1 <?xml version="1.0" encoding="UTF-8"?>
3 xmlns:xs="http://www.w3.org/2001/XMLSchema"
4 xmlns:sai="http://schemas.intel.com/platform/client/SecurityAdministration/2004/01"
5 targetNamespace="http://schemas.intel.com/platform/client/SecurityAdministration/2004/01"
6 elementFormDefault="qualified">
8 <xs:simpleType name="PT_STATUS">
9 <xs:restriction base="xs:unsignedInt"/>
12 <xs:simpleType name="UserAclRealmType">
13 <xs:restriction base="xs:unsignedInt">
14 <xs:enumeration value="0">
16 <xs:documentation>InvalidRealm = 0</xs:documentation>
19 <xs:enumeration value="1">
21 <xs:documentation>Reserved = 1</xs:documentation>
24 <xs:enumeration value="2">
26 <xs:documentation>RedirectionRealm = 2</xs:documentation>
29 <xs:enumeration value="3">
31 <xs:documentation>PTAdministrationRealm = 3</xs:documentation>
34 <xs:enumeration value="4">
36 <xs:documentation>HardwareAssetRealm = 4</xs:documentation>
39 <xs:enumeration value="5">
41 <xs:documentation>RemoteControlRealm = 5</xs:documentation>
44 <xs:enumeration value="6">
46 <xs:documentation>StorageRealm = 6</xs:documentation>
49 <xs:enumeration value="7">
51 <xs:documentation>EventManagerRealm = 7</xs:documentation>
54 <xs:enumeration value="8">
56 <xs:documentation>StorageAdminRealm = 8</xs:documentation>
59 <xs:enumeration value="9">
61 <xs:documentation>AgentPresenceLocalRealm = 9</xs:documentation>
64 <xs:enumeration value="10">
66 <xs:documentation>AgentPresenceRemoteRealm = 10</xs:documentation>
69 <xs:enumeration value="11">
71 <xs:documentation>CircuitBreakerRealm = 11</xs:documentation>
74 <xs:enumeration value="12">
76 <xs:documentation>NetworkTimeRealm = 12</xs:documentation>
79 <xs:enumeration value="13">
81 <xs:documentation>GeneralInfoRealm = 13</xs:documentation>
84 <xs:enumeration value="14">
86 <xs:documentation>FirmwareUpdateRealm = 14</xs:documentation>
89 <xs:enumeration value="15">
91 <xs:documentation>EITRealm = 15</xs:documentation>
94 <xs:enumeration value="16">
96 <xs:documentation>LocalUNRealm = 16</xs:documentation>
99 <xs:enumeration value="17">
101 <xs:documentation>EndpointAccessControlRealm = 17</xs:documentation>
104 <xs:enumeration value="18">
106 <xs:documentation>EndpointAccessControlAdminRealm = 18</xs:documentation>
109 <xs:enumeration value="19">
111 <xs:documentation>EventLogReaderRealm = 19</xs:documentation>
118 <xs:simpleType name="UserAclEntryHandleType">
119 <xs:restriction base="xs:unsignedInt"/>
122 <xs:simpleType name="AclStringType">
123 <xs:restriction base="xs:string">
124 <xs:maxLength value="16"/>
128 <xs:simpleType name="AclPasswordStringType">
129 <xs:restriction base="xs:string">
130 <xs:maxLength value="32"/>
134 <xs:complexType name="UserAclEntryType">
136 <xs:element name="Username" type="sai:AclStringType"/>
137 <xs:element name="Password" type="sai:AclPasswordStringType"/>
138 <xs:element name="Realms" type="sai:UserAclRealmListType"/>
142 <xs:complexType name="AdminAclEntryType">
144 <xs:element name="Username" type="sai:AclStringType"/>
145 <xs:element name="Password" type="sai:AclPasswordStringType"/>
149 <xs:complexType name="UserAclEntryHandleListType">
151 <xs:element name="Handle" type="sai:UserAclEntryHandleType" minOccurs="0" maxOccurs="7"/>
155 <xs:complexType name="UserAclRealmListType">
157 <xs:element name="Realm" type="sai:UserAclRealmType" minOccurs="0" maxOccurs="16"/>
161 <xs:simpleType name="IPv4AddressType">
162 <xs:restriction base="xs:unsignedInt"/>
165 <xs:simpleType name="RsaKeyEncodingType">
166 <xs:restriction base="xs:unsignedInt">
167 <xs:enumeration value="30">
169 <xs:documentation>RsaKeyEncodingTypeInvalid = 30</xs:documentation>
172 <xs:enumeration value="31">
174 <xs:documentation>RsaKeyEncodingTypeSshv2Mpint = 31</xs:documentation>
180 <xs:simpleType name="RsaCertificateEncodingType">
181 <xs:restriction base="xs:unsignedInt">
182 <xs:enumeration value="10">
184 <xs:documentation>RsaCertificateEncodingTypeInvalid = 10</xs:documentation>
187 <xs:enumeration value="11">
189 <xs:documentation>RsaCertificateEncodingTypeX509 = 11</xs:documentation>
195 <xs:simpleType name="RngKeyEncodingType">
196 <xs:restriction base="xs:unsignedInt">
197 <xs:enumeration value="20">
199 <xs:documentation>RngKeyEncodingTypeInvalid = 20</xs:documentation>
202 <xs:enumeration value="21">
204 <xs:documentation>RngKeyEncodingTypeBare = 21</xs:documentation>
210 <xs:complexType name="RsaKeyType">
212 <xs:element name="Encoding" type="sai:RsaKeyEncodingType"/>
213 <xs:element name="Length" type="xs:unsignedInt"/>
214 <xs:element name="Value" type="xs:base64Binary"/>
217 <xs:complexType name="RngKeyType">
219 <xs:element name="Type" type="sai:RngKeyEncodingType"/>
220 <xs:element name="Length" type="xs:unsignedInt"/>
221 <xs:element name="Data" type="xs:base64Binary"/>
225 <xs:complexType name="CertificateChainType">
227 <xs:element name="Encoding" type="sai:RsaCertificateEncodingType"/>
228 <xs:element name="Length" type="xs:unsignedInt"/>
229 <xs:element name="Value" type="xs:base64Binary"/>
233 <xs:complexType name="UpdateCoreUrlKeyType">
235 <xs:element name="KeyLength" type="xs:unsignedInt"/>
236 <xs:element name="KeyAlgorithm" type="xs:unsignedInt"/>
237 <xs:element name="KeyData" type="xs:base64Binary"/>
241 <xs:complexType name="AmtVersion">
243 <xs:element name="major" type="xs:unsignedByte"/>
244 <xs:element name="minor" type="xs:unsignedByte"/>
245 <xs:element name="micro" type="xs:unsignedShort"/>
249 <xs:simpleType name="ProvisioningModeType">
250 <xs:restriction base="xs:unsignedInt">
251 <xs:enumeration value="0">
253 <xs:documentation>"0 = ProvisioningModeCurrent"</xs:documentation>
256 <xs:enumeration value="1">
258 <xs:documentation>"1 = ProvisioningModeEnterprise"</xs:documentation>
261 <xs:enumeration value="2">
263 <xs:documentation>"2 = ProvisioningModeSmallBusiness"</xs:documentation>
269 <!-- Intel(r) AMT 2.0 -->
270 <xs:simpleType name="AccessPermissionType">
271 <xs:restriction base="xs:string">
272 <xs:enumeration value="LocalAccessPermission"/>
273 <xs:enumeration value="NetworkAccessPermission"/>
274 <xs:enumeration value="AnyAccessPermission"/>
277 <xs:complexType name="UserEntryDigestType">
279 <xs:element name="Username" type="sai:AclStringType"/>
280 <xs:element name="DigestPassword">
282 <xs:restriction base="xs:base64Binary">
283 <xs:length value="16"/>
289 <xs:complexType name="UserEntryKerberosType">
291 <xs:element name="Sid" type="xs:base64Binary"/>
294 <xs:complexType name="UserAclEntryExType">
297 <xs:element name="DigestUser" type="sai:UserEntryDigestType"/>
298 <xs:element name="KerberosUser" type="sai:UserEntryKerberosType"/>
300 <xs:element name="AccessPermission" type="sai:AccessPermissionType"/>
301 <xs:element name="Realms" type="sai:UserAclRealmListType"/>
304 <xs:complexType name="AdminAclEntryExType">
306 <xs:element name="Username" type="sai:AclStringType"/>
307 <xs:element name="DigestPassword">
309 <xs:restriction base="xs:base64Binary">
310 <xs:length value="16"/>
316 <xs:simpleType name="KerberosSpnProtocolType">
317 <xs:restriction base="xs:string">
318 <xs:enumeration value="HTTP"/>
319 <xs:enumeration value="HTTPS"/>
320 <xs:enumeration value="SOL_IDER"/>
321 <xs:enumeration value="SOL_IDER_SSL"/>
324 <xs:element name="SpnString">
326 <xs:restriction base="xs:string">
327 <xs:minLength value="0"/>
328 <xs:maxLength value="266"/> <!-- sizeof(FQDN) + sizeof "HTTP\" + 6 (for ":PORT_NUMBER") -->
332 <xs:complexType name="KerberosSpnType">
334 <xs:element name="SpnProtocolIndex" type="sai:KerberosSpnProtocolType"/>
335 <xs:element ref="sai:SpnString"/>
338 <xs:simpleType name="KerberosEncryptionType">
339 <xs:restriction base="xs:string">
340 <xs:enumeration value="HMAC_RC4"/>
343 <xs:element name="KerberosRealmName">
345 <xs:restriction base="xs:string">
346 <xs:minLength value="1"/>
347 <xs:maxLength value="63"/> <!-- 64 incl null -->
351 <xs:complexType name="KerberosOptionsType">
353 <xs:element ref="sai:KerberosRealmName"/>
354 <xs:element name="KerberosSpn" type="sai:KerberosSpnType" minOccurs="1" maxOccurs="4"/>
355 <xs:element name="KerberosKeyVersion" type="xs:unsignedInt"/>
356 <xs:element name="KerberosEncryption" type="sai:KerberosEncryptionType"/>
357 <xs:element name="KerberosMasterKey">
359 <xs:restriction base="xs:base64Binary">
360 <xs:length value="16"/>
364 <xs:element name="KerberosMaximumClockTolerance">
366 <xs:restriction base="xs:unsignedInt">
367 <xs:minInclusive value="1"/>
373 <xs:simpleType name="PowerStateType">
374 <xs:restriction base="xs:string">
375 <xs:enumeration value="PowerStateS0"/>
376 <xs:enumeration value="PowerStateS1"/>
377 <xs:enumeration value="PowerStateS2"/>
378 <xs:enumeration value="PowerStateS3"/>
379 <xs:enumeration value="PowerStateS4"/>
380 <xs:enumeration value="PowerStateS5"/>
384 <xs:simpleType name="EnabledInterfacesType">
385 <xs:restriction base="xs:string">
386 <xs:enumeration value="WebUI"/>
387 <xs:enumeration value="SerialOverLAN"/>
388 <xs:enumeration value="IdeRedirection"/>
392 <xs:simpleType name="InterfaceType">
393 <xs:restriction base="xs:string">
394 <xs:enumeration value="NetworkInterface"/>
395 <xs:enumeration value="LocalHostInterface"/>
399 <xs:simpleType name="TlsAthenticationType">
400 <xs:restriction base="xs:string">
401 <xs:enumeration value="NoAuth"/>
402 <xs:enumeration value="ServerAuth"/>
403 <xs:enumeration value="MutualAuth"/>
407 <xs:complexType name="TlsOptionsType">
409 <xs:element name="Interface" type="sai:InterfaceType"/>
410 <xs:element name="TlsAuthentication" type="sai:TlsAthenticationType"/>
414 <xs:simpleType name="CertificateHandleType">
415 <xs:restriction base="xs:unsignedInt"/>
418 <xs:complexType name="CertificateType">
420 <xs:element name="X509cert" type="xs:base64Binary"/>
424 <xs:complexType name="CrlType">
426 <xs:element name="CrlUrl" type="xs:string"/>
427 <xs:element name="SerialNumber" type="xs:base64Binary" minOccurs="1" maxOccurs="unbounded"/>
431 <xs:complexType name="PkiCapsType">
433 <xs:element name="CrlStoreSize" type="xs:unsignedInt"/>
434 <xs:element name="RootCertMaxSize" type="xs:unsignedInt"/>
435 <xs:element name="RootCertMaxInstances" type="xs:unsignedInt"/>
436 <xs:element name="FqdnSuffixMaxEntries" type="xs:unsignedInt"/>
437 <xs:element name="FqdnSuffixMaxEntryLength" type="xs:unsignedInt"/>
438 <xs:element name="CertChainMaxSize" type="xs:unsignedInt"/>
439 <xs:element name="SupportedKeyLengths" type="xs:unsignedInt" minOccurs="1" maxOccurs="unbounded"/>
443 <!-- Intel(r) AMT 2.2 -->
444 <xs:simpleType name="ProvisioningTLSModeType">
445 <xs:restriction base="xs:unsignedByte">
446 <xs:enumeration value="0">
448 <xs:documentation>"0 = Not Ready"</xs:documentation>
451 <xs:enumeration value="1">
453 <xs:documentation>"1 = PSK"</xs:documentation>
456 <xs:enumeration value="2">
458 <xs:documentation>"2 = PKI"</xs:documentation>
464 <xs:simpleType name="MEBxPasswordType">
465 <xs:restriction base="xs:string">
466 <xs:minLength value="0"/>
467 <xs:maxLength value="32"/>
471 <xs:simpleType name="ProvisioningOTPType">
472 <xs:restriction base="xs:base64Binary">
473 <xs:minLength value="8"/>
474 <xs:maxLength value="32"/>
478 <xs:simpleType name="FriendlyNameType">
479 <xs:restriction base="xs:string">
480 <xs:minLength value="1"/>
481 <xs:maxLength value="32"/>
485 <xs:complexType name="CertHashEntryType">
487 <xs:element name="Default" type="xs:boolean" />
488 <xs:element name="Active" type="xs:boolean" />
489 <xs:element name="HashType" type="sai:HashTypeType" />
490 <xs:element name="Hash" type="xs:base64Binary" />
491 <xs:element name="FriendlyName" type="sai:FriendlyNameType"/>
495 <xs:simpleType name="HashTypeType">
496 <xs:restriction base="xs:unsignedByte">
497 <xs:enumeration value="1">
499 <xs:documentation>"1 = SHA-1-160"</xs:documentation>
505 <xs:complexType name="ProvisioningAuditRecordType">
507 <xs:element name="ProvisioningTLSMode" type="sai:ProvisioningTLSModeType" />
508 <xs:element name="SecureDNS" type="xs:boolean" />
509 <xs:element name="HostInitiated" type="xs:boolean" />
510 <xs:element name="ProvServerFQDN" type="xs:string" minOccurs="0"/>
511 <xs:element name="SelectedHashType" type="sai:HashTypeType" />
512 <xs:element name="SelectedHashData" type="xs:base64Binary" />
513 <xs:element name="CaCertSerials" type="xs:base64Binary" minOccurs="0" maxOccurs="unbounded"/>
514 <xs:element name="AdditionalCaSerialNums" type="xs:boolean" minOccurs="0"/>
515 <xs:element name="IsOemDefault" type="xs:boolean" />
516 <xs:element name="IsTimeValid" type="xs:boolean" />
517 <xs:element name="ProvServerIP" type="sai:IPv4AddressType" />
518 <xs:element name="TlsStartTime" type="xs:unsignedInt" />
522 <!-- Intel(r) AMT 2.5 -->
523 <xs:complexType name="EnvironmentDetectionDomainType">
525 <xs:element name="values" type="xs:string" minOccurs="0" maxOccurs="5" />
529 <xs:complexType name="EnvironmentDetectionType">
531 <xs:element name="LocalDomains" type="sai:EnvironmentDetectionDomainType"/>
532 <xs:element name="ExternalCircuitBreakerPolicy" type="xs:unsignedInt" minOccurs="0"/>
536 <xs:simpleType name="HTTPAuthOptionType">
537 <xs:restriction base="xs:string">
538 <xs:enumeration value="NoAuth"/>
539 <xs:enumeration value="Auth"/>
540 <xs:enumeration value="Disable"/>
544 <xs:complexType name="GlobalPowerPolicyType">
546 <xs:element name="IdleWakeTimeout" type="xs:unsignedInt"/>