00001
00002
00003 import lxml.etree
00004
00005
00006
00007 left_right = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encoding="UTF-8"?>
00008 <!--
00009 $Id: left-right-schema.rnc 3302 2010-06-29 01:51:45Z sra $
00010
00011 RelaxNG Schema for RPKI left-right protocol.
00012
00013 libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
00014 run the compact syntax through trang to get XML syntax.
00015
00016 Copyright (C) 2009-2010 Internet Systems Consortium ("ISC")
00017
00018 Permission to use, copy, modify, and distribute this software for any
00019 purpose with or without fee is hereby granted, provided that the above
00020 copyright notice and this permission notice appear in all copies.
00021
00022 THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
00023 REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
00024 AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
00025 INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
00026 LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
00027 OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
00028 PERFORMANCE OF THIS SOFTWARE.
00029
00030 Portions copyright (C) 2007-2008 American Registry for Internet Numbers ("ARIN")
00031
00032 Permission to use, copy, modify, and distribute this software for any
00033 purpose with or without fee is hereby granted, provided that the above
00034 copyright notice and this permission notice appear in all copies.
00035
00036 THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
00037 REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
00038 AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
00039 INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
00040 LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
00041 OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
00042 PERFORMANCE OF THIS SOFTWARE.
00043 -->
00044 <grammar ns="http://www.hactrn.net/uris/rpki/left-right-spec/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
00045 <!-- Top level PDU -->
00046 <start>
00047 <element name="msg">
00048 <attribute name="version">
00049 <data type="positiveInteger">
00050 <param name="maxInclusive">1</param>
00051 </data>
00052 </attribute>
00053 <choice>
00054 <group>
00055 <attribute name="type">
00056 <value>query</value>
00057 </attribute>
00058 <zeroOrMore>
00059 <ref name="query_elt"/>
00060 </zeroOrMore>
00061 </group>
00062 <group>
00063 <attribute name="type">
00064 <value>reply</value>
00065 </attribute>
00066 <zeroOrMore>
00067 <ref name="reply_elt"/>
00068 </zeroOrMore>
00069 </group>
00070 </choice>
00071 </element>
00072 </start>
00073 <!-- PDUs allowed in a query -->
00074 <define name="query_elt" combine="choice">
00075 <ref name="self_query"/>
00076 </define>
00077 <define name="query_elt" combine="choice">
00078 <ref name="bsc_query"/>
00079 </define>
00080 <define name="query_elt" combine="choice">
00081 <ref name="parent_query"/>
00082 </define>
00083 <define name="query_elt" combine="choice">
00084 <ref name="child_query"/>
00085 </define>
00086 <define name="query_elt" combine="choice">
00087 <ref name="repository_query"/>
00088 </define>
00089 <define name="query_elt" combine="choice">
00090 <ref name="list_roa_requests_query"/>
00091 </define>
00092 <define name="query_elt" combine="choice">
00093 <ref name="list_resources_query"/>
00094 </define>
00095 <define name="query_elt" combine="choice">
00096 <ref name="list_published_objects_query"/>
00097 </define>
00098 <define name="query_elt" combine="choice">
00099 <ref name="list_received_resources_query"/>
00100 </define>
00101 <!-- PDUs allowed in a reply -->
00102 <define name="reply_elt" combine="choice">
00103 <ref name="self_reply"/>
00104 </define>
00105 <define name="reply_elt" combine="choice">
00106 <ref name="bsc_reply"/>
00107 </define>
00108 <define name="reply_elt" combine="choice">
00109 <ref name="parent_reply"/>
00110 </define>
00111 <define name="reply_elt" combine="choice">
00112 <ref name="child_reply"/>
00113 </define>
00114 <define name="reply_elt" combine="choice">
00115 <ref name="repository_reply"/>
00116 </define>
00117 <define name="reply_elt" combine="choice">
00118 <ref name="list_resources_reply"/>
00119 </define>
00120 <define name="reply_elt" combine="choice">
00121 <ref name="list_roa_requests_reply"/>
00122 </define>
00123 <define name="reply_elt" combine="choice">
00124 <ref name="list_published_objects_reply"/>
00125 </define>
00126 <define name="reply_elt" combine="choice">
00127 <ref name="list_received_resources_reply"/>
00128 </define>
00129 <define name="reply_elt" combine="choice">
00130 <ref name="report_error_reply"/>
00131 </define>
00132 <!-- Tag attributes for bulk operations -->
00133 <define name="tag">
00134 <optional>
00135 <attribute name="tag">
00136 <data type="token">
00137 <param name="maxLength">1024</param>
00138 </data>
00139 </attribute>
00140 </optional>
00141 </define>
00142 <!--
00143 Combinations of action and type attributes used in later definitions.
00144 The same patterns repeat in most of the elements in this protocol.
00145 -->
00146 <define name="ctl_create">
00147 <attribute name="action">
00148 <value>create</value>
00149 </attribute>
00150 <ref name="tag"/>
00151 </define>
00152 <define name="ctl_set">
00153 <attribute name="action">
00154 <value>set</value>
00155 </attribute>
00156 <ref name="tag"/>
00157 </define>
00158 <define name="ctl_get">
00159 <attribute name="action">
00160 <value>get</value>
00161 </attribute>
00162 <ref name="tag"/>
00163 </define>
00164 <define name="ctl_list">
00165 <attribute name="action">
00166 <value>list</value>
00167 </attribute>
00168 <ref name="tag"/>
00169 </define>
00170 <define name="ctl_destroy">
00171 <attribute name="action">
00172 <value>destroy</value>
00173 </attribute>
00174 <ref name="tag"/>
00175 </define>
00176 <!-- Base64 encoded DER stuff -->
00177 <define name="base64">
00178 <data type="base64Binary">
00179 <param name="maxLength">512000</param>
00180 </data>
00181 </define>
00182 <!--
00183 Base definition for all fields that are really just SQL primary indices
00184 sql_id = xsd:nonNegativeInteger
00185 -->
00186 <!--
00187 ...except that fields containing SQL primary indicies don't belong
00188 in this protocol, so they're turninging into handles.
00189 Length restriction is a MySQL implementation issue.
00190 Handles are case-insensitive (because SQL is, among other reasons).
00191 -->
00192 <define name="object_handle">
00193 <data type="string">
00194 <param name="maxLength">255</param>
00195 <param name="pattern">[\-_A-Za-z0-9]*</param>
00196 </data>
00197 </define>
00198 <!-- URIs -->
00199 <define name="uri">
00200 <data type="anyURI">
00201 <param name="maxLength">4096</param>
00202 </data>
00203 </define>
00204 <!-- Name fields imported from up-down protocol -->
00205 <define name="up_down_name">
00206 <data type="token">
00207 <param name="maxLength">1024</param>
00208 </data>
00209 </define>
00210 <!-- Resource lists -->
00211 <define name="asn_list">
00212 <data type="string">
00213 <param name="maxLength">512000</param>
00214 <param name="pattern">[\-,0-9]*</param>
00215 </data>
00216 </define>
00217 <define name="ipv4_list">
00218 <data type="string">
00219 <param name="maxLength">512000</param>
00220 <param name="pattern">[\-,0-9/.]*</param>
00221 </data>
00222 </define>
00223 <define name="ipv6_list">
00224 <data type="string">
00225 <param name="maxLength">512000</param>
00226 <param name="pattern">[\-,0-9/:a-fA-F]*</param>
00227 </data>
00228 </define>
00229 <!-- <self/> element -->
00230 <define name="self_bool">
00231 <optional>
00232 <attribute name="rekey">
00233 <value>yes</value>
00234 </attribute>
00235 </optional>
00236 <optional>
00237 <attribute name="reissue">
00238 <value>yes</value>
00239 </attribute>
00240 </optional>
00241 <optional>
00242 <attribute name="revoke">
00243 <value>yes</value>
00244 </attribute>
00245 </optional>
00246 <optional>
00247 <attribute name="run_now">
00248 <value>yes</value>
00249 </attribute>
00250 </optional>
00251 <optional>
00252 <attribute name="publish_world_now">
00253 <value>yes</value>
00254 </attribute>
00255 </optional>
00256 <optional>
00257 <attribute name="revoke_forgotten">
00258 <value>yes</value>
00259 </attribute>
00260 </optional>
00261 </define>
00262 <define name="self_payload">
00263 <optional>
00264 <attribute name="use_hsm">
00265 <choice>
00266 <value>yes</value>
00267 <value>no</value>
00268 </choice>
00269 </attribute>
00270 </optional>
00271 <optional>
00272 <attribute name="crl_interval">
00273 <data type="positiveInteger"/>
00274 </attribute>
00275 </optional>
00276 <optional>
00277 <attribute name="regen_margin">
00278 <data type="positiveInteger"/>
00279 </attribute>
00280 </optional>
00281 <optional>
00282 <element name="bpki_cert">
00283 <ref name="base64"/>
00284 </element>
00285 </optional>
00286 <optional>
00287 <element name="bpki_glue">
00288 <ref name="base64"/>
00289 </element>
00290 </optional>
00291 </define>
00292 <define name="self_handle">
00293 <attribute name="self_handle">
00294 <ref name="object_handle"/>
00295 </attribute>
00296 </define>
00297 <define name="self_query" combine="choice">
00298 <element name="self">
00299 <ref name="ctl_create"/>
00300 <ref name="self_handle"/>
00301 <ref name="self_bool"/>
00302 <ref name="self_payload"/>
00303 </element>
00304 </define>
00305 <define name="self_reply" combine="choice">
00306 <element name="self">
00307 <ref name="ctl_create"/>
00308 <ref name="self_handle"/>
00309 </element>
00310 </define>
00311 <define name="self_query" combine="choice">
00312 <element name="self">
00313 <ref name="ctl_set"/>
00314 <ref name="self_handle"/>
00315 <ref name="self_bool"/>
00316 <ref name="self_payload"/>
00317 </element>
00318 </define>
00319 <define name="self_reply" combine="choice">
00320 <element name="self">
00321 <ref name="ctl_set"/>
00322 <ref name="self_handle"/>
00323 </element>
00324 </define>
00325 <define name="self_query" combine="choice">
00326 <element name="self">
00327 <ref name="ctl_get"/>
00328 <ref name="self_handle"/>
00329 </element>
00330 </define>
00331 <define name="self_reply" combine="choice">
00332 <element name="self">
00333 <ref name="ctl_get"/>
00334 <ref name="self_handle"/>
00335 <ref name="self_payload"/>
00336 </element>
00337 </define>
00338 <define name="self_query" combine="choice">
00339 <element name="self">
00340 <ref name="ctl_list"/>
00341 </element>
00342 </define>
00343 <define name="self_reply" combine="choice">
00344 <element name="self">
00345 <ref name="ctl_list"/>
00346 <ref name="self_handle"/>
00347 <ref name="self_payload"/>
00348 </element>
00349 </define>
00350 <define name="self_query" combine="choice">
00351 <element name="self">
00352 <ref name="ctl_destroy"/>
00353 <ref name="self_handle"/>
00354 </element>
00355 </define>
00356 <define name="self_reply" combine="choice">
00357 <element name="self">
00358 <ref name="ctl_destroy"/>
00359 <ref name="self_handle"/>
00360 </element>
00361 </define>
00362 <!-- <bsc/> element. Key parameters hardwired for now. -->
00363 <define name="bsc_bool">
00364 <optional>
00365 <attribute name="generate_keypair">
00366 <value>yes</value>
00367 </attribute>
00368 <optional>
00369 <attribute name="key_type">
00370 <value>rsa</value>
00371 </attribute>
00372 </optional>
00373 <optional>
00374 <attribute name="hash_alg">
00375 <value>sha256</value>
00376 </attribute>
00377 </optional>
00378 <optional>
00379 <attribute name="key_length">
00380 <value>2048</value>
00381 </attribute>
00382 </optional>
00383 </optional>
00384 </define>
00385 <define name="bsc_handle">
00386 <attribute name="bsc_handle">
00387 <ref name="object_handle"/>
00388 </attribute>
00389 </define>
00390 <define name="bsc_payload">
00391 <optional>
00392 <element name="signing_cert">
00393 <ref name="base64"/>
00394 </element>
00395 </optional>
00396 <optional>
00397 <element name="signing_cert_crl">
00398 <ref name="base64"/>
00399 </element>
00400 </optional>
00401 </define>
00402 <define name="bsc_pkcs10">
00403 <optional>
00404 <element name="pkcs10_request">
00405 <ref name="base64"/>
00406 </element>
00407 </optional>
00408 </define>
00409 <define name="bsc_query" combine="choice">
00410 <element name="bsc">
00411 <ref name="ctl_create"/>
00412 <ref name="self_handle"/>
00413 <ref name="bsc_handle"/>
00414 <ref name="bsc_bool"/>
00415 <ref name="bsc_payload"/>
00416 </element>
00417 </define>
00418 <define name="bsc_reply" combine="choice">
00419 <element name="bsc">
00420 <ref name="ctl_create"/>
00421 <ref name="self_handle"/>
00422 <ref name="bsc_handle"/>
00423 <ref name="bsc_pkcs10"/>
00424 </element>
00425 </define>
00426 <define name="bsc_query" combine="choice">
00427 <element name="bsc">
00428 <ref name="ctl_set"/>
00429 <ref name="self_handle"/>
00430 <ref name="bsc_handle"/>
00431 <ref name="bsc_bool"/>
00432 <ref name="bsc_payload"/>
00433 </element>
00434 </define>
00435 <define name="bsc_reply" combine="choice">
00436 <element name="bsc">
00437 <ref name="ctl_set"/>
00438 <ref name="self_handle"/>
00439 <ref name="bsc_handle"/>
00440 <ref name="bsc_pkcs10"/>
00441 </element>
00442 </define>
00443 <define name="bsc_query" combine="choice">
00444 <element name="bsc">
00445 <ref name="ctl_get"/>
00446 <ref name="self_handle"/>
00447 <ref name="bsc_handle"/>
00448 </element>
00449 </define>
00450 <define name="bsc_reply" combine="choice">
00451 <element name="bsc">
00452 <ref name="ctl_get"/>
00453 <ref name="self_handle"/>
00454 <ref name="bsc_handle"/>
00455 <ref name="bsc_payload"/>
00456 <ref name="bsc_pkcs10"/>
00457 </element>
00458 </define>
00459 <define name="bsc_query" combine="choice">
00460 <element name="bsc">
00461 <ref name="ctl_list"/>
00462 <ref name="self_handle"/>
00463 </element>
00464 </define>
00465 <define name="bsc_reply" combine="choice">
00466 <element name="bsc">
00467 <ref name="ctl_list"/>
00468 <ref name="self_handle"/>
00469 <ref name="bsc_handle"/>
00470 <ref name="bsc_payload"/>
00471 <ref name="bsc_pkcs10"/>
00472 </element>
00473 </define>
00474 <define name="bsc_query" combine="choice">
00475 <element name="bsc">
00476 <ref name="ctl_destroy"/>
00477 <ref name="self_handle"/>
00478 <ref name="bsc_handle"/>
00479 </element>
00480 </define>
00481 <define name="bsc_reply" combine="choice">
00482 <element name="bsc">
00483 <ref name="ctl_destroy"/>
00484 <ref name="self_handle"/>
00485 <ref name="bsc_handle"/>
00486 </element>
00487 </define>
00488 <!-- <parent/> element -->
00489 <define name="parent_handle">
00490 <attribute name="parent_handle">
00491 <ref name="object_handle"/>
00492 </attribute>
00493 </define>
00494 <define name="parent_bool">
00495 <optional>
00496 <attribute name="rekey">
00497 <value>yes</value>
00498 </attribute>
00499 </optional>
00500 <optional>
00501 <attribute name="reissue">
00502 <value>yes</value>
00503 </attribute>
00504 </optional>
00505 <optional>
00506 <attribute name="revoke">
00507 <value>yes</value>
00508 </attribute>
00509 </optional>
00510 <optional>
00511 <attribute name="revoke_forgotten">
00512 <value>yes</value>
00513 </attribute>
00514 </optional>
00515 </define>
00516 <define name="parent_payload">
00517 <optional>
00518 <attribute name="peer_contact_uri">
00519 <ref name="uri"/>
00520 </attribute>
00521 </optional>
00522 <optional>
00523 <attribute name="sia_base">
00524 <ref name="uri"/>
00525 </attribute>
00526 </optional>
00527 <optional>
00528 <ref name="bsc_handle"/>
00529 </optional>
00530 <optional>
00531 <ref name="repository_handle"/>
00532 </optional>
00533 <optional>
00534 <attribute name="sender_name">
00535 <ref name="up_down_name"/>
00536 </attribute>
00537 </optional>
00538 <optional>
00539 <attribute name="recipient_name">
00540 <ref name="up_down_name"/>
00541 </attribute>
00542 </optional>
00543 <optional>
00544 <element name="bpki_cms_cert">
00545 <ref name="base64"/>
00546 </element>
00547 </optional>
00548 <optional>
00549 <element name="bpki_cms_glue">
00550 <ref name="base64"/>
00551 </element>
00552 </optional>
00553 </define>
00554 <define name="parent_query" combine="choice">
00555 <element name="parent">
00556 <ref name="ctl_create"/>
00557 <ref name="self_handle"/>
00558 <ref name="parent_handle"/>
00559 <ref name="parent_bool"/>
00560 <ref name="parent_payload"/>
00561 </element>
00562 </define>
00563 <define name="parent_reply" combine="choice">
00564 <element name="parent">
00565 <ref name="ctl_create"/>
00566 <ref name="self_handle"/>
00567 <ref name="parent_handle"/>
00568 </element>
00569 </define>
00570 <define name="parent_query" combine="choice">
00571 <element name="parent">
00572 <ref name="ctl_set"/>
00573 <ref name="self_handle"/>
00574 <ref name="parent_handle"/>
00575 <ref name="parent_bool"/>
00576 <ref name="parent_payload"/>
00577 </element>
00578 </define>
00579 <define name="parent_reply" combine="choice">
00580 <element name="parent">
00581 <ref name="ctl_set"/>
00582 <ref name="self_handle"/>
00583 <ref name="parent_handle"/>
00584 </element>
00585 </define>
00586 <define name="parent_query" combine="choice">
00587 <element name="parent">
00588 <ref name="ctl_get"/>
00589 <ref name="self_handle"/>
00590 <ref name="parent_handle"/>
00591 </element>
00592 </define>
00593 <define name="parent_reply" combine="choice">
00594 <element name="parent">
00595 <ref name="ctl_get"/>
00596 <ref name="self_handle"/>
00597 <ref name="parent_handle"/>
00598 <ref name="parent_payload"/>
00599 </element>
00600 </define>
00601 <define name="parent_query" combine="choice">
00602 <element name="parent">
00603 <ref name="ctl_list"/>
00604 <ref name="self_handle"/>
00605 </element>
00606 </define>
00607 <define name="parent_reply" combine="choice">
00608 <element name="parent">
00609 <ref name="ctl_list"/>
00610 <ref name="self_handle"/>
00611 <ref name="parent_handle"/>
00612 <ref name="parent_payload"/>
00613 </element>
00614 </define>
00615 <define name="parent_query" combine="choice">
00616 <element name="parent">
00617 <ref name="ctl_destroy"/>
00618 <ref name="self_handle"/>
00619 <ref name="parent_handle"/>
00620 </element>
00621 </define>
00622 <define name="parent_reply" combine="choice">
00623 <element name="parent">
00624 <ref name="ctl_destroy"/>
00625 <ref name="self_handle"/>
00626 <ref name="parent_handle"/>
00627 </element>
00628 </define>
00629 <!-- <child/> element -->
00630 <define name="child_handle">
00631 <attribute name="child_handle">
00632 <ref name="object_handle"/>
00633 </attribute>
00634 </define>
00635 <define name="child_bool">
00636 <optional>
00637 <attribute name="reissue">
00638 <value>yes</value>
00639 </attribute>
00640 </optional>
00641 </define>
00642 <define name="child_payload">
00643 <optional>
00644 <ref name="bsc_handle"/>
00645 </optional>
00646 <optional>
00647 <element name="bpki_cert">
00648 <ref name="base64"/>
00649 </element>
00650 </optional>
00651 <optional>
00652 <element name="bpki_glue">
00653 <ref name="base64"/>
00654 </element>
00655 </optional>
00656 </define>
00657 <define name="child_query" combine="choice">
00658 <element name="child">
00659 <ref name="ctl_create"/>
00660 <ref name="self_handle"/>
00661 <ref name="child_handle"/>
00662 <ref name="child_bool"/>
00663 <ref name="child_payload"/>
00664 </element>
00665 </define>
00666 <define name="child_reply" combine="choice">
00667 <element name="child">
00668 <ref name="ctl_create"/>
00669 <ref name="self_handle"/>
00670 <ref name="child_handle"/>
00671 </element>
00672 </define>
00673 <define name="child_query" combine="choice">
00674 <element name="child">
00675 <ref name="ctl_set"/>
00676 <ref name="self_handle"/>
00677 <ref name="child_handle"/>
00678 <ref name="child_bool"/>
00679 <ref name="child_payload"/>
00680 </element>
00681 </define>
00682 <define name="child_reply" combine="choice">
00683 <element name="child">
00684 <ref name="ctl_set"/>
00685 <ref name="self_handle"/>
00686 <ref name="child_handle"/>
00687 </element>
00688 </define>
00689 <define name="child_query" combine="choice">
00690 <element name="child">
00691 <ref name="ctl_get"/>
00692 <ref name="self_handle"/>
00693 <ref name="child_handle"/>
00694 </element>
00695 </define>
00696 <define name="child_reply" combine="choice">
00697 <element name="child">
00698 <ref name="ctl_get"/>
00699 <ref name="self_handle"/>
00700 <ref name="child_handle"/>
00701 <ref name="child_payload"/>
00702 </element>
00703 </define>
00704 <define name="child_query" combine="choice">
00705 <element name="child">
00706 <ref name="ctl_list"/>
00707 <ref name="self_handle"/>
00708 </element>
00709 </define>
00710 <define name="child_reply" combine="choice">
00711 <element name="child">
00712 <ref name="ctl_list"/>
00713 <ref name="self_handle"/>
00714 <ref name="child_handle"/>
00715 <ref name="child_payload"/>
00716 </element>
00717 </define>
00718 <define name="child_query" combine="choice">
00719 <element name="child">
00720 <ref name="ctl_destroy"/>
00721 <ref name="self_handle"/>
00722 <ref name="child_handle"/>
00723 </element>
00724 </define>
00725 <define name="child_reply" combine="choice">
00726 <element name="child">
00727 <ref name="ctl_destroy"/>
00728 <ref name="self_handle"/>
00729 <ref name="child_handle"/>
00730 </element>
00731 </define>
00732 <!-- <repository/> element -->
00733 <define name="repository_handle">
00734 <attribute name="repository_handle">
00735 <ref name="object_handle"/>
00736 </attribute>
00737 </define>
00738 <define name="repository_payload">
00739 <optional>
00740 <attribute name="peer_contact_uri">
00741 <ref name="uri"/>
00742 </attribute>
00743 </optional>
00744 <optional>
00745 <ref name="bsc_handle"/>
00746 </optional>
00747 <optional>
00748 <element name="bpki_cert">
00749 <ref name="base64"/>
00750 </element>
00751 </optional>
00752 <optional>
00753 <element name="bpki_glue">
00754 <ref name="base64"/>
00755 </element>
00756 </optional>
00757 </define>
00758 <define name="repository_query" combine="choice">
00759 <element name="repository">
00760 <ref name="ctl_create"/>
00761 <ref name="self_handle"/>
00762 <ref name="repository_handle"/>
00763 <ref name="repository_payload"/>
00764 </element>
00765 </define>
00766 <define name="repository_reply" combine="choice">
00767 <element name="repository">
00768 <ref name="ctl_create"/>
00769 <ref name="self_handle"/>
00770 <ref name="repository_handle"/>
00771 </element>
00772 </define>
00773 <define name="repository_query" combine="choice">
00774 <element name="repository">
00775 <ref name="ctl_set"/>
00776 <ref name="self_handle"/>
00777 <ref name="repository_handle"/>
00778 <ref name="repository_payload"/>
00779 </element>
00780 </define>
00781 <define name="repository_reply" combine="choice">
00782 <element name="repository">
00783 <ref name="ctl_set"/>
00784 <ref name="self_handle"/>
00785 <ref name="repository_handle"/>
00786 </element>
00787 </define>
00788 <define name="repository_query" combine="choice">
00789 <element name="repository">
00790 <ref name="ctl_get"/>
00791 <ref name="self_handle"/>
00792 <ref name="repository_handle"/>
00793 </element>
00794 </define>
00795 <define name="repository_reply" combine="choice">
00796 <element name="repository">
00797 <ref name="ctl_get"/>
00798 <ref name="self_handle"/>
00799 <ref name="repository_handle"/>
00800 <ref name="repository_payload"/>
00801 </element>
00802 </define>
00803 <define name="repository_query" combine="choice">
00804 <element name="repository">
00805 <ref name="ctl_list"/>
00806 <ref name="self_handle"/>
00807 </element>
00808 </define>
00809 <define name="repository_reply" combine="choice">
00810 <element name="repository">
00811 <ref name="ctl_list"/>
00812 <ref name="self_handle"/>
00813 <ref name="repository_handle"/>
00814 <ref name="repository_payload"/>
00815 </element>
00816 </define>
00817 <define name="repository_query" combine="choice">
00818 <element name="repository">
00819 <ref name="ctl_destroy"/>
00820 <ref name="self_handle"/>
00821 <ref name="repository_handle"/>
00822 </element>
00823 </define>
00824 <define name="repository_reply" combine="choice">
00825 <element name="repository">
00826 <ref name="ctl_destroy"/>
00827 <ref name="self_handle"/>
00828 <ref name="repository_handle"/>
00829 </element>
00830 </define>
00831 <!-- <list_resources/> element -->
00832 <define name="list_resources_query">
00833 <element name="list_resources">
00834 <ref name="tag"/>
00835 <ref name="self_handle"/>
00836 <ref name="child_handle"/>
00837 </element>
00838 </define>
00839 <define name="list_resources_reply">
00840 <element name="list_resources">
00841 <ref name="tag"/>
00842 <ref name="self_handle"/>
00843 <ref name="child_handle"/>
00844 <attribute name="valid_until">
00845 <data type="dateTime">
00846 <param name="pattern">.*Z</param>
00847 </data>
00848 </attribute>
00849 <optional>
00850 <attribute name="asn">
00851 <ref name="asn_list"/>
00852 </attribute>
00853 </optional>
00854 <optional>
00855 <attribute name="ipv4">
00856 <ref name="ipv4_list"/>
00857 </attribute>
00858 </optional>
00859 <optional>
00860 <attribute name="ipv6">
00861 <ref name="ipv6_list"/>
00862 </attribute>
00863 </optional>
00864 </element>
00865 </define>
00866 <!-- <list_roa_requests/> element -->
00867 <define name="list_roa_requests_query">
00868 <element name="list_roa_requests">
00869 <ref name="tag"/>
00870 <ref name="self_handle"/>
00871 </element>
00872 </define>
00873 <define name="list_roa_requests_reply">
00874 <element name="list_roa_requests">
00875 <ref name="tag"/>
00876 <ref name="self_handle"/>
00877 <attribute name="asn">
00878 <data type="positiveInteger"/>
00879 </attribute>
00880 <optional>
00881 <attribute name="ipv4">
00882 <ref name="ipv4_list"/>
00883 </attribute>
00884 </optional>
00885 <optional>
00886 <attribute name="ipv6">
00887 <ref name="ipv6_list"/>
00888 </attribute>
00889 </optional>
00890 </element>
00891 </define>
00892 <!-- <list_published_objects/> element -->
00893 <define name="list_published_objects_query">
00894 <element name="list_published_objects">
00895 <ref name="tag"/>
00896 <ref name="self_handle"/>
00897 </element>
00898 </define>
00899 <define name="list_published_objects_reply">
00900 <element name="list_published_objects">
00901 <ref name="tag"/>
00902 <ref name="self_handle"/>
00903 <attribute name="uri">
00904 <ref name="uri"/>
00905 </attribute>
00906 <ref name="base64"/>
00907 </element>
00908 </define>
00909 <!-- <list_received_resources/> element -->
00910 <define name="list_received_resources_query">
00911 <element name="list_received_resources">
00912 <ref name="tag"/>
00913 <ref name="self_handle"/>
00914 </element>
00915 </define>
00916 <define name="list_received_resources_reply">
00917 <element name="list_received_resources">
00918 <ref name="tag"/>
00919 <ref name="self_handle"/>
00920 <ref name="parent_handle"/>
00921 <attribute name="notBefore">
00922 <data type="dateTime">
00923 <param name="pattern">.*Z</param>
00924 </data>
00925 </attribute>
00926 <attribute name="notAfter">
00927 <data type="dateTime">
00928 <param name="pattern">.*Z</param>
00929 </data>
00930 </attribute>
00931 <attribute name="uri">
00932 <ref name="uri"/>
00933 </attribute>
00934 <attribute name="sia_uri">
00935 <ref name="uri"/>
00936 </attribute>
00937 <attribute name="aia_uri">
00938 <ref name="uri"/>
00939 </attribute>
00940 <optional>
00941 <attribute name="asn">
00942 <ref name="asn_list"/>
00943 </attribute>
00944 </optional>
00945 <optional>
00946 <attribute name="ipv4">
00947 <ref name="ipv4_list"/>
00948 </attribute>
00949 </optional>
00950 <optional>
00951 <attribute name="ipv6">
00952 <ref name="ipv6_list"/>
00953 </attribute>
00954 </optional>
00955 </element>
00956 </define>
00957 <!-- <report_error/> element -->
00958 <define name="error">
00959 <data type="token">
00960 <param name="maxLength">1024</param>
00961 </data>
00962 </define>
00963 <define name="report_error_reply">
00964 <element name="report_error">
00965 <ref name="tag"/>
00966 <optional>
00967 <ref name="self_handle"/>
00968 </optional>
00969 <attribute name="error_code">
00970 <ref name="error"/>
00971 </attribute>
00972 <optional>
00973 <data type="string">
00974 <param name="maxLength">512000</param>
00975 </data>
00976 </optional>
00977 </element>
00978 </define>
00979 </grammar>
00980 <!--
00981 Local Variables:
00982 indent-tabs-mode: nil
00983 End:
00984 -->
00985 '''))
00986
00987
00988
00989 up_down = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encoding="UTF-8"?>
00990 <!--
00991 $Id: up-down-schema.rnc 2839 2009-10-27 18:53:00Z sra $
00992
00993 RelaxNG Scheme for up-down protocol, extracted from APNIC Wiki.
00994
00995 libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
00996 run the compact syntax through trang to get XML syntax.
00997 -->
00998 <grammar ns="http://www.apnic.net/specs/rescerts/up-down/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
00999 <start>
01000 <element name="message">
01001 <attribute name="version">
01002 <data type="positiveInteger">
01003 <param name="maxInclusive">1</param>
01004 </data>
01005 </attribute>
01006 <attribute name="sender">
01007 <data type="token">
01008 <param name="maxLength">1024</param>
01009 </data>
01010 </attribute>
01011 <attribute name="recipient">
01012 <data type="token">
01013 <param name="maxLength">1024</param>
01014 </data>
01015 </attribute>
01016 <ref name="payload"/>
01017 </element>
01018 </start>
01019 <define name="payload" combine="choice">
01020 <attribute name="type">
01021 <value>list</value>
01022 </attribute>
01023 <ref name="list_request"/>
01024 </define>
01025 <define name="payload" combine="choice">
01026 <attribute name="type">
01027 <value>list_response</value>
01028 </attribute>
01029 <ref name="list_response"/>
01030 </define>
01031 <define name="payload" combine="choice">
01032 <attribute name="type">
01033 <value>issue</value>
01034 </attribute>
01035 <ref name="issue_request"/>
01036 </define>
01037 <define name="payload" combine="choice">
01038 <attribute name="type">
01039 <value>issue_response</value>
01040 </attribute>
01041 <ref name="issue_response"/>
01042 </define>
01043 <define name="payload" combine="choice">
01044 <attribute name="type">
01045 <value>revoke</value>
01046 </attribute>
01047 <ref name="revoke_request"/>
01048 </define>
01049 <define name="payload" combine="choice">
01050 <attribute name="type">
01051 <value>revoke_response</value>
01052 </attribute>
01053 <ref name="revoke_response"/>
01054 </define>
01055 <define name="payload" combine="choice">
01056 <attribute name="type">
01057 <value>error_response</value>
01058 </attribute>
01059 <ref name="error_response"/>
01060 </define>
01061 <define name="list_request">
01062 <empty/>
01063 </define>
01064 <define name="list_response">
01065 <zeroOrMore>
01066 <ref name="class"/>
01067 </zeroOrMore>
01068 </define>
01069 <define name="class">
01070 <element name="class">
01071 <attribute name="class_name">
01072 <data type="token">
01073 <param name="maxLength">1024</param>
01074 </data>
01075 </attribute>
01076 <attribute name="cert_url">
01077 <data type="string">
01078 <param name="maxLength">4096</param>
01079 </data>
01080 </attribute>
01081 <attribute name="resource_set_as">
01082 <data type="string">
01083 <param name="maxLength">512000</param>
01084 <param name="pattern">[\-,0-9]*</param>
01085 </data>
01086 </attribute>
01087 <attribute name="resource_set_ipv4">
01088 <data type="string">
01089 <param name="maxLength">512000</param>
01090 <param name="pattern">[\-,/.0-9]*</param>
01091 </data>
01092 </attribute>
01093 <attribute name="resource_set_ipv6">
01094 <data type="string">
01095 <param name="maxLength">512000</param>
01096 <param name="pattern">[\-,/:0-9a-fA-F]*</param>
01097 </data>
01098 </attribute>
01099 <optional>
01100 <attribute name="resource_set_notafter">
01101 <data type="dateTime">
01102 <param name="pattern">.*Z</param>
01103 </data>
01104 </attribute>
01105 </optional>
01106 <optional>
01107 <attribute name="suggested_sia_head">
01108 <data type="anyURI">
01109 <param name="maxLength">1024</param>
01110 <param name="pattern">rsync://.+</param>
01111 </data>
01112 </attribute>
01113 </optional>
01114 <zeroOrMore>
01115 <element name="certificate">
01116 <attribute name="cert_url">
01117 <data type="string">
01118 <param name="maxLength">4096</param>
01119 </data>
01120 </attribute>
01121 <optional>
01122 <attribute name="req_resource_set_as">
01123 <data type="string">
01124 <param name="maxLength">512000</param>
01125 <param name="pattern">[\-,0-9]*</param>
01126 </data>
01127 </attribute>
01128 </optional>
01129 <optional>
01130 <attribute name="req_resource_set_ipv4">
01131 <data type="string">
01132 <param name="maxLength">512000</param>
01133 <param name="pattern">[\-,/.0-9]*</param>
01134 </data>
01135 </attribute>
01136 </optional>
01137 <optional>
01138 <attribute name="req_resource_set_ipv6">
01139 <data type="string">
01140 <param name="maxLength">512000</param>
01141 <param name="pattern">[\-,/:0-9a-fA-F]*</param>
01142 </data>
01143 </attribute>
01144 </optional>
01145 <data type="base64Binary">
01146 <param name="maxLength">512000</param>
01147 </data>
01148 </element>
01149 </zeroOrMore>
01150 <element name="issuer">
01151 <data type="base64Binary">
01152 <param name="maxLength">512000</param>
01153 </data>
01154 </element>
01155 </element>
01156 </define>
01157 <define name="issue_request">
01158 <element name="request">
01159 <attribute name="class_name">
01160 <data type="token">
01161 <param name="maxLength">1024</param>
01162 </data>
01163 </attribute>
01164 <optional>
01165 <attribute name="req_resource_set_as">
01166 <data type="string">
01167 <param name="maxLength">512000</param>
01168 <param name="pattern">[\-,0-9]*</param>
01169 </data>
01170 </attribute>
01171 </optional>
01172 <optional>
01173 <attribute name="req_resource_set_ipv4">
01174 <data type="string">
01175 <param name="maxLength">512000</param>
01176 <param name="pattern">[\-,/.0-9]*</param>
01177 </data>
01178 </attribute>
01179 </optional>
01180 <optional>
01181 <attribute name="req_resource_set_ipv6">
01182 <data type="string">
01183 <param name="maxLength">512000</param>
01184 <param name="pattern">[\-,/:0-9a-fA-F]*</param>
01185 </data>
01186 </attribute>
01187 </optional>
01188 <data type="base64Binary">
01189 <param name="maxLength">512000</param>
01190 </data>
01191 </element>
01192 </define>
01193 <define name="issue_response">
01194 <ref name="class"/>
01195 </define>
01196 <define name="revoke_request">
01197 <ref name="revocation"/>
01198 </define>
01199 <define name="revoke_response">
01200 <ref name="revocation"/>
01201 </define>
01202 <define name="revocation">
01203 <element name="key">
01204 <attribute name="class_name">
01205 <data type="token">
01206 <param name="maxLength">1024</param>
01207 </data>
01208 </attribute>
01209 <attribute name="ski">
01210 <data type="token">
01211 <param name="maxLength">1024</param>
01212 </data>
01213 </attribute>
01214 </element>
01215 </define>
01216 <define name="error_response">
01217 <element name="status">
01218 <data type="positiveInteger">
01219 <param name="maxInclusive">999999999999999</param>
01220 </data>
01221 </element>
01222 <optional>
01223 <element name="description">
01224 <attribute name="xml:lang">
01225 <data type="language"/>
01226 </attribute>
01227 <data type="string">
01228 <param name="maxLength">1024</param>
01229 </data>
01230 </element>
01231 </optional>
01232 </define>
01233 </grammar>
01234 <!--
01235 Local Variables:
01236 indent-tabs-mode: nil
01237 End:
01238 -->
01239 '''))
01240
01241
01242
01243 publication = lxml.etree.RelaxNG(lxml.etree.fromstring('''<?xml version="1.0" encoding="UTF-8"?>
01244 <!--
01245 $Id: publication-schema.rnc 3434 2010-08-31 00:31:55Z sra $
01246
01247 RelaxNG Schema for RPKI publication protocol.
01248
01249 libxml2 (including xmllint) only groks the XML syntax of RelaxNG, so
01250 run the compact syntax through trang to get XML syntax.
01251
01252 Copyright (C) 2009- -2010 Internet Systems Consortium ("ISC")
01253
01254 Permission to use, copy, modify, and distribute this software for any
01255 purpose with or without fee is hereby granted, provided that the above
01256 copyright notice and this permission notice appear in all copies.
01257
01258 THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
01259 REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
01260 AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
01261 INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
01262 LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
01263 OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
01264 PERFORMANCE OF THIS SOFTWARE.
01265
01266 Portions copyright (C) 2007- -2008 American Registry for Internet Numbers ("ARIN")
01267
01268 Permission to use, copy, modify, and distribute this software for any
01269 purpose with or without fee is hereby granted, provided that the above
01270 copyright notice and this permission notice appear in all copies.
01271
01272 THE SOFTWARE IS PROVIDED "AS IS" AND ARIN DISCLAIMS ALL WARRANTIES WITH
01273 REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
01274 AND FITNESS. IN NO EVENT SHALL ARIN BE LIABLE FOR ANY SPECIAL, DIRECT,
01275 INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
01276 LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
01277 OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
01278 PERFORMANCE OF THIS SOFTWARE.
01279 -->
01280 <grammar ns="http://www.hactrn.net/uris/rpki/publication-spec/" xmlns="http://relaxng.org/ns/structure/1.0" datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes">
01281 <!-- Top level PDU -->
01282 <start>
01283 <element name="msg">
01284 <attribute name="version">
01285 <data type="positiveInteger">
01286 <param name="maxInclusive">1</param>
01287 </data>
01288 </attribute>
01289 <choice>
01290 <group>
01291 <attribute name="type">
01292 <value>query</value>
01293 </attribute>
01294 <zeroOrMore>
01295 <ref name="query_elt"/>
01296 </zeroOrMore>
01297 </group>
01298 <group>
01299 <attribute name="type">
01300 <value>reply</value>
01301 </attribute>
01302 <zeroOrMore>
01303 <ref name="reply_elt"/>
01304 </zeroOrMore>
01305 </group>
01306 </choice>
01307 </element>
01308 </start>
01309 <!-- PDUs allowed in a query -->
01310 <define name="query_elt">
01311 <choice>
01312 <ref name="config_query"/>
01313 <ref name="client_query"/>
01314 <ref name="certificate_query"/>
01315 <ref name="crl_query"/>
01316 <ref name="manifest_query"/>
01317 <ref name="roa_query"/>
01318 </choice>
01319 </define>
01320 <!-- PDUs allowed in a reply -->
01321 <define name="reply_elt">
01322 <choice>
01323 <ref name="config_reply"/>
01324 <ref name="client_reply"/>
01325 <ref name="certificate_reply"/>
01326 <ref name="crl_reply"/>
01327 <ref name="manifest_reply"/>
01328 <ref name="roa_reply"/>
01329 <ref name="report_error_reply"/>
01330 </choice>
01331 </define>
01332 <!-- Tag attributes for bulk operations -->
01333 <define name="tag">
01334 <attribute name="tag">
01335 <data type="token">
01336 <param name="maxLength">1024</param>
01337 </data>
01338 </attribute>
01339 </define>
01340 <!--
01341 Base64 encoded DER stuff
01342 base64 = xsd:base64Binary { maxLength="512000" }
01343
01344 Sadly, it turns out that CRLs can in fact get longer than this for an active CA.
01345 Remove length limit for now, think about whether to put it back later.
01346 -->
01347 <define name="base64">
01348 <data type="base64Binary"/>
01349 </define>
01350 <!-- Publication URLs -->
01351 <define name="uri_t">
01352 <data type="anyURI">
01353 <param name="maxLength">4096</param>
01354 </data>
01355 </define>
01356 <define name="uri">
01357 <attribute name="uri">
01358 <ref name="uri_t"/>
01359 </attribute>
01360 </define>
01361 <!--
01362 Handles on remote objects (replaces passing raw SQL IDs). NB:
01363 Unlike the up-down protocol, handles in this protocol allow "/" as a
01364 hierarchy delimiter.
01365 -->
01366 <define name="object_handle">
01367 <data type="string">
01368 <param name="maxLength">255</param>
01369 <param name="pattern">[\-_A-Za-z0-9/]*</param>
01370 </data>
01371 </define>
01372 <!--
01373 <config/> element (use restricted to repository operator)
01374 config_handle attribute, create, list, and destroy commands omitted deliberately, see code for details
01375 -->
01376 <define name="config_payload">
01377 <optional>
01378 <element name="bpki_crl">
01379 <ref name="base64"/>
01380 </element>
01381 </optional>
01382 </define>
01383 <define name="config_query" combine="choice">
01384 <element name="config">
01385 <attribute name="action">
01386 <value>set</value>
01387 </attribute>
01388 <optional>
01389 <ref name="tag"/>
01390 </optional>
01391 <ref name="config_payload"/>
01392 </element>
01393 </define>
01394 <define name="config_reply" combine="choice">
01395 <element name="config">
01396 <attribute name="action">
01397 <value>set</value>
01398 </attribute>
01399 <optional>
01400 <ref name="tag"/>
01401 </optional>
01402 </element>
01403 </define>
01404 <define name="config_query" combine="choice">
01405 <element name="config">
01406 <attribute name="action">
01407 <value>get</value>
01408 </attribute>
01409 <optional>
01410 <ref name="tag"/>
01411 </optional>
01412 </element>
01413 </define>
01414 <define name="config_reply" combine="choice">
01415 <element name="config">
01416 <attribute name="action">
01417 <value>get</value>
01418 </attribute>
01419 <optional>
01420 <ref name="tag"/>
01421 </optional>
01422 <ref name="config_payload"/>
01423 </element>
01424 </define>
01425 <!-- <client/> element (use restricted to repository operator) -->
01426 <define name="client_handle">
01427 <attribute name="client_handle">
01428 <ref name="object_handle"/>
01429 </attribute>
01430 </define>
01431 <define name="client_payload">
01432 <optional>
01433 <attribute name="base_uri">
01434 <ref name="uri_t"/>
01435 </attribute>
01436 </optional>
01437 <optional>
01438 <element name="bpki_cert">
01439 <ref name="base64"/>
01440 </element>
01441 </optional>
01442 <optional>
01443 <element name="bpki_glue">
01444 <ref name="base64"/>
01445 </element>
01446 </optional>
01447 </define>
01448 <define name="client_query" combine="choice">
01449 <element name="client">
01450 <attribute name="action">
01451 <value>create</value>
01452 </attribute>
01453 <optional>
01454 <ref name="tag"/>
01455 </optional>
01456 <ref name="client_handle"/>
01457 <ref name="client_payload"/>
01458 </element>
01459 </define>
01460 <define name="client_reply" combine="choice">
01461 <element name="client">
01462 <attribute name="action">
01463 <value>create</value>
01464 </attribute>
01465 <optional>
01466 <ref name="tag"/>
01467 </optional>
01468 <ref name="client_handle"/>
01469 </element>
01470 </define>
01471 <define name="client_query" combine="choice">
01472 <element name="client">
01473 <attribute name="action">
01474 <value>set</value>
01475 </attribute>
01476 <optional>
01477 <ref name="tag"/>
01478 </optional>
01479 <ref name="client_handle"/>
01480 <ref name="client_payload"/>
01481 </element>
01482 </define>
01483 <define name="client_reply" combine="choice">
01484 <element name="client">
01485 <attribute name="action">
01486 <value>set</value>
01487 </attribute>
01488 <optional>
01489 <ref name="tag"/>
01490 </optional>
01491 <ref name="client_handle"/>
01492 </element>
01493 </define>
01494 <define name="client_query" combine="choice">
01495 <element name="client">
01496 <attribute name="action">
01497 <value>get</value>
01498 </attribute>
01499 <optional>
01500 <ref name="tag"/>
01501 </optional>
01502 <ref name="client_handle"/>
01503 </element>
01504 </define>
01505 <define name="client_reply" combine="choice">
01506 <element name="client">
01507 <attribute name="action">
01508 <value>get</value>
01509 </attribute>
01510 <optional>
01511 <ref name="tag"/>
01512 </optional>
01513 <ref name="client_handle"/>
01514 <ref name="client_payload"/>
01515 </element>
01516 </define>
01517 <define name="client_query" combine="choice">
01518 <element name="client">
01519 <attribute name="action">
01520 <value>list</value>
01521 </attribute>
01522 <optional>
01523 <ref name="tag"/>
01524 </optional>
01525 </element>
01526 </define>
01527 <define name="client_reply" combine="choice">
01528 <element name="client">
01529 <attribute name="action">
01530 <value>list</value>
01531 </attribute>
01532 <optional>
01533 <ref name="tag"/>
01534 </optional>
01535 <ref name="client_handle"/>
01536 <ref name="client_payload"/>
01537 </element>
01538 </define>
01539 <define name="client_query" combine="choice">
01540 <element name="client">
01541 <attribute name="action">
01542 <value>destroy</value>
01543 </attribute>
01544 <optional>
01545 <ref name="tag"/>
01546 </optional>
01547 <ref name="client_handle"/>
01548 </element>
01549 </define>
01550 <define name="client_reply" combine="choice">
01551 <element name="client">
01552 <attribute name="action">
01553 <value>destroy</value>
01554 </attribute>
01555 <optional>
01556 <ref name="tag"/>
01557 </optional>
01558 <ref name="client_handle"/>
01559 </element>
01560 </define>
01561 <!-- <certificate/> element -->
01562 <define name="certificate_query" combine="choice">
01563 <element name="certificate">
01564 <attribute name="action">
01565 <value>publish</value>
01566 </attribute>
01567 <optional>
01568 <ref name="tag"/>
01569 </optional>
01570 <ref name="uri"/>
01571 <ref name="base64"/>
01572 </element>
01573 </define>
01574 <define name="certificate_reply" combine="choice">
01575 <element name="certificate">
01576 <attribute name="action">
01577 <value>publish</value>
01578 </attribute>
01579 <optional>
01580 <ref name="tag"/>
01581 </optional>
01582 <ref name="uri"/>
01583 </element>
01584 </define>
01585 <define name="certificate_query" combine="choice">
01586 <element name="certificate">
01587 <attribute name="action">
01588 <value>withdraw</value>
01589 </attribute>
01590 <optional>
01591 <ref name="tag"/>
01592 </optional>
01593 <ref name="uri"/>
01594 </element>
01595 </define>
01596 <define name="certificate_reply" combine="choice">
01597 <element name="certificate">
01598 <attribute name="action">
01599 <value>withdraw</value>
01600 </attribute>
01601 <optional>
01602 <ref name="tag"/>
01603 </optional>
01604 <ref name="uri"/>
01605 </element>
01606 </define>
01607 <!-- <crl/> element -->
01608 <define name="crl_query" combine="choice">
01609 <element name="crl">
01610 <attribute name="action">
01611 <value>publish</value>
01612 </attribute>
01613 <optional>
01614 <ref name="tag"/>
01615 </optional>
01616 <ref name="uri"/>
01617 <ref name="base64"/>
01618 </element>
01619 </define>
01620 <define name="crl_reply" combine="choice">
01621 <element name="crl">
01622 <attribute name="action">
01623 <value>publish</value>
01624 </attribute>
01625 <optional>
01626 <ref name="tag"/>
01627 </optional>
01628 <ref name="uri"/>
01629 </element>
01630 </define>
01631 <define name="crl_query" combine="choice">
01632 <element name="crl">
01633 <attribute name="action">
01634 <value>withdraw</value>
01635 </attribute>
01636 <optional>
01637 <ref name="tag"/>
01638 </optional>
01639 <ref name="uri"/>
01640 </element>
01641 </define>
01642 <define name="crl_reply" combine="choice">
01643 <element name="crl">
01644 <attribute name="action">
01645 <value>withdraw</value>
01646 </attribute>
01647 <optional>
01648 <ref name="tag"/>
01649 </optional>
01650 <ref name="uri"/>
01651 </element>
01652 </define>
01653 <!-- <manifest/> element -->
01654 <define name="manifest_query" combine="choice">
01655 <element name="manifest">
01656 <attribute name="action">
01657 <value>publish</value>
01658 </attribute>
01659 <optional>
01660 <ref name="tag"/>
01661 </optional>
01662 <ref name="uri"/>
01663 <ref name="base64"/>
01664 </element>
01665 </define>
01666 <define name="manifest_reply" combine="choice">
01667 <element name="manifest">
01668 <attribute name="action">
01669 <value>publish</value>
01670 </attribute>
01671 <optional>
01672 <ref name="tag"/>
01673 </optional>
01674 <ref name="uri"/>
01675 </element>
01676 </define>
01677 <define name="manifest_query" combine="choice">
01678 <element name="manifest">
01679 <attribute name="action">
01680 <value>withdraw</value>
01681 </attribute>
01682 <optional>
01683 <ref name="tag"/>
01684 </optional>
01685 <ref name="uri"/>
01686 </element>
01687 </define>
01688 <define name="manifest_reply" combine="choice">
01689 <element name="manifest">
01690 <attribute name="action">
01691 <value>withdraw</value>
01692 </attribute>
01693 <optional>
01694 <ref name="tag"/>
01695 </optional>
01696 <ref name="uri"/>
01697 </element>
01698 </define>
01699 <!-- <roa/> element -->
01700 <define name="roa_query" combine="choice">
01701 <element name="roa">
01702 <attribute name="action">
01703 <value>publish</value>
01704 </attribute>
01705 <optional>
01706 <ref name="tag"/>
01707 </optional>
01708 <ref name="uri"/>
01709 <ref name="base64"/>
01710 </element>
01711 </define>
01712 <define name="roa_reply" combine="choice">
01713 <element name="roa">
01714 <attribute name="action">
01715 <value>publish</value>
01716 </attribute>
01717 <optional>
01718 <ref name="tag"/>
01719 </optional>
01720 <ref name="uri"/>
01721 </element>
01722 </define>
01723 <define name="roa_query" combine="choice">
01724 <element name="roa">
01725 <attribute name="action">
01726 <value>withdraw</value>
01727 </attribute>
01728 <optional>
01729 <ref name="tag"/>
01730 </optional>
01731 <ref name="uri"/>
01732 </element>
01733 </define>
01734 <define name="roa_reply" combine="choice">
01735 <element name="roa">
01736 <attribute name="action">
01737 <value>withdraw</value>
01738 </attribute>
01739 <optional>
01740 <ref name="tag"/>
01741 </optional>
01742 <ref name="uri"/>
01743 </element>
01744 </define>
01745 <!-- <report_error/> element -->
01746 <define name="error">
01747 <data type="token">
01748 <param name="maxLength">1024</param>
01749 </data>
01750 </define>
01751 <define name="report_error_reply">
01752 <element name="report_error">
01753 <optional>
01754 <ref name="tag"/>
01755 </optional>
01756 <attribute name="error_code">
01757 <ref name="error"/>
01758 </attribute>
01759 <optional>
01760 <data type="string">
01761 <param name="maxLength">512000</param>
01762 </data>
01763 </optional>
01764 </element>
01765 </define>
01766 </grammar>
01767 <!--
01768 Local Variables:
01769 indent-tabs-mode: nil
01770 End:
01771 -->
01772 '''))
01773