From 1bccf7abccfd0a0063f394d579984a4ea137b2bc Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Tue, 9 Mar 2010 22:52:27 +0000
Subject: Update RelaxNG schema to reflect what myrpki generates these days.
 This will need further cleanup, as what it's generating is icky.

svn path=/myrpki.rototill/Makefile; revision=3055
---
 myrpki.rototill/Makefile   |   7 +-
 myrpki.rototill/myrpki.py  |   4 +-
 myrpki.rototill/myrpki.rnc | 126 +++++++++++++-----
 myrpki.rototill/myrpki.rng | 322 +++++++++++++++++++++++++++++++++++----------
 4 files changed, 348 insertions(+), 111 deletions(-)

(limited to 'myrpki.rototill')

diff --git a/myrpki.rototill/Makefile b/myrpki.rototill/Makefile
index a8306e30..12c7e940 100644
--- a/myrpki.rototill/Makefile
+++ b/myrpki.rototill/Makefile
@@ -2,6 +2,9 @@
 
 all: myrpki.rng
 
+relaxng: myrpki.rng
+	xmllint --noout --relaxng myrpki.rng `find test -type f -name '*.xml'`
+
 lint: myrpki.xml myrpki.rng
 	xmllint --noout --relaxng myrpki.rng myrpki.xml
 
@@ -29,5 +32,5 @@ backup:
 	tar cvvzf test.$$(TZ='' date +%Y.%m.%d.%H.%M.%S).tgz screenlog.* test backup.*.sql
 	rm backup.*.sql
 
-test: all
-	python yamltest.py
+test: myrpki.rng
+	MYRPKI_RNG=`pwd`/myrpki.rng python yamltest.py
diff --git a/myrpki.rototill/myrpki.py b/myrpki.rototill/myrpki.py
index c84a520b..ff0a7582 100644
--- a/myrpki.rototill/myrpki.py
+++ b/myrpki.rototill/myrpki.py
@@ -749,7 +749,7 @@ def etree_validate(e):
       print lxml.etree.tostring(e, pretty_print = True)
       raise
 
-def etree_write(e, filename, verbose = True, validate = False):
+def etree_write(e, filename, verbose = True, validate = True):
   """
   Write out an etree to a file, safely.
 
@@ -769,7 +769,7 @@ def etree_write(e, filename, verbose = True, validate = False):
   ElementTree(e).write(filename + ".tmp")
   os.rename(filename + ".tmp", filename)
 
-def etree_read(filename, verbose = False, validate = False):
+def etree_read(filename, verbose = True, validate = True):
   """
   Read an etree from a file, verifying then stripping XML namespace
   cruft.
diff --git a/myrpki.rototill/myrpki.rnc b/myrpki.rototill/myrpki.rnc
index 29db7a67..feb3cf0f 100644
--- a/myrpki.rototill/myrpki.rnc
+++ b/myrpki.rototill/myrpki.rnc
@@ -7,6 +7,8 @@
 
 default namespace = "http://www.hactrn.net/uris/rpki/myrpki/"
 
+version         = "2"
+
 base64		= xsd:base64Binary { maxLength="512000" }
 object_handle	= xsd:string { maxLength="255" pattern="[\-_A-Za-z0-9]*" }
 pubd_handle     = xsd:string { maxLength="255" pattern="[\-_A-Za-z0-9/]*" }
@@ -15,54 +17,108 @@ asn_list	= xsd:string { maxLength="512000" pattern="[\-,0-9]*" }
 ipv4_list	= xsd:string { maxLength="512000" pattern="[\-,0-9/.]*" }
 ipv6_list	= xsd:string { maxLength="512000" pattern="[\-,0-9/:a-fA-F]*" }
 
-start = element myrpki {
-  attribute version { "2" },
+start |= myrpki_pdu
+start |= identity_pdu
+start |= parent_pdu
+start |= repository_pdu
+
+myrpki_pdu = element myrpki {
+  attribute version { version },
   attribute handle { object_handle },
-  roa_request_elt*,
-  child_elt*,
-  parent_elt*,
-  repository_elt*,
-  bpki_ca_certificate_elt?,
-  bpki_crl_elt?,
-  bpki_bsc_certificate_elt?,
-  bpki_bsc_pkcs10_elt?
+  element roa_request {
+    attribute asn { xsd:positiveInteger },
+    attribute v4 { ipv4_list },
+    attribute v6 { ipv6_list }
+  }*,
+  element child {
+    attribute handle { object_handle },
+    attribute valid_until { xsd:dateTime { pattern=".*Z" } },
+    attribute asns { asn_list }?,
+    attribute v4 { ipv4_list }?,
+    attribute v6 { ipv6_list }?,
+    element bpki_certificate { base64 }?
+  }*,
+  element parent {
+    attribute handle { object_handle },
+    attribute service_uri { uri }?,
+    attribute myhandle { object_handle }?,
+    attribute sia_base { uri }?,
+    element bpki_cms_certificate { base64 }?,
+    element bpki_https_certificate { base64 }?
+  }*,
+  element repository {
+    attribute handle { object_handle },
+    attribute service_uri { uri }?,
+    element bpki_certificate { base64 }?
+  }*,
+  element bpki_ca_certificate { base64 }?,
+  element bpki_crl { base64 }?,
+  element bpki_bsc_certificate { base64 }?,
+  element bpki_bsc_pkcs10 { base64 }?
 }
 
-roa_request_elt = element roa_request {
-  attribute asn { xsd:positiveInteger },
-  attribute v4 { ipv4_list },
-  attribute v6 { ipv6_list }
+identity_pdu = element identity {
+  attribute version { version },
+  attribute handle { object_handle },
+  element bpki_ta { base64 }
 }
 
-child_elt = element child {
-  attribute handle { object_handle },
+parent_pdu = element parent {
+  attribute version { version },
   attribute valid_until { xsd:dateTime { pattern=".*Z" } },
-  attribute asns { asn_list }?,
-  attribute v4 { ipv4_list }?,
-  attribute v6 { ipv6_list }?,
-  element bpki_certificate { base64 }?
+  attribute service_uri { uri }?,
+  attribute child_handle { object_handle },
+  attribute parent_handle { object_handle },
+  element bpki_resource_ta { base64 }?,
+  element bpki_server_ta { base64 }?,
+  element bpki_child_ta { base64 }?,
+  element repository {
+    ((attribute type { "offer" }) |
+     (attribute type { "hint" },
+      attribute proposed_sia_base { uri },
+      element contact_info { xsd:string }))
+  }?
 }
 
-parent_elt = element parent {
-  attribute handle { object_handle },
-  attribute service_uri { uri }?,
-  attribute myhandle { object_handle }?,
-  attribute sia_base { uri }?,
-  element bpki_cms_certificate { base64 }?,
-  element bpki_https_certificate { base64 }?
+repository_pdu |= element repository {
+  attribute version { version },
+  attribute type { "confirmed" },
+  attribute parent_handle { object_handle },
+  attribute client_handle { pubd_handle },
+  attribute service_uri { uri },
+  attribute sia_base { uri },
+  attribute repository_handle { object_handle },
+  element bpki_server_ta { base64 }?,
+  element bpki_client_ta { base64 }?,
+  element contact_info { xsd:string }?
 }
 
-repository_elt = element repository {
-  attribute handle { object_handle },
-  attribute service_uri { uri }?,
-  element bpki_certificate { base64 }?
+repository_pdu |= element repository {
+  attribute version { version },
+  attribute type { "request" },
+  attribute handle { pubd_handle },
+  attribute parent_handle { object_handle },
+  element contact_info { xsd:string }?,
+  element bpki_ta { base64 }?
 }
 
-bpki_ca_certificate_elt         = element bpki_ca_certificate           { base64 }
-bpki_crl_elt                    = element bpki_crl                      { base64 }
+repository_pdu |= element repository {
+  attribute version { version },
+  attribute type { "offer" },
+  attribute handle { pubd_handle },
+  attribute parent_handle { object_handle },
+  element bpki_ta { base64 }?
+}
 
-bpki_bsc_certificate_elt        = element bpki_bsc_certificate          { base64 }
-bpki_bsc_pkcs10_elt             = element bpki_bsc_pkcs10               { base64 }
+repository_pdu |= element repository {
+  attribute version { version },
+  attribute type { "hint" },
+  attribute handle { pubd_handle },
+  attribute parent_handle { object_handle },
+  attribute proposed_sia_base { uri },
+  element contact_info { xsd:string }?,
+  element bpki_ta { base64 }?
+}
 
 # Local Variables:
 # indent-tabs-mode: nil
diff --git a/myrpki.rototill/myrpki.rng b/myrpki.rototill/myrpki.rng
index 1fa2cd86..2202f4d2 100644
--- a/myrpki.rototill/myrpki.rng
+++ b/myrpki.rototill/myrpki.rng
@@ -8,6 +8,9 @@
   run the compact syntax through trang to get XML syntax.
 -->
 <grammar ns="http://www.hactrn.net/uris/rpki/myrpki/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
+  <define name="version">
+    <value>2</value>
+  </define>
   <define name="base64">
     <data type="base64Binary">
       <param name="maxLength">512000</param>
@@ -48,57 +51,159 @@
       <param name="pattern">[\-,0-9/:a-fA-F]*</param>
     </data>
   </define>
-  <start>
+  <start combine="choice">
+    <ref name="myrpki_pdu"/>
+  </start>
+  <start combine="choice">
+    <ref name="identity_pdu"/>
+  </start>
+  <start combine="choice">
+    <ref name="parent_pdu"/>
+  </start>
+  <start combine="choice">
+    <ref name="repository_pdu"/>
+  </start>
+  <define name="myrpki_pdu">
     <element name="myrpki">
       <attribute name="version">
-        <value>2</value>
+        <ref name="version"/>
       </attribute>
       <attribute name="handle">
         <ref name="object_handle"/>
       </attribute>
       <zeroOrMore>
-        <ref name="roa_request_elt"/>
+        <element name="roa_request">
+          <attribute name="asn">
+            <data type="positiveInteger"/>
+          </attribute>
+          <attribute name="v4">
+            <ref name="ipv4_list"/>
+          </attribute>
+          <attribute name="v6">
+            <ref name="ipv6_list"/>
+          </attribute>
+        </element>
       </zeroOrMore>
       <zeroOrMore>
-        <ref name="child_elt"/>
+        <element name="child">
+          <attribute name="handle">
+            <ref name="object_handle"/>
+          </attribute>
+          <attribute name="valid_until">
+            <data type="dateTime">
+              <param name="pattern">.*Z</param>
+            </data>
+          </attribute>
+          <optional>
+            <attribute name="asns">
+              <ref name="asn_list"/>
+            </attribute>
+          </optional>
+          <optional>
+            <attribute name="v4">
+              <ref name="ipv4_list"/>
+            </attribute>
+          </optional>
+          <optional>
+            <attribute name="v6">
+              <ref name="ipv6_list"/>
+            </attribute>
+          </optional>
+          <optional>
+            <element name="bpki_certificate">
+              <ref name="base64"/>
+            </element>
+          </optional>
+        </element>
       </zeroOrMore>
       <zeroOrMore>
-        <ref name="parent_elt"/>
+        <element name="parent">
+          <attribute name="handle">
+            <ref name="object_handle"/>
+          </attribute>
+          <optional>
+            <attribute name="service_uri">
+              <ref name="uri"/>
+            </attribute>
+          </optional>
+          <optional>
+            <attribute name="myhandle">
+              <ref name="object_handle"/>
+            </attribute>
+          </optional>
+          <optional>
+            <attribute name="sia_base">
+              <ref name="uri"/>
+            </attribute>
+          </optional>
+          <optional>
+            <element name="bpki_cms_certificate">
+              <ref name="base64"/>
+            </element>
+          </optional>
+          <optional>
+            <element name="bpki_https_certificate">
+              <ref name="base64"/>
+            </element>
+          </optional>
+        </element>
       </zeroOrMore>
       <zeroOrMore>
-        <ref name="repository_elt"/>
+        <element name="repository">
+          <attribute name="handle">
+            <ref name="object_handle"/>
+          </attribute>
+          <optional>
+            <attribute name="service_uri">
+              <ref name="uri"/>
+            </attribute>
+          </optional>
+          <optional>
+            <element name="bpki_certificate">
+              <ref name="base64"/>
+            </element>
+          </optional>
+        </element>
       </zeroOrMore>
       <optional>
-        <ref name="bpki_ca_certificate_elt"/>
+        <element name="bpki_ca_certificate">
+          <ref name="base64"/>
+        </element>
       </optional>
       <optional>
-        <ref name="bpki_crl_elt"/>
+        <element name="bpki_crl">
+          <ref name="base64"/>
+        </element>
       </optional>
       <optional>
-        <ref name="bpki_bsc_certificate_elt"/>
+        <element name="bpki_bsc_certificate">
+          <ref name="base64"/>
+        </element>
       </optional>
       <optional>
-        <ref name="bpki_bsc_pkcs10_elt"/>
+        <element name="bpki_bsc_pkcs10">
+          <ref name="base64"/>
+        </element>
       </optional>
     </element>
-  </start>
-  <define name="roa_request_elt">
-    <element name="roa_request">
-      <attribute name="asn">
-        <data type="positiveInteger"/>
-      </attribute>
-      <attribute name="v4">
-        <ref name="ipv4_list"/>
+  </define>
+  <define name="identity_pdu">
+    <element name="identity">
+      <attribute name="version">
+        <ref name="version"/>
       </attribute>
-      <attribute name="v6">
-        <ref name="ipv6_list"/>
+      <attribute name="handle">
+        <ref name="object_handle"/>
       </attribute>
+      <element name="bpki_ta">
+        <ref name="base64"/>
+      </element>
     </element>
   </define>
-  <define name="child_elt">
-    <element name="child">
-      <attribute name="handle">
-        <ref name="object_handle"/>
+  <define name="parent_pdu">
+    <element name="parent">
+      <attribute name="version">
+        <ref name="version"/>
       </attribute>
       <attribute name="valid_until">
         <data type="dateTime">
@@ -106,96 +211,169 @@
         </data>
       </attribute>
       <optional>
-        <attribute name="asns">
-          <ref name="asn_list"/>
+        <attribute name="service_uri">
+          <ref name="uri"/>
         </attribute>
       </optional>
+      <attribute name="child_handle">
+        <ref name="object_handle"/>
+      </attribute>
+      <attribute name="parent_handle">
+        <ref name="object_handle"/>
+      </attribute>
       <optional>
-        <attribute name="v4">
-          <ref name="ipv4_list"/>
-        </attribute>
+        <element name="bpki_resource_ta">
+          <ref name="base64"/>
+        </element>
       </optional>
       <optional>
-        <attribute name="v6">
-          <ref name="ipv6_list"/>
-        </attribute>
+        <element name="bpki_server_ta">
+          <ref name="base64"/>
+        </element>
       </optional>
       <optional>
-        <element name="bpki_certificate">
+        <element name="bpki_child_ta">
           <ref name="base64"/>
         </element>
       </optional>
+      <optional>
+        <element name="repository">
+          <choice>
+            <attribute name="type">
+              <value>offer</value>
+            </attribute>
+            <group>
+              <attribute name="type">
+                <value>hint</value>
+              </attribute>
+              <attribute name="proposed_sia_base">
+                <ref name="uri"/>
+              </attribute>
+              <element name="contact_info">
+                <data type="string"/>
+              </element>
+            </group>
+          </choice>
+        </element>
+      </optional>
     </element>
   </define>
-  <define name="parent_elt">
-    <element name="parent">
-      <attribute name="handle">
+  <define name="repository_pdu" combine="choice">
+    <element name="repository">
+      <attribute name="version">
+        <ref name="version"/>
+      </attribute>
+      <attribute name="type">
+        <value>confirmed</value>
+      </attribute>
+      <attribute name="parent_handle">
+        <ref name="object_handle"/>
+      </attribute>
+      <attribute name="client_handle">
+        <ref name="pubd_handle"/>
+      </attribute>
+      <attribute name="service_uri">
+        <ref name="uri"/>
+      </attribute>
+      <attribute name="sia_base">
+        <ref name="uri"/>
+      </attribute>
+      <attribute name="repository_handle">
         <ref name="object_handle"/>
       </attribute>
       <optional>
-        <attribute name="service_uri">
-          <ref name="uri"/>
-        </attribute>
+        <element name="bpki_server_ta">
+          <ref name="base64"/>
+        </element>
       </optional>
       <optional>
-        <attribute name="myhandle">
-          <ref name="object_handle"/>
-        </attribute>
+        <element name="bpki_client_ta">
+          <ref name="base64"/>
+        </element>
       </optional>
       <optional>
-        <attribute name="sia_base">
-          <ref name="uri"/>
-        </attribute>
+        <element name="contact_info">
+          <data type="string"/>
+        </element>
+      </optional>
+    </element>
+  </define>
+  <define name="repository_pdu" combine="choice">
+    <element name="repository">
+      <attribute name="version">
+        <ref name="version"/>
+      </attribute>
+      <attribute name="type">
+        <value>request</value>
+      </attribute>
+      <attribute name="handle">
+        <ref name="pubd_handle"/>
+      </attribute>
+      <attribute name="parent_handle">
+        <ref name="object_handle"/>
+      </attribute>
+      <optional>
+        <element name="contact_info">
+          <data type="string"/>
+        </element>
       </optional>
       <optional>
-        <element name="bpki_cms_certificate">
+        <element name="bpki_ta">
           <ref name="base64"/>
         </element>
       </optional>
+    </element>
+  </define>
+  <define name="repository_pdu" combine="choice">
+    <element name="repository">
+      <attribute name="version">
+        <ref name="version"/>
+      </attribute>
+      <attribute name="type">
+        <value>offer</value>
+      </attribute>
+      <attribute name="handle">
+        <ref name="pubd_handle"/>
+      </attribute>
+      <attribute name="parent_handle">
+        <ref name="object_handle"/>
+      </attribute>
       <optional>
-        <element name="bpki_https_certificate">
+        <element name="bpki_ta">
           <ref name="base64"/>
         </element>
       </optional>
     </element>
   </define>
-  <define name="repository_elt">
+  <define name="repository_pdu" combine="choice">
     <element name="repository">
+      <attribute name="version">
+        <ref name="version"/>
+      </attribute>
+      <attribute name="type">
+        <value>hint</value>
+      </attribute>
       <attribute name="handle">
+        <ref name="pubd_handle"/>
+      </attribute>
+      <attribute name="parent_handle">
         <ref name="object_handle"/>
       </attribute>
+      <attribute name="proposed_sia_base">
+        <ref name="uri"/>
+      </attribute>
       <optional>
-        <attribute name="service_uri">
-          <ref name="uri"/>
-        </attribute>
+        <element name="contact_info">
+          <data type="string"/>
+        </element>
       </optional>
       <optional>
-        <element name="bpki_certificate">
+        <element name="bpki_ta">
           <ref name="base64"/>
         </element>
       </optional>
     </element>
   </define>
-  <define name="bpki_ca_certificate_elt">
-    <element name="bpki_ca_certificate">
-      <ref name="base64"/>
-    </element>
-  </define>
-  <define name="bpki_crl_elt">
-    <element name="bpki_crl">
-      <ref name="base64"/>
-    </element>
-  </define>
-  <define name="bpki_bsc_certificate_elt">
-    <element name="bpki_bsc_certificate">
-      <ref name="base64"/>
-    </element>
-  </define>
-  <define name="bpki_bsc_pkcs10_elt">
-    <element name="bpki_bsc_pkcs10">
-      <ref name="base64"/>
-    </element>
-  </define>
 </grammar>
 <!--
   Local Variables:
-- 
cgit v1.2.3