chore: fix package json syntax

Drop moment dependency

.eslintignore

@@ -1,4 +1,5 @@
 node_modules/
+examples/
 build/
 static/
 config/

.eslintrc

@@ -1,35 +1,4 @@
 {
-	"extends": "airbnb-base",
-	"env": {
-		"node": true,
-		"mocha": true
-	},
-	"parserOptions": {
-		"ecmaVersion": 8,
-		"sourceType": "script",
-		"ecmaFeatures": {
-			"modules": false
-		}
-	},
-	"rules": {
-		"max-len": 0,
-		"linebreak-style": 0,
-		"no-plusplus": [
-			2,
-			{
-				"allowForLoopAfterthoughts": true
-			}
-		],
-		"no-continue": 0,
-		"indent": [2, "tab"],
-		"no-tabs": 0,
-		"strict": [2, "safe"],
-		"curly": [2, "multi", "consistent"],
-		"import/no-extraneous-dependencies": 0,
-		"import/no-unresolved": 0,
-		"no-underscore-dangle": 0,
-		"no-param-reassign": 0,
-		"generator-star-spacing": 0,
-		"jsx-a11y/href-no-hash": "off"
-	}
+	"extends": "ecollect-base",
+	"root": true
 }

.gitignore

@@ -1,14 +1,19 @@
-npm-debug.log
-node_modules
+# mac shit
 .DS_Store
-*.local.json5
-yarn.lock
-/project.sublime-workspace
-/public/css/style.css.map
-/.idea
+
+# nyc test coverage
+.nyc_output
+
+# Dependency directories
+node_modules/
+
+# Optional npm cache directory
+.npm
+npm-debug.log
+
+# Optional eslint cache
+.eslintcache
+
+# vscode
 /.vscode
 *.pid
-/coverage
-package-lock.json
-*.key
-*.html

.travis.yml

@@ -0,0 +1,7 @@
+language: node_js
+node_js:
+  - "8"
+  - "9"
+  - "10"
+  - "11"
+  - "12"

README.md

@@ -1,5 +1,14 @@
 # node-ebics-client
----
+<p align="center">
+<a href="https://travis-ci.org/eCollect/node-ebics-client" title="Build Status"><img src="https://travis-ci.org/eCollect/node-ebics-client.svg?branch=master" alt="Build Status" /></a>
+<a href="https://www.npmjs.com/package/ebics-client" title="Build Status">
+<img alt="ebics-client" src="https://img.shields.io/npm/v/ebics-client">
+</a>
+<a href="https://snyk.io/test/github/ecollect/node-ebics-client" title="Known Vulnerabilities">
+<img src="https://snyk.io/test/github/ecollect/node-ebics-client/badge.svg" alt="Known Vulnerabilities">
+</a>
+<a href="/eCollect/node-ebics-client/blob/master/LICENSE" title="GPL-3.0"><img alt="GPL-3.0" src="https://img.shields.io/github/license/eCollect/node-ebics-client"></a>
+</p>
 
 Pure node.js ( >=8 ) implementation of [EBICS](https://en.wikipedia.org/wiki/Electronic_Banking_Internet_Communication_Standard) ( Electronic Banking Internet Communication ).
 
@@ -12,6 +21,7 @@ The client is currently tested and verified to work with the following banks:
 * [Credit Suisse (Schweiz) AG](https://www.credit-suisse.com/ch/en.html)
 * [Zürcher Kantonalbank](https://www.zkb.ch/en/lg/ew.html)
 * [Raiffeisen Schweiz](https://www.raiffeisen.ch/rch/de.html)
+* [BW Bank](https://www.bw-bank.de/de/home.html)
 
 
 ## Inspiration
@@ -21,4 +31,6 @@ The basic concept of this library was inspired by the [EPICS](https://github.com
 
 ## Copyright
 
-Copyright: eCollect AG, 2018-9.
+Copyright: eCollect AG, 2018-9.  
+Licensed under the [GPLv3](LICENSE) license.
+

lib/BankLetter.js

@@ -2,21 +2,18 @@
 
 const fs = require('fs');
 
-const moment = require('moment');
 const handlebars = require('handlebars');
 const Crypto = require('./crypto/Crypto');
-// const BN = require('bn.js');
+const { date } = require('./utils.js');
 
 const registerHelpers = () => {
-	handlebars.registerHelper('today', () => moment().format('DD.MM.YYYY'));
+	handlebars.registerHelper('today', () => date.toISODate(Date.now(), false));
 
-	handlebars.registerHelper('now', () => moment().format('HH:mm:ss'));
+	handlebars.registerHelper('now', () => date.toISOTime(Date.now(), false));
 
 	handlebars.registerHelper('keyExponentBits', k => Buffer.byteLength(k.e()) * 8);
-	// handlebars.registerHelper('keyExponentBits', k => Buffer.byteLength(new BN(k.key.keyPair.e).toBuffer()) * 8);
 
-	handlebars.registerHelper('keyModulusBits', k => k.key.getKeySize());
-	// return Buffer.byteLength(new BN(k.key.keyPair.e).toBuffer()) * 8;
+	handlebars.registerHelper('keyModulusBits', k => k.size());
 
 	handlebars.registerHelper('keyExponent', k => k.e('hex'));
 
@@ -24,8 +21,6 @@ const registerHelpers = () => {
 
 	handlebars.registerHelper('sha256', (k) => {
 		const digest = Buffer.from(Crypto.digestPublicKey(k), 'base64').toString('HEX');
-		// const digest = Buffer.from(k.publicDigest(), 'base64').toString('HEX');
-
 		return digest.toUpperCase().match(/.{1,2}/g).join(' ');
 	});
 };
@@ -63,11 +58,10 @@ module.exports = class BankLetter {
 
 		try {
 			fs.writeFileSync(path, letter);
-			console.log(`Data written to file on path '${path}'`);
 		} catch (error) {
-			console.error(`error while writing bank letter to path '${path}' with error ${error}`);
 			throw error;
 		}
+
 		return new Promise(resolve => resolve(true));
 	}
 };

lib/Client.js

@@ -13,14 +13,47 @@ const response = require('./middleware/response');
 const stringifyKeys = (keys) => {
 	Object.keys(keys).map((key) => {
 		keys[key] = keys[key] === null ? null : keys[key].toPem();
-
 		return key;
 	});
 
 	return JSON.stringify(keys);
 };
 
+/**
+ * Keys persistent object
+ * @typedef {Object} KeysObject
+ * @property {string} A006 - PEM representation of the A006 private key
+ * @property {string} E002 - PEM representation of the E002 private key
+ * @property {string} X002 - PEM representation of the X002 private key
+ * @property {string} bankX002 - PEM representation of the bankX002 public key
+ * @property {string} bankE002 - PEM representation of the bankE002 public key
+ */
+
+/**
+ * Key storage implementation
+ * @typedef {Object} KeyStorage
+ * @property {(data: KeysObject):Promise<void>} write - writes the keys to storage
+ * @property {():Promise<KeysObject>} read - reads the keys from storage
+ */
+
+/**
+ * Client initilization options
+ * @typedef {Object} EbicClientOptions
+ * @property {string} url - EBICS URL provided by the bank
+ * @property {string} partnerId - PARTNERID provided by the bank
+ * @property {string} hostId - HOSTID provided by the bank
+ * @property {string} userId - USERID provided by the bank
+ * @property {string} passphrase - passphrase for keys encyprion
+ * @property {KeyStorage} keyStorage - keyStorage implementation
+ * @property {object} [tracesStorage] - traces (logs) storage implementation
+ */
+
+
 module.exports = class Client {
+	/**
+	 *Creates an instance of Client.
+	 * @param {EbicClientOptions} clientOptions
+	 */
 	constructor({
 		url,
 		partnerId,
@@ -174,6 +207,12 @@ module.exports = class Client {
 		});
 	}
 
+	async signOrder(order) {
+		const { version } = order;
+		const keys = await this.keys();
+		return signer.version(version).sign((await serializer.use(order, this)).toXML(), keys.x());
+	}
+
 	async keys() {
 		try {
 			const keysString = await this._readKeys();

lib/consts.js

@@ -1,9 +1,8 @@
 'use strict';
 
-const packageJson = require('../package.json');
+const { version } = require('../package.json');
 
 const name = 'Node Ebics Client';
-const { version } = packageJson;
 const orderOperations = {
 	ini: 'INI',
 	upload: 'UPLOAD',

lib/crypto/BigNumber.js

@@ -0,0 +1,66 @@
+'use strict';
+
+const { jsbn: { BigInteger } } = require('node-forge');
+
+class BigNumber {
+	constructor(value, radix = 10) {
+		if (value === null || value === undefined)
+			throw new Error('value is missing.');
+
+		this._n = new BigInteger(null);
+
+		if (value instanceof BigNumber)
+			this._n = value._n;
+		else if (value instanceof BigInteger)
+			this._n = value;
+		else if (typeof value === 'number')
+			this._n.fromInt(value);
+		else if (typeof value === 'string')
+			this._n.fromString(value, radix);
+		else if (Buffer.isBuffer(value))
+			this._n.fromString(value.toString('hex'), 16);
+		else if (Array.isArray(value))
+			this._n.fromString(Buffer.from(value).toString('hex'), 16);
+		else
+			throw new TypeError('Unsupported value type.');
+	}
+
+	toBEBuffer(length) {
+		const arr = this._n.toByteArray();
+		if (length === undefined)
+			return Buffer.from(arr);
+
+		if (arr.length > length)
+			throw new Error('Number out of range.');
+
+		while (arr.length < length)
+			arr.unshift(0);
+
+		return Buffer.from(arr);
+	}
+
+	toString(radix = 10) {
+		const result = this._n.toString(radix);
+		if (radix === 16)
+			return result.padStart(2, '0');
+		return result;
+	}
+
+	and(num) {
+		return new BigNumber(this._n.and(new BigNumber(num)._n));
+	}
+
+	mul(num) {
+		return new BigNumber(this._n.multiply(new BigNumber(num)._n));
+	}
+
+	mod(num) {
+		return new BigNumber(this._n.mod(new BigNumber(num)._n));
+	}
+
+	shrn(num) {
+		return new BigNumber(this._n.shiftRight(new BigNumber(num)._n));
+	}
+}
+
+module.exports = BigNumber;

lib/crypto/Crypto.js

@@ -2,15 +2,14 @@
 
 const crypto = require('crypto');
 
-const BN = require('bn.js');
-
+const BigNumber = require('./BigNumber.js');
 const mgf1 = require('./MGF1');
 
 const modPow = (base, power, mod) => {
-	let result = new BN(1);
+	let result = new BigNumber(1);
 
 	while (power > 0) {
-		result = power.and(new BN(1)) == 1 ? (result.mul(base)).mod(mod) : result; // eslint-disable-line
+		result = power.and(new BigNumber(1)) == 1 ? (result.mul(base)).mod(mod) : result; // eslint-disable-line
 		base = (base.mul(base)).mod(mod);
 		power = power.shrn(1);
 	}
@@ -28,10 +27,13 @@ const emsaPSS = (msg, salt) => {
 	const dbMask = mgf1.generate(mTickHash, db.length);
 	const maskedDb = mgf1.xor(db, dbMask);
 
-	let maskedDbMsb = mgf1.rjust(new BN(maskedDb.slice(0, 1), 2).toString(2), 8, '0');
+	let maskedDbMsb = mgf1.rjust(new BigNumber(maskedDb.slice(0, 1)).toString(2), 8, '0');
+
 
 	maskedDbMsb = `0${maskedDbMsb.substr(1)}`;
-	maskedDb[0] = (new BN(maskedDbMsb, 2).toBuffer())[0]; // eslint-disable-line
+	// console.log((new BN(maskedDbMsb, 2).toBuffer())[0], new BigNumber(maskedDbMsb, 2).toBuffer()[0]);
+	// maskedDb[0] = (new BN(maskedDbMsb, 2).toBuffer())[0]; // eslint-disable-line
+	maskedDb[0] = new BigNumber(maskedDbMsb, 2).toBEBuffer()[0]; // eslint-disable-line
 
 	return Buffer.concat([maskedDb, mTickHash, Buffer.from('BC', 'hex')]);
 };
@@ -65,11 +67,12 @@ module.exports = class Crypto {
 	}
 
 	static sign(key, msg, salt = crypto.randomBytes(32)) {
-		const base = new BN(emsaPSS(msg, salt));
-		const power = new BN(key.d());
-		const mod = new BN(key.n());
+		// console.log(key.d());
+		const base = new BigNumber(emsaPSS(msg, salt));
+		const power = new BigNumber(key.d());
+		const mod = new BigNumber(key.n());
 
-		return (modPow(base, power, mod)).toBuffer().toString('base64');
+		return (modPow(base, power, mod)).toBEBuffer().toString('base64');
 	}
 
 	static pad(d) {

lib/crypto/MGF1.js

@@ -1,13 +1,13 @@
 'use strict';
 
 const crypto = require('crypto');
-const BN = require('bn.js');
+
+const BigNumber = require('./BigNumber.js');
 
 const MFG_LEN = 32;
 
 const divceil = (a, b) => ~~(((a + b) - 1) / b); // eslint-disable-line no-bitwise
-const rjust = (string, width, padding) => {
-	padding = padding || ' ';
+const rjust = (string, width, padding = ' ') => {
 	padding = padding.substr(0, 1);
 	if (string.length < width)
 		return padding.repeat(width - string.length) + string;
@@ -26,7 +26,7 @@ const i2osp = (x, len) => {
 	if (x >= 256 ** len)
 		throw new Error('Integer too large');
 
-	return Buffer.from(rjust((Buffer.from((new BN(x)).toArray('be', 4)).toString()).replace(/\x00/gi, ''), len, '\x00')); // eslint-disable-line no-control-regex
+	return Buffer.from(rjust(new BigNumber(x).toBEBuffer(4).toString().replace(/\x00/gi, ''), len, '\x00')); // eslint-disable-line no-control-regex
 };
 
 module.exports = {

lib/keymanagers/Key.js

@@ -0,0 +1,138 @@
+'use strict';
+
+const {
+	pki: {
+		rsa,
+		publicKeyToPem,
+		privateKeyToPem,
+		publicKeyFromPem,
+		privateKeyFromPem,
+	},
+	jsbn: {
+		BigInteger,
+	},
+} = require('node-forge');
+
+const getKeyType = (str) => {
+	const matches = str.match(/(PRIVATE|PUBLIC) KEY/);
+	if (!matches)
+		return null;
+	return matches[1].toLowerCase();
+};
+
+const keyFromPem = (pem) => {
+	const type = getKeyType(pem);
+	const isPublic = type === 'public';
+	const key = isPublic ? publicKeyFromPem(pem) : privateKeyFromPem(pem);
+
+	return {
+		isPublic,
+		key,
+	};
+};
+
+/**
+ * Creates a public key from modulus and exponent
+ * @param {Buffer} mod - the modulus
+ * @param {Buffer} exp - the exponent
+ */
+const keyFromModAndExp = (mod, exp) => {
+	const bnMod = new BigInteger(mod.toString('hex'), 16);
+	const bnExp = new BigInteger(exp.toString('hex'), 16);
+
+	return {
+		key: rsa.setPublicKey(bnMod, bnExp),
+		isPublic: true,
+	};
+};
+
+module.exports = class Key {
+	constructor({
+		pem = null, mod = null, exp = null, size = 2048,
+	} = {}) {
+		// generate new private key
+		if (!pem && !mod && !exp) {
+			const keyPair = rsa.generateKeyPair(size);
+
+			this.keyIsPublic = false;
+			this.privateKey = keyPair.privateKey;
+			this.publicKey = keyPair.publicKey;
+
+			return;
+		}
+
+		// new key from pem string
+		if (pem) {
+			const { key, isPublic } = keyFromPem(pem);
+
+			this.keyIsPublic = isPublic;
+			this.privateKey = isPublic ? null : key;
+			this.publicKey = isPublic ? key : null;
+
+			return;
+		}
+
+		// new key from mod and exp
+		if (mod && exp) {
+			const { key, isPublic } = keyFromModAndExp(mod, exp);
+
+			this.keyIsPublic = isPublic;
+			this.privateKey = isPublic ? null : key;
+			this.publicKey = isPublic ? key : null;
+
+			return;
+		}
+
+		// not good
+		throw new Error(`Can not create key without ${!mod ? 'modulus' : 'exponent'}.`);
+	}
+
+	static generate(size = 2048) {
+		return new Key({ size });
+	}
+
+	static importKey({ mod, exp }) {
+		return new Key({ mod, exp });
+	}
+
+	n(to = 'buff') {
+		const key = this.keyIsPublic ? this.publicKey : this.privateKey;
+		const keyN = Buffer.from(key.n.toByteArray());
+
+		return to === 'hex' ? keyN.toString('hex', 1) : keyN;
+	}
+
+	e(to = 'buff') {
+		const key = this.keyIsPublic ? this.publicKey : this.privateKey;
+		const eKey = Buffer.from(key.e.toByteArray());
+
+		return to === 'hex' ? eKey.toString('hex') : eKey;
+	}
+
+	d() {
+		if (this.keyIsPublic)
+			throw new Error('Can not get d component out of public key.');
+
+		return Buffer.from(this.privateKey.d.toByteArray());
+	}
+
+	isPrivate() {
+		return !this.keyIsPublic;
+	}
+
+	isPublic() {
+		return this.keyIsPublic;
+	}
+
+	// eslint-disable-next-line class-methods-use-this
+	size() {
+		const keyN = this.n('hex');
+		const bn = new BigInteger(keyN, 16);
+
+		return bn.bitLength();
+	}
+
+	toPem() {
+		return this.keyIsPublic ? publicKeyToPem(this.publicKey) : privateKeyToPem(this.privateKey);
+	}
+};

lib/keymanagers/Keys.js

@@ -1,8 +1,13 @@
 'use strict';
 
-const Key = require('./keyRSA');
+const Key = require('./Key');
 
-const keyOrNull = key => (key ? Key(key) : null);
+const keyOrNull = (key) => {
+	if (key instanceof Key)
+		return key;
+
+	return key ? new Key({ pem: key }) : null;
+};
 
 module.exports = class Keys {
 	constructor({
@@ -25,15 +30,15 @@ module.exports = class Keys {
 		const keys = {};
 
 		Object.keys({ A006: '', X002: '', E002: '' }).forEach((key) => {
-			keys[key] = Key().generate();
+			keys[key] = Key.generate(); // Key().generate();
 		});
 
 		return new Keys(keys);
 	}
 
 	setBankKeys(bankKeys) {
-		this.keys.bankX002 = Key().importKey(bankKeys.bankX002);
-		this.keys.bankE002 = Key().importKey(bankKeys.bankE002);
+		this.keys.bankX002 = new Key(bankKeys.bankX002); // Key().importKey(bankKeys.bankX002);
+		this.keys.bankE002 = new Key(bankKeys.bankE002); // Key().importKey(bankKeys.bankE002);
 	}
 
 	a() {

lib/keymanagers/keyRSA.js

@@ -1,49 +0,0 @@
-'use strict';
-
-const BN = require('bn.js');
-const NodeRSA = require('node-rsa');
-
-const keyOrNull = (encodedKey) => {
-	if (encodedKey === null) return new NodeRSA();
-
-	return (encodedKey instanceof NodeRSA) ? encodedKey : new NodeRSA(encodedKey);
-};
-
-module.exports = encodedKey => ({
-	key: keyOrNull(encodedKey),
-
-	generate(keySize = 2048) {
-		return new NodeRSA({ b: keySize });
-	},
-
-	importKey({ mod, exp }) {
-		this.key = new NodeRSA();
-		this.key.importKey({ n: mod, e: exp }, 'components-public');
-
-		return this;
-	},
-
-	n(to = 'buff') {
-		const keyN = Buffer.from(this.key.exportKey('components-public').n);
-
-		return to === 'hex'
-			? keyN.toString('hex', 1)
-			: keyN;
-	},
-
-	e(to = 'buff') {
-		const eKey = new BN(this.key.exportKey('components-public').e).toBuffer();
-
-		return to === 'hex'
-			? eKey.toString('hex')
-			: eKey;
-	},
-
-	d() {
-		return this.key.keyPair.d.toBuffer();
-	},
-
-	toPem() {
-		return this.key.isPrivate() ? this.key.exportKey('pkcs1-private-pem') : this.key.exportKey('pkcs8-public-pem');
-	},
-});

lib/orders/H004/response.js

@@ -2,7 +2,6 @@
 
 const zlib = require('zlib');
 const crypto = require('crypto');
-const BN = require('bn.js');
 
 const Crypto = require('../../crypto/Crypto');
 
@@ -72,7 +71,7 @@ module.exports = (xml, keys) => ({
 
 	businessCode() {
 		const select = xpath.useNamespaces({ xmlns: 'urn:org:ebics:H004' });
-		const node = select('//xmlns:body/xmlns:ReturnCode', this.doc)
+		const node = select('//xmlns:body/xmlns:ReturnCode', this.doc);
 
 		return node.length ? node[0].textContent : '';
 	},
@@ -127,10 +126,12 @@ module.exports = (xml, keys) => ({
 			const modulus = xpath.select(".//*[local-name(.)='Modulus']", keyNodes[i])[0].textContent;
 			const exponent = xpath.select(".//*[local-name(.)='Exponent']", keyNodes[i])[0].textContent;
 
-			const mod = new BN(Buffer.from(modulus, 'base64'), 2).toBuffer();
-			const exp = new BN(Buffer.from(exponent, 'base64')).toNumber();
-
-			bankKeys[`bank${type}`] = { mod, exp };
+			const mod = Buffer.from(modulus, 'base64');
+			const exp = Buffer.from(exponent, 'base64');
+			bankKeys[`bank${type}`] = {
+				mod,
+				exp,
+			};
 		}
 
 		return bankKeys;

lib/orders/H004/serializers/download.js

@@ -3,7 +3,6 @@
 const js2xmlparser = require('js2xmlparser');
 
 const Crypto = require('../../../crypto/Crypto');
-
 const genericSerializer = require('./generic');
 
 module.exports = {

lib/storages/tracesStorage.js

@@ -4,9 +4,7 @@ const fs = require('fs');
 
 const uuidv1 = require('uuid/v1');
 
-const traceName = (uuid, label, type, ext = 'xml') => {
-	return `${uuid}_${label}_${type}.${ext}`;
-};
+const traceName = (uuid, label, type, ext = 'xml') => `${uuid}_${label}_${type}.${ext}`;
 
 module.exports = dir => ({
 	traceData: '',
@@ -58,9 +56,7 @@ module.exports = dir => ({
 
 		try {
 			fs.writeFileSync(path, this.traceData);
-			console.log("Data written to file");
 		} catch (error) {
-			console.log(error);
 			throw error;
 		}
 	},

lib/utils.js

@@ -1,18 +1,46 @@
 'use strict';
 
+const prefixNumber = (n) => {
+	if (n < 10)
+		return `0${n}`;
+	return n.toString();
+};
+
+const date = {
+	getDateObject(d = Date.now()) {
+		const dateObject = new Date(d);
+		// eslint-disable-next-line no-restricted-globals
+		if (isNaN(dateObject))
+			throw new Error(`${d} is invalid date.`);
+		return dateObject;
+	},
+	toISODate(d = Date.now(), utc = true) {
+		const t = date.getDateObject(d);
+		if (utc)
+			return `${t.getUTCFullYear()}-${prefixNumber(t.getUTCMonth() + 1)}-${prefixNumber(t.getUTCDate())}`;
+		return `${t.getFullYear()}-${prefixNumber(t.getMonth() + 1)}-${prefixNumber(t.getDate())}`;
+	},
+	toISOTime(d = Date.now(), utc = true) {
+		const t = date.getDateObject(d);
+		if (utc)
+			return `${prefixNumber(t.getUTCHours())}:${prefixNumber(t.getUTCMinutes())}:${prefixNumber(t.getUTCSeconds())}`;
+		return `${prefixNumber(t.getHours())}:${prefixNumber(t.getMinutes())}:${prefixNumber(t.getSeconds())}`;
+	},
+};
+
 const dateRange = (start, end) => {
 	if (start && end)
 		return {
 			DateRange: {
-				Start: start,
-				End: end,
+				Start: date.toISODate(start),
+				End: date.toISODate(end),
 			},
 		};
 
 	return {};
 };
 
-
 module.exports = {
 	dateRange,
+	date,
 };

package.json

@@ -1,10 +1,11 @@
 {
 	"name": "ebics-client",
-	"version": "0.0.7",
+	"version": "0.1.1",
 	"description": "Node.js ISO 20022 Compliant EBICS Client",
 	"main": "index.js",
 	"scripts": {
-		"test": "echo \"Error: no test specified\" && exit 1"
+		"lint": "eslint .",
+		"test": "nyc mocha test/**/*.js"
 	},
 	"repository": {
 		"type": "git",
@@ -18,6 +19,16 @@
 	],
 	"author": "eCollect Sofia Tech Team",
 	"contributors": [
+		{
+			"name": "Dimitar Nanov",
+			"url": "https://nanov.io",
+			"email": "dimitar@nanov.io"
+		},
+		{
+			"name": "Vladislav Hristov",
+			"url": "https://github.com/vladhristov",
+			"email": "vlad.s.ch@gmail.com"
+		},
 		{
 			"name": "Vasyl Stashuk",
 			"url": "https://github.com/vasyas"
@@ -27,24 +38,24 @@
 			"url": "https://github.com/yagop"
 		}
 	],
-	"license": "MIT",
+	"license": "GPL-3.0-only",
 	"dependencies": {
-		"bn.js": "^4.11.8",
-		"handlebars": "^4.0.11",
-		"js2xmlparser": "^3.0.0",
-		"moment": "^2.22.1",
-		"node-rsa": "^0.4.2",
-		"request": "^2.87.0",
-		"uuid": "^3.3.2",
-		"xml-crypto": "^0.10.1",
+		"handlebars": "^4.4.3",
+		"js2xmlparser": "^4.0.0",
+		"node-forge": "^0.9.1",
+		"request": "^2.88.0",
+		"uuid": "^3.3.3",
+		"xml-crypto": "^1.4.0",
 		"xmldom": "^0.1.27",
 		"xpath": "0.0.27"
 	},
 	"devDependencies": {
 		"chai": "^4.2.0",
-		"eslint": "^4.19.1",
-		"eslint-config-airbnb-base": "^12.1.0",
-		"eslint-plugin-import": "^2.12.0",
-		"mocha": "^6.1.4"
+		"eslint": "^6.6.0",
+		"eslint-config-ecollect-base": "^0.1.2",
+		"eslint-plugin-import": "^2.18.2",
+		"libxmljs": "^0.19.7",
+		"mocha": "^6.2.2",
+		"nyc": "^14.1.1"
 	}
 }

test/fixtures/keys.js

@@ -0,0 +1,43 @@
+'use strict';
+
+const publicSmallExpPEM = '';
+const publicSmallExpMod = '';
+const publicSmallExpExp = '';
+
+const publicBigPEM = `-----BEGIN PUBLIC KEY-----
+MIIBJDANBgkqhkiG9w0BAQEFAAOCAREAMIIBDAKCAQEAuvqhJ2ptulHGUmYq3BOO
+NoIDXOUDrVV3s188wvU3Fj9TcO3yBqWuJ5GMEzRIOfi8Pb4AkJBjjPOR0Taby7+n
+7coa2Zm0ZprGzXVM1Gb0aG3BAbDaFbvdF25NLAtkmtKKW/8YfXy89qvy6+UEBdOa
+1UTLaR+9Pf63Wa+qu638udSDe3refHdZV1bKUR1UOZ/1iWn5b7aq4vITRPNNWXk5
+eG8He2lWzYHg5+yY4ckBooh1K5cMwl5s+Iz24iWtqIlV5EyORbdfGatrNzv6S7Lx
+FngEGCL5e97qU1pAcarE9XmrlJ5dHl9LQPaw957AlZuOFpVEE5shXZkSgRYrHv2m
+cQIFAQAAAA8=
+-----END PUBLIC KEY-----`;
+const publicBigModString = 'ALr6oSdqbbpRxlJmKtwTjjaCA1zlA61Vd7NfPML1NxY/U3Dt8galrieRjBM0SDn4vD2+AJCQY4zzkdE2m8u/p+3KGtmZtGaaxs11TNRm9GhtwQGw2hW73RduTSwLZJrSilv/GH18vPar8uvlBAXTmtVEy2kfvT3+t1mvqrut/LnUg3t63nx3WVdWylEdVDmf9Ylp+W+2quLyE0TzTVl5OXhvB3tpVs2B4OfsmOHJAaKIdSuXDMJebPiM9uIlraiJVeRMjkW3Xxmrazc7+kuy8RZ4BBgi+Xve6lNaQHGqxPV5q5SeXR5fS0D2sPeewJWbjhaVRBObIV2ZEoEWKx79pnE=';
+const publicBigModBytes = [0, 186, 250, 161, 39, 106, 109, 186, 81, 198, 82, 102, 42, 220, 19, 142, 54, 130, 3, 92, 229, 3, 173, 85, 119, 179, 95, 60, 194, 245, 55, 22, 63, 83, 112, 237, 242, 6, 165, 174, 39, 145, 140, 19, 52, 72, 57, 248, 188, 61, 190, 0, 144, 144, 99, 140, 243, 145, 209, 54, 155, 203, 191, 167, 237, 202, 26, 217, 153, 180, 102, 154, 198, 205, 117, 76, 212, 102, 244, 104, 109, 193, 1, 176, 218, 21, 187, 221, 23, 110, 77, 44, 11, 100, 154, 210, 138, 91, 255, 24, 125, 124, 188, 246, 171, 242, 235, 229, 4, 5, 211, 154, 213, 68, 203, 105, 31, 189, 61, 254, 183, 89, 175, 170, 187, 173, 252, 185, 212, 131, 123, 122, 222, 124, 119, 89, 87, 86, 202, 81, 29, 84, 57, 159, 245, 137, 105, 249, 111, 182, 170, 226, 242, 19, 68, 243, 77, 89, 121, 57, 120, 111, 7, 123, 105, 86, 205, 129, 224, 231, 236, 152, 225, 201, 1, 162, 136, 117, 43, 151, 12, 194, 94, 108, 248, 140, 246, 226, 37, 173, 168, 137, 85, 228, 76, 142, 69, 183, 95, 25, 171, 107, 55, 59, 250, 75, 178, 241, 22, 120, 4, 24, 34, 249, 123, 222, 234, 83, 90, 64, 113, 170, 196, 245, 121, 171, 148, 158, 93, 30, 95, 75, 64, 246, 176, 247, 158, 192, 149, 155, 142, 22, 149, 68, 19, 155, 33, 93, 153, 18, 129, 22, 43, 30, 253, 166, 113];
+const publicBigExpString = 'AQAAAA8=';
+const publicBigExpBytes = [1, 0, 0, 0, 15];
+
+
+const pblc = {
+	big: {
+		pem: publicBigPEM,
+		mod: {
+			bytes: publicBigModBytes,
+			string: publicBigModString,
+		},
+		exp: {
+			bytes: publicBigExpBytes,
+			string: publicBigExpString,
+		},
+	},
+	small: {
+		pem: publicSmallExpPEM,
+		mod: publicSmallExpMod,
+		exp: publicSmallExpExp,
+	},
+};
+
+module.exports = {
+	pblc,
+};

test/spec/H004.js

@@ -0,0 +1,105 @@
+'use strict';
+
+/* eslint-env node, mocha */
+
+const { assert } = require('chai');
+
+const path = require('path');
+const fs = require('fs');
+
+const ebics = require('../../');
+
+const libxml = require('libxmljs');
+
+const schemaPath = path.resolve(__dirname, '../xsd/ebics_H004.xsd');
+const schemaDoc = libxml.parseXml(fs.readFileSync(schemaPath, { encoding: 'utf8' }));
+
+const schemaDir = path.dirname(schemaPath);
+const cwd = process.cwd();
+
+const validateXML = (str) => {
+	try {
+		process.chdir(schemaDir);
+		const isValid = libxml.parseXmlString(str).validate(schemaDoc);
+		process.chdir(cwd);
+		return isValid;
+	} catch (e) {
+		process.chdir(cwd);
+		return false;
+	}
+};
+
+const client = new ebics.Client({
+	url: 'https://iso20022test.credit-suisse.com/ebicsweb/ebicsweb',
+	partnerId: 'CRS04381',
+	userId: 'CRS04381',
+	hostId: 'CRSISOTB',
+	passphrase: 'test',
+	keyStorage: ebics.fsKeysStorage(path.resolve(__dirname, '../support/TEST_KEYS.key')),
+});
+
+const { Orders } = ebics;
+
+/*
+upload :
+const AZV = require('./AZV');
+const CD1 = require('./CD1');
+const CDB = require('./CDB');
+const CDD = require('./CDD');
+const CDS = require('./CDS');
+const CCT = require('./CCT');
+const CCS = require('./CCS');
+const XE3 = require('./XE3');
+const XCT = require('./XCT');
+*/
+const uploadBuilder = fn => fn('');
+const dateBuilder = fn => fn('2018-01-01', '2019-01-01');
+
+const fnOrders = {
+	// upload | document
+	AZV: uploadBuilder,
+	CD1: uploadBuilder,
+	CDB: uploadBuilder,
+	CDD: uploadBuilder,
+	CDS: uploadBuilder,
+	CCT: uploadBuilder,
+	CCS: uploadBuilder,
+	XE3: uploadBuilder,
+	XCT: uploadBuilder,
+
+	// download
+	STA: dateBuilder,
+	VMK: dateBuilder,
+	HAA: dateBuilder,
+	HTD: dateBuilder,
+	HPD: dateBuilder,
+	HKD: dateBuilder,
+	PTK: dateBuilder,
+	HAC: dateBuilder,
+	Z53: dateBuilder,
+};
+
+const getOrderObject = (name, order) => {
+	if (typeof order === 'object')
+		return order;
+	if (fnOrders[name])
+		return fnOrders[name](order);
+	return null;
+};
+
+describe('H004 order generation', () => {
+	// eslint-disable-next-line no-restricted-syntax
+	for (const [name, orderDefinition] of Object.entries(Orders)) {
+		const order = getOrderObject(name, orderDefinition);
+		if (!order)
+			continue;
+
+		const type = order.orderDetails.OrderType;
+		const { operation } = order;
+
+		it(`[${operation}] ${type} order generation`, async () => {
+			const signedOrder = await client.signOrder(order);
+			assert.isTrue(validateXML(signedOrder));
+		});
+	}
+});

test/unit/BigNumber.js

@@ -0,0 +1,47 @@
+'use strict';
+
+/* eslint-env node, mocha */
+
+const { assert } = require('chai');
+const { jsbn: { BigInteger } } = require('node-forge');
+
+const BigNumber = require('../../lib/crypto/BigNumber');
+
+const types = [
+	{ name: 'BigNumber', value: new BigNumber(11) },
+	{ name: 'BigInteger', value: new BigInteger('11') },
+	{ name: 'string with default radix', value: '11' },
+	{ name: 'string with radix 16', value: '0b', radix: 16 },
+	{ name: 'Buffer', value: Buffer.from('0b', 'hex') },
+	{ name: 'Array', value: [11] },
+];
+
+describe('BigNumber', () => {
+	describe('creating an instance', () => {
+		it('should throw with no value given', () => assert.throws(() => new BigNumber()));
+		it('should throw wrong value type', () => assert.throws(() => new BigNumber({})));
+
+		for (const { name, value, radix } of types) {
+			let instance;
+			describe(`out of ${name}`, () => {
+				it('create instance', () => assert.doesNotThrow(() => {
+					instance = new BigNumber(value, radix);
+				}));
+				it('toString with radix 10', () => assert.equal(instance.toString(), '11'));
+				it('toString with radix 16', () => assert.equal(instance.toString(16), '0b'));
+				it('toBEBuffer without length', () => assert.equal(instance.toBEBuffer().toString('hex'), '0b'));
+				it('toBEBuffer with length', () => assert.equal(instance.toBEBuffer(4).toString('hex'), '0000000b'));
+			});
+		}
+	});
+	describe('exports', () => {
+		it('toBEBuffer with too short length should throw', () => assert.throw(() => new BigNumber(837462187362).toBEBuffer(1)));
+	});
+	describe('operators', () => {
+		const num = new BigNumber(1);
+		it('and', () => assert.equal(num.and(1), 1));
+		it('mul', () => assert.equal(num.mul(2), 2));
+		it('mod', () => assert.equal(num.mod(1), 0));
+		it('shrn', () => assert.equal(num.shrn(1), 0));
+	});
+});

test/unit/keys.js

@@ -0,0 +1,92 @@
+'use strict';
+
+/* eslint-env node, mocha */
+
+const { assert } = require('chai');
+const fixtures = require('../fixtures/keys');
+// const Key = require('../lib/keymanagers/keyRSA');
+const Key = require('../../lib/keymanagers/Key');
+
+const stripWhitespace = str => str.replace(/\s+/g, '');
+
+describe('Keys management', () => {
+	describe('generates brand new', () => {
+		const keySize = 2048;
+		// const newKey = Key().generate(keySize);
+		const newKey = Key.generate();
+
+		it('private key', () => {
+			assert.isTrue(newKey.isPrivate());
+		});
+
+		it('that has the right key size', () => {
+			// const newKeySize = newKey.size(); // console.log(newKey.size());
+			assert(newKey.size(), keySize);
+		});
+	});
+
+	describe('creates public key from mod and exp', () => {
+		const { pem, mod, exp } = fixtures.pblc.big;
+
+		describe('that are strings', () => {
+			const m = Buffer.from(mod.string, 'base64');
+			const e = Buffer.from(exp.string, 'base64');
+			/* const newKey = Key().importKey({
+				mod: m, exp: e, modulus: mod.string, exponent: exp.string,
+			}); */
+			const newKey = new Key({ mod: m, exp: e });
+
+			it('and is really public', () => {
+				assert.isTrue(newKey.isPublic());
+			});
+
+
+			it('and has a propper mod in bytes', () => {
+				assert.deepEqual([...newKey.n()], mod.bytes);
+			});
+
+			it('and has a propper pem string', () => {
+				assert.equal(stripWhitespace(newKey.toPem()), stripWhitespace(pem));
+			});
+		});
+
+		describe('that are bytes', () => {
+			const m = Buffer.from(mod.bytes);
+			const e = Buffer.from(exp.bytes);
+			/* const newKey = Key().importKey({
+				mod: m, exp: e, modulus: mod.string, exponent: exp.string,
+			}); */
+			const newKey = new Key({ mod: m, exp: e });
+
+			it('and is really public', () => {
+				assert.isTrue(newKey.isPublic());
+			});
+
+			it('and has a propper mod as a string', () => {
+				assert.equal(newKey.n().toString('base64'), mod.string);
+			});
+
+			it('and has a propper pem string', () => {
+				assert.equal(stripWhitespace(newKey.toPem()), stripWhitespace(pem));
+			});
+		});
+	});
+
+	describe('creates public key from pem string', () => {
+		const { pem } = fixtures.pblc.big;
+		// const newKey = Key(pem);
+		const newKey = new Key({ pem });
+
+		it('and is really public', () => {
+			assert.isTrue(newKey.isPublic());
+		});
+
+		it('and has a propper(the same) pem string', () => {
+			/* newKey.pempem = {
+				modulus: mod.string,
+				exponent: exp.string,
+			}; */
+			assert.equal(stripWhitespace(newKey.toPem()), stripWhitespace(pem));
+		});
+	});
+});

test/unit/responseParser.js

@@ -1,7 +1,9 @@
 'use strict';
 
+/* eslint-env node, mocha */
+
 const { assert } = require('chai');
-const H004Response = require('../lib/orders/H004/response');
+const H004Response = require('../../lib/orders/H004/response');
 
 describe('H004 response parsing', () => {
 	it('parses bank keys', () => {
@@ -23,7 +25,7 @@ describe('H004 response parsing', () => {
 				<AuthenticationVersion>X002</AuthenticationVersion>
 			  </AuthenticationPubKeyInfo>
 			  <EncryptionPubKeyInfo>
-				<PubKeyValue>  
+				<PubKeyValue>
 				  <ds:RSAKeyValue>
 					<ds:Modulus>${e002mod}</ds:Modulus>
 					<ds:Exponent>AQAB</ds:Exponent>

test/unit/utils.js

@@ -0,0 +1,29 @@
+'use strict';
+
+/* eslint-env node, mocha */
+
+const { assert } = require('chai');
+
+const utils = require('../../lib/utils');
+
+describe('utils', () => {
+	describe('dateRange', () => {
+		describe('dateRange', () => {
+			it('should generate empty object with partial parameters', () => {
+				assert.isEmpty(utils.dateRange());
+			});
+			it('should throw with invalid date', () => {
+				assert.throws(() => utils.dateRange('2018-15-15', '2018-20-20'));
+			});
+			it('should work for valid string input', () => {
+				assert.containsAllDeepKeys(utils.dateRange('2018-01-15', '2018-01-20'), { DateRange: { Start: '2018-01-15', End: '2018-01-20' } });
+			});
+			it('should work for Date string input', () => {
+				assert.containsAllDeepKeys(utils.dateRange(new Date('2018-01-15'), new Date('2018-01-20')), { DateRange: { Start: '2018-01-15', End: '2018-01-20' } });
+			});
+			it('should work for timestamp string input', () => {
+				assert.containsAllDeepKeys(utils.dateRange(new Date('2018-01-15').getTime(), new Date('2018-01-20').getTime()), { DateRange: { Start: '2018-01-15', End: '2018-01-20' } });
+			});
+		});
+	});
+});

test/xsd/ebics_H004.xsd

@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ebics="urn:org:ebics:H004" targetNamespace="urn:org:ebics:H004" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0">
+	<annotation>
+		<documentation xml:lang="de">ebics_H004.xsd inkludiert alle Schemadateien des EBICS-Protokolls, um die Eindeutigkeit von Element- und Typnamen im EBCIS Namespace zu erzwingen.</documentation>
+		<documentation xml:lang="en">ebics_H004.xsd includes all schema files for the EBICS protocol in order to enforce unique element and type names in the EBICS namespace.</documentation>
+	</annotation>
+	<include schemaLocation="ebics_request_H004.xsd"/>
+	<include schemaLocation="ebics_response_H004.xsd"/>
+	<include schemaLocation="ebics_keymgmt_request_H004.xsd"/>
+	<include schemaLocation="ebics_keymgmt_response_H004.xsd"/>
+</schema>

test/xsd/ebics_hev.xsd

@@ -0,0 +1,135 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ebics="http://www.ebics.org/H000" targetNamespace="http://www.ebics.org/H000" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0">
+	<xs:annotation>
+		<xs:documentation xml:lang="de">ebics_hev.xsd ist das EBICS-Protokollschema entweder für Anfragen oder Rückmeldungen der Bank zu unterstützten EBICS-Versionen.</xs:documentation>
+		<xs:documentation xml:lang="en">ebics_hev.xsd is the appropriate EBICS protocol schema either for requests or responses according the EBICS versions supported by a bank.</xs:documentation>
+	</xs:annotation>
+	<xs:simpleType name="HostIDType">
+		<xs:annotation>
+			<xs:documentation xml:lang="de">Datentyp für die Host-ID.</xs:documentation>
+			<xs:documentation xml:lang="en">Dataype for Host-ID.</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:token">
+			<xs:maxLength value="35"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="OrderTBaseType">
+		<xs:annotation>
+			<xs:documentation xml:lang="de">Datentyp für allgemeine Auftragsarten (Grundtyp).</xs:documentation>
+			<xs:documentation xml:lang="en">Datatype for general order types (basic type).</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:token">
+			<xs:length value="3"/>
+			<xs:pattern value="HEV"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ReturnCodeType">
+		<xs:annotation>
+			<xs:documentation xml:lang="de">Datentyp für Antwortcodes.</xs:documentation>
+			<xs:documentation xml:lang="en">Datatype for the return code</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:token">
+			<xs:length value="6"/>
+			<xs:pattern value="\d{6}"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ReportTextType">
+		<xs:annotation>
+			<xs:documentation xml:lang="de">Datentyp für den Erklärungstext zum Antwortcode.</xs:documentation>
+			<xs:documentation xml:lang="en">Datatype for report text with respect to the return code</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:normalizedString">
+			<xs:maxLength value="256"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="VersionNumberType">
+		<xs:annotation>
+			<xs:documentation xml:lang="de">Datentyp für eine Versionsnummer</xs:documentation>
+			<xs:documentation xml:lang="en">Datatype for a release number </xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:token">
+			<xs:length value="5"/>
+			<xs:pattern value="[0-9]{2}[.][0-9]{2}"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="ProtocolVersionType">
+		<xs:annotation>
+			<xs:documentation xml:lang="de">Datentyp für Versionsnummer des EBICS-schemas</xs:documentation>
+			<xs:documentation xml:lang="en">Datatype for release-number of the EBICS scheme</xs:documentation>
+		</xs:annotation>
+		<xs:restriction base="xs:token">
+			<xs:length value="4"/>
+			<xs:pattern value="H\d{3}"/>
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:complexType name="SystemReturnCodeType">
+		<xs:annotation>
+			<xs:documentation xml:lang="de">Datentyp für technische Fehler.</xs:documentation>
+			<xs:documentation xml:lang="en">Datatype for technical error</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="ReturnCode" type="ebics:ReturnCodeType">
+				<xs:annotation>
+					<xs:documentation xml:lang="de">Rückmeldung des Ausführungsstatus mit einer eindeutigen Fehlernummer.</xs:documentation>
+					<xs:documentation xml:lang="en">Confirmation of the carried out status with a unique error code.</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+			<xs:element name="ReportText" type="ebics:ReportTextType">
+				<xs:annotation>
+					<xs:documentation xml:lang="de">Klartext der Rückmeldung des Ausführungsstatus.</xs:documentation>
+					<xs:documentation xml:lang="en">Clear text of the response (carried out status).</xs:documentation>
+				</xs:annotation>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HEVRequestDataType">
+		<xs:annotation>
+			<xs:documentation xml:lang="de">Datentyp für die Request-Daten</xs:documentation>
+			<xs:documentation xml:lang="en">Data type for Request data</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="HostID" type="ebics:HostIDType"/>
+			<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="HEVResponseDataType">
+		<xs:annotation>
+			<xs:documentation xml:lang="en">Datentyp für die Response-Daten</xs:documentation>
+			<xs:documentation xml:lang="en">Data type for Request data</xs:documentation>
+		</xs:annotation>
+		<xs:sequence>
+			<xs:element name="SystemReturnCode" type="ebics:SystemReturnCodeType"/>
+			<xs:element name="VersionNumber" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation xml:lang="de">Von der Bank unterstützte EBICS-Versionen, z.B.  2.4</xs:documentation>
+					<xs:documentation xml:lang="en">EBICS-releases supported by the bank, e.g. 2.4</xs:documentation>
+				</xs:annotation>
+				<xs:complexType>
+					<xs:simpleContent>
+						<xs:extension base="ebics:VersionNumberType">
+							<xs:attribute name="ProtocolVersion" type="ebics:ProtocolVersionType" use="required">
+								<xs:annotation>
+									<xs:documentation xml:lang="de">der EBICS-Version eindeutig zugeordnete Schema-Version, z.B. H003</xs:documentation>
+									<xs:documentation xml:lang="en">EBICS-scheme-version, e.g. H003, well-defined for EBICS-release-Version</xs:documentation>
+								</xs:annotation>
+							</xs:attribute>
+						</xs:extension>
+					</xs:simpleContent>
+				</xs:complexType>
+			</xs:element>
+			<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:element name="ebicsHEVRequest" type="ebics:HEVRequestDataType">
+		<xs:annotation>
+			<xs:documentation xml:lang="de">Requestdaten</xs:documentation>
+			<xs:documentation xml:lang="en">request data</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+	<xs:element name="ebicsHEVResponse" type="ebics:HEVResponseDataType">
+		<xs:annotation>
+			<xs:documentation xml:lang="de">Responsedaten</xs:documentation>
+			<xs:documentation xml:lang="en">response data</xs:documentation>
+		</xs:annotation>
+	</xs:element>
+</xs:schema>

test/xsd/ebics_keymgmt_request_H004.xsd

@@ -0,0 +1,543 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Mit XMLSpy v2008 rel. 2 sp2 (http://www.altova.com) von benutzerservice benutzerservice (SIZ GmbH) bearbeitet -->
+<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ebics="urn:org:ebics:H004" targetNamespace="urn:org:ebics:H004" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0">
+	<annotation>
+		<documentation xml:lang="de">ebics_keymgmt_request_H004.xsd ist das EBICS-Protokollschema für Schlüsselmanagement-Anfragen (HIA, HPB, HSA, INI).</documentation>
+	</annotation>
+	<import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd">
+		<annotation>
+			<documentation xml:lang="de">XML-Signature.</documentation>
+		</annotation>
+	</import>
+	<include schemaLocation="ebics_types_H004.xsd"/>
+	<include schemaLocation="ebics_orders_H004.xsd"/>
+	<complexType name="StaticHeaderBaseType" abstract="true">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für den statischen EBICS-Header (allgemein).</documentation>
+		</annotation>
+		<sequence>
+			<element name="HostID" type="ebics:HostIDType">
+				<annotation>
+					<documentation xml:lang="de">Hostname des Banksystems.</documentation>
+				</annotation>
+			</element>
+			<element name="Nonce" type="ebics:NonceType" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">Zufallswert; damit wird die Initialisierungsnachricht des Clients einzigartig; nur anzugeben, falls Authentifikationssignatur vorhanden.</documentation>
+				</annotation>
+			</element>
+			<element name="Timestamp" type="ebics:TimestampType" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">aktueller Zeitstempel zur Begrenzung der serverseitigen Nonce-Speicherung; nur anzugeben, falls Authentifikationssignatur vorhanden.</documentation>
+				</annotation>
+			</element>
+			<element name="PartnerID" type="ebics:PartnerIDType">
+				<annotation>
+					<documentation xml:lang="de">Kunden-ID des serverseitig administrierten Kunden.</documentation>
+				</annotation>
+			</element>
+			<element name="UserID" type="ebics:UserIDType">
+				<annotation>
+					<documentation xml:lang="de">Teilnehmer-ID des serverseitig zu diesem Kunden administrierten Teilnehmers.</documentation>
+				</annotation>
+			</element>
+			<element name="SystemID" type="ebics:UserIDType" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">technische User-ID für Multi-User-Systeme.</documentation>
+				</annotation>
+			</element>
+			<element name="Product" type="ebics:ProductElementType" nillable="true" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">Kennung des Kundenprodukts bzw. Herstellerkennung oder Name.</documentation>
+				</annotation>
+			</element>
+			<element name="OrderDetails" type="ebics:OrderDetailsType">
+				<annotation>
+					<documentation xml:lang="de">Auftragsdetails.</documentation>
+				</annotation>
+			</element>
+			<element name="SecurityMedium" type="ebics:SecurityMediumType">
+				<annotation>
+					<documentation xml:lang="de">Angabe des Sicherheitsmediums, das der Kunde verwendet.</documentation>
+				</annotation>
+			</element>
+			<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</sequence>
+	</complexType>
+	<complexType name="OrderDetailsType" abstract="true">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für OrderDetails im statischen EBICS-Header (allgemein).</documentation>
+		</annotation>
+		<sequence>
+			<element name="OrderType" type="ebics:OrderTBaseType">
+				<annotation>
+					<documentation xml:lang="de">Auftragsart.</documentation>
+				</annotation>
+			</element>
+			<element name="OrderAttribute" type="ebics:OrderAttributeBaseType">
+				<annotation>
+					<documentation xml:lang="de">Auftragsattribut.</documentation>
+				</annotation>
+			</element>
+		</sequence>
+	</complexType>
+	<complexType name="ProductElementType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für Element mit Kennung des Kundenprodukts bzw. Herstellerkennung oder Name.</documentation>
+		</annotation>
+		<simpleContent>
+			<extension base="ebics:ProductType">
+				<attribute name="Language" type="ebics:LanguageType" use="required">
+					<annotation>
+						<documentation xml:lang="de">Sprachkennzeichen der Kundenproduktversion (gemäß ISO 639).</documentation>
+					</annotation>
+				</attribute>
+				<attribute name="InstituteID" type="ebics:InstituteIDType" use="optional">
+					<annotation>
+						<documentation xml:lang="de">Kennung des Herausgebers des Kundenprodukts bzw. des betreuenden Kreditinstituts.</documentation>
+					</annotation>
+				</attribute>
+			</extension>
+		</simpleContent>
+	</complexType>
+	<complexType name="EmptyMutableHeaderType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für den leeren variablen EBICS-Header von Key Managemen Aufträgen.</documentation>
+		</annotation>
+		<sequence>
+			<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</sequence>
+	</complexType>
+	<element name="ebicsUnsecuredRequest">
+		<annotation>
+			<documentation>Anfragestruktur für ungesicherte Auftragsarten HIA (Authentifikations- und Verschlüsselungsschlüssel senden) und INI (bankfachllichen Schlüssel senden).</documentation>
+		</annotation>
+		<complexType>
+			<sequence>
+				<element name="header">
+					<annotation>
+						<documentation xml:lang="de">enthält die technischen Transaktionsdaten.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<element name="static" type="ebics:UnsecuredRequestStaticHeaderType">
+								<annotation>
+									<documentation xml:lang="de">enhält alle festen Headereinträge.</documentation>
+								</annotation>
+							</element>
+							<element name="mutable" type="ebics:EmptyMutableHeaderType">
+								<annotation>
+									<documentation xml:lang="de">enthält alle variablen Headereinträge.</documentation>
+								</annotation>
+							</element>
+						</sequence>
+						<attributeGroup ref="ebics:AuthenticationMarker"/>
+					</complexType>
+				</element>
+				<element name="body">
+					<annotation>
+						<documentation xml:lang="de">enthält die Auftragsdaten.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<annotation>
+								<documentation xml:lang="de"/>
+							</annotation>
+							<element name="DataTransfer">
+								<annotation>
+									<documentation xml:lang="de">Transfer von Auftragsdaten.</documentation>
+								</annotation>
+								<complexType>
+									<sequence>
+										<element name="OrderData">
+											<annotation>
+												<documentation xml:lang="de">enthält Auftragsdaten.</documentation>
+											</annotation>
+											<complexType>
+												<simpleContent>
+													<extension base="ebics:OrderDataType">
+														<anyAttribute namespace="##targetNamespace" processContents="lax"/>
+													</extension>
+												</simpleContent>
+											</complexType>
+										</element>
+									</sequence>
+								</complexType>
+							</element>
+						</sequence>
+					</complexType>
+				</element>
+			</sequence>
+			<attributeGroup ref="ebics:VersionAttrGroup"/>
+		</complexType>
+	</element>
+	<complexType name="UnsecuredRequestStaticHeaderType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für den statischen EBICS-Header bei ungesicherten Sendeauftragsarten (Aufträge HIA und INI): kein Nonce, kein Timestamp, keine EU-Datei, keine X001 Authentifizierung, keine Verschlüsselung, keine Digests der öffentlichen Bankschlüssel, Nutzdaten komprimiert, Auftragsattribut DZNNN</documentation>
+		</annotation>
+		<complexContent>
+			<restriction base="ebics:StaticHeaderBaseType">
+				<sequence>
+					<element name="HostID" type="ebics:HostIDType">
+						<annotation>
+							<documentation xml:lang="de">Hostname des Banksystems.</documentation>
+						</annotation>
+					</element>
+					<element name="Nonce" type="ebics:NonceType" minOccurs="0" maxOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">Zufallswert; damit wird die Initialisierungsnachricht des Clients einzigartig; nicht anzugeben für ebicsUnsecuredRequest.</documentation>
+						</annotation>
+					</element>
+					<element name="Timestamp" type="ebics:TimestampType" minOccurs="0" maxOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">aktueller Zeitstempel zur Begrenzung der serverseitigen Nonce-Speicherung; nicht anzugeben für ebicsUnsecuredRequest.</documentation>
+						</annotation>
+					</element>
+					<element name="PartnerID" type="ebics:PartnerIDType">
+						<annotation>
+							<documentation xml:lang="de">Kunden-ID des serverseitig administrierten Kunden.</documentation>
+						</annotation>
+					</element>
+					<element name="UserID" type="ebics:UserIDType">
+						<annotation>
+							<documentation xml:lang="de">Teilnehmer-ID des serverseitig zu diesem Kunden administrierten Teilnehmers.</documentation>
+						</annotation>
+					</element>
+					<element name="SystemID" type="ebics:UserIDType" minOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">technische User-ID für Multi-User-Systeme.</documentation>
+						</annotation>
+					</element>
+					<element name="Product" type="ebics:ProductElementType" nillable="true" minOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">Kennung des Kundenprodukts bzw. Herstellerkennung oder Name.</documentation>
+						</annotation>
+					</element>
+					<element name="OrderDetails" type="ebics:UnsecuredReqOrderDetailsType">
+						<annotation>
+							<documentation xml:lang="de">Auftragsdetails.</documentation>
+						</annotation>
+					</element>
+					<element name="SecurityMedium" type="ebics:SecurityMediumType">
+						<annotation>
+							<documentation xml:lang="de">Angabe des Sicherheitsmediums, das der Kunde verwendet.</documentation>
+						</annotation>
+					</element>
+					<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+				</sequence>
+			</restriction>
+		</complexContent>
+	</complexType>
+	<complexType name="UnsecuredReqOrderDetailsType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für OrderDetails im statischen EBICS-Header von ebicsUnsecuredRequest.</documentation>
+		</annotation>
+		<complexContent>
+			<restriction base="ebics:OrderDetailsType">
+				<sequence>
+					<element name="OrderType" type="ebics:OrderTBaseType">
+						<annotation>
+							<documentation xml:lang="de">Auftragsart.</documentation>
+						</annotation>
+					</element>
+					<element name="OrderAttribute" type="ebics:OrderAttributeBaseType" fixed="DZNNN">
+						<annotation>
+							<documentation xml:lang="de">Auftragsattribut: DZNNN.</documentation>
+						</annotation>
+					</element>
+				</sequence>
+			</restriction>
+		</complexContent>
+	</complexType>
+	<element name="ebicsNoPubKeyDigestsRequest">
+		<annotation>
+			<documentation>Anfragestruktur für Auftragsarten ohne Übertragung der Digests der öffentlichen Bankschlüssel (HPB Bankschlüssel abholen).</documentation>
+		</annotation>
+		<complexType>
+			<sequence>
+				<element name="header">
+					<annotation>
+						<documentation xml:lang="de">enthält die technischen Transaktionsdaten.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<element name="static" type="ebics:NoPubKeyDigestsRequestStaticHeaderType">
+								<annotation>
+									<documentation xml:lang="de">enhält alle festen Headereinträge.</documentation>
+								</annotation>
+							</element>
+							<element name="mutable" type="ebics:EmptyMutableHeaderType">
+								<annotation>
+									<documentation xml:lang="de">enthält alle variablen Headereinträge.</documentation>
+								</annotation>
+							</element>
+						</sequence>
+						<attributeGroup ref="ebics:AuthenticationMarker"/>
+					</complexType>
+				</element>
+				<element ref="ebics:AuthSignature">
+					<annotation>
+						<documentation xml:lang="de">Authentifikationssignatur.</documentation>
+					</annotation>
+				</element>
+				<element name="body">
+					<annotation>
+						<documentation xml:lang="de">enthält optionale Zertifikate (vorgesehen).</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<annotation>
+								<documentation xml:lang="de"/>
+							</annotation>
+							<element ref="ds:X509Data" minOccurs="0" maxOccurs="0">
+								<annotation>
+									<documentation xml:lang="de">X.509-Daten des Teilnehmers.</documentation>
+								</annotation>
+							</element>
+						</sequence>
+					</complexType>
+				</element>
+			</sequence>
+			<attributeGroup ref="ebics:VersionAttrGroup"/>
+		</complexType>
+	</element>
+	<complexType name="NoPubKeyDigestsRequestStaticHeaderType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für den statischen EBICS-Header bei Aufträgen ohne Übertragung der Digests der Bankschlüssel (Auftrag HBP): keine Digests der öffentlichen Bankschlüssel, keine EU-Datei, keine Nutzdaten, OrderId optional!, Nonce, Timestamp, X001 Authentifizierung, Auftragsattribut DZHNN</documentation>
+		</annotation>
+		<complexContent>
+			<restriction base="ebics:StaticHeaderBaseType">
+				<sequence>
+					<element name="HostID" type="ebics:HostIDType">
+						<annotation>
+							<documentation xml:lang="de">Hostname des Banksystems.</documentation>
+						</annotation>
+					</element>
+					<element name="Nonce" type="ebics:NonceType">
+						<annotation>
+							<documentation xml:lang="de">Zufallswert; damit wird die Initialisierungsnachricht des Clients einzigartig.</documentation>
+						</annotation>
+					</element>
+					<element name="Timestamp" type="ebics:TimestampType">
+						<annotation>
+							<documentation xml:lang="de">aktueller Zeitstempel zur Begrenzung der serverseitigen Nonce-Speicherung.</documentation>
+						</annotation>
+					</element>
+					<element name="PartnerID" type="ebics:PartnerIDType">
+						<annotation>
+							<documentation xml:lang="de">Kunden-ID des serverseitig administrierten Kunden.</documentation>
+						</annotation>
+					</element>
+					<element name="UserID" type="ebics:UserIDType">
+						<annotation>
+							<documentation xml:lang="de">Teilnehmer-ID des serverseitig zu diesem Kunden administrierten Teilnehmers.</documentation>
+						</annotation>
+					</element>
+					<element name="SystemID" type="ebics:UserIDType" minOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">technische User-ID für Multi-User-Systeme.</documentation>
+						</annotation>
+					</element>
+					<element name="Product" type="ebics:ProductElementType" nillable="true" minOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">Kennung des Kundenprodukts bzw. Herstellerkennung oder Name.</documentation>
+						</annotation>
+					</element>
+					<element name="OrderDetails" type="ebics:NoPubKeyDigestsReqOrderDetailsType">
+						<annotation>
+							<documentation xml:lang="de">Auftragsdetails.</documentation>
+						</annotation>
+					</element>
+					<element name="SecurityMedium" type="ebics:SecurityMediumType">
+						<annotation>
+							<documentation xml:lang="de">Angabe des Sicherheitsmediums, das der Kunde verwendet.</documentation>
+						</annotation>
+					</element>
+					<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+				</sequence>
+			</restriction>
+		</complexContent>
+	</complexType>
+	<complexType name="NoPubKeyDigestsReqOrderDetailsType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für OrderDetails im statischen EBICS-Header von ebicsNoPubKeyDigestsRequest.</documentation>
+		</annotation>
+		<complexContent>
+			<restriction base="ebics:OrderDetailsType">
+				<sequence>
+					<element name="OrderType" type="ebics:OrderTBaseType">
+						<annotation>
+							<documentation xml:lang="de">Auftragsart.</documentation>
+						</annotation>
+					</element>
+					<element name="OrderAttribute" type="ebics:OrderAttributeBaseType" fixed="DZHNN">
+						<annotation>
+							<documentation xml:lang="de">Auftragsattribut: DZHNN.</documentation>
+						</annotation>
+					</element>
+				</sequence>
+			</restriction>
+		</complexContent>
+	</complexType>
+	<element name="ebicsUnsignedRequest">
+		<annotation>
+			<documentation xml:lang="en">The structure for uploads contains order data and the ESs, but without an authentication signature and data digest of bank keys.</documentation>
+			<documentation>Anfragestruktur für Sendeaufträge mit EU-Datei und Nutzdaten aber ohne Authentifizierungssignatur und Digests der Bankschlüssel.</documentation>
+		</annotation>
+		<complexType>
+			<sequence>
+				<element name="header">
+					<annotation>
+						<documentation xml:lang="en">Contains technical transaction data.</documentation>
+						<documentation xml:lang="de">enthält die technischen Transaktionsdaten.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<element name="static" type="ebics:UnsignedRequestStaticHeaderType">
+								<annotation>
+									<documentation xml:lang="en">Contains all fixed header entries.</documentation>
+									<documentation xml:lang="de">enhält alle festen Headereinträge.</documentation>
+								</annotation>
+							</element>
+							<element name="mutable" type="ebics:EmptyMutableHeaderType">
+								<annotation>
+									<documentation xml:lang="en">Contains all mutable header entries.</documentation>
+									<documentation xml:lang="de">enthält alle variablen Headereinträge.</documentation>
+								</annotation>
+							</element>
+						</sequence>
+						<attributeGroup ref="ebics:AuthenticationMarker"/>
+					</complexType>
+				</element>
+				<element name="body">
+					<annotation>
+						<documentation xml:lang="en">Contains the order data and the ESs.</documentation>
+						<documentation xml:lang="de">enthält die Auftragsdaten und EUs.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<annotation>
+								<documentation xml:lang="de"/>
+							</annotation>
+							<element name="DataTransfer">
+								<annotation>
+									<documentation xml:lang="en">Transfer of order data and the ESs.</documentation>
+									<documentation xml:lang="de">Transfer von Auftragsdaten und EUs.</documentation>
+								</annotation>
+								<complexType>
+									<sequence>
+										<element name="SignatureData">
+											<annotation>
+												<documentation xml:lang="en">Contains the ESs.</documentation>
+												<documentation xml:lang="de">enthält Signaturdaten (EUs).</documentation>
+											</annotation>
+											<complexType>
+												<simpleContent>
+													<extension base="ebics:SignatureDataType">
+														<attributeGroup ref="ebics:AuthenticationMarker"/>
+													</extension>
+												</simpleContent>
+											</complexType>
+										</element>
+										<element name="OrderData">
+											<annotation>
+												<documentation xml:lang="en">Contains the order data</documentation>
+												<documentation xml:lang="de">enthält Auftragsdaten.</documentation>
+											</annotation>
+											<complexType>
+												<simpleContent>
+													<extension base="ebics:OrderDataType">
+														<anyAttribute namespace="##targetNamespace" processContents="lax"/>
+													</extension>
+												</simpleContent>
+											</complexType>
+										</element>
+									</sequence>
+								</complexType>
+							</element>
+						</sequence>
+					</complexType>
+				</element>
+			</sequence>
+			<attributeGroup ref="ebics:VersionAttrGroup"/>
+		</complexType>
+	</element>
+	<complexType name="UnsignedRequestStaticHeaderType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für den statischen EBICS-Header für ebicsUnsignedRequest.Datentyp für den statischen EBICS-Header bei Aufträgen ohne Authentifizierungssignatur (Auftrag HSA): keine X001 Authentifizierung, keine Digests der öffentlichen Bankschlüssel, EU-Datei, Nutzdaten, Nonce, Timestamp, OrderId, Auftragsattribut OZNNN</documentation>
+		</annotation>
+		<complexContent>
+			<restriction base="ebics:StaticHeaderBaseType">
+				<sequence>
+					<element name="HostID" type="ebics:HostIDType">
+						<annotation>
+							<documentation xml:lang="de">Hostname des Banksystems.</documentation>
+						</annotation>
+					</element>
+					<element name="Nonce" type="ebics:NonceType" minOccurs="0" maxOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">Zufallswert; damit wird die Initialisierungsnachricht des Clients einzigartig; nicht anzugeben bei ebicsUnsignedRequest.</documentation>
+						</annotation>
+					</element>
+					<element name="Timestamp" type="ebics:TimestampType" minOccurs="0" maxOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">aktueller Zeitstempel zur Begrenzung der serverseitigen Nonce-Speicherung; nicht anzugeben bei ebicsUnsignedRequest.</documentation>
+						</annotation>
+					</element>
+					<element name="PartnerID" type="ebics:PartnerIDType">
+						<annotation>
+							<documentation xml:lang="de">Kunden-ID des serverseitig administrierten Kunden.</documentation>
+						</annotation>
+					</element>
+					<element name="UserID" type="ebics:UserIDType">
+						<annotation>
+							<documentation xml:lang="de">Teilnehmer-ID des serverseitig zu diesem Kunden administrierten Teilnehmers.</documentation>
+						</annotation>
+					</element>
+					<element name="SystemID" type="ebics:UserIDType" minOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">technische User-ID für Multi-User-Systeme.</documentation>
+						</annotation>
+					</element>
+					<element name="Product" type="ebics:ProductElementType" nillable="true" minOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">Kennung des Kundenprodukts bzw. Herstellerkennung oder Name.</documentation>
+						</annotation>
+					</element>
+					<element name="OrderDetails" type="ebics:UnsignedReqOrderDetailsType">
+						<annotation>
+							<documentation xml:lang="de">Auftragsdetails.</documentation>
+						</annotation>
+					</element>
+					<element name="SecurityMedium" type="ebics:SecurityMediumType">
+						<annotation>
+							<documentation xml:lang="de">Angabe des Sicherheitsmediums, das der Kunde verwendet.</documentation>
+						</annotation>
+					</element>
+					<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+				</sequence>
+			</restriction>
+		</complexContent>
+	</complexType>
+	<complexType name="UnsignedReqOrderDetailsType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für OrderDetails im statischen EBICS-Header von ebicsUnsignedRequest.</documentation>
+		</annotation>
+		<complexContent>
+			<restriction base="ebics:OrderDetailsType">
+				<sequence>
+					<element name="OrderType" type="ebics:OrderTBaseType">
+						<annotation>
+							<documentation xml:lang="de">Auftragsart.</documentation>
+						</annotation>
+					</element>
+					<element name="OrderAttribute" type="ebics:OrderAttributeBaseType" fixed="OZNNN">
+						<annotation>
+							<documentation xml:lang="de">Auftragsattribut: OZNNN.</documentation>
+						</annotation>
+					</element>
+				</sequence>
+			</restriction>
+		</complexContent>
+	</complexType>
+</schema>

test/xsd/ebics_keymgmt_response_H004.xsd

@@ -0,0 +1,137 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Mit XMLSpy v2008 rel. 2 sp2 (http://www.altova.com) von benutzerservice benutzerservice (SIZ GmbH) bearbeitet -->
+<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ebics="urn:org:ebics:H004" targetNamespace="urn:org:ebics:H004" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0">
+	<annotation>
+		<documentation xml:lang="de">ebics_keymgmt_response_H004.xsd ist das EBICS-Protokollschema für Schlüsselmanagement-Antwortnachrichten (HIA, HPB, HSA, INI).</documentation>
+	</annotation>
+	<import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd">
+		<annotation>
+			<documentation xml:lang="de">XML-Signature.</documentation>
+		</annotation>
+	</import>
+	<include schemaLocation="ebics_types_H004.xsd"/>
+	<include schemaLocation="ebics_orders_H004.xsd"/>
+	<element name="ebicsKeyManagementResponse">
+		<annotation>
+			<documentation xml:lang="de">Electronic Banking Internet Communication Standard des Zentralen Kreditausschusses (ZKA): Multibankfähige Schnittstelle zur internetbasierten Kommunikation.</documentation>
+		</annotation>
+		<complexType>
+			<sequence>
+				<element name="header">
+					<annotation>
+						<documentation xml:lang="de">enthält die technischen Transaktionsdaten.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<element name="static">
+								<annotation>
+									<documentation xml:lang="de">enhält alle festen Headereinträge.</documentation>
+								</annotation>
+								<complexType>
+									<sequence/>
+								</complexType>
+							</element>
+							<element name="mutable" type="ebics:KeyMgmntResponseMutableHeaderType">
+								<annotation>
+									<documentation xml:lang="de">enthält alle variablen Headereinträge.</documentation>
+								</annotation>
+							</element>
+						</sequence>
+						<attributeGroup ref="ebics:AuthenticationMarker"/>
+					</complexType>
+				</element>
+				<element name="body">
+					<annotation>
+						<documentation xml:lang="de">enthält die Auftragsdaten und den fachlichen ReturnCode.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<element name="DataTransfer" minOccurs="0">
+								<annotation>
+									<documentation xml:lang="de">Transfer von Auftragsdaten; nur bei Download anzugeben (HPB).</documentation>
+								</annotation>
+								<complexType>
+									<sequence>
+										<element name="DataEncryptionInfo">
+											<annotation>
+												<documentation xml:lang="de">Informationen zur Verschlüsselung der Auftragsdaten</documentation>
+											</annotation>
+											<complexType>
+												<complexContent>
+													<extension base="ebics:DataEncryptionInfoType">
+														<attributeGroup ref="ebics:AuthenticationMarker"/>
+													</extension>
+												</complexContent>
+											</complexType>
+										</element>
+										<element name="OrderData">
+											<annotation>
+												<documentation xml:lang="de">enthält Auftragsdaten.</documentation>
+											</annotation>
+											<complexType>
+												<simpleContent>
+													<extension base="ebics:OrderDataType">
+														<anyAttribute namespace="##targetNamespace" processContents="lax"/>
+													</extension>
+												</simpleContent>
+											</complexType>
+										</element>
+										<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+									</sequence>
+								</complexType>
+							</element>
+							<element name="ReturnCode">
+								<annotation>
+									<documentation xml:lang="de">Antwortcode für den vorangegangenen Transfer.</documentation>
+								</annotation>
+								<complexType>
+									<simpleContent>
+										<extension base="ebics:ReturnCodeType">
+											<attributeGroup ref="ebics:AuthenticationMarker"/>
+										</extension>
+									</simpleContent>
+								</complexType>
+							</element>
+							<element name="TimestampBankParameter" minOccurs="0">
+								<annotation>
+									<documentation xml:lang="de">Zeitstempel der letzten Aktualisierung der Bankparameter; nur in der Initialisierungsphase anzugeben.</documentation>
+								</annotation>
+								<complexType>
+									<simpleContent>
+										<extension base="ebics:TimestampType">
+											<attributeGroup ref="ebics:AuthenticationMarker"/>
+										</extension>
+									</simpleContent>
+								</complexType>
+							</element>
+						</sequence>
+					</complexType>
+				</element>
+			</sequence>
+			<attributeGroup ref="ebics:VersionAttrGroup"/>
+		</complexType>
+	</element>
+	<complexType name="KeyMgmntResponseMutableHeaderType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für den variablen EBICS-Header.</documentation>
+		</annotation>
+		<sequence>
+			<element name="OrderID" type="ebics:OrderIDType" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">Auftragsnummer von Sendeaufträgen gemäß DFÜ-Abkommen (used for all key management order types except download order type HPB).</documentation>
+				</annotation>
+			</element>
+			<element name="ReturnCode" type="ebics:ReturnCodeType">
+				<annotation>
+					<documentation xml:lang="de">Rückmeldung des Ausführungsstatus mit einer eindeutigen Fehlernummer.</documentation>
+				</annotation>
+			</element>
+			<element name="ReportText" type="ebics:ReportTextType">
+				<annotation>
+					<documentation xml:lang="de">Klartext der Rückmeldung des Ausführungsstatus.</documentation>
+				</annotation>
+			</element>
+			<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</sequence>
+	</complexType>
+</schema>

test/xsd/ebics_request_H004.xsd

@@ -0,0 +1,355 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Mit XMLSpy v2008 rel. 2 (http://www.altova.com) von Sabine Wenzel (SIZ Bonn) bearbeitet -->
+<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ebics="urn:org:ebics:H004" targetNamespace="urn:org:ebics:H004" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0">
+	<annotation>
+		<documentation xml:lang="de">ebics_request_H004.xsd ist das EBICS-Protokollschema für Anfragen.</documentation>
+		<documentation xml:lang="en">ebics_request_H004.xsd is the appropriate EBICS protocol schema for standard requests.</documentation>
+	</annotation>
+	<include schemaLocation="ebics_types_H004.xsd"/>
+	<include schemaLocation="ebics_orders_H004.xsd"/>
+	<import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+	<element name="ebicsRequest">
+		<annotation>
+			<documentation xml:lang="de">Electronic Banking Internet Communication Standard of the EBICS SCRL: Multibankfähige Schnittstelle zur internetbasierten Kommunikation.</documentation>
+			<documentation xml:lang="en">Electronic Banking Internet Communication Standard der EBICS SCRL: multi-bank capable interface for internet-based communication.</documentation>
+		</annotation>
+		<complexType>
+			<sequence>
+				<element name="header">
+					<annotation>
+						<documentation xml:lang="de">enthält die technischen Transaktionsdaten.</documentation>
+						<documentation xml:lang="en">contains the transaction-driven data.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<element name="static" type="ebics:StaticHeaderType">
+								<annotation>
+									<documentation xml:lang="de">enhält alle festen Headereinträge.</documentation>
+									<documentation xml:lang="en">contains the static header entries.</documentation>
+								</annotation>
+							</element>
+							<element name="mutable" type="ebics:MutableHeaderType">
+								<annotation>
+									<documentation xml:lang="de">enthält alle variablen Headereinträge.</documentation>
+									<documentation xml:lang="en">contains the mutable header entries.</documentation>
+								</annotation>
+							</element>
+						</sequence>
+						<attributeGroup ref="ebics:AuthenticationMarker"/>
+					</complexType>
+				</element>
+				<element ref="ebics:AuthSignature"/>
+				<element name="body">
+					<annotation>
+						<documentation xml:lang="de">enthält die Auftragsdaten, EU(s) und weitere Nutzdaten.</documentation>
+						<documentation xml:lang="en">contains order data, order signature(s) and further data referring to the current order.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<annotation>
+								<documentation xml:lang="de"/>
+							</annotation>
+							<element ref="ds:X509Data" minOccurs="0" maxOccurs="0">
+								<annotation>
+									<documentation xml:lang="de">X.509-Daten des Teilnehmers.</documentation>
+									<documentation xml:lang="en">X.509 data of the user.</documentation>
+								</annotation>
+							</element>
+							<choice>
+								<annotation>
+									<documentation xml:lang="de">Welche Transaktionsphase?</documentation>
+									<documentation xml:lang="en">Which transaction phase?</documentation>
+								</annotation>
+								<sequence>
+									<annotation>
+										<documentation xml:lang="de">Initialisierungs- und Transferphase.</documentation>
+										<documentation xml:lang="en">Initialisation or transfer phase.</documentation>
+									</annotation>
+									<element name="PreValidation" minOccurs="0">
+										<annotation>
+											<documentation xml:lang="de">Daten zur Vorabprüfung; nur anzugeben in der Initialisierungsphase bei Uploads mit Auftragsattribut OZH (EUs + Auftragsdaten).</documentation>
+											<documentation xml:lang="en">Data sent for pre-validation; mandatory for initialisation phase during uploads using order attribute OZH (order signature(s) + order data).</documentation>
+										</annotation>
+										<complexType>
+											<complexContent>
+												<extension base="ebics:PreValidationRequestType">
+													<attributeGroup ref="ebics:AuthenticationMarker"/>
+												</extension>
+											</complexContent>
+										</complexType>
+									</element>
+									<element name="DataTransfer" type="ebics:DataTransferRequestType" minOccurs="0">
+										<annotation>
+											<documentation xml:lang="de">Transfer von Signatur- bzw. Auftragsdaten; nur bei Upload anzugeben.</documentation>
+											<documentation xml:lang="en">Transfer of signature or order data; mandatory for uploads only.</documentation>
+										</annotation>
+									</element>
+								</sequence>
+								<sequence>
+									<annotation>
+										<documentation xml:lang="de">Quittierungsphase nach Download.</documentation>
+										<documentation xml:lang="en">Receipt phase after download.</documentation>
+									</annotation>
+									<element name="TransferReceipt">
+										<annotation>
+											<documentation xml:lang="de">Quittierung des Transfers.</documentation>
+											<documentation xml:lang="en">Receipt of transfer.</documentation>
+										</annotation>
+										<complexType>
+											<complexContent>
+												<extension base="ebics:TransferReceiptRequestType">
+													<attributeGroup ref="ebics:AuthenticationMarker"/>
+												</extension>
+											</complexContent>
+										</complexType>
+									</element>
+								</sequence>
+							</choice>
+						</sequence>
+					</complexType>
+				</element>
+			</sequence>
+			<attributeGroup ref="ebics:VersionAttrGroup"/>
+			<anyAttribute namespace="##targetNamespace" processContents="strict"/>
+		</complexType>
+	</element>
+	<complexType name="StaticHeaderType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für den statischen EBICS-Header.</documentation>
+			<documentation xml:lang="en">Data type for the static EBICS header.</documentation>
+		</annotation>
+		<sequence>
+			<element name="HostID" type="ebics:HostIDType">
+				<annotation>
+					<documentation xml:lang="de">Hostname des Banksystems.</documentation>
+				</annotation>
+			</element>
+			<choice>
+				<annotation>
+					<documentation xml:lang="de">Transaktionsphase?</documentation>
+					<documentation xml:lang="en">Transaction phase?</documentation>
+				</annotation>
+				<sequence>
+					<annotation>
+						<documentation xml:lang="de">Initialisierungsphase.</documentation>
+						<documentation xml:lang="en">Initialisation phase.</documentation>
+					</annotation>
+					<element name="Nonce" type="ebics:NonceType">
+						<annotation>
+							<documentation xml:lang="de">Zufallswert; damit wird die Initialisierungsnachricht des Clients einzigartig.</documentation>
+							<documentation xml:lang="en">Random value, ensures the uniqueness of the client's message during initialisation phase.</documentation>
+						</annotation>
+					</element>
+					<element name="Timestamp" type="ebics:TimestampType">
+						<annotation>
+							<documentation xml:lang="de">aktueller Zeitstempel zur Begrenzung der serverseitigen Nonce-Speicherung.</documentation>
+							<documentation xml:lang="en">current timestamp, used to limit storage space for nonces on the server.</documentation>
+						</annotation>
+					</element>
+					<element name="PartnerID" type="ebics:PartnerIDType">
+						<annotation>
+							<documentation xml:lang="de">Kunden-ID des serverseitig administrierten Kunden.</documentation>
+							<documentation xml:lang="en">ID of the partner = customer, administered on the server.</documentation>
+						</annotation>
+					</element>
+					<element name="UserID" type="ebics:UserIDType">
+						<annotation>
+							<documentation xml:lang="de">Teilnehmer-ID des serverseitig zu diesem Kunden administrierten Teilnehmers.</documentation>
+							<documentation xml:lang="en">ID of the user that is assigned to the given customer, administered on the server.</documentation>
+						</annotation>
+					</element>
+					<element name="SystemID" type="ebics:UserIDType" minOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">technische User-ID für Multi-User-Systeme.</documentation>
+							<documentation xml:lang="en">ID of the system for multi-user systems.</documentation>
+						</annotation>
+					</element>
+					<element name="Product" nillable="true" minOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">Kennung des Kundenprodukts bzw. Herstellerkennung oder Name.</documentation>
+							<documentation xml:lang="en">software ID / manufacturer ID / manufacturer's name of the customer's software package.</documentation>
+						</annotation>
+						<complexType>
+							<simpleContent>
+								<extension base="ebics:ProductType">
+									<attribute name="Language" type="ebics:LanguageType" use="required">
+										<annotation>
+											<documentation xml:lang="de">Sprachkennzeichen der Kundenproduktversion (gemäß ISO 639).</documentation>
+											<documentation xml:lang="en">Language code of the customer's software package according to ISO 639.</documentation>
+										</annotation>
+									</attribute>
+									<attribute name="InstituteID" type="ebics:InstituteIDType" use="optional">
+										<annotation>
+											<documentation xml:lang="de">Kennung des Herausgebers des Kundenprodukts bzw. des betreuenden Kreditinstituts.</documentation>
+											<documentation xml:lang="en">ID of the manufacturer / financial institute providing support for the customer's software package.</documentation>
+										</annotation>
+									</attribute>
+								</extension>
+							</simpleContent>
+						</complexType>
+					</element>
+					<element name="OrderDetails" type="ebics:StaticHeaderOrderDetailsType">
+						<annotation>
+							<documentation xml:lang="de">Auftragsdetails.</documentation>
+							<documentation xml:lang="en">order details.</documentation>
+						</annotation>
+					</element>
+					<element name="BankPubKeyDigests">
+						<annotation>
+							<documentation xml:lang="de">Hashwerte der erwarteten öffentlichen Schlüssel (Verschlüsselung, Signatur, Authentifikation) des Kreditinstituts.</documentation>
+							<documentation xml:lang="en">Digest values of the expected public keys (authentication, encryption, signature) owned by the financial institute.</documentation>
+						</annotation>
+						<complexType>
+							<sequence>
+								<element name="Authentication">
+									<annotation>
+										<documentation xml:lang="de">Hashwert des Authentifikationsschlüssels.</documentation>
+										<documentation xml:lang="en">Digest value of the public authentication key.</documentation>
+									</annotation>
+									<complexType>
+										<simpleContent>
+											<extension base="ebics:PubKeyDigestType">
+												<attribute name="Version" type="ebics:AuthenticationVersionType" use="required">
+													<annotation>
+														<documentation xml:lang="de">Version des Authentifikationsverfahrens.</documentation>
+														<documentation xml:lang="en">Version of the algorithm used for authentication.</documentation>
+													</annotation>
+												</attribute>
+											</extension>
+										</simpleContent>
+									</complexType>
+								</element>
+								<element name="Encryption">
+									<annotation>
+										<documentation xml:lang="de">Hashwert des Verschlüsselungsschlüssels.</documentation>
+										<documentation xml:lang="en">Digest value of the public encryption key.</documentation>
+									</annotation>
+									<complexType>
+										<simpleContent>
+											<extension base="ebics:PubKeyDigestType">
+												<attribute name="Version" type="ebics:EncryptionVersionType" use="required">
+													<annotation>
+														<documentation xml:lang="de">Version des Verschlüsselungsverfahrens.</documentation>
+														<documentation xml:lang="en">Version of the algorithm used for encryption.</documentation>
+													</annotation>
+												</attribute>
+											</extension>
+										</simpleContent>
+									</complexType>
+								</element>
+								<element name="Signature" minOccurs="0" maxOccurs="0">
+									<annotation>
+										<documentation xml:lang="de">Hashwert des Signaturschlüssels.</documentation>
+										<documentation xml:lang="en">Digest value of the public signature key.</documentation>
+									</annotation>
+									<complexType>
+										<simpleContent>
+											<extension base="ebics:PubKeyDigestType">
+												<attribute name="Version" type="ebics:SignatureVersionType" use="required">
+													<annotation>
+														<documentation xml:lang="de">Version des Signaturverfahrens.</documentation>
+														<documentation xml:lang="en">Version of the algorithm used for signature creation.</documentation>
+													</annotation>
+												</attribute>
+											</extension>
+										</simpleContent>
+									</complexType>
+								</element>
+							</sequence>
+						</complexType>
+					</element>
+					<element name="SecurityMedium" type="ebics:SecurityMediumType">
+						<annotation>
+							<documentation xml:lang="de">Angabe des Sicherheitsmediums, das der Kunde verwendet.</documentation>
+							<documentation xml:lang="en">Classification of the security medium used by the customer.</documentation>
+						</annotation>
+					</element>
+					<element name="NumSegments" type="ebics:NumSegmentsType" minOccurs="0">
+						<annotation>
+							<documentation xml:lang="de">Gesamtsegmentanzahl für diese Transaktion; nur bei Uploads anzugeben.</documentation>
+							<documentation xml:lang="en">Total number of segments for this transaction; mandatory for uploads only.</documentation>
+						</annotation>
+					</element>
+					<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+				</sequence>
+				<sequence>
+					<annotation>
+						<documentation xml:lang="de">Transfer- und Quittierungsphase.</documentation>
+						<documentation xml:lang="en">Transfer or receipt phase.</documentation>
+					</annotation>
+					<element name="TransactionID" type="ebics:TransactionIDType">
+						<annotation>
+							<documentation xml:lang="de">eindeutige, technische Transaktions-ID; wird vom Server vergeben.</documentation>
+							<documentation xml:lang="en">unique transaction ID, provided by the server.</documentation>
+						</annotation>
+					</element>
+				</sequence>
+			</choice>
+		</sequence>
+	</complexType>
+	<complexType name="MutableHeaderType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für den variablen EBICS-Header.</documentation>
+			<documentation xml:lang="en">Data type for the mutable EBICS header.</documentation>
+		</annotation>
+		<sequence>
+			<element name="TransactionPhase" type="ebics:TransactionPhaseType">
+				<annotation>
+					<documentation xml:lang="de">Phase, in der sich die Transaktion gerade befindet; wird bei jedem Transaktionsschritt vom Client gesetzt und vom Server übernommen.</documentation>
+					<documentation xml:lang="en">Current phase of the transaction; this information is provided by the client for each step of the transaction, and the server adopts the setting.</documentation>
+				</annotation>
+			</element>
+			<element name="SegmentNumber" nillable="true" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">enthält die Nummer des aktuellen Segments, welches gerade übertragen oder angefordert wird; nur anzugeben bei TransactionPhase=Transfer.</documentation>
+					<documentation xml:lang="en">contains the number of the segment which is currently being transmitted or requested; mandatory for transaction phase 'Transfer' only.</documentation>
+				</annotation>
+				<complexType>
+					<simpleContent>
+						<extension base="ebics:SegmentNumberType">
+							<attribute name="lastSegment" type="boolean" use="required">
+								<annotation>
+									<documentation xml:lang="de">Ist dies das letzte Segment der Übertragung?</documentation>
+									<documentation xml:lang="en">Is this segment meant to be the last one regarding this transmission?</documentation>
+								</annotation>
+							</attribute>
+						</extension>
+					</simpleContent>
+				</complexType>
+			</element>
+			<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</sequence>
+	</complexType>
+	<complexType name="StaticHeaderOrderDetailsType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für Auftragsdetails im statischen EBICS-Header.</documentation>
+			<documentation xml:lang="en">Data type for order details stored in the static EBICS header.</documentation>
+		</annotation>
+		<sequence>
+			<element name="OrderType">
+				<annotation>
+					<documentation xml:lang="de">Auftragsart.</documentation>
+					<documentation xml:lang="en">type code of the order.</documentation>
+				</annotation>
+				<complexType>
+					<simpleContent>
+						<extension base="ebics:OrderTBaseType"/>
+					</simpleContent>
+				</complexType>
+			</element>
+			<element name="OrderID" type="ebics:OrderIDType" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">Auftragsnummer für Sendeaufträge gemäß DFÜ-Abkommen.</documentation>
+					<documentation xml:lang="en">ID of the (upload) order, formatted in accordance with the document "DFÜ-Abkommen".</documentation>
+				</annotation>
+			</element>
+			<element name="OrderAttribute" type="ebics:OrderAttributeType">
+				<annotation>
+					<documentation xml:lang="de">Auftragsattribut.</documentation>
+					<documentation xml:lang="en">attribute describing the order contents.</documentation>
+				</annotation>
+			</element>
+			<element ref="ebics:OrderParams"/>
+		</sequence>
+	</complexType>
+</schema>

test/xsd/ebics_response_H004.xsd

@@ -0,0 +1,166 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ebics="urn:org:ebics:H004" targetNamespace="urn:org:ebics:H004" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0">
+	<annotation>
+		<documentation xml:lang="de">ebics_response_H004.xsd ist das EBICS-Protokollschema für Antwortnachrichten.</documentation>
+		<documentation xml:lang="en">ebics_response_H004.xsd is the appropriate EBICS protocol schema for standard responses.</documentation>
+	</annotation>
+	<import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd">
+		<annotation>
+			<documentation xml:lang="de">XML-Signature.</documentation>
+		</annotation>
+	</import>
+	<include schemaLocation="ebics_types_H004.xsd"/>
+	<include schemaLocation="ebics_orders_H004.xsd"/>
+	<element name="ebicsResponse">
+		<annotation>
+			<documentation xml:lang="de">Electronic Banking Internet Communication Standard des Zentralen Kreditausschusses (ZKA): Multibankfähige Schnittstelle zur internetbasierten Kommunikation.</documentation>
+			<documentation xml:lang="en">Electronic Banking Internet Communication Standard of the "Zentraler Kreditausschuss (ZKA)": multi-bank capable interface for internet-based communication.</documentation>
+		</annotation>
+		<complexType>
+			<sequence>
+				<element name="header">
+					<annotation>
+						<documentation xml:lang="de">enthält die technischen Transaktionsdaten.</documentation>
+						<documentation xml:lang="en">contains the transaction-driven data.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<element name="static" type="ebics:ResponseStaticHeaderType">
+								<annotation>
+									<documentation xml:lang="de">enhält alle festen Headereinträge.</documentation>
+									<documentation xml:lang="en">contains the static header entries.</documentation>
+								</annotation>
+							</element>
+							<element name="mutable" type="ebics:ResponseMutableHeaderType">
+								<annotation>
+									<documentation xml:lang="de">enthält alle variablen Headereinträge.</documentation>
+									<documentation xml:lang="en">contains the mutable header entries.</documentation>
+								</annotation>
+							</element>
+						</sequence>
+						<attributeGroup ref="ebics:AuthenticationMarker"/>
+					</complexType>
+				</element>
+				<element ref="ebics:AuthSignature">
+					<annotation>
+						<documentation xml:lang="de">Authentifikationssignatur.</documentation>
+						<documentation xml:lang="en">Authentication signature.</documentation>
+					</annotation>
+				</element>
+				<element name="body">
+					<annotation>
+						<documentation xml:lang="de">enthält die Auftragsdaten, EU(s) und weitere Nutzdaten.</documentation>
+						<documentation xml:lang="en">contains order data, order signature(s) and further data referring to the current order.</documentation>
+					</annotation>
+					<complexType>
+						<sequence>
+							<element name="DataTransfer" type="ebics:DataTransferResponseType" minOccurs="0">
+								<annotation>
+									<documentation xml:lang="de">Transfer von Auftragsdaten; nur bei Download anzugeben.</documentation>
+									<documentation xml:lang="en">Transfer of signature or order data; mandatory for downloads only.</documentation>
+								</annotation>
+							</element>
+							<element name="ReturnCode">
+								<annotation>
+									<documentation xml:lang="de">fachlicher Antwortcode für den vorangegangenen Request.</documentation>
+									<documentation xml:lang="en">order-related return code of the previous request.</documentation>
+								</annotation>
+								<complexType>
+									<simpleContent>
+										<extension base="ebics:ReturnCodeType">
+											<attributeGroup ref="ebics:AuthenticationMarker"/>
+										</extension>
+									</simpleContent>
+								</complexType>
+							</element>
+							<element name="TimestampBankParameter" minOccurs="0">
+								<annotation>
+									<documentation xml:lang="de">Zeitstempel der letzten Aktualisierung der Bankparameter; nur in der Initialisierungsphase anzugeben.</documentation>
+									<documentation xml:lang="en">timestamp indicating the latest update of the bank parameters; may be set during initialisation phase only.</documentation>
+								</annotation>
+								<complexType>
+									<simpleContent>
+										<extension base="ebics:TimestampType">
+											<attributeGroup ref="ebics:AuthenticationMarker"/>
+										</extension>
+									</simpleContent>
+								</complexType>
+							</element>
+						</sequence>
+					</complexType>
+				</element>
+			</sequence>
+			<attributeGroup ref="ebics:VersionAttrGroup"/>
+			<anyAttribute namespace="##targetNamespace" processContents="strict"/>
+		</complexType>
+	</element>
+	<complexType name="ResponseStaticHeaderType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für den statischen EBICS-Header.</documentation>
+			<documentation xml:lang="en">Data type for the static EBICS header.</documentation>
+		</annotation>
+		<sequence>
+			<element name="TransactionID" type="ebics:TransactionIDType" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">eindeutige, technische Transaktions-ID; wird vom Server vergeben, falls OrderAttribute entweder gleich "OZHNN" oder gleich "DZHNN" ist und falls tatsächlich eine Transaktion erzeugt wurde.</documentation>
+					<documentation xml:lang="en">unique transaction ID, provided by the server if and only if the order attribute is set to either "OZHNN" or "DZHNN" and if a transaction has been established actually.</documentation>
+				</annotation>
+			</element>
+			<element name="NumSegments" type="ebics:SegmentNumberType" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">Gesamtsegmentanzahl für diese Transaktion; nur bei Downloads in der Initialisierungsphase anzugeben.</documentation>
+					<documentation xml:lang="en">Total number of segments for this transaction; mandatory for downloads in initialisation phase only.</documentation>
+				</annotation>
+			</element>
+		</sequence>
+	</complexType>
+	<complexType name="ResponseMutableHeaderType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für den variablen EBICS-Header.</documentation>
+			<documentation xml:lang="en">Data type for the mutable EBICS header.</documentation>
+		</annotation>
+		<sequence>
+			<element name="TransactionPhase" type="ebics:TransactionPhaseType">
+				<annotation>
+					<documentation xml:lang="de">Phase, in der sich die Transaktion gerade befindet; wird bei jedem Transaktionsschritt vom Client gesetzt und vom Server übernommen.</documentation>
+					<documentation xml:lang="en">Current phase of the transaction; this information is provided by the client for each step of the transaction, and the server adopts the setting.</documentation>
+				</annotation>
+			</element>
+			<element name="SegmentNumber" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">enthält die Nummer des aktuellen Segments, welches gerade übertragen oder angefordert wird; nur anzugeben bei TransactionPhase=Transfer und (bei Download) TransactionPhase=Initialisation.</documentation>
+					<documentation xml:lang="en">contains the number of the segment which is currently being transmitted or requested; mandatory for transaction phases 'Transfer' and (for downloads) 'Initialisation' only.</documentation>
+				</annotation>
+				<complexType>
+					<simpleContent>
+						<extension base="ebics:SegmentNumberType">
+							<attribute name="lastSegment" type="boolean" use="required">
+								<annotation>
+									<documentation xml:lang="de">Ist dies das letzte Segment der Übertragung?</documentation>
+								</annotation>
+							</attribute>
+						</extension>
+					</simpleContent>
+				</complexType>
+			</element>
+			<element name="OrderID" type="ebics:OrderIDType" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">Auftragsnummer von Sendeaufträgen gemäß DFÜ-Abkommen.</documentation>
+				</annotation>
+			</element>
+			<element name="ReturnCode" type="ebics:ReturnCodeType">
+				<annotation>
+					<documentation xml:lang="de">Rückmeldung des technischen Status mit einer eindeutigen Fehlernummer.</documentation>
+					<documentation xml:lang="en">Return code indicating the technical status.</documentation>
+				</annotation>
+			</element>
+			<element name="ReportText" type="ebics:ReportTextType">
+				<annotation>
+					<documentation xml:lang="de">Klartext der Rückmeldung des technischen Status.</documentation>
+					<documentation xml:lang="en">Textual interpretation of the returned technical status code.</documentation>
+				</annotation>
+			</element>
+			<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</sequence>
+	</complexType>
+</schema>

test/xsd/ebics_signature.xsd

@@ -0,0 +1,217 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:esig="http://www.ebics.org/S001" targetNamespace="http://www.ebics.org/S001" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0">
+	<import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="xmldsig-core-schema.xsd"/>
+	<annotation>
+		<documentation xml:lang="de">ebics_signature enthält Typdefinitionen für elektronische Unterschriften der Versionen A004, A005, A006 und folgende.</documentation>
+		<documentation xml:lang="en">ebics_EU contains type definitions for electronic signatures: versions A005, A006 and et sqq.</documentation>
+	</annotation>
+	<!-- Elementdefinitionen für die EU. Die XML-Klartext-Struktur wird im EBICS-Signaturdatenkontext binär interpretiert.-->
+	<element name="EBICSSignatureData" abstract="true">
+		<annotation>
+			<documentation xml:lang="de">XML-Strukturen für bankfachliche Elektronische Unterschriften (EUs).</documentation>
+			<documentation xml:lang="en">contains the digital signatures.</documentation>
+		</annotation>
+	</element>
+	<element name="UserSignatureData" type="esig:UserSignatureDataSigBookType" substitutionGroup="esig:EBICSSignatureData">
+		<annotation>
+			<documentation xml:lang="de">enthält die EUs der Teilnehmer.</documentation>
+			<documentation xml:lang="en">contains the digital signatures.</documentation>
+		</annotation>
+	</element>
+	<complexType name="UserSignatureDataSigBookType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für Signaturdaten des Teilnehmers beim EU-Transfer.</documentation>
+			<documentation xml:lang="en">Data type for digital signature data transferred using EBICS.</documentation>
+		</annotation>
+		<sequence>
+			<choice maxOccurs="unbounded">
+				<element name="OrderSignature">
+					<annotation>
+						<documentation xml:lang="de">bankfachliche Elektronische Unterschrift oder Transportunterschrift (Binärformat).</documentation>
+						<documentation xml:lang="en">Digital signature (either autorising an order or applied for transportation), binary format.</documentation>
+					</annotation>
+					<complexType>
+						<simpleContent>
+							<extension base="esig:OrderSignatureType">
+								<attribute name="PartnerID" use="required">
+									<annotation>
+										<documentation xml:lang="de">Kunden-ID des Unterzeichners.</documentation>
+										<documentation xml:lang="en">Customer ID of the signer.</documentation>
+									</annotation>
+								</attribute>
+							</extension>
+						</simpleContent>
+					</complexType>
+				</element>
+				<element name="OrderSignatureData" type="esig:OrderSignatureDataType">
+					<annotation>
+						<documentation xml:lang="de">bankfachliche Elektronische Unterschrift oder Transportunterschrift (strukturiertes Format).</documentation>
+						<documentation xml:lang="en">Digital signature (either autorising an order or applied for transportation), structured format.</documentation>
+					</annotation>
+				</element>
+			</choice>
+			<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</sequence>
+	</complexType>
+	<simpleType name="OrderSignatureType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für kryptographische Unterschriften.</documentation>
+		</annotation>
+		<restriction base="base64Binary"/>
+	</simpleType>
+	<element name="OrderSignatureData" type="esig:OrderSignatureDataType">
+		<annotation>
+			<documentation xml:lang="de">bankfachliche Elektronische Unterschrift oder Transportunterschrift (strukturiertes Format).</documentation>
+			<documentation xml:lang="en">Digital signature (either autorising an order or applied for transportation), structured format.</documentation>
+		</annotation>
+	</element>
+	<complexType name="OrderSignatureDataType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für bankfachliche Elektronische Unterschrift oder Transportunterschrift (strukturiertes Format).</documentation>
+			<documentation xml:lang="en">Data type according for a digital signature (either autorising an order or applied for transportation), structured format.</documentation>
+		</annotation>
+		<sequence>
+			<element name="SignatureVersion" type="esig:SignatureVersionType">
+				<annotation>
+					<documentation xml:lang="de">Version des Signaturverfahrens.</documentation>
+					<documentation xml:lang="en">Version of the algorithm used for signature creation.</documentation>
+				</annotation>
+			</element>
+			<element name="SignatureValue" type="base64Binary">
+				<annotation>
+					<documentation xml:lang="de">Digitale Signatur.</documentation>
+					<documentation xml:lang="en">Digital signature.</documentation>
+				</annotation>
+			</element>
+			<element name="PartnerID" type="esig:PartnerIDType">
+				<annotation>
+					<documentation xml:lang="de">Kunden-ID des Unterzeichners.</documentation>
+					<documentation xml:lang="en">Customer ID of the signer.</documentation>
+				</annotation>
+			</element>
+			<element name="UserID" type="esig:UserIDType">
+				<annotation>
+					<documentation xml:lang="de">Teilnehmer-ID.</documentation>
+					<documentation xml:lang="en">User ID.</documentation>
+				</annotation>
+			</element>
+			<element ref="ds:X509Data" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">Parameter zur X.509-Funktionalität</documentation>
+					<documentation xml:lang="en">Parameter for X509Data</documentation>
+				</annotation>
+			</element>
+		</sequence>
+	</complexType>
+	<simpleType name="PartnerIDType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für eine Kunden-ID.</documentation>
+		</annotation>
+		<restriction base="token">
+			<maxLength value="35"/>
+		</restriction>
+	</simpleType>
+	<simpleType name="UserIDType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für eine Teilnehmer-ID.</documentation>
+		</annotation>
+		<restriction base="token">
+			<maxLength value="35"/>
+		</restriction>
+	</simpleType>
+	<simpleType name="SignatureVersionType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für Versionsnummern zur Elektronischen Unterschrift (EU).</documentation>
+		</annotation>
+		<restriction base="token">
+			<length value="4"/>
+			<pattern value="A\d{3}"/>
+		</restriction>
+	</simpleType>
+	<!-- Definitionen für die Uebertragung von oeffentlichen Signierschlüsseln. z.B. ueber EBICS mit INI, PUB, HCS.-->
+	<element name="SignaturePubKeyOrderData" type="esig:SignaturePubKeyOrderDataType">
+		<annotation>
+			<documentation xml:lang="de">Element für Public Key Dateien unabhängig von der Auftragsart / Geschäftsvorfall.</documentation>
+		</annotation>
+	</element>
+	<complexType name="SignaturePubKeyOrderDataType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für Public Key Dateien unabhängig von der Auftragsart / Geschäftsvorfall.</documentation>
+		</annotation>
+		<sequence>
+			<element name="SignaturePubKeyInfo" type="esig:SignaturePubKeyInfoType">
+				<annotation>
+					<documentation xml:lang="de">öffentlicher Signaturschlüssel.</documentation>
+				</annotation>
+			</element>
+			<element name="PartnerID" type="esig:PartnerIDType">
+				<annotation>
+					<documentation xml:lang="de">Kunden-ID.</documentation>
+				</annotation>
+			</element>
+			<element name="UserID" type="esig:UserIDType">
+				<annotation>
+					<documentation xml:lang="de">Teilnehmer-ID.</documentation>
+				</annotation>
+			</element>
+			<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</sequence>
+	</complexType>
+	<element name="SignaturePubKeyInfo" type="esig:SignaturePubKeyInfoType">
+		<annotation>
+			<documentation xml:lang="de">öffentlicher Signaturschlüssel.</documentation>
+		</annotation>
+	</element>
+	<complexType name="SignaturePubKeyInfoType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für öffentliche bankfachliche Schlüssel.</documentation>
+		</annotation>
+		<complexContent>
+			<extension base="esig:PubKeyInfoType">
+				<sequence>
+					<element name="SignatureVersion" type="esig:SignatureVersionType">
+						<annotation>
+							<documentation xml:lang="de">Version des EU-Signaturverfahrens.</documentation>
+						</annotation>
+					</element>
+				</sequence>
+			</extension>
+		</complexContent>
+	</complexType>
+	<complexType name="PubKeyInfoType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für die Darstellung eines öffentlichen RSA-Schlüssels als Exponent-Modulus-Kombination oder als X509-Zertifikat.</documentation>
+		</annotation>
+		<sequence>
+			<sequence>
+				<element ref="ds:X509Data" minOccurs="0"/>
+				<element name="PubKeyValue" type="esig:PubKeyValueType">
+					<annotation>
+						<documentation xml:lang="de">Darstellung als Exponent-Modulus-Kombination.</documentation>
+					</annotation>
+				</element>
+			</sequence>
+			<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</sequence>
+	</complexType>
+	<complexType name="PubKeyValueType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für die Exponent-Modulus-Darstellung eines öffentlichen RSA-Schlüssels.</documentation>
+		</annotation>
+		<sequence>
+			<element ref="ds:RSAKeyValue"/>
+			<element name="TimeStamp" type="esig:TimestampType" minOccurs="0">
+				<annotation>
+					<documentation xml:lang="de">Zeitpunkt der Generierung des Schlüssels.</documentation>
+				</annotation>
+			</element>
+			<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+		</sequence>
+	</complexType>
+	<simpleType name="TimestampType">
+		<annotation>
+			<documentation xml:lang="de">Datentyp für Zeitstempel.</documentation>
+		</annotation>
+		<restriction base="dateTime"/>
+	</simpleType>
+</schema>

test/xsd/test.xsd

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ebics="urn:org:ebics:H004" targetNamespace="urn:org:ebics:H004" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0">
+	<annotation>
+		<documentation xml:lang="de">ebics_H004.xsd inkludiert alle Schemadateien des EBICS-Protokolls, um die Eindeutigkeit von Element- und Typnamen im EBCIS Namespace zu erzwingen.</documentation>
+		<documentation xml:lang="en">ebics_H004.xsd includes all schema files for the EBICS protocol in order to enforce unique element and type names in the EBICS namespace.</documentation>
+	</annotation>
+</schema>

test/xsd/xmldsig-core-schema.xsd

@@ -0,0 +1,318 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE schema
+  PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "http://www.w3.org/2001/XMLSchema.dtd"
+ [
+   <!ATTLIST schema
+     xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#">
+   <!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
+   <!ENTITY % p ''>
+   <!ENTITY % s ''>
+  ]>
+
+<!-- Schema for XML Signatures
+    http://www.w3.org/2000/09/xmldsig#
+    $Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
+
+    Copyright 2001 The Internet Society and W3C (Massachusetts Institute
+    of Technology, Institut National de Recherche en Informatique et en
+    Automatique, Keio University). All Rights Reserved.
+    http://www.w3.org/Consortium/Legal/
+
+    This document is governed by the W3C Software License [1] as described
+    in the FAQ [2].
+
+    [1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
+    [2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
+-->
+
+
+<schema xmlns="http://www.w3.org/2001/XMLSchema"
+        xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+        targetNamespace="http://www.w3.org/2000/09/xmldsig#"
+        version="0.1" elementFormDefault="qualified">
+
+<!-- Basic Types Defined for Signatures -->
+
+<simpleType name="CryptoBinary">
+  <restriction base="base64Binary">
+  </restriction>
+</simpleType>
+
+<!-- Start Signature -->
+
+<element name="Signature" type="ds:SignatureType"/>
+<complexType name="SignatureType">
+  <sequence>
+    <element ref="ds:SignedInfo"/>
+    <element ref="ds:SignatureValue"/>
+    <element ref="ds:KeyInfo" minOccurs="0"/>
+    <element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+  <element name="SignatureValue" type="ds:SignatureValueType"/>
+  <complexType name="SignatureValueType">
+    <simpleContent>
+      <extension base="base64Binary">
+        <attribute name="Id" type="ID" use="optional"/>
+      </extension>
+    </simpleContent>
+  </complexType>
+
+<!-- Start SignedInfo -->
+
+<element name="SignedInfo" type="ds:SignedInfoType"/>
+<complexType name="SignedInfoType">
+  <sequence>
+    <element ref="ds:CanonicalizationMethod"/>
+    <element ref="ds:SignatureMethod"/>
+    <element ref="ds:Reference" maxOccurs="unbounded"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+  <element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>
+  <complexType name="CanonicalizationMethodType" mixed="true">
+    <sequence>
+      <any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
+      <!-- (0,unbounded) elements from (1,1) namespace -->
+    </sequence>
+    <attribute name="Algorithm" type="anyURI" use="required"/>
+  </complexType>
+
+  <element name="SignatureMethod" type="ds:SignatureMethodType"/>
+  <complexType name="SignatureMethodType" mixed="true">
+    <sequence>
+      <element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
+      <any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+      <!-- (0,unbounded) elements from (1,1) external namespace -->
+    </sequence>
+    <attribute name="Algorithm" type="anyURI" use="required"/>
+  </complexType>
+
+<!-- Start Reference -->
+
+<element name="Reference" type="ds:ReferenceType"/>
+<complexType name="ReferenceType">
+  <sequence>
+    <element ref="ds:Transforms" minOccurs="0"/>
+    <element ref="ds:DigestMethod"/>
+    <element ref="ds:DigestValue"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+  <attribute name="URI" type="anyURI" use="optional"/>
+  <attribute name="Type" type="anyURI" use="optional"/>
+</complexType>
+
+  <element name="Transforms" type="ds:TransformsType"/>
+  <complexType name="TransformsType">
+    <sequence>
+      <element ref="ds:Transform" maxOccurs="unbounded"/>
+    </sequence>
+  </complexType>
+
+  <element name="Transform" type="ds:TransformType"/>
+  <complexType name="TransformType" mixed="true">
+    <choice minOccurs="0" maxOccurs="unbounded">
+      <any namespace="##other" processContents="lax"/>
+      <!-- (1,1) elements from (0,unbounded) namespaces -->
+      <element name="XPath" type="string"/>
+    </choice>
+    <attribute name="Algorithm" type="anyURI" use="required"/>
+  </complexType>
+
+<!-- End Reference -->
+
+<element name="DigestMethod" type="ds:DigestMethodType"/>
+<complexType name="DigestMethodType" mixed="true">
+  <sequence>
+    <any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+  </sequence>
+  <attribute name="Algorithm" type="anyURI" use="required"/>
+</complexType>
+
+<element name="DigestValue" type="ds:DigestValueType"/>
+<simpleType name="DigestValueType">
+  <restriction base="base64Binary"/>
+</simpleType>
+
+<!-- End SignedInfo -->
+
+<!-- Start KeyInfo -->
+
+<element name="KeyInfo" type="ds:KeyInfoType"/>
+<complexType name="KeyInfoType" mixed="true">
+  <choice maxOccurs="unbounded">
+    <element ref="ds:KeyName"/>
+    <element ref="ds:KeyValue"/>
+    <element ref="ds:RetrievalMethod"/>
+    <element ref="ds:X509Data"/>
+    <element ref="ds:PGPData"/>
+    <element ref="ds:SPKIData"/>
+    <element ref="ds:MgmtData"/>
+    <any processContents="lax" namespace="##other"/>
+    <!-- (1,1) elements from (0,unbounded) namespaces -->
+  </choice>
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+  <element name="KeyName" type="string"/>
+  <element name="MgmtData" type="string"/>
+
+  <element name="KeyValue" type="ds:KeyValueType"/>
+  <complexType name="KeyValueType" mixed="true">
+   <choice>
+     <element ref="ds:DSAKeyValue"/>
+     <element ref="ds:RSAKeyValue"/>
+     <any namespace="##other" processContents="lax"/>
+   </choice>
+  </complexType>
+
+  <element name="RetrievalMethod" type="ds:RetrievalMethodType"/>
+  <complexType name="RetrievalMethodType">
+    <sequence>
+      <element ref="ds:Transforms" minOccurs="0"/>
+    </sequence>
+    <attribute name="URI" type="anyURI"/>
+    <attribute name="Type" type="anyURI" use="optional"/>
+  </complexType>
+
+<!-- Start X509Data -->
+
+<element name="X509Data" type="ds:X509DataType"/>
+<complexType name="X509DataType">
+  <sequence maxOccurs="unbounded">
+    <choice>
+      <element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
+      <element name="X509SKI" type="base64Binary"/>
+      <element name="X509SubjectName" type="string"/>
+      <element name="X509Certificate" type="base64Binary"/>
+      <element name="X509CRL" type="base64Binary"/>
+      <any namespace="##other" processContents="lax"/>
+    </choice>
+  </sequence>
+</complexType>
+
+<complexType name="X509IssuerSerialType">
+  <sequence>
+    <element name="X509IssuerName" type="string"/>
+    <element name="X509SerialNumber" type="integer"/>
+  </sequence>
+</complexType>
+
+<!-- End X509Data -->
+
+<!-- Begin PGPData -->
+
+<element name="PGPData" type="ds:PGPDataType"/>
+<complexType name="PGPDataType">
+  <choice>
+    <sequence>
+      <element name="PGPKeyID" type="base64Binary"/>
+      <element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/>
+      <any namespace="##other" processContents="lax" minOccurs="0"
+       maxOccurs="unbounded"/>
+    </sequence>
+    <sequence>
+      <element name="PGPKeyPacket" type="base64Binary"/>
+      <any namespace="##other" processContents="lax" minOccurs="0"
+       maxOccurs="unbounded"/>
+    </sequence>
+  </choice>
+</complexType>
+
+<!-- End PGPData -->
+
+<!-- Begin SPKIData -->
+
+<element name="SPKIData" type="ds:SPKIDataType"/>
+<complexType name="SPKIDataType">
+  <sequence maxOccurs="unbounded">
+    <element name="SPKISexp" type="base64Binary"/>
+    <any namespace="##other" processContents="lax" minOccurs="0"/>
+  </sequence>
+</complexType>
+
+<!-- End SPKIData -->
+
+<!-- End KeyInfo -->
+
+<!-- Start Object (Manifest, SignatureProperty) -->
+
+<element name="Object" type="ds:ObjectType"/>
+<complexType name="ObjectType" mixed="true">
+  <sequence minOccurs="0" maxOccurs="unbounded">
+    <any namespace="##any" processContents="lax"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+  <attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet -->
+  <attribute name="Encoding" type="anyURI" use="optional"/>
+</complexType>
+
+<element name="Manifest" type="ds:ManifestType"/>
+<complexType name="ManifestType">
+  <sequence>
+    <element ref="ds:Reference" maxOccurs="unbounded"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+<element name="SignatureProperties" type="ds:SignaturePropertiesType"/>
+<complexType name="SignaturePropertiesType">
+  <sequence>
+    <element ref="ds:SignatureProperty" maxOccurs="unbounded"/>
+  </sequence>
+  <attribute name="Id" type="ID" use="optional"/>
+</complexType>
+
+   <element name="SignatureProperty" type="ds:SignaturePropertyType"/>
+   <complexType name="SignaturePropertyType" mixed="true">
+     <choice maxOccurs="unbounded">
+       <any namespace="##other" processContents="lax"/>
+       <!-- (1,1) elements from (1,unbounded) namespaces -->
+     </choice>
+     <attribute name="Target" type="anyURI" use="required"/>
+     <attribute name="Id" type="ID" use="optional"/>
+   </complexType>
+
+<!-- End Object (Manifest, SignatureProperty) -->
+
+<!-- Start Algorithm Parameters -->
+
+<simpleType name="HMACOutputLengthType">
+  <restriction base="integer"/>
+</simpleType>
+
+<!-- Start KeyValue Element-types -->
+
+<element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
+<complexType name="DSAKeyValueType">
+  <sequence>
+    <sequence minOccurs="0">
+      <element name="P" type="ds:CryptoBinary"/>
+      <element name="Q" type="ds:CryptoBinary"/>
+    </sequence>
+    <element name="G" type="ds:CryptoBinary" minOccurs="0"/>
+    <element name="Y" type="ds:CryptoBinary"/>
+    <element name="J" type="ds:CryptoBinary" minOccurs="0"/>
+    <sequence minOccurs="0">
+      <element name="Seed" type="ds:CryptoBinary"/>
+      <element name="PgenCounter" type="ds:CryptoBinary"/>
+    </sequence>
+  </sequence>
+</complexType>
+
+<element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
+<complexType name="RSAKeyValueType">
+  <sequence>
+    <element name="Modulus" type="ds:CryptoBinary"/>
+    <element name="Exponent" type="ds:CryptoBinary"/>
+  </sequence>
+</complexType>
+
+<!-- End KeyValue Element-types -->
+
+<!-- End Signature -->
+
+</schema>