diff options
| -rw-r--r-- | rpkid/rpki/relaxng.py | 160 | ||||
| -rw-r--r-- | rpkid/tests/up-down-protocol-samples/issue_response.xml | 1 | ||||
| -rw-r--r-- | rpkid/tests/up-down-protocol-samples/list_response.xml | 4 | ||||
| -rw-r--r-- | rpkid/up-down-schema.rnc | 113 | ||||
| -rw-r--r-- | rpkid/up-down-schema.rng | 160 |
5 files changed, 225 insertions, 213 deletions
diff --git a/rpkid/rpki/relaxng.py b/rpkid/rpki/relaxng.py index 2f44aa29..4511899e 100644 --- a/rpkid/rpki/relaxng.py +++ b/rpkid/rpki/relaxng.py @@ -1010,14 +1010,63 @@ left_right = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" enc ## Parsed RelaxNG up_down schema up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: up-down-schema.rnc 1798 2008-05-17 08:21:50Z sra $ + $Id$ - RelaxNG Scheme for up-down protocol, extracted from APNIC Wiki. + RelaxNG Scheme for up-down protocol, extracted from + draft-ietf-sidr-rescerts-provisioning-10.txt. libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so run the compact syntax through trang to get XML syntax. --> <grammar ns="http://www.apnic.net/specs/rescerts/up-down/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"> + <define name="resource_set_as"> + <data type="string"> + <param name="maxLength">512000</param> + <param name="pattern">[\-,0-9]*</param> + </data> + </define> + <define name="resource_set_ip4"> + <data type="string"> + <param name="maxLength">512000</param> + <param name="pattern">[\-,/.0-9]*</param> + </data> + </define> + <define name="resource_set_ip6"> + <data type="string"> + <param name="maxLength">512000</param> + <param name="pattern">[\-,/:0-9a-fA-F]*</param> + </data> + </define> + <define name="class_name"> + <data type="token"> + <param name="minLength">1</param> + <param name="maxLength">1024</param> + </data> + </define> + <define name="ski"> + <data type="token"> + <param name="minLength">27</param> + <param name="maxLength">1024</param> + </data> + </define> + <define name="label"> + <data type="token"> + <param name="minLength">1</param> + <param name="maxLength">1024</param> + </data> + </define> + <define name="cert_url"> + <data type="string"> + <param name="minLength">10</param> + <param name="maxLength">4096</param> + </data> + </define> + <define name="base64_binary"> + <data type="base64Binary"> + <param name="minLength">4</param> + <param name="maxLength">512000</param> + </data> + </define> <start> <element name="message"> <attribute name="version"> @@ -1026,14 +1075,10 @@ up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encodi </data> </attribute> <attribute name="sender"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="label"/> </attribute> <attribute name="recipient"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="label"/> </attribute> <ref name="payload"/> </element> @@ -1091,40 +1136,23 @@ up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encodi <define name="class"> <element name="class"> <attribute name="class_name"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="class_name"/> </attribute> <attribute name="cert_url"> - <data type="string"> - <param name="maxLength">4096</param> - </data> + <ref name="cert_url"/> </attribute> <attribute name="resource_set_as"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,0-9]*</param> - </data> + <ref name="resource_set_as"/> </attribute> <attribute name="resource_set_ipv4"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/.0-9]*</param> - </data> + <ref name="resource_set_ip4"/> </attribute> <attribute name="resource_set_ipv6"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/:0-9a-fA-F]*</param> - </data> + <ref name="resource_set_ip6"/> + </attribute> + <attribute name="resource_set_notafter"> + <data type="dateTime"/> </attribute> - <optional> - <attribute name="resource_set_notafter"> - <data type="dateTime"> - <param name="pattern">.*Z</param> - </data> - </attribute> - </optional> <optional> <attribute name="suggested_sia_head"> <data type="anyURI"> @@ -1136,80 +1164,52 @@ up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encodi <zeroOrMore> <element name="certificate"> <attribute name="cert_url"> - <data type="string"> - <param name="maxLength">4096</param> - </data> + <ref name="cert_url"/> </attribute> <optional> <attribute name="req_resource_set_as"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,0-9]*</param> - </data> + <ref name="resource_set_as"/> </attribute> </optional> <optional> <attribute name="req_resource_set_ipv4"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/.0-9]*</param> - </data> + <ref name="resource_set_ip4"/> </attribute> </optional> <optional> <attribute name="req_resource_set_ipv6"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/:0-9a-fA-F]*</param> - </data> + <ref name="resource_set_ip6"/> </attribute> </optional> - <data type="base64Binary"> - <param name="maxLength">512000</param> - </data> + <ref name="base64_binary"/> </element> </zeroOrMore> <element name="issuer"> - <data type="base64Binary"> - <param name="maxLength">512000</param> - </data> + <ref name="base64_binary"/> </element> </element> </define> <define name="issue_request"> <element name="request"> <attribute name="class_name"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="class_name"/> </attribute> <optional> <attribute name="req_resource_set_as"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,0-9]*</param> - </data> + <ref name="resource_set_as"/> </attribute> </optional> <optional> <attribute name="req_resource_set_ipv4"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/.0-9]*</param> - </data> + <ref name="resource_set_ip4"/> </attribute> </optional> <optional> <attribute name="req_resource_set_ipv6"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/:0-9a-fA-F]*</param> - </data> + <ref name="resource_set_ip6"/> </attribute> </optional> - <data type="base64Binary"> - <param name="maxLength">512000</param> - </data> + <ref name="base64_binary"/> </element> </define> <define name="issue_response"> @@ -1224,24 +1224,20 @@ up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encodi <define name="revocation"> <element name="key"> <attribute name="class_name"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="class_name"/> </attribute> <attribute name="ski"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="ski"/> </attribute> </element> </define> <define name="error_response"> <element name="status"> <data type="positiveInteger"> - <param name="maxInclusive">999999999999999</param> + <param name="maxInclusive">9999</param> </data> </element> - <optional> + <zeroOrMore> <element name="description"> <attribute name="xml:lang"> <data type="language"/> @@ -1250,12 +1246,14 @@ up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encodi <param name="maxLength">1024</param> </data> </element> - </optional> + </zeroOrMore> </define> </grammar> <!-- Local Variables: indent-tabs-mode: nil + comment-start: "# " + comment-start-skip: "#[ \t]*" End: --> ''')) diff --git a/rpkid/tests/up-down-protocol-samples/issue_response.xml b/rpkid/tests/up-down-protocol-samples/issue_response.xml index 39f6b954..1ee34f62 100644 --- a/rpkid/tests/up-down-protocol-samples/issue_response.xml +++ b/rpkid/tests/up-down-protocol-samples/issue_response.xml @@ -9,6 +9,7 @@ resource_set_as="64534-64540" resource_set_ipv4="10.0.0.0/24,10.3.0.0/24" resource_set_ipv6="2001:db8:0:0:0:0:a00::/120,2001:db8:0:0:0:0:a03::/120" + resource_set_notafter="2011-04-01T12:34:56Z" suggested_sia_head="rsync://wombat.example/fnord/"> <certificate cert_url="rsync://wombat.example/ISP5a" req_resource_set_as="" diff --git a/rpkid/tests/up-down-protocol-samples/list_response.xml b/rpkid/tests/up-down-protocol-samples/list_response.xml index 9e368f5a..09634955 100644 --- a/rpkid/tests/up-down-protocol-samples/list_response.xml +++ b/rpkid/tests/up-down-protocol-samples/list_response.xml @@ -9,6 +9,7 @@ resource_set_as="64534-64540" resource_set_ipv4="10.0.0.0/24,10.3.0.0/24" resource_set_ipv6="2001:db8:0:0:0:0:a00::/120,2001:db8:0:0:0:0:a03::/120" + resource_set_notafter="2011-04-01T12:34:56Z" suggested_sia_head="rsync://wombat.example/fnord/"> <certificate cert_url="rsync://wombat.example/ISP5a" req_resource_set_as="" @@ -117,7 +118,8 @@ cert_url="rsync://wombat.example/ISP2" resource_set_as="" resource_set_ipv4="192.0.2.44-192.0.2.100" - resource_set_ipv6=""> + resource_set_ipv6="" + resource_set_notafter="2011-04-01T12:34:56Z"> <certificate cert_url="http://wombat.example/ISP2a,rsync://wombat.example/ISP2a,ftp://wombat.example/ISP2a"> MIIDzDCCArSgAwIBAgIBCTANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBURVNU IEVOVElUWSBMSVIxMB4XDTA3MDgwMTE0NDgyMloXDTA4MDczMTE0NDgyMlowGzEZ diff --git a/rpkid/up-down-schema.rnc b/rpkid/up-down-schema.rnc index ad3c9a82..c915d54a 100644 --- a/rpkid/up-down-schema.rnc +++ b/rpkid/up-down-schema.rnc @@ -1,6 +1,7 @@ # $Id$ # -# RelaxNG Scheme for up-down protocol, extracted from APNIC Wiki. +# RelaxNG Scheme for up-down protocol, extracted from +# draft-ietf-sidr-rescerts-provisioning-10.txt. # # libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so # run the compact syntax through trang to get XML syntax. @@ -8,64 +9,76 @@ default namespace = "http://www.apnic.net/specs/rescerts/up-down/" grammar { - start = element message { - attribute version { xsd:positiveInteger { maxInclusive="1" } }, - attribute sender { xsd:token { maxLength="1024" } }, - attribute recipient { xsd:token { maxLength="1024" } }, - payload - } + resource_set_as = xsd:string { maxLength="512000" pattern="[\-,0-9]*" } + resource_set_ip4 = xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } + resource_set_ip6 = xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } - payload |= attribute type { "list" }, list_request - payload |= attribute type { "list_response"}, list_response - payload |= attribute type { "issue" }, issue_request - payload |= attribute type { "issue_response"}, issue_response - payload |= attribute type { "revoke" }, revoke_request - payload |= attribute type { "revoke_response"}, revoke_response - payload |= attribute type { "error_response"}, error_response + class_name = xsd:token { minLength="1" maxLength="1024" } + ski = xsd:token { minLength="27" maxLength="1024" } + label = xsd:token { minLength="1" maxLength="1024" } + cert_url = xsd:string { minLength="10" maxLength="4096" } + base64_binary = xsd:base64Binary { minLength="4" maxLength="512000" } - list_request = empty - list_response = class* + start = element message { + attribute version { xsd:positiveInteger { maxInclusive="1" } }, + attribute sender { label }, + attribute recipient { label }, + payload + } - class = element class { - attribute class_name { xsd:token { maxLength="1024" } }, - attribute cert_url { xsd:string { maxLength="4096" } }, - attribute resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }, - attribute resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }, - attribute resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }, - attribute resource_set_notafter { xsd:dateTime { pattern=".*Z" } }?, - attribute suggested_sia_head { xsd:anyURI { maxLength="1024" pattern="rsync://.+"} }?, - element certificate { - attribute cert_url { xsd:string { maxLength="4096" } }, - attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?, - attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?, - attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?, - xsd:base64Binary { maxLength="512000" } - }*, - element issuer { xsd:base64Binary { maxLength="512000" } } - } + payload |= attribute type { "list" }, list_request + payload |= attribute type { "list_response"}, list_response + payload |= attribute type { "issue" }, issue_request + payload |= attribute type { "issue_response"}, issue_response + payload |= attribute type { "revoke" }, revoke_request + payload |= attribute type { "revoke_response"}, revoke_response + payload |= attribute type { "error_response"}, error_response - issue_request = element request { - attribute class_name { xsd:token { maxLength="1024" } }, - attribute req_resource_set_as { xsd:string { maxLength="512000" pattern="[\-,0-9]*" } }?, - attribute req_resource_set_ipv4 { xsd:string { maxLength="512000" pattern="[\-,/.0-9]*" } }?, - attribute req_resource_set_ipv6 { xsd:string { maxLength="512000" pattern="[\-,/:0-9a-fA-F]*" } }?, - xsd:base64Binary { maxLength="512000" } - } - issue_response = class + list_request = empty + list_response = class* - revoke_request = revocation - revoke_response = revocation + class = element class { + attribute class_name { class_name }, + attribute cert_url { cert_url }, + attribute resource_set_as { resource_set_as }, + attribute resource_set_ipv4 { resource_set_ip4 }, + attribute resource_set_ipv6 { resource_set_ip6 }, + attribute resource_set_notafter { xsd:dateTime }, + attribute suggested_sia_head { xsd:anyURI { maxLength="1024" pattern="rsync://.+"} }?, + element certificate { + attribute cert_url { cert_url }, + attribute req_resource_set_as { resource_set_as }?, + attribute req_resource_set_ipv4 { resource_set_ip4 }?, + attribute req_resource_set_ipv6 { resource_set_ip6 }?, + base64_binary + }*, + element issuer { base64_binary } + } - revocation = element key { - attribute class_name { xsd:token { maxLength="1024" } }, - attribute ski { xsd:token { maxLength="1024" } } - } + issue_request = element request { + attribute class_name { class_name }, + attribute req_resource_set_as { resource_set_as }?, + attribute req_resource_set_ipv4 { resource_set_ip4 }?, + attribute req_resource_set_ipv6 { resource_set_ip6 }?, + base64_binary + } + issue_response = class - error_response = - element status { xsd:positiveInteger { maxInclusive="999999999999999" } }, - element description { attribute xml:lang { xsd:language }, xsd:string { maxLength="1024" } }? + revoke_request = revocation + revoke_response = revocation + + revocation = element key { + attribute class_name { class_name }, + attribute ski { ski } + } + + error_response = + element status { xsd:positiveInteger { maxInclusive="9999" } }, + element description { attribute xml:lang { xsd:language }, xsd:string { maxLength="1024" } }* } # Local Variables: # indent-tabs-mode: nil +# comment-start: "# " +# comment-start-skip: "#[ \t]*" # End: diff --git a/rpkid/up-down-schema.rng b/rpkid/up-down-schema.rng index 50d9eff0..847adae9 100644 --- a/rpkid/up-down-schema.rng +++ b/rpkid/up-down-schema.rng @@ -1,13 +1,62 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- - $Id: up-down-schema.rnc 1798 2008-05-17 08:21:50Z sra $ + $Id$ - RelaxNG Scheme for up-down protocol, extracted from APNIC Wiki. + RelaxNG Scheme for up-down protocol, extracted from + draft-ietf-sidr-rescerts-provisioning-10.txt. libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so run the compact syntax through trang to get XML syntax. --> <grammar ns="http://www.apnic.net/specs/rescerts/up-down/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"> + <define name="resource_set_as"> + <data type="string"> + <param name="maxLength">512000</param> + <param name="pattern">[\-,0-9]*</param> + </data> + </define> + <define name="resource_set_ip4"> + <data type="string"> + <param name="maxLength">512000</param> + <param name="pattern">[\-,/.0-9]*</param> + </data> + </define> + <define name="resource_set_ip6"> + <data type="string"> + <param name="maxLength">512000</param> + <param name="pattern">[\-,/:0-9a-fA-F]*</param> + </data> + </define> + <define name="class_name"> + <data type="token"> + <param name="minLength">1</param> + <param name="maxLength">1024</param> + </data> + </define> + <define name="ski"> + <data type="token"> + <param name="minLength">27</param> + <param name="maxLength">1024</param> + </data> + </define> + <define name="label"> + <data type="token"> + <param name="minLength">1</param> + <param name="maxLength">1024</param> + </data> + </define> + <define name="cert_url"> + <data type="string"> + <param name="minLength">10</param> + <param name="maxLength">4096</param> + </data> + </define> + <define name="base64_binary"> + <data type="base64Binary"> + <param name="minLength">4</param> + <param name="maxLength">512000</param> + </data> + </define> <start> <element name="message"> <attribute name="version"> @@ -16,14 +65,10 @@ </data> </attribute> <attribute name="sender"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="label"/> </attribute> <attribute name="recipient"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="label"/> </attribute> <ref name="payload"/> </element> @@ -81,40 +126,23 @@ <define name="class"> <element name="class"> <attribute name="class_name"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="class_name"/> </attribute> <attribute name="cert_url"> - <data type="string"> - <param name="maxLength">4096</param> - </data> + <ref name="cert_url"/> </attribute> <attribute name="resource_set_as"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,0-9]*</param> - </data> + <ref name="resource_set_as"/> </attribute> <attribute name="resource_set_ipv4"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/.0-9]*</param> - </data> + <ref name="resource_set_ip4"/> </attribute> <attribute name="resource_set_ipv6"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/:0-9a-fA-F]*</param> - </data> + <ref name="resource_set_ip6"/> + </attribute> + <attribute name="resource_set_notafter"> + <data type="dateTime"/> </attribute> - <optional> - <attribute name="resource_set_notafter"> - <data type="dateTime"> - <param name="pattern">.*Z</param> - </data> - </attribute> - </optional> <optional> <attribute name="suggested_sia_head"> <data type="anyURI"> @@ -126,80 +154,52 @@ <zeroOrMore> <element name="certificate"> <attribute name="cert_url"> - <data type="string"> - <param name="maxLength">4096</param> - </data> + <ref name="cert_url"/> </attribute> <optional> <attribute name="req_resource_set_as"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,0-9]*</param> - </data> + <ref name="resource_set_as"/> </attribute> </optional> <optional> <attribute name="req_resource_set_ipv4"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/.0-9]*</param> - </data> + <ref name="resource_set_ip4"/> </attribute> </optional> <optional> <attribute name="req_resource_set_ipv6"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/:0-9a-fA-F]*</param> - </data> + <ref name="resource_set_ip6"/> </attribute> </optional> - <data type="base64Binary"> - <param name="maxLength">512000</param> - </data> + <ref name="base64_binary"/> </element> </zeroOrMore> <element name="issuer"> - <data type="base64Binary"> - <param name="maxLength">512000</param> - </data> + <ref name="base64_binary"/> </element> </element> </define> <define name="issue_request"> <element name="request"> <attribute name="class_name"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="class_name"/> </attribute> <optional> <attribute name="req_resource_set_as"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,0-9]*</param> - </data> + <ref name="resource_set_as"/> </attribute> </optional> <optional> <attribute name="req_resource_set_ipv4"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/.0-9]*</param> - </data> + <ref name="resource_set_ip4"/> </attribute> </optional> <optional> <attribute name="req_resource_set_ipv6"> - <data type="string"> - <param name="maxLength">512000</param> - <param name="pattern">[\-,/:0-9a-fA-F]*</param> - </data> + <ref name="resource_set_ip6"/> </attribute> </optional> - <data type="base64Binary"> - <param name="maxLength">512000</param> - </data> + <ref name="base64_binary"/> </element> </define> <define name="issue_response"> @@ -214,24 +214,20 @@ <define name="revocation"> <element name="key"> <attribute name="class_name"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="class_name"/> </attribute> <attribute name="ski"> - <data type="token"> - <param name="maxLength">1024</param> - </data> + <ref name="ski"/> </attribute> </element> </define> <define name="error_response"> <element name="status"> <data type="positiveInteger"> - <param name="maxInclusive">999999999999999</param> + <param name="maxInclusive">9999</param> </data> </element> - <optional> + <zeroOrMore> <element name="description"> <attribute name="xml:lang"> <data type="language"/> @@ -240,11 +236,13 @@ <param name="maxLength">1024</param> </data> </element> - </optional> + </zeroOrMore> </define> </grammar> <!-- Local Variables: indent-tabs-mode: nil + comment-start: "# " + comment-start-skip: "#[ \t]*" End: --> |