1 marek 1.1 // Copyright (c) 2011 DMTF. All rights reserved.
2 [Version ( "2.29.0" ),
3 ClassConstraint {
4 "/* The constraints below aim to efficiently */ /* represent a singular OctetString. Each of the properties*/ /* is a single encoded string, thus only the first element */ /* needs to be populated. */ inv:self.TBSCertificate->size()<=1" },
5 UMLPackagePath ( "CIM::User::PublicKey" ),
6 Description (
7 "CIM_X509Infrastructure describes Internet X509 Public Key "
8 "Infrastructure (PKI) standard based properties used by "
9 "certificates and certificate revocation lists. For more "
10 "information on the Internet X509 PKI refer to the RFC 3280." )]
11 class CIM_X509Infrastructure : CIM_SignedCredential {
12
13 [Description ( "Version of X.509." ),
14 ValueMap { "0", "2", "3", "4", "..", "32768..65535" },
15 Values { "Unknown", "v1", "v2", "v3", "DMTF Reserved",
16 "Vendor Specified" },
17 MappingStrings { "RFC3280.IETF|Section 4.1.2.1",
18 "RFC3280.IETF|Section 5.1.2.1" }]
19 uint16 Version;
20
21 [Description (
22 marek 1.1 "The To Be Signed (TBS) certificate is used as an input "
23 "data to the signature algorithm when the certificate is "
24 "signed or verified. Only the first element of the array "
25 "property shall be populated." ),
26 OctetString, MappingStrings { "RFC3280.IETF|Section 4.1.2",
27 "RFC3280.IETF|Section 5.1.2" }]
28 string TBSCertificate[];
29
30 [Description (
31 "Digital signature algorithm that verifies data integrity "
32 "by creating a 128-bit message digest or fingerprint. The "
33 "fingerprint is unique to the input data and contains the "
34 "binary hash of the encoded X509 object such as encoded "
35 "certificate or CRL." ),
36 OctetString]
37 string MD5Fingerprint[];
38
39 [Description (
40 "Secure hashing algorithm, a cryptographic message digest "
41 "algorithm used to verify data integrity by making "
42 "replication of the fingerprint. The fingerprint is "
43 marek 1.1 "unique to the input data and contains the binary hash of "
44 "the encoded X509 object such as encoded certificate or "
45 "CRL." ),
46 OctetString]
47 string SHA1Fingerprint[];
48
49 [Description (
50 "The algorithm used for hashing the encoded X509 "
51 "certificate\'s or CRL\'s message digest represented in "
52 "the corresponding element of the FingerPrint array." ),
53 ValueMap { "2", "3", "..", "32768..65535" },
54 Values { "MD5", "SHA1", "DMTF Reserved", "Vendor Specified" },
55 ArrayType ( "Indexed" ),
56 ModelCorrespondence { "CIM_X509Infrastructure.Fingerprints" }]
57 uint16 FingerprintDigestAlgorithms[];
58
59 [Description (
60 "Fingerprints property represents the message digests of "
61 "the encoded X509 certificate or CRL that uniquely "
62 "identify it and can be used for the integrity "
63 "verification of the X509 certificate or CRL. Fingerprint "
64 marek 1.1 "is the hash of the encoded X509 certificate or CRL that "
65 "is based on the algorithm described in the corresponding "
66 "element of the FingerprintDigestAlgorithms array." ),
67 OctetString, ArrayType ( "Indexed" ),
68 ModelCorrespondence {
69 "CIM_X509Infrastructure.FingerprintDigestAlgorithms" }]
70 string Fingerprints[];
71
72 [Override ( "IssuerName" ),
73 Description (
74 "Issuer represents the information about the issuer of "
75 "the CRL. The Issuer property shall contain information "
76 "as required by section 4.1.2.4 of RFC 3280 and shall be "
77 "formatted based on RFC 4514. An example of the value of "
78 "the Subject parameter could be \"CN=Marshall T. Rose, "
79 "O=Dover Beach Consulting, OU=Sales, L=Santa Clara, "
80 "ST=California, C=US\"." ),
81 DN, MappingStrings { "RFC3280.IETF|Section 4.1.2.4",
82 "RFC3280.IETF|Section 5.1.2.3" }]
83 string IssuerName;
84
85 marek 1.1
86 };
|