diff options
Diffstat (limited to 'auth-client/src/main/xsd/certman_1_0.xsd')
-rw-r--r-- | auth-client/src/main/xsd/certman_1_0.xsd | 169 |
1 files changed, 169 insertions, 0 deletions
diff --git a/auth-client/src/main/xsd/certman_1_0.xsd b/auth-client/src/main/xsd/certman_1_0.xsd new file mode 100644 index 00000000..19c698b9 --- /dev/null +++ b/auth-client/src/main/xsd/certman_1_0.xsd @@ -0,0 +1,169 @@ +<!-- + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * +--> + +<xs:schema + xmlns:xs="http://www.w3.org/2001/XMLSchema" + xmlns:certman="urn:certman:v1_0" + targetNamespace="urn:certman:v1_0" + elementFormDefault="qualified"> + + + <!-- Jonathan 4/21/2016 New for Certificate Info --> + <xs:element name="certInfo"> + <xs:complexType> + <xs:sequence> + <!-- Base64 Encoded Private Key --> + <xs:element name="privatekey" type="xs:string" minOccurs="0" maxOccurs="1"/> + <!-- Base64 Encoded Certificate --> + <xs:element name="certs" type="xs:string" minOccurs="1" maxOccurs="unbounded"/> + <!-- Challenge Password (2 method Auth) --> + <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/> + <!-- Notes from Server concerning Cert (not an error) --> + <xs:element name="notes" type="xs:string" minOccurs="0" maxOccurs="1"/> + <!-- Issuer DNs from CA --> + <xs:element name="caIssuerDNs" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> + <!-- ENV in Cert --> + <xs:element name="env" type="xs:string" minOccurs="0" maxOccurs="1"/> + </xs:sequence> + </xs:complexType> + </xs:element> + + <xs:complexType name="baseRequest"> + <xs:sequence> + <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/> + <!-- Sponsor is only required if the caller is not Sponsor. In that case, the calling ID must be delegated to do the work. --> + <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1"/> + <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" /> + <xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/> + </xs:sequence> + </xs:complexType> + + <xs:complexType name="specificRequest"> + <xs:complexContent> + <xs:extension base="certman:baseRequest"> + <xs:sequence> + <xs:element name="serial" type="xs:string" minOccurs="1" maxOccurs="1"/> + <!-- Certificate has been compromised or other security issue --> + <xs:element name="revoke" type="xs:boolean" minOccurs="0" maxOccurs="1" default="false"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + + <xs:element name="certificateRequest"> + <xs:complexType> + <xs:complexContent> + <xs:extension base="certman:baseRequest"> + <xs:sequence> + <!-- One FQDN is required. Multiple driven by Policy --> + <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/> + <!-- Optional Email for getting Public Certificate --> + <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + </xs:element> + + <xs:element name="clientX509Request"> + <xs:complexType> + <xs:sequence> + <xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="unbounded"/> + <xs:element name="email" type="xs:string" minOccurs="1" maxOccurs="unbounded"/> + <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" /> + <xs:element name="end" type="xs:date" minOccurs="1" maxOccurs="1"/> + </xs:sequence> + </xs:complexType> + </xs:element> + + <xs:element name="certificateRenew"> + <xs:complexType> + <xs:complexContent> + <xs:extension base="certman:specificRequest"> + <xs:sequence> + <!-- One FQDN is required. Multiple driven by Policy --> + <xs:element name="fqdns" type="xs:string" minOccurs="1" maxOccurs="unbounded"/> + <!-- Challenge Password (for accessing manually) TODO Is it necessary? --> + <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/> + <!-- Optional Email for getting Public Certificate --> + <xs:element name="email" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + </xs:element> + + <xs:element name="certificateDrop"> + <xs:complexType> + <xs:complexContent> + <xs:extension base="certman:specificRequest"> + <xs:sequence> + <!-- Challenge Password (for accessing manually) TODO Is it necessary? --> + <xs:element name="challenge" type="xs:string" minOccurs="0" maxOccurs="1"/> + </xs:sequence> + </xs:extension> + </xs:complexContent> + </xs:complexType> + </xs:element> + + <!-- Placement Structures --> + + <xs:element name="artifacts"> + <xs:complexType> + <xs:sequence> + <xs:element name="artifact" minOccurs="0" maxOccurs="unbounded"> + <xs:complexType> + <xs:sequence> + <xs:element name="mechid" type="xs:string" minOccurs="1" maxOccurs="1"/> + <xs:element name="machine" type="xs:string" minOccurs="0" maxOccurs="1" /> + <xs:element name="type" minOccurs="1" maxOccurs="3"> + <xs:simpleType> + <xs:restriction base="xs:string"> + <xs:enumeration value="file"/> + <xs:enumeration value="jks"/> + <xs:enumeration value="print"/> + </xs:restriction> + </xs:simpleType> + </xs:element> + <xs:element name="ca" type="xs:string" minOccurs="1" maxOccurs="1" /> + <xs:element name="dir" type="xs:string" minOccurs="1" maxOccurs="1"/> + <xs:element name="os_user" type="xs:string" minOccurs="1" maxOccurs="1"/> + <!-- Ignored on input, and set by TABLES. However, returned on output --> + <xs:element name="sponsor" type="xs:string" minOccurs="0" maxOccurs="1" /> + <!-- Optional... if empty, will use MechID Namespace --> + <xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/> + <!-- Optional... if empty, will notify Sponsor --> + <xs:element name="notification" type="xs:string" minOccurs="0" maxOccurs="1"/> + <!-- Optional... Days before auto renewal. Min is 10. Max is 1/3 expiration (60) --> + <xs:element name="renewDays" type="xs:int" minOccurs="0" maxOccurs="1" default="30"/> + <!-- Optional... Additional SANS. May be denied by CA. --> + <xs:element name="sans" type="xs:string" minOccurs="0" maxOccurs="99"/> + + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + + + +</xs:schema> |