From 3a55936becd72f60ae60553551f2ce0cc176448e Mon Sep 17 00:00:00 2001 From: Tony Mack Date: Tue, 30 Nov 2010 11:39:03 -0500 Subject: [PATCH] validate credential against XSD schema instead of RelaxNG --- sfa/trust/credential.rnc | 98 --------- sfa/trust/credential.rng | 197 ----------------- sfa/trust/credential.xsd | 214 ++++++++++++++++++ sfa/trust/protogeni-rspec-common.rng | 239 -------------------- sfa/trust/protogeni-rspec-common.xsd | 120 +++++++++++ sfa/trust/top.rng | 217 ------------------- sfa/trust/top.xsd | 312 +++++++++++++++++++++++++++ sfa/trust/xml.xsd | 10 + 8 files changed, 656 insertions(+), 751 deletions(-) delete mode 100644 sfa/trust/credential.rnc delete mode 100644 sfa/trust/credential.rng create mode 100644 sfa/trust/credential.xsd delete mode 100644 sfa/trust/protogeni-rspec-common.rng create mode 100644 sfa/trust/protogeni-rspec-common.xsd delete mode 100644 sfa/trust/top.rng create mode 100644 sfa/trust/top.xsd create mode 100644 sfa/trust/xml.xsd diff --git a/sfa/trust/credential.rnc b/sfa/trust/credential.rnc deleted file mode 100644 index b61012c8..00000000 --- a/sfa/trust/credential.rnc +++ /dev/null @@ -1,98 +0,0 @@ -# -# EMULAB-COPYRIGHT -# Copyright (c) 2008 University of Utah and the Flux Group. -# All rights reserved. -# - -# ProtoGENI credential and privilege specification. The key points: -# -# * A credential is a set of privileges or a Ticket, each with a flag -# to indicate delegation is permitted. -# * A credential is signed and the signature included in the body of the -# document. -# * To support delegation, a credential will include its parent, and that -# blob will be signed. So, there will be multiple signatures in the -# document, each with a reference to the credential it signs. -# -#default namespace = "http://www.protogeni.net/resources/credential/0.1" - -namespace sig = "http://www.w3.org/2000/09/xmldsig#" -datatypes xs = "http://www.w3.org/2001/XMLSchema-datatypes" -anyelementbody = (attribute * {text} | text | element * {anyelementbody} )* - -# This is where we get the definition of RSpec from -include "../rspec/protogeni-rspec-common.rnc" - -## Representation of a single privileges. -PrivilegeSpec = element privilege { - # Name of the privilege. - element name { xsd:string { minLength = "1" }}, - # Flag indicating this privilege can be delegated - element can_delegate { xsd:boolean } -} - -## A set of privileges. -PrivilegesSpec = element privileges { - PrivilegeSpec* -} - -## Backwards compat my original credential spec. -CapabilitySpec = element capability { - # Name of the capability. - element name { xsd:string { minLength = "1" }}, - # Flag indicating this capability can be delegated - element can_delegate { "0" | "1" } -} -## Backwards compat my original credential spec. -CapabilitiesSpec = element capabilities { - CapabilitySpec* -} - -## Define a stub for future ticket. -TicketSpec = element ticket { - ## Can the ticket be delegated? - element can_delegate { xsd:boolean }, - ## The ticket must be "cashed in" by this date - element redeem_before { xsd:dateTime }, - ## A desciption of the resources that are being promised - # Note: What I really want to do here is reference RSpec as being - # in a separate namespace. But, it's not clear to me how to do this, - # so we basically just use by inclusion - anyelementbody -} - -## A list of signatures. -signatures = element signatures { - element sig:Signature { anyelementbody }+ -} - -## A credential granting privileges or a ticket. -credentials = element credential { - ## The ID for signature referencing. - attribute xml:id {xs:ID}, - ## The type of this credential. Currently a Privilege set or a Ticket. - element type { "privilege" | "ticket" | "capability" }, - ## A serial number. - element serial { xsd:string }, - ## GID of the owner of this credential. - element owner_gid { xsd:string }, - ## GID of the target of this credential. - element target_gid { xsd:string }, - ## UUID of this credential - element uuid { xsd:string }, - ## Expires on - element expires { xsd:dateTime }, - ## Privileges or a ticket - (PrivilegesSpec | TicketSpec | CapabilitiesSpec), - ## Optional Extensions - element extensions { anyelementbody }*, - ## Parent that delegated to us - element parent { credentials }? -} - -SignedCredential = element signed-credential { - credentials, - signatures? -} - -start = SignedCredential diff --git a/sfa/trust/credential.rng b/sfa/trust/credential.rng deleted file mode 100644 index 7496c696..00000000 --- a/sfa/trust/credential.rng +++ /dev/null @@ -1,197 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - Representation of a single privileges. - - - - - 1 - - - - - - - - - - A set of privileges. - - - - - - - - Backwards compat my original credential spec. - - - - - 1 - - - - - - 0 - 1 - - - - - - Backwards compat my original credential spec. - - - - - - - - Define a stub for future ticket. - - - Can the ticket be delegated? - - - - The ticket must be "cashed in" by this date - - - - - A desciption of the resources that are being promised - - - - - A list of signatures. - - - - - - - - - - A credential granting privileges or a ticket. - - - The ID for signature referencing. - - - - The type of this credential. Currently a Privilege set or a Ticket. - - privilege - ticket - capability - - - - A serial number. - - - - GID of the owner of this credential. - - - - - URN of the owner. Not everyone can parse DER - - - - - GID of the target of this credential. - - - - - URN of the target. - - - - - UUID of this credential - - - - Expires on - - - - Privileges or a ticket - - - - - - - Optional Extensions - - - - - - Parent that delegated to us - - - - - - - - - - - - - - - - - diff --git a/sfa/trust/credential.xsd b/sfa/trust/credential.xsd new file mode 100644 index 00000000..c1152114 --- /dev/null +++ b/sfa/trust/credential.xsd @@ -0,0 +1,214 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Can the ticket be delegated? + + + + + + A desciption of the resources that are being promised + + + + + + + + + The ticket must be "cashed in" by this date + + + + + + + + + + + + A credential granting privileges or a ticket. + + + + + + + + + + + + + + + + + + + Privileges or a ticket + + + + + + + + + + + + + + The type of this credential. Currently a Privilege set or a Ticket. + + + + + + + + + + + + A serial number. + + + + + GID of the owner of this credential. + + + + + URN of the owner. Not everyone can parse DER + + + + + GID of the target of this credential. + + + + + URN of the target. + + + + + UUID of this credential + + + + + Expires on + + + + + Optional Extensions + + + + + + + + + Parent that delegated to us + + + + + + + + + + + + + + diff --git a/sfa/trust/protogeni-rspec-common.rng b/sfa/trust/protogeni-rspec-common.rng deleted file mode 100644 index a8ad8f2b..00000000 --- a/sfa/trust/protogeni-rspec-common.rng +++ /dev/null @@ -1,239 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - raw - trellis-vserver - planetlab-vserver - emulab-vnode - bgpmux - - - - - - - - - - - - - - - - - - - - - - - - - - raw - trellis-vserver - planetlab-vserver - emulab-vnode - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/sfa/trust/protogeni-rspec-common.xsd b/sfa/trust/protogeni-rspec-common.xsd new file mode 100644 index 00000000..53a41a4f --- /dev/null +++ b/sfa/trust/protogeni-rspec-common.xsd @@ -0,0 +1,120 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/sfa/trust/top.rng b/sfa/trust/top.rng deleted file mode 100644 index 302dbafc..00000000 --- a/sfa/trust/top.rng +++ /dev/null @@ -1,217 +0,0 @@ - - - - - - Representation of a single node type - - - - Name of the type - will almost certainly not be unique - - - How many virtual nodes of this type this physical node can -handle. - - - 0 - - unlimited - - - - - element unlimited { empty }?, -A flag that indicates that this physical node *always* -has this type - a node is only allowed to have one dynamic -(ie. not flagged as static) type at a time, but any number -of static types at a time -element static { empty }? - true - - - - - - - - - - - Link types are currently just a siple string. They will almost certainly -have to get more complicated, for two reasons: - First, I want to allow virtual links to specify more than one type, so - that we can ask for links that are, say, 'ethernet or loopback' - Second, I want to have a lot more control over links that get mapped to - multi-hop paths -TODO: MAYBE this should be combined with NodeTypeSpec - - - - - - A link has two endpoints. Right now, they are order -independent. But they might become order-dependant later. - - First interface for this link - - - - Second interface for this link - - - - - Link characterstics which affect traffic. -TODO: In the future, the bandwidth, latency, and packet loss will be -moved to features and/or properties - - Bandwidth of the link in kbps - - 0.0 - - - - Latency of the link in ms - - 0.0 - - - - Static packet loss probability of the link as a fraction -(ie. 0.01 == 1%) - - 0.0 - - - - - "Legacy" assign features and desires - will be phased out in favor of -properties - - - Name of this feature or desire -element fd_name { text }, - - - Weight assocated with the feature or desire -element fd_weight { xsd:float }, - - - - A flag indicating whether or not a failure to match the desire with a -a feature is a constraint violation -element violatable { empty }?, - true - - - - - Type information expressed in features and desires - - - - - - - - GlobalSpec = element global { - element operator { "OnceOnly" | "FirstFree" } -} - - - OnceOnly - FirstFree - - - - - LocalSpec = element local { - element operator { "+" } - attribute local_operator { "+" } -} - - + - - - - Interfaces -InterfaceSpec = element interface { InterfaceContents } - - - - - - - - - - - - - - - Name of the node, which must match one of the nodes in this topology - - - - Name of the interface itself - - - - - Properties of the interface - - - - - Properties - new: replacements for features and desires. Not yet implemented -in assign, and not yet fully fleshed out in this schema. - - - Name of this property - - - - Value associated with this property -TODO: Add ranges and other types from rspec - - - - - - - The penalty associated with this property - - 0.0 - - - - - If this flag is present, not having the property is considered a violation - - - - - - TODO: Add more operators - equality, range test, etc -Flags for special types of operators - - - - - - - diff --git a/sfa/trust/top.xsd b/sfa/trust/top.xsd new file mode 100644 index 00000000..4ff6d879 --- /dev/null +++ b/sfa/trust/top.xsd @@ -0,0 +1,312 @@ + + + + + + + + + + + + + Name of the type - will almost certainly not be unique + + + + + How many virtual nodes of this type this physical node can +handle. + + + + + + + + + + + + + + + + + + + element unlimited { empty }?, +A flag that indicates that this physical node *always* +has this type - a node is only allowed to have one dynamic +(ie. not flagged as static) type at a time, but any number +of static types at a time +element static { empty }? + + + + + + + + + + + + + + + + + + + Link types are currently just a siple string. They will almost certainly +have to get more complicated, for two reasons: + First, I want to allow virtual links to specify more than one type, so + that we can ask for links that are, say, 'ethernet or loopback' + Second, I want to have a lot more control over links that get mapped to + multi-hop paths +TODO: MAYBE this should be combined with NodeTypeSpec + + + + + + + + + + + + A link has two endpoints. Right now, they are order +independent. But they might become order-dependant later. + + + + + + + + + First interface for this link + + + + + Second interface for this link + + + + + Link characterstics which affect traffic. +TODO: In the future, the bandwidth, latency, and packet loss will be +moved to features and/or properties + + + + + + + + + + Bandwidth of the link in kbps + + + + + + + + + + Latency of the link in ms + + + + + + + + + + Static packet loss probability of the link as a fraction +(ie. 0.01 == 1%) + + + + + + + + + + + + Name of this feature or desire +element fd_name { text }, + + + + + Weight assocated with the feature or desire +element fd_weight { xsd:float }, + + + + + A flag indicating whether or not a failure to match the desire with a +a feature is a constraint violation +element violatable { empty }?, + + + + + + + + + + + + + + + + + + + + + + + + + + + GlobalSpec = element global { + element operator { "OnceOnly" | "FirstFree" } +} + + + + + + + + + + + + + LocalSpec = element local { + element operator { "+" } + attribute local_operator { "+" } +} + + + + + + + + + + + + Interfaces +InterfaceSpec = element interface { InterfaceContents } + + + + + + + + + + + + + + + + Properties of the interface + + + + + + + Name of the node, which must match one of the nodes in this topology + + + + + Name of the interface itself + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + Name of this property + + + + + Value associated with this property +TODO: Add ranges and other types from rspec + + + + + The penalty associated with this property + + + + + + + + + + If this flag is present, not having the property is considered a violation + + + + diff --git a/sfa/trust/xml.xsd b/sfa/trust/xml.xsd new file mode 100644 index 00000000..77a2c259 --- /dev/null +++ b/sfa/trust/xml.xsd @@ -0,0 +1,10 @@ + + + + + + + The ID for signature referencing. + + + -- 2.47.0