XML Schema to validate against XML encryption

[Stefan]

Hello,

I'm trying to write a XML Schema to validate against a XML file which
holds an element which contains either a plaint text password or a XML
encryption element. A plain text example is:

<Password>mySecret</Password>

or a XML encrypted element:

<Password>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"
Type="http://www.w3.org/2001/04/xmlenc#Content">
<EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<CipherData>
<CipherValue>Jha8fYGDje49Tkz0=</CipherValue>
</CipherData>
</EncryptedData>
</Password>

I tried to validate against it with following XML Schema:

<?xml version="1.0" encoding="UTF-8"?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
elementFormDefault="qualified">

<xsd:import namespace="http://www.w3.org/2001/04/xmlenc#"

schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>

<xsd:element name="Secret">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="EncryptedData" type="xenc:EncryptedDataType"
minOccurs="0" maxOccurs="1"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>


But it fails with an error message like this:

element EncryptedData: Schemas validity error : Element
'{http://www.w3.org/2001/04/xmlenc#}EncryptedData': This element is not
expected. Expected is ( EncryptedData ).

I don't know why the EncryptedData-Node isn't in the namespace of
xmlenc.

The problem is that the schema must support two types of <Password>. One
time it could be a pure xsd:string and the other one could be a parent
of EncryptedData.

Any ideas how to solve that?

Best regards
Stefan

 

[Martin Honnen]

<Password>
<EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#"
Type="http://www.w3.org/2001/04/xmlenc#Content">

In this sample the element with local name 'EncryptedData' is in the
namespace http://www.w3.org/2001/04/xmlenc# while the schema below

<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
elementFormDefault="qualified">

<xsd:import namespace="http://www.w3.org/2001/04/xmlenc#"

schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>

<xsd:element name="Secret">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="EncryptedData" type="xenc:EncryptedDataType"
minOccurs="0" maxOccurs="1"/>

defines the element in no namespace. Therefore you get the validation error

element EncryptedData: Schemas validity error : Element
'{http://www.w3.org/2001/04/xmlenc#}EncryptedData': This element is not
expected. Expected is ( EncryptedData ).

saying that. Thus if you want to define an element with local name
'EncryptedData' in the namespace http://www.w3.org/2001/04/xmlenc# then
you need to write a schema with that namespace as its targetNamespace,
then you need to import that schema and use xs:element ref to reference
the element from the imported schema.

 

[Stefan Schulze Frielinghaus]

]

saying that. Thus if you want to define an element with local name
'EncryptedData' in the namespace http://www.w3.org/2001/04/xmlenc# then
you need to write a schema with that namespace as its targetNamespace,
then you need to import that schema and use xs:element ref to reference
the element from the imported schema.

Isn't it possible to only change my schema. I wouldn't prefer to create
a new external schema where I define a ref to that element. One (schema)
file is mandatory for me.

I just thought about something like that (specifying the namespace in
the schema-element), but it doesn't work too:

<xsd:element xmlns="http://www.w3.org/2001/04/xmlenc#"
name="EncryptedData" type="xenc:EncryptedDataType" minOccurs="0"
maxOccurs="1"/>

I only want to check against a XML encrypted standard element.

 

[Martin Honnen]

Isn't it possible to only change my schema. I wouldn't prefer to create
a new external schema where I define a ref to that element. One (schema)
file is mandatory for me.

You need one schema for each target namespace.