CarrierControlSignatureSchema schema
The CarrierControlSignatureSchema schema defines elements that are used to describe the signature appended to the provisioning file. It is based on the XML DSIG specification with only minor deviations that are explicitly described below. All of the elements are in the namespace http://www.w3.org/2000/09/xmldsig#. Not all elements are in every profile, as some elements are optional.
The following table lists all of the elements in this schema, sorted alphabetically by name.
| Element | Description |
|---|---|
| CanonicalizationMethod | Defines the canonicalization method applied to SignedInfo as specified in XML DSIG. Must be of type Canonical XML. |
| DSAKeyValue | Defines a Digital Signature Algorithm (DSA) public key as specified in XML DSIG . |
| DigestMethod | Defines the algorithm used to generate DigestValue as specified in XML DSIG. |
| DigestValue | Defines the digest value as specified in XML DSIG . The algorithm used to generate DigestValue is defined in DigestMethod. |
| Exponent | Defines the RSA public key exponent as specified in XML DSIG . |
| G | Defines an integer with certain properties with respect to P and Q as specified in XML DSIG. |
| HMACOutputLength | Defines the length, in bits, of the SignatureValue element as specified in XML DSIG. |
| J | |
| KeyInfo | Defines all key information used to validate the signature as specified in XML DSIG . |
| KeyValue | Defines a single public key as specified in XML DSIG . |
| Modulus | Defines the RSA public key modulus as specified in XML DSIG . |
| P | Defines a prime modulus meeting the DSAwithSHA1 requirements as specified in XML DSIG. |
| PgenCounter | Defines a Digital Signature Algorithm (DSA) prime generation counter as specified in XML DSIG . |
| Q | Defines an integer in the range 2**159 < Q < 2**160 which is a prime divisor of P-1 as specified in XML DSIG. |
| RSAKeyValue | Defines a RSA public key as specified in XML DSIG . |
| Reference | Defines a digest value, digest method, and transforms as specified in XML DSIG . |
| Seed | Defines a Digital Signature Algorithm (DSA) prime generation seed as specified in XML DSIG . |
| Signature | Defines the root element of an XML DSIG compliant signature. Signature is the unique root element for a provisioning file signature. |
| SignatureMethod | Defines the algorithm used to generate the signature thumbprint in SignatureValue as specified in XML DSIG. |
| SignatureValue | Defines the signature thumbprint as specified in XML DSIG . The algorithm used to generate SignatureValue is defined in SignatureMethod. |
| SignedInfo | Defines all signed content within the signature as specified in XML DSIG . |
| Transform | Defines a transform applied to the digested data object prior to DigestMethod as specified in XML DSIG. |
| Transforms | Defines a an ordered list of transforms applied to the digested data object as specified in XML DSIG . |
| X509Certificate | Defines an X.509 compliant signature as defined in XML DSIG . |
| X509Data | Defines one or more X.509 compliant signatures as defined in XML DSIG . |
| Y | Defines G **X mod P (where X is part of the private key and not made public) as specified in XML DSIG. |
The full CarrierControlSignatureSchema schema is below:
<?xml version="1.0" encoding="utf-8"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
targetNamespace="http://www.w3.org/2000/09/xmldsig#"
version="0.1" elementFormDefault="qualified">
<simpleType name="CryptoBinary">
<restriction base="base64Binary">
</restriction>
</simpleType>
<element name="Signature" type="ds:SignatureType"/>
<complexType name="SignatureType">
<sequence>
<element ref="ds:SignedInfo"/>
<element ref="ds:SignatureValue"/>
<element ref="ds:KeyInfo" minOccurs="0"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<element name="SignatureValue" type="ds:SignatureValueType"/>
<complexType name="SignatureValueType">
<simpleContent>
<extension base="base64Binary">
<attribute name="Id" type="ID" use="optional"/>
</extension>
</simpleContent>
</complexType>
<element name="SignedInfo" type="ds:SignedInfoType"/>
<complexType name="SignedInfoType">
<sequence>
<element ref="ds:CanonicalizationMethod"/>
<element ref="ds:SignatureMethod"/>
<element ref="ds:Reference"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>
<complexType name="CanonicalizationMethodType" mixed="true">
<attribute name="Algorithm" use="required">
<simpleType>
<restriction base="anyURI">
<enumeration value="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<enumeration value="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
<enumeration value="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<enumeration value="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
</restriction>
</simpleType>
</attribute>
</complexType>
<element name="SignatureMethod" type="ds:SignatureMethodType"/>
<complexType name="SignatureMethodType" mixed="true">
<sequence>
<element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
<any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="Algorithm" type="anyURI" use="required"/>
</complexType>
<element name="Reference" type="ds:ReferenceType"/>
<complexType name="ReferenceType">
<sequence>
<element ref="ds:Transforms"/>
<element ref="ds:DigestMethod"/>
<element ref="ds:DigestValue"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
<attribute name="URI">
<simpleType>
<restriction base="anyURI">
<maxLength value="0"/>
</restriction>
</simpleType>
</attribute>
</complexType>
<element name="Transforms" type="ds:TransformsType"/>
<complexType name="TransformsType">
<sequence>
<element ref="ds:Transform" maxOccurs="1"/>
</sequence>
</complexType>
<element name="Transform" type="ds:TransformType"/>
<complexType name="TransformType" mixed="true">
<attribute name="Algorithm" use="required">
<simpleType>
<restriction base="anyURI">
<enumeration value="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</restriction>
</simpleType>
</attribute>
</complexType>
<element name="DigestMethod" type="ds:DigestMethodType"/>
<complexType name="DigestMethodType" mixed="true">
<sequence>
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="Algorithm" type="anyURI" use="required"/>
</complexType>
<element name="DigestValue" type="ds:DigestValueType"/>
<simpleType name="DigestValueType">
<restriction base="base64Binary"/>
</simpleType>
<element name="KeyInfo" type="ds:KeyInfoType"/>
<complexType name="KeyInfoType" mixed="true">
<choice maxOccurs="unbounded">
<element ref="ds:KeyValue"/>
<element ref="ds:X509Data"/>
<any processContents="lax" namespace="##other"/>
</choice>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<element name="KeyValue" type="ds:KeyValueType"/>
<complexType name="KeyValueType" mixed="true">
<choice>
<element ref="ds:DSAKeyValue"/>
<element ref="ds:RSAKeyValue"/>
<any namespace="##other" processContents="lax"/>
</choice>
</complexType>
<element name="X509Data" type="ds:X509DataType"/>
<complexType name="X509DataType">
<sequence maxOccurs="unbounded">
<choice>
<element name="X509Certificate" type="base64Binary"/>
</choice>
</sequence>
</complexType>
<simpleType name="HMACOutputLengthType">
<restriction base="integer"/>
</simpleType>
<element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
<complexType name="DSAKeyValueType">
<sequence>
<sequence minOccurs="0">
<element name="P" type="ds:CryptoBinary"/>
<element name="Q" type="ds:CryptoBinary"/>
</sequence>
<element name="G" type="ds:CryptoBinary" minOccurs="0"/>
<element name="Y" type="ds:CryptoBinary"/>
<element name="J" type="ds:CryptoBinary" minOccurs="0"/>
<sequence minOccurs="0">
<element name="Seed" type="ds:CryptoBinary"/>
<element name="PgenCounter" type="ds:CryptoBinary"/>
</sequence>
</sequence>
</complexType>
<element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
<complexType name="RSAKeyValueType">
<sequence>
<element name="Modulus" type="ds:CryptoBinary"/>
<element name="Exponent" type="ds:CryptoBinary"/>
</sequence>
</complexType>
</schema>
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for