Raritan PX2/PX3 JSON-RPC API
ServerSSLCert.idl
1 /* SPDX-License-Identifier: BSD-3-Clause */
2 /*
3  * Copyright 2010 Raritan Inc. All rights reserved.
4  */
5 
6 /**
7  * TLS Certificate Management
8  */
9 module cert {
10 
11  /** TLS certificate management interface */
12  interface ServerSSLCert_2_0_1 {
13 
14  /** success code */
15  constant int SUCCESS = 0;
16 
17  /** key-pair generation error codes */
18  constant int ERR_GEN_KEY_LEN_INVALID = 100;
19  constant int ERR_GEN_CSR_OR_CERT_PENDING = 101;
20  constant int ERR_GEN_KEY_GEN_FAILED = 102;
21 
22  /** key-pair installation error codes */
23  constant int ERR_INSTALL_KEY_MISSING = 200;
24  constant int ERR_INSTALL_CERT_MISSING = 201;
25  constant int ERR_INSTALL_CERT_FORMAT_INVALID = 202;
26  constant int ERR_INSTALL_CERT_KEY_MISMATCH = 203;
27 
28  /** Certificate issuer or subject attributes */
29  structure CommonAttributes {
30  string country; ///< Country code
31  string stateOrProvince; ///< State or province
32  string locality; ///< Locality or city
33  string organization; ///< Organization
34  string organizationalUnit; ///< Organizational Unit
35  string commonName; ///< Common Name
36  string emailAddress; ///< Email Address
37  };
38 
39  /**
40  * Certificate signing request information
41  *
42  * If names is empty then commonName from the subject is used as single entry.
43  */
44  structure ReqInfo {
45  CommonAttributes subject; ///< Certificate subject attributes
46  vector<string> names; ///< DNS names and/or IP addresses
47  int keyLength; ///< Key length in bits
48  };
49 
50  /** Certificate information */
51  structure CertInfo {
52  CommonAttributes subject; ///< Subject attributes
53  CommonAttributes issuer; ///< Issuer attributes
54  vector<string> names; ///< DNS names and/or IP addresses
55  string invalidBefore; ///< Begin of validity period
56  string invalidAfter; ///< End of validity period
57  string serialNumber; ///< Serial number
58  int keyLength; ///< Key length in bits
59  };
60 
61  /** Certificate manager information */
62  structure Info {
63  boolean havePendingReq; ///< \c true if a CSR is pending
64  boolean havePendingCert; ///< \c true if an uploaded certificate is pending activation
65  ReqInfo pendingReqInfo; ///< Information about pending CSR
66  CertInfo pendingCertInfo; ///< Information about pending certificate file (device certificate)
67  vector<CertInfo> pendingCertChainInfos; ///< Information about pending certificate file (remaining certificate chain if available)
68  CertInfo activeCertInfo; ///< Information about active certificate file (device certificate)
69  vector<CertInfo> activeCertChainInfos; ///< Information about active certificate file (remaining certificate chain if available)
70  int maxSignDays; ///< Maximum number of days a self signed certificate will be valid.
71  };
72 
73  /**
74  * Generate an unsigned key pair.
75  *
76  * @param reqInfo Certificate signing request information
77  * @param challenge Challenge password
78  *
79  * @return SUCCESS or one of the error code constants
80  */
81  int generateUnsignedKeyPair(in ReqInfo reqInfo, in string challenge);
82 
83  /**
84  * Generate a self-signed key pair.
85  *
86  * @param reqInfo Certificate signing request information
87  * @param days Number of days the certificate will be valid
88  *
89  * @return SUCCESS or one of the error code constants
90  */
91  int generateSelfSignedKeyPair(in ReqInfo reqInfo, in int days);
92 
93  /**
94  * Remove a pending certificate signing request or certificate.
95  */
96  void deletePending();
97 
98  /**
99  * Retrieve certificate manager information.
100  *
101  * @param info Result: Certificate manager information
102  */
103  void getInfo(out Info info);
104 
105  /**
106  * Activate a pending key pair.
107  *
108  * @return SUCCESS or one of the error code constants
109  */
110  int installPendingKeyPair();
111 
112  };
113 
114 }
string stateOrProvince
State or province.
Definition: ServerSSLCert.idl:31
Certificate manager information.
Definition: ServerSSLCert.idl:62
int maxSignDays
Maximum number of days a self signed certificate will be valid.
Definition: ServerSSLCert.idl:70
string commonName
Common Name.
Definition: ServerSSLCert.idl:35
string locality
Locality or city.
Definition: ServerSSLCert.idl:32
boolean havePendingCert
true if an uploaded certificate is pending activation
Definition: ServerSSLCert.idl:64
string invalidBefore
Begin of validity period.
Definition: ServerSSLCert.idl:55
Certificate issuer or subject attributes.
Definition: ServerSSLCert.idl:29
CertInfo pendingCertInfo
Information about pending certificate file (device certificate)
Definition: ServerSSLCert.idl:66
string organizationalUnit
Organizational Unit.
Definition: ServerSSLCert.idl:34
CommonAttributes subject
Subject attributes.
Definition: ServerSSLCert.idl:52
string invalidAfter
End of validity period.
Definition: ServerSSLCert.idl:56
string emailAddress
Email Address.
Definition: ServerSSLCert.idl:36
Certificate information.
Definition: ServerSSLCert.idl:51
int keyLength
Key length in bits.
Definition: ServerSSLCert.idl:58
vector< CertInfo > activeCertChainInfos
Information about active certificate file (remaining certificate chain if available) ...
Definition: ServerSSLCert.idl:69
string organization
Organization.
Definition: ServerSSLCert.idl:33
TLS Certificate Management.
Definition: ServerSSLCert.idl:9
string serialNumber
Serial number.
Definition: ServerSSLCert.idl:57
vector< string > names
DNS names and/or IP addresses.
Definition: ServerSSLCert.idl:46
int keyLength
Key length in bits.
Definition: ServerSSLCert.idl:47
string country
Country code.
Definition: ServerSSLCert.idl:30
vector< CertInfo > pendingCertChainInfos
Information about pending certificate file (remaining certificate chain if available) ...
Definition: ServerSSLCert.idl:67
boolean havePendingReq
true if a CSR is pending
Definition: ServerSSLCert.idl:63
CertInfo activeCertInfo
Information about active certificate file (device certificate)
Definition: ServerSSLCert.idl:68
CommonAttributes issuer
Issuer attributes.
Definition: ServerSSLCert.idl:53
Certificate signing request information.
Definition: ServerSSLCert.idl:44
vector< string > names
DNS names and/or IP addresses.
Definition: ServerSSLCert.idl:54
ReqInfo pendingReqInfo
Information about pending CSR.
Definition: ServerSSLCert.idl:65
TLS certificate management interface.
Definition: ServerSSLCert.idl:12
CommonAttributes subject
Certificate subject attributes.
Definition: ServerSSLCert.idl:45