByteCount((c["SizeRootFs"] ?: 0).toString().toLong())} RO (layers)"
+                    app.created = info.getString("Created")
+                    app.status = ContainerStatus.valueOf(state.getString("Status").toUpperCase())
+                    app.ports =
+                        ports
+                            .entries
+                            .map { e: Map.Entry<String, JsonValue> ->
+                                if (e.value is JsonArray) {
+                                    e.key +
+                                        " -> " +
+                                        e.value.asJsonArray()[0].asJsonObject().let {
+                                            (it["HostIp"] as JsonString).string +
+                                                ":" +
+                                                (it["HostPort"] as JsonString).string
+                                        }
+                                } else {
+                                    e.key
+                                }
+                            }
+                            .toList()
+                    app.names = name
+                    if (running) {
+                        app.uptime =
+                            formatDuration(
+                                ZonedDateTime.parse(startedAt),
+                                OffsetDateTime.now(ZoneId.of("Z")).toZonedDateTime()
+                            )
+                    } else {
+                        app.uptime = "-"
+                    }
+                    app.signature = labels.getOrDefault("ids.signature", JsonValue.NULL).toString()
+                    app.owner = labels.getOrDefault("ids.owner", JsonValue.NULL).toString()
+                    app.description =
+                        labels.getOrDefault("ids.description", JsonValue.NULL).toString()
+                    app.labels =
+                        labels
+                            .entries
+                            .stream()
+                            .collect(Collectors.toMap({ it.key }, { it.value as Any }))
+                    return@map app
+                } catch (e: IOException) {
+                    LOG.error(
+                        "Container iteration error occurred, skipping container with id " +
+                            c.containerId(),
+                        e
+                    )
+                    return@map null
                 }
-                app.signature = labels.getOrDefault("ids.signature", JsonValue.NULL).toString()
-                app.owner = labels.getOrDefault("ids.owner", JsonValue.NULL).toString()
-                app.description = labels.getOrDefault("ids.description", JsonValue.NULL).toString()
-                app.labels = labels.entries.stream()
-                        .collect(Collectors.toMap({ it.key }, { it.value as Any }))
-                return@map app
-            } catch (e: IOException) {
-                LOG.error("Container iteration error occurred, skipping container with id " + c.containerId(), e)
-                return@map null
             }
-        }.filterNotNull().toList()
+            .filterNotNull()
+            .toList()
     }
 
     private fun getContainer(containerID: String): Container {
         return getContainerSequence(true, mapOf("id" to listOf(containerID))).firstOrNull()
-                ?: throw NoContainerExistsException("The container with ID $containerID has not been found!")
+            ?: throw NoContainerExistsException(
+                "The container with ID $containerID has not been found!"
+            )
     }
 
     private fun getImage(container: Container) =
-            getImages(mapOf("reference" to listOf(container.getString("Image")))).firstOrNull()
+        getImages(mapOf("reference" to listOf(container.getString("Image")))).firstOrNull()
 
     override fun wipe(containerID: String) {
         val container = getContainer(containerID)
@@ -237,10 +264,13 @@ class DockerCM : ContainerManager {
             getImage(container)?.let {
                 LOG.info("Wiping image related to containerID $containerID")
                 it.delete()
-            } ?: run {
-                LOG.warn("The image to be deleted (filters: {}) was not found!",
-                        mapOf("reference" to listOf(container.getString("Image"))))
             }
+                ?: run {
+                    LOG.warn(
+                        "The image to be deleted (filters: {}) was not found!",
+                        mapOf("reference" to listOf(container.getString("Image")))
+                    )
+                }
         } catch (e: Exception) {
             LOG.error(e.message, e)
         }
@@ -284,11 +314,12 @@ class DockerCM : ContainerManager {
             // Instantly create a container from that image, but do not start it yet.
             LOG.info("Creating container instance from image {}", app.image)
             // Create the name
-            val containerName: String = if (app.name != null) {
-                app.name
-            } else {
-                defaultContainerName(app.image)
-            }
+            val containerName: String =
+                if (app.name != null) {
+                    app.name
+                } else {
+                    defaultContainerName(app.image)
+                }
             val container = Json.createObjectBuilder()
             val hostConfig = Json.createObjectBuilder()
             // Set image
@@ -297,14 +328,19 @@ class DockerCM : ContainerManager {
             if (app.ports != null) {
                 val exposedPorts = Json.createObjectBuilder()
                 val portBindings = Json.createObjectBuilder()
-                val portRegex = ("(?:((?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\.){3}" +
-                        "(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])):)?" +
-                        "([0-9]+):([0-9]+)(?:/(tcp|udp))?").toRegex()
+                val portRegex =
+                    ("(?:((?:(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])\\.){3}" +
+                            "(?:25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9]?[0-9])):)?" +
+                            "([0-9]+):([0-9]+)(?:/(tcp|udp))?")
+                        .toRegex()
                 for (port in app.ports) {
                     val match = portRegex.matchEntire(port)
                     if (match == null) {
-                        LOG.warn("Port definition {} does not match the pattern " +
-                                "[IPv4:]HostPort:ContainerPort[/tcp|udp], ignoring it", port)
+                        LOG.warn(
+                            "Port definition {} does not match the pattern " +
+                                "[IPv4:]HostPort:ContainerPort[/tcp|udp], ignoring it",
+                            port
+                        )
                     } else {
                         val groups = match.groupValues
                         val protocol = (if (groups[4].isEmpty()) "tcp" else groups[4])
@@ -339,7 +375,9 @@ class DockerCM : ContainerManager {
             // Set restart policy
             if (app.restartPolicy != null) {
                 hostConfig.add(
-                        "RestartPolicy", Json.createObjectBuilder().add("Name", app.restartPolicy))
+                    "RestartPolicy",
+                    Json.createObjectBuilder().add("Name", app.restartPolicy)
+                )
             }
             // Set privileged state
             if (app.isPrivileged) {
@@ -360,7 +398,6 @@ class DockerCM : ContainerManager {
     /**
      * Returns the default containerName that will be given to a container of image "imageID".
      *
-     *
      * For example, an imageID "shiva1029/weather" will be turned into "weather-shiva1029".
      *
      * @param imageName The name of the image
@@ -386,13 +423,14 @@ class DockerCM : ContainerManager {
     }
 
     override fun setIpRule(
-            containerID: String,
-            direction: Direction,
-            srcPort: Int,
-            dstPort: Int,
-            srcDstRange: String,
-            protocol: Protocol,
-            decision: Decision) { // TODO Not implemented yet
+        containerID: String,
+        direction: Direction,
+        srcPort: Int,
+        dstPort: Int,
+        srcDstRange: String,
+        protocol: Protocol,
+        decision: Decision
+    ) { // TODO Not implemented yet
     }
 
     /**
@@ -405,11 +443,9 @@ class DockerCM : ContainerManager {
         return getContainer(containerID).inspect().toString()
     }
 
-    /**
-     * Returns the version of docker on the system
-     */
+    /** Returns the version of docker on the system */
     override fun getVersion(): String {
         val version = DOCKER_CLIENT.version()
         return "${version.platformName()} (${version.version()})"
     }
-}
\ No newline at end of file
+}
diff --git a/ids-container-manager/src/test/kotlin/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.kt b/ids-container-manager/src/test/kotlin/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.kt
index 4c19d0a6a..aecaa6f5d 100644
--- a/ids-container-manager/src/test/kotlin/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.kt
+++ b/ids-container-manager/src/test/kotlin/de/fhg/aisec/ids/cm/impl/docker/DockerCmIT.kt
@@ -22,11 +22,11 @@ package de.fhg.aisec.ids.cm.impl.docker
 import de.fhg.aisec.ids.api.cm.ApplicationContainer
 import de.fhg.aisec.ids.api.cm.ContainerStatus
 import de.fhg.aisec.ids.cm.impl.docker.DockerCM.Companion.isSupported
+import java.util.*
 import org.junit.After
 import org.junit.Assert
 import org.junit.Assume
 import org.junit.Test
-import java.util.*
 
 class DockerCmIT {
     private val wipes: MutableSet<String> = HashSet()
@@ -83,7 +83,8 @@ class DockerCmIT {
         val regex = Regex(".* \\([0-9.]+(?:.+)?\\)")
         if (!version.matches(regex)) {
             throw AssertionError(
-                    "Error: Docker version has to match regex '$regex', found '$version'")
+                "Error: Docker version has to match regex '$regex', found '$version'"
+            )
         }
     }
 
@@ -124,4 +125,4 @@ class DockerCmIT {
         Assert.assertNotNull(stoppedContainer)
         Assert.assertEquals(ContainerStatus.EXITED, stoppedContainer?.status)
     }
-}
\ No newline at end of file
+}
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
index bf1e9e826..9b37ec292 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/PolicyDecisionPoint.kt
@@ -33,13 +33,13 @@ import de.fhg.aisec.ids.api.router.RouteVerificationProof
 import de.fhg.aisec.ids.dataflowcontrol.lucon.LuconEngine
 import de.fhg.aisec.ids.dataflowcontrol.lucon.TuPrologHelper.escape
 import de.fhg.aisec.ids.dataflowcontrol.lucon.TuPrologHelper.listStream
-import org.osgi.service.component.ComponentContext
-import org.osgi.service.component.annotations.*
-import org.slf4j.LoggerFactory
 import java.io.File
 import java.util.*
 import java.util.concurrent.ExecutionException
 import java.util.concurrent.TimeUnit
+import org.osgi.service.component.ComponentContext
+import org.osgi.service.component.annotations.*
+import org.slf4j.LoggerFactory
 
 /**
  * servicefactory=false is the default and actually not required. But we want to make clear that
@@ -59,7 +59,8 @@ class PolicyDecisionPoint : PDP, PAP {
     @Volatile
     private var routeManager: RouteManager? = null
 
-    private val transformationCache = CacheBuilder.newBuilder()
+    private val transformationCache =
+        CacheBuilder.newBuilder()
             .maximumSize(10000)
             .expireAfterAccess(1, TimeUnit.DAYS)
             .build<ServiceNode, TransformationDecision>()
@@ -70,8 +71,7 @@ class PolicyDecisionPoint : PDP, PAP {
      * @param target The target node of the transformation
      * @param labels The exchange properties
      */
-    private fun createDecisionQuery(
-            target: ServiceNode, labels: Set<String>): String {
+    private fun createDecisionQuery(target: ServiceNode, labels: Set<String>): String {
         val sb = StringBuilder()
         sb.append("rule(X), has_target(X, T), ")
         sb.append("has_endpoint(T, EP), ")
@@ -81,17 +81,19 @@ class PolicyDecisionPoint : PDP, PAP {
         sb.append("receives_label(X), ")
         sb.append("rule_priority(X, P), ")
         // Removed due to unclear relevance
-//        if (target.capabilties.size + target.properties.size > 0) {
-//            val capProp = LinkedList<String>()
-//            for (cap in target.capabilties) {
-//                capProp.add("has_capability(T, " + escape(cap) + ")")
-//            }
-//            for (prop in target.properties) {
-//                capProp.add("has_property(T, " + escape(prop) + ")")
-//            }
-//            sb.append("(").append(capProp.joinToString(", ")).append("), ")
-//        }
-        sb.append("(has_decision(X, D) ; (has_obligation(X, _O), has_alternativedecision(_O, Alt), ")
+        //        if (target.capabilties.size + target.properties.size > 0) {
+        //            val capProp = LinkedList<String>()
+        //            for (cap in target.capabilties) {
+        //                capProp.add("has_capability(T, " + escape(cap) + ")")
+        //            }
+        //            for (prop in target.properties) {
+        //                capProp.add("has_property(T, " + escape(prop) + ")")
+        //            }
+        //            sb.append("(").append(capProp.joinToString(", ")).append("), ")
+        //        }
+        sb.append(
+            "(has_decision(X, D) ; (has_obligation(X, _O), has_alternativedecision(_O, Alt), "
+        )
         sb.append("requires_prerequisite(_O, A)))")
         if (labels.isNotEmpty()) {
             // Cleanup prolog VM for next run
@@ -105,7 +107,6 @@ class PolicyDecisionPoint : PDP, PAP {
      * A transformation query retrieves the set of labels to add and to remove from the Prolog
      * knowledge base.
      *
-     *
      * This method returns the respective query for a specific target.
      *
      * @param target The ServiceNode to be processed
@@ -116,26 +117,26 @@ class PolicyDecisionPoint : PDP, PAP {
         val plEndpoint: String
         if (target.endpoint != null) {
             plEndpoint = escape(target.endpoint)
-//            sb.append("dominant_allow_rules(").append(plEndpoint).append(", _T, _), ")
+            //            sb.append("dominant_allow_rules(").append(plEndpoint).append(", _T, _), ")
         } else {
             throw RuntimeException("No endpoint specified!")
         }
         // Removed due to unclear relevance
-//        if (target.capabilties.size + target.properties.size > 0) {
-//            val capProp = LinkedList<String>()
-//            for (cap in target.capabilties) {
-//                capProp.add("has_capability(_T, " + escape(cap) + ")")
-//            }
-//            for (prop in target.properties) {
-//                capProp.add("has_property(_T, " + escape(prop) + ")")
-//            }
-//            sb.append('(').append(capProp.joinToString(", ")).append("),\n")
-//        }
+        //        if (target.capabilties.size + target.properties.size > 0) {
+        //            val capProp = LinkedList<String>()
+        //            for (cap in target.capabilties) {
+        //                capProp.add("has_capability(_T, " + escape(cap) + ")")
+        //            }
+        //            for (prop in target.properties) {
+        //                capProp.add("has_property(_T, " + escape(prop) + ")")
+        //            }
+        //            sb.append('(').append(capProp.joinToString(", ")).append("),\n")
+        //        }
         sb.append("once(setof(S, action_service(")
-                .append(plEndpoint)
-                .append(", S), SC); SC = []),\n")
-                .append("collect_creates_labels(SC, ACraw), set_of(ACraw, Adds),\n")
-                .append("collect_removes_labels(SC, RCraw), set_of(RCraw, Removes).")
+            .append(plEndpoint)
+            .append(", S), SC); SC = []),\n")
+            .append("collect_creates_labels(SC, ACraw), set_of(ACraw, Adds),\n")
+            .append("collect_removes_labels(SC, RCraw), set_of(RCraw, Removes).")
         return sb.toString()
     }
 
@@ -170,9 +171,7 @@ class PolicyDecisionPoint : PDP, PAP {
 
     override fun requestTranformations(lastServiceNode: ServiceNode): TransformationDecision {
         try {
-            return transformationCache.get(
-                    lastServiceNode
-            ) {
+            return transformationCache.get(lastServiceNode) {
                 // Query prolog for labels to remove or add from message
                 val query = this.createTransformationQuery(lastServiceNode)
                 if (LOG.isDebugEnabled) {
@@ -196,7 +195,9 @@ class PolicyDecisionPoint : PDP, PAP {
                                 }
                                 val removes = s.getVarValue("Removes").term
                                 if (removes.isList) {
-                                    listStream(removes).forEach { labelsToRemove.add(it.toString()) }
+                                    listStream(removes).forEach {
+                                        labelsToRemove.add(it.toString())
+                                    }
                                 } else {
                                     throw RuntimeException("\"Removes\" is not a prolog list!")
                                 }
@@ -214,7 +215,6 @@ class PolicyDecisionPoint : PDP, PAP {
             LOG.error(ee.message, ee)
             return TransformationDecision()
         }
-
     }
 
     override fun requestDecision(req: DecisionRequest): PolicyDecision {
@@ -263,7 +263,6 @@ class PolicyDecisionPoint : PDP, PAP {
                 } catch (e: NullPointerException) {
                     LOG.warn("Invalid rule priority: " + si.getVarValue("P"), e)
                 }
-
             }
 
             // Just for debugging
@@ -334,16 +333,21 @@ class PolicyDecisionPoint : PDP, PAP {
             for (i in solveInfo) {
                 if (i.isSuccess) {
                     val vars = i.bindingVars
-                    LOG.trace(vars.joinToString(", ") { v ->
-                        String.format("%s: %s (%s)", v.name, v.term,
-                                if (v.isBound) "bound" else "unbound")
-                    })
+                    LOG.trace(
+                        vars.joinToString(", ") { v ->
+                            String.format(
+                                "%s: %s (%s)",
+                                v.name,
+                                v.term,
+                                if (v.isBound) "bound" else "unbound"
+                            )
+                        }
+                    )
                 }
             }
         } catch (nse: NoSolutionException) {
             LOG.trace("No solution found", nse)
         }
-
     }
 
     override fun clearAllCaches() {
@@ -396,6 +400,7 @@ class PolicyDecisionPoint : PDP, PAP {
         private const val LUCON_FILE_EXTENSION = ".pl"
 
         // Each thread creates a LuconEngine instance to prevent concurrency issues
-        val threadEngine: ThreadLocal<LuconEngine> = ThreadLocal.withInitial { LuconEngine(System.out) }
+        val threadEngine: ThreadLocal<LuconEngine> =
+            ThreadLocal.withInitial { LuconEngine(System.out) }
     }
 }
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt
index f21b41a6e..9e9ad6edc 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/CounterExampleImpl.kt
@@ -31,20 +31,21 @@ class CounterExampleImpl(term: Term) : CounterExample() {
         val steps = LinkedList<String?>()
         // process explanation
         val reasonIterator = (traceIterator.next() as Struct).listIterator()
-        val sb = StringBuilder()
+        val sb =
+            StringBuilder()
                 .append("Service ")
                 .append(reasonIterator.next().toString())
                 .append(" may receive messages")
         reasonIterator.next()
-//        val explanation = reasonIterator.next()
-//        if (explanation.isList) {
-//            sb.append(" labeled [")
-//            appendCSList(sb, explanation)
-//            sb.append("]")
-//        }
+        //        val explanation = reasonIterator.next()
+        //        if (explanation.isList) {
+        //            sb.append(" labeled [")
+        //            appendCSList(sb, explanation)
+        //            sb.append("]")
+        //        }
         sb.append(", which is forbidden by rule \"")
-                .append(reasonIterator.next().toString())
-                .append("\".")
+            .append(reasonIterator.next().toString())
+            .append("\".")
         this.explanation = sb.toString()
         // process steps and prepend them to list (inverse trace to get the right order)
         traceIterator.forEachRemaining { t: Term? -> steps.addFirst(termToStep(t)) }
@@ -85,4 +86,4 @@ class CounterExampleImpl(term: Term) : CounterExample() {
             }
         }
     }
-}
\ No newline at end of file
+}
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
index fa9fbb450..d46cbdaf6 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconEngine.kt
@@ -30,18 +30,16 @@ import alice.tuprolog.exceptions.NoSolutionException
 import alice.tuprolog.interfaces.event.LibraryListener
 import de.fhg.aisec.ids.api.router.CounterExample
 import de.fhg.aisec.ids.api.router.RouteVerificationProof
-import org.slf4j.LoggerFactory
 import java.io.OutputStream
 import java.nio.charset.StandardCharsets
 import java.util.*
 import java.util.regex.Pattern
+import org.slf4j.LoggerFactory
 
 /**
  * LUCON (Logic based Usage Control) policy decision engine.
  *
- *
- * This engine uses tuProlog as a logic language implementation to answer policy decision
- * requests.
+ * This engine uses tuProlog as a logic language implementation to answer policy decision requests.
  *
  * @author Julian Schuette (julian.schuette@aisec.fraunhofer.de)
  */
@@ -49,8 +47,7 @@ class LuconEngine
 /**
  * Create a new LuconEngine which writes to a given output stream.
  *
- * @param out OutputStream to write Prolog engine outputs to, or null if output should not
- * printed.
+ * @param out OutputStream to write Prolog engine outputs to, or null if output should not printed.
  */
 (out: OutputStream?) {
     private val p: Prolog = Prolog()
@@ -75,15 +72,16 @@ class LuconEngine
         }
         if (LOG.isDebugEnabled) {
             p.addLibraryListener(
-                    object : LibraryListener {
-                        override fun libraryLoaded(e: LibraryEvent) {
-                            LOG.debug("Prolog library loaded " + e.libraryName)
-                        }
-
-                        override fun libraryUnloaded(e: LibraryEvent) {
-                            LOG.debug("Prolog library unloaded " + e.libraryName)
-                        }
-                    })
+                object : LibraryListener {
+                    override fun libraryLoaded(e: LibraryEvent) {
+                        LOG.debug("Prolog library loaded " + e.libraryName)
+                    }
+
+                    override fun libraryUnloaded(e: LibraryEvent) {
+                        LOG.debug("Prolog library unloaded " + e.libraryName)
+                    }
+                }
+            )
         }
         if (LOG.isTraceEnabled) {
             p.addSpyListener { l -> LOG.trace(l.msg + " " + l.source) }
@@ -107,7 +105,6 @@ class LuconEngine
                 } catch (e: Exception) {
                     LOG.error(e.message, e)
                 }
-
             }
         }
 
@@ -117,7 +114,6 @@ class LuconEngine
             // should never happen
             throw RuntimeException("Error loading " + LuconLibrary::class.java.name, e)
         }
-
     }
 
     fun setSpy(spy: Boolean) {
@@ -127,7 +123,6 @@ class LuconEngine
     /**
      * Loads a policy in form of a prolog theory.
      *
-     *
      * Existing policies will be overwritten.
      *
      * @param theory The theory to load
@@ -153,7 +148,6 @@ class LuconEngine
             } catch (e: NoSolutionException) {
                 e.printStackTrace()
             }
-
         }
         return result
     }
@@ -203,7 +197,8 @@ class LuconEngine
             // Generate the proof (=run query)
             val result = query(newP, QUERY_ROUTE_VERIFICATION, true)
 
-            // If a result has been found, this means there is at least one counterexample of a path in a
+            // If a result has been found, this means there is at least one counterexample of a path
+            // in a
             // route that violates a policy
             if (result.isNotEmpty()) {
                 val ces = ArrayList<CounterExample>(result.size)
@@ -237,6 +232,4 @@ class LuconEngine
             defaultPolicy = theory
         }
     }
-
-
 }
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
index 2718c07ad..98508d494 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/LuconLibrary.kt
@@ -25,9 +25,9 @@ import alice.tuprolog.Term
 import alice.tuprolog.Var
 import com.google.common.cache.CacheBuilder
 import com.google.common.cache.CacheLoader
-import org.slf4j.LoggerFactory
 import java.util.concurrent.ExecutionException
 import java.util.concurrent.TimeUnit
+import org.slf4j.LoggerFactory
 
 /**
  * Plugins and default theories for tuProlog engine.
@@ -37,15 +37,19 @@ import java.util.concurrent.TimeUnit
 @Suppress("FunctionName", "unused")
 class LuconLibrary : Library() {
     @Transient
-    private val regexCache = CacheBuilder.newBuilder()
+    private val regexCache =
+        CacheBuilder.newBuilder()
             .expireAfterAccess(1, TimeUnit.DAYS)
             .maximumWeight(1e6.toLong())
             .weigher<String, Regex> { k, _ -> k.length }
-            .build(object : CacheLoader<String, Regex>() {
-                override fun load(key: String) = Regex(key, RegexOption.DOT_MATCHES_ALL)
-            })
-
-    override fun getTheory(): String = """
+            .build(
+                object : CacheLoader<String, Regex>() {
+                    override fun load(key: String) = Regex(key, RegexOption.DOT_MATCHES_ALL)
+                }
+            )
+
+    override fun getTheory(): String =
+        """
 set_of(In, Out) :-  % get a pairwise different, sorted set from a list
   quicksort(In, '@<', Sorted),
   no_duplicates(Sorted, Out).
@@ -181,20 +185,21 @@ trace_walk(A, B, Log, T) :-              % We can walk from A to B if  [ O(|Ep_S
         // Both regex and input string must be ground
         return if (isComplex(regex) || isComplex(input)) {
             false
-        } else try {
-            val regexString = TuPrologHelper.unquote(regex.term.toString())
-            val inputString = TuPrologHelper.unquote(input.term.toString())
-            val match = regexCache[regexString].matches(inputString)
-            if (LOG.isTraceEnabled) {
-                LOG.trace("regex_match: $regexString , $inputString: $match")
+        } else
+            try {
+                val regexString = TuPrologHelper.unquote(regex.term.toString())
+                val inputString = TuPrologHelper.unquote(input.term.toString())
+                val match = regexCache[regexString].matches(inputString)
+                if (LOG.isTraceEnabled) {
+                    LOG.trace("regex_match: $regexString , $inputString: $match")
+                }
+                match
+            } catch (e: ExecutionException) {
+                if (LOG.isWarnEnabled) {
+                    LOG.warn(e.message, e)
+                }
+                false
             }
-            match
-        } catch (e: ExecutionException) {
-            if (LOG.isWarnEnabled) {
-                LOG.warn(e.message, e)
-            }
-            false
-        }
     }
 
     companion object {
@@ -207,4 +212,4 @@ trace_walk(A, B, Log, T) :-              % We can walk from A to B if  [ O(|Ep_S
             return (!t.isAtom || t.isList) && t !is Number
         }
     }
-}
\ No newline at end of file
+}
diff --git a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt
index e70ebcb1a..d6d8f5d2c 100644
--- a/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt
+++ b/ids-dataflow-control/src/main/kotlin/de/fhg/aisec/ids/dataflowcontrol/lucon/TuPrologHelper.kt
@@ -49,7 +49,9 @@ object TuPrologHelper {
         require(list.isList) { "Not a tuProlog list" }
         val listIterator = (list as Struct).listIterator()
         return StreamSupport.stream(
-                Spliterators.spliteratorUnknownSize(listIterator, Spliterator.ORDERED), false)
+            Spliterators.spliteratorUnknownSize(listIterator, Spliterator.ORDERED),
+            false
+        )
     }
 
     fun unquote(s: String): String {
@@ -61,4 +63,4 @@ object TuPrologHelper {
             s
         }
     }
-}
\ No newline at end of file
+}
diff --git a/ids-dataflow-control/src/test/kotlin/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.kt b/ids-dataflow-control/src/test/kotlin/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.kt
index 3629ab2ec..b3427fb92 100644
--- a/ids-dataflow-control/src/test/kotlin/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.kt
+++ b/ids-dataflow-control/src/test/kotlin/de/fhg/aisec/ids/dataflowcontrol/LuconEngineTest.kt
@@ -27,13 +27,13 @@ import de.fhg.aisec.ids.api.policy.PolicyDecision
 import de.fhg.aisec.ids.api.policy.ServiceNode
 import de.fhg.aisec.ids.api.router.RouteManager
 import de.fhg.aisec.ids.dataflowcontrol.lucon.LuconEngine
+import java.nio.charset.StandardCharsets
+import java.util.*
 import org.junit.Assert
 import org.junit.Ignore
 import org.junit.Test
 import org.mockito.ArgumentMatchers
 import org.mockito.Mockito
-import java.nio.charset.StandardCharsets
-import java.util.*
 
 /**
  * Unit tests for the LUCON policy engine.
@@ -55,14 +55,14 @@ class LuconEngineTest {
         Assert.assertTrue(prolog.trim { it <= ' ' }.startsWith("move(1,X,Y"))
     }
 
-    /** Loading an invalid Prolog theory is expected to throw an exception.  */
+    /** Loading an invalid Prolog theory is expected to throw an exception. */
     @Test
     fun testLoadingTheoryNotGood() {
         val e = LuconEngine(System.out)
         try {
             e.loadPolicy("This is invalid")
         } catch (ex: InvalidTheoryException) {
-            return  // Expected
+            return // Expected
         }
         Assert.fail("Could load invalid theory without exception")
     }
@@ -105,7 +105,8 @@ class LuconEngineTest {
         val e = LuconEngine(System.out)
         e.loadPolicy(EXAMPLE_POLICY)
         try {
-            val solutions = e.query("has_endpoint(X,Y),regex_match(Y, \"hdfs://myendpoint\").", true)
+            val solutions =
+                e.query("has_endpoint(X,Y),regex_match(Y, \"hdfs://myendpoint\").", true)
             Assert.assertNotNull(solutions)
             Assert.assertEquals(3, solutions.size.toLong())
             for (solution in solutions) {
@@ -123,7 +124,8 @@ class LuconEngineTest {
     }
 
     /**
-     * Test if the correct policy decisions are taken for a (very) simple route and an example policy.
+     * Test if the correct policy decisions are taken for a (very) simple route and an example
+     * policy.
      */
     @Test
     fun testPolicyDecision() {
@@ -144,7 +146,8 @@ class LuconEngineTest {
     }
 
     /**
-     * Test if the correct policy decisions are taken for a (very) simple route and an example policy.
+     * Test if the correct policy decisions are taken for a (very) simple route and an example
+     * policy.
      */
     @Test
     fun testPolicyDecisionWithExtendedLabels() {
@@ -162,7 +165,7 @@ class LuconEngineTest {
         Assert.assertEquals(0, dec.obligations.size.toLong())
     }
 
-    /** List all rules of the currently loaded policy.  */
+    /** List all rules of the currently loaded policy. */
     @Test
     fun testListRules() {
         val pdp = PolicyDecisionPoint()
@@ -226,7 +229,8 @@ class LuconEngineTest {
         val rm = Mockito.mock(RouteManager::class.java)
         println("------ ROUTE ----------")
         println(VERIFIABLE_ROUTE)
-        Mockito.`when`(rm.getRouteAsProlog(ArgumentMatchers.anyString())).thenReturn(VERIFIABLE_ROUTE)
+        Mockito.`when`(rm.getRouteAsProlog(ArgumentMatchers.anyString()))
+            .thenReturn(VERIFIABLE_ROUTE)
 
         // Create policy decision point and attach to route manager
         val pdp = PolicyDecisionPoint()
@@ -246,15 +250,18 @@ class LuconEngineTest {
         println(proof?.toString())
         Assert.assertNotNull(proof)
         Assert.assertFalse(proof!!.isValid)
-        //		assertTrue(proof.toString().contains("Service testQueueService may receive messages labeled
+        //		assertTrue(proof.toString().contains("Service testQueueService may receive messages
+        // labeled
         // [private], " + "which is forbidden by rule \"anotherRule\"."));
         println("##### PROBLEM #####")
         println(proof.toString())
         Assert.assertTrue(
-                proof
-                        .toString()
-                        .contains(
-                                "Service testQueueService may receive messages, which is forbidden by rule \"anotherRule\"."))
+            proof
+                .toString()
+                .contains(
+                    "Service testQueueService may receive messages, which is forbidden by rule \"anotherRule\"."
+                )
+        )
         Assert.assertNotNull(proof.counterExamples)
     }
 
@@ -332,15 +339,22 @@ class LuconEngineTest {
             System.gc()
             System.gc()
             System.gc() // Empty level 1- & 2-LRUs.
-            val memoryBefore = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
+            val memoryBefore =
+                Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
             val dec = pdp.requestDecision(DecisionRequest(source, dest, emptySet(), null))
             val memoryAfter = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
             System.gc()
             System.gc()
             System.gc() // Empty level 1- & 2-LRUs.
-            val memoryAfterGC = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
+            val memoryAfterGC =
+                Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
             println(
-                    i.toString() + "\t\t" + (memoryAfter - memoryBefore) + "\t\t" + (memoryAfterGC - memoryBefore))
+                i.toString() +
+                    "\t\t" +
+                    (memoryAfter - memoryBefore) +
+                    "\t\t" +
+                    (memoryAfterGC - memoryBefore)
+            )
             Assert.assertEquals(PolicyDecision.Decision.ALLOW, dec.decision)
             i += 10
         }
@@ -364,15 +378,22 @@ class LuconEngineTest {
             System.gc()
             System.gc()
             System.gc() // Empty level 1- & 2-LRUs.
-            val memoryBefore = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
+            val memoryBefore =
+                Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
             val dec = pdp.requestDecision(DecisionRequest(source, dest, emptySet(), null))
             val memoryAfter = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
             System.gc()
             System.gc()
             System.gc() // Empty level 1- & 2-LRUs.
-            val memoryAfterGC = Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
+            val memoryAfterGC =
+                Runtime.getRuntime().totalMemory() - Runtime.getRuntime().freeMemory()
             println(
-                    i.toString() + "\t\t" + (memoryAfter - memoryBefore) + "\t\t" + (memoryAfterGC - memoryBefore))
+                i.toString() +
+                    "\t\t" +
+                    (memoryAfter - memoryBefore) +
+                    "\t\t" +
+                    (memoryAfterGC - memoryBefore)
+            )
             Assert.assertEquals(PolicyDecision.Decision.ALLOW, dec.decision)
             i += 10
         }
@@ -416,7 +437,8 @@ class LuconEngineTest {
         Assert.assertEquals(PolicyDecision.Decision.DENY, d)
         Assert.assertEquals("No matching rule", dec.reason)
 
-        // testRulePrioTwo: now we have labels "public" AND "filtered" set, which makes testRulePrioTwo
+        // testRulePrioTwo: now we have labels "public" AND "filtered" set, which makes
+        // testRulePrioTwo
         // match
         from = ServiceNode("IAmMatchedByRuleThreeOnly", null, null)
         to = ServiceNode("hdfs://IAmMatchedByBothRules", null, null)
@@ -428,7 +450,8 @@ class LuconEngineTest {
         Assert.assertEquals(PolicyDecision.Decision.ALLOW, d)
         Assert.assertEquals("testRulePrioTwo", dec.reason)
 
-        // testRulePrioTwo: "public" AND "filtered" makes testRulePrioTwo match. Additional labels do
+        // testRulePrioTwo: "public" AND "filtered" makes testRulePrioTwo match. Additional labels
+        // do
         // not harm
         from = ServiceNode("IAmMatchedByRuleThreeOnly", null, null)
         to = ServiceNode("hdfs://IAmMatchedByBothRules", null, null)
@@ -456,7 +479,6 @@ class LuconEngineTest {
     /**
      * Generates n random rules matching a target endpoint (given as regex).
      *
-     *
      * All rules will take an "allow" decision.
      *
      * @param n The number of rules to generate
@@ -474,14 +496,22 @@ class LuconEngineTest {
             sb.append("receives_label(").append(ruleName).append(").\n")
             sb.append("has_target(").append(ruleName).append(", ").append(targetName).append(").\n")
             sb.append("has_obligation(")
-                    .append(ruleName)
-                    .append(", testObligation")
-                    .append(i)
-                    .append(").\n")
+                .append(ruleName)
+                .append(", testObligation")
+                .append(i)
+                .append(").\n")
             sb.append("service(").append(targetName).append(").\n")
             sb.append("has_endpoint(").append(targetName).append(", \".*\").\n")
-            sb.append("creates_label(").append(targetName).append(", ").append(labelName).append(").\n")
-            sb.append("removes_label(").append(targetName).append(", ").append(labelName).append(").\n")
+            sb.append("creates_label(")
+                .append(targetName)
+                .append(", ")
+                .append(labelName)
+                .append(").\n")
+            sb.append("removes_label(")
+                .append(targetName)
+                .append(", ")
+                .append(labelName)
+                .append(").\n")
         }
         return sb.toString()
     }
@@ -498,134 +528,140 @@ class LuconEngineTest {
 
     companion object {
         // Solving Towers of Hanoi in only two lines. Prolog FTW!
-        private const val HANOI_THEORY = ("move(1,X,Y,_) :- "
-                + "write('Move top disk from '), write(X), write(' to '), write(Y), nl. \n"
-                + "move(N,X,Y,Z) :- N>1, M is N-1, move(M,X,Z,Y), move(1,X,Y,_), move(M,Z,Y,X). ")
+        private const val HANOI_THEORY =
+            ("move(1,X,Y,_) :- " +
+                "write('Move top disk from '), write(X), write(' to '), write(Y), nl. \n" +
+                "move(N,X,Y,Z) :- N>1, M is N-1, move(M,X,Z,Y), move(1,X,Y,_), move(M,Z,Y,X). ")
 
         // A random but syntactically correct policy.
-        private const val EXAMPLE_POLICY = ("\n"
-                + "%%%%%%%% Rules %%%%%%%%%%%%\n"
-                + "rule(denyAll).\n"
-                + "rule_priority(denyAll, 0).\n"
-                + "has_decision(denyAll, drop).\n"
-                + "receives_label(denyAll).\n"
-                + "has_target(denyAll, serviceAll).\n"
-                + "\n"
-                + "rule(allowRule).\n"
-                + "rule_priority(allowRule, 1).\n"
-                + "has_decision(allowRule, allow).\n"
-                + "receives_label(allowRule).\n"
-                + "has_target(allowRule, hiveMqttBrokerService).\n"
-                + "has_target(allowRule, anonymizerService).\n"
-                + "has_target(allowRule, loggerService).\n"
-                + "has_target(allowRule, hadoopClustersService).\n"
-                + "has_target(allowRule, testQueueService).\n"
-                + "\n"
-                + "rule(deleteAfterOneMonth).\n"
-                + "rule_priority(deleteAfterOneMonth, 1).\n"
-                + "has_decision(deleteAfterOneMonth, allow).\n"
-                + "receives_label(deleteAfterOneMonth) :- label(private).\n"
-                + "has_target(deleteAfterOneMonth, service78096644).\n"
-                + "has_obligation(deleteAfterOneMonth, obl1709554620).\n"
-                + "% generated service\n"
-                + "service(service78096644).\n"
-                + "has_endpoint(service78096644, \"hdfs.*\").\n"
-                + "% generated obligation\n"
-                + "requires_prerequisite(obl1709554620, delete_after_days(30)).\n"
-                + "has_alternativedecision(obl1709554620, drop).\n"
-                + "\n"
-                + "rule(anotherRule).\n"
-                + "rule_priority(anotherRule, 1).\n"
-                + "has_target(anotherRule, testQueueService).\n"
-                + "receives_label(anotherRule) :- label(private).\n"
-                + "has_decision(anotherRule, drop).\n"
-                + "\n"
-                + "%%%%%%%%%%%% Services %%%%%%%%%%%%\n"
-                + "service(serviceAll).\n"
-                + "has_endpoint(serviceAll,'.*').\n"
-                + "\n"
-                + "service(hiveMqttBrokerService).\n"
-                + "creates_label(hiveMqttBrokerService, labelone).\n"
-                + "creates_label(hiveMqttBrokerService, private).\n"
-                + "removes_label(hiveMqttBrokerService, labeltwo).\n"
-                + "has_endpoint(hiveMqttBrokerService, \"^paho:.*?tcp://broker.hivemq.com:1883.*\").\n"
-                + "has_property(hiveMqttBrokerService, type, public).\n"
-                + "\n"
-                + "service(anonymizerService).\n"
-                + "has_endpoint(anonymizerService, \".*anonymizer.*\").\n"
-                + "has_property(anonymizerService, myProp, anonymize('surname', 'name')).\n"
-                + "\n"
-                + "service(loggerService).\n"
-                + "has_endpoint(loggerService, \"^log.*\").\n"
-                + "\n"
-                + "service(hadoopClustersService).\n"
-                + "has_endpoint(hadoopClustersService, \"^hdfs://.*\").\n"
-                + "has_capability(hadoopClustersService, deletion).\n"
-                + "has_property(hadoopClustersService, anonymizes, anonymize('surname', 'name')).\n"
-                + "\n"
-                + "service(testQueueService).\n"
-                + "has_endpoint(testQueueService, \"^amqp:.*?:test\").")
+        private const val EXAMPLE_POLICY =
+            ("\n" +
+                "%%%%%%%% Rules %%%%%%%%%%%%\n" +
+                "rule(denyAll).\n" +
+                "rule_priority(denyAll, 0).\n" +
+                "has_decision(denyAll, drop).\n" +
+                "receives_label(denyAll).\n" +
+                "has_target(denyAll, serviceAll).\n" +
+                "\n" +
+                "rule(allowRule).\n" +
+                "rule_priority(allowRule, 1).\n" +
+                "has_decision(allowRule, allow).\n" +
+                "receives_label(allowRule).\n" +
+                "has_target(allowRule, hiveMqttBrokerService).\n" +
+                "has_target(allowRule, anonymizerService).\n" +
+                "has_target(allowRule, loggerService).\n" +
+                "has_target(allowRule, hadoopClustersService).\n" +
+                "has_target(allowRule, testQueueService).\n" +
+                "\n" +
+                "rule(deleteAfterOneMonth).\n" +
+                "rule_priority(deleteAfterOneMonth, 1).\n" +
+                "has_decision(deleteAfterOneMonth, allow).\n" +
+                "receives_label(deleteAfterOneMonth) :- label(private).\n" +
+                "has_target(deleteAfterOneMonth, service78096644).\n" +
+                "has_obligation(deleteAfterOneMonth, obl1709554620).\n" +
+                "% generated service\n" +
+                "service(service78096644).\n" +
+                "has_endpoint(service78096644, \"hdfs.*\").\n" +
+                "% generated obligation\n" +
+                "requires_prerequisite(obl1709554620, delete_after_days(30)).\n" +
+                "has_alternativedecision(obl1709554620, drop).\n" +
+                "\n" +
+                "rule(anotherRule).\n" +
+                "rule_priority(anotherRule, 1).\n" +
+                "has_target(anotherRule, testQueueService).\n" +
+                "receives_label(anotherRule) :- label(private).\n" +
+                "has_decision(anotherRule, drop).\n" +
+                "\n" +
+                "%%%%%%%%%%%% Services %%%%%%%%%%%%\n" +
+                "service(serviceAll).\n" +
+                "has_endpoint(serviceAll,'.*').\n" +
+                "\n" +
+                "service(hiveMqttBrokerService).\n" +
+                "creates_label(hiveMqttBrokerService, labelone).\n" +
+                "creates_label(hiveMqttBrokerService, private).\n" +
+                "removes_label(hiveMqttBrokerService, labeltwo).\n" +
+                "has_endpoint(hiveMqttBrokerService, \"^paho:.*?tcp://broker.hivemq.com:1883.*\").\n" +
+                "has_property(hiveMqttBrokerService, type, public).\n" +
+                "\n" +
+                "service(anonymizerService).\n" +
+                "has_endpoint(anonymizerService, \".*anonymizer.*\").\n" +
+                "has_property(anonymizerService, myProp, anonymize('surname', 'name')).\n" +
+                "\n" +
+                "service(loggerService).\n" +
+                "has_endpoint(loggerService, \"^log.*\").\n" +
+                "\n" +
+                "service(hadoopClustersService).\n" +
+                "has_endpoint(hadoopClustersService, \"^hdfs://.*\").\n" +
+                "has_capability(hadoopClustersService, deletion).\n" +
+                "has_property(hadoopClustersService, anonymizes, anonymize('surname', 'name')).\n" +
+                "\n" +
+                "service(testQueueService).\n" +
+                "has_endpoint(testQueueService, \"^amqp:.*?:test\").")
 
         // Policy with extended labels, i.e. "purpose(green)"
-        private const val EXTENDED_LABELS_POLICY = (""
-                + "%%%%%%%% Rules %%%%%%%%%%%%\n"
-                + "rule(denyAll).\n"
-                + "rule_priority(denyAll, 0).\n"
-                + "has_decision(denyAll, drop).\n"
-                + "receives_label(denyAll).\n"
-                + "has_target(denyAll, serviceAll).\n"
-                + "\n"
-                + "rule(demo).\n"
-                + "rule_priority(demo, 1).\n"
-                + "has_target(demo, service473016340).\n"
-                + "service(service473016340).\n"
-                + "has_endpoint(service473016340,\"(ahc|ahc-ws|cxf|cxfbean|cxfrs)://.*\").\n"
-                + "receives_label(demo) :- label(purpose(green)).\n" // Note that Prolog does not support
+        private const val EXTENDED_LABELS_POLICY =
+            ("" +
+                "%%%%%%%% Rules %%%%%%%%%%%%\n" +
+                "rule(denyAll).\n" +
+                "rule_priority(denyAll, 0).\n" +
+                "has_decision(denyAll, drop).\n" +
+                "receives_label(denyAll).\n" +
+                "has_target(denyAll, serviceAll).\n" +
+                "\n" +
+                "rule(demo).\n" +
+                "rule_priority(demo, 1).\n" +
+                "has_target(demo, service473016340).\n" +
+                "service(service473016340).\n" +
+                "has_endpoint(service473016340,\"(ahc|ahc-ws|cxf|cxfbean|cxfrs)://.*\").\n" +
+                "receives_label(demo) :- label(purpose(green)).\n" // Note that Prolog does not
+                // support
                 // nested predicates.
-                + "has_decision(demo, allow).\n"
-                + "\n"
-                + "%%%%% Services %%%%%%%%%%%%\n"
-                + "service(serviceAll).\n"
-                + "has_endpoint(serviceAll,'.*').\n"
-                + "creates_label(serviceAll, purpose(green)).\n"
-                + "\n"
-                + "service(sanitizedata).\n"
-                + "has_endpoint(sanitizedata, \"^bean://SanitizerBean.*\").\n"
-                + "creates_label(sanitizedata, public).\n"
-                + "removes_label(sanitizedata, private).\n")
+                +
+                "has_decision(demo, allow).\n" +
+                "\n" +
+                "%%%%% Services %%%%%%%%%%%%\n" +
+                "service(serviceAll).\n" +
+                "has_endpoint(serviceAll,'.*').\n" +
+                "creates_label(serviceAll, purpose(green)).\n" +
+                "\n" +
+                "service(sanitizedata).\n" +
+                "has_endpoint(sanitizedata, \"^bean://SanitizerBean.*\").\n" +
+                "creates_label(sanitizedata, public).\n" +
+                "removes_label(sanitizedata, private).\n")
 
         // Route from LUCON paper with path searching logic
-        private const val VERIFIABLE_ROUTE = ("%\n"
-                + "% (C) Julian Schütte, Fraunhofer AISEC, 2017\n"
-                + "%\n"
-                + "% Demonstration of model checking a message route against a usage control policy\n"
-                + "%\n"
-                + "% Message Route definition\n"
-                + "%\n"
-                + "%       hiveMqttBroker       \n"
-                + "%       /     \\     \n"
-                + "%  logger    anonymizer  \n"
-                + "%       \\     /     \n"
-                + "%       hadoopClusters       \n"
-                + "%         |          \n"
-                + "%       testQueue       \n"
-                + "entrynode(hiveMqttBroker).\n"
-                + "stmt(hiveMqttBroker).\n"
-                + "has_action(hiveMqttBroker, \"paho:something:tcp://broker.hivemq.com:1883/anywhere\").\n"
-                + "stmt(logger).\n"
-                + "has_action(logger, \"log\").\n"
-                + "stmt(anonymizer).\n"
-                + "has_action(anonymizer, \"hello_anonymizer_world\").\n"
-                + "stmt(hadoopClusters).\n"
-                + "has_action(hadoopClusters, \"hdfs://myCluser\").\n"
-                + "stmt(testQueue).\n"
-                + "has_action(testQueue, \"amqp:testQueue:test\").\n"
-                + "\n"
-                + "succ(hiveMqttBroker, logger).\n"
-                + "succ(hiveMqttBroker, anonymizer).\n"
-                + "succ(logger, hadoopClusters).\n"
-                + "succ(anonymizer, hadoopClusters).\n"
-                + "succ(hadoopClusters, testQueue).\n"
-                + "\n")
+        private const val VERIFIABLE_ROUTE =
+            ("%\n" +
+                "% (C) Julian Schütte, Fraunhofer AISEC, 2017\n" +
+                "%\n" +
+                "% Demonstration of model checking a message route against a usage control policy\n" +
+                "%\n" +
+                "% Message Route definition\n" +
+                "%\n" +
+                "%       hiveMqttBroker       \n" +
+                "%       /     \\     \n" +
+                "%  logger    anonymizer  \n" +
+                "%       \\     /     \n" +
+                "%       hadoopClusters       \n" +
+                "%         |          \n" +
+                "%       testQueue       \n" +
+                "entrynode(hiveMqttBroker).\n" +
+                "stmt(hiveMqttBroker).\n" +
+                "has_action(hiveMqttBroker, \"paho:something:tcp://broker.hivemq.com:1883/anywhere\").\n" +
+                "stmt(logger).\n" +
+                "has_action(logger, \"log\").\n" +
+                "stmt(anonymizer).\n" +
+                "has_action(anonymizer, \"hello_anonymizer_world\").\n" +
+                "stmt(hadoopClusters).\n" +
+                "has_action(hadoopClusters, \"hdfs://myCluser\").\n" +
+                "stmt(testQueue).\n" +
+                "has_action(testQueue, \"amqp:testQueue:test\").\n" +
+                "\n" +
+                "succ(hiveMqttBroker, logger).\n" +
+                "succ(hiveMqttBroker, anonymizer).\n" +
+                "succ(logger, hadoopClusters).\n" +
+                "succ(anonymizer, hadoopClusters).\n" +
+                "succ(hadoopClusters, testQueue).\n" +
+                "\n")
     }
-}
\ No newline at end of file
+}
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
index 02911e321..004abd6e3 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/InfoModelService.kt
@@ -27,23 +27,19 @@ import de.fraunhofer.iais.eis.*
 import de.fraunhofer.iais.eis.ids.jsonld.Serializer
 import de.fraunhofer.iais.eis.util.ConstraintViolationException
 import de.fraunhofer.iais.eis.util.TypedLiteral
+import java.net.URI
+import java.net.URISyntaxException
+import java.util.*
 import org.osgi.service.component.annotations.Component
 import org.osgi.service.component.annotations.Reference
 import org.osgi.service.component.annotations.ReferenceCardinality
 import org.slf4j.LoggerFactory
-import java.net.URI
-import java.net.URISyntaxException
-import java.util.*
 
-
-/**
- * IDS Info Model Manager.
- */
+/** IDS Info Model Manager. */
 @Component(name = "ids-infomodel-manager", immediate = true)
 class InfoModelService : InfoModel {
 
-    @Reference(cardinality = ReferenceCardinality.MANDATORY)
-    private lateinit var settings: Settings
+    @Reference(cardinality = ReferenceCardinality.MANDATORY) private lateinit var settings: Settings
     @Reference(cardinality = ReferenceCardinality.OPTIONAL)
     private var connectionManager: ConnectionManager? = null
 
@@ -52,49 +48,56 @@ class InfoModelService : InfoModel {
 
     override val modelVersion = BuildConfig.INFOMODEL_VERSION
 
-    /**
-     * Build Connector Entity Names from preferences
-     */
+    /** Build Connector Entity Names from preferences */
     private val connectorEntityNames: List<TypedLiteral>
-        get() = connectorProfile.connectorEntityNames.also {
-            if (it == null) {
-                LOG.warn("Settings or ConnectorProfile not available, or no connector entity names provided")
+        get() =
+            connectorProfile.connectorEntityNames.also {
+                if (it == null) {
+                    LOG.warn(
+                        "Settings or ConnectorProfile not available, or no connector entity names provided"
+                    )
+                }
             }
-        } ?: emptyList()
+                ?: emptyList()
 
     private val catalog: ArrayList<ResourceCatalog>
-        get() = arrayListOf(ResourceCatalogBuilder()._offeredResource_(ArrayList(resources)).build())
+        get() =
+            arrayListOf(ResourceCatalogBuilder()._offeredResource_(ArrayList(resources)).build())
 
     /**
-     * Build current endpoints as given by connectionManager
-     * will not be stored in preferences, but freshly loaded each time.
-     * Multiple names for one connector allowed
+     * Build current endpoints as given by connectionManager will not be stored in preferences, but
+     * freshly loaded each time. Multiple names for one connector allowed
      */
     private val resources: List<Resource>
-        get() = connectionManager?.let { cm ->
-            cm.listAvailableEndpoints().map {
-                val url = URI.create("${it.defaultProtocol}://${it.host}:${it.port}")
-                val endpoint = ConnectorEndpointBuilder()._accessURL_(url).build()
-                ResourceBuilder()._resourceEndpoint_(arrayListOf(endpoint)).build()
+        get() =
+            connectionManager?.let { cm ->
+                cm.listAvailableEndpoints().map {
+                    val url = URI.create("${it.defaultProtocol}://${it.host}:${it.port}")
+                    val endpoint = ConnectorEndpointBuilder()._accessURL_(url).build()
+                    ResourceBuilder()._resourceEndpoint_(arrayListOf(endpoint)).build()
+                }
             }
-        } ?: emptyList()
+                ?: emptyList()
 
     /**
-     * Build Security Profile from preferences
-     * defaults to "NONE" for all attributes in case nothing has been stored
+     * Build Security Profile from preferences defaults to "NONE" for all attributes in case nothing
+     * has been stored
      * @return
      */
     private val securityProfile: SecurityProfile?
-        get() = connectorProfile.securityProfile.also {
-            if (it == null) {
-                LOG.warn("Settings, ConnectorProfile not available, or no SecurityProfile provided")
+        get() =
+            connectorProfile.securityProfile.also {
+                if (it == null) {
+                    LOG.warn(
+                        "Settings, ConnectorProfile not available, or no SecurityProfile provided"
+                    )
+                }
             }
-        }
 
     /**
-     * Creates and returns Connector object based on stored preferences.
-     * Returns random connector_url if none is stored in preferences.
-     * The fields op_url and entityNames cannot be null.
+     * Creates and returns Connector object based on stored preferences. Returns random
+     * connector_url if none is stored in preferences. The fields op_url and entityNames cannot be
+     * null.
      */
     override val connector: Connector?
         get() {
@@ -103,22 +106,29 @@ class InfoModelService : InfoModel {
             val entityNames = connectorEntityNames
 
             if (LOG.isTraceEnabled) {
-                LOG.trace("Maintainer URL: {}, Connector URL: {}, Entity Names: {}",
-                        maintainerUrl, connectorUrl, entityNames)
+                LOG.trace(
+                    "Maintainer URL: {}, Connector URL: {}, Entity Names: {}",
+                    maintainerUrl,
+                    connectorUrl,
+                    entityNames
+                )
             }
 
             return if (maintainerUrl != null) {
                 try {
-                    val trustedConnectorBuilder = if (connectorUrl == null) {
-                        TrustedConnectorBuilder()
-                    } else {
-                        TrustedConnectorBuilder(connectorUrl)
-                    }
-                    trustedConnectorBuilder._maintainer_(maintainerUrl)
-                            ._title_(ArrayList(entityNames))
-                            ._securityProfile_(securityProfile)
-                            ._resourceCatalog_(catalog)
-                            ._description_(ArrayList(entityNames)).build()
+                    val trustedConnectorBuilder =
+                        if (connectorUrl == null) {
+                            TrustedConnectorBuilder()
+                        } else {
+                            TrustedConnectorBuilder(connectorUrl)
+                        }
+                    trustedConnectorBuilder
+                        ._maintainer_(maintainerUrl)
+                        ._title_(ArrayList(entityNames))
+                        ._securityProfile_(securityProfile)
+                        ._resourceCatalog_(catalog)
+                        ._description_(ArrayList(entityNames))
+                        .build()
                 } catch (ex: ConstraintViolationException) {
                     LOG.error("Caught ConstraintViolationException while building Connector", ex)
                     null
@@ -133,9 +143,9 @@ class InfoModelService : InfoModel {
         }
 
     /**
-     * Store or update new Connector description to preferences.
-     * Creates random connector_url if null and succeeds only if maintainerUrl and entityNames != null
-     * Generates RDF description from Connector object and returns building success
+     * Store or update new Connector description to preferences. Creates random connector_url if
+     * null and succeeds only if maintainerUrl and entityNames != null Generates RDF description
+     * from Connector object and returns building success
      */
     override fun setConnector(profile: ConnectorProfile): Boolean {
         if (profile.securityProfile == null) {
@@ -154,9 +164,10 @@ class InfoModelService : InfoModel {
     }
 
     override val connectorAsJsonLd: String
-        get() = settings.connectorJsonLd
+        get() =
+            settings.connectorJsonLd
                 ?: connector?.let { serializer.serialize(it) }
-                ?: throw NullPointerException("Connector is not available")
+                    ?: throw NullPointerException("Connector is not available")
 
     override fun setConnectorByJsonLd(jsonLd: String?) {
         settings.let { settings ->
@@ -176,5 +187,4 @@ class InfoModelService : InfoModel {
         private val LOG = LoggerFactory.getLogger(InfoModelService::class.java)
         private val serializer: Serializer by lazy { Serializer() }
     }
-
 }
diff --git a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomModule.kt b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomModule.kt
index 56a51cfe5..65853c0db 100644
--- a/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomModule.kt
+++ b/ids-infomodel-manager/src/main/kotlin/de/fhg/aisec/ids/informationmodelmanager/deserializer/CustomModule.kt
@@ -21,12 +21,10 @@ package de.fhg.aisec.ids.informationmodelmanager.deserializer
 
 import com.fasterxml.jackson.databind.module.SimpleModule
 
-import de.fraunhofer.iais.eis.SecurityProfile
-
 // allows Jackson to deserialize custom object types
 class CustomModule : SimpleModule("CustomModule") {
     init {
-//        this.addDeserializer(SecurityProfile::class.java, SecurityProfileDeserializer())
+        //        this.addDeserializer(SecurityProfile::class.java, SecurityProfileDeserializer())
     }
 
     companion object {
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/CamelInterceptor.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/CamelInterceptor.kt
index 79aff6959..ec2488a88 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/CamelInterceptor.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/CamelInterceptor.kt
@@ -46,18 +46,22 @@ class CamelInterceptor : InterceptStrategy {
     }
 
     override fun wrapProcessorInInterceptors(
-            context: CamelContext,
-            node: NamedNode,
-            target: Processor,
-            nextTarget: Processor?): Processor {
+        context: CamelContext,
+        node: NamedNode,
+        target: Processor,
+        nextTarget: Processor?
+    ): Processor {
         return PolicyEnforcementPoint(node, target)
     }
 
     companion object {
         private lateinit var instance: CamelInterceptor
 
-        val pdp get() = instance.pdp
-        val usageControlInterface get() = instance.usageControlInterface
-        val containerManager get() = instance.containerManager
+        val pdp
+            get() = instance.pdp
+        val usageControlInterface
+            get() = instance.usageControlInterface
+        val containerManager
+            get() = instance.containerManager
     }
-}
\ No newline at end of file
+}
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
index 2272a0af0..fe89f14da 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/PolicyEnforcementPoint.kt
@@ -27,6 +27,9 @@ import de.fhg.aisec.ids.api.policy.TransformationDecision
 import de.fraunhofer.iais.eis.BinaryOperator
 import de.fraunhofer.iais.eis.Constraint
 import de.fraunhofer.iais.eis.LeftOperand
+import java.net.InetAddress
+import java.net.URI
+import java.util.*
 import org.apache.camel.*
 import org.apache.camel.model.EndpointRequiredDefinition
 import org.apache.camel.model.FromDefinition
@@ -34,25 +37,21 @@ import org.apache.camel.model.RouteDefinition
 import org.apache.camel.model.ToDefinition
 import org.apache.camel.support.processor.DelegateAsyncProcessor
 import org.slf4j.LoggerFactory
-import java.net.InetAddress
-import java.net.URI
-import java.util.*
 
-class PolicyEnforcementPoint internal constructor(
-    private val destinationNode: NamedNode,
-    target: Processor) : DelegateAsyncProcessor(target) {
+class PolicyEnforcementPoint
+internal constructor(private val destinationNode: NamedNode, target: Processor) :
+    DelegateAsyncProcessor(target) {
     /**
-     * The method performs flow control and calls Exchange.setException() when necessary
-     * It iterates through nodes in CamelRoute (<from>, <log>, <choice>, <process>, <to>, ...)
-     * and launches node specific usage enforcement actions.
+     * The method performs flow control and calls Exchange.setException() when necessary It iterates
+     * through nodes in CamelRoute (<from>, <log>, <choice>, <process>, <to>, ...) and launches node
+     * specific usage enforcement actions.
      *
-     * At node <from>: protect exchange msg's body if usage constraint is given
-     * At node <to>: unprotect exchange msg's body if usage constraing it fulfilled
+     * At node <from>: protect exchange msg's body if usage constraint is given At node <to>:
+     * unprotect exchange msg's body if usage constraing it fulfilled
      *
      * @param exchange The exchange object to check
      * @return Whether target.process() is to be called for this exchange object
      */
-
     private fun processFlowControl(exchange: Exchange?): Boolean {
         if (exchange == null) {
             if (LOG.isWarnEnabled) {
@@ -60,23 +59,28 @@ class PolicyEnforcementPoint internal constructor(
             }
             return false
         }
-        // Strict policy: If PDP or Usage Control interface are not available, block every checked data flow
-        val pdp = CamelInterceptor.pdp
-                ?: throw Exception("PDP is not available")
-        val ucInterface = CamelInterceptor.usageControlInterface
+        // Strict policy: If PDP or Usage Control interface are not available, block every checked
+        // data flow
+        val pdp = CamelInterceptor.pdp ?: throw Exception("PDP is not available")
+        val ucInterface =
+            CamelInterceptor.usageControlInterface
                 ?: throw Exception("Usage Control Interface is not available")
 
         // Save per exchange object the source node's content (<from: uri="idscp2server://0...>)
-        // Same entry in Hashmap per CamelRoute, change of exchange properties do not create new entry
-        val sourceNode: NamedNode = lastDestinations[exchange] ?: run {
-            // If there is no previously saved node for this exchange, use the parent <route> to find the input
-            // (first <from> statement) of the processed route.
-            var routeNode = destinationNode.parent
-            while (routeNode !is RouteDefinition) {
-                routeNode = routeNode.parent
-            }
-            routeNode.input
-        }
+        // Same entry in Hashmap per CamelRoute, change of exchange properties do not create new
+        // entry
+        val sourceNode: NamedNode =
+            lastDestinations[exchange]
+                ?: run {
+                    // If there is no previously saved node for this exchange, use the parent
+                    // <route> to find the input
+                    // (first <from> statement) of the processed route.
+                    var routeNode = destinationNode.parent
+                    while (routeNode !is RouteDefinition) {
+                        routeNode = routeNode.parent
+                    }
+                    routeNode.input
+                }
 
         // Save current destination node of CamelRoute
         lastDestinations[exchange] = destinationNode
@@ -86,88 +90,135 @@ class PolicyEnforcementPoint internal constructor(
             LOG.trace("{} -> {}", source, destination)
         }
 
-        val isIdscp2Endpoint = { ep: EndpointRequiredDefinition -> ep.endpointUri.startsWith("idscp2") }
+        val isIdscp2Endpoint = { ep: EndpointRequiredDefinition ->
+            ep.endpointUri.startsWith("idscp2")
+        }
         // Only take action for nodes of type <from> (= input) and <to> (= output)
-        if ((sourceNode is EndpointRequiredDefinition && isIdscp2Endpoint(sourceNode))
-            || destinationNode is ToDefinition) {
-            val ucContract = try {
-                ucInterface.getExchangeContract(exchange)
-            } catch (x: RuntimeException) {
-                // Thrown if data provider references an unknown ContractAgreement via transferContract
-                throw Exception("Required contract is not available!", x)
-            }
+        if ((sourceNode is EndpointRequiredDefinition && isIdscp2Endpoint(sourceNode)) ||
+                destinationNode is ToDefinition
+        ) {
+            val ucContract =
+                try {
+                    ucInterface.getExchangeContract(exchange)
+                } catch (x: RuntimeException) {
+                    // Thrown if data provider references an unknown ContractAgreement via
+                    // transferContract
+                    throw Exception("Required contract is not available!", x)
+                }
             // If there is no known ContractAgreement for this Exchange, nothing to do here.
             ucContract?.let { contract ->
                 if (LOG.isDebugEnabled) {
                     LOG.debug("Applying Contract $contract")
                 }
                 val dockerConstraint = { c: Constraint ->
-                    c.operator == BinaryOperator.SAME_AS && c.leftOperand == LeftOperand.SYSTEM }
-                contract.permission.firstOrNull { p ->
-                    // Check whether any constraint is given which fits the rules given above
-                    p.constraint.firstOrNull(dockerConstraint) != null
-                    // So far previous checks answered: "Can we principally work with given constraint?"
-                }?.constraint?.first(dockerConstraint)?.rightOperandReference?.let { dockerUri ->
-                    if (LOG.isDebugEnabled) {
-                        LOG.debug("UC: Restricting to Container URI $dockerUri")
-                    }
-                    // Extracting hash and port of containerUri given by CamelRoute
-                    val hashPart = dockerUri.path.split("/").last()
-                    if (!hashPart.startsWith("sha256-")) {
-                        throw Exception("Invalid docker URI for UC, last path component must start with \"sha256-\"!")
-                    }
-                    val hash = hashPart.substring(7)
-                    val port = try {
-                        dockerUri.fragment.toInt().also { assert(it in 1..65535) }
-                    } catch (nfe: NumberFormatException) {
-                        throw Exception("Invalid docker URI for UC, fragment must represent a valid port number!")
-                    } catch (ae: AssertionError) {
-                        throw Exception("Invalid docker URI for UC, ${dockerUri.fragment} is not a valid port number!")
+                    c.operator == BinaryOperator.SAME_AS && c.leftOperand == LeftOperand.SYSTEM
+                }
+                contract
+                    .permission
+                    .firstOrNull { p ->
+                        // Check whether any constraint is given which fits the rules given above
+                        p.constraint.firstOrNull(dockerConstraint) != null
+                        // So far previous checks answered: "Can we principally work with given
+                        // constraint?"
                     }
-                    // Check whether we deal with an entry node ("from:...") or a response of a To node ("to...")...
-                    if (sourceNode is FromDefinition
-                        || (sourceNode is ToDefinition && !ucInterface.isProtected(exchange)
-                                && isIdscp2Endpoint(sourceNode))) {
-                        // If we found an entry node, then protect exchange's body
-                        ucInterface.protectBody(exchange, ucContract.id)
+                    ?.constraint
+                    ?.first(dockerConstraint)
+                    ?.rightOperandReference
+                    ?.let { dockerUri ->
                         if (LOG.isDebugEnabled) {
-                            LOG.debug("UC: Protect Exchange body with UC contract ${ucContract.id}")
+                            LOG.debug("UC: Restricting to Container URI $dockerUri")
                         }
-                    // ... or output ("to:...") node as destination of this transition.
-                    // Additionally check whether exchange's body was protected.
-                    } else if (destinationNode is ToDefinition && ucInterface.isProtected(exchange)) {
-                        // Compare hash value and port of camelRoute's containerUri with local Docker containers
-                        CamelInterceptor.containerManager?.let { cm ->
-                            val endpointUri = URI.create(destinationNode.endpointUri)
-                            // Check is containerUri's port matched CamelRoute ToNode's port
-                            if (port != endpointUri.port) {
-                                LOG.warn("UC: Exchange blocked by contract: " +
-                                        "Port $port is permitted, but ${endpointUri.port} is used!")
-                            } else {
-                                val allowedContainers = cm.list(true).filter { container ->
-                                    // From running docker containers get all with the given hash
-                                    // Normally there is only one hash type, but there can be more
-                                    // Currently requested type is only sha256 (e.g. sha3 or else may be added later)
-                                    container.imageDigests.any { it.split(":").last() == hash }
-                                            || container.imageId.split(":").last() == hash
-                                }
-                                // Save all ip addresses of allowed containers in one list
-                                val allowedIPs = allowedContainers.flatMap { it.ipAddresses }.toSet()
-                                // Check whether all endpoint's ip-addresses belong to allowed containers
-                                if (InetAddress.getAllByName(endpointUri.host).all { allowedIPs.contains(it) }) {
-                                    ucInterface.unprotectBody(exchange)
-                                    if (LOG.isDebugEnabled) {
-                                        LOG.debug("UC: Contract permits data flow, Exchange body has been restored.")
-                                    }
+                        // Extracting hash and port of containerUri given by CamelRoute
+                        val hashPart = dockerUri.path.split("/").last()
+                        if (!hashPart.startsWith("sha256-")) {
+                            throw Exception(
+                                "Invalid docker URI for UC, last path component must start with \"sha256-\"!"
+                            )
+                        }
+                        val hash = hashPart.substring(7)
+                        val port =
+                            try {
+                                dockerUri.fragment.toInt().also { assert(it in 1..65535) }
+                            } catch (nfe: NumberFormatException) {
+                                throw Exception(
+                                    "Invalid docker URI for UC, fragment must represent a valid port number!"
+                                )
+                            } catch (ae: AssertionError) {
+                                throw Exception(
+                                    "Invalid docker URI for UC, ${dockerUri.fragment} is not a valid port number!"
+                                )
+                            }
+                        // Check whether we deal with an entry node ("from:...") or a response of a
+                        // To node ("to...")...
+                        if (sourceNode is FromDefinition ||
+                                (sourceNode is ToDefinition &&
+                                    !ucInterface.isProtected(exchange) &&
+                                    isIdscp2Endpoint(sourceNode))
+                        ) {
+                            // If we found an entry node, then protect exchange's body
+                            ucInterface.protectBody(exchange, ucContract.id)
+                            if (LOG.isDebugEnabled) {
+                                LOG.debug(
+                                    "UC: Protect Exchange body with UC contract ${ucContract.id}"
+                                )
+                            }
+                            // ... or output ("to:...") node as destination of this transition.
+                            // Additionally check whether exchange's body was protected.
+                        } else if (destinationNode is ToDefinition &&
+                                ucInterface.isProtected(exchange)
+                        ) {
+                            // Compare hash value and port of camelRoute's containerUri with local
+                            // Docker containers
+                            CamelInterceptor.containerManager?.let { cm ->
+                                val endpointUri = URI.create(destinationNode.endpointUri)
+                                // Check is containerUri's port matched CamelRoute ToNode's port
+                                if (port != endpointUri.port) {
+                                    LOG.warn(
+                                        "UC: Exchange blocked by contract: " +
+                                            "Port $port is permitted, but ${endpointUri.port} is used!"
+                                    )
                                 } else {
-                                    LOG.warn("UC: Some or all IP addresses of the host ${endpointUri.host} " +
-                                            "do not belong to the permitted containers (${allowedContainers})")
+                                    val allowedContainers =
+                                        cm.list(true).filter { container ->
+                                            // From running docker containers get all with the given
+                                            // hash
+                                            // Normally there is only one hash type, but there can
+                                            // be more
+                                            // Currently requested type is only sha256 (e.g. sha3 or
+                                            // else may be added later)
+                                            container.imageDigests.any {
+                                                it.split(":").last() == hash
+                                            } || container.imageId.split(":").last() == hash
+                                        }
+                                    // Save all ip addresses of allowed containers in one list
+                                    val allowedIPs =
+                                        allowedContainers.flatMap { it.ipAddresses }.toSet()
+                                    // Check whether all endpoint's ip-addresses belong to allowed
+                                    // containers
+                                    if (InetAddress.getAllByName(endpointUri.host).all {
+                                            allowedIPs.contains(it)
+                                        }
+                                    ) {
+                                        ucInterface.unprotectBody(exchange)
+                                        if (LOG.isDebugEnabled) {
+                                            LOG.debug(
+                                                "UC: Contract permits data flow, Exchange body has been restored."
+                                            )
+                                        }
+                                    } else {
+                                        LOG.warn(
+                                            "UC: Some or all IP addresses of the host ${endpointUri.host} " +
+                                                "do not belong to the permitted containers (${allowedContainers})"
+                                        )
+                                    }
                                 }
                             }
-                        } ?: LOG.warn("UC: ContainerManager is not available, " +
-                                "cannot verify container-binding contract!")
+                                ?: LOG.warn(
+                                    "UC: ContainerManager is not available, " +
+                                        "cannot verify container-binding contract!"
+                                )
+                        }
                     }
-                }
             }
         }
 
@@ -177,14 +228,20 @@ class PolicyEnforcementPoint internal constructor(
         // Call PDP to transform labels and decide whether to forward the Exchange
         applyLabelTransformation(pdp.requestTranformations(sourceServiceNode), exchange)
         val labels = exchangeLabels.computeIfAbsent(exchange) { HashSet<String>() }
-        val decision = pdp.requestDecision(
-                DecisionRequest(sourceServiceNode, destinationServiceNode, labels, null))
+        val decision =
+            pdp.requestDecision(
+                DecisionRequest(sourceServiceNode, destinationServiceNode, labels, null)
+            )
         return when (decision.decision!!) {
             PolicyDecision.Decision.ALLOW -> true
             PolicyDecision.Decision.DENY -> {
                 if (LOG.isWarnEnabled) {
-                    LOG.warn("Exchange explicitly blocked (DENY) by data flow policy. " +
-                            "Source: {}, Target: {}", sourceServiceNode, destinationServiceNode)
+                    LOG.warn(
+                        "Exchange explicitly blocked (DENY) by data flow policy. " +
+                            "Source: {}, Target: {}",
+                        sourceServiceNode,
+                        destinationServiceNode
+                    )
                 }
                 exchange.setException(Exception("Exchange blocked by data flow policy"))
                 false
@@ -199,7 +256,9 @@ class PolicyEnforcementPoint internal constructor(
      * @param exchange Exchange processed
      */
     private fun applyLabelTransformation(
-            requestTransformations: TransformationDecision, exchange: Exchange) {
+        requestTransformations: TransformationDecision,
+        exchange: Exchange
+    ) {
         val labels = exchangeLabels.computeIfAbsent(exchange) { HashSet<String>() }
 
         // Remove labels from exchange
@@ -221,8 +280,8 @@ class PolicyEnforcementPoint internal constructor(
     companion object {
         private val LOG = LoggerFactory.getLogger(PolicyEnforcementPoint::class.java)
         private val lastDestinations: MutableMap<Exchange, NamedNode> =
-                MapMaker().weakKeys().makeMap()
+            MapMaker().weakKeys().makeMap()
         private val exchangeLabels: MutableMap<Exchange, MutableSet<String>> =
-                MapMaker().weakKeys().makeMap()
+            MapMaker().weakKeys().makeMap()
     }
-}
\ No newline at end of file
+}
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt
index 2fdac44db..6f78f2ff5 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/RouteManagerService.kt
@@ -22,6 +22,13 @@ package de.fhg.aisec.ids.rm
 import de.fhg.aisec.ids.api.router.*
 import de.fhg.aisec.ids.rm.util.CamelRouteToDot
 import de.fhg.aisec.ids.rm.util.PrologPrinter
+import java.io.*
+import java.nio.charset.StandardCharsets
+import java.util.*
+import java.util.stream.Collectors
+import javax.management.*
+import javax.xml.bind.JAXBContext
+import javax.xml.bind.JAXBException
 import org.apache.camel.CamelContext
 import org.apache.camel.Endpoint
 import org.apache.camel.ServiceStatus
@@ -37,13 +44,6 @@ import org.osgi.service.component.ComponentContext
 import org.osgi.service.component.annotations.Activate
 import org.osgi.service.component.annotations.Component
 import org.slf4j.LoggerFactory
-import java.io.*
-import java.nio.charset.StandardCharsets
-import java.util.*
-import java.util.stream.Collectors
-import javax.management.*
-import javax.xml.bind.JAXBContext
-import javax.xml.bind.JAXBException
 
 /**
  * Manages Camel routes.
@@ -119,7 +119,8 @@ class RouteManagerService : RouteManager {
 
     override fun listComponents(): List<RouteComponent> {
         val componentNames: MutableList<RouteComponent> = ArrayList()
-        val bCtx = FrameworkUtil.getBundle(RouteManagerService::class.java).bundleContext
+        val bCtx =
+            FrameworkUtil.getBundle(RouteManagerService::class.java).bundleContext
                 ?: return componentNames
         try {
             val services = bCtx.getServiceReferences("org.apache.camel.spi.ComponentResolver", null)
@@ -142,15 +143,18 @@ class RouteManagerService : RouteManager {
 
     override fun getEndpoints(): Map<String, Collection<String>> {
         return camelContexts
-                .stream()
-                .collect(
-                        Collectors.toMap({ obj: CamelContext -> obj.name },
-                                { c: CamelContext ->
-                                    c.endpoints
-                                            .stream()
-                                            .map { obj: Endpoint -> obj.endpointUri }
-                                            .collect(Collectors.toList())
-                                }))
+            .stream()
+            .collect(
+                Collectors.toMap(
+                    { obj: CamelContext -> obj.name },
+                    { c: CamelContext ->
+                        c.endpoints
+                            .stream()
+                            .map { obj: Endpoint -> obj.endpointUri }
+                            .collect(Collectors.toList())
+                    }
+                )
+            )
     }
 
     override fun listEndpoints(): Map<String, String> {
@@ -224,13 +228,12 @@ class RouteManagerService : RouteManager {
     private val camelContexts: List<CamelContext>
         get() {
             return try {
-                ctx.bundleContext.getServiceReferences(CamelContext::class.java.name, null)
-                        ?.run {
-                            mapNotNull { reference -> ctx.bundleContext.getService(reference) }
-                                    .map { CamelContext::class.java.cast(it) }
-                                    .sortedWith(Comparator.comparing { it.name })
-                        } ?: emptyList()
-
+                ctx.bundleContext.getServiceReferences(CamelContext::class.java.name, null)?.run {
+                    mapNotNull { reference -> ctx.bundleContext.getService(reference) }
+                        .map { CamelContext::class.java.cast(it) }
+                        .sortedWith(Comparator.comparing { it.name })
+                }
+                    ?: emptyList()
             } catch (e: Exception) {
                 LOG.warn("Cannot retrieve the list of Camel contexts.", e)
                 emptyList()
@@ -244,16 +247,16 @@ class RouteManagerService : RouteManager {
      * @param rd The RouteDefinition to be transformed
      * @return The resulting RouteObject
      */
-    private fun routeDefinitionToObject(
-            cCtx: CamelContext, rd: RouteDefinition): RouteObject {
+    private fun routeDefinitionToObject(cCtx: CamelContext, rd: RouteDefinition): RouteObject {
         return RouteObject(
-                rd.id,
-                rd.descriptionText,
-                routeToDot(rd),
-                rd.shortName,
-                cCtx.name,
-                cCtx.uptimeMillis,
-                cCtx.routeController.getRouteStatus(rd.id).toString())
+            rd.id,
+            rd.descriptionText,
+            routeToDot(rd),
+            rd.shortName,
+            cCtx.name,
+            cCtx.uptimeMillis,
+            cCtx.routeController.getRouteStatus(rd.id).toString()
+        )
     }
 
     /**
@@ -289,27 +292,42 @@ class RouteManagerService : RouteManager {
         return emptyList()
     }
 
-    @Throws(MalformedObjectNameException::class, JAXBException::class, AttributeNotFoundException::class, InstanceNotFoundException::class, MBeanException::class, ReflectionException::class)
+    @Throws(
+        MalformedObjectNameException::class,
+        JAXBException::class,
+        AttributeNotFoundException::class,
+        InstanceNotFoundException::class,
+        MBeanException::class,
+        ReflectionException::class
+    )
     fun getRouteStats(cCtx: CamelContext, rd: RouteDefinition): RouteStatDump? {
         val context = JAXBContext.newInstance(RouteStatDump::class.java)
         val unmarshaller = context.createUnmarshaller()
         val agent = cCtx.managementStrategy.managementAgent
         if (agent != null) {
             val mBeanServer = agent.mBeanServer
-            val set = mBeanServer.queryNames(
+            val set =
+                mBeanServer.queryNames(
                     ObjectName(
-                            DefaultManagementAgent.DEFAULT_DOMAIN
-                                    + ":type=routes,name=\""
-                                    + rd.id
-                                    + "\",*"),
-                    null)
+                        DefaultManagementAgent.DEFAULT_DOMAIN +
+                            ":type=routes,name=\"" +
+                            rd.id +
+                            "\",*"
+                    ),
+                    null
+                )
             for (routeMBean in set) {
                 // the route must be part of the camel context
                 val camelId = mBeanServer.getAttribute(routeMBean, "CamelId") as String?
                 if (camelId != null && camelId == cCtx.name) {
-                    val xml = mBeanServer.invoke(
+                    val xml =
+                        mBeanServer.invoke(
                             routeMBean,
-                            "dumpRouteStatsAsXml", arrayOf<Any>(false, true), arrayOf("boolean", "boolean")) as String
+                            "dumpRouteStatsAsXml",
+                            arrayOf<Any>(false, true),
+                            arrayOf("boolean", "boolean")
+                        ) as
+                            String
                     return unmarshaller.unmarshal(StringReader(xml)) as RouteStatDump
                 }
             }
@@ -323,9 +341,12 @@ class RouteManagerService : RouteManager {
      * @param routeId The id of the route that is to be exported
      */
     override fun getRouteAsProlog(routeId: String): String {
-        val c = camelContexts
+        val c =
+            camelContexts
                 .parallelStream()
-                .filter { cCtx: CamelContext -> cCtx.adapt(ModelCamelContext::class.java).getRouteDefinition(routeId) != null }
+                .filter { cCtx: CamelContext ->
+                    cCtx.adapt(ModelCamelContext::class.java).getRouteDefinition(routeId) != null
+                }
                 .findAny()
         if (c.isPresent) {
             try {
@@ -378,7 +399,9 @@ class RouteManagerService : RouteManager {
             if (targetRoute != null) {
                 cCtx = c
                 val serviceStatus = cCtx.routeController.getRouteStatus(routeId)
-                routeStarted = serviceStatus == ServiceStatus.Started || serviceStatus == ServiceStatus.Starting
+                routeStarted =
+                    serviceStatus == ServiceStatus.Started ||
+                        serviceStatus == ServiceStatus.Starting
                 break
             }
         }
@@ -390,19 +413,26 @@ class RouteManagerService : RouteManager {
         // Check for validity of route representation
         var routes: List<RouteDefinition>
         try {
-            ByteArrayInputStream(routeRepresentation.toByteArray(StandardCharsets.UTF_8)).use { bis ->
+            ByteArrayInputStream(routeRepresentation.toByteArray(StandardCharsets.UTF_8)).use { bis
+                ->
                 // Load route(s) from XML
                 val rd = ModelHelper.loadRoutesDefinition(cCtx, bis)
                 routes = rd.routes
-                val id = routes.stream().map { obj: RouteDefinition -> obj.id }.filter { rid: String -> routeId != rid }.findAny()
+                val id =
+                    routes
+                        .stream()
+                        .map { obj: RouteDefinition -> obj.id }
+                        .filter { rid: String -> routeId != rid }
+                        .findAny()
                 if (id.isPresent) {
                     throw Exception(
-                            "The new route representation has a different ID: "
-                                    + "Expected \""
-                                    + routeId
-                                    + "\" but got \""
-                                    + id.get()
-                                    + "\"")
+                        "The new route representation has a different ID: " +
+                            "Expected \"" +
+                            routeId +
+                            "\" but got \"" +
+                            id.get() +
+                            "\""
+                    )
                 }
             }
         } catch (e: Exception) {
@@ -444,20 +474,24 @@ class RouteManagerService : RouteManager {
         val existingRoutes = this.routes
         val cCtx: CamelContext = DefaultCamelContext()
         try {
-            ByteArrayInputStream(routeRepresentation.toByteArray(StandardCharsets.UTF_8)).use { bis ->
+            ByteArrayInputStream(routeRepresentation.toByteArray(StandardCharsets.UTF_8)).use { bis
+                ->
                 // Load route(s) from XML
                 val rd = ModelHelper.loadRoutesDefinition(cCtx, bis)
                 val routes = rd.routes
-                // Check that intersection of existing and new routes is empty (=we do not allow overwriting
+                // Check that intersection of existing and new routes is empty (=we do not allow
+                // overwriting
                 // existing route ids)
-                val intersect = routes
+                val intersect =
+                    routes
                         .stream()
                         .filter { r -> existingRoutes.stream().anyMatch { it.id == r.id } }
                         .map { it.id }
                         .collect(Collectors.toList())
                 if (intersect.isNotEmpty()) {
                     throw RouteException(
-                            "Route id already exists. Will not overwrite it. ${intersect.joinToString(", ")}")
+                        "Route id already exists. Will not overwrite it. ${intersect.joinToString(", ")}"
+                    )
                 }
                 cCtx.adapt(ModelCamelContext::class.java).addRouteDefinitions(routes)
                 cCtx.start()
@@ -471,4 +505,4 @@ class RouteManagerService : RouteManager {
     companion object {
         private val LOG = LoggerFactory.getLogger(RouteManagerService::class.java)
     }
-}
\ No newline at end of file
+}
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/CamelRouteToDot.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/CamelRouteToDot.kt
index 0591cfcfd..d70a642e8 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/CamelRouteToDot.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/CamelRouteToDot.kt
@@ -19,17 +19,16 @@
  */
 package de.fhg.aisec.ids.rm.util
 
-import org.apache.camel.model.*
-import org.apache.camel.util.ObjectHelper
 import java.io.IOException
 import java.io.PrintWriter
 import java.io.Writer
 import java.util.*
+import org.apache.camel.model.*
+import org.apache.camel.util.ObjectHelper
 
 /**
  * Camel route definition to GraphViz converter.
  *
- *
  * The output can be turned into pictures using dot, neato, and others.
  */
 class CamelRouteToDot {
@@ -75,8 +74,10 @@ class CamelRouteToDot {
             return
         }
         writer.write("digraph { rankdir=LR; size=\"4.5,5.5\" \n\n")
-        writer.write("node [shape=\"box\", style = \"filled\", fillcolor = white, "
-                + "fontname=\"Helvetica-Oblique\"];")
+        writer.write(
+            "node [shape=\"box\", style = \"filled\", fillcolor = white, " +
+                "fontname=\"Helvetica-Oblique\"];"
+        )
         printRoute(writer, route, route.input)
         writer.write("\n}")
     }
@@ -92,7 +93,11 @@ class CamelRouteToDot {
     }
 
     @Throws(IOException::class)
-    private fun printNode(writer: Writer, fromData: NodeData?, node: ProcessorDefinition<*>?): NodeData? {
+    private fun printNode(
+        writer: Writer,
+        fromData: NodeData?,
+        node: ProcessorDefinition<*>?
+    ): NodeData? {
         var fromDataVar = fromData
         if (node is MulticastDefinition) {
             // no need for a multicast or interceptor node
@@ -170,15 +175,16 @@ class CamelRouteToDot {
     }
 
     @Throws(IOException::class)
-    fun generateFile(
-            writer: PrintWriter?, map: Map<String, List<RouteDefinition>>?) {
+    fun generateFile(writer: PrintWriter?, map: Map<String, List<RouteDefinition>>?) {
         if (writer == null || map == null) {
             return
         }
         writer.println("digraph CamelRoutes {")
         writer.println()
-        writer.println("node [style = \"rounded,filled\", fillcolor = white, color = \"#898989\", "
-                + "fontname=\"Helvetica-Oblique\"];")
+        writer.println(
+            "node [style = \"rounded,filled\", fillcolor = white, color = \"#898989\", " +
+                "fontname=\"Helvetica-Oblique\"];"
+        )
         writer.println()
         printRoutes(writer, map)
         writer.println("}")
@@ -204,7 +210,7 @@ class CamelRouteToDot {
         return node is MulticastDefinition || node is ChoiceDefinition
     }
 
-    /** Is the given node a pipeline  */
+    /** Is the given node a pipeline */
     private fun isPipeline(node: ProcessorDefinition<*>): Boolean {
         if (node is MulticastDefinition) {
             return false
@@ -228,4 +234,4 @@ class CamelRouteToDot {
     companion object {
         private const val PREFIX = "http://www.eaipatterns.com/img/"
     }
-}
\ No newline at end of file
+}
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/GraphProcessor.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/GraphProcessor.kt
index 036aa12ec..a46df4e8d 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/GraphProcessor.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/GraphProcessor.kt
@@ -22,12 +22,12 @@ package de.fhg.aisec.ids.rm.util
 import de.fhg.aisec.ids.api.router.graph.Edge
 import de.fhg.aisec.ids.api.router.graph.GraphData
 import de.fhg.aisec.ids.api.router.graph.Node
+import java.util.*
+import java.util.concurrent.atomic.AtomicInteger
 import org.apache.camel.model.ChoiceDefinition
 import org.apache.camel.model.OptionalIdentifiedDefinition
 import org.apache.camel.model.ProcessorDefinition
 import org.apache.camel.model.RouteDefinition
-import java.util.*
-import java.util.concurrent.atomic.AtomicInteger
 
 object GraphProcessor {
     /**
@@ -51,17 +51,20 @@ object GraphProcessor {
      * @return
      */
     private fun processNode(
-            graphData: GraphData,
-            current: ProcessorDefinition<*>,
-            preds: List<OptionalIdentifiedDefinition<*>>): List<ProcessorDefinition<*>> {
+        graphData: GraphData,
+        current: ProcessorDefinition<*>,
+        preds: List<OptionalIdentifiedDefinition<*>>
+    ): List<ProcessorDefinition<*>> {
         for (p in preds) {
             graphData.addEdge(Edge(p.id, current.id))
         }
         graphData.addNode(
-                Node(
-                        current.id,
-                        current.label,
-                        if (current is ChoiceDefinition) Node.NodeType.ChoiceNode else Node.NodeType.Node))
+            Node(
+                current.id,
+                current.label,
+                if (current is ChoiceDefinition) Node.NodeType.ChoiceNode else Node.NodeType.Node
+            )
+        )
 
         // predecessor of next recursion is the current node
         val newPreds: MutableList<ProcessorDefinition<*>> = ArrayList()
@@ -91,11 +94,8 @@ object GraphProcessor {
         return newPreds
     }
 
-    /**
-     * Prints a single FromDefinition (= a route entry point) in Prolog representation.
-     */
-    private fun processInput(
-            graphData: GraphData, route: RouteDefinition) {
+    /** Prints a single FromDefinition (= a route entry point) in Prolog representation. */
+    private fun processInput(graphData: GraphData, route: RouteDefinition) {
         val counter = AtomicInteger(0)
         val i = route.input
         // Make sure every input node has a unique id
@@ -110,4 +110,4 @@ object GraphProcessor {
             prev = next
         }
     }
-}
\ No newline at end of file
+}
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/NodeData.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/NodeData.kt
index 1d326b6d9..508dcb2cb 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/NodeData.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/NodeData.kt
@@ -19,11 +19,11 @@
  */
 package de.fhg.aisec.ids.rm.util
 
+import java.util.*
 import org.apache.camel.model.*
 import org.apache.camel.util.ObjectHelper
-import java.util.*
 
-/** Represents a node in Graphviz representation of a route.  */
+/** Represents a node in Graphviz representation of a route. */
 class NodeData(var id: String, node: Any?, imagePrefix: String) {
     var image: String? = null
     var label: String? = null
@@ -45,7 +45,7 @@ class NodeData(var id: String, node: Any?, imagePrefix: String) {
     }
 
     companion object {
-        /** Inserts a space before each upper case letter after a lowercase  */
+        /** Inserts a space before each upper case letter after a lowercase */
         fun insertSpacesBetweenCamelCase(name: String): String {
             var lastCharacterLowerCase = false
             val buffer = StringBuilder()
@@ -53,14 +53,15 @@ class NodeData(var id: String, node: Any?, imagePrefix: String) {
             val size = name.length
             while (i < size) {
                 val ch = name[i]
-                lastCharacterLowerCase = if (Character.isUpperCase(ch)) {
-                    if (lastCharacterLowerCase) {
-                        buffer.append(' ')
+                lastCharacterLowerCase =
+                    if (Character.isUpperCase(ch)) {
+                        if (lastCharacterLowerCase) {
+                            buffer.append(' ')
+                        }
+                        false
+                    } else {
+                        true
                     }
-                    false
-                } else {
-                    true
-                }
                 buffer.append(ch)
                 i++
             }
@@ -176,12 +177,13 @@ class NodeData(var id: String, node: Any?, imagePrefix: String) {
             }
         }
         if (ObjectHelper.isEmpty(url) && ObjectHelper.isNotEmpty(nodeType)) {
-            url = ("http://camel.apache.org/"
-                    + nodeType!!.toLowerCase(Locale.ENGLISH).replace(' ', '-')
-                    + ".html")
+            url =
+                ("http://camel.apache.org/" +
+                    nodeType!!.toLowerCase(Locale.ENGLISH).replace(' ', '-') +
+                    ".html")
         }
         if (node is ProcessorDefinition<*> && outputs == null) {
             outputs = node.outputs
         }
     }
-}
\ No newline at end of file
+}
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologNode.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologNode.kt
index 8460bbe69..efbd6c4e8 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologNode.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologNode.kt
@@ -19,11 +19,11 @@
  */
 package de.fhg.aisec.ids.rm.util
 
+import java.util.*
 import org.apache.camel.model.*
 import org.apache.camel.util.ObjectHelper
-import java.util.*
 
-/** Represents a node in the EIP diagram tree  */
+/** Represents a node in the EIP diagram tree */
 class PrologNode(node: Any) {
     //	public String id;
     private var nodeType: String? = null
@@ -115,4 +115,4 @@ class PrologNode(node: Any) {
             outputs = node.outputs
         }
     }
-}
\ No newline at end of file
+}
diff --git a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologPrinter.kt b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologPrinter.kt
index b3fb3c93d..997128c65 100644
--- a/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologPrinter.kt
+++ b/ids-route-manager/src/main/kotlin/de/fhg/aisec/ids/rm/util/PrologPrinter.kt
@@ -19,14 +19,14 @@
  */
 package de.fhg.aisec.ids.rm.util
 
-import org.apache.camel.model.ChoiceDefinition
-import org.apache.camel.model.OptionalIdentifiedDefinition
-import org.apache.camel.model.ProcessorDefinition
-import org.apache.camel.model.RouteDefinition
 import java.io.IOException
 import java.io.Writer
 import java.util.*
 import java.util.concurrent.atomic.AtomicInteger
+import org.apache.camel.model.ChoiceDefinition
+import org.apache.camel.model.OptionalIdentifiedDefinition
+import org.apache.camel.model.ProcessorDefinition
+import org.apache.camel.model.RouteDefinition
 
 class PrologPrinter {
     /**
@@ -57,7 +57,10 @@ class PrologPrinter {
      */
     @Throws(IOException::class)
     private fun printNode(
-            writer: Writer, current: ProcessorDefinition<*>, preds: List<OptionalIdentifiedDefinition<*>>): List<ProcessorDefinition<*>> {
+        writer: Writer,
+        current: ProcessorDefinition<*>,
+        preds: List<OptionalIdentifiedDefinition<*>>
+    ): List<ProcessorDefinition<*>> {
         for (p in preds) {
             writer.write("""
     succ(${p.id}, ${current.id}).
@@ -68,10 +71,12 @@ class PrologPrinter {
     stmt(${current.id}).
     
     """.trimIndent())
-        writer.write("""
+        writer.write(
+            """
     has_action(${current.id}, "${current.label}").
     
-    """.trimIndent())
+    """.trimIndent()
+        )
 
         // predecessor of next recursion is the current node
         val newPreds: MutableList<ProcessorDefinition<*>> = ArrayList()
@@ -133,4 +138,4 @@ class PrologPrinter {
             prev = next
         }
     }
-}
\ No newline at end of file
+}
diff --git a/ids-route-manager/src/test/kotlin/de/fhg/aisec/ids/rm/RouteMetricsTest.kt b/ids-route-manager/src/test/kotlin/de/fhg/aisec/ids/rm/RouteMetricsTest.kt
index 409a9ac80..e894aa54f 100644
--- a/ids-route-manager/src/test/kotlin/de/fhg/aisec/ids/rm/RouteMetricsTest.kt
+++ b/ids-route-manager/src/test/kotlin/de/fhg/aisec/ids/rm/RouteMetricsTest.kt
@@ -19,11 +19,11 @@
  */
 package de.fhg.aisec.ids.rm
 
+import java.util.*
 import org.apache.camel.builder.RouteBuilder
 import org.apache.camel.model.ModelCamelContext
 import org.apache.camel.test.junit4.CamelTestSupport
 import org.junit.Test
-import java.util.*
 
 class RouteMetricsTest : CamelTestSupport() {
     @Test
@@ -45,9 +45,11 @@ class RouteMetricsTest : CamelTestSupport() {
         mock.assertIsSatisfied()
 
         // Retrieve route statistics from RouteManager and make sure they match expectations
-        val after = rm.getRouteStats(
+        val after =
+            rm.getRouteStats(
                 template.camelContext,
-                template.camelContext.adapt(ModelCamelContext::class.java).getRouteDefinition("foo"))
+                template.camelContext.adapt(ModelCamelContext::class.java).getRouteDefinition("foo")
+            )
         assertEquals(MSG_COUNT.toLong(), after!!.exchangesCompleted as Long)
         assertEquals(0L, after.exchangesFailed as Long)
         assertEquals(0L, after.redeliveries as Long)
@@ -55,18 +57,19 @@ class RouteMetricsTest : CamelTestSupport() {
 
     override fun createRouteBuilders(): Array<RouteBuilder> {
         // Define the most simple route for testing
-        val rb: RouteBuilder = object : RouteBuilder() {
-            override fun configure() {
-                from("direct:input")
+        val rb: RouteBuilder =
+            object : RouteBuilder() {
+                override fun configure() {
+                    from("direct:input")
                         .routeId("foo")
                         .log(">>> Message from direct to mock: \${body}")
                         .to("mock:result")
+                }
             }
-        }
         return arrayOf(rb)
     }
 
     companion object {
         const val TEST_MESSAGE = "Hello World!"
     }
-}
\ No newline at end of file
+}
diff --git a/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/OsgiElsaSerializer.kt b/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/OsgiElsaSerializer.kt
index 26abb0019..02363907a 100644
--- a/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/OsgiElsaSerializer.kt
+++ b/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/OsgiElsaSerializer.kt
@@ -23,8 +23,6 @@ import org.mapdb.DataInput2
 import org.mapdb.DataOutput2
 import org.mapdb.Serializer
 import org.mapdb.elsa.ElsaMaker
-import org.mapdb.elsa.ElsaSerializer
-import org.mapdb.elsa.ElsaSerializerBase
 import org.mapdb.elsa.ElsaSerializerPojo
 
 class OsgiElsaSerializer<T> : Serializer<T> {
@@ -47,4 +45,4 @@ class OsgiElsaSerializer<T> : Serializer<T> {
     override fun deserialize(input: DataInput2, available: Int): T {
         return serializer.deserialize<T>(input)
     }
-}
\ No newline at end of file
+}
diff --git a/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt b/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt
index f1d5175d3..249779ce7 100644
--- a/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt
+++ b/ids-settings/src/main/kotlin/de/fhg/aisec/ids/settings/SettingsComponent.kt
@@ -24,6 +24,10 @@ import de.fhg.aisec.ids.api.infomodel.ConnectorProfile
 import de.fhg.aisec.ids.api.settings.ConnectionSettings
 import de.fhg.aisec.ids.api.settings.ConnectorConfig
 import de.fhg.aisec.ids.api.settings.Settings
+import java.nio.file.FileSystems
+import java.util.*
+import java.util.concurrent.ConcurrentMap
+import kotlin.collections.HashMap
 import org.mapdb.DB
 import org.mapdb.DBMaker
 import org.mapdb.Serializer
@@ -31,10 +35,6 @@ import org.osgi.service.component.annotations.Activate
 import org.osgi.service.component.annotations.Component
 import org.osgi.service.component.annotations.Deactivate
 import org.slf4j.LoggerFactory
-import java.nio.file.FileSystems
-import java.util.*
-import java.util.concurrent.ConcurrentMap
-import kotlin.collections.HashMap
 
 @Component(immediate = true, name = "ids-settings")
 class SettingsComponent : Settings {
@@ -46,18 +46,23 @@ class SettingsComponent : Settings {
         var dbVersion = settingsStore.getOrPut(DB_VERSION_KEY, { 1 }) as Int
         // Check for unknown DB version
         if (dbVersion > CURRENT_DB_VERSION) {
-            LOG.error("Settings database is newer than supported version, data loss er errors are possible!")
+            LOG.error(
+                "Settings database is newer than supported version, data loss er errors are possible!"
+            )
         }
         // Migrate old DB versions
         while (dbVersion < CURRENT_DB_VERSION) {
-            LOG.info("Migrating settings database from version $dbVersion to version $CURRENT_DB_VERSION...")
+            LOG.info(
+                "Migrating settings database from version $dbVersion to version $CURRENT_DB_VERSION..."
+            )
             when (dbVersion) {
                 1 -> {
                     // Checking ConnectorProfile for errors
                     try {
                         settingsStore[CONNECTOR_PROFILE_KEY]
                     } catch (x: Exception) {
-                        // Serialization issue due to infomodel changes, need to rebuild settings store
+                        // Serialization issue due to infomodel changes, need to rebuild settings
+                        // store
                         val tempMap = HashMap<String, Any?>()
                         settingsStore.keys.forEach {
                             if (it != CONNECTOR_PROFILE_KEY) {
@@ -87,7 +92,7 @@ class SettingsComponent : Settings {
     }
 
     override fun getConnectorConfig() =
-            settingsStore.getOrElse(CONNECTOR_SETTINGS_KEY) { ConnectorConfig() } as ConnectorConfig
+        settingsStore.getOrElse(CONNECTOR_SETTINGS_KEY) { ConnectorConfig() } as ConnectorConfig
 
     override fun setConnectorConfig(connectorConfig: ConnectorConfig) {
         settingsStore[CONNECTOR_SETTINGS_KEY] = connectorConfig
@@ -95,7 +100,7 @@ class SettingsComponent : Settings {
     }
 
     override fun getConnectorProfile() =
-            settingsStore.getOrElse(CONNECTOR_PROFILE_KEY) { ConnectorProfile() } as ConnectorProfile
+        settingsStore.getOrElse(CONNECTOR_PROFILE_KEY) { ConnectorProfile() } as ConnectorProfile
 
     override fun setConnectorProfile(connectorProfile: ConnectorProfile) {
         settingsStore[CONNECTOR_PROFILE_KEY] = connectorProfile
@@ -117,7 +122,9 @@ class SettingsComponent : Settings {
         if (connection == Constants.GENERAL_CONFIG) {
             connectionSettings.getOrElse(connection) { ConnectionSettings() }
         } else {
-            connectionSettings.getOrPut(connection) { getConnectionSettings(Constants.GENERAL_CONFIG) }
+            connectionSettings.getOrPut(connection) {
+                getConnectionSettings(Constants.GENERAL_CONFIG)
+            }
         }
 
     override fun setConnectionSettings(connection: String, conSettings: ConnectionSettings) {
@@ -126,7 +133,7 @@ class SettingsComponent : Settings {
     }
 
     override fun getAllConnectionSettings(): MutableMap<String, ConnectionSettings> =
-            Collections.unmodifiableMap(connectionSettings)
+        Collections.unmodifiableMap(connectionSettings)
 
     companion object {
         internal const val DB_VERSION_KEY = "db_version"
@@ -139,16 +146,18 @@ class SettingsComponent : Settings {
         private val LOG = LoggerFactory.getLogger(SettingsComponent::class.java)
         private lateinit var mapDB: DB
         private val settingsStore: ConcurrentMap<String, Any> by lazy {
-            mapDB.hashMap("settings_store")
-                    .keySerializer(Serializer.STRING)
-                    .valueSerializer(OsgiElsaSerializer<Any>())
-                    .createOrOpen()
+            mapDB
+                .hashMap("settings_store")
+                .keySerializer(Serializer.STRING)
+                .valueSerializer(OsgiElsaSerializer<Any>())
+                .createOrOpen()
         }
         private val connectionSettings: ConcurrentMap<String, ConnectionSettings> by lazy {
-            mapDB.hashMap("connection_settings")
-                    .keySerializer(Serializer.STRING)
-                    .valueSerializer(OsgiElsaSerializer<ConnectionSettings>())
-                    .createOrOpen()
+            mapDB
+                .hashMap("connection_settings")
+                .keySerializer(Serializer.STRING)
+                .valueSerializer(OsgiElsaSerializer<ConnectionSettings>())
+                .createOrOpen()
         }
     }
 }

From 3b79defdcc7850485fca375df33f16a9a9d6a876 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 19 Apr 2021 15:35:09 +0000
Subject: [PATCH 236/237] Bump ssri from 6.0.1 to 6.0.2 in
 /ids-webconsole/src/main/resources/www

Bumps [ssri](https://github.com/npm/ssri) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases)
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md)
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2)

Signed-off-by: dependabot[bot] <support@github.com>
---
 ids-webconsole/src/main/resources/www/yarn.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ids-webconsole/src/main/resources/www/yarn.lock b/ids-webconsole/src/main/resources/www/yarn.lock
index 7ccfe35fe..5e7ed5719 100644
--- a/ids-webconsole/src/main/resources/www/yarn.lock
+++ b/ids-webconsole/src/main/resources/www/yarn.lock
@@ -7415,9 +7415,9 @@ sshpk@^1.7.0:
     tweetnacl "~0.14.0"
 
 ssri@^6.0.0, ssri@^6.0.1:
-  version "6.0.1"
-  resolved "https://registry.yarnpkg.com/ssri/-/ssri-6.0.1.tgz#2a3c41b28dd45b62b63676ecb74001265ae9edd8"
-  integrity sha512-3Wge10hNcT1Kur4PDFwEieXSCMCJs/7WvSACcrMYrNp+b8kDL1/0wJch5Ni2WrtwEa2IO8OsVfeKIciKCDx/QA==
+  version "6.0.2"
+  resolved "https://registry.yarnpkg.com/ssri/-/ssri-6.0.2.tgz#157939134f20464e7301ddba3e90ffa8f7728ac5"
+  integrity sha512-cepbSq/neFK7xB6A50KHN0xHDotYzq58wWCa5LeWqnPrHG8GzfEjO/4O8kpmcGW+oaxkvhEJCWgbgNk4/ZV93Q==
   dependencies:
     figgy-pudding "^3.5.1"
 

From 4f3a77c042d2889143415839ac042a471c0e2b84 Mon Sep 17 00:00:00 2001
From: Michael Lux <michael.lux@aisec.fraunhofer.de>
Date: Tue, 27 Apr 2021 15:02:58 +0200
Subject: [PATCH 237/237] Added examples for version 4.0.0

---
 examples/trusted-connector-examples_4.0.0.zip | Bin 0 -> 34453 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 examples/trusted-connector-examples_4.0.0.zip

diff --git a/examples/trusted-connector-examples_4.0.0.zip b/examples/trusted-connector-examples_4.0.0.zip
new file mode 100644
index 0000000000000000000000000000000000000000..b88f64327492ec9347e54394eda13cb828710a06
GIT binary patch
literal 34453
zcmd42V~}m#mL{CmN!zw<8z*hswr$(C?UOc6+Ri*_+w6SbTiw-F)qQV$@%`x?F=Ow&
zR>Y1O@nDSc%(dmDfI*M}ARr(B000EO*T26AzCRioJ2=reI@vlHJJK22+BiB}8#~Zg
z8oU2}iPnyRQF*~w2?-Vr%#O8%0n>cd44WWOf{25aUqdhsR)munv<S>9s0d01JFl=q
zNJC>LpAak>F(AM%XutBP^Wn>Gn&-)V>f=@D&#{3&fCX}l44NR7e^0=+DaZ@}l%10#
zK6ds-E_!gkzsjeo0F+%`tZxA%zTfGz$AhmdIeXCMHaIXqfB}%eTjTbqJ(+DWu)kad
zI(8X9(;G&(si@g*P7A|8V-)u4==B<<qs~##Bm2_Dy)eH`U_t(4YD{+dZQw*m6zhO;
zyw>IV=QttW`3EixrWZEd@KX4R=nyYw*b@<7R@N1pq<b?zt~36#o$5w1%7Y1=q)Ap7
zERv?XGD*H#<T-*Ro(39JuQZJ>7M~Xm+1h$a$C&gxq$?0M=dEJipyN~&9@^MB(GN1)
z3<bW4)7l8yl@{T6P#G~P7BgX&FkGv0#M(e(BR!U6K4z0!F!oEqgtCa1SjA}5;j23I
z*_-IutaD111Svm40l&zA#@m<?uVM)QorY5n`>Q;ftv0~^WnnnYh(pv?hsGz>k&5sl
zimYs6ynsQ0gd`98Q2119D3c>|o}n+!n`X4(#{$l!?&Xi`9<#M^ik}PW0;|_qln45l
zQibEyz#;8f+cp5jzO%bbajU_JOBgO=zw>}uC>`9jM%6XwJm#fTZQm~w$Ay9$@}n8Y
zNLOAXVTBVL9OYUmYnkfdE$h^5ML~d<iEkzYZGTlc_|sB6+Aq0;&qpcwOt&;tIrIJ=
zC8o0dz$STx{Yf<a082Df%8KCwLvD>|O*$Yq7EnV#W6n$9*sw666TD_mXDd7{G7oFD
zbNF+^g{PV?g|r&0WKD8hi`%lzI(LBbqzn)6Oo9<Unsd2Yn~SKqmBn$FnG7o0=LV)`
zXR@`GbFv@%g+qxjv8Jbo_1eSbrxUNWaB?-efB9$2oX+pKnNs-L1B&8pDWtx4Ppw5;
z*3$!L6zK!cUtS{{tp>AjZaI<&+bgWh_`jvCYPgx|7$+<E^cgIr?Wu5Y6(=XgITIbN
zApXQ;9u|`ZV~zi)ge(#htG(4^kpDR(3!W=G_&&-JIdvplbT0;0l*TIwkg_-3m{|-9
zTb5SRQ6ip;pTCR)snUg3AwI9GQ)tn>rC$d`<N@0A^9}`)EE~=R#=fRVbGxo6e!{Rp
zsV2LSR>U?X#kd^>t+70*_!&QzlD?HEq0jviMKG6%hp`SKbU{UO7*nEsxH)O|kDLQ>
z{(8dfy+>~S<-i1IPja*;2ZkFsZhPQVnXZSGUHdC6U!133ZS_%F(@p{QOLqsio&OM6
zhy>HlxqoOD*0CIGmwE&m_$E%7iU(L@mr7?3*w1ihT}hJiTe!E6g?kqEoMWfiVqs!4
zUF)i)3J;vb#$K%c02J{o{d=jMKFtJ&Jk~4RIlm-4^<$8ht^}ZJ5cixjixn&9i_UiJ
zhPxAv;*S@C0<NUQ-})SoHQv;@IYw8$x+su6+-#Pci%QjH-A!YiOqBrHn;wL;ZZEe#
z^9nu!Y46jQqD@+dO)=SPmreZp_eft;yDl~DG1F(bQkqzSiCi}wdES*Ohefi1#7Dq-
zq)ODTblS%DHE!5<^=@6<5k^o0LmGfh2kED+2y1C7GqzB25e*p#R8HdUoKhX=P={ws
z3>B8r6+Vo^t+3&zorTykRS%E^Sm>NraU-i_EGdt9&B{621$#YM<}uK85{Qg4*>i+X
zA(h6Tc|K6JFm)WIM(SZVqE0I>!j`pC3agTRM|$nWP%D?ot+_qU2Qt)7wUJ??K0^ca
zFyLXSAIMUknIIrOeBBCx0lwJVZoqq+eapl?RCy{zmL7O1We0jr{q6Gf&5uTwvBv|2
zd!uU)>D)0RGNkC=-V}c$5j3`ox{FZ7LE!-+T;i;Z(}cMW7n90$a?2j0GH`rM0gXvN
z@)O8f8riw`P$qKjI;g8<>)Zuz#(J)JmHEcW32eT>()gdggug;R6&QpzO}lLLz%w{*
zQ)V!{Q8Lf`IKh&5Iz{iX?QlS)DqV{RnXS3BZipn0w#{hR&*KX=XlUsQzr=z#Rw+#@
zW&QJZ^off~<F-Wu>g9ou0pT?ZgxOp>TR#zQtPL~qq;+sF2y{CXm!)XZVe|XhP^OT3
z+?86!^p>a6(2}7lcY2*Ss)kU1P<fPp|Cb1@w58_gqqt9`@rB93jo#2RPvCZa*Q+Y)
z!W@bS2hajbdDUVMljTVFzEV2by!aJ&Ofx>YB175Jc_{9zWtl>vXR?>2guU9G5NwWz
zq(KRxxB(aI)}y?J?{D{6S<H%VlDo8Xc5RolN>WnC!y7Y$b((van7%MlHyAHHKJxJA
z>`v9kA&(md#j(e;x5ns~MV$AARN%%3Pap0b%6?U%%2>{NeRkmW4V&a)-T{PEiX#xg
zkx=ak{>BAOVGRIx6r!%hxH1MLi}W9rc`Nm1qQVqHajd|6eDwEGyWj)d20#+fTWRtu
zkrY5pnmyipFE|<9tmvp1XPYEd?9=-l#KYSFB&j6voXxxu4B<mm)iM3*W*^wKaQ03B
zw;{ifZwI1s4H;|VF|gI+e%&Xd52Kn;v2=96=Y_LbUEZx?dDI&^$0%1Qvh>N)I{bP6
zJ=JxUjj{bEUar~vHe^Ow*Pk8plN7K7$qR}$tdkmGWzjzE*s^Jun3iJt^rmGb)R+w^
zA(Kei%=eUqo6b2&b8t}y6jn#LMY9`x<K#`nJ()u$X`w#_<@(}ik{V8Ke#_A`+b7HP
zIL|=}G5$Rcds9HJ3*NN;_pGR`f7A>jmX{glp|o00En1_#oaezrxFl^j1`#I?O#**I
z$puwaSb5esgsUT8tSx6^LE1%e84ve9YX>b#&IkiC!02NJAC#I5eYbfLE(hk=#`L3R
z<mv5IsYIGxDGnXvi;`{)L4HfvO=|SjJJ;I)CtA~4W+q}lAlQ7&%w_)6T4%jUe^0%s
zKJ9%ElnNb`E|qb;kg(LcNm&)139VSN6k4iE!Ifff-R$g?&7-{IePFPEg-0uC<3u5Y
zcOL!j<~r$$b@POXziMa!3K4MPA=NJRNt{edYDjyOht%OHdBQ|O#KZ21M+$30j%T>M
z5pv(*NiYuF0n?S!4*X6%aHLSRPt$~>vT{~o_sfE22S{7XJbWsGz0Pk*hSA6Rg2x%P
zmh(b#fmFekn1_y}LL|Rz&|KT5gy<uWF<M8%BEaEy^V(+~our5+KD9>;AH&Bx<>uYH
z3{KcH%&G46p=3%UAGDz5#8yK9W~&7~v)<$*^D_kwC<o`uN$F47Q|QhC_F;fC3XF<_
zm8Xf%a(`k_R%t(+R{1@TBp)l!L2nO#IsF$mD4wI>`$-4O0Fs-zt%bxpZExMN&npmz
zd?xqcYI6iT_Q~5&L~St|+5FXkF%YoFWEjZ&fe|b*3j#=hZv2)==a0`xt__n=<$?;9
zPR0H!GB}Kz*lyVRl9JD#hj&F<zx)tCYh#+QQ`rU1$2>QEO2e}mZ?Z<4fL3>B#Yz0N
z7D$rtBT#|5M}=Yb0TumMI#5B}4e-F+-F}fBd(+DYN23G@`{f07k6clzWHo(JzR<}@
zfkPw#J?8sE0RRMlFS-AAKWpb;>tb&7U;0^hZlowY@asvFRjp)}v3Si8s{<_~(Wteb
z9OKDM@>5|NKYmZ{r)Xm02EjTcaj{7|5}Oiok9lkmtWV#0eAFDpUY)(Y`ta6X_1Ge#
zpbmqA<d@MKLLg&=$8H>g;{u_|>1*gw{=C2!%`e*-`cjSqqI5gQ$2<fAf?ewU;>jPx
zuk*$8;)jp~m`G&arT)c1WHmN41PoCe@MCnD0d;-K)rsR*e(Caf!s3xoa#9?oJgnzX
zou_oS4;Rit<&VBWAMZoa#GKOCxs_jV{RY9(yX{GX5x5?368(CM8W*hSL;;D2zj3{A
zS+KV3^My^R!JyK2&}pk{X=;hKHNyV97>h9|l06Ir{jrfEr}#ZQ1+Yc&FoMIz&CaLw
zi-M@)P!x&bfE{|{I%yaUaXUDRr7(}V-4F4?oxj8<E35X;CWJ;i%UR91w?<TDb6104
zjooXe{|(Cv9FVJNYBr1ZZy1TBSC{7lxWj>)^=YMX+&?L2(USJ+803MX-gK6q2oF$`
zPTq^+QV1r{g7bUfLtB1m9OWV`Ia^Jk8s`ZGupkmmEL|&EPLXCX^N0>P?YfCje5r3L
zY}zi?s1)8cOb%z3j^5<l*GA~(5d6$9OE%Qz)m7TU9_&@=!P_WizuGyCd`G0`ngjdm
z9Mwj+f3>~hw_{22WHc<5|58}NA=xe(c_lq1U68GU7l}+5b%aY+?$;c<1It0c=}2*5
zO7+&O#AHPLv7VkPYoS@3sS+YHVPf{#oH{>Zoi6v-red*t@AfVaa_=9qVtt#A<WbAk
z{l3sW1R-T1tZ<9VxJ9TZmYdWlSNCvmOq3~F7~jOg+XRFcJIOi<vtD7W(`3z@IY3p4
zpH8pG-CTnwTJD6mlIFhX%g`SbxSYb};8<mz<*A;L@<#ds!pZsvOY$bfU-9P5+qP;?
zn2{Fmci5V`o(`%G#2)*2D<!WmF|Jf(G_tG|yzsO;Jg><^57%I~A>A1#k06^?mF2=v
zPI?x|86^a7Y(JiFm+rzL@R3$i-V^V_9hUctgr)N)EV-p!wa3?4<HB7>IMiCieb3f`
z9{qq}*W&o7<5d@cv}PbM=e=Sbgy4)`2V!Ha!7>opXb|p0R_rR!)62<FaP5Ys%48c<
zb}e#*E`f%IEq`3i>Lpv(%6>$q@(sNjc%0n1AM6tfm=s1nR||Nr0o&H75{fiaCJsw%
z!-!UPn_^v-h2Ia=M!`NMk{vXq<tn$JX!+?5&^1UJas)W|a3CX!HR@3k@&T$d);D6h
z1x@I3W0%AXe}XPy!@_8;rKoL-j43YF`SVc{h5(l=ztK&ti?nr{R7sB+cTOZ>ec(mS
z>dvU+v$vY*x-Lqd13all5}6jrAJ34FSqQ$gK+r~^St<0-x3}!thRdHe)yenKuGya9
zrWr8ep|>e`9EYABf3ytf6QbYa7g=5m)2hPO3M6l}H&b8m4_UuL(w^8eL?VImX3z-W
z+OnqpOc;o`y_O=`K#pz@`#C8P|IXM)!Ae!=+4M8%R)h2l>b(#_-gxry#AcfVhswdd
zvQN>+REJ?}Zk6V-=52xZ-UZyS2aXqE2gAvLRkekYIPc@bmqa+vwUO^EhOwsf52~4h
zjf+rqCCERJ2+)x0%R1-Ke(Og3nw%>gj2P)q_P^)jz3kF+iX8J3k=cmMi)<@i(Sbd2
zs`_)mF)g<Hr5#zRqM$3#@#>QfPDvkx5hv;_Wc=#pqnGN7n|U=M%3H(4xYRi4bgl@j
zN>?H<5%nH*GM!&ow(<HU7xxC8Htzk3FNzz*9rVQ4+2^MP4%+|=@cs$+!0%gm6g60<
z7RdwUTM1qg(9tSR$j;j**|j!XfQRSRNsOCjQq`S_&Af6b&Cn_)?Tr;1a{psB|5drt
zjS!_SbQqwOkxIwW0$6#O-;ve<t<NgJ*C(<H)hqAkpX3E;z#`0p`bD`rWu^qrQ_;(e
zFeH1b*^XQnw{q=LZ+MO#+#3$`q-RDGCEbwqU?yT9BePJDUb&{T_Nq|RN=vm>RZ26&
zDO%znSDXFmm*#th*3!?h5L>Bn4^FA<yz-xKan(PeE^~NC=|4M0Sz`Oia2s=;nW@(T
z@){l96rb-8B|REUqC=KSV-9H+;*|cp$38iDiTx6^R<nMIq?5tJ&=p2wgQ4qUzL}M?
zcTd)N;;D_GP>M~iATU=}GlA1gU+U<Ai$`QT=k3%-d|q!S#EwS#QKyKv>^!2IjC7IS
ziqYj`g_LrJeQ~QnvPU-485t}qebJ{Ob4x#ra6eUv6#cpukd)DwIFwo!(o3rVaI!b5
z8t3bDSibg_-S<Q67>*Z`4Nu-A6?~r9YI@$hpp|qbf<By}H=oWcclNee3-j5{Acnq|
z(ei9>J)VtrP4|tqo2gbdN4nGcu^UqR9a}fI3)-5>lM`J<ukbjzB^RZWhJv{I;X_p^
z=u;n2b)v;#N<DpZ>0a1Fh-^iX0TtT?v>5SiWE$m=9^*QK+Fep)u3x3h`kE?LQgdS?
zOCSa63pDw$-UW>OzFRTTwu_>`3xC0C+dmR~i|oF8vh(0!b%iiAzkyV)d=7Sn_Qc?~
zj4}-zBEb?*yoC9BJ4xl@uh!3VMGGTJCR0{2+B%me3@eJ((Z&E`->`~pV7)2K`{G~g
zQk?JRsMB!f0nNA^+tt6Pz=vwpn!y*V5eR&#O-3T1Z~cs@L&jBzeU0-Vx!)y;$3_x@
z$XH20j&};gbmG%d+a|ZB1Du=~Ui5El7wIHP7G+|W=m;o%$|dUFqXQ9A-<e}xzQj9H
znj4hJZ5+FFKQiuX*?Ef2D3T@I?Zdeuln&y7;`s{QMt>`kDKe5R@U8_}Sv$w9)l!Lk
zq$IXJ8`B$1!b7AofDidW*UEWBVHd1$+1rHel@iWl=U>&~DUjPHRpY5QS6!O25ub*i
zrFl;I2bxo+jwKw>KB^2HU|bG&32?TP7MD+NuB}8lR<|&T>x#xr-J+bAo~Wwq`u(KU
z^$@xGQ_*>`E&0ANx1JKnhf8B?VRW#Z{3D2ch)u@52igu6%E9rfr%CfFtpgo5%WQZ4
zE@`GRLO1Nu_qK3c<XKHv@Z}D2wSTykg_qX-$vxGiqMWHwZ+sqbfO*R$(Ud^1dy#S$
zbLt2syoif>7P&EnFdSOST_`p~nn$(q*dJ+l39QzN#%@bPqfq+|S?lmYE;0lSY8M7(
z8xtQ{@~u4lVe1|OwsOJfYc6@&(zqE>g6X*&D7>|$Iszva0dT+3ps~+tJ!|ktSIPVb
zd*=RKxfsD!>K{6ql?!8DlwcwKriOe_0hgBY0b-zJ@>csylDd6&z>21f7g!pYf>sYM
zXsu=zvYlPQgZEt&8+7WV%W{{!ho@9;j^%Eo#cNXQifx=L!#q5r^u)&|tVn0(TD}i#
z4wjFyda(_R9z9ae<mw6kG5(aBL*1Ie*uC!lyZPX_w7R;f>3LRXGmfMQU*{lPA)?-E
zDrekj8!YjP*BFEk>7nK{=0aL_sOSVi0fG%lAp9Dn4FGyCmP_U<s%0*<g(DUp#fs}B
zY77qW!*rQZ)ZfZgY9E?ozJPyqv>&;aoPqzcqs9DB39XZZv!m1hie>@VAV{9*10a@w
z0D-^XV!<FOL&QU#U;x1Z^8z6JKms7VzAw9dFQ<RM1@?W*`1_JR5Fo(!o5sK20i>q@
zgZj5$fCdDk#{xlqI2ojL^L*CiFDW}v{6UTdjf->u1Pm}B=NABhUzc9Z+$b-yCKiu}
z2b{*i5>MHH3{cIDLX=!AlT;!C4I$C?<1#t|MQF{l!?Ok+B`u}Ab8HIwfv8;jEDpK_
zy{OQll5jvyG515avy{HVdHe($adOhKk$$KRI}~+j^z%=kTdVGVVbf^ye2n2V56+Rs
zK846>sMhqc$ohtuPbg(uu&P2eLlN$al7I4#IRcoMc(gxg2$v$lJ~a|#{3o?vO*KQx
z+CF1Ac9&nQXJ6KiE%>uG9T>7iaW^c12pa;5^#B2<+*Ar9#D|1Ni5gB|5~mvJM_@b{
zwb5nL9`TISR=)jV*xnlOhK5!TRj|dnRfTbdzpkf4V)wkstHS37YY<wDT7}gPl>h(~
zaHEB_-R0LFseN;<Q-)j{#Agu!ytK7*x<L}kw>Et}0?t!~oh&LoT)D)RbMBm36?&QA
ztbBVFWh-+71WXsBk2bTPq)3Y<*&FMhsGnlrk!kXAdGWjjM`2)(H~75_l+D|MTgC2g
z`F;S^@9Sj^z0rrTL_4!B)=e!bh$;9t16mnjJHM}oMM&kKoHEE@F+vpW<I(=$(Og+X
zvsU;2(QQh48Q(c1!_^pyLobEzyuUT%DJvC1axoXz>0AM%P-n0_OPIM00?gYx%VZYj
z5dap8u~g&5eKdl)k)WtZSs*N|;;R`cGjZ7}k-5y^Dk{vfFZ*ZK|JdgCk+gyg`REp7
z-litId9xnMk%0CIHSs2d)cIs^LLo?UOn&-~I9OCv1HVQm(qGLv(u=q2@Zcd|JuB*6
z`REpaf+upV7dbEjWKlB4*qD!LV)pahnat8ExPv|YqxgaNqnv|N)Bws5X=5>{xgoG;
zZ0cH1&+z%QXHREpCt5tUK+0Fqv79#GG)mYc8X)tc?zCn@l8cSLfp6)F8ev4yAEx8x
z1zamQOSW)~T#_s0nTPr)UwUn7KX6#lE~k%hW1Y)>vBo3@|0VyD59&K>vkWssIFY!w
z@kZN%L?1v9e9O&Ya7ENmHZIDKUY1%T4cb`CmgkC1fjrOUm7y2k3>R!ga@52?$%bxO
z6vN<6n=(%e5*F;Yy!EV=-WFIUdfdw-B5R7UB_#<xGf<K=TR_>0Vi*+MgL|_gAyrE!
zvhhm-4X`i6!My%y)vD{bI4Yz;MjS3ChcuxO8YgHxkFN{~d6Q8P4{_)G2R>mA*r^;;
zx+zIl>`FH#cWo6D1N$MQK=m9m=xB^{b4qvLauxgu&bfDU43@U~Q3^-O*daxMg;2+;
zbb$qQ$AMcN6rzynNn*~;J{4ZlxYsjfeCV8noVl!TPvxb0qyw^2o7X{F!hjB&i;U9e
za+F(2Q~X@&+7}DIxHlAo!B8Q<^oVU@sK}4Jiy}IxzbgF$Pel<vBUsTnei!biLv!F`
zmknc|{vc&n=F2UUI>pr{9l>zg<1eTYYM?aE{-~}UuNAlSL^@R!s{vMchs7caOQ#7)
z!Xl|$YKKoVV7*3qM;lkN8UcrC=u!0j2`(C>KCT5hD~R|$W}rKGHT^}!D&_#FqV1KL
zX7udME%v1%*UV_4QzNUi#Lm=ia2nD2(~~c6_iLbNahx2D2#Nm0yev62&lk&;O4<nt
z&g5=3DP*nVW}th28xYW-w<LO|rcB-U9**&x{%z*$V~x<{_IYItYfn!i2(2g5!|nz2
zJhx2T*Y%!NB>)P5B%ik}EYjW7O|W3PntYZk+Z?fJyb;XCNs5YF!kn7XjR8l4a9R09
z9yGi)It14I>K(4`=6LV2KmI7*#ZRc8(32C8ez|KR-TGv*jS4GY-mBp*ALHV!HlHO0
z%E3}QKbBK6nmeYbqiU4A)lnfW%38|m^gSP|RBa0$NlJxQspPVi1mVSC*GP)DElmfj
z+WmPTJv@SfaEE4E_Bo$bj8_e0b7s2LodD&d$?d4XiyzS=$Szl&ED4F9m^?1$Uk4(@
zFKRJx;ZwRuLNInzM&Ma93=m2rpYv+h2!C+tqTLi9#4WPyUEhW1?puXR5d8X7NqFPc
zmqCTQy`{d`9NU>~MPArd0R1v(wv#tU=%^e2aHxwP@+Ic?-p40-F;cRp6^>JJGg<hN
z$uNvm8#Nin^~mMU3sMI2YT*-1o>6nlmDjFpU_RWC&9R8ARMTX+K1W8fi@DA|hr-BQ
zcKZ<iTvF4*QMM>q-s{CNu5uGZ|1*jTE^MQFjdTKNyt^?8ZBTXbA|z5{Jv`^!MG^}>
zv+FR#9sh#WDbj*`{DU_JYOB<Zw6ynQr3KMVU4sUxsMPT`7y?vHQE(fje<;H)yCVUk
z<(0IS@r%fUq(?x$RMBU+vczK;BslRJYo#B}639zVa+Ow<4`K=oa>;5~Mc3b)!gZ=f
z$lPLtf`bzDr~uH?4}8I0U>U2bO>WJ$Pzg(BFP<Nr>JM84tXdR-5+7D{SA=yhIlxI_
zkZ5A|!w+FnqyPi6QUDxj&~{$a9X@nepmSs>)cpH4DZPjiNj+KrmmM%p7{KC!Rm5Kv
ztJ$8vGP;5FY+kMhX%c6C5G|_StU?x}?V56UZL7@Ur%1&$z0;+{R1eu}%LUV2O-2D{
zu4mbHPgQTN#J`T0TVb^eN}*d=>TA7kZ%c@gzyL_-9?BuDB4_KbjGsikK0-x~3A#Js
zgV*x3T}|&oS=aqS<?3vm>HW26(2QJkpeYVwqtAd6W<m}CBOu#2oV<ml$#4yB3Svk5
zNdVWMrD2gQJq!34#df?ktAjCN80Zq9H0Q@~FI>Ux^+j?7(w>gfa!OB4&r4504+#cJ
z1q%#>2?_v$Oxy%RwDH`Ois2!GmfWI7(#-m68wB}js-ORE*bb5tTJ+C7=kctSM5-qc
zFkndDUu}|jD*4&=_sR9z_xisFf7st`lChh<wVjnQjj6GdlevxQ_nEf7gOjll9j&pA
z3(oI)*Z_KD(3#EJw(!QFzQufCd;dXyKr+EKO?QOXQA>&aE0&y(tl8-V1auOH!U^GY
zofRhF0?dF{wu@coO=hI`pJy%bvdhh34et>}U$-3?iURP3bQUA!7+Ozenf0zu>&+FF
zuRs3U^6+LmzWMittiIR(ealq;WXndjhL+!{rJ=30ovouWt-HRpmA68l%mzJt*Oh9N
z840cQ1TDV5Ew&t;$f>`O?P#+pnk7ywOAd$%%2!O{j8$C2GkwGMohQ?teP|Ys2+UFH
zQDxMId!%};3c&Wx4Mra#QIVdJ)W*AC$Qn5Y_9~A9K_NZp=!bl-7(pE2ZS<;s{WYy>
zmp`p1x;%^~tF>1NO~VaFHKI*p9u=CQFx6n;{#(x*pDSFC?<OD5*2hBf04#8EYoEk^
zUjDHiyRkhluY5l{Fc*~dyerT^MP7|^UiMr>xY3GC(kV2RO(Eub#hc4LB0F2-sKS8)
zt%<VaGzpffCpWZQ_EKi-PjZ)ZKI4=$&MTQrn%mNekP&T%m!H@NP`c8IKq|&AtkxC$
zOF{fer^}>X$2cYYp>(#eA>nE!NbDWmZEZ{5>|6$|nd{M)1JE7n+f~kZhbxPV#g_wN
zB1vewAN#zEh@c!9*LdLceVJbG5QUq}ai5jm1|`clX^Y&`4zMHLLQB`FUF(0i{=$;<
zE$7h@5CA|H_@80P{7<m_pR_bLax}DKq_MI!)VH#-wY8&lv$i@=ma<*rhwr|lDp@CI
zTj!^X4ivB`q)ZM#7NC6ibpvap?76(D4J@DZwRN+`A7ze6+vU{mc62kz7K<aAD4o*>
z6`ia>Vg>(*ktf+4XOUiq=eiv*ZN+#Qec6ckgD4reL6ub>ZVJU7xqA6bZoL?~SzS~I
z<>F@{N*{tA+~Y{*AQqJ-#F^}t@5&WiLGFB}`>P)ZTv0<zC2}l45%-7{_#ayWI`$WL
z{4>DEpXhRfZ7EyFNnE*Ba9g>9kR_f1ZS@9d`_c(ltW`7tD(I}2FO<=|Ab?tb1Sx|$
zGC7JgX!aYJd5zV~fCIR6!mZN_{qfP4eQ=ptSl=p=2ckO;LWpC)fQ!V_M1+JGx64=E
zmXn4b(0FCqcYluucH6c$TUw7cn|157HEkZsV1Wdxq>>H=<x3UP^!eSl%!Ll=jpiK}
zh|;AA<51#cOeHNjH`_AZ#*is;Alg)Ns+`ULQbX@b*bSmBNf$o&)JAIs`P!qMayps8
zbt=1IUn#b&tp{5HPKRo9&y?I4!-msrq~{Eso2hUvVnOcH*V&k362&BEP#=Yfz;I2I
z^KqNH+il<{Y8D6c=A`@a=Z5+hod$PHakJ>5NXQ<Ah7<|V<xUkU&uo@K)jg+A5z^06
ze|S4@oFfjDOLt_Jm<#sVS^mPGbOg0T#8xsK^STQv08d76M?F#(w9`2iza70H2kH_-
z=be>{>dYCcwuO~HFUBRzId>!f4AEy`pV{2j-$muIFm*GHXd2UtwD&J}DBo4E(cYYf
zem+qaPI>T7v@3V2PYU)*Iz0QZ)S`yZmrog(MT~rA$T2-hV<W~q-f>)h{5^ak8Wue`
z1AWu_pSmj2|3>S7(D(mUGe!TeJ5>-75SA99wKhstlD1u^hweI4g&!pWJ%?VYA8AHs
zJ!ixR_FyrbZ<bSM7N#`+{4g7l=_>AB$|RBZ!t=TX>*l+}^YIDEc;gk*E%b=tuU&!j
zA8gmnPCY}!JmrWWRSEz@>EkVIO4{M~AdF~<7b&mzVNj^f0*To=<<y7^860N`&34S3
z1j8*K!bU#bp|GGxib)#Bm~F4+4M)X~kSL{11zN%M+s~Q9$?9~OpDhD41Xdn+h-9gM
z=oOS}xjveTYTz=&!-rd(;&CQ&J-Y!$YQe_|24IH{l7M1&48fiDt5Cy24P2H$#mojI
z<9d9vZ4424Gc!WP%U#~z7#W?VT5L4pk_7?B<I~ow01~aAyMYAa`(d|4K&8~urh4CJ
z)XsyEZgR0bVQ*>3{%Uf66|(1x-nQ{s7reUW-SlD9pB399ZHKg7Y19Z}-KRcG(RE-9
zyPi6@vOo@H3%Ca&Sx^X$U9Lns8OVg4qQFJIG=>G3Dqz^OqdU<&v8~sWdD5>9yzT(u
zg&B`_<Z0u@)g##MS`$>d|1jKeJ8qMm0=0#)RdFwPq;Lw**=5uZ*4EX2H(he30!o~q
z5B(nB?{1of$G*l~kd9K{x-DvntGb6=DN@$kqA}zFrasyB3z#AIycq`2GGWv9FR%9g
z_(gE=?bQ_^|IDkI{wr1fW4Wa<aIn=kGSqi;qA|2GH@0#5yZ$;W{DVbrs_<ieI)`m1
z;Bv=HLiErpemI<Zt%C9BVqw%!$lr%=kK1Bg=0`xQBJ|sPp2X6yqa<>ScFvy4DEkEL
z)Fl-FDc4P6c7qTc8mkDdx%q{>5`eOoepN<@B@o8YpjNlN3qJxzw8aG$&;=2J<V$B(
zQ5RK3im&3%X4l98$i{nPtaBfmgj(|REQ8(%k69Q<oCHnBO1Cq0W4C?1*17q3d>EQX
z0ErIx5)(&f{Z8#7BA(-NC=4_FfkkL^Ws(6c)T%SYtqn0r6He~3Ex>-mJe706bYg<D
zr1rL_3#I%r>rl&h(uZ@)%2U?a&Z5e1`~ChkQSxO!c0hC^yR}n!;V{Vgyn8EsVbDwb
zkTT|B8d;^&;ns4KMubE6W4LL|2{O~D6~Q?-pPv-<*lLQP8T6jl>0-Uxngs;L#|QN6
zJ}t@M6hEQSURI>yz>For8T@yv4%*Z5@{@@dD$}+8M;+_l9bjii2g_b#T81P!-C*dd
zVDrl>iCa|#$5TkoEq5s3YHv#5a^w5o&6d7t7GTmh=-*EX{*z|w{|o4j#ttsV4*wJM
zNGt~EuIXBM34OZk2@^iO8*8|HWQ}9}A6+yt)x@N@zeh7xVT!-HZizc41y2L(wi0tl
zq=+0Klc2RWbyz^%p<yG<G5t8WFW|8m1Y=ZK2R}@Y&BYaZ6W58T(t{`j%WM3kanryA
zuG=6f!k~o21@SA8Jvu}dCx04Vk6I_QLiNTo*6DK<;aJC6lOJ>b$%pWO`3adlLvb*F
zwOBiH#n)Y(lZ)GvwzL-(f14{Iv9HH}XLtJ#&^dv{B7}53gHD?2)STj5vQN^)OU}3!
zqf@wW6<n>{<gva%cVq~qww`sUce<LqyrCC}?Cj*|3fiT;`$Ee6+)Ef2+tu|5t!<e`
zSl@~K&1Ril+udx^u(e7Uxy+km#C<3p`WuqP3Nd?ta@AQl+mt*m9MmJzQG6Zf7ar&1
zL)~V@kJI;esHGD|ilGG|V$;2t2<AIV<wR$&yH*X;zd$d^SjBj*^HR&O;PrELZT<eL
zq$KE0u$2p=6ltq_ubO$7<tY?vpA+a}qBq%hrtt~-m(o3{7l8gX=oJ4_>HksRmV4j*
z^_wcRM1E@X<~?wP4Np)*T`-T6zO6_+X-rrZLSg-S-MO#sm_!F{5ifMklS$5@rLas)
zK)~<J-;@NgQ+f)@pmjk<H~|ErVLHE4+P=VeU<44=7(MrYg6ZGJMNs7hf|dxtQ`>0U
zB?R|@62w*Qdu-}2MgJ^p9CeOY!SEw0*8A-N!L>$cnL5+dFND~{K@Y+#Seg{cceV{D
z%ja9An}dg|Y;7+rdvjGp>>wBS4RwMVnhv=^nm^G?J{?d0{o)LBb!m+<4bs^Cn?Q5n
zVM^!>E|!gC;VCvd8q=sksTOU?W8o?fE@@eK<=MOx`62gL@(OdTBV}&**9lGc39m<0
zwlt~E@-P?lT<61Qk`;porxy;Z1dTq<{jlLyffW2V#5jdNv;(|Q+*dR6&l-NLzC7SG
zjgci$l;Cn>T(~9`X`q%TWRdlF)!Ny+Iy;v}s8961Eq+L%+(CABb;%D=mlObvQ{DKq
z3~PCPWSFWeJ6_`O46C~kH3YzLWyap%{ROd6IgWqSx2`|FyOjU?5cRJi{*P+5B>Fcs
z=ci`>oQEUtet;kEM}3?L?m`(+A^ls;P5P@}-5C;V*@7MjOP+IyM&_|vKqSDaY^llu
zTi~HXN+`Y9Ijs;e=mcU^Si6^4P77odJ7X7d$v^v%^P&G%v&Vl>Gv|82sfEG`*S<&G
zzo~h>l;&?WWB%#>Uuxc+K7AUPpT?_9Jqi_5^xQBkdUsVq<UpU{#_l5IEkYYlBi+d<
zNTC}U2VkK_l`d*wfI%92e$UJ3ItY1Nzy{ZW4$N@eQJNr-(r(hGo*b#;;*Odjq^p%p
zmfLXuq^iH+n=1Dr{VZjBHtE2whwX0j(uR9m4B7tWCi(d7-QBQQ#fNp0E;#b7=uk!m
z{!@q83Yz@2g5M8buB&Lv9WA@o$;gURl)w^lV6`e0Wxy#2HGICmcMYs=E-q$cOjrSJ
z(OspQ(C7B9uVXQ#t*(5lm}E<Oscdq&w$D&my5032{fOh(2y6+v6L*jAFNCoaK0+h^
zCBlsVRmA^kqWXu3|GjGeHCQDpNyX07!*@TarqzM76JPED$<INl2x7a)iwFn`Vr!Y2
zRZE|b?loywziy{<#_}qZOF7h=cE22EiX}|Ah)l8S$zx=L6`G;b&&(M~*3Ru5#nSx=
z)nmmW{@occM|pw%hoz)%t)21Et7B6XOqG(+WvDCCRj!+WlMuUZZ;#*xb`fL1Wp{66
z;7{0>hnLzY3o@Y+X7&tX4ZOHK|Cao-Cb6V|eGUXqpS(mbxuKROUKH{a8kb%zUBA$c
z^GYGXn*Ne;dwIiedn9$D{!3h$0!ZT$t3Iclj$}9CsI+aY3%#Sm{)C~~y!7!o{zIrH
zO{YsgiMmV08jx3-Fwwz<$4&yzfFrT|q0?T0qjvrcOerH{M@~o%I8Am#e|3IEbx3mn
z83%J_70{KqceiV?12gQphUszHr0bldoS&vtPTp76BD~i<#aa@}ziOPntaziJb~Ar<
zO~HhdHIz8)m{u?*9XxZ1%iRlXzd`E8?ANk@R#sWeKH$pD&1FQ7n_(xM#*W~fWNXjo
zc3)J(_Ke17qEG?Eb0&Z_L!UOOCJ&uo8k;v9@pwL=fE;k4FMS5}SW4)7e>D1T8~PxH
zSlQ?cMU8G?s#OO!cMN*DL%d$U-TH}wYeKyYX5FxYNPXz*yY<=R(_@tx*J}*2Rs6D6
zF03Sj>hms%n5u3TLotS(??BT&c;Wps`N5s_w2O3Ux@H5#r;Wl$IwFz=`}y}6RHr>z
zN%U<ny`cZhWXS)U6#R>L#meh8-xIy}5mk$gQZwA6gS$BeSaZBbd;&zUQialkeq&BA
z<zr2ABUnM0@0FYNr42!ad!HkR<KYA}wCHbYW5>F(sF*;R1z2=5bHw6O`|G_+sb^kv
z7|p=9Cclku<_%d!1*SW?=iUt&AYf!wjIK~T(RM=~I0g{)qOSAu7WD`>ht?gxyxVka
z{^6^wC3OHxhe#GBYYGAbpkNedga4#KY|rC{3&Pd=O{}L>ud81BO+B`CgCn*-LN}c&
z)dU&_4do6A2PMN}qm+ajouOT2V#(zi^j7Z8V7vvfX*!q}dMCsG;GX0ze+g7mrqu>u
zqTXhy66C!myfcJ(wL8osgzU0lq<Of&_6U%@KDGbBLu+=@M^iWxY8ohWa56mj4)Jt#
zdL@XJxDWM*{MHE=HJ|7K*Ux8!WTK2I)Z>`0QjC{DG(~grRu`7?9=6;yPdmlZ<#w<e
z{v~AC_n*oEj8{6ZW4JN9eHl?GDN|GB(A3KId1Uy}GS@XtQMe0;37UWKOJa7SM{i>}
z)Ql6_=1WXlonymxcr*9Sw>8|AQcCHueS2OwcOHKG(Axf_CFt?b%ht;vR%1h+>ZE!0
zEY9+&`jjv4=e8>{8E51#svi<4#t_11c|G5K$!V)zS*NULRzkjB#x2~gbQP;$S1i{8
zRZ&%mSump(KaiVqdFa49W<vatzd@rX(~UEmnL_I0?Nl2YocUUhFEB~)(vzYSOn{}C
zhD6B72CQPQf0mQBU9G@{83<SAUgt@Ghe4sR22cI*yN;flzcntMW5KXie1jSKYiQl|
zrYe$IJG;vd_!7?CJICvZcZ_{SXS?nJ{4Z0LvkeIM`erl>_&;Oxzc$r>l+FKSs)^En
znQF+@2TF<n1Z?>FC8*?lMF)ia3QDDPd>lOZa=JAQBG+vj9#zv<cKLjXwBm7sRzms>
z)0LMS`xY{XroWK2bib#4Dii&<$=U?cr}Zm`$Mi_ylwAs4zSEkU=nWWB_jNZmM7>U}
zVWcCDCL3BG$*EjDAvPe_`E^iSADDAsT{qOx+op}IS5JrZA`ldYd7us^s40LXYTR<z
zHQH~5xpshl0Cw^}QH-#ZXVuDcp$1&%2O>doUh3z4@V4}ojao|TM{VfpBEk>8PAIza
zCga0m*)!GpVd(gWY)ft{&z>ivyXG@LO(DhXnD3ih97}p%Bx*=PXu>>&*Pgt<-#}$u
z=SE*r1h$_L?X7Y8#y6K|;}7c>G{GkT*NPS6?5-t~rfQtPXbJgjKI~V|993G%cg4fa
zB+SR|ZNj@Rx~j;r-)$*O=PtC5er=~sPkB0&($?O=BJxks@&u)yLMyMz4j9Rb-5gu>
zrNq=^FN3m=@AehtRgKyGYL3Et0BZn0A;^!|iKZTpC1JO2ELtu;YP;tbzFubaw9uf6
zr5(o>U53*o%e5graUyp~A?42^v1-@lpEIBr@?KFzp$Ulo;@O-~Pp1g~#5<w94kv1L
zQ~@A_q5q@&qy}TS#b}WLctBuCxva+xyK=V8r0_Yhr7~EZj~K>>>EX-UW62T|rVp>I
z=Zs*EyUE@e_zCVYa->4$zWA#-+8a8vZkx`&Q_lz+cgb|&1^6#U5)WH>Fn%-g@&BjC
z{#zsW?XlU4fAg^GNmVTb7#s2F@8TZkH$baIDK1{g<CaL!EdF<K&;PjMa-O><3P#O{
z<heWSI!ZU^UQYtm^cOL9>KFSH$23zumNbR*`LRB-1CuKaej_9=WSs00b&ZMC?Nk#H
zq*l9}-=`HkeAr(q430uoK-3So{>4qamd9zJChPU##*Q71*UA>@1X&E7BueHCWeTC7
zE;##L+{vjVoc}8BTaczj=q$5XiIPWnTzboV-^HEtoEP4P{!EGX*EusSA(rsWW}pN+
zfw98gy#JNTIRb*gO`jP!7F%ixVGP)$Qi>gjl#s5I`IJK4rFK5?D-DF$VAGkq)Z-6a
z+v1d$l)x#+@HW<z(TYbWIR~v4yJ4V4zmgUTVr(r+g~EE;KCq+_Yu+kR!>J11N_IO!
z4;2sA?CRNv##Ee_e%}@cQJYlG<&VObrq#r+g#%|B3GR57W?(+WWPOcjG@pjj!e?{o
zF^fu<GLuhYR_G73=<PW+t|NB$Sxr>?ex0<eWIu5paW_LhkIVoK0o3}`9=xBA&x1PN
zVCnJXpedh0uF>gv?OS|ZmkdO0PfA|c){GTZP-#;=J}=0Tj}BT?Q>eBSSVTYPf4IV!
z^IY>$DT^NY%3HA4T0kSB^!u`rqWT<mNF#<;3irA7kk9uq{lzDdFNv<#@3wL0pYjRy
zztn6RXT$$j(@U)X<7WR?fT=CNZn6H|Q!J}uA4kHp0KWtpfLn;KB`nQ!n{#8TC!UL(
zR~furbtELq-L^5APG|i_J9q7A;k)XaeIp=OTtdf3yX``%tk}+8dqawTMyDnlH_$6Z
zyj>&il6bxUB7dPqjGNa}&uD-VU>`AZQxv@1|FFq5h{4{hnCrDMW6rvETlsvB89<E;
zoRz4HCMZ2lp<;i?5DU`^3O!MZ!M{&xxZNSo4}a%8flOx>*AU1oP}HR1j8QdfF;_P^
z9{n|WEYC}g+M4o16VNg(2-CeUy#}8O5S@%?E9K$cv^v_}*Z1lD+WG0e?nb(+U)_=I
zBc@M#)@)rep;y5qsS?f}B6!1u@sCGDyr7}lLaW{~cH#m#(}Lsfyb&Z7Tbs~T*ib~I
zHx~|deKboxiE|5(Ykw`ftAdL;5b=qjyc6PY2*LxE@N4qCkk>D(FLw{&N*UhvthX(#
z&dSQ*LP5rm*cAgdk}qra-Rn+W8@Z2Y;54AB$fNN25g^%q!^g&ezG2Rh11p?|jl9>n
zF8!`<0vNiStVl1ijUjc>u9v?HuPNFMK>jx^`~K;?O8tLC`ak85|9dK-*cX%eok|>0
ziAofACDp-043=IJR8Tf6z-gAZCfA1!M&IDC*I_AtJYgnChi7O}A5L~2vF+uHogrg@
z!BvK)3$0W6$4r_4{BYYMf@pxKKI|r4_X-N(+`|z^1aBfR?<9e-f#9(t>QgvEAYK|L
z#|sj`klhJPuy}?Iw83w$5x|0(qXw{(WGJJ#n#i$e(&9j_Z_U0V7s_WK=gy|U^Re~i
z^?v(we!G3YPZvS-Tv+(TNbclggy6;|Ix1$QTPR5P<2kYG;@X6U?{mPgTpOZp5%ziS
zEZWUkUvVMjW$DDmG;ZxJPvbu$LOU;r)RgK<$X^A<6*F5UJ$WI$-*x%SSz(XWq+Aa7
zy+_}6o41Hcaw?D}%16QM@v^*6r><Xg>eOYGq|vi<D`w~{aF|JWn7M9IHaWt#5^+1P
zSica2Ab7q3ZG)gfR!G5|A#U4BylWi7XNeowN4tVOdf79a3Nhpb{9W{O#ZJp#y~SXF
z0Z$s^zSamX(G>cyaGC!154&`0HG!s(GyO{Wa|+By?2E<A4~sTflRb&g#PvI7U8eYI
zBx?HUeNrknb!3s0D)w47gKQJ!VPgd{6ts5gdBVvEty{)zJ8H%FYf04Gm~E`b5|OKm
zEQq;^J_aR~u^YPASntNmzyIjcz@|fR`OTxPf0}3hw|Mj)qmRGOK>l0l^~oVnIb6_7
z&htIF13#^Qf`8?DWd%N5pFYE1@m48M0FmhE?08Ju8#K;?1eBWtxDiPry$HD>rCuU<
zi4HvXr65#6KYRjw7-jHOOWCh<a|qma+~Q~;y8`I*l}B?~E+Z_cU!rYv0XlFcK{Cf$
zw<k}B%X?3F+pN>FvARDm?0dyuroZDY<~(P1V-YX$=_H29UVnq_=)dBvIt`ZiwPEI;
z#Pe5t6&TcP8>NQ}*A`X_T0lnzu<EA;F7?b7UB}j1c-QO#m7U!j+kb_bc;V7l_7Vp?
zH$9zws_O?~&euZ+nI2iSm_8S~?JI^cPVdhv#LYp{4eMc?Lvr{?Kb%;P;?{tEp>UpC
zZ?|Lwkn;5eIR6rqWN?NbTWu>PTy#jnjC?pqwT1mhat$5%9b)>ZWioUEUtQWvqN663
z2i*#KrA5n6F4O%|Q)W5ZnwjUA7T{v4JJ@l?_yYQ?kP-OKRLA|x{NsOrOyJ*+kiQGr
z|1kpjYyP}Y)wEq_MfQ2B#ZNNuPAB1VALITlie{wdU-aV~8NCh~R0wB%kXV6;LQ^#U
ztDEQ)^$d|ryX7ID6<U1%kE_l03%~4<IdTFG`DF2Rc0HE^1OzEC?NayM&EwIZcBWjI
zk|%wj`rUr`CbTtI*5N^<>Gcbjngz>C$>zuN6xDPO%^;y(z;eDNqXY{dzdEkQBU!P+
z`lt1W#RO~o0wLO_`~U%PfI@^Ilpt?M^Pe|apmV5sF@prh_6fB*5~9)4F8n#UK`e{Y
zjn!xyO5n+<h4L!AF&c-c1E=0@hdKGC_lFZ;EgFiJ46~e_asB)jHf8-NfzhPg*EpyS
z@FwckTtWVfSAsIl#{OKQMGc3bE4g(&B>^=|&|cm78dpVvb!~1QPW#s@bK;=F{wd)G
zJ6w8cBSkY3AQoY7oa?T8H|0XRtQAk>h_xt^R6h$5t=Bq6h#J6ku_Z%094aecjeRfu
zq1MA)$FEV0O#ppK@+O0Uq^7Y*FwAIBTu6nVx{>@k)~d9}S?E*2*Cx#aWT|<b_vUmu
zMi3&IPw^Y*7c0T+k#EA$ouW4URPDEdEZn;`N9@uy&U{m@-}rU+i01Op=D5(O0x)3&
zcxsG6!$1`n8D@5#CC9>up-`6WvTC94>d+iP8C>=RN&BDoB4AMbzybwE%D_Dd>9M!-
zK?`{)x6*F7am<s~CL{p^lSJ(yXcOa0jX`oH{mNBWabNFoIjpTvScdhrc|yx3t)eC(
z<6Wtjd7u&GTe<mP^x3Zx=kcz&O1Z|Vrk>eXu5k`;h(f4)A068Bp|-$%`e`dzEazBG
zJ|z^5s?7`XOCnlyvP>qxDV}D_-NUSjO=o6vHo=5FIc!;`Uzt7cFcezy4PcDn7z5y7
zJbduGWw%(tD<HmT9%;mmL*NcFgxkxnva+(`bju(F@p<e(q%+KM3I(S9T4Q?rz`opj
zto?LcGfU>I_%Gyqa>^J!m)!I_0<2xAerZwrXtO*2p_@k+3eBrM-%flR)YHberU6Oh
zx;eb-f_{W^?Qel5UouU2AYETwQT_1L8PWfI9TBqKL=krQ!2vN=&8H^K0bmww?TqXE
zhYZ?8MNyep|5*-UnliNcnA}|ULM|Ayk?{eF#Jju+6JCnHALNx)GriUgsxKfz?AHHo
z(0C_S?7992V31R8Pix4t<<gevHdV#mcGD9|Q!DLTrI{_<M&g?0V|`m8Knd4E-nH%C
zzL(RMfxRnqu~0(z@9Z+8!!Lz_9Km-@i{~K=rT0v7x2VYZS4MWMcbLB{0?$>~Z2Y?r
z^uhhJY5u=u5&u3uO{!RbTLk=Pj&9%B&@aG5GcK2Nx0FDq;~Bs)Okx^(y-n~8PE9S6
zZ;$B78};2zPdH%XkeSs>107(#x@_Ou9N>bfMKu>R$%~d_yw?zzC&F)!2+9iC8iDJ1
z^}e!jV#OxoFwzj0lGDwYiL9OkOPV^m<4-S#NXk(lD@dlyCcp;DiJu%Phej1W$Df$a
z_U>4<n&q>x#dU+GxC>@Zk$`0Z$SRIgg1^-5WejnF9cA~ECdL(r4K#QXwKv(+pB}w~
z`=c~@=fsB9*Dsu$n)q!IG8U+qJ`dY`a8t8P9(SUqw3<St4D_TgA`(A-c#be%s!=l|
z$RA_OsNIK3o+H4n>5v6rj0EHbi=Sns>gDRY|0d3?p||rMiAtx6)>Cg^V_aqNtdj(u
z)l;hB2*Op9VX8JE1iC2PsM;4;vhXD45-!$^p9z$M?Qh~_dzACwBs6_q%wK5x{>O4d
zPt7!Xnp1MylFCo?)~9P(*x@bnp+5BDdP2xwFkKJ<65KFp^u53c>3MnJHEv6=4b9z<
zF+|Dwwplg(b9B4+<a6@5%Ze~@0m4YIK<dvxTe-d5VS59NfvrDGL#%hOvc6E$HMI=>
z#0t)3pQ$D2*9PZY>X3v1&r!D4IR`&oZ3tH;?PI=KBG}~z+hq8Af?Y^?)tr`Lus(M5
zKT%KmOu<;mSP1TOS#1L!HBUh4l#ShhTw&d)LBe)q%FxFO;M#D-BbcZ39xtM)U8jvv
z;CqE+Teerk+Rok)K?>b^#HJYE*M>HMl!?hMBozf)9J64;+{TQN11iLd${BviW%Bpc
z2oWJ7VS8W;q{Zd&S^QblL@}4Qxm=y~z#e>I4@3Tf=G>tyhSW5uKi;O0LL8#d!~7_)
zBX2;*MLDTZSQxC@?7DV8Dgfm<b}9HR6Z_!VrBmuWwX&a}+r+g88>x}Fly+mYVEeR|
zt;1&UaY+*Bli9k$eku~})3`mD(gIug+39rFE2iWk?oeTS9<a=`OA@Z&9EVmg&byUp
z^fL7{=9x|{kxuCKLTDif(j8V@*-V=ttbom81PubmD9;&uOh$+z$;ABdQ7iFw65{Sx
zNTAH*1`Zv{8ooJw6|*8zcoSJ|v4X7va*l;UBbGTg%KbkYd*|rLwr>AB9ouHdwmYcU
z?sU*`(y`SsJLuT9(XnmYwr#84^m}poocrA8cW3=kqiR%r=NxOVwfEY4t@)Xfgui%s
zV7bG9u^?`ruknU;BJRFjIvv^D1psL2hx#)2xjNE+61IQdnL`*+v7WL%KVM&WYZiC4
zk%ic{gAbBm(2M#|-#~XefD}i`GWSqM2;_Po)A7JDz#sxhCSdgkchZ2-N(!Q0?;{$&
zxxRQspGn|WVx7sB5jz^V@SPmq)%1^U8pTJ9{l@}nT^t?X#`}rG4&mROI8fg2MjUJ`
z?M*Ei?X0aGgasK4-giu@3{O=xp{8A<8(W=%DhfckMcTl8-1N*K2BrC!Dd1fI@C2$l
znq@5El$AI*mfsxhl()CR4N0&9Nr%eHso#kZk5DfmUC9BFjKRp6u*e9$Qg9Xt+|B#Z
zjcsLSqnAGh;0<iB<0UCX>`-5)@|HZtWH$yNAqWJDZ>oRdP3Rd0Ad~SIYC$x6OMD^m
z56_X@$j`6jr$Fh~+rL5Efl?)pOrD|Ndh#p9-1+gqDG+GLtrf$S%Hm)(t@bN5^Kuo0
zF&dnqJrxPk4Gl6SRRNm<`UDIIS>LTw-lJ^WO+hZ_wPcW@M_b6@V!Xz@aK+lAIQe5x
za+nk;Zyw`&YI|;Tm1zv1;nS^P7P3*Ldxt)?dPO<&f_yb&-JAY{*Mh2uL+@DN&vr-R
zqywEaL#Q9y86zSB$_WVb=D9NdjLX<eUN#cYSM7#M>fgRElm-dCfj3AXXSaO0o4?~P
zuxv1^%7&7m(hEesR8<xR%|G{Z7DWA7sH4afpD2c?f(_2{xseLLoHiC;$Exz+<0M{W
zffiCU>2Zhb7M&d@6t%}#fc%gNQ2vry^g|KN>1E6j08wZI90Z?Tkz~Ud2-;-L$~`5K
zw)bhNw8VBzQc{IsB$|DWoWR%#n()ot4J?^QJL1#IzzcG5oAq4$w6E|~*@kGHL@p|T
z;ON<?p}OA?Rbxc&`-ezu#Sa@cU&W%OUr1d?eCwmuJj~3vLNfv_A$#=;_X%W8%SUP=
zA{X)QxMojH44c<v*Bd9YHg$8JTbr!g$YKe<mer&uBF$tSy8z&Z9&2nLq)Myui&yyo
zdU{zr`YZ+}sf)T5S9~fNUAv6|KNPzw8KyMzOCPT!?%^rb8o$n%E<nc4_YJ>ge=;Jp
z#mPyivQC;4tmN)>qaoohIVek+o$UWO%*g}4X7)9Hk(w>!w5#_>A}Q*2L49`~z8Di{
zTz&>G7+HVYuf}<tylFz7e67z+a!ECj$V`jc0!Vd{vHVgjpCf;%GTwCp+IwEw6*Ak(
z*fzS%9N+C(K_H48KaeUj&DX6Go;R-YsfsLR)gz9`I&jvN2IHbqZg_RNFnj;;s6sd&
zy8lEQaL|pw7!+HwNNs)d;3+XFIa9?l>onJKEw9Kcffa)KzD%kkpZy})+Su_hJ<Y*_
znsc{UDpyBL`z;EAMVr&POso5%_$*-0>^fzmbD4CbXg_Q6P;<W*f*_g-V?WHpdRInV
zuX?e**!5JZs_9^4At9dohiKMq;K*(OlM{JlIXk;OESGjTacdjfq*?X^S>OdsvcEyz
z8P^@9SGxXj+tUtDB0fknAB7K+6@XAFEk}lW-KD$bK|WmMY|dVWk*j|UiD8`NOjMrY
zC_-9m4@OTk7V#xS`Zb2`HQHmNkPW<Zo`WTqQ@5*_u&p?oRj)1oi3&uGr0|<U{74L{
zHt0P`pqR79`RmCEO{FXBgCpKksXk%$MY4i^#B<TWuG!g!fQrh&4_{j$%qAvx1!L2Q
z_XhxS<&L)K-Vt$Eldj+S;ji>h(_+kq&UY*utTrCmShET?&B;{STDRbfWu4Hce3wgI
ziC*!EhOPEzPAUC4I67n{W01a<o*1-jP3|NyNshYL$ic>FJ)~oEF5bY$!Db8)#Kovo
zM|-(f>?H-h&pIDzEjHEkXCsq+k{T*%$|w}h-l*zYtTic9XnzTgew_8suq!Cg--c;E
zUISD@-9C$uBdIWa)|aar`ZY+E8+R!C`9i`P$IG>AStJ2d#QtD%W^`wnrde#hs?XmO
zsqb`DG?#xh=3%d;f7kp|{wuVL{F#K?$<^BDc_dwXewdE6ZDz;vm=0;um=p07Ksp;D
z;#4WN=5%Hj=DA!iw|nApc5PsT*pXiW3c;0UpAfV@<SmcX*}e5z>^Ku0rq})47z*9X
z2Bz!CRhm~SveTv9akD&emWl4<fxS5vIx(KHg}o=52u4p-jr(+>qw7<x?us~V96~uW
z!Y{A%z$4<4XM&;YyF|GC$uw`|PyW$Ug{JNlQgBD8oRmu=Yx~xuxueOFm7v)_;aJt-
z^6KqPY7n?85d0JxS_UaK08s9W&M!@Dxmid&W>O&SwvWXHp_FR+m1A|bZZ02mvYXBH
zT~Ci3o%g*yd$pleQNKQiT<ZLu!xF}IXv#o>fO!4et){=9*Z$|F=s(_czUevWF}!c#
zKW&8)_$;~1kvb8i3`asW>Ki;HNnS{G2t!6p944YTB_ZLX3`(U$r`EX!m%V_|yH@cr
z7(r24SwSTDXYj8~=)xE8v+7-syG7&mRY&0YbAtm5_w@LR{kW$6IJY1P8}zH77o#@=
zIQYkA4-*j7hejZ&fC3k)H?b}>I6MSsrUDr(?3K{l=;@J<qBZhSON+n}cBLlOmsg{v
z^$;KcJ=*FqWVX279{$Dlv3tWtr2M5F>W$p%hZsW43t!Gg#4r(}c&F<wkne)_@i@=b
zLq_vNhX?Vk;Ux+LbdeT#?z0}*j*sw4lW3crxB$=)cjBf(->Tn@@P3tgqxuGdzXS1t
z!TI3!;HCMN$=~cQKWi>#gk#B?5P2Bkq#P2j3Xih4PUiafiB6IoH1O>Z@^0(A$NI2+
zk1-X*Qyz$-_3d2siO3t&^%m#`asmnZ<H>u3-a!jXB~uw0ap&7LJEQ|v3j!GE>JXub
z(&}v<uY<3OtOJfqo~MaxlDuD>^|L@k_&lwL$^98lMAXyh6^CU5iEg_Y-AJRH)g|||
z6+dm4MLD>#+ERSt_ULkpAD?IzeBW{C{MyZIYn$wsg?MyCPled;#3t%<FHUb5xnjE{
zk-(IY)3Fj1uG0Kb5>$Ju<_>&UJa;;e-bye<B7rNvoMMg6K$bT6g(#1XeaunAs}7vb
zqv@D&u5oLAHOIDIYo)^=7=jPdG>Y>z&0HQ4Y0b_+AFWpQ*h`y-Ze}N)HYo%eBu_qB
zz525dJ8Lfn4RtgynhV&r9oIz$dbV#s=Ai9vg0o+hfDs&&csqHpQyc5@Cu8z!kBj9e
zq?eqh2>659_X7jW1w!E*k_u)zQa*bqe|$BjH-2hgw*nmB`Vl>R851q%mwA{GIcK%5
zDPySL9G!S0KZr_@RB#_8ymx=5Y&;356vh|frP{U&WFh-0hQ&Zgu^rb46LpqT(k8LR
z&XyfeU4d~^sl>kX`Sd5X^h<;)obdSPWLcK-rGDJh2KoLN+fMe)^YOebX!VS1Yoner
zFBAt+nMX}m*wi-id!x0^N&>;X)V*BRqd`=F^%;E6SuooC@aFeC3I0X(Gs)JBFRg3q
zhSW30oi%3TnNq^55;LVJL-fOe__4Iv&Xl0hbXT27xPXjSw=&e^(Sb#?i@S>)c<i}i
z{;x_Y-*@~DlN72+&NJdh?mMlofbDXxK&Ka?xnIC_2oL8kKHLZ0;&t10>ueA|*UFaf
zl${wW^do##Yu(X_s;$-ls~y@eX%BI4cw4bkYOgvLkT2VJMBuQq=D<gWhx;omT==On
zPi6;th-r4Q$qY?!&kW#uhiA&%e<^T!13rKFez@tSl4<q!KIyyXVXvkG0srni(1Jwg
zI;(`9xKmM^%a?WFB4^jLB1)@}(Yltg0}Z!Ki1jsac<4JLqFPfEy_Mi}B~v&N4xD7}
z+Pd5YhcqpG#=$cMnyHx8$m`9`)?#(SV@SMCihIu|^39XZ7#@H-Z+m1l;;|xa6TnL%
zAkLqI*Get`55>*eAkZAOr)kZSk}3zAe&uGX<FOYn;p-Conrx{LH7*0#rQ+0LmglyO
zbupnBe}hzCd7F#q<CvjeEw$Iikh$tOPq{-Kp7`v;{qpW;+1*BX!@6mDEC*4Xr)1ky
zK1_H%`v@C@rHAI;Ba5y7&hVQ-cHWqv6({*6n_Fvd1M$Rwi)VE|kJW>5-qq{H^ON<&
zaldKq5kRs3`~Xm+vG0`!q*5z?y>HgF;H&^g^*`%1s?^oa0&l~L#|=1z37nup$A{^r
zghd7?k;A0vPJ~tqjTGn`;KIg1`_btau*I}V;VUDyVbJx64UZ<=tNVamSwf2#(kTF)
zcxJu&Q8%<w(xM6GM=zf8rUFDbZig;fH_2AlR?i12YI+h52F#&^>o5yf-j8tTMGfxE
zU@$%*rr*LpC714|Yz!fzDEa+l$Bp$_Q4k34?kzS^u;hyBg6~bvM0fa^p@W@<BP3`_
zIsyIFM7Krlqj%58qO4F53T|9Nw8Da71F&t3L~IQCj#wzFM@VA-5v-VsZzR%wx>1r+
z9}sCIU_VA}3sri$XZ87!3Zq`yxs)hdvMHkWO2G#TA%2-emL&d)9%da~SV@DEIj<NO
z>g=2;1)5VtwMk6k3QETxh22dl4N8TAj3JAq-xbXTo<BH1VXy^5m6VDn7HMZ7!s~@b
zK)yY!%i`gj3Y)_;6}{tt&i$eIn~1bGxL2C8fU3|-EfcoR4;W*=;{(tt@9>CBltR0Y
z#J=P6gV9^qW@vCB9UFPr_za38h`O*oJzQ}@qtW8f%oZj!&?KRmW{#7@#9xC5sXGsB
zy?sR@IP?<V^3~chg7V@I8bAGzFk(9Z1!o3V21lh}eJqM(VW*R!!h#hdj&_b8gf{l0
z8el8I?UoMq4=iMJE$Y!hCWh`dpYX9uhs6mDcs$-#Oms#Jw9FLW*!c+pni1BA+n9xn
z@fkP3`>F`PF^DJ<yt{v>Hvl?729J~-y8)UsBH0^@*2R{qj2Q%tB1C!un#?AgUk=qL
zCol#Lc@jB21BNk6Ts$*7Cie>aBO%`CH){CY2L)%|@G@0owAw5x;`9gssT(D5QVx+(
z;l8Pd4@!<8slM>{34&d=0|JS>Fo=P)2U)zus8g(6Fb*&6c=x~>6;Hqm*30;XG4%#f
z9k4UA!dv?p=p<PF+CKjV<asI&2?E;Vb*xW&acy~>06`;LU(TO5U<PP)c#4!IS8G4n
zJgz*<Flmd1me~S%hR%Wogo&zoCdjEj7RW6_5n%Fcg~W=>hw`Xg*zkLd+H+6v)0_Qp
zeqA9TzNCkeKQ3pO`!WBOa4kFLtfA`gx;XIQk`(|yP&zK;(YR)H*9K?}g}O}K;N6e;
zqBTHsJc4VLanV_3?Q3LB$o2iGe-ci+*d;{endb|`=S16-v4}tc`}xGKa)hK$v4@A7
z+`Dm&SuHQU1(er)Pa1VMqb+Ig3v(pJ4F_MxsJUUaR5vecPLG<@aM-Q~1FCx+)8#L>
zqlpl#N~IdOrIerLoz8*lmoaZZg826GhwVE67cAj~Iq;eAq4tG*>V1qlq^gxaA0IuW
zJ+_COzCOJ`1%V>BUIXtt#_xb!LR=|Axf@ItzN%b4gTxgJ0QC<q3taeOQXP(`7qWD`
zK2qIOlGs#%-f`15o8WSw#4u>#ag&W|GWZAu=ww%<4PwO93iLlS$pkK7;ZMzT(*t&q
zg}Fem<l&5yp;`FThrexIV*d~V|A8yQ^sPohmJPaz)<99lnF2t@CMV!Cu-)qbALHH2
z!t9(B+R?GmjLNiaqqSa%T?~mp7Q~Eg<n2wmnWFy^?G0WB>pvge{i2T{LPkS|+?C^C
z`4}zYgAR!_xEpopiONL?hY$pzV1`Q&wEcMbA_VFH3YlP-$z+I2mcpPMPz}wMlsKlp
zk-bd}3jx&+J6-(JebL~IlG?M4ryc|g0D(gi=?Srs2y2Jd%Qk5+Llg}rQ*>cg!^WY7
zliw(Og}wqufazkp=<$THLzlxWr7-Qq=KdP60k?shMkpSF(1~ojAcDXX8c)SWBf(ZB
zK(R4hlocf5E}%P4p^**kQvpq<9j%rvJp5=zr<p7vQYDPmn`na(FOWlnCNtw#!3CQ@
zPx<S?%!C)0G3*%C3_tE8yq*#$IvcnjeOwMXC@(%kmT1m~S)I2J3-(Nw3@9El#buYC
z1qB;Sh_Hl-CN?#?pzvmtD}J9yhpwL*Ul_W$?}pk})DRNi?Ib_s7GJ6?lv@h-dg$&C
z?^xHne*Hw}P&y&8?y08!05ZS9+({-|GJHAtE+%df=sA(@$%~P63D6kR%+1hT1%`y-
zEha_KI^F;|SjFiD7O;%4F9DSx-bmZRMJ>qwndaWm7ith99r?tEWc($xQ9%J8Bmm|p
zn8sVWOwdxQq!r*K9g)y_@QrjbC7~#NtVK4S7NBhLuu%eEB)&jL{@g*?QA6bv6PAI!
zj_8Ae&4fu7K@^mN-tE0W4F!$+*(HO_6a#&!51(GdtRRa00U${K1DT{ED;xUTyg=x5
zPq45ID2E2}Xb*1oCYKmEVuxT5csRP;WrV1mNmqjcq%w-pgr98`c9K-jMv87E2!uc^
z@uM>bY_H(Pfl_4$m0^&hzL$(IEEd*iC+g0oU7AmnpO}BP>?93&Dn)Lu2$edO2`bws
ze8jANv5g{{C>hAl_J_D$XrKBz;E<_=xTxCIK;<Ohr~Lz^L?mV4iL5u^P!(OnVySmX
z46yw~+Pxdd82rjrrCu?zP~JpXQUsYF1i=hq;E5-NKEjyq^eEoq!=smNl76{R3u_<3
zj@VLyiDd%7GvJD;zJ6nW99`VXNS}1Q6u;0oZdW#b7=9ngw?v5GFA=xx_mAc0eqQZw
zK=V~f=$IyzuNVm8Js&p7{DXR6=L03lWa#NbyU<024Zvbi7ur*T-q-7(g$#~lxs1kf
z<w+8SnuaKuOtD3fY!AME9oS^D%Kj<NCbbAI=0wcr*Y%C0vUw0Jf)FappH^1nv;2oF
zXS#SY6|^jpT3+qUJqji0^`GF=-?}`=QI&ZE#*FMtVaRv`=4H7)s=<c^Kq-UEk;Hcs
zgH+j|&VQ8Z*-EnTO%5=4Ygr^twDI(d#7gfWLt)p)Ru%jLhe{0CW)}MpWI!_9>wv3a
znoSEWftvy{fe}ll?Ua~J34d441Q9>w@f@kM3P_ooUF5rGWc3f|4;Ucl{gw(%p%8@O
z$AsH=!#?(ngoT^tJ6B*l2=NwkN%>BYSa;{aB?%#$b}lU2m5aic1iuP&h=A}o>RLNP
zc<Kpohf*(a5=gYU-iV3BGiPWy%q7Rmb{?-oeovp5r0ayUZLEO|?tl4l{~8OnEd<NJ
z>qnG>BR?WimIOQ~h5T^##mlalwn?FosMI$lWMa)9gG9dsYzrj-p{Zla6tJ<VIDp8X
zl$H9G*cR}eJ-Vb>*erfRImc8Ett@QdA;%;?;RC4ni96+GgOHel)tOO?Ka9tGPGn+{
z6XEC-9TEr#HBkPDBE%9RU|jJEgB;ych-Kbr3+nDo1e2$L4dH2$L};!{o+x1}@u6e>
zv1kW6Sp;6y{*stYP8U@NC3xz=cF;EeL7)ioJtgm|%k(Q6LwM;IF<NjL{AKJP@dhuM
z7Q_h{@~8?o4q>=3g`i(Re959f^psFha`Jm0#HEF?eLRs%z=sPI;b#Q!<*~c4`k4*b
z-fWdq0f86^evzAou(^^@^Wws_OlJ7%VbkXDplPvL7?pbPXnZgQKLlQjroe;Qgu44s
zMZcxt8f@j%h!JoGq52kN&yb)?8h~$ri|K#FDnL*OI7}h~BgZXQ4S6}>0+T^PDcqWX
z{7xl?`YS4gTn&Y7FgJ^GBc=->RiK0@43<pP;ZUMPWk}&TFSrMr4h<>i0|;|azHmSl
z2qqZ=3KI!fci{;#CQ5HVGH8^yHu{(fWM*d2rj4JbL})KFXdamtjof7Ii0Li1j6Ro4
zX+e?c0kpd>KI#OyJ|8><mO(8xAV4N8vbY=di+hzXVSdj~iEq*9Qm~)N4q_tTP-c)z
zaLf80VYWcON$>_0LBr<=lZZ%YwXg^X#z#K(kx^rzlt=VlfD8N_kS9h^CSAY|QYe{1
znSIkkH~ScyhK)>5K{oVri46a1*lBi!uU`*#jS?0S{dA?l2Xfw6biqy0_enQ73RiLv
zI8(PDI6UlFPLi+h8~yt6t_$#fWB#Rl`OJDo+HsprVL|6hzt^6Z0>~R60|<fKI_~9x
z1#&1SKhm+Mwf3EMdGdPT`s-=u+{TGR!57R!x#1??1du}&b%3b4VSz^8cZg9oFsI#G
zmNz;yrUlrm(=J2{2rjjSi;A^QM)6~Yl%z#(rRmav2s2O%zj(5g!Yz;MiKaBeLSsUN
zv?PN5U+bx4)+wjRQJ-1{wC%G-+){>>N{ZPka*8jXdfjYR;)dfxLVdK=J+|}Nk&$s-
zu4{{5zu0y~%9ayZRIl%*l;S7wtSK(wS3Vg4i|?1WmP%rmF&UC;-yV1Bo9AtI3wZL8
zm_776qP5bnu+H^IWb?`@JKU=nbQ&-f>IufyEe6%@ii^%iW#aL65;fvL@nb%#5b!(q
zNm%M-5VJEYVw<$vHFrT3OlPpUQ(ePEBH#k`>_&&P0yEm(X5FuBg{Kk>80`Q6)o~Qf
zlsynJYky~9xFZ%v+0W`LHAS=_{SNrHPjymKkCIr=Vtso~PSHGgB<t=L+R~=bW1ngz
z-U(@hCK6WC0d#nl!owafo#HJE{7$>Uww>W2pN&1H=tA!`#(UbJJ*k)CK6#1t?ccZ|
z$eL>fsOvCVxwF}Q=yp$;_dkwkv9`efBx`rJa`~YudIg34OdXdY{rEFW8FTHM$+M9D
zKyArAhBfDISIZ!df#%4pwrX$ywVrr-+Zw9gSRL=<ULk4kh}W(8%WI|c@;FaXOuM_8
zjzf4%jT;!(n6qNd4DGytg^z3oxX7BZMb%*F*Br#;oSP68N+Ja5Vq42Tm2`kxtvpJ&
z@^wR#=Y7RJx5>{>kDlE(*<c!4*0S6&E|%=Om(aTq?bCOG{9lxJJk{5f0>JF2=ygW;
zE+9#eMvSfH?pA`@%;`sPmz3Bet|lVBFDkKI^%-)m#$RlBR%=y*anRLc_c*&OvFZhE
z1+?DRa`3oMuB5p23Y{MnmF(o}iL1zK6S-Cb;hGCgBeF0JD2y@s<`FKCAI0g?RJa@#
zS|n<CKCp9q|D5U4%ew72vl(Bz$fz68Q9SrV^9)`hDH8YlOGf}n0#O;sSq&dAx7&!%
zgSsQ;DSB@=rBY5pg1OAjmWtfX4Xoy9fgulTJstWvEgphFB_p4Zw>eb3!4t`kz0j)G
z81Kv{vE5x}oBd1k$DD2qtW|NO7opw~GZXwe1-uIB%JtK*gI>o3TV2YVxq3Oj+qe3y
zYDjQ8bLs8f40<_+nVAyYBK+{ChVSLy2i72XK8GJB^DEDqk0<K{EhaY_Je6=hsX^R-
z!FWVQwTP*`mEj}8h<!u(!bc#fEkQMebW!7Hh27%Sa-*{QOhnZ=G;<k^5t<@!=EE|&
zuvm-6Ypgm%BRzVb0N$of@3?7`p%;tDuIN-y!u?`O<zN`Ni1viN6E;}1OKS$Wg&SPe
z1=p5tLG`7m-%~!lSprxW?hX-TRI!4FKN|qb-Vrg&q?&GTYt=49D?fGQLcf+4@%~J@
zbe6q(BA*_L+gjOYbc!S!-a=a6YOPA;5@|u-wOcm1fKzKQIZ`tabhDdn;-p2>m@4o?
zH()HWWj3>FcE4;_d;|X=r+)pZYt0g6-fCT`v^>phK(ePQDU(xfS_7Z;I)%aJew6rp
z{bYmPxI5qSTAb#a_SV$hf?Y(`eZlA&Qy)j}wQP}b-<OS^q$Pq;em4|uY}F8ap8P|^
z^AWyfbD{G*MX-B7j79Je+o?+W;HM;jiPg+oY90Y~aWGWVDzV11>_}JI#m^l>E{$92
zt5mhKM}4KZ+K|cP>$#m(9D}}%ul4BO;7-e$8X%uh9V@&KnM|6lmlU2;W@@G9!y<d&
z2?2I)i`XZ^Q<%QXeH;P1iH@XoB{U}vP7z~`31?rj(8AQ=@tiiU#q~S0l6WhJTAV+h
zWqB_lt?hMI%jxA8SQ1P#S`Ye77-C`f|H86IY1HA>nEnpjFfVRR@MtWv@VfKg5>-EG
z`Nbb(Ad&Aulmi!r1<HNsiAK-Ifw}I=BVW&av8Ze3_OPlun~frw1~x-;9nb@D$b44#
zW5X@b2}_SgAfnvCaXfaur-N_n87#I+ID(@DMq^UJec>35w5n)V&w()cy3g?vG!gU3
zh0LvETTAu_UPPS>gS~q_sh3_`UiZWvGlUD~vC`Z=A-eo1F~z!>&gH{))AThP-d&R+
zM}sy|Dc+XTPGRajn_JyX78M&laF96%X+icah`of`)AdYZ|K>?@qmy<D6C*6_a3}05
zrVOJCP5!T{g@UnVhc4li!6}sO$;QP3e6$b``P7tvA%FpO;po!IHTnH*iQg=qjwV*A
zOD8w{qT7V^WoN2}3q2!WIAbEa9On^sq}B5#)~~oz`w)la<g$%o235V;{eDAeP>$o^
z&{J6D7k$U~WS_LT{*ju-2#C=G?X;$<7*-0F?<cnQTiDiNJhhjxw^1ohvGIidkp82j
ztWf=328YQwr9X&HFY0Gk{1)gx?L@ulhG5`~@>Oll^o)+JTup`3>m^N(Yo<mA5!ZN;
z>=|V2pKZ>!AGCW6cM{h|j;@q6D$6`SX1m8;?>)?{{>TklUI-l-xp~!QaBM6Xnq-g3
zK+I0FHu>Hk2d|FFQK^)C1AV{X{J48+QJ&2AnIr>4jz=xbb5V!A?<e4z#Sw`W>51h$
z>oI<kq1a*|alW(L?CRs7B@#v8W%%K<DvywLJe$Lr$L`wE9JMrj?ZS(<>3OgRQ_sHi
zNwRPM{n-p+S+{w(#OJSvWLjWLt9!&Zw{0<KHh8#GG{SpiZt0re*N65-!#&3t<nXnw
zkR|xEu^e?K;8#>W(y5ePH96Tz4967Yfo6`E;XKql!Jb!{!0kUkpk?^NwXr=QPAC~&
zlrv_a1YMP2jZb50>ZCrjR6K+a_$$`Xn9<9GQln3HqQFpYi`kkHfZZQ-G=5rOH{QQ#
zk*QBjTh1@D&ZzR*+^a<@;6>o~nD7Xf7yDjYC=hzMFU>J-EPiHjC-L36`9!hf+UKll
z6VvL8uisUID1wt$B39Dl0E$M{vQtt-@5Dl2ubs^bp{%-ZEf$)}QdxtE(||#ZGLYlc
z7ufR>pi%!+SzX(^rPcUxeYm_k@#{kCO#F^Hj04e>_h$JV@9u=Ec!@@d(;~h=NcmLD
zx~&0+4=dS@@G!Tpo)3aKx}m$&!HM(Z7PY+!<7EjYBEg^*u>q#8&No70$Wb?fUh7sC
zYN_ot;xFy%n;zkY2xlG6SfNdLhkR8W<on8SS7$kKnMH+$>C;5A?s0Pp7G95?57Bq~
z!#sBr=x*^~$L~nNhD)+GWb3SwUx*n~yn32L0olK_&C3{m-s-HoG&y|zgrTzG`s<VF
zRuRio1G%wid3H3Eu(Zd=D323Wz9>F-jT(GjN8n2_M&$nT*ZOXc`zAUUWHKbzd8WEz
zljompm8lh3tSLA(j{Brzxr7nVye2?)rS|#6`SY2mg8H@jSnaA?i8i2Tkv+tbg>eS8
zp=ClfWVzdnP55d}X7rXQX{nkjf6B(np2Pdi;c|jHGzZ7WMKJ#+;kBB+)Q<Z6n&gTC
z(l)MxBc08_)8sRk>{<PzRkua?M=+x=?x^1`6VmSi@pkqP8}^|IR&vAVNFZOv?Jyei
zmyGJWh`v;wFQvAkW4L{v7_;ZO_eZWV&=d=t(q1G={G^}=X@f~<l`h-L`9Z@DAvHVM
z{rPN@SH|(G0e&zs^>G=qFp#%RhC%k@JT8aMLftantAo%<2UgNp0^11$fvT!>#5}zh
z4=)?V$=sC?tC-O1TpP^rF^!zY%`)fi<Y?h|3Q|OC;=Z)oNeH_<bvZbuOlCUm3eTI?
ztP$nKKFmz3xZM_Hfrb53D!YGTz3~oq{C!MIv15^6<RKx?Imf5$E~FU1B@W!7^{uKw
zvbz-hkyW=bN6m`+C;$Bj*6LqhacVwU3{W<i4J4782NoB+ZtNewjaW{smX7bl6e@3z
z&W^IHgzeKn#Z$-cixXZ*$Xb^jk63(+&ucKOa=~LjNZ0R&qDm*5zb}C)SF+zb<}p8C
zlU!{tWv8Ff$n-)@>ESZV!0c7yeV(MbK?#gx49U?b)k;3!!&^$Xk&Q?+r%jRD+LO1D
z`o@z`n2=UX72S^Ayk?<&iLv&o$PZubh*(;hp(f38muCGf`)PCA_&oL8(Ml%2o8N9Q
zYTiBKd6wGk1R9ZXyw$B@*IxUe#Jpk^(s=A(*&K5{II(%*c6aHvpTC`+YP*I(Z$FX)
z?bJ(Rdk%`dnlc#O>2OY#5TF~u$`T@-v-BNf1-fai(DG_oO(91YE-e5eVg;nRzLjW*
zYuFyzK}hBnM`SffbRG(Mdnw_}R#IDzDb#hR+>C88O-nmNLfd@EW5jg<Ta54cn!oW;
z@>__>OrY2}?NPCM${4Q3`))iRacMEDC^d!^5S+3yZbkxijmK_^K3WSja+99k(JcE_
zt5#}U?em706XU9G;c`#%x1XHimUA=C${DkwbBL5@2w_~k&dlGoh#4wv-ubb~(ooCa
zgrV8Pc|yBc2wTcCSM$q8#}b(x?Cft-f@ij;*CA9^ti#rL?kocnWcv`i;tpSeDe;V|
z2;R3D$3JM+sG~K!LQo%x@o$a<Oa~6LRJbvgUY&~Mf!Abb6TTDUChixq3!(bwjRO)0
z&m1WC)?M8E(MUax%n<kyn@2spigtHpdV`i;xh)T9Iai$60FJi&vo!!mJ`-=K2T~a?
zhbfV@K)p2$UO01xwNI`OUu(^_9$O}&OZycyXo)~Q%YD`Q`c`)8Q!=1&XbYb!v4rf>
zjl<`J)TVzbv`tw-mylg_90k875k2jLr|}BjwJjOjA=--i@#-a8+uT%NRx)y!0h*iL
ztK4^w@wj(KoWEitn<so;w;@$?JXU(G)XYY7qIfmS=2U+?YGuw|Ah)!K3T9hEi<O3l
z3)Fg6VDa4Q8gU_$S--He50!Iv%E*psdzqNI$;$VS!GpMq!hAKJiM|VKW?m$@KWx3E
zX0wjD-kDt1>@+KAT9TEgwD?|DcZDCxc7yy2oMrkxj+Lkv=T_}OX+vwg;=XAKxV!vm
zh7IX)cB1ro+UnGv$DtIpj2hbZ44Cz>>K@n^R}yDqpcRLD>AxA4WsPS!cONbaMS->L
zC~JSBe*+Ugig#|?JkGSG++47GR!OyBqr+=~NW69Ab4Ylw?5Kl?Uz1P5l2LQEz;<ac
z?cG++BClC8S%%BQ?*IG|)p;-Ki|~_3gEMLv7fLrSf#=M|k;~hspk=l^U8S=McJWDL
zOqrLT+;H@DUa~#fNj^oD9(`Vb`QpyFx-G}ex8yvgb+FLeAF!N+xoHTt1DF)-VzuL~
zFuO~x7qsr`6$7fA@cnZ6s;c>#YQpD<750Lk3w62bN$nj=>)d@!!>ctWcE7mEwUjo&
zmSt(S=?ONvd^>~9$2vWHr$2PZ49<CASz*Ukq}E<;R+S3&V`Y4A-0(6*>x|;CmJJEH
z?2~QhpW^W(+gCt>1!Nh<b8?+!KHG7GB-p~&Fg>`;B;|Po<QPZrrd^f^Kj&^`?QhZt
z9G)Ywe~}JZpQL$)YPV&GA*3yDKr2}3|K#a9UmWa_Lu;9SS+^9&NuO?j5~?A)<^;v{
z^B2bUkokH{L;s0NB7&vQ6n#AvQ-Ev~$*@Wx2=)`>cOxE<BmK#C3A8j@v;96P<*Ogt
zuHAP{JmOdnU>6yvw}Igo*pMvV4j)M+)^{TyiUgG+Rp&WP$7@yP8_;vXGQBx<%?%It
zb*=V{V5$zz<E_)5``GKWn#b1?!qgPVhAbXU^kR&+pC0>$u~j&0k9)nk+E2UygfD%)
zV!&C)m$PS}#7_A-@bt><)N36~%pmkzOF{%Xz0l9>tb<A+0aPwb;&8EWj3Dw3HJFd_
zU0^7aR8+VZhwP8Qb*R?COhw=*0A%I*h4BjM^^Fz;%=LXKn(%=Jc$NU@1MT1nQ!c<P
zemhEeX}!+y_V(5p2TGWnKNGD(80jjE*PN}ufI4}!eMmYNjSBD`5j0Z8BcC{9QUHgZ
z*#_31iN8eg0`rdb?DyNh#5|3@$`MwpYqj-q?mvxkdzt4LCa|8{b*{e<rQOOuTHd>l
znq7ZpHsW(>21{+*J^iktHFl=KpJHtZcP0t{<_L61*oJtDAJ68QXes9eohLY*xjx^A
z76V6}39T@=JY+8`IQ%um7|yN3T{bjnut0BXD&=D^a?tR|Gln-Gfd_D&i>4mxEpKR3
z2b@4_*QV)!k+s8jjFdt`j9)ihnkgGndEF)!&81u{aX$;6mp3n+Yr8L7?kB-dd`@_5
z%IoFC+y)!GFYvTINC<2L_eZ*=DYv|{bo`3KefX-ba3Sc1u8K=wcXP66i?UyBQ)$J|
z!D=*5K6$e_ZU@@wnG_~>oSE?emO6EE!1}%Q^f|WPl--laL{I1$(`5m}u7^P3V#UCE
ze4a&G{6ULre{{Vf&vDN3upjkw7Usn<VP6?uehwkEb(5}!W_j23#h)*SgtD};CfgD7
zLEuR=VbVA*CS#Nj43@$w-M6h|_LBG!hgw=L*55ihJa}$rkf76AmcE;joIEIOSUcla
zTQu9H%3}8uoO#sv56(t1dA=p!6luomLuhA$VCSTz<#`%rHyk~ONNw$zD8ceC0dc-O
zi{Nn^8Z9MM<@*)exi6d9B9ClK4c9_r*!09!w{^FD$D;augJ{<lWu#DVg={(){W#w^
z6x0FP;w^H3p*hfRdTWb|Fh|qZrt^G>0(X2Fh&rNgv<{+4oDMuT`w3-aI)S4R6+joM
zavzl+0t{5Kz4J?az|V%Omdx8yXe^%iwlVeIf=0FoF?Da!q6sk-o6gAI5vo#QR*mO;
z4#k!{^_H%!09&1qx+=0fm(|By^6O^-E-NrP8@WZenL@0Kcv4eF*S<4Gkh8b*rNtlN
zM?|mIV5`*y<aApJt$a-n29S|SmWlG4^>yBO&HN?ormL?ecZMFBSv)V)@ZXH+CiZV{
ztTM{1hM-(V=gOis_wnBj>Tdc_^{pN&#y58>RW?1y&g=N?0`DUhuaB|R?hnP}A$-b4
zQd-CCcUUst76hY?V{WIOyHQAuqU&74(~NCudE=ZiFM1cM&q+~vhFFp(4VU*y^)zcM
z>O{+*e3q@sAhc;#)fkZU{klgR(+x;Wf2C4d;0g~ZpK1`+Zch+;!Ex))oedl~x7=5C
z)Uh+yCal5`kDKkc;8K~bf8I(HePiKObK){T2X~Ho+)V0qLh1R!=3jb`8@N=jnr~i9
zOipFv*Q<C`5cAo%Byk<^?T%{wZXg$~nv&0}<thHiVX!dFEro$cl4DNxn)rO-Kwq>%
z_KnM^V{0bCHnbK2ZU`wpepQqu2Jw>r?9j^{oz?})iFnCn(giOBNm?0-e^FM@yt!#(
z9idUD>(_RrRxq{8t>x{_3giIUl53MkJlla|4~aeN^3MjBS6G3f`vfOSKe@&O_an;@
z6g($mz(ex;!@ni;RfoWr6-tOv^#XbrZc0SuFfXxJ-C!a$lX@yvX5y-h%hRukhI3CI
zMjv-h{Vs^AC_L5e^*-;=7=0an8uA=#a@ffg$6XE}8rsK~aD0afG1zuKrIa(E3@~KB
ziii4PSe~7jjzV!bHUJ<~WFeClEAXzHp?(7GmG9N0cIi2PHMyHgpZ%H$T<p(g_!!7>
zX65v}5DenW^h?7JATz#)wj?91V;cBn*4nksknp>zi`vYDY<c%wj(NhPqm@RiJ`Foi
zq#m1@(e0uT=1ADy-X3=1jmN)w|2)Nup5k#=Va;b#8rEqgq%S*NM*HnVTKl<Z2LfF#
z>&Zya$rwHL0H+tgv4@&Bdl!fepZ9ip<73Ux=g39`Y;m>MG{hMrxPI9d&N4sEEh_am
z+^g~*Q>8M7)}ZTn8r(@+2s#(T-@dbN3HmyT$v};pwKA*XwxECYkdQi);yL^xJY+F}
zaX<eR4Uv^nV9AW`ymmjM=!90g842BWQ|M$QfuR}|Y{VlO?397C{Z-T;fN6>$r+;s4
zOxmTLw8|*f?dxbuRWn=0R?=<0AkqC#g4H=UN%!f!uj=?Fsr(uuRhU}Fy`falA(z3_
z5NS&pqHXEh^DZw<_O8n>l+pvBxo@wjS>xT$wQEF`0K)85PdAB@**xw*%GNrmR3~C%
zrEFo})0!B)1nF(#3a195;yhY0U^eq-zqAImu2V5{S2;c_RMN}_%aMd-Bd(fJN_&_~
zG0zm~OgY%ttYtAS!Wz1L4S!RZ{sd+%|FAYz?5PjEQ0IJyBXX=AuyWjq2@{x`%+q@o
zyusRW(^YpS##)L2e9U`t7Y!e0H$RrvLc(o@Q)5#}n!5CiaGkJ++%tJ4oxWIH%s=))
z&FtqHmAQG0{gg=g1+h1O|1I8h3n~k8jbm)l)5YV5`sghq-?hAIlVe|_bP=N&N_VvN
zDLa?<kOdOw2S`~@l{L3z$0IP);r2M_ssYf9^W@2qfEY1ofsOQY50N=-E!(})_2|TU
z(8Ik^fu_Y+3wzdzBpht`1>o=z#F+sMsAd*}fETTOxW5bFnUH~B1%nc^xJRhNAd`;`
zSwIjhO931d5e>d3&`~G5O$*c`OU}D{K6S27&Cnv18dC!5`K1N4f_#9N-~{>zHZU>o
zha05`>oo(8wRAH~t`=Bo)05SJ4V*^D(vVWTktrBtSF><x=Y|{{i@-`aR0UtvVK^Ju
z@@-I5D6mP(hs4#jjdEpVtV-MrkjHi|33I%(=`f5~am-My<CJ8ig-4iiMymnmq>IdS
zVQxoR2&QXnjED#2K!0dtlsW5d?3A2^S>`Qm=G8&|>i^n1IkH<W{t=u*FC_hA836=-
zGaA=-EK^e}t5b-l*~p`4XIzN|&)hOiwhP{@&9ZV~i=AeF)fMelcVqQVFWkmug*jD^
zAE@*0vOoq?`+`!PYXlKjK*6)*Geb;#O?w)FFWGH`a)74G{%%I>RUv3?_0t=T_#=aa
zadRCh-VAeprNQxPQLp{Fz2G*JWEW@J@m#TW0q-2w>N@j=s11G1;b?w#nmm>)qPCNr
z(eMk(u>L6LzQ*k=uLjVfFS3+qT%&gEM9qD~mVU!ST7Jia%jWZ}yCUzfakugC2dn-2
zGrH1%VT5Ux<f&J{L_N6$*Tj{JJ*}(4T2e=I<U&yc=n?OXe*xO?Re33V#=v0voE^v8
z0`ep~wu~z+N9aP+%Cw&UkYlj>!-YQ5zCBooL5gbpo~x>-_M_fKZ1*BzZ{$?>=YUVS
zmFGOCy{9;*-Jp^E_gr~Is(1GqvjK>(-_u>HPdXBL`m%xv-1cvrsI{vUfn<q~Rhye9
z5N=}~oOSKC?m&v{=?&hBYX0W&m!60MhP5`AoiXRp=$ayOR&kd|Yi*n)JzKPf+pU|V
zX+HOSH^_&e@l3BlV^=Sm?e&+9KCfO?%s7JR1Q}*Va!h<l*b)t}1^R`)L2IugZj$2{
zXHFde1J$jqi&K~FxLud(8ER_=J1+2|cA7qo_1DFAaZcC|4_^;4$QE!VK|_Q*6npX0
zRyh~1{E-psUk6LiwF|UFbWU1UyiFGvwJhhuMTp~Cs@}=Jx-Fq{)x?d6T0Lj(m5dHr
z6IffNbYzb3)lR&Ap0k)ZNlhH(r!?2(28`r29|eS!Y8<~=KMuw1acO-s-Hpb{6!+sf
z*D%Hk3-<WLNw&`F>^;~a<!lGz?huf$pB<6O@kkd!CSIzOcX2XG&03m#ti)e2!OHR^
zF1z(m#-(M%2&aL1sAjS^!k@JOutoG5z2z8UVpMRIIf@n8iLc*V+`YpX<l<dZL$UpS
zjuY#kFg$iP#-()~^2KEg{5(1ryW_F!ZhNJ7IVCLwF#@-lYt&d_qJT=3aXTt(f1Gc9
zpTng$-UWtKgCD#FDByPF6g`rTxp<IT?9W(-xBHWe%~G=MIZcBSm74QtEHfo6X6&}v
z3Ar=1!TBVRR@SqC<KByH&1JoiJ6N%x#xN|xXo;^xXA`J9q^?L}uT7YHffcqWZcEr|
zh#g=LtEgCCr<}n7a9=MWp0!Ou+Qnf^4T5i-G`g<RjDY~qhfOPe4s2vUQwwp60(7Z4
zEmqPk|JwR~kSfTe)LG_Z>1eF|OfbsuYIor(lToZ>Ip%XHI~}-er9+~*|Gjh1e=)T<
z3C>FOSTs4)SOatMrDEK;8usxn8BG2)r0?KdYb9qH)^QzRa+F`i-pCQN#=p?O8c+jy
zX=cz)Zm;N4aF!mK$hj|D)lkzi;OY^xywb+wJGXA{tlI7hoXF>7lz|IhY2<Hw^SSh|
zmgD+lwhVn9&DkHYbL)1r%6#+nmK#`O%Yo^^bD-$79BC<9FE8IBG3Fjgj2+1}qikLe
zw5wCSl6T*YzRYGl*GwPHhlr7HwfoBJVAscdKjjAg1|eAc$RDv>?zV@Ou?_?y-0(^w
z@T@cdyTx{GTLShuMj`H=o2>yc`R)MV7wZdNK4*XzFaf;}6>IlEx5*Ign{2Gs15w5|
z%onfU2?Ji#_BE%B@A&}EzjN0<fTDx^RlNSsGN8ooKl!`;KTFyFQ|`|iOn;Y~c(2U#
zr`*4+B>GReKWi2IF5L8&Wn=tZ?(b!s{;Bh40fFC@4gRu0!hc`q;Gar=;_H8>3IAp8
zME|?e-+3heKMD7r!hZt9f79>(GKu$w{4YGgKT9$E*Z2R5h5t_ve>TEz5cyw5MD~}5
zKd|Kg6!;Sd{hJT|mks_;f&Yf>{8QymzVL5~@LzUA@jt@&d&B)jPx})j{Z9vfvTXnE
z;P4$h`1clL{9hgX!TR{8gFi{Czj>*D*&5CN%fTNgnt#gviSPWoZ09?j<lo2rZ=(GZ
z$@m*n_m|}`{14f`d-=~+{;S!412O&?_Md>f-(bhTjDq?9rvI;0|Ad_VJ?e+|WBT_n
z{|WE-kH+}-QU3|O`g_#D9RD}{e--tgL+p0~)?c>7^-tCR!e{-nJ^$n${pMKxWr5uP
zO5=YWXn%rle&cQaGFzU1CG?M>@NatRpP-e$D>w4}AC&)1XZ@4U@b}Ye4&YxY|Ggvp
z*ID6T^wK}`xBo8OC;Wd9{?CyAh47!*c)!!X|1zNXe`nzRl??vRqy6W#`R_d@Snj|7
c{*MGc1!;))^gj>~?DtpCJC?H9^Y^F!4}YalH2?qr

literal 0
HcmV?d00001