-
Notifications
You must be signed in to change notification settings - Fork 0
/
XDP.xsd
executable file
·179 lines (170 loc) · 7.72 KB
/
XDP.xsd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
<?xml version="1.0" encoding="utf-8"?>
<xs:schema targetNamespace="urn:com.XDP.XDPData"
elementFormDefault="qualified"
xmlns="urn:com.XDP.XDPData"
xmlns:xdp="urn:com.XDP.XDPData"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
>
<xs:element name="XDPInternalCommonHeader">
<xs:annotation>
<xs:documentation>The common header contains all cryptographic algorithm information and the signature of the data.</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="XDPEncryptionAlgorithm" type="xs:string">
<xs:annotation>
<xs:documentation>The symmetric encryption algorithm used to encrypt data</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="XDPEncryptionMode" type="xs:string">
<xs:annotation>
<xs:documentation>The mode of the symmetric encryption algorithm</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="XDPEncryptionIV" type="xs:hexBinary">
<xs:annotation>
<xs:documentation>The initialization vector of the symmetric encryption algorithm</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="XDPSignatureAlgorithm" type="xs:string">
<xs:annotation>
<xs:documentation>The symmetric signature algorithm used to sign data</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="XDPDataSignature" type="xs:hexBinary">
<xs:annotation>
<xs:documentation>The symmetric signature calculated from the unencrypted data using the XDPSignatureKey</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="XDPAuthorizedIdentities">
<xs:annotation>
<xs:documentation>The identities (users or groups) authorized to dercypt the data</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="Identity" type="xs:string" minOccurs="0" maxOccurs="unbounded">
<xs:annotation>
<xs:documentation>The Security Identifier (SID) of the account </xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="XDPEncryptedKeys" type="xs:hexBinary">
<xs:annotation>
<xs:documentation>A DPAPI encrypted XDPKeys element</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="XDPInternalMachineHeader">
<xs:annotation>
<xs:documentation>Stores the authorized machine identities that can decrypt the data and DPAPI encrypted data containing the encryption and signature keys</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="Hostname" type="xs:string">
<xs:annotation>
<xs:documentation>The hostname of the machine</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element ref="xdp:XDPAuthorizedIdentities">
<xs:annotation>
<xs:documentation>All identities are relative to the machine with host name equal to the Hostname element</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element ref="xdp:XDPEncryptedKeys">
<xs:annotation>
<xs:documentation>All DPAPI encrypted data is relative to the machine with host name equal to the Hostname element</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="XDPInternalDomainHeader">
<xs:annotation>
<xs:documentation>Stores the authorized Domain identities that can decrypt the data and DPAPI encrypted data containing the encryption and signature keys</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="XDPDomainServer" type="xs:string">
<xs:annotation>
<xs:documentation>The hostname of the machine running the XDP Domain Service</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element ref="xdp:XDPAuthorizedIdentities">
<xs:annotation>
<xs:documentation>All identities are relative to the domain of the machine identified in the XDPDomainServer element</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element ref="xdp:XDPEncryptedKeys">
<xs:annotation>
<xs:documentation>All DPAPI encrypted data is relative to the account running the XDP Domain Service on the machine identified in the XDPDomainServer element</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="XDPInternalHeaderMachineSignature">
<xs:annotation>
<xs:documentation>A symmetric signature of the XDPInternalCommonHeader and a XDPInternalMachineHeader element using the XDPSignatureKey</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="Hostname" type="xs:string">
<xs:annotation>
<xs:documentation>The hostname of the machine that created this signature</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="Value" type="xs:hexBinary">
<xs:annotation>
<xs:documentation>The signature value</xs:documentation>
</xs:annotation>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="XDPInternalHeaderDomainSignature" type="xs:hexBinary">
<xs:annotation>
<xs:documentation>A symmetric signature of the XDPInternalCommonHeader and XDPInternalDomainHeader elements using the XDPSignatureKey</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="XDPHeader">
<xs:annotation>
<xs:documentation>
The header stored with XDP protected data that contains the authorized identities able recover the cryptographic keys used to decrypt and verify the integrity of the
protected data
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="XDPVersion" type="xs:unsignedShort">
<xs:annotation>
<xs:documentation>The 2-byte version number of the XDPInternalHeader</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="XDPInternalHeader">
<xs:complexType>
<xs:sequence>
<xs:element ref="xdp:XDPInternalCommonHeader" />
<xs:element ref="xdp:XDPInternalMachineHeader" minOccurs="0" maxOccurs="unbounded" />
<xs:element ref="xdp:XDPInternalDomainHeader" minOccurs="0" />
<xs:element name="XDPInternalHeaderSignatures">
<xs:annotation>
<xs:documentation>The symmetric signatures of the XDPInternalMachineHeader elements and the XDPInternalDomainHeader element</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="xdp:XDPInternalHeaderMachineSignature" minOccurs="0" maxOccurs="unbounded" />
<xs:element ref="xdp:XDPInternalHeaderDomainSignature" minOccurs="0" />
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:schema>