CarrierControlSignatureSchema schema

The CarrierControlSignatureSchema schema defines elements that are used to describe the signature appended to the provisioning file. It is based on the XML DSIG specification with only minor deviations that are explicitly described below. All of the elements are in the namespace http://www.w3.org/2000/09/xmldsig#. Not all elements are in every profile, as some elements are optional.

The following table lists all of the elements in this schema, sorted alphabetically by name.

Element Description
CanonicalizationMethod

Defines the canonicalization method applied to SignedInfo as specified in XML DSIG. Must be of type Canonical XML.

DSAKeyValue

Defines a Digital Signature Algorithm (DSA) public key as specified in XML DSIG.

DigestMethod

Defines the algorithm used to generate DigestValue as specified in XML DSIG.

DigestValue

Defines the digest value as specified in XML DSIG. The algorithm used to generate DigestValue is defined in DigestMethod.

Exponent

Defines the RSA public key exponent as specified in XML DSIG.

G

Defines an integer with certain properties with respect to P and Q as specified in XML DSIG.

HMACOutputLength

Defines the length, in bits, of the SignatureValue element as specified in XML DSIG.

J

Defines (P - 1) / Q as specified in XML DSIG.

KeyInfo

Defines all key information used to validate the signature as specified in XML DSIG.

KeyValue

Defines a single public key as specified in XML DSIG.

Modulus

Defines the RSA public key modulus as specified in XML DSIG.

P

Defines a prime modulus meeting the DSAwithSHA1 requirements as specified in XML DSIG.

PgenCounter

Defines a Digital Signature Algorithm (DSA) prime generation counter as specified in XML DSIG.

Q

Defines an integer in the range 2159 < Q < 2160 which is a prime divisor of P-1 as specified in XML DSIG.

RSAKeyValue

Defines a RSA public key as specified in XML DSIG.

Reference

Defines a digest value, digest method, and transforms as specified in XML DSIG.

Seed

Defines a Digital Signature Algorithm (DSA) prime generation seed as specified in XML DSIG.

Signature

Defines the root element of an XML DSIG compliant signature. Signature is the unique root element for a provisioning file signature.

SignatureMethod

Defines the algorithm used to generate the signature thumbprint in SignatureValue as specified in XML DSIG.

SignatureValue

Defines the signature thumbprint as specified in XML DSIG. The algorithm used to generate SignatureValue is defined in SignatureMethod.

SignedInfo

Defines all signed content within the signature as specified in XML DSIG.

Transform

Defines a transform applied to the digested data object prior to DigestMethod as specified in XML DSIG.

Transforms

Defines a an ordered list of transforms applied to the digested data object as specified in XML DSIG.

X509Certificate

Defines an X.509 compliant signature as defined in XML DSIG.

X509Data

Defines one or more X.509 compliant signatures as defined in XML DSIG.

Y

Defines G**X mod P (where X is part of the private key and not made public) as specified in XML DSIG.

The full CarrierControlSignatureSchema schema is below:

<?xml version="1.0" encoding="utf-8"?>  

<schema xmlns="http://www.w3.org/2001/XMLSchema"  
        xmlns:ds="http://www.w3.org/2000/09/xmldsig#"  
        targetNamespace="http://www.w3.org/2000/09/xmldsig#"  
        version="0.1" elementFormDefault="qualified">

<simpleType name="CryptoBinary">  
  <restriction base="base64Binary">  
  </restriction>  
</simpleType> 

<element name="Signature" type="ds:SignatureType"/>  
<complexType name="SignatureType">  
  <sequence>   
    <element ref="ds:SignedInfo"/>   
    <element ref="ds:SignatureValue"/>   
    <element ref="ds:KeyInfo" minOccurs="0"/>   
  </sequence>    
  <attribute name="Id" type="ID" use="optional"/>  
</complexType>  

  <element name="SignatureValue" type="ds:SignatureValueType"/>   
  <complexType name="SignatureValueType">  
    <simpleContent>  
      <extension base="base64Binary">  
        <attribute name="Id" type="ID" use="optional"/>  
      </extension>  
    </simpleContent>  
  </complexType>  

<element name="SignedInfo" type="ds:SignedInfoType"/>  
<complexType name="SignedInfoType">  
  <sequence>   
    <element ref="ds:CanonicalizationMethod"/>   
    <element ref="ds:SignatureMethod"/>   
    <element ref="ds:Reference"/>   
  </sequence>    
  <attribute name="Id" type="ID" use="optional"/>   
</complexType>  

  <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>   
  <complexType name="CanonicalizationMethodType" mixed="true">  
    <attribute name="Algorithm" use="required">   
      <simpleType>  
        <restriction base="anyURI">  
          <enumeration value="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>  
          <enumeration value="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>  
          <enumeration value="http://www.w3.org/2001/10/xml-exc-c14n#"/>  
          <enumeration value="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>  
        </restriction>  
      </simpleType>  
    </attribute>  
  </complexType>  

  <element name="SignatureMethod" type="ds:SignatureMethodType"/>  
  <complexType name="SignatureMethodType" mixed="true">  
    <sequence>  
      <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>  
      <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>   
    </sequence>  
    <attribute name="Algorithm" type="anyURI" use="required"/>   
  </complexType>  

<element name="Reference" type="ds:ReferenceType"/>  
<complexType name="ReferenceType">  
  <sequence>   
    <element ref="ds:Transforms"/>   
    <element ref="ds:DigestMethod"/>   
    <element ref="ds:DigestValue"/>   
  </sequence>  
  <attribute name="Id" type="ID" use="optional"/>    
  <attribute name="URI">  
    <simpleType>  
      <restriction base="anyURI">  
        <maxLength value="0"/>  
      </restriction>        
    </simpleType>  
  </attribute>  
</complexType>  

  <element name="Transforms" type="ds:TransformsType"/>  
  <complexType name="TransformsType">  
    <sequence>  
      <element ref="ds:Transform" maxOccurs="1"/>    
    </sequence>  
  </complexType>  

  <element name="Transform" type="ds:TransformType"/>  
  <complexType name="TransformType" mixed="true">  
    <attribute name="Algorithm" use="required">   
      <simpleType>  
        <restriction base="anyURI">  
          <enumeration value="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>  
        </restriction>  
      </simpleType>  
    </attribute>  
  </complexType>  

<element name="DigestMethod" type="ds:DigestMethodType"/>  
<complexType name="DigestMethodType" mixed="true">   
  <sequence>  
    <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>  
  </sequence>      
  <attribute name="Algorithm" type="anyURI" use="required"/>   
</complexType>  

<element name="DigestValue" type="ds:DigestValueType"/>  
<simpleType name="DigestValueType">  
  <restriction base="base64Binary"/>  
</simpleType>  

<element name="KeyInfo" type="ds:KeyInfoType"/>   
<complexType name="KeyInfoType" mixed="true">  
  <choice maxOccurs="unbounded">       
    <element ref="ds:KeyValue"/>   
    <element ref="ds:X509Data"/>   
    <any processContents="lax" namespace="##other"/> 
  </choice>  
  <attribute name="Id" type="ID" use="optional"/>   
</complexType>  


  <element name="KeyValue" type="ds:KeyValueType"/>   
  <complexType name="KeyValueType" mixed="true">  
   <choice>  
     <element ref="ds:DSAKeyValue"/>  
     <element ref="ds:RSAKeyValue"/>  
     <any namespace="##other" processContents="lax"/>  
   </choice>  
  </complexType>  

<element name="X509Data" type="ds:X509DataType"/>   
<complexType name="X509DataType">  
  <sequence maxOccurs="unbounded">  
    <choice>  
      <element name="X509Certificate" type="base64Binary"/>  
    </choice>  
  </sequence>  
</complexType>  

<simpleType name="HMACOutputLengthType">  
  <restriction base="integer"/>  
</simpleType>  

<element name="DSAKeyValue" type="ds:DSAKeyValueType"/>  
<complexType name="DSAKeyValueType">  
  <sequence>  
    <sequence minOccurs="0">  
      <element name="P" type="ds:CryptoBinary"/>  
      <element name="Q" type="ds:CryptoBinary"/>  
    </sequence>  
    <element name="G" type="ds:CryptoBinary" minOccurs="0"/>  
    <element name="Y" type="ds:CryptoBinary"/>  
    <element name="J" type="ds:CryptoBinary" minOccurs="0"/>  
    <sequence minOccurs="0">  
      <element name="Seed" type="ds:CryptoBinary"/>  
      <element name="PgenCounter" type="ds:CryptoBinary"/>  
    </sequence>  
  </sequence>  
</complexType>  

<element name="RSAKeyValue" type="ds:RSAKeyValueType"/>  
<complexType name="RSAKeyValueType">  
  <sequence>  
    <element name="Modulus" type="ds:CryptoBinary"/>   
    <element name="Exponent" type="ds:CryptoBinary"/>   
  </sequence>  
</complexType>   
</schema>