aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--scripts/up-down-medium-schema.rnc91
-rw-r--r--scripts/up-down-medium-schema.rng316
-rw-r--r--scripts/up-down-protocol-samples/Makefile2
3 files changed, 408 insertions, 1 deletions
diff --git a/scripts/up-down-medium-schema.rnc b/scripts/up-down-medium-schema.rnc
new file mode 100644
index 00000000..e74bc489
--- /dev/null
+++ b/scripts/up-down-medium-schema.rnc
@@ -0,0 +1,91 @@
+# $Id$
+#
+# RelaxNG (Compact Syntax) Schema
+# for RPKI up-down protocol. This is based on the schema in the APNIC
+# Wiki, but has tighter constraints on some fields.
+#
+# libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
+# run the output of this script through a converter like trang to get
+# XML syntax.
+
+ default namespace = "http://www.apnic.net/specs/rescerts/up-down/"
+
+ grammar {
+ start = element message {
+ attribute version { xsd:positiveInteger { maxInclusive="1" } },
+ attribute sender { xsd:token { maxLength="1024" } },
+ attribute recipient { xsd:token { maxLength="1024" } },
+ attribute msg_ref { xsd:positiveInteger { maxInclusive="999999999999999" } },
+ payload
+ }
+
+ payload |= attribute type { "list" }, list_request
+ payload |= attribute type { "list_response"}, list_response
+ payload |= attribute type { "issue" }, issue_request
+ payload |= attribute type { "issue_response"}, issue_response
+ payload |= attribute type { "revoke" }, revoke_request
+ payload |= attribute type { "revoke_response"}, revoke_response
+ payload |= attribute type { "error_response"}, error_response
+
+ list_request = empty
+ list_response = class*
+
+ class = element class {
+ attribute class_name { xsd:token { maxLength="1024" } },
+ attribute cert_url { xsd:anyURI { maxLength="1024" } },
+ attribute cert_ski { xsd:token { maxLength="1024" } },
+ attribute resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } },
+ attribute resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } },
+ attribute resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } },
+ attribute suggested_sia_head { xsd:anyURI { maxLength="1024" } }?,
+ element certificate {
+ attribute cert_url { xsd:anyURI { maxLength="1024" } },
+ attribute cert_ski { xsd:token { maxLength="1024" } },
+ attribute cert_aki { xsd:token { maxLength="1024" } },
+ attribute cert_serial { xsd:positiveInteger },
+ attribute resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } },
+ attribute resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } },
+ attribute resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } },
+ attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?,
+ attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?,
+ attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?,
+ attribute status { "undersize" | "match" | "oversize" },
+ xsd:base64Binary { maxLength="512000" }
+ }*,
+ element issuer { xsd:base64Binary { maxLength="512000" } }
+ }
+
+ issue_request = element request {
+ attribute class_name { xsd:token { maxLength="1024" } },
+ attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?,
+ attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?,
+ attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?,
+ xsd:base64Binary { maxLength="512000" }
+ }
+ issue_response = class
+
+ revoke_request = revocation
+ revoke_response = revocation
+
+ revocation = element key {
+ attribute class_name { xsd:token { maxLength="1024" } },
+ attribute ski { xsd:token { maxLength="1024" } }
+ }
+
+ error_response =
+ element status {
+ "1101" | # Message too old
+ "1102" | # msg_ref value is invalid
+ "1103" | # out of order msg_ref value
+ "1104" | # version number error
+ "1105" | # unrecognised request type
+ "1201" | # request - no such resource class
+ "1202" | # request - no resources allocated in resource class
+ "1203" | # request - badly formed certificate request
+ "1301" | # revoke - no such resource class
+ "1302" | # revoke - no such key
+ "2001" # Internal Server Error - Request not performed
+ },
+ element last_msg_processed { xsd:positiveInteger { maxInclusive="999999999999999" } }?,
+ element description { attribute xml:lang { xsd:language }, xsd:string { maxLength="1024" } }?
+ }
diff --git a/scripts/up-down-medium-schema.rng b/scripts/up-down-medium-schema.rng
new file mode 100644
index 00000000..a3a87b7c
--- /dev/null
+++ b/scripts/up-down-medium-schema.rng
@@ -0,0 +1,316 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ $Id: up-down-tighter-schema.pl 681 2007-06-20 23:50:56Z sra $
+
+ RelaxNG (Compact Syntax) Schema
+ for RPKI up-down protocol. This is based on the schema in the APNIC
+ Wiki, but has tighter constraints on some fields.
+
+ libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
+ run the output of this script through a converter like trang to get
+ XML syntax.
+-->
+<grammar ns="http://www.apnic.net/specs/rescerts/up-down/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
+ <start>
+ <element name="message">
+ <attribute name="version">
+ <data type="positiveInteger">
+ <param name="maxInclusive">1</param>
+ </data>
+ </attribute>
+ <attribute name="sender">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="recipient">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="msg_ref">
+ <data type="positiveInteger">
+ <param name="maxInclusive">999999999999999</param>
+ </data>
+ </attribute>
+ <ref name="payload"/>
+ </element>
+ </start>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>list</value>
+ </attribute>
+ <ref name="list_request"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>list_response</value>
+ </attribute>
+ <ref name="list_response"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>issue</value>
+ </attribute>
+ <ref name="issue_request"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>issue_response</value>
+ </attribute>
+ <ref name="issue_response"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>revoke</value>
+ </attribute>
+ <ref name="revoke_request"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>revoke_response</value>
+ </attribute>
+ <ref name="revoke_response"/>
+ </define>
+ <define name="payload" combine="choice">
+ <attribute name="type">
+ <value>error_response</value>
+ </attribute>
+ <ref name="error_response"/>
+ </define>
+ <define name="list_request">
+ <empty/>
+ </define>
+ <define name="list_response">
+ <zeroOrMore>
+ <ref name="class"/>
+ </zeroOrMore>
+ </define>
+ <define name="class">
+ <element name="class">
+ <attribute name="class_name">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="cert_url">
+ <data type="anyURI">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="cert_ski">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="resource_set_as">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,0-9]*</param>
+ </data>
+ </attribute>
+ <attribute name="resource_set_ipv4">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/.0-9]*</param>
+ </data>
+ </attribute>
+ <attribute name="resource_set_ipv6">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/:0-9a-fA-F]*</param>
+ </data>
+ </attribute>
+ <optional>
+ <attribute name="suggested_sia_head">
+ <data type="anyURI">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </optional>
+ <zeroOrMore>
+ <element name="certificate">
+ <attribute name="cert_url">
+ <data type="anyURI">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="cert_ski">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="cert_aki">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="cert_serial">
+ <data type="positiveInteger"/>
+ </attribute>
+ <attribute name="resource_set_as">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,0-9]*</param>
+ </data>
+ </attribute>
+ <attribute name="resource_set_ipv4">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/.0-9]*</param>
+ </data>
+ </attribute>
+ <attribute name="resource_set_ipv6">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/:0-9a-fA-F]*</param>
+ </data>
+ </attribute>
+ <optional>
+ <attribute name="req_resource_set_as">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,0-9]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="req_resource_set_ipv4">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/.0-9]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="req_resource_set_ipv6">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/:0-9a-fA-F]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <attribute name="status">
+ <choice>
+ <value>undersize</value>
+ <value>match</value>
+ <value>oversize</value>
+ </choice>
+ </attribute>
+ <data type="base64Binary">
+ <param name="maxLength">512000</param>
+ </data>
+ </element>
+ </zeroOrMore>
+ <element name="issuer">
+ <data type="base64Binary">
+ <param name="maxLength">512000</param>
+ </data>
+ </element>
+ </element>
+ </define>
+ <define name="issue_request">
+ <element name="request">
+ <attribute name="class_name">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <optional>
+ <attribute name="req_resource_set_as">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,0-9]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="req_resource_set_ipv4">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/.0-9]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <optional>
+ <attribute name="req_resource_set_ipv6">
+ <data type="string">
+ <param name="maxLength">512000</param>
+ <param name="pattern">[\-,/:0-9a-fA-F]*</param>
+ </data>
+ </attribute>
+ </optional>
+ <data type="base64Binary">
+ <param name="maxLength">512000</param>
+ </data>
+ </element>
+ </define>
+ <define name="issue_response">
+ <ref name="class"/>
+ </define>
+ <define name="revoke_request">
+ <ref name="revocation"/>
+ </define>
+ <define name="revoke_response">
+ <ref name="revocation"/>
+ </define>
+ <define name="revocation">
+ <element name="key">
+ <attribute name="class_name">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ <attribute name="ski">
+ <data type="token">
+ <param name="maxLength">1024</param>
+ </data>
+ </attribute>
+ </element>
+ </define>
+ <define name="error_response">
+ <element name="status">
+ <choice>
+ <value>1101</value>
+ <!-- Message too old -->
+ <value>1102</value>
+ <!-- msg_ref value is invalid -->
+ <value>1103</value>
+ <!-- out of order msg_ref value -->
+ <value>1104</value>
+ <!-- version number error -->
+ <value>1105</value>
+ <!-- unrecognised request type -->
+ <value>1201</value>
+ <!-- request - no such resource class -->
+ <value>1202</value>
+ <!-- request - no resources allocated in resource class -->
+ <value>1203</value>
+ <!-- request - badly formed certificate request -->
+ <value>1301</value>
+ <!-- revoke - no such resource class -->
+ <value>1302</value>
+ <!-- revoke - no such key -->
+ <value>2001</value>
+ </choice>
+ <!-- Internal Server Error - Request not performed -->
+ </element>
+ <optional>
+ <element name="last_msg_processed">
+ <data type="positiveInteger">
+ <param name="maxInclusive">999999999999999</param>
+ </data>
+ </element>
+ </optional>
+ <optional>
+ <element name="description">
+ <attribute name="xml:lang">
+ <data type="language"/>
+ </attribute>
+ <data type="string">
+ <param name="maxLength">1024</param>
+ </data>
+ </element>
+ </optional>
+ </define>
+</grammar>
diff --git a/scripts/up-down-protocol-samples/Makefile b/scripts/up-down-protocol-samples/Makefile
index 64340098..10ee791a 100644
--- a/scripts/up-down-protocol-samples/Makefile
+++ b/scripts/up-down-protocol-samples/Makefile
@@ -1,6 +1,6 @@
XMLLINT = xmllint --noout --relaxng
JING = java -jar /usr/local/share/java/classes/jing.jar
-SCHEMA = ../up-down-tighter-schema.rng
+SCHEMA = ../up-down-medium-schema.rng
all: jing xmllint
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-15 23:39:01 +0000