// Copyright (c) 2011 DMTF.  All rights reserved.
   [Version ( "2.29.0" ), 
    ClassConstraint { 
       "/* The constraints below aim to efficiently */  /* represent a singular OctetString. Each of the properties*/  /* is a single encoded string, thus only the first element */  /* needs to be populated. */ inv:self.ImportPublicPrivateKeyPair.PublicKey->size()=1 and self.ImportPublicPrivateKeyPair.PrivateKey->size()=1" }, 
    UMLPackagePath ( "CIM::User::SecurityServices" ), 
    Description ( 
       "CIM_KeyBasedCredentialManagementService manages key based "
       "credentials such as symmetric and assymetric key pairs and "
       "certificates. It also manages the infrustracture necessary for "
       "the key based credentials such as key repositories." )]
class CIM_KeyBasedCredentialManagementService : CIM_CredentialManagementService {


      [Description ( 
          "This method is called to request an import of "
          "public/private key pair. The method is used when "
          "assymetric private/public keys are generated elsewhere "
          "but are required by the managed system for creation of "
          "Certificate Signing Requests (CSRs) or self-signed "
          "certificates or any other key based credentials. Upon "
          "the successful execution, the PPKPCredential shall be "
          "the reference to the CIM_UnsignedCredential instance "
          "representing the private/public key pair. The "
          "CIM_UnsignedCredential instance shall be associated "
          "through CIM_MemberOfCollection association with the "
          "instance of CIM_Keystore referenced by the Keystore "
          "parameter, and shall be associated through the "
          "CIM_AffectsElement association with the method "
          "invocation instance of "
          "CIM_KeyBasedCredentialManagementService." ), 
       ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096", 
          "4097..32767", "32768..65535" }, 
       Values { "Completed with No Error", "Not Supported", 
          "Error Occured", "Busy", "Invalid Reference", 
          "Invalid Parameter", "Access Denied", "DMTF Reserved", 
          "Job Started", "Method Reserved", "Vendor Specified" }]
   uint32 ImportPublicPrivateKeyPair(
         [Required, IN, Description ( 
             "The DER-encoded raw public key.Only the first "
             "element of the array property shall be populated." ), 
          OctetString]
      string PublicKey[], 
         [Required, IN, Description ( 
             "The DER-encoded raw private key.Only the first "
             "element of the array property shall be populated." ), 
          OctetString]
      string PrivateKey[], 
         [Required, IN, Description ( 
             "The reference to the CIM_Keystore instance "
             "representing the key store, which the "
             "public/private key pair is imported in to." )]
      CIM_Keystore REF Keystore, 
         [IN, Description ( 
             "The managed element that represents the user or "
             "owner or the scoping element of the certificate. "
             "Such managed element could be the web service that "
             "owns the certificate or uses it for verification "
             "or account that the certificate is scoped to." )]
      CIM_ManagedElement REF CredentialContext, 
         [IN, Description ( 
             "The usage of the certificate by the managed "
             "element that the certificate is for or is scoped "
             "to." ), 
          ValueMap { "2", "3", "4", "6", "7", "8", "..", 
             "32768..65535" }, 
          Values { "Owned", "Trusted", 
             "Trusted for Authentication", 
             "Trusted for Authorization", 
             "Trusted for Authentication/Authorization", 
             "Trusted for Third-Party Authentication/Authorization", 
             "DMTF Reserved", "Vendor Reserved" }, 
          ModelCorrespondence { "CIM_CredentialContext.Usage" }]
      uint16 Usage, 
         [IN ( false ), OUT, Description ( 
             "Contains a reference to the ConcreteJob created to "
             "track the execution initiated by the method "
             "invocation. If method returns 4096 - Job Started, "
             "then this parameter shall not be NULL." )]
      CIM_ConcreteJob REF Job, 
         [Required, IN ( false ), OUT, Description ( 
             "The PPKPCredential output parameter references the "
             "instance of CIM_UnsignedCredential that represents "
             "the public/private key pair." )]
      CIM_UnsignedCredential REF PPKPCredential);

      [Description ( 
          "This method is called to request a creation of a "
          "keystore repository to be used for storage of the key "
          "based credentials. Upon the successful execution, the "
          "NewKeystore parameter shall reference to the newly "
          "created instance of CIM_Keystore. The property values of "
          "the newly created instance of the CIM_Keystore shall "
          "match all the non-null, non-key properties of the "
          "Keystore parameter embedded instance. The newly created "
          "CIM_Keystore instance shall be associated to the "
          "instance CIM_System referenced by the OwningSystem "
          "parameter using CIM_OwningCollectionElement association, "
          "shall be associated with the "
          "CIM_KeyBasedCredentialManagementService instance using "
          "the CIM_ServiceAffectsElement association, and shall be "
          "associated to the instances of CIM_Service referenced in "
          "the KeystoreUtilizers using CIM_Dependency association." ), 
       ValueMap { "0", "1", "2", "3", "4", "5", "6", "..", "4096", 
          "4097..32767", "32768..65535" }, 
       Values { "Completed with No Error", "Not Supported", 
          "Error Occured", "Busy", "Invalid Reference", 
          "Invalid Parameter", "Access Denied", "DMTF Reserved", 
          "Job Started", "Method Reserved", "Vendor Specified" }]
   uint32 CreateKeystore(
         [Required, IN, Description ( 
             "The Keystore parameter contains the desired "
             "CIM_Keystore instance. The embedded instance shall "
             "contain the ElementName and Usage properties." ), 
          EmbeddedInstance ( "CIM_Keystore" )]
      string Keystore, 
         [Required, IN, Description ( 
             "The OwningSystem parameter references to the "
             "desired CIM_System instance that represents the "
             "owning managed system for the keystore." )]
      CIM_System REF OwningSystem, 
         [IN, Description ( 
             "The KeystoreUtilizers parameter contains an array "
             "of references to the instances of ManagedElement "
             "that represent the managed element that would "
             "utilize the keystore. Such services could be web "
             "services or protocol services that utilize the "
             "credentials stored in the keystore for the "
             "identity verification purposes." )]
      CIM_ManagedElement REF KeystoreUtilizers[], 
         [IN ( false ), OUT, Description ( 
             "Contains a reference to the ConcreteJob created to "
             "track the execution initiated by the method "
             "invocation. If method returns 4096 - Job Started, "
             "then this parameter shall not be NULL." )]
      CIM_ConcreteJob REF Job, 
         [Required, IN ( false ), OUT, Description ( 
             "The NewKeystore output parameter references the "
             "instance of CIM_Keystore that represents the newly "
             "created keystore repository." )]
      CIM_Keystore REF NewKeystore);

};