1 <?xml version="1.0" encoding="UTF-8"?>
2 <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://www.w3.org/2000/09/xmldsig#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
4 Relax NG Grammar for XML Signature
5 Namespace: http://www.w3.org/2000/09/xmldsig#
6 $Revision: 1.7 $ on $Date: 2008/07/16 18:04:37 $ by $Author: roessler $
8 Copyright 2001 The Internet Society and W3C (Massachusetts Institute
9 of Technology, Institut National de Recherche en Informatique et en
10 Automatique, Keio University). All Rights Reserved.
11 http://www.w3.org/Consortium/Legal/
13 This document is governed by the W3C Software License [1] as described
16 [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
17 [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
19 Constructed by hand from xmldsig-core-schema.xsd by
20 Norman.Walsh@marklogic.com on 5 May 2008.
24 You must not use the RELAX NG DTD Compatibility features with thi
25 grammar. DTD Compatibility features, ID type attributes, and
26 wildcard attributes are mutually exclusive.
28 The definition for the Signature element includes a SignatureType
29 pattern. The rest of the patterns are "inline". This is a matter of
30 style. I constructed only one "type" pattern as an example of the
31 style, not because it's significant in the Signature pattern.
33 <!-- Start Signature -->
34 <xs:complexType name="SignatureType">
36 <xs:element ref="ds:SignedInfo"/>
37 <xs:element ref="ds:SignatureValue"/>
38 <xs:element minOccurs="0" ref="ds:KeyInfo"/>
39 <xs:element maxOccurs="unbounded" ref="ds:Object"/>
41 <xs:attribute name="Id" type="xs:ID"/>
43 <xs:element name="Signature" type="ds:SignatureType"/>
44 <xs:element name="SignatureValue">
47 <xs:extension base="xs:base64Binary">
48 <xs:attribute name="Id" type="xs:ID"/>
53 <!-- Start SignedInfo -->
54 <xs:element name="SignedInfo">
57 <xs:element ref="ds:CanonicalizationMethod"/>
58 <xs:element ref="ds:SignatureMethod"/>
59 <xs:element maxOccurs="unbounded" ref="ds:Reference"/>
61 <xs:attribute name="Id" type="xs:ID"/>
64 <xs:element name="CanonicalizationMethod">
65 <xs:complexType mixed="true">
66 <xs:group minOccurs="0" maxOccurs="unbounded" ref="ds:anyElement"/>
67 <xs:attribute name="Algorithm" use="required" type="xs:anyURI"/>
70 <xs:element name="SignatureMethod">
71 <xs:complexType mixed="true">
72 <xs:choice minOccurs="0" maxOccurs="unbounded">
73 <xs:element ref="ds:HMACOutputLength"/>
74 <xs:group ref="ds:anyOtherElement"/>
76 <xs:attribute name="Algorithm" use="required" type="xs:anyURI"/>
79 <!-- Start Reference -->
80 <xs:element name="Reference">
83 <xs:element minOccurs="0" ref="ds:Transforms"/>
84 <xs:element ref="ds:DigestMethod"/>
85 <xs:element ref="ds:DigestValue"/>
87 <xs:attribute name="Id" type="xs:ID"/>
88 <xs:attribute name="URI" type="xs:anyURI"/>
89 <xs:attribute name="Type" type="xs:anyURI"/>
92 <xs:element name="Transforms">
95 <xs:element maxOccurs="unbounded" ref="ds:Transform"/>
99 <xs:element name="Transform">
101 <xs:choice minOccurs="0" maxOccurs="unbounded">
102 <xs:group ref="ds:anyOtherElement"/>
103 <xs:element ref="ds:XPath"/>
105 <xs:attribute name="Algorithm" use="required" type="xs:anyURI"/>
108 <xs:element name="XPath" type="xs:string"/>
109 <!-- End Reference -->
110 <xs:element name="DigestMethod">
112 <xs:group minOccurs="0" maxOccurs="unbounded" ref="ds:anyOtherElement"/>
113 <xs:attribute name="Algorithm" use="required" type="xs:anyURI"/>
116 <xs:element name="DigestValue" type="ds:DigestValueType"/>
117 <xs:simpleType name="DigestValueType">
118 <xs:restriction base="xs:base64Binary"/>
120 <!-- End SignedInfo -->
121 <!-- Start KeyInfo -->
122 <xs:element name="KeyInfo">
123 <xs:complexType mixed="true">
124 <xs:choice minOccurs="0" maxOccurs="unbounded">
125 <xs:element ref="ds:KeyName"/>
126 <xs:element ref="ds:KeyValue"/>
127 <xs:element ref="ds:RetrievalMethod"/>
128 <xs:element ref="ds:X509Data"/>
129 <xs:element ref="ds:PGPData"/>
130 <xs:element ref="ds:SPKIData"/>
131 <xs:element ref="ds:MgmtData"/>
132 <xs:group ref="ds:anyOtherElement"/>
134 <xs:attribute name="Id" type="xs:ID"/>
137 <xs:element name="KeyName" type="xs:string"/>
138 <xs:element name="MgmtData" type="xs:string"/>
139 <xs:element name="KeyValue">
140 <xs:complexType mixed="true">
141 <xs:choice minOccurs="0" maxOccurs="unbounded">
142 <xs:element ref="ds:DSAKeyValue"/>
143 <xs:element ref="ds:RSAKeyValue"/>
144 <xs:group ref="ds:anyOtherElement"/>
148 <xs:element name="RetrievalMethod">
151 <xs:element minOccurs="0" ref="ds:Transforms"/>
153 <xs:attribute name="URI" use="required" type="xs:anyURI"/>
154 <xs:attribute name="Type" type="xs:anyURI"/>
157 <!-- Start X509Data -->
158 <xs:element name="X509Data">
160 <xs:choice minOccurs="0" maxOccurs="unbounded">
161 <xs:element ref="ds:X509IssuerSerial"/>
162 <xs:element ref="ds:X509SKI"/>
163 <xs:element ref="ds:X509SubjectName"/>
164 <xs:element ref="ds:X509Certificate"/>
165 <xs:element ref="ds:X509CRL"/>
166 <xs:group ref="ds:anyOtherElement"/>
170 <xs:element name="X509IssuerSerial">
173 <xs:element ref="ds:X509IssuerName"/>
174 <xs:element ref="ds:X509SerialNumber"/>
178 <xs:element name="X509IssuerName" type="xs:string"/>
179 <xs:element name="X509SerialNumber" type="xs:integer"/>
180 <xs:element name="X509SKI" type="xs:base64Binary"/>
181 <xs:element name="X509SubjectName" type="xs:string"/>
182 <xs:element name="X509Certificate" type="xs:base64Binary"/>
183 <xs:element name="X509CRL" type="xs:base64Binary"/>
184 <!-- End X509Data -->
185 <!-- Begin PGPData -->
186 <xs:element name="PGPData">
190 <xs:element ref="ds:PGPKeyID"/>
191 <xs:element minOccurs="0" ref="ds:PGPKeyPacket"/>
192 <xs:group minOccurs="0" maxOccurs="unbounded" ref="ds:anyOtherElement"/>
195 <xs:element ref="ds:PGPKeyPacket"/>
196 <xs:group minOccurs="0" maxOccurs="unbounded" ref="ds:anyOtherElement"/>
201 <xs:element name="PGPKeyID" type="xs:base64Binary"/>
202 <xs:element name="PGPKeyPacket" type="xs:base64Binary"/>
204 <!-- Begin SPKIData -->
205 <xs:element name="SPKIData">
207 <xs:sequence maxOccurs="unbounded">
208 <xs:element ref="ds:SPKISexp"/>
209 <xs:group minOccurs="0" maxOccurs="unbounded" ref="ds:anyOtherElement"/>
213 <xs:element name="SPKISexp" type="xs:base64Binary"/>
214 <!-- End SPKIData -->
216 <!-- Start Object (Manifest, SignatureProperty) -->
217 <xs:element name="Object">
218 <xs:complexType mixed="true">
220 <xs:element ref="ds:SignatureProperties"/>
221 <xs:group minOccurs="0" maxOccurs="unbounded" ref="ds:anyElement"/>
223 <xs:attribute name="Id" type="xs:ID"/>
224 <xs:attribute name="MimeType" type="xs:string"/>
225 <xs:attribute name="Encoding" type="xs:anyURI"/>
228 <xs:element name="Manifest">
231 <xs:element maxOccurs="unbounded" ref="ds:Reference"/>
233 <xs:attribute name="Id" type="xs:ID"/>
236 <xs:element name="SignatureProperties">
239 <xs:element maxOccurs="unbounded" ref="ds:SignatureProperty"/>
241 <xs:attribute name="Id" type="xs:ID"/>
244 <xs:element name="SignatureProperty">
246 <xs:group maxOccurs="unbounded" ref="ds:anyOtherElement"/>
247 <xs:attribute name="Id" type="xs:ID"/>
248 <xs:attribute name="Target" use="required" type="xs:anyURI"/>
251 <!-- End Object (Manifest, SignatureProperty) -->
252 <!-- Start Algorithm Parameters -->
253 <xs:element name="HMACOutputLength" type="xs:integer"/>
254 <!-- Start KeyValue Element-types -->
255 <xs:element name="DSAKeyValue">
258 <xs:sequence minOccurs="0">
259 <xs:element ref="ds:P"/>
260 <xs:element ref="ds:Q"/>
262 <xs:element minOccurs="0" ref="ds:G"/>
263 <xs:element ref="ds:Y"/>
264 <xs:element minOccurs="0" ref="ds:J"/>
265 <xs:sequence minOccurs="0">
266 <xs:element ref="ds:Seed"/>
267 <xs:element ref="ds:PgenCounter"/>
272 <xs:element name="P" type="ds:CryptoBinary"/>
273 <xs:element name="Q" type="ds:CryptoBinary"/>
274 <xs:element name="G" type="ds:CryptoBinary"/>
275 <xs:element name="Y" type="ds:CryptoBinary"/>
276 <xs:element name="J" type="ds:CryptoBinary"/>
277 <xs:element name="Seed" type="ds:CryptoBinary"/>
278 <xs:element name="PgenCounter" type="ds:CryptoBinary"/>
279 <xs:simpleType name="CryptoBinary">
280 <xs:restriction base="xs:base64Binary"/>
282 <xs:element name="RSAKeyValue">
285 <xs:element ref="ds:Modulus"/>
286 <xs:element ref="ds:Exponent"/>
290 <xs:element name="Modulus" type="ds:CryptoBinary"/>
291 <xs:element name="Exponent" type="ds:CryptoBinary"/>
292 <!-- End KeyValue Element-types -->
293 <!-- End Signature -->
294 <!-- Definitions for the *any* wild card and the *any other* wildcard -->
295 <xs:attributeGroup name="anyAttribute">
296 <xs:anyAttribute processContents="skip"/>
298 <xs:group name="anyElement">
300 <xs:any processContents="skip"/>
303 <xs:group name="anyOtherElement">
305 <xs:any namespace="##other" processContents="skip"/>
306 <xs:any namespace="##local" processContents="skip"/>