2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
23 xmlns:xs="http://www.w3.org/2001/XMLSchema"
24 xmlns:certman="urn:certman:v2_0"
25 targetNamespace="urn:certman:v2_0"
26 elementFormDefault="qualified">
29 <!-- Jonathan 4/21/2016 New for Certificate Info -->
30 <xs:element name="certInfo">
33 <!-- Base64 Encoded Private Key -->
34 <xs:element name="privatekey" type="xs:string" minOccurs="0" maxOccurs="1"/>
35 <!-- Base64 Encoded Certificate -->
36 <xs:element name="certs" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
37 <!-- Challenge Password (2 method Auth) -->
38 <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
39 <!-- Notes from Server concerning Cert (not an error) -->
40 <xs:element name="notes" type="xs:string" minOccurs="0" maxOccurs="1"/>
41 <!-- Issuer DNs from CA -->
42 <xs:element name="caIssuerDNs" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
44 <xs:element name="env" type="xs:string" minOccurs="0" maxOccurs="1"/>
49 <xs:complexType name="baseRequest">
51 <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/>
52 <!-- Sponsor is only required if the caller is not Sponsor. In that case, the calling ID must be delegated to do the work. -->
53 <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1"/>
54 <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
55 <xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/>
59 <xs:complexType name="specificRequest">
61 <xs:extension base="certman:baseRequest">
63 <xs:element name="serial" type="xs:string" minOccurs="1" maxOccurs="1"/>
64 <!-- Certificate has been compromised or other security issue -->
65 <xs:element name="revoke" type="xs:boolean" minOccurs="0" maxOccurs="1" default="false"/>
71 <xs:element name="certificateRequest">
74 <xs:extension base="certman:baseRequest">
76 <!-- One FQDN is required. Multiple driven by Policy -->
77 <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
78 <!-- Optional Email for getting Public Certificate -->
79 <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
86 <xs:element name="clientX509Request">
89 <xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
90 <xs:element name="email" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
91 <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
92 <xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/>
97 <xs:element name="certificateRenew">
100 <xs:extension base="certman:specificRequest">
102 <!-- One FQDN is required. Multiple driven by Policy -->
103 <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
104 <!-- Challenge Password (for accessing manually) TODO Is it necessary? -->
105 <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
106 <!-- Optional Email for getting Public Certificate -->
107 <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
114 <xs:element name="certificateDrop">
117 <xs:extension base="certman:specificRequest">
119 <!-- Challenge Password (for accessing manually) TODO Is it necessary? -->
120 <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/>
127 <!-- Placement Structures -->
129 <xs:element name="artifacts">
132 <xs:element name="artifact" minOccurs="0" maxOccurs="unbounded">
135 <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/>
136 <xs:element name="machine" type="xs:string" minOccurs="0" maxOccurs="1" />
137 <xs:element name="type" minOccurs="1" maxOccurs="3">
139 <xs:restriction base="xs:string">
140 <xs:enumeration value="file"/>
141 <xs:enumeration value="jks"/>
142 <xs:enumeration value="print"/>
146 <xs:element name="ca" type="xs:string" minOccurs="1" maxOccurs="1" />
147 <xs:element name="dir" type="xs:string" minOccurs="1" maxOccurs="1"/>
148 <xs:element name="os_user" type="xs:string" minOccurs="1" maxOccurs="1"/>
149 <!-- Ignored on input, and set by TABLES. However, returned on output -->
150 <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1" />
151 <!-- Optional... if empty, will use MechID Namespace -->
152 <xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
153 <!-- Optional... if empty, will notify Sponsor -->
154 <xs:element name="notification" type="xs:string" minOccurs="0" maxOccurs="1"/>
155 <!-- Optional... Days before auto renewal. Min is 10. Max is 1/3 expiration (60) -->
156 <xs:element name="renewDays" type="xs:int" minOccurs="0" maxOccurs="1" default="30"/>
157 <!-- Optional... Additional SANS. May be denied by CA. -->
158 <xs:element name="sans" type="xs:string" minOccurs="0" maxOccurs="99"/>
Code Review / aaf / authz.git / blob