<?xml version="1.0" encoding="UTF-8"?>
<!--
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License, as published by the Free Software Foundation and
* available at http://www.fsf.org/licensing/licenses/lgpl.html,
* version 2.1 or above.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU Lesser General Public License for more details.
*
* Copyright (c) 2001-2010 StrongAuth, Inc.
*
* $Date: 2010-05-19 20:41:14 -0700 (Wed, 19 May 2010) $
* $Revision: 34 $
* $Author: anoor $
* $URL: https://svn.strongauth.com:9443/repos/topaz/trunk/strongkeyliteClient/src/com/strongauth/strongkeylite/xml/SKLES-EncryptionService.xsd $
*
*************************************************
*
*  888b    888          888
*  8888b   888          888
*  88888b  888          888
*  888Y88b 888  .d88b.  888888  .d88b.  .d8888b
*  888 Y88b888 d88""88b 888    d8P  Y8b 88K
*  888  Y88888 888  888 888    88888888 "Y8888b.
*  888   Y8888 Y88..88P Y88b.  Y8b.          X88
*  888    Y888  "Y88P"   "Y888  "Y8888   88888P'
*
*************************************************
*
* Thsi XSD represents the schema of an SOAP-based web-service calls supported
* by the SKLES appliance.  In this release an "encrypt", "decrypt" and a
* "delete" web-service is supported by this appliance.
-->

<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
            xmlns:tns="http://web.strongkeylite.strongauth.com/"
            targetNamespace="http://web.strongkeylite.strongauth.com/"
            version="1.0"
            elementFormDefault="qualified">

    <xsd:element name="StrongKeyLiteException" type="tns:StrongKeyLiteException"/>
    <xsd:element name="decrypt" type="tns:decrypt"/>
    <xsd:element name="decryptResponse" type="tns:decryptResponse"/>
    <xsd:element name="delete" type="tns:delete"/>
    <xsd:element name="deleteResponse" type="tns:deleteResponse"/>
    <xsd:element name="encrypt" type="tns:encrypt"/>
    <xsd:element name="encryptResponse" type="tns:encryptResponse"/>

    <!-- This type is used to package the parameters necessary to decrypt
         some sensitive data on the SKLES.  It is assumed that the transmission
         media is using TLS or IPSec for network-layer security.  All elements
         in this complex type are mandatory.
    -->
    <xsd:complexType name="decrypt">
        <xsd:sequence>
            <!-- The unique identifier of the encryption domain on the SKLES -->
            <xsd:element name="did" type="xsd:long" minOccurs="1"/>

            <!-- The username of the user/application requestion the service -->
            <xsd:element name="username" type="xsd:string" minOccurs="1"/>

            <!-- The password of the username specified above -->
            <xsd:element name="password" type="xsd:string" minOccurs="1"/>

            <!-- The unique token identifying the object in the SKLES database
                 that must be decrypted and returned.  The token itself is not
                 the ciphertext to be decrypted; it merely represents the
                 unique object in the SKLES database that must be decrypted and
                 returned in plaintext to the caller -->
            <xsd:element name="token" type="xsd:string" minOccurs="1"/>
        </xsd:sequence>
    </xsd:complexType>

    <!-- The type of the response to the decrypt service request -->
    <xsd:complexType name="decryptResponse">
        <xsd:sequence>
            <!-- The plaintext data returned if the service call succeeds -->
            <xsd:element name="return" type="xsd:string" minOccurs="1"/>
        </xsd:sequence>
    </xsd:complexType>

    <!-- This type is used to package the parameters necessary to delete
         some sensitive data on the SKLES.  It is assumed that the transmission
         media is using TLS or IPSec for network-layer security.  All elements
         in this complex type are mandatory.
    -->
    <xsd:complexType name="delete">
        <xsd:sequence>
            <!-- The unique identifier of the encryption domain on the SKLES -->
            <xsd:element name="did" type="xsd:long" minOccurs="1"/>

            <!-- The username of the user/application requestion the service -->
            <xsd:element name="username" type="xsd:string" minOccurs="1"/>

            <!-- The password of the username specified above -->
            <xsd:element name="password" type="xsd:string" minOccurs="1"/>

            <!-- The unique token identifying the object in the SKLES database
                 that must be deleted.  The token itself is not the ciphertext
                 to be deleted; it merely represents the unique object in the
                 SKLES database that must be deleted. -->
            <xsd:element name="token" type="xsd:string" minOccurs="1"/>
        </xsd:sequence>
    </xsd:complexType>

    <!-- The type of the response to the delete service request -->
    <xsd:complexType name="deleteResponse">
        <xsd:sequence>
            <!-- The boolean indicator returned if the service call succeeds/fails -->
            <xsd:element name="return" type="xsd:boolean" minOccurs="1"/>
        </xsd:sequence>
    </xsd:complexType>

    <!-- This type is used to package the parameters necessary to encrypt
         some sensitive data on the SKLES.  It is assumed that the transmission
         media is using TLS or IPSec for network-layer security.  All elements
         in this complex type are mandatory.
    -->
    <xsd:complexType name="encrypt">
        <xsd:sequence>
            <!-- The unique identifier of the encryption domain on the SKLES -->
            <xsd:element name="did" type="xsd:long" minOccurs="1"/>

            <!-- The username of the user/application requestion the service -->
            <xsd:element name="username" type="xsd:string" minOccurs="1"/>

            <!-- The password of the username specified above -->
            <xsd:element name="password" type="xsd:string" minOccurs="1"/>

            <!-- The sensitive data that must be encrypted. Maximum lenght of
                 this element is 1024 characters for the standard SKLES -->
            <xsd:element name="plaintext" type="xsd:string" minOccurs="1"/>
        </xsd:sequence>
    </xsd:complexType>

    <!-- The type of the response to the encrypt service request -->
    <xsd:complexType name="encryptResponse">
        <xsd:sequence>
            <!-- The ciphertext data returned if the service call succeeds -->
            <xsd:element name="return" type="xsd:string" minOccurs="1"/>
        </xsd:sequence>
    </xsd:complexType>

    <!-- The exception returned by the SKLES in the event there is a problem
         with the service request; the problem may be related to invalid
         parameters sent by the caller, unauthorized username, password or
         an invalid token identifier in the database.  Calling application
         must parse the exception to get to the underlying error code and
         message -->
    <xsd:complexType name="StrongKeyLiteException">
        <xsd:sequence>
            <!-- The underlying error code and message from the SKLES -->
            <xsd:element name="message" type="xsd:string" minOccurs="1"/>
        </xsd:sequence>
    </xsd:complexType>
</xsd:schema>