# DTD for XML Signatures # http://www.w3.org/2000/09/xmldsig# # Joseph Reagle $last changed 20001215$ # # http://www.w3.org/2000/09/xmldsig# # $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $ # # Copyright 2001 The Internet Society and W3C (Massachusetts Institute # of Technology, Institut National de Recherche en Informatique et en # Automatique, Keio University). All Rights Reserved. # http://www.w3.org/Consortium/Legal/ # # This document is governed by the W3C Software License [1] as described # in the FAQ [2]. # # [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720 # [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD # # The following entity declarations enable external/flexible content in # the Signature content model. # # #PCDATA emulates schema string; when combined with element types it # emulates schema's mixed content type. # # %foo.ANY permits the user to include their own element types from # other namespaces, for example: # # ... # # default namespace = "http://www.w3.org/2000/09/xmldsig#" Object.ANY = notAllowed Method.ANY = notAllowed Transform.ANY = notAllowed SignatureProperty.ANY = notAllowed KeyInfo.ANY = notAllowed KeyValue.ANY = notAllowed PGPData.ANY = notAllowed X509Data.ANY = notAllowed SPKIData.ANY = notAllowed # Start Core Signature declarations, these should NOT be altered Signature = element Signature { Signature.attlist, SignedInfo, SignatureValue, KeyInfo?, Object* } Signature.attlist &= attribute Id { xsd:ID }? SignatureValue = element SignatureValue { SignatureValue.attlist, text } SignatureValue.attlist &= attribute Id { xsd:ID }? SignedInfo = element SignedInfo { SignedInfo.attlist, CanonicalizationMethod, SignatureMethod, Reference+ } SignedInfo.attlist &= attribute Id { xsd:ID }? CanonicalizationMethod = element CanonicalizationMethod { CanonicalizationMethod.attlist, (text | Method.ANY)* } CanonicalizationMethod.attlist &= attribute Algorithm { text } SignatureMethod = element SignatureMethod { SignatureMethod.attlist, (text | HMACOutputLength | Method.ANY)* } SignatureMethod.attlist &= attribute Algorithm { text } Reference = element Reference { Reference.attlist, Transforms?, DigestMethod, DigestValue } Reference.attlist &= attribute Id { xsd:ID }?, attribute URI { text }?, attribute Type { text }? Transforms = element Transforms { Transforms.attlist, Transform+ } Transforms.attlist &= empty Transform = element Transform { Transform.attlist, (text | XPath | Transform.ANY)* } Transform.attlist &= attribute Algorithm { text } XPath = element XPath { XPath.attlist, text } XPath.attlist &= empty DigestMethod = element DigestMethod { DigestMethod.attlist, (text | Method.ANY)* } DigestMethod.attlist &= attribute Algorithm { text } DigestValue = element DigestValue { DigestValue.attlist, text } DigestValue.attlist &= empty KeyInfo = element KeyInfo { KeyInfo.attlist, (text | KeyName | KeyValue | RetrievalMethod | X509Data | PGPData | SPKIData | MgmtData | KeyInfo.ANY)* } KeyInfo.attlist &= attribute Id { xsd:ID }? # Key Information KeyName = element KeyName { KeyName.attlist, text } KeyName.attlist &= empty KeyValue = element KeyValue { KeyValue.attlist, (text | DSAKeyValue | RSAKeyValue | KeyValue.ANY)* } KeyValue.attlist &= empty MgmtData = element MgmtData { MgmtData.attlist, text } MgmtData.attlist &= empty RetrievalMethod = element RetrievalMethod { RetrievalMethod.attlist, Transforms? } RetrievalMethod.attlist &= attribute URI { text }, attribute Type { text }? # X.509 Data X509Data = element X509Data { X509Data.attlist, ((X509IssuerSerial | X509SKI | X509SubjectName | X509Certificate | X509CRL)+ | X509Data.ANY) } X509Data.attlist &= empty X509IssuerSerial = element X509IssuerSerial { X509IssuerSerial.attlist, X509IssuerName, X509SerialNumber } X509IssuerSerial.attlist &= empty X509IssuerName = element X509IssuerName { X509IssuerName.attlist, text } X509IssuerName.attlist &= empty X509SubjectName = element X509SubjectName { X509SubjectName.attlist, text } X509SubjectName.attlist &= empty X509SerialNumber = element X509SerialNumber { X509SerialNumber.attlist, text } X509SerialNumber.attlist &= empty X509SKI = element X509SKI { X509SKI.attlist, text } X509SKI.attlist &= empty X509Certificate = element X509Certificate { X509Certificate.attlist, text } X509Certificate.attlist &= empty X509CRL = element X509CRL { X509CRL.attlist, text } X509CRL.attlist &= empty # PGPData PGPData = element PGPData { PGPData.attlist, ((PGPKeyID, PGPKeyPacket?) | PGPKeyPacket | PGPData.ANY) } PGPData.attlist &= empty PGPKeyPacket = element PGPKeyPacket { PGPKeyPacket.attlist, text } PGPKeyPacket.attlist &= empty PGPKeyID = element PGPKeyID { PGPKeyID.attlist, text } PGPKeyID.attlist &= empty # SPKI Data SPKIData = element SPKIData { SPKIData.attlist, (SPKISexp | SPKIData.ANY) } SPKIData.attlist &= empty SPKISexp = element SPKISexp { SPKISexp.attlist, text } SPKISexp.attlist &= empty # Extensible Content Object = element Object { Object.attlist, (text | Signature | SignatureProperties | Manifest | Object.ANY)* } Object.attlist &= attribute Id { xsd:ID }?, attribute MimeType { text }?, attribute Encoding { text }? Manifest = element Manifest { Manifest.attlist, Reference+ } Manifest.attlist &= attribute Id { xsd:ID }? SignatureProperties = element SignatureProperties { SignatureProperties.attlist, SignatureProperty+ } SignatureProperties.attlist &= attribute Id { xsd:ID }? SignatureProperty = element SignatureProperty { SignatureProperty.attlist, (text | SignatureProperty.ANY)* } SignatureProperty.attlist &= attribute Target { text }, attribute Id { xsd:ID }? # Algorithm Parameters HMACOutputLength = element HMACOutputLength { HMACOutputLength.attlist, text } HMACOutputLength.attlist &= empty DSAKeyValue = element DSAKeyValue { DSAKeyValue.attlist, (P, Q)?, G?, Y, J?, (Seed, PgenCounter)? } DSAKeyValue.attlist &= empty P = element P { P.attlist, text } P.attlist &= empty Q = element Q { Q.attlist, text } Q.attlist &= empty G = element G { G.attlist, text } G.attlist &= empty Y = element Y { Y.attlist, text } Y.attlist &= empty J = element J { J.attlist, text } J.attlist &= empty Seed = element Seed { Seed.attlist, text } Seed.attlist &= empty PgenCounter = element PgenCounter { PgenCounter.attlist, text } PgenCounter.attlist &= empty RSAKeyValue = element RSAKeyValue { RSAKeyValue.attlist, Modulus, Exponent } RSAKeyValue.attlist &= empty Modulus = element Modulus { Modulus.attlist, text } Modulus.attlist &= empty Exponent = element Exponent { Exponent.attlist, text } Exponent.attlist &= empty