# $Id$
#
# RelaxNG schema for RPKI publication protocol.
#
# Copyright (C) 2012--2014  Dragon Research Labs ("DRL")
# Portions copyright (C) 2009--2011  Internet Systems Consortium ("ISC")
# Portions copyright (C) 2007--2008  American Registry for Internet Numbers ("ARIN")
# 
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notices and this permission notice appear in all copies.
# 
# THE SOFTWARE IS PROVIDED "AS IS" AND DRL, ISC, AND ARIN DISCLAIM ALL
# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS.  IN NO EVENT SHALL DRL,
# ISC, OR ARIN BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR
# CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS
# OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT,
# NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION
# WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

default namespace = "http://www.hactrn.net/uris/rpki/publication-spec/"

# Top level PDU

start = element msg {
  attribute version { xsd:positiveInteger { maxInclusive="1" } },
  ( (attribute type { "query" }, query_elt*) |
    (attribute type { "reply" }, reply_elt*) )
}

# PDUs allowed in a query
query_elt = ( config_query | client_query | certificate_query | crl_query |
              manifest_query | roa_query | ghostbuster_query )

# PDUs allowed in a reply
reply_elt = ( config_reply | client_reply | certificate_reply | crl_reply |
              manifest_reply | roa_reply | ghostbuster_reply | report_error_reply )

# Tag attributes for bulk operations
tag = attribute tag { xsd:token {maxLength="1024" } }

# Base64 encoded DER stuff
#base64 = xsd:base64Binary { maxLength="512000" }
#
# Sadly, it turns out that CRLs can in fact get longer than this for an active CA.
# Remove length limit for now, think about whether to put it back later.
base64 = xsd:base64Binary

# Publication URLs
uri_t = xsd:anyURI { maxLength="4096" }
uri = attribute uri { uri_t }

# Handles on remote objects (replaces passing raw SQL IDs).  NB:
# Unlike the up-down protocol, handles in this protocol allow "/" as a
# hierarchy delimiter.
object_handle = xsd:string { maxLength="255" pattern="[\-_A-Za-z0-9/]+" }

# <config/> element (use restricted to repository operator)
# config_handle attribute, create, list, and destroy commands omitted deliberately, see code for details

config_payload = (element bpki_crl { base64 }?)

config_query |= element config { attribute action { "set" }, tag?, config_payload }
config_reply |= element config { attribute action { "set" }, tag? }
config_query |= element config { attribute action { "get" }, tag? }
config_reply |= element config { attribute action { "get" }, tag?, config_payload }

# <client/> element (use restricted to repository operator)

client_handle = attribute client_handle { object_handle }

client_bool = attribute clear_replay_protection { "yes" }?

client_payload = (attribute base_uri { uri_t }?, element bpki_cert { base64 }?, element bpki_glue { base64 }?)

client_query |= element client { attribute action { "create" },  tag?, client_handle, client_bool, client_payload }
client_reply |= element client { attribute action { "create" },  tag?, client_handle }
client_query |= element client { attribute action { "set" },     tag?, client_handle, client_bool, client_payload }
client_reply |= element client { attribute action { "set" },     tag?, client_handle }
client_query |= element client { attribute action { "get" },     tag?, client_handle }
client_reply |= element client { attribute action { "get" },     tag?, client_handle, client_payload }
client_query |= element client { attribute action { "list" },    tag? }
client_reply |= element client { attribute action { "list" },    tag?, client_handle, client_payload }
client_query |= element client { attribute action { "destroy" }, tag?, client_handle }
client_reply |= element client { attribute action { "destroy" }, tag?, client_handle }

# <certificate/> element

certificate_query |= element certificate { attribute action { "publish" }, tag?, uri, base64 }
certificate_reply |= element certificate { attribute action { "publish" }, tag?, uri }
certificate_query |= element certificate { attribute action { "withdraw" }, tag?, uri }
certificate_reply |= element certificate { attribute action { "withdraw" }, tag?, uri }

# <crl/> element

crl_query |= element crl { attribute action { "publish" }, tag?, uri, base64 }
crl_reply |= element crl { attribute action { "publish" }, tag?, uri }
crl_query |= element crl { attribute action { "withdraw" }, tag?, uri }
crl_reply |= element crl { attribute action { "withdraw" }, tag?, uri }

# <manifest/> element

manifest_query |= element manifest { attribute action { "publish" }, tag?, uri, base64 }
manifest_reply |= element manifest { attribute action { "publish" }, tag?, uri }
manifest_query |= element manifest { attribute action { "withdraw" }, tag?, uri }
manifest_reply |= element manifest { attribute action { "withdraw" }, tag?, uri }

# <roa/> element

roa_query |= element roa { attribute action { "publish" }, tag?, uri, base64 }
roa_reply |= element roa { attribute action { "publish" }, tag?, uri }
roa_query |= element roa { attribute action { "withdraw" }, tag?, uri }
roa_reply |= element roa { attribute action { "withdraw" }, tag?, uri }

# <ghostbuster/> element

ghostbuster_query |= element ghostbuster { attribute action { "publish" }, tag?, uri, base64 }
ghostbuster_reply |= element ghostbuster { attribute action { "publish" }, tag?, uri }
ghostbuster_query |= element ghostbuster { attribute action { "withdraw" }, tag?, uri }
ghostbuster_reply |= element ghostbuster { attribute action { "withdraw" }, tag?, uri }

# <report_error/> element

error = xsd:token { maxLength="1024" }

report_error_reply = element report_error {
  tag?,
  attribute error_code { error },
  xsd:string { maxLength="512000" }?
}

# Local Variables:
# indent-tabs-mode: nil
# comment-start: "# "
# comment-start-skip: "#[ \t]*"
# End: