diff options
| author | Rob Austein <sra@hactrn.net> | 2009-04-22 13:46:07 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2009-04-22 13:46:07 +0000 |
| commit | 725bc9130dd16ffffa5277382b23cda6c069ef6c (patch) | |
| tree | 5af44e18a41443c108fcd22444fedea9c5fcb2a5 /rpkid.stable/left-right-schema.rng | |
| parent | 3752b1127d4834b00a93153b96d23a370738c942 (diff) | |
Branch stable code from before start of the event-driven rewrite.
svn path=/rpkid.stable; revision=2354
Diffstat (limited to 'rpkid.stable/left-right-schema.rng')
| -rw-r--r-- | rpkid.stable/left-right-schema.rng | 949 |
1 files changed, 949 insertions, 0 deletions
diff --git a/rpkid.stable/left-right-schema.rng b/rpkid.stable/left-right-schema.rng new file mode 100644 index 00000000..4976416a --- /dev/null +++ b/rpkid.stable/left-right-schema.rng @@ -0,0 +1,949 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + $Id: left-right-schema.rnc 1835 2008-06-02 23:43:01Z sra $ + + RelaxNG Schema for RPKI left-right protocol. + + libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so + run the compact syntax through trang to get XML syntax. +--> +<grammar ns="http://www.hactrn.net/uris/rpki/left-right-spec/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"> + <!-- Top level PDU --> + <start> + <element name="msg"> + <attribute name="version"> + <data type="positiveInteger"> + <param name="maxInclusive">1</param> + </data> + </attribute> + <choice> + <group> + <attribute name="type"> + <value>query</value> + </attribute> + <zeroOrMore> + <ref name="query_elt"/> + </zeroOrMore> + </group> + <group> + <attribute name="type"> + <value>reply</value> + </attribute> + <zeroOrMore> + <ref name="reply_elt"/> + </zeroOrMore> + </group> + </choice> + </element> + </start> + <!-- PDUs allowed in a query --> + <define name="query_elt" combine="choice"> + <ref name="self_query"/> + </define> + <define name="query_elt" combine="choice"> + <ref name="bsc_query"/> + </define> + <define name="query_elt" combine="choice"> + <ref name="parent_query"/> + </define> + <define name="query_elt" combine="choice"> + <ref name="child_query"/> + </define> + <define name="query_elt" combine="choice"> + <ref name="repository_query"/> + </define> + <define name="query_elt" combine="choice"> + <ref name="route_origin_query"/> + </define> + <define name="query_elt" combine="choice"> + <ref name="list_resources_query"/> + </define> + <!-- PDUs allowed in a reply --> + <define name="reply_elt" combine="choice"> + <ref name="self_reply"/> + </define> + <define name="reply_elt" combine="choice"> + <ref name="bsc_reply"/> + </define> + <define name="reply_elt" combine="choice"> + <ref name="parent_reply"/> + </define> + <define name="reply_elt" combine="choice"> + <ref name="child_reply"/> + </define> + <define name="reply_elt" combine="choice"> + <ref name="repository_reply"/> + </define> + <define name="reply_elt" combine="choice"> + <ref name="route_origin_reply"/> + </define> + <define name="reply_elt" combine="choice"> + <ref name="list_resources_reply"/> + </define> + <define name="reply_elt" combine="choice"> + <ref name="report_error_reply"/> + </define> + <!-- Tag attributes for bulk operations --> + <define name="tag"> + <optional> + <attribute name="tag"> + <data type="token"> + <param name="maxLength">1024</param> + </data> + </attribute> + </optional> + </define> + <!-- + Combinations of action and type attributes used in later definitions. + The same patterns repeat in most of the elements in this protocol. + --> + <define name="ctl_create"> + <attribute name="action"> + <value>create</value> + </attribute> + <ref name="tag"/> + </define> + <define name="ctl_set"> + <attribute name="action"> + <value>set</value> + </attribute> + <ref name="tag"/> + </define> + <define name="ctl_get"> + <attribute name="action"> + <value>get</value> + </attribute> + <ref name="tag"/> + </define> + <define name="ctl_list"> + <attribute name="action"> + <value>list</value> + </attribute> + <ref name="tag"/> + </define> + <define name="ctl_destroy"> + <attribute name="action"> + <value>destroy</value> + </attribute> + <ref name="tag"/> + </define> + <!-- Base64 encoded DER stuff --> + <define name="base64"> + <data type="base64Binary"> + <param name="maxLength">512000</param> + </data> + </define> + <!-- Base definition for all fields that are really just SQL primary indices --> + <define name="sql_id"> + <data type="nonNegativeInteger"/> + </define> + <!-- URIs --> + <define name="uri"> + <data type="anyURI"> + <param name="maxLength">4096</param> + </data> + </define> + <!-- Name fields imported from up-down protocol --> + <define name="up_down_name"> + <data type="token"> + <param name="maxLength">1024</param> + </data> + </define> + <!-- Resource lists --> + <define name="asn_list"> + <data type="string"> + <param name="maxLength">512000</param> + <param name="pattern">[\-,0-9]*</param> + </data> + </define> + <define name="ipv4_list"> + <data type="string"> + <param name="maxLength">512000</param> + <param name="pattern">[\-,0-9/.]*</param> + </data> + </define> + <define name="ipv6_list"> + <data type="string"> + <param name="maxLength">512000</param> + <param name="pattern">[\-,0-9/:a-fA-F]*</param> + </data> + </define> + <!-- <self/> element --> + <define name="self_bool"> + <optional> + <attribute name="rekey"> + <value>yes</value> + </attribute> + </optional> + <optional> + <attribute name="reissue"> + <value>yes</value> + </attribute> + </optional> + <optional> + <attribute name="revoke"> + <value>yes</value> + </attribute> + </optional> + <optional> + <attribute name="run_now"> + <value>yes</value> + </attribute> + </optional> + <optional> + <attribute name="publish_world_now"> + <value>yes</value> + </attribute> + </optional> + </define> + <define name="self_payload"> + <optional> + <attribute name="use_hsm"> + <choice> + <value>yes</value> + <value>no</value> + </choice> + </attribute> + </optional> + <optional> + <attribute name="crl_interval"> + <data type="positiveInteger"/> + </attribute> + </optional> + <optional> + <attribute name="regen_margin"> + <data type="positiveInteger"/> + </attribute> + </optional> + <optional> + <element name="bpki_cert"> + <ref name="base64"/> + </element> + </optional> + <optional> + <element name="bpki_glue"> + <ref name="base64"/> + </element> + </optional> + </define> + <define name="self_id"> + <attribute name="self_id"> + <ref name="sql_id"/> + </attribute> + </define> + <define name="self_query" combine="choice"> + <element name="self"> + <ref name="ctl_create"/> + <ref name="self_bool"/> + <ref name="self_payload"/> + </element> + </define> + <define name="self_reply" combine="choice"> + <element name="self"> + <ref name="ctl_create"/> + <ref name="self_id"/> + </element> + </define> + <define name="self_query" combine="choice"> + <element name="self"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="self_bool"/> + <ref name="self_payload"/> + </element> + </define> + <define name="self_reply" combine="choice"> + <element name="self"> + <ref name="ctl_set"/> + <ref name="self_id"/> + </element> + </define> + <define name="self_query" combine="choice"> + <element name="self"> + <ref name="ctl_get"/> + <ref name="self_id"/> + </element> + </define> + <define name="self_reply" combine="choice"> + <element name="self"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="self_payload"/> + </element> + </define> + <define name="self_query" combine="choice"> + <element name="self"> + <ref name="ctl_list"/> + </element> + </define> + <define name="self_reply" combine="choice"> + <element name="self"> + <ref name="ctl_list"/> + <ref name="self_id"/> + <ref name="self_payload"/> + </element> + </define> + <define name="self_query" combine="choice"> + <element name="self"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + </element> + </define> + <define name="self_reply" combine="choice"> + <element name="self"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + </element> + </define> + <!-- <bsc/> element. Key parameters hardwired for now. --> + <define name="bsc_bool"> + <optional> + <attribute name="generate_keypair"> + <value>yes</value> + </attribute> + <optional> + <attribute name="key_type"> + <value>rsa</value> + </attribute> + </optional> + <optional> + <attribute name="hash_alg"> + <value>sha256</value> + </attribute> + </optional> + <optional> + <attribute name="key_length"> + <value>2048</value> + </attribute> + </optional> + </optional> + </define> + <define name="bsc_id"> + <attribute name="bsc_id"> + <ref name="sql_id"/> + </attribute> + </define> + <define name="bsc_payload"> + <optional> + <element name="signing_cert"> + <ref name="base64"/> + </element> + </optional> + <optional> + <element name="signing_cert_crl"> + <ref name="base64"/> + </element> + </optional> + </define> + <define name="bsc_pkcs10"> + <optional> + <element name="pkcs10_request"> + <ref name="base64"/> + </element> + </optional> + </define> + <define name="bsc_query" combine="choice"> + <element name="bsc"> + <ref name="ctl_create"/> + <ref name="self_id"/> + <ref name="bsc_bool"/> + <ref name="bsc_payload"/> + </element> + </define> + <define name="bsc_reply" combine="choice"> + <element name="bsc"> + <ref name="ctl_create"/> + <ref name="self_id"/> + <ref name="bsc_id"/> + <ref name="bsc_pkcs10"/> + </element> + </define> + <define name="bsc_query" combine="choice"> + <element name="bsc"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="bsc_id"/> + <ref name="bsc_bool"/> + <ref name="bsc_payload"/> + </element> + </define> + <define name="bsc_reply" combine="choice"> + <element name="bsc"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="bsc_id"/> + <ref name="bsc_pkcs10"/> + </element> + </define> + <define name="bsc_query" combine="choice"> + <element name="bsc"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="bsc_id"/> + </element> + </define> + <define name="bsc_reply" combine="choice"> + <element name="bsc"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="bsc_id"/> + <ref name="bsc_payload"/> + <ref name="bsc_pkcs10"/> + </element> + </define> + <define name="bsc_query" combine="choice"> + <element name="bsc"> + <ref name="ctl_list"/> + <ref name="self_id"/> + </element> + </define> + <define name="bsc_reply" combine="choice"> + <element name="bsc"> + <ref name="ctl_list"/> + <ref name="self_id"/> + <ref name="bsc_id"/> + <ref name="bsc_payload"/> + <ref name="bsc_pkcs10"/> + </element> + </define> + <define name="bsc_query" combine="choice"> + <element name="bsc"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + <ref name="bsc_id"/> + </element> + </define> + <define name="bsc_reply" combine="choice"> + <element name="bsc"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + <ref name="bsc_id"/> + </element> + </define> + <!-- <parent/> element --> + <define name="parent_id"> + <attribute name="parent_id"> + <ref name="sql_id"/> + </attribute> + </define> + <define name="parent_bool"> + <optional> + <attribute name="rekey"> + <value>yes</value> + </attribute> + </optional> + <optional> + <attribute name="reissue"> + <value>yes</value> + </attribute> + </optional> + <optional> + <attribute name="revoke"> + <value>yes</value> + </attribute> + </optional> + </define> + <define name="parent_payload"> + <optional> + <attribute name="peer_contact_uri"> + <ref name="uri"/> + </attribute> + </optional> + <optional> + <attribute name="sia_base"> + <ref name="uri"/> + </attribute> + </optional> + <optional> + <ref name="bsc_id"/> + </optional> + <optional> + <ref name="repository_id"/> + </optional> + <optional> + <attribute name="sender_name"> + <ref name="up_down_name"/> + </attribute> + </optional> + <optional> + <attribute name="recipient_name"> + <ref name="up_down_name"/> + </attribute> + </optional> + <optional> + <element name="bpki_cms_cert"> + <ref name="base64"/> + </element> + </optional> + <optional> + <element name="bpki_cms_glue"> + <ref name="base64"/> + </element> + </optional> + <optional> + <element name="bpki_https_cert"> + <ref name="base64"/> + </element> + </optional> + <optional> + <element name="bpki_https_glue"> + <ref name="base64"/> + </element> + </optional> + </define> + <define name="parent_query" combine="choice"> + <element name="parent"> + <ref name="ctl_create"/> + <ref name="self_id"/> + <ref name="parent_bool"/> + <ref name="parent_payload"/> + </element> + </define> + <define name="parent_reply" combine="choice"> + <element name="parent"> + <ref name="ctl_create"/> + <ref name="self_id"/> + <ref name="parent_id"/> + </element> + </define> + <define name="parent_query" combine="choice"> + <element name="parent"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="parent_id"/> + <ref name="parent_bool"/> + <ref name="parent_payload"/> + </element> + </define> + <define name="parent_reply" combine="choice"> + <element name="parent"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="parent_id"/> + </element> + </define> + <define name="parent_query" combine="choice"> + <element name="parent"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="parent_id"/> + </element> + </define> + <define name="parent_reply" combine="choice"> + <element name="parent"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="parent_id"/> + <ref name="parent_payload"/> + </element> + </define> + <define name="parent_query" combine="choice"> + <element name="parent"> + <ref name="ctl_list"/> + <ref name="self_id"/> + </element> + </define> + <define name="parent_reply" combine="choice"> + <element name="parent"> + <ref name="ctl_list"/> + <ref name="self_id"/> + <ref name="parent_id"/> + <ref name="parent_payload"/> + </element> + </define> + <define name="parent_query" combine="choice"> + <element name="parent"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + <ref name="parent_id"/> + </element> + </define> + <define name="parent_reply" combine="choice"> + <element name="parent"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + <ref name="parent_id"/> + </element> + </define> + <!-- <child/> element --> + <define name="child_id"> + <attribute name="child_id"> + <ref name="sql_id"/> + </attribute> + </define> + <define name="child_bool"> + <optional> + <attribute name="reissue"> + <value>yes</value> + </attribute> + </optional> + </define> + <define name="child_payload"> + <optional> + <ref name="bsc_id"/> + </optional> + <optional> + <element name="bpki_cert"> + <ref name="base64"/> + </element> + </optional> + <optional> + <element name="bpki_glue"> + <ref name="base64"/> + </element> + </optional> + </define> + <define name="child_query" combine="choice"> + <element name="child"> + <ref name="ctl_create"/> + <ref name="self_id"/> + <ref name="child_bool"/> + <ref name="child_payload"/> + </element> + </define> + <define name="child_reply" combine="choice"> + <element name="child"> + <ref name="ctl_create"/> + <ref name="self_id"/> + <ref name="child_id"/> + </element> + </define> + <define name="child_query" combine="choice"> + <element name="child"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="child_id"/> + <ref name="child_bool"/> + <ref name="child_payload"/> + </element> + </define> + <define name="child_reply" combine="choice"> + <element name="child"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="child_id"/> + </element> + </define> + <define name="child_query" combine="choice"> + <element name="child"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="child_id"/> + </element> + </define> + <define name="child_reply" combine="choice"> + <element name="child"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="child_id"/> + <ref name="child_payload"/> + </element> + </define> + <define name="child_query" combine="choice"> + <element name="child"> + <ref name="ctl_list"/> + <ref name="self_id"/> + </element> + </define> + <define name="child_reply" combine="choice"> + <element name="child"> + <ref name="ctl_list"/> + <ref name="self_id"/> + <ref name="child_id"/> + <ref name="child_payload"/> + </element> + </define> + <define name="child_query" combine="choice"> + <element name="child"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + <ref name="child_id"/> + </element> + </define> + <define name="child_reply" combine="choice"> + <element name="child"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + <ref name="child_id"/> + </element> + </define> + <!-- <repository/> element --> + <define name="repository_id"> + <attribute name="repository_id"> + <ref name="sql_id"/> + </attribute> + </define> + <define name="repository_payload"> + <optional> + <attribute name="peer_contact_uri"> + <ref name="uri"/> + </attribute> + </optional> + <optional> + <ref name="bsc_id"/> + </optional> + <optional> + <element name="bpki_cms_cert"> + <ref name="base64"/> + </element> + </optional> + <optional> + <element name="bpki_cms_glue"> + <ref name="base64"/> + </element> + </optional> + <optional> + <element name="bpki_https_cert"> + <ref name="base64"/> + </element> + </optional> + <optional> + <element name="bpki_https_glue"> + <ref name="base64"/> + </element> + </optional> + </define> + <define name="repository_query" combine="choice"> + <element name="repository"> + <ref name="ctl_create"/> + <ref name="self_id"/> + <ref name="repository_payload"/> + </element> + </define> + <define name="repository_reply" combine="choice"> + <element name="repository"> + <ref name="ctl_create"/> + <ref name="self_id"/> + <ref name="repository_id"/> + </element> + </define> + <define name="repository_query" combine="choice"> + <element name="repository"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="repository_id"/> + <ref name="repository_payload"/> + </element> + </define> + <define name="repository_reply" combine="choice"> + <element name="repository"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="repository_id"/> + </element> + </define> + <define name="repository_query" combine="choice"> + <element name="repository"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="repository_id"/> + </element> + </define> + <define name="repository_reply" combine="choice"> + <element name="repository"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="repository_id"/> + <ref name="repository_payload"/> + </element> + </define> + <define name="repository_query" combine="choice"> + <element name="repository"> + <ref name="ctl_list"/> + <ref name="self_id"/> + </element> + </define> + <define name="repository_reply" combine="choice"> + <element name="repository"> + <ref name="ctl_list"/> + <ref name="self_id"/> + <ref name="repository_id"/> + <ref name="repository_payload"/> + </element> + </define> + <define name="repository_query" combine="choice"> + <element name="repository"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + <ref name="repository_id"/> + </element> + </define> + <define name="repository_reply" combine="choice"> + <element name="repository"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + <ref name="repository_id"/> + </element> + </define> + <!-- <route_origin/> element --> + <define name="route_origin_id"> + <attribute name="route_origin_id"> + <ref name="sql_id"/> + </attribute> + </define> + <define name="route_origin_bool"> + <optional> + <attribute name="suppress_publication"> + <value>yes</value> + </attribute> + </optional> + </define> + <define name="route_origin_payload"> + <optional> + <attribute name="as_number"> + <data type="positiveInteger"/> + </attribute> + </optional> + <optional> + <attribute name="ipv4"> + <ref name="ipv4_list"/> + </attribute> + </optional> + <optional> + <attribute name="ipv6"> + <ref name="ipv6_list"/> + </attribute> + </optional> + </define> + <define name="route_origin_query" combine="choice"> + <element name="route_origin"> + <ref name="ctl_create"/> + <ref name="self_id"/> + <ref name="route_origin_bool"/> + <ref name="route_origin_payload"/> + </element> + </define> + <define name="route_origin_reply" combine="choice"> + <element name="route_origin"> + <ref name="ctl_create"/> + <ref name="self_id"/> + <ref name="route_origin_id"/> + </element> + </define> + <define name="route_origin_query" combine="choice"> + <element name="route_origin"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="route_origin_id"/> + <ref name="route_origin_bool"/> + <ref name="route_origin_payload"/> + </element> + </define> + <define name="route_origin_reply" combine="choice"> + <element name="route_origin"> + <ref name="ctl_set"/> + <ref name="self_id"/> + <ref name="route_origin_id"/> + </element> + </define> + <define name="route_origin_query" combine="choice"> + <element name="route_origin"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="route_origin_id"/> + </element> + </define> + <define name="route_origin_reply" combine="choice"> + <element name="route_origin"> + <ref name="ctl_get"/> + <ref name="self_id"/> + <ref name="route_origin_id"/> + <ref name="route_origin_payload"/> + </element> + </define> + <define name="route_origin_query" combine="choice"> + <element name="route_origin"> + <ref name="ctl_list"/> + <ref name="self_id"/> + </element> + </define> + <define name="route_origin_reply" combine="choice"> + <element name="route_origin"> + <ref name="ctl_list"/> + <ref name="self_id"/> + <ref name="route_origin_id"/> + <ref name="route_origin_payload"/> + </element> + </define> + <define name="route_origin_query" combine="choice"> + <element name="route_origin"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + <ref name="route_origin_id"/> + </element> + </define> + <define name="route_origin_reply" combine="choice"> + <element name="route_origin"> + <ref name="ctl_destroy"/> + <ref name="self_id"/> + <ref name="route_origin_id"/> + </element> + </define> + <!-- <list_resources/> element --> + <define name="list_resources_query"> + <element name="list_resources"> + <ref name="tag"/> + <ref name="self_id"/> + <ref name="child_id"/> + </element> + </define> + <define name="list_resources_reply"> + <element name="list_resources"> + <ref name="tag"/> + <ref name="self_id"/> + <ref name="child_id"/> + <attribute name="valid_until"> + <data type="dateTime"> + <param name="pattern">.*Z</param> + </data> + </attribute> + <optional> + <attribute name="subject_name"> + <data type="token"> + <param name="maxLength">1024</param> + </data> + </attribute> + </optional> + <optional> + <attribute name="asn"> + <ref name="asn_list"/> + </attribute> + </optional> + <optional> + <attribute name="ipv4"> + <ref name="ipv4_list"/> + </attribute> + </optional> + <optional> + <attribute name="ipv6"> + <ref name="ipv6_list"/> + </attribute> + </optional> + </element> + </define> + <!-- <report_error/> element --> + <define name="error"> + <data type="token"> + <param name="maxLength">1024</param> + </data> + </define> + <define name="report_error_reply"> + <element name="report_error"> + <ref name="tag"/> + <ref name="self_id"/> + <attribute name="error_code"> + <ref name="error"/> + </attribute> + <optional> + <data type="string"> + <param name="maxLength">512000</param> + </data> + </optional> + </element> + </define> +</grammar> +<!-- + Local Variables: + indent-tabs-mode: nil + End: +--> |