summaryrefslogtreecommitdiffstats
path: root/Schemas/CIM236/DMTF/User/CIM_X509Certificate.mof
diff options
context:
space:
mode:
Diffstat (limited to 'Schemas/CIM236/DMTF/User/CIM_X509Certificate.mof')
-rw-r--r--Schemas/CIM236/DMTF/User/CIM_X509Certificate.mof163
1 files changed, 163 insertions, 0 deletions
diff --git a/Schemas/CIM236/DMTF/User/CIM_X509Certificate.mof b/Schemas/CIM236/DMTF/User/CIM_X509Certificate.mof
new file mode 100644
index 0000000..6043fd3
--- /dev/null
+++ b/Schemas/CIM236/DMTF/User/CIM_X509Certificate.mof
@@ -0,0 +1,163 @@
+// Copyright (c) 2011 DMTF. All rights reserved.
+ [Version ( "2.29.0" ),
+ ClassConstraint {
+ "/* The constraints below aim to efficiently */ /* represent a singular OctetString. Each of the properties*/ /* is a single encoded stringthus only the first element */ /* needs to be populated. */ inv:self.PublicKey->size()<=1 and self.SerialNumber->size()<=1 and self.EncodedCertificate->size()<=1" },
+ UMLPackagePath ( "CIM::User::PublicKey" ),
+ Description (
+ "CIM_X509Certificate describes Internet X509 Public Key "
+ "Infrastructure (PKI) standard based certificates. The "
+ "certificates are signed by a trusted Certificate Authority "
+ "(CA) or by the owner of the certificate and issued to an "
+ "authenticated entity (e.g., human user, service, etc.) called "
+ "the Subject in the certificate. The public key in the "
+ "certificate is cryptographically related to a private key that "
+ "is held and kept private by the authenticated Subject. The "
+ "certificate and its related private key can then be used for "
+ "establishing trust relationships and securing communications "
+ "with the Subject. Refer to the Internet X.509 PKI standard "
+ "(RFC 3280) for more information." )]
+class CIM_X509Certificate : CIM_X509Infrastructure {
+
+ [Description (
+ "Distinguished name identifying the subject of the "
+ "certificate.Subject shall contain information as "
+ "required by section 4.1.2.6 of RFC 3280 and shall be "
+ "formatted based on RFC 4514." ),
+ DN, MappingStrings { "RFC3280.IETF|Section 4.1.2.6" }]
+ string Subject;
+
+ [Description (
+ "Alternate subject identifier for the Certificate." ),
+ MappingStrings { "RFC3280.IETF|Section 4.2.1.7" }]
+ string AltSubject;
+
+ [Description (
+ "The DER-encoded raw public key that belongs to the "
+ "subject the certificate vouches for.Only the first "
+ "element of PublicKey array property shall be populated "
+ "with DER encoded raw public key octet string." ),
+ OctetString, MappingStrings { "RFC3280.IETF|Section 4.1.2.7" }]
+ string PublicKey[];
+
+ [Description (
+ "The length of the public key represented in the "
+ "PublicKey property." ),
+ MappingStrings { "RFC3280.IETF|Section 4.1.2.7" }]
+ uint16 PublicKeySize;
+
+ [Description (
+ "IsValid represents whether the certificate is currently "
+ "valid. When the certificate is revoked or expired or put "
+ "on hold or invalidated for any reason IsValid shall be "
+ "set to FALSE." )]
+ boolean IsValid;
+
+ [Description (
+ "Unique number that identifies this certificate.Only the "
+ "first element of the array property shall be populated." ),
+ OctetString, MappingStrings { "RFC3280.IETF|Section 4.1.2.2" }]
+ string SerialNumber[];
+
+ [Description ( "Public key algorithm." ),
+ ValueMap { "0", "2", "3", "4", "5..32767", "32768..65535" },
+ Values { "Unknown", "RSA", "DSA", "ECDSA", "DMTF Reserved",
+ "Vendor Specified" },
+ MappingStrings { "RFC3280.IETF|Section 4.1.2.7" }]
+ uint16 PublicKeyAlgorithm;
+
+ [Description (
+ "Key usage defines the purpose of the key. Key usage "
+ "could include digital signing, key agreement, "
+ "certificate signing, and more. The key usage is an "
+ "extension to the X.509 specification." ),
+ ValueMap { "0", "2", "3", "4", "5", "6", "7", "8..32767",
+ "32768..65535" },
+ Values { "Unknown", "Digital Signature", "Non Repudiation",
+ "Key Encipherment", "Data Encipherment", "Key Agreement",
+ "Key Certificate Signature", "DMTF Reserved",
+ "Vendor Specified" },
+ MappingStrings { "RFC3280.IETF|Section 4.2.1.3" }]
+ uint16 KeyUsage[];
+
+ [Description (
+ "This extension indicates one or more purposes for which "
+ "the certified public key may be used, in addition to or "
+ "in place of the basic purposes indicated in the key "
+ "usage extension." ),
+ MappingStrings { "RFC3280.IETF|Section 4.2.1.13" }]
+ string ExtendedKeyUsage[];
+
+ [Description (
+ "An X.509 certificate may contain an optional extension "
+ "that identifies whether the subject of the certificate "
+ "is a certificate authority (CA). If the subject is a CA, "
+ "this property defines the number of certificates that "
+ "may follow this certificate in a certification chain." ),
+ MappingStrings { "RFC3280.IETF|Section 4.2.1.10" }]
+ uint16 PathLengthConstraint;
+
+ [Description (
+ "The full content of the certificate in binary form.Only "
+ "the first element of the array property shall be "
+ "populated." ),
+ OctetString, MappingStrings { "RFC3280.IETF|Section 4" }]
+ string EncodedCertificate[];
+
+ [Description (
+ "Extension identifier array for additional attributes "
+ "associated with the certificate. The corresponding array "
+ "element in the IsCritical property denotes whether the "
+ "extension is critical. The corresponding array element "
+ "in the ExtensionValue property contains the value of the "
+ "extension attribute." ),
+ ArrayType ( "Indexed" ),
+ MappingStrings { "RFC3280.IETF|Section 4.1.2.9",
+ "RFC3280.IETF|Section 4.2" },
+ ModelCorrespondence { "CIM_X509Certificate.IsCritical",
+ "CIM_X509Certificate.ExtensionValue" }]
+ string ExtensionID[];
+
+ [Description (
+ "Certificate extension attribute value array. The "
+ "corresponding array element in the ExtensionID property "
+ "contains the identifier of the certificate extension "
+ "attribute. The corresponding array element in the "
+ "IsCritical property denotes whether the extension is "
+ "critical." ),
+ ArrayType ( "Indexed" ),
+ MappingStrings { "RFC3280.IETF|Section 4.1.2.9",
+ "RFC3280.IETF|Section 4.2" },
+ ModelCorrespondence { "CIM_X509Certificate.IsCritical",
+ "CIM_X509Certificate.ExtensionID" }]
+ string ExtensionValue[];
+
+ [Description (
+ "TRUE value represents that the extension attribute is "
+ "critical. The corresponding array element in the "
+ "ExtensionID property contains the identifier of the "
+ "extension attribute. The corresponding array element in "
+ "the ExtensionValue property contains the value of the "
+ "extension attribute." ),
+ ArrayType ( "Indexed" ),
+ MappingStrings { "RFC3280.IETF|Section 4.1.2.9",
+ "RFC3280.IETF|Section 4.2" },
+ ModelCorrespondence { "CIM_X509Certificate.ExtensionID",
+ "CIM_X509Certificate.ExtensionValue" }]
+ boolean IsCritical[];
+
+ [Description (
+ "String that identifies the issuer of the certificate." ),
+ MappingStrings { "RFC3280.IETF|Section 4.1.2.8" }]
+ string IssuerUniqueID;
+
+ [Description ( "Certificate\'s unique subject identifier." ),
+ MappingStrings { "RFC3280.IETF|Section 4.1.2.8" }]
+ string SubjectUniqueID;
+
+ [Description (
+ "TRUE value represents that the certificate is a trusted "
+ "root certificate." )]
+ boolean TrustedRootCertificate;
+
+
+};