1 karl 1.1.2.2 // Copyright (c) 2011 DMTF. All rights reserved.
2 [Version ( "2.29.0" ),
3 ClassConstraint {
4 "/* The constraints below aim to efficiently */ /* represent a singular OctetString. Each of the properties*/ /* is a single encoded stringthus only the first element */ /* needs to be populated. */ inv:self.PublicKey->size()<=1 and self.SerialNumber->size()<=1 and self.EncodedCertificate->size()<=1" },
5 UMLPackagePath ( "CIM::User::PublicKey" ),
6 Description (
7 "CIM_X509Certificate describes Internet X509 Public Key "
8 "Infrastructure (PKI) standard based certificates. The "
9 "certificates are signed by a trusted Certificate Authority "
10 "(CA) or by the owner of the certificate and issued to an "
11 "authenticated entity (e.g., human user, service, etc.) called "
12 "the Subject in the certificate. The public key in the "
13 "certificate is cryptographically related to a private key that "
14 "is held and kept private by the authenticated Subject. The "
15 "certificate and its related private key can then be used for "
16 "establishing trust relationships and securing communications "
17 "with the Subject. Refer to the Internet X.509 PKI standard "
18 "(RFC 3280) for more information." )]
19 class CIM_X509Certificate : CIM_X509Infrastructure {
20
21 [Description (
22 karl 1.1.2.2 "Distinguished name identifying the subject of the "
23 "certificate.Subject shall contain information as "
24 "required by section 4.1.2.6 of RFC 3280 and shall be "
25 "formatted based on RFC 4514." ),
26 DN, MappingStrings { "RFC3280.IETF|Section 4.1.2.6" }]
27 string Subject;
28
29 [Description (
30 "Alternate subject identifier for the Certificate." ),
31 MappingStrings { "RFC3280.IETF|Section 4.2.1.7" }]
32 string AltSubject;
33
34 [Description (
35 "The DER-encoded raw public key that belongs to the "
36 "subject the certificate vouches for.Only the first "
37 "element of PublicKey array property shall be populated "
38 "with DER encoded raw public key octet string." ),
39 OctetString, MappingStrings { "RFC3280.IETF|Section 4.1.2.7" }]
40 string PublicKey[];
41
42 [Description (
43 karl 1.1.2.2 "The length of the public key represented in the "
44 "PublicKey property." ),
45 MappingStrings { "RFC3280.IETF|Section 4.1.2.7" }]
46 uint16 PublicKeySize;
47
48 [Description (
49 "IsValid represents whether the certificate is currently "
50 "valid. When the certificate is revoked or expired or put "
51 "on hold or invalidated for any reason IsValid shall be "
52 "set to FALSE." )]
53 boolean IsValid;
54
55 [Description (
56 "Unique number that identifies this certificate.Only the "
57 "first element of the array property shall be populated." ),
58 OctetString, MappingStrings { "RFC3280.IETF|Section 4.1.2.2" }]
59 string SerialNumber[];
60
61 [Description ( "Public key algorithm." ),
62 ValueMap { "0", "2", "3", "4", "5..32767", "32768..65535" },
63 Values { "Unknown", "RSA", "DSA", "ECDSA", "DMTF Reserved",
64 karl 1.1.2.2 "Vendor Specified" },
65 MappingStrings { "RFC3280.IETF|Section 4.1.2.7" }]
66 uint16 PublicKeyAlgorithm;
67
68 [Description (
69 "Key usage defines the purpose of the key. Key usage "
70 "could include digital signing, key agreement, "
71 "certificate signing, and more. The key usage is an "
72 "extension to the X.509 specification." ),
73 ValueMap { "0", "2", "3", "4", "5", "6", "7", "8..32767",
74 "32768..65535" },
75 Values { "Unknown", "Digital Signature", "Non Repudiation",
76 "Key Encipherment", "Data Encipherment", "Key Agreement",
77 "Key Certificate Signature", "DMTF Reserved",
78 "Vendor Specified" },
79 MappingStrings { "RFC3280.IETF|Section 4.2.1.3" }]
80 uint16 KeyUsage[];
81
82 [Description (
83 "This extension indicates one or more purposes for which "
84 "the certified public key may be used, in addition to or "
85 karl 1.1.2.2 "in place of the basic purposes indicated in the key "
86 "usage extension." ),
87 MappingStrings { "RFC3280.IETF|Section 4.2.1.13" }]
88 string ExtendedKeyUsage[];
89
90 [Description (
91 "An X.509 certificate may contain an optional extension "
92 "that identifies whether the subject of the certificate "
93 "is a certificate authority (CA). If the subject is a CA, "
94 "this property defines the number of certificates that "
95 "may follow this certificate in a certification chain." ),
96 MappingStrings { "RFC3280.IETF|Section 4.2.1.10" }]
97 uint16 PathLengthConstraint;
98
99 [Description (
100 "The full content of the certificate in binary form.Only "
101 "the first element of the array property shall be "
102 "populated." ),
103 OctetString, MappingStrings { "RFC3280.IETF|Section 4" }]
104 string EncodedCertificate[];
105
106 karl 1.1.2.2 [Description (
107 "Extension identifier array for additional attributes "
108 "associated with the certificate. The corresponding array "
109 "element in the IsCritical property denotes whether the "
110 "extension is critical. The corresponding array element "
111 "in the ExtensionValue property contains the value of the "
112 "extension attribute." ),
113 ArrayType ( "Indexed" ),
114 MappingStrings { "RFC3280.IETF|Section 4.1.2.9",
115 "RFC3280.IETF|Section 4.2" },
116 ModelCorrespondence { "CIM_X509Certificate.IsCritical",
117 "CIM_X509Certificate.ExtensionValue" }]
118 string ExtensionID[];
119
120 [Description (
121 "Certificate extension attribute value array. The "
122 "corresponding array element in the ExtensionID property "
123 "contains the identifier of the certificate extension "
124 "attribute. The corresponding array element in the "
125 "IsCritical property denotes whether the extension is "
126 "critical." ),
127 karl 1.1.2.2 ArrayType ( "Indexed" ),
128 MappingStrings { "RFC3280.IETF|Section 4.1.2.9",
129 "RFC3280.IETF|Section 4.2" },
130 ModelCorrespondence { "CIM_X509Certificate.IsCritical",
131 "CIM_X509Certificate.ExtensionID" }]
132 string ExtensionValue[];
133
134 [Description (
135 "TRUE value represents that the extension attribute is "
136 "critical. The corresponding array element in the "
137 "ExtensionID property contains the identifier of the "
138 "extension attribute. The corresponding array element in "
139 "the ExtensionValue property contains the value of the "
140 "extension attribute." ),
141 ArrayType ( "Indexed" ),
142 MappingStrings { "RFC3280.IETF|Section 4.1.2.9",
143 "RFC3280.IETF|Section 4.2" },
144 ModelCorrespondence { "CIM_X509Certificate.ExtensionID",
145 "CIM_X509Certificate.ExtensionValue" }]
146 boolean IsCritical[];
147
148 karl 1.1.2.2 [Description (
149 "String that identifies the issuer of the certificate." ),
150 MappingStrings { "RFC3280.IETF|Section 4.1.2.8" }]
151 string IssuerUniqueID;
152
153 [Description ( "Certificate\'s unique subject identifier." ),
154 MappingStrings { "RFC3280.IETF|Section 4.1.2.8" }]
155 string SubjectUniqueID;
156
157 [Description (
158 "TRUE value represents that the certificate is a trusted "
159 "root certificate." )]
160 boolean TrustedRootCertificate;
161
162
163 };
|