version 1.1.2.1, 2012/01/24 13:50:37
|
version 1.1.2.2, 2012/02/15 17:46:58
|
|
|
|
// Copyright (c) 2011 DMTF. All rights reserved. |
|
[Version ( "2.29.0" ), |
|
ClassConstraint { |
|
"/* The constraints below aim to efficiently */ /* represent a singular OctetString. Each of the properties*/ /* is a single encoded stringthus only the first element */ /* needs to be populated. */ inv:self.PublicKey->size()<=1 and self.SerialNumber->size()<=1 and self.EncodedCertificate->size()<=1" }, |
|
UMLPackagePath ( "CIM::User::PublicKey" ), |
|
Description ( |
|
"CIM_X509Certificate describes Internet X509 Public Key " |
|
"Infrastructure (PKI) standard based certificates. The " |
|
"certificates are signed by a trusted Certificate Authority " |
|
"(CA) or by the owner of the certificate and issued to an " |
|
"authenticated entity (e.g., human user, service, etc.) called " |
|
"the Subject in the certificate. The public key in the " |
|
"certificate is cryptographically related to a private key that " |
|
"is held and kept private by the authenticated Subject. The " |
|
"certificate and its related private key can then be used for " |
|
"establishing trust relationships and securing communications " |
|
"with the Subject. Refer to the Internet X.509 PKI standard " |
|
"(RFC 3280) for more information." )] |
|
class CIM_X509Certificate : CIM_X509Infrastructure { |
|
|
|
[Description ( |
|
"Distinguished name identifying the subject of the " |
|
"certificate.Subject shall contain information as " |
|
"required by section 4.1.2.6 of RFC 3280 and shall be " |
|
"formatted based on RFC 4514." ), |
|
DN, MappingStrings { "RFC3280.IETF|Section 4.1.2.6" }] |
|
string Subject; |
|
|
|
[Description ( |
|
"Alternate subject identifier for the Certificate." ), |
|
MappingStrings { "RFC3280.IETF|Section 4.2.1.7" }] |
|
string AltSubject; |
|
|
|
[Description ( |
|
"The DER-encoded raw public key that belongs to the " |
|
"subject the certificate vouches for.Only the first " |
|
"element of PublicKey array property shall be populated " |
|
"with DER encoded raw public key octet string." ), |
|
OctetString, MappingStrings { "RFC3280.IETF|Section 4.1.2.7" }] |
|
string PublicKey[]; |
|
|
|
[Description ( |
|
"The length of the public key represented in the " |
|
"PublicKey property." ), |
|
MappingStrings { "RFC3280.IETF|Section 4.1.2.7" }] |
|
uint16 PublicKeySize; |
|
|
|
[Description ( |
|
"IsValid represents whether the certificate is currently " |
|
"valid. When the certificate is revoked or expired or put " |
|
"on hold or invalidated for any reason IsValid shall be " |
|
"set to FALSE." )] |
|
boolean IsValid; |
|
|
|
[Description ( |
|
"Unique number that identifies this certificate.Only the " |
|
"first element of the array property shall be populated." ), |
|
OctetString, MappingStrings { "RFC3280.IETF|Section 4.1.2.2" }] |
|
string SerialNumber[]; |
|
|
|
[Description ( "Public key algorithm." ), |
|
ValueMap { "0", "2", "3", "4", "5..32767", "32768..65535" }, |
|
Values { "Unknown", "RSA", "DSA", "ECDSA", "DMTF Reserved", |
|
"Vendor Specified" }, |
|
MappingStrings { "RFC3280.IETF|Section 4.1.2.7" }] |
|
uint16 PublicKeyAlgorithm; |
|
|
|
[Description ( |
|
"Key usage defines the purpose of the key. Key usage " |
|
"could include digital signing, key agreement, " |
|
"certificate signing, and more. The key usage is an " |
|
"extension to the X.509 specification." ), |
|
ValueMap { "0", "2", "3", "4", "5", "6", "7", "8..32767", |
|
"32768..65535" }, |
|
Values { "Unknown", "Digital Signature", "Non Repudiation", |
|
"Key Encipherment", "Data Encipherment", "Key Agreement", |
|
"Key Certificate Signature", "DMTF Reserved", |
|
"Vendor Specified" }, |
|
MappingStrings { "RFC3280.IETF|Section 4.2.1.3" }] |
|
uint16 KeyUsage[]; |
|
|
|
[Description ( |
|
"This extension indicates one or more purposes for which " |
|
"the certified public key may be used, in addition to or " |
|
"in place of the basic purposes indicated in the key " |
|
"usage extension." ), |
|
MappingStrings { "RFC3280.IETF|Section 4.2.1.13" }] |
|
string ExtendedKeyUsage[]; |
|
|
|
[Description ( |
|
"An X.509 certificate may contain an optional extension " |
|
"that identifies whether the subject of the certificate " |
|
"is a certificate authority (CA). If the subject is a CA, " |
|
"this property defines the number of certificates that " |
|
"may follow this certificate in a certification chain." ), |
|
MappingStrings { "RFC3280.IETF|Section 4.2.1.10" }] |
|
uint16 PathLengthConstraint; |
|
|
|
[Description ( |
|
"The full content of the certificate in binary form.Only " |
|
"the first element of the array property shall be " |
|
"populated." ), |
|
OctetString, MappingStrings { "RFC3280.IETF|Section 4" }] |
|
string EncodedCertificate[]; |
|
|
|
[Description ( |
|
"Extension identifier array for additional attributes " |
|
"associated with the certificate. The corresponding array " |
|
"element in the IsCritical property denotes whether the " |
|
"extension is critical. The corresponding array element " |
|
"in the ExtensionValue property contains the value of the " |
|
"extension attribute." ), |
|
ArrayType ( "Indexed" ), |
|
MappingStrings { "RFC3280.IETF|Section 4.1.2.9", |
|
"RFC3280.IETF|Section 4.2" }, |
|
ModelCorrespondence { "CIM_X509Certificate.IsCritical", |
|
"CIM_X509Certificate.ExtensionValue" }] |
|
string ExtensionID[]; |
|
|
|
[Description ( |
|
"Certificate extension attribute value array. The " |
|
"corresponding array element in the ExtensionID property " |
|
"contains the identifier of the certificate extension " |
|
"attribute. The corresponding array element in the " |
|
"IsCritical property denotes whether the extension is " |
|
"critical." ), |
|
ArrayType ( "Indexed" ), |
|
MappingStrings { "RFC3280.IETF|Section 4.1.2.9", |
|
"RFC3280.IETF|Section 4.2" }, |
|
ModelCorrespondence { "CIM_X509Certificate.IsCritical", |
|
"CIM_X509Certificate.ExtensionID" }] |
|
string ExtensionValue[]; |
|
|
|
[Description ( |
|
"TRUE value represents that the extension attribute is " |
|
"critical. The corresponding array element in the " |
|
"ExtensionID property contains the identifier of the " |
|
"extension attribute. The corresponding array element in " |
|
"the ExtensionValue property contains the value of the " |
|
"extension attribute." ), |
|
ArrayType ( "Indexed" ), |
|
MappingStrings { "RFC3280.IETF|Section 4.1.2.9", |
|
"RFC3280.IETF|Section 4.2" }, |
|
ModelCorrespondence { "CIM_X509Certificate.ExtensionID", |
|
"CIM_X509Certificate.ExtensionValue" }] |
|
boolean IsCritical[]; |
|
|
|
[Description ( |
|
"String that identifies the issuer of the certificate." ), |
|
MappingStrings { "RFC3280.IETF|Section 4.1.2.8" }] |
|
string IssuerUniqueID; |
|
|
|
[Description ( "Certificate\'s unique subject identifier." ), |
|
MappingStrings { "RFC3280.IETF|Section 4.1.2.8" }] |
|
string SubjectUniqueID; |
|
|
|
[Description ( |
|
"TRUE value represents that the certificate is a trusted " |
|
"root certificate." )] |
|
boolean TrustedRootCertificate; |
|
|
|
|
|
}; |