<?xml version="1.0" encoding="UTF-8"?>
<xs:schema id="HealthCertificateRequest"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns="http://schemas.microsoft.com/windows/security/healthcertificate/request/v3"
targetNamespace="http://schemas.microsoft.com/windows/security/healthcertificate/request/v3"
elementFormDefault="qualified">
<xs:element name="HealthCertificateRequest" type="HealthCertificateRequest_T"/>
<xs:complexType name="HealthCertificateRequest_T">
<xs:annotation>
<xs:documentation>
A request for a Health Certificate.
AIKCertificate, RSASigningKey and EKCertificates are mutually exclusive.
Each represents one of the three supported ways of obtaining a Health Certificate
</xs:documentation>
</xs:annotation>
<xs:sequence>
<xs:element name="Claims" type="NonEmptyBase64Binary"/>
<xs:element name="AIKCertificate" type="NonEmptyBase64Binary" minOccurs="0" maxOccurs="1"/>
<xs:element name="AIKPublic" type="NonEmptyBase64Binary" minOccurs="0" maxOccurs="1"/>
<xs:element name="EKCertificates" type="EKCertificates_T" minOccurs="0" maxOccurs="1"/>
</xs:sequence>
<xs:attribute name="ProtocolVersion" use="required">
<xs:simpleType>
<xs:restriction base="xs:int">
<xs:minInclusive value="3"/>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
</xs:complexType>
<xs:complexType name="EKCertificates_T">
<xs:annotation>
<xs:documentation>
A set of EK certificates (leaf and intermediates) as retrieved from the client TPM.
</xs:documentation>
</xs:annotation>
<xs:sequence>
<xs:element name="EKCertificate" type="NonEmptyBase64Binary" minOccurs="1" maxOccurs="1"/>
<xs:element name="EKIntermediateCA" type="NonEmptyBase64Binary" minOccurs="0" maxOccurs="10"/>
</xs:sequence>
<xs:attribute name="KAClaim" use="required">
<xs:simpleType>
<xs:restriction base="NonEmptyBase64Binary"/>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="AIKPublic" use="required">
<xs:simpleType>
<xs:restriction base="NonEmptyBase64Binary"/>
</xs:simpleType>
</xs:attribute>
</xs:complexType>
<xs:simpleType name="NonEmptyBase64Binary">
<xs:restriction base="xs:base64Binary">
<xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>
</xs:schema>