summaryrefslogtreecommitdiffstats
path: root/Schemas/CIM236/DMTF/User/CIM_CertificateManagementService.mof
diff options
context:
space:
mode:
Diffstat (limited to 'Schemas/CIM236/DMTF/User/CIM_CertificateManagementService.mof')
-rw-r--r--Schemas/CIM236/DMTF/User/CIM_CertificateManagementService.mof607
1 files changed, 607 insertions, 0 deletions
diff --git a/Schemas/CIM236/DMTF/User/CIM_CertificateManagementService.mof b/Schemas/CIM236/DMTF/User/CIM_CertificateManagementService.mof
new file mode 100644
index 0000000..68ee38e
--- /dev/null
+++ b/Schemas/CIM236/DMTF/User/CIM_CertificateManagementService.mof
@@ -0,0 +1,607 @@
+// Copyright (c) 2011 DMTF. All rights reserved.
+ [Version ( "2.29.0" ),
+ ClassConstraint {
+ "/* The constraints below aim to efficiently */ /* represent a singular OctetString. Each of the properties*/ /* is a single encoded string, thus only the first element */ /* needs to be populated. */ inv:self.CreateCertificateSigningRequest.Subject->size()<=1 and self.CreateCertificateSigningRequest.AltSubject->size()<=1 and self.CreateCertificateSigningRequest.CSR->size()=1 and self.CreateSelfSignedCertificate.Subject->size()<=1 and self.CreateSelfSignedCertificate.AltSubject->size()<=1 and self.ImportEncodedCertificates.EncodedCertificates->size()=1 and self.ApplyCRL.EncodedCRL->size()=1 and self.ExportEncodedCertificates.EncodedCertificates->size()=1" },
+ UMLPackagePath ( "CIM::User::SecurityServices" ),
+ Description (
+ "CIM_CertificateManagementService is used for managing X509 "
+ "based certificates." )]
+class CIM_CertificateManagementService : CIM_KeyBasedCredentialManagementService {
+
+
+ [Description (
+ "This method is called to request a Certificate Signing "
+ "Request (CSR) based on the Distinguished Name provided "
+ "through Subject parameter. The CSR utilizes PKCS#10 "
+ "structure as defined in RFC2986. If either Subject "
+ "parameter or AltSubject parameter are NULL, the method "
+ "shall return 2 (Error Occured). If the "
+ "PublicPrivateKeyPair parameter is NULL, then 1) "
+ "PublicKeyAlgorithm shall specify the algorithm to be "
+ "used for the public key, 2) the PublicKeySize shall "
+ "specify the length for the public key in bits. If the "
+ "PublicPrivateKeyPair parameter is NOT NULL then the "
+ "following requirements shall apply: 1) the "
+ "PublicKeyAlgorithm shall be NULL, 2) the PublicKeySize "
+ "shall be NULL, 3) the PublicPrivateKeyPair shall "
+ "reference an instance of CIM_UnsignedCredential "
+ "representing the public/ private key pair to be used for "
+ "the CSR. The OutputFormat parameter shall specify the "
+ "output format of the CSR. If the OutputFormat parameter "
+ "has a value that is not equal to any values in the "
+ "OutputFormatsSupported property on the associated "
+ "CIM_CertificateManagementCapabilities instance, then the "
+ "method shall return 2 (Error Occured). Upon the "
+ "successful execution, the CSR output parameter shall "
+ "contain the CSR in PKCS#10 structure." ),
+ ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
+ "4097..32767", "32768..65535" },
+ Values { "Completed with No Error", "Not Supported",
+ "Error Occured", "Busy", "Invalid Reference",
+ "Invalid Parameter", "Access Denied", "DMTF Reserved",
+ "Job Started", "Method Reserved", "Vendor Specified" }]
+ uint32 CreateCertificateSigningRequest(
+ [IN, Description (
+ "Subject shall contain information as required by "
+ "section 4.1.2.6 of RFC 3280 and shall be formatted "
+ "based on RFC 4514. An example of the value of the "
+ "Subject parameter could be \"CN=Marshall T. Rose, "
+ "O=Dover Beach Consulting, L=Santa Clara, "
+ "ST=California, C=US\"." ),
+ DN]
+ string Subject,
+ [IN, Description (
+ "Alternate subject identifier for the Certificate "
+ "as specified by section 4.2.1.8 of RFC 3280." )]
+ string AltSubject,
+ [IN, Description (
+ "The PublicKeyAlgorithm specifies the algorithm to "
+ "be used for the public key." ),
+ ValueMap { "2", "3", "4", "..", "32768..65535" },
+ Values { "RSA", "DSA", "ECDSA", "DMTF Reserved",
+ "Vendor Reserved" }]
+ uint16 PublicKeyAlgorithm,
+ [IN, Description (
+ "The PublicKeySize shall specify the length for the "
+ "public key in bits." ),
+ PUNIT ( "bit" )]
+ uint16 PublicKeySize,
+ [IN, Description (
+ "The PublicPrivateKeyPair parameter specifies a "
+ "reference to an instance of CIM_UnsignedCredential "
+ "which represents a public private key pair to be "
+ "utilized by the CSR.The CIM_UnsignedCredential "
+ "instance PublicKey and PublicKeyEncoding "
+ "properties shall not be NULL." )]
+ CIM_UnsignedCredential REF PublicPrivateKeyPair,
+ [In, Description (
+ "The ExtendedKeyUsageValue indicates one or more "
+ "purposes for which the certified public key may be "
+ "used in the type specified by the "
+ "ExtendedKeyUsageType parameter." ),
+ ArrayType ( "Indexed" ),
+ ModelCorrespondence {
+ "CIM_CertificateManagementService.CreateCertificateSigningRequest.ExtendedKeyUsageType" }]
+ string ExtendedKeyUsageValue[],
+ [In, Description (
+ "Describes the type for ExtendedKeyUsageValue based "
+ "on the ASN.1 GeneralName types." ),
+ ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9",
+ "..", "32768..65535" },
+ Values { "other", "rfc822Name", "dNSName",
+ "x400Address", "directoryName", "ediPartyName",
+ "uniformResourceIdentifier", "iPAddress",
+ "registeredID", "DMTF Reserved", "Vendor Reserved" },
+ ArrayType ( "Indexed" ),
+ ModelCorrespondence {
+ "CIM_CertificateManagementService.CreateCertificateSigningRequest.ExtendedKeyUsageValue" }]
+ uint16 ExtendedKeyUsageType[],
+ [In, Description (
+ "The SignatureAlgorithm parameter defines the "
+ "signature algorithm used to sign the "
+ "CertificateRequestInfo as part of the CSR as "
+ "defined in RFC 2986. This parameter covers the "
+ "algorithms specified in the RFC3279." ),
+ ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9",
+ "10", "11", "12", "13", "14", "15", "16", "17",
+ "18", "19", "20..32767", "32768..65535" },
+ Values { "Other", "SHA1withDSA", "SHA1withECDSA",
+ "SHA224withECDSA", "SHA256withECDSA",
+ "SHA384withECDSA", "SHA512withECDSA",
+ "GOST3411withGOST3410", "GOST3411withECGOST3410",
+ "MD2withRSA", "MD5withRSA", "SHA1withRSA",
+ "SHA224withRSA", "SHA256withRSA", "SHA384withRSA",
+ "SHA512withRSA", "RIPEMD160withRSA",
+ "RIPEMD128withRSA", "RIPEMD256withRSA",
+ "DMTF Reserved", "Vendor Reserved" }]
+ uint16 SignatureAlgorithm,
+ [Required, IN, Description (
+ "The OutputFormat property represents the requested "
+ "format of the Certificate Signing Request." ),
+ ValueMap { "2", "3", "..", "32768..65535" },
+ Values { "PEM", "DER", "DMTF Reserved",
+ "Vendor Reserved" }]
+ uint16 OutputFormat,
+ [IN ( false ), OUT, Description (
+ "Contains a reference to the ConcreteJob created to "
+ "track the execution initiated by the method "
+ "invocation. If the method returns 4096 - job "
+ "started, then the parameter shall not have NULL "
+ "value." )]
+ CIM_ConcreteJob REF Job,
+ [Required, IN ( false ), OUT, Description (
+ "The CSR parameter is an output parameter that upon "
+ "successful exection of this method will contain "
+ "the formated Certificate Signing Request.Only the "
+ "first element of the array property shall be "
+ "populated." ),
+ OctetString]
+ string CSR[]);
+
+ [Description (
+ "This method is called to generate to generate a "
+ "self-signed certificate. If either Subject parameter or "
+ "AltSubject parameter are NULL, the method shall return 2 "
+ "(Error Occured). If the PublicPrivateKeyPair parameter "
+ "is NULL, the following numbered requirements shall "
+ "apply: 1) the PublicKeyAlgorithm shall be non-NULL and "
+ "specify the algorithm to be used for the public key, 3) "
+ "the PublicKeySize shall be non-NULL and specify the "
+ "length for the public key in bits. If the "
+ "PublicPrivateKeyPair parameter is not NULL, the "
+ "following numbered requirements shall apply: 1) the "
+ "PublicKeyAlgorithm shall be NULL, 2) the PublicKeySize "
+ "shall be NULL, 3) the PublicPrivateKeyPair shall "
+ "reference an instance of CIM_UnsignedCredential "
+ "representing the public/ private key pair to be used for "
+ "the self signed certificate. Upon successful execution "
+ "the reference to the newly created instance of "
+ "CIM_X509Certificate shall be returned in the "
+ "NewCertificate parameter which represents the "
+ "self-signed certificate with the public/private key pair "
+ "of the size specified by the KeySize parameter. If the "
+ "Keystore parameter is not NULL, this instance shall be "
+ "associated to the instance of CIM_Keystore referenced by "
+ "the Keystore parameter through CIM_MemberOfCollection "
+ "association. If the CredentialContext parameter is not "
+ "NULL, the newly created instance shall be associated "
+ "with the instance of CIM_ManagedElement referenced by "
+ "the CredentialContext parameter through "
+ "CIM_CredentialContext association. If the "
+ "CredentialContext parameter is NULL, the newly created "
+ "instance shall not be associated with the instance of "
+ "CIM_ManagedElement through CIM_CredentialContext "
+ "association." ),
+ ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
+ "4097..32767", "32768..65535" },
+ Values { "Completed with No Error", "Not Supported",
+ "Error Occured", "Busy", "Invalid Reference",
+ "Invalid Parameter", "Access Denied", "DMTF Reserved",
+ "Job Started", "Method Reserved", "Vendor Specified" }]
+ uint32 CreateSelfSignedCertificate(
+ [IN, Description (
+ "Subject shall contain the information as required "
+ "by section 4.1.2.6 of RFC 3280 and shall be "
+ "formatted based on RFC 4514. An example of the "
+ "value of the Subject parameter could be "
+ "\"CN=Marshall T. Rose, O=Dover Beach Consulting, "
+ "OU=Sales, L=Santa Clara, ST=California, C=US\"." ),
+ DN]
+ string Subject,
+ [IN, Description (
+ "Alternate subject identifier for the Certificate "
+ "as specified by section 4.2.1.8 of RFC 3280." )]
+ string AltSubject,
+ [IN, Description (
+ "The PublicKeyAlgorithm specifies the algorithm to "
+ "be used for the public key." ),
+ ValueMap { "2", "3", "4", "..", "32768..65535" },
+ Values { "RSA", "DSA", "ECDSA", "DMTF Reserved",
+ "Vendor Reserved" }]
+ uint16 PublicKeyAlgorithm,
+ [IN, Description (
+ "The PublicKeySize shall specify the length for the "
+ "public key in bits. The value shall be of power of "
+ "2." ),
+ PUNIT ( "bit" )]
+ uint16 PublicKeySize,
+ [IN, Description (
+ "The PublicPrivateKeyPair parameter specifies a "
+ "reference to an instance of CIM_UnsignedCredential "
+ "which represents a public private key pair to be "
+ "utilized by the newly created selef signed "
+ "certificate. The PublicKey and "
+ "PublicKeyEncodingproperties of the instance of "
+ "CIM_UnsignedCredentialshall be Non-NULL." )]
+ CIM_UnsignedCredential REF PublicPrivateKeyPair,
+ [IN, Description (
+ "The Keystore parameter denotes the reference to "
+ "the instance of CIM_Keystore that represents the "
+ "key store where the new certificate will be added." )]
+ CIM_Keystore REF Keystore,
+ [IN, Description (
+ "The managed element that represents the user or "
+ "owner or the scoping element of the certificate. "
+ "Such managed element could be the web service that "
+ "owns the certificate or uses it for verification "
+ "or account that the certificate is scoped to." )]
+ CIM_ManagedElement REF CredentialContext,
+ [IN, Description (
+ "The usage of the certificate by the managed "
+ "element that the certificate is for or is scoped "
+ "to." ),
+ ValueMap { "2", "3", "4", "6", "7", "8", "..",
+ "32768..65535" },
+ Values { "Owned", "Trusted",
+ "Trusted for Authentication",
+ "Trusted for Authorization",
+ "Trusted for Authentication/Authorization",
+ "Trusted for Third-Party Authentication/Authorization",
+ "DMTF Reserved", "Vendor Reserved" },
+ ModelCorrespondence { "CIM_CredentialContext.Usage" }]
+ uint16 Usage,
+ [In, Description (
+ "The SignatureAlgorithm parameter defines the "
+ "signature algorithm used to sign the "
+ "TBSCertificate as defined in RFC 3280. This "
+ "parameter covers the algorithms specified in the "
+ "RFC3279." ),
+ ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9",
+ "10", "11", "12", "13", "14", "15", "16", "17",
+ "18", "19", "20..32767", "32768..65535" },
+ Values { "Other", "SHA1withDSA", "SHA1withECDSA",
+ "SHA224withECDSA", "SHA256withECDSA",
+ "SHA384withECDSA", "SHA512withECDSA",
+ "GOST3411withGOST3410", "GOST3411withECGOST3410",
+ "MD2withRSA", "MD5withRSA", "SHA1withRSA",
+ "SHA224withRSA", "SHA256withRSA", "SHA384withRSA",
+ "SHA512withRSA", "RIPEMD160withRSA",
+ "RIPEMD128withRSA", "RIPEMD256withRSA",
+ "DMTF Reserved", "Vendor Reserved" }]
+ uint16 SignatureAlgorithm,
+ [IN ( false ), OUT, Description (
+ "Contains a reference to the ConcreteJob created to "
+ "track the execution initiated by the method "
+ "invocation. If the method returns 4096 - job "
+ "started, then the parameter shall not have NULL "
+ "value." )]
+ CIM_ConcreteJob REF Job,
+ [IN ( false ), OUT, Description (
+ "Reference to the newly created instance of "
+ "CIM_X509Certificate representing the self signed "
+ "certificate." )]
+ CIM_X509Certificate REF SelfSignedCertificate);
+
+ [Description (
+ "This method is called to import a certificate or a "
+ "certificate chain using the certificate\'s encoded "
+ "representation. Upon successful execution the array of "
+ "references to the instance(s) of CIM_X509Certificate "
+ "representing the imported certificate or certificate "
+ "chain shall be returned inside the NewCertificates "
+ "output parameter. If the Keystore parameter is not NULL, "
+ "the newly created instance(s) of CIM_X509Certificate "
+ "shall be associated to the instance of the CIM_Keystore "
+ "referenced in the Keystore parameter. If the "
+ "CredentialContext parameter is not NULL, the newly "
+ "created instance(s) of the CIM_X509Certificate shall be "
+ "associated to the insatnces of CIM_ManagedElement "
+ "referenced in the CredentialContext property through the "
+ "CIM_CredentialContext association. If the "
+ "CredentialContext parameter is NULL, the newly created "
+ "instance(s) of the CIM_X509Certificate shall not be "
+ "associated to the insatnces of CIM_ManagedElement "
+ "through the CIM_CredentialContext association." ),
+ ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
+ "4097..32767", "32768..65535" },
+ Values { "Completed with No Error", "Not Supported",
+ "Error Occured", "Busy", "Invalid Reference",
+ "Invalid Parameter", "Access Denied", "DMTF Reserved",
+ "Job Started", "Method Reserved", "Vendor Specified" }]
+ uint32 ImportEncodedCertificates(
+ [Required, IN, Description (
+ "An array of strings representing octet string of "
+ "an encoded certificate or certificate chain to be "
+ "imported. Only the first element of the array "
+ "property shall be populated, even if a certificate "
+ "chain is imported." ),
+ OctetString]
+ string EncodedCertificates[],
+ [Required, IN, Description (
+ "The Format shall specify the format for the "
+ "encoding that is used by octet string "
+ "EncodedCertificates parameter." ),
+ ValueMap { "2", "3", "4", "5", "..", "32768..65535" },
+ Values { "DER", "PEM", "PKCS7", "PKCS12",
+ "DMTF Reserved", "Vendor Reserved" }]
+ uint16 Format,
+ [IN, Description (
+ "The Keystore parameter denotes the reference to "
+ "the instance of CIM_Keystore that represents the "
+ "key store where the new certificate or certificate "
+ "chain will be added." )]
+ CIM_Keystore REF Keystore,
+ [IN, Description (
+ "The managed element that represents the user or "
+ "owner or the scoping element of the "
+ "certificate(s). Such managed element could be the "
+ "web service that owns the certificate(s) or uses "
+ "it for verification or account that the "
+ "certificate is scoped to." )]
+ CIM_ManagedElement REF CredentialContext,
+ [IN, Description (
+ "The usage of the certificate by the managed "
+ "element that the certificate is for or is scoped "
+ "to. If a certificate chain is imported, the "
+ "sequence of elements in the Usage array shall "
+ "correspond to the sequence of the certificates in "
+ "the EncodedCertificates octet string parameter." ),
+ ValueMap { "2", "3", "4", "6", "7", "8", "..",
+ "32768..65535" },
+ Values { "Owned", "Trusted",
+ "Trusted for Authentication",
+ "Trusted for Authorization",
+ "Trusted for Authentication/Authorization",
+ "Trusted for Third-Party Authentication/Authorization",
+ "DMTF Reserved", "Vendor Reserved" },
+ ArrayType ( "Indexed" ),
+ ModelCorrespondence { "CIM_CredentialContext.Usage",
+ "CIM_CertificateManagementService.ImportEncodedCertificates.NewCertificates" }]
+ uint16 Usage[],
+ [IN ( false ), OUT, Description (
+ "Contains a reference to the ConcreteJob created to "
+ "track the execution initiated by the method "
+ "invocation. If the method returns 4096 - job "
+ "started, then the parameter shall not have NULL "
+ "value." )]
+ CIM_ConcreteJob REF Job,
+ [Required, IN ( false ), OUT, Description (
+ "Reference to the newly created instance of "
+ "CIM_X509Certificate representing the imported "
+ "certificate or certificate chain." ),
+ ArrayType ( "Indexed" ),
+ ModelCorrespondence {
+ "CIM_CertificateManagementService.ImportEncodedCertificates.Usage" }]
+ CIM_X509Certificate REF NewCertificates[]);
+
+ [Description (
+ "This method is called to import a certificate or a "
+ "certificate chain using an array of embedded instance of "
+ "CIM_X509Certificate. Upon successful execution the array "
+ "of references to the instance(s) of CIM_X509Certificate "
+ "representing the imported certificate or certificate "
+ "chain shall be returned by the NewCertificates output "
+ "parameter. If the Keystore parameter is not NULL, the "
+ "newly created instance(s) of CIM_X509Certificate shall "
+ "be associated to the instance of the CIM_Keystore "
+ "referenced in the Keystore parameter. If the "
+ "CredentialContext parameter is not NULL, the newly "
+ "created instance(s) of the CIM_X509Certificate shall be "
+ "associated to the insatnces of CIM_ManagedElement "
+ "referenced in the CredentialContext property through the "
+ "CIM_CredentialContext association.If the "
+ "CredentialContext parameter is NULL, the newly created "
+ "instance(s) of the CIM_X509Certificate shall not be "
+ "associated to the insatnces of CIM_ManagedElement "
+ "through the CIM_CredentialContext association." ),
+ ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
+ "4097..32767", "32768..65535" },
+ Values { "Completed with No Error", "Not Supported",
+ "Error Occured", "Busy", "Invalid Reference",
+ "Invalid Parameter", "Access Denied", "DMTF Reserved",
+ "Job Started", "Method Reserved", "Vendor Specified" }]
+ uint32 ImportCertificates(
+ [Required, IN, Description (
+ "An array of embedded instance(s) of "
+ "CIM_X509Certificate that contains the necessary "
+ "information to import a certificate or a "
+ "certificate chain." ),
+ EmbeddedInstance ( "CIM_X509Certificate" )]
+ string InputCertificates[],
+ [IN, Description (
+ "The Keystore parameter denotes the reference to "
+ "the instance of CIM_Keystore that represents the "
+ "key store where the new certificate or certificate "
+ "chain will be added." )]
+ CIM_Keystore REF Keystore,
+ [IN, Description (
+ "The managed element that represents the user or "
+ "owner or the scoping element of the "
+ "certificate(s). Such managed element could be the "
+ "web service that owns the certificate(s) or uses "
+ "it for verification or account that the "
+ "certificate is scoped to." )]
+ CIM_ManagedElement REF CredentialContext,
+ [IN, Description (
+ "The usage of the certificate by the managed "
+ "element that the certificate is for or is scoped "
+ "to. If a certificate chain is imported, the "
+ "sequence of elements in the Usage array shall "
+ "correspond to the sequence of the certificates in "
+ "the InputCertificates array parameter." ),
+ ValueMap { "2", "3", "4", "6", "7", "8", "..",
+ "32768..65535" },
+ Values { "Owned", "Trusted",
+ "Trusted for Authentication",
+ "Trusted for Authorization",
+ "Trusted for Authentication/Authorization",
+ "Trusted for Third-Party Authentication/Authorization",
+ "DMTF Reserved", "Vendor Reserved" },
+ ArrayType ( "Indexed" ),
+ ModelCorrespondence { "CIM_CredentialContext.Usage",
+ "CIM_CertificateManagementService.ImportCertificates.InputCertificates",
+ "CIM_CertificateManagementService.ImportCertificates.Usage" }]
+ uint16 Usage[],
+ [IN ( false ), OUT, Description (
+ "Contains a reference to the ConcreteJob created to "
+ "track the execution initiated by the method "
+ "invocation. If the method returns 4096 - job "
+ "started, then the parameter shall not have NULL "
+ "value." )]
+ CIM_ConcreteJob REF Job,
+ [Required, IN ( false ), OUT, Description (
+ "Reference to the newly created instance of "
+ "CIM_X509Certificate representing the imported "
+ "certificate or certificate chain." )]
+ CIM_X509Certificate REF NewCertificates[]);
+
+ [Description (
+ "This method is called to export a certificate or a "
+ "certificate chain using the certificate\'s encoded "
+ "representation. Upon successful execution the array of "
+ "unsigned integers representing octet string of the "
+ "exported certificate or certificate chain shall be "
+ "returned inside the EncodedCertificates output parameter "
+ "based on the encoding specified in the EncodingFormat "
+ "parameter." ),
+ ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
+ "4097..32767", "32768..65535" },
+ Values { "Completed with No Error", "Not Supported",
+ "Error Occured", "Busy", "Invalid Reference",
+ "Invalid Parameter", "Access Denied", "DMTF Reserved",
+ "Job Started", "Method Reserved", "Vendor Specified" }]
+ uint32 ExportEncodedCertificates(
+ [Required, IN, Description (
+ "Reference to the instance(s) of "
+ "CIM_SignedCredential representing the certificate "
+ "or certificate chain to be exported." )]
+ CIM_X509Certificate REF CertificatesToExport[],
+ [Required, IN, Description (
+ "The Format parameter specifies the format of the "
+ "octet string EncodedCertificates parameter." ),
+ ValueMap { "2", "3", "4", "5", "..", "32768..65535" },
+ Values { "DER", "Base64", "PKCS7", "PKCS12",
+ "DMTF Reserved", "Vendor Reserved" }]
+ uint16 Format,
+ [IN ( false ), OUT, Description (
+ "Contains a reference to the ConcreteJob created to "
+ "track the execution initiated by the method "
+ "invocation. If the method returns 4096 - job "
+ "started, then the parameter shall not have NULL "
+ "value." )]
+ CIM_ConcreteJob REF Job,
+ [Required, IN ( false ), OUT, Description (
+ "An array of strings representing octet string of "
+ "an exported encoded certificate or certificate "
+ "chain. Only the first element of the array "
+ "property shall be populated, even if a certificate "
+ "chain is exported." ),
+ OctetString]
+ string EncodedCertificates[]);
+
+ [Description (
+ "This method is called to apply Certificate Revocation "
+ "List (CRL) using an encoded format. Upon successful "
+ "execution the references to the instance(s) of "
+ "CIM_X509CRL representing the applied CRL shall be "
+ "returned inside the AppliedCRL output parameter. If the "
+ "Keystore parameter is not NULL, the newly created "
+ "instance(s) of CIM_X509CRL shall be associated to the "
+ "instance of the CIM_Keystore referenced in the Keystore "
+ "parameter. The newly created instance(s) of the "
+ "CIM_X509CRL shall be associated to the insatnces of "
+ "CIM_ManagedElement referenced in the CredentialContext "
+ "property through the CIM_CredentialContext association." ),
+ ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
+ "4097..32767", "32768..65535" },
+ Values { "Completed with No Error", "Not Supported",
+ "Error Occured", "Busy", "Invalid Reference",
+ "Invalid Parameter", "Access Denied", "DMTF Reserved",
+ "Job Started", "Method Reserved", "Vendor Specified" }]
+ uint32 ApplyCRL(
+ [Required, IN, Description (
+ "An array of unsigned integers representing octet "
+ "string of an encoded CRL to be applied. Only the "
+ "first element of the array property shall be "
+ "populated." ),
+ OctetString]
+ string EncodedCRL[],
+ [Required, IN, Description (
+ "The Format shall specify the format for the "
+ "encoding that is used by octet string EncodedCRL "
+ "parameter." ),
+ ValueMap { "2", "3", "4", "5", "..", "32768..65535" },
+ Values { "DER", "PEM", "PKCS7", "PKCS12",
+ "DMTF Reserved", "Vendor Reserved" }]
+ uint16 Format,
+ [IN, Description (
+ "The Keystore parameter denotes the reference to "
+ "the instance of CIM_Keystore that represents the "
+ "key store where the CRL will be applied." )]
+ CIM_Keystore REF Keystore,
+ [Required, IN, Description (
+ "The managed element that represents the service or "
+ "the managed element for which the certificates "
+ "were revoked by the application of the CRL." )]
+ CIM_ManagedElement REF CredentialContext,
+ [IN ( false ), OUT, Description (
+ "Contains a reference to the ConcreteJob created to "
+ "track the execution initiated by the method "
+ "invocation. If the method returns 4096 - job "
+ "started, then the parameter shall not have NULL "
+ "value." )]
+ CIM_ConcreteJob REF Job,
+ [Required, IN ( false ), OUT, Description (
+ "Reference to the newly created instance of "
+ "CIM_X509CRL representing the applied CRL." )]
+ CIM_X509CRL REF AppliedCRL);
+
+ [Description (
+ "This method is called to apply Certificate Revocation "
+ "List (CRL) using the decoded format. Upon successful "
+ "execution the references to the instance(s) of "
+ "CIM_X509CRL representing the applied CRL shall be "
+ "returned inside the AppliedCRL output parameter. If the "
+ "Keystore parameter is not NULL, the newly created "
+ "instance(s) of CIM_X509CRL shall be associated to the "
+ "instance of the CIM_Keystore referenced in the Keystore "
+ "parameter. The newly created instance(s) of the "
+ "CIM_X509CRL shall be associated to the insatnces of "
+ "CIM_ManagedElement referenced in the CredentialContext "
+ "property through the CIM_CredentialContext association." ),
+ ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
+ "4097..32767", "32768..65535" },
+ Values { "Completed with No Error", "Not Supported",
+ "Error Occured", "Busy", "Invalid Reference",
+ "Invalid Parameter", "Access Denied", "DMTF Reserved",
+ "Job Started", "Method Reserved", "Vendor Specified" }]
+ uint32 ApplyDecodedCRL(
+ [Required, IN, Description (
+ "Issuer represents the information about the issuer "
+ "of the CRL. The Issuer property shall contain "
+ "information as required by section 4.1.2.4 of RFC "
+ "3280 and shall be formatted based on RFC 4514. An "
+ "example of the value of the Subject parameter "
+ "could be \"CN=Marshall T. Rose, O=Dover Beach "
+ "Consulting, OU=Sales, L=Santa Clara, "
+ "ST=California, C=US\"." ),
+ DN]
+ string Issuer,
+ [Required, IN, Description (
+ "An array of serial numbers of X.509 certificates "
+ "that are part of CRL." ),
+ OctetString]
+ string SerialNumbers[],
+ [IN, Description (
+ "The Keystore parameter denotes the reference to "
+ "the instance of CIM_Keystore that represents the "
+ "key store where the CRL will be applied." )]
+ CIM_Keystore REF Keystore,
+ [Required, IN, Description (
+ "The managed element that represents the service or "
+ "the managed element for which the certificates "
+ "were revoked by the application of the CRL." )]
+ CIM_ManagedElement REF CredentialContext,
+ [IN ( false ), OUT, Description (
+ "Contains a reference to the ConcreteJob created to "
+ "track the execution initiated by the method "
+ "invocation. If the method returns 4096 - job "
+ "started, then the parameter shall not have NULL "
+ "value." )]
+ CIM_ConcreteJob REF Job,
+ [Required, IN ( false ), OUT, Description (
+ "Reference to the newly created instance of "
+ "CIM_X509CRL representing the applied CRL." )]
+ CIM_X509CRL REF AppliedCRL);
+
+};