sepafm 0.0.2 → 0.1.0

data/lib/sepa/xml_schemas/PKIFactory.xsd

@@ -0,0 +1,334 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSpy v2009 sp1 (http://www.altova.com) by Danske Bank (Danske Bank A/S) -->
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:tns="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns:xml="http://www.w3.org/XML/1998/namespace" targetNamespace="http://danskebank.dk/PKI/PKIFactoryService/elements" elementFormDefault="qualified" attributeFormDefault="unqualified">
+	<xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+	<!--xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="store:///schemas/xmldsig-core-schema.xsd"/-->
+	<xs:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml_id.xsd"/>
+	<!-- SHARED TYPES SECTION -->
+	<!-- GENERIC TYPES -->
+	<xs:simpleType name="string10">
+		<xs:restriction base="xs:string">
+			<xs:minLength value="0"/>
+			<xs:maxLength value="10"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="string50">
+		<xs:restriction base="xs:string">
+			<xs:minLength value="0"/>
+			<xs:maxLength value="50"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="RequestIdType">
+		<xs:restriction base="tns:string10"/>
+	</xs:simpleType>
+	<xs:simpleType name="ReturncodeType">
+		<xs:restriction base="tns:string10"/>
+	</xs:simpleType>
+	<xs:simpleType name="ReturnTextType">
+		<xs:restriction base="tns:string50"/>
+	</xs:simpleType>
+	<xs:simpleType name="AdditionalReturnTextType">
+		<xs:restriction base="xs:string">
+			<xs:minLength value="0"/>
+			<xs:maxLength value="1000"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<!-- SPECIFIC TYPES -->
+	<xs:simpleType name="InterfaceVersionType">
+		<xs:restriction base="xs:string">
+			<xs:minLength value="1"/>
+			<xs:maxLength value="10"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="CRLReasonType">
+		<xs:restriction base="xs:integer">
+			<xs:enumeration value="0"/>
+			<xs:enumeration value="1"/>
+			<xs:enumeration value="2"/>
+			<xs:enumeration value="3"/>
+			<xs:enumeration value="4"/>
+			<xs:enumeration value="5"/>
+			<xs:enumeration value="9"/>
+			<!-- Values taken from X.509v3 specification -->
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="CertificateIdType">
+		<xs:restriction base="xs:string">
+			<xs:minLength value="1"/>
+			<xs:maxLength value="64"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="CertificateType">
+		<xs:restriction base="xs:base64Binary">
+			<xs:minLength value="1"/>
+			<xs:maxLength value="10000"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="Pkcs10requestType">
+		<xs:restriction base="xs:base64Binary">
+			<xs:minLength value="1"/>
+			<xs:maxLength value="10000"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="CustomerIdType">
+		<xs:restriction base="xs:string">
+			<xs:minLength value="6"/>
+			<xs:maxLength value="6"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="KeyGeneratorTypeType">
+		<xs:annotation>
+			<xs:documentation>Indicates the machine (hardware or software) used to create the keys in a certificate request. The value 'HSM' indicates that a Hardware Security Module generated the keys, while the value 'software' indicates that the keys were generated in software.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="HSM"/>
+			<xs:enumeration value="software"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="EnvironmentType">
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="production"/>
+			<xs:enumeration value="customertest"/>
+			<xs:enumeration value="systemtest"/>
+			<xs:enumeration value="test"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="CertificateTypeType">
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="signing"/>
+			<xs:enumeration value="encryption"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="CertificateStatusType">
+		<xs:sequence>
+			<xs:element name="CertificateSerialNo" type="tns:CertificateIdType"/>
+			<xs:element name="CertificateType" type="tns:CertificateTypeType"/>
+			<xs:element name="MatchingCertificateSerialNo" type="tns:CertificateIdType"/>
+			<xs:element name="Status">
+				<xs:complexType>
+					<xs:choice>
+						<xs:element name="good">
+							<xs:complexType>
+								<xs:attribute name="expiryDate" type="xs:dateTime" use="optional"/>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="expires_soon">
+							<xs:complexType>
+								<xs:attribute name="expiryDate" type="xs:dateTime" use="optional"/>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="expired">
+							<xs:complexType>
+								<xs:attribute name="expiryDate" type="xs:dateTime" use="optional"/>
+							</xs:complexType>
+						</xs:element>
+						<xs:element name="revoked">
+							<xs:complexType>
+								<xs:attribute name="revocationDate" type="xs:dateTime" use="optional"/>
+								<xs:attribute name="CRLReason" type="tns:CRLReasonType" use="optional"/>
+							</xs:complexType>
+						</xs:element>
+					</xs:choice>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<!-- ELEMENTS SECTION -->
+	<xs:element name="CreateCertificateRequest">
+		<xs:annotation>
+			<xs:documentation>Request to create a signing certificate and an encryption certificate for the customer. The customer is identified by an agreement number and a CAID.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="CustomerId" type="tns:CustomerIdType"/>
+				<xs:element name="KeyGeneratorType" type="tns:KeyGeneratorTypeType"/>
+				<xs:element name="EncryptionCertPKCS10" type="tns:Pkcs10requestType"/>
+				<xs:element name="SigningCertPKCS10" type="tns:Pkcs10requestType"/>
+				<xs:element name="Timestamp" type="xs:dateTime"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<xs:element name="Environment" type="tns:EnvironmentType" minOccurs="0"/>
+				<xs:element name="PIN" type="tns:string10"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="CreateCertificateResponse">
+		<xs:annotation>
+			<xs:documentation>Response to a CreateCertificateRequest.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ReturnCode" type="tns:ReturncodeType"/>
+				<xs:element name="ReturnText" type="tns:ReturnTextType"/>
+				<xs:element name="EncryptionCert" type="tns:CertificateType"/>
+				<xs:element name="SigningCert" type="tns:CertificateType"/>
+				<xs:element name="CACert" type="tns:CertificateType"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<xs:element name="Environment" type="tns:EnvironmentType" minOccurs="0"/>
+				<!-- Enveloped signature, signing the CreateCertificateResponse element -->
+				<xs:element ref="ds:Signature" minOccurs="0"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="RenewCertificateRequest">
+		<xs:annotation>
+			<xs:documentation>Request to renew a signing certificate and an encryption certificate for the customer. The customer is identified by an agreement number and a name. The request is signed with the customers old signing certificate.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="CustomerId" type="tns:CustomerIdType"/>
+				<xs:element name="KeyGeneratorType" type="tns:KeyGeneratorTypeType"/>
+				<xs:element name="EncryptionCertPKCS10" type="tns:Pkcs10requestType"/>
+				<xs:element name="SigningCertPKCS10" type="tns:Pkcs10requestType"/>
+				<xs:element name="Timestamp" type="xs:dateTime"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<xs:element name="Environment" type="tns:EnvironmentType" minOccurs="0"/>
+				<!-- Enveloped signature, signing the RenewCertificateRequest element. The signature should be based on the old signing cert -->
+				<xs:element ref="ds:Signature" minOccurs="0"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="RenewCertificateResponse">
+		<xs:annotation>
+			<xs:documentation>Response to a RenewCertificateRequest.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ReturnCode" type="tns:ReturncodeType"/>
+				<xs:element name="ReturnText" type="tns:ReturnTextType"/>
+				<xs:element name="EncryptionCert" type="tns:CertificateType"/>
+				<xs:element name="SigningCert" type="tns:CertificateType"/>
+				<xs:element name="CACert" type="tns:CertificateType"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<xs:element name="Environment" type="tns:EnvironmentType" minOccurs="0"/>
+				<!-- Enveloped signature, signing the RenewCertificateResponse element. -->
+				<xs:element ref="ds:Signature" minOccurs="0"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="RevokeCertificateRequest">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="KeyGeneratorType" type="tns:KeyGeneratorTypeType"/>
+				<xs:element name="CustomerId" type="tns:CustomerIdType"/>
+				<xs:choice>
+					<xs:element name="RevokeAll">
+						<xs:complexType>
+							<xs:sequence>
+								<xs:element name="ExceptCertificateSerialNo" minOccurs="0" maxOccurs="10"/>
+							</xs:sequence>
+						</xs:complexType>
+					</xs:element>
+					<xs:element name="CertificateSerialNo" type="tns:CertificateIdType" maxOccurs="10"/>
+				</xs:choice>
+				<xs:element name="CRLReason" type="tns:CRLReasonType" minOccurs="0"/>
+				<xs:element name="Timestamp" type="xs:dateTime"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<xs:element name="Environment" type="tns:EnvironmentType" minOccurs="0"/>
+				<!-- Enveloped signature, signing the RevokeCertificateRequest element-->
+				<xs:element ref="ds:Signature" minOccurs="0"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="RevokeCertificateResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ReturnCode" type="tns:ReturncodeType"/>
+				<xs:element name="ReturnText" type="tns:ReturnTextType"/>
+				<xs:element name="CertificateSerialNo" type="tns:CertificateIdType" maxOccurs="unbounded"/>
+				<xs:element name="RevocationTime" type="xs:dateTime"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<xs:element name="Environment" type="tns:EnvironmentType" minOccurs="0"/>
+				<!-- Enveloped signature, signing the RevokeCertificateResponse element-->
+				<xs:element ref="ds:Signature" minOccurs="0"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="CertificateStatusRequest">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="KeyGeneratorType" type="tns:KeyGeneratorTypeType"/>
+				<xs:element name="CertificateSerialNo" type="tns:CertificateIdType" maxOccurs="10"/>
+				<xs:element name="CustomerId" type="tns:CustomerIdType"/>
+				<xs:element name="Timestamp" type="xs:dateTime"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<!-- Enveloped signature, signing the CertificateStatusRequest element-->
+				<xs:element ref="ds:Signature" minOccurs="0"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="CertificateStatusResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ReturnCode" type="tns:ReturncodeType"/>
+				<xs:element name="ReturnText" type="tns:ReturnTextType"/>
+				<xs:element name="CertificateStatus" type="tns:CertificateStatusType" maxOccurs="10"/>
+				<xs:element name="Timestamp" type="xs:dateTime"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<!-- Enveloped signature, signing the CertificateStatusResponse element-->
+				<xs:element ref="ds:Signature" minOccurs="0"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetOwnCertificateListRequest">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="KeyGeneratorType" type="tns:KeyGeneratorTypeType"/>
+				<xs:element name="CustomerId" type="tns:CustomerIdType"/>
+				<xs:element name="Timestamp" type="xs:dateTime"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<!-- Enveloped signature, signing the GetCertificateListRequest element-->
+				<xs:element ref="ds:Signature" minOccurs="0"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetOwnCertificateListResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ReturnCode" type="tns:ReturncodeType"/>
+				<xs:element name="ReturnText" type="tns:ReturnTextType"/>
+				<xs:element name="CertificateStatus" type="tns:CertificateStatusType" minOccurs="0" maxOccurs="unbounded"/>
+				<!-- Enveloped signature, signing the GetCertificateListResponse element-->
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<xs:element ref="ds:Signature" minOccurs="0"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBankCertificateRequest">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="BankRootCertificateSerialNo" type="tns:CertificateIdType"/>
+				<xs:element name="Timestamp" type="xs:dateTime"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBankCertificateResponse">
+		<xs:annotation>
+			<xs:documentation>Response to a GetBankCertificate request. Contains the relevant bank certificates.</xs:documentation>
+		</xs:annotation>
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ReturnCode" type="tns:ReturncodeType"/>
+				<xs:element name="ReturnText" type="tns:ReturnTextType"/>
+				<xs:element name="BankEncryptionCert" type="tns:CertificateType"/>
+				<xs:element name="BankSigningCert" type="tns:CertificateType"/>
+				<xs:element name="BankRootCert" type="tns:CertificateType"/>
+				<xs:element name="RequestId" type="tns:RequestIdType"/>
+				<!-- Enveloped signature, signing the GetBankCertificateResponse element-->
+				<xs:element ref="ds:Signature" minOccurs="0"/>
+			</xs:sequence>
+			<xs:attribute ref="xml:id"/>
+		</xs:complexType>
+	</xs:element>
+</xs:schema>

data/lib/sepa/xml_schemas/xml_id.xsd

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+   Verbatim from http://www.w3.org/TR/2005/REC-xml-id-20050909/ section D.2
+
+   $Id: xmlid.xsd,v 1.1 2006/06/18 16:56:30 G. Ken Holman Exp $
+-->
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.w3.org/XML/1998/namespace">
+	<xs:attribute name="id" type="xs:ID"/>
+</xs:schema>

data/lib/sepa/xml_templates/application_request/create_certificate.xml

@@ -1,10 +1,15 @@
-<tns:CreateCertificateRequest xmlns:xe="http://www.w3.org/2001/04/xmlenc#" xmlns:xd="http://www.w3.org/2000/09/xmldsig#" xmlns:tns="http://danskebank.dk/PKI/PKIFactoryService/elements" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService">
-    <tns:CustomerId></tns:CustomerId>
-    <tns:KeyGeneratorType></tns:KeyGeneratorType>
-    <tns:EncryptionCertPKCS10></tns:EncryptionCertPKCS10>
-    <tns:SigningCertPKCS10></tns:SigningCertPKCS10>
-    <tns:Timestamp></tns:Timestamp>
-    <tns:RequestId></tns:RequestId>
-    <tns:Environment></tns:Environment>
-    <tns:PIN></tns:PIN>
-</tns:CreateCertificateRequest>
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:CreateCertificateRequest xmlns:xe="http://www.w3.org/2001/04/xmlenc#"
+                              xmlns:xd="http://www.w3.org/2000/09/xmldsig#"
+                              xmlns:tns="http://danskebank.dk/PKI/PKIFactoryService/elements"
+                              xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
+                              xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService">
+  <tns:CustomerId></tns:CustomerId>
+  <tns:KeyGeneratorType></tns:KeyGeneratorType>
+  <tns:EncryptionCertPKCS10></tns:EncryptionCertPKCS10>
+  <tns:SigningCertPKCS10></tns:SigningCertPKCS10>
+  <tns:Timestamp></tns:Timestamp>
+  <tns:RequestId></tns:RequestId>
+  <tns:Environment></tns:Environment>
+  <tns:PIN></tns:PIN>
+</tns:CreateCertificateRequest>

data/lib/sepa/xml_templates/application_request/danske_get_bank_certificate.xml

@@ -1,10 +1,14 @@
-<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService" xmlns:elem="http://danskebank.dk/PKI/PKIFactoryService/elements">
-    <soapenv:Header/>
-    <soapenv:Body>
-        <elem:GetBankCertificateRequest>
-        <elem:BankRootCertificateSerialNo></elem:BankRootCertificateSerialNo>
-        <elem:Timestamp></elem:Timestamp>
-        <elem:RequestId></elem:RequestId>
-        </elem:GetBankCertificateRequest>
-    </soapenv:Body>
+<?xml version="1.0" encoding="UTF-8"?>
+<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
+                  xmlns:pkif="http://danskebank.dk/PKI/PKIFactoryService"
+                  xmlns:elem="http://danskebank.dk/PKI/PKIFactoryService/elements">
+  <soapenv:Header/>
+  <soapenv:Body>
+    <elem:GetBankCertificateRequest
+            xmlns:elem="http://danskebank.dk/PKI/PKIFactoryService/elements">
+      <elem:BankRootCertificateSerialNo></elem:BankRootCertificateSerialNo>
+      <elem:Timestamp></elem:Timestamp>
+      <elem:RequestId></elem:RequestId>
+    </elem:GetBankCertificateRequest>
+  </soapenv:Body>
 </soapenv:Envelope>

data/lib/sepa/xml_templates/application_request/download_file.xml

@@ -1,32 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
 <ApplicationRequest xmlns="http://bxd.fi/xmldata/">
-    <CustomerId></CustomerId>
-    <Command></Command>
-    <Timestamp></Timestamp>
-    <Status></Status>
-    <Environment></Environment>
-    <FileReferences>
-        <FileReference></FileReference>
-    </FileReferences>
-    <TargetId></TargetId>
-    <SoftwareId></SoftwareId>
-    <FileType></FileType>
-    <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-        <dsig:SignedInfo>
-            <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-            <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
-            <dsig:Reference URI="">
-                <dsig:Transforms>
-                    <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-                </dsig:Transforms>
-                <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-                <dsig:DigestValue></dsig:DigestValue>
-            </dsig:Reference>
-        </dsig:SignedInfo>
-        <dsig:SignatureValue></dsig:SignatureValue>
-        <dsig:KeyInfo>
-            <dsig:X509Data>
-                <dsig:X509Certificate></dsig:X509Certificate>
-            </dsig:X509Data>
-        </dsig:KeyInfo>
-    </dsig:Signature>
+  <CustomerId></CustomerId>
+  <Command></Command>
+  <Timestamp></Timestamp>
+  <Status></Status>
+  <Environment></Environment>
+  <FileReferences>
+    <FileReference></FileReference>
+  </FileReferences>
+  <TargetId></TargetId>
+  <SoftwareId></SoftwareId>
+  <FileType></FileType>
+  <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+    <dsig:SignedInfo>
+      <dsig:CanonicalizationMethod
+              Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+      <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+      <dsig:Reference URI="">
+        <dsig:Transforms>
+          <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+        </dsig:Transforms>
+        <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+        <dsig:DigestValue></dsig:DigestValue>
+      </dsig:Reference>
+    </dsig:SignedInfo>
+    <dsig:SignatureValue></dsig:SignatureValue>
+    <dsig:KeyInfo>
+      <dsig:X509Data>
+        <dsig:X509Certificate></dsig:X509Certificate>
+      </dsig:X509Data>
+    </dsig:KeyInfo>
+  </dsig:Signature>
 </ApplicationRequest>

data/lib/sepa/xml_templates/application_request/download_file_list.xml

@@ -1,29 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
 <ApplicationRequest xmlns="http://bxd.fi/xmldata/">
-    <CustomerId></CustomerId>
-    <Command></Command>
-    <Timestamp></Timestamp>
-    <Status></Status>
-    <Environment></Environment>
-    <TargetId></TargetId>
-    <SoftwareId></SoftwareId>
-    <FileType></FileType>
-    <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-        <dsig:SignedInfo>
-            <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-            <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
-            <dsig:Reference URI="">
-                <dsig:Transforms>
-                    <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-                </dsig:Transforms>
-                <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-                <dsig:DigestValue></dsig:DigestValue>
-            </dsig:Reference>
-        </dsig:SignedInfo>
-        <dsig:SignatureValue></dsig:SignatureValue>
-        <dsig:KeyInfo>
-            <dsig:X509Data>
-                <dsig:X509Certificate></dsig:X509Certificate>
-            </dsig:X509Data>
-        </dsig:KeyInfo>
-    </dsig:Signature>
+  <CustomerId></CustomerId>
+  <Command></Command>
+  <Timestamp></Timestamp>
+  <Status></Status>
+  <Environment></Environment>
+  <TargetId></TargetId>
+  <SoftwareId></SoftwareId>
+  <FileType></FileType>
+  <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+    <dsig:SignedInfo>
+      <dsig:CanonicalizationMethod
+              Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+      <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+      <dsig:Reference URI="">
+        <dsig:Transforms>
+          <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+        </dsig:Transforms>
+        <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+        <dsig:DigestValue></dsig:DigestValue>
+      </dsig:Reference>
+    </dsig:SignedInfo>
+    <dsig:SignatureValue></dsig:SignatureValue>
+    <dsig:KeyInfo>
+      <dsig:X509Data>
+        <dsig:X509Certificate></dsig:X509Certificate>
+      </dsig:X509Data>
+    </dsig:KeyInfo>
+  </dsig:Signature>
 </ApplicationRequest>

data/lib/sepa/xml_templates/application_request/encrypted_request.xml

@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
+                    xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"
+                    xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+  <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+  <dsig:KeyInfo>
+    <xenc:EncryptedKey Recipient="name:DanskeBankCryptCERT">
+      <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+      <dsig:KeyInfo>
+        <dsig:X509Data>
+          <dsig:X509Certificate></dsig:X509Certificate>
+        </dsig:X509Data>
+      </dsig:KeyInfo>
+      <xenc:CipherData>
+        <xenc:CipherValue></xenc:CipherValue>
+      </xenc:CipherData>
+    </xenc:EncryptedKey>
+  </dsig:KeyInfo>
+  <xenc:CipherData>
+    <xenc:CipherValue></xenc:CipherValue>
+  </xenc:CipherData>
+</xenc:EncryptedData>

data/lib/sepa/xml_templates/application_request/get_certificate.xml

@@ -1,10 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
 <CertApplicationRequest xmlns="http://filetransfer.nordea.com/xmldata/">
-<CustomerId></CustomerId>
-<Timestamp></Timestamp>
-<Environment></Environment>
-<SoftwareId></SoftwareId>
-<Command></Command>
-<Service></Service>
-<Content></Content>
-<HMAC></HMAC>
+  <CustomerId></CustomerId>
+  <Timestamp></Timestamp>
+  <Environment></Environment>
+  <SoftwareId></SoftwareId>
+  <Command></Command>
+  <Service></Service>
+  <Content></Content>
+  <HMAC></HMAC>
 </CertApplicationRequest>

data/lib/sepa/xml_templates/application_request/get_user_info.xml

@@ -1,26 +1,28 @@
+<?xml version="1.0" encoding="UTF-8"?>
 <ApplicationRequest xmlns="http://bxd.fi/xmldata/">
-    <CustomerId></CustomerId>
-    <Command></Command>
-    <Timestamp></Timestamp>
-    <Environment></Environment>
-    <SoftwareId></SoftwareId>
-    <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-        <dsig:SignedInfo>
-            <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-            <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
-            <dsig:Reference URI="">
-                <dsig:Transforms>
-                    <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-                </dsig:Transforms>
-                <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-                <dsig:DigestValue></dsig:DigestValue>
-            </dsig:Reference>
-        </dsig:SignedInfo>
-        <dsig:SignatureValue></dsig:SignatureValue>
-        <dsig:KeyInfo>
-            <dsig:X509Data>
-                <dsig:X509Certificate></dsig:X509Certificate>
-            </dsig:X509Data>
-        </dsig:KeyInfo>
-    </dsig:Signature>
+  <CustomerId></CustomerId>
+  <Command></Command>
+  <Timestamp></Timestamp>
+  <Environment></Environment>
+  <SoftwareId></SoftwareId>
+  <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+    <dsig:SignedInfo>
+      <dsig:CanonicalizationMethod
+              Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+      <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+      <dsig:Reference URI="">
+        <dsig:Transforms>
+          <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+        </dsig:Transforms>
+        <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+        <dsig:DigestValue></dsig:DigestValue>
+      </dsig:Reference>
+    </dsig:SignedInfo>
+    <dsig:SignatureValue></dsig:SignatureValue>
+    <dsig:KeyInfo>
+      <dsig:X509Data>
+        <dsig:X509Certificate></dsig:X509Certificate>
+      </dsig:X509Data>
+    </dsig:KeyInfo>
+  </dsig:Signature>
 </ApplicationRequest>