ruby-saml 0.8.12

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of ruby-saml might be problematic. Click here for more details.

Files changed (70) hide show
  1. checksums.yaml +7 -0
  2. data/.document +5 -0
  3. data/.gitignore +12 -0
  4. data/.travis.yml +11 -0
  5. data/Gemfile +37 -0
  6. data/LICENSE +19 -0
  7. data/README.md +160 -0
  8. data/Rakefile +27 -0
  9. data/changelog.md +24 -0
  10. data/lib/onelogin/ruby-saml/attributes.rb +147 -0
  11. data/lib/onelogin/ruby-saml/authrequest.rb +168 -0
  12. data/lib/onelogin/ruby-saml/logging.rb +26 -0
  13. data/lib/onelogin/ruby-saml/logoutrequest.rb +161 -0
  14. data/lib/onelogin/ruby-saml/logoutresponse.rb +153 -0
  15. data/lib/onelogin/ruby-saml/metadata.rb +66 -0
  16. data/lib/onelogin/ruby-saml/response.rb +426 -0
  17. data/lib/onelogin/ruby-saml/setting_error.rb +6 -0
  18. data/lib/onelogin/ruby-saml/settings.rb +166 -0
  19. data/lib/onelogin/ruby-saml/slo_logoutresponse.rb +158 -0
  20. data/lib/onelogin/ruby-saml/utils.rb +119 -0
  21. data/lib/onelogin/ruby-saml/validation_error.rb +7 -0
  22. data/lib/onelogin/ruby-saml/version.rb +5 -0
  23. data/lib/ruby-saml.rb +12 -0
  24. data/lib/schemas/saml20assertion_schema.xsd +283 -0
  25. data/lib/schemas/saml20protocol_schema.xsd +302 -0
  26. data/lib/schemas/xenc_schema.xsd +146 -0
  27. data/lib/schemas/xmldsig_schema.xsd +318 -0
  28. data/lib/xml_security.rb +292 -0
  29. data/ruby-saml.gemspec +28 -0
  30. data/test/certificates/certificate1 +12 -0
  31. data/test/certificates/r1_certificate2_base64 +1 -0
  32. data/test/certificates/ruby-saml.crt +14 -0
  33. data/test/certificates/ruby-saml.key +15 -0
  34. data/test/logoutrequest_test.rb +244 -0
  35. data/test/logoutresponse_test.rb +112 -0
  36. data/test/request_test.rb +229 -0
  37. data/test/response_test.rb +475 -0
  38. data/test/responses/adfs_response_sha1.xml +46 -0
  39. data/test/responses/adfs_response_sha256.xml +46 -0
  40. data/test/responses/adfs_response_sha384.xml +46 -0
  41. data/test/responses/adfs_response_sha512.xml +46 -0
  42. data/test/responses/encrypted_new_attack.xml.base64 +1 -0
  43. data/test/responses/logoutresponse_fixtures.rb +67 -0
  44. data/test/responses/no_signature_ns.xml +48 -0
  45. data/test/responses/open_saml_response.xml +56 -0
  46. data/test/responses/r1_response6.xml.base64 +1 -0
  47. data/test/responses/response1.xml.base64 +1 -0
  48. data/test/responses/response2.xml.base64 +79 -0
  49. data/test/responses/response3.xml.base64 +66 -0
  50. data/test/responses/response4.xml.base64 +93 -0
  51. data/test/responses/response5.xml.base64 +102 -0
  52. data/test/responses/response_eval.xml +7 -0
  53. data/test/responses/response_node_text_attack.xml.base64 +1 -0
  54. data/test/responses/response_with_ampersands.xml +139 -0
  55. data/test/responses/response_with_ampersands.xml.base64 +93 -0
  56. data/test/responses/response_with_concealed_signed_assertion.xml +51 -0
  57. data/test/responses/response_with_doubled_signed_assertion.xml +49 -0
  58. data/test/responses/response_with_multiple_attribute_statements.xml +72 -0
  59. data/test/responses/response_with_multiple_attribute_values.xml +67 -0
  60. data/test/responses/response_wrapped.xml.base64 +150 -0
  61. data/test/responses/simple_saml_php.xml +71 -0
  62. data/test/responses/starfield_response.xml.base64 +1 -0
  63. data/test/responses/valid_response.xml.base64 +1 -0
  64. data/test/responses/wrapped_response_2.xml.base64 +150 -0
  65. data/test/settings_test.rb +47 -0
  66. data/test/slo_logoutresponse_test.rb +226 -0
  67. data/test/test_helper.rb +155 -0
  68. data/test/utils_test.rb +41 -0
  69. data/test/xml_security_test.rb +158 -0
  70. metadata +178 -0
@@ -0,0 +1,146 @@
1
+ <?xml version="1.0" encoding="utf-8"?>
2
+ <!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN"
3
+ "http://www.w3.org/2001/XMLSchema.dtd"
4
+ [
5
+ <!ATTLIST schema
6
+ xmlns:xenc CDATA #FIXED 'http://www.w3.org/2001/04/xmlenc#'
7
+ xmlns:ds CDATA #FIXED 'http://www.w3.org/2000/09/xmldsig#'>
8
+ <!ENTITY xenc 'http://www.w3.org/2001/04/xmlenc#'>
9
+ <!ENTITY % p ''>
10
+ <!ENTITY % s ''>
11
+ ]>
12
+
13
+ <schema xmlns='http://www.w3.org/2001/XMLSchema' version='1.0'
14
+ xmlns:xenc='http://www.w3.org/2001/04/xmlenc#'
15
+ xmlns:ds='http://www.w3.org/2000/09/xmldsig#'
16
+ targetNamespace='http://www.w3.org/2001/04/xmlenc#'
17
+ elementFormDefault='qualified'>
18
+
19
+ <import namespace='http://www.w3.org/2000/09/xmldsig#'
20
+ schemaLocation='xmldsig_schema.xsd'/>
21
+
22
+ <complexType name='EncryptedType' abstract='true'>
23
+ <sequence>
24
+ <element name='EncryptionMethod' type='xenc:EncryptionMethodType'
25
+ minOccurs='0'/>
26
+ <element ref='ds:KeyInfo' minOccurs='0'/>
27
+ <element ref='xenc:CipherData'/>
28
+ <element ref='xenc:EncryptionProperties' minOccurs='0'/>
29
+ </sequence>
30
+ <attribute name='Id' type='ID' use='optional'/>
31
+ <attribute name='Type' type='anyURI' use='optional'/>
32
+ <attribute name='MimeType' type='string' use='optional'/>
33
+ <attribute name='Encoding' type='anyURI' use='optional'/>
34
+ </complexType>
35
+
36
+ <complexType name='EncryptionMethodType' mixed='true'>
37
+ <sequence>
38
+ <element name='KeySize' minOccurs='0' type='xenc:KeySizeType'/>
39
+ <element name='OAEPparams' minOccurs='0' type='base64Binary'/>
40
+ <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/>
41
+ </sequence>
42
+ <attribute name='Algorithm' type='anyURI' use='required'/>
43
+ </complexType>
44
+
45
+ <simpleType name='KeySizeType'>
46
+ <restriction base="integer"/>
47
+ </simpleType>
48
+
49
+ <element name='CipherData' type='xenc:CipherDataType'/>
50
+ <complexType name='CipherDataType'>
51
+ <choice>
52
+ <element name='CipherValue' type='base64Binary'/>
53
+ <element ref='xenc:CipherReference'/>
54
+ </choice>
55
+ </complexType>
56
+
57
+ <element name='CipherReference' type='xenc:CipherReferenceType'/>
58
+ <complexType name='CipherReferenceType'>
59
+ <choice>
60
+ <element name='Transforms' type='xenc:TransformsType' minOccurs='0'/>
61
+ </choice>
62
+ <attribute name='URI' type='anyURI' use='required'/>
63
+ </complexType>
64
+
65
+ <complexType name='TransformsType'>
66
+ <sequence>
67
+ <element ref='ds:Transform' maxOccurs='unbounded'/>
68
+ </sequence>
69
+ </complexType>
70
+
71
+
72
+ <element name='EncryptedData' type='xenc:EncryptedDataType'/>
73
+ <complexType name='EncryptedDataType'>
74
+ <complexContent>
75
+ <extension base='xenc:EncryptedType'>
76
+ </extension>
77
+ </complexContent>
78
+ </complexType>
79
+
80
+ <!-- Children of ds:KeyInfo -->
81
+
82
+ <element name='EncryptedKey' type='xenc:EncryptedKeyType'/>
83
+ <complexType name='EncryptedKeyType'>
84
+ <complexContent>
85
+ <extension base='xenc:EncryptedType'>
86
+ <sequence>
87
+ <element ref='xenc:ReferenceList' minOccurs='0'/>
88
+ <element name='CarriedKeyName' type='string' minOccurs='0'/>
89
+ </sequence>
90
+ <attribute name='Recipient' type='string'
91
+ use='optional'/>
92
+ </extension>
93
+ </complexContent>
94
+ </complexType>
95
+
96
+ <element name="AgreementMethod" type="xenc:AgreementMethodType"/>
97
+ <complexType name="AgreementMethodType" mixed="true">
98
+ <sequence>
99
+ <element name="KA-Nonce" minOccurs="0" type="base64Binary"/>
100
+ <!-- <element ref="ds:DigestMethod" minOccurs="0"/> -->
101
+ <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
102
+ <element name="OriginatorKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
103
+ <element name="RecipientKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
104
+ </sequence>
105
+ <attribute name="Algorithm" type="anyURI" use="required"/>
106
+ </complexType>
107
+
108
+ <!-- End Children of ds:KeyInfo -->
109
+
110
+ <element name='ReferenceList'>
111
+ <complexType>
112
+ <choice minOccurs='1' maxOccurs='unbounded'>
113
+ <element name='DataReference' type='xenc:ReferenceType'/>
114
+ <element name='KeyReference' type='xenc:ReferenceType'/>
115
+ </choice>
116
+ </complexType>
117
+ </element>
118
+
119
+ <complexType name='ReferenceType'>
120
+ <sequence>
121
+ <any namespace='##other' minOccurs='0' maxOccurs='unbounded'/>
122
+ </sequence>
123
+ <attribute name='URI' type='anyURI' use='required'/>
124
+ </complexType>
125
+
126
+
127
+ <element name='EncryptionProperties' type='xenc:EncryptionPropertiesType'/>
128
+ <complexType name='EncryptionPropertiesType'>
129
+ <sequence>
130
+ <element ref='xenc:EncryptionProperty' maxOccurs='unbounded'/>
131
+ </sequence>
132
+ <attribute name='Id' type='ID' use='optional'/>
133
+ </complexType>
134
+
135
+ <element name='EncryptionProperty' type='xenc:EncryptionPropertyType'/>
136
+ <complexType name='EncryptionPropertyType' mixed='true'>
137
+ <choice maxOccurs='unbounded'>
138
+ <any namespace='##other' processContents='lax'/>
139
+ </choice>
140
+ <attribute name='Target' type='anyURI' use='optional'/>
141
+ <attribute name='Id' type='ID' use='optional'/>
142
+ <anyAttribute namespace="http://www.w3.org/XML/1998/namespace"/>
143
+ </complexType>
144
+
145
+ </schema>
146
+
@@ -0,0 +1,318 @@
1
+ <?xml version="1.0" encoding="utf-8"?>
2
+ <!DOCTYPE schema
3
+ PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd"
4
+ [
5
+ <!ATTLIST schema
6
+ xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#">
7
+ <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
8
+ <!ENTITY % p ''>
9
+ <!ENTITY % s ''>
10
+ ]>
11
+
12
+ <!-- Schema for XML Signatures
13
+ http://www.w3.org/2000/09/xmldsig#
14
+ $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
15
+
16
+ Copyright 2001 The Internet Society and W3C (Massachusetts Institute
17
+ of Technology, Institut National de Recherche en Informatique et en
18
+ Automatique, Keio University). All Rights Reserved.
19
+ http://www.w3.org/Consortium/Legal/
20
+
21
+ This document is governed by the W3C Software License [1] as described
22
+ in the FAQ [2].
23
+
24
+ [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
25
+ [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
26
+ -->
27
+
28
+
29
+ <schema xmlns="http://www.w3.org/2001/XMLSchema"
30
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
31
+ targetNamespace="http://www.w3.org/2000/09/xmldsig#"
32
+ version="0.1" elementFormDefault="qualified">
33
+
34
+ <!-- Basic Types Defined for Signatures -->
35
+
36
+ <simpleType name="CryptoBinary">
37
+ <restriction base="base64Binary">
38
+ </restriction>
39
+ </simpleType>
40
+
41
+ <!-- Start Signature -->
42
+
43
+ <element name="Signature" type="ds:SignatureType"/>
44
+ <complexType name="SignatureType">
45
+ <sequence>
46
+ <element ref="ds:SignedInfo"/>
47
+ <element ref="ds:SignatureValue"/>
48
+ <element ref="ds:KeyInfo" minOccurs="0"/>
49
+ <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
50
+ </sequence>
51
+ <attribute name="Id" type="ID" use="optional"/>
52
+ </complexType>
53
+
54
+ <element name="SignatureValue" type="ds:SignatureValueType"/>
55
+ <complexType name="SignatureValueType">
56
+ <simpleContent>
57
+ <extension base="base64Binary">
58
+ <attribute name="Id" type="ID" use="optional"/>
59
+ </extension>
60
+ </simpleContent>
61
+ </complexType>
62
+
63
+ <!-- Start SignedInfo -->
64
+
65
+ <element name="SignedInfo" type="ds:SignedInfoType"/>
66
+ <complexType name="SignedInfoType">
67
+ <sequence>
68
+ <element ref="ds:CanonicalizationMethod"/>
69
+ <element ref="ds:SignatureMethod"/>
70
+ <element ref="ds:Reference" maxOccurs="unbounded"/>
71
+ </sequence>
72
+ <attribute name="Id" type="ID" use="optional"/>
73
+ </complexType>
74
+
75
+ <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>
76
+ <complexType name="CanonicalizationMethodType" mixed="true">
77
+ <sequence>
78
+ <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
79
+ <!-- (0,unbounded) elements from (1,1) namespace -->
80
+ </sequence>
81
+ <attribute name="Algorithm" type="anyURI" use="required"/>
82
+ </complexType>
83
+
84
+ <element name="SignatureMethod" type="ds:SignatureMethodType"/>
85
+ <complexType name="SignatureMethodType" mixed="true">
86
+ <sequence>
87
+ <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
88
+ <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
89
+ <!-- (0,unbounded) elements from (1,1) external namespace -->
90
+ </sequence>
91
+ <attribute name="Algorithm" type="anyURI" use="required"/>
92
+ </complexType>
93
+
94
+ <!-- Start Reference -->
95
+
96
+ <element name="Reference" type="ds:ReferenceType"/>
97
+ <complexType name="ReferenceType">
98
+ <sequence>
99
+ <element ref="ds:Transforms" minOccurs="0"/>
100
+ <element ref="ds:DigestMethod"/>
101
+ <element ref="ds:DigestValue"/>
102
+ </sequence>
103
+ <attribute name="Id" type="ID" use="optional"/>
104
+ <attribute name="URI" type="anyURI" use="optional"/>
105
+ <attribute name="Type" type="anyURI" use="optional"/>
106
+ </complexType>
107
+
108
+ <element name="Transforms" type="ds:TransformsType"/>
109
+ <complexType name="TransformsType">
110
+ <sequence>
111
+ <element ref="ds:Transform" maxOccurs="unbounded"/>
112
+ </sequence>
113
+ </complexType>
114
+
115
+ <element name="Transform" type="ds:TransformType"/>
116
+ <complexType name="TransformType" mixed="true">
117
+ <choice minOccurs="0" maxOccurs="unbounded">
118
+ <any namespace="##other" processContents="lax"/>
119
+ <!-- (1,1) elements from (0,unbounded) namespaces -->
120
+ <element name="XPath" type="string"/>
121
+ </choice>
122
+ <attribute name="Algorithm" type="anyURI" use="required"/>
123
+ </complexType>
124
+
125
+ <!-- End Reference -->
126
+
127
+ <element name="DigestMethod" type="ds:DigestMethodType"/>
128
+ <complexType name="DigestMethodType" mixed="true">
129
+ <sequence>
130
+ <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
131
+ </sequence>
132
+ <attribute name="Algorithm" type="anyURI" use="required"/>
133
+ </complexType>
134
+
135
+ <element name="DigestValue" type="ds:DigestValueType"/>
136
+ <simpleType name="DigestValueType">
137
+ <restriction base="base64Binary"/>
138
+ </simpleType>
139
+
140
+ <!-- End SignedInfo -->
141
+
142
+ <!-- Start KeyInfo -->
143
+
144
+ <element name="KeyInfo" type="ds:KeyInfoType"/>
145
+ <complexType name="KeyInfoType" mixed="true">
146
+ <choice maxOccurs="unbounded">
147
+ <element ref="ds:KeyName"/>
148
+ <element ref="ds:KeyValue"/>
149
+ <element ref="ds:RetrievalMethod"/>
150
+ <element ref="ds:X509Data"/>
151
+ <element ref="ds:PGPData"/>
152
+ <element ref="ds:SPKIData"/>
153
+ <element ref="ds:MgmtData"/>
154
+ <any processContents="lax" namespace="##other"/>
155
+ <!-- (1,1) elements from (0,unbounded) namespaces -->
156
+ </choice>
157
+ <attribute name="Id" type="ID" use="optional"/>
158
+ </complexType>
159
+
160
+ <element name="KeyName" type="string"/>
161
+ <element name="MgmtData" type="string"/>
162
+
163
+ <element name="KeyValue" type="ds:KeyValueType"/>
164
+ <complexType name="KeyValueType" mixed="true">
165
+ <choice>
166
+ <element ref="ds:DSAKeyValue"/>
167
+ <element ref="ds:RSAKeyValue"/>
168
+ <any namespace="##other" processContents="lax"/>
169
+ </choice>
170
+ </complexType>
171
+
172
+ <element name="RetrievalMethod" type="ds:RetrievalMethodType"/>
173
+ <complexType name="RetrievalMethodType">
174
+ <sequence>
175
+ <element ref="ds:Transforms" minOccurs="0"/>
176
+ </sequence>
177
+ <attribute name="URI" type="anyURI"/>
178
+ <attribute name="Type" type="anyURI" use="optional"/>
179
+ </complexType>
180
+
181
+ <!-- Start X509Data -->
182
+
183
+ <element name="X509Data" type="ds:X509DataType"/>
184
+ <complexType name="X509DataType">
185
+ <sequence maxOccurs="unbounded">
186
+ <choice>
187
+ <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
188
+ <element name="X509SKI" type="base64Binary"/>
189
+ <element name="X509SubjectName" type="string"/>
190
+ <element name="X509Certificate" type="base64Binary"/>
191
+ <element name="X509CRL" type="base64Binary"/>
192
+ <any namespace="##other" processContents="lax"/>
193
+ </choice>
194
+ </sequence>
195
+ </complexType>
196
+
197
+ <complexType name="X509IssuerSerialType">
198
+ <sequence>
199
+ <element name="X509IssuerName" type="string"/>
200
+ <element name="X509SerialNumber" type="integer"/>
201
+ </sequence>
202
+ </complexType>
203
+
204
+ <!-- End X509Data -->
205
+
206
+ <!-- Begin PGPData -->
207
+
208
+ <element name="PGPData" type="ds:PGPDataType"/>
209
+ <complexType name="PGPDataType">
210
+ <choice>
211
+ <sequence>
212
+ <element name="PGPKeyID" type="base64Binary"/>
213
+ <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/>
214
+ <any namespace="##other" processContents="lax" minOccurs="0"
215
+ maxOccurs="unbounded"/>
216
+ </sequence>
217
+ <sequence>
218
+ <element name="PGPKeyPacket" type="base64Binary"/>
219
+ <any namespace="##other" processContents="lax" minOccurs="0"
220
+ maxOccurs="unbounded"/>
221
+ </sequence>
222
+ </choice>
223
+ </complexType>
224
+
225
+ <!-- End PGPData -->
226
+
227
+ <!-- Begin SPKIData -->
228
+
229
+ <element name="SPKIData" type="ds:SPKIDataType"/>
230
+ <complexType name="SPKIDataType">
231
+ <sequence maxOccurs="unbounded">
232
+ <element name="SPKISexp" type="base64Binary"/>
233
+ <any namespace="##other" processContents="lax" minOccurs="0"/>
234
+ </sequence>
235
+ </complexType>
236
+
237
+ <!-- End SPKIData -->
238
+
239
+ <!-- End KeyInfo -->
240
+
241
+ <!-- Start Object (Manifest, SignatureProperty) -->
242
+
243
+ <element name="Object" type="ds:ObjectType"/>
244
+ <complexType name="ObjectType" mixed="true">
245
+ <sequence minOccurs="0" maxOccurs="unbounded">
246
+ <any namespace="##any" processContents="lax"/>
247
+ </sequence>
248
+ <attribute name="Id" type="ID" use="optional"/>
249
+ <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet -->
250
+ <attribute name="Encoding" type="anyURI" use="optional"/>
251
+ </complexType>
252
+
253
+ <element name="Manifest" type="ds:ManifestType"/>
254
+ <complexType name="ManifestType">
255
+ <sequence>
256
+ <element ref="ds:Reference" maxOccurs="unbounded"/>
257
+ </sequence>
258
+ <attribute name="Id" type="ID" use="optional"/>
259
+ </complexType>
260
+
261
+ <element name="SignatureProperties" type="ds:SignaturePropertiesType"/>
262
+ <complexType name="SignaturePropertiesType">
263
+ <sequence>
264
+ <element ref="ds:SignatureProperty" maxOccurs="unbounded"/>
265
+ </sequence>
266
+ <attribute name="Id" type="ID" use="optional"/>
267
+ </complexType>
268
+
269
+ <element name="SignatureProperty" type="ds:SignaturePropertyType"/>
270
+ <complexType name="SignaturePropertyType" mixed="true">
271
+ <choice maxOccurs="unbounded">
272
+ <any namespace="##other" processContents="lax"/>
273
+ <!-- (1,1) elements from (1,unbounded) namespaces -->
274
+ </choice>
275
+ <attribute name="Target" type="anyURI" use="required"/>
276
+ <attribute name="Id" type="ID" use="optional"/>
277
+ </complexType>
278
+
279
+ <!-- End Object (Manifest, SignatureProperty) -->
280
+
281
+ <!-- Start Algorithm Parameters -->
282
+
283
+ <simpleType name="HMACOutputLengthType">
284
+ <restriction base="integer"/>
285
+ </simpleType>
286
+
287
+ <!-- Start KeyValue Element-types -->
288
+
289
+ <element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
290
+ <complexType name="DSAKeyValueType">
291
+ <sequence>
292
+ <sequence minOccurs="0">
293
+ <element name="P" type="ds:CryptoBinary"/>
294
+ <element name="Q" type="ds:CryptoBinary"/>
295
+ </sequence>
296
+ <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
297
+ <element name="Y" type="ds:CryptoBinary"/>
298
+ <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
299
+ <sequence minOccurs="0">
300
+ <element name="Seed" type="ds:CryptoBinary"/>
301
+ <element name="PgenCounter" type="ds:CryptoBinary"/>
302
+ </sequence>
303
+ </sequence>
304
+ </complexType>
305
+
306
+ <element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
307
+ <complexType name="RSAKeyValueType">
308
+ <sequence>
309
+ <element name="Modulus" type="ds:CryptoBinary"/>
310
+ <element name="Exponent" type="ds:CryptoBinary"/>
311
+ </sequence>
312
+ </complexType>
313
+
314
+ <!-- End KeyValue Element-types -->
315
+
316
+ <!-- End Signature -->
317
+
318
+ </schema>