Mr.Combet Webshell
Your IP :
216.73.216.136
Server IP :
103.233.58.157
Server :
Windows NT WIN-4PGF72KEHKB 10.0 build 17763 (Windows Server 2016) AMD64
Server Software :
Microsoft-IIS/10.0
PHP Version :
7.3.25
Add File :
Submit
Add Directory :
Submit
Dir :
C:
/
Windows
/
schemas
/
CodeIntegrity
/
View File Name :
cipolicy.xsd
<?xml version="1.0" encoding="utf-8"?> <xs:schema targetNamespace="urn:schemas-microsoft-com:sipolicy" elementFormDefault="qualified" xmlns="urn:schemas-microsoft-com:sipolicy" xmlns:ps="urn:schemas-microsoft-com:sipolicy" xmlns:xs="http://www.w3.org/2001/XMLSchema" > <!-- A {00000000-0000-0000-0000-000000000000} GUID type --> <xs:simpleType name="GuidType"> <xs:restriction base="xs:string"> <xs:pattern value="\{[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}\}"/> </xs:restriction> </xs:simpleType> <xs:simpleType name="DWordType"> <xs:restriction base="xs:unsignedInt"/> </xs:simpleType> <xs:simpleType name="BooleanType"> <xs:restriction base="xs:boolean"/> </xs:simpleType> <xs:simpleType name="QWordType"> <xs:restriction base="xs:unsignedLong"/> </xs:simpleType> <!-- Macros --> <xs:element name="Macros"> <xs:complexType> <xs:sequence> <xs:element name="Macro" minOccurs="1" maxOccurs="unbounded"> <xs:annotation> <xs:documentation> A Macro element defines a text substitution macro that can be used in other elements. Macros are referenced using NMAKE syntax, i.e. $(runtime.windows). </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="Id" type="MacroIdType" use="required"> <xs:annotation> <xs:documentation> Required. The Id for this macro, used in macro references. For example, if the Id for this macro is "runtime.windows", the macro would be referenced as $(runtime.windows). </xs:documentation> </xs:annotation> </xs:attribute> <xs:attribute name="Value" type="MacroValueStringType" use="required"> <xs:annotation> <xs:documentation> Required. The value that will be substituted for macro references in macro- enabled XML attributes. </xs:documentation> </xs:annotation> </xs:attribute> </xs:complexType> </xs:element> </xs:sequence> </xs:complexType> <xs:unique name="UniqueMacroId"> <xs:selector xpath="ps:Macro" /> <xs:field xpath="@Id" /> </xs:unique> </xs:element> <!--File Path --> <xs:simpleType name="FilePathType"> <xs:restriction base="xs:string"> <xs:minLength value="1"/> <xs:maxLength value="32767"/> </xs:restriction> </xs:simpleType> <!-- Sid Type --> <xs:simpleType name="SidType"> <xs:restriction base="xs:string"> <xs:minLength value="3"/> <!-- Accepts Macros only--> <xs:pattern value="(\$\([a-zA-Z_][a-zA-Z_0-9.]*\))+" /> </xs:restriction> </xs:simpleType> <!-- SignTime Type --> <xs:simpleType name="SignTimeType"> <xs:restriction base="xs:dateTime"> </xs:restriction> </xs:simpleType> <!-- Macro Type --> <xs:simpleType name="MacroIdType"> <xs:restriction base="xs:string"> <xs:pattern value="[a-zA-Z_][a-zA-Z_0-9.]*" /> </xs:restriction> </xs:simpleType> <!-- Macro Value String Type --> <xs:simpleType name="MacroValueStringType"> <xs:restriction base="xs:string"> <xs:pattern value="[a-zA-Z0-9\-_!@#%\^\.,;:=\+~`'\{\}\(\)\[\]\$ \\]*" /> </xs:restriction> </xs:simpleType> <!-- AppIDs Type --> <xs:simpleType name="AppIdType"> <xs:annotation> <xs:documentation> AppIDs may use either macros only (and be multi-valued). For example $(Adobe65)$(TestApp) ((\$\([a-zA-Z_][a-zA-Z_0-9.]*\))+) or they may be a string that does not begin with a $ and be single valued (^[^\$]([a-zA-Z0-9\-_!@#%\^\.,;:=\+~`'\{\}\(\)\[\]\$ \\])*) </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"> <xs:minLength value="1"/> <xs:pattern value="(^[^\$]([a-zA-Z0-9\-_!@#%\^\.,;:=\+~`'\{\}\(\)\[\]\$ \\])*)|((\$\([a-zA-Z_][a-zA-Z_0-9.]*\))+)" /> </xs:restriction> </xs:simpleType> <xs:simpleType name="OptionType"> <xs:restriction base="xs:string"> <xs:enumeration value="Allowed:Prerelease Signers"/> <xs:enumeration value="Allowed:Kits Signers"/> <xs:enumeration value="Enabled:UMCI"/> <xs:enumeration value="Enabled:Boot Menu Protection"/> <xs:enumeration value="Enabled:Intelligent Security Graph Authorization"/> <xs:enumeration value="Enabled:Invalidate EAs on Reboot"/> <xs:enumeration value="Enabled:Windows Lockdown Trial Mode"/> <xs:enumeration value="Required:WHQL"/> <xs:enumeration value="Enabled:Developer Mode Dynamic Code Trust"/> <xs:enumeration value="Disabled:UMCI USN 0 Protection"/> <xs:enumeration value="Disabled:Winload Debugging Mode Menu"/> <xs:enumeration value="Enabled:Strong Crypto For Code Integrity"/> <xs:enumeration value="Allowed:Non-Microsoft UEFI Applications For BitLocker"/> <xs:enumeration value="Enabled:Revoked Expired As Unsigned"/> <xs:enumeration value="Enabled:UMCI Trust USN 0"/> <xs:enumeration value="Disabled:UMCI Debug Options TCB Lowering"/> <xs:enumeration value="Enabled:Audit Mode"/> <xs:enumeration value="Disabled:Flight Signing"/> <xs:enumeration value="Enabled:Inherit Default Policy"/> <xs:enumeration value="Enabled:Unsigned System Integrity Policy"/> <xs:enumeration value="Enabled:Dynamic Code Security"/> <xs:enumeration value="Required:EV Signers"/> <xs:enumeration value="Enabled:Boot Audit On Failure"/> <xs:enumeration value="Enabled:Advanced Boot Options Menu"/> <xs:enumeration value="Disabled:Script Enforcement"/> <xs:enumeration value="Required:Enforce Store Applications"/> <xs:enumeration value="Enabled:Secure Setting Policy"/> <xs:enumeration value="Enabled:Managed Installer"/> <xs:enumeration value="Enabled:Update Policy No Reboot"/> <xs:enumeration value="Enabled:Conditional Windows Lockdown Policy"/> <xs:enumeration value="Disabled:Default Windows Certificate Remapping"/> </xs:restriction> </xs:simpleType> <!-- Secure Setting Value Type --> <xs:complexType name="SettingValueType"> <xs:choice> <xs:element name="Boolean" type="BooleanType" /> <xs:element name="DWord" type="DWordType" /> <xs:element name="Binary" type="xs:hexBinary" /> <xs:element name="String" type="xs:string" /> </xs:choice> </xs:complexType> <!-- Secure Setting <Provider,Key,Value> --> <xs:element name="Setting"> <xs:complexType> <xs:sequence> <xs:element name="Value" type="SettingValueType"/> </xs:sequence> <xs:attribute name="Provider" type="xs:string" use="required" /> <xs:attribute name="Key" type="xs:string" use="required" /> <xs:attribute name="ValueName" type="xs:string" use="required" /> </xs:complexType> </xs:element> <!-- Collection of Setting--> <xs:element name="Settings"> <xs:annotation> <xs:documentation> Collection of setting elements. </xs:documentation> </xs:annotation> <xs:complexType> <xs:choice minOccurs="1" maxOccurs="65535"> <xs:element ref="Setting" minOccurs="0" maxOccurs="65535" /> </xs:choice> </xs:complexType> </xs:element> <xs:complexType name="RuleType"> <xs:sequence> <xs:choice> <xs:element name="Option" type="OptionType"/> </xs:choice> </xs:sequence> </xs:complexType> <xs:simpleType name="UShortType"> <xs:restriction base="xs:unsignedShort"/> </xs:simpleType> <!-- System Integrity Policy Version--> <xs:simpleType name="VersionExType"> <xs:restriction base="xs:string"> <xs:pattern value="[0-9]*.[0-9]*.[0-9]*.[0-9]*" /> </xs:restriction> </xs:simpleType> <!-- SignerNameType--> <xs:simpleType name="SignerNameType"> <xs:restriction base="xs:string"> </xs:restriction> </xs:simpleType> <!-- Type of CertificateToChainTo--> <xs:simpleType name="CertEnumType"> <xs:restriction base="xs:string"> <xs:enumeration value="TBS"/> <xs:enumeration value="Wellknown"/> </xs:restriction> </xs:simpleType> <!-- Certificate EKU --> <xs:element name="CertEKU"> <xs:complexType> <xs:attribute name="ID" type="EKUType" use="required"/> </xs:complexType> </xs:element> <!-- Certificate OEM ID--> <xs:element name="CertOemID"> <xs:complexType> <xs:attribute name="Value" type="xs:string" use="required"/> </xs:complexType> </xs:element> <!-- Certificate Publisher --> <xs:element name="CertPublisher"> <xs:complexType> <xs:attribute name="Value" type="xs:string" use="required"/> </xs:complexType> </xs:element> <!-- Certificate Issuer--> <xs:element name="CertIssuer"> <xs:complexType> <xs:attribute name="Value" type="xs:string" use="required"/> </xs:complexType> </xs:element> <!-- certificate to chain to--> <xs:element name="CertRoot"> <xs:complexType> <xs:attribute name="Type" type="CertEnumType" use="required" /> <!-- Value is either wellknow Root ID or TBS hash, both in hexBinary form--> <xs:attribute name="Value" type="xs:hexBinary" use="required" /> </xs:complexType> </xs:element> <!-- Product Signers--> <xs:element name="ProductSigners"> <xs:complexType> <xs:all minOccurs="1" maxOccurs="1"> <xs:element ref="AllowedSigners" minOccurs="0" maxOccurs="1"/> <xs:element ref="DeniedSigners" minOccurs="0" maxOccurs="1"/> <xs:element ref="FileRulesRef" minOccurs="0" maxOccurs="1"/> </xs:all> </xs:complexType> </xs:element> <!-- Test Signers--> <xs:element name="TestSigners"> <xs:complexType> <xs:sequence minOccurs="1" maxOccurs="1"> <xs:element ref="AllowedSigners" minOccurs="0" maxOccurs="1"/> <xs:element ref="DeniedSigners" minOccurs="0" maxOccurs="1"/> <xs:element ref="FileRulesRef" minOccurs="0" maxOccurs="1"/> </xs:sequence> </xs:complexType> </xs:element> <!-- TestSiging Signers--> <xs:element name="TestSigningSigners"> <xs:complexType> <xs:sequence minOccurs="1" maxOccurs="1"> <xs:element ref="AllowedSigners" minOccurs="0" maxOccurs="1"/> <xs:element ref="DeniedSigners" minOccurs="0" maxOccurs="1"/> <xs:element ref="FileRulesRef" minOccurs="0" maxOccurs="1"/> </xs:sequence> </xs:complexType> </xs:element> <!-- Signer Type--> <xs:complexType name="SignerType"> <xs:annotation> <xs:documentation> Define a Signer </xs:documentation> </xs:annotation> <xs:sequence minOccurs="1" maxOccurs="1"> <xs:element ref="CertRoot" minOccurs="1" maxOccurs="1"/> <xs:element ref="CertEKU" minOccurs="1" maxOccurs="1"/> <xs:element ref="CertPublisher" minOccurs="0" maxOccurs="1"/> <xs:element ref="CertOemID" minOccurs="0" maxOccurs="1"/> </xs:sequence> <xs:attribute name="Name" type="SignerNameType" use="required" /> <xs:attribute name="ID" type="SignerIdType" use="required" /> </xs:complexType> <!-- Signing Scenario Type--> <xs:complexType name="SigningScenarioType"> <xs:annotation> <xs:documentation> Define a Signing Scenario type </xs:documentation> </xs:annotation> <xs:sequence minOccurs="1" maxOccurs="1"> <xs:element ref="ProductSigners" minOccurs="1" maxOccurs="1"/> <xs:element ref="TestSigners" minOccurs="0" maxOccurs="1"/> <xs:element ref="TestSigningSigners" minOccurs="0" maxOccurs="1"/> </xs:sequence> <xs:attribute name="Name" type="SignerNameType" use="required" /> <xs:attribute name="ID" type="SignerIdType" use="required" /> </xs:complexType> <!-- EKU Type--> <xs:simpleType name="EKUType"> <xs:annotation> <xs:documentation> EKU ID type starts with ID_EKU_ </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"> <xs:pattern value="ID_EKU_[A-Z][_A-Z0-9]*" /> <xs:minLength value="1"/> </xs:restriction> </xs:simpleType> <!-- Signing Scenario ID Type --> <xs:simpleType name="SigningScenarioIDType"> <xs:annotation> <xs:documentation> Signing Scenario ID type starts with ID_SIGNGINGSCENARIO_ </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"> <xs:pattern value="ID_SIGNINGSCENARIO_[A-Z][_A-Z0-9]*" /> <xs:minLength value="1"/> </xs:restriction> </xs:simpleType> <!-- Signing Scenario IDs Type--> <xs:simpleType name="SigningScenarioIDsType"> <xs:annotation> <xs:documentation> Multiple ID_SIGNINGSCENARIO_ seperated by ',' </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"> <xs:pattern value="((ID_SIGNINGSCENARIO_[A-Z][_A-Z0-9]*)[,]?)*" /> <xs:minLength value="1"/> </xs:restriction> </xs:simpleType> <!-- Allow File Rule ID Type--> <xs:simpleType name="AllowType"> <xs:annotation> <xs:documentation> Allow Rule ID should start with ID_ALLOW_ </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"> <xs:pattern value="ID_ALLOW_[A-Z][_A-Z0-9]*" /> </xs:restriction> </xs:simpleType> <!-- Generic file attribute type that can be used directly inside a signer--> <xs:simpleType name="FileAttribType"> <xs:annotation> <xs:documentation> Generic file rule ID should start with ID_FILEATTRIB_ </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"> <xs:pattern value="ID_FILEATTRIB_[A-Z][_A-Z0-9]*" /> <xs:minLength value="10"/> </xs:restriction> </xs:simpleType> <!-- Deny File RUle ID Type--> <xs:simpleType name="DenyType"> <xs:annotation> <xs:documentation> Deny Rule ID should start with ID_DENY_ </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"> <xs:pattern value="ID_DENY_[A-Z][_A-Z0-9]*" /> <xs:minLength value="1"/> </xs:restriction> </xs:simpleType> <!-- Signer ID Type --> <xs:simpleType name="SignerIdType"> <xs:annotation> <xs:documentation> Signer ID should start with ID_SIGNER_ </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"> <xs:pattern value="ID_SIGNER_[A-Z][_A-Z0-9]*" /> <xs:minLength value="1"/> </xs:restriction> </xs:simpleType> <!-- FileRulesRef Element--> <xs:element name="FileRulesRef"> <xs:annotation> <xs:documentation> FileRulesRef is a collection of FileRuleRef </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence> <xs:element ref="FileRuleRef" minOccurs="1" maxOccurs="10000000" /> </xs:sequence> <!-- Work around with XSD.exe http://connect.microsoft.com/VisualStudio/feedback/details/471297 --> <xs:attribute name="Workaround" type="xs:string" /> </xs:complexType> </xs:element> <!-- File Rule ID Type --> <xs:simpleType name="RuleIdType"> <xs:annotation> <xs:documentation> Multiple ID_ALLOW_ or ID_DENY_ separated by ',' </xs:documentation> </xs:annotation> <xs:restriction base="xs:string"> <xs:pattern value="((ID_ALLOW_[A-Z][_A-Z0-9]*))*((ID_DENY_[A-Z][_A-Z0-9]*))*" /> <xs:minLength value="1"/> </xs:restriction> </xs:simpleType> <!-- FileRuleRef Element --> <xs:element name="FileRuleRef"> <xs:annotation> <xs:documentation> Used to reference an file rule through rule ID </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="RuleID" type="RuleIdType" use="optional" /> </xs:complexType> </xs:element> <xs:element name="FileAttribRef"> <xs:annotation> <xs:documentation> A FileAttribRef is used to reference a FILE_ATTRIB rule through ID </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="RuleID" type="FileAttribType" use="required" /> </xs:complexType> </xs:element> <!-- ExceptDenyRule element--> <xs:element name="ExceptDenyRule"> <xs:annotation> <xs:documentation> ExceptDenyRule rule is a deny rule type. It makes specific allow Signer conditional. If the allow Signer rule allows, but the exception condition met, then the result is deny. </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="DenyRuleID" type="DenyType" use="required" /> </xs:complexType> </xs:element> <!-- ExceptAllowRule element--> <xs:element name="ExceptAllowRule"> <xs:annotation> <xs:documentation> ExceptAllowRule rule is an allow rule type. It makes specific deny Signer conditional. </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="AllowRuleID" type="AllowType" use="required" /> </xs:complexType> </xs:element> <!-- EKUs Element--> <xs:element name="EKUs"> <xs:annotation> <xs:documentation> Collection of EKUs. </xs:documentation> </xs:annotation> <xs:complexType> <xs:choice minOccurs="1" maxOccurs="255"> <xs:element ref="EKU" minOccurs="0" maxOccurs="255" /> </xs:choice> </xs:complexType> </xs:element> <!-- Define one EKU --> <xs:element name="EKU"> <xs:annotation> <xs:documentation> Define an EKU </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="ID" type="EKUType" use="required" /> <xs:attribute name="Value" type="xs:hexBinary" use="required" /> <xs:attribute name="FriendlyName" type="xs:string" use="optional" /> </xs:complexType> </xs:element> <!-- Define File Rule Collection--> <xs:element name="FileRules"> <xs:annotation> <xs:documentation> Collection of File Rules. </xs:documentation> </xs:annotation> <xs:complexType> <xs:choice minOccurs="1" maxOccurs="10000000"> <xs:element ref="Allow" minOccurs="0" maxOccurs="10000000" /> <xs:element ref="Deny" minOccurs="0" maxOccurs="10000000" /> <xs:element ref="FileAttrib" minOccurs="0" maxOccurs="10000000" /> </xs:choice> </xs:complexType> </xs:element> <!-- Allow element --> <xs:element name="Allow"> <xs:annotation> <xs:documentation> Define a file allow rule </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="ID" type="AllowType" use="required" /> <xs:attribute name="FriendlyName" type="xs:string" use="optional" /> <xs:attribute name="FileName" type="xs:string" use="optional" /> <xs:attribute name="InternalName" type="xs:string" use="optional" /> <xs:attribute name="FileDescription" type="xs:string" use="optional" /> <xs:attribute name="ProductName" type="xs:string" use="optional" /> <xs:attribute name="PackageFamilyName" type="xs:string" use="optional" /> <xs:attribute name="PackageVersion" type="VersionExType" use="optional" /> <xs:attribute name="MinimumFileVersion" type="VersionExType" use="optional" /> <xs:attribute name="MaximumFileVersion" type="VersionExType" use="optional" /> <xs:attribute name="Hash" type="xs:hexBinary" use="optional" /> <xs:attribute name="AppIDs" type="AppIdType" use="optional" /> </xs:complexType> </xs:element> <!-- Deny File Rule element--> <xs:element name="Deny"> <xs:annotation> <xs:documentation> Define a File deny rule </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="ID" type="DenyType" use="required" /> <xs:attribute name="FriendlyName" type="xs:string" use="optional" /> <xs:attribute name="FileName" type="xs:string" use="optional" /> <xs:attribute name="InternalName" type="xs:string" use="optional" /> <xs:attribute name="FileDescription" type="xs:string" use="optional" /> <xs:attribute name="ProductName" type="xs:string" use="optional" /> <xs:attribute name="PackageFamilyName" type="xs:string" use="optional" /> <xs:attribute name="PackageVersion" type="VersionExType" use="optional" /> <xs:attribute name="MinimumFileVersion" type="VersionExType" use="optional" /> <xs:attribute name="MaximumFileVersion" type="VersionExType" use="optional" /> <xs:attribute name="Hash" type="xs:hexBinary" use="optional" /> <xs:attribute name="AppIDs" type="AppIdType" use="optional" /> </xs:complexType> </xs:element> <xs:element name="FileAttrib"> <xs:annotation> <xs:documentation> Define a generic file attribute rule than can be combined with Signers </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="ID" type="FileAttribType" use="required" /> <xs:attribute name="FriendlyName" type="xs:string" use="optional" /> <xs:attribute name="FileName" type="xs:string" use="optional" /> <xs:attribute name="InternalName" type="xs:string" use="optional" /> <xs:attribute name="FileDescription" type="xs:string" use="optional" /> <xs:attribute name="ProductName" type="xs:string" use="optional" /> <xs:attribute name="PackageFamilyName" type="xs:string" use="optional" /> <xs:attribute name="PackageVersion" type="VersionExType" use="optional" /> <xs:attribute name="MinimumFileVersion" type="VersionExType" use="optional" /> <xs:attribute name="MaximumFileVersion" type="VersionExType" use="optional" /> <xs:attribute name="Hash" type="xs:hexBinary" use="optional" /> <xs:attribute name="AppIDs" type="AppIdType" use="optional" /> </xs:complexType> </xs:element> <!-- Allowed Signers element--> <xs:element name="AllowedSigners"> <xs:annotation> <xs:documentation> Colletion of AllowedSigner </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence> <xs:element ref="AllowedSigner" minOccurs="1" maxOccurs="10000000" /> </xs:sequence> <!-- Work around with XSD.exe http://connect.microsoft.com/VisualStudio/feedback/details/471297 --> <xs:attribute name="Workaround" type="xs:string" /> </xs:complexType> </xs:element> <!-- Denied Signers element--> <xs:element name="DeniedSigners"> <xs:annotation> <xs:documentation> Colletion of DeniedSigner </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence> <xs:element ref="DeniedSigner" minOccurs="1" maxOccurs="10000000" /> </xs:sequence> <!-- Work around with XSD.exe http://connect.microsoft.com/VisualStudio/feedback/details/471297 --> <xs:attribute name="Workaround" type="xs:string" /> </xs:complexType> </xs:element> <!-- Allowed Signer element--> <xs:element name="AllowedSigner"> <xs:annotation> <xs:documentation> An AllowedSigner defines a signer with condition (with exceptions) </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence minOccurs="1" maxOccurs="1"> <xs:element ref="ExceptDenyRule" minOccurs="0" maxOccurs="10000000"/> </xs:sequence> <xs:attribute name="SignerId" type="SignerIdType" use ="required" /> </xs:complexType> </xs:element> <!-- Denied Signer element--> <xs:element name="DeniedSigner"> <xs:annotation> <xs:documentation> An DeniedSgner defines a deny rule </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence minOccurs="1" maxOccurs="1"> <xs:element ref="ExceptAllowRule" minOccurs="0" maxOccurs="10000000"/> </xs:sequence> <xs:attribute name="SignerId" type="SignerIdType" use ="required" /> </xs:complexType> </xs:element> <!-- Update Policy Signer--> <xs:element name="UpdatePolicySigner"> <xs:annotation> <xs:documentation> defines a signer for System Integrity Policy Updating </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="SignerId" type="SignerIdType" use ="required" /> </xs:complexType> </xs:element> <xs:element name="UpdatePolicySigners"> <xs:annotation> <xs:documentation> Collection of UpdatePolicySigner. </xs:documentation> </xs:annotation> <xs:complexType> <xs:choice minOccurs="1" maxOccurs="10000000"> <xs:element ref="UpdatePolicySigner" minOccurs="0" maxOccurs="10000000" /> </xs:choice> </xs:complexType> </xs:element> <!-- Signers for CI --> <xs:element name="CiSigner"> <xs:annotation> <xs:documentation> defines a signer that CI will trust for CI signing levels. </xs:documentation> </xs:annotation> <xs:complexType> <xs:attribute name="SignerId" type="SignerIdType" use ="required" /> </xs:complexType> </xs:element> <xs:element name="CiSigners"> <xs:annotation> <xs:documentation> Collection of CiSigner. </xs:documentation> </xs:annotation> <xs:complexType> <xs:choice minOccurs="1" maxOccurs="10000000"> <xs:element ref="CiSigner" minOccurs="0" maxOccurs="10000000" /> </xs:choice> </xs:complexType> </xs:element> <xs:element name="Signers"> <xs:annotation> <xs:documentation> Collection of signers. </xs:documentation> </xs:annotation> <xs:complexType> <xs:choice minOccurs="1" maxOccurs="10000000"> <xs:element ref="Signer" minOccurs="0" maxOccurs="10000000" /> </xs:choice> </xs:complexType> </xs:element> <xs:element name="Signer"> <xs:annotation> <xs:documentation> A Signer </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence minOccurs="1" maxOccurs="1"> <xs:element ref="CertRoot" minOccurs="1" maxOccurs="1"/> <xs:element ref="CertEKU" minOccurs="0" maxOccurs="255"/> <xs:element ref="CertIssuer" minOccurs="0" maxOccurs="1"/> <xs:element ref="CertPublisher" minOccurs="0" maxOccurs="1"/> <xs:element ref="CertOemID" minOccurs="0" maxOccurs="1"/> <xs:element ref="FileAttribRef" minOccurs="0" maxOccurs="10000000"/> </xs:sequence> <xs:attribute name="Name" type="SignerNameType" use="required" /> <xs:attribute name="ID" type="SignerIdType" use="required" /> <xs:attribute name="SignTimeAfter" type="SignTimeType" use="optional" /> </xs:complexType> </xs:element> <xs:element name="SigningScenarios"> <xs:annotation> <xs:documentation> Collection of SigningScenarios </xs:documentation> </xs:annotation> <xs:complexType> <xs:choice minOccurs="1" maxOccurs="255"> <xs:element ref="SigningScenario" minOccurs="0" maxOccurs="255" /> </xs:choice> </xs:complexType> </xs:element> <xs:element name="SigningScenario"> <xs:annotation> <xs:documentation> Define a Signing Scenario </xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence minOccurs="1" maxOccurs="1"> <xs:element ref="ProductSigners" minOccurs="1" maxOccurs="1"/> <xs:element ref="TestSigners" minOccurs="0" maxOccurs="1"/> <xs:element ref="TestSigningSigners" minOccurs="0" maxOccurs="1"/> </xs:sequence> <xs:attribute name="ID" type="SigningScenarioIDType" use="required" /> <xs:attribute name="FriendlyName" type="SignerNameType" use="optional" /> <xs:attribute name="Value" type="xs:unsignedByte" use="required" /> <xs:attribute name="InheritedScenarios" type="SigningScenarioIDsType" use="optional" /> <xs:attribute name="MinimumHashAlgorithm" type="UShortType" use="optional" /> </xs:complexType> </xs:element> <!-- The SI Policy definition--> <xs:element name="SiPolicy"> <xs:complexType> <xs:all> <xs:element name="VersionEx" type="VersionExType" minOccurs="1" maxOccurs="1"/> <xs:element name="PolicyTypeID" type="GuidType" minOccurs="1" maxOccurs="1"/> <xs:element name="PlatformID" type="GuidType" minOccurs="1" maxOccurs="1"/> <xs:element name="Rules"> <xs:complexType> <xs:sequence> <xs:element name="Rule" type="RuleType" minOccurs="0" maxOccurs="65535"/> </xs:sequence> </xs:complexType> </xs:element> <xs:element ref="EKUs" minOccurs="0" maxOccurs="1"/> <xs:element ref="FileRules" minOccurs="0" maxOccurs="1"/> <xs:element ref="Signers" minOccurs="0" maxOccurs="1"/> <xs:element ref="SigningScenarios" minOccurs="0" maxOccurs="1"/> <xs:element ref="UpdatePolicySigners" minOccurs="0" maxOccurs="1"/> <xs:element ref="CiSigners" minOccurs="0" maxOccurs="1"/> <xs:element name="HvciOptions" type="DWordType" minOccurs="0" maxOccurs="1"/> <xs:element ref="Settings" minOccurs="0" maxOccurs="1"/> <xs:element ref="Macros" minOccurs="0" maxOccurs="1"/> </xs:all> <xs:attribute name="FriendlyName" type="xs:string" use="optional" /> </xs:complexType> </xs:element> </xs:schema>