aboutsummaryrefslogtreecommitdiff
path: root/rpkid.with_tls/left-right-schema.rnc
diff options
context:
space:
mode:
Diffstat (limited to 'rpkid.with_tls/left-right-schema.rnc')
-rw-r--r--rpkid.with_tls/left-right-schema.rnc297
1 files changed, 0 insertions, 297 deletions
diff --git a/rpkid.with_tls/left-right-schema.rnc b/rpkid.with_tls/left-right-schema.rnc
deleted file mode 100644
index c3efd7a6..00000000
--- a/rpkid.with_tls/left-right-schema.rnc
+++ /dev/null
@@ -1,297 +0,0 @@
-# $Id$
-#
-# RelaxNG Schema for RPKI left-right protocol.
-#
-# libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
-# run the compact syntax through trang to get XML syntax.
-#
-# Copyright (C) 2009-2010 Internet Systems Consortium ("ISC")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-#
-# Portions copyright (C) 2007-2008 American Registry for Internet Numbers ("ARIN")
-#
-# Permission to use, copy, modify, and distribute this software for any
-# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
-# PERFORMANCE OF THIS SOFTWARE.
-
-default namespace = "http://www.hactrn.net/uris/rpki/left-right-spec/"
-
-# Top level PDU
-
-start = element msg {
- attribute version { xsd:positiveInteger { maxInclusive="1" } },
- ( (attribute type { "query" }, query_elt*) |
- (attribute type { "reply" }, reply_elt*) )
-}
-
-# PDUs allowed in a query
-query_elt |= self_query
-query_elt |= bsc_query
-query_elt |= parent_query
-query_elt |= child_query
-query_elt |= repository_query
-query_elt |= list_roa_requests_query
-query_elt |= list_resources_query
-query_elt |= list_published_objects_query
-query_elt |= list_received_resources_query
-
-# PDUs allowed in a reply
-reply_elt |= self_reply
-reply_elt |= bsc_reply
-reply_elt |= parent_reply
-reply_elt |= child_reply
-reply_elt |= repository_reply
-reply_elt |= list_resources_reply
-reply_elt |= list_roa_requests_reply
-reply_elt |= list_published_objects_reply
-reply_elt |= list_received_resources_reply
-reply_elt |= report_error_reply
-
-# Tag attributes for bulk operations
-tag = attribute tag { xsd:token {maxLength="1024" } }?
-
-# Combinations of action and type attributes used in later definitions.
-# The same patterns repeat in most of the elements in this protocol.
-ctl_create = attribute action { "create" }, tag
-ctl_set = attribute action { "set" }, tag
-ctl_get = attribute action { "get" }, tag
-ctl_list = attribute action { "list" }, tag
-ctl_destroy = attribute action { "destroy" }, tag
-
-# Base64 encoded DER stuff
-base64 = xsd:base64Binary { maxLength="512000" }
-
-# Base definition for all fields that are really just SQL primary indices
-#sql_id = xsd:nonNegativeInteger
-
-# ...except that fields containing SQL primary indicies don't belong
-# in this protocol, so they're turninging into handles.
-# Length restriction is a MySQL implementation issue.
-# Handles are case-insensitive (because SQL is, among other reasons).
-object_handle = xsd:string { maxLength="255" pattern="[\-_A-Za-z0-9]*" }
-
-# URIs
-uri = xsd:anyURI { maxLength="4096" }
-
-# Name fields imported from up-down protocol
-up_down_name = xsd:token { maxLength="1024" }
-
-# Resource lists
-asn_list = xsd:string { maxLength="512000" pattern="[\-,0-9]*" }
-ipv4_list = xsd:string { maxLength="512000" pattern="[\-,0-9/.]*" }
-ipv6_list = xsd:string { maxLength="512000" pattern="[\-,0-9/:a-fA-F]*" }
-
-# <self/> element
-
-self_bool = (attribute rekey { "yes" }?,
- attribute reissue { "yes" }?,
- attribute revoke { "yes" }?,
- attribute run_now { "yes" }?,
- attribute publish_world_now { "yes" }?,
- attribute revoke_forgotten { "yes" }?)
-
-self_payload = (attribute use_hsm { "yes" | "no" }?,
- attribute crl_interval { xsd:positiveInteger }?,
- attribute regen_margin { xsd:positiveInteger }?,
- element bpki_cert { base64 }?,
- element bpki_glue { base64 }?)
-
-self_handle = attribute self_handle { object_handle }
-
-self_query |= element self { ctl_create, self_handle, self_bool, self_payload }
-self_reply |= element self { ctl_create, self_handle }
-self_query |= element self { ctl_set, self_handle, self_bool, self_payload }
-self_reply |= element self { ctl_set, self_handle }
-self_query |= element self { ctl_get, self_handle }
-self_reply |= element self { ctl_get, self_handle, self_payload }
-self_query |= element self { ctl_list }
-self_reply |= element self { ctl_list, self_handle, self_payload }
-self_query |= element self { ctl_destroy, self_handle }
-self_reply |= element self { ctl_destroy, self_handle }
-
-# <bsc/> element. Key parameters hardwired for now.
-
-bsc_bool = ((attribute generate_keypair { "yes" },
- attribute key_type { "rsa" }?,
- attribute hash_alg { "sha256" }?,
- attribute key_length { "2048" }?)?)
-
-bsc_handle = attribute bsc_handle { object_handle }
-
-bsc_payload = (element signing_cert { base64 }?,
- element signing_cert_crl { base64 }?)
-
-bsc_pkcs10 = element pkcs10_request { base64 }?
-
-bsc_query |= element bsc { ctl_create, self_handle, bsc_handle, bsc_bool, bsc_payload }
-bsc_reply |= element bsc { ctl_create, self_handle, bsc_handle, bsc_pkcs10 }
-bsc_query |= element bsc { ctl_set, self_handle, bsc_handle, bsc_bool, bsc_payload }
-bsc_reply |= element bsc { ctl_set, self_handle, bsc_handle, bsc_pkcs10 }
-bsc_query |= element bsc { ctl_get, self_handle, bsc_handle }
-bsc_reply |= element bsc { ctl_get, self_handle, bsc_handle, bsc_payload, bsc_pkcs10 }
-bsc_query |= element bsc { ctl_list, self_handle }
-bsc_reply |= element bsc { ctl_list, self_handle, bsc_handle, bsc_payload, bsc_pkcs10 }
-bsc_query |= element bsc { ctl_destroy, self_handle, bsc_handle }
-bsc_reply |= element bsc { ctl_destroy, self_handle, bsc_handle }
-
-# <parent/> element
-
-parent_handle = attribute parent_handle { object_handle }
-
-parent_bool = (attribute rekey { "yes" }?,
- attribute reissue { "yes" }?,
- attribute revoke { "yes" }?,
- attribute revoke_forgotten { "yes" }?)
-
-parent_payload = (attribute peer_contact_uri { uri }?,
- attribute sia_base { uri }?,
- bsc_handle?,
- repository_handle?,
- attribute sender_name { up_down_name }?,
- attribute recipient_name { up_down_name }?,
- element bpki_cms_cert { base64 }?,
- element bpki_cms_glue { base64 }?,
- element bpki_https_cert { base64 }?,
- element bpki_https_glue { base64 }?)
-
-parent_query |= element parent { ctl_create, self_handle, parent_handle, parent_bool, parent_payload }
-parent_reply |= element parent { ctl_create, self_handle, parent_handle }
-parent_query |= element parent { ctl_set, self_handle, parent_handle, parent_bool, parent_payload }
-parent_reply |= element parent { ctl_set, self_handle, parent_handle }
-parent_query |= element parent { ctl_get, self_handle, parent_handle }
-parent_reply |= element parent { ctl_get, self_handle, parent_handle, parent_payload }
-parent_query |= element parent { ctl_list, self_handle }
-parent_reply |= element parent { ctl_list, self_handle, parent_handle, parent_payload }
-parent_query |= element parent { ctl_destroy, self_handle, parent_handle }
-parent_reply |= element parent { ctl_destroy, self_handle, parent_handle }
-
-# <child/> element
-
-child_handle = attribute child_handle { object_handle }
-
-child_bool = attribute reissue { "yes" }?
-
-child_payload = (bsc_handle?,
- element bpki_cert { base64 }?,
- element bpki_glue { base64 }?)
-
-child_query |= element child { ctl_create, self_handle, child_handle, child_bool, child_payload }
-child_reply |= element child { ctl_create, self_handle, child_handle }
-child_query |= element child { ctl_set, self_handle, child_handle, child_bool, child_payload }
-child_reply |= element child { ctl_set, self_handle, child_handle }
-child_query |= element child { ctl_get, self_handle, child_handle }
-child_reply |= element child { ctl_get, self_handle, child_handle, child_payload }
-child_query |= element child { ctl_list, self_handle }
-child_reply |= element child { ctl_list, self_handle, child_handle, child_payload }
-child_query |= element child { ctl_destroy, self_handle, child_handle }
-child_reply |= element child { ctl_destroy, self_handle, child_handle }
-
-# <repository/> element
-
-repository_handle = attribute repository_handle { object_handle }
-
-repository_payload = (attribute peer_contact_uri { uri }?,
- bsc_handle?,
- element bpki_cert { base64 }?,
- element bpki_glue { base64 }?)
-
-repository_query |= element repository { ctl_create, self_handle, repository_handle, repository_payload }
-repository_reply |= element repository { ctl_create, self_handle, repository_handle }
-repository_query |= element repository { ctl_set, self_handle, repository_handle, repository_payload }
-repository_reply |= element repository { ctl_set, self_handle, repository_handle }
-repository_query |= element repository { ctl_get, self_handle, repository_handle }
-repository_reply |= element repository { ctl_get, self_handle, repository_handle, repository_payload }
-repository_query |= element repository { ctl_list, self_handle }
-repository_reply |= element repository { ctl_list, self_handle, repository_handle, repository_payload }
-repository_query |= element repository { ctl_destroy, self_handle, repository_handle }
-repository_reply |= element repository { ctl_destroy, self_handle, repository_handle }
-
-# <list_resources/> element
-
-list_resources_query = element list_resources {
- tag, self_handle, child_handle
-}
-
-list_resources_reply = element list_resources {
- tag, self_handle, child_handle,
- attribute valid_until { xsd:dateTime { pattern=".*Z" } },
- attribute asn { asn_list }?,
- attribute ipv4 { ipv4_list }?,
- attribute ipv6 { ipv6_list }?
-}
-
-# <list_roa_requests/> element
-
-list_roa_requests_query = element list_roa_requests {
- tag, self_handle
-}
-
-list_roa_requests_reply = element list_roa_requests {
- tag, self_handle,
- attribute asn { xsd:positiveInteger },
- attribute ipv4 { ipv4_list }?,
- attribute ipv6 { ipv6_list }?
-}
-
-# <list_published_objects/> element
-
-list_published_objects_query = element list_published_objects {
- tag, self_handle
-}
-
-list_published_objects_reply = element list_published_objects {
- tag, self_handle,
- attribute uri { uri },
- base64
-}
-
-# <list_received_resources/> element
-
-list_received_resources_query = element list_received_resources {
- tag, self_handle
-}
-
-list_received_resources_reply = element list_received_resources {
- tag, self_handle, parent_handle,
- attribute notBefore { xsd:dateTime { pattern=".*Z" } },
- attribute notAfter { xsd:dateTime { pattern=".*Z" } },
- attribute uri { uri },
- attribute sia_uri { uri },
- attribute aia_uri { uri },
- attribute asn { asn_list }?,
- attribute ipv4 { ipv4_list }?,
- attribute ipv6 { ipv6_list }?
-}
-
-# <report_error/> element
-
-error = xsd:token { maxLength="1024" }
-
-report_error_reply = element report_error {
- tag, self_handle?,
- attribute error_code { error },
- xsd:string { maxLength="512000" }?
-}
-
-# Local Variables:
-# indent-tabs-mode: nil
-# End:
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-12 04:58:58 +0000