1 marek 1.1 // Copyright (c) 2011 DMTF. All rights reserved.
2 [Version ( "2.29.0" ),
3 ClassConstraint {
4 "/* The constraints below aim to efficiently */ /* represent a singular OctetString. Each of the properties*/ /* is a single encoded string, thus only the first element */ /* needs to be populated. */ inv:self.CreateCertificateSigningRequest.Subject->size()<=1 and self.CreateCertificateSigningRequest.AltSubject->size()<=1 and self.CreateCertificateSigningRequest.CSR->size()=1 and self.CreateSelfSignedCertificate.Subject->size()<=1 and self.CreateSelfSignedCertificate.AltSubject->size()<=1 and self.ImportEncodedCertificates.EncodedCertificates->size()=1 and self.ApplyCRL.EncodedCRL->size()=1 and self.ExportEncodedCertificates.EncodedCertificates->size()=1" },
5 UMLPackagePath ( "CIM::User::SecurityServices" ),
6 Description (
7 "CIM_CertificateManagementService is used for managing X509 "
8 "based certificates." )]
9 class CIM_CertificateManagementService : CIM_KeyBasedCredentialManagementService {
10
11
12 [Description (
13 "This method is called to request a Certificate Signing "
14 "Request (CSR) based on the Distinguished Name provided "
15 "through Subject parameter. The CSR utilizes PKCS#10 "
16 "structure as defined in RFC2986. If either Subject "
17 "parameter or AltSubject parameter are NULL, the method "
18 "shall return 2 (Error Occured). If the "
19 "PublicPrivateKeyPair parameter is NULL, then 1) "
20 "PublicKeyAlgorithm shall specify the algorithm to be "
21 "used for the public key, 2) the PublicKeySize shall "
22 marek 1.1 "specify the length for the public key in bits. If the "
23 "PublicPrivateKeyPair parameter is NOT NULL then the "
24 "following requirements shall apply: 1) the "
25 "PublicKeyAlgorithm shall be NULL, 2) the PublicKeySize "
26 "shall be NULL, 3) the PublicPrivateKeyPair shall "
27 "reference an instance of CIM_UnsignedCredential "
28 "representing the public/ private key pair to be used for "
29 "the CSR. The OutputFormat parameter shall specify the "
30 "output format of the CSR. If the OutputFormat parameter "
31 "has a value that is not equal to any values in the "
32 "OutputFormatsSupported property on the associated "
33 "CIM_CertificateManagementCapabilities instance, then the "
34 "method shall return 2 (Error Occured). Upon the "
35 "successful execution, the CSR output parameter shall "
36 "contain the CSR in PKCS#10 structure." ),
37 ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
38 "4097..32767", "32768..65535" },
39 Values { "Completed with No Error", "Not Supported",
40 "Error Occured", "Busy", "Invalid Reference",
41 "Invalid Parameter", "Access Denied", "DMTF Reserved",
42 "Job Started", "Method Reserved", "Vendor Specified" }]
43 marek 1.1 uint32 CreateCertificateSigningRequest(
44 [IN, Description (
45 "Subject shall contain information as required by "
46 "section 4.1.2.6 of RFC 3280 and shall be formatted "
47 "based on RFC 4514. An example of the value of the "
48 "Subject parameter could be \"CN=Marshall T. Rose, "
49 "O=Dover Beach Consulting, L=Santa Clara, "
50 "ST=California, C=US\"." ),
51 DN]
52 string Subject,
53 [IN, Description (
54 "Alternate subject identifier for the Certificate "
55 "as specified by section 4.2.1.8 of RFC 3280." )]
56 string AltSubject,
57 [IN, Description (
58 "The PublicKeyAlgorithm specifies the algorithm to "
59 "be used for the public key." ),
60 ValueMap { "2", "3", "4", "..", "32768..65535" },
61 Values { "RSA", "DSA", "ECDSA", "DMTF Reserved",
62 "Vendor Reserved" }]
63 uint16 PublicKeyAlgorithm,
64 marek 1.1 [IN, Description (
65 "The PublicKeySize shall specify the length for the "
66 "public key in bits." ),
67 PUNIT ( "bit" )]
68 uint16 PublicKeySize,
69 [IN, Description (
70 "The PublicPrivateKeyPair parameter specifies a "
71 "reference to an instance of CIM_UnsignedCredential "
72 "which represents a public private key pair to be "
73 "utilized by the CSR.The CIM_UnsignedCredential "
74 "instance PublicKey and PublicKeyEncoding "
75 "properties shall not be NULL." )]
76 CIM_UnsignedCredential REF PublicPrivateKeyPair,
77 [In, Description (
78 "The ExtendedKeyUsageValue indicates one or more "
79 "purposes for which the certified public key may be "
80 "used in the type specified by the "
81 "ExtendedKeyUsageType parameter." ),
82 ArrayType ( "Indexed" ),
83 ModelCorrespondence {
84 "CIM_CertificateManagementService.CreateCertificateSigningRequest.ExtendedKeyUsageType" }]
85 marek 1.1 string ExtendedKeyUsageValue[],
86 [In, Description (
87 "Describes the type for ExtendedKeyUsageValue based "
88 "on the ASN.1 GeneralName types." ),
89 ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9",
90 "..", "32768..65535" },
91 Values { "other", "rfc822Name", "dNSName",
92 "x400Address", "directoryName", "ediPartyName",
93 "uniformResourceIdentifier", "iPAddress",
94 "registeredID", "DMTF Reserved", "Vendor Reserved" },
95 ArrayType ( "Indexed" ),
96 ModelCorrespondence {
97 "CIM_CertificateManagementService.CreateCertificateSigningRequest.ExtendedKeyUsageValue" }]
98 uint16 ExtendedKeyUsageType[],
99 [In, Description (
100 "The SignatureAlgorithm parameter defines the "
101 "signature algorithm used to sign the "
102 "CertificateRequestInfo as part of the CSR as "
103 "defined in RFC 2986. This parameter covers the "
104 "algorithms specified in the RFC3279." ),
105 ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9",
106 marek 1.1 "10", "11", "12", "13", "14", "15", "16", "17",
107 "18", "19", "20..32767", "32768..65535" },
108 Values { "Other", "SHA1withDSA", "SHA1withECDSA",
109 "SHA224withECDSA", "SHA256withECDSA",
110 "SHA384withECDSA", "SHA512withECDSA",
111 "GOST3411withGOST3410", "GOST3411withECGOST3410",
112 "MD2withRSA", "MD5withRSA", "SHA1withRSA",
113 "SHA224withRSA", "SHA256withRSA", "SHA384withRSA",
114 "SHA512withRSA", "RIPEMD160withRSA",
115 "RIPEMD128withRSA", "RIPEMD256withRSA",
116 "DMTF Reserved", "Vendor Reserved" }]
117 uint16 SignatureAlgorithm,
118 [Required, IN, Description (
119 "The OutputFormat property represents the requested "
120 "format of the Certificate Signing Request." ),
121 ValueMap { "2", "3", "..", "32768..65535" },
122 Values { "PEM", "DER", "DMTF Reserved",
123 "Vendor Reserved" }]
124 uint16 OutputFormat,
125 [IN ( false ), OUT, Description (
126 "Contains a reference to the ConcreteJob created to "
127 marek 1.1 "track the execution initiated by the method "
128 "invocation. If the method returns 4096 - job "
129 "started, then the parameter shall not have NULL "
130 "value." )]
131 CIM_ConcreteJob REF Job,
132 [Required, IN ( false ), OUT, Description (
133 "The CSR parameter is an output parameter that upon "
134 "successful exection of this method will contain "
135 "the formated Certificate Signing Request.Only the "
136 "first element of the array property shall be "
137 "populated." ),
138 OctetString]
139 string CSR[]);
140
141 [Description (
142 "This method is called to generate to generate a "
143 "self-signed certificate. If either Subject parameter or "
144 "AltSubject parameter are NULL, the method shall return 2 "
145 "(Error Occured). If the PublicPrivateKeyPair parameter "
146 "is NULL, the following numbered requirements shall "
147 "apply: 1) the PublicKeyAlgorithm shall be non-NULL and "
148 marek 1.1 "specify the algorithm to be used for the public key, 3) "
149 "the PublicKeySize shall be non-NULL and specify the "
150 "length for the public key in bits. If the "
151 "PublicPrivateKeyPair parameter is not NULL, the "
152 "following numbered requirements shall apply: 1) the "
153 "PublicKeyAlgorithm shall be NULL, 2) the PublicKeySize "
154 "shall be NULL, 3) the PublicPrivateKeyPair shall "
155 "reference an instance of CIM_UnsignedCredential "
156 "representing the public/ private key pair to be used for "
157 "the self signed certificate. Upon successful execution "
158 "the reference to the newly created instance of "
159 "CIM_X509Certificate shall be returned in the "
160 "NewCertificate parameter which represents the "
161 "self-signed certificate with the public/private key pair "
162 "of the size specified by the KeySize parameter. If the "
163 "Keystore parameter is not NULL, this instance shall be "
164 "associated to the instance of CIM_Keystore referenced by "
165 "the Keystore parameter through CIM_MemberOfCollection "
166 "association. If the CredentialContext parameter is not "
167 "NULL, the newly created instance shall be associated "
168 "with the instance of CIM_ManagedElement referenced by "
169 marek 1.1 "the CredentialContext parameter through "
170 "CIM_CredentialContext association. If the "
171 "CredentialContext parameter is NULL, the newly created "
172 "instance shall not be associated with the instance of "
173 "CIM_ManagedElement through CIM_CredentialContext "
174 "association." ),
175 ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
176 "4097..32767", "32768..65535" },
177 Values { "Completed with No Error", "Not Supported",
178 "Error Occured", "Busy", "Invalid Reference",
179 "Invalid Parameter", "Access Denied", "DMTF Reserved",
180 "Job Started", "Method Reserved", "Vendor Specified" }]
181 uint32 CreateSelfSignedCertificate(
182 [IN, Description (
183 "Subject shall contain the information as required "
184 "by section 4.1.2.6 of RFC 3280 and shall be "
185 "formatted based on RFC 4514. An example of the "
186 "value of the Subject parameter could be "
187 "\"CN=Marshall T. Rose, O=Dover Beach Consulting, "
188 "OU=Sales, L=Santa Clara, ST=California, C=US\"." ),
189 DN]
190 marek 1.1 string Subject,
191 [IN, Description (
192 "Alternate subject identifier for the Certificate "
193 "as specified by section 4.2.1.8 of RFC 3280." )]
194 string AltSubject,
195 [IN, Description (
196 "The PublicKeyAlgorithm specifies the algorithm to "
197 "be used for the public key." ),
198 ValueMap { "2", "3", "4", "..", "32768..65535" },
199 Values { "RSA", "DSA", "ECDSA", "DMTF Reserved",
200 "Vendor Reserved" }]
201 uint16 PublicKeyAlgorithm,
202 [IN, Description (
203 "The PublicKeySize shall specify the length for the "
204 "public key in bits. The value shall be of power of "
205 "2." ),
206 PUNIT ( "bit" )]
207 uint16 PublicKeySize,
208 [IN, Description (
209 "The PublicPrivateKeyPair parameter specifies a "
210 "reference to an instance of CIM_UnsignedCredential "
211 marek 1.1 "which represents a public private key pair to be "
212 "utilized by the newly created selef signed "
213 "certificate. The PublicKey and "
214 "PublicKeyEncodingproperties of the instance of "
215 "CIM_UnsignedCredentialshall be Non-NULL." )]
216 CIM_UnsignedCredential REF PublicPrivateKeyPair,
217 [IN, Description (
218 "The Keystore parameter denotes the reference to "
219 "the instance of CIM_Keystore that represents the "
220 "key store where the new certificate will be added." )]
221 CIM_Keystore REF Keystore,
222 [IN, Description (
223 "The managed element that represents the user or "
224 "owner or the scoping element of the certificate. "
225 "Such managed element could be the web service that "
226 "owns the certificate or uses it for verification "
227 "or account that the certificate is scoped to." )]
228 CIM_ManagedElement REF CredentialContext,
229 [IN, Description (
230 "The usage of the certificate by the managed "
231 "element that the certificate is for or is scoped "
232 marek 1.1 "to." ),
233 ValueMap { "2", "3", "4", "6", "7", "8", "..",
234 "32768..65535" },
235 Values { "Owned", "Trusted",
236 "Trusted for Authentication",
237 "Trusted for Authorization",
238 "Trusted for Authentication/Authorization",
239 "Trusted for Third-Party Authentication/Authorization",
240 "DMTF Reserved", "Vendor Reserved" },
241 ModelCorrespondence { "CIM_CredentialContext.Usage" }]
242 uint16 Usage,
243 [In, Description (
244 "The SignatureAlgorithm parameter defines the "
245 "signature algorithm used to sign the "
246 "TBSCertificate as defined in RFC 3280. This "
247 "parameter covers the algorithms specified in the "
248 "RFC3279." ),
249 ValueMap { "1", "2", "3", "4", "5", "6", "7", "8", "9",
250 "10", "11", "12", "13", "14", "15", "16", "17",
251 "18", "19", "20..32767", "32768..65535" },
252 Values { "Other", "SHA1withDSA", "SHA1withECDSA",
253 marek 1.1 "SHA224withECDSA", "SHA256withECDSA",
254 "SHA384withECDSA", "SHA512withECDSA",
255 "GOST3411withGOST3410", "GOST3411withECGOST3410",
256 "MD2withRSA", "MD5withRSA", "SHA1withRSA",
257 "SHA224withRSA", "SHA256withRSA", "SHA384withRSA",
258 "SHA512withRSA", "RIPEMD160withRSA",
259 "RIPEMD128withRSA", "RIPEMD256withRSA",
260 "DMTF Reserved", "Vendor Reserved" }]
261 uint16 SignatureAlgorithm,
262 [IN ( false ), OUT, Description (
263 "Contains a reference to the ConcreteJob created to "
264 "track the execution initiated by the method "
265 "invocation. If the method returns 4096 - job "
266 "started, then the parameter shall not have NULL "
267 "value." )]
268 CIM_ConcreteJob REF Job,
269 [IN ( false ), OUT, Description (
270 "Reference to the newly created instance of "
271 "CIM_X509Certificate representing the self signed "
272 "certificate." )]
273 CIM_X509Certificate REF SelfSignedCertificate);
274 marek 1.1
275 [Description (
276 "This method is called to import a certificate or a "
277 "certificate chain using the certificate\'s encoded "
278 "representation. Upon successful execution the array of "
279 "references to the instance(s) of CIM_X509Certificate "
280 "representing the imported certificate or certificate "
281 "chain shall be returned inside the NewCertificates "
282 "output parameter. If the Keystore parameter is not NULL, "
283 "the newly created instance(s) of CIM_X509Certificate "
284 "shall be associated to the instance of the CIM_Keystore "
285 "referenced in the Keystore parameter. If the "
286 "CredentialContext parameter is not NULL, the newly "
287 "created instance(s) of the CIM_X509Certificate shall be "
288 "associated to the insatnces of CIM_ManagedElement "
289 "referenced in the CredentialContext property through the "
290 "CIM_CredentialContext association. If the "
291 "CredentialContext parameter is NULL, the newly created "
292 "instance(s) of the CIM_X509Certificate shall not be "
293 "associated to the insatnces of CIM_ManagedElement "
294 "through the CIM_CredentialContext association." ),
295 marek 1.1 ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
296 "4097..32767", "32768..65535" },
297 Values { "Completed with No Error", "Not Supported",
298 "Error Occured", "Busy", "Invalid Reference",
299 "Invalid Parameter", "Access Denied", "DMTF Reserved",
300 "Job Started", "Method Reserved", "Vendor Specified" }]
301 uint32 ImportEncodedCertificates(
302 [Required, IN, Description (
303 "An array of strings representing octet string of "
304 "an encoded certificate or certificate chain to be "
305 "imported. Only the first element of the array "
306 "property shall be populated, even if a certificate "
307 "chain is imported." ),
308 OctetString]
309 string EncodedCertificates[],
310 [Required, IN, Description (
311 "The Format shall specify the format for the "
312 "encoding that is used by octet string "
313 "EncodedCertificates parameter." ),
314 ValueMap { "2", "3", "4", "5", "..", "32768..65535" },
315 Values { "DER", "PEM", "PKCS7", "PKCS12",
316 marek 1.1 "DMTF Reserved", "Vendor Reserved" }]
317 uint16 Format,
318 [IN, Description (
319 "The Keystore parameter denotes the reference to "
320 "the instance of CIM_Keystore that represents the "
321 "key store where the new certificate or certificate "
322 "chain will be added." )]
323 CIM_Keystore REF Keystore,
324 [IN, Description (
325 "The managed element that represents the user or "
326 "owner or the scoping element of the "
327 "certificate(s). Such managed element could be the "
328 "web service that owns the certificate(s) or uses "
329 "it for verification or account that the "
330 "certificate is scoped to." )]
331 CIM_ManagedElement REF CredentialContext,
332 [IN, Description (
333 "The usage of the certificate by the managed "
334 "element that the certificate is for or is scoped "
335 "to. If a certificate chain is imported, the "
336 "sequence of elements in the Usage array shall "
337 marek 1.1 "correspond to the sequence of the certificates in "
338 "the EncodedCertificates octet string parameter." ),
339 ValueMap { "2", "3", "4", "6", "7", "8", "..",
340 "32768..65535" },
341 Values { "Owned", "Trusted",
342 "Trusted for Authentication",
343 "Trusted for Authorization",
344 "Trusted for Authentication/Authorization",
345 "Trusted for Third-Party Authentication/Authorization",
346 "DMTF Reserved", "Vendor Reserved" },
347 ArrayType ( "Indexed" ),
348 ModelCorrespondence { "CIM_CredentialContext.Usage",
349 "CIM_CertificateManagementService.ImportEncodedCertificates.NewCertificates" }]
350 uint16 Usage[],
351 [IN ( false ), OUT, Description (
352 "Contains a reference to the ConcreteJob created to "
353 "track the execution initiated by the method "
354 "invocation. If the method returns 4096 - job "
355 "started, then the parameter shall not have NULL "
356 "value." )]
357 CIM_ConcreteJob REF Job,
358 marek 1.1 [Required, IN ( false ), OUT, Description (
359 "Reference to the newly created instance of "
360 "CIM_X509Certificate representing the imported "
361 "certificate or certificate chain." ),
362 ArrayType ( "Indexed" ),
363 ModelCorrespondence {
364 "CIM_CertificateManagementService.ImportEncodedCertificates.Usage" }]
365 CIM_X509Certificate REF NewCertificates[]);
366
367 [Description (
368 "This method is called to import a certificate or a "
369 "certificate chain using an array of embedded instance of "
370 "CIM_X509Certificate. Upon successful execution the array "
371 "of references to the instance(s) of CIM_X509Certificate "
372 "representing the imported certificate or certificate "
373 "chain shall be returned by the NewCertificates output "
374 "parameter. If the Keystore parameter is not NULL, the "
375 "newly created instance(s) of CIM_X509Certificate shall "
376 "be associated to the instance of the CIM_Keystore "
377 "referenced in the Keystore parameter. If the "
378 "CredentialContext parameter is not NULL, the newly "
379 marek 1.1 "created instance(s) of the CIM_X509Certificate shall be "
380 "associated to the insatnces of CIM_ManagedElement "
381 "referenced in the CredentialContext property through the "
382 "CIM_CredentialContext association.If the "
383 "CredentialContext parameter is NULL, the newly created "
384 "instance(s) of the CIM_X509Certificate shall not be "
385 "associated to the insatnces of CIM_ManagedElement "
386 "through the CIM_CredentialContext association." ),
387 ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
388 "4097..32767", "32768..65535" },
389 Values { "Completed with No Error", "Not Supported",
390 "Error Occured", "Busy", "Invalid Reference",
391 "Invalid Parameter", "Access Denied", "DMTF Reserved",
392 "Job Started", "Method Reserved", "Vendor Specified" }]
393 uint32 ImportCertificates(
394 [Required, IN, Description (
395 "An array of embedded instance(s) of "
396 "CIM_X509Certificate that contains the necessary "
397 "information to import a certificate or a "
398 "certificate chain." ),
399 EmbeddedInstance ( "CIM_X509Certificate" )]
400 marek 1.1 string InputCertificates[],
401 [IN, Description (
402 "The Keystore parameter denotes the reference to "
403 "the instance of CIM_Keystore that represents the "
404 "key store where the new certificate or certificate "
405 "chain will be added." )]
406 CIM_Keystore REF Keystore,
407 [IN, Description (
408 "The managed element that represents the user or "
409 "owner or the scoping element of the "
410 "certificate(s). Such managed element could be the "
411 "web service that owns the certificate(s) or uses "
412 "it for verification or account that the "
413 "certificate is scoped to." )]
414 CIM_ManagedElement REF CredentialContext,
415 [IN, Description (
416 "The usage of the certificate by the managed "
417 "element that the certificate is for or is scoped "
418 "to. If a certificate chain is imported, the "
419 "sequence of elements in the Usage array shall "
420 "correspond to the sequence of the certificates in "
421 marek 1.1 "the InputCertificates array parameter." ),
422 ValueMap { "2", "3", "4", "6", "7", "8", "..",
423 "32768..65535" },
424 Values { "Owned", "Trusted",
425 "Trusted for Authentication",
426 "Trusted for Authorization",
427 "Trusted for Authentication/Authorization",
428 "Trusted for Third-Party Authentication/Authorization",
429 "DMTF Reserved", "Vendor Reserved" },
430 ArrayType ( "Indexed" ),
431 ModelCorrespondence { "CIM_CredentialContext.Usage",
432 "CIM_CertificateManagementService.ImportCertificates.InputCertificates",
433 "CIM_CertificateManagementService.ImportCertificates.Usage" }]
434 uint16 Usage[],
435 [IN ( false ), OUT, Description (
436 "Contains a reference to the ConcreteJob created to "
437 "track the execution initiated by the method "
438 "invocation. If the method returns 4096 - job "
439 "started, then the parameter shall not have NULL "
440 "value." )]
441 CIM_ConcreteJob REF Job,
442 marek 1.1 [Required, IN ( false ), OUT, Description (
443 "Reference to the newly created instance of "
444 "CIM_X509Certificate representing the imported "
445 "certificate or certificate chain." )]
446 CIM_X509Certificate REF NewCertificates[]);
447
448 [Description (
449 "This method is called to export a certificate or a "
450 "certificate chain using the certificate\'s encoded "
451 "representation. Upon successful execution the array of "
452 "unsigned integers representing octet string of the "
453 "exported certificate or certificate chain shall be "
454 "returned inside the EncodedCertificates output parameter "
455 "based on the encoding specified in the EncodingFormat "
456 "parameter." ),
457 ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
458 "4097..32767", "32768..65535" },
459 Values { "Completed with No Error", "Not Supported",
460 "Error Occured", "Busy", "Invalid Reference",
461 "Invalid Parameter", "Access Denied", "DMTF Reserved",
462 "Job Started", "Method Reserved", "Vendor Specified" }]
463 marek 1.1 uint32 ExportEncodedCertificates(
464 [Required, IN, Description (
465 "Reference to the instance(s) of "
466 "CIM_SignedCredential representing the certificate "
467 "or certificate chain to be exported." )]
468 CIM_X509Certificate REF CertificatesToExport[],
469 [Required, IN, Description (
470 "The Format parameter specifies the format of the "
471 "octet string EncodedCertificates parameter." ),
472 ValueMap { "2", "3", "4", "5", "..", "32768..65535" },
473 Values { "DER", "Base64", "PKCS7", "PKCS12",
474 "DMTF Reserved", "Vendor Reserved" }]
475 uint16 Format,
476 [IN ( false ), OUT, Description (
477 "Contains a reference to the ConcreteJob created to "
478 "track the execution initiated by the method "
479 "invocation. If the method returns 4096 - job "
480 "started, then the parameter shall not have NULL "
481 "value." )]
482 CIM_ConcreteJob REF Job,
483 [Required, IN ( false ), OUT, Description (
484 marek 1.1 "An array of strings representing octet string of "
485 "an exported encoded certificate or certificate "
486 "chain. Only the first element of the array "
487 "property shall be populated, even if a certificate "
488 "chain is exported." ),
489 OctetString]
490 string EncodedCertificates[]);
491
492 [Description (
493 "This method is called to apply Certificate Revocation "
494 "List (CRL) using an encoded format. Upon successful "
495 "execution the references to the instance(s) of "
496 "CIM_X509CRL representing the applied CRL shall be "
497 "returned inside the AppliedCRL output parameter. If the "
498 "Keystore parameter is not NULL, the newly created "
499 "instance(s) of CIM_X509CRL shall be associated to the "
500 "instance of the CIM_Keystore referenced in the Keystore "
501 "parameter. The newly created instance(s) of the "
502 "CIM_X509CRL shall be associated to the insatnces of "
503 "CIM_ManagedElement referenced in the CredentialContext "
504 "property through the CIM_CredentialContext association." ),
505 marek 1.1 ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
506 "4097..32767", "32768..65535" },
507 Values { "Completed with No Error", "Not Supported",
508 "Error Occured", "Busy", "Invalid Reference",
509 "Invalid Parameter", "Access Denied", "DMTF Reserved",
510 "Job Started", "Method Reserved", "Vendor Specified" }]
511 uint32 ApplyCRL(
512 [Required, IN, Description (
513 "An array of unsigned integers representing octet "
514 "string of an encoded CRL to be applied. Only the "
515 "first element of the array property shall be "
516 "populated." ),
517 OctetString]
518 string EncodedCRL[],
519 [Required, IN, Description (
520 "The Format shall specify the format for the "
521 "encoding that is used by octet string EncodedCRL "
522 "parameter." ),
523 ValueMap { "2", "3", "4", "5", "..", "32768..65535" },
524 Values { "DER", "PEM", "PKCS7", "PKCS12",
525 "DMTF Reserved", "Vendor Reserved" }]
526 marek 1.1 uint16 Format,
527 [IN, Description (
528 "The Keystore parameter denotes the reference to "
529 "the instance of CIM_Keystore that represents the "
530 "key store where the CRL will be applied." )]
531 CIM_Keystore REF Keystore,
532 [Required, IN, Description (
533 "The managed element that represents the service or "
534 "the managed element for which the certificates "
535 "were revoked by the application of the CRL." )]
536 CIM_ManagedElement REF CredentialContext,
537 [IN ( false ), OUT, Description (
538 "Contains a reference to the ConcreteJob created to "
539 "track the execution initiated by the method "
540 "invocation. If the method returns 4096 - job "
541 "started, then the parameter shall not have NULL "
542 "value." )]
543 CIM_ConcreteJob REF Job,
544 [Required, IN ( false ), OUT, Description (
545 "Reference to the newly created instance of "
546 "CIM_X509CRL representing the applied CRL." )]
547 marek 1.1 CIM_X509CRL REF AppliedCRL);
548
549 [Description (
550 "This method is called to apply Certificate Revocation "
551 "List (CRL) using the decoded format. Upon successful "
552 "execution the references to the instance(s) of "
553 "CIM_X509CRL representing the applied CRL shall be "
554 "returned inside the AppliedCRL output parameter. If the "
555 "Keystore parameter is not NULL, the newly created "
556 "instance(s) of CIM_X509CRL shall be associated to the "
557 "instance of the CIM_Keystore referenced in the Keystore "
558 "parameter. The newly created instance(s) of the "
559 "CIM_X509CRL shall be associated to the insatnces of "
560 "CIM_ManagedElement referenced in the CredentialContext "
561 "property through the CIM_CredentialContext association." ),
562 ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096",
563 "4097..32767", "32768..65535" },
564 Values { "Completed with No Error", "Not Supported",
565 "Error Occured", "Busy", "Invalid Reference",
566 "Invalid Parameter", "Access Denied", "DMTF Reserved",
567 "Job Started", "Method Reserved", "Vendor Specified" }]
568 marek 1.1 uint32 ApplyDecodedCRL(
569 [Required, IN, Description (
570 "Issuer represents the information about the issuer "
571 "of the CRL. The Issuer property shall contain "
572 "information as required by section 4.1.2.4 of RFC "
573 "3280 and shall be formatted based on RFC 4514. An "
574 "example of the value of the Subject parameter "
575 "could be \"CN=Marshall T. Rose, O=Dover Beach "
576 "Consulting, OU=Sales, L=Santa Clara, "
577 "ST=California, C=US\"." ),
578 DN]
579 string Issuer,
580 [Required, IN, Description (
581 "An array of serial numbers of X.509 certificates "
582 "that are part of CRL." ),
583 OctetString]
584 string SerialNumbers[],
585 [IN, Description (
586 "The Keystore parameter denotes the reference to "
587 "the instance of CIM_Keystore that represents the "
588 "key store where the CRL will be applied." )]
589 marek 1.1 CIM_Keystore REF Keystore,
590 [Required, IN, Description (
591 "The managed element that represents the service or "
592 "the managed element for which the certificates "
593 "were revoked by the application of the CRL." )]
594 CIM_ManagedElement REF CredentialContext,
595 [IN ( false ), OUT, Description (
596 "Contains a reference to the ConcreteJob created to "
597 "track the execution initiated by the method "
598 "invocation. If the method returns 4096 - job "
599 "started, then the parameter shall not have NULL "
600 "value." )]
601 CIM_ConcreteJob REF Job,
602 [Required, IN ( false ), OUT, Description (
603 "Reference to the newly created instance of "
604 "CIM_X509CRL representing the applied CRL." )]
605 CIM_X509CRL REF AppliedCRL);
606
607 };
|
Return to
CIM_CertificateManagementService.mof
CVS log
Up to [Pegasus] / pegasus / Schemas / CIM231 / DMTF / User